[00:00] In addition, the community spirit within Ubuntu is more inclusive. I found in the past that unless you're a Debian developer it's hard to get your feedback taken seriously. Within Ubuntu the entry point is much more accessible. I'm a full time software developer, but I cannot devote all my time to Ubuntu, but what little time I have is used and appreciated. [00:01] There are technical arguments as well, but they come under the philosophy of making Ubuntu for the people. There's quite a lot of invisible stuff that makes your job as a sys admin simpler. [00:02] > With Ubuntu, I know when it's going to happen. | really? how? [00:02] Releases happen in April and October. [00:03] Oh distro releases yes [00:03] But I can't figure out when I might get access to PHP5.3 if I just sit around waiting for it to appear in my repo [00:03] on security fixes from upstream: it may not be very obvious how this works if you aren't familiar with free software development and are just used to getting a new packaged release from somebody. As an example, this is the last security-related change I needed to backport from OpenSSH upstream: http://bazaar.launchpad.net/~vcs-imports/openssh/main/revision/5631 [00:03] Probably never [00:03] i have just installed ubuntu 9.04 server (choosing the minimal virtual server option in the installer) and discovered that my loopback device can't be pinged. http://pastebin.com/d46ecbc32 What am i missing? [00:04] disposable: Are you actually running on virtual hardware for starters? [00:04] Bilge: Not sure what you're asking. [00:05] cjwatson: my dedicated server provider slightly modifies my installation of Ubuntu and they add openssh to the list of "held back" packages so it never gets updated [00:05] owh: the machine is in virtualbox. but i don't think loopback device should be affected [00:05] Probably to avoid locking myself out through upgrading somehow [00:06] Bilge: *cough* on their head be it, unless they take care of the upgrades centrally [00:06] Bilge: pinging it with ping6 ::1 works though. but i need 127.0.0.1 [00:06] Bilge: sorry, wasn't meant for you [00:06] owh: pinging it with ping6 ::1 works though. but i need 127.0.0.1 [00:07] disposable: what's in /etc/network/interfaces? [00:07] No, it's a dedicated server so it's up to me what I do with it. There's no "central upgrade" [00:07] cjwatson: see the pastebin link [00:08] oh, yeah [00:09] Bilge: locking yourself out through upgrading would involve carelessness, of course, since upgrades of openssh-server never kill existing connections [00:09] But it would be my prerogative to check that it still worked after upgrading [00:09] yes. it's an odd thing for them to do though. [00:09] Upgrade > power cut > can't log in > now what? [00:10] (and, IMO, unwise) [00:10] I don't know how to configure held back packages [00:10] well, the choice is sometimes between that or everyone *else* can log in ... ;-) [00:10] cjwatson: and i did try adding "127.0.0.1 localhost ip4-localhost ip4-loopbac" to /etc/hosts. didn't help [00:10] s/loopbac/loopback [00:11] disposable: I wouldn't expect /etc/hosts to matter; this is below the level of name service [00:11] disposable: the question is why there isn't a "inet addr:127.0.0.1 Mask:255.0.0.0" line in ifconfig output under lo [00:12] I confess to being weirded out though. It *looks* fine, though at after midnight local time I'm probably not awake enough to see the problem ... [00:13] :) same here [00:13] Bilge: 'apt-get install openssh-server' will disregard holds, if you decide to do that [00:13] or use a full-screen package manager such as aptitude [00:24] aptitiude obeys hold backs [00:24] Also I just assumed that my provider configured the hold backs but I can't find any information about being able to configure that [00:27] Bilge: why don't you just ask them (what, why, how)? [00:28] Because they're assholes [00:30] Bilge: go elsewhere. is that an option? [00:31] They have the best prices [00:31] By far [00:31] But they're also a foreign company who employ support staff from a different foreign country [00:31] If I don't have to deal with them then everything is perfect [00:32] $ uptime [00:32] up 388 days [00:33] The only time its been rebooted was when I was testing to see if my services came back up automatically [00:34] (since I wrote a number of custom init.d scripts to go with my self compiled software) [00:34] it's a very bad idea to compile stuff on Ubuntu [00:36] i'm trying to run apache with upstart but it immediately daemonizes [00:36] thoughts? [00:39] Bilge: it could of course be that apt is holding it back for its own reasons (unsatisfiable dependencies?) [00:40] it's a very bad idea to compile stuff on Ubuntu | what! [00:40] apt-get install would hopefully give you ome hint as to why [00:40] some [00:40] pmatulis: uh, I echo Bilge's "what?" [00:41] pmatulis: hope you're not saying that Ubuntu is no good for developers! :-) [00:41] It wasn't a "what?", it was a "what!"! [00:41] let me refine that statement into what I think might make more sense [00:41] I think I know where he's going [00:42] Another naysayer of anyone who doesn't use packages [00:42] it's usually not a good idea to compile things for yourself and then install them over the top of system-managed software [00:42] The way God intended [00:42] *however* [00:42] there's nothing wrong with building things yourself and sticking them in your home directory, or carefully managed in /usr/local or /opt [00:42] I'm not installing anything over the top of anything [00:42] that's what /usr/local and /opt are for [00:42] All my stuff goes into /usr/local [00:43] I don't mess around trying to compile anything heavy like apache or PHP [00:43] right, and although there are a few gotchas that's usually fine [00:43] k, you guys know what i meant [00:43] (radically different /usr/local/bin/perl can cause problems - some care needed) [00:43] But I have compiled an FTP server since the Ubuntu implementation was diabolical [00:43] there are lots of FTP servers in Ubuntu [00:43] You actually had to put each setting in a separate file [00:44] It made absolutely no sense [00:44] vsftpd is popular among competent admins I know [00:44] And the old version didn't support TLS encryption either [00:44] I decided to go with pureftpd because it seemed pretty simple [00:44] I also filed a bug about the terrible implementation [00:45] Which was acknowledged and then swept under the run with the rest of them [00:45] rug* [00:45] Bilge: Mind taking that chip off your shoulder there? [00:46] Seems they've all disappeared now as well [00:46] The only one left is the one I reported today [00:47] Launchpad didn't get its big tracker reset at some point did it [00:47] bug* [00:47] no. [00:47] There's no option to adjust time scale so I don't know what happened to them all [00:47] so it doesn't suck? [00:48] you can look for all bugs you've reported, and there's an advanced search with which you can search for all bug statuses [00:48] https://bugs.launchpad.net/people/+me/+reportedbugs [00:49] -> advanced search, check all the boxes under Status:, press Search [00:49] oh and possibly also uncheck "Hide duplicate bugs" [00:50] I can't figure this out at all [00:50] I get different lists of bugs "related to me" depending on what page I was on beforehand [00:50] If I go to my profile, I just see the one from today [00:50] If I navigate to Ubuntu project first, I can see my old ones [00:50] Instead of, but not as well as [00:51] I don't know about related-to but /people/+me/+reportedbugs should be pretty deterministic. (for detailed help on LP, though, #launchpad.) [00:51] The URL is slightly different. One is referencing my user name and the other my e-mail address, and it lists different bugs for each [00:52] Launchpad URLs never contain your e-mail address, as far as I can remember. That sounds as if you may accidentally have two Launchpad accounts? [00:52] (though I'm not sure how that would happen without your noticing.) [00:53] It sounds like that to me also. [00:54] Yeah there's two [00:54] you can merge them if you want [00:54] I would want [00:54] One less mystery for the day :) [00:54] They were created one month apart with the same user name [00:54] I guess user names aren't unique [00:54] s/same/similar/ [00:54] Launchpad user names are unique [00:55] I see ~bbilge ... What's your other one? [00:55] https://launchpad.net/~corporate-scriptfusion [00:55] as in, when you visit launchpad.net/people/+me, it redirects to (in my case) launchpad.net/~cjwatson - the 'cjwatson' bit is the Launchpad user name [00:55] https://launchpad.net/~bbilge [00:55] Those definitely look like very different usernames to me... [00:56] https://help.launchpad.net/YourAccount/Merging [00:56] Bilge: Don't confuse username with real name. Real names aren't unique. Your username is what's in the URL. [00:56] I figured from what you just said [00:57] Does it matter which one I merge with which [00:57] no, your choice [00:57] Nope. Keep the one you prefer the username to. :) [00:57] pick the one you want to keep, request a merge of the other [00:57] (Or create a whole new account, and merge both to it) [00:58] It matters if you have things like PPAs, I suppose, where URLs break when merged accounts go AWOL. [00:58] But that doesn't look to be an issue for you. [00:59] This system really does drive me mental [00:59] I can't actually log into the other account because the log-in firm is just a button for OpenID which logs me into the wrong account automatically [00:59] form* [00:59] Even if you do a forced logout? [01:00] Yes [01:00] I just did a cookie smash which fixed it though [01:00] Weird. Logging out here deleted the cookie correctly. [01:01] It was bouncing back and forth between some subdomains which probably screwed it up [01:02] Probably only fails when looking at help [01:02] If you can reproduce it, I'm sure the LP devs would love a bug on it. [01:02] And hey, if they don't love the bug, too bad. ;) === Pici` is now known as Pici === s_markow_ is now known as s_markow [05:22] anyone here aware of a decent auth log analyzer? like webalizer for access logs? === Shaz is now known as Shazburg [06:15] Any reason a lot of *.deb files are broken on the installer? I've burned a couple copies of the iso... :/ [06:27] jerrcs: define `broken'. [06:31] twb: well, I don't know. it fails to retrieve several of the *.deb files.. [06:31] I was hoping it could fallback to retrieving them from a local mirror [06:31] but I don't know how to select that in the installer. [06:31] jerrcs: fails to retrieve them from where? [06:32] What makes you think it's retrieving them from the CD (as opposed to via the network)? [06:32] from the cdrom. [06:32] twb: because I downloaded 577mb of pure iso goodness.. I don't think it would download more packages from the internet when they are already on the cdrom. [06:33] jerrcs: that is not a valid assumption. [06:33] I don't think you understand. It's all good, I found installer components. [06:34] For a single release and architecture, the complete set of all packages is perhaps 5GiB. [06:34] yes. I know that [06:34] and [06:34] I'm talking about core instal lcomponents [06:34] What is the error you see onscreen? [06:35] your basics.. libc6, openssh, stuff like that. I'm seeing corrupt .deb files.. "debootstrap warning... warning: file:///cdrom/pool/main/g/gnupg/gnublahblah.deb was corrupt" [06:35] and it's pretty much like that for all of the packages. [06:35] I see. [06:35] Have you checksummed the burnt CD and compared it to the downloaded .iso, and to the .asc file included with the upstream .iso? [06:36] yes. [06:36] And were they all identical? [06:36] I don't think I'd burn the CD otherwise. [06:37] You can't know the checksum of the CD before you burn it. [06:42] Why doesnt this work? # ufw allow from port 5678/tcp to port 5690/tcp [06:42] Isnt it the correct syntax? [07:05] I have installed Virtualmin 3.703.gpl module in my Webmin 1.480 panel of my Ubuntu 9.04 HyperVM VPS . Now I have added 1 domain named web2dziner.com using Virtualmin virtual hosts. The problem is when I type http://web2dziner.com (wrong Apache default page ) and http://www.web2dziner.com (the desired page) , it goes to two different webpages. I haven't done any modifications as such directly to the Apache. How to fix it ? [07:14] oh_noes: why do you want to set the source port? [07:15] anirban: webmin isn't supported on Ubuntu AFAIK. [07:15] twb: I'm trying to say, ANY IP address, ALLOW from source port x to source port y [07:15] save me typing 50 lines of "ufw allow x/tcp" [07:16] oh_noes: erm, you can't send a packet *to* a source port. That doesn't make sense. [07:16] so im not trying to send it to a source port [07:16] oh_noes: packets come *from* a source port, and go *to* a destination port. [07:16] I'm trying to say where the destination port is a range [07:16] Oh, I see, you want a port RANGE. [07:17] Yep, and i cant figure out how to tell ufw that [07:17] I don't know if ufw(8) can express that, but in the underlying iptables-restore syntax it's -m multiport --dports 5678:5690 [07:17] Assuming you want to match destination ports, rather than source ports. [07:19] For example, -A INPUT -p udp -m multiport --dports 53,67:69,123 -j ACCEPT [07:19] thanks, yeah not using iptables, because i only need a simple host based single NIC firewall [07:19] i was hoping to express it in a single command [07:19] I think "ufw from port N to port M" means -s N -d M, not --dports N:M [07:20] i.e. the ufw(8) wrapper does not allow you to use --dports [07:20] twb: ok thanks for the clarify, I'll use a quick for i in then [07:20] You can still express it as a single command if you ignore ufw and use the mess of shit in /var/lib/ufw or /usr/share/ufw [07:21] But that may be beyond your capability. [07:22] well not capability, anything is possible [07:22] but beyond what i wish to perform to a server to keep it in a known supported state [07:22] Right === Shaz is now known as Shazburg [08:01] hi [08:01] does anyone know how to get a list of used UIDs? [08:03] awk -F':' '{print $3}' /etc/passwd [08:03] list of UIDs related to users [08:08] but there could very well be files with other UIDs in the filesystem [08:27] pirx: since I've a LDAP backend, they should be there [08:27] but trying to create a new user, it tells me that the UID is in use [09:32] anyone here use XFS? [09:33] what is the kqemu-common pkg used for? [13:36] hi all [13:36] Anyone know how I set Umask in proftpd for a specific user create dirs/files with perm rw for owner and group ? I'm doing this http://dpaste.com/68192/ but not works [13:39] anyone? [14:11] New bug: #400660 in samba (main) "[hardy]Unable to break ACL inheritance Windows ACL editor" [Undecided,New] https://launchpad.net/bugs/400660 [14:16] hey, just wondering if anyone plans to package tac_plus-4.5b5-5.tgz and webui-1.5b3.tgz for tacacs? Or is there some licence restriction? It appears to be open sourced and supercedes the old unmaintained 4.0.4 build which was discontinued a coupled of ubuntu releases ago. [14:17] new version of tacacs can be found here... http://www.networkforums.net/ [14:23] you might have to register to download... here's the direct link: http://www.networkforums.net/?q=system/files/tac_plus-4.5b5-5.tgz === erichammond1 is now known as erichammond === nxvl_ is now known as nxvl [14:52] ScottK: hey, any ideas on above? I looked over the code. it's all gpl. [14:53] except the RSA MD4/5 bit (which seems ok) [14:54] rgreening: What's the licensed on the RSA stuff and can it be linked against GPL code? [14:54] ScottK: http://paste.ubuntu.com/220536/ [14:55] ScottK: I believe this was part of the original tac_plus package (which is unmaintained). The rest was re-written in C++ from the ground up. [14:56] Oh, and ScottK, here is a bit a little further down same file: http://paste.ubuntu.com/220538/ [14:57] looks ok to me... [14:59] I'd have to go seriously think about why the 4 clause BSD license with the advertising clause is GPL incompatible to know for sure, but I think so. [15:00] ScottK: I'm pretty sure this was in the prev tac_plus package we had a couple of releases ago [15:00] 4.0.4 [15:00] yep. just checked. was the same licence then [15:02] OK [15:02] ScottK: So, I can package and possibly upload? [15:03] I don't see why not. [15:03] I assume this would go universe initially and we could request to promote to main later [15:03] or should we try for main in karmic right away? [15:03] All new uploads land in Universe. [15:03] Get it there, then there can be a conversation. [15:04] "rgreening wouldn't be allowed to break it anymore" probably won't do it. [15:04] haha [15:05] hmm.. if it stays in universe, I get to maintain it. [15:05] if it moves, i wouldn't.. though main would be nice.. i guess [15:05] :) [15:05] ok, let me package it... [15:20] I'm having problems getting if-up to work at boot. Everywhere that I've posted/asked so far, the only answer I've gotten is 'strange, that should work' [15:20] Morning Everyone! [15:20] Morning Steve! [15:20] :-p [15:27] Hi everyone ^^D [15:28] HI [15:28] Can someone please expand upon what "if-up.d/mountnfs [device__]: lock /var/run/network/mountnfs exist, not mounting" means? === jdstrand_ is now known as jdstrand [15:51] Hi, I'm looking for advice on getting ftp accounts for specific virtual hosts in ubuntu (all installed from the standard 9.04 serve repo's).... so that a virtual host in /var/www/ would have a specific FTP user for moving files around.... how would I set that up so that the user can only access that directory and not others. ? === cjwatson_ is now known as cjwatson [16:14] <_ruben> PC_Nerd101: use the chroot option of for example pure-ftpd (other ftpd's probably offer similar features) [16:19] ahh ok :) - I've got vsftpd running.... [16:19] just a sec [16:22] ok - I think I've got it working by setting up the standard user account, chrooting it in vsftpd config, and I've had to resort to 777 permissions because apache2 is running ( and reading directories) as root/daemon (I think) - its the standard $sudo aptitude install apache2 install - so is there a seperate user I should own it all as ? [17:22] !oss [17:22] Sorry, I don't know anything about oss [18:06] New bug: #400776 in openssh (main) "ssh-keyscan(1) hangs if broken server does partial handshake" [Undecided,New] https://launchpad.net/bugs/400776 [18:10] Hi guys. Having issues with pam_krb5. Can kinit and get tickets, but login gives a server not found in kerberos db. (this is after pam-auth-config). [18:37] What is the best way to use webalizer to extract stats? [19:02] Is there anyone who likes webalizer and can get info from it? [19:06] anyone here running apache httpd that can get this to work? http://httpd.apache.org/docs/2.2/mod/mod_status.html#machinereadable [19:26] resno: I use webalizer on jaunty and it works fine are you having trouble? [19:28] zoopster: i am trying to get logs deeper than whats appearing on the html pages. I need stats for a page that is not a top page. [19:32] Has anyone used the command "fileinclude" with webalizer? [19:40] why is it that when I "ping host", it always thinks for a couple of seconds between each ping? there's no loss, no lag, it just tries to resolve something I think. it's Jaunty. any ideas? [19:51] mine does the same thing cemc [19:51] it didn't do it before I upgraded to Jaunty [19:54] in fact I've noticed that some services are slower to respond [19:58] KillMeNow: exactly. On Intrepid it was all fine. [20:03] Has anyone had any luck extracting access logs for webalizer? [20:04] resno: the only way I can see to do that is log that specific page since webalizer really is just parsing logs for information I can see hits to specific pages in webalizer, so I'm not sure what else you are expecting [20:04] zoopster: I am expecting a miracle. :) If the stats arent there on the html page, are they any where else? [20:05] resno: my setup has each virtual host using a separate log and webalizer parses each log and puts the stats in a separate directory for each host [20:05] so webalizer is only a parser for data logs? [20:05] resno: doubt it...you may want to look at something like analog which is a really configurable log parser [20:06] i feel stupid. where are logs kept then? [20:06] resno: heh...pretty much...it's claim to fame is the slick format it outputs [20:06] resno: and the fact that it is blazingly fast === ircd is now known as samferry [20:07] zoopster: so where can I find the logs then? [20:08] resno: /var/log/apache2 or whereever you configured it to be [20:08] ah thanks. that answers that most embarising question [20:08] resno [20:09] resno: no worries...read the conf files...tells you everything you need to know...in most cases [20:09] if you set a specific log file location in the virtual host block, it could be /var/log/apache/path to logs [20:09] but if you left it default it will be in /var/log/apache2 [20:09] what are you trying to get out of webalizer? [20:13] i was looking for stats that webalizer wasnt showing. i always thought webalizer was recording and making the stats. but now i get its on a parser. LOL === jcastro_ is now known as jcastro [20:40] where can i find the conf files for apache? [20:41] resno: /etc/apache2 [20:43] Can anyone see why apache might be ignoring this virtual host file? http://pastebin.com/fac87955 :( [20:43] (yes, it is in sites-enabled) === KillMeNow is now known as KillMeNow[A] [20:44] * KillMeNow[A] is now away - Reason : Off for a while [20:45] All of the other virtual host files work fine === RoAk is now known as RoAkSoAx [20:45] cemc: is there any reason a virutal server could have it somewhere else? i dont even see an apache folder :( [20:46] resno: what release are you on? is it apache or apache? AFAIK it's in /etc/apache2 [20:46] virtual server? [20:49] this is a dumb question. would centos put them in the same locatino? [20:50] no, centos has /etc/httpd [20:50] where can i find out what these folders mean? [20:50] or whats in them? [20:50] you look in them? :) [20:51] heh, no i mean. like etc, var, or usr [20:51] oh [20:52] http://en.wikipedia.org/wiki/Linux_Standard_Base [20:52] take a look at this, I think [20:52] http://pathname.com/fhs [20:53] many thanks. [20:53] is there such a thing as a virtual server? for instance running multiple sites from one server? [20:53] yeah, what he said [21:08] Is it possible to have multiple SPD entries in ip-sec.conf file? sepcifyig diff n/w but same tunnel?? [21:11] New bug: #400115 in dovecot (main) "package dovecot-pop3d None [modified: /var/lib/dpkg/info/dovecot-pop3d.list] failed to install/upgrade: dependency problems - leaving unconfigured" [Undecided,New] https://launchpad.net/bugs/400115 [21:23] anyone tried installing mysql 5.1 on hardy? === bc_ is now known as bc [22:06] New bug: #396202 in sqlalchemy (universe) "exception from sqlalchemy" [Undecided,New] https://launchpad.net/bugs/396202 [22:06] New bug: #400876 in openssh (main) "openssh-server honors .hushlogin but doesn't tell PAM" [Undecided,New] https://launchpad.net/bugs/400876 [22:26] is it possible to create a Terminal Server on an ubuntu machine that can all windows clients to use Remote Desktop to access computers connected to the Terminal Server. I would like to set it up so that a computer on the internet could connect to a windows client connected to the terminal server [23:00] how can I tell which drives are paired in a linux software raid 10? http://dpaste.com/68345/ [23:52] New bug: #400785 in openldap (main) "package slapd 2.4.11-0ubuntu6.1 failed to install/upgrade: " [Undecided,New] https://launchpad.net/bugs/400785