Byron | Hello all | 00:02 |
---|---|---|
Byron | I'm trying to install Ubuntu Server 2.9 and it keeps failing at the installation of the downloaded apps. | 00:02 |
Byron | "An installation step failed. You can try to run the failing item again from the menu, or skip it and choose something else. The failing step is: Select and install software" | 00:02 |
Byron | md5 is good. The integrity is good. Can't install packages | 00:04 |
diffra | 2.9? | 00:04 |
diffra | Also, check the other terminals to look for errors. alt+f2, f3, etc. | 00:05 |
Byron | Sorry, 9.04 | 00:06 |
Byron | No clue where I got that from | 00:06 |
Byron | diffra: I get a lot of 'package doesn't exist' | 00:07 |
diffra | Hmm... and the included integrity check tool came out clean? | 00:09 |
Byron | diffra: It appears to be the same 3 packages; libnewt0.52 ext2-modules and efi-modules | 00:09 |
Byron | diffra: Yes. | 00:10 |
Byron | After those 3 failed packages, there is this: "Falling back to the package description for console-setup-udeb" | 00:11 |
uvirtbot | New bug: #397644 in nagios3 (main) "Problem in post-install script" [Undecided,New] https://launchpad.net/bugs/397644 | 00:26 |
quentusrex | I need help, the new ldap-utils won't look at the config file /etc/ldap/ldap.conf | 00:38 |
quentusrex | I can specify the host manually and it connects | 00:39 |
quentusrex | but if I just have the host in the config file, I get an error. | 00:39 |
KillMeNow | what error do you get? | 00:40 |
quentusrex | ldap_sasl_bind(SIMPLE): Can't contact LDAP server (-1) | 00:40 |
quentusrex | it's not even trying to connect to the server... | 00:41 |
KillMeNow | is it localhost or on another machine? | 00:41 |
quentusrex | different machine | 00:41 |
KillMeNow | and when you specifiy the address of the different machine manually it works? | 00:42 |
Byron | Something is off. I restarted the install as there didn't appear to be internet access to the server (which is very odd). During the Install Base System, I get this now: Warning: Failure while configuring base packages. This will be attempted 5 times. | 00:42 |
quentusrex | KillMeNow: yes, when I specify the URI with the -H flag it works | 00:42 |
quentusrex | but when I leave it off and assume it will use the /etc/ldap/ldap.conf file it fails. | 00:42 |
KillMeNow | then we know that the port is open on the other end, have you tried to strace it? | 00:42 |
quentusrex | KillMeNow: yes, and it all works, | 00:43 |
KillMeNow | i'm not totally solid on LDAP so i'm kinda winging it... | 00:43 |
quentusrex | I've tracked the problem down to the fact that it isn't trying to open the config files. | 00:43 |
KillMeNow | so when you don't set it using -H and you restart the daemon while strace is running you don't see it crap? | 00:43 |
KillMeNow | ok permissions | 00:43 |
quentusrex | I'm running it as root | 00:43 |
KillMeNow | have you verified that the user account that is running the LDAP daemon has access? | 00:43 |
quentusrex | so there are no issues with permissions. | 00:44 |
KillMeNow | had to ask | 00:44 |
quentusrex | I'm running the client as root :) | 00:44 |
quentusrex | ldapsearch -x -d8 -v | 00:44 |
quentusrex | ldap_initialize( <DEFAULT> ) | 00:44 |
quentusrex | ldap_sasl_bind(SIMPLE): Can't contact LDAP server (-1) | 00:44 |
quentusrex | that's what I get... | 00:44 |
KillMeNow | did you configure the client side with like info? | 00:45 |
KillMeNow | in your ldap.conf file, do you have this line? TLS_REQCERT allow ? | 00:46 |
quentusrex | nope | 00:47 |
KillMeNow | try adding it... it might be the TLS certificate... self-signed cert i'm guessing | 00:48 |
quentusrex | there are no certs involved. | 00:49 |
quentusrex | it's wide open openldap server. | 00:49 |
KillMeNow | ldap_sasl_bind says to me that it's looking for TLS | 00:50 |
quentusrex | but the second half says it can't even find the server | 00:50 |
KillMeNow | yes, it's trying to bring up TLS | 00:50 |
KillMeNow | and it says it can't CONNECT to the other LDAP server | 00:51 |
KillMeNow | which would be true if it's expecting a TLS cert | 00:51 |
KillMeNow | https://help.ubuntu.com/8.10/serverguide/C/openldap-server.html | 00:52 |
KillMeNow | That's a tutorial on setting up OpenLDAP on Ubutnu | 00:52 |
KillMeNow | http://ubuntuforums.org/showthread.php?t=1197443 | 00:52 |
quentusrex | I followed that... | 00:53 |
quentusrex | now I'm here. :( | 00:53 |
KillMeNow | that i a current forum for issues that you're experiencing | 00:53 |
KillMeNow | so you followed the TLS and SSL portion near the bottom? | 00:54 |
quentusrex | I'm going to reboot... | 00:55 |
=== KillMeNow is now known as KillMeNow[A] | ||
* KillMeNow[A] is now away - Reason : AFK for a few | 00:58 | |
ruben23 | hi | 00:58 |
ruben23 | can installed ubuntu-server, hanged up and freeze on formating process | 00:59 |
ruben23 | i tried 2 sata HDD for isolation-same thing happens----->also during the hanged/freezing formatting--->keyboard blinks.. | 01:00 |
ruben23 | several time i test it same thing... | 01:00 |
ruben23 | the object not been isolated is the memory.. | 01:00 |
ruben23 | cant installed ubuntu-server, hanged up and freeze on formating process | 01:02 |
=== KillMeNow[A] is now known as KillMeNow | ||
* KillMeNow is no longer away : Gone for 7 minutes 21 seconds | 01:05 | |
KillMeNow | ruben23, did you check to make sure your sata controller is compatible? | 01:06 |
KillMeNow | not the sata HDD, but the controller | 01:06 |
ruben23 | KillMeNow:how would i do that..how do i check..?--->actually i already used this hardware with centos.. | 01:11 |
ruben23 | and also i have same specs with this on production using ubuntu server--->its running smooth. | 01:11 |
KillMeNow | https://help.ubuntu.com/community/Hardware | 01:15 |
KillMeNow | check that i suppose | 01:15 |
KillMeNow | another thing you could try is to Download the Ubuntu/Kubutnu LiveCD and try to boot up to that and see if the drives show up | 01:16 |
ruben23 | ok | 01:18 |
KillMeNow | if you boot to the Live CD and you can see all your hardware, then it should be compatible... make sure you use the same versions | 01:19 |
ruben23 | ok | 01:21 |
ruben23 | i check its not on the ubuntu site----ubuntu liveCD.. | 01:21 |
KillMeNow | https://help.ubuntu.com/community/GettingUbuntu | 01:31 |
KillMeNow | it's there Ruben23 | 01:31 |
KillMeNow | that link has the instructions on how to Download the Live Desktop CD | 01:31 |
ruben23 | ok doing it now | 01:35 |
ruben23 | thnaks' | 01:35 |
ruben23 | KillMeNow:by for now need to sleep | 01:37 |
KillMeNow | sleep well | 01:37 |
KillMeNow | how did the reboot go Quentusrex? | 01:45 |
quentusrex | not well | 01:49 |
quentusrex | can't get ldap working at all how I want it to... | 01:49 |
KillMeNow | yea i dunno partner... is this for replication or just standard client auth type stuff? | 01:53 |
quentusrex | standard client auth | 01:56 |
quentusrex | I'm just trying to get a workstation to auth to ldap | 01:56 |
quentusrex | and then mount the nfs drive | 01:56 |
KillMeNow | you might temporarilly try removing the ldap_sasl_bind from both the client and the server ldap.conf | 01:57 |
KillMeNow | other than that, *shrug* wish i could be more help | 01:58 |
metalfan_ | hi | 02:22 |
metalfan_ | what tool do you use to manage services started at boot? | 02:22 |
PC_Nerd101 | Hi, whats the best method for adding an NTFS partition at the end of my hard drive without using gparted (gui) ? | 02:24 |
KillMeNow | is there already unpartitioned space at the end of your drive? | 02:25 |
PC_Nerd101 | no, from memory when I installed ubutntu (8.04), I used the entire disc and set it to ext3 ( so not of course samba shares cant be accessed with windows)... so I need part of it to be ntfs | 02:26 |
KillMeNow | yea, no idea TBH... have you tried google? | 02:27 |
PC_Nerd101 | yeah - everything seems to link to gparted. | 02:28 |
KillMeNow | yea, dunno what to tell ya... looks like gparted live cd is your option | 02:31 |
PC_Nerd101 | slight catch.... no cd drive on server | 02:31 |
KillMeNow | you can install a driver to windows to read ext2/3 formatted drives tho | 02:31 |
PC_Nerd101 | ( from memory.. i managed to get something setup to boot from usb, but it then had to download form the net, it wouldnt let me install from usb)..... so I'm stuch... | 02:32 |
PC_Nerd101 | *Stuck | 02:32 |
PC_Nerd101 | and I prefer not to have to pay around with filesystem drivers on my machine(s).. there are 3, soon to be 4 windows machines that will share to it - and its easier to have ntfs on linux ( hey.. linux is the only real os) as oposed to maintaining 4 anoyingly configured windows machines ;) | 02:32 |
KillMeNow | well, all i can say is download the gparted live cd, run it on your system and see if you can't convert some of the space | 02:34 |
KillMeNow | either that or stuff another drive in to the box | 02:34 |
KillMeNow | format that drive to NTFS and mount it | 02:34 |
PC_Nerd101 | $$$ :P | 02:34 |
KillMeNow | LOL | 02:34 |
PC_Nerd101 | I might look at booting into ubuntu on my current machien later on, and seeing if ... if I can mount the remote ext3 partition, if gpartition will allow me to partition it across the network... expect there will be network permission issues with it though. | 02:35 |
KillMeNow | i would expect that to not work PC | 02:36 |
PC_Nerd101 | yeah - so I'm looking at having to somehow unmount the only current partition, in order to actually partition it..... | 02:50 |
PC_Nerd101 | perhaps a network boot or something to mount it..... I'll check back in if I've any more questions :) - thanks :) | 02:50 |
KillMeNow | yep | 02:50 |
quentusrex | Can I get some help with ldap client auth? | 04:09 |
quentusrex | I am trying to setup my workstation to be able to login with my ldap credentials. | 04:09 |
quentusrex | I have gotten to the point of being able to see all ldap users with the command 'getent passwd' | 04:10 |
quentusrex | but I can't seem to login with it | 04:10 |
=== s_markow_ is now known as s_markow | ||
rgreening | I'm looking for some advice regarding clustering? Anyone available or can someone point me to an expert :) | 05:34 |
rgreening | Basically, I want to set up a cluster to run a bunch of ubuntu vm's on. Like a DNS server, Mail Server, OpenNMS, etc.. all seperate vm's so I can taylor them and their usage... | 05:35 |
rgreening | I have 3 HP servers to start building the cluster. | 05:36 |
twb | rgreening: are you building a cluster for fun? | 05:48 |
rgreening | nope. I have a real world need for it | 05:49 |
twb | Hmm, perhaps you are using "custer" loosely. | 05:49 |
rgreening | cluster can mean 3 or 4 different things | 05:49 |
twb | http://en.wikipedia.org/wiki/Cluster_(computing) | 05:49 |
twb | By that article, what kind of cluster are we talking about? HA? | 05:50 |
rgreening | yep. HA | 05:50 |
rgreening | so, my desire is to take the 3 servers and make a cluser (HA). | 05:50 |
twb | OK, I don't know about that. I can see that the article links to Linux-HA, which I suspect will have its own channel. | 05:50 |
rgreening | on it, I would run an arbitrary number of vm's... | 05:51 |
rgreening | twb.. know anyone who would know about HA clustering? | 05:52 |
twb | Sorry, no. | 05:52 |
twb | I suggest you start digging through the linux-ha community's resources. | 05:53 |
rgreening | yeah, been reading up on this all day.. still no further ahead :) | 05:54 |
twb | rgreening: /join #linux-ha? | 05:59 |
ScottK | rgreening: I suspect if you talk to ivoks he'll have useful advice. | 06:02 |
rgreening | ScottK, twb: thanks. :) | 06:02 |
mattt | is there any config setting that allows you to mount all partitions w/ a particular mount option? | 06:06 |
mattt | to clarify, i'd rather not have to modify each partition's mount options in /etc/fstab for each box | 06:08 |
quizme | how do you increase the time before an ssh session starts to freeze up on you ? | 06:14 |
twb | quizme: ssh sessions don't freeze. | 06:15 |
quizme | twb: then what do they do when they stop moving? | 06:15 |
twb | quizme: try typing ^Q (Ctrl+q). If that fixes it, you have accidentally enabled the scroll lock. | 06:15 |
quizme | k | 06:15 |
twb | Turn off flow conrol in your terminal emulator to avoid it in future | 06:15 |
quizme | it does it all the time | 06:16 |
quizme | like after 5 minutes | 06:16 |
quizme | if i'm idle | 06:16 |
twb | quizme: ah, then perhaps you need to turn on -o ServerAliveInterval=300 | 06:16 |
quizme | what's that ? | 06:16 |
quizme | server side ? | 06:17 |
quizme | where do i put those options? | 06:17 |
quizme | client ? | 06:17 |
twb | ~/.ssh/config, or on the command line. (client side for both) | 06:17 |
twb | man 5 ssh_config | 06:17 |
quizme | tyu | 06:18 |
twb | Actually 300 *is* five minutes.. | 06:18 |
Anirban1987 | Can I install Roundcube on Ubuntu 9.04 server ? | 06:18 |
twb | Anirban1987: ask apt-cache policy. | 06:18 |
Anirban1987 | twb : what is that ? | 06:19 |
twb | OK, instead try packages.ubuntu.com | 06:19 |
twb | According to http://en.wikipedia.org/wiki/RoundCube, roundcube is a PHP application. | 06:19 |
twb | In my experience if a PHP app is not available via the standard Ubuntu package archive (and often even if it is), it's so full of vulnerabilities that you would be mad to install it. | 06:20 |
twb | Hmm, but it appears roundcube *is* apt-gettable: http://packages.ubuntu.com/roundcube | 06:21 |
ScottK | We released Jaunty with the current roundcube believed to be secure at the time. I don't follow it though, so no idea how it looks now. | 06:21 |
Anirban1987 | ScottK : The current is 0.2.2. | 06:22 |
twb | It's in universe, so security updates aren't guaranteed anyway. | 06:22 |
Anirban1987 | One more ques , 9.04 is named as jaunty ? | 06:23 |
twb | Anirban1987: ask lsb_release --all on your server. | 06:23 |
twb | (Yes.) | 06:23 |
psyferre | hey folks, can anyone answer a few quick questions about using dd to backup and restore a system? | 07:04 |
psyferre | I have an ubuntu server that I needed a backup for, so I used sudo dd if=/dev/sda1 ibs=4096 bs=2048 | gzip > /tmp/nms-server-dd-img.gz to dump a copy on a cifs share | 07:05 |
psyferre | Now i've got my fresh machine and wanted to restore the copy, so I booted up the live cd, installed smbclient and smbfs to get to my cifs share, and then used dd if=nms-server-dd-img.gz | gunzip | dd of=/dev/sda1 | 07:07 |
psyferre | that didn't seem to do anything, so I thought maybe my backup had not gotten the MBR, so I installed ubuntu server, then loaded up the live cd again, and did the same thing. Now the os gives me "Target filesystem does not have /sbin/init" | 07:08 |
psyferre | can anyone give me a shove in the right direction concerning what i'm doing incorrectly? | 07:08 |
incidence | How do I ban IPv6 address? | 07:19 |
incidence | I have it in hosts.deny but it has no effect | 07:20 |
incidence | "ALL: [::ffff:118.98.217.18/64]" | 07:21 |
howie | Can anyone tell me how to geta subdomain to point localip/box so i can vnc it? | 07:24 |
ball | howie: set up a DNS | 07:36 |
ball | I think | 07:37 |
howie | well i did that | 07:37 |
howie | but | 07:37 |
howie | will that route a subdomain to different local ip? | 07:37 |
ball | If you want it to. | 07:38 |
howie | i have a working bind server and web server | 07:38 |
ball | brb, baby's crying | 07:38 |
howie | basically, i have a working bind server running and I have example.com pointing to my main box. what i want to do is have example2.com point to my second box in a way that i can host both a website and other various services on the second box. | 07:41 |
howie | ive read that apache2 can do this with reverse proxy, but from what i understand that only works with http traffic. | 07:43 |
ball | That'll be a DNS question. | 07:44 |
howie | ah. so i should probably ask around in a DNS channel then | 07:46 |
howie | Thanks a lot for your time! :) | 07:46 |
* ball shrugs | 07:46 | |
ball | I'd happily answer if I had a clue about DNS in general or DNS on Ubuntu in particular | 07:47 |
soren | incidence: Which service are you trying to ban them from? hosts.deny does not apply universally. | 07:48 |
ball | hello soren, you're a blast from the past. | 07:49 |
soren | I am? | 07:49 |
* ball nods | 07:50 | |
soren | I wonder who *he* was. | 07:53 |
Byron | Hello all. I got the Ubuntu Server running smoothly at home. <insert delight> | 08:01 |
Byron | Only issue I'm having now is that when I try to go to the site I setup, all of the php files are trying to download themselves. | 08:02 |
Byron | I can't access http://localhost/index.php as it tries to download rather than load in Firefox | 08:02 |
Byron | It's been a long time since I came across this issue and now I don't recall the solution. | 08:02 |
mattt | you sure the php5 module is enabled? | 08:04 |
Byron | I installed php5, was there something else that I needed to configure? | 08:05 |
mattt | check out /etc/apache2/mods-enabled | 08:05 |
Byron | OK | 08:06 |
Byron | I have php5.conf and php5.load in there | 08:06 |
mattt | don't know then ;) | 08:06 |
Byron | No worries. | 08:07 |
Byron | I've restarted apache to no avail | 08:08 |
Byron | It's midnight for me. I think I will find the answer in my sleep or possibly in the morning after some much needed sleep. | 08:09 |
Byron | Thank you matt. I will return tomorrow if I do not happen to get this resolved. | 08:09 |
mattt | Byron: sorry i couldn't have been more help :/ | 08:09 |
Byron | mattt: It's not always about being the answer, it's about guidance. You helped remove one possible scenario. That's troubleshooting and that's helping. | 08:10 |
Byron | So I thank you for that, matt. | 08:10 |
Byron | Good night/morning/afternoon to you all. | 08:11 |
mattt | good night! | 08:11 |
NineTeen67Comet | Hello; I've got a plethora (9+) full size (some mid some full) towers running various tasks. They live under my stairs along with extra parts, cases, tools and boxes. There is room to build something, but I'm out of ideas. | 08:31 |
NineTeen67Comet | can anyone help with an idea on what to set them all up physically... Right now they are sitting next to and on each other. I would like them much more organized than that... | 08:32 |
mattt | NineTeen67Comet: get a bread rack | 08:33 |
NineTeen67Comet | Is that slang for a style of rack or do you literally mean find a bread rack from a grocery store somewhere second hand? | 08:34 |
NineTeen67Comet | I've seen some racks and what not online, but they seem very expensive. | 08:35 |
NineTeen67Comet | I also thought about just building some wood shelves but wood here in Japan (I'm stationed in Japan) is expencive. | 08:35 |
mattt | NineTeen67Comet: i think they're just generic shelves, yeah ... but can obviously hold quite a lot of weight | 08:37 |
NineTeen67Comet | mattt: ill look into something like that thanks for the idea... | 08:39 |
mattt | NineTeen67Comet: what are you doing w/ all the servers/ :) | 08:40 |
mattt | ? | 08:40 |
alexm | NineTeen67Comet: http://www.metro.com/application/Shelving are the classic metro shelves, but there are bootlegs also available | 08:40 |
NineTeen67Comet | Web server, media server (backend to MythBuntu), generic file/picture server (also stores movie covers for mythbuntu) and a couple backup specific boxes for me and the wife's main computers (rsynced nightly) .. | 08:41 |
NineTeen67Comet | I have to go take care of the baby (4 month old girl) . thanks mattt alexm I have the link open .. that's some stuff we have here I can try .. thanks .. | 08:42 |
kwork | is there list of installed packages in file, what i could monitor to see new installed packages ? | 09:20 |
_ruben | kwork: there's the output of dpkg -l ofcourse, and there's the files in /var/log/apt/ | 09:29 |
kwork | var log apt isnt really userful | 09:30 |
kwork | thou maybe it could be configured | 09:31 |
kwork | dpkg --get-selections | awk '{if ($2 == "install") print $1}' > /etc/apt/apt-build.list | 09:31 |
kwork | someone suggested that | 09:31 |
twb | Boot-leg shelving? | 09:37 |
twb | Surely boots go on shelves, no the other way around | 09:37 |
acalvo | Hi. | 12:29 |
acalvo | How can I test a SSL LDAP connection? I've tried with -Z, but it says it cannot contact de LDAP server, however it works without using SSL | 12:30 |
=== TeLLuS_ is now known as TeLLuS | ||
sommer | acalvo: did you turn SSL on in /etc/default/slapd? | 12:40 |
acalvo | yes | 12:40 |
=== jussio1 is now known as jussi01 | ||
acalvo | SLAPD_SERVICES="ldap:/// ldapi:/// ldaps:///" | 12:41 |
sommer | acalvo: are you using a self-signed cert? | 12:41 |
acalvo | I've set up my own CA, and then create and signed a server cert | 12:42 |
sommer | acalvo: you might try adding TLS_CACERTDIR /etc/ssl/certs (or wherever your CA cert is located) to /etc/ldap/ldap.conf | 12:43 |
acalvo | sommer, good hint, let's see | 12:44 |
acalvo | still not working | 12:46 |
sommer | acalvo: you can try starting slapd in a terminal with the -1 option to see the debug output | 12:47 |
sommer | acalvo: also you might make sure that port 636 is open | 12:48 |
acalvo | and how do I check if the 636 port is open? I'm working inside a local lan | 12:48 |
sommer | acalvo: if you haven't configured a firewall it probably is, but also the nmap -sS IPADDRESS will show you which ports are open on a host | 12:49 |
acalvo | sommer, thanks | 12:50 |
sommer | np | 12:50 |
acalvo | well | 12:52 |
acalvo | it is not listed as open | 12:52 |
acalvo | neither 389 | 12:52 |
sommer | acalvo: do you have ufw enabled? | 12:53 |
acalvo | but running slapd with -d 256 shows STARTLS command | 12:53 |
acalvo | sommer, it's a clean install of ubuntu 9.04, just to test SSL with some services | 12:53 |
sommer | and slapd is running? | 12:54 |
acalvo | well, ehm.., no | 12:55 |
acalvo | now it's working and it shows the ports | 12:55 |
sommer | acalvo: cool, can you connect? | 13:03 |
acalvo | nope | 13:03 |
acalvo | I'm reading again the community info | 13:04 |
acalvo | but, I've followed everything that is listed there, and is not working | 13:04 |
acalvo | is it mandatory to have configured the ldap.conf file in order to run ldapsearch? | 13:10 |
sommer | acalvo: it is if you don't want to use the "-b suffix" option | 13:18 |
sommer | acalvo: there's also the ubuntu serverguide: https://help.ubuntu.com/9.04/serverguide/C/openldap-server.html | 13:18 |
acalvo | sommer, I'm following this guide | 13:19 |
acalvo | and some others | 13:19 |
sommer | acalvo: another thing to try is to add "TLS_REQCERT never" in /etc/ldap/ldap.conf... that basically disables the check of the server cert | 13:20 |
sommer | acalvo: that may help narrow down the issue anyway | 13:20 |
acalvo | sommer, thank you so much | 13:20 |
acalvo | I've just found find out the the problem is "TLS: peer cert untrusted or revoked" | 13:21 |
sommer | ya, using self-signed certs is a little touchy with slapd | 13:21 |
acalvo | sommer, so buggy, in fact | 13:22 |
sommer | acalvo: I'm not sure I'd say buggy... it's more that slapd has strict protocol adherence | 13:22 |
acalvo | yes, and I understand why | 13:22 |
acalvo | but they should also provide an easier way to test implementation | 13:22 |
acalvo | under lab enviorenments | 13:23 |
sommer | heh, ya the process of learning ldap and OpenLDAP server is pretty involved | 13:23 |
acalvo | but, I feel lost with their new way to store configuration | 13:23 |
acalvo | I've always end up stopping the service and editing the cn\=config.ldif file | 13:24 |
acalvo | ehehehe | 13:24 |
sommer | ubuntu server team is working on a more out of the box default configuration that provides a more "ready-to-use" directory | 13:24 |
sommer | acalvo: ya, the cn=config does take some getting used to... especially all the ldapadd, ldapmodify, ldapdelete options :) | 13:25 |
acalvo | yes | 13:25 |
acalvo | another thing that needs to be fixed is the PAM-LDAP integration | 13:26 |
acalvo | the ldap-auth-client does not work as expected | 13:26 |
sommer | ya, there's some work going on in that area as well | 13:26 |
acalvo | yip | 13:26 |
acalvo | I've they're doing such a great work | 13:27 |
acalvo | uf, I wrote without taking a look | 13:27 |
sommer | :) | 13:28 |
acalvo | sommer, well, thanks for your help, now it is working | 13:29 |
sommer | acalvo: no problem, glad I could help | 13:30 |
rsr | Hello, I am having some issues with fllash software and java. They are terribly slow and unstable when going through the proxy. I have to set up the browser to not use proxy for those sites and then things work fine. Maybe im missing a configuration? | 14:21 |
rsr | I am using ubuntu server 9.04 by the way | 14:22 |
specto | rsr: what kind of proxy are you using. | 14:22 |
specto | rsr: and what kind of bandwidth, upload, do you have for the proxy. | 14:22 |
rsr | I am using squid at the moment | 14:22 |
specto | rsr: are you using windows as the client? | 14:23 |
rsr | yes | 14:23 |
rsr | windows and internet explorer | 14:23 |
rsr | there are 53 machines on the network | 14:23 |
specto | rsr: sometimes flash does weird things with proxies. It could be many many problems. unfortunately I can't help right now, hopefully someone else will pipe up | 14:32 |
a1fa | flash tends not to use proxy | 14:32 |
a1fa | if there are socket connections within flash | 14:32 |
a1fa | such as irc client within flash | 14:32 |
rsr | a1fa: how come when I disable proxy things get a little better? | 14:34 |
rgreening | ivoks: ping | 15:31 |
rgreening | ivoks: ScottK suggested I ask you (as an expert) on a clustering/high-availability project I have. | 15:31 |
rgreening | ivoks: basically, I need to run a bunch of vm's with varied purposes (DNS, E-mail, EMS, Web) and ensure they are always reachable (always being relative of course). Basically survive failure of one node in the cluster by autostart on another node... | 15:33 |
rgreening | I'm only basically familiar with clustering... so any advice would be awesome. | 15:34 |
ivoks | hi | 15:34 |
rgreening | hey :) | 15:34 |
ivoks | ok, so... you want failover? | 15:35 |
rgreening | yeah, live... | 15:36 |
rgreening | not manual | 15:36 |
ivoks | right, live migration from failed node to alive one | 15:36 |
rgreening | but I also want to efficiently use the CPU, memory/ disk | 15:36 |
rgreening | which is why I think I need a cluster :) | 15:36 |
rgreening | I have 3 HP DL380G6 (brand new | 15:37 |
rgreening | each has 4GB ram, 3x300 10k SAS disks | 15:37 |
rgreening | internal HW RAID card for disks | 15:37 |
rgreening | 4xGE ports per server | 15:38 |
rgreening | 2.4GHz quad core CPU | 15:38 |
ivoks | ok | 15:38 |
ball | I don't have use for a cluster, but I could benefit from a more contemporary machine. | 15:38 |
rgreening | heh | 15:38 |
ball | My Ubuntu Server box is a 500 MHz Klamath | 15:39 |
ivoks | having three servers is good setp | 15:39 |
ivoks | step | 15:39 |
ivoks | since 2 aren't quite smart solution :) | 15:39 |
Byron | My continued issue is in regards to php files being downloaded rather than viewed through a browser. It appears that my /etc/apache2/httpd.conf file is empty. Is that right? | 15:39 |
ivoks | Byron: a2enmod php ; /etc/init.d/apache2 restart | 15:40 |
ivoks | rgreening: you'll need drbd+ocfs+pacemaker | 15:40 |
ivoks | rgreening: or... redhat cluster suite + drbd | 15:40 |
rgreening | cool | 15:41 |
Byron | ivoks: a2enmod php -> ERROR: Module php does not exist! | 15:41 |
Byron | Could have sworn it was setup last night | 15:41 |
ivoks | Byron: you didn't install php | 15:41 |
Byron | ivoks: I'll install php5 again | 15:41 |
rgreening | ivoks: ocfs? | 15:41 |
ivoks | rgreening: oracle cluster filesystem | 15:41 |
rgreening | ah | 15:41 |
ivoks | ocfs2 | 15:41 |
Byron | ivoks: php5 is already the newest version | 15:42 |
rgreening | is there a reason/circumstance to prefer one over the other? | 15:42 |
ivoks | Byron: libapache2-mod-php5 is the name of the package | 15:42 |
ivoks | rgreening: well, rhcs is pita to configure, but it's great stuff | 15:42 |
Byron | ivoks: That's also the newest version | 15:42 |
ivoks | rgreening: pacemaker is easier, but it didn't get real attention in ubuntu until karmic | 15:42 |
ivoks | rgreening: rhcs was supported clustering system in ubuntu | 15:43 |
rgreening | ok, I am thinking on starting with Karmic anyway... as this setup will be in test/development for a 4 month period at least | 15:43 |
ivoks | rgreening: and you'll have hard time finding documentation for both | 15:43 |
rgreening | I am all too familiar with the lack of docs... been search and researching last few days.. | 15:44 |
ivoks | rgreening: great... then you could help us make our cluster stack rock solid | 15:44 |
rgreening | :P | 15:44 |
ivoks | Byron: a2enmod php5 | 15:44 |
rgreening | lets make a deal. You point me in the right direction when I need a course change and I'll help with the cluster packages (since it'll benefit me anyway) :) | 15:45 |
Byron | ivoks: Module php5 already enabled | 15:45 |
rgreening | ivoks: ^ .. So, if it were you then using Karmic, oracle or red hat path? | 15:46 |
ivoks | rgreening: i'd use karmic, with pacemaker-openais as cluster manager and ocfs2 as filesystem on top of drbd8 | 15:46 |
rgreening | ok. then my path is set. :) | 15:47 |
ivoks | and kvm :) | 15:47 |
rgreening | of course. | 15:47 |
ivoks | you might want to look at eucalyptus | 15:47 |
ivoks | you basicaly are asking for a cloud system | 15:47 |
rgreening | ivoks: is there a need to add a cloud on top of this? | 15:48 |
rgreening | or what advantage? | 15:48 |
ivoks | well, if you want load balancing... | 15:48 |
rgreening | if I am not talking ot other clouds or EC2 services | 15:48 |
rgreening | hmm... | 15:48 |
ball | rgreening: you get "trendy points" for using a cloud ;-) | 15:48 |
rgreening | lol | 15:48 |
rgreening | ivoks: I don't need load balancing per se but shouldn't the vm's share the CPU/memory/disk of the cluster? | 15:49 |
ivoks | Byron: then php is probably working | 15:49 |
rgreening | cluster... | 15:49 |
ivoks | rgreening: no | 15:49 |
ivoks | there are couple of clusters | 15:50 |
ivoks | one is high availability | 15:50 |
ivoks | that's what i was talking about | 15:50 |
ivoks | other is hpc | 15:50 |
rgreening | ok. my bad. I want HA not HPC... | 15:50 |
ivoks | that's sharing cpu/mem, but applications should be aware of that | 15:50 |
ivoks | so, in HA cluster, you have to designate VMs to certain servers | 15:51 |
ball | #hpc is a nice channel for those who are interested in that. | 15:51 |
ivoks | and backup solutions if those servers fail | 15:51 |
rgreening | ivoks: ok. | 15:51 |
ivoks | so, let's say vm1 and vm2 on serverA | 15:51 |
ivoks | vm3 and vm4 on serverB | 15:51 |
ivoks | vm5 and vm6 on server C | 15:51 |
ivoks | if serverC fails, vm5 moves to serverA and vm6 moves to serverB | 15:52 |
rgreening | ok.. | 15:52 |
rgreening | and this can be preconfigured/determined right? | 15:52 |
ivoks | serverA doesn't know a thing about serverB or serverC | 15:52 |
Byron | ivoks: what would cause my php files to download rather than display? | 15:52 |
ivoks | it only knows their IP addresses and where to shoot if it wants to kill them | 15:52 |
ivoks | Byron: browser cache? | 15:53 |
Byron | These are all fresh boots | 15:53 |
ivoks | i don't get it... what can go wrong with the command 'apt-get install apache2 php5' | 15:53 |
ivoks | that's all that's needed to install apache with php | 15:54 |
rgreening | sounds reasonable ivoks. | 15:54 |
ivoks | rgreening: that's fail over | 15:54 |
ivoks | then, you'll need shared storage | 15:55 |
ivoks | that can be NAS or DRBD | 15:55 |
ivoks | DRBD is basicaly a RAID1 over network | 15:55 |
=== nxvl_ is now known as nxvl | ||
ivoks | version in karmic supports having three nodes in primary-primary-primary setup | 15:56 |
rgreening | ok, so I have 4xGE on each server. and I have 3x300GB 10K SAS drives in HW RAID in each server... | 15:56 |
rgreening | so I don't need an external storage array? | 15:56 |
rgreening | I can get one, if it will give a large perf boost... | 15:57 |
ivoks | well, fully redundant fiber channel or 10Gb iscsi would be a better options, but let's pretend you don't have couple of hunderts of thousands of dolars :) | 15:57 |
rgreening | you'd be correect :) | 15:57 |
rgreening | lol | 15:57 |
specto | 10Gb iscsi is almost never ever utilized | 15:58 |
rgreening | ivoks: you are awesome btw. | 15:58 |
specto | even with high traffic io | 15:58 |
ivoks | those might be even less than $100.000 :) | 15:58 |
ivoks | specto: right, but is faster than fiber channel | 15:59 |
specto | The average, according to cisco, is around 800kbps, so really 1Gb is only needed, max 2 | 15:59 |
ivoks | specto: ? | 15:59 |
specto | note I would rather have 10Gb :P | 15:59 |
specto | ivoks: I was in a super long meeting with cisco, netapp, and vmware yesterday.... | 16:00 |
specto | ivoks: I don't understand why they promote NFS as the best solution.... | 16:00 |
ivoks | and they said you need only 800kbps to you disks? :) | 16:00 |
ivoks | your | 16:01 |
ivoks | i want gigabits :) | 16:01 |
specto | They said that's the customer average | 16:01 |
specto | and mbps not kbps sorry | 16:01 |
ivoks | ah... | 16:01 |
ivoks | ok... so | 16:02 |
ivoks | local disks are still the fastest thing | 16:02 |
specto | true that | 16:02 |
ivoks | drbd will make them slower, but that's something rgreening will have to accept if he wants high availability | 16:03 |
specto | true, it's not too bad though if you have decent bandwidth. | 16:03 |
rgreening | ivoks: 4xGE.. | 16:04 |
ivoks | right, he could bond ethernets to form 2Gbps link | 16:04 |
rgreening | so, do I need to seperate the drbd ports from the regular vlan ports? | 16:04 |
ivoks | switch between them is gigabit? | 16:05 |
specto | rgreening: it's a good idea, or even seprate switches because you need high availability and the least amount of chatter | 16:05 |
specto | and see if you can turn on jumbo frames for just that particular vlan | 16:05 |
rgreening | yeah, I'll have a Cisco 37xx GE or 4xxx GE | 16:05 |
specto | that'll work | 16:05 |
ivoks | so, keep in mind | 16:05 |
ivoks | drbd link - for block device sync; you can use the same link for ocfs2 sync | 16:06 |
=== Nicke_ is now known as Nicke | ||
ivoks | cluster link - for communication between nodes | 16:06 |
ivoks | and wan | 16:06 |
specto | ivoks: lost me on that one :P | 16:07 |
ivoks | where exactly? :) | 16:07 |
rgreening | so, 2xGE drbd/ocfs2, 1xGE cluster link, 1xGE wan/intenet/core vlans.. | 16:07 |
specto | ivoks: I hadn't heard of ocfs2 | 16:07 |
ivoks | oracle cluster file system v2 | 16:07 |
ivoks | rgreening: right, you could use drbd/ocfs/cluster on same link | 16:08 |
ivoks | rgreening: and then bond them, making them faster and allowing for failover | 16:08 |
ivoks | if cable or network card dies | 16:08 |
rgreening | ivoks: ok, if I bond them, they can't go to different switches though, correct... | 16:09 |
ivoks | sort of... | 16:10 |
specto | And do what my employer does, dual power supplies, dual power source, mirrored switches.... | 16:10 |
rgreening | I have 2 DC PWS in each. | 16:10 |
rgreening | and a DC plant, double deisal generator as well | 16:10 |
rgreening | :) | 16:10 |
ivoks | you should look at ifenslave modes | 16:10 |
rgreening | ivoks: ok. cool | 16:10 |
rgreening | ivoks: where are you located? | 16:11 |
specto | Nice, for some reason they have 3 battery backups, 2 for each line, and a third to back the other two up, with a diesel generator as well | 16:11 |
ivoks | croatia | 16:11 |
rgreening | cool | 16:11 |
specto | and the building can withstand hurricane level winds | 16:11 |
ivoks | mode 2 could be interesting | 16:11 |
ivoks | i think that could work with different switches | 16:11 |
rgreening | ivoks: you have been such a huge help. | 16:11 |
specto | (note this is the health care industry, people could die if it went down) | 16:11 |
rgreening | ty ty ty ivoks :) | 16:12 |
ivoks | :) | 16:12 |
ivoks | XOR policy: Transmit based on the selected transmit hash policy. The default policy is a simple | 16:12 |
ivoks | (source MAC address \oplus destination MAC address) % n_{slaves} | 16:12 |
* rgreening owes ivoks beers 'n food 'n stuff :) | 16:12 | |
specto | ivoks: how do you know so much!? | 16:13 |
ivoks | or x% of your earnings on the project :) | 16:13 |
ivoks | specto: i don't, really :) | 16:13 |
* rgreening is trying to save his job/career by doing this, as well as the jobs of the rest of the office. | 16:13 | |
ivoks | hehe | 16:13 |
rgreening | :) | 16:13 |
specto | ivoks: I can't remember all of that stuff off the top of my head. Guess I better keep working on that | 16:13 |
ivoks | well, i used google to find out the node number for ifenslave | 16:14 |
rgreening | ivoks: I am waiting to mount the servers. I assume, a default Ubuntu Server install is the correct path. | 16:14 |
rgreening | and go from there | 16:14 |
ivoks | and i've been working on cluster stack for month or two, so it would be funny if didn't know at least that | 16:14 |
ivoks | rgreening: sure | 16:15 |
* mathiaz waves at ivoks | 16:15 | |
rgreening | ok. I guess I need to join the server team :) | 16:15 |
ivoks | mathiaz: o/ | 16:15 |
rgreening | hah | 16:15 |
ivoks | rgreening: but, really, if you are planing on using ha cluster only for VMs | 16:16 |
ivoks | rgreening: you should invest some time in learning eucalyptus and ubuntu cloud strategy | 16:16 |
ivoks | i haven't looked at it yet, so i don't know details, but it might be what you are looking for | 16:17 |
rgreening | ivoks: would it still use the base stuff we already talked about? | 16:30 |
ivoks | i don't know | 16:30 |
ivoks | i have no idea what eucalyptus does exactly | 16:30 |
rgreening | ok... hehe | 16:30 |
uvirtbot | New bug: #397699 in samba (main) "samba fixes for roaming profiles introduce regressions" [Undecided,New] https://launchpad.net/bugs/397699 | 16:30 |
ivoks | it's cloud :D | 16:30 |
rgreening | do you know who the expert to ask is? | 16:31 |
ivoks | ...anyone deploying eucalyptus? or knows what it does? | 16:31 |
rgreening | hehe | 16:32 |
ivoks | i'm sure there are | 16:34 |
ivoks | erichammond could give you some info about what cloud really is | 16:34 |
ivoks | i see him bloging about clouds all the time | 16:34 |
Byron | How do I setup FTP on my Ubuntu 9.04 LAMP server? | 16:53 |
kim0 | mathiaz: Hi there .. I was looking for a Hardy preseed file to allow degraded raid1 installation .. and was told you have the needed magic .. :) | 16:54 |
ivoks | https://help.ubuntu.com/9.04/serverguide/C/ftp-server.html | 16:54 |
Byron | Thanks ivoks | 16:55 |
mathiaz | kim0: hm - hardy may be more complicated | 16:55 |
kim0 | mathiaz: ick .. thought so : | 16:55 |
mathiaz | kim0: setting up a preseeded raid installation requires the use of partman-auto-raid | 16:55 |
mathiaz | kim0: which is in universe for hardy: http://packages.ubuntu.com/search?keywords=partman-auto-raid | 16:56 |
mathiaz | kim0: that means the udeb is not on the installation media | 16:56 |
kim0 | mathiaz: I am rebuilding the iso anyway | 16:56 |
mathiaz | kim0: how do you plan to install your systems? via cdrom or network? | 16:56 |
kim0 | cdrom | 16:56 |
kim0 | I can drop in the udeb and rebuild it no problem | 16:56 |
mathiaz | kim0: well - if you rebuild the iso, then you have to put partman-auto-raid in the cdrom | 16:56 |
kim0 | and then you have the string needed in the preseed file ? | 16:57 |
mathiaz | kim0: http://paste.ubuntu.com/214903/ | 16:58 |
kim0 | mathiaz: perfect thanks a lot | 16:58 |
mathiaz | kim0: this is working correctly for intrepid+ | 16:58 |
mathiaz | kim0: so the preseed strings may be different with the version of partman-auto-raid in hardy | 16:59 |
mathiaz | kim0: I've never tested partman-auto-raid in hardy - it may be broken :/ | 16:59 |
kim0 | oh .. hope it works then :/ | 17:00 |
kim0 | mathiaz: that one is not degraded is it | 17:00 |
kim0 | it has 2 disks | 17:00 |
kim0 | mathiaz: do I just delete one disk and decrement the count of devices <devcount> ? | 17:00 |
mathiaz | kim0: right - I've never tested installing a degraded raid array | 17:01 |
mathiaz | kim0: I don't know if partman-auto-raid or the installer would support that use case | 17:01 |
mathiaz | kim0: cjwatson may have a clue on this one | 17:01 |
kim0 | mathiaz: okie then .. thanks again | 17:02 |
cjwatson | mathiaz: we sent him to you ;-) | 17:06 |
cjwatson | the installer is supposed to support it | 17:06 |
cjwatson | I just don't have recipes to hand | 17:06 |
mathiaz | cjwatson: ah ok. I've pasted a recipe that does it a raid installation | 17:06 |
cjwatson | I think 'mdadm mdadm/boot_degraded boolean true' is the rune | 17:06 |
cjwatson | but I don't know exactly what to do at the partman level | 17:07 |
mathiaz | cjwatson: I wasn't sure if the installer would actually install a degraded system - ie one of the disk is not there | 17:07 |
mathiaz | cjwatson: right - me neither. I've never tried to preseed a degraded install | 17:07 |
* cjwatson holds nose and looks at partman-auto-raid | 17:08 | |
cjwatson | it looks as if it should let you simply by leaving out device names | 17:09 |
cjwatson | https://help.ubuntu.com/9.04/installation-guide/i386/preseed-contents.html and search for partman-auto-raid | 17:09 |
cjwatson | if the number of devices you give is smaller than devcount, I think it will come out degraded | 17:10 |
cjwatson | but you may need 'mdadm mdadm/boot_degraded boolean true' to arrange for the system to boot properly afterwards | 17:10 |
cjwatson | kim0: ^- | 17:10 |
cjwatson | this is entirely untested, and as mathiaz said you will need to include partman-auto-raid | 17:10 |
kim0 | cjwatson: perfect .. so I'll drop in the udeb, respin the iso, use mathiaz's recipe and if the moon-phase is right, it should work | 17:13 |
kim0 | that's great .. thanks folks :D | 17:13 |
kim0 | use the recipe with only one disk that is | 17:14 |
Illusion | Hello Folks, I have a question about PXEBOOT/tftpboot in Ubuntu 64 8.10 server edition. Is it possible to boot up Windows CD's (unattended). I can boot Linux images (Knoppix Live/Ubuntu Live/Gparted) without any problems but Windows kernels don't like me. Anybody has a an idea to resolve such issue's. I know it's a lot easier to use a Windows server with RIS to remote install client machines. | 17:26 |
Illusion | ow, the kernel won't load. It just gets stuck. Anybody has a guideline for that maybe? | 17:29 |
ivoks | last time i installed windows, there was no ubuntu :) | 17:30 |
rgreening | ivoks: I started a page to track my clustering work. I used the spec template, so that if in the future we need a spec to help improve some aspect of this solution for karmic (or +x) we can use it. It's located here: https://wiki.kubuntu.org/rgreening/clustering | 17:34 |
ivoks | ok | 17:34 |
ivoks | i just managed to compile pacemaker with corosync/openais 1.0 | 17:35 |
ivoks | that would be a big milestone | 17:35 |
rgreening | ivoks: ty again for setting me down the correct path for what I needed. | 17:35 |
ivoks | np | 17:35 |
ivoks | keep an eye on https://edge.launchpad.net/~ubuntu-ha/+archive/ppa | 17:35 |
rgreening | cool. will do. | 17:35 |
ivoks | this will end up in karmic, eventually | 17:36 |
ivoks | but we use ppa for testing | 17:36 |
kim0 | cjwatson: mathiaz: as I try that .. I get "The installer failed to process the preconfiguration file" .. zero mention of what's actually wrong ? | 17:37 |
rgreening | yeah, we do the same for Kubuntu | 17:37 |
rgreening | ivoks: I was a server guy many moons ago. Then a desktop dev... getting back to server with this cluster :P | 17:37 |
cjwatson | kim0: syslog may say | 17:42 |
cjwatson | in fact I'm pretty sure it will | 17:43 |
Illusion | Is anybody able to answer my question? I hope im not impatience in your eyes. | 17:44 |
cjwatson | Illusion: I'm not sure about impatience, but I suspect the problem is simply that folks here are not by and large terribly familiar with the intricacies of Windows. Wouldn't it be better to ask somewhere Windows-oriented? | 17:45 |
Illusion | cjwatson: Well yes, but since I use a linux server i guess that's not an option. Windows Servers have a RIS server for that which is Pxeboot/tftpboot in linux. | 17:46 |
ruben23 | hi please check my error http://pastebin.com/md3f68fe | 17:58 |
ruben23 | anyone can help on this | 17:58 |
specto | ruben23: pastbin > cat /etc/apt/sources.list | 18:01 |
ruben23 | ) specto: http://pastebin.com/m2a2f3fc7 <-----------this is the output, this a newly installed | 18:04 |
specto | ruben23: looks normal. | 18:06 |
specto | ruben23: have you updated yet? | 18:06 |
specto | ruben23: apt-get update | 18:06 |
=== Illusion is now known as Illusion|afk | ||
ruben23 | specto: havent yet | 18:08 |
specto | ruben23: do that, and then apt-get install apache2 | 18:08 |
ruben23 | i wont like to update- to not install unecessary packages | 18:08 |
ruben23 | apt-get update will install unecessary not needed packages right..? | 18:09 |
specto | no | 18:10 |
specto | ruben23: update updates the package lists | 18:10 |
specto | ruben23: you must do this | 18:10 |
specto | ruben23: upgrade installs updated packages, only packages that are already installed | 18:10 |
ruben23 | ok | 18:13 |
ruben23 | specto: i got this ouput--------> http://pastebin.com/pastebin.php | 18:19 |
ruben23 | is this updated..? | 18:19 |
karstedt | Hello, i am attempting to use apache to forward incoming traffic from different subdomains to different ports on internal server and not having much luck | 18:22 |
karstedt | Ive got it to redirect flow to port 8080 however i cannot seem to get it to access /var/www/ from regular domain any more | 18:23 |
specto | karstedt: sorry, don't know much about apache | 18:25 |
karstedt | do you know of something else that would do what i am looking for? | 18:26 |
specto | karstedt: I know you can do this with apache | 18:26 |
karstedt | yeah, partially set up but not functioning right | 18:27 |
specto | karstedt: I use lighttpd web server, but all of it invovles changing configuration files. Sounds like you may not have the server root or whatever apache calls it set. | 18:27 |
karstedt | not suer how to do that, DocumentRoot is set to /var/www/ | 18:28 |
karstedt | just gives me back a blank page when i access it though | 18:28 |
specto | Where are you setting it to port 8080? or are you simply doing a redirect? | 18:28 |
karstedt | reverseproxy / 192.168.1.100:8080 | 18:29 |
karstedt | with server name media.example.com | 18:29 |
karstedt | so it should foreward all traffic with media subdomain to port 8080 internally | 18:29 |
karstedt | and it does that fine, however i cannot get it to direct traffic from www.example.com to /var/www/ root | 18:30 |
specto | Ah I see, a proxy, couldn't help you there, no idea how apache does this. | 18:30 |
karstedt | me either, ;) | 18:30 |
specto | doesn't seem like you would want to use a reverseproxy though | 18:30 |
specto | you want to create a virtualhost | 18:31 |
karstedt | it is a virtual host w/ Proxy Off | 18:31 |
karstedt | so no one can piggy back off my server | 18:31 |
specto | Anyone else want to take a gander? | 18:32 |
karstedt | <VirtualHost 192.168.1.100:80> | 18:32 |
karstedt | ServerName media.karstedthome.com | 18:32 |
karstedt | ProxyRequests off | 18:32 |
karstedt | ProxyPreserveHost on | 18:32 |
karstedt | ProxyPass / http://192.168.1.100:8080/ | 18:32 |
karstedt | ProxyPassReverse / http://192.168.1.100:8080/ | 18:32 |
karstedt | </VirtualHost> | 18:32 |
karstedt | <VirtualHost 192.168.1.100:80> | 18:32 |
karstedt | DocumentRoot /var/www/ | 18:32 |
karstedt | ServerName karstedthome.com | 18:32 |
karstedt | </VirtualHost> | 18:32 |
karstedt | <VirtualHost 192.168.1.100:80> | 18:32 |
karstedt | DocumentRoot /var/www/ | 18:32 |
karstedt | ServerName www.karstedthome.com | 18:32 |
karstedt | </VirtualHost> | 18:32 |
specto | !pastbin | karstedt | 18:32 |
ubottu | Sorry, I don't know anything about pastbin | 18:32 |
specto | !pastebin | karstedt | 18:32 |
ubottu | karstedt: pastebin is a service to post multiple-lined texts so you don't flood the channel. Ubuntu pastebin is at http://paste.ubuntu.com | To post !screenshots use http://tinyurl.com/imagebin | !pastebinit to paste directly from command line | Make sure you give us the URL for your paste - see also the channel topic | 18:32 |
karstedt | hmmm ok | 18:33 |
specto | karstedt: just don't paste configuration files here, put them on pastebin and give me the link, easier to read, no scroll-back etc | 18:33 |
karstedt | !pastebin http://paste.ubuntu.com/214964/plain/ | 18:34 |
ubottu | Error: I am only a bot, please don't think I'm intelligent :) | 18:34 |
karstedt | like that? | 18:34 |
specto | just the link | 18:35 |
karstedt | ok | 18:35 |
karstedt | any one have ideas about how to get this accomplished? | 18:37 |
karstedt | is there anything wrong with my virtual host file? | 18:37 |
specto | trying to figure it out | 18:38 |
specto | Is it just media that is doing this? | 18:38 |
karstedt | media is the only one functioning properly atm | 18:39 |
karstedt | other domains wont access /var/www/ | 18:39 |
karstedt | only have one file in there atm test.php to see if its working properly or not | 18:39 |
specto | Virtualhosts generally point somewhere else, not the same location | 18:40 |
specto | Why else would you need a virtual host? | 18:40 |
specto | oh sorry was looking at the wrong conf file | 18:40 |
karstedt | ;) | 18:41 |
specto | instead of putting an IP why not put * | 18:41 |
specto | no port either as long as you have listen 80 in your conf | 18:42 |
karstedt | ill try that, i think its listening on all ports but router is only open on 80 | 18:43 |
karstedt | same issue media goes where it should and www and @ jsut sit there | 18:44 |
karstedt | actually @ sends to port 8080 too for some reason lol.. | 18:44 |
KillMeNow | http://articles.slicehost.com/2008/4/29/ubuntu-hardy-apache-virtual-hosts-1 | 18:45 |
specto | http://httpd.apache.org/docs/2.0/mod/mod_proxy.html | 18:46 |
karstedt | first article helped condense the code a bit with serveralias , forgot about that command however still wont access files in /var/www/ | 18:52 |
karstedt | and if permissions are not set right apach gives you the forbidden error so i dont think thats it | 18:52 |
specto | sorry :S | 18:53 |
specto | you could try #httpd | 18:54 |
karstedt | that file is blank idk | 18:55 |
specto | karstedt: try the #httpd channel, they might be able to help you better. | 18:58 |
karstedt | ok ty | 18:58 |
dsandage | Networking/Install Problem: Using 8.04.2, accross multiple machines, same result = with two NICs installed, I can recieve DHCP, and then recievce ONE ping reply, at which point I experience no further network traffic. | 19:17 |
specto | dsandage: weird. | 19:20 |
dsandage | Agreed. | 19:20 |
dsandage | It has done this EVERY time I have isntalled on a machine with two nic's, I only have one connected to the network even. | 19:21 |
mathiaz | zul: do you have any idea where debian/patches/57-fix-mysqlslowdump-config.dpatch comes from? | 19:21 |
mathiaz | zul: or which bug it fixes? | 19:21 |
mathiaz | zul: I'm refering to the mysql-dfsg-5.0 package | 19:22 |
zul | mathiaz: refresh my memory can you pastebin the patch? | 19:22 |
mathiaz | zul: http://paste.ubuntu.com/214984/ | 19:22 |
zul | mathiaz: not from me afaik | 19:23 |
dsandage | also, removing secondary nic consistently resolves problem | 19:23 |
dsandage | but now I need the second nic | 19:25 |
zul | mathiaz: https://bugs.edge.launchpad.net/ubuntu/+source/mysql-dfsg-5.0/+bug/183762 | 19:27 |
uvirtbot | Launchpad bug 183762 in mysql-dfsg-5.0 "mysqldumpslow doesn't work" [Low,Triaged] | 19:27 |
NorthByNorthWest | Hi all! I installed a Ubuntu Server in my desktop in a vbox-machine... now i have bought and installed a dedicated server computer with Ubuntu Server Edition... can I simply move my virtual harddrive from my desktop to the new server and start up the virtual machine? | 19:30 |
NorthByNorthWest | Ubuntu server documentation doesnt seem to mention vbox in particual... | 19:31 |
specto | NorthByNorthWest: probably | 19:31 |
specto | NorthByNorthWest: :P | 19:31 |
NorthByNorthWest | specto: thanks ;) | 19:31 |
specto | NorthByNorthWest: you may need some configuration files though | 19:32 |
NorthByNorthWest | The official documentation, Chapter 17. Virtualization, lists libvirt / JeOS / Eucalyptus / OpenNebula... are they alternatives to vbox? which one to choose? | 19:33 |
specto | libvirt is a virtualization library, JeOS is a stripped down kernel for virtualization playforms, Euctalyptus is a Cloud computing platform, I would just use vbox. | 19:35 |
specto | or you could use xen, or kvm, with an ovirt or convirture front end | 19:36 |
Bookman | How would I get through to a computer behind a router, behind a router, behind a modem? | 19:55 |
happy | port forwarding | 19:56 |
happy | you need to login to your router/modem through the web interface. then look for the part about "port forwarding" | 19:56 |
Bookman | happy: yeah, I thought I tried that....still doesn't seem to work | 19:56 |
happy | Bookman: then you did it wrong | 19:57 |
Bookman | I set my computer to be on the dmz of my first router. | 19:57 |
Bookman | my second router is hooked to my first router via the WAN port | 19:57 |
Bookman | I forwarded port 22 to my second router | 19:58 |
Bookman | And yet it still times out when I try to access | 19:58 |
happy | Bookman: there are multiple reasons for that. What model is it? | 19:58 |
qman__ | Bookman, the outer router needs to have the inner router set as the DMZ | 19:59 |
Bookman | ah. | 19:59 |
qman__ | then the inner router needs to forward the port to your computer | 19:59 |
Bookman | Dlink DIR615 is first router | 19:59 |
Bookman | Belkin_Pre-N_530200 is the second router | 20:00 |
happy | Bookman: listen to qman__ :-) | 20:00 |
Bookman | working | 20:00 |
=== rgreening_ is now known as rgreening | ||
Bookman | qman__: hmmm, still no luck. Still times out | 20:02 |
happy | is ssh on? | 20:03 |
happy | i mean the ssh server | 20:03 |
Bookman | yes, it worked before I added the second router | 20:03 |
happy | Bookman: how could you hold back info like that :-P | 20:03 |
happy | this means the issue is with the second router | 20:04 |
Bookman | Sorry!:) | 20:07 |
Bookman | Ok, how to diagnose? | 20:07 |
Bookman | I set my computer as the dmz on the second router still time out | 20:10 |
Bookman | Ok, no worries. For what ever reason, it is working now. | 20:12 |
Bookman | Thanks for the tips and help! | 20:12 |
Bookman | I've actually turned off the dmz on the second router and used port forwarding. Still works and I'm pretty sure more secure | 20:14 |
=== Illusion|afk is now known as Illusion | ||
qman__ | yeah, it's advisable to not use the DMZ setting whenever possible | 20:32 |
qman__ | also, when running an internet-facing SSH server, make sure you don't have any guessable user/password combinations, there are bots that just scan the internet for open SSH servers | 20:33 |
qman__ | I get lots of dictionary attacks regularly, and I don't even have a static IP | 20:34 |
qman__ | I configured iptables using the recent module to slow brute forcing to a crawl | 20:35 |
specto | I use denyhosts despite some others disliking it, I enjoy seeing an easy overview of blocked ips | 20:45 |
Bookman | qman__: understood. I use denyhosts. | 20:45 |
=== Enkz is now known as Enkz|Away | ||
Tumie | i'm going to install a server | 21:30 |
Tumie | :D | 21:30 |
Tumie | for the people who want to monitor their server: use ssh + conky :) | 21:31 |
jpds | Tumie: What happened to Nagios/Munin? | 21:36 |
Tumie | jpds: no idea :p | 21:36 |
Tumie | but conky = realtime on your desktop :) | 21:36 |
Tumie | saw an article about it, @ dutch linux magazine | 21:38 |
KillMeNow | specto: there are brute force IPTable rules you can make that will block ssh attempts after X number of connections | 21:45 |
specto | KillMeNow: I know. | 21:45 |
KillMeNow | ahh ok | 21:45 |
specto | I like denyhosts because I don't want to further mangle my iptables and I like the logging for denyhosts | 21:46 |
KillMeNow | i hear ya | 21:47 |
Galbadore | Need a tarball and apt-get install expert. | 21:51 |
Galbadore | Question: I installed a apt-get package and installed a .tar, same package. I want to clean out the config for both. How do I accomplish this? | 21:52 |
happy | Galbadore: delete the config file? | 21:53 |
happy | ScottK: why use port nocking when you can use spa? | 22:11 |
ScottK | I don't even know what that is and I'm pretty sure I'm good with that. | 22:12 |
happy | ScottK spa is single packet authentication. It is a secure replacement for port knocking | 22:13 |
ScottK | OK. It sounds less scary. | 22:13 |
happy | lol | 22:13 |
Byron | If I have my ubuntu server behind a router, do I follow the steps to configure a static IP within the ubuntu server? | 22:16 |
KillMeNow | well, if you plan on port forwarding i would suggest it | 22:17 |
KillMeNow | you can grab it's mac address and have it DHCP using a reserved address | 22:17 |
KillMeNow | i hvae one of my servers doing that from a MS DHCP server | 22:18 |
Byron | thanks KillMeNow | 22:20 |
KillMeNow | welcome byron | 22:23 |
uvirtbot | New bug: #396026 in sysstat (universe) "sadc "double free or corruption"" [Undecided,New] https://launchpad.net/bugs/396026 | 22:46 |
uvirtbot | New bug: #396027 in mysql-dfsg-5.0 (main) "mysql appears to be installed twice :( !" [Undecided,Invalid] https://launchpad.net/bugs/396027 | 22:46 |
uvirtbot | New bug: #397876 in php5 (main) "define() not working as intended" [Undecided,New] https://launchpad.net/bugs/397876 | 23:11 |
Byron | KillMeNow: That worked like a charm, as expected I suppose. | 23:14 |
Byron | Now I need to figure out the on-going issue with php files being downloaded. | 23:14 |
KillMeNow | php files being downloaded? | 23:19 |
sseiersen | does jaunty support hot swap PCI? | 23:39 |
sseiersen | and hotswap SCSI drives? | 23:40 |
sseiersen | pretty much everything as hotswap? | 23:40 |
KillMeNow | no idear | 23:40 |
sseiersen | :/ | 23:40 |
KillMeNow | i mean, i have servers right now that have hotswappable back plane for scsi drives | 23:40 |
sseiersen | anyone here atm? | 23:40 |
KillMeNow | but that's probably handled by the hardware raid controller | 23:41 |
sseiersen | I got HP ProLiants where everything is hot swap | 23:41 |
KillMeNow | sorry sseiersen | 23:41 |
sseiersen | Including the processors | 23:41 |
KillMeNow | yea, i have Dell 1750's | 23:41 |
sseiersen | YAY Dell! | 23:41 |
KillMeNow | nope, the proc's on my Dells aren't | 23:41 |
sseiersen | Im buying a few soon | 23:41 |
KillMeNow | but the powersupplies and the drives are hot swap | 23:41 |
sseiersen | Mine are | 23:42 |
sseiersen | I can drop in a new processor willy nilly | 23:42 |
sseiersen | :] | 23:42 |
KillMeNow | that's pretty pimp | 23:42 |
sseiersen | Indeed | 23:43 |
sseiersen | I bought about 10 ProLiants from a government liquidation | 23:43 |
sseiersen | :] | 23:43 |
KillMeNow | wow, lucky you | 23:43 |
sseiersen | Former Dept of Transportation servers | 23:43 |
KillMeNow | i don't have the cash reserves right now to hit the Gov't auctions | 23:44 |
KillMeNow | i bought my Dell's from a mortgage company that went belly up last year | 23:44 |
sseiersen | Mine were $12 a pop | 23:44 |
sseiersen | Love them | 23:44 |
sseiersen | Dual P3's | 23:44 |
sseiersen | Loud as hell tho | 23:44 |
KillMeNow | they were pretty new, bought the rack, Rack mount KVM & keyboard, servers and UPS for $600 | 23:45 |
KillMeNow | heh, i gots the dual Xeon's | 23:45 |
sseiersen | nice | 23:45 |
KillMeNow | 3.06 ghz | 23:45 |
sseiersen | I plan on buying more eventually | 23:46 |
KillMeNow | but i'll tell ya, my power bill went up over 50% | 23:46 |
sseiersen | :] | 23:46 |
KillMeNow | buggers SUCK the juice | 23:46 |
sseiersen | Good ol' power | 23:46 |
sseiersen | Mine take 60Wph | 23:46 |
KillMeNow | yea, i need to throw up some solar panels | 23:46 |
sseiersen | Really low | 23:46 |
KillMeNow | yea, i am not sure what the 5 suck up | 23:46 |
KillMeNow | i could look on the back if i were so inclined | 23:47 |
=== KillMeNow is now known as KillMeNow[A] | ||
* KillMeNow[A] is now away - Reason : AFK for a bit | 23:57 |
Generated by irclog2html.py 2.7 by Marius Gedminas - find it at mg.pov.lt!