/srv/irclogs.ubuntu.com/2009/03/27/#ubuntu-server.txt

Damm	stupid question i'm sure, virsh is giving me an error 'network not found br0'... failed to start	00:21
Damm	yet ifconfig br0 shows the right stats	00:21
unblessedTurnip	how did you define your bridge in /etc/network/interfaces ?	00:23
Damm	lemme pastie	00:24
Damm	http://gist.github.com/86461	00:24
Damm	not using nat here, just regular routing	00:24
Damm	hopefully that doesn't complicate things.	00:24
Damm	and eth0 is manual static with no settings	00:24
Damm	iface eth0 inet manual	00:25
Damm	running jaunty (apt-get update current)	00:25
unblessedTurnip	what is giving you the 'failed to start' ?	00:27
Damm	virsh start 'dev'	00:28
Damm	or virsh start 'ubuntu'	00:28
* Damm obviously will dig in the docs more		00:28
Damm	because clearly my network isn't what it's expecting	00:28
unblessedTurnip	so I'm assuming you want it to connect to a bridged interface of some defined name?	00:30
Damm	yep	00:30
Damm	ideally eth0	00:31
unblessedTurnip	well, you're only bridge port is eth0; you don't want another one?	00:31
unblessedTurnip	as in: bridge_ports eth0 virtual0?	00:31
unblessedTurnip	so there are two interfaces both using the defined address, netmask, etc\	00:32
Damm	nope not another	00:33
Damm	unless you can give me a reason	00:33
* Damm has gone over the Ubuntu KVM docs quite well, and it's just not giving me the details i'm trying to find sadly.		00:34
unblessedTurnip	ok so you want it for virtualization	00:34
* Damm nods		00:34
unblessedTurnip	well, the second port on the bridge will allow the virtualized OS to connect to the network as it's own entity	00:35
unblessedTurnip	no NAT traversal through the host	00:35
Damm	so basically, doing bridge_ports eth0 virtual0 virtual1/etc	00:35
Damm	would be better	00:35
Damm	your saying	00:35
twb	Would you also want proxy ARP?	00:35
unblessedTurnip	well, it's how you make a second port on your bridge0	00:35
unblessedTurnip	besides eth0	00:35
Damm	ah right	00:35
twb	Damm: obviously a bridge of only one thing doesn't make much sense	00:36
Damm	twb, well then please by all means point me somewhere I can fill in the blanks... because I don't want a 'answer'	00:37
Damm	I want to learn.	00:37
unblessedTurnip	I set up virtualbox (open source edition) through https://help.ubuntu.com/community/VirtualBox#Networking	00:40
unblessedTurnip	it documented setting up the bridge, with the second or more bridge point creation	00:40
unblessedTurnip	it's followed by virtualbox-specific stuff after that though	00:40
Damm	interesting, yes.	00:51
Damm	I guess I wasn't thinking that way when I read it, I was thinking it would attach to br0 (kvm) and like vmware allow multiple 'guests' to read that.	00:57
unblessedTurnip	so link helped?	00:57
unblessedTurnip	i need to find better documentation on configuring /etc/network/interfaces	00:58
Damm	that's what I was thinking.	00:58
Damm	I see a ton of arbitrary settings in these examples with no information on what they are related to	00:58
Damm	like bridge_fd 9, bridge_hello 2	00:59
Damm	bridge_stp makes sense to me thankfully	00:59
unblessedTurnip	where did you get those from anyhow?	00:59
Damm	https://help.ubuntu.com/community/KVM/Networking	01:00
Damm	I am reading this now	01:01
Damm	and laughing at myself for following it	01:01
* Damm shakes his head		01:02
Damm	unblessedTurnip, my error has nothing to do with what you linked at all.	01:02
Damm	but thank you for trying :)	01:02
unblessedTurnip	I thought it might be because the virtualizer expected a seperate bridge interface beyond br0, but oh well	01:02
Damm	no	01:03
Damm	the instructions in that wiki tell you to modify the network 'name' to br0	01:03
Damm	the problem is we then do not define the network 'br0' in kvm	01:03
Damm	it's not looking for ifconfig br0, or eth0, or /dev	01:03
Damm	it's looking for an xml config for the network 'br0'	01:03
unblessedTurnip	oh	01:03
Damm	and thus the utter failure begins	01:03
unblessedTurnip	alright then :\|	01:04
Damm	it's funny now yes?	01:04
unblessedTurnip	yea	01:04
unblessedTurnip	best of luck with KVM	01:05
Damm	well, once this is done and I document it... it's something for my company to go forward	01:05
Damm	and it's nice padding on the resume	01:05
Damm	designed and deployed a mixed architecture using kvm in a production enviroment, built monitoring systems around it, blah blah	01:05
unblessedTurnip	interesting; i hope the monitoring tools are good :P	01:06
Damm	They will be.	01:06
Damm	as long as you can handle a wrapper to read the JSON	01:06
Damm	and that's trivial with perl or ruby or python	01:06
unblessedTurnip	i'll probably be the only guy at our network ops centre that could do that :P	01:07
Damm	but now i'm going to shower feeling accomplished because I defeated a wiki!	01:07
unblessedTurnip	haha	01:07
Damm	oh I feel that way all the time	01:07
Damm	only reason i'm looking at KVM right now is because Xen is on the deprecated list	01:08
Damm	we're going to use Xen for a year or two, but I'd like to have all the tools and migration path for KVM set once we feel KVM is ready to use.	01:08
twb	Damm: do you have specific problems with kvm?	01:08
Damm	twb, not anymore	01:08
Damm	:)	01:08
twb	Damm: I'm looking at migrating from vmware to openvz (for unix guests) and kvm (for windows guests).	01:09
Damm	pardon my french as i say this.	01:09
twb	So if KVM "isn't ready" I'm very interested :-)	01:09
Damm	are you fucking insane about openvz?	01:09
twb	Damm: what's wrong with openvz?	01:09
Damm	Unless you work for Cameron (spry) there's really no reason to use openvz	01:10
* unblessedTurnip gooogle.com/search?q=openvz		01:10
Damm	Xen is a HUGE step up from Openvz	01:10
Damm	and going from vmware to openvz is like... a downgrade	01:10
Damm	majorly	01:10
twb	IME vmware breaks everything.	01:11
Damm	openvz failure 1, you cannot swapon a 'file' to add any swap other then was booted with.	01:11
giovani3	openvz is a mess	01:11
giovani3	memory management failure	01:11
Damm	that's very painful and stupid, can't dd if=/dev/zero of=swap count=500;mkswap swap;swapon swap	01:11
twb	As I control the dom0, I have no need to add swapfiles within a domu	01:11
Damm	right, but with openvz the memory management is fail	01:11
Damm	and I/O performance is fail	01:11
Damm	so unless you know who Cameron is or Sprynet	01:12
Damm	... I don't know why you'd touch openvz for a million dollars	01:12
Damm	(that's the company that started using openvz/championed it or whatever)	01:12
unblessedTurnip	does virtualbox still not provide 64-bit host virtualization?	01:13
unblessedTurnip	disregard last; Damm: what made you choose KVM as an upgrade path in particular?	01:14
Damm	unblessedTurnip, based on kernel support and it being maintained by the 'mainline' kernel tree	01:16
Damm	So Ideally I won't have to worry much about tainted drivers, or drivers not working in kvm because of 'x' reason...	01:17
Damm	so only thing I need is qemu, kvm package, and libvirt or another way to manage the guests	01:17
unblessedTurnip	so the kqemu kernel module is included then?	01:18
unblessedTurnip	or is it required with KVM?	01:18
Damm	not sure on that	01:19
Damm	but it's in jaunty's repos	01:19
Damm	and for me I look for what's being supported by companies in the next 6months-1year.	01:19
unblessedTurnip	alright. last time I played with it was like 7.10, and had to be built by hand	01:19
Damm	nah with jaunty it's insanely easy	01:19
unblessedTurnip	I'm back one step for the LTS	01:20
Damm	install the meta package, and make sure you can load the kernel module kvm-intel	01:20
Damm	and configure networking and go	01:20
Damm	yeah i'm using the LTS with Xen	01:20
Damm	but i'm also deploying couchdb + Chef for Management	01:20
unblessedTurnip	kqemu might be depricated in favor of kvm-intel module now	01:20
* unblessedTurnip must research		01:21
Damm	so I made my chef server jaunty, and i'm gonna give my coworkers a taste of it while we test it	01:21
Damm	i believe so	01:21
Damm	kvm-intel is in the regular kernel images	01:21
unblessedTurnip	alright, interesting	01:21
twb	AFAICT kqemu is only for people who can't use VT -- either because the CPU doesn't support it, or because some other virtualization system on the same host is hogging it	01:22
unblessedTurnip	that makes sense	01:23
twb	And kqemu has some annoying bugs -- like making qemu segfault regularly when you switch to the (qemu) console (alt+2), or making it impossible to allocate 2GiB of memory to the VM, or making any d-i image segfault shortly after it starts with an "unhandled opcode".	01:23
unblessedTurnip	fun times	01:24
Damm	interesting	01:24
Damm	so yeah I'm just trying to learn this and make it go	01:25
unblessedTurnip	best of luck. I gotta jet.	01:26
Damm	it's all using libvirt so that's always a win	01:29
twb	Last time I looked at libvirt was when it first entered Debian, and it was an alpha joke	01:30
Damm	twb, i think it still is really.	01:32
Damm	and it really is a huge joke, but someone decided to take the joke seriously.	01:32
Damm	so now the joke is really on debian	01:32
twb	I expect libvirt will go nowhere until someone decides to sink money into it	01:33
Damm	twb, sadly people are starting to support it in a joke way.	01:34
twb	Shrug	01:35
twb	Not my problem.	01:35
Damm	See, that's where I differ. It is your problem, my problem, anyone who ends up using it in the next 2-3 years should care.	01:44
Damm	the problem is we are programmed to 'not care'. I call it the Conditioning of Society.	01:44
twb	You might as well call it the bystander effect.	01:45
Damm	I call it being a cow in a herd.	01:46
Damm	You don't have to blend in, and accept things as they are. Some of us do it because it's easier then the alternative.	01:46
zoopster	so Damm what are you doing about the "joke" as you call it besides complaining about it on a public forum?	02:08
Damm	zoopster, myself? well one can start with documenting the experience, and providing the resulting configuration that worked for you so others can learn from your experience.	02:29
Damm	that's for starters	02:29
Damm	not document in 'in the drama' way like oh my god the horror... just improve on the documentation and the experience for the user (even if the user is a sysadmin)	02:30
drewmeigs1	hey, could anyone give me a little help with nagios?	02:31
twb	!anyone > drewmeigs1	02:32
ubottu	drewmeigs1, please see my private message	02:32
drewmeigs1	i am trying to set up nrpe, but after typing "./configure", the guide says to type "make all" but there is no "make" nor are there rules for all. i was wondering how to get beyond this.	02:34
Damm	apt-get install nrpe	02:34
Damm	you absolutely do not need to build nrpe from source, just nagios-plugins and nrpe from apt and then configure /etc/nagios/nrpe.cfg	02:35
drewmeigs1	ok, thank you so much. i guess i didn't realize it was in the repos. i really appreciate it.	02:36
Damm	aptitude can search, so does apt-cache	02:37
drewmeigs1	thank you	02:38
Damm	so	02:44
Damm	vnc-viewer working	02:44
Damm	got my kvm running with networking via bridged	02:44
Damm	amazing what a little weed can do to fix your brain to finish the job	02:44
* jmedina agree		02:44
Sam-I-Am	Damm: are you... the damm i know?	02:57
Damm	Sam-I-Am, OH my blessed bosum of love.	02:57
Damm	oh how I have missed you	02:57
Sam-I-Am	haha	02:57
Sam-I-Am	guess so...	02:57
twb	Surely you mean bosom.	02:57
Damm	nope I don't	02:57
Damm	he's not my type	02:58
Sam-I-Am	haha	02:58
twb	Damm: you've never had a bosom-friend?	02:58
twb	Kids in this century are so tame.	02:58
Sam-I-Am	so... really... you?	02:58
Damm	twb, he's just so hairy.	02:58
Damm	j/k	02:58
Sam-I-Am	ha	02:58
Damm	Sam-I-Am, really me yep	02:58
Sam-I-Am	wow	02:58
Damm	how's Fort Collins treating you	02:58
Sam-I-Am	thats two people from the past i've met today	02:58
Sam-I-Am	pretty good	02:58
Sam-I-Am	except for the snow today	02:59
Damm	I haven't seen / heard from Brian in ages	02:59
twb	FWIW google doesn't know what a "bosum" is.	02:59
Damm	twb, you should teach it.	02:59
twb	Damm: I don't know what it is, either.	02:59
Damm	I see yazzy now and then but he still ignores me	02:59
Sam-I-Am	ha, another name from the past	02:59
Damm	twb, let's just make it a fictional name and stop here.	02:59
* Damm nods to Sam-I-Am.		02:59
twb	Shrug.	03:00
Sam-I-Am	still in #cisco ?	03:00
* Damm is just showing off his KVM love to my boss		03:00
Damm	he's digging it	03:00
Damm	nah, I still deal with cisco crap	03:00
Damm	oh brian? no clue	03:00
Damm	i get email from him randomly	03:00
Sam-I-Am	ah	03:00
Sam-I-Am	what are you doing these days?	03:00
Damm	Systems + Network Administrator for one of the most hated companies on the internet lately.	03:01
Sam-I-Am	hmm... level3?	03:01
Damm	my company runs myluvcrush.com and iqquizapp and a fwe other sites	03:01
Damm	that facebook junkies loathe and hate	03:01
Sam-I-Am	ahh	03:01
twb	I was going to guess IANA	03:01
Sam-I-Am	heh	03:02
Damm	twb, no... my woman works for a company that does phone calls for mobile messenger (which is the company behind those websites)	03:02
Damm	and they get roughly 15-25 death threats a day	03:02
Damm	seriously	03:02
twb	I expect the WTO gets more	03:02
Sam-I-Am	wow	03:02
Damm	We're just a banner company, if you have *.tattomedia.com in your block list for adblock or otherwise	03:03
Damm	well you can thank me.	03:03
twb	I wouldn't know; my browsers don't implement iframes or images.	03:03
Damm	mainly because I had a discussion with a coworker about how we were loosing hits from adblock plus and such	03:03
Damm	so we worked around it, so that no matter what you get to see our ad.	03:04
Sam-I-Am	twb: elinks person? :)	03:04
Damm	well except twb.	03:04
twb	Sam-I-Am: emacs-w3m	03:04
Damm	ahh yeah he's safe.	03:04
Damm	we have elinks customers	03:04
twb	I hate how the UI isn't consistent across pages in a GUI browser	03:04
twb	And I hate using the mouse	03:04
Sam-I-Am	do you have foot pedals for emacs?	03:04
Damm	you can blame the consistency crap on MS	03:04
twb	Sam-I-Am: nope	03:05
Sam-I-Am	i'm an opera user... its not bad.	03:05
twb	Damm: no, I mean things like websites changing the colour of links	03:05
twb	Damm: or putting images on top of buttons so you can't tell they're buttons	03:05
Damm	twb, well good news... web 2.0 has gotten rid of most of those annoying traits	03:05
twb	Apart from Opera still using qt3 on Debian.	03:05
Damm	it has replaced it with more annoying traits	03:05
twb	Damm: oh yeah	03:06
twb	Damm: like I saw a router yesterday that draws the ENTIRE PAGE using ajax	03:06
Damm	oh that's easy	03:06
twb	Damm: for its management console, I mean	03:06
Damm	you should see the pile of shit that Sun is trying to sell with their 'Unified Storage Solution'	03:06
twb	Damm: my point is that's pretty annoying if you don't implement js	03:06
Damm	it's a very annoying Tomcat webapp	03:06
Damm	that has very little to offer.	03:06
twb	haha, tomcat	03:06
Damm	why do I want to spend 68k on a Solaris 10 server	03:07
Damm	really sun	03:07
Damm	get a new clue	03:07
twb	Those OWA clones are funny	03:07
Damm	Zimbra	03:07
twb	Damm: the smart people in sun work on zfs and stuff, not the wanky web space	03:07
Damm	yeah i had a job doing that once	03:07
Damm	... every time someone calls me up and asks if I want to do Zimbra	03:07
Damm	I tell them unless your offering 100k to start, screw off.	03:07
Sam-I-Am	heh	03:08
Sam-I-Am	i've read a little about that	03:08
twb	Damm: which do you hate more: zimbra or scalix? ;-)	03:08
Damm	zimbra	03:08
Damm	twb, friend of mine just decomissioned one of his ldap servers... to find out it was promoted as the ldap master and had 3 accounts still left on it	03:08
Damm	oh the horror of that when ldap replication suddenly broke on a cronjob on the weekend	03:09
twb	The ubuntu partners team contacted me about getting zimbra packaged properly in Ubuntu	03:09
Damm	and then email stopped working	03:09
twb	I said "maybe, if I don't have to use launchpad"	03:09
twb	:-)	03:09
Sam-I-Am	i just posted some ldap-related bugs to launchpad	03:10
twb	I think I can safely say that I have never had a good experience with ldap.	03:11
Sam-I-Am	its definitely not the most straightforward thing	03:12
twb	It's like domestic abuse	03:12
twb	Everyone hates it, and knows it's terrible, but we keep going back to it	03:12
twb	Because the only alternatives are, like, NIS	03:12
Damm	the problem with LDAP is what it is, and how people use it.	03:12
Damm	nss_ldap is horrible, you should use nss_ldapd if you don't... please shoot yourself now	03:13
twb	They're both horrible	03:13
Damm	i can't say i have started to use launchpad yet... I'm sure i'll hate it	03:13
Damm	I was hoping to get a landscape trial	03:13
Damm	... but I haven't gotten squat from registering for a trial	03:13
twb	You can't even log into launchpad unless you are using a GUI browser :-/	03:13
twb	Yeah, I think canonical forgot to set a budget for landscape	03:13
Sam-I-Am	heh, libnss on centos/rhel .. you know, "enterprise" .. causes the system to hang indefinitely if you configure it to use ldap.	03:14
twb	Or maybe it's just some intern that made the stub package :-)	03:14
twb	Sam-I-Am: you probably want soft binding, then	03:14
Sam-I-Am	yeah, even then it hangs	03:14
Sam-I-Am	its a bug	03:14
twb	Ow	03:14
twb	RHEL should just cash in their chips and tell people to use Ubuntu	03:15
Sam-I-Am	rh was like... yeah, we might fix that... been about 1.5 years since i think it was reported. quick solution is downgrading libnss	03:15
twb	Sorry guys, it's not 1995 anymore	03:15
Sam-I-Am	i'm trying to convince my boss we should go to ubuntu server from centos/rhel	03:15
Sam-I-Am	rhel is like the aix of linux	03:16
twb	Sam-I-Am: you should point him at the policy manual and ask "so where is the equivalent quality assurance infrastructure on RHEL?"	03:16
Sam-I-Am	hmm, havent heard of that	03:16
twb	FFS, there isn't even any post-2000 documentation about the RPM format	03:16
Sam-I-Am	lol, rpm	03:16
twb	Sam-I-Am: the policy manual is what allows us users to report bugs like "don't put shit in /opt you fucking idiot" to package maintainers	03:17
twb	And the policy manual means they can't argue. Their package is just plain wrong	03:17
twb	Cf. fedora directory server (har har).	03:17
Sam-I-Am	i havent tried fds	03:18
twb	It is funny	03:18
Sam-I-Am	smells like ldap with some twists	03:18
twb	Like a road accident	03:18
twb	Sam-I-Am: it's a fork of openldap	03:18
twb	Er, I think	03:18
twb	It might be a pure-java thing, I am confusing the two.	03:18
ajmitch	FDS is the old netscape directory server	03:19
twb	Fair enough	03:20
ajmitch	previously AOL, etc	03:20
ajmitch	some old stuff in there	03:20
Damm	ah back	03:26
Damm	Sam-I-Am, i'm coming from RHEL	03:26
Damm	so having Landscape shuts up people	03:26
Sam-I-Am	heh	03:26
Damm	sigh, so no mysql 5.1 in jaunty	03:27
Damm	damn i am not get any respect tonight	03:27
Damm	I might as well just giveup and finish up some stupid xen crap	03:27
twb	Damm: you need to carry a broadsword	03:27
twb	Nobody gives you shit then	03:27
twb	Well, maybe one guy does, but the rest learn from his mistake	03:28
Sam-I-Am	lol	03:28
Damm	twb, oh rest assured no one in their right mind fucks with me.	03:28
Damm	sam has met me, he could prolly attest to my insanity atleast.	03:28
Sam-I-Am	ha	03:28
Sam-I-Am	sure...	03:28
twb	"Hey, you in that tree up there! Are you a motorcar?"	03:28
twb	"Yes, I am!"	03:28
twb	"What luck, so am I!"	03:29
mrwes	How often does freshclam -d check for updates?	03:30
Damm	my coworkers leave me alone	03:30
Damm	which is nice	03:30
twb	mrwes: too often?	03:30
Damm	mrwes, do you really depend on your freshness that much?	03:30
Damm	of your clams	03:30
Damm	I suggest you to use some bleach on your clams	03:30
twb	clamav exists AFAICT to use up all your RAM and I/O	03:30
mrwes	well.... I looked in /etc/clamav/freshclam.conf and it appears to say 24 times a day	03:31
twb	mrwes: that wouldn't surprise me	03:31
mrwes	why?	03:31
mrwes	heh	03:31
Damm	twb, pretty much yep	03:31
twb	mrwes: because it sucks	03:31
mrwes	sigh...	03:31
Damm	only way to deal with clamav is to nuke it's databases every 50000 emails	03:31
Damm	otherwise it gets too bloated	03:31
Damm	and slow	03:31
twb	Rather than deploying clamav, the "right" solution would be to scrap all your Windows workstations	03:31
mrwes	twb, I don't have that option	03:32
twb	But that tends to cause a zombie rampage	03:32
twb	Only wobbly windows will soothe them	03:32
mrwes	so...can I change that or not?	03:32
twb	mrwes: dunno, actually. I don't have much direct experience with clamav (except for kill -9, of course.)	03:32
Damm	mrwes, buy some macs	03:33
twb	haha	03:33
Damm	<-- is a machead now	03:33
twb	Damm: then install Ubuntu on them. Woo!	03:33
Damm	sam would be so proud	03:33
Sam-I-Am	haha	03:33
mrwes	twb: so why the smart ass comments then?	03:33
mrwes	:)	03:33
twb	mrwes: because I'm a smartass.	03:33
mrwes	blah	03:33
twb	And I'm bloody bored	03:33
Damm	mrwes, seriously you can't update clamav enough to protect you from the stupidity of windows users	03:33
Damm	mrwes, so updating the datafiles 24hours a day is excessive to most of us	03:33
Damm	perhaps it's not enough for you	03:34
mrwes	yah I need more	03:34
mrwes	48 hours a day maybe	03:34
mrwes	so...I take it I don't need a cron for freshclam...heh	03:34
Damm	you do	03:35
twb	Put it in cron.hourly?	03:35
Damm	put it in cron.hourly	03:35
Damm	but it won't save you from the windows users	03:35
Damm	as long as you can accept that, your fine.	03:35
mrwes	hrmmm	03:35
Damm	last time I used Zimbra my ClamAV process was sucking up 500-1024meg	03:35
Damm	minimum	03:35
Damm	resident.	03:35
twb	hehe	03:35
mrwes	why do I need an hourly cron, when there is freshclam daemon running?	03:36
twb	Does zimbra include clamav in it huge /opt mess?	03:36
twb	mrwes: ah, fair enough	03:36
Damm	yes twb	03:36
twb	Damm: yuk	03:36
Damm	mrwes, hrm, then i wonder why it's there	03:36
Damm	oh well	03:36
twb	I wish those jackasses would just use the stock postfix and such	03:36
* Damm twitches		03:37
* Damm takes his postfix-cure shots.		03:37
Sam-I-Am	lol	03:37
twb	haha	03:37
Damm	next time please warn me before you say that word.	03:37
twb	Damm: you are an exim4 weenie? ;-P	03:37
Damm	and no i'm not a sendmail man	03:37
Damm	yes I'm a exim weenie	03:37
twb	Haha	03:37
Damm	exim4 > *	03:38
Damm	and you know it	03:38
Damm	and exim doesn't cause STI's (massive dirty writes)	03:38
Damm	I really feel sorry for anyone who uses warning Postfix... I mean look at Fastmail.fm	03:39
Damm	I remember when they went from Sendmail to Postfix because of the dirty writes that postfix forces... their load went from 3.0 to 115.0	03:39
Damm	with the same amount of traffic	03:39
Damm	and we all know why postfix does it too, which doesn't make it any better.	03:39
Sam-I-Am	i havent had too much trouble with postfix	03:40
Damm	Sam-I-Am, postfix doesn't trust ext3/ext2	03:43
twb	That's good, cos ext4 has a default commit interval of 30 minutes :P	03:43
Sam-I-Am	i use xfs	03:44
Damm	twb, the problem with ext4 is that even with ext4... unless you have NVRAM and a BBU hooked up, it's still fail	03:44
Damm	if you don't understand why I'll save you from the rant... because you'll only make your ears bleed	03:44
twb	Yeah, ext4 is funny	03:44
Damm	the truth is all filesystems in linux are in the same fail	03:45
Damm	once we can get to the VM and fix that hurdle	03:45
Damm	filesystems can be stable again	03:45
twb	Though I can't remember when I last saw someone spell UPS as BBU	03:45
zoopster	Damm, twb - you guys are fairly stupid apparently	03:45
Sam-I-Am	except xfs :)	03:45
zoopster	telling a guy to put freshclam in cron?	03:45
zoopster	wtf?	03:45
Damm	zoopster, I haven't touched clamav in years	03:46
Damm	so really	03:46
Damm	no thanks	03:46
twb	zoopster: actually, I asked a question.	03:46
Damm	and I always left a ? on it...	03:46
Damm	Sam-I-Am, unless you have a BBU with 512meg of cache hooked up to XFS... I wouldn't trust it	03:47
Damm	althought XFS is better if you store the journal on another disk...	03:47
zoopster	so that ? protects your id10t-ness?	03:47
Damm	zoopster, do you have a reason to be calling me an idiot?	03:47
zoopster	Yes	03:48
Damm	zoopster, I think the freenode gods would like it if you stfu already with your 'flaming idiot' comments.	03:48
Damm	however, if you'd like I'll give you a flash light and a plunger	03:48
Damm	you know how to use those right?	03:48
zoopster	and they don't care for your attitude and language either	03:48
* Damm smiles		03:49
Damm	It's nice knowing that no matter where I go, I can find someone like that :)	03:49
zoopster	you always keep those tools around for your use, I take it	03:49
zoopster	with an attitude like that...it's no wonder	03:49
ScottK	zoopster: Your communication style is really inappropriate here.	03:59
zoopster	Mine? Scrollback a bit.	04:00
ScottK	zoopster: I think I read back enough.	04:03
ScottK	zoopster: There are better ways to communicate someone is not correct than calling them an idiot.	04:03
zoopster	ScottK: sorry, but after they lambasted several asking simple questions I had enough.	04:03
ScottK	OK. Maybe then I need to go back farther then.	04:04
Damm	perhaps it was inappropriate to talk badly about ClamAV...	04:04
zoopster	It went on for several hours	04:04
Damm	okay then I clearly was not here then.	04:06
zoopster	I'm not going to argue about it, I was wrong for calling Damm an idiot and I can tell that several were not too keen on the commentary that went on since I came in nearly 2.5 hours ago	04:07
twb	ScottK: it would be reasonable to point out that Damm and I wandered wildly off-topic and were generally grumbling instead of helping people.	04:18
Damm	twb, i'm guessing that was pretty unrelated.	04:19
Damm	his anger seemed more pointed at something else	04:19
twb	Damm: granted.	04:20
Damm	twb, usually when someone goes off like that... there's a reason, he was upset because of someone's behavior towards him.	04:20
Damm	doesn't make his behavior any more justifiable	04:20
Damm	just puts it in better perspective.	04:20
ScottK	twb and Damm: I did just go back and read the last several hours of scrollback and you're both about 90% off topic for this channel.	04:27
ScottK	This channel is for development and support of Ubuntu server.	04:27
Damm	ScottK, I presume then KVM and Ubuntu server is OT?	04:27
Damm	because that's how I joined	04:28
ScottK	Damm: Not at all.	04:28
Damm	as far as ClamAV I tried to be more factual then personal hatred of it.	04:28
Damm	as far as the other OT that's taken out of channel	04:29
Damm	:)	04:29
ScottK	Also freshclam doesn't need a cron job. Freshclam runs a daemon and the number of times per day it checks is managed via /etc/clamav/freshclam.conf.	04:29
Damm	I wasn't aware of that, last time I was in Ubuntu LTS it did :(	04:30
ScottK	So if you were aiming for factual, that didn't make it.	04:30
Damm	nah, that was wrong.	04:30
Damm	I can admit that, and I wasn't positive if it did work in cron or otherwise.	04:30
ScottK	Damm: Oddly enough we've never made an LTS release that did that.	04:30
Flannel	Damm: One of the guidelines in Ubuntu channels is "When helping, be helpful." Comments that aren't only contribute to noise, and make you seem pretentious.	04:30
Damm	Flannel, thank you for that. However one person at a time please :)	04:31
Damm	ScottK, well this release enabled it both in cronjob and otherwise. I believe it had a dialog that asked me if i wanted to run Freshclam and said yes, and it shoved that in also.	04:32
Damm	but that is over 2 years ago, so I just know I had both running from Ubuntu, nothing more.	04:32
Damm	so trying to pull facts out of 2 years ago when the servers are no more, is pointless.	04:32
Damm	and I will stop here.	04:32
ScottK	Fair enough. I don't want to run anyone off.	04:33
Damm	Nor do I, I just had my battle and won with KVM on Jaunty so I was glowing a little so it was my semi-celebration.	04:33
Damm	which is on my list now to help out with that documentation on the wiki	04:35
Damm	:)	04:35
ScottK	That's good. Docs always need updating.	04:36
Damm	Well documenting libvirt/kvm is always a challenge as it seems different situations permitting it can vary on configuration	04:36
Dei	Hello, anyone here familiar with ISPCONFIG?	05:13
Dei	Hello, anyone here familiar with ISPCONFIG?	05:30
oh_noes	how do I increase the number of open files a non root user can have? Currently it's 1024	05:30
twb	oh_noes: ulimit?	05:31
twb	oh_noes: a.k.a /etc/limit, I think	05:32
jmarsden_	oh_noes: /etc/security/limits.conf. Add a line that says * hard nofiles 2048	05:35
jmarsden_	Then start a new login shell for the user concerned and ulimit -n should then say 2048.	05:36
=== jmarsden_ is now known as jmarsden
oh_noes	thanks I added it but instesd of *, it was for a specific	05:37
oh_noes	user*	05:37
jmarsden	Sure, that should work too :)	05:38
oh_noes	I also needed to add a pam line to /etc/pam.d/common-session to actually make it work. Which I found interesting	05:38
oh_noes	didnt work without session required pam_limits.so	05:38
Dei	anyone just familiar with DNS?	05:39
Dei	I want to run name servers under the same domain I will be hosting a website	05:40
Dei	cant quite figure out what to do	05:40
jmarsden	Dei: what you call your nameserver hosts is pretty much irrelevant... ns1.example.com and ns2.example.com naming is common, but not needed... what are you really stuck on?	05:41
Dei	well.. with my domain registrar, I added the two aliases i would be using for the name servers	05:43
Dei	i was able to ping them previously.. but for some reason now I cant	05:44
Dei	that wouldnt be dependant on my system settings though, would it?	05:44
jmarsden	Wait... you told the registrar DNS for your domain is at ns1.whatever.com and ns2.whatever.com and you provided Ip addresses for each of them, right? And you set up the server at the first IP as a master DNS server, and the other one as a slave? and now you can't ping eitehr of them?	05:45
jmarsden	Can you still ping them by IP address? ping 1.2.3.4 or similar?	05:46
Dei	yeah. I just cleared out my configuration now...	05:46
Dei	I used bserv and cserv.loyalreliable.com	05:46
Dei	and they actually both pointed to the same IP Address	05:46
Dei	but since cserv and bserv are glued by my domain registar... it seems like it should still be pingable	05:47
Dei	i can still ping the ip	05:47
Dei	what!!! weird...	05:48
Dei	i just cleared my configuration 2 minutes ago	05:48
Dei	and now they are pinging again..	05:48
jmarsden	I was about to say, dig bserv.loyalreliable.com works for me from here...	05:49
Dei	well I cant be mad.	05:49
Dei	I was using this ISPCONFIG program... but I think i am going to abandon it	05:49
jmarsden	dig @cserv.loyalreliable.com bserv.loyalreliable.com. gets me a REFUSED back...	05:49
Dei	i just cleared my config when I uninstalled ISPconfig	05:50
jmarsden	so cserv is not really giving out info to the general public (me) for the loyalreliable.com domain yet.	05:50
Dei	hm	05:51
jmarsden	OK, so now just create working /etc/named.conf files for each DNS server and a zone file for loyalreliable.com on the master, and you're all set... right?	05:51
Dei	i suppose	05:51
Dei	I dont know how to do that yet though	05:51
jmarsden	Then why are you trying to run DNS servers? Learn on a test LAN, not on the public Internet :) Until you learn, let your ISP handle DNS duties...	05:52
Dei	lol	05:52
Dei	no time to learn	05:52
Dei	only time to make it work	05:52
Dei	would I have to edit my named.conf from /var/named/chroot/etc/named.conf?	05:53
jmarsden	Read http://www.langfeldt.net/DNS-HOWTO/BIND-9/ and http://www.howtoforge.com/traditional_dns_howto and that should help. And no, you can edit /etc/named/named.conf unless you have done something odd.	05:55
Dei	i dont think i'm too odd	05:56
jmarsden	Hmmm, I just installed bind9 on Intrepid 8.10 desktop here and it is using /etc/bind/named.conf ...	06:00
Dei	yeah	06:04
Dei	I'm actually running fedora lol	06:04
Dei	but having trouble finding people to help	06:04
Dei	ubuntu is on my laptop though ;]	06:04
jmarsden	Fedora is not recommended as a server OS... use CentOS if you must go the way of RPM on your servers...	06:05
Dei	hm	06:05
Dei	maybe i'll put Ubuntu Server on	06:05
Dei	start with a fresh pallet	06:05
jmarsden	That would make this a better place to ask your questions :)	06:05
Dei	lol	06:05
jmarsden	https://help.ubuntu.com/8.10/serverguide/C/ is a good starting point if you are new to Ubuntu Server. And be sure you select the "DNS Server" task from the task list during the install... so you'll have the relevant software installed for you.	06:09
Dei	yeah	06:09
Dei	I might go ahead and put Ubuntu Server on there	06:09
Dei	you know how you set the host name	06:09
Dei	does that actually have any affect	06:10
Dei	i.e. am I required to have that matching	06:10
jmarsden	Not for DNS service to work, no.	06:12
Dei	what cases would that be necessary?	06:12
Dei	if you had a large internal network?	06:12
Dei	with an internal DNS	06:13
jmarsden	Web hosting with virtual web hosts, email unless you mess in extra detail with config files... DNS requests go to an IP address and a well known port number, so you can name the server host(s) whatever legal hostname you choose.	06:14
Dei	hm	06:15
Dei	I'm going to be doing vhosts	06:15
jmarsden	Most people name the host whatever fits their naming scheme, but register aliases like ns1 and ns2 for DNS server names, so they can move DNS around among their servers if they want to.	06:15
Dei	im going to run my primary and secondary dns on the same system ;o	06:16
Dei	and then hopefully host 100 sites	06:16
jmarsden	You are nuts. Or your customers are, to trust you, if you only run one DNS server... at minimum use a free secondary DNS host like editdns or granitecanyon or whatever...!	06:18
Dei	thats what ive seen recommended	06:19
Dei	i'll check editdns	06:19
Dei	I mean..	06:19
Dei	I would run 2 servers.. but we would be behind the same internet connection	06:20
Dei	so I didnt see a purpose.. baring Hardware failure	06:20
jmarsden	Your two DNS servers are supposed to be on separate subnets on different upstream connections...	06:23
jmarsden	You can get a small virtual private server for this kind of use for about US$15/month if you don't want to use a free secondary.	06:23
Dei	I'm taking a look at opendns here now	06:24
Dei	i just assumed	06:25
Dei	if dns and web are on the same server	06:25
Dei	DNS wouldnt be down unless Web is down	06:25
Dei	and if Web is down... then why would DNS still need to be up	06:25
Damm	It's fairly easy and inexpensive to keep a DNS server on a secondary server	06:25
Damm	I'm not sure if I share the same views as a different subnet/upstream. However, I do share the views about having a secondary DNS server that's not running on your main websites box	06:26
Damm	I know certain NIC's love to make you do crazy things (like DENIC)	06:26
Dei	i kind of get it	06:26
Dei	but if Web is down, then what benefit would it be to keep DNS working	06:27
Dei	unless we had backup webservers	06:27
jmarsden	Dei: So you can quickly get a VPS from somewhere else and change your DNS to point all your customers to the new host!	06:27
Dei	hm	06:27
Dei	ok ok	06:28
Damm	Dei, mainly it's nice to have DNS on a secondary server so that when your website is getting pounded, your dns does not suffer.	06:28
Damm	that's one of the biggest benefits, a low TTL to move it to another IP is also good	06:28
Damm	:)	06:28
Dei	now i think im getting it	06:28
Dei	for instance	06:28
Dei	if we had a disaster	06:29
Dei	and web would be down for a week	06:29
Damm	Dei, I always plan for failure... and hope for success.	06:29
Dei	yeah	06:29
Damm	that way when the worst happens, you know what to do and handle it.	06:29
Dei	i'll start doing the same	06:30
Dei	sounds like good practice	06:30
Dei	do you guys know of any shell providers	06:30
Damm	to stray OT a little, It's better to realize your failure points, and address them now when your smaller. Then when your trying to grow leaps and bounds, and you can't get ahead because you didn't spend the time earlier.	06:30
Dei	or VPS... if thats the same thing or not I do not know	06:31
Damm	Honestly, I'm lazy. I use Akamai for my DNS Needs. I have Powerdns setup using MySQL for a backend, it just transfers my zone every 30minutes and deploys it on their DNS servers.	06:31
Damm	not exactly cheap	06:31
Damm	but you can get a Slicehost.com account for 10$/month	06:31
Damm	and they're okay. There's some latency issues at odd hours, but overall it's been reliable.	06:31
Damm	</OT>	06:31
Dei	lol	06:31
Dei	we are the topic	06:31
jmarsden	Dei: slicehost, linode, johncompanies ... and yes this is all OT for #ubuntu-server	06:32
twb	jmarsden: is there a channel for that?	06:32
jmarsden	I'm not sure, on freenode... which is basically all about open source software...	06:33
Dei	hm... Akamai with PowerDNS?	06:33
Dei	it seems like bind might be easier initially, since I wont have to bother with SQL	06:35
Damm	Dei, it's OT... if you wish to discuss that conversation further you can /query me.	06:36
twb	jmarsden: well, is there an #ubuntu-offtopic or -chat or something?	06:36
twb	jmarsden: my point is it's better to direct people elsewhere for OT than just to tell them to shut up (paraphrasing).	06:36
jmarsden	There is #ubuntu-offtopic, yes.	06:37
jmarsden	I do not see any channels specifically about finding good VPS or shell host providers here on Freenode, which is what I thought you were asking.	06:38
twb	jmarsden: that was my initial question, yes	06:43
twb	Failing that, directing people to a generic "noise" channel seems advisable	06:43
jmarsden	True... in this instance, by the time I had searched the channel list for a few appropriate keywords, they'd apparently already taken it to private messages :)	06:44
Dei	:)	06:46
_law_	hi guys i wanna ask that how to list the package that installed in ubuntu server	06:54
friartuck	_law_ dpkg -l \| grep ii \| grep foo	06:56
_law_	friartuck, ii n foo r the name of the package?	06:57
friartuck	_law_ dpkg -l \| grep ii #to list all installed pakages. make sense?	06:57
_law_	ooo	06:58
_law_	ok i try it now	06:58
friartuck	foo is case sensitive	06:58
friartuck	^whatever your package name...foo is example :)	06:58
uvirtbot	friartuck: Error: "whatever" is not a valid command.	06:58
_law_	thx friartuck	06:59
_law_	:)	06:59
_law_	now i have another question	06:59
_law_	in my box i have libtomcat6-java, tomcat6, tomcat6-common installed , but when i tried to deploy a war file in the tomcat webapps it won't be deployed, is there any other tomcat package that i have to install, to make it works?	07:01
_law_	in my box i have libtomcat6-java, tomcat6, tomcat6-common installed , but when i tried to deploy a .war file in the tomcat webapps it won't be deployed, is there any other tomcat package that i have to install, to make it works?	07:02
friartuck	_law_ I'm not tomcat pro...have you looked here? https://help.ubuntu.com/8.10/serverguide/C/tomcat.html	07:03
_law_	ok friartuck, thx	07:03
_law_	hmm i think i already installed the needed tomcat package , but still i can't deploy the hudson.war	07:07
_law_	XD	07:14
_law_	guys i want to deploy a .war file in tomcat n i have installed java, libtomcat6-java, tomcat6, tomcat6-common. but the war file can't be deployed. what should i do?	07:16
twb	_law_: is there any error message?	07:17
_law_	The requested resource (/hudson) is not available.	07:18
twb	Bummer.	07:18
twb	I don't do tomcat, so that's about all I can suggest, sorry.	07:18
_law_	it seems the hudson.war not deployed	07:18
_law_	Bummer?	07:18
_law_	what's that?	07:19
twb	It's a surfer term meaning "bad"	07:19
_law_	twb	07:19
ttx	_law_: what release ? intrepid ?	07:19
_law_	that's ok	07:19
_law_	ttx it's intrepid	07:20
kraut	moin	07:20
jmarsden	_law_: You might want to try asking in #tomcat ?	07:20
_law_	oh thx jmarsden	07:20
ttx	_law_: what are you doing exactly to deploy	07:20
_law_	just as usual put the war file in the webapps folder then restart tomcat	07:21
ttx	_law_: it may well be related to our way of doing things... so better ask here (to me) first	07:21
ttx	which webapps folder	07:21
_law_	tomcat	07:21
ttx	/var/lib/tomcat6/webapps ?	07:21
ttx	/usr/share/tomcat6/webapps ?	07:21
_law_	'/usr/share/tomcat6/webapps '	07:21
ttx	_law_: CATALINA_BASE is /var/lib/tomcat6/webapps	07:22
ttx	_law_: so you should deploy webapps there	07:22
ttx	_law_: otherwise you should have a deploy descriptor in /etc/tomcat6/Catalina/localhost	07:22
Damm	_law_, if you can't deploy a WAR you should find out why you can't deploy it	07:22
_law_	in my box i only install libtomcat6-java, tomcat6, tomcat6-common	07:22
Damm	because more then likely tossing it in there, will not guarantee it working	07:22
_law_	ttx i'll try it now	07:23
Damm	... if you go to the /manager ui, and you can't deploy a WAR that way, shoving it in /var/lib/tomcat6/webapps won't make it run	07:23
Damm	but ensure you restart tomcat6 after you put the WAR there	07:23
Damm	and best of luck :)	07:23
ttx	Damm: in fact we do autodeploy in Jaunty, so he wouldn't really need to restart :)	07:24
ttx	with Intrepid... I think it would work as well.	07:25
Damm	ttx, neat. Well gosh dangit it's been awhile sinc eI ran tomcat6	07:25
ttx	(for war dropped in /var/lib/tomcat6/webapps)	07:25
Damm	thanks for letting me know though so i know in the future :)	07:25
Damm	but I promise I'll never install tomcat ever again in my life.. </OT>	07:26
ttx	Damm: never say never...	07:26
_law_	great ttx i put the war in '/var/lib/tomcat6/webapps' n it's deployed :D	07:26
Damm	ttx, although to be more on topic... i'm kinda suprised that it's not suggested to use jetty	07:28
Damm	or tomcat6 being deprecated for jetty	07:28
_law_	hmm i thought i must put in '/usr/share/tomcat6/webapps'	07:28
Damm	_law_, nope, that's different spot	07:28
Damm	:)	07:28
ttx	_law_: we are using a CATALINA_HOME / CATALINA_BASE deployment, like descibed in tomcat RUNNING.txt doc	07:28
ttx	CATALINA_HOME (/usr/share/tomcat6) contains binaries	07:28
_law_	so to deploy must pit in 'var/lib/tomcat6/webapps' i got it now	07:28
_law_	put	07:28
ttx	CATALINA_BASE (/var/lib/tomcat6) contains instance-specific stuff	07:28
_law_	thx ttx, Damm	07:28
ttx	you can use package tomcat6-user to deploy more (private) instances	07:28
ttx	different CATALINA_BASE, same CATALINA_HOME	07:29
ttx	Damm: why jetty ? We don't even have jetty6 packaged ?	07:29
_law_	ttx after i put in the '/var/lib/tomcat6/webapps ' i must restart thr tomcat 1st , if not it won't deploy any war	07:30
ttx	_law_: possible, autodeploy is a new feature in Jaunty	07:30
_law_	oo	07:31
_law_	ic	07:32
_law_	hmmm ttx	07:32
_law_	u ever use hudson	07:33
ttx	sorry, no. My knowledge stops at tomcat6 packaging.	07:33
_law_	now i'm trying to deploy the hudson.war then it deployed n created the folder named hudson but when iwant to acces it via http://localhost:8080/hudson	07:34
_law_	i get http 404	07:34
_law_	description The requested resource () is not available.	07:34
_law_	but the other war works	07:35
ttx	_law_: I suppose it needs some more precise URL, like http://localhost:8080/hudson/html/index.jsp	07:35
ttx	(wild guess)	07:35
Damm	ttx, no clue, I'll be honest it's been about 2years since I ran Ubuntu, and I started running it again this week	07:39
Damm	so I have alot of catching up to do	07:39
* Damm has been sitting with RHEL for Production and Gentoo for development.		07:39
Damm	I believe that is the full yin and yang cycle </OT>	07:40
_law_	oo	07:40
_law_	i try it now	07:41
_law_	hmm it's not working XD	07:46
Damm	_law_, yep it's there. afaik it was basically licensing that forced the tomcat/jetty hand if you were curious.	07:46
Damm	it's a bit different of a setup though i believe	07:46
_law_	hmmm	07:46
_law_	i 've deployed hudson.war in windows tomcat n it just simply put in webapps then when i access it via web browser it can be accessde	07:48
_law_	but in ubuntu sever is not working XD	07:49
_law_	guys which file in /etc/default to edit if i want to disabled tomcat security manager?	08:02
ttx	/etc/default/tomcat6 -- TOMCAT6_SECURITY=no	08:03
_law_	oh thx ttx :)	08:03
ttx	_law_: not recommended except for testing/debugging, of course	08:03
_law_	hmm the in the hudson webpage tell to do that so i try it now	08:04
ttx	_law_: well, it's difficult to get security profiles right and they are an endless source of funky errors.	08:05
_law_	ic	08:05
_law_	ok now i'm trying to open the deployed hudson again XD	08:06
_law_	hmm it works but	08:06
Damm	but?	08:07
_law_	have other error XD	08:07
_law_	the hudson now canbe accessed but on the page is written	08:07
_law_	Unable to create the home directory '/usr/share/tomcat6/.hudson'. This is most likely a permission problem.	08:07
Damm	tomcat may not be able to write there	08:08
_law_	hmm ya i guess so	08:08
ttx	_law_: ah. application makes unreasonable assumptions on how unsecure your setup could be	08:08
Damm	that's the common problem with some WARS that fail to install, they do something funky with $datadir	08:08
_law_	wat so u mean ttx?	08:08
ttx	well, it wants to create a directory under $CATALINA_HOME with the rights of the webapp. We usually confer limited rights to webapps, and those don't include changing stuff in the main directories	08:10
_law_	then wat should i do XD	08:10
Damm	ttx, i ran into a blog that did something worse... trying to write to /home/tomcat by default :(	08:11
ttx	_law_: any way to change that directory location ? If not try creating it manually and make it owned by the tomcat6 user	08:11
Damm	ttx, he has to unzip the WAR and modify the xmlfile that defines that location	08:11
Damm	and then re-pack it	08:11
ttx	Damm: convenient :)	08:11
Damm	if you prefer to not do that, unzip the WAR, and modify the xml file	08:11
Damm	and then login to the manager and tell it to start it	08:12
Damm	and it should start then	08:12
_law_	hmmm so which is te easiest way?	08:12
_law_	:D	08:12
Damm	_law_, define easy?	08:13
Damm	in less then 10 steps? cd /var/lib/tomcat6/hudson	08:13
Damm	it should be under WEB-INF	08:13
_law_	hmm	08:15
Damm	i think	08:16
* Damm is looking at the WAR now		08:16
Damm	it may be the ${basedir} crud in META-INF/tab/tab/pom.xml	08:17
Damm	but doesn't click in the brain	08:17
* Damm looks further		08:17
Damm	found it	08:18
Damm	load up WEB-INF/web.xml	08:19
Damm	line 141 or so	08:19
_law_	then?	08:19
Damm	if HUDSON_HOME is not defined it defaults to your home directory	08:19
Damm	and guess what the tomcat users home directory is?	08:19
_law_	what?	08:19
Damm	... if you guessed /usr/share/tomcat6 you win a cookie	08:19
_law_	oh	08:20
Damm	<env-entry-value></env-entry-value>	08:20
Damm	put a value in that.	08:20
_law_	wait i open it now	08:21
_law_	aaaaaaaa , i'm using nano how to find the line 141 easily XD	08:22
jmarsden	nano +141 filename	08:22
_law_	oh i just knw that tips thanx very much	08:23
_law_	u want me put wat value ?	08:24
_law_	oh	08:24
_law_	someone in #tomcat give me the answer	08:25
Damm	what was the answer he gave you?	08:27
Damm	set HUDSON_HOME?	08:27
_law_	still chatt with him XD	08:27
_law_	hmmm they tell me to set HUDSON_HOME to the dir that tomcat user have full privillge in it	08:31
ttx	Hm. I would rather create a directory in which the tomcat user has full privilege. a tomcat6:tomcat6 /var/lib/hudson for example	08:32
_law_	ttx, how do iknow that some user has full privilege in any dir?	08:33
ttx	_law_: by looking at the owner/group of a directory. sudo mkdir /var/lib/tomcat6/hudson && sudo chmod tomcat6:tomcat6 /var/lib/tomcat6/hudson	08:35
_law_	oo	08:36
_law_	thx	08:36
_law_	i try it now	08:36
Damm	it's trying to write to /usr/share/tomcat6	08:38
Damm	which if you check /etc/passwd should be your homedir in the gecos	08:39
_law_	gecos?	08:39
_law_	hmm wat is the corect form for chmod	08:46
_law_	i'm getting invalid error mode	08:47
Damm	because chmod doesn't change user/group	08:47
Damm	that's chown	08:47
_law_	ooo	08:47
_law_	ok i got it	08:47
Damm	chmod only accepts numbers, such as chmod 0740	08:47
ttx	ah hm, yes, sorry.	08:47
ttx	typo up there	08:47
_law_	ok nvm	08:47
_law_	;)	08:48
uvirtbot	New bug: #349014 in mysql-dfsg-5.0 (main) "package mysql-server-5.0 None [modified: /var/lib/dpkg/info/mysql-server-5.0.list] failed to install/upgrade: Unterprozess pre-installation script mit Signal (Broken pipe) get?tet" [Undecided,New] https://launchpad.net/bugs/349014	08:51
* Damm needs to find his mysql 5.1 debs		08:51
_law_	it's not working :(	09:01
_law_	hmm i'm tring to export the hudson home again coz it seems the hudson home is not changing	09:04
Damm	it won't because hudson home is tomcat's home directory	09:09
_law_	no	09:10
_law_	as root	09:10
Damm	until you change the file I mentioned, the line I mentioned... you will not win without just doing a horrible chmod -r tomcat:tomcat /usr/share/tomcat6	09:10
Damm	you don't run tomcat as root	09:10
_law_	i mean as root i have done export hudson home to xxx	09:10
_law_	then i restart tomcat an acces via web browser n it success w	09:11
_law_	but	09:11
_law_	when i restart my servere	09:11
_law_	my server	09:11
Damm	you would have to export HUDSON_HOME in your tomcat startup script	09:11
Damm	in the same line that starts the tomcat instance	09:12
_law_	n i just go straight access the hudson wb it gets the same error again	09:12
Damm	HUDSON_HOME=/tmp /usr/libexec/tomcat6	09:12
Damm	(example, not accurate)	09:12
Damm	and i've said my peace and how to fix it, good luck.	09:12
_law_	hmm u mean i need to export hudson home by adding line in /etc/init.d/tomcat6?	09:13
Damm	I would rather you just fix web.xml	09:13
Damm	and slap the maintainer of hudson for making you do it	09:13
_law_	haha	09:14
Damm	assuming that CATALINA_HOME is writable is bad dumb, stupid.	09:14
_law_	maybe the maintainer only test it on windows	09:14
Damm	write to where you install the war, or give it a configuration option to set it... so it doesn't make you do this	09:14
Damm	but this is an old java issue	09:14
Damm	that won't get fixed by us talking	09:15
_law_	hey if wanna edit the web.xml?	09:15
_law_	wat should i do?	09:15
Damm	usually I just do mkdir -p /var/lib/tomcat6/webapps/hudson/data	09:16
Damm	for example	09:16
Damm	and then set in that file that folder	09:16
Damm	(and make sure tomcat/tomcat owns it)	09:16
_law_	ooo	09:17
mattt	evening all	09:17
_law_	hmm i already done editting the tomcat startup script now try to reboot server	09:17
_law_	hello mattt :)	09:17
Damm	you do have a pension for punishment _law_	09:18
* mattt feels sick at the sound of tomcat		09:18
_law_	a pension for punishment? wat do u mean? Damm	09:18
Damm	_law_, you are picking the most painful ways of resolving this issue.	09:19
Damm	why is that?	09:19
_law_	hmm did i?	09:19
Damm	editing /etc/init.d/tomcat6 should be your last resort	09:19
Damm	very last	09:19
_law_	hmm i already done it though	09:20
_law_	ohh noooo	09:21
twb	Damm: s/pension/penchant/	09:21
_law_	my tomcat not starting now	09:21
Damm	that's a shocker	09:21
_law_	'/etc/init.d/tomcat6: 29: /var/lib/tomcat6/hudson: Permission denied'	09:22
=== Zerqent_ is now known as Zerqent
_law_	i just at the HUDSON_HOME= xxxx	09:22
_law_	XD	09:22
Damm	oh how that so fails	09:23
Damm	heh	09:23
_law_	help	09:23
_law_	how to fix it then?	09:23
_law_	XD	09:23
_law_	i've wasting whole day 4 setting hudson in ubuntu server	09:24
Damm	I'd suggest start by scrolling up	09:24
_law_	scrolling up?	09:25
_law_	u mean undo all i've done?	09:25
_law_	what shoul i do then/	09:26
_law_	?	09:32
Damm	Not sure what your expecting me to say.	09:33
_law_	hmm now i'm trying to set the env variavle in my .bascrh	09:34
_law_	u think that will work? Damm?	09:35
Damm	nope	09:35
Damm	you are so cold it's not even funny.	09:35
_law_	why?	09:35
_law_	so the last step i need is to set the hudson home permanently	09:36
_law_	if i do it by execute export HUDSON_HOME=xxxx	09:37
_law_	it oly works 4 that session only XD	09:37
Damm	you can export whatever you want	09:37
Damm	it only works in that shell, and once setuid or su is called	09:37
Damm	that enviroment is not inherited	09:38
Damm	(unless you tell it to)	09:38
_law_	so what should ido?	09:38
Damm	there's a file I mentioned about 5x if you scroll up	09:38
Damm	I even mentioned about what line to edit	09:38
shally87	hi..	09:38
Damm	and now I'm 100% done.	09:38
Damm	hi shally87	09:38
_law_	hi too	09:39
shally87	I would like to ask hod do i access my lamp server in vbox?	09:39
shally87	i do port forward but there is nothing happen	09:39
shally87	was using router dlink model dsl-500t	09:39
shally87	and i follow the instruction here http://portforward.com/english/routers/port_forwarding/Dlink/DSL-500T/HTTP.htm	09:39
mattt	shally87: IIRC, if you forward the ports while the VM is running you need to reboot?	09:40
shally87	reboot the vm..	09:41
shally87	ok tq..	09:41
mattt	wait!	09:41
mattt	sorry	09:41
mattt	i thought you meant forward ports using VBoxManage	09:41
_law_	Damm u mean edit the line 141	09:42
_law_	i'm doing it now	09:42
kraut	my open-iscsi daemon is still flooding the filer with message like this: Fri Mar 27 10:36:20 CET [is@iscsi.notice:notice]: ISCSI: New session from initiator iqn.1993-08.org.debian:01:c3f22ca89d75 at IP addr XXX	09:42
kraut	does anybody know why?	09:42
shally87	ok	09:43
shally87	i use router to forward?	09:44
shally87	i use router to forward..	09:44
shally87	ok my condition is like this;	09:45
shally87	i got 1 cpu which i run a vbox inside...	09:45
shally87	and i have lamp server running	09:45
shally87	and a router outside with a dynamic ip..	09:45
shally87	so i want to access the lamp server by typing the dynamic ip	09:45
shally87	how to do that??	09:45
shally87	I found the port forward but it is not working	09:46
shally87	and my lamp server has it's own ip	09:46
shally87	which i not using NAT	09:46
Dei	you could enable the DMZ for a second just to test the forwarding	09:47
Dei	otherwise it must be an issue with the port forwarding; such as correct port# or tcp/udp	09:48
shally87	hmm	09:49
shally87	if i allow dmz, this means i only able to forward 1 vm..	09:49
shally87	any difference between tcp and udp?	09:50
Damm	http?	09:52
shally87	hmm	09:53
shally87	brb	09:53
tjaalton	kirkland: seems that update-motd is racy, sometimes I get motd.tail twice	09:57
simplexio	has nayone idea why my server now and then fails to answer ssh.	10:00
simplexio	Received disconnect: 2: server_input_channel_req: unknown channel -1	10:01
simplexio	usually first connect from remote server fails at morning. second try works. server is "home" server. i have something like 6 connections allways open and i open one at every mornign	10:02
simplexio	and connection is coming from "far away", nwer got that when connecting from desktop which is one hop away	10:03
kraut	my open-iscsi daemon is still flooding the filer with message like this: Fri Mar 27 10:36:20 CET [is@iscsi.notice:notice]: ISCSI: New session from initiator iqn.1993-08.org.debian:01:c3f22ca89d75 at IP addr XXX	10:05
kraut	does anybody know why?	10:05
shally87	hi again	10:06
shally87	i try but nothing works	10:06
shally87	any specific channel for port forwarding?	10:06
_law_	ok bye all go home time	10:08
_law_	thx 4 helping	10:08
kraut	ubuntu and iscsi is teh sucks!	10:19
Ethos	it's good	10:23
kraut	it's not working	10:23
Ethos	it's not hard?	10:23
kraut	and if you restart the iscsi intiator, nothing happens	10:23
Ethos	install it and connect	10:23
kraut	and now my system hangs again	10:23
Ethos	user error	10:24
Ethos	works perfect for me over ssh	10:24
kraut	user error, nice answer... really!	10:24
Ethos	It's true	10:24
Ethos	I know tonnes of people that use it	10:24
kraut	and why the hell is it flooding the filer with messages like this: Fri Mar 27 10:36:20 CET [is@iscsi.notice:notice]: ISCSI: New session from initiator iqn.1993-08.org.debian:01:c3f22ca89d75 at IP addr XXX	10:24
Ethos	No idea	10:24
Ethos	Sounds like you cocked it up? lol	10:24
kraut	we have tons of centos-systems wich are running like a charm	10:24
kraut	totally... do you have any other useless comments?	10:25
Ethos	Do you?	10:25
=== dazman_ is now known as dazman
domas	goddamnit, us.archive.ubuntu.com is soooo slow, people should learn from european mirrors :)	12:19
Jeeves_	domas: The U.S. Should learn from the rest of the world in lots of situations :)	12:38
ScottK	Jeeves_: Could we keep this about Ubuntu Servers please?	12:38
Jeeves_	ScottK: I was not interested in a useless discussion about the US. it was just a remark.	12:39
ScottK	Jeeves_: OK. I'm not either and I really don't appreciate it.	12:40
Jeeves_	ScottK: ok .....	12:41
domas	we have local hardy mirror, so I somehow never noticed problems =)	12:42
acicula	thought ubuntu already defaulted to a local mirror when installing	12:43
domas	well, by "local", I mean "one in LAN"	12:44
Jeeves_	domas: Join #ubuntu-mirrors	12:45
Jeeves_	we can make jokes about the us there too :)	12:45
domas	I just pressed 'ok' too fast when doing netinstall	12:46
domas	I'm testing a nehalem box	12:46
domas	wanna see how much difference sse4.2 optimized kernels/software can make	12:46
acicula	depends on what you are doing iirc	12:49
acicula	some benches so little improvement, some show a lot	12:49
acicula	*show	12:49
acicula	though i'm guessing your playing with the server variant?	12:50
domas	ye	12:50
acicula	doesnt it come with more cache then the i7?	12:50
domas	http://p.defau.lt/?6owFTijFM99gLtSMBDcdqA	12:51
acicula	heh that's an awesome domain	12:51
giovani	not quite as cool as the cook islands :)	12:52
acicula	dual socket system?	12:52
domas	ye	12:52
acicula	nice	12:52
domas	I wanted to get fau.lt though	12:52
domas	but some squatters had it :)	12:52
* acicula scratches head over what country goes with lt		12:53
giovani	Lithuania?	12:53
giovani	that's all I can think of without looking it up	12:53
domas	thats correct :)	12:53
domas	I always like to do-release-upgrade over the atlantic	12:55
giovani	getting ready for jaunty? :)	12:55
domas	shiiiit, sshd didn't come up after restart	12:56
domas	bad part - I didn't set root password	12:56
domas	so my ssh keys don't really work	12:57
acicula	heu	12:57
acicula	dont need a password if you have a key?	12:57
domas	who needs passwords	12:58
acicula	are you using services from hostex?	12:59
domas	some, why?	13:00
acicula	just curious about their service, but cant really make heads or tails of their page	13:00
acicula	was wondering if you knew of an english version	13:00
domas	you need hosting in lithuania? :)	13:01
domas	info@hostex.lt would work, I guess	13:01
domas	they run main datacenters here	13:02
domas	why can't I get into grub :)	13:03
quizme	has anybody upgraded to ruby 1.9.1 ?	13:03
domas	woo, success	13:03
acicula	domas: not specifically in lith, but somewhere in the eu is fine if connection is decent	13:03
acicula	domas: gratz :)	13:03
quizme	do i have to reinstall ruby gems if i just upgraded to ruby 1.9.1 ?	13:03
domas	success was mostly for getting into grub screen	13:05
acicula	well you are halfway there then	13:05
domas	somewhat difficult with text and background having same color	13:05
acicula	:/	13:05
domas	damn, missed again	13:06
domas	why the heck doesn't ssh come up :)	13:06
acicula	network started?	13:06
domas	yup	13:07
domas	responds to ping :)	13:07
acicula	can do a local logon?	13:07
domas	no, there's no password	13:07
domas	have to reset it :)	13:07
acicula	boot in single user mode	13:07
domas	I tried init=/bin/sh, probably too old trick	13:08
acicula	no user with admin rights set either?	13:08
acicula	init=S i think	13:08
acicula	not sure	13:08
domas	ghm, what is 'recovery mode'	13:08
domas	what happens if I boot in 'recovery mode'? :) never tried that	13:08
acicula	err that lets you drop to a shell too	13:08
acicula	dunno if you need a pass	13:08
acicula	hey these guys are pretty cheap too, whats your experience with them	13:09
domas	I used to run systems dept. for that company once upon a time :)	13:09
acicula	ah	13:10
domas	anyway, it has good connectivity to .lt	13:10
domas	and as .lt is in europe's ass	13:10
acicula	i know :)	13:10
domas	it probably isn't good for european hosting	13:10
domas	I use server4you.de myself	13:10
acicula	well i'm mostly using my vps to dial out, not so much incomming traffic so	13:10
acicula	domas: they look pretty nice as well, should've searched better before i guess	13:12
domas	arghhhh	13:13
domas	http://p.defau.lt/?QjLfEsw_0yGjAp582inyLQ	13:13
acicula	root	13:14
acicula	drop to shell?	13:14
acicula	ohcrap	13:14
acicula	:D	13:14
acicula	http://www.cyberciti.biz/faq/grub-boot-into-single-user-mode/	13:14
acicula	tl;dr boot grub edit kernel line, add single	13:15
acicula	wait, that also drops you into giving the password	13:15
acicula	boot from cd and chroot into the server?	13:15
acicula	maybe you can override the init?	13:16
domas	thats what I tried at first :)	13:17
domas	so sad :)	13:19
anelephant	HI, I have a problem with a bin9 server. It seems to resolv internet querys well. However I have some problem with some xp machines that is not able to use it. When I do nslookup it gives error message: server failed	13:22
anelephant	anyone have any smart Ideas?	13:23
acicula	what does the log say	13:24
domas	lol	13:27
domas	I just had lots of amusement in #ubuntu	13:27
anelephant	I haven't set up a log, I'll do that now. named-checkzone works out fine on both reverse and forward zones, and there is net access on all machines however some machines are not able to access other machines by name, only by IP. I'll get back to you with the results from the log.	13:29
domas	this is epic	13:34
domas	http://p.defau.lt/?kuELtwBBr6cZKpr8mR7G2g	13:34
acicula	lol, read the first line, dont need to read the rest	13:39
acicula	boot something and chroot	13:40
acicula	add a user :P	13:40
acicula	if you boot in single user mode, wont pressing enter for a password work, since there isnt a root password?	13:41
anelephant	so I seem to have been able to find the problem with my bind9 server. when The server tries to load the zone file it gets : permission denied. Now I guess I am sounding noobish but how do I set the permissions for the file so that bind can access it?	13:52
zul	anelephant: chown	13:53
anelephant	yea, but what permissions should the file have?	13:54
acicula	well read as the user or group,	13:56
anelephant	ok, thanks acicula!	13:56
domas	ok, hahaha, apparently init=/bin/dash is also correct way, it just doesn't print you shell	13:56
domas	but listens for commands	13:56
acicula	so you gots root back	13:57
acicula	t00t	13:57
domas	well, it doesn't have terminal initialized, just pure stdin/stdout	13:59
domas	so, 'passwd' doesn't work :)	13:59
acicula	/sbin/passwd	14:00
acicula	probably have no path set?	14:00
domas	passwrd uses terminal i/o, not stdin	14:01
acicula	can use useradd with options to add a user and add it to the admin group perhaps?	14:02
domas	usermod -p works	14:04
domas	oh well, it works now	14:04
acicula	it's not added to the admin group by default	14:05
acicula	so you have to specify or change that	14:05
domas	I just set the password :)	14:18
incorrect	I am wondering what the best method of setting up samba is, I feel i should use pam authentication	14:25
incorrect	if I use ldap then it seems a use has to maintain two passwords	14:25
infinity	Samba can't auth against PAM, but you can go the other direction.	14:25
infinity	libpam-smb allows all your other PAM-using services to authenticate against Samba.	14:26
incorrect	I am sure i once had use pam to get its user db	14:26
infinity	(You can't do it the other way because SMB clients send passwords pre-encrypted, and Samba passing an encrypted password to PAM would do no good)	14:26
kirkland	tjaalton: hmm, i just took a quick look at the code, and i don't see the race	14:26
kirkland	tjaalton: please file a bug, and give as much information as you can about what situations you see the race	14:27
incorrect	ok so what ever protocols can i use to serve home directories to linux,macs and windows?	14:29
tjaalton	kirkland: does it run twice at *:00 ?	14:30
giovani	incorrect: well ... windows likes SMB/CIFS	14:30
tjaalton	kirkland: maybe I'm reading the cronjob wrong, but it appears so	14:30
giovani	linux/mac can handle SMB/CIFS with samba	14:30
giovani	linux/mac can handle NFS more easily though	14:30
giovani	windows can handle NFS with some software	14:30
incorrect	is there anything else	14:31
giovani	theoretically, sure	14:31
giovani	those are the big ones	14:31
giovani	unlikely the other options would work well	14:31
incorrect	what about webdav?	14:31
giovani	it's not a filesystem replacement, but it's a way of sharing files, sure	14:31
giovani	like ftp is	14:31
incorrect	probably samba is the best method	14:32
giovani	just depends on your needs	14:32
genii	I have to sat that the unix tools for windows really really suck, however	14:33
genii	sat -> say	14:33
giovani	indeed, but they're not the only solution	14:34
giovani	so you're not forced to use them	14:34
incorrect	ok i will get samba going	14:34
kirkland	tjaalton: can you pastebin your cronjob?	14:36
kirkland	tjaalton: i'm running update-motd from HEAD, which isn't in jaunty	14:36
kirkland	tjaalton: (inotify-based update-motd :-)	14:36
tjaalton	kirkland: it's what's in jaunty	14:37
tjaalton	have to go now.. ->	14:37
anelephant	Hi I have been struggeling with my bind server giving permission denied on my zone files, Ive tried making root owner and bind owner but it doesn't seem to work.. Any ideas?	14:49
sommer	anelephant: check /var/log/syslog for apparmor entries... have you changed the default location of your zone files?	14:55
NEWzilla	i love the debian way to manage apache... thanks guys!	14:59
NEWzilla	the sites-enable sites-disable and the a2en* commands. nice..	14:59
giovani	NEWzilla: we love it too :)	15:04
=== hessml\|away is now known as hessml\|away\|away
ScottK	kirkland: I like the packages to be updated count on login in Jaunty. That was you that did that, right?	15:18
kirkland	ScottK: ack ;-)	15:19
ScottK	So thanks for that.	15:19
kirkland	ScottK: if you want to see that number tracked on an hourly basis, run the fancy new screen-profiles	15:20
jpds	kirkland: Is it a known bug that screen-profiles does not work with screen's 'altscreen on' option?	15:21
kirkland	jpds: not sure... i dunno what altscreen does... /me checks the manpage	15:21
jpds	kirkland: It clears up any output screen gives on closing/detach.	15:22
jpds	So instead of seeing backlog, you just see [screen detached].	15:22
kirkland	jpds: so if you put that in your .screenrc	15:23
jpds	It doesn't work.	15:23
kirkland	jpds: and you're running screen-profiles, that option is not respected?	15:23
* kirkland tests		15:23
jpds	Yeah. :(	15:23
kirkland	altscreen on\|off	15:24
kirkland		15:24
kirkland	If set to on, "alternate screen" support is enabled in virtual termi‐	15:24
kirkland	nals, just like in xterm. Initial setting is ‘off’.	15:24
kirkland	that's a terrible explanation in man	15:24
jpds	kirkland: You can test it using my old screenrc: http://ryanak.ca/~jpds/screenrc	15:27
kirkland	jpds: yeah, i've reproduced the problem	15:27
kirkland	jpds: please open a bug	15:27
kirkland	jpds: you can mark it 'confirmed', and priority 'medium'	15:27
kirkland	jpds: i'm working on a couple of critical mdadm and kvm issues at the moment, but i'd really like to get this fixed	15:27
kirkland	jpds: in the case where you can figure out the problem, i'm definitely all ears, and will gladly merge a fix ;-)	15:28
Tuxist1	hi	15:29
Tuxist1	I have problem with kerberos ,pam and nfs when I mount the nfs volume I can't login into my kerberos user with pam	15:30
jahor	hi anyone know some resource (wiki, web etc) about documenting network infrastructures and server environment ? in last days i create doc for one of our larger deployments with more servers and many services and i could not find a sane way to document dependencies betwen components (my idea is keep all in one wiki)	15:33
jpds	kirkland: Bug filed, I'll take a look into the source too.	15:33
kirkland	jpds: thanks a lot	15:34
jahor	btw anyone know about some tool like lintian for checking server configuration (something like checking all disk partitions are in nagios configuration, regexp based check of some config files etc)	15:34
kirkland	jpds: i suggest removing chunks out of your screen-profiles profile	15:34
kirkland	jpds: until you get it down to the point where altscreen works again	15:35
kirkland	jpds: and then we can identify the conflicting option	15:35
kirkland	jpds: does that make sense?	15:35
kirkland	jpds: okay, i found the problem-setting	15:37
kirkland	jpds: termcapinfo xterm* ti@:te@	15:37
jpds	kirkland: Yep, will do... thought it might have been that.	15:37
kirkland	jpds: perhaps you can do a bit of research and find out how to get altscreen and termcapinfo compatible with one another?	15:37
kirkland	jpds: i would be so appreciative ;-)	15:38
jpds	kirkland: Sure.	15:38
kirkland	jpds: cheers, dude!	15:38
mathiaz	kirkland: I'm running screen-profile 1.40 on my hardy server.	15:39
mathiaz	kirkland: the number of updates is incorrect.	15:40
mathiaz	kirkland: how can I fix that?	15:40
kirkland	mathiaz: \o/	15:40
kirkland	mathiaz: hit F5-enter	15:40
kirkland	mathiaz: that'll refresh all of your status indicators	15:40
mathiaz	kirkland: nope - still wrong	15:40
kirkland	mathiaz: okay, then run apt-get update	15:40
kirkland	mathiaz: and then F5-enter	15:40
mathiaz	kirkland: apt-get update; apt-get dist-upgrade shows nothing	15:40
kirkland	mathiaz: oh, hardy ....	15:41
kirkland	mathiaz: hardy doesn't have the hook to update /var/run/updates-available on upgrade	15:41
kirkland	mathiaz: rm ~/.screen-profiles/updates-available	15:41
kirkland	mathiaz: then F5-enter	15:41
kirkland	mathiaz: it would pick up the change in an hour	15:41
kirkland	mathiaz: within an hour	15:41
kirkland	mathiaz: jaunty is basically instant	15:42
mathiaz	kirkland: great - thanks.	15:42
mathiaz	kirkland: also - in the status bar, Ubuntu 8.04 is written	15:42
mathiaz	kirkland: I used to have Ubuntu 8.04.2	15:42
kirkland	mathiaz: hmm	15:42
kirkland	mathiaz: let me check something	15:42
kirkland	mathiaz: that's something to do with lsb-release	15:43
mathiaz	kirkland: I was running 1.15 and 8.04.2 was shown	15:43
kirkland	lsb_release	15:43
mathiaz	kirkland: 1.40 shows 8.04	15:43
kirkland	mathiaz: yeah, i used to grep that out of /etc/issue	15:43
kirkland	mathiaz: now i'm using lsb_release properly	15:43
mathiaz	kirkland: right - you're using -i -r	15:44
mathiaz	kirkland: why not using -d for description?	15:44
kirkland	mathiaz: i think i got something weird on Debian or elsewhere when i used -d	15:45
kirkland	let me check ...	15:45
kirkland	mathiaz: had to look it up ....	15:48
kirkland	mathiaz: lsb_release -d on debian says: "Debian GNU/Linux 5.0 (lenny)"	15:48
kirkland	mathiaz: someone from debian complained that that was too many chars	15:48
kirkland	mathiaz: i can special-case it for us	15:49
mathiaz	kirkland: hm - it's just cosmetic I think	15:50
mathiaz	kirkland: if it requires too much code it may not be worth	15:51
kirkland	mathiaz: it'll be trivial to fix	15:51
kirkland	mathiaz: if you open a bug, i'll fix it ;-)	15:51
sbeattie	kirkland: heh, on my opensuse server (that will get replaced soonish), it shows up as '"openSUSE 10.3 (i586)"' (double-quotes included)	15:54
kirkland	sbeattie: yeah, i'm going to special case it	15:56
sbeattie	Oh, that was with -d	15:56
kirkland	sbeattie: distros that have concise+informative -d, and others that need to be -r -i	15:56
kirkland	mathiaz: this status notification does not run frequently, so we can do more work in it	15:56
kirkland	mathiaz: as opposed to the load and mem ones, which run every 2 seconds... those have to be fast	15:57
=== Ethos is now known as betterthanrys
=== betterthanrys is now known as rysprick
=== rysprick is now known as Ethos
mathiaz	dantalizing: what's the state of openvz in jaunty?	16:42
jpds	kirkland: There doesn't seem to be a way to make termcapinfo and altscreen play together.	16:43
kirkland	jpds: bummer ...	16:43
jpds	kirkland: Also altscreen only wipes the screen for stuff like vim	16:44
kirkland	jpds: is this documented anywhere?	16:44
kirkland	jpds: ie, did you find others hitting this issue?	16:44
jpds	Removing the termcapinfo wipes the screen on detach/close.	16:44
kirkland	jpds: but not stuff like .... what?	16:44
kirkland	jpds: i was using "ls -al" in my tests	16:44
kirkland	jpds: and it was wiping that	16:44
jpds	kirkland: No, I asked in #screen	16:44
kirkland	jpds: is there some way we can modify the termcapinfo to play nice?	16:44
jpds	Not that they told me of :(	16:45
kirkland	jpds: is there an open bug against screen?	16:45
kirkland	jpds: can we open one against screen?	16:45
kirkland	jpds: or is this "by design"?	16:45
kirkland	jpds: we're carrying a couple of trivial patches against screen, both of which have been accepted upstream, i think	16:46
jpds	kirkland: My guess is that it's by design.	16:48
scope006	can ayone point me in the right direction for some best practices on keeping logs well managed and under control in ubuntu server?	16:48
scope006	i want to have some control over how long i keep various old logs files etc	16:48
mathiaz	jdstrand: have you tried to use virt-manager + kqemu on jaunty?	16:49
kirkland	jpds: okay, leave the bug open, paste your findings or irc log	16:50
kirkland	jpds: i'll take a look at the screen source at some point when things settle a little bit	16:50
kirkland	jpds: i'll see if i can find something that work s;-)	16:50
kirkland	mathiaz: thanks for bringing up the updates-refresh question ...	16:52
kirkland	mathiaz: i just verified that it's working properly on jaunty, where apt upgrade is properly hooked to update /var/run/updates-available	16:52
jdstrand	mathiaz: not for a while, no	16:57
jmedina	scope006: I like to use remote syslog servers, I have used syslog-ng for log rotation and archiving	16:58
jmedina	there are some web interfaces for searching in the logs	16:58
jmedina	syslog-ng can archivo logs in database so you can use syslog-ng php or something	16:59
scope006	jmedina syslog-ng... ok cool ill look into that	16:59
jmedina	I think there is a new syslog daemon, it is used in fedora	16:59
scope006	im also looking at the logrotate.conf file atm as well to see what is setup out of the box	16:59
jmedina	syslog-ng can rotate logs by itself	16:59
scope006	hmmm	17:00
scope006	interesting	17:00
jmedina	but most important, be sure you understand log facilities and priorities	17:00
jmedina	you can use sysklogd to send logs to a remote syslog-ng	17:00
jmedina	sysklogd only uses UDP	17:01
uvirtbot	New bug: #343357 in samba (main) "Errors on file append on CIFS mounted Apple Time Capsule" [Undecided,Invalid] https://launchpad.net/bugs/343357	17:01
jmedina	syslog-ng can use udp + tcp	17:01
giovani	syslog over tcp typically isn't used	17:01
jmedina	I like syslog-ng because has a log of filtering capabilities	17:01
scope006	interesting	17:01
jmedina	giovani: yeap, it is just an option, some poeple think it is good	17:02
scope006	im going to do some reading up on it then	17:02
giovani	jmedina: yep, it has its uses -- high-volume logging, where order and delivery are critical, tcp should be used	17:02
scope006	right now i haven't tweaked any rotation/pruning	17:02
scope006	just using logwatch to email me changes each morning	17:02
giovani	but low-volume, or sporadic logging (like say, from a voip handset) should always be udp -- tcp adds too much overhead	17:02
jmedina	giovani: that is a a good use	17:02
jpds	Anyone know why apparmor is just failing for me? http://paste.ubuntu.com/139077/	17:03
scope006	and am using a custom script to rotate my apache logs when i want it to happen and then issue a graceful restart	17:03
jmedina	there is good web interface I dont remember, it used to be in sourceforge banners	17:03
jmedina	:S forgot the name :S	17:03
jpds	Also, I'm getting errors from a null-complain-profile - no idea where that is coming from though.	17:03
scope006	giovani that makes sense	17:03
sbeattie	jpds: cat /proc/self/attr/confined ; you're likely working under a shell that got an apparmor complain profile attached to it.	17:04
sbeattie	(it won't let you load policy in that case)	17:04
jpds	sbeattie: Oh, right! That file doesn't exist either..	17:05
sbeattie	there's an upstream fix that reports a better error message, but that didn't make it into jaunty.	17:05
dantalizing	mathiaz: we werent able to get any focus on jaunty from openvz	17:05
sbeattie	jpds: duh, sorry, tired, /proc/self/attr/current	17:05
dantalizing	mathiaz: but we're going to have for karmic in prep for the next lts	17:06
jpds	sbeattie: "null-complain-profile (complain)"	17:06
jpds	sbeattie: Must be the usr.sbin.sshd profile I added.	17:06
mathiaz	dantalizing: sounds like a good plan to me.	17:06
sbeattie	jpds: yes, that would do it.	17:06
mathiaz	dantalizing: any info on whether openvz will be included upstream?	17:07
jpds	sbeattie: OK, thanks a lot.	17:07
sbeattie	jpds: you should be able to do 'sudo sh -c "echo -n unconfined > /proc/$$/attr/current"' to let your current shell reload policy	17:09
scope006	jmedina: it looks like out of the box logrotate does a lot of default archiving and "pruning" for you with various logs	17:10
Pubnum	Howdy	17:10
Pubnum	cetan_hota: care to take the floor?	17:10
cetan_hota	Afternoon all. Having an issue with 9.04 mounting an iso image from VMware. If I attempt to mount the iso image thats on the host in my 9.04 guest, all that happens is the File Bowser opens over and over..	17:11
Pubnum	and over and over...	17:11
Pubnum	I am a confirmed second victim of this issue	17:11
dantalizing	mathiaz: not that i'm aware of .. iirc the latest kernel they're supporting is 2.6.26	17:12
cetan_hota	I can move a iso image into the guest and mount it without issue.	17:12
jpds	sbeattie: Does $$ get autoreplaced? Setting it to the shell's PID doesn't let me reload profiles.	17:12
sbeattie	$$ should be the shell's pid as well, but hrm.	17:13
sbeattie	what does it contain after you do that?	17:13
jpds	sbeattie: Same, null- ....	17:14
uvirtbot	New bug: #349743 in postfix (main) "package postfix 2.5.5-1.1 failed to install/upgrade: " [Undecided,New] https://launchpad.net/bugs/349743	17:15
sbeattie	jpds: duh, sorry again; try 'sudo sh -c "echo -n setprofile unconfined > /proc/$$/attr/current"'	17:17
sbeattie	(note the added setprofile statement)	17:17
jpds	sbeattie: It doesn't seem to be able to write to the file.	17:19
lamont	mathiaz_: around?	17:53
fevel	hello	19:02
fevel	does anyone know the software heartbeat?	19:03
RoAkSoAx	felipe_, i do	19:07
jmedina	anyone here using openvpn 2.1 with UP/DOWN scripts or plugins?	19:10
jmedina	probably using script-security option	19:10
jmedina	I think I found a bug in openvpn iniscript in intrepid	19:11
RoAkSoAx	jmedina, you could check in launchpad if the bug is reported, or you could report it yourself	19:13
jmedina	RoAkSoAx: thanks I'll do	19:14
RoAkSoAx	np :)	19:14
=== ScottK2 is now known as ScottK-desktop
uvirtbot	New bug: #343046 in mailman (main) "list_lists crashed with ImportError in <module>() no module names email.messages" [High,Confirmed] https://launchpad.net/bugs/343046	19:31
=== hessml\|away\|away is now known as hessml\|away
=== hessml\|away is now known as hessml\|away\|away
=== hessml\|away\|away is now known as hessml\|away
mattofak	hi all; i'm attempting to setup media wiki to authenticate against my AD server, i think I have it mostly figured out, but does anyone know how to install a new root CA for OpenSSL so that LDAPS works?	21:05
mathiaz	mattofak: you wanna look at the ca-certificates package and its update-ca-certificates command	21:40
mathiaz	mattofak: once you've added the new root CA to the ca-certificates infrastructure, you'd have to configure you media wiki system to use the ca certificates.	21:41
mattofak	mathiaz: I'm in the process of writing those config files now, but wouldnt i just tell it to use an LDAPS bind, and then OpenSSL takes care of the rest so long as i have the root cert installed	21:42
mathiaz	mattofak: you have to configure the ldap client to trust the ca certificates ca	21:43
mathiaz	mattofak: and starting from hardy, libldap (openldap) is using gnutls rather than openssl.	21:43
mathiaz	mattofak: the system-wide configuration file for the ldap client library is /etc/ldap/ldap.conf	21:44
mathiaz	mattofak: this is where you set the TLS_CACERT option to the list of ca certificates that should trusted.	21:44
mathiaz	mattofak: this is where you set the TLS_CACERT option to point to a file holding all the ca certificates that should be trusted.	21:45
mattofak	ok, i see where you're going with that	21:46
mattofak	mathiaz: it appears i have some problems in media wiki itself, so i need to work that out before i can see if LDAPS works, but that you for setting on the right path	21:55
PotterT\|VF	I am trying to use a vpn script created for redhat variants (using if-up/if-down and ifcfg-vpn0) any one know of any easy changes that could be done to adapt it for ubuntu server?	21:57
PotterT\|VF	or debian servers in general i guess	21:57
uvirtbot	New bug: #349919 in openssh (main) "ssh client sometimes hangs" [Undecided,New] https://launchpad.net/bugs/349919	22:01
jahor	hello, anyone know about some tool like lintian for checking server configuration (something like checking all disk partitions are in nagios configuration, regexp based check of some config files etc)	22:01
=== hessml\|away is now known as hessml\|away\|away
thierry_	hi, I'm new to the server world, I'd like to know if you could point me some ressource on how to set up a ubuntu server on a home network so that it will be visible from outside this network too	22:29
Deeps	www.portforward.com	22:30
thierry_	(I already have ubuntu server installed, I'm just clueless on how to make it work with a domain name, ssh, etc...)	22:30
friartuck	thierry_ you could start here: https://help.ubuntu.com/8.10/serverguide/C/index.html	22:32
thierry_	friartuck : yes I was looking at it before asking my quesion, it seems handy but I also lack the theory to understand stuff like "Why should I need a static IP" or "What is a subnet mask?"	22:33
friartuck	thierry_ this is a chat-room chief. you need a book. running a server is not a 5 minute discussion.	22:34
thierry_	friartuck : alright, then could you point me any good book?	22:35
thierry_	friartuck : I mainly try to set up my server to learn while doing it so reading books on the subject would be great I think	22:36
friartuck	thierry_ here's a start http://www.amazon.com/Beginning-Ubuntu-Server-Administration-Professional/dp/1590599233 . that publisher is Apress. another good publisher is http://oreilly.com	22:38
thierry_	friartuck : I did a fast search this morning on oreilly and found mainly stuff about windows server... do you have some title related to unix server? I know that at some point I should look at Apache, but before that?	22:40
thierry_	friartuck : and by the way the book you first proposed seems awesome, I'll buy it	22:42
jmedina	I always recomend read official documentation, then go to you rdistribution and lear here things are located	22:43
jmedina	but for background always reading official documentation	22:44
jmedina	for DNS bind there is https://www.isc.org/software/bind/documentation	22:44
jmedina	with a good howto and good backgrond about DNS system	22:44
jmedina	for apache http://httpd.apache.org/docs/	22:44
jmedina	with alot of howtos and good references	22:44
jmedina	and for other proyects it the same	22:45
friartuck	jmedina true, he's asking what a static IP is though...hence pointing to some books	22:45
jmedina	I like Oreily TCP/IP Network Administration	22:46
jmedina	it is based on linux good example and good tcp/ip background	22:46
thierry_	k I'll look at that	22:46
jmedina	I learn TCP/IP from that book	22:46
jmedina	I think first release was based on solaris and slackware	22:46
jmedina	now is more redhat but theory and exercices are very good, good diagrams	22:47
thierry_	just so you know, I'm already fluent in C++/C, perl and many other langage (I even did google summer of code last summer) but I'm total newbie concerning servers	22:47
thierry_	jmedina , friartuck : thanks a lot for the references, I have to go	22:49
PC_Nerd	Hi, tcpdump to a specified file makes the file an "application/octet-stream", so how can I then open that for reading \|\| what is that file containing? ( I'm trying to "catch" all packets through my local server)	23:26
=== hessml\|away\|away is now known as hessml\|away
friartuck	PC_Nerd tcpdump uses pcap file format. you can use wireshark to open pcap files.	23:28
PC_Nerd	ok thanks!	23:28
olcafo	I find it fun to read with vim. ;)	23:29
friartuck	olcafo hm, never tried that.	23:29
PC_Nerd	of course "cat networklog" tends to screw up doesnt it ( mime)! lol	23:30
olcafo	just the other day I made a file and did a search with vim to revael that a client's website login wasnt' secure... worked like a charm.	23:30
friartuck	olcafo just tried that...I wouldn't say it "works like a charm".	23:32
olcafo	shrug	23:33
olcafo	a, right. that's right, after tinkering around I used wireshark to create the file and then browsed it with vim.	23:37
friartuck	ha ha.	23:37
olcafo	things start to slip out of memory these days.	23:37
friartuck	anyone do away with tapes? disk-to-disk or sending hdd offsite?	23:39
PC_Nerd	is there a good packet sniffer (open source	23:39
olcafo	I was just looking into that for a client a few weeks back.	23:39
PC_Nerd	that would allow me to write the packet info to a file for other programs to read ( but not in pcap file format) - txt or something similar	23:40
PC_Nerd	* want to be able to log how much traffic goes through given ports etc....	23:40
friartuck	PC_Nerd um, maybe you should look at cacti for historical trending. paketsniffers aren't really good for that. if I understand you.	23:41
olcafo	friartuck, offsite backups over the internet make a lot of sence for small companies who don't change many files during the day.	23:41
PC_Nerd	ok, nagios is too "complex" for my liking, and I want to be able to put all the data in my own application (which is graphs etc on a web page)..... does cacti do that and if not what might?	23:42
friartuck	PC_Nerd cacti and nagios are not the same animal. nagios is up/down monitoring, cacti is historical trending. mrtg will allow you to put graphs where you want but requires heavy html knowledge.	23:43
olcafo	fiartuck, the solution we came up with was quite simple: take a snapshot and send it offsite, after that you just run a script that makes a copy of the changed data during the day, put it all in an encrypted zip file and ftp it to the backup server.	23:44
olcafo	and sycn it back up offcourse.	23:44
PC_Nerd	I know html very well.... but I want a raw data output ( like a csv or plain text) so that multiple applications can read from the same source.	23:44
PC_Nerd	I specifically dont want to just read a graph into html, because I will be comparing network data/bandwidth to other stats from apache and other server apps.	23:45
friartuck	PC_Nerd mrtg and cacti use rrd database. you should look into that.	23:45
PC_Nerd	thanks, will do	23:46
friartuck	olcafo yeah, I guess that's only a bitch if you have to do a full restore.	23:47
olcafo	friartuck: even then, this perticular site only hase about 20GB of data (small office!), we keep the zip files on the server for a couple of weeks for versioning. the only thing I haven't figured out is how to properly backup Exchange (cheaply that is).	23:49
friartuck	olcafo nice. I'm looking for a 5-10TB solution. probably go with hot-swap drives and special transport caddy's. just don't like tapes...	23:51
olcafo	friartuck: one of my sites has 10TB data storage NASs, the data there is static enought that we only back it up to take quarterly (DLT S4 1.6TB tapes). But yeah, pain in the ass.	23:54
olcafo	*tape, not take	23:54
olcafo	backing that much data offsite is not really an affordable option without tapes.	23:55
Deeps	faster net connection? :D	23:55
olcafo	Deeps: haha. this sites' only internet option is 5Mbs!	23:56
olcafo	bad location.	23:56
friartuck	ha ha...sir...you need a ds3 so I don't have to deal with tapes. heh heh.	23:57
jmarsden	olcafo: You can use the old ExMerge program to export Exchange email into PST files and automate that; it's not 100% "proper", but it is definitely "cheap"... combine that with a scheduled ntbackup of the whole Exchange db and you're reasonably OK in a small office setting, I would think?	23:58

Generated by irclog2html.py 2.7 by Marius Gedminas - find it at mg.pov.lt!