[00:21] <captainkirk> so... im trying to mount an external usb drive to ubuntu.... i need help :)  (suprise suprise...)
[00:22] <captainkirk> device has id of sdb
[00:22] <captainkirk> currently has no partitions...
[00:23] <Iceman_B|SSH> okay so, Ubuntu 9.04 has been out for a while, but my 8.10 server is working just fine. Should I still upgrade or leave it as is ?
[00:23] <jmedina> captainkirk: well you need to partition it and create a File system in order to mount it
[00:23] <jmedina> Iceman_B|SSH: do you need anything in new release?
[00:24] <Iceman_B|SSH> no clue whats in the new rel-
[00:24] <Iceman_B|SSH> brb, checking release notes
[00:24] <captainkirk> jmedina: i am using webmin... is type linux the best option?
[00:24] <jmedina> Iceman_B|SSH: so?
[00:24] <jmedina> Iceman_B|SSH: how do you want to upgrade to something unknown?
[00:24] <jmedina> I would create a test machine (thanks virtualization :D), and do some testing
[00:24] <Iceman_B|SSH> I assume that having a newer version of a certain program/distro is generally a good thing
[00:25] <Iceman_B|SSH> hm, not really a possibility
[00:25] <Iceman_B|SSH> im using sortof old hardware, and only a CLI
[00:25] <captainkirk> jmedina: okay, i have created a partition of type linux
[00:26] <captainkirk> jmedina: using full disk capacity
[00:27] <captainkirk> jmedina: does the 'mount as' directory need to exist already, or does the process of mounting create it?
[00:27] <jmedina> Iceman_B|SSH: well not always, somethimes there are things that brakes becase config changes, bad upgrade procedures,
[00:28] <jmedina> I always check change logs for every upgradable critical service in my sistem
[00:28] <jmedina> create a copy of that machine, upgrade, and start testing
[00:28] <jmedina> this way I never had a problem upgrading remote servers
[00:29] <Iceman_B|SSH> hm hm
[00:29] <Iceman_B|SSH> thats wise
[00:29] <rayne> Is there a way to Xfer the ssh-rsa key text that the eucalyptus-cc gives you to type into the eucalyptus node for auth ? besides typing and prying you have typed the 3 hundred keys correctly ?
[00:29] <jmedina> captainkirk: 'mount as" what you mean?
[00:29] <Iceman_B|SSH> maybe Im dense, but where can I find a list of things that have changed and/or are new with Ubuntu server 9.04 ?
[00:29] <jmedina> you need an existing mount point in your filesystem tree
[00:30] <jmedina> captainkirk: did you create a filesystem on the partition?
[00:30] <captainkirk> jmedina: i am using webmin and is has a 'mount as' option listing different file types, ext2 ext3 etc
[00:30] <captainkirk> jmedina: yes i chose 'linux'
[00:30] <jmedina> captainkirk: well I dont use webmin sin 2002 :D
[00:30] <jmedina> linux is not a filesystem, that is the partition type
[00:31] <jmedina> by "create a filesystem" I mean "Format the partition"
[00:31] <captainkirk> oooo so i need to create a partition still
[00:31] <jmedina> partitions and filesistems are different things
[00:31] <jmedina> for example
[00:31] <captainkirk> yes, i understand that
[00:32] <jmedina> mkfs.ext3 /dev/sdb1
[00:32] <jmedina> where sdb1 is the new linux partition you create in your usb drive
[00:32] <captainkirk> system show sdb with 1 partition
[00:32] <jmedina> that will create a ext3 filesystem on /dev/sdb1
[00:32] <jmedina> then create a mount point
[00:32] <jmedina> mkdir -p /media/usbdrive
[00:32] <jmedina> and mount it
[00:33] <jmedina> mount /dev/sdb1 /media/usbdrive
[00:33] <jmedina> that's all
[00:33] <captainkirk> kk. it is now creating the ext3... could take a whil on 500G drive
[00:34] <captainkirk> jmedina: thanks for ur help.
[00:38] <rayne> using the cli how could i move an ssh-rsa output from computer 1 to computer 2 ?
[01:16] <IvanCostaJr> Hello, guys!
[01:16] <IvanCostaJr> Can you help me with some Samba configurations?
[01:18] <jeiworth> hi guys, i am setting up a sugarcrm-server in a vm and as to question of partitioning, how much space will the db in /var/lib/ take for a customer with an existing customer base of around 125 clients (being imported) and lets say he aquires 200-300 more, this should still be in the 2-digit  mb area, right?
[01:19] <captainkirk> hey ivancostajr:  i know little but am also setting up samba, maybe able to help...?
[01:21] <jeiworth> since using sugar, it will be a basically standard LAMP, so if you have some general advice on a good partitioning solution for that it will of course be highly appreciated too :)
[01:23] <UKnow> CaptainKirk: I installed a Ubuntu server 8.10 with Samba. I made the shares in smb.conf and I created the user by (1) adduser --disabled-login --no-create-home (2) smbpasswd -a. But the users can't use the shares. They don't have permission.
[01:24] <UKnow> What I missed?
[01:25] <captainkirk> uknow, i had this problem just yesterday.... not saying this is the best solution but i had to change the ownership of the shared folder to nobody
[01:25] <captainkirk> uknow... let me check my current config
[01:26] <captainkirk> unkow, i was configuring a public free for all share with guest access allowed via samba, but as root owned the folder, i still got permission denied
[01:27] <UKnow> Do you configuring the owner nobody.nobody?
[01:27] <captainkirk> uknow, nope, got it wrong... had to change folder access to 777
[01:28] <captainkirk> uknow folder owner is still root root
[01:31] <captainkirk> uknow, i could be wrong, but it seems that samba permission sit on top of the linux file system permissions, so for a samba user to access the file, they must meet both samba permissions and file system level permissions
[01:31] <UKnow> CaptainKirk: worked! But I used openSUSE two years with the same shares and I don't have this problem. The folder have 750 mod and it was ok. I going to study this problem...
[01:31] <UKnow> Thanks!
[01:32] <captainkirk> uknow, i have been experimenting with webmin, and it has a funciton to link samba users to linux users (two seperate user databases).
[03:18] <kriel> would a copy of 8.10 that was fully updated have the same version of apache, vsftpd, samba, etc as a copy of 9.04?
[03:19] <kriel> I'm about to try and franken-style two servers' worth of config files together, and I want to make sure I'm not about to start breaking stuff.
[03:21] <nekostar> hey whats up
[03:21] <nekostar> any of yall running high-avaliability servers?
[03:22] <nekostar> !ha.d
[03:22] <nekostar> !high availability
[03:23] <twb> kriel: no.
[03:23] <kriel> nekostar: you can PM ubottu to get info like that
[03:23] <kriel> twb: erf. I guess I get to manually splice the config files. Thanks.
[03:24] <nekostar> kriel but then i dont get ppl in the channel knowing what i'm looking for without spitting out far more lines
[03:24] <nekostar> ;)
[03:24] <twb> kriel: an intrepid install, updated from intrepid-security, will have the versions that shipped with intrepid, plus security updates to those versions.  It won't have versions from newer releases.
[03:24] <twb> kriel: I highly recommend using etckeeper to see what has changed and why.
[03:24] <twb> kriel: theoretically, you can even pull patches from one etckeeper repo to another, but I have yet to try this.
[03:25] <kees> !heartbeat
[03:26] <kriel> twb: I just have the HDD for one server, the other server has it's own box. (Techinically, i'm migrating the server from one set of HDDs to another). but I need the drivers on the 9.04 disc to install it (new RAID controller) and the old server is 8.10
[03:27] <twb> Just another reason I prefer md RAID
[03:28] <nekostar> wow this install seems to be longer than before - however there are some VERY nice upgrades - more encryption stuffs - kudos
[03:29] <nekostar> but when it's talking about virtual machine host, what vm format?
[03:29] <nekostar> virtualbox, vmware, etc/
[03:29] <nekostar> s/"/"/?
[03:30] <twb> The virtualization technology supported by Ubuntu and Linux is KVM.
[03:31] <nekostar> KVM?
[03:31] <nekostar> !kvm
[03:31] <nekostar> ty twb
[03:34] <nekostar> hm
[03:35] <nekostar> twb are you aware of any high-availability kvm projects?
[03:35] <twb> No.
[03:35] <nekostar> thats exactly what i'm looking for - and damn its nice being built in ;)
[03:35] <nekostar> thanx.
[03:36] <twb> AFAICT if your underlying hardware node is HA, then so will be the child VMs
[03:37] <slestak> what is the "off" suffix in libmysqlclient15off mean?
[03:37] <twb> slestak: the debian/changelog might say
[03:38] <slestak> thx, lemme look
[03:50] <kriel> ... -.-; Okay, so I try installing using the 8.10 cd. It says it can't autodetect the drive. I pull out my 9.04 desktop live CD, and it autodetects and decides it should use the sata_sil driver. I put in the 9.04server cd, try and install and... it asks me what driver to use. sata_sil isn't a choice. Help?
[03:55] <twb> kriel: support for installing from a SATA CD drive is very recent.
[03:55] <kriel> twb: SATA HDD, not SATA CD
[03:55] <twb> I'm not surprised that 8.10 doesn't support it.
[03:55] <twb> Oh.
[03:56] <kriel> actually, RAID controller. But still. since ubuntu9.04live figured out to use sata_sil, shouldn't 9.04server?
[03:57] <twb> Probably, but not necessarily.
[03:57] <twb> There may not be a udeb for that driver, or it might be non-Free or something.
[03:57] <kriel> twb: is there any way I can coax the liveCD into installing the server version?
[03:58] <twb> The easiest thing is to do the install from a different card.
[03:58] <twb> Unless you're actually using the fakeraid, which is probably a bad move.
[03:59] <kriel> ... omg this is gonna be such a hack. I have a sata-to-usb converter, what I'll do is install ubuntu-server using the usb-sata thing, and then put it into the computer and let the raid controller sync the disks.
[04:00] <twb> kriel: what makes you think you have a raid controller?
[04:00] <twb> AFAIK Silicon Image only make fakeraid controllers.
[04:00] <kriel> twb: because it's already set up to mirror the two drives. I think. I went into the sata setup thing and told it to mirror them.
[04:00] <kriel> is that fakeraid?
[04:01] <twb> Unless you paid at least $100 (more like $300) for the card, it's fakeraid
[04:01] <twb> And IMO fakeraid is not worth the hassle -- just use md RAID, which is nicely portable.
[04:02] <kriel> kay. mdadm it is. but still, I need to get the damn thing recognized first.
[04:02] <twb> kriel: you should be able to set the controller to "just show the damn disks, you slut"
[04:02] <Mal3ko> guys how do i display all partitions info of a hd..along with their filesystem, size in gb/mb
[04:03] <twb> Unless it's a *really* cheap fakeraid controller -- I heard some rumours about some of those not even supporting that.
[04:03] <Mal3ko> fdisk -l failed
[04:03] <twb> Mal3ko: that depends on what kind of partitioning you have on the disk, and whether you're using RAID and/or LVM.
[04:03] <kriel> twb: I'll try that out. I read reviews of this controller working on linux though.
[04:03] <twb> kriel: just because it works, doesn't mean it isn't fakeraid
[04:04] <Mal3ko> twb: i need a cmd..
[04:05] <friartuck> Mal3ko did you sudo?
[04:05] <kriel> twb: wouldn't i need sata_sil to see the disks in "just show the damned things" mode anyway?
[04:05] <Mal3ko> or is there some nice tools that could display a complete info of all parttions?
[04:05] <twb> kriel: that depends.
[04:06] <Mal3ko> friartuck: i mean fdisk -l didnt display what i want or lack of info
[04:06] <twb> Mal3ko: /proc/partitions
[04:08] <Mal3ko> twb, that display just basic info either
[04:09] <nekostar> is there no openvz for intrepid?
[04:09] <nekostar> er jaunty i mean
[04:10] <twb> nekostar: looks like it
[04:10] <Mal3ko> nekostar..starscalling?
[04:10] <kriel> twb: ... now it's not booting. -kicks it- I'll just go and buy a mobo with sata instead of dealing with this stupid controller. so much for trying to reuse graveyarded computers.
[04:11] <twb> Yeh, that's a lesson I learnt the hard way
[04:11] <twb> My time is more valuable than $200 of new components
[04:11] <Mal3ko> lol
[04:12] <kriel> twb: all I want is a freaking file server -.-; and I'm a college student, so $200 is pretty damned valuable. but this is day three of arguing with this bitch of a server.
[04:12] <twb> kriel: find some Windows gamer that is throwing away near-new equipment, then
[04:13] <kriel> twb: ... not a bad idea, actually. o.o; especially since my school is in the rich neighborhood.
[04:13] <twb> Or ask around at your local LUG for the equipment recycling company.
[04:13] <twb> Here in .vic.au there's a not-for-profit that gets donated old computers, puts linux on them, then sells them very cheaply to low-income types.
[04:14] <kriel> There's a huuuuuge graveyard somewhere, sells old towers for like $50 each. Not sure where it is, I was tempted to go buy four or five and then resell them to customers who want 'faster' computers (all they really need is a wipe/reload)
[04:15] <twb> kriel: put their gear in a bigger case, reinstall windows, charge $200? ;-)
[04:15] <twb> Eh, the real money is in consultancy for software, not hardware.
[04:16] <twb> And anything that involves dealing with individuals instead of government or large corporations has a shitty ROI.
[04:16] <kriel> twb: I ususally don't even bother with the new case. XD Just reinstall windows, grab the drivers, install whatever else they happen to have disks/keys for. Comes out to about $70/hr
[04:16] <twb> That's not bad for a one-man operation.
[04:17] <twb> You could probably make it faster by automating the Windows and driver install
[04:17] <nekostar> lmfao
[04:17] <nekostar> just image fool
[04:17] <nekostar> total time 12 minutes
[04:17] <kriel> twb: probably, but I don't do it often. I'm trying to find a way to image windows so that it can deal with resized hard drives
[04:17] <nekostar> + drivers == 30
[04:18] <nekostar> use acronis with universal restore
[04:18] <nekostar> yw
[04:18] <slestak> +1 acronis
[04:18] <twb> Bleh, imaging blows for heterogeneous hardware.
[04:18] <nekostar> now anyone know how to use openvz on the new distro?
[04:18] <nekostar> not so twb
[04:18] <nekostar> spcifically acronis with universal restore i said.
[04:19] <nekostar> do some research its killer
[04:19] <twb> I'm not familiar with non-Free software, sorry.
[04:19]  * nekostar shrugs
[04:19] <kriel> okay, back to Linux now... mdadm is when you set up a raid via the ubuntu install, and is the recommended way to do things unless i'm gonna pay out the ass for a raid controller, right?
[04:19] <slestak> can fog do this?
[04:19] <nekostar> i'm familiar with getting the job done quickly
[04:19] <slestak> or clonezilla?
[04:19] <nekostar> dont know slestak
[04:19] <nekostar> if i found something else that would i'd use it ;)
[04:20] <nekostar> but being able to insert chip drivers and ethernet etc while installing into very different hardware is PIMP
[04:20] <twb> Regarding OpenVZ, I don't know how you can get it correctly on 8.10 or 9.04, as they don't appear to have patched kernels in the Ubuntu tree.
[04:20] <slestak> yup
[04:20] <nekostar> twb yeah i saw the lack of packages just figured maybe i was missing something - thanx
[04:20] <twb> nekostar: I'm guessing that's Windows-only, though.
[04:20] <nekostar> bad guess
[04:20] <nekostar> lol
[04:20] <nekostar> its not cheap tho
[04:21] <nekostar> if you intend on paying and all
[04:21] <nekostar> but you will make it back fast
[04:21] <nekostar> that 4 hr windows job is done in one
[04:21] <nekostar> you charge for two
[04:21] <nekostar> and they effing love u
[04:21] <twb> nekostar: you can make images of e.g. OpenBSD and while copying the "image" across, change the MAC addresses that it expects for the NICs?
[04:21] <nekostar> i like to tell them, i would do it here but it takes 4-6 hrs or i can take it home do on my own time for 150
[04:21] <nekostar> or i can do bulletproof for 300 - reboot to remove virii
[04:22] <nekostar> twb ive never looked if it could i doubt it
[04:22] <nekostar> ive not seen an option like that
[04:22] <twb> nekostar: that's what I meant by "windows-only"
[04:22] <nekostar> twb
[04:22] <nekostar> when i say it works
[04:22] <nekostar> i mean that anything can be copied
[04:22] <twb> nekostar: that's the case for dd.
[04:22] <nekostar> so what if ive got to redo one config
[04:22] <nekostar> no twb dd doesnt do any changes
[04:23] <nekostar> look
[04:23] <nekostar> rather than arguing just go dl a damn copy
[04:23] <nekostar> 1 sec lol
[04:23] <twb> That would be a violation of copyright law.
[04:23] <nekostar> mm
[04:23]  * nekostar shrugs
[04:23] <nekostar> its POSSIBLY a violation
[04:24] <nekostar> have you actually read the elua's?
[04:24] <kriel> !enter | nekostar
[04:24] <nekostar> in any case - it is regular practice to try before buying and i would assume that you would purchase something like that if it did indeed do some nice things
[04:24] <nekostar> so again sir
[04:24] <nekostar> rather than quibbling just go check it out
[04:25] <nekostar> kriel please learn to enable timestamps each line is from a different thought.
[04:25] <twb> nekostar: EULAs have nothing to do with it.
[04:25] <nekostar> twb they have everything to do with it
[04:25] <kriel> yes, but having an entire page prefixed by the word <nekostar> is annoying. There's this thing called a period, you can use it to seperate sentences. Sentences can hold seperate thoughts. See this post for an example.
[04:25] <nekostar> that IS the liscense as it applies to the user
[04:26] <nekostar> which is specifically what is broken when copied supposedly
[04:26] <slestak> nope, the acronis trial is not crippled, (iirc)
[04:26] <nekostar> ok there you go
[04:26] <nekostar> DOWNLOAD IT
[04:26] <nekostar> i'd also like to point out here that YOU were the one suggesting an illegal download
[04:26]  * nekostar shakes finger at twb
[04:26] <nekostar> ;)
[04:27] <twb> nekostar: I just assumed it was illegal to download it, because it's not Free software.
[04:27] <kriel> so, about mdadm. Is it the preferred form of RAID besides having a hardware raid controller?
[04:27] <nekostar> twice bad assumptions lol but hey
[04:28] <twb> kriel: there's not really any "form"; you generally just have either RAID1 (with two disks) or RAID5 (with more than two disks).
[04:28] <kriel> twb: -nods- Kay.
[04:28] <twb> kriel: usually you allocate a 256MB sd[ab]1 for md0 for /boot, and the rest (sd[ab]2) for md1 for LVM.
[04:29] <kriel> twb: I've usually stopped allocating a seperate /boot, it seems superfluous to me since ubuntu works without it. Of course, I'm still a noob in most respects.
[04:30] <twb> Er, not if you use both RAID and LVM
[04:30] <twb> Unless you *like* lilo, and your boot breaking when you change extent allocation
[04:31] <kriel> you... lost me. O.o I just use whatever the ubuntu setup uses to set up raid. It does it automagically for me.
[04:31] <ajmitch> grub can't read LVM, so you need a separate /boot if you want to use grub, RAID & LVM together
[04:33] <twb> ajmitch: grub2 can read either LVM or RAID, but not both.  I *thought* that was also the case for grub legacy (which is what Ubuntu uses).
[04:33] <twb> (Well, technically you can use grub2 with RAID *and* LVM, but you have to manually select the module list.)
[04:34] <ajmitch> right, I'm just talking about the usual case of what's on the install cd
[04:34] <twb> ajmitch: well, I *know* d-i won't let you use grub if /boot is on LVM on RAID.  But I don't know if that's an underlying limitation, or if it's imposed by d-i because it's 1) difficult; and 2) stupid.
[04:35] <twb> Aaanyway
[04:35] <ajmitch> fairly sure it's an underlying grub limitation still :)
[04:35] <kriel> it... worked for me before. O.o on 8.10 I had a single partition, set up raid1 using mdadm
[04:36] <twb> kriel: you probably aren't using LVM
[04:36] <twb> Grub is too clever for its own good by half.
[04:36] <ajmitch> raid1 metadata is at the end of the partition, so it can be read just like a normal filesystem, I believe
[04:37] <twb> ajmitch: yep
[04:37] <twb> md raid5 is harder, obviously.
[04:37] <twb> As far as Grub is concerned, a md RAID1 node is just an ordinary filesystem.
[04:57] <J-_> When I reinstall my server, should I just turn /etc/hosts dhcp to static and leave it as is? Then change the nameservers, commenting out my ISPs nameservers since I'm using afraid.org's services?
[04:57] <J-_> I'm just doing a basic LAMP installation.
[04:58] <twb> J-_: er, /etc/hosts contains name information (DNS/LDAP/NIS), not network configuration (DHCP).
[04:59] <J-_> Bah, I got it mixed up. It's not in front of me
[05:00] <twb> You can use DHCP without blowing away resolv.conf
[05:00] <twb> See /etc/dhclient3/dhclient.conf (and its manpage), IIRC
[05:03] <njustin3000> I have a very small subnet that I would like to set up a server for, for use with my buisness.  Theres only going to be about 15 cliens that will be connecting to it.  I am fairly new at this stuff, so I am wondering what specs I should be looking for when buying my server.  It is going to be hosting a basic webserver and mysql database, and well as being a file backup server for my buisness.
[05:03] <njustin3000> What should i be looking for?
[05:04] <slestak> what you just listed isnt too tough of a workload, imo
[05:05] <njustin3000> its not
[05:05] <slestak> i like the dell poweredges, you can get them with multiple cpu sockets, and just buy one cpu, yu have room ato add more
[05:05] <slestak> like a 1950 or 2950
[05:06] <njustin3000> i would only need one cpu for that tho, right? what about RAM?
[05:06] <slestak> ram is cheap
[05:07] <slestak> you can start really low and just plan for growth.  is budget an issue?
[05:07] <njustin3000> yes
[05:08] <njustin3000> we've just started using the application we have this past week, and right now Im using my personal PC to run it, but its not really fast.....  and we need a full time one
[05:09] <slestak> what you listed is not a very tough workload.  if you just need to get started, i wouldnt be afraid of using any p4 or better class machine.  dont load xorg
[05:09] <njustin3000> i have set up ubuntu-server on it and gotten the webserver and mysql server going, thats not an issue, (I'm just learning all this) I was looking for suggestions as I wouldnt know what kind of server
[05:09] <njustin3000> but thank you
[05:09] <njustin3000> p4 class
[05:09] <njustin3000> ?
[05:09] <njustin3000> pentium 4?
[05:09] <slestak> pentium 4
[05:09] <njustin3000> xD
[05:10] <njustin3000> thank you
[05:10] <slestak> if your webapp involves java, all of what i said is off :)
[05:10] <njustin3000> no java
[05:10] <slestak> this is a great market to get used hardwar
[05:11] <pygmalion> best method for virtual domains with ubuntu + postfix/dovecot = mysql?
[05:11] <njustin3000> its all on computers in my office, I just need server to host database.  I will access it away from the office only like once a week
[05:12] <slestak> you could break this up on several older machines, run mysql on a diff box than apache
[05:12] <slestak> really flexible
[05:12] <njustin3000> yea
[05:13] <njustin3000> well i only have budget for one small server right now
[05:13] <njustin3000> its growing, but slow rightn now
[05:13] <njustin3000> buisness that is
[05:13] <njustin3000> :P
[05:15] <slestak> check this out  $329 http://www.dell.com/content/products/RBIredirect.aspx?rbi=EESJuqJJunKzV5pVrEFOw3wYxiHXb2uK9L/JIV67WOU3UkEJeYpQS9tWl0gNmEwJ0Xe8yPZtImZjAj6diHBL4v7McdpLL00EW5bBnT3j/N44Qbm+05flVU1IDkE9WrE8hlQc0U11Jwj62+DdTk1gkShBukZkuBvPsVsTTKrhTNw=
[05:17] <njustin3000> cool, i just went through that and i wouldnt even change any of those defual options :D
[05:17] <timburke> lol pentium dualcore
[05:18] <njustin3000> you said used slestak, like this: ? http://cgi.ebay.com/DELL-POWEREDGE-2650-2U-SERVER-DUAL-2-4GHZ-XEON-RAID-2GB_W0QQitemZ260401449064QQcmdZViewItemQQptZCOMP_EN_Servers?hash=item260401449064&_trksid=p3286.c0.m14&_trkparms=72%3A1234|66%3A2|65%3A12|39%3A1|240%3A1308|301%3A1|293%3A1|294%3A50
[05:18] <slestak> when i do used, i like to deal locally, that way you can see what your getting.  dell refurbs were reteurned for some reason
[05:19] <slestak> i'd look at craigslist or find a local hardware reseller.  ive got a good one near me in Michigan that always has good stuff coming off of lease.
[05:19] <njustin3000> allright thanks :)  im think im going to have to go with used tho
[05:19] <njustin3000> im in Michigan too
[05:20] <slestak> cool
[05:20] <slestak> Grand rapids here.
[05:21] <slestak> im going to pm you the contact info for my local guy
[05:21] <njustin3000> ok
[05:21] <slestak> crap, i dont remember how to do that in irssi
[05:21] <njustin3000> im about hour away from there
[05:22] <slestak> come on up for the wmlug meeting tommorrow in Cascade
[05:22] <slestak> the guy im talking about will prob be there
[05:23] <slestak> wait, Thirsday night, not Wed
[05:23] <slestak> Thursday i mean
[05:24] <njustin3000> wmlug?
[05:24] <slestak> lets take this to pm, off topic
[05:24] <njustin3000> ok
[05:30] <slestak> njustin3000: gl with your venture  our economy needs it
[05:30] <njustin3000> :D
[05:32] <slestak> im trying to get nagios working with digest auth.  ive got my htdigest file, but apache is throwing " configuration error:  couldn't check user.  No user file?: /nagios"
[05:34] <foxbuntu> slestak, does apache have rights to read the htdigest file?
[05:34] <slestak> my apache conf has "mods-enabled/nagios.conf:       AuthUserFile "/usr/local/nagios/etc/htdigest"" and that is the location of the file
[05:34] <slestak> good idea
[05:34] <VK7HSE> foxbuntu: Gah ya bet me to that! :P
[05:34] <MTecknology> Is this channel being used as a classroom or support room?
[05:34] <foxbuntu> MTecknology, support
[05:35] <foxbuntu> VK7HSE, yeah...you'll have that :P
[05:35] <VK7HSE> ;-)
[05:35] <MTecknology> foxbuntu: Last I knew that's not what this channel was for
[05:35] <slestak> foxbuntu: yeah, it does. 640 www-data:nagios.
[05:35] <slestak> MTecknology: what is the difference?
[05:35] <MTecknology> That's what #ubuntu and #ubuntu-server are for
[05:36] <foxbuntu> MTecknology, this is #ubuntu-server
[05:36]  * MTecknology looks down at the channel name.....
[05:37] <VK7HSE> Oopps :D
[05:37] <MTecknology> sorry...
[05:38] <foxbuntu> MTecknology, at least it wasn't me making the gaff ;)
[05:38] <foxbuntu> heh
[05:38] <twb> What's the ldap schema Ubuntu uses by default for unix accounts?
[05:39] <twb> ISTR it's an RFC, but I can't remember which one.
[05:39] <foxbuntu> slestak, hrm... ddi you copy paste that autdigest line from your vhost?
[05:39] <VK7HSE> I've doe the same on a general chat IRC myself !!! (now I don't feel so bad!)
[05:39] <J-_> http://www.howtoforge.com/perfect-server-ubuntu8.04-lts-p3 Will step 7 mess up the server?
[05:39] <MTecknology> foxbuntu: this is #23 and the channel I thought I was in was #22
[05:39] <foxbuntu> MTecknology, tis ok. Everyone makes an oops now and then :D
[05:40] <MTecknology> :)
[05:40] <J-_> Should: "127.0.0.1       localhost.localdomain   localhost
[05:40] <J-_> " be exactly that?
[05:40]  * MTecknology walks off
[05:41] <twb> J-_: it'll do
[05:41] <njustin3000> slestak: so you dont recomend buying used from someone not locally? like ebay: http://cgi.ebay.com/Dell-Poweredge-2650-Dual-XEON-3-2gHz-4GB-Server_W0QQitemZ230338838521QQcmdZViewItemQQptZCOMP_EN_Servers?hash=item230338838521&_trksid=p3286.c0.m14&_trkparms=72%3A1234|66%3A2|65%3A12|39%3A1|240%3A1318|301%3A0|293%3A1|294%3A50
[05:41] <twb> Hmm, RFC 2307?
[05:42] <slestak> njustin3000: i wouldnt.  but that is just me.  at least with CL you can see the person your dealing with.
[05:42] <njustin3000> yes :)
[05:42] <slestak> foxbuntu: i have to find it.  this was installed by a script for me.
[05:43] <slestak> its not in sites-enabled/000-default
[05:43] <foxbuntu> slestak, ah
[05:44] <slestak> seen EZnag, pretty cool.  nagios, perf2rrd, nagvis, soup to nuts
[05:46] <J-_> Guess I'm gonna go to sleep on that then, and wake up and try to get my server going again. Once it's up, i'll be sure to copy the configuration files, I'm not going through this bullcrap again.
[05:46] <captainkirk> i just bought a used dell 2650 via ebay, and it has a EMS error on boot.  Techinically it still works, but its useless as it required user input every time it boots.....  so try b4 u buy
[05:46] <slestak> would it def be in /etc/apache2/* soewhere, or could the vhost info be in the cgi-bin stuff in /usr/local/nagios?
[05:46] <foxbuntu> captainkirk, I bought a HP DL380 on ebay no long ago and havent had a lick of trouble with it
[05:47] <foxbuntu> slestak, it should be, but might be symlink'd or configured elsewhere
[05:47] <slestak> let me grep over there
[05:48] <captainkirk> foxbuntu, i also have purchased many IT items via ebay with exceptional results, but this time.... not so lucky i guess  anyway was not a lot of money
[05:49] <slestak> maybe that is the issue.  i cannot find a line like that.
[05:49] <foxbuntu> captainkirk, indeed, but you can end up with that on any used system
[05:50] <slestak> new too, but at least you have a leg to stand on dealing w a business
[05:51] <foxbuntu> slestak, its gotta be configured somewhere for apache to complain about it
[05:51] <captainkirk> foxbuntu, i guess what i am saying is that if i was able to power it on and test it prior to purchase, i would not have purchased it :)
[05:51] <slestak> is there a good livecd for testing a used pc?
[05:52] <foxbuntu> captainkirk, yup..im just driving at not making broad statements and generalizations about IT, nothing does what its supposed to all the time ;)
[05:52] <slestak> im going to look back at my screen scrollbackand see if i see any output wrt digest
[05:52] <captainkirk> foxbuntu:  even me :P
[05:53] <foxbuntu> captainkirk, nor me :)
[05:54] <VK7HSE> captainkirk: is all the firmwares/bios... current ???
[05:57] <captainkirk> VK7HSE: i have updated the bios to the current version.  I received an error when trying to update the EMS bios, but the sticker on the EMS card shows the current bios version anyways....
[05:57] <slestak> is there a handy way to get a whole conf file in your buffer (for pasting at pastebin) without haveing to make 4 passes for each screen?
[05:58] <slestak> can i direct stdout to clipboard?
[05:58] <VK7HSE> captainkirk: just a thought!... my server here was being tossed from my former employer, all it needed was some TLC! and now its mine! :D
[05:58] <foxbuntu> slestak, cat /etc/file | pastebinit
[05:58] <slestak> captainkirk: is that card expensive?  replaceable>
[05:59] <mattt> pastebinit ... neat :)
[06:01] <slestak> http://pastebin.com/f10e0bfdc
[06:02] <slestak> the AuthName directive is capfirst.  wonder if that should be lower case
[06:03] <captainkirk> slestak: not sure, have not looked into it yet...
[06:05] <slestak> pastebinit is cool.
[06:06] <foxbuntu> slestak, like that eh?
[06:06] <slestak> excellent use of some python
[06:06] <VK7HSE> captainkirk: I just googled your issue, this may help... http://en.community.dell.com/forums/t/19178632.aspx
[06:07] <cvw> I currently have Ubuntu Server 8.04 installed, and I'd like to update to 9.04.  Is there a proper way to do this without editing sources.list?
[06:09] <captainkirk> VK7HSE: looking now
[06:11] <foxbuntu> cvw, sudo apt-get update && sudo apt-get do-release-upgrade
[06:11] <slestak> dont forget the backup
[06:12] <slestak> any of you guys use screen at your sites with non-technical users?
[06:12] <cvw> foxbuntu: already tried both, tells me "No new release found".  lsb_release -a tells me I am running 8.04.2
[06:12] <slestak> gnu screen?
[06:13] <njustin3000> slestak: I have a great* deal on a '07 Dell PC, but with adequate RAM and CPU speed, possible to go with that?  I mean, a personal PC for what im using it for should be fine, i dont really need* a server, right?
[06:14] <VK7HSE> njustin3000: it all really depends on what your wanting to do with it...
[06:14] <slestak> yeahyou can always scale up if needed
[06:15] <foxbuntu> cvw, perhaps try sudo do-release-upgrade -p
[06:15] <njustin3000> ok, I mean theres really no difference,  PC isnt stackable, but theres only one, and my serverload is extremely small anyway
[06:15] <slestak> what you ge with servers is sometimes redundant power supplies, better disks systems, raid controllers
[06:16] <cvw> foxbuntu: still no new release found
[06:16] <foxbuntu> cvw, perhaps try sudo do-release-upgrade -d
[06:16] <cvw> aha, now we have something
[06:16] <VK7HSE> cvw: your release will be locked to LTS versions only....
[06:16] <slestak> foxbuntu: does he have to tell, man, i was abt to type that
[06:16] <foxbuntu> VK7HSE, yeah...forgot about lts
[06:17] <cvw> I'm quite OK with LTS
[06:17] <slestak> stoopid netbook keyboard.  too small to type well on
[06:17] <foxbuntu> cvw, then why are you upgrading?
[06:17] <VK7HSE> slestak: he he I have that problem too !! :P
[06:17] <foxbuntu> cvw, 8.04.2 is LTS
[06:17] <slestak> gotta be screen-profiles
[06:17] <slestak> thats the killer app
[06:18] <slestak> VK7HSE: what you using, mini9 here
[06:18] <cvw> hrm, apparently I've been misinformed on 9.04
[06:18] <cvw> ctrl-c and time to write an email
[06:19] <VK7HSE> I have an Eee701 (not currently using it as it's alias is VK7HSE-Eee)
[06:19] <foxbuntu> cvw, someone tell you 9.04 was LTS?
[06:19] <cvw> yessir
[06:19] <foxbuntu> whoops
[06:19] <cvw> should've done my hw first though
[06:19] <foxbuntu> always :)
[06:19] <cvw> backups ftw :)
[06:19] <slestak> when are we due another lts?  2011?
[06:20] <foxbuntu> 2012 i thinks
[06:21] <VK7HSE> the next LTS will be 10.04
[06:21] <foxbuntu> oh right
[06:21] <foxbuntu> they over lap
[06:21] <foxbuntu> 8.04 lts goes out of support in 2012 right?
[06:22] <VK7HSE> remember for LTS the desktop has a 3yr life & server has a 5yr life
[06:22]  * foxbuntu is not thinking tonight obviously
[06:22] <slestak> on my htdigest issue, i have a Limit directive. "Require valid-user"
[06:22] <foxbuntu> k
[06:22] <slestak> id reports nagios is a valid user
[06:23]  * VK7HSE I'm surprised I remembered !!!
[06:23] <VK7HSE> slestak: that still sounds like a permission thing...
[06:23]  * foxbuntu agrees
[06:24] <VK7HSE> slestak: But I'm sorry I don't have an answer for you!
[06:24] <cvw> ok guys, ty for your help. o/
[06:24] <slestak> thx, hmm.
[06:25] <slestak> well, its 1:30am here.  thinki'll research it later
[06:25] <slestak> thx also
[06:25] <VK7HSE> slestak: Ahh good another person who believes in not going to bed the same day you get up !!! :P
[06:26] <mattt> um?  :)
[06:26] <slestak> cant say i'll work on it tomorrow, that means taking a day off
[06:27] <slestak> gnite guys
[06:45] <twb> VK7HSE: how does Canonical distinguish between LTS being used as a desktop vs. server?
[06:45] <twb> VK7HSE: they're both just packages from main, and I thought "support" meant support for anything in main.
[06:46] <VK7HSE> twb: in your /etc/update-manager/ there's a file there called release-upgrades it's specified there...
[06:47] <twb> VK7HSE: sorry, I don't understand that file at all.
[06:48] <twb> I've never used anything called "release manager"; only aptitude and friends.
[06:50] <twb> What I'm saying is that after the three-year EOL of "LTS desktop", how do I know which packages from main that I have installed, are supported by Canonical as part of the remaining two years of "LTS server" support?
[06:50] <VK7HSE> twb: this relates to do-release-upgrade  normal = releases every 6 months (eg, 8.10 9.04) lts = 6.06 8.04 10.04)
[06:50] <twb> Per your comment of 15:26 <VK7HSE> remember for LTS the desktop has a 3yr life & server has a 5yr life
[06:51] <VK7HSE> twb: security updates are discontinued for them after this time period...
[06:51] <twb> Security updates of what?
[06:52] <VK7HSE> twb: all packages in the repository for that version...
[06:52] <twb> VK7HSE: that doesn't make any sense.
[06:52] <twb> "all packages in the repository" is the same for both ubuntu-desktop and ubuntu-server.  So how can they have a different lifetime?
[06:54] <VK7HSE> twb: although a little dated this should explain a little...  http://ubuntuforums.org/showthread.php?t=578014
[06:55] <twb> VK7HSE: that article does not say anything about five-year releases.
[06:55] <twb> Sorry, it doesn't say anything about five-year *lifecycles*
[06:56] <VK7HSE> twb: ok try this.. https://wiki.ubuntu.com/Releases
[06:57] <twb> Huh, OK.
[06:57] <twb> So now I believe that you're reporting the truth, but I still don't understand it :-)
[06:58] <maxb> This is a good point, I don't think I've ever seen a precise definition of which packages fall into the "Desktop" and "Server" categories for LTS purposes
[06:58] <maxb> I mean, it's probably a safe bet that if it needs X, it's Desktop
[06:58] <twb> maxb: that's why the distinction sounds like a crock of shit to me.
[06:59] <twb> But now I suspect it's Canonical PR bullshit rather than some guy on IRC being wrong :-)
[07:01] <foxbuntu> hmm, intresting, that wiki is out of date
[07:01] <twb> My default assumption is that there will be <codename>-security updates for an LTS release up to the date that the next LTS release ships
[07:02] <twb> So e.g. 6.06 was supported until April 2008, and after that you're on your own as far as security updates go.
[07:02] <twb> (Of course this is only for 'main' -- universe is always "you're on your own".)
[07:05] <VK7HSE> twb: So you don't upgrade your distribution is that the problem ? Now I don't quite understand  what you mean... :-/
[07:07] <twb> VK7HSE: my point is that there is no clear distinction between "LTS for desktops" and "LTS for servers"
[07:07] <VK7HSE> twb: What in the repositories ???
[07:07] <twb> VK7HSE: anywhere.
[07:10] <VK7HSE> twb: Ok... well I can only go be the information that is distributed! But there has to be a way of defining the "difference" or such information would not exist!  ;-)
[07:11] <twb> VK7HSE: unless Canonical are lying.
[07:11] <foxbuntu> twb, how is there not a distinction?
[07:11] <twb> foxbuntu: do you have contradictory evidence?
[07:12] <foxbuntu> twb, what are you asking for?
[07:12] <twb> foxbuntu: https://wiki.ubuntu.com/Releases says "Ubuntu LTS releases are supported for 3 years on the desktop, and 5 years on the server."
[07:12] <twb> foxbuntu: what is the distinction between desktop and server?
[07:13] <VK7HSE> twb: the only way that I know that defines a LTS from a normal release is via the /etc/update-manager/release-upgrades
[07:13] <foxbuntu> twb, kernels
[07:13] <foxbuntu> twb, and backports
[07:13] <VK7HSE> twb:  and by uname -a
[07:13] <twb> foxbuntu: how did you determine that?
[07:13] <VK7HSE> twb: or lsb_release -a
[07:14] <twb> (I assume by backports you mean -updates.)
[07:14] <foxbuntu> twb, determine what?
[07:14] <foxbuntu> twb, no I mean backports
[07:14]  * VK7HSE Now feel this is a pointless debate! ;)
[07:14] <twb> foxbuntu: how did you determine that the above quoted text means that the three-year lifecycle is for -desktop kernels, backports (whatever that means) and nothing more (or less)?
[07:15] <twb> VK7HSE: it's not pointless -- how do I know whether, for example, vim will receive 5 or 3 years of support on LTS?
[07:15] <twb> !backports
[07:16] <foxbuntu> twb, its the defined life cycle of the product, new patches and backports for the core Ubuntu (ie 'main' repo) will be supported to that release until its EoL in 3 or 5 years
[07:16] <twb> foxbuntu: I don't understand.
[07:16] <foxbuntu> twb, ok...think of it like this
[07:17] <foxbuntu> twb, windows xp has been around for 5 years+ now, windows update still provides security patches for it
[07:17] <twb> If I apt-get install vim, I get the same thing regardless of whether I installed my OS from ubuntu-server LTS or ubuntu-desktop LTS.
[07:17] <twb> So how can it have a different EOL on those two systems (-server and -desktop)?
[07:19] <foxbuntu> twb, Ubuntu 8.04 will have that same level of support for the repos pertaining to the desktop based kernels (i.e. -generic, -i386, -amd64 ect) for 3 years from its release, and like wise the server based kernels (ie -server ect) will have main repo support for 5 years for its original release
[07:19] <foxbuntu> twb, because the packages in the repos get built for the kernels
[07:19] <foxbuntu> twb, at EOL they stop being built in and provided in the 'main' ubuntu repo for those kernels
[07:19] <twb> Er, that's patently false.  There isn't a different vim .deb for the -server and -generic kernels.
[07:20] <twb> If there was, there'd have to be a different deb entries in sources.list for -server as compared to -generic
[07:20] <foxbuntu> twb, while it may have the same code and same version, its built for the kernel and arch
[07:21] <twb> foxbuntu: then where is the -server variant of the vim .deb for 8.04 i386?
[07:21] <foxbuntu> twb, I think you need to see the debian/control file in a source package to understand
[07:22] <twb> I'm a DD.  I understand how debian/control works.
[07:22] <foxbuntu> twb, have you ever built in a ppa before?
[07:22] <twb> If you're talking about Architecture: any, that is *just* the CPU architecture.  It has nothing to do with the kernel.
[07:22] <twb> Not a launchpad ppa, no.
[07:23] <twb> I assumed we were talking about official ubuntu packages, since we're talking about official Ubuntu support.
[07:23] <foxbuntu> twb, its the same type of build system
[07:23] <foxbuntu> twb, for Mythbuntu we build packages in the LP PPAs all the time and then have canonical spin our isos
[07:24] <twb> foxbuntu: what does that have to do with LTS support?
[07:24] <foxbuntu> twb, LTS support is a commitment and process
[07:25] <foxbuntu> its not actually in the packages
[07:25] <foxbuntu> I think you are confused on two seperate issues
[07:27] <foxbuntu> twb, you think canonical is lying about LTS existing?
[07:27] <foxbuntu> thats its just marketing fluff?
[07:27] <twb> No, I think they're lying about there being a distinction between LTS support "for desktops" and LTS support "for servers".
[07:27] <twb> That is, about them being different.
[07:28] <twb> Or less emotionally, that the distinction is ill-defined.
[07:29] <foxbuntu> well the line is gray because there is allot of overlap in the two, but there is a distinction
[07:30] <twb> So *effectively* most of the LTS desktop has a five-year lifetime?  That it's only a few desktop-specific packages like the kernel and kernel modules, that are EOLd after three years?
[07:30] <foxbuntu> twb, take the desktop kernel for example, when it goes EOL no more security updates and so fourth will be provided for it
[07:31] <foxbuntu> twb, I wouldnt say most
[07:31] <twb> Would, say, gedit continue to receive security updates in the fourth year?
[07:31] <foxbuntu> twb, but some yes, anything that is included in the -server distro main repos
[07:31] <foxbuntu> twb, likely not, because gedit is not part of -server
[07:31] <twb> foxbuntu: nor is vim
[07:32] <twb> Suppose that it's the end of the third year.  How can I audit my server and find out which packages, if any, I'm using will stop being supported?
[07:33] <twb> Even better, how can I make apt-get TELL ME when I'm trying to install a package on my server that will not receive five years of support?
[07:33] <twb> If this distinction wasn't just marketing crap, I'd expect corporates to be clamouring for that information.
[07:34] <foxbuntu> twb, I think if you want the intimate details of that, you might want to talk to someone that works for canonical
[07:35] <twb> I wouldn't have called that "intimate" detail, but fair enough.
[07:35] <foxbuntu> twb, easiest way is to see if a package is in main/universe/multiverse, ect
[07:35] <twb> foxbuntu: LTS does not extend to anything but main, AFAIK.
[07:35] <foxbuntu> right
[07:35] <twb> packages in universe don't get security updates at all.
[07:35] <twb> Therefore that is not an accurate test.
[07:36] <foxbuntu> it rules out allot of packages that will/wont be supported in your audit
[07:37] <twb> AFAICT I can't safely install anything but packages from main on my security-conscious servers, and as I can't tell what packages *in* main will receive five year support, I have to assume that none of them do.
[07:48] <foxbuntu> twb, I dont think thats a fair assessment of LTS packages, there are processes in the background (that some at canonical could prob shine a light on) that allow for the LTS to work.
[07:49] <foxbuntu> however, I have used up all my time for the night...so Im off. Hope you find the answer you are looking for.
[07:57] <a|wen> twb: http://tw.archive.ubuntu.com/ubuntu-releases/hardy/ubuntu-8.04.2-server-i386.list ... all the udeb files on that list is on the cd; so those packages is at least part of the server release
[08:01] <twb> a|wen: udebs are only used in the ramdisk during installation.
[08:01] <twb> a|wen: they are never installed onto a disk
[08:02] <a|wen> twb: i know, but they have .deb equivalents ... it was just for looking at the name
[08:02] <a|wen> twb: i suppose you are looking for this script: http://www.mail-archive.com/ubuntu-server@lists.ubuntu.com/msg02334.html
[08:03] <a|wen> twb: https://launchpad.net/ubuntu-maintenance-check
[08:03] <twb> Thanks.
[08:04] <a|wen> that should enable you to check the support status of all packages on the server
[08:21] <twb> That works quite well, thanks
[08:25] <a|wen> np ... that one should really be easier available somewhere
[08:30] <twb> a|wen: it should be set up like vrms on Debian
[08:31] <twb> i.e. a cron job that each month warns you if any installed packages will become unsupported in the next (say) month.
[08:31] <durt> anybody get boot logging to work
[08:32] <durt> ?
[08:32] <a|wen> twb: just having it installed as default on the system would be a good start ... but a quick wrapper around that script should be able to provide that
[08:33] <twb> I intend to set one up internally, anywya
[08:34] <twb> durt: what do you mean by "boot logging"?
[08:35] <durt> getting /var/log/boot to be used, ie. userspace boot logging
[08:36] <twb> Why would there be a /var/log/boot when that isn't defined in syslog.conf?
[08:37] <durt> it used to be used by bootlogd.
[08:38] <twb> Never heard of that.
[08:38] <twb> Just syslogd and klogd
[08:42] <_ruben> bootlogd has been broken for a long time now i think
[08:45] <T-Hawk> hey ppl... yesterday amavis started sending me updates every 3 hours like this: bayes: synced databases from journal in 0 seconds: 298 unique entries (717 total entries)
[08:46] <T-Hawk> i've looked in the cron job, and in amavisd-new-cronjob and it should pipe stdout to /dev/null, anybody know how i can get rid of these messages?
[08:49] <AlexC_> g'morning
[08:50] <AlexC_> I've got a very odd problem with curl/wget - they will just sit there for certain domains waiting for a response. They do connect perfectly fine, just never ever get a response, because of this I also can't update via apt-get update or aptitude (same issue, I assume they use wget/curl internally)
[08:51] <AlexC_> I can telnet into the domains on port 80, I can traceroute, ping etc. The sites are up and running, can verify this from other computers. Just this just server has decided enough is enough and given up
[10:23] <ZipmaO> Hi, some ubuntu webserver admins here?
[10:24] <ZipmaO> I'm a bit curious about web host setups
[10:24] <ZipmaO> Not the usual LAMP setup but as a web host provider
[10:27] <AlexC_> ZipmaO, do you have a more specific question?
[11:06] <Doble> hey folks, im trying to get apache working and am having a problem with my virtual server, I have set it up on port 12341 but when I go to http://192.168.2.10:12341 I recieve a connection failure message. My other default site works fine, can anyone help? it's probably something simple I'm missing ...
[11:14] <andol> Doble: Have you changed everywhere you should. Except the global apache settings (usually set i ports.conf) there are usualy also port settings in your vhosts.
[11:15] <andol> Doble: By the way, I'm on my way out for lunch now, so I probably won't respons to any follow up questions right away.
[11:19] <Doble> andol: thanks i will check now
[11:25] <Doble> andol: great, I checked the config files and it seems webmin didn't add the port to the ports.conf file for some reason ... this is why I hate webmin!! cheers!
[11:38] <AnAnt> Hello, is there a tool that eases configuration of an LDAP server ?
[11:50] <AnAnt__> Hello, is there a tool that eases configuration of an LDAP server ?
[11:54] <andol> Doble: If you hate Webmin, why do you use it? :)
[11:54] <andol> !webmin
[11:56] <AnAnt__> !ebox
[11:58] <Doble> andol: thanks, i wasn't aware of that ... I used webmin because I am looking for a way to host sites for clients, and have a managable interface for them to use to manage their virtual site in apache. I was hoping webmin/usermin would be the answer
[11:59] <Doble> im trying to keep it as simple as possible though, and i find that most web interfaces give me too many options and choices, when all i want is simplicity
[11:59] <Doble> i find it easier to work with the shell!
[12:00] <andol> Doble: Perhaps ISPConfig is what you'r looking for? (Heard about it, no personal experiences)
[12:02] <AnAnt__> can ebox configure ldap service ?
[12:03] <AnAnt__> oh, it does
[12:03] <AnAnt__> thanks
[12:03] <Doble> andol: thanks, I am looking at it now
[12:12] <mrwes> I've install the unattended-upgrades packaged and edit the conf file for security updates only -- do I need to do something else to enable it to run? Does it get invoked from cron.daily?
[12:15] <AnAnt> Hello, ebox is not installable in Intrepid, is there a way around that ?
[12:36] <mrwes> I've install the unattended-upgrades packaged and edit the conf file for security updates only -- do I need to do something else to enable it to run? Does it get invoked from cron.daily?
[13:48] <dayo> i've set up and ldap server, setting up and nfs server, and want my nfs clients (which will automount from the nfs) to authenticate via ldap. following this guide, where do i run the installation of the ldap auth modules?  https://help.ubuntu.com/community/LDAPClientAuthentication
[13:48] <dayo> setting up an* nfs server
[13:56] <sommer> dayo: on the clients
[13:57] <dayo> sommer: i need to install the ldap stuff on the clients? not the ldap server or the nfs server? is that right?
[13:58] <sommer> dayo: here's a link to the server guide section on LDAP: https://help.ubuntu.com/9.04/serverguide/C/openldap-server.html
[13:58] <sommer> dayo: basically you setup an ldap server, then each client needs the libnss-ldap, libpam-ldap, etc to authenticate to the LDAP server
[13:59] <sommer> dayo: there's a subsection on client authentication towards the bottom
[13:59] <Fumoh> hi!
[14:00] <_ruben> bye? ;)
[14:00] <dayo> sommer: great, thanks a lot. :-)
[14:01] <sommer> dayo: np, if you have specifc issues feel free to ask
[14:02] <Fumoh> Anyone know what I can do if I get a segfault trying to su/sudo?
[14:03] <Fumoh> I've never had this happen before... everything else (generally) works, but I can't elevate my rights or log in as root.
[14:56] <IvanCostaJr> Hello, guys!
[14:57] <IvanCostaJr> Is there anybody here that can help me with some Samba problems?
[14:58] <dayo> sommer: i got a 'command not found' error for `sudo pam-auth-update`
[14:58] <IvanCostaJr> It's my first time with Ubuntu server (I've been used openSUSE...)
[14:58] <dayo> sommer: i'm doing this on hardy, btw.
[14:58] <dayo> IvanCostaJr: hi
[14:58] <IvanCostaJr> Hi, dayo.
[15:00] <sommer> dayo: ah, then pam-auth-update won't work :-)
[15:00] <sommer> dayo: the Intrepid instructions should work with hardy though: https://help.ubuntu.com/8.10/serverguide/C/openldap-server.html
[15:00] <dayo> ok, i'll try those
[15:01] <IvanCostaJr> I have a big problem with Samba shares. Yesterday nobody can have access to the shares. Now, after I create some users with disable login in group USERS, everybody gets access to all shares.
[15:02] <sommer> dayo: the server instructions are slightly different as well... hardy uses /etc/ldap/slapd.conf instead of cn=config, so you might want to use the hardy section for the server setup
[15:02] <IvanCostaJr> Seens that samba isn't respect the "write list"
[15:03] <dayo> sommer: damn. ok, then
[15:04] <dayo> i wonder what impact that's gonna have when upgrading to the next lts
[15:05] <sommer> dayo: should be migrated fine... the migration from hardy to intrepid worked fine with slapd
[15:06] <J_P> default ubuntu-server is now amd64. why?
[15:07] <dnaumov> heh, minimal jeos installation doesnt have "man" but still manages to take 500mb of space, way to go
[15:14] <incorrect> I am looking for a console tool to give me network info
[15:15] <incorrect> i used to use something, but i can't remembers its name
[15:17] <dayo> incorrect: iptraf?
[15:18] <incorrect> thanks
[15:18] <incorrect> i tried iftop that is pretty cute
[15:19] <dayo> incorrect: i use iftop, too
[15:24] <dnaumov> picking installing "openssh server" installs x11-common.....
[15:27] <Kamping_Kaiser> dnaumov, yes, its a set of keymaps (and various bits)
[17:34] <RoAkSoAx> o/ ivoks
[17:38] <ivoks> RoAkSoAx: hi
[17:38] <RoAkSoAx> ivoks, how's it going?
[17:39] <ivoks> RoAkSoAx: trying to clean up some bacula bugs... hopefully, i'll nail 10 of them in one go :D
[17:39] <RoAkSoAx> awesome
[17:39] <RoAkSoAx> ivoks, i've made you admin of ubuntu-ha in launchpad.. and btw.. how do you think we should handle membership?
[17:39] <ivoks> after that i'll take a look at ubuntu-ha bugs
[17:40] <ivoks> i think it would be better to leave it open
[17:41] <ivoks> we don't have any special privileges, so it isn't a threat to... anything :)
[17:41] <RoAkSoAx> ivoks, ok
[17:43] <RoAkSoAx> ivoks, i guess that at the UDS you'll present the idea of creating a ubuntu cluster stack based in linux-ha + heartbeat
[17:43] <RoAkSoAx> oh and btw.. the launchpad list has been created
[17:45] <ivoks> RoAkSoAx: yes
[17:45] <RoAkSoAx> ivoks, awesome
[17:51] <RoAkSoAx> ivoks, btw... would you be interested in being a motu mentor?
[17:52] <ivoks> i could try... i'm not that great in packaging, but i could try :)
[17:52] <ivoks> too many 'i could try'
[17:53] <RoAkSoAx> ivoks, but you are a motu... so you do have experience... cuz.. i was about to ask again for a motu mentor
[18:17] <ribo> anyone using UML get this when starting the VM: Kernel panic - not syncing: Operation too long
[18:19] <ribo> oh. buggy UML + COW
[18:20] <ribo> lame.
[18:26] <hollman> hello all, i have a question, recently i install u server 9.04, and i goin to install apache2 php2 and mysql-server-5.0, the apt installme too postfix
[18:30] <ivoks> probably php5, not php2
[18:31] <ivoks> you've probably installed something else too, cause none of lamp packages pools mta
[18:31] <ivoks> hollman: ^^
[18:32] <hollman> ivoks, :P php5
[18:33] <hollman> but i dont install more, only this packages,
[18:35] <ivoks> try removing postfix
[18:36] <ivoks> it will tell you that it needs to remove the package that depends on it
[18:36] <ivoks> that way you'll know which one pulled postfix
[18:36] <ScottK> ivoks: Even better is aptitude why postfix
[18:37] <hollman> ivoks, y remove postfix manually ..., well i have one more question
[18:37] <ivoks> ScottK: or that :)
[18:38] <hollman> y installed mysql-server-5.0 and later i install mysql-server, this p[ackage install me mysql-server-5.1 and i have some problems :S
[18:38] <jmedina> ScottK: good aptitude tip :D, I was just about asking about a similar feature :)
[18:38] <ScottK> There is also whynot
[18:38] <ScottK> Those are the only things I use aptitude for.
[18:39] <jmedina> Im not used to aptitude because I can write apt-get faster :(
[18:39]  * a|wen notes aptitude mark-auto
[18:39] <ivoks> mysql-server installs mysql-server-5.0, not 5.1
[18:39] <ScottK> I rather prefer apt-get's approach of giving up when it's too hard to aptitude's I'll try anything no matter how insane as long as it gets me there approach
[18:40] <a|wen> pay attention when aptitude starts asking you question ...
[18:42] <hollman> i try to resolv the problems with sudo apt-get -f install and Ubuntu show me this error
[18:42] <hollman> Aborting downgrade from (at least) 5.1 to 5.0.
[18:42] <hollman> dpkg: error al procesar /var/cache/apt/archives/mysql-server-5.0_5.1.30really5.0.75-0ubuntu10_i386.deb (--unpack):
[18:42] <hollman>  el subproceso pre-installation script devolvió el código de salida de error 1
[18:42] <hollman> Se encontraron errores al procesar:
[18:42] <hollman>  /var/cache/apt/archives/mysql-server-5.0_5.1.30really5.0.75-0ubuntu10_i386.deb
[18:42] <hollman> E: Sub-process /usr/bin/dpkg returned an error code (1)
[18:42] <jmedina> a|wen: I think that is one of the reasons I prefer apt-get
[18:43] <a|wen> jmedina: well, aptitude was the only way i got rid of gnome again (after fluxbox pulled it in)
[18:45] <MagicFab> hollman, remove 5.1 first
[18:47] <hollman> MagicFab, if impossible "i think" because the apt and aptitude show me a dependencies error
[18:48] <MagicFab> paste the error here ?
[18:49] <MagicFab> the error you pasted before is not dependencies.. also check you free space (sounds obvious but..)
[18:49] <hollman> in a pastebin, its to long
[18:50] <hollman> MagicFab, http://ubuntu.pastebin.com/d6bb44311
[18:50] <MagicFab> remember the "pastebinit"package is your friend :)
[18:50] <mrwes> I installed the unattended-updates package and uncommented         "Ubuntu hardy-security"; is there something else I need to do to make this run?
[18:51] <RoyK> hi all. I'm looking for a way to setup an automated install of certain servers. We have some researchers that need a certain set of packages ranging from imagemagick to scipy and there's quite a few of them. Is there a way to create a custom, automated installation like that easily?
[18:52] <hollman> MagicFab, http://ubuntu.pastebin.com/m670b67c9
[18:52] <MagicFab> RoyK, take a look at ubuntu-vm-builder (if you want to use VMs).
[18:52] <MagicFab> or use preseeding if installing on baremetal... which one do you want ?
[18:53] <RoyK> MagicFab: mostly bare metal
[18:53] <RoyK> some VMs as well on xen
[18:53] <MagicFab> hollman, first sudo apt-get remove --purge mysql-server-5.0
[18:53] <hollman> MagicFab, the second pastebin ;)
[18:54] <MagicFab> hollman, yes I am looking at that one
[18:54] <RoyK> MagicFab: but not these boxes, really, those researchers drink cpu time like a drunk
[18:54] <MagicFab> RoyK, so which is it ?
[18:54] <RoyK> amd64 iron
[18:56] <MagicFab> RoyK, this may get you started: https://help.ubuntu.com/9.04/installation-guide/amd64/automatic-install.html
[18:56] <RoyK> some 50 researchers doing all sorts of mathematical models for air and whatnot research
[18:56] <RoyK> MagicFab: thanks
[18:56] <MagicFab> RoyK, I'd advised practicing on VMs :)
[18:57] <RoyK> well, of course
[18:57] <RoyK> :)
[18:57] <RoyK> or some test box
[18:57] <MagicFab> also check this for easy(er) vm testing: http://people.ubuntu.com/~kirkland/ubuntu-vm-builder.html
[18:58] <MagicFab> try it, you may change your mind and *only* provide access to a bigger box with only VMs :)
[18:58] <RoyK> is that usable for installing on real iron?
[18:59] <RoyK> MagicFab: not really - most boxes we setup these days have a minimum of two cores, and the overhead for virtualizing SMP systems are too high a price to pay
[18:59] <RoyK> s/are too/is too/
[18:59] <MagicFab> Your host could be 8.04 LTS
[18:59] <RoyK> we're only running 8.04LTS atm
[18:59] <RoyK> on servers, that is
[18:59] <MagicFab> correct, LTS host, other version guests.
[19:00] <RoyK> on workstations, we're using whatever the user wants
[19:00] <RoyK> MagicFab: if you have a hundred servers, you want to stick to something _stable_
[19:00] <MagicFab> hollman, what's up
[19:00] <RoyK> we have a couple of hundred
[19:00] <MagicFab> RoyK, all bare metal ?
[19:00] <RoyK> most of them
[19:01] <hollman> MagicFab, http://ubuntu.pastebin.com/m57bef788
[19:01] <RoyK> some virtual solaris zones, some xen stuff, but mostly bare metal
[19:01] <MagicFab> Then PXE + kickstart + MAC address-based seeds would make sense
[19:01] <RoyK> that's what I was thinking about... :)
[19:01] <MagicFab> I haven't done it myself but I know it's part of the labs we prepared for the Ubuntu Server course
[19:02] <RoyK> ok
[19:02] <RoyK> I'll just boil down the requirements to a minimum, I guess, and make that a standard
[19:03] <MagicFab> Start from the docs I pointed - we also have a whitepaper on mass deployment.
[19:03] <RoyK> MagicFab: I haven't setup automated installs since redhat 7.2 or something
[19:04] <MagicFab> Sadly, we need to know who you are :) -> http://www.ubuntu.com/contact/whitepaper
[19:04] <MagicFab> *discalimer* I am employed by Canonical - don't get the wrong impression ;)
[19:04] <RoyK> do you work for Canonical?
[19:04] <MagicFab> disclaimer*
[19:04] <RoyK> ok
[19:06] <MagicFab> Also take a look at OEM mode installs on server - it's new in 9.04: https://wiki.ubuntu.com/OemConfigServer
[19:06] <RoyK> sorry - need 8.04 for this
[19:06] <ivoks> kickstart + preseed
[19:06] <RoyK> servers tend to last for some time
[19:07] <ivoks> + apt-cacher on server
[19:07] <RoyK> I think the oldest boxes we have running are a Sun Ultra 5 and an Ultra 450
[19:07] <RoyK> that stuff is in production
[19:07] <RoyK> MagicFab: see pm, please
[19:07] <MagicFab> ivoks, apt-cacher-ng
[19:08] <ivoks> MagicFab: what's the diff?
[19:08] <RoyK> btw
[19:08] <RoyK> after registering, http://www.ubuntu.com/contact/whitepaper-thankyou turns up an empty page
[19:11] <ivoks> mathiaz: could you create ppa for ubuntu-bacula?
[19:12] <MagicFab> ivoks, rewritten, optimized
[19:12] <ivoks> MagicFab: so, buzzwords :D
[19:12] <MagicFab> RoyK, heh - interesting.
[19:12] <MagicFab> ivoks, don't take my word. Check.
[19:12] <ivoks> MagicFab: i was kidding
[19:13] <mathiaz> ivoks: sure
[19:13] <mathiaz> ivoks: I wonder if you'd be interested in being an administrator of the team?
[19:13] <Knirgh> Hey, i'm setting up ubuntu server atm and going to need some guidance
[19:13] <ivoks> mathiaz: yes :)
[19:14] <mathiaz> ivoks: hm - I can't do that
[19:14] <mathiaz> ivoks: Only the administrator of the team can do it
[19:14] <MagicFab> ivoks, I wasn't :) hard to tell but I am using it without problems for a few months now
[19:14] <mathiaz> ivoks: hm -only the team owner
[19:14] <ivoks> mathiaz: well, you are an admin
[19:14] <ivoks> oh
[19:15] <ivoks> i'll contact kern
[19:15] <Knirgh> What's the best bet at the moment, ext3 or ext4?
[19:15] <mathiaz> ivoks: what would be the PPA short description?
[19:15] <ivoks> mathiaz: Testing packages ?
[19:16] <mathiaz> ivoks: done
[19:17] <ivoks> mathiaz: thank you!
[19:17] <ivoks> hopefully, i can upload there :)
[19:20] <MagicFab> hollman: remove mysql-server
[19:21] <hollman> MagicFab, the same error
[19:21] <IvanCostaJr> Hi, guys!
[19:21] <hollman> cogito@server:~$ sudo apt-get install mysql-server
[19:21] <hollman> Leyendo lista de paquetes... Hecho
[19:21] <hollman> Creando árbol de dependencias
[19:21] <hollman> Leyendo la información de estado... Hecho
[19:21] <hollman> mysql-server ya está en su versión más reciente.
[19:21] <hollman> Tal vez quiera ejecutar `apt-get -f install' para corregirlo:
[19:21] <hollman> Los siguientes paquetes tienen dependencias incumplidas:
[19:21] <hollman>   mysql-server: Depende: mysql-server-5.0 pero no va a instalarse
[19:21] <hollman> E: Dependencias incumplidas. Intente 'apt-get -f install' sin paquetes (o especifique una solución).
[19:22] <MagicFab> hollman, REMOVE
[19:23] <hollman> :-o, done
[19:24] <mrwes> I installed the unattended-updates package and uncommented         "Ubuntu hardy-security"; is there something else I need to do to make this run?
[19:24]  * jmedina doesnt trus in unattended-updates
[19:25] <jmedina> *trust
[19:26] <mrwes> that's another discussion
[19:26] <mrwes> I don't get to worried on the security updates only
[19:27] <Knirgh> Can anyone help me with setting up a FTP server with accounts locked to /var/www? I'm very new at this
[19:27] <mrwes> I believe it's default now in Ibex and up
[19:31] <rjune> I have a handful(10 or so) of ubuntu systems locally, I would like to self host the jaunty repositories. Is there an easy way to do this short of mirroring the entirety of  http://us.archive.ubuntu.com/ubuntu/pool ?
[19:31] <MagicFab> hollman, remove any affected packages one by one... then install mysql-server, see what happens - come back and tell us :)
[19:32] <MagicFab> rjune, are you wanting to save bandwidth or anything else more involved (such as complete offline access to all packages) ?
[19:32] <hollman> MagicFab, i do that, thanks
[19:32] <hollman> i'll be right back
[19:33] <rjune> want to save bandwidth and want to have everything locally for complete offline access.
[19:34] <rjune> I thought it would be trivial to do, but was surprised to find all updates coming from /pool
[19:35] <MagicFab> rjune, one way to quickly save bandwidth is setting up one of those machines as a package cacher. apt-cacher-ng will do that.
[19:36] <rjune> then point the others to it.
[19:36] <rjune> not quite what I was looking for, but probably good enough.
[19:39] <MagicFab> look at all the apt- related packages, many will help with offline access caching, proxying etc.
[19:39] <slestak> i am looking at kpass methods of making a keytab enable AD auth to apache on a couple of ubuntu server machines.  The keytab that is created on the domain controller, can that keytab be exported to several webservers, or is a diff one needed for each apache install?
[19:39] <hollman> MagicFab, i remove all the packages one by one
[19:39] <hollman> i y have this problem
[19:39] <hollman> http://ubuntu.pastebin.com/m6060acb3
[19:41] <MagicFab> Did you update before attempting the reinstall ?
[19:41] <MagicFab> and I'd dpkg --configure -a too
[19:43] <RoyK> anyone that knows a good way to solve single sign-on and file services between linux, solaris and windows?
[19:43] <RoyK> I thought of using LDAP, but will this work with NIS?
[19:43] <RoyK> no
[19:43] <RoyK> not nis, nfs
[19:43] <rjune> RoyK, yes, LDAP + NFS works
[19:43] <rjune> LDAP + SMB works.
[19:44] <rjune> LDAP or NIS are \almost required when using NFS
[19:44] <RoyK> ok, so using a win2k8 server in the center and clients and servers around?
[19:44] <RoyK> I don't know much about how NFS auth works, sorry, I'm new at this
[19:44] <rjune> are you using NFS in this setup?
[19:44] <rjune> or are you using SMB?
[19:44] <RoyK> we have a bunch of clients on solaris, linux and windows, and the same mix with the servers
[19:45] <RoyK> the unices use nfs
[19:45] <rjune> uhhh...Hrm.
[19:45] <rjune> I *think* MS used to support unix attributes in AD. You might look into that.
[19:45] <rjune> Services for  Unix or some such IIRC
[19:46] <rjune> that would likely be easiest.
[19:46] <RoyK> what unix attributes will I need?
[19:46] <rjune> uid, gid, passwd, home dir
[19:46] <rjune> You're new to unix, eh?
[19:46] <RoyK> right
[19:46] <RoyK> nah
[19:46] <RoyK> been working with unix systems daily since 1998 or so, but I'm quite new to ldap in unix
[19:47] <rjune> if you can't do that... you might be able to get away with winbindd on one system and have it update an LDAP store.
[19:47] <RoyK> hrmf
[19:47] <rjune> basically, once NFS comes into the mix, you need to make sure uid and gid are the same across systems
[19:48] <RoyK> ok
[19:48] <rjune> which is where LDAP or NIS looks good
[19:48] <RoyK> seems unix attributes should be part of AD
[19:48] <rjune> different systems with different concepts of users.
[19:49] <RoyK> I know, but we have a LOT of different users
[19:49] <slestak> there is also likewise-open, that ships with ubuntu now.  basically it is winbindd
[19:50] <RoyK> anything from office people that get a nervous breakdown if they see a linux box, to the climate researchers that get violent if you mention windows vista
[19:50] <RoyK> slestak: guess it doesn't work too well with solaris
[19:51] <RoyK> or could an ubuntu box relay/sync this with nis?
[19:51]  * RoyK really doesn't want to try this on the old HPUX box
[19:52] <RoyK> rjune: unix attributes came with win2k3 or so, it seems
[19:52] <rjune> slestak, his problem is relaying that in a unix format for the linux/unix systems
[19:52] <rjune> RoyK, but does it still?
[19:52] <slestak> i thinkit might.  we have it installed on an aix box. check their site for hpux and solaris
[19:53] <RoyK> rjune: even microsoft have opened up a little on the server side, so I guess so
[19:53] <RoyK> better check tomorrow
[19:53] <rjune> RoyK, if it does, you should be all set
[19:53] <RoyK> yup
[19:53] <RoyK> just got a little job to do making the old solaris 8 boxes understand ldap
[19:54] <RoyK> or an easier job moving the services onto another box and ditch the old crap
[19:55] <ivoks> mathiaz: have you looked at https://code.edge.launchpad.net/~ahasenack/openldap-dit/trunk
[19:55] <ivoks> ?
[19:56] <oruwork> ivoks-> where you been man ?
[19:56] <ivoks> ?
[19:57] <mathiaz> ivoks: nope - first time I saw that
[19:58] <ivoks> mathiaz: well, it looks like a very good start :)
[19:58] <ivoks> it's almost finished :D
[19:59] <mathiaz> ivoks: right - it's andreas work from the Mandriva Directory Server.
[19:59] <ivoks> i could provide some MTA stuff
[20:00] <ivoks> like amavis per user config, aliases etc...
[20:05] <ivoks> ahasenack: i was looking at the dit you are working on
[20:06] <ivoks> ahasenack: i have some ideas for MTA part
[20:06] <ahasenack> ivoks: cool
[20:06] <ivoks> aliases, forward and vacation for a start
[20:06] <ivoks> maybe even amavis schema at some point
[20:06] <ahasenack> ivoks: i would be happy enough to get a consensus on aliases :)
[20:07] <ahasenack> ivoks: for example, do you prefer something like ou=aliases,... which mimics the /etc/aliases file or
[20:07] <ahasenack> ivoks: email aliases inside the user entry itself?
[20:07] <ivoks> in side user entry
[20:08] <ahasenack> ivoks: with ou=aliases, I can do an alias like "webmail: foo@gmail.com", which I can't do when they are inside user entries without creating a "webmail" user first
[20:08] <ivoks> hehe, i just noticed that problem :)
[20:08] <ivoks> still
[20:09] <ivoks> i'm in favor of having it under user entry
[20:09] <ivoks> having it all in one place
[20:10] <ahasenack> ivoks: using the refint overlay can help with ou=aliases
[20:10] <ahasenack> ivoks: in fact, I used that once, worked fine
[20:10] <ahasenack> ivoks: but there are pros and cons, as usual
[20:10] <ahasenack> ivoks: maybe using both
[20:11] <ivoks> we could create a difference between a user with a mail and a system ('fake') user
[20:12] <ivoks> ou=System Aliases
[20:12] <ahasenack> ivoks: that seems a workaround
[20:12] <ivoks> postfix could read both...
[20:13] <ahasenack> yep
[20:13] <ahasenack> ivoks: I tended to favor ou=aliases (I mean, a separate branch) because it's more flexible, and the refint overlay helps maintenance
[20:14] <ivoks> i don't have a clue what refint is :D
[20:14] <ivoks> http://linux.die.net/man/5/slapo-refint
[20:14] <ivoks> already reading
[20:15] <ahasenack> ivoks: if the user is removed, the alias entry is automatically updated
[20:15] <ivoks> ahasenack: one more thing... you went with dc=example,dc=com
[20:15] <erik78se> For all of you who knows about the Pirate party in Sweden, the party is the fourth biggest atm!? Do you know about it ?
[20:16] <ivoks> ahasenack: is it possible to have o=example1,o=server_name?
[20:17] <ivoks> erik78se: i couldn't care less about pirated software...
[20:17] <ivoks> ahasenack: that way there would be logic in having couple of organizations under same DIT
[20:17] <erik78se> ivoks: its not about pirated software
[20:19] <ahasenack> ivoks: server name? That doesn't sound wise
[20:20] <ahasenack> ivoks: I don't think we can come up with a tree for all needs, but i'm all ears
[20:20] <ahasenack> ivoks: since in all discussions about DITs people tend to say "what if the organization changes", or "what if the domain changes", or ..., and then the discussion always stalls
[20:20] <ahasenack> ivoks: I decided to come up with one of those and not try to solve the all problem
[20:21] <ivoks> i see
[20:21] <ahasenack> the bigger problem, I mean
[20:21] <ahasenack> having something is better than nothing, that's what I thought
[20:21] <ahasenack> and this something could already apply to lots of people, might even be the more common case
[20:21] <ivoks> i agree, i was just thinking about the ways we could solve it...
[20:22] <ahasenack> ivoks: in real life, what I think happens when one org buys another one and two DITs have to be merged, is that people use links between the trees
[20:22] <ahasenack> ivoks: but it's complex, every case is different
[20:22] <ahasenack> ivoks: it's usually a consultant's job in that case
[20:22] <ivoks> i've been in that situation
[20:22] <ivoks> that's why i was looking how to solve it :D
[20:23] <MagicFab> hollman, sorry, I was in a meeting. Brb ~5
[20:23] <ahasenack> there are even overlays that translate attributes on the fly from one tree to the other
[20:23] <hollman> MagicFab, ok, np
[20:23] <ivoks> ahasenack: the problem i had was that we had different people in different organizations, but with a same name and lastname
[20:24] <ivoks> ahasenack: so, if we merged ou=users from one dit to the other, that wouldn't work
[20:24] <ahasenack> right
[20:24] <ahasenack> ivoks: so the rdn was the same, but not the dn if you think of both dits coexisting
[20:25] <ivoks> well, since we wanted to have them all in the same ou=users, dn's where the same
[20:26] <ivoks> dns
[20:26] <ivoks> rdns
[20:26] <ivoks> bah
[20:26] <ahasenack> :)
[20:27] <ahasenack> what I need to do in that openldap-dit project is to check what is available in ubuntu and what isn't (for example, bind with ldap patch, I don't know if it's available), check if the import scripts are there too (usually in /usr/share/doc) and finish adjusting the docs
[20:27] <ahasenack> the script works, at least the last time I tried
[20:27] <ahasenack> and there is a request to have it use the config backend instead of creating a slapd.conf file
[20:27] <ahasenack> but that's just a conversion away
[20:27] <ivoks> right
[20:28] <ivoks> well, you shouldn't do it without pushing us to change bind/whatelse to work with it :)
[20:29] <ivoks> i could help with dovecot and postfix
[20:29] <ahasenack> oh, and add the default ubuntu admin dn to the ldap administrators group
[20:29] <ahasenack> unless it's rootdn itself, I didn't check that yet
[20:30] <ivoks> anyway... it's getting late over here...
[20:30] <ivoks> i'll test your dit these days
[20:30] <ahasenack> cool, thanks
[20:30] <ivoks> and provide patches for MTA part
[20:31] <ivoks> you'll have to help with that refint stuff
[20:31] <jmedina> ivoks: where you  live?
[20:31] <ivoks> jmedina: croatia
[20:31] <jmedina> :O
[20:32] <jmedina> ivoks: what time?
[20:32] <ivoks> 21:32
[20:32] <jmedina> too late
[20:33] <ivoks> take care
[20:44] <phreestyle-work> I have a question I can'
[20:44] <phreestyle-work> can't seem to get google to answer for me
[20:45] <phreestyle-work> after installing hardy (with lamp setup) what other configurations should I make to the server to make it secure and permormant under stress
[20:48] <jmedina> phreestyle-work: that depends of your setup, your applications, and you current load
[20:48] <jmedina> you can play with threads/childs config for apache
[20:48] <phreestyle-work> jmedina: well, I'm going to writing a php application in cakephp that will probably run on a postgresql database, but I'm concerned about the php performance
[20:49] <jmedina> some applications bennefit from multi threaded apps using apache2-mpm
[20:49] <jmedina> some php modules dont understand threading and work better with apache2-prefork (old style in apache1)
[20:50] <phreestyle-work> well, i read that I should install an optcacher or something like that, so I installed xcache, but do I need to do anything special, or does xcache work automagically?
[20:57] <oruwork> jmarsden-> disable root login and disable password logins
[20:58] <oruwork> errrr
[20:58] <oruwork> phreestyle-work-> that was for you
[20:58] <phreestyle-work> oruwork: yea, I gotta figure out how password-less authentication works with ssh
[20:59] <oruwork> with a 1024 bit key
[20:59] <phreestyle-work> oruwork: right, but do you take that key with you on a flash drive or something
[20:59] <oruwork> you are using putty right ?
[20:59] <oruwork> yeah you can do that
[20:59] <phreestyle-work> im on a mac, using the terminal
[21:00] <oruwork> ooooh
[21:00] <oruwork> for mac ....
[21:00] <oruwork> dont really know how to obrain a key for mac
[21:00] <phreestyle-work> i mean the ssh server runs on ubuntu but I would be connecting from eiter a mac or a another ubuntu machine
[21:01] <oruwork> yeah the process is very simple, i just never done it for mac or linux desktop
[21:01] <oruwork> i'm connection from win xp
[21:01] <phreestyle-work> well with putty, you supply the key as a file in the gui...I'm sure there's a command-line equivelent
[21:02] <oruwork> sec
[21:03] <oruwork> the steps i took was download puttyget.exe which let me generate a key
[21:03] <phreestyle-work> actually it would be really cool if I could get password-less ssh access working because I have some scripts that could use it
[21:03] <oruwork> then in addition to putty.exe i use pageant to import key in
[21:04] <oruwork> pageant.exe that is
[21:04] <phreestyle-work> right....I just gotta figure out how to generate one of those keys on the server....but anyways, what other steps can be taken to secure and speedup the server?
[21:04] <oruwork> i can find out for you though, so primarly you will be connection from MAC right ?
[21:05] <oruwork> not speedup
[21:05] <phreestyle-work> mostly....I'm sure someone has written an article on it
[21:05] <oruwork> just secure from attacks such as brute force
[21:10] <oruwork> some boys are telling me about ssh-keyben
[21:10] <oruwork> you should be able to use that internally
[21:11] <phreestyle-work> I'll have to check that out
[21:11] <oruwork> phreestyle-work-> ssh-keygen
[21:11] <phreestyle-work> oruwork: gotcha
[21:23] <DoyleChris> hello
[21:23] <DoyleChris> wuestion about samba
[21:24] <DoyleChris> could somebody help
[21:25] <DoyleChris> anybody
[21:26] <jmedina> DoyleChris: just ask
[21:26] <DoyleChris> i have samba up and running
[21:27] <DoyleChris> and i have a 250 gig drive shared on the network
[21:28] <DoyleChris> what i would like to do is have Home directories for my girlfriend and i that we can access and also music, pictures, and movies.  but have a directory that has programs and other directories i can only access
[21:28] <DoyleChris> i was able to create a account for me and my girlfriend
[21:29] <DoyleChris> and i can access the drive with no problem but not sure how to set her account or access up
[21:29] <jmedina> DoyleChris: the same way you did your your account
[21:30] <jmedina> DoyleChris:what kinkd of account did you create for your gf?
[21:30] <DoyleChris> i have the drive mounted as Server250 and i just create access to folders in it or do i haft to create a mount in side that
[21:31] <DoyleChris> user
[21:31] <jmedina> linux user or samba user?
[21:32] <DoyleChris> set it up as a linux user then converted over though webmin
[21:32] <DoyleChris> in the samba module part
[21:32] <jmedina> :S I dont know webmin
[21:32] <jmedina> ok try this
[21:33] <jmedina> pdbedit -L
[21:33] <jmedina> what will list your samba accounts
[21:35] <DoyleChris> nobody,server,Amanda,Christopher
[21:35] <DoyleChris> Im Chris and Amanda is my girlfriend
[21:37] <DoyleChris> should i create a seprate mount and share for each folder
[21:37] <jmedina> ok
[21:37] <jmedina> no
[21:37] <DoyleChris> i dont know
[21:38] <jmedina> so you already share /home?
[21:38] <jmedina> you want to share /home for amanda and chris
[21:38] <jmedina> and another directory where you have multimedia files
[21:38] <jmedina> where is that directory?
[21:38] <DoyleChris> well when i created there accounts i put there homes on Server 250
[21:39] <jmedina> DoyleChris: how?
[21:39] <DoyleChris> the share path is from the mount point /Server
[21:40] <DoyleChris> i can see under the mount /Server
[21:40] <DoyleChris> the Amanda and Christopher folder
[21:40] <jmedina> and home directories are under /home?
[21:41] <DoyleChris> under /Server
[21:41] <jmedina>  /home/amanda, /home/christopher ?
[21:41] <jmedina> ok
[21:41] <DoyleChris> no /Server/Amanda /Server/Christopher
[21:41] <jmedina> and where are the multimedia files?
[21:42] <DoyleChris> They would be under /Server/Music ,/Movies, /Programs ,/Pictures
[21:42] <DoyleChris> Amanda can only access amanda,Music,movies,pictures
[21:42] <DoyleChris> and i can access everything
[21:53] <DoyleChris> i started over
[21:54] <DoyleChris> removed the origanial share
[21:54] <DoyleChris> created directories in linux for music pictures.... and trying to share that directory and having problems
[21:58] <DoyleChris> why cant this be simple
[22:00] <DoyleChris> has anybody on here worked with webmin
[22:00] <phreestyle-work> webmin = bad
[22:00] <DoyleChris> what do you recommend then webmin
[22:00] <phreestyle-work> ebox
[22:01] <phreestyle-work> it should be pretty easy to set up file sharing using it
[22:02] <phreestyle-work> since you're using the server edition of ubuntu, you don't get the same nice gui tools that you would if you were using gnome, which is good if you're running a server....but I have a proxy/web filtering server setup using ebox...it's makes a lot of things very simple
[22:02] <DoyleChris> well i install gnome to do some things
[22:03] <DoyleChris> ebox mentions hardy or interpid
[22:03] <DoyleChris> which one
[22:03]  * mattt doesn't like webmin
[22:04] <phreestyle-work> which ubuntu version are you running? I run hardy here
[22:04] <DoyleChris> the latest 9.04 i think
[22:04] <phreestyle-work> btw, this link may be helpful to you: http://www.howtoforge.com/running-a-file-and-print-server-with-ebox-on-ubuntu8.04-server-p3
[22:04] <DoyleChris> can i also setup ftp and webserver though it
[22:05] <phreestyle-work> well, there's not a whole lot of gui settings for a webserver in ebox other than enable/disable, but yes
[22:06] <phreestyle-work> as for ftp, they are working a module for it, but I don't think there is one just yet
[22:06] <DoyleChris> do i wnat hardy or interpid
[22:07] <phreestyle-work> run this command: lsb_release -a
[22:07] <phreestyle-work> it will tell you what version you are running
[22:07] <DoyleChris> jauntry
[22:08] <DoyleChris> jaunty
[22:08] <phreestyle-work> haven't gotten a chance to play with jaunty server yet, but it should be similar to the other versions: sudo apt-get install ebox
[22:09] <phreestyle-work> then from there, you will prolly want to do this so you can see what modules are available for install: sudo apt-cache search ebox-
[22:11] <phreestyle-work> good luck with that...gotta run
[22:11] <DoyleChris> thanks
[22:11] <phreestyle-work> if nothing else, google helps now that you have a good path
[22:18] <jgoguen> question about https://launchpad.net/bugs/367943 - fetch public key from LP rather than set password...I want to say that this is Invalid because first, private keys go in ~/.ssh/authorized_keys, and second that the user must have a password for console logins and sudo anyway
[22:18] <jgoguen> is this good enough or is there something else I'm missing?
[23:06] <phaidros> hi, can it be true, that ldap-server in hary is broken ?
[23:10] <phaidros> ok, installing slapd directly works
[23:10]  * jmedina only uses hardy slapd servers in production
[23:11] <jmedina> although openldap team dont recomend use debian version :S, they recommend use stable relasee
[23:11] <jmedina> 2.4.16
[23:11] <jmedina> compiled by hand
[23:12] <jmedina> most fixes are about GNUTLS and syncronization
[23:27] <phaidros> jmedina: I am trying to understand ldap right now. it seems to be not that easy :)
[23:28] <jmedina> phaidros: is not easy tu understand
[23:29] <jmedina> I recommend this book: Mastering OpenLDAP: Configuring, Securing and Integrating Directory Services from Packetpublishing
[23:29] <jmedina> Mastering OpenLDAP: Configuring, Securing and Integrating Directory Services
[23:29] <jmedina> http://www.packtpub.com/OpenLDAP-Developers-Server-Open-Source-Linux/book
[23:29] <jmedina> it has good ldap fundamentals, it is something like "all you want to know about ldap and openldap "
[23:29] <jmedina> :D
[23:31] <phaidros> ok, I want LDAP only as backend to manage users and groups for a number of services ..
[23:31] <phaidros> all the directory service knowledge is eating my brain :/
[23:31] <phaidros> or better, my breain refuses to absorb it :D
[23:32] <jmedina> phaidros: I have a document about openldap +samba to centrally manage users and groups for mixed enviroments: linux+unix and windows
[23:32] <phaidros> jmedina: yay!
[23:32]  * jmedina dont understand "yay"
[23:33] <phaidros> yay = sounds good :)
[23:33] <jmedina> Configurar un servidor Controlador de Dominio con Samba y OpenLDAP en Ubuntu Server Hardy 8.04
[23:33] <jmedina> http://tuxjm.net/docs/cursos/Samba+OpenLDAP+PAM+NSS-4Ubuntu/html/
[23:33] <jmedina> it is in spanish
[23:34] <jmedina> you can copy paste almost everything, and after a few minuts you have a domain controller running :D
[23:36] <phaidros> thanks jmedina, as I do not understand spanish .. I try to read the examples there :)
[23:37] <jmedina> phaidros: you can use google translation that will help
[23:39] <phaidros> jep