[00:09] <lamont> hrm.. could have sworn that the /var/lib/postfix thing was (1) fixed already and (2) submitted a time or 3 in debian, too
[00:14] <billybigrigger> hey all
[00:14] <billybigrigger> any raid/mdadm gurus here?
[01:17] <PleXuS> anyone known why /etc/init.d/networking restart don't restart my network configuration?
[01:17] <PleXuS> on ubuntu 9.04
[02:13] <pmatulis> PleXuS: did you prefix the command with 'sudo'?
[02:14] <PleXuS> pmatulis, yes
[02:14] <PleXuS> it says all ok
[02:14] <PleXuS> just it didn't do anything different :S
[02:14] <PleXuS> but my config file is totally changed :S
[02:14] <pmatulis> PleXuS: pastebin your interfaces file
[02:16] <pmatulis> PleXuS: are you running GNOME?
[02:16] <PleXuS> yes
[02:16] <pmatulis> you should be using network-manager then
[02:17] <pmatulis> and not commands
[02:18] <PleXuS> pmatulis, but it still uses the config file ?
[02:18] <pmatulis> PleXuS: yes, but nm will alter it, that could be why it's changing as you say
[02:19] <pmatulis> PleXuS: what does it say on the first few lines when it has changed?
[02:19] <PleXuS> config file isn't changed
[02:20] <pmatulis> PleXuS: you said it changes
[02:20] <PleXuS> it just not doing what I added in the config file
[02:20] <pmatulis> 21:14 < PleXuS> but my config file is totally changed :S                                                                                                                                    dthacker
[02:21]  * pmatulis goes away for a while
[02:21] <PleXuS> yeah i changed it but its not doing it
[02:21] <PleXuS> like i changed
[02:43] <pmatulis> PleXs: i asked you to pastebin it.  also output to 'ifconfig -a'.  can't help otherwise
[02:51] <PleXs> pmatulis, the config is ok.. its the gnome network manager that gives me the problems
[03:02] <tswicegood> hello - I'm running into problems compiling node.js (in particular, the V8 VM dependency).  It fails with the following error: http://pastie.org/514612  Anyone have any ideas what might be causing the problem?
[03:03] <ajmitch> I suggest talking to the chromium people about problems with compiling their stuff on 64-bit architectures
[03:04] <ajmitch> they do interesting things with that
[03:17] <mark____> Is it possible to make an application use a specific interface?
[03:25] <twb> mark____: usually that is in an application-specific fashion, such as a command-line option.
[03:26] <twb> I'm not aware of any generic way to restrict binding (other than just rejecting bind requests) to specific interfaces.
[03:26] <twb> You can also add firewall rules, of course, to drop/reject traffic on the unwanted interfaces.
[03:26] <mark____> twb: Thanks.  Are you aware of any command line only torrent clients that allow you to do this?
[03:26] <twb> Sorry, I don't provide support for torrent.
[03:27] <mark____> mkay
[03:28] <twb> You should be able to get a list of tty torrent clients using debtags.
[03:28] <twb> Something like: aptitude search "~Gbittorrent ~Gcurses"
[03:29] <twb> (That assumes you have aptitude and debtags installed.)
[03:29] <mark____> that's cool, never knew you could do that.  Thanks
[03:30] <twb> Here, I see that ~Gcurses doesn't match some packages, so maybe just try ~Gbittorrent alone
[08:49] <th0m> morn,ing
[10:20] <WaVeR> someone here to do some install test?
[10:20] <twb> !anyone
[10:22] <arl> Hi everybody
[10:22] <WaVeR> it was my real question :D
[10:23] <arl> does anybody have successfully installed postfix with dovecot and smtp-auth on hardy?
[10:23] <WaVeR> If you want to do some test please check this bug: https://bugs.edge.launchpad.net/ubuntu/+source/sudo/+bug/387997
[10:24] <arl> I am just switching from debian 4.0 to hardy and facing the problem that I can't send emails
[10:24] <arl> getting email is no problem but sending via mutt or evolution over imap is not possible
[10:24] <ivoks> mails aren't being sent over imap
[10:24] <ivoks> they are sent over smtp
[10:24] <arl> yes I know they are send via smtp
[10:25] <arl> sorry for that
[10:25] <ivoks> so, what exactly doesn't work?
[10:26] <arl> well mutt says "mail send" but this is not true, I can't see anything in /var/mail/mail.log
[10:26] <arl> it seems that smtp-auth does not work
[10:26] <ivoks> what do you use for smtp-auth?
[10:26] <arl> dovecot
[10:27] <ivoks> dovecot-auth or saslautd?
[10:27] <ivoks> ok
[10:27] <ivoks> postconf smtpd_sasl_path
[10:27] <ivoks> postconf smtpd_sasl_type
[10:27] <ivoks> postconf smtpd_sasl_auth_enable
[10:27] <arl> and the server greeting via telnet says "250-STARTTLS
[10:27] <arl> 250-AUTH PLAIN LOGIN
[10:27] <arl> 250-AUTH=PLAIN LOGIN
[10:27] <arl> "
[10:28] <ivoks> paste the output of this comand
[10:28] <ivoks> postconf smtpd_sasl_path
[10:28] <ivoks> command
[10:28] <arl> smtpd_sasl_path = private/auth-client
[10:28] <ivoks> ok
[10:28] <ivoks> have you set that path in dovecot?
[10:29] <ivoks> auth default {
[10:29] <arl>  path = /var/spool/postfix/private/auth-client
[10:29] <ivoks> socket listen {
[10:29] <ivoks> ok, that's good
[10:29] <ivoks> mode, user and group?
[10:29] <arl> mode 0600
[10:29] <arl> user = postfix
[10:29] <ivoks> ok...
[10:29] <arl> group = postfix
[10:30] <ivoks> you might change mode to 0660
[10:30] <ivoks> but it should be the source of the problem
[10:30] <arl> ah sorry it is already 0660
[10:30] <ivoks> is your client misconfigured?
[10:30] <ivoks> maybe it sends mail over another smtp
[10:31] <arl> just a sec I will check (again)
[10:31] <arl> no imap and smtp server are the same
[10:32] <ivoks> does it use smtps or smtp?
[10:32] <arl> well smtp with ssl support so I think it is smtps
[10:33] <ivoks> and there is nothing in mail.log?
[10:33] <ivoks> not even an error?
[10:33] <arl> no nothing
[10:33] <ivoks> it should be error at least
[10:33] <arl> even with smtpd_tls_loglevel = 4'
[10:33] <arl> and a "-v" in master.cf
[10:34] <ivoks> well, you should have info about establishing connection
[10:34] <ivoks> if there's no such thing, your client isn't connecting to the server
[10:34] <arl> yes I can see that my client loggs in via imaps
[10:34] <arl> but nothiung about the smtp thing
[10:34] <ivoks> well, we are talking about postfix here
[10:34] <arl> yes
[10:35] <ivoks> do you see connectiong attempt when you telnet to port 25?
[10:35] <arl> yes
[10:35] <ivoks> how about port 465?
[10:36] <arl> Unable to connect to remote host: Connection refused
[10:36] <ivoks> so, not smtps on your server
[10:36] <ivoks> s/not/no/
[10:36] <arl> hmm
[10:36] <ivoks> TLS is one thing
[10:36] <ivoks> SSL is another
[10:36] <ivoks> TLS is being utilized over port 25
[10:36] <ivoks> while SSL over port 465
[10:36] <ivoks> check master.cf
[10:37] <ivoks> you should have:
[10:37] <ivoks> smtps     inet  n       -       -       -       -       smtpd
[10:37] <ivoks> uncommented
[10:38] <arl> ok now it accepts telnet 465
[10:39] <ivoks> now try sending email
[10:40] <arl> no success
[10:40] <arl> but I got some errors in mail.log
[10:40] <ivoks> that's a good start
[10:40] <arl> SSL_accept:error in SSLv2/v3 read client hello A
[10:41] <ivoks> did you set up ssl corectly?
[10:42] <arl> I think so
[10:42] <arl> any ideas how I can check this?
[10:42] <ivoks> well, your mail should be delivered
[10:43] <ivoks> you might add this:
[10:43] <ivoks> smtpd_tls_mandatory_protocols = SSLv3, TLSv1
[10:43] <ivoks> smtpd_tls_mandatory_ciphers = medium
[10:44] <ivoks> but you mail should be delivered to destination
[10:44] <ivoks> that's just internal openssl buzz
[10:44] <arl> no success
[10:44] <ivoks> i think you won't see it once you remove verbose logging
[10:45] <arl> why this?
[10:46] <ivoks> is this what you see?
[10:46] <ivoks> http://www.irbs.net/internet/postfix/0211/2722.html
[10:48] <arl> wait a sec I am searching a no paste service
[10:48] <arl> http://nopaste.debianforum.de/22346
[10:49] <ivoks> paste.ubuntu.com
[10:49] <ivoks> reduce logging
[10:51] <arl> http://paste.ubuntu.com/197559/
[10:51] <arl> this "warning" could be a problem
[10:53] <ivoks> that could be problem with certificates
[10:54] <arl> but when i disable tls / ssl I can'T send
[10:55] <arl> hmm maybe I should rest the server and start over again
[10:56] <ivoks> how did you create certificates?
[10:57] <arl> with the instructions on this guid https://help.ubuntu.com/8.04/serverguide/C/postfix.html
[10:58] <ivoks> those are good instructions
[11:00] <ivoks> set it up to work without ssl/tls first
[11:01] <arl> yes I think I will start over again. and confirm function after every configuration step
[12:00] <stapel> how do I log a user in automatically at startup?
[12:01] <_ruben> i highly doubt that you'd want that on a server .. and i dont think its even possible
[12:01] <stapel> i want to run a curses based interactive script at start-up in text mode. I have already disabled X at start-up and added the script at start-up, but it does not run. If I start gdm and run it in a console it works. Any ideas?
[12:05] <_ruben> this isn't a server then, is it? as servers dont run X
[12:10] <stapel> no it isn't, it is desktop edition, but i have disabled X at start-up. I want to present the user with a menu from where they can do some basic things or then select an option to boot into the GUI
[12:11] <stapel> the #ubuntu room was not very helpful, that's why i came here :)
[12:15] <twb> stapel: if you're using GDM, you need to grovel through /etc/gdm and similar, or possibly look at GDM's graphical configuration tool
[12:15] <twb> stapel: I can't be bothered looking up the details for you.
[12:17] <_ruben> putting an interactive script in rc.local might just do the trick ..never tried
[12:17] <stapel> twb: I am not using gdm. I have disabled gdm by doing 'sudo mv S30gdm K30gdm' in the /etc/rc2.d/ directory
[12:17] <stapel> ruben: thanx...will look into it
[12:19] <twb> _ruben: it does
[12:19] <twb> I have this in /etc/rc.local on my Debian Sid netbook:
[12:19] <twb> env -i su twb -c xinit >/var/log/xinit.log 2>&1 &
[12:20] <_ruben> that doesnt look very interactive to me though
[12:20] <twb> Sorry, I missed "interactive"
[12:21] <twb> For a menu of things to try, I recommend looking into what is done with the "single" option in recent releases
[12:21] <twb> It has options like "give me a root shell", "fix grub", "fix xorg"
[12:22] <stapel> what do you mean by "single" releases?
[12:22] <stapel> sorry "single option" in recent releases?
[12:23] <twb> stapel: the argument you provide on the kernel command line.
[12:23] <twb> Usually labelled "(rescue)" or something in grub.
[14:30] <arl> ok i have reinstalled everything and now it is working
[14:34] <ivoks> hehe
[14:34] <ivoks> it was probably a configuration issue
[14:39] <kirkland> ivoks: ping
[14:39] <kirkland> ivoks: you were looking for me yesterday, regarding dkms :-)
[14:41] <ivoks> yeah
[14:41] <ivoks> kirkland: do you see dkms as a solution for all packages that have kernel modules?
[14:42] <arl> I dont' know what the prolem was
[14:42] <arl> but as you can see - I take the time it needs :-)
[14:44] <kirkland> ivoks: heh, "all" is a pretty sweeping conclusion :-)
[14:44] <kirkland> ivoks: i have been very pleased with it for kvm
[14:44] <ivoks> kirkland: most :)
[14:44] <kirkland> ivoks: out-of-tree modules, do you mean?
[14:44] <ivoks> kirkland: i was thinking on pushing that as a 'rule'
[14:44] <ivoks> yes
[14:44] <kirkland> ivoks: well, you need to clarify that rule a little
[14:45] <kirkland> ivoks: obviously, its best for the module to be upstream in linux
[14:45] <kirkland> ivoks: in kvm's case, it is upstream
[14:45] <kirkland> ivoks: but the upstream one in Linux is inevitably older than the one under development by the kvm devs
[14:45] <ivoks> but you needed to update kvm in hardy, right?
[14:45] <kirkland> ivoks: right, and it works well for that
[14:45] <ivoks> so, we support LTS far longer than upstream want us to do
[14:46] <kirkland> ivoks: not all modules will build/work with dkms
[14:46] <kirkland> ivoks: the module has be relatively self contained for that to work
[14:46] <ivoks> of course
[14:47] <kirkland> ivoks: i think dkms is the best solution around for handling your request, though
[14:47] <kirkland> ivoks: i have only had to work around one issue, though ...
[14:47] <kirkland> ivoks: kernel headers are required
[14:47] <kirkland> ivoks: for all kernels that you want to build for
[14:48] <kirkland> ivoks: this sounds obvious
[14:48] <ivoks> right
[14:48] <magnetic__> hey guys, is there anybody working on the asterisk merge?
[14:48] <kirkland> ivoks: but it's not possible to put that into a debian/control depends rule
[14:48] <ivoks> kirkland: why not?
[14:48] <kirkland> magnetic__: probably best to ask in #ubuntu-motu
[14:49] <ivoks> oh, not for every kernel... right
[14:49] <kirkland> ivoks: right
[14:49] <magnetic__> kirkland: ok, thx
[14:49] <kirkland> ivoks: it would be nice to solve that, somehow, before making the "rule"
[14:50] <ivoks> shouldn't depending only on linux-headers be enough?
[14:50] <kirkland> ivoks: i hacked this in the kvm-source.postinst
[14:50] <kirkland> ivoks: kvm-source.postinst
[14:50] <kirkland> ivoks: http://pastebin.com/f2e55955c
[14:51] <kirkland> ivoks: i think the kernel team could solve this with yet another meta package
[14:52] <ivoks> kirkland: why doesn't kvm depend on linux-headers?
[14:52] <ivoks> that should be enough
[14:52] <ivoks> cause if you have installed linux-x.y.z-X-generic
[14:53]  * _ruben doesnt have good experience with such deps
[14:53] <ivoks> that would pull in linux-headers-generic
[14:53] <_ruben> does it?
[14:53] <ivoks> it should
[14:53] <_ruben> afair, it doesnt
[14:54] <ivoks> ah.. it doesn't
[14:54] <kirkland> ivoks: because the headers are hundreds of megs, which you don't need
[14:54] <_ruben> a major pita for dkms
[14:54] <kirkland> ivoks: see the control file for kvm
[14:54] <kirkland> ivoks: kvm-source Depends: debhelper (>= 5), make, bzip2, dkms, linux-headers-server | linux-headers-generic | linux-headers
[14:55] <ivoks> ok...
[14:55] <ivoks> that should pull in headers
[14:56] <kirkland> ivoks: right
[14:56] <ivoks> this could be simplified in karmic
[14:57] <ivoks> since we won't have -server and -generic
[14:57] <kirkland> ivoks: we don't?
[14:57] <kirkland> ivoks: sweet
[14:57] <ivoks> that's the plan, yes
[14:57] <ivoks> there's a discussion at kernel-team mailing list
[14:58] <ivoks> pae is the only problem
[15:26] <geekboxjockey> greetings, I am looking for a recommendation on a UPS to run with 8.04.2 server, we have used Tripplite "omni's" and have had horrible luck w/driver support, thinking about APC, just wanted to hear what people had to say. any input is greatly appreciated!
[15:27] <ivoks> apc has quite good support
[15:27] <ivoks> there's nut and apcuspd
[15:29] <geekboxjockey> yeah we have had horrible experiences with tripplite omnivs1000 & 1500 and nut
[15:30] <geekboxjockey> I'm sure there is an "industry standard" for this stuff, servers need UPS's and servers run Linux :P
[15:30] <geekboxjockey> have been looking into APC, anyone got a model they have had good luck with?
[15:30] <ivoks> well, powerware come with their own software
[15:31] <ivoks> i've used couple of apc models, and all were supported
[15:31] <ivoks> http://www.networkupstools.org/compat/stable.html
[15:31] <ivoks> this should be a good start
[15:33] <geekboxjockey> yeah, I'm hesitant because the OmniVS1000 was supposed to be "supported" and I ended up getting into modifying the driver and compiling it with some suggested changes etc
[15:33] <geekboxjockey> but APC sounds good esp with apcupsd being currently developed and specialized for a popular brand
[15:34] <ivoks> we prefere nut :)
[15:34] <geekboxjockey> yeah?
[15:34] <ivoks> it's in main
[15:34] <geekboxjockey> so itd be safe to go with APC and still use nut if possible?
[15:34] <ivoks> apcupsd is in universe
[15:34] <geekboxjockey> ahh, heh ;)
[15:38] <ivoks> take care...
[15:45] <geekboxjockey> sorry, thanks for the help :P
[15:46] <geekboxjockey> I'm just poking around on amazon now looking for deals on APC hardware ;)
[15:47] <geekboxjockey> ivoks: Thanks :)
[16:22] <th0m> to follow my yerteday problem,
[16:22] <th0m> perf problem in vmware beetwen DEBIAN and UBUNTU
[16:22] <th0m> ubuntu: [    4.112045] scsi target2:0:0: FAST-40 WIDE SCSI 80.0 MB/s ST (25 ns, offset 127)
[16:23] <th0m> debian : Jun 15 16:06:26 ns249-175 kernel:  target0:0:0: FAST-160 WIDE SCSI 320.0 MB/s DT IU RDSTRM RTI WRFLOW PCOMP (6.25 ns, offset 127)
[16:23] <th0m> anybody knows why ubuntu says 80 MB/s and debian, 160 ?
[16:23] <th0m> same config in vmware, and same hardware (a dell blade + iscsi san)
[16:35] <Sam-I-Am> th0m: does it actually mean anything?
[16:35] <Sam-I-Am> th0m: its just virtual hardware anyway
[16:41] <th0m> i dont have the same perf
[16:41] <th0m> performance
[16:43] <Sam-I-Am> the virtual machine's hardware is the same?
[16:43] <huats> soren: are you around ?
[16:44] <Sam-I-Am> there are two virtual scsi controllers offered by vmware
[16:44] <Sam-I-Am> also, is your virtual hardware the same version
[17:34] <mathiaz> kirkland: howdy
[17:34] <mathiaz> kirkland: it seems that there is an issue with sudo+encrypted home in karmic alpha2: https://bugs.launchpad.net/bugs/387997
[18:16] <ivoks> Canonical will announce on June 17 the certification of Ubuntu 9.04 Server Edition on HP's new ProLiant G6 servers, company officials said.
[18:16] <ivoks> is this true?
[18:18] <RoAkSoAx> ivoks, heya master how's it going
[18:18] <ivoks> great, how are you?
[18:22] <RoAkSoAx> ivoks, pretty got.. just got back from my trip
[18:22] <RoAkSoAx> s/got/doog
[18:23] <RoAkSoAx> good*
[18:23] <ivoks> nice
[18:23] <RoAkSoAx> ivoks, so anyways, what's the status of the packages? and what about the mentorship
[18:24] <ivoks> RoAkSoAx: i want to talk with you about versioning of packages
[18:24] <ivoks> RoAkSoAx: other than that, i think you are ready for motu
[18:25] <RoAkSoAx> ivoks, ok. shall we do it now, or when do you think we can talk about it?
[18:25] <ivoks> RoAkSoAx: it would be easier over email
[18:25] <ivoks> cause of time difference and there will be lots of pasting
[18:26] <RoAkSoAx> ivoks, yeah!! ok cool. let's do it over email. What about the HA packages?
[18:26] <ivoks> RoAkSoAx: you do realize that HA is almost another software in 2.99 version?
[18:27] <ivoks> RoAkSoAx: it can't do anything as a standalone
[18:27] <RoAkSoAx> ivoks, yes I do realize that.. That's why HA needs Pacemaker starting from 2.99.x
[18:27] <ivoks> RoAkSoAx: it's other way around
[18:27] <firecrotch> I have a ubuntu server running openvpn, and I'm trying to allow hosts on the local subnet to communicate with hosts on the VPN subnet.  The local machines and the server are both behind a dd-wrt router that is set up to route the packets from local machines that are destined for the VPN clients to the server, I just need the server to forward those packets to the correct hosts.  I've determined that I need to use iptables on th
[18:28] <RoAkSoAx> ivoks, how so?
[18:28] <ivoks> RoAkSoAx: parts of heartbeat have been merged to pacemaker
[18:28] <ivoks> RoAkSoAx: parts have been droped from heartbeat
[18:28] <ivoks> RoAkSoAx: rest of it ended up as heartbeat 2.99
[18:29] <ivoks> RoAkSoAx: so ha 2.99 can only be used as a messeging layer for pacemaker
[18:29] <RoAkSoAx> ivoks, right, since Pacemaker is the Cluster Resource Manager and Heartbeat is only the one who delivers messages
[18:30] <ivoks> and we decided that pacemaker with hearbeat as messeging layer will be in universe
[18:30] <ivoks> pacemaker with openais will be supported solution
[18:31] <RoAkSoAx> ivoks, right
[18:31] <ivoks> and, you are free to work on packages in ppa, of course
[18:32] <ivoks> :)
[18:33] <RoAkSoAx> ivoks, haha ok cool. I just don't know where to start/what to do
[18:33] <ivoks> RoAkSoAx: is there anything, packaging related, that you don't understand or need help with?
[18:34] <ivoks> RoAkSoAx: my goal is to make openais, corosync versions 1.0 into karmic, if possible pacemaker with openais 1.0 as messaging layer into karmic
[18:34] <ivoks> RoAkSoAx: rhcs with openais/corosync 1.0 into karmic
[18:34] <RoAkSoAx> ivoks, yes I have doubts with debian/rules... and I would like to package layer7switch from scratch (which has a kernel module and userspace tools)
[18:34] <ivoks> everything else is optional for me :)
[18:35] <RoAkSoAx> ivoks, ok so let's work on that goal, and as you said, we'll just leave heartbeat in universe and leave it usable
[18:35] <ivoks> RoAkSoAx: layer7switch?
[18:35] <ivoks> does it change iptables modules?
[18:36] <ivoks> are you talking about l7-filter.sf.net?
[18:36] <RoAkSoAx> ivoks, http://www.linux-l7sw.org/
[18:36] <ivoks> last release in 2007.
[18:37] <RoAkSoAx> ivoks, yes it's another project from the keepalived team
[18:37] <ivoks> there's no point in packaging dead projects
[18:38] <ivoks> kernel modules from 2007 have big chances of not being buildable at all with recent kernels
[18:38] <ivoks> there's another, live, project
[18:38] <ivoks> l7-filter.sf.net
[18:39] <RoAkSoAx> ivoks, I see. though keepalived also had a release on 2007 and then otherone in 2009 so it took them 2 years to do some bugfixes.. and I'm guessing that it might be the same status of this other project
[18:39] <ivoks> RoAkSoAx: investigate that :)
[18:39] <ivoks> that's first step in packaging
[18:39] <ivoks> check out if the code is being maintained
[18:40] <RoAkSoAx> ivoks, yes.. I had no time this past few days since i've been away from my computer.. I'll find it out and work in it if it's still active.. since one other thing that I would really like to do is to package something from scratch, that way I'll understand debian/rules better :)
[18:41] <ivoks> sure
[18:41] <ivoks> pick a project and start working on it
[18:41] <ivoks> if you get stuck, let me know
[18:41] <RoAkSoAx> ivoks, ok cool :)
[18:42] <ivoks> but if you decide on linux-l7sw, don't be disapointed if it doesn't get accepted cause of maintainance status
[18:43] <RoAkSoAx> ivoks, i won't.. i just want to learn how to package from scratch :)
[18:43] <ivoks> ok
[18:43] <RoAkSoAx> ivoks, and I would also like to work on bugfixing and security udpates
[18:43] <ivoks> i'll send you an email about versioning
[18:44] <ivoks> security updates are special form of packaging
[18:44] <ivoks> find a patch, patch the code, send for upload
[18:44] <ivoks> :)
[18:45] <RoAkSoAx> ivoks, well I'm also that security updates are just finding a patch upstream or in other distributions, applying it, testing it and summiting it... and some bugfixes might have that same procedure
[18:45] <ivoks> right... well, time for me to go off
[18:45] <RoAkSoAx> ivoks, ok :) have a good night
[18:47] <ivoks> you too :)
[19:39] <fR_> hi, im trying to set up nfs+kerberos and am getting an error "Unable to obtain credentials for 'nfs'" when rpc.svcgssd tries to start
[19:39] <fR_> http://pastie.org/515446
[19:39] <fR_> i do have a keytab entry
[20:47] <ivoks> any samba gurus around?
[20:48] <nick125> Just try asking..maybe someone will know (I've worked a little with Samba as a PDC...but that's about it)
[20:49] <ivoks> well, i would like to authenticate against ldap
[20:51] <nick125> Oooh, fun. My standard advice would be to jump off a bridge, but the next best option would be to Google around a little. In the PDC I setup, it was authenticated against LDAP, so I might be able to help you if you have issues
[20:52] <ivoks> i know
[20:52] <ivoks> but i was thinking
[20:52] <ivoks> if i store passwords in ldap in cleartext format
[20:52] <ivoks> then samba could read them and it would know the password
[20:53] <ivoks> could it crypt it to NTLM and compare it with the hash that windows are sending?
[20:53] <ivoks> why do i need another attribute in ldap with same password, only crypted?
[20:55] <mathiaz> ivoks: the userPassword field in ldap is not clear text
[20:55] <ivoks> it can be
[20:55] <ivoks> mathiaz: ldap can store password in couple of different formats
[20:55] <Threetimes> Hi I just successfully installed spamassasin. How do I place spam-flagged mails in a seperate IMAP mailbox? I use postfix with maildir. I think I have to use procmail, but I don't know if I configured it correctly.
[20:55] <ivoks> one of them is cleartext
[20:55] <mobj> does someone know when nut 2.4 will be available in hardy?
[20:55] <nick125> You'll need two hashes. That's it.
[20:56] <mathiaz> ivoks: really - I though that slapd would actually convert internally the new password and store it as a hash in userPassword
[20:56] <ivoks> nick125: why? samba obviously can encode plaintext password into ntlm (smbpasswd)
[20:56] <nick125> One NTLM, one normal crypt (or whatever is default). There are some scripts/plugins/whatnot to syncrhonize the two passwords, though.
[20:56] <ivoks> mathiaz: {plaintext}mypassword
[20:57] <guntbert> Threetimes: just to clarify (I'm no expert here): what imap server are you using?
[20:57] <Threetimes> dovecot
[20:58] <mathiaz> ivoks: well then my answer is that the samba code doesn't support that natively
[20:58] <ivoks> mathiaz: i know it doesn't
[20:58] <mathiaz> ivoks: the code is probably expecting a specific schema/attribute and does all the password update itself
[20:58] <mathiaz> ivoks: so you may have to hack the samba code to do the right thing
[20:58] <ivoks> that's why i asked, maybe someone thought about that
[21:00] <guntbert> Threetimes: sorry, I didn't think about that before - so I'm gonna read/learn with you :-)
[21:01] <ivoks> {CLEARTEXT}  indicates  that the new password should be added to userPassword as clear text.
[21:03] <mathiaz> ivoks: hm - does samba have access to the cleartext password from the user?
[21:04] <ivoks> any user?
[21:04] <ivoks> sorry... yes, it does
[21:04] <ivoks> it can read ldap attributes
[21:04] <mathiaz> ivoks: hm - I don't know - I'm not familiar enough with the samba protocol architecture
[21:05] <ivoks> it reads attribute of windows password and compares it with the on that client sent
[21:05] <ivoks> so, instead of just reading cleartext password, do smbpasswd on it, catch the result and compare it with the client
[21:05] <ewook> hurmpf. any one used a fax/answering-machine setup?
[21:06] <ewook> like a nice mix of mgetty and hylafax
[21:09] <ewook> !mgetty
[21:11] <guntbert> !info mgetty
[21:11] <ewook> thx guntbert
[21:11] <guntbert> ewook: :)
[21:16] <ewook> aw man. what have I gotten myself into..
[21:17] <ewook> bying a compatible card for asterisk just seems more tempting..
[21:19] <fR_> btw my earlier problem was caused by FQDN not being listed first in /etc/hosts.
[21:24] <mobj> does someone know when nut 2.4 will be available in hardy?
[21:26] <ivoks> never?
[21:28] <ivoks> night
[21:33] <Sam-I-Am> jmarsden: you there?
[21:48] <Kalmairn> Afternoon.  Got a strange NAT problem that started when I took an fully-functional script from a REALLY old Gentoo installation and moved to a Ubuntu LTS Server version.
[21:48] <Kalmairn> It seems that, on occasion and consistently for specific sites, the NAT table will lose or ignore sessions; the result is return traffic from internet-side hosts will not be NAT'ed back to the client destination IP rather hitting the INPUT chain on the firewall itself.
[21:51] <ewook> yay. this is gonna be a nightmare.
[23:07] <PleXs> anyone using kvm + virt-manager?
[23:10] <soren> Sure.
[23:11] <PleXs> soren, can you select hypervisor kvm ?
[23:11] <soren> Sure.
[23:11] <PleXs> hmm your also using ubuntu server 9.04 ?
[23:11] <soren> Which architecture have you chosen?
[23:12] <PleXs> hmm seems to be fixed now
[23:13] <PleXs> soren, but when connecting in virt-machine is it qemu?
[23:14] <PleXs> I get under ID qemu but when creating new machine i can choose for kvm now (after reinstalling)
[23:31] <soren> PleXs: The "qemu" hypervisor manages both kvm and qemu guests.
[23:31] <PleXs> ah ok :)
[23:32] <PleXs> soren, you got idea how I can add usb printer support? :)
[23:32] <soren> Not really. If I were you, I'd share it over regular CUPS or Samba and install it as a network printer in the guest.
[23:35] <PleXs> not possible :)
[23:35] <PleXs> printer only works on windows
[23:36] <PleXs> because driver issue's on linux
[23:36] <PleXs> :(
[23:52] <JanC> PleXs: qemu supports usb forwarding IIRC, so will probably also work with kvm
[23:52] <JanC> but maybe not from withing virt-manager
[23:53] <JanC> -usbdevice option
[23:55] <PleXs> JanC, I can remember adjusting something in xml file :)
[23:56] <PleXs> <hostdev mode='subsystem' type='usb'>
[23:56] <PleXs> adding this
[23:56] <PleXs> and more.. but my vm machine did disappear :S
[23:56] <PleXs> in virt-manager