[00:00] <KillMeNow> and that machines is pointed to what DNS resolver?  i use opendns for my resolver
[00:00] <KillMeNow> even on my own servers
[00:00] <KillMeNow> but i don't run external / internal views
[00:00] <KillMeNow> and i'm running a chrooted bind
[00:00] <n8bounds> i have my own root server outside this subnet i've been using
[00:00] <n8bounds> or the att nameservers directly, via dig or nslookup
[00:01] <KillMeNow> however, my IP space is owned by my ISP
[00:01] <n8bounds> ah
[00:01] <n8bounds> must be nice, not having to bother with in-addr.arpa zones ;)
[00:01] <KillMeNow> so any reverse stuff they deal with
[00:01] <KillMeNow> well they are basically just like any other zone
[00:01] <n8bounds> yes, exactly
[00:02] <KillMeNow> and it makes my life easier to not run internal / external views
[00:03] <KillMeNow> also i have a MS DNS running for all the windows clients here
[00:03] <KillMeNow> so internally i don't need one
[00:03] <n8bounds> I run my MS DNS zones in bind9 :D
[00:03] <n8bounds> that was a bit tricky ;)
[00:04] <KillMeNow> you having MS DNS pull from the bind9 server?
[00:04] <n8bounds> i have a 2003 (R2) MSAD setup here
[00:04] <n8bounds> with a few hundred clients and a few dozen MS servers
[00:04] <n8bounds> and all DNS is done on bind9+ubuntu
[00:05] <n8bounds> including the MS AD zones
[00:05] <KillMeNow> cool
[00:05] <n8bounds> with dynamic updates + dhcp3 and all that
[00:05] <n8bounds> yeah, i was sick of maintaining two widly different name server types
[00:05] <n8bounds> *wildly
[00:05] <KillMeNow> 133.82.145.12.in-addr.arpa. 83964 IN    CNAME   133.128/28.82.145.12.in-addr.arpa.
[00:06] <KillMeNow> when i dig 133.82.145.12.in-addr.arpa. ptr
[00:06] <n8bounds> yeah, thats when you dug against opendns
[00:06] <KillMeNow> it looks like you should be trying to serve up 133.128/28.82.145.in-addr.arpa.
[00:06] <KillMeNow> yes, but that's what MOST ppl will be doing
[00:06] <KillMeNow> checking against their resolver
[00:07] <n8bounds> heh, good point
[00:07] <n8bounds> i agree with you, you must be on to that
[00:07] <KillMeNow> so when i check, my resolver says "Hey, go check whoever has  133.128/28.82.145.12.in-addr.arpa
[00:07] <n8bounds> but ATT provisioned me  128/28.82.145.12.in-addr.arpa.
[00:08] <n8bounds> plus, i dont own the 12.145.82.133.128/28 network.... i dont even know why there are two numbers in the last octet there
[00:08] <KillMeNow> ahhhah!  128/28.82.145.12.in-addr.arpa. 0 IN     A       67.215.66.132
[00:08] <n8bounds> i own the 12.145.82.128/28
[00:08] <n8bounds> .....
[00:09] <KillMeNow> so when i dig on 133.128/28.82.145.12.in-addr.arpa that is my response...  the A record is 67.215.66.132
[00:10] <KillMeNow> ahh NM
[00:10] <n8bounds> Friend, i'm afraid thats just the hit-servfail at opendns
[00:10] <KillMeNow> the 67.215.66.132 is opendns
[00:10] <KillMeNow> so they cnamed the 133.128/28.82.145.12 to 128/28.82.145.12
[00:11] <n8bounds> so what does  133.128/28.82.145.12.in-addr.arpa even mean
[00:11] <n8bounds> there's one too many sets of numbers there
[00:11] <KillMeNow> that's the original CNAME
[00:12] <KillMeNow> so when i do a host 12.145.82.132 i get this response:  132.82.145.12.in-addr.arpa is an alias for 132.128/28.82.145.12.in-addr.arpa.
[00:13] <n8bounds> i feel thats just more opendns trickery
[00:13] <n8bounds> when i do it (outside), i get SERVFAIL
[00:13] <KillMeNow> which then leads me to ask, dig 132.128/28.82.145.12.in-addr.arpa
[00:13] <KillMeNow> which then tells me that is 128/28.82.145.12.in-addr.arpa
[00:13] <KillMeNow> yea, and then i get no servers could be reached
[00:14] <KillMeNow> but since ATT owns that block, they had to CNAME the reverse to you
[00:14] <n8bounds> yes
[00:14] <n8bounds> which is why i was digging my ns directly from the outside to troubleshoot this
[00:14] <n8bounds> and since even that was failing
[00:15] <n8bounds> i didnt see the point in trying to troubleshoot the resolution of the same fail through opendns or other roots
[00:15] <KillMeNow> yep, but my thinking is what if they messed up the cname mapping
[00:15] <n8bounds> so we're back to page 1, where by all accounts, this should be working
[00:16] <n8bounds> its possible
[00:16] <KillMeNow> yea, i think you should only have to have the 128/28.82.145.12.in-addr.arpa zone file served
[00:16] <n8bounds> would my bind server fail to act authoritatively in that case?
[00:17] <KillMeNow> well, when we ask it using DIG, and you've told it that it's the master, and the SOA points to your DNS to be authoritative i would say it shouldn't
[00:18] <n8bounds> agreed
[00:19] <KillMeNow> in your zone file, move the NS    ns.epescarriers.com to the top of the list
[00:19] <KillMeNow> you have the att.net servers listed first
[00:19] <KillMeNow> i'm wondering if it reads those top down as ordered list
[00:19] <KillMeNow> and i would go back to your original config
[00:20] <KillMeNow> and shouldn't this be uncommented:  ;$ORIGIN 128/28.82.145.12.in-addr.arpa.
[00:20] <KillMeNow> rather than $ORIGIN 128-28.82.145.12.in-addr.arpa.
[00:21] <n8bounds> you are very thorough. i really appreciate all your effort here
[00:21] <n8bounds> lets try that now..
[00:22] <KillMeNow> well, it seems that if everyone in the world is looking for 128/28.82.145.12.in-addr.arpa that's what you should be serving up
[00:23] <n8bounds> indeed
[00:23] <n8bounds> okay, its replying with SERVFAIL still, but its acting as if I'm requesting recursion, which I shouldnt be
[00:23] <KillMeNow> and it's still loading the zone as expected w/o errors in syslog?
[00:23] <n8bounds> absolutely
[00:24] <n8bounds> i tried reversing the order of Mark Andrews' example also
[00:24] <KillMeNow> nope, seems to be working for me now
[00:24] <KillMeNow> one sec, lemme verify
[00:25] <n8bounds> dig @ns.epescarriers.com -x 12.145.82.131  still fails hard
[00:25] <KillMeNow> yea dig is giving me the SOA now
[00:26] <KillMeNow> yea
[00:26] <KillMeNow> bloody hell
[00:26] <n8bounds> sheesh
[00:26] <howie> has anyone setup asterisk on ubuntu server?
[00:26] <KillMeNow> 128/28.82.145.12.in-addr.arpa. 86400 IN SOA     ns.epescarriers.com. postmaster.epescarriers.com.
[00:26] <KillMeNow> not on ubuntu no
[00:26] <KillMeNow> i've got mine running CentOS
[00:27] <KillMeNow> however, check out Elastix
[00:27] <howie> can i run it on ubuntu?>
[00:27] <n8bounds> im sure you can
[00:27] <KillMeNow> probably, just not sure it's in the binary repo
[00:27] <n8bounds> but a lot of people seem to like this http://www.askozia.com/pbx/
[00:28] <n8bounds> @KillMeNow what did you query exactly to get that answer?
[00:28] <howie> im have pass on the askozia
[00:29] <KillMeNow> most ppl run TrixBox, but Elastix is a port of trixbox since Fonality are a bunch of puss brains
[00:29] <KillMeNow> can i append stuff to your pastebin?
[00:29] <n8bounds> please do
[00:29] <n8bounds> u on this one? http://pastebin.com/m678ec31b
[00:30] <KillMeNow> yea
[00:32] <KillMeNow> hope i didn't whack it all up
[00:32] <KillMeNow> but there is the total response
[00:33] <Speedy059> Is there another command to download a http file without using "wget" ?
[00:34] <KillMeNow> sorry, i can't think of one off the top of my head
[00:34] <KillMeNow> do you not have access to wget?
[00:35] <n8bounds> axel is a good pkg
[00:35] <Speedy059> i do, just trying to troubleshoot something
[00:35] <n8bounds> @KillMeNow, I ammeded your ammendment
[00:36] <KillMeNow> LOL
[00:36] <n8bounds> yeah... what is THAT about..?
[00:37] <KillMeNow> yea, mine was just a DIG on the 128/28 record, you were looking for the specific PTR within
[00:37] <KillMeNow> mine solidified that you ARE The SOA
[00:38] <KillMeNow> and that the SOA record is showing up as you put it in
[00:38] <KillMeNow> 128/28.82.145.12.in-addr.arpa. 86400 IN SOA     ns.epescarriers.com. postmaster.epescarriers.com. 2009071318 14400 7200 2419200 86400
[00:38] <n8bounds> right, which Does make me happy
[00:38] <n8bounds> but I cant reproduce that
[00:38] <n8bounds> even if I take your exact command
[00:38] <n8bounds> oh wait
[00:39] <n8bounds> im an idiot
[00:39] <n8bounds> check this out
[00:39] <n8bounds> dig 128/28.82.145.12.in-addr.arpa any @ns.epescarriers.com
[00:40] <n8bounds> there's more data
[00:40] <n8bounds> from inside my zone file
[00:40] <n8bounds> it must be my zone file
[00:41] <n8bounds> here's my current zone file http://pastebin.com/mbffa1bb
[00:41] <KillMeNow> i just updated the last one with my DIG response
[00:42] <n8bounds> i must have overwrote it
[00:42] <n8bounds> refresh it
[00:42] <n8bounds> i think i hit submit after you
[00:42] <n8bounds> oh, thats why it changed the name
[00:44] <KillMeNow> are you catching any errors in syslog?
[00:44] <n8bounds> no
[00:44] <KillMeNow> are you getting servfail on my connects or is it giving you any error?
[00:44] <KillMeNow> or refused?
[00:44] <n8bounds> all the erros i got before we added Mark's setup are now missing
[00:45] <n8bounds> I'm still slaving the 82.145.12.IN-ADDR.ARPA domain from the F root server
[00:47] <KillMeNow> yea, i'm lost now...  you ARE serving up the 128/28.xxxxxxxx zone file, that is evident
[00:48] <KillMeNow> but it's the bridge between the 128/28.xxxx zone to the 131.82.145.12.in-addr.arpa that looks like it is failing
[00:48] <n8bounds> i just asked the F-Root about my subnet   dig 128/28.82.145.12.in-addr.arpa @192.5.5.241
[00:48] <n8bounds> ATT has the ENTIRE 12.0.0.0
[00:49] <n8bounds> is that what you see?
[00:49] <KillMeNow> yea which is why they CNAME'd it to you
[00:49] <KillMeNow> i'm getting time out
[00:50] <KillMeNow> yes, ATT bought the 12.0.0.0/8 subnet LONG ago
[00:51] <n8bounds> I had no idea. But this is pretty good proof :  host -vl 199.191.128.105
[00:51] <n8bounds> i have an idea
[00:55] <n8bounds> okay, this seems a little close
[00:55] <n8bounds> closer:   dig 131.82.145.12.in-addr.arpa @ns.epescarriers.com
[00:56] <KillMeNow> yep
[00:56] <KillMeNow> little closer i thin
[00:56] <KillMeNow> think
[00:58] <n8bounds> okay, if I take out the zone "12.IN-ADDR.ARPA" IN { specification in my named.conf
[00:58] <n8bounds> i loose the SOA in the dig
[00:58] <KillMeNow> yea, i'm checking a couple things
[00:58] <KillMeNow> i think we're pretty close
[00:59] <n8bounds> think I have to add every sub zone as a slave of ATT as well?
[00:59] <KillMeNow> a slave of ATT?
[00:59] <KillMeNow> you're not pulling from them are you?
[00:59] <n8bounds> no
[00:59] <n8bounds> i mean, i am for the 12.IN-ADDR.ARPA
[01:00] <KillMeNow> yea, they are just CNAME'ing the subnet for you
[01:00] <KillMeNow> no, don't think so
[01:00] <n8bounds> but i'm master for the 128/28.82.145.12.IN-ADDR.ARPA
[01:00] <KillMeNow> yes, andthat's what you should be worried about
[01:00] <n8bounds> right
[01:00] <KillMeNow> and we get the response we expect for that zone
[01:00] <n8bounds> I dont think hosting a slave of 12.IN... is helpful in any way
[01:00] <n8bounds> it just masks the erros
[01:00] <n8bounds> *errors
[01:01] <KillMeNow> yea, i agree
[01:03] <KillMeNow> pastebin your config again pls
[01:03] <KillMeNow> your current config
[01:04] <n8bounds> kk
[01:05] <n8bounds> http://pastebin.com/m3ff3eff7
[01:10] <n8bounds> holy snap! i think it's going to start working: client 199.191.128.105#35931: view external: transfer of '128/28.82.145.12.in-addr.arpa/IN': AXFR ended
[01:11] <KillMeNow> woot
[01:11] <n8bounds> that client is the ATT secondary NS
[01:11] <KillMeNow> what did you change?
[01:11] <KillMeNow> you can't see any of the changes i'm doing to the config can you?
[01:12] <n8bounds> http://ubuntuforums.org/showthread.php?p=7611856#post7611856
[01:13] <n8bounds> you took out the att ns es
[01:13] <n8bounds> and moved the origin up
[01:13] <n8bounds> right?
[01:13] <KillMeNow> yea
[01:14] <KillMeNow> cause the att ns stuff isn't needed
[01:14] <KillMeNow> YOU are the authoritative server
[01:14] <n8bounds> true
[01:14] <KillMeNow> so only YOUR ns server should be listed in that zone
[01:14] <n8bounds> but all my other zones are that way
[01:15] <n8bounds> att lets me use those two ns' as secondary slaves
[01:15] <KillMeNow> and now i read through some goodness in the Oriely book on Bind
[01:15] <n8bounds> for the zones i have delegation for
[01:15] <KillMeNow> well i didn't know that!
[01:15] <n8bounds> :D
[01:15] <n8bounds> it should honestly work either way
[01:15] <KillMeNow> so those 2 suck off the ns.epescarriers.com ?
[01:15] <n8bounds> yes
[01:16] <KillMeNow> how long ago did ATT delegate authority for you?
[01:16] <n8bounds> ...years
[01:17] <KillMeNow> ok
[01:17] <KillMeNow> well now i'm getting refused again on dig
[01:18] <KillMeNow> hey, look what i get now!
[01:18] <KillMeNow> ; <<>> DiG 9.5.1-P2 <<>> 133.82.145.12.in-addr.arpa
[01:18] <KillMeNow> ;; global options:  printcmd
[01:18] <KillMeNow> ;; Got answer:
[01:18] <KillMeNow> ;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 46861
[01:18] <KillMeNow> ;; flags: qr rd ra; QUERY: 1, ANSWER: 3, AUTHORITY: 0, ADDITIONAL: 0
[01:18] <KillMeNow> ;; QUESTION SECTION:
[01:18] <KillMeNow> ;133.82.145.12.in-addr.arpa.    IN      A
[01:18] <KillMeNow> ;; ANSWER SECTION:
[01:18] <KillMeNow> 133.82.145.12.in-addr.arpa. 79605 IN    CNAME   133.128/28.82.145.12.in-addr.arpa.
[01:18] <KillMeNow> 133.128/28.82.145.12.in-addr.arpa. 86399 IN CNAME mail.epescarriers.com.
[01:18] <KillMeNow> mail.epescarriers.com.  3599    IN      A       12.145.82.131
[01:18] <KillMeNow> ;; Query time: 284 msec
[01:19] <KillMeNow> ;; SERVER: 192.168.200.194#53(192.168.200.194)
[01:19] <KillMeNow> ;; WHEN: Mon Jul 13 17:18:15 2009
[01:19] <KillMeNow> ;; MSG SIZE  rcvd: 120
[01:19] <KillMeNow> host 12.145.82.132
[01:19] <KillMeNow> 132.82.145.12.in-addr.arpa is an alias for 132.128/28.82.145.12.in-addr.arpa.
[01:19] <KillMeNow> 132.128/28.82.145.12.in-addr.arpa domain name pointer mail-mx02.epescarriers.com.
[01:19] <KillMeNow> looks like it's working now
[01:20] <KillMeNow> well kinda
[01:20] <KillMeNow> lemme read that again
[01:20] <n8bounds> kinda
[01:20] <n8bounds> yes
[01:22] <KillMeNow> yea, and now i'm still getting the refused error when i try to host or dig directly off your server
[01:23] <n8bounds> right
[01:23] <n8bounds> i wonder if i need these IN designators
[01:26] <n8bounds> you think?
[01:26] <KillMeNow> which ones?
[01:26] <KillMeNow> from the edit i did?
[01:26] <n8bounds> in the PTR rr s
[01:27] <n8bounds> yes
[01:27] <KillMeNow> yes, you need the IN     NS
[01:28] <KillMeNow> as for the pointers, i think those are OK too
[01:28] <KillMeNow> you need the IN    PTR     <IPADDR> for the reverse
[01:30] <KillMeNow> here is the rub as I read and understand it....  ATT creates a delegation called 132.128/28.82.145.12.in-addr.arpa
[01:32] <KillMeNow> which is the CNAME'd to a delegation called 128/28.82.145.12.in-addr.arpa which yours to SOA
[01:32] <n8bounds> im following..
[01:33] <KillMeNow> so in your zone file, you need to $origin 132.128/28.82.145.12.in-addr.arpa no?
[01:33] <n8bounds> AH!
[01:33] <KillMeNow> it's like a chain no?
[01:34] <n8bounds> that makes good sense!
[01:34] <n8bounds> we shall see
[01:34] <n8bounds> zone 128/28.82.145.12.IN-ADDR.ARPA/IN/external: loading from master file db.ext.ptr failed: not at top of zone
[01:35] <n8bounds> oops, i need to edit the named.confxxx
[01:35] <KillMeNow> yea, i'm gonna go feed my need for nicotine
[01:35] <KillMeNow> back in a min
[01:35] <n8bounds> 10-4
[01:43] <KillMeNow> back
[01:46] <n8bounds> well
[01:46] <n8bounds> its close to right
[01:46] <n8bounds> but not quite
[01:46] <n8bounds> its good enough to get the deferred mail off my mail server
[01:46] <n8bounds> so im outa here
[01:46] <n8bounds> drop me a line at n8bounds@gmail.com sometime
[01:47] <n8bounds> i owe you a beer if we're ever in the same zip code
[01:47] <KillMeNow> well if you're in NC, i'm on the west coast
[01:48] <KillMeNow> but yea, the part that is really making me get stumped is the host 12.145.82.132 coming back to 132.128/28.82.145.12.in-addr.arpa
[01:48] <KillMeNow> almost seems like ATT has it borked on their end
[01:49] <n8bounds> i bet they have
[01:49] <n8bounds> wouldn't be the first time
[01:49] <n8bounds> I'm in Greensboro
[01:49] <n8bounds> but shoot me an email if you want
[01:49] <KillMeNow> Portland OR
[01:49] <n8bounds> I've been known for travelling
[01:49] <n8bounds> ;)
[01:49] <n8bounds> and thanks again
[01:49] <KillMeNow> heh
[01:50] <KillMeNow> email sent
[01:51] <n8bounds> word
[01:51] <n8bounds> ciao
[01:51] <KillMeNow> C YA
[04:50] <TimReichhart> hey guys can somebody point me the correct way to setup a streaming media server like for tv?
[04:51] <TimReichhart> I want to use ubuntu for OS
[05:08] <EEoar> howdy
[05:09] <EEoar> QQ: Can you install PHP5 + Lighttpd without apache2?
[05:09] <\sh> yes
[05:09] <EEoar> seems the synaptic pkg_mgr says no
[05:09] <EEoar> ok....
[05:09] <\sh> you can't install mod_php5 and lighty
[05:09] <EEoar> I take it I would need to manually do it?
[05:09] <\sh> you need to install php5-fcgi + lighty
[05:10] <\sh> sorry...php5-cgi (which is the fcgi binary)
[05:10] <EEoar> Can I do that even though I'm a bit of a lighty + php5 idiot?
[05:10] <\sh> EEoar: if you can read the howto on lighttpd.org..you can do it as well
[05:11] <\sh> s/org/net/
[05:11] <\sh> sry..too early in the morning
[05:11] <EEoar> cool - when I try to remove libapache2-mod-php5 it insists on removing hp5... wtf?
[05:11] <EEoar> err... hp5 = php5, sry
[05:11] <\sh> that's normal...:) just let it remove it, and install php5-cgi
[05:12] <\sh> EEoar: http://redmine.lighttpd.net/projects/lighttpd/wiki/TutorialLighttpdAndPHP <- howto install php with lighty
[05:13] <EEoar> \sh: Thanks
[05:13] <\sh> http://www.ubuntugeek.com/lighttpd-webserver-setup-with-php5-and-mysql-support.html <- another howto
[05:13] <\sh> http://ubuntu-tutorials.com/2008/11/09/install-lighttpd-with-php-fastcgi-on-ubuntu-810/ <- Howto from Christer Edwards
[05:14] <\sh> now I really need to coffee and some nicotine
[05:14] <EEoar> I need a cup of coffee, some chocolate and I'm gonna get lighty workin!  I'm in need of phpProxy
[05:14] <EEoar> (tonight)
[05:15] <teddy_> Does NGINX work with PHP5 ?
[05:18] <\sh> teddy_: google's your friend :) http://www.howtoforge.com/nginx_php5_fast_cgi_xcache_ubuntu7.04
[05:46] <EEoar> does Samba SERVER have a GUI front-end somewhere?
[05:54] <jmarsden> EEoar: SWAT is a web based front end to configuring Samba...
[05:55] <EEoar> system-config-samba
[05:55] <EEoar> oops... yea I saw that too
[05:55] <EEoar> SWAT?
[05:58] <jmarsden> SWAT: Samba Web Administration Tool.  package name swat
[05:59] <jmarsden> I don't use it, but it exists and seems to be close to what you are looking for.
[05:59] <EEoar> OK, thank you
[06:00] <jmarsden> No problem.
[06:00] <EEoar> you guys in Ubuntu land are extremely helpful - this has been a nice transition from the world of Windows to Ubuntu (desktop & server)
[06:00] <EEoar> now to read and get lighty + PHP5 installed and workin' and life will be good
[06:44] <Shazburg> I'm looking for a finger to point me in the right direction. I've got my preseed and it's working like a dream. I'm launching from a CD and would like to turn off the language prompt when the installer menu loads so it will timeout and launch my default. Any ideas what I'm missing?
[06:46] <whalesalad> Hey guys, where is the default logrotate crontab stuff? I can't seem to find it anywhere
[06:47] <twb> whalesalad: /etc/cron.d/logrotate?
[06:48] <whalesalad> Not in there =/
[06:48] <whalesalad> oh hai btw, heh
[06:48] <twb> $ apt-file show logrotate | grep cron
[06:48] <twb> logrotate: /etc/cron.daily/logrotate
[06:48] <whalesalad> Running 8.10
[06:49] <whalesalad> apt-file command not found
[06:51] <twb> Plonk.
[06:52] <Shazburg> whalesalad: /etc/cron.daily/logrotate ?
[06:53] <whalesalad> nope
[06:53] <Shazburg> Doh, just realized that's what twb put
[06:53] <whalesalad> 'tis nowhere to be found =/
[06:53] <Shazburg> I looked up the package files on the site.
[06:54] <twb> whalesalad: your installation is damaged, then
[06:54] <whalesalad> twb: any idea on how to fix things?
[06:54] <Shazburg> whalesalad: agreed. It should be there: http://packages.ubuntu.com/hardy/i386/logrotate/filelist
[06:55] <whalesalad> I'm an idiot. I didn't realize you needed to install logrotate. It's installed now,and the files exist. Sorry to bug guys, thanks for the help
[06:57] <Shazburg> whalesalad: Between you and me, I'll take that kind of problem over a real one any day.
[07:07] <ball> I should probably try Ubuntu Server on this box
[08:23] <Anirban> When I am trying to install ufw by "sudo apt-get install ufw" having following error : http://pastebin.ca/1494428
[08:25] <_ruben> could try sudo apt-get install -f .. to clean up any issues with apt
[09:39] <sandstrom> I have a VPS where one process (in some circumstances) uses too much memory and gets killed (SIG TERM) by Virtuozzo. Is there a way to remedy this, eg. by setting a cap on memory on my machine, or on separate processes? http://maxgarrick.com/understanding-openvz-resource-limits/#comments
[09:52] <henkjan_> sandstrom: man limits.conf
[09:55] <sandstrom> henkjan_: thanks! is data (maximum data size), memlock (maximum locked-in-memory address space) or as (address space limit) the memory limit?
[11:38] <Bilge> Doesn't Ubuntu ship with some tools to make automatic rotation of a series of files easier?
[11:38] <Bilge> Such as a rolling backup by keeping only the last n number of days
[11:38] <Bilge> I know it has something like this for log files, but I don't know if it is general enough to use for any series of files, or what it was called
[11:40] <alexm> Bilge: logrotate can be used for that
[11:40] <Bilge> Ah yes that was it
[11:41] <alexm> but maybe rdiff-backup etc. are better for the job
[12:02] <Bilge> I wrote my own incremental backup
[12:02] <Bilge> Using `find`
[12:02] <Bilge> In bash script
[12:06] <alexm> using your own tools has some pros (it can be fun and you learn a lot) but the cons are worth considering too (i.e. maintainability)
[12:07] <Bilge> Only weakness at the moment is that if you include some new files at a later stage, the same date/time tests are applied to them and unless they were created on the same day they were added to the backup list, they won't be included
[12:07] <Bilge> If that makes any sense
[12:08] <Bilge> So it needs to scan all of the backups for a given period to determine if they have been backed up before or not
[12:08] <Bilge> I see rdiff-backup does have an include/exclude system, but I can't see how to define an increment period
[12:09] <Bilge> In my script I take a snapshot on the first of every month and subsequently perform incremental backups for the rest of that month only
[12:09] <Bilge> My script also supports simulated runs and other handy features :)
[12:10] <Bilge> But the real reason I wrote it is because I didn't research existing tools beforehand
[12:14] <alexm> there's plenty of backup tools, using your own is fine as long as you're happy with it
[12:16] <Bilge> rdiff doesn't seem to compress backups either
[12:16] <Bilge> All mine are .tar.bz2'd
[12:16] <Bilge> So I'm not regretting writing my own at this point
[12:18] <alexm> we also used our own scripts plus tar and dd with DAT tapes at work, then omniback with DLT, then legato with LTO2 and now we use bacula with LTO3
[12:18] <Bilge> Also, even though I can specify directories to include/exclude, my script also accepts a list of specific files piped to stdin, so I can build a complex search list using the full power of `find` with it
[12:18] <alexm> Bilge: maybe you should package it and make it publicly available ;)
[12:19] <alexm> what works for you may work for others too
[12:19] <Bilge> It is pretty good :3
[12:19] <Bilge> But it's not totally configurable
[12:19] <Bilge> For example you cannot redefine the snapshot period, it's fixed at one month at the moment
[12:27] <Bilge> You're obviously working for a pretty big company if you can afford to do tape backups and have resources to spare on revamping your backup strategy so often
[12:51] <alexm> Bilge: i'm working at a big university department and the revamping usually happens when tapes become too small to fit all the users data
[13:43]  * jmartelatpapirux is back (gone 02:25:39)
[13:46]  * jmartelatpapirux has a doubt.
[13:51] <jmartelatpapirux> Are the script-kiddies a serious problem?
[15:09] <forces> hi
[15:12] <forces> hello?
[15:15] <sommer> yo
[15:48] <anirban>  anybody plz look after my problem plz plz .  error code : http://pastebin.ca/1494728
[16:05] <ttx> slight overrun of the TB meeting... Team meeting in #ubuntu-meeting starting in a few minutes.
[16:10] <acalvo> Hi!
[16:11] <acalvo> I've a bunch of computers and printers, and I'd like to manage them using some kind of GUI or WEBUI. I've trying to find any solution that stores all this information under a PDC, but without much success. Does anybody know something that might help? Thanks
[16:25] <alexm> acalvo: what do you mean by managing? keeping an inventory?
[16:34] <acalvo> alexm, sort of, being able to see some relevant information, such as IP, MAC address, etc... and apply configuration per IP or per MAC
[16:34] <alexm> ok, i see
[16:35] <alexm> there are a few solutions out there whose name i don't remember right now, give me a few minutes
[16:35] <acalvo> ok, thank you so much
[16:37] <alexm> aptitude search inventory gave me ocsinventory-server
[16:37] <acalvo> mmm ok, I've used that
[16:37] <acalvo> but I need to deploy an agent on every computer
[16:37] <acalvo> I thought something more automated, and maybe integrated with LDAP
[16:37] <acalvo> register a computer/printer, make its attributes, fill them and so on
[16:38] <acalvo> using a DHCP server, for example
[16:42] <alexm> acalvo: i found glpi but i'm afraid isn't doing all you'd like to
[16:43] <acalvo> are you doing a research thru all ubuntu's repository?
[16:43] <alexm> maybe even less than ocsinventory
[16:43] <acalvo> don't worry then, I was hoping that somebody had had the same problem as I do and found a solution
[16:43] <acalvo> I'll try again with ocsinventory!!
[16:43] <alexm> i'm looking package.ubuntu.com/ocsinventory-server related packages and also in packages.debian.org
[16:43] <acalvo> thank you very much!!!
[16:44] <alexm> there was something else, if i remember or find it i'll let you know
[16:44] <acalvo> thank you!
[16:51] <alexm> acalvo: i found quite a few entries in sourceforge.net... select systems administration category and then search for inventory
[16:52] <alexm> the one i had in mind before is freenac (now opennac, i think): http://freenac.net/ and https://sourceforge.net/projects/opennac/
[16:53] <alexm> we use openvmps at work to access control to our ciscos, and this one seems a good candidate to upgrade our current network database
[16:57] <resno> I just installed Nagios from source and it looks awesome. Is it better to do that or to use the Ubuntu Nagios2 package?
[16:58] <ttx> resno: it's better to use Ubuntu nagios3 package.
[16:58] <ttx> (depending on the Ubuntu version you run, of course)
[16:58] <alexm> nagios3 is available since intrepid
[16:59] <resno> I see thanks.
[17:06] <J_5> Anyone have a good link for a "how to" on installing nagios on Ubuntu 9.04?
[17:08] <Jeeves_> 'apt-get install nagios3'
[17:08] <Jeeves_> 'cd /etc/nagios3'
[17:08] <Jeeves_> Edit away :)
[17:08] <J_5> That's all there is too it?
[17:09] <Jeeves_> jups
[17:09] <Jeeves_> there might be some extra packages
[17:09] <J_5> hmm, ok :)
[17:09] <Jeeves_> 'apt-cache search nagios'
[17:09] <Jeeves_> You may find other interesting packages
[17:09] <J_5> I need apache and php also, right?
[17:10] <Jeeves_> nagios-snmp-plugins, nagios-plugins*
[17:10] <Jeeves_> apache yes, php no
[17:10] <Jeeves_> but if thats needed, the package will take it along
[17:13] <J_5> Hmm, ok thanks. Looks like I have my afternoon project
[17:13] <dayo> which command-line mail tool to u use, for automated mails from your server services, e.g. your proxy sending a mail to you.
[17:17] <alexm> J_5: nagios and munin are documented on karmic serverguide
[17:18] <alexm> you can get the latest version with bzr branch lp:ubuntu-docs
[17:18] <alexm> let me know if you need help building the html files
[17:19] <ejat> how about nagiosql ?anyone try to package it ?
[17:27] <J_5> how to do I see what "security update" my box needs before I install them?
[17:28] <alexm> J_5: you mean which version is going to be installed?
[17:28] <J_5> Yes
[17:28] <alexm> apt-cache policy nagios3
[17:47] <Pirate_Hunter> anyone here familiar with ispconfig or knows where i can get help with it?
[17:49] <Pirate_Hunter> anyone here familiar with ispconfig or knows where i can get help with it?
[17:49] <shivek> is the command  "sudo dkvg reconfig ddclient"  correct ?
[17:52] <Pirate_Hunter> dpkg
[17:52] <Pirate_Hunter> the rest i aint too sure
[17:52] <Pirate_Hunter> isnt it dhclient?
[17:52] <resno> Pirate_Hunter: I remember finding a link on linux forums. Its a few years old at this point. Try googling it.
[17:53] <Pirate_Hunter> resno, link about what, my problem and a few year old, how few?
[17:54] <resno> Pirate_Hunter: Let me see if I can pull it up.
[17:55] <Pirate_Hunter> resno, my problem is that i have compiled it succesfully but get connection refused in browser its the second time
[17:55] <shivek> pirate-hunter: let me check
[17:56] <resno> Pirate_Hunter: oh, I thought you were asking a question about getting it installed and configured.
[17:57] <Pirate_Hunter> resno, sorry shouldve stated that from the begining but would you be able to help i dont know what is the problem
[17:57] <resno> Pirate_Hunter: might it be a firewall issue?
[17:57] <Pirate_Hunter> resno, clean install no firewall on not even ufw
[17:57] <Pirate_Hunter> not yet anyway
[17:58] <resno> is the server running?
[17:58] <resno> i mean, ispconfig server running
[17:58] <resno> try running /etc/init.d/ispconfig_server start
[17:59] <Pirate_Hunter> 8.04 follwed the tut from here (http://www.howtoforge.com/perfect-server-ubuntu8.04-lts-p7) and the homesite (http://www.ispconfig.org/manual_installation.htm)
[17:59] <resno> Pirate_Hunter: which version of ispconfig are you running?
[18:00] <shivek> I have converted my pc into a web server. Now how to add files and all ?
[18:00] <Pirate_Hunter> ispc 2
[18:00] <shivek> Pirate_Hunter: Is it for me (shivek)
[18:01] <Pirate_Hunter> nope my last post was for resno
[18:01] <shivek> OK
[18:02] <Pirate_Hunter> resno, any idea?
[18:02] <resno> Pirate_Hunter: the guide says its for 3
[18:03] <resno> shivek: scp-secure copy paste or ftp
[18:03] <Pirate_Hunter> there is for 2 & 3 you have to find the right one
[18:04] <shivek> resno : It isn't ftp. But I don't know about scp.
[18:05] <resno> You are asking how to add files. there are two methods- ftp or scp. SCP you need to install on your server.
[18:05] <shivek> resno: I meant webpages.
[18:06] <shivek> Not files
[18:06] <shivek> "F
[18:07] <Pirate_Hunter>  my problem is that i have compiled ispconfig succesfully but get connection refused in browser its the second time can someone help me sort this out
[18:08] <shivek> pirate_hunter:  I don't know about your problem but can you tell me how to upload webpages on my website.
[18:09] <shivek> I meant server
[18:10] <Pirate_Hunter> if you done it right like resno stated ftp or scp you really should investigate how to do so online specially how the server works, your one to say the least
[18:19] <resno> Pirate_Hunter: are you still having problems?
[18:20] <Pirate_Hunter> resno, yup no clue how to identify the problem syslog gives me nothing
[18:20] <resno> Pirate_Hunter: did you try post 81
[18:20] <Pirate_Hunter> resno, is that a command?
[18:21] <resno> Pirate_Hunter: No, my mistake. when you access it in your browser, what port are you using?
[18:21] <Pirate_Hunter> resno, 81 just like the default
[18:22] <resno> Pirate_Hunter: issue this command in terminal iptables -L
[18:23] <resno> paste the output here: http://dpaste.com/
[18:24] <Pirate_Hunter> resno, http://dpaste.com/67087/
[18:25] <resno> is that the complete file?
[18:25] <Pirate_Hunter> resno, yup that is all youll get
[18:27] <resno> Try issuing this command: /etc/init.d/ispconfig_server start
[18:29] <Pirate_Hunter> /root/ispconfig/httpd/bin/apachectl startssl: httpd (pid 4961) already running
[18:29] <Pirate_Hunter> its already running on the system yet I cant login or even access the page
[18:30] <Pirate_Hunter> resno, i can post my syslog maybe it will make more senser
[18:30] <Pirate_Hunter> to you
[18:31] <resno> Post it on dpaste.com, I am no expert.
[18:32] <resno> You are using the 8.04 server and not 9.04 right?
[18:33] <Pirate_Hunter> resno, lol yup 8.04
[18:33] <Pirate_Hunter> resno, http://pastebin.com/f23677da0
[18:36] <Pirate_Hunter> resno, not sure of what to make of this xubuntu-server /USR/SBIN/CRON[7442]: (root) CMD (/root/ispconfig/php/php /root/ispconfig/scripts/shell/check_services.php &> /dev/null), why would it be null
[18:37] <resno> is this on an internal network? behind a router?
[18:38] <Pirate_Hunter> resno, its one of my  box connected through a hub to the router, why you ask?
[18:39] <resno> Pirate_Hunter: Is its IP 192.168.1.80?
[18:39] <Pirate_Hunter> resno, yup
[18:39] <Pirate_Hunter> resno, didnt think syslog would divulge that
[18:39] <resno> Pirate_Hunter: surprise, surprise. line 4005
[18:40] <resno> Pirate_Hunter: try 192.168.1.80:53
[18:40] <Pirate_Hunter> resno, ahhhhhh still can you figure anything out why its being blocked
[18:41] <Pirate_Hunter> awwww*
[18:41] <resno> did the address above work?
[18:43] <Pirate_Hunter> resno, oh ddint check one sec
[18:44] <thierry> hi, can anyone point me some ressource to setup apache2 to the right userdir?
[18:45] <Pirate_Hunter> resno, no msg - access denied to port 53 of .... the address us a network port which is normally used for purposes other than web browsing. The request has been cancelled for your protection
[18:45] <Pirate_Hunter> resno, yah the system has ports which are closed but i need the ispc port to work
[18:45] <resno> Pirate_Hunter: not sure, where to go..
[18:46] <resno> i didnt see the port running on file, so i guessed at trying that one
[18:46] <Pirate_Hunter> resno, awww :'( apparently this was supposed to be easy to follow giving me more of a headache and they dont even have an irc :/
[18:47] <resno> Pirate_Hunter: only suggestion i have is to uninstall and reinstall
[18:48] <Pirate_Hunter> resno, oh for fudge sake there irc is on invite only i mean wat de fudge
[18:48] <Pirate_Hunter> resno, this si the second time installing it while following there guides
[18:49] <firecrotch> Pirate_Hunter: Still having troubles with ISPConfig?
[18:50] <Pirate_Hunter> firecrotch, yup cant make tails out of the thing why would it refuse the connection when it installed properly
[18:51] <firecrotch> I probably asked this last time, but did you try accessing the page locally?
[18:52] <cemc> hi. where can i change the number of minute a sudo password is remembered?
[18:52] <cemc> number of minutes*
[18:53] <Pirate_Hunter> firecrotch, how would i access locally you mean on the actual box than yes its the second install also ive changed from https to http
[18:54] <firecrotch> Pirate_Hunter: From a browser on the machine running ISPConfig
[18:55] <Pirate_Hunter> firecrotch, i did that is were i try to access it from and the connection is refused and i ahve no clue why, havent found a log for ispc yet which can actually help
[18:56] <firecrotch> ah alright
[18:59] <Pirate_Hunter> firecrotch, any ideas their irc is invite only so i wont be gaining access any time soon
[19:00] <firecrotch> Pirate_Hunter: Firewall on the machine blocking the connection?
[19:00] <Pirate_Hunter> firecrotch, covered that and no clean install no firewall currently running
[19:02] <Pirate_Hunter> firecrotch, would my router be blocking the connection would i need to do anything to it?
[19:03] <firecrotch> Pirate_Hunter:  Router shouldn't be involved at all if you're accessing it from the same machine
[19:03] <resno> Pirate_Hunter: if you are accessing it from within the same network that wouldnt be ap roblem
[19:03] <resno> firecrotch: how would open a browser on a server?
[19:03] <firecrotch> resno:  Some people install a GUI on their servers.  Or links
[19:04] <resno> firecrotch: ah, i see.
[19:04] <Pirate_Hunter> resno, default install of icwm and epiphany-browser nothing else for me keep it simple and no gdm etc
[19:05] <Pirate_Hunter> firecrotch, i use w3m no point installing extra packages still geting used to it
[19:05] <firecrotch> Ubuntu Server needs a nice default GUI with similar tools to what Windows SBS has
[19:05] <resno> firecrotch: ive actually always liked not having a gui...
[19:06] <firecrotch> resno: I like it too, but it would make it easier to replace windows with ubuntu-server for a lot of sysadmins
[19:07] <bogeyd6> i dont think it would
[19:07] <bogeyd6> windows server active directory
[19:08] <firecrotch> what about AD?
[19:08] <bogeyd6> wrong windows boys, soz
[19:08] <firecrotch> ah lol
[19:08] <Pirate_Hunter> no one here can help me?
[19:11] <bogeyd6> Pirate_Hunter, what is the question?
[19:14] <Pirate_Hunter> bogeyd6, ispconfig wont connect through on port 81 as connection is being refused
[19:14] <bogeyd6> it probably is being refused
[19:14] <bogeyd6> you opened up the firewall ?
[19:17] <bogeyd6> Pirate_Hunter, "/etc/init.d/ispconfig_server start"    and then a "netstat -tap"
[19:17] <Pirate_Hunter> no firewall running at the moment, cant go into their irc cause its invite only, no logs stating the problem, compiled correctly but browser feature wont work
[19:18] <Pirate_Hunter> bogeyd6, http://pastebin.com/f7ae9d127
[19:20] <bogeyd6> lemme finish up a windows-server guy
[19:29] <bogeyd6> another exchange problem solved
[19:31] <bogeyd6> Pirate_Hunter, how do you have your ispconfig logging configured
[19:32] <Pirate_Hunter> bogeyd6, there is no such thing at least not one that i read while installing it
[19:32] <Pirate_Hunter> bogeyd6, if there is its being logged somewhere that i dont know
[19:32] <bogeyd6> oh ok good
[19:33] <bogeyd6> do you use root or sudo?
[19:35] <bogeyd6> Pirate_Hunter, do you use root or sudo
[19:35] <bogeyd6> Pirate_Hunter, ispconfig logs are usually in /var/log
[19:35] <bogeyd6> Pirate_Hunter, you need to tail the apache error log or the ispconfig log while you are trying to connect to figure out the problem
[19:35] <bogeyd6> anyways, im outta here for the day. got a business trip schedule to put together
[19:36] <Pirate_Hunter> ok
[19:36] <bogeyd6> also
[19:36] <bogeyd6> Pirate_Hunter, There are logs in /home/admispconfig/ispconfig.log, the webserver log is under /root/ispconfig
[19:36] <bogeyd6> good luck
[19:36] <Pirate_Hunter> thanks
[19:36] <bogeyd6> Pirate_Hunter, known working instructions to install from scratch at http://www.ispconfig.org/docs/INSTALL_UBUNTU_8.04.txt
[19:37] <bogeyd6> works on 8.04.1 also
[19:37] <bogeyd6> does not work on 9
[19:38] <Pirate_Hunter> bogeyd6, ive been using this tut http://www.howtoforge.com/perfect-server-ubuntu8.04-lts-p7 and the installl manual from the home site if it still doesnt work im thinking w**
[19:40] <sivel> hey guys.  I noticed a blog post about creating a PHP PPA.  Has one been created yet?
[19:40] <sivel> looking for PHP 5.3 packages to test an applications compatibility
[19:40] <bogeyd6> Pirate_Hunter, those howto forge tutorials are notorious for having problems, especially with the customization they do
[19:40] <balloooza> sivel: hi again\
[19:41] <sivel> balloooza: hey ;)
[19:41] <sivel> BTW, this is the post I was referring to http://ubuntuserver.wordpress.com/2009/07/09/server-team-20090707-meeting-minutes/
[19:41] <sivel> trying to install in jaunty btw
[19:41] <Pirate_Hunter> bogeyd6, yup it seems so might unninstall and do it again but not today considering how long it has taken to put this up
[19:42] <balloooza> sivel: I guess php5.3 has been out for years, so there seems to be little rush to change (I am allways one for the latest and greatest, and somthing that has been out for years, and is not int eh latest repositorys is certainly wierd)
[19:43] <sivel> balloooza: it was actually just released not long ago
[19:43] <sivel> June 30, 2009
[19:43] <sivel> about 2 weeks ago
[19:50] <balloooza> sivel: wow, I did not realize that, I thought had not released anything for years (like the last thing was almoest 2 years ago) two weeks is short for somthing, I would wait for 10.04 ubuntu server, I only use LTS for server
[19:50] <balloooza> 10.04 will likely have php 5.3, probobly not karmic, but you never know
[19:51] <sivel> according to the meeting from last week it will likely be added to karmic
[19:51] <sivel> "It was decided to push 5.3 into a PPA to get wider testing from the Ubuntu community. Once the suhosin patch is ported to 5.3 and enabled in the build 5.3 can be uploaded to karmic."
[19:53] <balloooza> Great, karmic is  coming soon (compared to 10.04) Sorry for the incorrect information, I have not read any server news lately, I just use what ubuntu has, and do not realy care what version is in the .* place, but 5.2 >5.3 seems like many new features
[21:04] <Tumie> hi, i'm using apache2 , and i want to enable mod_rewrite,, but i've no idea, how i need to do that,
[21:04] <Bilge> On, the plus side, at least you have mastered, commas
[21:05] <Tumie> i'm using too much, i know..
[21:05] <Bilge> sudo a2enmod rewrite
[21:06] <Tumie> thanks
[21:20] <KillMeNow> Tumie, make sure you read up on creating the rewrite rules with the VIrtual Host block
[21:31] <rsr> hello
[21:37] <zetanuxi> is there a GUI for 9.04, or is it all command line?
[21:37] <rsr> how can I see what time cron executes its daily scripts?
[21:37] <rsr> zetanuxi: If you want a gui you have to install ubuntu-desktop
[21:37] <rsr> default install has no gui
[21:38] <zetanuxi> rsr: is that an aptitude install? or do i have to build the server from the desktop version?
[21:38] <rsr> its an aptitude install
[21:38] <rsr> althoug I use apt-get
[21:39] <zetanuxi> rsr: thank you! thats a huge help.
[21:39] <rsr> np