phaidroshm, is there an out of the box solution to give users access to certain init scripts?00:06
yann2etc/sudoers magic maybe?00:09
phaidrosyann2: I am looking more for a "config infrastructure" for that purpose, so, creating init scripts for a user/service pair and enable them ..00:10
phaidroshm, how do you guys enable users to restart a fastcgi app? (in an ideal world this app is handled by initscripts, so it comes up after a reboot e.g.)00:11
yann2ah now thats a different question00:11
yann2I'd like the answer to that00:12
yann2people usually used killall :)00:12
phaidroshm, that sucks somehow :D00:14
phaidrosyann2: http://www.undefinedfire.com/lab/user-init-scripts/00:17
phaidrostry that :)00:17
=== yml_ is now known as yml
=== hggdh is now known as hggdh_
=== hggdh_ is now known as hggdh__
=== hggdh__ is now known as hggdh
jumbersI'm having issues with rewriting from domain.com/folder to www.domain.com/folder. domain.com to www.domain.com works just fine, but it does not work with any folders. I'm running Apache203:33
slestakhey guys, i am tinkering with libvirt and kvm on jaunty.  I have used python-vm-builder to create a jaunty server vm that exists in ~/ubuntu-kvm.04:00
slestaki see that the virsh define command is neccesary to register the xm, but there is no xml file with confg for this machine.04:01
slestakdo i need to make that, or is the xml file a need for a differnt (virt-install) tool?04:01
sommerslestak: the xml files should be in /etc/libvirt/qemu04:03
slestakok, i see default.xml.  it only specs bridge networking using dhcp.  I specified the ip address of my vom on the command line when I built it.04:06
slestaki am trying to determine if I need to define the vm in virsh before i can run it?04:06
slestakthis is how i created it http://pastebin.com/m6eded9ef04:08
sommerslestak: do you have a bridge setup on the host?04:09
sommerslestak: the vm should be defined by vmbuilder04:10
slestaksommer: i dont htin I do yet.  It is a new install.  Sorry for the elementary questions.  I am in a little overload with the multitude of option in the server docs.  It is difficult to tell which instruction pertain to which method04:10
sommerslestak: in the networking section of the serverguide there is information on setting up a bridge on the vm host04:12
slestaksommer: ok, i just made sure kvm waast started, I do have a virbr0 on a network, which is the dhcp range spec'd in the /etc/libvirt/qemu/networks dir04:12
slestakyes, i see it for 8.10 here https://help.ubuntu.com/8.10/serverguide/C/jeos-and-vmbuilder.html04:13
slestakim going to see if ther eis updated docs for 9.0404:13
sommerslestak: there is also information in the 9.04, but it's been rearranged a little04:14
ScottKsommer: Comment for you on the mail server section of the server guide: I don't think the smtp auth stuff should have been removed in favor of just using dovecot-postfix as not everyone wants a local delivery agent.  Just setting up smtp auth is a useful set of information.04:32
sommerScottK: ya, it's on my list to revisit that section in light of the new dovecot stuff04:37
sommerScottK: I think the dovecot section can actually be merged with the postfix section, but you're right the smtp auth does stand alone at times04:38
ScottKAlso having the detail about settings is important for troubleshooting.04:38
ScottKI was helping someone last night and I had to go read the source to dovecot-postfix to help him.04:39
sommergotcha, I'll update that for karmic04:39
daniel010101how do i make a lamp system with asp04:41
cefslestak: you playing with kvm/libvirt too? in virsh, you need to do a 'list --all' to  show inactive machines. the python-vm-builder seems to create the vm with an ID of 'ubuntu' by default04:44
cefslestak: it actually defines it, but doesn't enable/start it by default 'if' you tell python-vm-builder to register the machine with libvirt for you04:45
cef(either the [libvirt] section of your config, or the --libvirt option on the cmdline)04:46
slestakcef: thx, yeah, i started looking at vmware-server, but i hate the way they gutted all the shell tools in the free product.04:56
slestakcef: so i am now looking at libvirt + kvm for my comanies needs.04:56
twbvmware blows04:57
twbEspecially vmware-server04:57
slestaksommer: i have copied the xml file into libvirt/templates the way the wiki mentions, but the example has most of the settings in thre with secions commented out04:58
slestaksommer: do i uncomment the line that starts with #if $bridge?  the wiki doesnt really specify05:00
cefif you're going with a bridge (rather than behind nat), then you should really make a local copy and reference it in your own templates.05:01
cef(that way, if the templates get changed thru an upgrade, you don't lose your changes)05:01
slestaki did make a local copy to ~/VMBuilder/plugins/libvirt/templates/05:01
cefahh yup yup05:02
cefyou've since rebuilt the install using vmbuilder?05:02
slestakcef: but the template uses $bridge, I assume that may be an arg05:02
cefoh and you've created the bridge device?05:02
slestaknot after changing this, i need to locally cache this stuff, dl it is slow for me.  That is actually the first vm I am makign with jeos is an apt-proxy server05:03
slestakfor my lan05:03
cefwhich webpage are you referencing atm?05:03
cefok.. yeah that guide is for 8.10.. you can now tell vmbuilder that you want a bridge rather than the default. hold a sec05:08
slestakive updated my pastebin with my vmbuilder command, my ifconfig for virbr0, and the interface ection of VMBuilder/plugins/libvirt/templates/libvirtxml.tmpl05:09
slestakits at http://pastebin.com/m31f73c3f05:09
slestakbeer time05:10
cefso either you can change that config and remove the if/else stuff (making it just that entry), or you can use the new commands (which I think go into the .cfg - can't see it in the man page.. time to look at other docs methinks)05:10
slestakis my virbr0 at going to cause a problem, I want to use as a staic ip for this vm, already have a dns pointer to it.05:13
slestaki think i need to delete that interface and recreate it maybe?05:14
cefyou need to create a bridge. look at the link in https://help.ubuntu.com/9.04/serverguide/C/libvirt.html#virtual-networking05:16
cefcos the bridge needs to include the 'outside' interface that you want to bridge the clients to (eg: eth0)05:16
slestaki take it this is dangerous work remotely, lol.  i thinkn i did this a while back and had to drive to the console to fix.  At least this machine is sonly 3 miles away, instead of 6 states.05:18
cefwell, double check things. :D05:18
slestaki just upped the ram in my desktop at work so i will be on this machine in about 8 more hours.05:19
slestaki am redmond free at my desk, life is good05:19
cefI have too many machines around me (including one machine which is doing kvm, but has no X on it)05:21
slestakthis is interesting, i have no bridge entries in netowk/interfaces, but i do have brctl installed.  I have a virbr0, but this is jaunty desktop, and dhcdbd is not installed05:22
cefwhich is fine, but none of the other machines has the right combo of X and jaunty on it so that I can see a console. made finding a typo in my firstboot script a right pain05:22
slestaki guess the bridge that is running was purely from the vmbuilder defaults and is not fiunctional05:22
cefwell libvirt sets it up by default I think05:27
slestaknow, this is where it gets tricky, my desktop is on our desktop subnet,, however, I want this server to respond to  THink that looks questionable?05:27
slestakmy dom0 is
cefit's useful for testing stuff if you don't want it to be contactable from remote (eg: if you don't care if it's behind a firewall05:27
slestakall of this is for internal use, i have to vpn in to see any of this05:28
cefas long as the upstream router will allow it on that network interface, shouldn't be an issue05:28
slestakbut I do want this to be reachable by any team member05:28
cefwhat's the netmask? /24? /23 or less?05:29
slestakas long as dom0 is still functional, I can adjust or move the dom1 later to that othe rsubnet.05:29
slestakcef: im not sure, sorry.  networkign is not my strong point05:29
cefslestak: ok, or something else?05:29
slestaki can start my vm's on the desktop subnet, and move them to my production server an reconfigure them05:30
slestak255.255.255.0, yep05:30
cefok.. cos it's a mask. 192.168.20.x masked with means that you can only communicate with machines that the last number (x) differs. otherwise it has to go through a router somewhere05:31
cefipcalc is a useful tool for finding out that sort of thing btw05:31
cefso you can put it on the same network card, but nothing will be able to talk to it05:32
cefbut hey, it should boot, and as long as you can do console, it'll be fine05:32
slestak__i missed the last thing you said I think.  restarting networkign lost my remote session05:33
cefipcalc is a useful tool for finding out that sort of thing btw05:33
cefso you can put it on the same network card (using a bridge), but nothing will be able to talk to it05:33
cef(and then what I just said)05:33
slestak__ * Reconfiguring network interfaces...05:33
slestak__Ignoring unknown interface eth0=eth0.05:33
cefpastebin your /etc/network/interfaces file05:34
slestak__well, its 12:30am, i'll pick it up tomorrow.  thx for your help.  I cant righ tnow, that machine is not available until i can reach the console05:34
slestak__i can recreate it though05:35
cefno probs..05:35
cefgot a few hrs before I head home (.au here)05:35
slestak__do you have my oastebin url still?05:36
slestak__and eth0 =  <-- different subnet from guest.05:37
slestak__what is the biggest, baddest kvm machine you guys have ever built?05:38
slestak__we have an olap tool (MITS) that currently runs on our aix box with our erp system.  I am entertaining the idea of running this on a rhel dom0 with kvm dom1.05:39
ajmitcha hefty 512MB guest windows XP install in kvm05:39
ajmitchyes, I barely use kvm05:39
slestak__the data needs are trmendous, (for me) 32G of db, and 136G of indexes and cubes.05:40
cefahh yeah.. you need to set it up as 192.168.20.x (the bridge replaces the 'eth0' address)05:41
cefthen when you 'add' ip's to the bridge, they aare their own (ie: defined in each vm)05:41
slestak__i wonder if virtualization can scale up to that?  I have my eye on a fiber channel jbod from a friend that has 5.6Tb (14 x 400g sata) that i can stripe some and use lvm snapshots onto another set nightly.05:42
slestak__cef: so each vm will redefine its own br0, or will i need br0, br1, br2 for 3 vm's?05:43
cefI'm still playing.. the issue is data movement.05:43
cefslestak: each machine will create another ip and add it to br0 (eg: br0:0, br0:1)05:44
slestak__im not super concerned with performance.  My other choices beside virtualization are to use either one of our two older prod boxes, two aix machines, 1x800Mhz or 2x450Mhz, At least the dom0 is a modern poweredge that can take 4 Xeon's.  Hopefully it can hang05:45
cefmain issues (IMO) are going to be disk speed access and network speed. you might need to look at virtio to improve the network access05:46
slestak__i need one of those ip kvm switches (other definition of kvm) so when I do this to my poweredge, I can reach the console from Michigan.  the server is in Maryland05:46
cefyeah.. always a pain..05:47
slestak__Can I use a ramdisk in a virtual machine?05:47
slestak__My plans is twofold.  I plan on striping this data only,  no mirror, no parity.  Set up it with max read/write speed.  I can alway rebuild my cubes from source data if I suspect them.  Use an lvm snaphot nightly to another set of disks in the jbod, so I basically mirror it once per day, instead of on every write05:49
slestak__i need to cruise.  ty for your help cef05:51
ivoksRoAkSoAx: hi05:54
RoAkSoAxivoks, heya master, how's it going05:54
ivoksRoAkSoAx: sorry, i couldn't come yesterday05:54
RoAkSoAxivoks, it's ok :)05:55
RoAkSoAxivoks, do you have time now?05:58
ivoksyes :)05:58
ajmitchhi ivoks05:58
ivoksajmitch: hi05:58
RoAkSoAxivoks, this is the FTBFS: https://launchpad.net/~andreserl/+archive/ppa/+sourcepub/634425/+listing-archive-extra05:59
ivoksRoAkSoAx: let me boot the karmic server and check that ftbs05:59
RoAkSoAxivoks, i think it would have been a sync, but it FTBFS05:59
ivoksRoAkSoAx: what time is it in your timezone?06:02
RoAkSoAxivoks, midnight06:02
ivoksso, 7 hours diff06:02
RoAkSoAxoh really.. what are you doing up so early :)??06:03
ivoksdocumentation for one project :D06:03
ivoksi hate writting documentation :/06:03
RoAkSoAxivoks, i hate to getting up so early.. i can get up before 9 :) hahaha and yes.. i hate documentation too06:04
ivoksi'm grabing paraview06:04
* ajmitch prefers those easy merges :)06:04
ivoksajmitch: well, RoAkSoAx is my student and we are at the leason 'How to fix FTBFS' :)06:05
RoAkSoAxindeed :)06:05
ajmitchivoks: I'm at the stage of 'deciphering libtool changes' :)06:06
* ajmitch needs to finish off, test & upload the php5 merge06:07
ivoksajmitch: what do you think about having PPA for PHP5 packages?06:07
ivokstested and approved newer versions of php for older releases06:08
al_paundo you know if it's complicate to install a pci serial in ubuntu?06:08
ajmitchI think it'd certainly be useful to have them06:08
ivokssome web devs complain all the time about old php506:08
ivoksal_paun: with most of them it's just plug and play06:08
ajmitchI don't think it should be too hard to arrange a PPA for it either06:08
ivoksal_paun: some, otoh, require binary driver which kills linux's native serial driver and, basicaly, renders your system unusable06:09
ivoksajmitch: i'll try creating backported php packages for hardy, just to see how it works06:09
ajmitchthere aren't too many things in PHP dependencies that should stop that from just working06:10
ivoksthat's right; that's way i had that idea...06:10
ivoksRoAkSoAx: i'm pulling required packages to build paraview06:11
RoAkSoAxivoks, k :)06:11
ivoksRoAkSoAx: it was a clean merge...06:11
* ajmitch is merging 5.2.9.dfsg.1-4 at the moment, nothing jumps out as unbackportable06:11
al_paunI plan to install a fax modem on a server. Since the computer doesn't have any serial what do you suggest?. I've tried with a usb-modem and the modem couldn't be recognized.06:11
al_paunmaybe a hardware modem on pci?06:12
RoAkSoAxivoks, i thought that too, but having taking a better look... seems like a sync...06:12
al_paunI already have a serial modem06:12
al_paunwhich I know it's working on linux06:12
ivoksal_paun: try with pci serial ports06:12
al_paunok tks06:13
ivoksal_paun: and, leason learned, newer ever buy another server without serial port06:13
al_paunthe new mainboards removed serial port06:13
ivoksmaybe desktop boards...06:13
al_paunyeah but I06:13
al_paunyeah but it's already bought06:14
RoAkSoAxivoks, my debdiff does not show any changes... because 1. ubuntu-use-ffmpeg-swscaler has been included in debian, so we drop that patch, then debian has dropped gcc4.3.patch and ffmpeg_writer.patch, and it has also dropped ffmpeg from Build-Depends and I'm taking debian changes on mpi... so after that.. no ubuntu change...06:14
ivoksRoAkSoAx: we'll see :)06:15
ivokswell, there's a quite big diff06:17
ivoksubuntu uses ffmpeg, debian doesn't06:17
ivoksRoAkSoAx: anyway, that's for ubuntnu-motu :)06:18
billybigrigger_hey all06:21
billybigrigger_does anyone here use godaddy??? i registered a domain through them and can't figure out for the life of me how to setup a subdomain, i want forums.mydomain.com to point to mydomain.com/forums (ie. /var/www/forums)06:22
=== rascov_ is now known as rascov
ivoksdoes anyone uses latex|tetex|texlive|*ex* for writing documentation?07:01
twbivoks: nope; I prefer python-docutils and rst2pdf now.07:19
ubottuA large amount of the first questions asked in this channel start with "Does anyone/anybody..."  Why not ask your next question (the real one) and find out?07:20
ivokstwb: hehehe07:26
ivoksi'm interested in editors people use for tex07:27
twbivoks: #emacs07:33
cefcan you get vmbuilder to build images directly onto an lvm lv in raw format? everything I've seen says to use qemu-img to convert the default file from qcow2 to raw after the fact, which is just a pain.08:44
stanman1how can i install a broadcom netextreme nic with ubu?08:48
stanman1the installer doesn't see the embedded nics.. :(08:49
henkjancef: on intrepid building images to lvm failed for me08:52
kgoetzstanman1: your NICs require non-free firmware. Not sure if your release of Ubuntu ships with it08:57
stanman1kgoetz: somehow ifconfig eth0 up worked and i could set a static ip, etc09:00
stanman1strangely the installer didn't recogize the nics...09:00
stanman1now it's working09:01
kgoetzstanman1: the kernel used during isntall may not have the firwmare loaded. I'd agree its trange though09:01
stanman1i must say, i did an install off an usb stick (no cd in the box), later after booting off the hdd's it worked09:02
alterlaszlohi, i'm giving eucalyptus a try but i have problems handling user registration mails. Where are the mails gone?10:36
ulelanyone running clusters here10:36
ulelneeded soem advice on hardware10:37
celephaisHi, how do you control log on multiple servers?11:14
ddoom_I have 3 1TB sata drives, ubuntu server is intalled on a partition of 1 of them. If i unplug one of the non-boot drives, it works fine.but if i have all 3 connected it comes up with raid45: unknown target type errors and drops to EasyBox (I think its called). My bios has fakeraid which I have turned off, any ideas?11:18
alterlaszlocelephais: i use syslog-ng and centralize all logs on a log-server11:22
celephaisalterlaszlo, and how do you parse the logs?11:22
celephaisalterlaszlo, i mean how do you know if something is going wrong?11:23
alterlaszlocelephais: with syslog-ng it-s quite easy to create filters11:23
celephaisalterlaszlo, ok thank you , i'll check the documentation11:23
alterlaszlocelephais: that's a great question: it dipends on how much time you have to check them ;) if you have few time just parse errors and warnings11:24
celephaisalterlaszlo, is there a program that automatic parse log and look for ad-hoc pattern such , a.e, brtue forcing on ssh?11:27
alterlaszlocelephais: for brute-force attacks i use another package called fail2ban, it's him that check logs and creates autoamtically iptables rules to ban the attacker ip11:28
alterlaszloit-s great against script kiddies11:28
celephaismm ok i'll check11:29
=== gaveen_ is now known as gaveen
LMJI'm modify my syslog and now, no more email activities are logged  :-/  Here is my conf : http://pastebin.com/db1c69d3 and you will see file priviledges too13:57
LMJ - means not sync or something like this14:02
ivoksright, without it, syslog won't buffer logs14:03
LMJI don't want to log in /var/log/mail.log but in /var/log/mail/mail.(err|log)14:03
ivoksthose files exist?14:04
ivoksowned by syslog:adm?14:04
LMJyes, look below in my pastebin14:04
ivoksoh, sorry14:05
LMJdon't really understand what it doesn't work14:05
LMJno errors in syslog just in case14:05
ivoksdid you check syslog?14:05
ivoksok... :)14:05
LMJI've broken something somewhere but I don't know what14:06
LMJlet's double check if postfix handle syslog facilities14:07
ivokshow about:14:08
ivoksmail.info -/var/log/mail/mail.log14:08
ivoksmail.warn -/var/log/mail/mail.log14:08
ivoksmail.err /var/log/mail/mail.err14:09
LMJok, let's try14:09
LMJhold on14:09
ivoksmake that mail.warning14:10
ivoksso, you don't want errors in the same file as other?14:10
LMJsyslog and postfix restarted and I can see the postfix restart notification in mail.log14:11
LMJnice ;)14:11
LMJmail sent14:11
LMJand log'ed14:11
LMJdamned, thanks you bro14:11
ivoksubuntu's default syslog.conf had that example14:12
LMJI removed it14:12
=== asac_ is now known as asac
billybigrigger_does anyone here use godaddy??? i registered a domain through them and can't figure out for the life of me how to setup a subdomain, i want forums.mydomain.com to point to mydomain.com/forums (ie. /var/www/forums)14:48
=== hessml is now known as hessml|away
=== hessml|away is now known as hessml
giovanibillybigrigger_: this is very much not the place to ask -- godaddy has technical support15:10
giovanihowever, forwarding a subdomain to a url is not typically done at the DNS provider15:10
keesivoks: sweet, I see you're trying to get xattr tar working sanely upstream.  how's that going?15:13
stickystylebillybigrigger_:  once you figure out the godaddy subdomain issue, your going to want to learn about mod_rewrite to handle the forums.mydomain.com -> mydomain.com/forums transition.15:17
billybigrigger_what do i need to know?15:18
billybigrigger_well i got it working, it only took 48 hours to update...so if i visit forums.mydomain.com now, its just a redirect and the address bar shows mydomain.com/forums15:19
billybigrigger_so all that effort was pointless :P i thought the address bar would show the subdomain as forums.mydomain.com15:19
ivokskees: it's basicaly redhat's patch15:20
ivokskees: upstream did some changes to it15:20
ivokskees: debian maintainer pushed it there15:21
ivokskees: to be honest, i didn't check how are things going now, but i do know that fedora is interested in that too15:21
ivokskees: http://lists.gnu.org/archive/html/bug-tar/2009-03/msg00036.html - that's the last news :/15:22
=== hessml is now known as hessml|away
keesivoks: yeah, that's what i was reading.  Jorg is totally right, btw.15:28
keesi.e. the memcpy vs strcpy bit.15:29
keesI don't know about the DIR part15:29
orudieis there a way to hide the whois information of the domain ?15:31
=== hessml|away is now known as hessml
jpdsorudie: Whois guard at best.15:31
stanman1hi, i installed ubuntu 8.04 LTS off an usb stick, but now when i remove the usb stick I get an error 15 at grub, how can i solve this?15:34
ivoksstanman1: remove grub from hard disk15:35
stanman1ok, apt-get remove grub?15:38
stanman1then reboot?15:38
ivoksgrub is installed on MBR of your hard disk15:38
RoAkSoAxivoks, heya master i'm back :)15:38
ivoksyou have to clear hard disk; install another boot loader there15:38
ivoksRoAkSoAx: hi15:38
keesivoks: should we carry the xattr patch in Ubuntu, you think, to give it a wider audience?15:39
ivokskees: that was my idea; that's why i asked debian dev about that15:39
* kees nods15:39
ivokskees: he said he won't introduce changes that aren't from upstream15:39
keeswe'd want jorg's patches too.15:40
ivokskees: so, we could do it... but we would be alone there :)15:40
keesivoks: sure, but we do that in other places too.  :)15:40
ivokskees: note that 'my' patch was extracted from redhat's tar15:40
keesivoks: right, sure.  we'd want Jorg's fixes, though, too.15:40
ivokskees: right15:40
keesI'm surprised RH hasn't run into more problems with it -- the strdup vs memcpy issue is rather nasty.15:41
ivoksif we do that for tar, we could enable acl by default on all partitions15:41
keesivoks: it seems that acls work already, but that useracl is what's non-default currently.  is that right?15:41
ivoksacls don't work15:42
keeshm, ok15:42
ivoksyou can't set acl on files15:42
ivoksbut (almost) all programs are compiled with support for it15:42
keesI'm curious about it for fscaps, which uses xattrs15:43
ivoksdon't know what's that :)15:43
RoAkSoAxivoks, when we are dropping a patch, should I just remove it from the debdiff or should i delete it from debian/patches?15:43
ScottKRoAkSoAx: Why are we dropping it?15:44
ivoksRoAkSoAx: debdiff is diff between debian and ubuntu15:44
RoAkSoAxScottK, because debian merged it15:44
ivoksRoAkSoAx: if ubuntu is droping patch, then it exist in debian15:44
ivoksRoAkSoAx: therefor, it's not in debdiff15:44
ivoksRoAkSoAx: but if your debdiff removes patch that debian did, then you are probably doing something wrong15:45
ivoksdo you understand what i'm trying to explain? :)15:45
=== hessml is now known as hessml|away
RoAkSoAxivoks, in paraview.. i need to drop ubuntu-use-ffmpeg-swscaler becuase debian has merged it (use-ffmpeg-swscaler.patch) so I need to drop the ubuntu patch.15:47
RoAkSoAxivoks, i remove it from the debian/patches/series file, and when I do the debdiff.. it still appears on the debdiff... know what i mean?15:47
ivoksall you have to do is note in changelog explaining that you droped a patch cause debian include it15:47
ivoksRoAkSoAx: don't remove it15:47
ivoksRoAkSoAx: you don't quite understand whole concept, i'm affraid...15:48
RoAkSoAxivoks, i mean in the diff i'm trying to remove the patch that ubuntu did.. let me show you just a aset15:49
ivoksRoAkSoAx: i'll be back in 20 minutes15:50
=== hessml|away is now known as hessml
duvnellany idea how to get new dmesg message to go to a tty so I can what what was happening just before this box became unresponsive?16:07
Ash-FoxHow do I disable ssh's stupid check on file permissions on certificates? - I am trying run backups under a specific user and I use ACLs to grant it read access to everything and SSH refuses to work when the ACLs are set on the files.16:10
ivoksRoAkSoAx: cluster stack session got approved for UDS16:43
RoAkSoAxivoks, awesome.. has it been scheduled yet?16:43
jpdsProbably not.16:43
ivoksnot yet16:44
RoAkSoAxivoks, hopefully they scheduled on of the lasts sessions so that I can attend :)16:48
ivoksRoAkSoAx: i was thinking of that... what's the time you would like it to be?16:49
ScottKRoAkSoAx: If you subscribe to the spec and tell LP when you will be there, that does bias the scheduling algorithm.16:50
RoAkSoAxivoks, do you know what's the timezone there?16:50
ivokssame as here16:51
ivoksthat's -7 for you16:51
ivokssommer: rain on sunday in barcelona...16:52
RoAkSoAxivoks, at what time is the last session?16:53
RoAkSoAxjpds, 4 to 5 right?16:53
RoAkSoAxivoks, yep, I guess it will need to be at 4pm, since it will be 9 am for me16:54
jpdsRoAkSoAx: You lazy thing! I wake up at 6am.16:55
RoAkSoAxjpds, hahahaha i usually wake up at 9.3016:55
ivoksRoAkSoAx: still teenager? :)16:59
RoAkSoAxivoks, almost 24 :P16:59
RoAkSoAxivoks, just "unemployed"16:59
jpdsivoks: What do you mean by that? :P17:00
* jmedina is 26 and also wakes up at 9:30 :)17:01
ivokslol i'm old17:01
jmedinaivoks: RoAkSoAx where can I find info about proposed cluster stack17:01
ivoksjmedina: we have to discuss it17:02
RoAkSoAxjmedina, that's what is going to be discussed during the UDS17:02
jmedinaIm learning about HA setups17:02
ivoksjmedina: stop right there17:03
ivoksnever mind17:03
RoAkSoAxivoks, should I report it like this: http://pastebin.ubuntu.com/176497/ ?17:05
jmedinaI need to setup a few services in a HA setup, I already have SAN(FC) shared storage, multipath and bonding/vlans for the setup17:05
RoAkSoAxjmedina, i've already added howto's for heartbeat: https://wiki.ubuntu.com/UbuntuHighAvailabilityTeam/Heartbeat I've to review them17:05
ivoksbut don't use hearbeat17:06
ivoksit's dead17:06
RoAkSoAxivoks, there's going to be a heartbeat version 3.x17:06
ivoksRoAkSoAx: yeah, it's ok; but debian might not accept it17:06
jmedinaRoAkSoAx: thanks17:06
ivoksRoAkSoAx: there will be 3.0, since 2.99 is out for some time17:06
ivoksRoAkSoAx: but there are no intentions to continue with it17:06
RoAkSoAxivoks, who's the upstream developer, horms?17:07
jmedinaivoks: I need to use hardy for the setups, so what is the choise for hardy lts?17:07
RoAkSoAxjmedina, heartbeat or rhcs17:07
jmedinaOne of the things still confuse me is shared storage and cluster filesystem17:08
jmedinado I need gfs clvm?17:08
jmedinathis HA setup is going to run under  a virtualized setup in bladecenter17:09
RoAkSoAxjmedina, you need to use cluster filesystem when you have master / master configs... such as 2 file servers serving as active / active17:10
ivoksgfs and ocfs are clustered filesystems17:10
ivoksthey enable you to write at the same time to same filesystem from different machines17:10
ivoksif you want that, i'd suggest using gfs, and thus rhcs17:11
ivoksyou might try ocfs too17:11
jmedinaIm not doing active/active only active/standby17:12
ivoksthen you can use 'normal' linux filesystems17:12
RoAkSoAxjmedina, yes.. check out my tutorials.. they will give you and insight of how active / passive works with heartbeat... btw... if you want to have data replicated between two nodes in active / passive, you can use DRBD...17:13
jmedinathen I read about locking or corrupted FS when a node a failed node is not fenced or something17:13
ivoksha isn't replacement for backup17:14
ivoksif your SAN fails, all you have then is backup17:14
jmedinaI have 4 redundant paths to the san and using multipath17:15
ivoksstill, fire in SAN means no data17:15
jmedinaraid10 in san, and of course backups17:15
ivokserror on filesystem means no data17:15
phreestyle-workI'm having trouble with eBox and need help. For some reason, I can't update eBox in Ubuntu Hardy. It is holding back the packages and squid and dansguardian won't work because eBox is writing incompatible config files17:15
RoAkSoAxjmedina, yes but first you need a technology that allows you to replicate data... this technlogy could be DRBD..., it provides a "fencing" mechanism that tries to prevent from split-braining.. it is called dopd...  i'll soon add a howto on how to do that17:15
ivoksRoAkSoAx: ha has SAN(FC)17:15
RoAkSoAxivoks,  I thought that blade centers had that issue resolved already17:16
RoAkSoAxi mean data replication and that stuff17:16
ivoksRoAkSoAx: http://en.wikipedia.org/wiki/Storage_area_network17:16
ivoksRoAkSoAx: there's no need for drbd and replication with san17:17
RoAkSoAxivoks, yes...17:17
RoAkSoAxivoks, that's why i though that blade centers had that issue resolved already since they do not need of a data repliucation technology such as drbd17:18
jmedinathis blades dont have local disk, im using boot from san17:20
resnoI am looking for a way to get more information then the webalizer main page will give. I am looking for stats on a specific page.17:21
resnoivoks: my server has webalizer on it speficially.17:24
ivoksthat's stoping you from using awstats?17:25
jmedinathe current setup is like this: http://tuxjm.net/wp-content/themes/Ghacks2/images/Esquema_Storage_Fisico_con_redundancia.png17:25
resnoivoks: I guess. I dont admin the server, so I dont know of any features installed on it. I was hoping webalizer allowed this type of access by passing it a parameter or something.17:26
ivoksresno: awstats doesn't do that either, iirc17:27
ivoksresno: you could parse logs :/17:27
resnoivoks: I need stats on one page, but its deep within the site and I am not sure how to get those stats. Its not a highly visited page, which creates the problem.17:28
ivoksjmedina: right... so, what would you like to achive?17:28
ivoksresno: awstats and webalizer are domain-aware, not site-aware17:29
resnoivoks: oh I see.17:29
ivoksresno: so, if you want something for specific site, you should parse logs17:29
ivoksresno: or, with awstats, grep normal apache log, look for specific site17:30
ivoksresno: paste that into new file17:30
ivoksresno: and tell awstats to check out that file17:30
ivoksresno: then it will tell you stats for domain, but since that spcific page is the only page in that log, all stats would be for that page17:31
jmedinaivoks: this is going to be a virtualized enviroment with live migration providing kind of manual high availability17:31
ivoksjmedina: so shared storage should have a filesystem that all of them can access, but not at the same time17:32
jmedinanow I want to give some redundancy for services like proxys, fileservers, routers17:32
ivoksjmedina: ext3 sounds quite ok for that17:32
ivoksjmedina: you could use heartbeat; it should be easier to set up17:33
ivoksjmedina: or red hat cluster suite, which is a bit heavier beast17:33
ivoksyou'll also find more howtos with heartbeat than rhcs17:33
jmedinaivoks: I've been playing with heartbeat but for simple setups, only using network resources: routers, firewalls17:34
ivoksthen again red hat cluster suite is in main, while heartbeat is in universe17:34
jmedinamy main concert is about storage, I want to avoid two nodes access data at the same time17:35
ivoksjmedina: i hope you don't think about doing this in production :)17:35
ivoksjmedina: test it somewhere else :)17:35
jmedinaivoks: nop I have a bladecenter H with 14 blades to play17:35
=== RoAk is now known as RoAkSoAx
ivoksjmedina: if you put ext3 there, they can't access it at the same time17:35
ivoksjmedina: kernel will refuse to mount it17:36
ivoksjmedina: idea is that service moves from one server to another17:36
ivoksjmedina: service can be filesystem or some real service17:36
ivoksso, you can't mount them at the same time17:37
ivoksi use gfs just so i could mount and use them at the same time17:37
ivoksnever had any problems17:37
sommerivoks: rain on sunday... doh17:42
sommerivoks: well I need a new jacket anyway :-)17:43
RoAkSoAxivoks, i paraview has failed to build again18:04
sluimersCan someone help me with ispconfig3? My mails get stuck in var/mail/vmail18:04
RoAkSoAxivoks, http://pastebin.ubuntu.com/176542/18:06
ivoksRoAkSoAx: so...? you know where the problem is?18:08
RoAkSoAxivoks, no, but i was thinking it was because python needs to be a builddepdns?18:09
ivoksRoAkSoAx: it's obvious that's the problem18:10
RoAkSoAxivoks, i did that i'm just waiting to see if it builds18:10
RoAkSoAxivoks, would that be something that will need to be forwarded to debian too?18:11
ivoksRoAkSoAx: i'll tell you when i see the debdiff18:12
RoAkSoAxivoks, in debian they use python-dev which install python (2.6) and python2.6-dev, during building it says that python2.5 has not been found.. so there are too possible solutions right? making it use python2.6 or installing python2.5, which one do you think is the best one?18:15
ivoksRoAkSoAx: make it depend on python2.518:15
RoAkSoAxivoks, i did that. I will need to remove python-dev from Build-Depends and add python2.5-dev and python2.5 right?18:16
ScottKRoAkSoAx: Make it work with 2.6 is a better answer.18:16
ScottKivoks: Why do you say depend on 2.5?18:17
ivoksScottK: i would leave that to upstream18:17
ivokspython2.5 -> python2.6 isn't that simple18:17
ScottKIs it 2.5 due to upstream or packaging from Debian?18:17
ScottKWell generally it's better to use system default, but maybe not in this case.18:17
ivoksif it can work with 2.6, then yes18:18
ivoksbut that would require some seding all over the place :)18:18
ScottKSo RoAkSoAx check if it works with 2.6.18:18
ivoksRoAkSoAx: you could try that :)18:18
ivoksright, 'grep -sr python2.5 *'18:18
ivoksRoAkSoAx: it turns out that paraview is great exercise :)18:19
RoAkSoAxivoks, http://pastebin.ubuntu.com/176550/18:22
ivoksso, debian's the devil :)18:23
ivokstry it18:24
ivoksreplace python2.5 with python18:24
RoAkSoAxivoks, ok18:24
RoAkSoAxivoks, where?  :)18:25
gene420anyone have a good website or lead myself in the right direction to setup a redundant web server I have just aquired a second IP address and would like to use it for a redundancy for my existing apache virtual domain  system18:25
giovanigene420: "redundant" isn't explanatory enough18:26
ivoksRoAkSoAx: sed -i -e 's/python2.5/python/g' debian/paraview.lintian*18:26
giovaniyou want them both sharing the load? you want failover when one dies (one is primary, one is secondary)18:26
giovaniexplain a bit18:26
gene420sharing the load18:26
giovanigene420: the cheap and simple way is to use round-robin dns18:26
ivoksthere's even cheaper way :)18:26
giovaniwhere you put two A records in for the hostname18:26
gene420I have each website with godaddy18:26
ivoksapache has mod_proxy_balancer18:27
giovaniivoks: that's not cheaper nor more simple18:27
giovaniI'm not saying it's a bad solution18:27
giovanibut it's hardly the simple method18:27
gene420so then just add a second A name record to godaddy and schedule rsync to keep them synced18:27
giovaniand I wouldn't recommend it to a random new admin18:27
giovanigene420: heh, what kind of data are you trying to sync?18:28
gene420I have 4 customers with simple drupal websites...18:28
ivoksare you certain you need load balancing?18:29
giovaniyou won't be keeping backend DBs consistent with rsync, sorry18:29
ivokshe'll need mysql master-master replication18:30
giovaniif he's using mysql, sure18:30
ivoksgene420: do you have 2 servers at all?18:30
ivoksor one with 2 IPs?18:30
gene420eserver 335 and hp proliant dl-59018:30
ivoksso, two of them18:31
ivokswhich database do you use?18:31
gene420two static ips with bell business...in seperate locations18:31
ivoksseparate... like couple of miles away or room next door?18:31
gene420sorry kinda of new to this side of things18:31
gene420same building upper and lower level18:32
RoAkSoAxivoks, i'll have to do the change in debian/rules too right?18:32
gene420so I could pull an ethernet cable between them18:32
J_PHi all18:32
giovanigene420: you're hosting websites on an office internet connection18:32
gene420yea ....18:32
ivoksRoAkSoAx: you didn't paste everything right?18:32
RoAkSoAxivoks, yes, but in debian/rules they use a PVER = 2.518:33
RoAkSoAxso I just bumped it to 2.618:33
ivoksRoAkSoAx: good catch ;)18:33
giovanigene420: why not use some VPSes instead?18:33
J_PIs possible Real time linux with the new ubuntu 9.04?18:33
gene420just for small business so far things have been working fine...6Mpbs dsl connection18:33
giovaniyou'd get far more bandwidth, far more reliability, at far less hassle18:33
giovaninot to mention true redundancy, by putting them in totally separate cities/countries/datacenters18:33
gene420just trying to keep the cost down ....and figured it would be a good learning experience18:34
ivoksgene420: with 6mbit/s your server will serve web site without a sweat18:34
giovanithe cost will be lower with VPSes, I assure you18:34
giovanithe power required to run two full servers18:34
giovaniis far more costly than two VPSes18:34
giovaninot to mention bandwidth18:34
giovanigene420: same learning experience, just physical location is different18:34
gene420power and resources aren't really an issue becaue they need the servers running for other services like network backup and samba domain policy logins with xp18:35
gene420i know what you mean thou I kinda of should just use godaddy to host them would save me some hassle18:36
giovaniheh, no I wouldn't ever recommend that18:36
giovaniI'd stay away from godaddy at all costs18:36
RoAkSoAxivoks, ok, so in case it builds, I'll just have to update the changelog saying: Bumped python version from 2.5 to 2.6?18:37
ivoksRoAkSoAx: yes18:37
ivoksRoAkSoAx: including a list of files where you changed that18:37
ivoksRoAkSoAx: rules, control and paraview.lintian-overrides18:38
RoAkSoAxivoks, i would also need to update README.Debian ?18:38
ivoksRoAkSoAx: good question...18:38
ivoksScottK: what's your opinion?18:38
* ScottK reads18:39
ScottKRoAkSoAx: Does README.Debian currently say anything about specific Python versions?18:39
ivoksScottK: yes18:39
ScottKThen I would update it.18:40
ivoksit states that paraview is built with 2.518:40
ScottKKeep in mind that README.Debian is for users and not devs.18:40
RoAkSoAxScottK, it says this:  Paraview is built against python2.5 only (it works with python2.4, but you would have to compile it yourself, changing build depends and debian/rules).18:40
ScottKRoAkSoAx: Alternatively you could make it build against both 2.5 and 2.6 and remove that bit entirely18:41
ScottK2.4 isn't supported Jaunty and later.18:41
RoAkSoAxScottK, doing that will imply modifying debian/rules right?18:42
RoAkSoAxsince there it specifies which version of python should be used18:42
RoAkSoAxin a PVER variable18:42
ScottKRoAkSoAx: Alsmost certainly (keep in mind I didn't look at this package)18:43
ivoksyou have to update both files18:43
ivoksand mention that in changelog18:43
RoAkSoAxok i'll first finish building with python 2.6 and create a debdiff so you can see it18:43
niekieDoes anyone know if Ubuntu is currently vulnerable to http://www.theregister.co.uk/2009/05/19/open_ssh_hack/ ?18:44
niekieAnd if a fix is in the works if so?18:44
ivokskees: ^^18:46
ScottKConsidering the Debian package we're derived from was uploaded in January and there's a later upstream release available, I'm guessing the news isn't good.18:49
ScottKI suspect cjwatson_ will be interested too18:50
ivoksaccording to article, it's a design flaw18:50
keesniekie: it requires an active MitM attack18:50
keesniekie: so, as such, it is a very hard to exploit issue, but does need fixing.18:50
niekiekees: I know. But still I'd feel a lot safer if it wouldn't be there ;)18:51
keesniekie: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-5161   no one has released fixes for it18:51
uvirtbotkees: Error handling in the SSH protocol in (1) SSH Tectia Client and Server and Connector 4.0 through 4.4.11, 5.0 through 5.2.4, and 5.3 through 5.3.8; Client and Server and ConnectSecure 6.0 through 6.0.4; Server for Linux on IBM System z 6.0.4; Server for IBM z/OS 5.5.1 and earlier, 6.0.0, and 6.0.1; and Client 4.0-J through 4.3.3-J and 4.0-K through 4.3.10-K; and (2) OpenSSH 4.7p1 and possibly other versions, when using a block cipher algori18:51
keesniekie: yeah, I'd be curious to find out if the 5.2 changes can be backported easily.18:51
keesniekie: as a work-around, you can follow the recommendations at the end of http://openssh.org/txt/cbc.adv18:52
niekiekees: Ah! Thank you very much.18:54
ivokship hip... hooray!18:55
ScottKkees: Any idea what the downside of the workaround is (i.e. why it's not just made default)?18:56
niekieThe "workaround" doesn't seem to be a total fix though. In that suggested "Ciphers" list I can still see aes in CBC mode.18:57
niekieSo it will prefer other non-vulnerable ciphers first, but will fall back to the vulnerable ones.18:57
keesScottK: I don't, but I'd like to understand what they did to fix it in 5.2.18:57
* ScottK decides not to panic18:58
niekieScottK: I wouldn't worry that much about it.18:58
keesyeah, we classified it as "low" when it was announced.18:58
niekieI mean, the connection needs to be killed several times apparently for this to work.19:00
niekieIf you open a SSH session and you're suddenly disconnected, you usually don't try to reconnect another 11355 more times ;)19:01
niekie(though automated stuff might, which is where this issue is more serious, AFAIK)19:01
* ivoks trusts kees and jdstrand with his life, so... no worries19:03
ivokskees: feeling pressure? :D19:03
keesivoks: yikes!19:04
niekieYeah, I've heard the legends :P19:04
keesivoks: I don't have any real medical skills.  :)19:04
* kees heads to dinner19:04
niekieHave a great one! :)19:04
ivokskees: oh, barcelona already? :)19:04
ivokstake care, /me goes to a movie19:04
ivoksthe movie19:05
ivoksor whatever19:05
=== rgreening_ is now known as rgreening
=== isaac_ is now known as isaac
=== hessml_ is now known as hessml|away
billybigrigger_how would i go about setting up my mailserver if my isp is blocking port 25????19:52
billybigrigger_is there a way i can use a different port? like outbound 700 or something??? cause i can recieve mail inbound but cannot send any mail19:53
ScottKbillybigrigger_: You would need a server outside your ISP listening on that port to relay to 25.19:54
billybigrigger_do you know of any free bounce servers or anything i could use?19:54
jmedinabillybigrigger_: you can configure your MTA to use submission service19:54
billybigrigger_what is submission service?19:55
jmedinait is the recommend way, so your server users tcp/25 for receiveing mail and tcp/58719:55
jmedinait is the same that smtpd but is used for other purposes for example for mail relaying using smtp+auth19:56
maxbjmedina: That would not work, and is not recommended.19:56
jmedinahere in México all ISP block outgoing TCP, so we use tcp/58719:56
maxb587 is intended for *submission* from MUAs, *not* for MTA to MTA communication19:56
jmedinamaxb: ok, I tought he wantted submission from MUAS19:57
billybigrigger_i just need outgoing port 2519:57
billybigrigger_since outbound 25 is blocked19:57
stickystylebillybigrigger_:  You need to look at setting a smarthost19:57
stickystylethe smarthost being your ISP19:57
billybigrigger_so use my isp for outbound mail?19:58
jmedinafor postfix I have this config it uses SMTP-AUTH to auth agains your smart host19:58
billybigrigger_would my mail come from billy@isp.com or billy@mydomain.com19:59
stickystylebillybigrigger_:  Yes.  you basically relay your mail through your ISP.19:59
J_PAnyone can tell me if Is possible Real time linux with the new ubuntu 9.04?19:59
jmedinabillybigrigger_: it depends on how your ISP is configured19:59
billybigrigger_jmedina::: do you have an english translation of that page :P19:59
stickystyleSince the From: header is set in the MUA, it wont matter what your ISP does.19:59
jmedinabillybigrigger_: not, probalby google :D20:00
billybigrigger_jmedina::: i know thanks :P20:00
billybigrigger_jmedina::: actually already have a spanish to english trans plugin in firefox...was looking at moving to mexico :P but the job fell through :( kinda sad about it :(20:00
ScottKJ_P: There is a RT kernel if that's what you mean?20:01
jmedinabillybigrigger_: good, what is that trans plugin?20:01
billybigrigger_just highlight certain words in the page and pop-up comes up with the translation, or you can translate the whole page20:03
billybigrigger_pretty useful20:03
billybigrigger_works in a ton of languages too20:03
J_PScottK: RT kernel? where I start with RT kernel?20:03
billybigrigger_can anyone suggest a good tutorial or package for configuring a turn-key mailserver? i don't need to much fancy stuff, just a simple home mail server20:04
ScottKbillybigrigger_: Most or all of what you need should be in the Ubuntu Server Guide.20:04
billybigrigger_im not too worried about security, i just need something quick and easy, that will let me to setup this smarthost you guys talk of20:04
billybigrigger_would dovecot-postfix suffice?20:05
stickystylebillybigrigger_:  Wrong words to say, you should always think about security.20:05
stickystyledovecot-postfix is a very nice solution.20:05
* stickystyle runs dovecot + postfix for his company.20:06
J_PScottK: are you tell me about a RTAI for example?20:06
ScottKJ_P: I know little about it, just that it exists.20:06
J_PScottK: ok.20:07
W8TAHfor a dual xeon server -- should i be running 32 bit server or 64 bit?20:08
maxbI think that isn't enough information to know20:10
stickystyleW8TAH:  depends if the xeon's are 32 or 64 bit.20:10
W8TAHoh -- ok20:11
W8TAHi'll keep diggin20:11
philsturgeonwhats the best approach for installing mod_security in 8.04? seems to be the only version without it in the repo20:13
jmedinaI would compile mod_security by hand20:18
philsturgeonlooks like its going to be that way. was wondering if its sat in a different repo anywhere, but no worries20:18
maxbCheck for a PPA? If not, create a PPA!20:19
maxbPersonal Package Archive, a facility of launchpad.net by which *anyone* can have their own subsidiary Ubuntu package archive with automatic builds of uploaded source for i386 amd64 and lpia20:24
philsturgeonha, nice20:26
ScottKphilsturgeon: It had licensing problems and got removed.  They got fixed, but not in time for 8.0420:29
philsturgeonScottK: Indeed20:29
billybigrigger_stickystyle::: ok, i've setup dovecot-postfix with a smarthost, being my ISP's smtp server...20:33
billybigrigger_stickystyle::: which ports do i need forwared? my mailserver is behind a router...just my imap port needs to be forward right? since outbound is handled via my isp?20:33
billybigrigger_how do i find out what security postfix was built with in the dovecot-postfix package?20:43
billybigrigger_im trying to setup evolution here and i want to use pop3s20:43
billybigrigger_or imaps20:43
hggdhbillybigrigger_, dovecot-postfix does not embed either dovecot or postfix, they are depends20:44
hggdhso it is whatever is the current dovecot and postfix packages20:44
billybigrigger_so installing dovecot-postfix without anything else doesn't enable tls or ssl?20:45
hggdhthe dovecot-postfix package carries an upodated dovecot configuration. If you already have one, you will have to match & mix20:46
hggdhin my case, I have to update the SSL certificates in use (so that dovecot would use mine)20:46
billybigrigger_bah this is confusing20:53
billybigrigger_should a default apt-get install of dovecot-postfix work out of the box?20:53
billybigrigger_i think i have my mx record set...and used a relayhost of my isp's smtp server...20:53
hggdhbillybigrigger_, as long as you do not have any customised dovecot or postfix, yes20:53
billybigrigger_i can't seem to login via evolution using either imap or pop320:53
billybigrigger_won't accept plaintext passwords, and i can't find out what authentication type it uses20:54
billybigrigger_nmap shows imap, imaps, pop3, and pop3s ports open20:55
hggdhmake sure you have, in your dovecot configuration, "mail_debug=yes" and "vebose_ssl=yes"; if you do not, add them in, and bound dovecot (sudo service dovecot restart)20:56
hggdhthen try again, and look at /var/log/messages for dovecot messages20:57
hggdhand go from there20:57
hggdhargh! "verbose_ssl=yes", not "vebose_ssl"20:57
billybigrigger_looking at /var/log/mail.log messages right now20:57
billybigrigger_i sent a message out to a hotmail account, and i recieved it21:00
billybigrigger_now sending from hotmail to my mailserver isn't working...or hotmail is slow...21:00
billybigrigger_or maybe i have something eff'd up somewhere21:00
billybigrigger_dig MX mydomain.com doesn't show an MX record...21:01
billybigrigger_probably why it's not working yet eh? and that's why i can send out mail, through the isp's smtp21:01
philsturgeontrying to install mod_security from source on ubuntu 8.04. run ./configure and get "configure: error: libxml2 library is required".21:22
philsturgeoni have libxml2 installed at /usr/lib/libxml2.so.221:22
hggdhphilsturgeon, you probably also need to install libxml2-dev21:23
philsturgeondone. thanks :)21:24
philsturgeonnext is ./Makefile right?21:24
sluimersDoes anyone here have experience with ispconfig?21:27
sluimersispconfig 3?21:28
hggdhphilsturgeon, you re-ran ,.configure, correct?21:28
hggdh(and select whatever options would apply)21:28
philsturgeonyes indeed. makefile was a silly guess, but it needs another step i think21:28
philsturgeonahhh... think i need to move the mod_security into apache first. oops21:30
philsturgeonim confused :$21:31
hggdhphilsturgeon, now run "make"21:31
philsturgeonahh there we go21:32
philsturgeonnot done much compiling without tutorials. not a noob, i consider myself a guru in training :-)21:32
philsturgeonmake & make install were both happy. job done, thanks21:32
hggdhphilsturgeon, good luck now ;-)21:33
maxbphilsturgeon: Have you considered backporting the package from intrepid instead?21:36
philsturgeonmaxb: I asked on here for ideas, people just said to compile my own21:37
philsturgeondone it now :p21:37
maxbYes, well, that's what I meant21:37
maxbcompile your own as a package :-)21:37
=== yml_ is now known as ghost
=== ghost is now known as Guest42890
=== yml_ is now known as yml
phreestyle-workhey everyone, I was looking at the forums for a way to clear our residual config files left over from removed packages. I found a thread that tells you to use Synaptic, but is there any way to do this from the command line?22:20
jmedinaphreestyle-work: use purge option for dpkg22:21
jmedinadpkg wont delete config files if they where modified after instalation unless you use purge option22:22
phreestyle-workjmedina: can u give an example please?22:22
jmedinadpkg -P packagename22:22
phreestyle-workbut the packages are already gone and I don't know the names of them all22:23
jmedinammm probably you can get a list from /var/log/dpkg.log22:26
jmedinaI dont know another way22:27
phreestyle-workbut the purge command from dpkg will work if the packages has already been removed, right? because if I do something like: apt-get purge old-package it won't work because the package is already been removed22:27
=== jes_ is now known as XiXaQ
Ash-FoxHi, is there a way I can shut down a system as root without physical access to it without the halt, poweroff, reboot, init, runlevel, shutdown? Why am I asking? Because the server I'm in is suffering numerous drive issues and I can't shut it down via those commands, but many others are workign currently22:35
thirstehAsh-Fox, got 'cat'?22:37
Ash-Foxthirsteh, yep.22:38
jmedinaAsh-Fox: what about ctrl+alt+supr?22:40
jmedinaohh it is remote22:40
thirstehAsh-Fox, I -think- this will work, but it's a long time since I've used this. No matter what, it's temporary anyway;22:40
thirstehecho 1 > /proc/sys/kernel/sysrq22:40
thirstehecho o > /proc/sysrq-trigger22:40
thirstehthat will shut down the machine entirely22:40
thirstehto reboot, echo 'b' instead of 'o'22:40
jmedinathirsteh: good tip, what does it do>?22:41
Ash-Foxthirsteh, it didn't like that.22:41
thirstehAsh-Fox, how so?22:41
Ash-Fox"input/output error"22:41
Ash-FoxI did however find a way around it22:41
jmedinaAsh-Fox: which one?22:42
thirstehjmedina, the same as sysrq, o, but without physical keyboard access22:42
Ash-FoxMounted /media/cdrom as tmpfs, copied poweroff from my laptop to it, executed ./poweroff -f22:42
thirstehyou almost definitely need to echo that as root by the way22:42
thirstehah okay22:42
Ash-FoxThat was fun22:43
billybigrigger_what kind of authentication does dovecot come with?23:27
billybigrigger_im trying to configure evolution with my mailserver and i just have plaintext passwords setup as of now...23:27
billybigrigger_which for obvious reasons is no good23:27
giovanithat's all in the documentation23:28
billybigrigger_yeah but evolution is showing that no auth types are supported23:28
giovanivery easy to find, took me less than 10 seconds on the dovecot site: http://wiki.dovecot.org/Authentication/Mechanisms23:28
giovaniwell check your dovecot configuration -- you have to tell it which authentication methods to allow obviously ...23:29
billybigrigger_and i highly doubt the default ubuntu config for dovecot comes with plain text enabled by default23:29
giovaniyou do? why would you highly doubt that?23:29
billybigrigger_well ya i see that, but why are plain text enabled by default?23:29
XiXaQbillybigrigger_, what ubuntu and how did you install it?23:29
giovanibecause many people use it23:29
billybigrigger_sudo apt-get install dovecot-postfix23:29
giovaniXiXaQ: it's not a debate ... it is enabled by default23:29
XiXaQbillybigrigger_, then the secure protocols should be enabled by default.23:29
billybigrigger_no, plaintext password authentication is enabled by default23:30
giovanibillybigrigger_: yes, we already discussed this23:30
giovanithat's normal, and expected23:30
billybigrigger_yes, im talking to XiXaQ23:30
giovanistop talking about it like it's a bug23:30
giovaniwhy don't you spend 10 seconds looking at your dovecot config23:31
giovanito find out which auth mechanisms it's supporting23:31
billybigrigger_ya thanks tips23:31
billybigrigger_  #   plain login digest-md5 cram-md5 ntlm rpa apop anonymous gssapi otp skey23:31
billybigrigger_  #   gss-spnego23:31
giovaniwhy is there a comment mark there?23:32
billybigrigger_cause its in the comments maybe?23:32
giovanithen why are you pasting it?23:32
billybigrigger_  mechanisms = plain23:32
giovanithat's not relevant23:32
giovaniok, so add the method you'd like to use ...23:32
giovaniand remove plain23:32
billybigrigger_oh? the list of supported auth types are relevant?23:32
billybigrigger_haha thanks tips23:32
giovanithe list of supported auth types are in the URL I pasted minutes ago23:33
billybigrigger_[16:28] <billybigrigger_> yeah but evolution is showing that no auth types are supported23:33
giovaniwe want to know what's listed in your config as the mechanisms in use23:33
giovaniright, clearly because of your mechanisms line23:33
giovaniwhy is it that you can't just resolve this?23:33
giovaniclearly you know what the supported auth types are ... you want to show them to me? just select the one(s) you'd like to use23:34
billybigrigger_i can, thanks23:34
billybigrigger_i confused myself over something...23:34
billybigrigger_thanks, sorry to piss you off and waste your time23:35
billybigrigger_k, now i have a question of opinion, these are something i know nothing of, and have no care about...but what is a better auth method, cram-md5 or digest-md5 for a home mail server?23:36
giovaniif you read the link I pasted: http://wiki.dovecot.org/Authentication/Mechanisms23:37
giovaniyou'll see a very simple rundown and comparison of the different auth types23:37
giovanisuch as:23:37
giovani# CRAM-MD5: Protects the password in transit against eavesdroppers. Somewhat good support in clients.23:38
giovaniDIGEST-MD5: Somewhat stronger cryptographically than CRAM-MD5, but clients rarely support it.23:38
billybigrigger_giovani::: thanks...maybe i should check out your post :P23:38
billybigrigger_does it have a section in there about setting up MX records? :P i think i have mine screwed up, as im not recieving any mail, but i can send out23:39
billybigrigger_so upon a quick read, cram-md5 is secure enough for a home server and most likely the most supported...am i correct in assuming this?23:40
giovanino, dovecot is completely unrelated to MX records23:45
giovaniif you read the dovecot link, you'd know that, yes23:45
billybigrigger_why so serious?23:46
billybigrigger_i know mx and dovecot have nothing to do with each other, it was a joke, hence the smiley face at the end, but thanks23:46
mobi-sheepI'm a bit confused.  I use a script that add a bunch of blacklisted servers to my /etc/hosts --> redirected to so they would redirect themselves to nowhere.  Useful to ban ads.  However, that do not work as I still see the ads... in Prism.23:58

Generated by irclog2html.py 2.7 by Marius Gedminas - find it at mg.pov.lt!