/srv/irclogs.ubuntu.com/2009/06/02/#ubuntu-server.txt

[DeViL_KiLLs]exit00:14
MianoSM?00:45
MianoSMyou need the file sites-enabled/default?00:45
Clustyhey01:14
Clustyi installed my new ubuntu and was foolish enough to enable encrypted home dirs01:15
Clustyany way I can disable it somehow?01:15
MagicFabClusty, assuming you have a backup, yadda yadda... rm ~/.encryptfs01:18
ClustyMagicFab: I don;t care of what's inside the home. the problem is that this stupid mechanism blocks ssh authentication by keys01:22
Clustywill try now :D01:22
Clustyfingers crossed :D01:22
MagicFabClusty, and you're very welcome!01:25
Gorfy00hello!01:45
Gorfy00please help: ubuntu 9.4 (jaunty). When creating a samba share from this PC, another PC (same distro) receives "Unable to mount location, failed to receive share list from server". Cause?01:46
ClustyMagicFab: does not work01:47
ClustyMagicFab: the encryptedfs thing gets regenerated01:48
uvirtbotNew bug: #382601 in php5 (main) "php5 does not build" [Undecided,New] https://launchpad.net/bugs/38260101:55
jmarsdenClusty, there is a way to have encrypted home dir and SSH working... I think info is on Dustin Kirkland's blog??02:20
jmarsdenOh, he's gone... never mind :)02:20
oh_noesHas the next LTS server version had a date/version set?02:25
kirklandjmarsden: not really02:30
kirklandjmarsden: well, i mean yes, it works, but you have to use password authentication02:31
kirklandjmarsden: it's your password that's required to mount your home dir02:31
jmarsdenCan't you set things up so the ssh config files are outside your home dir, or something like that... didn't I see a discussion about this somewhere a few weeks back??  Maybe I'm mis-remembering it.02:32
kirklandjmarsden: yes, you can, and you will be able to login02:33
kirklandjmarsden: i mean, you can get onto the system, with a shell02:33
kirklandjmarsden: but you won't have a home dir mounted until you enter a password02:34
jmarsdenAh, yes, OK.  Makes sense.  So whether that is worth it depends on whether your activities on the remote host need access to stuff in your home dir.02:35
oh_noes*sigh*, I can't believe open-vm-tools is 138MB02:43
oh_noesstupid vmware02:43
jmarsdenoh_noes: Vote with your keyboard... use KVM instead?02:49
oh_noesBusiness decision, not IT02:49
oh_noesand how big is KVM's 'tools' implementation?02:49
snthHas anyone used AppArmor audit tool?02:50
bobwhoopsHi all, I've got a machine running ubuntu server 7.04. Is there any way to still install packages since its support has ended?03:43
ScottKbobwhoops: Look in old-releases.ubuntu.com (I think).03:51
twbThough obviously 7.04 won't receive security updates03:52
bobwhoopsScottK: What am I looking or, backports?03:54
ScottKThat has the final 7.04 package archive in it.03:55
ScottKIf you change your sources.list from archive.ubuntu.com to old-releases.ubuntu.com you should be able to install packages.03:56
bobwhoopsThanks, it worked03:58
=== mcasadevall is now known as NCommander
ScottKbobwhoops: My next suggestion is upgrade.  You're two releases out of support.03:59
bobwhoopsYeah, but I'm lazy. I guess I should do it for security, but can't think of any other reason to do so04:00
ajmitchsecurity is a fairly good reason to do so04:00
ScottKIf you're going to be lazy, at least do it where there is security support (I still have a Dapper desktop I really need to upgrade this month).04:12
NCommanderScottK, you've had that dapper desktop since before I knew you :-/04:14
ScottKYep.04:14
U2GBI've a freshinstall ubuntu server 8.04 that stop booting from raid1 with message "Freeing initrd memory: ...". I created the raid twice and get the same error. Anybody know what mean thats error?04:17
a_okwhen I install linux-server on a 64bit installation of ubuntu will i get the 64bit kernel?05:41
twba_ok: either the entire install is 64-bit, or none of it is.06:09
a_oktwb: ok06:10
twbIf you install ubuntu-server from the amd64 CD, you'll get 64-bit linux (and userland).06:10
twbIf you install from the i386 CD, you won't get any 64 bit stuff.06:10
a_oktwb: i was just confused because pre 8.04 there it was in the name but it makes sence this way06:17
twbYes, well.  Ubuntu have their own way of doing kernels, different from Debian, so you have to expect Ubuntu's silliness to creep in06:18
=== asac_ is now known as asac
uvirtbotNew bug: #382649 in mysql-dfsg-5.1 (universe) "package mysql-server-5.1 5.1.31-1ubuntu2 failed to install/upgrade: subprocess post-installation script returned error exit status 1" [Undecided,New] https://launchpad.net/bugs/38264909:01
uvirtbotNew bug: #381246 in nagios-plugins (universe) "check_http adds Port to Host Header (which is a violation of RFC) leading to problems checking certain hosts; current official nagios plugin sources fixes the problem" [Wishlist,Confirmed] https://launchpad.net/bugs/38124609:20
rags I have two AdSL lines and I need a way to balance my internet traffic between them. Is it possible?09:33
ragsRight now, If a line drops I have to change my gateway to the second router.09:34
simplexiorags: its possible, but noe trivial09:38
ragssimplexio: Does it involve bonding the interfaces into one or something like tht?.09:41
ragsI found e-box and shorewall having the feature of wan load balncing. but I wanted to see if I could do it witout any other s/w09:42
simplexiorags: that would be first thing i would try09:42
_rubenthe lartc document has some limited info on it .. for it to work properly (detect dead gateways in a nice way) you'd need kernel patches though09:42
simplexiorags: and shorewall is just interface for iptables and tc so you can do it without it09:43
simplexio_ruben: are sure you need kernel stuff, i thought that all neded stuff is in 2.6 series kernel09:43
rags_ruben: Ya lartc shows tht it can be accomplished using a "TEQL" device but it has some caveats.09:46
_rubensimplexio: proper dead gateway detection still requires some patches, last i checked that is, which has been a while09:47
ragsI was thinking of application specific routing ( if possible). Like my voip traffic going one interface and downloads going thro the other line.09:47
_rubenrags: no, there's a section on multiple gateways, doesnt involve any special devices09:47
_rubenthat's even easier, and explained in the lartc doc :)09:48
_rubenfailover & "real" loadbalancing is much harder09:48
rags_ruben: application specific routing is easier??09:49
_rubenwell .. application level perhaps not, but ip/port level is09:49
simplexiorags: just forward http, https, ftp, email, downloads etc to one and voip and similiar stuff to another09:51
ragssimplexio: can you tell me how?09:53
ragssimplexio: by suing shorewall or iptables?09:54
simplexiorags: it need iptables magick, i dont howto, because i havent done it newer, but i know that it works10:06
=== masACC is now known as maswan
ssmsimplexio: a google for "shorewall dual dsl" gives a good list of howtos for that10:09
=== yann2_ is now known as Yann2
ragssimplexio: thx..I found a very good how-to: http://blog.taragana.com/index.php/archive/how-to-load-balancing-failover-with-dual-multi-wan-adsl-cable-connections-on-linux/..if anyones is interested10:19
quizmehi, i created a user, but when i login as that user I get: Could not chdir to home directory /home/tempuser: Permission denied10:21
quizme-bash: /home/tempuser/.bash_profile: Permission denied10:21
quizmedoes anybody know why that happens ?10:21
simplexioquizme: no permissions to read its homw dir10:37
sorenquizme: How did you create the new user?10:38
sorenquizme: Also, please provide the output of: "ls -ld / /home /home/tempuser"10:39
quizmei figured it out...... it's cuz i had 700 the directory above.10:39
sorenIn pastebin10:39
quizmethank you guys10:39
sorenSure.10:39
quizmesorry for the false alarm10:39
uvirtbotNew bug: #382677 in openldap (main) "crash with SQL backend on search with empty attributes" [Undecided,New] https://launchpad.net/bugs/38267710:46
a_okthe only thing changed on our server is an upgrade from 7.10 to 8.04 now apache seems to leak memory (getting a sizelimit restart about every 4 days since upgrade) is this known problem?11:48
a_okwe use modperl btw11:48
sorenWhich mod_perl specifically?11:50
TJ`can anyone help me out with PPTPD? It only disconnects when the user asks it to do something extremely strange. The connection is stable until you make a request, be it http, ssh or rdp the connection dies on anything other than a ping11:56
uvirtbotNew bug: #382713 in mysql-dfsg-5.0 (main) "package mysql-server-5.0 5.1.30really5.0.75-0ubuntu10.2 failed to install/upgrade: subprocess post-installation script returned error exit status 126" [Undecided,New] https://launchpad.net/bugs/38271312:51
uvirtbotNew bug: #382727 in mysql-dfsg-5.0 (main) "package mysql-server-5.0 5.1.30really5.0.75-0ubuntu10.2 failed to install/upgrade: le sous-processus post-installation script a retourn? une erreur de sortie d'?tat 1" [Undecided,New] https://launchpad.net/bugs/38272713:46
stanman1hi, i want to create a mail relay server so our sbs 03 domain's mail have disclaimers, anyone done something similar before?14:03
Niels_Hi folks!Has anyone of you experience using KVM on Jaunty?14:11
stanman1anyone did the spamsnake tutorial on how to forge?14:15
SpaceBasshey folks14:22
SpaceBassanyone had success connecting to a MS SQL db via ODBC?14:23
giovani|workSpaceBass: never had a need, but, plenty of people on google seem to have14:25
SpaceBassgiovani|work: been searching there for a while - not a new question for me ... most of them seem to be using openoffice Base, looking to do something at the ODBC level14:26
uvirtbotNew bug: #382746 in php5 (main) "php-pgsql 5.2.4-2ubuntu5.6 depends from php-db but not installed automatically" [Undecided,New] https://launchpad.net/bugs/38274614:26
Niels_Hi folks!Has anyone of you experience using KVM on Jaunty?14:27
Niels_ghostlines, Hi and thanks for your reply. However I am thinking about to set up just now a KVM Server based on Jaunty. Here is what I'd like to realize:14:35
Niels_1 PDC using Win2008StandardServer, 1 Exchange2007 and one Application Server14:36
Niels_I have two physical NIC's and each Server should have its own IP. So, I will need 4IP's -- right?14:36
Niels_to my understanding I have to built virtual NIC's but I haven't found as yet a HowTo which explains briefly howto configure virtual NIC's14:37
Niels_or will I have to do something different?14:39
Niels_ghostlines, the next question that is on my mind is: some say the best way to set up and configure new Guest OS'es is using virt-manager, some say oVirt and others say the best way would be using the given params by KVM. which way would be the easiest for one who hasn't got much experience using virtualisation techniques?14:41
ghostlinesI believe there is documentation on bridging for virtual machines at the ubuntu server guide14:41
ghostlineshttps://help.ubuntu.com/9.04/serverguide/C/network-configuration.html#bridging14:41
ghostlinesis that of some help maybe?14:41
denisesballshey guys, anyone know of a way with apt to show what repository a package is downloaded from14:43
ghostlinesI had a KVM server running fedora and ws2008 and each had it's own ip, and i configured it with a network bridge14:43
denisesballs?14:43
Niels_ghostlines, have you got your old /etc/network/interfaces on hand14:45
Niels_ghostlines, so, I set up KVM with its tools, such as bridging-utils, then I install virt-manager and virt viewer, etc pp and than I should be able to connect via VNC ??? onto the host to get things started? is that right?14:49
Niels_no worries...will get /e/n/interfaces somehow working -- i hope ;-)14:50
Niels_brb14:50
Niels_re14:51
ghostlinesNiels_, : yeah, that's how it works14:52
Niels_ghostlines, how will I start virt-mananegr or viewer remotely? Haven't found anything as yet? So I connect via VNC to lets say 192.168.200.120 which is the Ubuntu Server14:53
Niels_correctß14:54
Niels_ß=?14:54
sorenNo.14:54
ghostlinesNiels_, I have the old disk images from my old vm's and want to get them running again so I'll be going through the same thing later tonight14:54
sorenYou connect to the libvirtd process.14:54
sorenUsing libvirt.14:54
sorenIt's much easier to answer your questions if they're specific. What *exactly* are you trying to do?14:54
sorenNiels_: ^14:54
Niels_1 PDC using Win2008StandardServer, 1 Exchange2007 and one Application Server14:55
Niels_soren, they should run on a Jaunty Server using KVM14:55
Niels_so, basically I wnat to set up a KVM environment for these 3 Servers14:55
sorenRight, but what specifically are you trying to do *right* now? What do you expect to do with the aforementioned VNC connection?14:56
Niels_soren, I read a few statements regarding setup, configuring and managing VM's with tools such as virt-manager, oVirt, etc pp14:57
Niels_Which kernel btw should I use the standard 2.6.28-11-server or the virtual one?14:57
Niels_soren, I haven't got yet any experience with virtualisation, though I need some help14:58
Niels_hope you don't mind me and my noob questions14:58
sorenProbably the -virtual one.14:58
ivoksthe standard one14:58
sorenWhy?14:59
ivoksvirtual is for guests, isn't it?14:59
Niels_soren, I would have thought so, but wasn't quite sure14:59
sorenivoks: Oh, that's not what he's asking?14:59
sorenNiels_: For the host, you want the -server kernel.14:59
ivokssoren: he wants windows guests14:59
sorenivoks: Heh... Good point.14:59
* ivoks got new laptop - thinkpad x200s15:00
sorenivoks: It'll be another year before I get a new laptop  :(15:02
ivokssoren: oh?15:03
Niels_soren, the virtual was for a guest ;-)15:04
Niels_for the host I've chosen the server one15:04
sorenNiels_: I thought you were running Windows guests?15:04
Niels_soren, yes and one debian guest for me ;-)15:05
sorenivoks: Yeah.. Next time I can get my employer to pay some of it will be a year from now.15:05
sorenNiels_: A.15:05
sorenAh, even.15:05
Niels_soren, so, how, once I have the system up, will I connect from my worksation onto the KVM-Virt-Gui?15:07
sorenHave it connect to qemu+ssh://name_of_your_host/system15:07
sorenAssuming you're using the qemu:///system hypervisor on the host.15:08
Niels_soren, yes, I will use the qemu hypervisor on that system15:08
sorenqemu:///system? Or qemu:///session ?15:09
Niels_I read that all I need to install is: kvm and qemu and libvirtd, virt-manager and virt-viewervia apt or aptitude.Is that correct?15:09
sorenOn the host?15:10
Niels_yes, on the host15:10
sorenYou don't need virt-manager nor virt-viewer on the host. Nor qemu for that matter.15:11
Niels_not?15:11
sorenWho took notes for the confconsole talk at UDS?15:11
Niels_What will I need?Just kvm and libvirt?15:11
sorenYes.15:11
Niels_and bridge-utils?15:11
sorenI only have my own notes, which are.. ermm.. Not very extensive. Luckily, I think I still remember most of it, but still I'd like to see the "official" notes to see if I missed anything.15:12
sorenNiels_: Sure. It's a dependency of libvirt-bin.15:12
Niels_soren, okay so I start with putty, lets say the server has the ip 192.168.200.10015:19
Niels_thats wrong, isnt it?15:20
Niels_soren, would you mind giving me a bit more help?15:24
RoAkSoAxivoks, heya!! how's it going15:24
ivoksRoAkSoAx: good, you?15:25
RoAkSoAxivoks, good too. Hey, Heartbeat 2.99.x has been accepted to debian experimental15:25
sorenNiels_: Err.. Putty? Your client is running windows?15:26
Niels_yep15:26
sorenThen I have no idea.15:26
ivoksRoAkSoAx: great; what's the name of the package?15:26
Niels_soren...but I can quickly install beside that xp a *buntu15:26
Niels_I'll just download an actual iso, burn it and be back then.15:27
Niels_afterI have installed it -- I meant ;-)15:28
RoAkSoAxivoks, http://packages.debian.org/experimental/heartbeat15:28
ivoksRoAkSoAx: so, it's hearbeat?15:29
RoAkSoAxivoks, they have also have included a new package called corosync which works with openais15:29
ivoksi was hoping for heartbeat-3 or something15:29
ivoksright, corosync is part of this new cluster structure15:29
RoAkSoAxivoks, yes that's the heartbeat which will have to work with pacemaker.. though pacemaker it's not yet in debian experimental15:30
Niels_soren, so, the download just started.15:30
ivoksRoAkSoAx: maybe we should help them15:30
RoAkSoAxivoks, would be nice. we should ask them what kind of help they need.. I guess you going to speak about the cluster stack today at the server team meeting?15:32
ivoksRoAkSoAx: i'll probably mention it15:32
RoAkSoAxok15:32
RoAkSoAxivoks, btw.. do you have some time to review a package update I've made?15:32
ivoksRoAkSoAx: i'll check it problably today15:33
RoAkSoAxivoks, Ok. this is the one: https://bugs.launchpad.net/ubuntu/+source/passenger/+bug/38253915:33
uvirtbotLaunchpad bug 382539 in passenger "Please upgrade passenger from 2.0.3 to 2.2.2" [Undecided,In progress]15:34
ivoksRoAkSoAx: ok15:35
sorenNiels_: ok15:35
RoAkSoAxivoks, so when do you have a little time to continue to work on the mentorship ?16:01
ttxServer team meeting, soon on #ubuntu-meeting... waiting for TB meeting end first16:03
RoAkSoAxo/ ttx16:03
ivoksRoAkSoAx: i'm waiting for email from christophe; he'll have some instructions on next steps16:04
RoAkSoAxivoks, ok cool :)16:05
ttxserver team meeting, starting now in #ubuntu-meeting16:05
uvirtbotNew bug: #382789 in mysql-dfsg-5.0 (main) "During update, a crash was reported" [Undecided,New] https://launchpad.net/bugs/38278916:06
jjshoeapache2 is segfaulting for me when I enable python, here's just some basic details, if anyone has any idea, I would love input: http://pastebin.com/d780ab7216:13
ttxalex_muntada, snth: welcome :)16:40
alex_muntadattx: thanks! :-)16:40
ttxalex_muntada, snth: there wasn't so much to discuss on that meeting, we're still recovering from UDS :)16:41
alex_muntadame too ;-)16:41
snthI missed half of it .. but I am glad that it is recorded. But, I am really excited about getting involved.16:42
hvnCan anyone say if running 8.04 server kernel instead of JeOS kernel in a VMware virtual machine is bad idea?17:18
hvnThe reason I am askin is that for some reason JeOS kernel does not have IPv6 netfilter modules17:19
hvnhttps://bugs.launchpad.net/ubuntu/+source/linux-meta/+bug/24427217:20
uvirtbotLaunchpad bug 244272 in linux-meta "ipv6 netfilter modules not available" [Undecided,New]17:20
uvirtbotNew bug: #382826 in mysql-dfsg-5.0 (main) "package mysql-server 5.1.30really5.0.75-0ubuntu10 failed to install/upgrade: subprocess pre-installation script returned error exit status 1" [Undecided,New] https://launchpad.net/bugs/38282617:32
=== yml_ is now known as yml
tomsdalewhen do you think the next ubuntu-server LTS will be released.17:52
hvn2010 April seems to be what Wikipedia's sources indicate. Every two years, in other words.17:58
tomsdalehvn: thx. Regarding JeOS. I'm actually just doing an install for a vmware server. I used the server CD though. Can I not replace the kernel later with the JeOS version?18:01
tomsdalehvn, sorry I highjacked your question. So you want to know what the performance hit is when you install a server kernel instead of the JeOS kernel on VMWare18:06
hvnI think kernel can be replaced. However, I have not looked at the best way of doing it. I would probably first try installing JeOS (-*virtual-*) kernel and boot it via grub. Then proceeding to purge the server kernel if it works.18:10
hvnThat is, just install the virtual kernel and try booting with it18:10
hvnAbout the performance hit, that might be one thing to note. Since I have two options, 1) try to get IPv6 netfilter modules into virtual kernel, or 2) switch to server kernel, I was thinking which one would be the best choice18:11
hvnGetting IPv6 modules into virtual (JeOS) kernel would probably help others too, since IPv6 landscape will probably be an quite different when 8.04 LTS has still many more years left18:14
tomsdalehas the JeOS kernel in 8.10 the same issue? How did they decide there?18:17
hvnGood question, I have not checked the later releases since we have tried to stay with LTS releases.18:19
tomsdaleyeah - me too. But I realized that the install size has increased between 8.04 and 8.1018:20
tomsdale300MB vs 380.18:21
hvnthis Debian unstable I'm currently using has ipv6/netfilter/ modules, but they seem to be only 145KB, so I guess it is not a space issue18:24
JordiGHHow do you configure whether date(1) shows UTC or local time?18:27
jmedinadate18:27
jmedinaand date -u18:27
* JordiGH just set the timezone to UTC in tzdata.18:28
alex_muntadaJordiGH: sudo dpkg-reconfigure tzdata18:31
JordiGHalex_muntada: Yeah, yeah, that's what I said. ;-)18:31
alex_muntadaJordiGH: then was jmedina response what you were looking for?18:33
JordiGHalex_muntada: No. It's ok, I still have a problem, probably unrelated to Ubuntu, but to my own code.18:34
alex_muntadaJordiGH: okay, good luck :-)18:37
frojndHello there18:37
frojndIt looks like I have to edit some user groups and permissions for applications... WHen I try to use screen with primary user (also root) I get this: Directory '/var/run/screen' must have mode 777.18:38
frojndHow can I tell screen that can be used by this user and some other user? But not for every usesr?18:38
frojndCan someone give me a clue what should I look at to fix this?18:52
alex_muntadafrojnd: $ ls -ld /var/run/screen/18:54
alex_muntadadrwxrwxr-x 2 root utmp 40 2009-05-26 07:19 /var/run/screen/18:54
alex_muntadawhat about yours?18:54
frojnddrwxrwxr-x 2 root utmp 40 2009-06-02 19:31 /var/run/screen/18:58
JordiGHAha, had to restart MySQL to make the new time zone change kick in.18:59
JordiGHWeird.18:59
frojndso that mean only root taht only user root that is in a utmp group can access screen alex_muntada ?19:00
frojndI'd also that users "frojnd"  and "thor" could use screen19:02
frojndI would also like ...19:03
alex_muntadafrojnd: screen is a shell script that execs a suid binary /usr/bin/screen.real19:06
alex_muntadaso the user running screen.real changes his effective gid to utmp and has permission to write there19:06
frojndI have no /usr/bin/screen.real19:07
alex_muntadaoops! what ubuntu version are you running on? try lsb_release -a19:08
frojnd8.419:08
alex_muntadalet me find a server19:08
alex_muntadaok, so in 8.04 /usr/bin/screen is the sgid19:10
alex_muntadabut it should work the same way19:10
alex_muntada-rwxr-sr-x 1 root utmp 308228 2007-10-23 18:02 /usr/bin/screen19:10
frojnd20:10 alex_muntada > ok, so in 8.04 /usr/bin/screen is the sgid19:11
frojndscreen isn't a directory19:11
frojndI also don't have any sgid if I /usr/bin/screen[tab]19:11
frojndjust screendump19:11
alex_muntadawhat does ls -l /usr/bin/screen say?19:12
jthomas_sbI cannot seem to find OpenOffice.org-headless in my 9.04 apt listings, what am I missing?19:12
frojnd-rwxr-x--- 1 root ris 308228 2007-10-23 18:02 /usr/bin/screen alex_muntada19:13
alex_muntadaso here you have the problem19:13
alex_muntadafirst, it's no sgid and group is not utmp19:13
frojndalex_muntada: groups is "ris"19:13
frojndhm19:13
alex_muntadabut second and most important, other has no permission to run screen19:14
frojndso I have to add frojnd to a group ris?19:14
alex_muntadadid you change that group?19:14
frojndalex_muntada: yes long time a go19:14
frojnduntill power went off :D19:14
frojndNow I have to do some cronjobs and first fix those permissions..19:14
alex_muntadai'd set the original group and sgid19:15
frojndalex_muntada: why?19:15
alex_muntadaso screen can run how it's supposed to under /var/run/screen19:15
alex_muntadaif you want to limit who can run screen remove the other perms and setup sudo19:16
frojndalex_muntada: first steps first19:16
frojndHow can I restore the screen settings?19:16
alex_muntadachgrp -h utmp /usr/bin/screen && chmod g+s,o+rx /usr/bin/screen19:18
frojndalex_muntada: so it assing utmp to screen19:19
frojndand than make 0755 to screen?19:19
frojndalex_muntada: u mentioned to setup sudo, can you tell me what should I rad to limit the access for a screen?19:20
frojndandol: alex_muntada whie ur here can you do ls -l /usr/bin/rtorrent ?19:20
frojndI also have group for rtorrent19:21
alex_muntadafrojnd: sorry, no torrent on my servers19:21
frojndalex_muntada: ok what about sudo setup?19:22
alex_muntadafrojnd: can you show me current permissions for screen?19:22
frojndalex_muntada: ls -ld /var/run/screen ?19:22
alex_muntadafrojnd: ls -ld /usr/bin/screen19:23
alex_muntadathe /var/run/screen too, just in case19:23
frojndalex_muntada: -rwxr-sr-x 1 root utmp 308228 2007-10-23 18:02 /usr/bin/screen19:23
frojndand drwxrwxr-x 3 root utmp 60 2009-06-02 20:18 /var/run/screen/19:24
alex_muntadaokay, that how screen permissions are by default19:24
alex_muntadanow, to restrict screen to everyone but root do... chmod o= /usr/bin/screen && ls -ld /usr/bin/screen19:25
frojndok19:25
frojndalex_muntada: no.. not the root, well root too, but a few other users19:25
alex_muntadas/to/for/19:25
alex_muntadafollow me on this ;-)19:25
frojndok :)19:25
andolfrojnd: me? :)19:26
frojnd^ ^19:26
uvirtbotfrojnd: Error: "^" is not a valid command.19:26
frojndalex_muntada: chmod o= /usr/bin/screen && ls -ld /usr/bin/screen19:28
frojnddone19:28
frojndwhat's with the s/to/for ?19:28
alex_muntadasorry, i meant restrict screen for everyone instead _to_ everyone19:29
alex_muntadas/// is a sed/perl string substitution19:29
alex_muntadaso now screen should'nt work for anybody except root, is it?19:30
frojndalex_muntada: yes except but root19:30
frojndalex_muntada: except root, pardon me.19:31
alex_muntadaok, so now the way to grant permission to group ris without touching screen group is via sudoers19:31
alex_muntadatake a look at /etc/sudoers and see that %admin ... line19:32
jthomas_sbI cannot seem to find OpenOffice.org-headless in my 9.04 apt listings, what am I missing?  Nor can I find jodconverter19:32
frojndalex_muntada: it's set to ALL=(ALL) ALL19:32
alex_muntada%admin ALL=(ALL) ALL means group admin on all hosts grants to (ALL) users run ALL commands19:33
alex_muntadaso, you have to edit sudoers by running sudo visudo19:33
alex_muntadaand then add... %ris ALL=(ALL) /usr/bin/screen19:34
frojndalex_muntada: I did but I still not able to open screen with user frojnd19:35
frojndalex_muntada: If I type vigr and search for ris, I find this line: ris:x:1004:thor,frojnd19:36
frojndwhich meanns users frojnd and thor are in a group ris19:36
frojndOr am I wrong?19:38
alex_muntadayou're right19:38
jthomas_sbat the prompt just rnu 'groups' (as frojnd) to see what groups frojnd is in19:38
alex_muntadamaybe you added the group and didn't logout and login again?19:39
frojndadm dialout cdrom floppy audio dip video plugdev fuse lpadmin admin thor ris19:39
jthomas_sbyes, did you log out and in?19:39
frojndjthomas_sb: yes19:40
frojndwhen I do scree[tab] it gives me screendump and not screen19:40
frojndAny ideas?19:42
alex_muntadacan you show us screen perms again?19:45
frojndls -ld /usr/bin/screen -rwxr-s--- 1 root utmp 308228 2007-10-23 18:02 /usr/bin/screen19:45
frojndls -ld /var/run/screen drwxrwxr-x 4 root utmp 80 2009-06-02 20:30 /var/run/screen19:46
frojndthat's odd19:46
frojndI wrote: chmod o= /usr/bin/screen && ls -ld /usr/bin/screen19:46
alex_muntadathat's right then19:47
alex_muntadacan you... sudo grep %ris /etc/sudoers ?19:47
frojnd%ris ALL=(ALL) /usr/bin/screen19:47
alex_muntadaif you try sudo screen, does it work?19:50
alex_muntadai'm afraid that right now will open a root shell on screen19:50
frojndalex_muntada: yes as sudo, root I can run screen19:51
alex_muntadadoes it work for the other user too? it may work for you since you're on group admin anyway19:52
frojndalex_muntada: no frojnd has no enough permissions19:52
frojndalex_muntada: also thor, no enough permissions19:53
alex_muntadabut do you run sudo screen or screen only?19:55
frojndalex_muntada: screen only19:56
alex_muntadaif you run only screen you don't have permissions since you've performed chmod o= on screen19:57
alex_muntadathe idea is that sudo screen will work, but screen won't19:57
frojndalex_muntada: yes but didn't the visudo %ris ALL=(ALL) /usr/bin/screen do it's work?19:58
frojndfrojnd is in ris group19:58
alex_muntadathat enables screen for group ris under sudo19:58
alex_muntadawithout sudo it won't work19:59
frojndalex_muntada: so only super user can run screen19:59
frojndI'd like thor that has no rights to run screen19:59
alex_muntadayou don't follow20:00
alex_muntadatry to run sudo screen ad user thor20:00
alex_muntada... as user thor20:00
frojndalex_muntada: huh20:00
alex_muntadawhat happened?20:01
frojndalex_muntada: I typed in thor's password when it asked mee for super user password. And now It's: root@ubuntko:/home/thor#20:01
frojnduser thor mustn't be root20:02
alex_muntadaok, that's true20:02
alex_muntadalet me ask you something, you want only those users to be able to run screen but preserving their uid, right?20:03
alex_muntadae.g. thor runs screen and has a shell as thor20:03
frojndalex_muntada: yes20:04
alex_muntadalet's try a different approach, wait 1 sec20:04
frojndI thought that I would create a group "ris" which is already created and whoever is in this group can use e.g. screen, irssi, rtorrent20:06
alex_muntadafrojnd: okay, sudoers doesn't work (at least not that I know) to solve your case, I'm sorry20:08
alex_muntadaso, please remove that %ris ... line from sudoers by running visudo20:09
frojndalex_muntada: done20:10
alex_muntadai didn't like to change the default group and perms of screen command and /var/run/screen because they may change on future upgrades and you'll have to recheck your setup20:11
alex_muntadabut now I think that there's no other way20:12
alex_muntadafrojnd: do chgrp -h ris /usr/bin/screen /var/run/screen20:14
frojnddone20:14
alex_muntadamake sure that sgid is still there, and add it otherwise... chmod g+s /usr/bin/screen20:14
alex_muntadanow, instead of becoming of group utmp people running screen will have egid ris20:15
alex_muntadasince perms for other should still be --- then only group ris will have perms to run screen20:16
frojndalex_muntada: the way I wannted20:16
alex_muntadacan you try for both users?20:16
frojndalex_muntada: yes20:16
alex_muntadaone last thing20:17
alex_muntadanote that there's a screen-something under /etc/init.d20:17
frojndalex_muntada: yes?20:17
frojndalex_muntada: screen-cleanup20:18
alex_muntada$grep utmp /etc/init.d/screen-cleanup20:18
alex_muntada        chown root:utmp $SCREENDIR20:18
frojnd/etc/init.d/screen-cleanup20:18
alex_muntadayou'll have to fix the group there too20:18
alex_muntadaotherwise on next boot it will be reset to utmp20:18
frojndrep utmp /etc/init.d/screen-cleanup bash: utmp: command not found20:19
alex_muntadasorry, it's grep utmp ...20:19
frojndalex_muntada: yep it shows: chown root:utmp $SCREENDIR20:20
alex_muntadaso you'll have to change it20:21
alex_muntadathe only problem i see right now by changing group utmp by ris is that you'll probably be loosing accounting information about those shells in /var/log/*tmp20:22
frojndalex_muntada: rhe group of /etc/init.d/screen-cleanup20:22
alex_muntadafrojnd: you have to edit /etc/init.d/screen-cleanup search for utmp and change it by ris20:23
frojndalex_muntada: I see20:24
alex_muntadamake sure you make a copy before editing, just in case... cp -pi /etc/init.d/screen-cleanup /etc/init.d/screen-cleanup.bak20:27
frojndalex_muntada: thank you so much, u've been very helpful and it's nice to see someone that knows security issues beside :)20:27
alex_muntadaglad to help :-) though i missed my first shot going through sudoers20:28
frojndalex_muntada: I wasn't very claear what I wannt :)20:30
alex_muntadajthomas_sb: http://packages.ubuntu.com/search?keywords=openoffice.org-headless shows that it isn't available on jaunty20:32
frojndalex_muntada: to tell server after it boots up to run screen under user thor and than while screen is up to run rtorren in it I'd have to use crontab -e20:32
frojndalex_muntada: I know how to add cronjob for screen: @reboot /usr/bin/screen -d -m /usr/bin/rtorrent20:32
frojndis his secure?20:33
jthomas_sbalex_muntada figured that out eventually.  why wouldn't package releases be the same from one version to the next?  how well can an upgrade from one release to the next go if the packages aren't there?20:33
frojndalex_muntada: Is it secure and how can this achieve for user thor?20:34
alex_muntadajthomas_sb: changes happen, though I don't know why this change happened though20:34
alex_muntadafrojnd: where did you add that line?20:35
frojndsudo -s20:35
frojndcrontab -e20:35
frojndadd line20:35
alex_muntadafrojnd: that meaning that screen is run as root20:36
frojndalex_muntada: ok20:37
alex_muntadawhy don't you crontab -e while on a thor shell?20:37
frojndalex_muntada: I got it :) thanx20:37
frojndalex_muntada: but I know only @reboot20:38
frojndwhat if power goes off20:38
frojndin bios I've setup to power on server while power comes on, will @reboot still work in this case?20:38
alex_muntadaman 5 crontab says... @reboot Run once, at startup.20:38
frojndI'm trying to tell server that when it comes up no matter what stance it was before to run screen and rtorrent20:39
alex_muntadaso, i guess it'll work20:39
tomsdaleHow do I sudo aptitude install the JeOS kernel to replace the standart server kernel on a 8.04 server install? I want a kernel optimized for VMWare.20:39
tomsdalesry - please remove "sudo aptitude install". makes sort of sense there but I erroneously middle clicked ...20:41
frojndalex_muntada: it works, but while in screen20:49
frojndwhen I make a new isntance: ctro + a + c20:49
frojndI only see $ and not thor@ubuntko:~$20:50
frojndalex_muntada: while in crontab: @reboot /usr/bin/screen -d -m /usr/bin/rtorrent20:50
frojndis there a modification to this that when in screen I'd have shell and not $20:51
alex_muntadafrojnd: default shell in screen is /bin/sh20:51
alex_muntadaif you want to change that you can add a different shell in ~/.screenrc20:52
frojndalex_muntada: ~/.screenrc doesn't exist so I don't know whow it should look like20:52
alex_muntadaalternatively, you can run screen -d -m -s /bin/bash /usr/bin/rtorrent20:53
alex_muntadaman screen for the details20:53
frojnd-s is for shell I guess?20:53
alex_muntadayeah20:54
frojndolrajti20:57
frojndNow I need to read something about making backups20:57
frojndalex_muntada: @reboot /usr/bin/screen -d -m -s /bin/bash /usr/bin/rtorrent21:01
frojndwon't start screen21:01
mdunlapWhats the best way to stream video from a server to the internet, Ive messed around with Jinzora21:02
alex_muntadafrojnd: it should, i don't have rtorrent but it works for me if i do... /usr/bin/screen -d -m -s /bin/bash /bin/sleep 360021:04
alex_muntadaplease, note that screen is executed undetached (-d -m) so you'll have to screen -r to see rtorrent working21:05
frojndalex_muntada: is this maybe because I don't have ~/.screenrc for user thor?21:05
alex_muntadano .screenrc needed by default21:05
frojndso this isn't the issue21:06
frojndalex_muntada: @reboot /usr/bin/screen -d -m /usr/bin/rtorrent This works but it when crateing a new window with sscreen I won't have bash...21:07
alex_muntadathus the -s /bin/nash21:07
alex_muntadasorry, -s /bin/bash21:08
frojnd/bin/sleep 3600 means that it waits 60mins before what happens?21:08
frojndalex_muntada: I do have like this: @reboot /usr/bin/screen -d -m -s /bin/bash /usr/bin/rtorrent21:08
alex_muntadathe /bin/sleep is an example since i cannot try rtorrent21:08
frojndalex_muntada: ok21:08
alex_muntadayou don't expect cron to run this command unless you reboot, do you?21:09
frojndalex_muntada: that's what I've been asking before..21:09
frojndI'd like cron to run this everytime server boots up21:09
alex_muntadano, you asked a different thing21:10
frojndalex_muntada: that too :)21:10
alex_muntada@reboot tells cron to run this only 1 time _after_ rebooting or powering up21:10
alex_muntadabut you didn't reboot recently, did you?21:10
frojndalex_muntada: the second tiem I did it didn't came up (screen)21:11
frojndtiem==time21:11
frojndmaybe I should try without @reboot21:11
alex_muntadano, it will be a syntax error21:11
alex_muntadaso, to make things clear21:11
frojndyep it makes a syntax error21:12
alex_muntadadid you reboot after adding @reboot /usr/bin/screen -d -m -s /bin/bash /usr/bin/rtorrent as user thor?21:12
frojndalex_muntada: first I add @reboot /usr/bin/screen -d -m  /usr/bin/rtorrent I rebooted for the first time, screen came uo. Then I add: @reboot /usr/bin/screen -d -m -s /bin/bash /usr/bin/rtorrent and rebooted for the second time and screen didn't came up21:13
alex_muntadawhat happens when you run /usr/bin/screen -d -m -s /bin/bash /usr/bin/rtorrent from thor's shell?21:14
frojndalex_muntada: screen starts21:15
frojndalex_muntada: also if I create a new window within screen it has bash21:15
alex_muntadathen, maybe you mistyped the crontab line? look for errors in /var/log/syslog21:18
frojndalex_muntada: no errors there21:22
alex_muntadasorry then, I don't know what else suggest21:23
frojndalex_muntada: hm21:25
frojndI tried to copy this last command to the crontab and now screen is up21:25
frojndlooks like I did misstype, but it still wasn't enough for an error21:25
uvirtbotNew bug: #382911 in mysql-dfsg-5.0 (main) "unable to complete update" [Undecided,New] https://launchpad.net/bugs/38291121:35
glen1hey22:04
glen1anyone know anything about backup to remote encrypted server haha22:06
=== WaVeR` is now known as waver_
m33600where is the start button? not a clue on start it up22:43
m33600no X, no wellcome22:44
m33600ans no list of commands22:44
m33600talking about ub server jaunty22:45
m33600is there any other server as simples as to share innternet at home?22:47
altd78 buenas tardes, tenia un archivo abierto html en ext4 (ubuntu jaunty) y se interrumpió la electricidad en el equipo, cuando volví a ver el archivo, estaba en 0KB, es esto normal?  se podrá recuperar?22:48
PastorKarrI just instsalled xfce4 on my server, but how to do I start it now?22:49
altd78 Hello!.  I'm at ubuntu jaunty with ext4 , I was working on a html file an saving my work  for about  2 days and I had a power outage, when i came back to see my file it was 0KB,  is this normal?  can I recover something?22:50
altd78PastorKarr:  You may want join channel #ubuntuforums, you'll get  an answer faster there23:33
=== yml_ is now known as yml

Generated by irclog2html.py 2.7 by Marius Gedminas - find it at mg.pov.lt!