[00:23] hello all, does a default server install not load modules needed to playback sound? [00:23] I built a NAS out of an MSI wind pc, now I want to also be able to use the onboard sound card to play music from it [00:24] I need to check when or @ what time a process in the ps falls away... how can I do this / [00:24] I installed cmus via apt-get, but when I try to play a track it says "error: opening audio device: No such file or directory" [00:30] luckyone: http://ubuntuforums.org/showthread.php?t=205449 that should get you where you need to go! [00:32] check out moc if you want to access it via ssh... or if you want a web based solution, jinzora is great. you can use the web interface, hit play, and it plays on your server box. [00:33] diffra: I am using cmus right now - pretty slick, I will check out moc [00:34] cmus may have to load the entire directory structure every time (which isn't good) [00:35] diffra: I was missing linux-sound-base, that is probably a pretty important package [00:50] hello, has anyone ever had a problem on ubunttu server 8.04.2 when it cant ping hosts, it is resolving dns [01:02] to whitelist a sender domain (using this set up: https://help.ubuntu.com/9.04/serverguide/C/mail-filtering.html), do I use the DKIM whitelist or an amavisd whitelist? [01:02] (I don't fully understand DKIM yet) [01:03] depends on what you're wanting to whitelist. [01:03] basically, short answer is both. [01:04] diffra: to clarify, I just want to prevent several addresses from being marked as spam, ever. [01:06] for amavis, 1) is the read_hash for the whitelist file valid syntax, and 2) where do I put that directive since there is no /etc/amavis.conf in ubuntu? -> http://flakshack.com/anti-spam/wiki/index.php?page=Installing+and+configuring+Amavisd-new [01:06] then, yeah, both. the page says that it's passing to dkim/spf seperately from amavis, so they'll each need to be whitelisted [01:07] FTA: "Amavisd-new can be configured to automatically Whitelist addresses from domains with valid Domain Keys. There are some pre-configured domains in the /etc/amavis/conf.d/40-policy_banks" [01:07] not sure about dkim.. never used it. [01:07] diffra: thanks, looking [01:09] diffra: the author_to_policy_bank_maps made me unsure; thanks, I'll give this a try [01:10] Sure. Check the sectino in the guide you linked... it gives several examples how to whitelist in amavisd. [01:10] section even. [01:12] diffra: I did notice that section, but the DKIM heading made me think it was tied solely to DKIM, while being unsure if DKIM and amavis are not the same thing, or closely connected, etc etc.. :D confusing [01:23] jeebus crisp, 125 processes with only 4 ports open. I guess this is teh new internets. [01:23] err, 131 [01:35] bc: yeah, i'm not really a fan of big configs like that. [01:35] I rock lighttpd, postfix/dovecot with RBLs, and run spamassassin client side. [01:37] diffra: I run spamassassin client side as well, but the other users were screaming halp before I put in a new server. [01:38] diffra: the server is about the size of a hard back book. I guess in about 5 years they'll be the size of a RJ45 plug or something. [01:38] bc: those exist you know. one second. [01:39] diffra: see, i'm already behind the curve [01:41] http://www.digi.com/products/embeddedsolutions/digiconnectme9210.jsp [01:42] diffra: sheesh, that's insane [01:43] sure, it's not x86 or anything, but you could probably make a passable static http server out of it. [02:20] diffra: Did you get your policy_banks question sorted out? [02:40] H ALL [02:41] есть кто русский [02:41] ? [02:41] VinchenzO, english in here === mobi-sheep__ is now known as mobi-sheep_ [03:56] ScottK: that was bc with the question, i was just trying to help [04:16] ScottK: thanks; yes, problem solved [04:29] Anyone can tell me how to make the server download vcards? [04:30] right not its just displaying in page === mobi-sheep_ is now known as kinja-sheep [04:36] right now Im linking to vcard but it opens in html file [04:37] are you using .vcf? [04:37] or .vcard? [04:37] I'm using .vcf [04:37] should I use vcard? [04:38] either way, this should work in your apache config: http://dpaste.com/59037/plain/ [04:39] Thank you diffra! [04:39] you could also do this in php/perl if you were so inclined, but i think this is the prettiest way to go about it. [04:40] np. i just googled something like "apache force download by file extension", found a page about doing the same thing for .pdf files, and changed the regex to match your .vcard files :) [04:40] diffra should I add this to the directory the vcards are held in? [04:40] in a .htaccess file? [04:41] that would work. [04:41] or under a tag in apache2.conf [04:41] man Ive been trying to do this for 3 days now :) [04:41] thank you! [04:41] np. let me know if it doesn't work... [04:41] will do :) === s_markow_ is now known as s_markow [04:43] You rock dude, it worked! [04:43] thank you diffra! [04:43] sa-weet [04:43] lol [04:58] quiet in here 'eh? [05:01] Does Ubuntu Server have a GUI Installer? [05:06] MrPockets: no. It's CLI only. The installer has a text-based 'gui' of sorts: http://images.howtoforge.com/images/samba_setup_ubuntu_5.10/img_22.gif [05:06] mhmm [05:07] I'm just having issues with this machine, and would like to revert back to a GUI noob-friendly install to try and sort out some issues. Might just put 8.10 Desktop version on and run as a server [05:09] MrPockets: there's really nothing too wrong with that. You lose some RAM to the gui, and there's the security risks entailed with all the extra software. [05:09] neologistically speaking, d-i is a "TUI", which basically means a GUI on a charcell display. [05:09] right. I'm only looking to use this box as somewhat of a security-camara server that i can term=service into and creep on whats going on in the data center via webcam [05:09] and download torrents [05:10] a desktop version with a firewall should be exactly what you want [05:12] Jesus. you are the nicest linux guys i've ever seen. [05:12] All of the linux guys (usually myself included) are all, BAH! you don't need a GUI on a server! HUmbug! [05:13] MrPockets: that's because most of the channel is newbie like you ;-P [05:13] under most circumstances, sure, you don't need it. but it's not like if you apt-get install ubuntu-desktop Canonical kills a kitten. [05:13] Wouldn't say I'm a noob. Just tired and wanna get this at least on the network so i can leave this god forsaken dungon and go home :-( [05:14] That's why I keep a sleeping bag and a pillow in the office... [05:14] LOL [05:14] ...no joke? [05:15] Once I was up all night fixing a server for deployment, then I spent the whole next day out at the prison deploying the damn thing [05:15] Though that's a pathological case. [05:16] WTF. I get a BusyBox v1.1.3 Built-in Shell enter Help for a list of commands [05:16] Now that I have a bicycle, I tend not to sleep in the office anymore -- back when I took public transport, I'd have to wait until 6am for the trains to start again anyway. [05:16] MrPockets: you have messed up bootstrapping somehow [05:16] MrPockets: busybox is part of the ramdisk; you get dumped there if it can't find your root partition. [05:16] I just reformatted both drives [05:16] but i just booted live to the Ubuntu CD.. [05:17] twb: been there. Spent the night in a not-really-cold-enough room triaging a win2k machine that got pwned. [05:18] one of those boxes that's always been around, deployed before my time, i had no idea half the shit that was on there. [05:18] Bleh, at least I don't have to touch Windows [05:18] hah [05:18] all but two of the servers we administrate are windows [05:18] administer? [05:18] MrPockets: "admin" vt. [05:19] Any of you have experience imaging machines with Acronis? [05:20] Hi, I can't seem to be able to remove the package doc-base [05:20] I keep getting circular dependencies and errors about removal [05:22] seems like the post removal script wants to use install-docs and that file was just removed [05:27] http://pastie.org/522520 [05:29] This isn't fun any more. [05:29] I wanna go home. [05:31] LiraNuna: this is a hack, but maybe just drop a bash script in /usr/local/bin/install-docs that returns true and exits to satisfy apt? [05:32] i'm sure that install-docs is supposed to do something, but if it's already being removed, i don't see that it could be that important. [05:32] diffra, that was my last resort [05:32] google doesn't come up with anything too [05:33] I guess it's bug filing time [05:50] When a 8.04 server boots, what happens between "Starting" and "Loading, please wait"? [05:55] on one box I have it on, I've found if I dont have the VGA monitor cable plugged in, it stops at "Starting" and doesnt continue [05:55] Even adding debug to kernal doesnt help .. because it hasnt loaded it yet [06:24] I am building a network for a class that needs to be a secure as possible and still provide a few basic services (http,smtp,imap,dns). I have only one computer that can be used to provide these services. I want to seperate them into VM's but while the computer has ok hw it doesn't have any intel-VT. I was thinking about using xen but I wanted to see what others thought. [06:26] A little more info. Right now it is running 2k3 with dns and virtual server on the host and 2k3 with http, smtp, and imap in a guest. I don't need to keep the same os's I just need to provide the same services on the same "public" ip's. [06:27] Xen would probably work for what you need. [06:28] But as far as security goes, avoid running any kind of services on the dom0/host. [06:28] I mean, I'd probably only go as far as running SSH with password logins disabled [06:34] nick125, I was planning on leaving the host as empty as possible. I would really like to be running something baremetal but I think that xenserver is the only baremetal hyperviser that will support linux guests without hvm. I don't have any previous experiance with that product. [06:34] I know ESXi will support without HVM (I believe), but it's missing a lot of features compared to Xen. [06:38] nick125, yes but ESXi is VERY picky about what hw it runs on. Will ubuntu's current set of tools for KVM host jeos without hvm? [06:38] yeah, true...not to mention the lack of swraid, which is why I ultimately decided against ESXi. [06:39] I'm not too familiar with JeOS. [06:41] It appears that JeOS's vmbuilder supports Xen without issues [07:23] how do I configure postfix's root redirection? [07:24] ^ ignore that please, I should've google [07:24] LiraNuna: Error: "ignore" is not a valid command. [07:24] Is there any point in trying to do SMARTd on a SATA disk? [07:24] They seem to hate one another (smart and sata) === maxb_ is now known as maxb [12:22] New bug: #391540 in mysql-dfsg-5.0 (main) "mysql client at x86_64 cannot find /etc/mysql/my.cnf" [Undecided,New] https://launchpad.net/bugs/391540 [12:41] New bug: #391551 in openssh (main) "package openssh-server 1:5.1p1-5ubuntu1 failed to install: sub process post-installation script returned error code 1" [Undecided,New] https://launchpad.net/bugs/391551 [13:44] Anyone using KVM? [13:46] heath|work: yes [13:46] sommer, I am torn between going xen or kvm. It looks like Ubuntu choose kvm over xen? [13:46] heath|work: yep, kvm is great [13:47] sommer, do you use opennebula ? [13:47] heath|work: I've done some testing with it, and worked on some documentation, but I've never used it in production [13:48] heath|work: mostly because I don't currently have a shared storage solution... if I did I'd probably use opennebula [13:50] We have a NFS ready to go, it looks like KVM encourages nfs use which is attractive. So far I like everything I have seen. Our biggest fear is choosing something that dies out, but if Conical is behind it, it makes for an easier decision. [13:50] heath|work: Not to mention the fact that RHEL is behind it. [13:51] That sounds good as well. I see that Citrix is running with Xen, but there OS support is limited. [13:52] heath|work: ya, I don't think KVM is going to die out anytime soon [13:52] heath|work: but really the hypervisor isn't as important as being able to access the VM image, as long as future virt technology can migrate, read, etc the VM is the important thing [13:53] least in my view ;-) [13:53] It also looks like OpenNebula can control KVM, Xen, and Amazon servers. What I want to know is if it is possible to migrate between the different hosts. [13:53] That would be total freedom and rid any fear of support dieing out for one. [13:53] I wouldn't think so... at least not automatically [13:54] and at this time... maybe in the future [13:55] Thanks for the input... We really didn't want to stray away from Ubuntu and I think we are going to try the KVM route. [13:56] VMware pricing is crazy and I am didn't like having to search for fixes for Ubuntu and xen every 10 minutes [14:00] np, I've been very happy with KVM... well KVM+libvirt and friends [14:01] Ubuntu has documented it very well. I will run through those and get my virts up! [14:06] Hi all I need some help with postfix and dynamic IPs, i get a DNS fwd/rev mismatch... === genii_ is now known as genii [14:17] im trying to set up mail with a dynamic ip using no-ip.com but currently get a DNS mismatch can someone point me in the right direction please? [14:31] oakbox: sounds like a configuration problem? ask no-ip.com? [14:38] oakbox: you're not going to be able to reverse something on no-ip because they don't control the reverse zones [14:38] dynamic dns providers simply do A records [14:38] giovani, thanks for a reply [14:39] Sam-I-Am, Hi no-ip,com gives me MX records [14:39] they can do MX too [14:39] but not PTR [14:39] :( sorry you will have to forgive me, im still new to this :) PTR? [14:40] ptr is the reverse record [14:40] a.b.c.d -> name [14:41] ok, so does that mean that I will never be able to get a mail server with no-ip.com? Im trying to set up a play by email server.... [14:41] well, thats not what i mean [14:41] :) well thats good news [14:41] it sounds like something (perhaps postfix) notices that your A record points to your IP, but that IP doesnt point to the same PTR [14:41] so it gripes [14:42] you just have to tell it to ignore that... or you can try putting your IP and no-ip hostname in /etc/hosts [14:43] ok let me give you some more details, I can connect to postfix through netcat localhost but when i try the same thing with my domain name i get the mismatch. [14:45] where are you connecting from? [14:45] and what host does postfix think its using? [14:46] connecting from the local machine on port 25 so im assuming it thinks its SMTP [14:47] no... [14:48] so you're connecting to localhost:25 and it works, but blah.no-ip.com:25 and it doesnt? [14:48] correct [14:48] what error does it return on the latter? [14:49] DNS fwd/rev mismatch: blah.no-ip.com != 80-47-161-104.come_more_garbage.com [14:50] and thats returned by postfix? [14:50] how can i enable IMAP support in php ? [14:50] thats returned by netcat (the program im using to test if its working) [14:50] oakbox: btw, you might want to use "swaks" to test your mail server... very useful utility over telnet/netcat [14:50] what happens if you telnet to no-ip:25 ? [14:51] i will try 1 sec [14:52] Trying 80.47.xx.xx... [14:52] and then just waits [14:53] it's possible your ISP is blocking the SMTP port [14:54] humm, not thought of that, suppose its possible. let me see if i can dig up anything on their site. I will get back to you in a bit if you dont mind??? [14:55] someone will be here :) [14:56] heh [14:56] most isps block 25 incoming [14:56] and often outgoing to !their smtp servers [14:59] ScottK: Do you happen to know if the "Local only" config option in postfix lets you send mail *out*? [15:00] ScottK: I.e. does the "local only" part only refer to its not listening for outside connections? [15:00] soren: I do not. I've never used it. [15:00] soren: a little, mayber [15:00] depends on the release [15:01] lamont: Jaunty? [15:01] humm looks like port 25 is blocked, damn, so no way i can set myself up a play be email server then... [15:01] should set default_transport=error [15:02] lamont: So not delivery to the outside world? [15:02] oakbox: most ISPs block port 25 outbound these days [15:02] soren: right. [15:02] at least until you tweak the config at all [15:02] lamont: Sure, sure. [15:02] lamont: This used to be different? [15:03] soren: fixed in 2.5.1~rc1-1 [15:03] * postinst: also set relay_transport=error on Local Only systems [15:03] So since Hardy? [15:03] postfix | 2.5.1-2ubuntu1 | hardy | source, amd64, i386 [15:03] yep [15:04] Lovely. thanks. === TeLLuS_ is now known as TeLLuS [15:12] how can i enable IMAP support in php ? [15:12] what kind of imap support? [15:13] theres some libraries for accessing imap, or you can install something like horde/imp to serve as a php-based webmail client [15:14] oakbox: you can use a different port, you just need to have your client use that port instead of the standard one [15:15] sgsax, cool :) but will i need to change something on my MX record for that? [15:15] no [15:16] no, DNS is for Ips only, not ports [15:16] fantastic [15:16] and you probably dont need an MX record either since your no-ip thing just points to a single host [15:16] if you had a domain thats another story [15:16] :) [15:17] 1 story is enough for now [15:18] so I think I have found out how I can use my ISP's smarthost to send mail, (or is there a way for people to recieve mail from another port no (i think not)) [15:19] oakbox: that'll work for sending mail from your box... but not receiving... it'll need to go to your isps mail server. [15:19] at that point theres really no reason to run your own :/ [15:19] I pay for hosting for that [15:20] humm, my budget doesn't know what 'pay for' is hehehe [15:21] $5/mo aint bad [15:21] hosting has become quite cheap [15:22] or is it $8, I forget, it's on autopay for theyear [15:31] I have problems with ufw not allowing outbound traffic (I have tried ufw allow from 127.0.0.1 to any) [15:31] sandstrom: ufw does not support egress filtering via the cli [15:32] (it is planned) [15:32] sandstrom: is this for routing or host-based firewall? [15:32] firewall for webserver [15:33] sandstrom: by default, it will allow all outgoing connections with connection tracking [15:33] ufw, iptables or ubuntu? [15:33] sandstrom: did you change /etc/default/ufw? [15:33] sandstrom: uf [15:33] ufw [15:33] no, but my vps provider may have [15:34] sandstrom: verify /etc/default/ufw has DEFAULT_OUTPUT_POLICY="ACCEPT" [15:34] ok, very embarrassed now.... I didn't have port 25 pointing to my server in my router..... I can receive email from the outsite world at last! I'm 1/3 of the way there [15:34] jdstrand: it has [15:35] oakbox: good find [15:35] sandstrom: if you do 'sudo ufw disable' are you able to connect to what you want to? [15:35] yes [15:36] sandstrom: what are you trying to connect to? [15:36] smtp-servers, the apt-get servers [15:36] so port 25 and 80 [15:36] yes [15:37] this is my iptables (setup using ufw): [15:37] ACCEPT tcp -- localhost anywhere tcp dpt:smtp [15:37] ACCEPT tcp -- localhost anywhere tcp dpt:www [15:37] ACCEPT all -- localhost anywhere [15:37] (Chain ufw-user-input (1 references)) [15:37] (well, it's some of it) [15:38] sandstrom: you don't need allow rules for the localhost by default [15:38] sandstrom: did you modify /etc/ufw/before.rules? [15:38] hi , i've setup my own mirror on a http server and signed the Release file with my own public gpg key [15:39] jdstrand: no, but my vps host may have [15:39] but if I install over the net it can't find my public key... [15:39] sandstrom: diff /usr/share/ufw/before.rules /etc/ufw/before.rules [15:39] sandstrom: if it comes back to the prompt, it wasn't changed [15:39] and to download my key with preseed does not work [15:39] its changed [15:40] sandstrom: those changes may have introduced the issue [15:40] anybody setup a local mirror with preseed? [15:41] jdstrand should I reset things to the defaults? [15:41] sandstrom: that would be by far the easiest thing to do [15:42] I guess I copy from usr/share to /etc/ufw and make a backup. then start/stop the firewall, right? [15:43] sandstrom: yes, that should work fine. make sure that before*.rules and after*.rules go to /etc/ufw and user*.rules go to /var/lib/ufw. that will completely reset your rulesets [15:44] will do, thanks alot for your time and help! [15:44] np, and good luck! [15:49] Didn't work unfortunately. apt-get update still doesn't work. [15:52] while we're talking about email today, can somebody point me in the direction of some good recipes for having postfix bounce spam-tagged messages? [15:52] we had something working with sendmail, but since we switched to postfix, that solution doesn't seem to work [15:54] sgsax: You mean as in bounce back to the sender? [15:54] yes [15:55] sgsax: Please don't do that. Virtually all spam has a forged mail from so you're sending it back to the wrong place. [15:56] Accept then bounce is a bad strategy. [15:56] normally, I would agree, but this is for my RT server [15:57] so if I just discard fals positives, it's possible an actual important request would get dropped [15:57] and we have been getting literally hundreds of spam message daily [15:59] Hello. Where can I find the string to add to my sources.list for the karmic repo server? [16:02] good morning [16:03] hi [16:03] how can i enable IMAP support in php ? [16:03] aptitude install php5-imap [16:06] jmedina-> done, anything i should do to enable it ? [16:06] oruwork: just write code that uses the libs [16:06] is there any reason why I would not receive and email from postfix (relay) to an outside email address, my logs say the status = sent [16:06] does vbox support 64 bit emulation? [16:07] I just downlaoded ubuntu amd64 version but when I load it in vbox it gives an error [16:07] rags45: did you install virtualbox for 64bits? [16:08] hmmm..there are separate vbox for 64bit??..oh..I guess I got the 32 bit then [16:08] jmedina: thx ..I'll get the 64 bit one [16:11] jdstrand: I tried to move in the new files. Doesn't work unfortunately. apt-get still fails [16:11] jmedina-> apt-getin install php5-imap, is that imap2 or imap4 protocol ? [16:12] sgsax: My advice would be to deliver them to a spam box and then have some search for a legit request. [16:12] oruwork: I eally dont know [16:17] sandstrom: it should work with a default install of ufw and simply doing 'ufw enable' [16:17] and running iptables -L will show all firewall rules in effect? [16:18] sandstrom: perhaps some other files changed. perhaps 'dpkg --purge --force-depends ufw ; apt-get install ufw' [16:18] sandstrom: yes [16:19] RT already generates an automatic reply to these addresses [16:22] jdstrand: just did. still don't work [16:22] jdstrand http://pastie.org/523002 [16:22] ERROR: problem running init script [16:22] Did throw a few “shell-init: error retrieving current directory: getcwd: cannot access parent directories: No such file or directory” during installation too. [16:23] that (or the ERROR: problem…) is the cause perhaps? [16:23] sandstrom: what does ufw --version show you? [16:23] jdstrand ufw 0.16.2.4 [16:24] sandstrom: and this is on a non-Ubuntu kernel? [16:24] sorry, I don't know [16:24] sandstrom: uname -a [16:24] Linux k226741 2.6.18-028stab053.17 #1 SMP Mon Jun 9 20:42:43 MSD 2008 x86_64 GNU/Linux [16:25] so that would be a yes [16:26] sandstrom: I have a feeling you are hitting bug #289906 [16:26] Launchpad bug 289906 in ufw "ufw fails when connection tracking is not available" [Medium,Fix released] https://launchpad.net/bugs/289906 [16:27] yes, nf_conntrack is not present [16:27] sandstrom: in /etc/ufw/before.rules, adjust this: [16:27] -A ufw-before-input -m conntrack --ctstate RELATED,ESTABLISHED -j ACCEPT [16:28] to be: [16:28] -A ufw-before-input -m state --state RELATED,ESTABLISHED -j ACCEPT [16:28] then adjust -A ufw-before-input -m conntrack --ctstate INVALID -j DROP [16:28] to be: [16:28] -A ufw-before-input -m state --state INVALID -j DROP [16:29] and finally: [16:29] -A ufw-before-input -m conntrack --ctstate INVALID -j LOG --log-prefix "[UFW BLOCK INVALID]: " [16:29] to be: [16:29] -A ufw-before-input -m state --state INVALID -j LOG --log-prefix "[UFW BLOCK INVALID]: " [16:31] error running init script still shows, after that edit running stop/start [16:32] but I think that regarding this error running init script we have already checked through something on my system, you told me a bunch of commands that I ran, which helped you to file a bug. This was probably 3-4 months ago. [16:32] So if that is what causes the outbound connections to fail it's the same problem. [16:32] sandstrom: what is the bug #? [16:32] don't remember [16:33] if you have irc history, search yours and my name back in time [16:33] I thought that the outbound connections not working may be something else, which it still may be. [16:34] sandstrom: can you paste the output of '/etc/init.d/ufw stop' and '/etc/init.d/ufw start'? [16:35] jdstrand: shell-init: error retrieving current directory: getcwd: cannot access parent directories: No such file or directory [16:35] * Stopping firewall: ufw... [16:35] ...done. [16:35] sandstrom: feel free to 'cd /' [16:37] jdstrand http://pastie.org/523002 [16:38] sandstrom: can you also paste /etc/ufw/before.rules and /etc/ufw/after.rules? [16:39] sandstrom: incidentally, this is all due to running on a non-Ubuntu kernel. later versions of ufw handle this situation better [16:40] jdstrand http://pastie.org/523002 [16:44] sandstrom: adjust /etc/default/ufw to have: [16:44] IPT_SYSCTL= [16:45] IPT_MODULES= [16:45] sandstrom: then paste the output of '/etc/init.d/ufw stop ; /etc/init.d/ufw start' [16:48] jdstrand: http://pastie.org/523002 [16:48] sry, wrong [16:49] hi all, why am I getting Relay access denied when trying to send an email from postfix? [16:49] jdstrand this is it: http://pastie.org/523002 [16:51] sandstrom: I found our irc conversation [16:51] (from the past) [16:51] you dropped out and I never heard back [17:09] sandstrom: just recapping for irc logs-- your kernel doesn't support 'state' either [17:10] sandstrom: so you are reduced to stateless packet filtering. You'll need to adjust before.rules and after.rules accordingly or just write your own iptables script [17:10] I'd talk to your vps because stateless filtering is not nearly as useful (or secure) as stateful [17:14] hey guys. [17:20] So i attempted two Ubuntu-server installs last night on a poweredge 2450 [17:21] I got a relay access denied when trying to email out from postfix, can anyone help? [17:23] oakbox: Possibly. If you can provide the output of postconf -n and a log snipped for /var/log/mail.log showing when you attempted to send in a pastebin, I can probably help. [17:23] lovely thanks i will get on it :) [17:31] ScottK, postconf -n --> http://paste.ubuntu.com/202988/ & log ---> http://paste.ubuntu.com/202990/ [17:31] * ScottK looks [17:32] hi, i'm trying to connect with virt-manager to a remote xen domain with xen+ssh. I always get a libvirt error: 'server closed connection' and even if i try from the command line i get 'failed to connect to the hypervisor'. Any hints? [17:32] i have no problems when connecting to kvm servers. [17:36] damn. ADD. So i attempted this install three times, actually. Once with manually partitioning the drive in Ubuntu's Setup. Seccond time with the guided partitioning, and thirdly I booted to gParted to partition it, and used the pre-existing partition layout to install upon [17:36] all three times, it comes up to a busybox shell [17:37] ScottK, typo at end of line 12 of postfix config should be mydomain.org not myftp.org [17:37] Just wondering if someone can help me understand what this shell is, and why I may be continually coming into it [17:38] MrPockets: does this machine have virtual devices? as in... ones connected to a management device like an ILO or DRAC? [17:39] MrPockets: the shell is what comes up when the kernel can't find your root partition... its an initrd thing. [17:39] oakbox: You either need to add your IP address (range) to mynetworks if it's a IP address you control or connect with smtp auth. [17:39] Did you set up smtp auth? [17:40] Sam, it doesn't. It does, however have two SCSI drives connected with a SCSI controller [17:41] MrPockets: so you see it boot the kernel, then it says can't find root partition? or some other error before dropping you to the shell? [17:41] ScottK, yes i have [17:41] Sam-I-Am, yes. IIRC. [17:42] does it give an error or is that it? [17:42] ScottK, I can log in with user and passwd fine (using swaks -a) [17:42] mmm swaks [17:42] oakbox: OK. If postfix was trying to use smtp auth there would be evidence in the log. [17:42] thats it [17:42] grrrr [17:42] 27mb/s through I/O [17:42] Sam-I-Am, thanks for the tip on that app [17:43] what a bologne [17:43] MrPockets: how big are the drives? and how are you partitioning them? [17:43] oakbox: How about pastebin the relevant smtpd entry from master.cf in a pastebin? [17:43] what would cause a scsi drive to read at 28mbs [17:43] Sam-I-Am, 9.8 gig a piece [17:43] ScottK, 1 sec [17:43]