[00:14] <[DeViL_KiLLs]> exit
[00:45] <MianoSM> ?
[00:45] <MianoSM> you need the file sites-enabled/default?
[01:14] <Clusty> hey
[01:15] <Clusty> i installed my new ubuntu and was foolish enough to enable encrypted home dirs
[01:15] <Clusty> any way I can disable it somehow?
[01:18] <MagicFab> Clusty, assuming you have a backup, yadda yadda... rm ~/.encryptfs
[01:22] <Clusty> MagicFab: I don;t care of what's inside the home. the problem is that this stupid mechanism blocks ssh authentication by keys
[01:22] <Clusty> will try now :D
[01:22] <Clusty> fingers crossed :D
[01:25] <MagicFab> Clusty, and you're very welcome!
[01:45] <Gorfy00> hello!
[01:46] <Gorfy00> please help: ubuntu 9.4 (jaunty). When creating a samba share from this PC, another PC (same distro) receives "Unable to mount location, failed to receive share list from server". Cause?
[01:47] <Clusty> MagicFab: does not work
[01:48] <Clusty> MagicFab: the encryptedfs thing gets regenerated
[02:20] <jmarsden> Clusty, there is a way to have encrypted home dir and SSH working... I think info is on Dustin Kirkland's blog??
[02:20] <jmarsden> Oh, he's gone... never mind :)
[02:25] <oh_noes> Has the next LTS server version had a date/version set?
[02:30] <kirkland> jmarsden: not really
[02:31] <kirkland> jmarsden: well, i mean yes, it works, but you have to use password authentication
[02:31] <kirkland> jmarsden: it's your password that's required to mount your home dir
[02:32] <jmarsden> Can't you set things up so the ssh config files are outside your home dir, or something like that... didn't I see a discussion about this somewhere a few weeks back??  Maybe I'm mis-remembering it.
[02:33] <kirkland> jmarsden: yes, you can, and you will be able to login
[02:33] <kirkland> jmarsden: i mean, you can get onto the system, with a shell
[02:34] <kirkland> jmarsden: but you won't have a home dir mounted until you enter a password
[02:35] <jmarsden> Ah, yes, OK.  Makes sense.  So whether that is worth it depends on whether your activities on the remote host need access to stuff in your home dir.
[02:43] <oh_noes> *sigh*, I can't believe open-vm-tools is 138MB
[02:43] <oh_noes> stupid vmware
[02:49] <jmarsden> oh_noes: Vote with your keyboard... use KVM instead?
[02:49] <oh_noes> Business decision, not IT
[02:49] <oh_noes> and how big is KVM's 'tools' implementation?
[02:50] <snth> Has anyone used AppArmor audit tool?
[03:43] <bobwhoops> Hi all, I've got a machine running ubuntu server 7.04. Is there any way to still install packages since its support has ended?
[03:51] <ScottK> bobwhoops: Look in old-releases.ubuntu.com (I think).
[03:52] <twb> Though obviously 7.04 won't receive security updates
[03:54] <bobwhoops> ScottK: What am I looking or, backports?
[03:55] <ScottK> That has the final 7.04 package archive in it.
[03:56] <ScottK> If you change your sources.list from archive.ubuntu.com to old-releases.ubuntu.com you should be able to install packages.
[03:58] <bobwhoops> Thanks, it worked
[03:59] <ScottK> bobwhoops: My next suggestion is upgrade.  You're two releases out of support.
[04:00] <bobwhoops> Yeah, but I'm lazy. I guess I should do it for security, but can't think of any other reason to do so
[04:00] <ajmitch> security is a fairly good reason to do so
[04:12] <ScottK> If you're going to be lazy, at least do it where there is security support (I still have a Dapper desktop I really need to upgrade this month).
[04:14] <NCommander> ScottK, you've had that dapper desktop since before I knew you :-/
[04:14] <ScottK> Yep.
[04:17] <U2GB> I've a freshinstall ubuntu server 8.04 that stop booting from raid1 with message "Freeing initrd memory: ...". I created the raid twice and get the same error. Anybody know what mean thats error?
[05:41] <a_ok> when I install linux-server on a 64bit installation of ubuntu will i get the 64bit kernel?
[06:09] <twb> a_ok: either the entire install is 64-bit, or none of it is.
[06:10] <a_ok> twb: ok
[06:10] <twb> If you install ubuntu-server from the amd64 CD, you'll get 64-bit linux (and userland).
[06:10] <twb> If you install from the i386 CD, you won't get any 64 bit stuff.
[06:17] <a_ok> twb: i was just confused because pre 8.04 there it was in the name but it makes sence this way
[06:18] <twb> Yes, well.  Ubuntu have their own way of doing kernels, different from Debian, so you have to expect Ubuntu's silliness to creep in
[09:33] <rags>  I have two AdSL lines and I need a way to balance my internet traffic between them. Is it possible?
[09:34] <rags> Right now, If a line drops I have to change my gateway to the second router.
[09:38] <simplexio> rags: its possible, but noe trivial
[09:41] <rags> simplexio: Does it involve bonding the interfaces into one or something like tht?.
[09:42] <rags> I found e-box and shorewall having the feature of wan load balncing. but I wanted to see if I could do it witout any other s/w
[09:42] <simplexio> rags: that would be first thing i would try
[09:42] <_ruben> the lartc document has some limited info on it .. for it to work properly (detect dead gateways in a nice way) you'd need kernel patches though
[09:43] <simplexio> rags: and shorewall is just interface for iptables and tc so you can do it without it
[09:43] <simplexio> _ruben: are sure you need kernel stuff, i thought that all neded stuff is in 2.6 series kernel
[09:46] <rags> _ruben: Ya lartc shows tht it can be accomplished using a "TEQL" device but it has some caveats.
[09:47] <_ruben> simplexio: proper dead gateway detection still requires some patches, last i checked that is, which has been a while
[09:47] <rags> I was thinking of application specific routing ( if possible). Like my voip traffic going one interface and downloads going thro the other line.
[09:47] <_ruben> rags: no, there's a section on multiple gateways, doesnt involve any special devices
[09:48] <_ruben> that's even easier, and explained in the lartc doc :)
[09:48] <_ruben> failover & "real" loadbalancing is much harder
[09:49] <rags> _ruben: application specific routing is easier??
[09:49] <_ruben> well .. application level perhaps not, but ip/port level is
[09:51] <simplexio> rags: just forward http, https, ftp, email, downloads etc to one and voip and similiar stuff to another
[09:53] <rags> simplexio: can you tell me how?
[09:54] <rags> simplexio: by suing shorewall or iptables?
[10:06] <simplexio> rags: it need iptables magick, i dont howto, because i havent done it newer, but i know that it works
[10:09] <ssm> simplexio: a google for "shorewall dual dsl" gives a good list of howtos for that
[10:19] <rags> simplexio: thx..I found a very good how-to: http://blog.taragana.com/index.php/archive/how-to-load-balancing-failover-with-dual-multi-wan-adsl-cable-connections-on-linux/..if anyones is interested
[10:21] <quizme> hi, i created a user, but when i login as that user I get: Could not chdir to home directory /home/tempuser: Permission denied
[10:21] <quizme> -bash: /home/tempuser/.bash_profile: Permission denied
[10:21] <quizme> does anybody know why that happens ?
[10:37] <simplexio> quizme: no permissions to read its homw dir
[10:38] <soren> quizme: How did you create the new user?
[10:39] <soren> quizme: Also, please provide the output of: "ls -ld / /home /home/tempuser"
[10:39] <quizme> i figured it out...... it's cuz i had 700 the directory above.
[10:39] <soren> In pastebin
[10:39] <quizme> thank you guys
[10:39] <soren> Sure.
[10:39] <quizme> sorry for the false alarm
[11:48] <a_ok> the only thing changed on our server is an upgrade from 7.10 to 8.04 now apache seems to leak memory (getting a sizelimit restart about every 4 days since upgrade) is this known problem?
[11:48] <a_ok> we use modperl btw
[11:50] <soren> Which mod_perl specifically?
[11:56] <TJ`> can anyone help me out with PPTPD? It only disconnects when the user asks it to do something extremely strange. The connection is stable until you make a request, be it http, ssh or rdp the connection dies on anything other than a ping
[14:03] <stanman1> hi, i want to create a mail relay server so our sbs 03 domain's mail have disclaimers, anyone done something similar before?
[14:11] <Niels_> Hi folks!Has anyone of you experience using KVM on Jaunty?
[14:15] <stanman1> anyone did the spamsnake tutorial on how to forge?
[14:22] <SpaceBass> hey folks
[14:23] <SpaceBass> anyone had success connecting to a MS SQL db via ODBC?
[14:25] <giovani|work> SpaceBass: never had a need, but, plenty of people on google seem to have
[14:26] <SpaceBass> giovani|work: been searching there for a while - not a new question for me ... most of them seem to be using openoffice Base, looking to do something at the ODBC level
[14:27] <Niels_> Hi folks!Has anyone of you experience using KVM on Jaunty?
[14:35] <Niels_> ghostlines, Hi and thanks for your reply. However I am thinking about to set up just now a KVM Server based on Jaunty. Here is what I'd like to realize:
[14:36] <Niels_> 1 PDC using Win2008StandardServer, 1 Exchange2007 and one Application Server
[14:36] <Niels_> I have two physical NIC's and each Server should have its own IP. So, I will need 4IP's -- right?
[14:37] <Niels_> to my understanding I have to built virtual NIC's but I haven't found as yet a HowTo which explains briefly howto configure virtual NIC's
[14:39] <Niels_> or will I have to do something different?
[14:41] <Niels_> ghostlines, the next question that is on my mind is: some say the best way to set up and configure new Guest OS'es is using virt-manager, some say oVirt and others say the best way would be using the given params by KVM. which way would be the easiest for one who hasn't got much experience using virtualisation techniques?
[14:41] <ghostlines> I believe there is documentation on bridging for virtual machines at the ubuntu server guide
[14:41] <ghostlines> https://help.ubuntu.com/9.04/serverguide/C/network-configuration.html#bridging
[14:41] <ghostlines> is that of some help maybe?
[14:43] <denisesballs> hey guys, anyone know of a way with apt to show what repository a package is downloaded from
[14:43] <ghostlines> I had a KVM server running fedora and ws2008 and each had it's own ip, and i configured it with a network bridge
[14:43] <denisesballs> ?
[14:45] <Niels_> ghostlines, have you got your old /etc/network/interfaces on hand
[14:49] <Niels_> ghostlines, so, I set up KVM with its tools, such as bridging-utils, then I install virt-manager and virt viewer, etc pp and than I should be able to connect via VNC ??? onto the host to get things started? is that right?
[14:50] <Niels_> no worries...will get /e/n/interfaces somehow working -- i hope ;-)
[14:50] <Niels_> brb
[14:51] <Niels_> re
[14:52] <ghostlines> Niels_, : yeah, that's how it works
[14:53] <Niels_> ghostlines, how will I start virt-mananegr or viewer remotely? Haven't found anything as yet? So I connect via VNC to lets say 192.168.200.120 which is the Ubuntu Server
[14:54] <Niels_> correctß
[14:54] <Niels_> ß=?
[14:54] <soren> No.
[14:54] <ghostlines> Niels_, I have the old disk images from my old vm's and want to get them running again so I'll be going through the same thing later tonight
[14:54] <soren> You connect to the libvirtd process.
[14:54] <soren> Using libvirt.
[14:54] <soren> It's much easier to answer your questions if they're specific. What *exactly* are you trying to do?
[14:54] <soren> Niels_: ^
[14:55] <Niels_> 1 PDC using Win2008StandardServer, 1 Exchange2007 and one Application Server
[14:55] <Niels_> soren, they should run on a Jaunty Server using KVM
[14:55] <Niels_> so, basically I wnat to set up a KVM environment for these 3 Servers
[14:56] <soren> Right, but what specifically are you trying to do *right* now? What do you expect to do with the aforementioned VNC connection?
[14:57] <Niels_> soren, I read a few statements regarding setup, configuring and managing VM's with tools such as virt-manager, oVirt, etc pp
[14:57] <Niels_> Which kernel btw should I use the standard 2.6.28-11-server or the virtual one?
[14:58] <Niels_> soren, I haven't got yet any experience with virtualisation, though I need some help
[14:58] <Niels_> hope you don't mind me and my noob questions
[14:58] <soren> Probably the -virtual one.
[14:58] <ivoks> the standard one
[14:59] <soren> Why?
[14:59] <ivoks> virtual is for guests, isn't it?
[14:59] <Niels_> soren, I would have thought so, but wasn't quite sure
[14:59] <soren> ivoks: Oh, that's not what he's asking?
[14:59] <soren> Niels_: For the host, you want the -server kernel.
[14:59] <ivoks> soren: he wants windows guests
[14:59] <soren> ivoks: Heh... Good point.
[15:00]  * ivoks got new laptop - thinkpad x200s
[15:02] <soren> ivoks: It'll be another year before I get a new laptop  :(
[15:03] <ivoks> soren: oh?
[15:04] <Niels_> soren, the virtual was for a guest ;-)
[15:04] <Niels_> for the host I've chosen the server one
[15:04] <soren> Niels_: I thought you were running Windows guests?
[15:05] <Niels_> soren, yes and one debian guest for me ;-)
[15:05] <soren> ivoks: Yeah.. Next time I can get my employer to pay some of it will be a year from now.
[15:05] <soren> Niels_: A.
[15:05] <soren> Ah, even.
[15:07] <Niels_> soren, so, how, once I have the system up, will I connect from my worksation onto the KVM-Virt-Gui?
[15:07] <soren> Have it connect to qemu+ssh://name_of_your_host/system
[15:08] <soren> Assuming you're using the qemu:///system hypervisor on the host.
[15:08] <Niels_> soren, yes, I will use the qemu hypervisor on that system
[15:09] <soren> qemu:///system? Or qemu:///session ?
[15:09] <Niels_> I read that all I need to install is: kvm and qemu and libvirtd, virt-manager and virt-viewervia apt or aptitude.Is that correct?
[15:10] <soren> On the host?
[15:10] <Niels_> yes, on the host
[15:11] <soren> You don't need virt-manager nor virt-viewer on the host. Nor qemu for that matter.
[15:11] <Niels_> not?
[15:11] <soren> Who took notes for the confconsole talk at UDS?
[15:11] <Niels_> What will I need?Just kvm and libvirt?
[15:11] <soren> Yes.
[15:11] <Niels_> and bridge-utils?
[15:12] <soren> I only have my own notes, which are.. ermm.. Not very extensive. Luckily, I think I still remember most of it, but still I'd like to see the "official" notes to see if I missed anything.
[15:12] <soren> Niels_: Sure. It's a dependency of libvirt-bin.
[15:19] <Niels_> soren, okay so I start with putty, lets say the server has the ip 192.168.200.100
[15:20] <Niels_> thats wrong, isnt it?
[15:24] <Niels_> soren, would you mind giving me a bit more help?
[15:24] <RoAkSoAx> ivoks, heya!! how's it going
[15:25] <ivoks> RoAkSoAx: good, you?
[15:25] <RoAkSoAx> ivoks, good too. Hey, Heartbeat 2.99.x has been accepted to debian experimental
[15:26] <soren> Niels_: Err.. Putty? Your client is running windows?
[15:26] <Niels_> yep
[15:26] <soren> Then I have no idea.
[15:26] <ivoks> RoAkSoAx: great; what's the name of the package?
[15:26] <Niels_> soren...but I can quickly install beside that xp a *buntu
[15:27] <Niels_> I'll just download an actual iso, burn it and be back then.
[15:28] <Niels_> afterI have installed it -- I meant ;-)
[15:28] <RoAkSoAx> ivoks, http://packages.debian.org/experimental/heartbeat
[15:29] <ivoks> RoAkSoAx: so, it's hearbeat?
[15:29] <RoAkSoAx> ivoks, they have also have included a new package called corosync which works with openais
[15:29] <ivoks> i was hoping for heartbeat-3 or something
[15:29] <ivoks> right, corosync is part of this new cluster structure
[15:30] <RoAkSoAx> ivoks, yes that's the heartbeat which will have to work with pacemaker.. though pacemaker it's not yet in debian experimental
[15:30] <Niels_> soren, so, the download just started.
[15:30] <ivoks> RoAkSoAx: maybe we should help them
[15:32] <RoAkSoAx> ivoks, would be nice. we should ask them what kind of help they need.. I guess you going to speak about the cluster stack today at the server team meeting?
[15:32] <ivoks> RoAkSoAx: i'll probably mention it
[15:32] <RoAkSoAx> ok
[15:32] <RoAkSoAx> ivoks, btw.. do you have some time to review a package update I've made?
[15:33] <ivoks> RoAkSoAx: i'll check it problably today
[15:33] <RoAkSoAx> ivoks, Ok. this is the one: https://bugs.launchpad.net/ubuntu/+source/passenger/+bug/382539
[15:35] <ivoks> RoAkSoAx: ok
[15:35] <soren> Niels_: ok
[16:01] <RoAkSoAx> ivoks, so when do you have a little time to continue to work on the mentorship ?
[16:03] <ttx> Server team meeting, soon on #ubuntu-meeting... waiting for TB meeting end first
[16:03] <RoAkSoAx> o/ ttx
[16:04] <ivoks> RoAkSoAx: i'm waiting for email from christophe; he'll have some instructions on next steps
[16:05] <RoAkSoAx> ivoks, ok cool :)
[16:05] <ttx> server team meeting, starting now in #ubuntu-meeting
[16:13] <jjshoe> apache2 is segfaulting for me when I enable python, here's just some basic details, if anyone has any idea, I would love input: http://pastebin.com/d780ab72
[16:40] <ttx> alex_muntada, snth: welcome :)
[16:40] <alex_muntada> ttx: thanks! :-)
[16:41] <ttx> alex_muntada, snth: there wasn't so much to discuss on that meeting, we're still recovering from UDS :)
[16:41] <alex_muntada> me too ;-)
[16:42] <snth> I missed half of it .. but I am glad that it is recorded. But, I am really excited about getting involved.
[17:18] <hvn> Can anyone say if running 8.04 server kernel instead of JeOS kernel in a VMware virtual machine is bad idea?
[17:19] <hvn> The reason I am askin is that for some reason JeOS kernel does not have IPv6 netfilter modules
[17:20] <hvn> https://bugs.launchpad.net/ubuntu/+source/linux-meta/+bug/244272
[17:52] <tomsdale> when do you think the next ubuntu-server LTS will be released.
[17:58] <hvn> 2010 April seems to be what Wikipedia's sources indicate. Every two years, in other words.
[18:01] <tomsdale> hvn: thx. Regarding JeOS. I'm actually just doing an install for a vmware server. I used the server CD though. Can I not replace the kernel later with the JeOS version?
[18:06] <tomsdale> hvn, sorry I highjacked your question. So you want to know what the performance hit is when you install a server kernel instead of the JeOS kernel on VMWare
[18:10] <hvn> I think kernel can be replaced. However, I have not looked at the best way of doing it. I would probably first try installing JeOS (-*virtual-*) kernel and boot it via grub. Then proceeding to purge the server kernel if it works.
[18:10] <hvn> That is, just install the virtual kernel and try booting with it
[18:11] <hvn> About the performance hit, that might be one thing to note. Since I have two options, 1) try to get IPv6 netfilter modules into virtual kernel, or 2) switch to server kernel, I was thinking which one would be the best choice
[18:14] <hvn> Getting IPv6 modules into virtual (JeOS) kernel would probably help others too, since IPv6 landscape will probably be an quite different when 8.04 LTS has still many more years left
[18:17] <tomsdale> has the JeOS kernel in 8.10 the same issue? How did they decide there?
[18:19] <hvn> Good question, I have not checked the later releases since we have tried to stay with LTS releases.
[18:20] <tomsdale> yeah - me too. But I realized that the install size has increased between 8.04 and 8.10
[18:21] <tomsdale> 300MB vs 380.
[18:24] <hvn> this Debian unstable I'm currently using has ipv6/netfilter/ modules, but they seem to be only 145KB, so I guess it is not a space issue
[18:27] <JordiGH> How do you configure whether date(1) shows UTC or local time?
[18:27] <jmedina> date
[18:27] <jmedina> and date -u
[18:28]  * JordiGH just set the timezone to UTC in tzdata.
[18:31] <alex_muntada> JordiGH: sudo dpkg-reconfigure tzdata
[18:31] <JordiGH> alex_muntada: Yeah, yeah, that's what I said. ;-)
[18:33] <alex_muntada> JordiGH: then was jmedina response what you were looking for?
[18:34] <JordiGH> alex_muntada: No. It's ok, I still have a problem, probably unrelated to Ubuntu, but to my own code.
[18:37] <alex_muntada> JordiGH: okay, good luck :-)
[18:37] <frojnd> Hello there
[18:38] <frojnd> It looks like I have to edit some user groups and permissions for applications... WHen I try to use screen with primary user (also root) I get this: Directory '/var/run/screen' must have mode 777.
[18:38] <frojnd> How can I tell screen that can be used by this user and some other user? But not for every usesr?
[18:52] <frojnd> Can someone give me a clue what should I look at to fix this?
[18:54] <alex_muntada> frojnd: $ ls -ld /var/run/screen/
[18:54] <alex_muntada> drwxrwxr-x 2 root utmp 40 2009-05-26 07:19 /var/run/screen/
[18:54] <alex_muntada> what about yours?
[18:58] <frojnd> drwxrwxr-x 2 root utmp 40 2009-06-02 19:31 /var/run/screen/
[18:59] <JordiGH> Aha, had to restart MySQL to make the new time zone change kick in.
[18:59] <JordiGH> Weird.
[19:00] <frojnd> so that mean only root taht only user root that is in a utmp group can access screen alex_muntada ?
[19:02] <frojnd> I'd also that users "frojnd"  and "thor" could use screen
[19:03] <frojnd> I would also like ...
[19:06] <alex_muntada> frojnd: screen is a shell script that execs a suid binary /usr/bin/screen.real
[19:06] <alex_muntada> so the user running screen.real changes his effective gid to utmp and has permission to write there
[19:07] <frojnd> I have no /usr/bin/screen.real
[19:08] <alex_muntada> oops! what ubuntu version are you running on? try lsb_release -a
[19:08] <frojnd> 8.4
[19:08] <alex_muntada> let me find a server
[19:10] <alex_muntada> ok, so in 8.04 /usr/bin/screen is the sgid
[19:10] <alex_muntada> but it should work the same way
[19:10] <alex_muntada> -rwxr-sr-x 1 root utmp 308228 2007-10-23 18:02 /usr/bin/screen
[19:11] <frojnd> 20:10 alex_muntada > ok, so in 8.04 /usr/bin/screen is the sgid
[19:11] <frojnd> screen isn't a directory
[19:11] <frojnd> I also don't have any sgid if I /usr/bin/screen[tab]
[19:11] <frojnd> just screendump
[19:12] <alex_muntada> what does ls -l /usr/bin/screen say?
[19:12] <jthomas_sb> I cannot seem to find OpenOffice.org-headless in my 9.04 apt listings, what am I missing?
[19:13] <frojnd> -rwxr-x--- 1 root ris 308228 2007-10-23 18:02 /usr/bin/screen alex_muntada
[19:13] <alex_muntada> so here you have the problem
[19:13] <alex_muntada> first, it's no sgid and group is not utmp
[19:13] <frojnd> alex_muntada: groups is "ris"
[19:13] <frojnd> hm
[19:14] <alex_muntada> but second and most important, other has no permission to run screen
[19:14] <frojnd> so I have to add frojnd to a group ris?
[19:14] <alex_muntada> did you change that group?
[19:14] <frojnd> alex_muntada: yes long time a go
[19:14] <frojnd> untill power went off :D
[19:14] <frojnd> Now I have to do some cronjobs and first fix those permissions..
[19:15] <alex_muntada> i'd set the original group and sgid
[19:15] <frojnd> alex_muntada: why?
[19:15] <alex_muntada> so screen can run how it's supposed to under /var/run/screen
[19:16] <alex_muntada> if you want to limit who can run screen remove the other perms and setup sudo
[19:16] <frojnd> alex_muntada: first steps first
[19:16] <frojnd> How can I restore the screen settings?
[19:18] <alex_muntada> chgrp -h utmp /usr/bin/screen && chmod g+s,o+rx /usr/bin/screen
[19:19] <frojnd> alex_muntada: so it assing utmp to screen
[19:19] <frojnd> and than make 0755 to screen?
[19:20] <frojnd> alex_muntada: u mentioned to setup sudo, can you tell me what should I rad to limit the access for a screen?
[19:20] <frojnd> andol: alex_muntada whie ur here can you do ls -l /usr/bin/rtorrent ?
[19:21] <frojnd> I also have group for rtorrent
[19:21] <alex_muntada> frojnd: sorry, no torrent on my servers
[19:22] <frojnd> alex_muntada: ok what about sudo setup?
[19:22] <alex_muntada> frojnd: can you show me current permissions for screen?
[19:22] <frojnd> alex_muntada: ls -ld /var/run/screen ?
[19:23] <alex_muntada> frojnd: ls -ld /usr/bin/screen
[19:23] <alex_muntada> the /var/run/screen too, just in case
[19:23] <frojnd> alex_muntada: -rwxr-sr-x 1 root utmp 308228 2007-10-23 18:02 /usr/bin/screen
[19:24] <frojnd> and drwxrwxr-x 3 root utmp 60 2009-06-02 20:18 /var/run/screen/
[19:24] <alex_muntada> okay, that how screen permissions are by default
[19:25] <alex_muntada> now, to restrict screen to everyone but root do... chmod o= /usr/bin/screen && ls -ld /usr/bin/screen
[19:25] <frojnd> ok
[19:25] <frojnd> alex_muntada: no.. not the root, well root too, but a few other users
[19:25] <alex_muntada> s/to/for/
[19:25] <alex_muntada> follow me on this ;-)
[19:25] <frojnd> ok :)
[19:26] <andol> frojnd: me? :)
[19:26] <frojnd> ^ ^
[19:28] <frojnd> alex_muntada: chmod o= /usr/bin/screen && ls -ld /usr/bin/screen
[19:28] <frojnd> done
[19:28] <frojnd> what's with the s/to/for ?
[19:29] <alex_muntada> sorry, i meant restrict screen for everyone instead _to_ everyone
[19:29] <alex_muntada> s/// is a sed/perl string substitution
[19:30] <alex_muntada> so now screen should'nt work for anybody except root, is it?
[19:30] <frojnd> alex_muntada: yes except but root
[19:31] <frojnd> alex_muntada: except root, pardon me.
[19:31] <alex_muntada> ok, so now the way to grant permission to group ris without touching screen group is via sudoers
[19:32] <alex_muntada> take a look at /etc/sudoers and see that %admin ... line
[19:32] <jthomas_sb> I cannot seem to find OpenOffice.org-headless in my 9.04 apt listings, what am I missing?  Nor can I find jodconverter
[19:32] <frojnd> alex_muntada: it's set to ALL=(ALL) ALL
[19:33] <alex_muntada> %admin ALL=(ALL) ALL means group admin on all hosts grants to (ALL) users run ALL commands
[19:33] <alex_muntada> so, you have to edit sudoers by running sudo visudo
[19:34] <alex_muntada> and then add... %ris ALL=(ALL) /usr/bin/screen
[19:35] <frojnd> alex_muntada: I did but I still not able to open screen with user frojnd
[19:36] <frojnd> alex_muntada: If I type vigr and search for ris, I find this line: ris:x:1004:thor,frojnd
[19:36] <frojnd> which meanns users frojnd and thor are in a group ris
[19:38] <frojnd> Or am I wrong?
[19:38] <alex_muntada> you're right
[19:38] <jthomas_sb> at the prompt just rnu 'groups' (as frojnd) to see what groups frojnd is in
[19:39] <alex_muntada> maybe you added the group and didn't logout and login again?
[19:39] <frojnd> adm dialout cdrom floppy audio dip video plugdev fuse lpadmin admin thor ris
[19:39] <jthomas_sb> yes, did you log out and in?
[19:40] <frojnd> jthomas_sb: yes
[19:40] <frojnd> when I do scree[tab] it gives me screendump and not screen
[19:42] <frojnd> Any ideas?
[19:45] <alex_muntada> can you show us screen perms again?
[19:45] <frojnd> ls -ld /usr/bin/screen -rwxr-s--- 1 root utmp 308228 2007-10-23 18:02 /usr/bin/screen
[19:46] <frojnd> ls -ld /var/run/screen drwxrwxr-x 4 root utmp 80 2009-06-02 20:30 /var/run/screen
[19:46] <frojnd> that's odd
[19:46] <frojnd> I wrote: chmod o= /usr/bin/screen && ls -ld /usr/bin/screen
[19:47] <alex_muntada> that's right then
[19:47] <alex_muntada> can you... sudo grep %ris /etc/sudoers ?
[19:47] <frojnd> %ris ALL=(ALL) /usr/bin/screen
[19:50] <alex_muntada> if you try sudo screen, does it work?
[19:50] <alex_muntada> i'm afraid that right now will open a root shell on screen
[19:51] <frojnd> alex_muntada: yes as sudo, root I can run screen
[19:52] <alex_muntada> does it work for the other user too? it may work for you since you're on group admin anyway
[19:52] <frojnd> alex_muntada: no frojnd has no enough permissions
[19:53] <frojnd> alex_muntada: also thor, no enough permissions
[19:55] <alex_muntada> but do you run sudo screen or screen only?
[19:56] <frojnd> alex_muntada: screen only
[19:57] <alex_muntada> if you run only screen you don't have permissions since you've performed chmod o= on screen
[19:57] <alex_muntada> the idea is that sudo screen will work, but screen won't
[19:58] <frojnd> alex_muntada: yes but didn't the visudo %ris ALL=(ALL) /usr/bin/screen do it's work?
[19:58] <frojnd> frojnd is in ris group
[19:58] <alex_muntada> that enables screen for group ris under sudo
[19:59] <alex_muntada> without sudo it won't work
[19:59] <frojnd> alex_muntada: so only super user can run screen
[19:59] <frojnd> I'd like thor that has no rights to run screen
[20:00] <alex_muntada> you don't follow
[20:00] <alex_muntada> try to run sudo screen ad user thor
[20:00] <alex_muntada> ... as user thor
[20:00] <frojnd> alex_muntada: huh
[20:01] <alex_muntada> what happened?
[20:01] <frojnd> alex_muntada: I typed in thor's password when it asked mee for super user password. And now It's: root@ubuntko:/home/thor#
[20:02] <frojnd> user thor mustn't be root
[20:02] <alex_muntada> ok, that's true
[20:03] <alex_muntada> let me ask you something, you want only those users to be able to run screen but preserving their uid, right?
[20:03] <alex_muntada> e.g. thor runs screen and has a shell as thor
[20:04] <frojnd> alex_muntada: yes
[20:04] <alex_muntada> let's try a different approach, wait 1 sec
[20:06] <frojnd> I thought that I would create a group "ris" which is already created and whoever is in this group can use e.g. screen, irssi, rtorrent
[20:08] <alex_muntada> frojnd: okay, sudoers doesn't work (at least not that I know) to solve your case, I'm sorry
[20:09] <alex_muntada> so, please remove that %ris ... line from sudoers by running visudo
[20:10] <frojnd> alex_muntada: done
[20:11] <alex_muntada> i didn't like to change the default group and perms of screen command and /var/run/screen because they may change on future upgrades and you'll have to recheck your setup
[20:12] <alex_muntada> but now I think that there's no other way
[20:14] <alex_muntada> frojnd: do chgrp -h ris /usr/bin/screen /var/run/screen
[20:14] <frojnd> done
[20:14] <alex_muntada> make sure that sgid is still there, and add it otherwise... chmod g+s /usr/bin/screen
[20:15] <alex_muntada> now, instead of becoming of group utmp people running screen will have egid ris
[20:16] <alex_muntada> since perms for other should still be --- then only group ris will have perms to run screen
[20:16] <frojnd> alex_muntada: the way I wannted
[20:16] <alex_muntada> can you try for both users?
[20:16] <frojnd> alex_muntada: yes
[20:17] <alex_muntada> one last thing
[20:17] <alex_muntada> note that there's a screen-something under /etc/init.d
[20:17] <frojnd> alex_muntada: yes?
[20:18] <frojnd> alex_muntada: screen-cleanup
[20:18] <alex_muntada> $grep utmp /etc/init.d/screen-cleanup
[20:18] <alex_muntada>         chown root:utmp $SCREENDIR
[20:18] <frojnd> /etc/init.d/screen-cleanup
[20:18] <alex_muntada> you'll have to fix the group there too
[20:18] <alex_muntada> otherwise on next boot it will be reset to utmp
[20:19] <frojnd> rep utmp /etc/init.d/screen-cleanup bash: utmp: command not found
[20:19] <alex_muntada> sorry, it's grep utmp ...
[20:20] <frojnd> alex_muntada: yep it shows: chown root:utmp $SCREENDIR
[20:21] <alex_muntada> so you'll have to change it
[20:22] <alex_muntada> the only problem i see right now by changing group utmp by ris is that you'll probably be loosing accounting information about those shells in /var/log/*tmp
[20:22] <frojnd> alex_muntada: rhe group of /etc/init.d/screen-cleanup
[20:23] <alex_muntada> frojnd: you have to edit /etc/init.d/screen-cleanup search for utmp and change it by ris
[20:24] <frojnd> alex_muntada: I see
[20:27] <alex_muntada> make sure you make a copy before editing, just in case... cp -pi /etc/init.d/screen-cleanup /etc/init.d/screen-cleanup.bak
[20:27] <frojnd> alex_muntada: thank you so much, u've been very helpful and it's nice to see someone that knows security issues beside :)
[20:28] <alex_muntada> glad to help :-) though i missed my first shot going through sudoers
[20:30] <frojnd> alex_muntada: I wasn't very claear what I wannt :)
[20:32] <alex_muntada> jthomas_sb: http://packages.ubuntu.com/search?keywords=openoffice.org-headless shows that it isn't available on jaunty
[20:32] <frojnd> alex_muntada: to tell server after it boots up to run screen under user thor and than while screen is up to run rtorren in it I'd have to use crontab -e
[20:32] <frojnd> alex_muntada: I know how to add cronjob for screen: @reboot /usr/bin/screen -d -m /usr/bin/rtorrent
[20:33] <frojnd> is his secure?
[20:33] <jthomas_sb> alex_muntada figured that out eventually.  why wouldn't package releases be the same from one version to the next?  how well can an upgrade from one release to the next go if the packages aren't there?
[20:34] <frojnd> alex_muntada: Is it secure and how can this achieve for user thor?
[20:34] <alex_muntada> jthomas_sb: changes happen, though I don't know why this change happened though
[20:35] <alex_muntada> frojnd: where did you add that line?
[20:35] <frojnd> sudo -s
[20:35] <frojnd> crontab -e
[20:35] <frojnd> add line
[20:36] <alex_muntada> frojnd: that meaning that screen is run as root
[20:37] <frojnd> alex_muntada: ok
[20:37] <alex_muntada> why don't you crontab -e while on a thor shell?
[20:37] <frojnd> alex_muntada: I got it :) thanx
[20:38] <frojnd> alex_muntada: but I know only @reboot
[20:38] <frojnd> what if power goes off
[20:38] <frojnd> in bios I've setup to power on server while power comes on, will @reboot still work in this case?
[20:38] <alex_muntada> man 5 crontab says... @reboot Run once, at startup.
[20:39] <frojnd> I'm trying to tell server that when it comes up no matter what stance it was before to run screen and rtorrent
[20:39] <alex_muntada> so, i guess it'll work
[20:39] <tomsdale> How do I sudo aptitude install the JeOS kernel to replace the standart server kernel on a 8.04 server install? I want a kernel optimized for VMWare.
[20:41] <tomsdale> sry - please remove "sudo aptitude install". makes sort of sense there but I erroneously middle clicked ...
[20:49] <frojnd> alex_muntada: it works, but while in screen
[20:49] <frojnd> when I make a new isntance: ctro + a + c
[20:50] <frojnd> I only see $ and not thor@ubuntko:~$
[20:50] <frojnd> alex_muntada: while in crontab: @reboot /usr/bin/screen -d -m /usr/bin/rtorrent
[20:51] <frojnd> is there a modification to this that when in screen I'd have shell and not $
[20:51] <alex_muntada> frojnd: default shell in screen is /bin/sh
[20:52] <alex_muntada> if you want to change that you can add a different shell in ~/.screenrc
[20:52] <frojnd> alex_muntada: ~/.screenrc doesn't exist so I don't know whow it should look like
[20:53] <alex_muntada> alternatively, you can run screen -d -m -s /bin/bash /usr/bin/rtorrent
[20:53] <alex_muntada> man screen for the details
[20:53] <frojnd> -s is for shell I guess?
[20:54] <alex_muntada> yeah
[20:57] <frojnd> olrajti
[20:57] <frojnd> Now I need to read something about making backups
[21:01] <frojnd> alex_muntada: @reboot /usr/bin/screen -d -m -s /bin/bash /usr/bin/rtorrent
[21:01] <frojnd> won't start screen
[21:02] <mdunlap> Whats the best way to stream video from a server to the internet, Ive messed around with Jinzora
[21:04] <alex_muntada> frojnd: it should, i don't have rtorrent but it works for me if i do... /usr/bin/screen -d -m -s /bin/bash /bin/sleep 3600
[21:05] <alex_muntada> please, note that screen is executed undetached (-d -m) so you'll have to screen -r to see rtorrent working
[21:05] <frojnd> alex_muntada: is this maybe because I don't have ~/.screenrc for user thor?
[21:05] <alex_muntada> no .screenrc needed by default
[21:06] <frojnd> so this isn't the issue
[21:07] <frojnd> alex_muntada: @reboot /usr/bin/screen -d -m /usr/bin/rtorrent This works but it when crateing a new window with sscreen I won't have bash...
[21:07] <alex_muntada> thus the -s /bin/nash
[21:08] <alex_muntada> sorry, -s /bin/bash
[21:08] <frojnd> /bin/sleep 3600 means that it waits 60mins before what happens?
[21:08] <frojnd> alex_muntada: I do have like this: @reboot /usr/bin/screen -d -m -s /bin/bash /usr/bin/rtorrent
[21:08] <alex_muntada> the /bin/sleep is an example since i cannot try rtorrent
[21:08] <frojnd> alex_muntada: ok
[21:09] <alex_muntada> you don't expect cron to run this command unless you reboot, do you?
[21:09] <frojnd> alex_muntada: that's what I've been asking before..
[21:09] <frojnd> I'd like cron to run this everytime server boots up
[21:10] <alex_muntada> no, you asked a different thing
[21:10] <frojnd> alex_muntada: that too :)
[21:10] <alex_muntada> @reboot tells cron to run this only 1 time _after_ rebooting or powering up
[21:10] <alex_muntada> but you didn't reboot recently, did you?
[21:11] <frojnd> alex_muntada: the second tiem I did it didn't came up (screen)
[21:11] <frojnd> tiem==time
[21:11] <frojnd> maybe I should try without @reboot
[21:11] <alex_muntada> no, it will be a syntax error
[21:11] <alex_muntada> so, to make things clear
[21:12] <frojnd> yep it makes a syntax error
[21:12] <alex_muntada> did you reboot after adding @reboot /usr/bin/screen -d -m -s /bin/bash /usr/bin/rtorrent as user thor?
[21:13] <frojnd> alex_muntada: first I add @reboot /usr/bin/screen -d -m  /usr/bin/rtorrent I rebooted for the first time, screen came uo. Then I add: @reboot /usr/bin/screen -d -m -s /bin/bash /usr/bin/rtorrent and rebooted for the second time and screen didn't came up
[21:14] <alex_muntada> what happens when you run /usr/bin/screen -d -m -s /bin/bash /usr/bin/rtorrent from thor's shell?
[21:15] <frojnd> alex_muntada: screen starts
[21:15] <frojnd> alex_muntada: also if I create a new window within screen it has bash
[21:18] <alex_muntada> then, maybe you mistyped the crontab line? look for errors in /var/log/syslog
[21:22] <frojnd> alex_muntada: no errors there
[21:23] <alex_muntada> sorry then, I don't know what else suggest
[21:25] <frojnd> alex_muntada: hm
[21:25] <frojnd> I tried to copy this last command to the crontab and now screen is up
[21:25] <frojnd> looks like I did misstype, but it still wasn't enough for an error
[22:04] <glen1> hey
[22:06] <glen1> anyone know anything about backup to remote encrypted server haha
[22:43] <m33600> where is the start button? not a clue on start it up
[22:44] <m33600> no X, no wellcome
[22:44] <m33600> ans no list of commands
[22:45] <m33600> talking about ub server jaunty
[22:47] <m33600> is there any other server as simples as to share innternet at home?
[22:48] <altd78>  buenas tardes, tenia un archivo abierto html en ext4 (ubuntu jaunty) y se interrumpió la electricidad en el equipo, cuando volví a ver el archivo, estaba en 0KB, es esto normal?  se podrá recuperar?
[22:49] <PastorKarr> I just instsalled xfce4 on my server, but how to do I start it now?
[22:50] <altd78>  Hello!.  I'm at ubuntu jaunty with ext4 , I was working on a html file an saving my work  for about  2 days and I had a power outage, when i came back to see my file it was 0KB,  is this normal?  can I recover something?
[23:33] <altd78> PastorKarr:  You may want join channel #ubuntuforums, you'll get  an answer faster there