[00:42] <DormantOden> hey again, anyone know hoe I can give rtorrent permission to create directories?
=== edson is now known as Orochimaru
=== Orochimaru is now known as edson
[01:11] <DormantOden> is it possible to give programs a group to run under?
[01:17] <ghostlines> interesting questions
[01:21] <DormantOden> i think apache2 uses www-data
[01:21] <DormantOden> but i need to give rtorrent somthing...
[01:21] <oh_noes1> hi, is this possible? => http://ubuntuforums.org/showthread.php?p=7567278#post7567278
[02:13] <storrgie> yallo, question about virtualization
[02:13] <storrgie> I am familiar with vmware workstation, I was going to put vmware server on my headless server.... mainly because of the web interface
[02:14] <storrgie> vmware server seems to be shit though, there is a ton of issues with linux... most notably bridged networking
[02:14] <storrgie> anyone using vmware server in jaunty server? or would you suggest anything else?
[02:24] <qman__> n0gearII, sudo apt-get update && sudo apt-get upgrade
[02:44] <mattt> storrgie: i've used it, found it to be much easier to use than xen :)
[02:44] <storrgie> I want to get bridged networking working
[02:44] <storrgie> http://serverfault.com/questions/26156/why-doesnt-bridged-networking-work-on-vmware-server-2-0-w-ubuntu-9-04
[02:48] <mattt> storrgie: only used it on RHEL, sorry :(
[04:30] <bsmith_> Hi I am attempting to setup a basic webserver using a Linux WRT54G router, ubuntu 9.04 32-bit server edition, and the howtoforge.com/perfect-server-ubuntu-9.04-ipconfig-3.  I just got started and can't set up the openssh.  Can someone help?
[04:38] <twb> stgraber: re "anything else", the recommended virtualization system for Ubuntu is KVM.
[04:38] <twb> Sorry, bad completion (storrgie left).
[04:40] <bsmith_> anyone care to help?
[04:51] <PhotoJim> bsmith_: it should just work, but if you expect to telnet to your Ubuntu box from remote, you'll either need to give it its own public IP (best), or port forward ports from your router.  port 22 is the ssh port.
[04:53] <PhotoJim> bsmith_: oops, not telnet, of course.  ssh.
[04:58] <bsmith_> PhotoJim: I think my issue is with the static IP.  My ISP doesn't allow for static Ip, how do I get around this?
[04:58] <bsmith_> p.s. sorry for the late response
[05:01] <PhotoJim> bsmith_: ahh, that's a tough one.  there are services that can work around it (see dyndns.org) but the best solution is to pay the extra fee for a static IP.  I can't help you with dyndns.org because my ISP gives me two static IPs automatically so I was good to go from the beginning.
[05:01] <PhotoJim> bsmith_: the workarounds will still break from time to time, whenever your IP changes, until the change perpetuates in the DNS system.
[05:07] <bsmith_> So I don't need to setup the static IP.  I actually wanted to use dyndns.org, untill I can purchase a static IP. (in college now).  Will i run into any issues in the howto if I don't set up the static IP?
[05:07] <PhotoJim> yes, that will buy you some time.
[05:07] <PhotoJim> you shouldn't have any problems, except that it will occasionally break and you won't be able to access it from remote.
[05:08] <PhotoJim> it should automatically fix itself.  I'm not sure how long dyndns needs to fix itself after an IP change.
[05:08] <PhotoJim> I'm guessing it's in the order of minutes to an hour or two at most, but I'm guessing.
[05:08] <bsmith_> as far as I know, you can set it to update every 5 mins minimum.
[05:10] <bsmith_> which is fine by me.  But can I use this server as both a web server and a media server. (bsmith.dyndns.org/web.html, and bsmith.dyndns.org/media.html?
[05:10] <PhotoJim> well, try it.
[05:10] <bsmith_> I haven't set it up yet.  I also assume I need apache
[05:10] <PhotoJim> and I don't know, but I don't see why not.  it's pointing stuff to your IP.  your machine determines what services are running.
[05:11] <PhotoJim> yes, or lighttpd which is a great web server for smaller machines.  wikipedia uses it.
[05:11] <bsmith_> thanks for you help, I will attempt to set this up.
[05:12] <PhotoJim> I use apache, but only because I didn't know about lighttpd.  I probably would use lighttpd today if I were to do a new installation.
[05:12] <PhotoJim> no problem.  good luck.
[05:31] <uvirtbot`> New bug: #395970 in drbd8 (universe) "Please merge drbd8 8.3.2~rc2-1(main) from debian unstable(main)" [Undecided,New] https://launchpad.net/bugs/395970
[05:36] <twb> When was/is the EOL date for Ubuntu Server 6.06 LTS?
[05:38] <ajmitch> I'd assume it'd be around the start of june 2011
[05:39] <ajmitch> though I don't recall seeing a definite date
[05:42] <twb> !eol
[05:42] <ubottu> End-Of-Life is the time when security updates for an Ubuntu release stop. See https://wiki.ubuntu.com/Releases
[05:43] <ajmitch> 6.06 was announced on 1 june 2006, so it ought to be 5 years from that date
[05:46] <domas> 5 years it will be
[05:47] <twb> What was the firewalling solution in 6.06 (i.e. prior to ufw)?
[05:48] <ajmitch> as far as I know, it was just iptables, no frontends involved
[06:05] <twb> ajmitch: was there any code to load tables on boot or if-up?
[06:05] <twb> I remember that the Debian iptables packages have no such thing
[06:08] <ajmitch> not beyond the standard iptables-save/load commands
[06:08] <ajmitch> iirc it was pretty much just like debian
[06:08] <twb> Debian's one doesn't even do that :-/
[06:09] <twb> Anyway, that's pretty much what I thought, thanks.
[06:21] <VK7HSE> just wondering if there is a howto for purging the Amais-New virus directory? as over time this gets quite full of spam/bad headers/virus mail ???
=== mcasadevall is now known as NCommander
=== domas_ is now known as domas
=== _ruben_ is now known as _ruben
[08:18] <MTecknology> I'm trying to do /usr/sbin/logwatch --detail 10 --range '-1 week' --mailto michael@domain.com but the report returned says "Period is day."
[08:18] <MTecknology> Is that what's supposed to happen?
[08:18] <twb> Any reason you're using logwatch instead of logcheck?
[08:19] <MTecknology> logcheck is what I knew
[08:19] <twb> I'm Not A Fan(TM) of logwatch's whitelist-oriented reporting.
[08:19] <twb> If there's a daemon that logcheck doesn't know about, I want it to tell me instead of silently ignoring those log entrie.
[08:19] <twb> ...which is what logwatch does.
[08:22] <MTecknology> so.. logcheck -m michael@domain.com -Rsu
[08:22] <MTecknology> how close is that to what you use
[08:22] <MTecknology> ?
[08:23] <MTecknology> even though what I typed is wrong
[08:25] <twb> Actually I just let logcheck run automatically as part of its cron job.
[08:25] <MTecknology> twb: you don't set it in a crontab?
[08:26] <twb> MTecknology: correct.
[08:29] <MTecknology> twb: so if I set the email addy for it the cron is already set up and it'll work?
[08:30] <MTecknology> ok
[08:32] <MTecknology> twb: thanks
[08:35] <MTecknology> twb: massive email report, no nice summary :P
[08:35] <MTecknology> but very detailed
[08:35] <twb> MTecknology: yes, then you add whitelist for the entries you don't care about
[08:36] <MTecknology> nice
[08:49] <MTecknology> twb: did you know linux is dead because microsoft says it is? This is funny - http://satirewire.com/news/0101/linux_quit.shtml
[08:49] <simplexio> im trying to install latest vanilla kernel to ubuntu-server which boot away from being 9.04 .. i made .deb and noe trying to install it with dpkg i get error and i dosent install it
[08:49] <twb> MTecknology: I'm not interested in Microsoft./
[08:50] <MTecknology> twb: I just thought the thing was a funny read, it's not based on any facts.
[08:50] <twb> simplexio: why do you need a non-standard (i.e. non-Ubuntu) kernel?
[08:50] <simplexio> i dont need it. i just have used to upgrade latest vanilla on every reboot
[08:52] <simplexio> i mean this used to be trivial stuff. make menuconfig ;
[08:52] <simplexio> sudo make-kpkg --initrd --append-to-version=-custom kernel_image kernel_headers
[08:52] <simplexio> and the dpkg -i .deb
[08:53] <simplexio> this cant be this hard
[08:55] <simplexio> this one of those thing that used to work allways on my 32bit desktop, now this 64bit server allways complains shit
[08:57] <MTecknology> simplexio: What is your reason for using Ubuntu and not an Ubuntu kernel?
[08:58] <simplexio> well last one did fail with swapper now and then
[08:58] <simplexio> besides .27 is like what year old ?
[08:59] <MTecknology> Why didn't you report a bug instead?
[09:01] <simplexio> and point was also, that make-kpkg used to be idiot sure way to compile and add kernel to grub (and maybe in future remove it using dpkg) why it isnt working now
[09:02] <MTecknology> I'm using 2.6.28-13 right now. If you want the latest kernel, you should be using the latest Ubuntu.
[09:02] <MTecknology> Just my opinion on it
[09:03] <simplexio> this did offer me 27.11 after dist-upgrade,, need to check it again
[09:07] <_ruben> or take a look at the mainline kernel builds as provided by the kernel team
[09:08] <simplexio> you still miss the point. what im missing now here, am i doing something wrong or is there some bug in úbuntu, i create custom kernel using : sudo make-kpkg --initrd --append-to-version=-custom kernel_image kernel_headers && dpkg -i *.deb
[09:09] <simplexio> i can go easy way and learn nothing. or figure out whats wrong and fix it and learn somethign
[09:09] <simplexio> because that way has been working and i dont see any reason why it shouldnt work anymore
[09:10] <MTecknology> simplexio: I think the point we're getting to here is that a customized kernel isn't supported in here. You might want to try ##linux instead.
[09:10] <MTecknology> twb: does that sum it up?
[09:12] <simplexio> MTecknology: so ubuntu dosent support make-kpkg ?
[09:12] <twb> MTecknology: yes, but I also asked because usually YAGNI applies
[09:12] <simplexio> i dont have problems with custom kernel or compiling it, i have problemswtih make-kpkg and dpkg which dosent want install .deb package
[09:13] <twb> Since simplexio already knows about make-kpkg, I assume he more or less knows what he's doing
[09:13] <twb> simplexio: in what way does dpkg -i complain?
[09:13] <simplexio> and far as i know those are part of ubuntu
[09:14] <_ruben> simplexio: https://wiki.ubuntu.com/KernelTeam/KnowledgeBase
[09:16] <MTecknology> looks like 2.6.31 might be in karmic :)
[09:17] <MTecknology> Is it possible to use a new kernel without rebooting? Or rebooting in a lot less time?
[09:18] <MTecknology> I know the obvious answer, I just want to be able to deploy a new kernel without the time. I heard something about doing this a while ago.
[09:19] <simplexio> http://pastebin.com/md0e2d1a , error have been same alltime
[09:20] <simplexio> actually it seems that custom build dosent make /lib/firmware/(uname -r)/ it just tries to dump all firmware to /lib/firmware/
[09:22] <twb> MTecknology: AFAIK, no
[09:26] <_ruben> ksplice .. www.ksplice.com .. quote: "Ksplice: Rebootless software updates"
[09:27] <twb> Anything with a ™ in its name makes me very suspicious
[09:29] <twb> "Unlike previous hot update systems, Ksplice operates at the object code layer, which allows Ksplice to transform many traditional source code patches into hot updates with little or no programmer involvement. In the common case that a patch does not change the semantics of persistent data structures, Ksplice can create a hot update without a programmer writing any new code."
[09:29] <twb> Sounds like they're basically swapping in new .ko files and telling the kernel to reread them.
[09:30] <twb> And obviously it only allows you to handle a subset (80%, by ksplice's reckoning) of security updates -- you wouldn't be able to drop a whole new kernel in there without rebooting
[11:06] <pirx> hi! if i want to install a 8.04 with some added software via the network to a bunch of servers, what method is easiest/best? one of these https://help.ubuntu.com/community/Installation#Server%20and%20network%20installations ? like Localboot or NetBoot?
[13:04] <simplexio> that was intresting 8.10 custom kernel install didnt work, after i did upgrade to 9.10 right way ( this time i changed source.lst for apt) it works just like it has been working
[13:09] <_ruben> livin' on the edge eh :)
[13:39] <proti> morning
[13:39] <RoyK> hm... I have some problems with a box here, running 2.6.28.13 (ubuntu 9.04). The system's processes are using a total amount of 2,5GB of memory as reported by ps axv, but free reports 3,8GB memory and 2,5GB swap used. Where did all that go?
[13:39] <RoyK> proti: afternoon
[14:09] <proti> RoyK: Think about disk cache and shared memory
[14:09] <proti> See the cached and shared items of top.
[14:13] <proti> I need some help with kerberos migration.
[14:14] <proti> I want to move kerberos files to an LDAP tree.
[14:15] <proti> I did find some relevant hint on google.
[14:15] <proti> But only when creating Realms, not moving realms from file db backend to LDAP tree.
[14:21] <j0nr> hi all, just set a mail server (8.04) I have it set up with maildir. In my home directory I have maildir and within this there are subdirectories for different accounts. I use mutt to view mail that comes into 'maildir' and then move them into the coressponding sub directories.
[14:22] <j0nr> What i am wondering is if these subdirectories can be accessed thru imap.
[14:22] <j0nr> the mail server is imap, but I only get to see that top level (i.e. in squirrelmail)
[14:22] <j0nr> how can I see the subdirectories in imap client?
[14:23] <proti> You have to tell the imap server that you are using the Maildir format.
[14:24] <proti> j0nr: What kind of imap server ?
[14:29] <j0nr> proti: dovecot
[14:29] <j0nr> if thats the right answer :)
[14:30] <j0nr> I installed dovecot and postfix
[14:30] <j0nr> imap and imaps protocols
[14:30] <j0nr> using maildir format
=== genii_ is now known as genii
[14:38] <j0nr> ah...all I had to do was rename my sub-directories to '.subname' i.e. add the dot in front of it.
[14:58] <RoyK> proti: aware of that - it was anonymous memory pages - almost nothing left for caching
[14:58] <RoyK> 50kB or so
[15:00] <sandstrom> jdstrand: You were kind and helped me with some ufw troubles a few days ago. Your conclusion was that the state module wasn't present. Would you mind another question or two on this issue? My VPS-provider are claiming that the state module is present, and that my rules are wrong. Even though I have reinstalled everything twice and checked things quite a lot.
[15:07] <proti> RoyK: Could you paste the top header ?
[15:09] <jdstrand> sandstrom: simply show the VPS-provider the rules that are failing (substitute 'ufw-before-input' for INPUT). show them both the ctstate and state rules you tried
[15:33] <sandstrom> jdstrand: would this work if the state module was installed (eg. should this be proof enough)?
[15:33] <sandstrom> http://pastie.org/535670
[15:34] <jdstrand> sandstrom: yes-- I just confirmed here on a hardy kernel
[15:34] <sandstrom> thanks
[15:35] <jdstrand> sandstrom: incidentally, to clean those out, use 'iptables -F foo;iptables -X foo'
[15:35] <jdstrand> (that remove the foo chain)
[15:35] <sandstrom> thanks
[16:43] <AnRkey> does any1 know off hand if there is a problem with the mail-server virtual package on jaunty server? I'm about to go and try to reproduce the package install error on a VM but if it's already reported then what's the point.
[16:44] <AnRkey> i'm installing the mail server from the net-install pxe image
=== ogra_ is now known as ogra
[17:50] <heath|work> how can I kill all ssh sessions?
[17:51] <ivoks> kill ssh on that tty
[17:54] <heath|work> have you ever had a problem connecting to virsh ? I can't control any machines... it just hangs on connecting to quem:///system
[17:55] <heath|work> Do you know if I can restart libvirt without it kill all the machines?
=== RoAk is now known as RoAkSoAx
[19:31] <Travis-42> what is a good tool for quickly allowing one to browse log files and, possibly, sending email alerts about certain log messages?
=== RoAk is now known as RoAkSoAx
[19:41] <storrgie> anyone here using vmware server?
[20:38] <KillMeNow> hello folks...  anyone know why libapache2-mod-security got yanked from the repos?
[20:41] <jdstrand> KillMeNow: https://wiki.ubuntu.com/SecurityTeam/FAQ#Packages
[20:42] <jdstrand> heath|work: you should be able to with libvirt 0.6.0 and later
[20:42] <heath|work> thanks... I got it jdstrand
[20:42] <oioiii> Hello, Im using php5.2.9 with mysql-server5.1.34 from dotdeb.org on ubuntu8.04lts, all seems fine but php is reporting mysql version as 5.0.18 rather than 5.1.34. Is this a concern? How can I change this?
[20:47] <KillMeNow> have you restarted your apache2 server yet oioiii?
[20:47] <KillMeNow> not sure if that will do it
[20:53] <oioiii> no, it wont, just asked the same question over at #mysql and they said I should be fine...
[21:51] <KillMeNow> ok Jdstrand...  they took it out of the 8.04 version and it's back in version 9, how can i upgrade my system to version 9 w/o reformatting?
[21:52] <KillMeNow> i've done the dist-upgrade
[21:52] <KillMeNow> should i just repoint apt to the newer repos?
[22:11] <Hans_the_german> how good is ubuntu server compared to centos?
[22:12] <KillMeNow> each distro has pluses and minuses
[22:13] <KillMeNow> i used to use Centos exclusively and went to Ubuntu...
[22:13] <Hans_the_german> if a may ask how many users?
[22:14] <Hans_the_german> i am to setup server with function as a mail gateway, firewall, webproxy and ipsec server with freeswan
[22:15] <KillMeNow> so you're looking to make something in to a firewall?
[22:15] <Hans_the_german> aswell yes
[22:15] <KillMeNow> check out smoothwall.org
[22:15] <Hans_the_german> nah
[22:15] <Hans_the_german> to limited
[22:15] <KillMeNow> can do everything you just listed
[22:15] <KillMeNow> heh ok?
[22:16] <Hans_the_german> not powerfull enough
[22:16] <Hans_the_german> i can only do what is provided by smoothwall, i cant change and add functions
[22:17] <Hans_the_german> features like dkim,greylisting etc
[22:17] <KillMeNow> ok
[22:17] <Hans_the_german> dont like firewall policy its to limited
[22:17] <Hans_the_german> no for large site
[22:17] <KillMeNow> well, i run my stuff from ubuntu, like greylisting etc
[22:17] <Hans_the_german> maybe a small network
[22:18] <KillMeNow> in the end i think it's preference
[22:18] <KillMeNow> i like the aptitude manager better than yum
[22:19] <KillMeNow> plus i can tell you from experience, that centos won't run my IPtables tarpit
[22:19] <KillMeNow> well not a tarpit per se, but the auto deny after X attempted connections for them script kiddies
[22:19] <Hans_the_german> debian seems to be more secure and stable from what i hear and people are affaired of using ubuntu directly on the net...it seems
[22:19] <KillMeNow> ubuntu is from the debian
[22:20] <Hans_the_german> yes i know
[22:20] <KillMeNow> er derived from
[22:20] <KillMeNow> and as long as you follow standard security rules, you should be ok
[22:20] <KillMeNow> i've had Ubuntu on the "net" for years w/ few problems
[22:20] <KillMeNow> biggest issue i've had is getting apparmor to work
[22:21] <Hans_the_german> ok and what about stability and performance?
[22:22] <KillMeNow> i've run Ubuntu on my HP 2000LPR server w/ Megaraid for 2 years w/o any issues...  even had it attached to a 12 disk scsi raid shelf w/o any issues
[22:23] <KillMeNow> I migrated from 6.06lts to 8.04 a while back w/o any issues...  it's running on a Dell 1750 dual Xeon
[22:23] <KillMeNow> it's now been up for 34 days since my last reboot
[22:24] <KillMeNow> course, i don't do any really heavy website action
[22:24] <Hans_the_german> mmm...
[22:24] <KillMeNow> however, i do some contract work for a couple business that run asterisk on Centos
[22:24] <Vog> I haven't had any problems more with ubuntu on the net than other distros. Just make sure you do you updates and know what is running on your server.
[22:24] <KillMeNow> and those are heavily hammered on a regular basis
[22:25] <KillMeNow> yeppers...
[22:25] <Hans_the_german> well i a bit scared of ubuntu in a high volume enviroment...
[22:25] <KillMeNow> i'm trying to figure out how to get the apache-mod-security for 8.04
[22:25] <Vog> A few of my boxen at other sites are HAMMERD with traffic during business hours
[22:25] <KillMeNow> LOL...  i don't want to reinstall Ubuntu 9 over the top of it
[22:32] <ScottK> Hans_the_german: What makes you think Debian is more secure than Ubuntu?  Ubuntu is more aggressive about using compile time hardening options than Debian.
[22:35] <Hans_the_german> http://it.slashdot.org/article.pl?sid=07/08/15/1341224
[22:36] <Hans_the_german> i dont like this,,,
[22:37] <KillMeNow> ok, maybe we should google all the different flavors of Linux and see which ones have been hacked
[22:38] <KillMeNow> when you read the article, it says that some ppl were not using smart security practices
[22:40] <ScottK> Hans_the_german: I was around when that came to light and it's really attributable to poor administration practices.  There's no distro so secure you can't shoot yourself in the foot.
[22:41] <KillMeNow> so very true ScottK
[23:16] <Vog> I know of an administrator who I could hand over a bastill elinux install and he could make it hackable after a month on incompetance
[23:18] <Vog> I quote " why can't we have 6 character passwords without numbers? You make us more unsecure by making me write these complicated passwords down on postits "
[23:18] <Vog> He dosen't work for me anymore.....
[23:18] <Vog> doesn't ^^
[23:19]  * jmedina writes hashed paswords on posticks
[23:41] <zende> I'm having trouble with apt-get on clean installations of hardy and jaunty using vmbuilder
[23:41] <zende> anyone here who could help?
[23:44] <KillMeNow> sorry, none from me
[23:45] <KillMeNow> haven't played with vmbuilder yet
[23:51] <zende> KillMeNow: thanks for the response
[23:51] <zende> anyone else?  I'm getting 'E: Method http has died unexpectedly!'