=== hessml|away is now known as hessml|away|away === hessml|away|away is now known as hessml|away [01:41] what is the purpose of LTSP chroot? === hessml|away is now known as hessml|away|away [01:42] dustin: Huh? [01:43] setting up ubuntu server 8.10 and there is an option to enable LTSP chroot and I was wondering if I need it [01:46] well if nobedy here uses it I will assume that it is not necesary [01:46] I'm just having a little look-see. Gimmie a mo. [01:48] dustin: LTSP is the Linux Thinclient Server Project [01:48] dustin: unless you are setting up a thinclient server, you don't need LTSP [01:48] dustin: I'm not familiar with it, but it appears to relate to the LSTP client builder. I'm *guessing* that it is to allow you to chroot to the client image, so you can update it and modify it without affecting the server itself, but I may be wrong. [01:48] dustin: As twb says, if you're not using LTSP, then no. [01:49] ok that makes sence [01:50] is there a command line method to fix my grub it didnt burn right onto the disk [01:50] dustin: there is. [01:50] dustin: are you sure grub is at fault? What are the symptoms? [01:51] during install the disk flagged an error loading grub [01:51] as in installing [01:52] but if I can run a live cd and fix it after installing I think that I can work it out [01:52] Hmm, are you still in the installer? [01:52] yes [01:52] Switch to vt4. [01:53] Can you see anything about grub there? [01:53] ah point!! [01:53] brb [01:55] beautifull grub didnt get installed on the disk my burner is doing some of the wierdest stuff [01:55] at least this coppy had the base system on it :) [01:55] Perhaps you're trying to install grub on the wrong device? [01:56] it didnt offer an option but I would think that its target is md0 which is my root [01:58] The target should be the disk itself, not a partition or md device [01:58] wow I have had so many difficulties with this install........................................but it will be well worth the effort [01:59] And as a trick for new players, if you need to be able to boot from either drive if the array fails you need to manually copy the boot-block across too. [01:59] Unless there is a better way that I don't know of :) [02:01] laemmy guess.........I shoulda partitioned for two virtual md devices and dedicated one as a /boot partition [02:01] that way I would have my /boot on two drives in its own little place [02:02] or am I miss reading you? [02:03] dustin: are you using RAID5 or RAID1? [02:03] raid1 [02:03] dustin: then it ought to work... [02:03] this is a very small server [02:08] wow I just found out that apt-get isnt available in install bash [02:19] ok I have a command line how do I install and configure grub from there [02:19] I also have apt-get [02:22] dustin: chroot into the root filesystem (probably /target). [02:22] Oops, sorry. [02:22] Don't do that. [02:22] Instead, grub-install --root-directory=/target /dev/sda, where sda is the appropriate disk. [02:22] lol [02:22] You may need to use --recheck. [02:22] you guys have any suggestions for creating minimal chroot environments for users? [02:22] debootstrap seems a bit overkill [02:23] mattt: define `minimal'. [02:23] twb: ls, cat, find, tar, vi,e tc. [02:23] mattt: debootstrap creates a chroot that contains the minimum necessary to be a policy-compliant Debian system. [02:24] mattt: debootstrap --variant=buildd probably gets you what you want, more or less. [02:24] mattt: though I think it defaults to standard, not minimal [02:24] infinity: thanks. [02:24] ok, thanks guys [02:24] infinity: is that also what pbuilder uses? [02:24] otherwise, i've seen jailer, which seems another option [02:25] twb: Probably. I don't use pbuilder. [02:25] mattt: you should be aware that chroot(2) offers *zero* protection to your host system against the root user within the chroot. [02:25] twb: (As the buildd maintainer, I use sbuild and chroots identical to the buildds...) [02:25] infinity: fair enough [02:25] twb: bash grub-install: not found [02:26] dustin: yeah, OK, so you haven't got grub. You do need to chroot into target [02:26] mattt: if you want a secure chroot-like system, I suggest you look at xen and/or openvz. For more complete virtualization, there is kvm. [02:27] twb: heh, well ... this is actually going to be used on a domU :P [02:27] mattt: OK, no worries [02:27] twb: well, there are still issues ... because the domU runs stuff that i don't want the chroot to see [02:27] twb: this may sound stupid but what is the command for the chroot [02:28] dustin: chroot /target, I think [02:28] thats what I thought but wanted to confirm b4 messing up [02:30] twb: bash: chroot: cannot change root directory to /target: no such file or directory [02:31] dustin: OK, you need to work out where it's mounted [02:31] dustin: look at /proc/mounts [02:31] twb does this install have you agravated yet ;) [02:31] dustin: nope. [02:32] well this might-- I am root and do not have permission to /proc/mounts [02:33] should I cat /proc/mounts [02:33] That's what I said. [02:33] ok then I misread u [02:34] I see things that are wrong??????????? [02:35] Insufficient data. [02:35] md0 is showing as ext2 and it is formatted to ext3 [02:35] That is OK. [02:36] ok as long as u agree with it I will over look that part does it matter that it is reporting errors [02:36] dustin: what errors? [02:36] dustin: also, please use punctuation and capitalization appropriately. [02:38] line reads /dev/md0 / ext2 rw, errors=continue 0 0 (maybe I am freaking out and missreading) [02:39] dustin: that says "if you see an error, continue". [02:39] dustin: it doesn't mean there ARE errors. [02:39] I have been staring at this screen for 12 hours now so it is entirely possible that I am just freaking out [02:40] I am now confused as to what environment you are in. [02:40] I thought you were in the installer still. [02:41] after installer failed to load grub I started in rescue mode so that I could access a command line [02:41] dustin: you mean that you ran the install CD in rescue mode? [02:41] as far as I can tell I am in a "safe mode" command line [02:42] Please just answer the question. [02:42] I am in rescue mode "NOW" [02:43] would you like me to start from the beginning and reload from the start because I have nothing to loose by doing so [02:44] twb: I am sorry for anny confusion I may have caused jumping around [02:45] I am having a bit of a day [02:45] dustin: OK, please confirm that /usr/sbin/grub-install doesn't exist at the moment. [02:46] confirmed [02:46] dustin: OK, is /usr/sbin mentioned in "echo $PATH"? [02:48] yes [02:48] That's weird [02:48] 12:29 twb: bash grub-install: not found [02:49] twb: He said it wasn't installed. [02:49] twb: (He confirmed its nonexistence...) [02:49] infinity: if it's not installed, then why is it in his path? [02:49] That's a pretty fundamental contradiction [02:50] 19:45 < twb> dustin: OK, please confirm that /usr/sbin/grub-install doesn't exist at the moment. [02:50] 19:46 < dustin> confirmed [02:50] He comfirmed that it doesn't exist. [02:50] Oh sorry, brain fart [02:51] dustin: can you check if lilo exists in any of the directories in your $PATH? [02:51] dustin: don't run it, I just want to know if it's there [02:51] its ok I have had to tripple confirm these errors to myself becouse I dont believe it [02:51] dustin: actually, you can just do "dpkg -l \*lilo*" and see if it has "ii" on the left [02:53] output of $PATH= /sbin:/usr/sbin:/usr/bin [02:56] "| status=not/inst/Cfg-files" ect [02:57] last was dpkg output [02:57] dustin: yes, there should be a line at the bottom of dpkg's output saying either "ii" if it's installed or something like "pn" if it isn't. [02:58] is "un" the one u want? [02:58] OK, interesting. [02:58] dustin: that means you have somehow managed to install this system without ANY bootloader. [02:58] if I seem choppy or inattentive its becouse I run both my server and my desktop on the same monitor [02:59] yes!! [02:59] that is correct [02:59] dustin: well, that wasn't established before. [02:59] dustin: it might have been installed, but not installed into the MBR properly. [02:59] sorry I am a bit off today [02:59] No problem. [03:00] it might be the lortabs after my knee surgery [03:00] dustin: what you need to do now is get grub installed. That means getting either the install CD or the network working, then doing an "apt-get install grub". [03:00] I will apt-get it [03:00] brb [03:02] "grub has no installation candidate"..........*moans* [03:02] dustin: edit /etc/apt/sources.list. [03:02] dustin: there should be a commented-out reference to the CD. [03:16] twb: Perhaps he didn't like your bed-side manner? [03:16] owh: hmm? [03:17] twb: The person you've patiently been helping for the past hour and a half. [03:18] Hi, how do I unmount a harddrive? [03:19] matthew-21: In what context? [03:21] matthew-21: As-in, what are you trying to do. The unmount command is umount, but if you're asking, I'm guessing that's not what you're looking for. [03:28] my isp is about to get an earfull [03:28] dustin: do you think that will help? [03:28] twb: u still on? [03:29] I cant exit my editor....................................I have never used it b4 [03:29] no I was typing into irc and found out that I was disconnected [03:29] Describe the editor. [03:30] how do I save and exit vim? [03:30] I wish to know if it is nano or vi. [03:30] its the newer version of vi [03:30] dustin :x [03:30] Type ESC :q RET [03:32] dustin save and exit=:x . exit without save=:q! [03:33] I still cant install grub even with cd enabled [03:34] I think it is missing from the disk [03:34] dustin: After uncommenting the source, did you run apt-get update? [03:34] I felt like I missed something [03:37] Sorry, yes, you will need to run apt-get update. [03:38] You may also need to run apt-cdrom, IIRC it is particularly stupid about that. [03:38] when I ran that update I was informed about apt-cdrom [03:39] grub is unpacking huray!!!!! [03:41] ok now to configure grub [03:41] how do I check it to verify its current settings [03:42] twb: can you walk me through grub settup in command line [03:43] dustin: May I suggest that you do some reading on the subject? [03:44] dustin: you should be able to just run "grub-install /dev/sda", where sda is the appropriate disk [03:44] ok [03:44] Actually, that might not work. Try it and see. [03:45] twb: With an array? [03:46] it seems to have liked that command [03:46] I am going to reboot and see how it goes [03:50] well thats a N/G but I am going to rub my eyes and take ten after that I will read the grub man file and try again [03:51] thank all of you for your help and tollerance [03:55] How do I give users user quotas for home dir? [03:57] matthew-21: you need to install the quota package, then mount /home with -o usrquota, then generate an initiate quota database. [03:59] twb: You mean initial right? [04:01] Okay, I've installed the quota package, now how do I give them a certain quota to use? lol [04:02] I mean so they can only upload a certain amount of stuff. [04:03] owh: yes [04:03] matthew-21: oh yes, you also need to allocate each user a quota -- otherwise it won't be enforced [04:03] What are the commands to do this? [04:04] quota or edquota, IIRC [04:04] dpkg -L quota | grep bin/ will tell you [04:05] matthew-21: You could just click on the first link of this google search "linux home dir quotas" and read the whole thing from start to end. [04:07] would this quota system work if I was using an external harddrive? like giving them a quota on the harddrive. [04:07] matthew-21: Well, it likely depends on how you've mounted that drive. [04:09] matthew-21: If the external hard drive changes, you're possibly going to run into issues identifying which drive it is. If the drive is just in an external case, but always there, it makes no difference. [04:10] I typed this. "mount -t vfat /dev/sdb1 /var/www/tb/" [04:10] The quota system doesn't care WHERE the drive is, only that it is mounted with -o usrquota [04:10] Quotas may not work with vfat. [04:10] I suspect that it doesn't support vfat. [04:10] and then link it to a folder in the users home dir. [04:10] Do not use FAT, as it is a bloody awful filesystem [04:11] matthew-21: quotas do not span disks. [04:11] matthew-21: if you're trying to put quotas on, say, ~user/public_html, and public_html is a symlink, then you need to set up quotas for the place that public_html points to. [04:11] matthew-21: Let me suggest that you take a step back and actually describe what you're trying to do and how it's currently setup, because from what I'm reading here, there are some serious problems. [04:15] I have an external harddrive, that I am leaving plugged in to the server all the time. I want to set up quotas on it, and so far iv mounted it using the command "mount -t vfat /dev/sdb1 /var/www/tb" I'm just wondering how to prevent users from taking up the entire harddrive laughs. [04:15] matthew-21: That does not appear to be the whole story because you're mounting it related to the web-root but sym-linking to a user. [04:16] I haven't done that yet, I was checking here before I did anything else. [04:17] matthew-21: So, how are the user accounts related to the web-root? [04:17] matthew-21: Is the external drive ever used anywhere else on another machine? [04:18] it was before, but I'm trying to make it into a server drive. [04:19] matthew-21: What about the user home directories and their relationship to the /var/www/tb tree? [04:19] I want the files that users upload to be accessible on the internet, that's why I add in web-root. [04:20] matthew-21: I'm guessing there are multiple users? [04:20] yes [04:20] matthew-21: Are all their files going to be uploaded into the same directory? [04:21] no [04:22] matthew-21: So, how does that answer relate to linking their home directories with a sym-link to /var/www/tb ? [04:22] I would create seperate folders as I gave users space. [04:23] matthew-21: So, how would the structure look? [04:23] like if there was a user named bob, the tree would be /var/www/tb/bob [04:24] matthew-21: In addition to that structure, /var/www/tb/{username}, do the users also have /home/{username} [04:25] ah, how would I get quotas for each folder though? [04:25] matthew-21: It's per drive, per user/group [04:26] matthew-21: Read this: http://www.linuxhomenetworking.com/wiki/index.php/Quick_HOWTO_:_Ch28_:_Managing_Disk_Usage_with_Quotas [04:30] is there a way to do this without partitioning? [04:31] matthew-21: Well, the external drive is a partition all by itself. [04:32] ah, I see. do I need to edit the /etc/fstab file? [04:32] Yup [04:32] or can I just say external harddrive is partition. [04:33] matthew-21: fstab is a mechanism to automatically mount a drive. I suppose you could manually mount it each time you reboot, but after a power-failure/reboot, the mount would not be there. [04:34] Normally you should refer to external drives' filesystems by UUID. [04:35] For FAT, I believe this is an eight-byte string XXXX-XXXX. [04:36] I gotta say that using FAT for a server mounted drive that is intended to support quotas and be served as a web-volume make little sense to me. [04:37] I would format the drive, but I have stuff backed up onto it and cannot put the files anywhere else. [04:38] matthew-21: if you aren't using RAID, then you have a SPOF already [04:38] ? what do you mean. [04:38] You ought to go buy a second disk, and RAID1 them. During that transition you could also convert the filesystem. [04:39] SPOF == Single Point Of Failure [04:39] matthew-21: I mean that if that hard drive dies (the Single Point of Failure) then you have lost that data forever [04:39] ah [04:41] okay, I would like to ask a different question if that's okay with you, how would I authorize my website so people would need a username and password to log in to the actual website? [04:41] I think that it is possible. [04:42] But I am not sure. [04:43] thank you for your help though, I really appreciate it. [04:43] matthew-21: that depends on a large range of factors. [04:43] I don't want anything really secure, just a way to secure apache and my site a bit. [04:44] Those phrases are rather contradictory. [04:45] matthew-21 http://ubuntu-tutorials.com/2007/10/06/limiting-access-to-websitesdirectories-with-htaccess/ [04:45] matthew-21: The moment your server is connected to the 'net, it's waiting to be compromised. A "little bit" of security is not a sensical statement. [04:47] You could, for example, only allow access to the website when connecting over an encrypted VPN (which you would set up). [04:47] You need to ask questions like "what is the threat model?" [04:49] twb: I'm not sure that what you're saying is meaningful in the context. I agree, but I don't think it helps. I've been struggling to communicate these same concepts in other channels, "How do you help those without any meaningful background." [04:50] I'm trying to find out which port LTSP listens on cause I thought tftpd-hpa has to be running but I can't find an instance of that process. Anyone have some info? [04:50] twb: It's the phenomenon of: "This cannot be that hard, look, I can run the installer and it all just works." [04:51] twb: Unfortunately computing isn't quite yet as developed as say driving a car. [04:52] centaur5: Isn't it run by an inetd process - in which case, it's likely in /etc/services [04:54] owh: Interesting, tftp is port 69 but netstat doesn't show anything waiting on that port. How does that work? [04:55] owh: haha, "explanations are hard so we resorted to car analogies" [04:55] centaur5: Hmm, does it work? As in, if you telnet to port 69, do you get a response? [04:55] centaur5: inetd should be listening to that port. [04:56] twb: car analogies can be used for almost anything :) [04:56] twb: If you have a better analogy, I'm all for it. [04:56] "security analysis isn't as easy as falling over" [04:57] "Just because you can catch a ball doesn't mean you understand differential calculus" [04:57] twb: Right, that's all fine, but how do you explain that to someone who comes to you with a differential calculus question without the knowledge to understand the answer? [04:58] owh: well the comments above are first meant to help the guy understand that he really doesn't know differential calculus [04:59] One they understand that they don't understand, you can move onto phase #2: gettin' some schoolin' [04:59] I lecture at a university. I find analogies to be highly effective at times. [04:59] And did you see evidence of this "moving to phase #2"? [05:01] PhotoJim: lecturing to filthy, delinquent undergrads, or lecturing to humans? [05:02] When I spend time in IRC, I find I'm trying for a balance between telling the person asking the question what the answer is and explaining where to find the answer. It's easy just to give the answer, but over time it takes more time. [05:02] Nod. [05:03] twb: All human, few filthy, very few delinquent. [05:03] I used to run a helpdesk and I spent many months arguing that teaching users was cheaper than helping them. Over time management began to see a drop-off in the number of calls because users began to get a clue. Until this happened though, the call stats were abysmal. [05:04] owh: short term pain for long term gain, as they say. [05:04] PhotoJim: lucky bastard. [05:04] twb: some students are a challenge of my patience, and some are a true pleasure. but that is true of most groups of humans. [05:05] twb: I respect that you are trying to show that a VPN is one approach, all I was doing was questioning if the person whom you were giving the advice to understood even the words, let alone the concepts. [05:05] PhotoJim: Yup. [05:06] A few months ago I started composing an email to ubuntu-devel-discuss about this phenomenon. As Ubuntu becomes more popular, we run the risk of being drowned in requests for help. [05:07] the Internet is a good example of that sort of effect. [05:07] That is, it might get to the point where we couldn't help despite our best efforts because there was too much need to get help. [05:07] PhotoJim: Yeah, and it's getting worse. [05:07] yes, that's true, although in defense of it, we wouldn't have multi-megabit cheap broadband if hardly anyone were on the Net. [05:07] PhotoJim: More an more people yammering for help, less and less actual help available. [05:08] yes, true. [05:08] PhotoJim: And more and more dis-information. [05:08] The internet is beginning to be a race to the bottom. [05:08] PhotoJim: here undergrads are mostly at university to drink and have promiscuous sex, AFAICT :-/ [05:08] They should all be locked up. [05:08] twb: I teach fourth-year business students. the horny clueless ones have dropped out by then. :) [05:09] I saw a forum recently where the answer voted by the forum members as being the most helpful was in-fact incorrect and the answer that was actually correct was voted down as being not relevant. [05:09] i have ubuntu serve and i am a newby. i have some question and hope somebody can help? [05:09] owh; heh. that's discouraging. [05:09] * owh was gob-smacked. [05:10] Rafael: Sure, ask away. [05:10] owh: well, forums are for people who are too stupid to use usenet. [05:10] (Assuming you mean web forums.) [05:10] twb: Hmm, I'm a list-moderator on a large list and we continually get requests to "upgrade" to a web-forum. [05:11] Smack them with gmane.org [05:11] twb: "No, don't you understand, that's not the same." "We want a web-forum with whim's and upload and..." [05:12] any bash gurus here? :) [05:12] 1) i am trying to connect server to 3 window computer..i am assuming i hve to use samba..my first question is the following...can a network storage adapter be conected to a router and make backups of the data of server as windows documents? [05:12] mattt: That just depends on the level of guru required - specifically, what the actual question is :) [05:13] owh: any idea why this doesn't work? bins="cp,ls"; for x in /bin/{$bins}; do echo $x; done [05:14] mattt: Separate it with a space. [05:14] mattt: The delimiter isn't a comma. [05:14] 2) any advise of any network storage enclosure that will connect to the server without any problem, and also if i would like to connect one at home how can i do this? [05:14] owh: what i'm looking for it to do is echo /bin/cp and /bin/ls, not /bin{cp,ls} [05:14] err /bin/{cp,ls} [05:15] mattt: Yes, I understand that, bins="cp,ls" is delimited with a comma. [05:15] owh: space doesn't work ... and this does work "for x in /bin/{cp,ls}; do echo $x; done" [05:16] Rafael: few network enclosures, especially at the low end, support Linux networking. A cheaper way to accomplish that goal is to use a USB2 enclosure that you can use with native Linux filesystems. [05:16] mattt: bins="a b" ; for a in $bins ; do echo $a ; done [05:16] Rafael: there are higher-end drive enclosures that are called Network Attached Storage that will do Linux filesystems and networking natively, but they cost a lot more than ones that do Windows networking. [05:16] owh: but if i have a common prefix (/bin in this case), /bin/{cp,ls} is a bit tidier [05:17] USB2 is pretty slow, though. [05:17] owh: but i see what you're getting at [05:17] eSATA sounds sexy, but I haven't tried it myself [05:17] twb: the SMB drive enclosure I have is slower than USB2. [05:18] PhotoJim: haha [05:18] mattt: echo /bin/{cp,ls} [05:18] eSATA is great, if you can get compatible stuff. the only time I've tried it, the drive I got, combined with the enclosure and SATA card, wouldn't talk. [05:18] twb: could be the speed Linux does SMBFS, perhaps. but the enclosure is painfully slow. [05:19] ITYM CIFS [05:19] PhotoJim: sorry for my ignorance..the server (linux) is going to safe for example word documets, then if i am using samba, shouldnt it be windows compatible so it can safe in word format. ie..server goes down i can have windows computer look into enclosure and still read documents? [05:19] twb: I use rsync, USB2 is plenty fast :) [05:19] [05:19] USB2 isn't great but it's not awful either. USB1.1 is awful. :) [05:19] owh: I'm comparing the speed of USB2 to the speed of e.g. the SATA bus. [05:20] twb: Sure, depends on usage requirements though. [05:20] Nod. [05:21] owh: bins=`echo /bin/{cp,ls}`; for x in $bins; do echo $x; done [05:21] owh: is that what you mean? cuz that does ... seem to work. :) [05:21] the nice thing about USB2 (assuming one doesn't have a working Linux NAS or eSATA device) is that you can backup your whole disk into one device, and then remove it for safekeeping. [05:21] mattt: I was just showing you what different methods of expansion are available. Glad to see that you have what you need. [05:22] PhotoJim: another guy I know has a udev rule to do that automatically when it detects the drive (by UUID). [05:22] twb: oh, that's slick. [05:22] owh: cheers [05:22] PhotoJim: so he just plugs it in when he gets home, esentially [05:23] twb: Did he document this anywhere - I mean, it's all nice and well fixing stuff, but if it ain't written down, it didn't happen. [05:23] I recently got a pair of terabyte drives and put them in RAID1. I think I'm going to get another pair, one for a spare RAID1 drive (online) and another in an enclosure for a removable backup drive. [05:23] owh: yeah, probably on a blog [05:23] owh: I can't be bothered finding the reference, sorry. [05:23] * owh is reminded to make a post about MYOB running off a server drive, even if MYOB tells me that it doesn't work :) [05:23] twb: That's cool :) [05:23] It was probably Russell Coker, if you wanna google [05:28] do not want to overwellm chat, but this is what i want to do: i am a doctor and build ubuntu server to store data (word and pdf documents). i want to make backups of this into and external drive (network attach enclosure), in a way that if server fails backups can be read from enclosure, at the same time would like to do same at home so baiscally have 2 backups...where can i read or learn about this? [05:29] also if i want to connect network attach storage from home to office, any suggestion on good router for office that will make this coenction easily and secure [05:31] Is tftp (port 69) the only thing that LTSP requires or are there more ports that need to be open? [05:31] Rafael: You are setting up a whole lot of interdependent processes there. These are the ones I can see off the top of my head. [05:31] 1. Ubuntu Server, [05:31] 2. Samba server to serve word and pdf documents to users [05:31] 3. Network storage mount [05:31] 4. Server backups to same [05:31] 5. Network storage fail-over [05:31] 6. Remote access to LAN [05:31] 7. Remote access to remote storage [05:31] Crap [05:32] Sorry 'bout that. Seems is a separate post. [05:32] hello to all. just poppin in to ask if anyone knows a very simple way of setting up a network where a client computer boots up and authenticates to a server which will then load up the users home folder and desktop settings? [05:32] Rafael no, that cannot be done easily. you need a network admin for rent or just use one usb drive and take it with you to work and home. [05:32] loginhelp: The edubuntu server will do that out of the box. [05:33] owh: does edubuntu server have lamp setup as well? right now i'm trying to config ubuntu server 8.04 [05:33] Rafael: This stuff is not complicated to learn, but it will test your patience. My question would be: "Is it cheaper to do this yourself, or is it cheaper to pay someone to do this?" [05:34] loginhelp: Well it's the same project. I suspect it also has a LAMP task. Of course you can also install LTSP into ubuntu-server. [05:35] Rafael: To give you a car analogy: "Do you maintain your own car, or do you pay a mechanic?" [05:35] ha [05:36] Someone was paying attention [05:36] owh: i like computers and to learn, that is a hobby for me even thought you might be rigth since linux is completely new for me....i buld the ubuntu server and hve install samba already and tsting with no problem...i am also plaing with webmin and ebox, but would like to have some type of security so that is why i am trying to do the backups [05:37] Rafael if you want security then uninstall webmin, that is very insecure. [05:37] Rafael: backups are "business continuity" or "disaster recovery". The term "security" usually means security against other people. [05:37] Yes, webmin is absolutely to be avoided. [05:37] owh: i do mantein all my windows computer but i am learning linux..so so far is fun, as long as i learn and progress, but you are rigth that if it becomes problematic then it can be a headache [05:38] Rafael: Well, as you've no doubt found out at this point, the questions you've already solved are not documented in one single place. The more you add, the bigger the resources you need to understand and build. [05:38] twb: is webmin not good? [05:38] twb: sorry, when i mean security i mean..server crashes and data is safe ..sorry for gramar [05:38] loginhelp no, webmin is not good. it is full of vulnerabilities. [05:39] Rafael: As twb points out, "business continuity" is what you're really asking about and if we gave you "partial" information, there would potentially be liability issues. Don't get me wrong, and I suspect the same is true for twb, we are happy to help, but be mindful of the landscape you're stepping onto. [05:40] any other alternatives to managing a server with gui on a client? [05:40] loginhelp: landscape and/or ssh [05:40] well i know tht webmin is not on the repository and ebox is, but i have configure the box on raid 1 and raid 5 and after erasing one of the 3 hard drives i can start the rebuld process in less than 1 minute..i agree from reading that is vulnerable to other things [05:41] Rafael: There is a reason it's not in the repository, the ubuntu-server team made that choice, specifically. We've discussed it several times even. [05:41] It's probably easier for #ubuntu-server to help with specific problems such as "how do I make do " compared to broad things like "how can I make my server secure and fast" or "how can I share files on the internet?" [05:41] Fair summary. [05:42] For those kinds of broad questions, you probably want to talk to either a local professional, or to a local linux user group. [05:42] thanks guys for your help [05:42] Rafael: To note, there are amateurs and professionals in this channel, so don't be afraid of asking. [05:43] Regarding webmin, I have personally audited both parts of its core, and some modules. The code is absolute crap, and it WILL be full of horribleness. [05:43] May I observe that this is another example of the same phenomenon. The questions are legitimate, the need is real, but as a community we may not have the tools to help such a need. That worries me. [05:44] do not worry, but there are diferent type of doctors, some that does not know how o turn on a computer and some that we like and go deep into learning computer issues..when we divert the question to liabilites we loose the purpose of having amateurs and professional..that is fine and one moer etime thanks for the help [05:45] owh i disagree. people screw-up their cars all the time because they think they can fix it. (another car analogy.) [05:45] In my professional opinion as a sysadmin, *none* of the web-based administrative tools I have seen are of even remotely good quality. Admittedly, I have not closely looked at ebox. [05:45] Rafael: No, I think you mis-understand. [05:45] or they can learn mechanics and fix cars [05:46] For the simplest things such as "I want to add another user", I would probably try to deploy gnome-system-tools over VNC, only accesible from the local (i.e. trusted) network. I have not actually trialled this yet. [05:46] so i am guessing there is no way i'm going to find a step A to step Z on how to get a school network going in 3 hours? [05:46] Rafael: I was trying to comment on the size of the question you were asking. It's not that I don't believe you can do it, or that we cannot help you achieve it, it's that there are *many* issues that will come up while you're doing it. Some of those relate directly to the running of your company. [05:47] loginhelp no, it's deep topic. [05:47] loginhelp: Boot from the edubuntu live cd. [05:47] loginhelp: you could certainly get *something* running, but it probably wouldn't be safe to deploy. [05:47] owh: you rigth and we should not go into webmin, i was just mentioning about 1 feature that is great but have learn that rest is a disater, but well..my question was that i am building this slowly nd was wandering how to do what i ask at the begining...thanks anyway [05:47] loginhelp: Safe to demo, not safe to run for real. [05:48] owh: will the forum be a better palce..or where should i start... [05:48] Rafael http://www.amazon.com/Beginning-Ubuntu-Server-Administration-Professional/dp/1590599233 [05:48] i think after a month of reading ldap,nfs,nis i realize i should have stepped in here first. [05:49] Rafael: Let me suggest something to you. You can do with it what you will. Start a web-page. Write down what you're trying to achieve and document what you learn. Structure the document as a project plan, then complete the steps. As you learn, you will understand the landscape you are operating in. I'm sure that we'll be here to answer specific questions along the way. [05:51] Rafael: You may also start with reading the ubuntu server guide, it won't be complete, but it touches on many concepts: http://doc.ubuntu.com/ubuntu/serverguide/C/index.html [05:51] loginhelp: The reading was not a waste of time. It gives you an understanding of what you ask. [05:51] Owh: thanks for your advice [05:52] Rafael: Pleasure. [05:52] thanks and good nigth [05:58] owh: can all this http://doc.ubuntu.com/ubuntu/serverguide/C/index.html be download or found as pdf file [05:58] thanks. i'm gonna try the edubuntu server. apart from the authentication, i'm also hoping to have mail, wordpress, gallery2, twiki, so that the school can have their own online manual, news, a place to display their works and blog. any words of wisdom so this attempt can be more successful? [05:59] Rafael: You can install it locally and move it to a portable drive. It's as HTML: apt-get install ubuntu-serverguide [05:59] Rafael: I don't know of a PDF version. [05:59] loginhelp mail will take the most work, security. [06:00] owh: last question for today..any advise of router (thinking about secure conecting from home to server) and about any brand for network storage adapter [06:03] Rafael you should consider a network admin to setup the vpn connection. [06:03] oh, another thing, is it too taxing for a PIII server if i have a media server on it as well? [06:03] Rafael: A router that supports VPN would be smart. A network storage adapter that supports Windows File Sharing, since you want to be able to serve clients in the case of failure. The question really isn't one of "What do I buy?" - even though you think it is. [06:04] loginhelp: That depends on what it's doing, how much RAM it has and whom it's serving with what. Ie, that's like asking: "Is a Ferrari a good car to buy?" [06:05] owh:so what should the question be? and thanks for the repsonse... [06:06] actually its a sony vaio, p4 1.2 GHz, 128 Mb [06:08] Rafael: I'm struggling to even form a coherent response to your question. The interdependencies are too great to give a meaningful answer. Things like: "What kind of existing LAN is there?" "What kind of users are there?" "What kind of internet connection is there?" "How much data is there?" "How often does it change?" "What size documents are there?" "How old is the existing server hardware?" - these are just questions that each go i [06:12] Rafael: This kind of conversation is normally done one-on-one by an expert. A forum like IRC is a potential place where you might have such a conversation, but I for one charge for that process. I'm willing to help you resolve problems, but I'm not able to justify providing answers like this because I'm not sure how I can make that sustainable. [06:12] Rafael you can find a local Cisco vendor and get an ASA for $800 and have it setup for about $500. security and expertise are important here. [06:12] owh: do not feel bad...i could anser this question but will do so when i really need it in future, so far i am in the testing fase..playing and slowly learning..so if no problems i continue..if it complicates then i drop it..so far is inside my hobby, and if it works and develops to be "bussines continuity"then fine, if not will conitnue as i am or look for profesional..my mistake was to mention i am a docotor, then liability was [06:12] mention..and so on..just imaging i am an amateur thrying to build what i mention...but very honestly..thanks for your answers, believe it or not they help a lot..no harm fealings [06:13] If others here have ways that they can think of where I sit here online and help like that and gain an income to pay the rent, I'm happy to entertain the notion. [06:13] Rafael: The doctor and the liability have no relation in my mind. The issue is because you are doing this in your business, regardless of you being a doctor. [06:15] Rafael: The same is true for others coming here and asking questions about backups and security. I shudder at the issues related to their "toy" being used for real and breaking. [06:15] owh: like i said..no harm feelings and thanks one more time ..beleive it or not your help is apreciat it..will keep palying and at the end will use or discard this projeect.... [06:19] For every complex problem there is an answer that is clear, simple, and wrong. --H L Mencken [06:21] owh: For every complex problem there are even more answers that are confusing, complicated & wrong. --JanC [06:21] owh: is landscape not free? [06:21] ;) [06:22] JanC: And I am sure that I am responsible for some of those :) [06:22] loginhelp: Nope. [06:23] loginhelp: Uh, that should be yes :) [06:23] loginhelp: As in: "Yes, it's not free." [06:23] well, a part of landscape (the client) is [06:24] Fat lot of good that will do you :) [06:24] but that's not really useful on its own probably ;) [06:37] does mac&win have ltsp support? [06:41] huh? [08:19] hello again. :) [08:26] evening [08:50] morning ;o) === chrisadams is now known as chris_d_adams [09:30] moin [10:02] 'night === asac_ is now known as asac [10:45] hi guys [10:45] anyone setup a connection to mssql before from ubuntu server? [10:49] <_ruben> !info freetds-dev [10:50] freetds-dev (source: freetds): MS SQL and Sybase client library (static libs and headers). In component main, is optional. Version 0.82-3ubuntu1 (intrepid), package size 411 kB, installed size 1224 kB [10:50] <_ruben> never used it though [10:50] I've tried installing some bits nad bobs and following a few guides but nothing seems to work [10:52] hehe [10:52] actually I did first 'freetds' package for an opensource distribution [10:52] that was ages ago, for freebsd [10:52] no other OS had freetds package Į) [10:52] funny though, I had some people telling me how they use freetds to me, and they were using my package not knowing it :) [10:54] heh [10:54] that's cool [10:54] So surely you must be able to guide me? :DD [11:13] hello [11:13] Ethos: I can guide MySQL stuff way better nowadays :) [11:46] question: is it possible to connect to a betrieve 6.5 database from ubuntu? [11:46] btrieve that is. like odbc. [11:49] where should I ask that question? which channel? [11:51] domas: is it possible to connect to a btrieve 6.5 database from ubuntu? I am asking you because you have worked on a similar project years ago you said. [11:52] goksu: *shrug*, if there're linux drivers, yes :)) [11:52] but I don't see any packaged [11:53] domas: I am using primavera planning software. the backend is a btrieve 6.5 db engine. runs on windows. But I want to do my work under linux. [11:53] where can I ask? [11:54] * domas points to http://www.pervasive.com/developerzone/platforms/linux.asp [11:55] I guess you can use JDBC [11:55] (or linux-odbc) === scfh_ is now known as scfh [12:04] domas: I hope JDBC or linux-odbc connects to that old a db engine. thank you very much for the information. :) [12:05] goksu: use mysql! [12:17] domas: I am using mysql for most of my work. primavera uses btrieve6.5 and that does not work under wine. [13:51] New bug: #351562 in mysql-dfsg-5.0 (main) "mysql server install failed" [Undecided,New] https://launchpad.net/bugs/351562 [14:21] anyone could confirm "bacula in dapper (2.2.8) catalog upgrade from hardy (1.3.6)" https://bugs.launchpad.net/ubuntu/+source/bacula/+bug/347206 ? [14:21] Launchpad bug 347206 in bacula "bacula in dapper (2.2.8) catalog upgrade from hardy (1.3.6)" [Undecided,New] [14:21] it's probably valid [14:22] there is a script for upgrade [14:22] btw i don't know if it should be fixed when hardy is almost 1 year here [14:22] the fact is that bacula wasn't supported before hardy [14:22] for a reason [14:23] so we changed it's package scripts to get it included [14:23] its [14:24] so it looks i missed that it was from universe ;( [14:24] well, we should've think about upgrade [14:24] but the problem was that it was too complicated to do it [14:24] since bacula in dapper used dbconfig for database management [14:25] and in hardy we used custom scripts [14:25] still, bug is valid [14:25] is there a way to make it so that both mydomain.com and www.mydomain.com would both show as www.mydomain.com in the browser ? [14:26] ivoks: ok. for now bacula looks that its working now [14:26] jahor: there are update scripts [14:26] irc [14:26] iirc [14:27] /usr/share/bacula-director/update_mysql_tables [14:27] <\sh> orudie: not using serveralias in apache but having a separate vhost for mydomain.com and Redirect / http://www.mydomain.com/ [14:27] what's wrong with serveralias? [14:28] <\sh> ivoks: ServerName www.mydomain.com + ServerAlias mydomain.com won't give "www.mydomain.com" as result when accessing "mydomain.com" ,-) [14:28] of course [14:28] why would someone require that? [14:28] orudie: You can use a mod_rewrite rule. [14:28] <\sh> ivoks: don't ask me...ask orudie ;) [14:28] content is what counts, not the location bar [14:29] orudie: you really want to change URL in location bar or just render same web page? [14:29] ivoks: Well the location can count with SEO. [14:29] ivoks, change URL [14:30] orudie: http://httpd.apache.org/docs/2.0/misc/rewriteguide.html#url [14:30] 100 people, 100 ideas :) [14:31] ivoks: That's what linux is all about ;) [14:31] <\sh> depending on what someone wants to achieve...using mod_rewrite could be expensive ... [14:32] <\sh> especially when mod_rewrite is used in .htaccess ,-) [14:32] stickystyle, RewriteCond is in which file ? [14:32] \sh: Yeah, well having AllowOveride on on a server is a performance hit in itself. [14:32] <\sh> orudie: in /etc/apache2/sites-available/ or in .htaccess under your docroot [14:32] orudie: In the conf file for the site. [14:33] <\sh> stickystyle: yepp :) [14:40] Invalid command 'RewriteCond', perhaps misspelled or defined by a module not included in the server configuration [14:41] stickystyle ^ [14:41] <\sh> orudie: ls -al /etc/apache2/mods-enabled/ check for rewrite.conf [14:41] <\sh> or rewrite.load [14:42] \sh ^ [14:42] <\sh> normally not enabled by default [14:42] sounds like you don't have mod_rewrite loaded $sudo a2enmod rewrite [14:43] a2enmod rewrite [14:43] <\sh> orudie: have a look at https://help.ubuntu.com/8.04/serverguide/C/web-servers.html (when you use hardy) [14:44] ok no error after sudo a2enmod rewrite , apache2 reload , but doesnt do the job still [14:44] orudie is an ex-win admin; they don't read :D [14:44] <\sh> ivoks: lol [14:44] apache2 force-reload [14:44] not reload [14:44] or restart [14:45] i did restart [14:45] same [14:45] RewriteEngine on [14:45] before RewriteCond or RewriteRule [14:45] then reload [14:46] same [14:46] now you are lying [14:46] no [14:46] domain is selsovet.com [14:47] so what? [14:47] :) [14:47] orudie: just worked for me. [14:47] As in I went to selsovet.com and it redirected me to www.selsovet.com [14:47] you tuped selsovet.com in the browser and it turned into www.selsovet.com ? [14:48] yep [14:48] why doesnt work for me :( ? [14:48] oh it just did [14:48] cause you are using internet explorer :) [14:48] yay ! [14:48] orudie: because your browser caches stuff. [14:48] ivoks, no firefox [14:48] ;-) [14:48] another lie [14:48] this orudie guy... lies all the time :D [14:49] awwww come on [14:49] hehe [14:49] hey ivoks [14:49] zul: hi there! [14:49] so it should be ServerName selsovet.com and below it ServerName www.selsovet.com so that they both point to the same dir ? [14:50] ServerName www.selsovet.com\nServerAlias selsovet.com [14:50] um... [14:50] that's how I would do it anyway. [14:50] right [14:51] where '\n' is enter [14:51] :D [14:51] newline [14:52] yay ! [14:53] good stuff [15:06] orudie: web site is awsome :) [15:10] which one selsovet.com ? [15:10] yes [15:11] :) [15:13] omg... raid5 with 8 drives [15:13] disater waiting to happen [15:16] is this IRC channel logged? can I get a copy of yesterdays comments? I need to reach the comments I used yesterday. [15:16] ivoks > why? [15:16] I got a raid5 on 5 drives, you're scaring me :) [15:16] 6 sorry [15:17] yann2: raid5 allows one failed drive [15:18] got 2 hot spares :] [15:18] with 8 disks, chances to have two failed drive at the same time isn't small [15:18] hot spares don't help here [15:20] http://www.hardwaresecrets.com/article/314/2 [15:23] ivoks: back here .. there are update scripts for bacula catalog database, but not for that big version dump (i solved it by copying it from non-ubuntu package) [15:23] jahor: this one i pasted is for 1.3 to 2.4 upgrade [15:23] ivoks: do you have any plans on improving your mail stack before jaunty release? the reason i ask is that dovecot was updated to 1.2beta4 in intrepid and a bit afraid that jaunty mail stack will be moved to 1.2beta4 too [15:24] beawesomeinstead: dovecot in intrepid is 1.1.4 [15:25] and 1.1.11 in jaunty [15:25] $ dovecot --version => 1.2.beta1 on my desktop, weird [15:25] you are pulling that from somewhere else [15:26] ivoks: its for 1.38 to 2.0, in dapper (universe) was 1.36 and that is the root of the problem [15:26] jahor: SQL interface in bacula has different version [15:26] jahor: there is 8 and 9, iirc [15:27] no, 9 and 10 [15:27] 1.38.x used 9, while 2.0.x used 10 [15:27] you are right, that script isn't enough for dapper->hardy [15:27] ivoks: do not miss mi notice of 1.38.x vs 1.36 ;) [15:27] :) [15:28] beawesomeinstead: anyway, there are only packaging changes that should get into jaunty today or tomorrow [15:28] beawesomeinstead: no version updates are allowed in jaunty any more [15:28] but i know that in dapper LTS it was in universe and so it was unsupported by LTS [15:29] still, it's a bug [15:29] we should've upgrade it [15:29] we shouldn't make that mistake with 8.04->10.04 [15:29] my mistake [15:29] ivoks: ok i will try to prepare a fix and append it to the bug (maybe my first contribution to ubuntu ;o) [15:30] that would be great [15:30] oh cool [15:30] I would like to power down (cleanly) my ubuntu-server when its power putton is pressed. (like ubuntu desktop). All I can find about this is that I probably need to install ACPI. [15:30] but the "acpi-support" package also pulls in things like x11-xserver-utils... [15:31] Is there a simple way to start a shutdown script when the power button is pressed? [15:31] you need acpid [15:31] not acpi-support [15:31] basically, you just need to load kernel modules [15:32] acpid will do that for you [15:32] ok thanks. aptitude listed that one as "displays information on ACPI devices" so I was wondering if it actually did something :) === hessml|away is now known as hessml|away|away [16:26] New bug: #351648 in mailman (main) "update mailman to 2.1.12" [Undecided,New] https://launchpad.net/bugs/351648 [17:26] anyone familiar with 8.10 server? http://pastebin.ubuntu.com/140815/ <-- what do the lines 2-4 mean ? [17:27] kirkland: I think ^^^ is up your alley. [17:30] Hello, I used an Airlancer MC-11 (orinoco) wifi card during the install of Ubuntu Server. After a succesful install the interface voor the airlancer card does not show up. What can be wrong? [17:31] scfh: Iceman_B^Ltop: the two ecryptfs warnings are benign [17:31] ScottK: ^ [17:31] scfh: sorry [17:31] Iceman_B^Ltop friends in China? http://www.geoiptool.com/en/?IP=125.81.125.80 [17:31] ScottK: Iceman_B^Ltop: and are fixed (removed) in jaunty [17:31] kirkland: Thanks. [17:31] Iceman_B^Ltop: ScottK: i don't know about the UDP errors [17:32] ScottK: thanks for the heads up ;-) [17:32] kirkland: You're welcome. [17:33] kirkland: I can explain the UDP errors [17:33] Iwanted to know the other things :) [17:33] Iceman_B^Ltop: ah, okay, yeah those are two benign warnings [17:33] okido [17:33] friartuck: friends, I wish [17:33] unknown items that should be scrubbed from the ecryptfs mount string [17:33] they are torrent noise [17:33] those UDP things [17:34] if they're not scrubbed, the kernel says "i don't know what to do with these" [17:34] okay [17:34] and drops them [17:41] how can I perform Wireshark-like tasks from the command line? [17:41] Iceman_B^Ltop tcpdump on linux, snoop on solaris. [17:42] Im having random disconnections when I'm SSH-ed into my server, from the local network [17:42] this wasnt the case with 8.10 Desktop but ever since I installed server.....I;ve had them [17:44] nobody with similar experiences? [17:45] I;ve also had them when I ssh from a node that;s physically connected to the server machine [17:45] and its very annoying :/ [17:48] Iceman_B^Ltop: As friartuck says, tcpdump is the package you want. [17:51] Iceman_B^Ltop: I second tcpdump, but another option would be tshark, which is the text/cli version of wireshark. [17:58] okay [17:58] I have no GUI, in case that matters [18:00] i'll install both Tshark and tcpdump [18:00] Is there any documentation describing how one uploads KVM images to a Eucalyptus cloud? [18:00] I followed the instructions in soren's blog on the weekend, but haven't managed to figure out how to upload an image. [18:01] Iceman_B^Ltop tcpdump is probably already there: http://www.tcpdump.org/tcpdump_man.html [18:07] okay [18:09] "software caused network about" is the message I keep getting form putty, and I can't ping my server right now [18:09] and now it just started responding to pings again, this is too strange [18:20] sorry, the putty error message reads "Network error: software caused connection abort" [18:27] does anyone know if the OpenSSH package that ships on the Server cd differs significantly, config-wise, from the package you can get through apt-get ? [18:30] I think there shouldn't be any difference except for security or serious bug fixes [18:30] okay [18:31] then I have no clue but I think my server is a bit dodgy, it keeps dropping the connection [18:31] Iceman_B^Ltop: It's identical unless there have been post release updates (as JanC says). [18:32] alright [18:32] so it can't be that [18:33] I'v already asked in #ubuntu, if setting the card to half-duplex would make a difference [18:37] Iceman_B^Ltop: What kind of connection do you have? [18:37] Iceman_B^Ltop half duplex not good. look for errors on the nic: ifconfig -a [18:38] ScottK: my current setup is [this laptop(XP)]------[switch]-------[router]------[server] [18:38] all ethernet, 100Mbit [18:38] No firewall in there? [18:38] there is also a modem connected to the router. [18:38] Iceman_B^Ltop: Maybe check that both ends of your network cable are wired 568-B compliant [18:38] no, everything whould be bridged, its all LAN [18:39] genii: I had 0 problems with the Dekstop install of Ubuntu, just that it all 256megs of my ram in that machine [18:40] right now, even when I SSH into the router, and from there to my server, I get dropping connections [18:41] Do you get packet loss when you ping? [18:41] Iceman_B^Ltop: I've had this half-duplex problem previously, it ended up being cable that was ok at short distances and not 568-B wired... then on longer cable runs dhcp kept dropping, half-duplex, etc with same wiring order as short cord. It specifically had to be wired in the order 568-B standard requires [18:41] when my connection breaks, yes. otherwise I can ping fine. I do get more pingdrops from my laptop then I get when I ping from my router [18:42] oh, the cable is a factoray made Cat6 I think, but again, itworked fine with ibex desktop [18:56] Iceman_B^Ltop: could you pastebin the output from ethtool ethX from the server and desktop? [18:57] I can only give you the output from the server, cause I dont have the desktop installed anymore [18:58] hang on [19:01] jmedina: http://pastebin.ubuntu.com/140874/ [19:05] mathiaz: any chance you could look at that dovecot-postfix bug/patch? [19:05] ivoks_: hi - I've already look at it once. I still need to think about it a bit more. [19:06] ok [19:06] ivoks_: how important is it for the release? [19:06] er... very :) [19:06] ivoks_: right - right now the package works correclty. [19:06] ivoks_: except for a specific use case. [19:06] not quite [19:06] ivoks_: not quite? [19:07] on reinstall or new version, ucf is ignored [19:07] and smtp-auth with outlook doesn't work === ivoks_ is now known as ivoks [19:07] ivoks: oh right. These should be fixed for release then. [19:08] ivoks: I was only refering to the case where dovecot.conf local changes weren't taking into account. [19:08] ah, well, i've added that to that patch [19:08] it's not big deal to do it [19:08] and it would be great addition for users [19:09] since some will upgrade their intrepid server and would like to have dovecot-postfix [19:09] merging their config in would be a big plus [19:09] hmm [19:10] how advanced is that dovecot-postfix thing? [19:10] can it do postgresql backend? :-) [19:10] ivoks: right. Doing so, since we already have the logic to merge in place, I though why not use the default dovecot.conf? [19:10] Nafallo: it uses shadow as backend [19:10] ivoks: ie to merge the dovecot-postfix.conf file *into* the existing dovecot.conf? [19:10] mathiaz: we aren't allowed to do that [19:11] dovecot.conf is from another binary package [19:11] ivoks: oh gah. not what I want then. thanks :-) [19:11] and -imapd and -pop3d are not doing a good thing changing dovecot.conf [19:11] Nafallo: dovecot-postfix is just configuration for dovecot and postfix, noting else [19:12] ivoks: hm. I wonder if the fact that we use ucf to handle config changes wouldn't help. [19:12] ivoks: yeah. mostly wondered if it had a dpkg-reconfigure wrapper for some more advanced configurations as well :-) [19:12] ivoks: for -pop3d and -imap, I agree [19:12] mathiaz: my proposal was to use ucf and merge diff into dovecot [19:13] mathiaz: but cjwatson said that's wrong [19:13] ivoks: I always wanted to look if it would be possible to split this configuration into its own configuration file [19:13] ivoks: ok. [19:13] ivoks: ie - have a configuration file to enable pop3 [19:13] ivoks: another one to enable imapd [19:13] ivoks: basically having one configuration file per service [19:13] ivoks: or daemon === mcasadevall is now known as NCommander [19:14] ivoks: rather than having one monolitic configuration file. [19:14] mathiaz: that would be great... but this is something i'd rather see upstream doing [19:14] jmedina: any clue ? [19:14] ivoks: right. I think that the dovecot configuration supports include files. [19:15] mathiaz: iirc, not for every part of configuration [19:15] Iceman_B^Ltop: everyting looks ok, but I dont know if that is from desktop or server [19:15] only for ldap and sql [19:15] I asked for both [19:15] ivoks: hm - in the case of pop3 and imapd we'd be interested in the protocol command line [19:15] ivoks: hm - in the case of pop3 and imapd we'd be interested in the protocol option [19:16] jmedina: what do you mean? I can only provide you with data from the server. I have no desktop. If you mean this machine, it's an XP Laptop [19:16] ivoks: I wonder if something similar to the master configuration of postfix would be useful [19:17] Iceman_B^Ltop: well looks fine, did sniff with tcpdump for any problems? [19:17] ivoks: anyway - these are just thoughts. [19:17] mathiaz: hm... it might... maybe we could do something with ucf and wrapper tool for config [19:17] I would love to, but I'm new to this. meanign I have no idea what to sniff for [19:17] ivoks: one day I'll look into what the dovecot configuration engine can exactly do [19:17] ivoks: meanwhile I' [19:18] ivoks: meanwhile I'll have another look at your patch for dovecot-postfix. [19:18] we should contact upstream [19:18] ivoks: definetly. [19:18] (i should contact upstream) :) [19:21] mathiaz: i know it might be late in release schedule, but those changes are important - i worked on that patch for couple of days and tested it [19:21] mathiaz: so, it should be ok [19:21] ivoks: well - these are clearly bug fixes [19:21] ivoks: so we can include them in jaunty [19:25] hey [19:25] I'm giving an IP by dhcpd to 5 hosts, and only ubuntu-server doesn't react on dhcpd responses after dhclient requests....the packets are there, but the ubuntu server's dhclient ignores them [19:26] it simply doesn't set the interface at all [19:27] it is fresh installation [19:27] [dhclient interface] doesn't work? [19:27] it is eth0, up and running [19:27] in multicast [19:28] so, dhclient eth0 doesn't work? [19:29] listening on LPF/eth0/08:00:27:95:0c:a6 [19:29] sending on LPF/eth0/08:00:27:95:0c:a6 [19:29] isn't that weird ? [19:29] no, that's normal [19:29] nothing after that? [19:30] discover on eth0 to 255.255.255.255 port 67 [19:30] but no result [19:30] logs on server? [19:30] but tcpdump is catching the dhcpd response packets [19:31] dhcp server [19:31] jmedina: any idea what I should sniff for? or should I capture everything for a minute or 3 ? [19:32] ivoks, I need to go now, I'll be back later [19:34] Does LTSP require that you have desktop packages on the server or does ltsp-build-client install desktop packages in the /opt/ltsp/ folder? === ravi is now known as Iceman_B|SSH [19:53] is there an access control system in place for the iscsi service? I need to know it if I could set something up with multiple iscsi initiators access the same target. just doing priliminary research at the moment. === olcafo_ is now known as olcafo [19:55] any good resources on the internet for implementing iscsi in linux/ubuntu would be great. [19:56] http://www.cuddletech.com/articles/iscsi/ [19:56] ? [19:57] olcafo: you want more than one initiator to access the same target at the same time? [19:58] yup [19:59] great, something just came up. I'll be back. [19:59] oh hey [19:59] my server loses connections to the internet as well [20:00] olcafo: Just wanted to make sure you where aware that you can't just do that with iscsi, you need to throw a clusterd file system into the mix also - like GFS. [20:01] maybe he doesn't want it mounted [20:09] mathiaz: ping you know for all of those bugs who dont chose a password for mysql why we do a big fat warning when they dont choose a password and let it continue or log it somewhere where we can ask users if they report a bug to check if they entered a password or not [20:10] zul: are you triagging mysql bugs? [20:10] zul: I'm doing the same :) [20:10] mathiaz: some of them [20:10] zul: I'm going through the New bugs [20:11] zul: which one are you doing? [20:12] im going through some of the old ones and newer ones [20:14] hi can somebody take a look at the phpmyadmin package in hardy? see http://www.phpmyadmin.net/home_page/security/PMASA-2008-7.php [20:14] hardy still has 2.11.3-1 === zaid_ is now known as zaid_h [20:26] hello, i have an LVM question, just started to play around with it [20:27] why would lvextend refuse to grow my logical volume? [20:27] the message is: device-mapper: reload ioctl failed: Invalid argument [20:31] invalid argument [20:32] What arguments did you use with the lvextend command? [20:32] lvextend -l +100%FREE /dev/VG0/OPT [20:33] try without + [20:34] ok this is one of two lv's in its volume group [20:35] and my idea is to expand it to fill all remaining free space [20:35] then run vgdisplay [20:35] and check how much free extents are there [20:35] and then extend it [20:35] Free PE / Size 19022 / 74.30 GB [20:35] that's what you wanted to know? [20:35] lvextend -l +19022 /dev/VG0/OPT [20:35] * genii ponders if it's -l or -I [20:36] it's -l [20:36] small L [20:36] well i didn't make up that command, i followed the manpage [20:36] ivoks: I don't use it enough to know, thanks [20:36] l and I are different letters [20:36] you should consider different font :) [20:36] oh, exactly the same output [20:37] using number of extents made no difference [20:37] "lvextend -L +54 /dev/vg01/lvol10 /dev/sdk3" [20:38] hm [20:38] is the filesystem mounted? [20:38] i tried both ways, mounted and unmounted [20:38] made no difference [20:38] it must be unmounted [20:39] it still doesn;t work [20:39] umounted? /me always resize with mounted FS [20:39] nowhere do the docs say it must be unmounted [20:39] by i tried both ways anyway [20:39] right, that's true [20:39] s/by/but/ [20:39] filesystem is mounted, not the partition [20:40] right, and to resize a jfs, it must be mounted anyway [20:40] same with xfs [20:40] well i have jfs [20:41] how about [20:41] would it be a problem that the other lvm on this volume group houses my root fs? [20:41] s/lvm/lv/ [20:41] lvextend -L100%FREE /dev/VG0/OPT [20:41] capital L [20:42] bah [20:42] ignore that [20:42] nope [20:42] lvextend -L+74.30G /dev/VG0/OPT [20:42] same [20:42] no difference [20:43] huh?! [20:43] same message [20:43] ls -dl /dev/VG0/OPT [20:43] oh i forgot to say, there's one more line: [20:43] Failed to suspend OPT [20:44] it's a symlink, /dev/VG0/OPT -> /dev/mapper/VG0-OPT [20:45] btw this is all on a freshly installed ubuntu-server 8.04 [20:45] there weren't any lvm partitions on that disk before? [20:46] i repartitioned the whole disk at installation time [20:46] Maybe you need to use lvchange to have it mounted ro first [20:47] drbobb: never mind that, were there lvm partitions before installation? [20:48] ivoks: hey, now i don't recall, i wiped the previous system clean [20:48] i think it was a redhat 9 [20:50] note that formating disk (or even creating new partition table) doesn't do anything [20:50] metadata from previous partitions can be preserved even if the whole disk is repartitioned [20:50] well it does rewrite the partition table, doesn't it [20:50] it does [20:51] but you can recover partitions [20:51] so, clearly, not everything is formated :) [20:51] yes [20:52] but i've owerwritten much of the drive with new data by now [20:52] but, back to the problem... [20:52] well, about 80GB out of 200 [20:52] vgscan [20:53] jmedina: still there? [20:53] yeah, worked fine [20:53] any idea how long I should let the tcpdump run for ? [20:54] nothing extraneous found [20:54] Found volume group "VG0" using metadata type lvm2 [20:54] etc. [20:55] vgdisplay [20:55] paste it on pastebin [20:55] Iceman_B^Ltop: not too long :) [20:55] Iceman_B^Ltop: otherwise, you'll have very big file :) [20:57] Iceman_B^Ltop: yeap, but im busy doing real work :S, it is not about running and create a big file, is about analize dumped data and look for problems [20:57] ivoks: as you like [20:57] http://paste.ubuntu.com/140947/ [20:57] nothing unusual [20:58] the second vg is on another physical drive [20:58] drbobb: lvdisplay [20:59] yes, what do you want to know about it? [21:00] http://paste.ubuntu.com/140949/ [21:00] drbobb: everything [21:00] there it is [21:01] well, hm, it should wor [21:01] k [21:01] yeah i thought so too [21:02] brb [21:03] jmedina: ah okay [21:06] ivoks: I let it run for like 15 mns, and I have a 23k file [21:06] nice === jdstrand_ is now known as jdstrand === drbobb_ is now known as drbobb [21:10] ivoks: I gave sudo tcpdump -c 1000 -w tcpdump_30mar now [21:13] ivoks: ok, so i've been able to extend the lv by smaller increments [21:14] but at the point where there are 249 free PE's, i can't extend it any more [21:18] so why would LVM insist that 996 MB of my VG must be wasted? [21:21] New bug: #322647 in mysql-dfsg-5.0 (main) "mysql-server fails to instal with apparmour errors" [Undecided,Incomplete] https://launchpad.net/bugs/322647 [21:25] drbobb: metatada [21:26] ok, it does seem like a lot though [21:28] and it still is kind of puzzling [21:28] on my second VG, which hosts a single LV, vgdisplay shows 0 free PEs [21:29] kind of inconsistent, isn't it [21:29] free PS should be 0 [21:29] PE [21:29] yeah what i mean [21:30] i see 249 PEs on VG0 [21:30] i really don't know where's the problem [21:30] free PEs that is [21:30] but LVM won't let me expand any LV [21:31] well i don't know what the problem is [21:31] but it sure soesn't make sense to me [21:31] s/soesn't/doesn't/ [21:33] i don't think i've seen it mentioned in the docs anywhere, that you should account for some PEs being taken by metadata when computing by hom much you can grow your LVs [21:33] s/hom/how/ [21:34] man how terribly i type [21:34] free PEs already have included metadata [21:34] so, at the end, you shouldn't have any free PEs [21:35] why you can't achive that, i can't tell [21:36] and it's not just a little, it's 249 PEs [21:46] actually i though the metadata area/s is/are separate, and not included in the count of PEs [21:50] it's not, it is separate [21:52] ivoks, i'm in a terrible terrible mood today [21:53] i feel like ripping someone's head off and then kicking it around [21:53] so, it ought to be possible to allocate all available PEs to LVs [22:00] hm, i've managed to create another LV out of the 249 free extents === hessml|away|away is now known as hessml|away [22:06] hey maybe i do worry too much, but it makes me uneasy when something as essential as storage management doesn't work as expected [22:06] how do i add a user such that they will only have access to a given directory and all subdirectories & files underneath that directory? === hessml|away is now known as hessml|away|away [22:32] 10.04 will have nice name [22:33] ten-o-four [22:33] :) === hessml|away|away is now known as hessml|away [22:46] Okay so I have installed and configured (mostly) proftpd on a newish ubuntu server installation and the person i need to FTP in to this box is experiencing error 550. Could anyone tell me what I need to do to make the entire filesystem just 'open' to his user. I understand that may not sound secure but its what i need to happen. please help? [22:48] User777: dont chroot ftp users [22:48] okay, so what can id o to let this FTP user upload/download anywhere in the filesystem? [22:48] i do^ [22:49] i am not a Linux expert by any stretch of the imagination [22:49] terrible idea, but ftp in as root user [22:49] hmm [22:50] there would a line in the config file that I would have to change right? [22:50] i assume thats turned off by default [22:50] i have no idea i'm afraid, manuals come into play here [22:51] thanks [22:51] * User777 is looking around the config [23:01] connection established waiting for welcome message. Error: Could not connect to Server [23:01] i put in what the manual says is the correct line...(RootLogin yes) [23:01] restarted the server..and I get that [23:02] any ideas? [23:06] User777: did you change the Port in sshd_config? [23:06] User777: shouldn't it be PermitRootLogin yes? [23:07] okay, I have run tcpdump and I have a file now, where to go from here ? [23:07] what do I do with the file ? [23:08] i havent touched sshd_config....and according to the sites docs its RootLogin...I will try with PermitRootLogin now..whats this about sshd_config? [23:08] User777: where did you set RootLogin yes then? [23:08] proftpd.conf [23:09] was that not the correct place? [23:10] User777: ah, i thought you set similar option for SSH server, nevermind then [23:11] i tried (PermitRootLogin on) and restarted..i am greeted with the same error in my ftp client "Unable to connect to server" [23:12] I shouldnt have to add root to anything right? [23:14] is anyone using GFS? is it well supported in Ubuntu? [23:24] i do [23:25] no problems at all [23:25] 'night [23:25] ivoks: I'm thinking of using it with iSCSI [23:25] ha, maybe catch you later then. [23:25] i use it with drbd [23:27] okay so i just got fed up and uninstalled proftpd [23:28] can anyone reccomend an ftp server that is actually easy to configure? [23:28] User777: littel late here, but ProFTP works out of the box on a ubuntu install. [23:29] appearantly not [23:29] got to go [23:29] chances are that if it doesn't work, then there is somthing external happening that will prevent any other FTP client to work. [23:35] I need to know if I'm going down the right path here. I ultimatey need to have SMB shares that are ever increasing in size (TB wise) and also perhaps host virtual images through it. I'm thinking 10GbE, iSCSI, LVM, GFS with a couple of VM hosts accessing the VM images. [23:37] ok, so that was confusing. there's really two seperat thing I want to do with it. [23:41] 1. an SMB server connected to the targets, 2. a couple of KVM hypervisors connected to targets with the VM images. [23:43] That's clear as mud and twice as thick. [23:43] haha! :) [23:43] that looks fine, with that setup you can do livemigrations [23:43] that's the idea. I'm not of the rocker then, good! [23:44] * jmedina is preparing a similar envyroment for a xen course, well less the 10GbE network [23:44] wow, that's exacly what I wanted to hear. [23:45] that is common envirment for virtualized datacenters [23:46] then why am I having such a hard time finding documentation. I've sort of peiced all this together from different sources, but I've found nothing that talks about it as whole. [23:48] olcafo: well it s goog time to start documenting this scenario, I can help [23:49] that's a great idea. where do we start? [23:50] probably with the goals of the project [23:50] I'll be working on this for deployment sometime next year. [23:51] I read a document from suse describing a scneario like this, it is from 2006 [23:51] jmedina: yes, what I meant is what is the forum, or official place to do this online. [23:51] gooogle for suse xen live migration [23:52] olcafo: not sure, but I think you can use the wiki [23:52] I think that is the place for community contributions [23:53] well, I guess I'll finall have to set up an account ;) [23:53] olcafo: have you testd KVM live migrations? [23:53] olcafo: I havent used KVM, only Xen, but looks like it not too different in the implementation [23:54] no, not yet. although live migrations are not really one of the requirements for my deployment environment, it would be interesting to test out though. === hessml|away is now known as hessml|away|away [23:56] jmedina: I currently don't have the hardware to try such a thing. most of the stuff in this office is pre-KVM compliant. Hence the big upgrade next year. [23:56] ok, that is why we use xen [23:58] I have zero experience using xen. limited VMware and a good amount of KVM is what I've been exposed to.