[00:01] <oh_noes> Can you create a RAID1 Software mirror in Linux/MDADM after installing? Or do I have to do it in the installer?
[00:02] <olcafo> short answer: yes
[00:03] <olcafo> this can be done after install
[00:03] <twb> oh_noes: it is probably not something that an inexperienced admin should attempt.  At least, not while drunk.
[00:03] <Nafallo> or even when sober :-)
[00:04] <twb> I've done it a couple of times and it's straightforward, but I have a lot of experience with md.
[00:04] <twb> Like resizing a filesystem, the important thing is to do the steps in the right order
[00:04] <olcafo> the installer makes it easy, but the experience of doing it by hand in invaluble when something breaks and you need to fix it quickly.
[00:05] <twb> You'll also need to take the server down to do it
[00:05] <Nafallo> olcafo: it's just not as straightforward to create an md on the disk you're using as / ;-)
[00:05] <olcafo> twb, that depends on if we're talking about making an RAID on the system partition or not.
[00:06] <olcafo> Nafallo, right
[00:08] <twb> olcafo: if by "system" you mean "root", then yes.
[00:09] <olcafo> sorry, my lingo is not quite nix. I work on to many different OSes.
[00:10] <oh_noes> If I want to use FakeRAID, https://help.ubuntu.com/community/FakeRaidHowto
[00:11] <oh_noes> but this article doesnt explain how to do it for Ubuntu Server 8.04 without the LiveCD
[00:11] <oh_noes> how do I activate dmraid?
[00:31] <twb> oh_noes: you really don't want to use fakeraid.  You either want software raid, or in unusual cases, hardware raid.
[00:31] <oh_noes> I know what I want to use :)
[00:32] <oh_noes> i'm doing some performance testing here at work, and Im interested to do some analyzsis between the two
[00:32] <twb> software raid is better than fakeraid because you can put the drives in any linux system and still read the data.
[00:32] <twb> oh_noes: oh, OK.
[00:32] <twb> oh_noes: well if it's proper fakeraid the kernel should just see one disk :-)
[00:38] <leonel> what would you recommend ?? :  apache +  ( fastcgi | scgi | fcgid ) ???
[00:39] <twb> leonel: depends on what the app supports
[00:47] <JanC> leonel: and you could replace apache for other httpds too...
[00:49] <leonel> JanC:   I'm with cherokee now  and it's working great   I just have a server with apache and I cant move yet to cherokee ..
[00:50] <leonel> twb: Right ..
[02:27] <thewrath> can someoen help me with ufw?
[02:28] <twb> !anyone
[02:29] <thewrath> on https://wiki.ubuntu.com/UbuntuFirewall under package integration that is for onlu ubuntu 8.1 right?
[02:29] <thewrath> *8.10
[02:30] <JanC> yes AFAIK
[02:31] <twb> That seems to be what it says.
[02:31] <thewrath> afaik = as far as i know?
[02:31] <thewrath> just double checking i am tired
[02:31] <JanC> thewrath: yes
[02:31] <thewrath> is it hard to upgrade  server 8.04 to 8.1?
[02:31] <JanC> and ufw had some significant changes in 8.10
[02:31] <thewrath> thank you JanC
[02:32] <thewrath> i see that and i like them
[02:32] <twb> Seems stupid to me to call it "Apache" when "getent services 80" gives a perfectly meaningful "www".
[02:32] <thewrath> especially with the app part
[02:32] <oh_noes> Whats the default behaviour for mdadm if it loses a disk?
[02:32] <thewrath> what ist eh command that i use to upgrade ubuntu from 8.04 to 8.1
[02:32] <twb> oh_noes: it marks that node in the array as degraded
[02:32] <JanC> twb: it's fine with apache, but do you know all the ports samba needs ?  ;)
[02:32] <oh_noes> Does it email anyone, does it set the front disk of the server to red status ?
[02:33] <twb> JanC: then samba ought to register those ports
[02:33] <thewrath> and how many people are using 8.1 server
[02:33] <twb> JanC: so they end up listed in /etc/services
[02:33] <twb> oh_noes: IIRC it generates an email, probably for root.
[02:33] <thewrath> does 8.1 server have the smae issue with the 8.1 desktop wtih wireless wpa2 enterprise encryption
[02:33] <JanC> twb: they are, but their names might not always be what you expect
[02:33] <twb> oh_noes: I don't know anything about the "front of the disk".
[02:34] <twb> JanC: well, for example I'd prefer it to say "submission" and "smtp" to "postfix" for both.
[02:34] <oh_noes> twb: well servers have hot swappable disks at the front, everyone in ubuntu says to use MDADM software RAId instead of my hardware raid
[02:34] <thewrath> what ist eh command that i use to upgrade ubuntu from 8.04 to 8.1\
[02:35] <thewrath> and how many people are using 8.1 server
[02:35] <twb> oh_noes: that depends whether it's real raid or fake raid.
[02:35] <thewrath> does 8.1 server have the smae issue with the 8.1 desktop wtih wireless wpa2 enterprise encryption
[02:35] <JanC> twb: well samba is based on a collection of legacy MS protocols that you probably don't want to know the names of  ;)
[02:35] <oh_noes> my hardware raid, if it detects a dead disk, it'll mark it as red/amber (like a normal servers), then i can replace it and it'll auto resync
[02:35] <twb> JanC: I know what CIFS and SMB and NTLM are...
[02:35] <twb> JanC: I dunno if AD has a "kerberos" port per se.
[02:35] <thewrath> anyone know the answers to my questons?
[02:35] <thewrath> jw bc i am going to bed here soon
[02:35] <oh_noes> if I hotswap a degraded disk, will it auto rebuild it?
[02:35] <twb> oh_noes: no
[02:36] <twb> oh_noes: at least, I'm pretty sure it doesn't
[02:36] <JanC> twb: "you don't know" is the reason for ufw giving them an alias
[02:36] <oh_noes> That's extremely handy isnt it!
[02:36] <twb> JanC: grumble
[02:37] <thewrath> well i guess i will ask tomorrow
[02:37] <thewrath> gn everything
[02:37] <twb> JanC: as I see it, using ufw is a means by which I can write complex iptables-restore scripts, but still allow ignorant end users to do "ufw allow <port> from <ip>"
[02:37] <oh_noes> So let me get this straight, ubuntu recommend running software raid over FakeRAID, even though software RAID a) doesn't change the warning lights on the servers, and secondly, it won't even rebuild it automatically if it's hotswapped/replaced?
[02:38] <twb> oh_noes: if you have hot-swappable drives, you probably don't have fakeraid
[02:38] <JanC> twb: ignorant end-users don't have the power to do that on your systems (I hope)?  ;)
[02:38] <twb> oh_noes: you probably have proper hardware raid
[02:38] <twb> JanC: the end users own the system
[02:39] <oh_noes> twb: then why does ubuntu install lists all my inidividual disks in the isntaller?  Even though I configured a system RAID1 mirror, and a data RAID10?
[02:39] <twb> JanC: i.e. the company that contracts me to babysit their server
[02:39] <twb> oh_noes: is this an IBM serveraid box?
[02:39] <JanC> ah, babysitting is always fun  ツ
[02:40] <oh_noes> Not IBM, it's a different vendor, but basically, yes.
[02:40] <twb> Yeah, they're... exciting.
[02:40] <twb> IIRC you need a special driver to make the kernel see a single disk
[02:41] <twb> We ended up using software raid and forgetting about the hotswap feature because it was too much pissing about
[02:41] <twb> YMMV, etc.
[02:41] <oh_noes> yeah, mdraid is the special driver, but it's next to impossible to use it on Ubuntu server hardy
[02:42] <oh_noes> theres no clear documentation on how to run dmraid, then install ubuntu server 8.04 no gui mode
[04:04] <oh_noes> I'm playing with mdadm, I pulled a disk out (hotswap)  of a running server and put it in 5 minutes ago.  I got an error and degraded event for /dev/md0 ... how do I resync everything now?
[04:08] <JanC> add the disk again
[04:11] <oh_noes> I did, I pulled it and put it back.    /dev/md0 is showing as State : clean, degraded
[04:12] <JanC> mdadm /dev/md0 --add /dev/<disk/partition>
[04:12] <JanC> or maybe --re-add
[04:12] <JanC> (I've never used re-add until now)
[04:14] <oh_noes> cool, I think that did it. Now I just need to figure out how to do an automatic re-add with my hotswap functionality
[04:14] <JanC> I guess that would require a custom udev rule or something
[04:16] <JanC> adding it manually (e.g. through a remote shell) isn't really a lot of work though
[04:27] <ball> How much disk space is the bare minimum for Ubuntu Server?
[04:50] <JanC> ball: I think it's less than 300 MiB
[04:51] <JanC> but then you don't have anything useful running on it...
[04:51] <ball> JanC: Thanks.  Sadly it didn't work on this machine.  I think the installer tried to use some fancy graphics mode, which just corrupted the screen.
[04:52] <JanC> AFAIK the installer uses curses on a console, which should work (almost) everywhere?
[04:53] <ball> Perhaps it just loaded a font that didn't work on this box then.
[04:53] <ball> I /did/ see the Ubuntu logo splash.
[04:53] <ball> ...but afterwards the menus were illegible.
[04:54] <JanC> oh, that was after installing then?
[04:54] <ball> JanC: no.
[04:54] <ball> JanC: that was upon booting from the install CD
[04:54] <JanC> oh, the isolinux bootloader then maybe
[04:55]  * ball isn't sure what that is, but it sounds credible.
[04:55] <JanC> were you running in a VM?
[04:55] <ball> No, this is a bare machine.
[04:55] <ball> (not capable of virtualisation)
[04:56] <JanC> then I have no idea (I know it has some issues because the bootloader uses the 16-bits CPU mode)
[04:57] <JanC> and some virtualisation software versions don't like that
[04:58] <JanC> you might want to file a bug
[04:58] <ball> Well, whatever code was at fault, it tried to do something fancy that the display hardware didn't like.
[04:58] <ball> JanC: if I knew how, I would.
[04:58] <JanC> bugs.ubuntu.com
[04:59] <ball> JanC: Ah right.  I have no access to the Web at present.
[04:59] <JanC> then do it later
[04:59] <ball> Okay, I'll make myself a note to do that.
[05:00] <JanC> did you try the latest stable release (8.10) or a development version?
[05:00] <ball> 8.10
[05:01] <JanC> trying latest 9.04 alpha or daily might be useful too (to make sure it wasn't fixed already)
[05:01] <ball> JanC: I'll see if I can get a copy of that in the morning then.
[05:02] <billy12> what's a good mp3 trans-coder/ converter?
[05:02] <JanC> billy12: taht's not really server-related...
[05:03] <JanC> billy12: ask in #ubuntu please
[05:03] <ball> billy12: bladeenc for encoding, amp for playing?
[05:03] <billy12> lol sorry, yea, but i was looking for a CLI version, friendly to server
[05:03] <ball> billy12: I prefer Ogg/Vorbis given the option though.
[05:05] <JanC> billy12: still not a server question, and if there is a need for it, someone might propose an #ubuntu-cli channel...  ;-)
[05:06] <ball> Hopefully back later, downloading some system source files.
[05:09] <billy12> thank you, but may try like so, if one had to trans-code a mp3 on ubuntu-server, what program would you turn to?
[05:42] <bob__> hey, can any one help me get my server to share its internet connection
[08:13] <incd^> Whats the benefit of running own local DNS-server? Now we use only nettica.com's services.
[08:15] <hads> You can use DNS for local hosts and also cache
[08:16] <jmedina> I always use mine with at least one slave in another country, and for a local network you can use cache, it saves you a lot of bw
[08:16] <jmedina> for LAN I like to use dhcp3-server+bind9 for Dynamic DNS
[08:17]  * hads uses dnsmasq
[08:17] <domas> and if you're ISP, you may want to run unbound :)
[08:18] <jmedina> unbound?
[08:18] <hads> Get it? bind, unbound
[08:19]  * jmedina hates virtualize windows under xen :S
[08:19] <jmedina> is that the new dns daemon?
[08:20] <jmedina> I think I heard about it a few weeks
[08:20] <hads> First hit in google :)
[08:20] <jmedina> I was using bind9 at a isp without problems
[08:20] <jmedina> even under attacks
[08:20] <jmedina> :D
[08:21] <jmedina> by the way is there any ubuntu bind9 version with ldap support?
[08:22] <jmedina> well, time to sleep, cya
[08:23] <hads> heh
[08:53] <kraut> moin
[08:53] <^law1^> moin :)
[08:59] <lukehasnoname> moin
[09:26] <dayo2>  what other av software can i put on my firewall server, based on this post:
[09:26] <dayo2>               http://ubuntuforums.org/showthread.php?t=380169
[09:37] <kallepersson> Hey!
[09:37] <kallepersson> I have an old computer running ubuntu server at home and I wonder two things: a) What is the recommended temperature for a regular file/web server? b) Are there any neat tricks on how to make the server cooler?
[09:38] <kallepersson> I totally understand that this varies, but it's currently at 51C and it sounds quite warm.
[09:39] <^law1^> hm tat quiet hot bro
[09:39] <kallepersson> Any ideas on how to make it cooler?
[09:39] <Kamping_Kaiser> big gold chain?
[09:40] <^law1^> ur server is real server or pc tat functioning as server?
[09:40] <kallepersson> a pc
[09:40] <^law1^> how many cpu fans u put ?
[09:41] <kallepersson> just one
[09:41] <Kamping_Kaiser> not sure that question makes sense ^law1^
[09:41] <Kamping_Kaiser> kallepersson, where is it located? put it somewhere with clear airflow, keep hdds 1 space apart if possible, put in some more fans, and make sure its not dusty inside
[09:42] <^law1^> the best way is place ur server in air conditioner  room
[09:42] <soren> 51C doesn't sound completely unreasonable to me.
[09:42] <kallepersson> Only have one hdd atm. but thanks
[09:42] <soren> Sure, it'd be better if you could get it down to 20C or so, but 51C is what I'd expect from a machine like that.
[09:42] <kallepersson> It's just going to function as a home server, so I don't have access to any air conditioner room
[09:43] <kallepersson> soren: right, thanks
[09:43] <soren> Just don't put it in the boiler room :)
[09:43] <Kamping_Kaiser> 50 for an idle temp is a bit high for my liking, but nto unreasonabe
[09:43] <^law1^> if the room not so dusty open ur casing case
[09:44] <kallepersson> ^law1^: it's my living room :)
[09:44] <kallepersson> >___>
[09:45] <^law1^> then add extra fans will be the best way
[09:45] <kallepersson> thx
[09:46] <^law1^> :)
[09:48] <soren> Opening the case is probably not a good idea. It ruins the airflow.
[09:48] <kallepersson> Oh?
[09:48] <kallepersson> btw, is there any nice tools to check temperature other than cat /proc/acpi/thermal_zone/THRM/temperature?
[09:49] <soren> I mean.. Sure, go ahead and open it if you want to put more stuff in there or whatnot, but keeping it open as a way to keep it cool... I don't think that'll turn out as expected.
[09:49] <simplexio> kallepersson: sensors, but i think it need lm-sensors installed
[09:50] <sivang> does anyone know if it is planned to include AR81 driver in upcoming lrm releases ?
[09:51] <kallepersson> simplexio: no package called sensors as far as I can tell
[09:51] <simplexio> lm-senors
[09:51] <kallepersson> ok, got it
[09:51] <kallepersson> lm-profiler and lm-syslog-setup?
[09:51] <simplexio> ?
[09:52] <simplexio> on my computer lm-sensors is in repository
[09:52] <kallepersson> well, only those two binaries are installed as far as i can tell
[09:52] <kallepersson> yes, got it installed
[09:52] <kallepersson> but how do I check temperature
[09:53] <kallepersson> right, it's a tool for creating a profile of your server's temperature
[09:53] <kallepersson> ah, "sensors"
[09:55] <simplexio> first you need setup it.. sensors-setup ?
[09:56] <simplexio> depnds drivers which it loads. on my desktop it show currents etc from power too
[10:21] <sivang> ./וןא
[10:44] <mrwes> I'm trying to add my printer via remotely via cups and the web GUI, but it's saying my security certificate is 'self-signed'
[10:44] <mrwes> I see the printer, but I can't enable it
[10:51] <mrwes> hrmm
[11:26]  * lamont` would love to know how people are managing to delete /etc/postfix/postfix-script and having it not land on the dist-upgrade, given that it's IN THE DEB
[11:31] <soren> lamont`: Is it a conffile?
[11:32] <lamont> soren: everything in /etc is a conffile
[11:32] <soren> lamont: That's how, then.
[11:32] <lamont> fsck.ext3: Device or resource busy while trying to open /dev/sda2
[11:32] <soren> lamont: Everything in /etc is not a conffile, though.
[11:33] <lamont> WTF is it trying to open sda2 - that's part of /dev/md1 - of course it's busy, dammit
[11:33] <soren> lamont: Everything *shipped* in /etc and processed by dh_installdeb with a debhelper compat level > 2, yes.
[11:33] <lamont> soren: so anyway, they remove postfix-script, and then they upgrade, it blows up, and somehow that's my fault
[11:34] <soren> lamont: Well... Yes :)
[11:34] <soren> lamont: If the admin deletes a conffile, dpkg respects that and doesn't put it back.
[11:34] <lamont> and if I have preinst check for the file and bomb out, then they'll just file bugs saying that preinst fialed
[11:35] <soren> lamont: Postfix should either handle the absence of that file gracefully or make it not a conffile.
[11:35] <lamont> and how does one make it not a conffile?
[11:36] <soren> lamont: Either set DH_COMPAT=2 (bad idea) or ship it in /usr somewhere and copy it in from postinst.
[11:36] <soren> lamont: Or stop using debhelper altogether :)
[11:36] <lamont> giggle
[11:36] <soren> Hey, there /are/ package that don't use debhelper.
[11:37] <lamont> and yeah, it doesn't really belong in /etc other than for the fact that upstream kinda hardcodes it as being there, and one could argue that it actually is/should-be a conffile
[11:37] <lamont> for my never ending pain
[11:46] <lamont> ==> ship a copy in /usr, and replace it in protinst if the admin removed it.  am I allowed to berate the admin? :)
[11:56] <soren> lamont: In Debian, perhaps. I don't think the CoC allows you to do so in Ubuntu. :/
[11:59] <bromic94> hey i have 8.04 and 8.10 server on one machine
[11:59] <bromic94> how can i take off 8.04 server
[11:59] <soren> What do you mean? Are you dual-booting the two?
[12:00] <bromic94> yes
[12:00] <bromic94> i want to get rid of 8.04
[12:01] <soren> Just remove the partition and remove it from the list in /boot/grub/menu.lst.
[12:03] <bromic94> just remove anything that says 8.04?
[12:03] <bromic94> like it will say Ubuntu 8.04.2, kernal 2.6.24-23-server?
[12:04] <bromic94> how do i remove the partition?
[12:07] <bromic94> soren: any ideas?
[12:09] <lamont> bromic94: mkfs will stomp on it.  most times, I just reuse the partition for something else
[12:09] <bromic94> i want to get rid of everything
[12:09] <bromic94> from 8.04
[12:09] <bromic94> so 8.1 has everything from the hard drive
[12:10] <lamont> by which you mean that you want to make it one partition that has 8.10 filling all of the space formerly given to 8.04 and 8.10 separately?
[12:10] <bromic94> yes
[12:11] <lamont> depending on the partition table, that could be anything from simply a delete and resize in fdisk and resize2fs, to a reinstall
[12:11] <bromic94> the only server i want is 8.10
[12:11] <bromic94> how do i format to put 8.1 back on?
[12:11] <lamont> 8.10 for starters... 8.1 is ambiguous...
[12:12] <lamont> if you just boot the 8.10 server disk, one of the options is (paraphrased) "stomp on the drive and use all of it"
[12:12]  * lamont cries at blkid
[12:14] <bromic94> so that will make everything 8.10?
[12:23] <soren> lamont: What's wrong with blkid?
[12:23] <lamont> soren: #u-d <-- it hates me
[12:24] <soren> Yeah, I just saw.
[12:24]  * soren pats lamont on the head
[12:24] <soren> lamont: There, there.
[12:57] <orudie> question. how can i check which nameservers the domain is using ?
[12:58] <thefish> orudie: dig domain.com NS
[12:58] <orudie> thanx
[12:59] <thefish> :)
[13:34] <orudie> how do you get to the sepcific line number in nano ?
[13:38] <frippz> orudie: ctrl+c
[13:38] <frippz> oops, read that wrong
[13:38] <frippz> thought you wanted to see what line you were on
[13:40] <frippz> ctrl+w and then ctrl+t will allow you to enter the desired line number (and column number as well, for that matter)
[14:07] <heath|work> I need to setup a dns server, I have seen tutorials for a couple of different ones (powerdns, mydns).  Can anyone offer any suggestions on a nice dns setup for web hosting?
[14:11] <viezerd> I guess this mailinglist "https://lists.ubuntu.com/mailman/listinfo/ubuntu-security-announce" covers *all* the security announcements but is there a mailinglist for security updates on server only ?
[14:11] <aruetten> @heath: a simple easy to use dns server ist dnsmasq, but it's simple and so it has some limitations.
[14:15] <aruetten> @heath on the other end is bind, I think bind can everything in the dns field, but isn't so simple to configure
[14:20]  * ball points out that this isn't Twitter ;-)
[14:21] <ScottK> mathiaz: I want to add pax to amavisd-new depends which will mean it gets added to the CD.  It's only ~50K and solves Debian Bug 517156 (which apparently has some security implications), so I'm pretty sure it's the right thing to do, but wanted to run it by someone here first.
[14:22] <ScottK> viezerd: There is not.  It's all in one repository, so there's no clear way to make a distinction.
[14:23] <viezerd> ah ok, thx for the information ScottK
[14:26] <mathiaz> ScottK: http://cdimage.ubuntu.com/ubuntu-server/daily/current/jaunty-server-amd64.list says that pax is already on the cd
[14:27] <mathiaz> ScottK: so there isn't any problem adding pax as a dependency of amavisd-new
[14:27] <ScottK> mathiaz: Thanks.  I Iooked at the seeds and read them wrong I guess.
[14:27] <ScottK> Iooked/looked
[14:28] <mathiaz> ScottK: I used to look at the seed  - even the output of germinate isn't that easy to parse by human eyes
[14:28] <ScottK> yeah.
[14:28] <mathiaz> ScottK: when it comes to the content of the -server iso I always look at the .list file on cdimage
[14:29] <ScottK> I think that's a good practice.
[14:59] <heath|work> aruetten, Thanks for the input, I will look into dnsmasq
[15:02] <kirkland> o/
[15:02] <ScottK> Ubuntu Server meeting will be here today.
[15:02] <sommer> :)
[15:02] <ball> ScottK: 15:00 UTC?
[15:02] <mathiaz> all right - due to a conflict in ubuntu-meeting we'll run the ubuntu-server meeting here
[15:02] <ScottK> Now
[15:03] <kirkland> lots of new attendees
[15:03] <mathiaz> #startmeeting
[15:03] <kirkland> mathiaz: good luck with that
[15:03] <Brazen> o/
[15:03] <mathiaz> kirkland: I know
[15:03] <kirkland> :-)
[15:03]  * ball sits down and shuts up
[15:03] <mathiaz> kirkland: but it also help for writting the minutes later :)
[15:04] <mathiaz> so today's agenda: https://wiki.ubuntu.com/ServerTeam/Meeting
[15:04] <ivoks> ok
[15:04] <mathiaz> Previous meeting minutes: https://wiki.ubuntu.com/MeetingLogs/Server/20090303
[15:04] <mathiaz> [TOPIC] SRU bug tracking
[15:04] <mathiaz> ivoks: ^^
[15:04] <mathiaz> ivoks: ready to discuss that?
[15:04] <ivoks> nope
[15:04] <ivoks> :)
[15:04] <mathiaz> ivoks: ok - let's move on then
[15:04] <ivoks> i'll add it to agenda when redy
[15:05] <ivoks> ready
[15:05] <mathiaz> [ACTION] ACTION: ivoks to add to the server team agenda an item about better SRU management.
[15:05] <mathiaz> [TOPIC] Postfix and Dovecot integration
[15:05] <mathiaz> ivoks: thanks for blogging about it
[15:05] <ivoks> right, we got nice feedback
[15:05] <ivoks> people like it so far...
[15:05] <mathiaz> ivoks: there was a bug related to the package
[15:05] <ivoks> was it?
[15:06] <mathiaz> ivoks: bug 339966
[15:06] <mathiaz> I'm not sure how we should handle that.
[15:06] <ScottK> If it's accurate, that's not Low, IMO.
[15:06] <mathiaz> I've been discussing wit the reporter
[15:07] <ivoks> i see...
[15:07] <mathiaz> ScottK: I don't think dangerous is the correct word
[15:07] <ivoks> i'll work on a fix for this
[15:07] <mathiaz> ivoks: what would be the plan?
[15:08] <ivoks> i have to think about it
[15:08] <ivoks> check if dovecot.conf is changed
[15:08] <mathiaz> I'm not sure we should/could support upgrading an existing dovecot system to integrate it with postfix
[15:08] <ScottK> It can be known if the existing config is modified or not, so I think this is solvable.
[15:08] <mathiaz> not really - dovecot.conf is modified by -pop and -imap when they get installed
[15:09]  * nijaba realizes the meeting is here... o/
[15:09] <ScottK> Hmmm
[15:09] <ivoks> mathiaz: well, we can workaround it
[15:09] <ScottK> OK.  Then I'm glad ivoks is going to solve it.
[15:09] <ivoks> mathiaz: ignore ^protocols and then check
[15:09] <cemc> modified but not ignored completely
[15:09] <ivoks> if user changed protocols, he still has not working dovecot
[15:09] <ivoks> or... hm...
[15:09] <mathiaz> ivoks: OTOH I'm not sure if we should support this in the dovecot-postfix package
[15:10] <cemc> if used had imap support, and he decides to install pop3, will that break imap ?
[15:10] <ivoks> mathiaz: i understand your point of view and i agree
[15:10] <mathiaz> the dovecot-postfix package is a different kind of package since it encapsulate a script
[15:10] <mathiaz> It doesn't really ship new files - it just modifies existing configuration
[15:10] <ivoks> mathiaz: maybe we should warn user during preinst
[15:11] <ivoks> mathiaz: adding 'if you have already working dovecot, purge this package'
[15:11] <mathiaz> ivoks: I thought about that - but you cannot detect if you're installing a brand new system or if the system is an pseudo-upgrade of a running dovecot system
[15:11] <ivoks> mathiaz: we just let everybody know that?
[15:11] <ivoks> mathiaz: it's a good way to advertise all features that comes with it :)
[15:12] <mathiaz> ivoks: right - so I think we should update the description of the package
[15:12] <ivoks> or that...
[15:12] <mathiaz> ivoks: also - I think that the postinst modifies the dovecot.conf file
[15:12] <mathiaz> ivoks: to stick a comment in it
[15:12] <ivoks> nope
[15:12] <ivoks> that's in source
[15:12] <ivoks> dovecot.conf is modified during build
[15:13] <mathiaz> ivoks: hm - right.
[15:13] <mathiaz> ivoks: so may be doing this in the postinst will force a ucf merge of dovecot.conf
[15:13] <ivoks> urgh...
[15:13] <mathiaz> ivoks: that way the admin will have to see the new comment added in dovecot.conf during postinst which would have helped in the situation
[15:14] <mathiaz> ivoks: I don't know if that's the correct way to do it though
[15:14] <ivoks> give me couple of days to thing about this
[15:14] <ivoks> think
[15:14] <mathiaz> ivoks: right - could you post your solution to the bug?
[15:14] <ivoks> sure
[15:15] <mathiaz> I'm not sure about the right way to tackle this issue
[15:15] <mathiaz> let's move on
[15:15] <mathiaz> [TOPIC] Samba bug day
[15:15] <ivoks> me neither, so i have to think about it for a while :)
[15:16] <mathiaz> as you may have noticed if you read the planet next Thursday will be dedicated to triagging samba bugs
[15:16] <mathiaz> ttx: thanks for blogging about it
[15:16] <methods> how do i install an older version of package ?
[15:16] <mathiaz> nijaba: still on track to blog about it tomorrow?
[15:16] <nijaba> mathiaz: sure
[15:16] <nijaba> mathiaz: blog is ready
[15:17] <mathiaz> I'll prepare also a post to be published on Thursday
[15:17] <nijaba> waiting ti tomorrow 9am for launch
[15:17] <mathiaz> nijaba: awesome - thanks :)
[15:17] <ttx> mathiaz: who will be running the show from QA ?
[15:17] <genii> methods: Specify version on cli apt-get. eg:   sudo apt-get install something=specific-version              "specific-version"  is one which can be reported by apt-cache policy <packagename>
[15:18] <mathiaz> ttx: you
[15:18] <mathiaz> ttx: and me :)
[15:18] <incorrect> when logging in over ssh i have a log delay before the bash prompt appears
[15:18] <mathiaz> ttx: oh - QA - noone special
[15:18] <incorrect> I am not sure why its on some systems but not others
[15:18] <ttx> mathiaz: ok
[15:18] <mathiaz> ttx: the whole triagger community is there
[15:19] <mathiaz> ttx: we should be in #ubuntu-bugs to give a hand to the triagger though
[15:19] <ttx> I'll be there.
[15:19] <nijaba> incorrect: failure to do a reverse dns check is generally the issue
[15:19] <mathiaz> any developer is welcome in #ubuntu-bugs too
[15:20] <mathiaz> to help out with samba bugs
[15:20] <mathiaz> let's move on
[15:20] <mathiaz> [TOPIC] Exchange support for Evolution
[15:20] <incorrect> nicetry, I've set DNS to no, it look to be that some nodes can't talk to the ldap server for some weird reason
[15:20] <kinnaz> https://bugs.launchpad.net/ubuntu/+source/lustre/+bug/229821 <--- anyone has figured fix for what ?
[15:20] <mathiaz> ivoks: ^^ how did this worked out?
[15:20] <ivoks> still nothing
[15:20] <mathiaz> ivoks: no time or not working?
[15:20] <ivoks> evolution crashes
[15:21] <mathiaz> ivoks: did you report a bug?
[15:21] <ivoks> i tested mapiprofile app today and it worked (i guess)
[15:21] <ivoks> mathiaz: not yet, i see there's new evolution-mapi in archive
[15:21] <ivoks> so i'll test with it and then report
[15:21] <ivoks> mathiaz: i guess it's cause of this particular exchange setup
[15:21] <mathiaz> ivoks: great. Keep seb128 in the loop if you find some bugs
[15:21] <mathiaz> ivoks: hm ok.
[15:22] <mathiaz> ivoks: what is mapiprofile?
[15:22] <ivoks> mathiaz: eovlution-mapi uses libmapi library
[15:23] <ivoks> mathiaz: there are also cli tools for that 'openchangeclient'
[15:23] <ivoks> i'm not sure evolution calls openchangeclient directly or trough library
[15:23] <mathiaz> ivoks: ok - so the openchange client tools are working correclty
[15:23] <mathiaz> ivoks: which means that the issue is in the evolution-mapi plugin
[15:23] <ivoks> ................i'm not sure.... yet
[15:23] <mathiaz> ivoks: ok
[15:23] <ivoks> mathiaz: output is strange
[15:24] <ivoks> lots of OK OK OK, and then error connecting
[15:24] <mathiaz> ivoks: seems that it needs more investigation
[15:24] <ivoks> i'll have to dig more into it
[15:24] <mathiaz> ivoks: cool. thanks
[15:24] <mathiaz> That's all I had from last week minutes
[15:24] <mathiaz> is there anything else to add wrt to last week meeting?
[15:25] <mathiaz> nope - let's move on then
[15:25] <mathiaz> [TOPIC] Support for likewise-open krb5 patch
[15:26] <mathiaz> so I've uploaded likewise-open patch to krb5 in jaunty
[15:26] <mathiaz> and I've received an email from the debian maintainer
[15:27] <mathiaz> the situation is that the next version of mit krb5 (1.7) will provide the same functionality (GSSAPI) but with a different implementation than the one done by likewise
[15:27] <mathiaz> however for jaunty we will ship krb 16 with the GSSAPI support from likewise-open
[15:28] <ttx> when is 1.7 scheduled ?
[15:28] <mathiaz> ttx: end of april
[15:28] <mathiaz> the likewise-open patch introduced symbols you've
[15:28] <mathiaz> exposed in your shared libraries and public headers that have diverged
[15:28] <mathiaz> from the krb5 upstream.
[15:29] <ttx> do we need the GSSAPI support for anything else than likewise-open 5 ?
[15:29] <mathiaz> that may mean we'd have to maintain API compatibility in coming releases
[15:29] <mathiaz> ttx: no - not in jaunty
[15:29] <ttx> hmm.
[15:30] <mathiaz> ttx: the reason I put the patch in jaunty is because of likewise-open
[15:30] <ttx> mathiaz: I'm not sure likewise-open 5 will make it to jaunty. If it doesn't, it would really make sense to back out that patch.
[15:31] <mathiaz> ttx: when would we know when it doesn't?
[15:32] <ttx> mathiaz: very soon. My packaging is almost ready, Ffe should follow
[15:32] <mathiaz> one proposal is to change the krb5 patch slightly
[15:33] <ttx> but it's a complete rearchitecture, not a small update. So we are quite late oin the cycle for it
[15:33] <mathiaz> to avoid supporting additional public functions
[15:33] <mathiaz> ttx: so my question is if we should look into changing the likewise-open krb5 patch to maintain API compatibility with upstream
[15:34] <mathiaz> ttx: which means modifying likewise-open
[15:34] <mathiaz> ttx: to support the modified krb5 patch
[15:36] <ttx> mathiaz: yes, probably.
[15:37] <mathiaz> ttx: ok
[15:37] <mathiaz> ttx: it seems we should discuss this a bit more with upstream
[15:38] <mathiaz> let's move on
[15:38] <ttx> mathiaz: definitely.
[15:39] <mathiaz> [TOPIC] Launch screen by default in ec2
[15:39] <mathiaz> kirkland: ^^
[15:39] <kirkland> mathiaz: zul has asked that i postpone this discussion until he's back from vacation
[15:39] <mathiaz> kirkland: ok.
[15:39] <kirkland> mathiaz: sorry
[15:39] <mathiaz> kirkland: np
[15:39] <mathiaz> [TOPIC] Open Discussion
[15:39] <mathiaz> anything else to add?
[15:40] <dantalizing> i've got something
[15:40] <ScottK> I discovered Debian Bug 518524 today
[15:40] <ivoks> oh, lol
[15:40] <ScottK> I've got a merge prepared and asked ubuntu release if I should upload it now or after Alpha 6.
[15:40]  * ScottK is waiting for an answer.
[15:40] <ScottK> It only affects Jaunty.
[15:40]  * ScottK is done.
[15:40] <ivoks> after alpha sounds ok, imho
[15:41] <ivoks> after all, it's a development release :)
[15:41] <ScottK> It's a quick build, so depending on where they are, I could see it either way.
[15:41] <mathiaz> ScottK: well - does it block the release of alpha6?
[15:42] <ScottK> mathiaz: No, so it isn't critical if it waits.
[15:42] <mathiaz> ScottK: I don't think so - so it can wait for after alpha6
[15:42] <mathiaz> dantalizing: yes
[15:43] <dantalizing> i just started aggregating rss on my own from multiple people, and it has evolved.
[15:43] <dantalizing> i picked up ubuntuserver.org and put a planet on it
[15:43] <dantalizing> http://planet.ubuntuserver.org/
[15:43] <dantalizing> i know there is an exisiting wp site
[15:43] <dantalizing> just wanted to throw it out to the server team
[15:43] <dantalizing> fyi
[15:44] <dantalizing> and if yall had some specific desire for it
[15:45] <jbernard> kirkland merged my changes to update-motd to add inotify support, fyi
[15:45] <mathiaz> dantalizing: great - thanks.
[15:45] <kirkland> jbernard: but i haven't uploaded it to jaunty yet :-)
[15:45] <jbernard> ill file an Ffe today
[15:45] <kirkland> but yes, jbernard did some great work to get update-motd to be able to run either in a cron-base, or an inotify based mode
[15:46] <kirkland> \o/
[15:46] <mathiaz> jbernard: awesome. Thanks for the good work!
[15:47] <mathiaz> anything else to add before we wrap up?
[15:47] <kirkland> mathiaz: 2 small things from me
[15:47] <kirkland> mathiaz: i've backported kvm-84 to build on hardy, it's available in the ~ubuntu-virt PPA
[15:48] <ivoks> er... including kernel part?
[15:48] <kirkland> mathiaz: anyone having long-standing issues with kvm-62 on hardy ... i suggest you try that package and let us know how it works for you in #ubuntu-virt
[15:48] <kirkland> ivoks: not yet, i'll work on that next
[15:48] <kirkland> ivoks: userspace only, thanks for the clarification
[15:48] <ivoks> ;)
[15:48] <kirkland> mathiaz: and second, qemu has finally release 0.10.0 (after nearly a year)
[15:49] <kirkland> mathiaz: i'm merging that now, would like to try to get that into universe for jaunty, will probably need an FFE
[15:49] <kirkland> mathiaz: but there are lots of bugs fixed
[15:50] <mathiaz> kirkland: you'd have to ask the motu-release team - ScottK would probably be able to help reviewing the FFe.
[15:50] <ScottK> For server issues I can decide.  File a FFe bug and I will review it.
[15:50] <kirkland> mathiaz: yep, 'tis why i'm mentioning it here, since it seemed that ScottK was around
[15:50] <kirkland> ScottK: thanks, will do
[15:51] <kirkland> mathiaz: all from me
[15:51] <mathiaz> great. Anything else to add?
[15:53] <mathiaz> [TOPIC] Agree on next meeting date and time
[15:53] <mathiaz> so as some of you have noticed we're currently clashing with the TB meeting
[15:53] <mathiaz> the kernel team meeting has also moved one hour forward
[15:54] <soren> Has Canada switched to DST as well?
[15:54] <mathiaz> soren: yes
[15:54] <soren> Or have we really moved it just for the benefit of the USAnians?
[15:54] <mathiaz> soren: canada and usa are in DST
[15:54] <genii> No, us canucks are forced to suffer also
[15:54] <mathiaz> OTOH the TB will also move back an hour in 4 weeks
[15:55] <mathiaz> and since TB meetings only happen every other week we would just conflict once more
[15:55] <mathiaz> so my proposal is to leave the server meeting at 15:00 UTC
[15:55] <soren> Tell me again why we moved the meeting?
[15:56] <ivoks> to make it more interesting :)
[15:56] <soren> ivoks: It's not working :)
[15:56] <mathiaz> soren: because it's the same time for northamerican
[15:56] <mathiaz> soren: and it was a better time for europeans
[15:56] <soren> mathiaz: Which makes it different for *everyone* else.
[15:56] <ivoks> northamericans, raise your hand; everybody else, raise both of them
[15:57] <sommer> o/
[15:57] <mathiaz> soren: yes - but everything will be back to the regular schedule in 4 weeks (for european)
[15:57] <Brazen> o/
[15:57] <jbernard> o/
[15:57] <soren> mathiaz: You're not making a very convincing argument :)
[15:58] <mathiaz> anyway - my point being that we'd have only one more conflict with the TB
[15:58] <mathiaz> and after that we'd be back to the regular schedule with TB (every other week), server, kernel teams meeting
[15:59] <ScottK> o/
[15:59] <soren> You could use the exact same arguments for keeping it at the same time relative to UTC.
[15:59] <soren> In three weeks it'd be normal for USAnians and Canadians.
[16:00] <mathiaz> soren: nope -because we'd have a weekly conflict with the kernel team meeting
[16:00] <soren> ...and all the while, it's been normal for Europeans.
[16:00] <soren> See, *that's* a (somewhat) useful argument.
[16:00] <mathiaz> 15:00 UTC -> 1 conflict with the TB meeting (in 2 weeks), 16:00 UTC -> 3 conflicts with the kernel team
[16:01] <soren> Alright.
[16:01] <mathiaz> so next week, in #ubuntu-meeting at 15:00 UTC?
[16:01] <ivoks> ok
[16:02]  * soren still grumbles that we have to bow to the kernel team's acceptance of American daylight savings time imperialism and not the other way around :)
[16:03]  * mathiaz points soren to #ubuntu-kernel
[16:03] <ivoks> let's kill DST
[16:03] <ivoks> it's usless anyway
[16:03] <ScottK> mathiaz: slanagasek told me to go ahead and upload, so it's done.
[16:03] <Brazen> I leave my lights on all day anyway
[16:03] <ball> I mostly run servers at UTC and let workstations calculate their offset based on that.
[16:04] <mathiaz> allright folks - thanks for attending.
[16:04] <mathiaz> happy alpha6 testing
[16:04] <mathiaz> and see you all next week, in #ubuntu-meeting at 15:00 UTC
[16:04] <ivoks> we need to have lights on car all the time :)
[16:04] <mathiaz> for the Ubuntu server team meeting
[16:04] <mathiaz> #endmeeting
[16:04] <nijaba> Thanks mathiaz
[16:05] <nijaba> ivoks: http://www.facebook.com/s.php?ref=search&init=q&q=Daylight&sid=1ae160743a3fd9f216bb737ee4fb277a&n=-1&o=4&k=200000010&sf=p&hash=10f703513bb20aacdbc7822d58934e6f&s=40#/group.php?sid=1ae160743a3fd9f216bb737ee4fb277a&gid=2208383750
[16:05] <ball> Are there any doughnuts left over from this meeting?
[16:06] <ivoks> nijaba: lol i agree :)
[16:06] <Brazen> anybody use remote X apps from an Intrepid server?
[16:07] <Brazen> Anyway, it seems to be broken after an upgrade from Hardy
[16:09] <Brazen> I like to run virt-manager and virt-viewer remotely via ssh, but now after typing the command, the command prompt returns and no application shows up.
[16:10] <Brazen> I think the same thing will happen if you don't have xauth installed, but xauth is installed.
[16:10] <ivoks> why don't you run virt-manager on workstation?
[16:11] <ivoks> and connect over SSH to libvirt on server?
[16:11] <Brazen> because I prefer to tunnel through ssh
[16:11] <Brazen> well, yeah
[16:11] <Brazen> BUT
[16:11] <Brazen> I figure that way I keep the version of virt-manager that would come with the server
[16:12] <Brazen> AND, I sometimes have to connect from a Windows workstation.
[16:12] <yann2> I like to run virt-manager and virt-viewer remotely via ssh  < why would you want to do that?
[16:12] <yann2> ah sorry didnt read through all the backlog, fair enough
[16:14] <Brazen> Just to clarify what I mean by "through ssh" -  I tunnel X through ssh, not the libvirt protocol.
[16:15] <ivoks> take care...
[16:16] <Brazen> It's not a huge concern, because I'll just tunnel vnc and use that instead, but tunnelling X seems to be broken.  I have not tried from a fresh install of Intrepid Server though.
[16:17] <Brazen> Just thought I would throw it out there while all the super smart people were here, in case anyone knew of something.
[16:19] <Brazen> It's a pretty clean server to upgrade though.  I install kvm, libvirt, virt-manager, virt-viewer, xauth, ntp, and that's pretty much it.  I leave any other tweaking to be done inside virtual machines.
[16:21] <jmedina> Brazen: have you enabled debug to ssh
[16:21] <jmedina> ssh -v host -X or something
[16:21] <Brazen> no
[16:21] <Brazen> I use Putty, even on Ubuntu
[16:25] <Brazen> although, come to think of it, I don't even know if those programs would run locally on the server (no X on server to even try it)
[16:28] <Brazen> ok here is what I get with -v
[16:29] <Brazen> from an Ubuntu Hardy workstation:
[16:30] <Brazen> brazen@kvm_server:~$ sudo virt-manager
[16:30] <Brazen> [sudo] password for brazen:
[16:30] <Brazen> debug1: client_input_channel_open: ctype x11 rchan 3 win 65536 max 16384
[16:30] <Brazen> debug1: client_request_x11: request from 127.0.0.1 49544
[16:30] <Brazen> debug1: channel 1: new [x11]
[16:30] <Brazen> debug1: confirm x11
[16:30] <Brazen> brazen@kvm_server:~$ debug1: channel 1: FORCE input drain
[16:30] <Brazen> debug1: channel 1: free: x11, nchannels 2
[16:30] <Jeeves_> Brazen: 'apt-get install xauth'
[16:32] <Brazen> Jeeves: yeah I said that further up, it's acting just like xauth is not installed.  But xauth IS installed.
[16:33] <Brazen> "i     xauth       - X authentication utility
[16:33] <Brazen> :
[16:33] <Brazen> "
[16:33] <Brazen> oops
[16:33] <Brazen> "i xauth  - X authentication utility"
[16:33] <Brazen> from aptitude search xauth
[16:34] <Brazen> plus it worked fine from Hardy before upgrading it to Intrepid
[16:34] <Brazen> I would really just be interested to know if this works for anybody on Intrepid.
[17:33] <yann2> man exim4 packaging is a fU*** pain in the ***
[17:33] <yann2> *getting mad about dependancies conflicts*
[17:34] <yann2> install exim4 before postfix on ubuntu LTS, you'll never be able to install postfix
[17:34] <yann2> (sorry, had a bad day)
[17:35] <lamont> yann2: apt-get install postfix should remove the parts of exim4 that are in the way
[17:35] <yann2> yeah that's the theory :)
[17:35] <yann2> the reality is that the uninstall of exim4 is crashing
[17:35] <yann2> +script
[17:35] <yann2> so you can't remove it, nor install postfix :)
[17:37] <yann2> http://pastebin.com/m1a67d252
[17:38] <ScottK> yann2: Edit /etc/init.d/exim4 to have exit 0 as it's 2nd line and try again.
[17:40] <yann2> lovely thanks :)
[17:40] <yann2> that seems to have worked \o/
[17:41] <yann2> sorry about the shouting before, just spent 5 hours reinstalling a server, didnt feel like starting from scratch again :'(
[17:45] <ScottK> yann2: That's a pretty standard trick for removal failures because it couldn't stop something.
[17:47] <lamont> yann2: that's an exim4 bug, stop when not running == success, not failure
[18:00] <fevel> hey guys
[18:00] <fevel> I use ubuntu server with squid and apache
[18:00] <fevel> how can I force a certain webpage everytime someone opens a browser on my network?
[18:02] <giovani> fevel: #squid
[18:04] <fevel> giovani, are you sure squid will do that friend? My friends tell me to redirect http to my webserver
[18:05] <giovani> and how do they propose "redirecting http" without a proxy?
[18:05] <giovani> you could spoof dns
[18:05] <giovani> but that's not http-specific
[18:05] <fevel> using the router
[18:05] <fevel> or even iptables
[18:06] <fevel> but if you think im better off with squid I believe you
[18:20] <Brazen> What router do you have?
[18:21] <Brazen> I use pfsense as my router, and I'm pretty sure it can do it, but it would probably do it through it's squid package.
 how can I force a certain webpage everytime someone opens a browser on my network?
[18:21] <JanC> fix that webpage?
[18:23] <JanC> oh, you mean showing the same page to everyone...
[18:23] <Brazen> JanC: would you like some gum?
[18:25] <fevel> sorry for the delay
[18:25] <fevel> I havent checked the router they will be using
[18:25] <goofey> JanC: I believe that is acheived using a proxy server
[18:25] <fevel> I am only respponsible for the server
[18:25] <fevel> yes
[18:26] <fevel> I have found someything
[18:26] <fevel> http://www.publicip.net/zonecd/what.php
[18:26] <fevel> but im trying to implement it without the knoppix... diretly from my server
[18:27] <giovani2> that's what's called a captive portal
[18:32] <fevel> giovani2, thanks for the tip
[18:33] <giovani2> fevel: did you explain exactly what you're trying to do while I was logged out?
[18:34] <giovani2> there's a difference between a captive portal and redirecting specific sites/etc
[18:36] <fevel> no
[18:36] <fevel> its a captive portal
[18:36] <fevel> like this
[18:36] <fevel> http://www.publicip.net/zonecd/what.php
[18:36] <fevel> I just found out about chillispot
[18:58] <heath|work> if userA owns folder 'myfiles' and userA has a quota of 5MB,  if userB places a file in that folder, does that count against userA's quota?
[19:00]  * jmedina likes to test quotas with file image mounted as loop disk
[19:00] <jmedina> but in that case, I think no, because quota records are related to uids/gids or inodes/blocks
[19:01] <jmedina> you can test with afile with a symple byte, it wont hurt
[19:01] <jmedina> and check with repquota -a
[19:06] <mathiaz> jdstrand_: what do you think of bug 286614?
[19:07] <jdstrand_> mathiaz: I have no problem with it
[19:08] <jdstrand_> mathiaz: using /var/lib/ldap/** seems fine
[19:09] <heath|work> jmedina, thanks
[19:09] <heath|work> The problem I am running into is users using webdav,  do you know if apache can chown on files?
[19:10] <mathiaz> jdstrand: is the k permission also needed?
[19:11] <jdstrand> mathiaz: probably, since the alock will be different for each database?
[19:12] <mathiaz> jdstrand: right
[19:16] <mathiaz> jdstrand: what is your opinion on bug 218899 and 227744? (ie adding the openldap user to the sasl and ssl-cert group by default)
[19:16] <mathiaz> kees: mdeslaur ^^
[19:17] <mathiaz> in dapper slapd was running as root, while in hardy and + slapd runs under the openldap user
[19:18] <jdstrand> kees: I don't like the idea of doing either automatically. detecting it and letting the user know seems like a very good idea
[19:19] <jdstrand> mathiaz: ^
[19:20] <heath|work> jmedina, what about making a bunch of loopback files?  Do you know how many I can make and mount through fstab?
[19:20] <mathiaz> jdstrand: ok - so on new installs the openldap user should *not* be part of the ssl-cert and sasl group
[19:21] <jdstrand> mathiaz: that is my opinion, fwiw
[19:22] <heath|work> in other words, How reliable is a bunch of loop back devices?
[19:22] <jdstrand> mathiaz: eg, who's to say the server isn't a multi-purpose server that does smtp auth via sasl, and slapd isn't using it. in that circumstance slapd shouldn't have the permissions
[19:56] <J_P> LTS release is each 2 years right ?
[19:56] <J_P> next 10.4 ?
[19:56] <Deeps> 6.06 -> 8.04 -> 10.??
[20:01] <Fenix|work> Greetings... anyone using HAVP here?
[20:12] <kees> jdstrand: hm.
[20:12] <kees> jdstrand: is the current solution to add the openldap user to the sasl group?
[20:13] <jdstrand> kees: there is no current solution. it is an idea at this point
[20:32] <heath|work> anyone know how many loop devices ubuntu can handle?
[20:34] <genii> At least 256
[20:43] <heath|work> hmm
[20:44] <heath|work> is there a was to have a quota on a folder instead of a user of group?
[20:50] <smoser> heath|work, i think max loops is 255
[20:53] <heath|work> smoser, thanks
[20:54] <heath|work> The problem I am faced with is I have a web app that allows users to upload files.  I would like the users to be able to use webdav also, but apache cannot chown of files that are coming in.  Does anyone have any suggestions?
[20:55] <heath|work> I just need to limit how much a user can upload
[20:58] <smoser> but it appears you have to pass max_loop= when you load the kernel module
[21:00] <smoser> # for((i=0;i<257;i++)); do echo -n $i. && { mp=/mnt/x${i}; [ -d ${mp} ] || mkdir ${mp} ; } && mount -o loop /tmp/my.img ${mp} || break; done ; echo ; echo unmount: ; for((x=0;x<$i;x++)); do echo -n ${x}.; umount /mnt/x${x}; done; echo
[21:01] <smoser> thats how i tested. my intrepid with no max_loops parm to loop module maxes out at 8
[21:01] <heath|work> smoser, I added options loop max_loop=64  to /etc/modprobe.d/options
[21:01] <heath|work> that worked, but it doesn't resolve my issue
[21:02] <heath|work> really I just need to be able to say:  This folder can only be this big
[21:02] <heath|work> but I haven't read anything that allows me to do that...
[21:03] <heath|work> is there a way to force all files that are created in a folder to be owned by a certain user or group?
[21:12] <heath|work> can forcegroup and forceuser only be used with smb, or is there another option for normal system files and folders?
[21:23] <smoser> heath|work, regarding your problem above with webdav (which i'm not familiar with at all), you may find a solution in suexec (http://httpd.apache.org/docs/1.3/suexec.html).  that allows the apache server to run as different users.
[21:30] <TrioTorus> Is there an option that can be set to force permissions on a nfs share? I've googled and found that my chances are slim, but I was wondering if I would set up a kerberised nfs share, could I force user permission? Can this be done with nfs4 maybe?
[21:33] <kirkland> jbernard: question for you ...
[21:34] <kirkland> jbernard: what will restore the inotify jobs on reboot?
[21:34] <kirkland> jbernard: i killed off the init script
[21:34] <kirkland> jbernard: i think we might have to resurrect it
[21:35] <TrioTorus> Let me rephrase: It's my understanding that nfs doesn't have user authentication. Can such a thing be implemented using kerberised nfs?
[21:37] <jbernard> kirkland: hm...
[21:37] <mathiaz> kirkland: hm - going through the kvm bugs - seems that you're always trying to get the importance set
[21:37] <Fenix|work> any squid experts around? :)
[21:37] <Fenix|work> #squid is full of zombies
[21:38] <mathiaz> kirkland: https://bugs.launchpad.net/ubuntu/+source/openldap/ I usually don't set an importance
[21:38] <kirkland> mathiaz: i find it helps me
[21:38] <jbernard> kirkland: we'll have to resurrect it
[21:38] <mathiaz> kirkland: until it's in a confirmed/triagged state
[21:39] <kirkland> mathiaz: high = crashes host, medium=crashes guest, low=lesser issues
[21:39] <mathiaz> kirkland: the NEW states means you haven't looked at them?
[21:39] <kirkland> mathiaz: or haven't confirmed them, in some cases
[21:39] <mathiaz> kirkland: or there is NEW information available?
[21:39] <kirkland> mathiaz: in one case, i need a windows 2000 iso to confirm it
[21:39] <kirkland> mathiaz: i don't have that
[21:40] <kirkland> mathiaz: i find that setting an importance helps when sorting https://bugs.launchpad.net/ubuntu/+source/openldap/
[21:40] <kirkland> mathiaz: i met with the kvm/qemu upstream guy twice now, and i wanted to have a prioritized list of bugs to bring to his attention
[21:41] <kirkland> mathiaz: even if it's not confirmed, but someone claimed that some bug was corrupting their data, i would set the importance to Critical
[21:41] <kirkland> mathiaz: or crashing their host, i'd set it to High
[21:41] <mathiaz> kirkland: right
[21:41] <mathiaz> kirkland: for the upstream dev you'd also include the incomplete bugs?
[21:41] <kirkland> mathiaz: LP does barf a lot of email though, sorry about that
[21:42] <kirkland> mathiaz: probably not
[21:42] <kirkland> mathiaz: many of those are incomplete based on his feedback
[21:42] <mathiaz> kirkland: oh no problem. I wasn't complaining about the LP emails
[21:42] <mathiaz> kirkland: I actually don't receive kvm related bug
[21:42] <kirkland> mathiaz: that he'd need x, y, z from that user to help troubleshoot it
[21:42] <kirkland> mathiaz: in most cases, he wants to see them try it on the latest kvm
[21:42] <kirkland> mathiaz: which i built in a ppa for Hardy
[21:42] <mathiaz> kirkland: I just had a look at the kvm bug list as I know that you're actively managing it
[21:43] <kirkland> mathiaz: yeah, i'm trying to :-)
[21:43] <mathiaz> kirkland: I've just spent two days in the openldap bugs
[21:43] <mathiaz> kirkland: in the process I wrote a DebuggingOpenldap page
[21:43] <kirkland> mathiaz: i noticed ;-)
[21:43] <mathiaz> kirkland: with debugging instructions.
[21:44] <mathiaz> kirkland: It should help me in the futur when dealing with a certain type of bugs as I always need the same information
[21:44] <kirkland> mathiaz: yeah, i want to set up the LP page with a few things that I *always* need from kvm bug reporters
[21:44] <kirkland> mathiaz: right
[21:44] <jbernard> kirkland: probably /usr/sbin/update-motd should call the initscript to do the start-stop-daemon stuff
[21:45] <mathiaz> kirkland: I think bdmurray can help with that
[21:45] <jbernard> kirkland: ill work something up
[21:45] <mathiaz> kirkland: and the step afterwards is to include all of this in apport
[21:45] <jazzdog> hi
[21:45] <jazzdog> i have reformatted /dev/sdb to xfs (previously reiserfs). I can see the change of UUID in blkdev but the contents of /dev/disk/by-uuid did not change
[21:45] <jazzdog> how can I update /dev/disk/by-uuid ?
[21:45] <mathiaz> kirkland: I think that apport has now the ability to gather any type of information even if there isn't a crash
[21:46] <kirkland> jbernard: yeah, have a look at it
[21:46] <kirkland> jbernard: i'd like to avoid an init script, if possible
[21:46] <kirkland> jbernard: we could leverage the cronjobs
[21:46] <kirkland> jbernard: but that might be dirty
[21:47] <mathiaz> kirkland: are you using tags in kvm?
[21:47] <bdmurray> kirkland: something that would show up at kvm/+filebug?
[21:47] <kirkland> bdmurray: right
[21:47] <kirkland> mathiaz: not really
[21:47] <kirkland> mathiaz: i thought about it though
[21:47] <bdmurray> kirkland: yes, that is something I can help with
[21:47] <kirkland> bdmurray: nice
[21:47] <kirkland> bdmurray: i'm just about to jet off here for a bit
[21:47] <bdmurray> kirkland: it'd also be good to have an apport package hook for kvm that could grab that automatically too
[21:47] <bdmurray> I can help with that too!
[21:48] <kirkland> bdmurray: but drop me some instructions via email or irc, if it's not trivial
[21:48] <kirkland> bdmurray: excellent
[21:48] <jbernard> kirkland: how so?
[21:48] <jbernard> kirkland: the enable/disable can call the initscript
[21:48] <kirkland> jbernard: i'd like to avoid having an init script if possible
[21:48] <jbernard> kirkland: but we will somehow have to store inotify-enabled state on the harddisk
[21:49] <mathiaz> jdstrand: re openldap user in the ssl-cert group by default: a user is asking we wouldn't do that by default?
[21:49] <kirkland> jbernard: /var/tmp
[21:49] <mathiaz> jdstrand: https://bugs.launchpad.net/ubuntu/+source/openldap2.3/+bug/227744/comments/10
[21:49] <kirkland> jbernard: see how the existing enabled/disabled update-motd works
[21:50]  * kirkland is away for a while
[21:53] <jazzdog> i have reformatted /dev/sdb to xfs (previously reiserfs). I can see the change of UUID in blkdev but the contents of /dev/disk/by-uuid did not change
[21:53] <jazzdog> how can I update /dev/disk/by-uuid ?
[21:55] <bdmurray> kirkland: https://lists.ubuntu.com/archives/ubuntu-devel/2009-January/027206.html
[22:00] <jdstrand> mathiaz: I responded
[22:02] <mathiaz> jdstrand: thanks :)
[22:09] <nat2610> anybody know if there are different version of 3dm2 (3ware controller) following the controller  you have or it's the same app ?
[22:14] <docta_v> there is twcli
[22:16] <Kevin_> Hi Guys.. My Ubuntu server just starting serving up PHP files terribly slow today and I haven't a clue why. The server is running Wordpress. Could anyone take a look at my site and give me any insight?
[22:16] <ivoks> what's the url?
[22:18] <jmedina> Kevin_: what about top output? probably you are under atack, well your wordpress, it is common with old versions
[22:18] <Kevin_> I'm running Wordpress 2.7.
[22:18] <Kevin_> Also, the site is behind a firewall.
[22:46] <jmedina> anyone here using paravirtualised drivers under xen?
[22:46] <jmedina> from redhat or suse?
[23:40] <baz> what are some main differences between ubuntu server and debian?
[23:53] <Vog-work> baz: http://www.ubuntu.com/community/ubuntustory/debian
[23:54] <Vog-work> http://www.ubuntu.com/community/ubuntustory/debian
[23:54] <baz> thank you
[23:54] <Vog-work> http://www.linuxforums.org/forum/debian-linux-help/51333-what-difference-between-debian-ubuntu.html google is your friend :)
[23:55] <baz> Vog-work, those links suck, one is from 2005 and the others are very high level overview
[23:55] <baz> i know how to use google
[23:56] <Vog-work> Ok the question was very general as well. Is ther esomethign specific you were wondering about?
[23:57] <Vog-work> (and no offence meant with the google is your friend comment)
[23:57] <baz> i was hoping for some specific examples of how/why people are choosing ubuntu over debian
[23:57] <baz> Vog-work, yeah sorry for my aggressive tone too
[23:57] <Vog-work> Baz, the main reason I get from people are the more up to date repositories and changes in ubuntu.
[23:58] <baz> Vog-work, i should've probably phrased my question better but i was expecting to lead into more specifics based on what people said :)
[23:58] <ScottK> I started with it Ubuntu Server because I needed stuff that was newer than Sarge had.
[23:58] <Deeps> that was my reasoning too
[23:58] <Vog-work> Yeah sure you can go and compile from source whatever you like but the convenience of having made and tested packages is nice.
[23:58] <ScottK> I also like having the same base under the hood on my servers and desktops.
[23:58] <oh_noes> people chose Ubuntu over debian for support. Thats bascially it.
[23:59] <oh_noes> Large Orgs cannot implement Debian, and don't want to pay so much for redhat linux, so Ubuntu entered the mix
[23:59] <ScottK> oh_noes: I disagree.  Most people use community support, not paid, and you can get that for both.
[23:59] <Vog-work> oh_noes: Yeah I hear that as well.
[23:59] <ScottK> There are lots of large organizations that use Debian too.
[23:59] <Deeps> although i've since found the ipv6 support in hardy to be sub-par, so i'm considerring switching back to debian with the release of lenn
[23:59] <oh_noes> ScottK, of course most people do, but from a busines point of view, enough customers are using paid support to pay canonical
[23:59] <Vog-work> ScottK: I used to get flamed in #debian if I didn't ask a question "just so"