addisonj | hmm.... why would i get permission denied from apache when my entire directory is set to 766?? | 00:16 |
---|---|---|
KillMeNow | where are you getting denied? what is it saying in the log? | 00:17 |
infinity | addisonj: Surely, you mean 755? | 00:17 |
jmedina | addisonj: what about parent directory? | 00:17 |
infinity | addisonj: 766 gives no execute permission on the directory, so it can't be traversed. | 00:17 |
jmedina | execure permison on a directory? | 00:18 |
jmedina | you misunderstood directory permisons | 00:18 |
addisonj | anyone here famaliar with sugarCRM? well i am trying to install, i am getting an error that none of the config files are writeable | 00:18 |
jmedina | x means access | 00:18 |
KillMeNow | addisonj: check your file / folder permissions | 00:19 |
infinity | jmedina: ... | 00:19 |
infinity | jmedina: I really don't. | 00:19 |
addisonj | k, so yeah, i would normally want group writeable? then that should work | 00:19 |
infinity | jmedina: You can't traverse a directory without it have +x | 00:19 |
KillMeNow | depends on who owns the file | 00:19 |
infinity | s/have/having/ | 00:20 |
addisonj | atm, root, but i tried changing it to my super user and still no go | 00:20 |
addisonj | so... how do i check under what user or group apache is runnnig? could that be the problem? | 00:20 |
KillMeNow | addisonj: ls -la on the tree | 00:20 |
infinity | addisonj: You want your files 644 (or 444, or whatever), and your directories 755 (or 555, or..) | 00:21 |
infinity | addisonj: Need read on the files, and traverse on the directories. | 00:21 |
KillMeNow | addisonj is trying to install sugarCRM and the installer is trying to write to the config files | 00:21 |
KillMeNow | so infinity is right, dirs need 755 and you may need to temporarilly set 777 to the config files | 00:22 |
KillMeNow | then change them back to 644 afterwards | 00:22 |
infinity | Okay, and if you need to write config files, you need the files 666 (and the directory 777 to be able to create new files) | 00:22 |
infinity | KillMeNow: No point in having executable text files. 666 is enough. :P | 00:22 |
KillMeNow | 6 and one half the other | 00:23 |
KillMeNow | gonna change the perms back after install | 00:23 |
addisonj | so, is there a way to chmod just the directories? or do i have to do all of em? | 00:23 |
infinity | KillMeNow: Yeah, I just prefer to teach people a bit about what permissins mean, I guess. I see far too many blind "chmod -R 777 foo/" installations out there with no understanding of what it means. | 00:23 |
addisonj | this is interesting, i first installed locally and had no problems whatsoever | 00:24 |
KillMeNow | y7ea, that's why i referred to the config file, not 777 the dir | 00:24 |
KillMeNow | or all files in a tree | 00:24 |
infinity | addisonj: Your fastest route is "chmod -R ugo+rwX /path/to/dir" ... And then when you're done, "chmod -R go-w /path/to/dir" | 00:25 |
addisonj | wait, so only users should be able to write? | 00:25 |
infinity | addisonj: (That's shorthand for "user, group, other, full read, write, and X on directories", and then "group, other, remove write" | 00:26 |
infinity | addisonj: Ultimately, only the file owner should be able to write to it. And that shouldn't be apache. :P | 00:26 |
infinity | addisonj: But for now, you need apache to write to it. | 00:26 |
addisonj | k, alright, now my other weird error, for some reason, my mysql is not working starting, one sec here is error | 00:28 |
addisonj | mysqladmin: connect to server at 'localhost' failed | 00:28 |
addisonj | error: 'Can't connect to local MySQL server through socket '/var/run/mysqld/mysqld.sock' (2)' | 00:28 |
addisonj | Check that mysqld is running and that the socket: '/var/run/mysqld/mysqld.sock' exists! | 00:28 |
addisonj | and... it does not exist | 00:29 |
addisonj | so... how does one fix that? | 00:29 |
KillMeNow | what are you telling it to connect through? | 00:38 |
KillMeNow | localhost 3306? is mysqld actually running? | 00:38 |
addisonj | no and nor will it start i guess... | 00:46 |
KillMeNow | then you need to over come why that it's not starting | 00:51 |
KillMeNow | check your /var/log/mysql/mysql.log | 00:52 |
KillMeNow | also check /var/log/messages | 00:52 |
addisonj | they all seem to be empty... hmm | 00:58 |
addisonj | any messages has nothing about mysql | 01:00 |
KillMeNow | if you don't have mysql logging turned on in my.ini that would be why they're empty | 01:04 |
KillMeNow | but you should stil lget a message in /var/log/messages | 01:04 |
KillMeNow | or /var/log/syslog | 01:04 |
addisonj | blah, i just did a purge on everything mysql related, still will not start, curious though could it be an iptables problem? | 01:29 |
addisonj | nope thats not it either | 01:33 |
KillMeNow | iptables won't stop an application from starting, but apparmor can | 01:43 |
owh | On a Ubuntu 8.04 live cd I can ping local machines by their name, that is, ubuntu.local and vice-versa. What do I need to do for that to work in ubuntu-server/ubuntu-jeos? | 02:12 |
owh | Hmm, that question is written pretty badly, let me try that again :) | 02:13 |
owh | If I boot from a Live CD, I can ping other machines on the lan using hostname.local, and from those other machines, I can ping the Live CD machine with ubuntu.local. Under Jeos/Server all I get for my trouble is unknown host. What process is making this magically happen? | 02:14 |
giovani | owh: what you're referring to is called zeroconf | 02:15 |
giovani | it's an IEEE working standard | 02:15 |
giovani | ubuntu implements zeroconf with avahi | 02:15 |
owh | Cool, let me do some RTFM on that. Much appreciated giovani. | 02:17 |
giovani | owh: no problem -- it's crap, but it's becoming widely used with Windows Vista+ and OS X | 02:17 |
owh | Hmm. Bonjour style :) | 02:18 |
giovani | style? | 02:18 |
giovani | Bonjour IS zeroconf | 02:18 |
giovani | Apple likes mDNS | 02:18 |
giovani | Microsoft likes SSDP | 02:18 |
giovani | avahi speaks both :) | 02:19 |
owh | Yes. I was making a little joke. Other than making a static list of hostnames is there a better way of managing a bunch of virtual machines? | 02:19 |
owh | I'd rather not run a virtual machine with dnsmasq which would duplicate the DHCP activities of the host. | 02:20 |
giovani | heh | 02:20 |
giovani | well then don't use your host for dhcp/dns | 02:20 |
giovani | however, there are systems for dynamically setting up DNS via DHCP requests from the client | 02:22 |
giovani | as in ... the client can define its own hostname, and DNS will be properly set for it | 02:22 |
giovani | all that does is remove the centralized, more manual DNS setting, and replace it with something decentralized in control | 02:22 |
owh | Yeah, but VMware has been spectacularly unable to understand what I mean if I ask them specifically that. | 02:23 |
giovani | why would you ask VMware that? | 02:23 |
giovani | this isn't a virtualization issue | 02:23 |
giovani | VMware doesn't provide a DNS server from the host afaik | 02:23 |
giovani | maybe a DNS relay | 02:23 |
owh | Because I'm running Fusion and the DHCP server is run by it. It also provides a DNS proxy. I wanted to know how I could link the two. | 02:24 |
giovani | it's a special setup | 02:24 |
giovani | I would never expect a consumer-oriented virtualization product to support it | 02:24 |
giovani | I'm sure Fusion allows you to disable the DHCP | 02:24 |
giovani | and host your own | 02:25 |
owh | Nope, all I can do is not use NAT. | 02:25 |
owh | The innards of Fusion and enterprise based VMware code is the same AFAIK, just the management/gui is different. | 02:25 |
giovani | no, it's not the same | 02:25 |
giovani | at all | 02:26 |
giovani | and this is not an innards issue | 02:26 |
giovani | I can disable the DHCP server on my VMware Workstation product | 02:26 |
owh | How? | 02:26 |
giovani | I'm not familiar with Fusion specifically, but it's a stripped down version of Workstation | 02:26 |
giovani | it's a setting ... | 02:26 |
owh | Fusion is the OSX version of Workstation. It is not a stripped down version. | 02:27 |
giovani | it's a stripped down version, that's consumer-oriented, at a deep discount | 02:27 |
giovani | it's not the same product | 02:27 |
giovani | Workstation is like $400 | 02:27 |
giovani | that's not because it runs on Linux and Windows | 02:27 |
owh | That's what I paid for Fusion. | 02:27 |
giovani | VMware Fusion is like $80 | 02:28 |
owh | My credit card does not agree with that. We're not talking Fusion 1.x, we're talking 2.x | 02:28 |
owh | Came out earlier this year. | 02:28 |
giovani | VMware Fusion 2.0 (for Mac OS X) | 02:29 |
giovani | Electronic Software Download - Start Using It Instantly $79.99 | 02:29 |
giovani | that's a paste from vmware.com | 02:29 |
giovani | there's a 5-pack version for $350 | 02:29 |
giovani | (that's 5 individual licenses) | 02:29 |
owh | Hmm. | 02:30 |
owh | Moving right along. | 02:30 |
giovani | heh, so the bottom line is, VMware Fusion is NOT Workstation for the mac | 02:30 |
owh | I hear you. | 02:30 |
giovani | they have a different featureset -- and they're oriented at different markets (hence different levels of customization I'm sure) | 02:31 |
giovani | now, googling has revealed that you have full access to the dhcp.conf | 02:31 |
owh | I do. | 02:31 |
giovani | so I suggest you google vmware fusion dhcp | 02:31 |
giovani | and figure out how to disable it | 02:31 |
owh | I did. | 02:31 |
giovani | or how to configure it to your liking | 02:31 |
owh | I can make a static list of hostnames, but that hardly makes this managable. | 02:31 |
giovani | static hostnames are how most networks function :) | 02:32 |
giovani | networks 100s and thousands of times the size of yours | 02:32 |
owh | I'd have to restart the network every time I create a new guest, which means all other guests lose network connectivity. | 02:32 |
giovani | but you're welcome to configure it a different way | 02:32 |
giovani | right, which is why you can disable the dhcp server in vmware | 02:33 |
giovani | and host your own, inside of the guest network | 02:33 |
owh | Hmm. | 02:33 |
giovani | google "fusion disable dhcp" | 02:33 |
giovani | 1st and 2nd results are EXACTLY what I've been recommending | 02:33 |
giovani | "vmware fusion disable dhcp" actually | 02:34 |
owh | I've just read those. I understand what you mean. I was aiming for a more dynamic implementation using the existing infrastructure. You're indicating that you don't think that's possible and that I need to run my own. | 02:36 |
giovani | I'm suggesting that I don't know anything about VMware's built-in DHCP server ... I presume it's crap, and a minimal implementation | 02:36 |
giovani | dynamic hostname setting client-side with DNS is complex | 02:36 |
giovani | it's definitely not a standard configuration | 02:36 |
giovani | and VMware doesn't even offer a real DNS server, so it's unlikely it's even possible | 02:37 |
owh | The DHCP server is the standard ISC DHCP server. | 02:37 |
giovani | that's scary | 02:37 |
giovani | still, there's no DNS server, afaik | 02:38 |
giovani | which is clearly required to offer DNS :) | 02:38 |
owh | That appears to be the case :) Just a proxy. | 02:38 |
giovani | I'm unclear on why you think having VMware run your DHCP/DNS is better than you running it yourself | 02:38 |
owh | Running it myself means it's virtualised, so it's chewing more cycles than if it was running natively. | 02:39 |
giovani | (I'd recommend, btw, that if you want a full test lab network, that you not use a desktop virtualization solution) | 02:39 |
giovani | haha | 02:39 |
giovani | I think you don't realize how minimal of an impact DHCP and DNS are on a cpu | 02:39 |
owh | I'm glad I can provide entertainment :) | 02:39 |
giovani | I run an authoritative DNS server on the internet with 32MB of ram | 02:40 |
giovani | and that's the entire OS included | 02:40 |
giovani | the DNS server uses a few MB | 02:40 |
giovani | and I'm sure the load hasn't ever reached 0.01 | 02:40 |
giovani | you should really not be using Fusion for a lab though :) | 02:40 |
giovani | use a proper vmware server install (free), or kvm, or xen | 02:40 |
ball | I've been tinkering with VirtualBox today | 02:41 |
giovani | heh | 02:42 |
giovani | another desktop product :) | 02:43 |
owh | It's not a lab. I'm running my ubuntu desktop as a virtual machine because I'm fed-up having to deal with hardware incompatibilities every time an update comes past. In addition it allows me to make my machine independent of the actual machine its running on, so I can run it on a different computer altogether if I need to. And finally it means I can test new releases and finally do some work with ubuntu-server and contribute back to | 02:43 |
giovani | owh: why would you need dynamically-updating DNS then? | 02:44 |
giovani | it sounds like you only have one VM :) | 02:44 |
ball | giovani: kvm probably requires AMD-V or VT though. | 02:44 |
owh | Well, it allows me to build a VM in a few minutes without needing to update the DNS somewhere, destroy the machine when I'm done. Rinse and repeat. | 02:44 |
ball | ...so that's not an option for me. | 02:44 |
giovani | ball: yeah, because it's real virtualization :) | 02:44 |
* ball nods | 02:45 | |
giovani | owh: why do you need local DNS for one machine? | 02:45 |
ball | I could run it on the production server, but I will want to try it out first. | 02:45 |
owh | giovani: It's not one machine. When I write software for a client, I'll host a development machine for the project. Since I have many clients, there are many such machines. They're not all running at the same time, but having to maintain a list somewhere is asking for trouble. | 02:46 |
ball | Does kvm use a host OS? | 02:46 |
owh | It's not like a standard corporate network where machines don't come and go several times a day. | 02:46 |
owh | ball: Yes. | 02:47 |
giovani | owh: fair enough -- that sounds like a lab to me though | 02:47 |
giovani | not "I want to host a personal ubuntu desktop in a vm" | 02:47 |
ball | owh: would kvm let me connect the guest machines together via a virtual ethernet and also have the host OS see that via something like a virtual interface? | 02:48 |
owh | giovani: It's like a testing lab in some ways. If there was another virtualisation tool I could use under OSX that worked, I'd be prepared to look at that. | 02:48 |
owh | ball: Yes. | 02:48 |
ball | owh: excellent, thanks. | 02:48 |
giovani | owh: virtualbox is another option | 02:48 |
owh | ball: Lemmie find the KVM guide for you. One mo. | 02:48 |
giovani | however, I still fail to see why you can't run a vm that offers the network services you want | 02:48 |
owh | giovani: The last time I looked at that it crashed around my ears every 20 minutes. | 02:49 |
giovani | owh: sorry, what? | 02:49 |
giovani | I don't follow what that means | 02:49 |
owh | giovani: You are beginning to convince me that running my own DHCP/DNS is an option. | 02:49 |
giovani | it's not just AN option -- it's your ONLY option for what you'd like | 02:49 |
owh | giovani: virtualbox has been unstable and unreliable for me. It was running within a Ubuntu host at the time. It did not fill me with confidence. | 02:50 |
giovani | hm | 02:50 |
giovani | virtualbox has been plenty reliable for me | 02:50 |
giovani | but alright | 02:50 |
giovani | I'm moving all of my desktops to os x actually | 02:51 |
giovani | my laptop's wifi card is a problem though | 02:51 |
owh | ball: https://help.ubuntu.com/community/KVM/ | 02:51 |
owh | giovani: I did contemplate running Ubuntu natively on this MacBook Pro, but I decided that I would be no better off. This way, Apple takes care of its own hardware and Ubuntu just sees a bog-standard PC. | 02:52 |
ball | owh: thanks | 02:52 |
giovani | heh | 02:52 |
giovani | yeah, I'm not a huge fan of linux desktops | 02:52 |
owh | My over-riding concern was that I was unable to contribute to the ubuntu-server team because I'm on the road all the time. This way I can use my Ubuntu desktop for running my business, setup guests as u-s machines and test and fix u-s bugs/issues. Something which I couldn't do since Gutsy when VMware stopped working under Ubuntu desktop. | 02:54 |
* owh has been running a Linux desktop for nearly a decade. | 02:54 | |
owh | Best thing I ever did. | 02:54 |
ball | I've just started seriously using Linux. I've used NetBSD as my primary desktop OS for the past ten years, commercial unices before that. | 02:55 |
ball | ...it took a while for Linux to reach a point where I could consider putting it in front of people. | 02:56 |
owh | giovani: Thanks to your comments I've just had a quick squiz at avahi-daemon. It installs 11.4Mb of stuff just to make it work. dnsmasq is looking mighty nice :) | 02:56 |
owh | ball: The first desktop I put in front of a client was dapper. They are still my clients and they love me since for the first time in their living memory they have had a machine that just keeps working. I've now done that for several clients and am working my way through migrating several more. Hardware support is still an issue, but from a stability perspective, I don't look at anything else anymore. | 02:58 |
ball | owh: I did a short trial with Hardy, but the users couldn't print, so that effort died fast. | 02:59 |
owh | What issue was it? | 02:59 |
owh | Printing has not seemed to be a high problem where I've done this. | 03:00 |
ball | Sharp MX-3501N was silently discarding PostScript jobs. | 03:00 |
ball | ...couldn't persuade the driver to send PCL6 instead. | 03:00 |
giovani | CUPS is kind of shit :) | 03:00 |
owh | ball: What did linuxprinting.org have to say about it? | 03:01 |
ball | owh: I have no idea. | 03:02 |
ball | Didn't even know that existed. | 03:02 |
owh | giovani: I'll agree that it's temperamental :) | 03:02 |
owh | giovani: It's like sendmail. It's not unfriendly, just choosy on who it becomes friends with :) | 03:03 |
owh | giovani: Thanks for your comments. I'm outta here. 5 hours until I finally go on holiday after 3 years :) | 03:06 |
ball | Does kvm only work with Linux guests? | 03:30 |
twb | kvm provides hardware emulation, not paravirtualization. | 03:32 |
twb | It should be able to run arbitrary guest OSes | 03:32 |
twb | However, it would not be difficult for an OS to deliberately refuse to work with kvm, by e.g. checking the model ID reported by the CPU. I think OS X does such things, for example. | 03:33 |
twb | Oh, and the intel C compiler | 03:33 |
ball | twb: I suppose I'll just have to try it. | 03:37 |
twb | ball: did you have a particular OS in mind? | 03:37 |
ball | twb: Solaris sprang to mind | 03:38 |
ball | twb: ideally NetBSD too, but I'm not optimistic about that working. | 03:38 |
twb | Doesn't NetBSD run on everything? | 03:38 |
ball | It does run on many things, but not on everything. | 03:40 |
ball | Can't boot it in VirtualBox or on certain Macintosh systems | 03:40 |
ball | (very old Macs) | 03:40 |
twb | Of course you can't boot kvm inside virtualbox. KVM requires hardware virtualization support (VT-x). | 03:50 |
twb | Oh, you meant netbsd. | 03:50 |
=== bc_ is now known as bc | ||
samd | i'm connecting my server wirelessly using dhcp, but when for some reason, the connection is lost, the server wont auto-reconnect back up. is there anyway to tell dhclient to auto-reconnect on connection loss? | 05:20 |
twb | dhclient isn't reponsible for reconnecting. Probably wpa_supplicant or NetworkManager is. | 05:21 |
samd | umm, on ubuntu server what would be? | 05:21 |
giovani | uh, possibly neither | 05:21 |
samd | there is no network manager as far as i know | 05:21 |
giovani | does your network use encryption? | 05:22 |
samd | nope | 05:22 |
samd | oo wait | 05:22 |
twb | samd: pastebin your /etc/network/interfaces | 05:22 |
samd | it does | 05:22 |
samd | wep | 05:22 |
giovani | ok, stop using wep | 05:22 |
giovani | it's useless | 05:22 |
samd | ight, ill probably just hide the network and use mac filter | 05:22 |
twb | samd: you can sniff and spoof mac adresses trivially. | 05:22 |
giovani | samd: no | 05:23 |
giovani | samd: use proper encryption | 05:23 |
twb | samd: if you care about security you should use WPA2 and/or a VPN tunnel. | 05:23 |
giovani | i.e. at the minimum, WPA2-PSK | 05:23 |
samd | giovani: ight | 05:23 |
giovani | at ideally WPA2-TKIP | 05:23 |
giovani | and* | 05:23 |
giovani | or AES, your choice | 05:23 |
twb | giovani: erm, isn't TKIP orthogonal to PSK? | 05:23 |
giovani | twb: yes, my mistake | 05:24 |
giovani | WPA2-EAP is more like it | 05:24 |
samd | http://paste.ubuntu.com/248369/ | 05:25 |
giovani | samd: yeah ... | 05:25 |
giovani | I don't know if there's a solution for this | 05:25 |
twb | samd: yeah, you wanna use wpa-supplicant and/or NM | 05:25 |
giovani | the wireless card handles reconnection typically | 05:25 |
giovani | so dhcp has to be issued by an app watching the status carefully | 05:26 |
twb | giovani: here, running just wpa-supplicant, there's a wpa daemon that re-ifups. | 05:26 |
samd | giovani: twb , does NM runs w/o x server? | 05:26 |
giovani | twb: well it must be watching the wireless interface | 05:26 |
giovani | samd: no clue, I don't touch that nasty stuff | 05:26 |
twb | NM is a headless daemon. | 05:27 |
twb | Unfortunately the utter dickheads that maintain it only provide GUI (no CLI) interfaces to it. | 05:27 |
giovani | because it's scary code | 05:27 |
twb | "Because you can just write raw dbus XML to it," they told me. | 05:27 |
samd | umm , ill probably end up connecting it via cable | 05:27 |
giovani | it's obnoxious at managing interfaces | 05:27 |
twb | I would never ever use NM myself | 05:27 |
samd | twb: what would u use? | 05:28 |
samd | twb: none? what about wicd? | 05:28 |
twb | samd: I use plain wpa_supplicant myself | 05:28 |
samd | twb: i see | 05:29 |
samd | twb: let me change encryptioni to wap now | 05:29 |
twb | auto wlan0 \n iface wlan0 inet manual \n wpa-roam /etc/wpa_supplicant/wpa_supplicant.conf \n wpa-roam-default-iface wlan0-default \n iface wlan0-default inet dhcp | 05:29 |
twb | So then "wlan0" comes up, which just starts the wpa roam daemon. It gets a hard-coded list of APs from wpa_supplicant.conf, and when the iwconfig status changes, it runs "ifup wlan0-default" | 05:30 |
twb | (which triggers a dhclient) | 05:30 |
samd | i see | 05:30 |
samd | interesting | 05:30 |
twb | The only downside for me is that I need to sudoedit that file to add/remove APs. | 05:31 |
samd | twb: yeah, cuz they'r hard coded | 05:31 |
samd | twb: no problem if its a desktop | 05:31 |
twb | I think you can also use wpa-cli to add/remove them | 05:31 |
samd | so ur under what os? | 05:32 |
samd | which* | 05:32 |
twb | Technically this is on Debian, but I'm confident it's applicable to Ubuntu | 05:32 |
samd | yeah, i bet it is, after removing network manager, as it comes in default ubuntu desktop install | 05:33 |
LiraNuna | what's the "deafault" (i.e well supported) imap/pop3 server on ubuntu? | 05:49 |
LiraNuna | should I go for dovecot or courier | 05:49 |
samd | is having a xorg in a server a unessesary security risk? | 05:50 |
tonyyarusso | I would say yes, but that depends on your definitions of "necessary" and "risk". Most people advise against it anyway. | 05:53 |
tonyyarusso | LiraNuna: dovecot is default | 05:54 |
LiraNuna | I can't get dovecot working with postfixadmin :( | 05:56 |
twb | X on a server is a YAGNI issue | 05:56 |
samd | tonyyarusso: what about if it's not running,, (running it just when i actually need it) | 05:56 |
LiraNuna | samd, I did the same as you describe, but then I ended up using the command line and then purging ~500 packages | 05:56 |
twb | And if you *do* need X to administer a server, that's probably indicative of larger problems | 05:56 |
tonyyarusso | samd: less so anyway | 05:56 |
samd | twb: tonyyarusso LiraNuna , i was thinking on installing xserver to use wicd ( a network manager) to reconnect in case of a connection lost | 05:58 |
twb | samd: what's wrong with just using wpa_supp? | 05:59 |
LiraNuna | samd, I never had trouble with ifupdown | 05:59 |
LiraNuna | or is it strictly wireles | 05:59 |
LiraNuna | wireless does not a good server make | 05:59 |
samd | twb: ohh, i didnt understood i could use wpa_supp for that. LiraNuna i know, ill work on wiring, but ill have to wait for at least 1 month with wireless | 06:00 |
samd | LiraNuna: whats ifupdown? does it runs auto? | 06:01 |
LiraNuna | samd, I don't know how it goes for wireless netwroking | 06:01 |
samd | ill prolly go for wpa_supp as twb suggested, ,,, | 06:02 |
jamesrfla | If I had a server with apache2 on it then create a VM and install apache2 on it and configure virtual hosts for a few domains. Is this posible? | 06:11 |
mattt | jamesrfla: don't understand your question :/ | 06:21 |
jamesrfla | Okay let me see if I can explain it differently | 06:21 |
jamesrfla | I install Ubuntu server with apache2 hosting domain.domain.com then on that same server I make a VM and install Apache2 on it and configure virtual hosts to host domain2.domain.com and domain3.domain.com | 06:22 |
jamesrfla | I basically want to do a very VPS hosting for a few of my friends | 06:23 |
mattt | jamesrfla: i see, sounds fine | 06:24 |
mattt | jamesrfla: you can install apache2 on the host (dom0) and apache2 on the virtual machines (domUs) also | 06:25 |
jamesrfla | Will there be any conflicts. The VPS will run on a different internal IP than the other server not in a VM. I only have one dynamic world ip | 06:25 |
mattt | jamesrfla: should be fine provided that everything has different IPs or you use port forwarding | 06:27 |
jamesrfla | Different external Ip's or different internal Ip's. Also can I run all of then on port 80? | 06:28 |
mattt | jamesrfla: internal is fine, provided that you intend on accessing them from the internal network :) | 06:28 |
jamesrfla | I am just worried that after typing in a web address that it would go to the other VM and say this site isn't here | 06:28 |
jamesrfla | Hmm. I kind of wanted them to be accessed by the web. | 06:29 |
mattt | jamesrfla: how, if you're using internal IPs? | 06:29 |
mattt | jamesrfla: how about .... | 06:30 |
jamesrfla | Well internal then use port forwarding....Maybe I am missing something here | 06:30 |
mattt | jamesrfla: ok, port forwarding is fine if you don't mind using http://domain2.domain.com:8802 (or equivalent), http://domain3.domain.com:8803, etc. | 06:31 |
mattt | jamesrfla: or, you could use a reverse proxy on the dom0 and send the traffic to the domUs that way ... don't know what complications that may uncover tho | 06:31 |
jamesrfla | So what I want to do won't really work. I would have to have all the web hosting on the one server. | 06:33 |
mattt | jamesrfla: no, it will work ... but if you have all sites pointing to the same IP, obviously you need a way to then get the traffic to the appropriate virtual machine | 06:34 |
jamesrfla | Okay I see. So how can I point it to the right virtual machine? | 06:35 |
mattt | jamesrfla: reverse proxy, port forwarding, etc. :) | 06:35 |
mattt | jamesrfla: maybe there are more obvious ways, but i don't know | 06:36 |
jamesrfla | Maybe if I post something on the UF and see if they have any ideas on the matter. | 06:36 |
mattt | yeah, the more input you can get the better! | 06:36 |
mattt | the reverse proxy way would work nicely | 06:37 |
jmarsden | jamesrfla: It sounds like you are new to web hosting, so you should probably start out with a single copy of Apache and do all the hosting one one machine. Once you are comfortable doing that you can explore the idea of migrating some of those virtual hosts into separate VMs via a reverse proxy. Start small and simple and get it working, then add complexity as your knowledge and experience grows. | 06:37 |
mattt | jmarsden: hmm, wise words. | 06:38 |
jamesrfla | Well I have been hosting a site on apache2 server for about 2 years. I am just new to this virtual hosts and VM's | 06:39 |
mattt | jamesrfla: why do you need individual VMs? | 06:39 |
jamesrfla | Bingo!!!! | 06:40 |
jamesrfla | I just got a good idead | 06:40 |
jamesrfla | *idea | 06:40 |
mattt | jamesrfla: ? | 06:40 |
jamesrfla | Setup a VPS and have it so all my friends can access it. Do all my web hosting just in that VM... | 06:40 |
jamesrfla | *VM | 06:40 |
artillerytx | what is a php library | 06:41 |
jmarsden | jamesrfla: What is the benefit of using a VM for this? | 06:41 |
jmarsden | artillerytx: A bunch of PHp someone else wrote that you can use. | 06:41 |
jamesrfla | hmm. I need a min to think this out for a sec. | 06:41 |
artillerytx | jmarsden: oh well how do i install cURL | 06:42 |
jamesrfla | jmarsden: then I can host all the web sites on that and virtual hosts. Then I wouldn't have to mess with thisreverse proxy. | 06:42 |
jmarsden | jamesrfla: You can just host multiple sites on the main machine OS, no need for a VM. Keep it simple. | 06:42 |
jmarsden | artillerytx: Same way you install anything else on Ubuntu. sudo apt-get install PACKAGENAME . In this case sudo apt-get install php5-curl | 06:44 |
jamesrfla | yeah I can. Hmm. I guess it depends who is going to use it. Give me a min to think this out. | 06:44 |
artillerytx | jmarsden: okay | 06:45 |
mattt | jamesrfla: i can see from a security stand point why using a VM would be beneficial | 06:45 |
jamesrfla | Yeah I just want to keep my stuff personal and there stuff in a VM | 06:46 |
jamesrfla | Kind of how Linode does there stuff | 06:46 |
jmarsden | jamesrfla: You do not know as much as the Linode admins do :) And if "your stuff" includes a web site, you'll need a reverse proxy to separate your web site (on the physical host) from the others (in the VM)... | 06:48 |
* jmarsden thinks it may be better to just help your friends each set up their own Ubuntu machines at their own homes. | 06:48 | |
jamesrfla | yeah true. Well this project is still in planing | 06:50 |
jamesrfla | well the linodes also get there own world ip | 06:50 |
jmarsden | If your friends just need web hosting (no shell access), you can probably do fine setting up everyone on the main physical machine OS and locking it down carefully so they can only destroy their own stuff... | 06:50 |
jamesrfla | yeah that is another option. Or when they want there web page updated they can e-mail me the new page and I can do it for them. | 06:51 |
jamesrfla | Just as long as they don't want there web page changed every min :) | 06:52 |
jmarsden | well, that would get old pretty fast when they each email you 500 photos and 200 videos from their cellphones... | 06:52 |
jmarsden | You could set up a CMS for each of their sites to avoid that... | 06:53 |
jmarsden | Sounds like you are not really sure what you are trying to do here :) | 06:53 |
jamesrfla | lol. I hope not. I don't think I will have many people interested in this. If they want more than just web hosting I can set them up with a VPS and SSH | 06:53 |
jmarsden | 5 people x a few hundred photos from a weekend trip = *way* too many emails... | 06:54 |
jamesrfla | Well still in planing. I don't think many people would want it anyway. They all seem to hate Linux | 06:55 |
jamesrfla | Well thanks for your help jmarsden and mattt I think I am just going to just have them e-mail me if they want there site changed. That is if they want a site or I could make a little space for them like domain.domain.com/friend/ | 06:59 |
jmarsden | No problem. | 06:59 |
twb | There's one reason to host different sites in VMs: if they all require very specific, conflicting versions of PHP and/or MySQL. | 07:00 |
jamesrfla | I guess I got a little too excited wit VMware ESXi and VMware Server.... | 07:00 |
twb | Of course, the Right Thing then is to not run PHP apps :-) | 07:00 |
jamesrfla | twb: Well the main reason was security. But I could also make there account very limited and somehow give them my SSH key so they can actually get in | 07:01 |
twb | jamesrfla: or, you know, use THEIR ssh key | 07:02 |
jamesrfla | use their SSH key? | 07:02 |
twb | Giving someone else your ssh key would be dumb | 07:02 |
jamesrfla | oh. Make a secound key for them you mean | 07:03 |
twb | If they want to access a VPS on your server, THEY give you THEIR public key, and you tell the VPS to let that key in. | 07:03 |
jamesrfla | I guess I could do that. Setup a account for them that is limited to only rebooting apache2 and adding/remove files to there web site directory | 07:05 |
jamesrfla | Well thanks again. | 07:09 |
twb | They shouldn't even need apachectl permissions... just give them an account in vsftpd | 07:10 |
jamesrfla | okay so they can use vsftpd | 07:11 |
jamesrfla | to upload there web page but don't you still have to stop and start apache? | 07:11 |
jamesrfla | Well GTG to bed | 07:20 |
artillerytx | how do you copy a directory again | 08:23 |
artillerytx | is it cp -R /dir /dir2 | 08:24 |
dayo | is there anyway to allow root ssh login from lan, but block it from the internet? | 08:26 |
dayo | artillerytx: cp -r source destination | 08:27 |
=== highvolt1ge is now known as highvoltage | ||
=== twb` is now known as twb | ||
twb | dayo: AllowedUsers | 08:48 |
twb | dayo: sorry, "AllowUsers root@192.168.1.0/24" or similar | 08:49 |
twb | As a matter of course, you should restrict sshd to a whitelist of trusted users/origin tuples. | 08:50 |
dayo | twb: where do i put AllowedUsers? | 08:51 |
twb | dayo: /etc/ssh/sshd_config | 08:51 |
dayo | twb: what about whitelisting? does that affect only internet ssh or lan, too? | 08:53 |
twb | dayo: sshd cannot see the difference between your "LAN" and "the internet" | 08:55 |
twb | dayo: it CAN distinguish the IPs of the hosts connecting to it. | 08:55 |
dayo | twb: what i want is non-roots to be able to ssh in from anywhere, but root should only be allowed to ssh from LAN | 08:56 |
twb | dayo: so to allow root access from and only from your local LAN, you would tell it to accept connections for root from your LAN's IP range, which is typically a private use range such as 192.168.0.0/16. | 08:56 |
twb | dayo: then you need to whitelist the non-root accounts, also. | 08:56 |
twb | Or explicitly blacklist root@X for all IP addresses X that are not in your LAN IP range, but I don't recommend that because you will screw it up. | 08:57 |
dayo | twb: i just checked and i have only 3 non-root users. will this work: AllowUsers adam betty chris root@192.168.1.0/24 ? | 08:58 |
twb | dayo: yes. | 08:59 |
dayo | twb: great. thanks :-) | 08:59 |
twb | foo is the same as foo@* | 08:59 |
dayo | i see | 09:00 |
twb | What I typically do is work out where users are likely to ssh from, and restrict connections to only those IPs. | 09:00 |
twb | So you might have adam@adam.co.uk and adam@adam.info instead of just adam | 09:01 |
twb | This just means that some other schmuck is providing the "first line of defense" | 09:01 |
twb | If they need to get access from an e.g. internet cafe, then you can whitelist some generic ssh server like freeshell.org, though typically people I know already can get into somewhere like alioth.debian.org or users.sourceforge.net | 09:02 |
dayo | it boils down to just a single IP on my LAN that needs ssh, thankfully. | 09:04 |
dayo | twb: thanks for all your help :-) | 09:05 |
twb | No problem. | 09:05 |
stefan__3 | hello | 09:43 |
make | Apache default installation of orders generally able to use the test to the number of ab | 09:57 |
RoyK | wtf. oprofile is in ubuntu, ok, but no vmlinux, effenctively rendering oprofile quite useless for kernel stuff | 10:16 |
make | /lib/xtables/libipt_layer7.so those documents need to install software? | 10:17 |
_ruben | make: not sure what your native language is, but your english isnt making much sense (to me) | 10:30 |
quizme | how can i give access to /etc/init.d/apache2 restart to the group called 'dev' ? | 10:54 |
uvirtbot` | New bug: #409775 in php5 (main) "Problem building Karmic PHP" [Undecided,New] https://launchpad.net/bugs/409775 | 11:11 |
_ruben | quizme: 'man sudoers' | 11:42 |
rags | I get a "rndc-confgen not found" error while installing bind9 using aptitude...and there is no other way I can install rndc separatly... | 11:45 |
andol | rags: Shouldn't bind9utils do, if you just need rndc? | 11:49 |
andol | rags: That said, it might still be good to know why bind9 isn't letting itself be installed. | 11:49 |
rags | andol: the postinst is giving errors that rndc-confgen is not found..shouldnt the dependencies get resolved automaticall.. | 11:51 |
rags | it shows bind9utils to be already installed...I'll try reinstalling it.. | 11:53 |
Boohbah | i replaced /usr/sbin/apache2 with a patched version and then removed it, then 'apt-get remove apache2' then 'apt-get install apache2' but /usr/sbin/apache2 is still missing. how can i get apt-get to install the original binary? | 13:42 |
soren | /usr/sbin/apache2 is in the mpm package, not the apache2 package. | 13:55 |
soren | Boohbah: ^ | 13:55 |
soren | Like, say, apache2-mpm-worker or whatever you're using. | 13:55 |
Boohbah | soren: i was also missing /usr/sbin/apache2ctl from apache2.2-common, think i fixed it, thanks :) | 14:25 |
VSpike | Got a question about dnsmasq. Is it possible to configure it so that the hosting server uses dnsmasq's dns resolver? | 14:50 |
VSpike | Looks like the normal setup is that /etc/resolv.conf contains the nameservers the server uses, and dnsmasq then picks those up and uses those as upstream servers | 14:50 |
VSpike | So other machines on the network will get dnsmasq's resolver via dhcp, but the server will not | 14:51 |
soren | VSpike: Sure. | 14:52 |
soren | VSpike: Just tell dnsmasq to use a different resolv.conf using -r. | 14:52 |
Steve[mbp] | Morning everyone! | 15:47 |
andol | Steve[mbp]: Good afternoon! | 15:47 |
Steve[mbp] | :-p | 15:48 |
Steve[mbp] | always morning somewhere ;) | 15:48 |
sgsax | still morning here | 15:48 |
Sam-I-Am | yes, same here | 15:51 |
Sam-I-Am | yawn... | 15:51 |
Chocobo | can anyone explain what the --reboot option for dhcpcd does? | 15:52 |
Sam-I-Am | hmm, i didnt even know that was a valid option | 15:55 |
Chocobo | Yeah, the man page is very cryptic: -y, --reboot seconds - Allow reboot seconds before moving to the discover phase if we have an old lease to use. The default is 10 seconds. A setting if 0 seconds causes dhcpcd to skip the reboot phase and go straight into discover. | 15:57 |
Chocobo | maybe because I don't know what the "reboot phase" is | 15:57 |
jmarsden | Chocobo: Read the RFC at http://www.faqs.org/rfcs/rfc2131.html for the details on how DHCP works, if you really need to know. | 16:05 |
VSpike | soren: and then set the server's resolv.conf to point to 127.0.0.1? | 16:29 |
soren | VSpike: Yes. | 16:35 |
giovani | VSpike: sure, or you can use -R to have dnsmaaq not read resolv.conf, and then set the upstream dns in the config file | 16:36 |
giovani | -S is used to define upstream dns on the command line | 16:36 |
VSpike | giovani: looks like it can all be done in the config file if required | 16:38 |
giovani | VSpike: I just said that | 16:44 |
albdum | hello there. How can i make a folder in apache accesible only with login? (something about httpd.conf) | 17:18 |
firecrotch | albdum: http://www.sitedeveloper.ws/tutorials/htaccess.htm | 17:21 |
Sam-I-Am | .htaccess | 17:21 |
albdum | should i create a file with that name in the directory ? | 17:22 |
giovani | albdum: you should read about how it works | 17:22 |
albdum | i read the manual at the site of apache but don't understand much. :( | 17:24 |
giovani | albdum: well, then you need to either hire someone to do it for you, or try harder to understand | 17:26 |
giovani | it's a reasonably basic topic -- I wouldn't advise running your own apache server without understanding these basics | 17:27 |
firecrotch | albdum: The apache manual is horrible if you're not already familiar with apache. Google "htaccess tutorial" and you'll get a much better explanation | 17:27 |
albdum | thnx m8 | 17:29 |
albdum | i have access to apache maybe i don't need .htaccess and setup something at general config of apache ? | 17:30 |
=== mushroomtwo is now known as mushroomblue | ||
firecrotch | albdum: anything that can be configured via .htaccess can also be configured in your apache2.conf or the specific config file for your virtual host | 17:31 |
=== _LM__ is now known as _LM_ | ||
albdum | ok thnx | 17:33 |
RoyK | omg | 17:37 |
RoyK | http://www.bing.com/search?q=Why+is+Windows+so+expensive%3F&go=&form=QBLH&filt=all | 17:37 |
mushroomblue | that link is awesome. | 17:44 |
albdum | still having problem i save a .htaccess file at the /var/www/thefolder and the .htpasswd file at /etc/apache but when i enter localhost/thefolder doesn't ask for any login (note: .htaccess and .htpasswd aren't listed when dir) | 17:53 |
KillMeNow | there is a wiki for how to setup htaccess and apache | 17:54 |
KillMeNow | https://help.ubuntu.com/community/EnablingUseOfApacheHtaccessFiles | 17:54 |
albdum | thnhx | 17:55 |
StrangeCharm | how do i create a multidisk device to use as a raid5 array. mdadm seems to want a md device specified: all i have now is a few disks | 18:20 |
KillMeNow | software or hardware raid? | 18:20 |
StrangeCharm | KillMeNow, software | 18:21 |
KillMeNow | http://ubuntuforums.org/showthread.php?t=408461 | 18:22 |
nick125 | KillMeNow: Have you already partitioned the drives with a RAID partition? | 18:22 |
nick125 | er, StrangeCharm | 18:22 |
nick125 | (It's too early in the morning for thinking) | 18:23 |
KillMeNow | LOL | 18:23 |
StrangeCharm | nick125, no, the drives currently contain random data | 18:23 |
nick125 | StrangeCharm: Well, if you can, use (c)fdisk and repartition the drives...just note that when you repartition a drive, you typically lose the data on it (not technically, but bleh). Once you do that, mdadm --create /dev/mdX --level=5 --raid-devices=N /dev/sdXn /dev/sdYn /dev/sdZn | 18:25 |
nick125 | In a RAID 5, you need at least 3 drives. | 18:25 |
StrangeCharm | okay, so mdadm can't format them on its own? | 18:26 |
nick125 | It won't partition them. | 18:26 |
StrangeCharm | is it possible to use something like the 'graphical' utility on the installer, to make this process easier? | 18:27 |
nick125 | StrangeCharm: cfdisk is relatively "graphical," I guess | 18:30 |
nick125 | But I don't know of a real "graphical" way to do it outside of the installer | 18:31 |
StrangeCharm | nick125, i mean, as cli apps go. i just recall that the installer made partitioning 'easy'. does the server/alt installer use cfdisk? | 18:31 |
giovani | StrangeCharm: we don't support graphical interfaces in #ubuntu-server | 18:31 |
nick125 | No, it doesn't. Not as the frontend, at least. | 18:31 |
StrangeCharm | giovani, there's graphical and there's graphical. i'm talking of the latter. | 18:32 |
giovani | StrangeCharm: ... | 18:32 |
nick125 | giovani: He means like a ncurses graphical and an X11 graphical, and he wants something ncurses graphical :P | 18:33 |
StrangeCharm | giovani, that was intended as humour. nick125 has me right on. | 18:33 |
giovani | cfdisk is curses-based | 18:33 |
giovani | he said he wanted something graphical, not cfdisk | 18:33 |
giovani | so I'm confused | 18:33 |
jmedina | use EVMS with its curses frontend | 18:34 |
jmedina | evms for all your storage needs | 18:34 |
jmedina | raid, lvm, native partitions, resize bla bla bla bla | 18:34 |
giovani | so does cfdisk "_ | 18:35 |
StrangeCharm | jmedina, very nice. how do i start evms with curses? | 18:35 |
nick125 | I thought EVMS was dead. | 18:35 |
jmedina | StrangeCharm: reading official documentation | 18:36 |
StrangeCharm | indeed | 18:36 |
giovani | nick125: it is afaik | 18:36 |
giovani | evms isn't supported by ubuntu | 18:37 |
giovani | jmedina: let's not recommend unsupported solutions, when perfectly adaquate, supported solutions exist, and are widely used | 18:37 |
jmedina | I prefer to spend 1 hour learning mdadm and mkfs instead of spending hours looking for a graphical tool | 18:37 |
nick125 | an hour? It takes an hour? ;) | 18:38 |
jmedina | it depends on your background | 18:39 |
jmedina | of course I already read the old software raid howto with raidtab | 18:39 |
StrangeCharm | so, i want to be using parted here? | 18:40 |
giovani | StrangeCharm: you want to use cfdisk | 18:40 |
Sam-I-Am | jmedina: currently backporting the karmic openldap 2.4.17 packages to hardy... yum. | 18:40 |
jmedina | Sam-I-Am: what is wrong with your packages? | 18:40 |
StrangeCharm | giovani, cfdisk doesn't show the disks in which i am interested | 18:40 |
jmedina | jajajaja | 18:41 |
jmedina | man cfdisk | 18:41 |
giovani | StrangeCharm: what types of disks are they? | 18:41 |
Sam-I-Am | jmedina: nothing... just ubuntu merged the 'official' 2.4.17 packages from debian... before i was building 2.4.16/17 manually. | 18:41 |
jmedina | probably he just run cfdisk without giving a device as argument | 18:41 |
StrangeCharm | giovani, sdc-f | 18:41 |
Sam-I-Am | jmedina: when 2.4.18 comes out i'll start building those | 18:41 |
StrangeCharm | at least, fdisk -l says so | 18:41 |
giovani | StrangeCharm: that's not a type of disk | 18:41 |
giovani | that's the name of the disk | 18:41 |
StrangeCharm | they're sata hard disks on a pci controler | 18:42 |
giovani | then cfdisk will work just fine | 18:42 |
jmedina | Sam-I-Am: good | 18:43 |
jmedina | I havent had the time to play with your packages, I have been most of time out of office with customers :S | 18:43 |
StrangeCharm | giovani, perhaps i'm missing something then, because they are not in the list after i start cfdisk | 18:43 |
giovani | anything fdisk sees, cfdisk does as well -- they're the same backend code -- just different interface | 18:43 |
jmedina | no time to chat and test :) | 18:43 |
giovani | StrangeCharm: you must be missing something then | 18:43 |
Sam-I-Am | jmedina: it happens. | 18:43 |
Sam-I-Am | jmedina: actually have quite a bit of stuff backported to hardy these days | 18:43 |
infinity | StrangeCharm: cfdisk /dev/sdc | 18:46 |
infinity | StrangeCharm: It only operates on one disk at a time, it doesn't offer a list. | 18:46 |
StrangeCharm | infinity, thanks, i worked it out in the end :) | 18:46 |
StrangeCharm | infinity, though, now it's complaining that the partition ends past the end of one of the disks. can i override this and just make a new table? | 18:48 |
infinity | for i in sdc sdd sde sdf; do dd if=/dev/zero of=/dev/$i bs=512 count=10; done | 18:50 |
infinity | There, no more partition tables. :) | 18:50 |
jmedina | why count 10? | 18:51 |
jmedina | I thought it is only in the first 512 | 18:51 |
infinity | Because I can never remember which block(s) modern tables are on. :P | 18:51 |
jmedina | well really doesnt matters | 18:52 |
infinity | Nope. :) | 18:52 |
nick125 | I usually wipe the first 1MB of the disk :p | 18:52 |
infinity | But yes, the first 512 should be enough. | 18:52 |
nick125 | yeah, 512B is enough to wipe the MBR and partition table. Thanks, Wikipedia! | 18:54 |
StrangeCharm | once i create a multi disk device with mdadm, will it always be there, or do i have to do something to make it exist every time i want it? | 18:56 |
infinity | StrangeCharm: It will live on forever. | 18:56 |
jmedina | they need to be assambled at boot time | 18:56 |
infinity | StrangeCharm: If you're using an initramfs, though (which most people are), running "update-initramfs -u" might be a wise idea after your array's created. | 18:56 |
jmedina | rc script take care of it, and as inifinty says, updating initramfs | 18:57 |
infinity | StrangeCharm: (update-initramfs will make sure your current mdadm.conf lands in there, so the array can be reconstructed in early boot... if you don't actually need it until userspace kicks in, it doesn't matter) | 18:57 |
StrangeCharm | infinity, jmedina, okay, so this disk will now be available from early boot, yes? | 18:58 |
infinity | StrangeCharm: If you update your initramfs, should be, yes. | 18:59 |
StrangeCharm | indeed | 18:59 |
infinity | StrangeCharm: (if not, it becomes available later in the boot, when userspace filesystems (/usr, /home, etc) are normally mounted... Ish. | 18:59 |
StrangeCharm | that should be well soon enough for me | 19:00 |
ewook | my god. bacula is a pita to setup. | 19:30 |
KillMeNow | oh yea? i never used it, was thinking about it | 19:30 |
KillMeNow | what makes it a royal PITA? | 19:30 |
uvirtbot` | New bug: #409988 in lsb (main) "lsb_release crashed with ImportError in <module>() (dup-of: 383697)" [Undecided,New] https://launchpad.net/bugs/409988 | 19:30 |
ewook | KillMeNow: the default-conf-files is somewhat off (more likely I just don't get it). Database-creation also failed etc. | 19:33 |
KillMeNow | so now that you've over come the PITA factor, how do you like it? | 19:33 |
ewook | that's the thing - I haven't :P | 19:33 |
ewook | first time I put it up it was piece of cake. now... gheh. | 19:34 |
ewook | but overall I do like bacula. | 19:34 |
* jmedina uses bacula a lot, using dvds, hard diskc, tapesl, autochargers as media storage | 19:35 | |
jmedina | it rules | 19:35 |
KillMeNow | does it only work with 'Nix distro's or does it integrate with Winblows? | 19:35 |
ewook | there's windows capable clients also | 19:36 |
jmedina | I backup windows servers, linux desktops and servers, and freebsd | 19:36 |
StrangeCharm | what filesystem should i use for a 900gb partition, expecting to have files between <small> and about 5gb (with a good number of the larger files), where files get lots of small ~128kb edits at a pretty high rate? | 19:40 |
mushroomblue | ext4 or xfs | 19:41 |
mushroomblue | IIRC, xfs was really really good for a bunch of small files | 19:41 |
StrangeCharm | mushroomblue, is ext4 reliable? | 19:41 |
nick125 | StrangeCharm: depends on who you ask. | 19:41 |
mushroomblue | I've been using ext4 for a few months without any issues at all. | 19:41 |
mushroomblue | YMMV | 19:41 |
nick125 | I'm using it on all of my desktops, but I haven't had the courage to use it on my servers yet. | 19:42 |
mushroomblue | I have it on my fileserver. | 19:42 |
mushroomblue | ext4 on 7 spanned lvm volumes | 19:42 |
mushroomblue | works wonderfully. | 19:42 |
StrangeCharm | i'd rather not risk variable milage, mushroomblue, nick125. is xfs good for large files with incremental wites, or should ext4 or reiser actually have better performance for this scenario? | 19:43 |
StrangeCharm | also, does xfs journal data or just metadata? | 19:43 |
nick125 | You better have a good UPS if you use XFS. XFS does NOT like power cuts, since it does a lot of write caching. | 19:44 |
mushroomblue | yeah. | 19:44 |
mushroomblue | xfs journals data | 19:44 |
StrangeCharm | well, that's a problem. would i expect that to be less of an issue with reiser and ext? | 19:45 |
mushroomblue | ext3 is pretty bulletproof | 19:45 |
nick125 | ext is a bit less.....volatile. | 19:45 |
mushroomblue | reiser isn't being actively maintained | 19:46 |
mushroomblue | what, with the main developer in jail and all. | 19:46 |
StrangeCharm | i suppose i'll go for ext3 then | 19:46 |
nick125 | yeah, it's a relatively safe choice. | 19:47 |
mushroomblue | especially if your server isn't UPS'd | 19:47 |
mushroomblue | you should probably fix that. | 19:47 |
* sgsax has been using xfs for user homedirs for almost a year now | 19:48 | |
sgsax | about 4TB of space allocated in various partitions | 19:49 |
StrangeCharm | mushroomblue, that would be out of budget | 19:49 |
mushroomblue | StrangeCharm: your IT dept has weird budgets. | 19:49 |
mushroomblue | I made sure power consumption and redundancy was near the top of the list | 19:50 |
StrangeCharm | mushroomblue, it's not a big department, and availibility is not a high priority for this application | 19:51 |
StrangeCharm | confidentiality and integrity are the focus | 19:51 |
KillMeNow | i've read a bit about ext4, all i can say is that it's still really experimental (from reading) | 19:52 |
StrangeCharm | KillMeNow, good thing i picked ext3 then :) | 19:52 |
KillMeNow | ext3 is still my favorite | 19:52 |
KillMeNow | yep | 19:52 |
KillMeNow | sorry, at work and multitasking | 19:52 |
StrangeCharm | KillMeNow, to be expected | 19:53 |
=== maxb_ is now known as maxb | ||
milko | hi! | 20:51 |
KillMeNow | hi | 20:51 |
milko | I'm installing ubuntu server 8.04 | 20:51 |
milko | I need a server for django and python | 20:51 |
milko | with mysql... | 20:51 |
milko | I don't install defaults packages (openssh, lamp, mail server, etc...), because I though do it manually | 20:52 |
milko | but, now I do "apt-get install apache2" | 20:52 |
milko | and the package is not found | 20:53 |
milko | (sorry for my English, this isn't good) | 20:54 |
milko | my question is, if I can modify /etc/apt-get/source.list how I do it in ubuntu desktop... and in this case, what urls I must put for apache2? | 20:56 |
milko | anybody? | 20:56 |
KillMeNow | usually by default the source.list is populated | 20:58 |
KillMeNow | open it up and check to see if it's set right, if it's not google for the settings | 20:58 |
KillMeNow | caue i don't remember them off the top of my head | 20:58 |
mushroomblue | do you just need default URL's for sources.list? | 20:59 |
mushroomblue | your /etc/apt/sources.list is blank? | 20:59 |
KillMeNow | http://ubuntuforums.org/showthread.php?t=783577 | 21:00 |
KillMeNow | that's the forum post for default sources.list | 21:00 |
milko | mushroomblue, oooh... I don't "apt-get update" | 21:02 |
milko | sorry! | 21:02 |
milko | KillMeNow, mushroomblue, thx! | 21:02 |
mushroomblue | lol | 21:03 |
Deevz | I just installed Userver and chose to configure the network later, how can I do it now that it is installed? | 21:13 |
nick125 | Deevz: /etc/network/interfaces | 21:13 |
Deevz | I need to edit that with vi? | 21:15 |
nick125 | yeah | 21:15 |
sgsax | Deevz: yes, or your other favorite editor | 21:16 |
nick125 | or whichever editor suits your fancy | 21:16 |
sgsax | Deevz: it's well-documented, but your file should look something like this: http://pastebin.com/m6c79460e | 21:17 |
Deevz | ahh | 21:18 |
sgsax | be sure to substitute your own info | 21:18 |
Deevz | I always get caught | 21:18 |
Deevz | I launch the program before knowing how to use it, now I dont know how to get out to read the vi man | 21:18 |
Deevz | lol | 21:18 |
Deevz | thx sgsax | 21:18 |
nick125 | Deevz: hit escape then :q! | 21:18 |
nick125 | then type "sudo aptitude install nano" and use that. | 21:19 |
sgsax | :q! quits without saving | 21:19 |
sgsax | heh | 21:19 |
nick125 | err. Wait, you can't install anything without network. Eek :p | 21:19 |
sgsax | pretty sure nano is installed by default | 21:19 |
nick125 | sgsax: I don't think so.. | 21:19 |
sgsax | if you've already installed ubuntu-server, I think it is | 21:19 |
Deevz | I confirm, it is | 21:20 |
nick125 | Ah. That's good to know. | 21:20 |
Deevz | nano aint more clear tho | 21:21 |
nick125 | Deevz: It has prompts on the bottom on how to use it :) | 21:22 |
sgsax | Deevz: all the commands are displayed at the bottom | 21:22 |
Deevz | the navigation commands all have the "^" character at the bottom | 21:22 |
sgsax | the ^ means use the CTRL key | 21:22 |
Deevz | ohh | 21:22 |
Deevz | thx | 21:22 |
sgsax | np, I like answering the easy questions :) | 21:22 |
Deevz | ah, I got permission denied | 21:23 |
Deevz | I have to use sudo I guess | 21:23 |
nick125 | yeah | 21:24 |
nick125 | sudo nano -w /etc/network/interfaces | 21:24 |
Deevz | -w? | 21:24 |
Deevz | Disables wrapping of long lines... | 21:24 |
nick125 | It tells nano to not use word-wrapping | 21:24 |
nick125 | yeah | 21:24 |
Deevz | what does that mean | 21:25 |
nick125 | Well, I think the default nano config disables word-wrapping...but, word wrapping is when it gets to the end of a line, it adds a line break and goes to the next line. | 21:25 |
ruben231 | hi anyone have idea on DRBL | 21:26 |
Deevz | ahh | 21:27 |
Deevz | I pinged my own computer and it doesnt stop | 21:27 |
Deevz | how do I stop the ping command? :O | 21:28 |
LiraNuna | ctrl+c | 21:28 |
Deevz | thx, that works | 21:28 |
Deevz | ctrl+c seems to be pretty common command | 21:29 |
LiraNuna | it sends a SIGINT | 21:29 |
LiraNuna | Deevz, http://en.wikipedia.org/wiki/SIGINT_(POSIX) | 21:29 |
android6011 | if I install ubuntu server, then mythtv-backend, will it install everything I need for tv tuner support? | 21:32 |
LiraNuna | how do I set up forced SMTP auth? | 21:32 |
Deevz | thats a pretty heavy read, LiraNuna, and the word "linux" or "unix" aint even in there | 21:32 |
nick125 | It's not Linux or Unix. It's POSIX. | 21:32 |
LiraNuna | Deevz, heavy read? it's just a few lines | 21:33 |
LiraNuna | "SIGINT is sent when the user on the process' controlling terminal presses the interrupt the running process key — typically Control-C" | 21:33 |
Deevz | lol | 21:33 |
LiraNuna | oh, Deevz are you using Xchat? | 21:33 |
Deevz | thats not what I have here | 21:33 |
Deevz | I am | 21:33 |
Deevz | oh thats it | 21:34 |
LiraNuna | xchat does not handle () in links correctly | 21:34 |
LiraNuna | http://en.wikipedia.org/wiki/SIGINT_(POSIX) | 21:34 |
Deevz | I dont have the complet link | 21:34 |
LiraNuna | it took you to Signals intelligence | 21:34 |
nick125 | haha, that would explain it. | 21:34 |
LiraNuna | I need to submit a patch to xchat, it gets on my nerves as well | 21:34 |
sgsax | Deevz: once you hvae edited your interfaces file, you probably need to "ifdown eth0" "ifup eth0" | 21:39 |
sgsax | to restart the interface with the new settings | 21:39 |
nick125 | Tomorrow should be fun. I get to setup an OpenLDAP/Samba PDC! Go me. | 21:39 |
KillMeNow | good luck | 21:40 |
Deevz | sgsax: I just restarted my comp, does it do the same thing? | 21:40 |
sgsax | or "/etc/init.d/networking restart" | 21:40 |
Deevz | I guess it should | 21:40 |
sgsax | well, that's the "hard" way, but should be sufficient :) | 21:40 |
LiraNuna | anyone have any idea why postfix allows anonymous smtp relay even though it's configured as noanonymous? | 21:41 |
nick125 | KillMeNow: I think I'm going to need it. When I had this system setup on Gentoo, it took me 5 hours to get Samba and OpenLDAP and the Winblows boxes working happily. | 21:41 |
* sgsax just got LDAP+krb5 auth against an AD box working again | 21:41 | |
sgsax | that was not fun, I'm guess it'll be nearly as fun setting up openLDAP | 21:42 |
nick125 | I'm hoping that this will be a little more sane, using a little bit saner distro. | 21:42 |
sgsax | gentoo is fine if you like to bleed | 21:42 |
nick125 | sgsax: exactly. | 21:42 |
sgsax | I'm moving away from it in my shop | 21:43 |
LiraNuna | "dependency problem!" "oh shi-" "$ emerge world" | 21:43 |
LiraNuna | *10 hour compile* | 21:43 |
nick125 | I only have one Gentoo box left here, and that's getting migrated when I get a chance. | 21:43 |
Deevz | awesome, im connected to the net now | 21:43 |
nick125 | Deevz: congrats | 21:43 |
sgsax | the internets, they are waiting for you | 21:43 |
Deevz | next step is to install openssh :O | 21:43 |
LiraNuna | sudo apt-get install openssh-serer | 21:44 |
LiraNuna | +v | 21:44 |
Deevz | +v? | 21:44 |
Deevz | oh, your mistake | 21:44 |
LiraNuna | would you prefer a regex? s/serer/server/ | 21:45 |
lamont | LiraNuna: because it's misconfigured | 21:45 |
LiraNuna | lamont, would you be kind enough to help me? I'm struggling for days | 21:45 |
LiraNuna | I checked everything, triple | 21:46 |
lamont | give me the contents of main.cf to start with | 21:46 |
Deevz | hmm, I read that the openssh-server package is not available | 21:46 |
lamont | paste.ubuntu.com? | 21:46 |
lamont | or where ever | 21:46 |
LiraNuna | lamont, http://pastie.org/private/iioikzxpm2khiafbgccg | 21:47 |
LiraNuna | was pasted from nano, hence the $ at the end of the line | 21:47 |
lamont | LiraNuna: anything that authenticates to sasl will be allowed, but we kind of expect taht. | 21:48 |
lamont | having said that, I don't play with sasl as much as I probably should. :( | 21:49 |
Deevz | How can I verify if I have openssh already installed? | 21:49 |
LiraNuna | Deevz, ssh localhost | 21:49 |
lamont | throw some -v s on the end of the smtpd line in master.cf and reload postfix, that should get you started somewhere | 21:49 |
lamont | Deevz: dpkg -l openssh-server | 21:50 |
LiraNuna | lamont, where will the output go? | 21:50 |
lamont | LiraNuna: on that note, I'm going to be afk for the next few hours... | 21:50 |
lamont | /var/log/mail.log | 21:51 |
lamont | lots and lots of it if you use enough -v s | 21:51 |
LiraNuna | as I thouht | 21:51 |
lamont | wietse saw no reason to reimplement logging | 21:51 |
Deevz | Ahh, I found my problem | 21:55 |
Deevz | Kind folks suggested I update my apt-get list | 21:56 |
sgsax | Deevz: then be sure to apt-get update | 22:00 |
Deevz | yes, I did, and was able to install openssh server just fine | 22:00 |
sgsax | and if openssh is already installed, you need to "/etc/init.d/ssh start" and "update-rc.d ssh defaults" to make sure it loads at boot | 22:02 |
Deevz | thx | 22:13 |
Deevz | my ssh client is kinda dumb | 22:13 |
nick125 | What client? | 22:14 |
Deevz | I sent a restart command and it gives me a fatal error because the connection got interrupted... | 22:14 |
Deevz | putty | 22:14 |
mushroomblue | s/ssh client/OS/ | 22:14 |
Bookman | Does anyone have a jabber server installed that would be able to assist me in getting mine to run? | 22:14 |
Deevz | its for windows | 22:14 |
nick125 | mushroomblue: Thank you for making that reference with me having to :) | 22:15 |
nick125 | Deevz: Exactly. | 22:15 |
mushroomblue | :) | 22:15 |
Deevz | meh | 22:15 |
Deevz | I could use my eee pc I guess | 22:15 |
Deevz | it has ubuntu on it | 22:15 |
nick125 | Why not put Ubuntu on your normal PC and be happy? :) | 22:16 |
Deevz | I have it already | 22:16 |
Deevz | dual boot | 22:16 |
mushroomblue | my work box started off WinXP & putty, and has switched to Ubuntu with WinXP virtualized | 22:16 |
mushroomblue | makes life much easier | 22:16 |
Deevz | but I dont want to throw coins away to purchase a good virtualization solution | 22:17 |
nick125 | Deevz: Virtualbox. | 22:17 |
mushroomblue | Virtualbox is fine. | 22:17 |
mushroomblue | and free. | 22:17 |
Deevz | I have that | 22:17 |
Deevz | I'm a gamer tho | 22:17 |
Deevz | I like my warcraft games once in a while :) | 22:18 |
mushroomblue | latest Virtualbox does DirectX9, at least | 22:20 |
Deevz | oh, didnt know that | 22:20 |
mushroomblue | just grab the deb from virtualbox.org | 22:20 |
Deevz | I guess I could start booting off ubuntu more often | 22:20 |
nick125 | You should. Using a toy OS just doesn't make much sense. | 22:21 |
mushroomblue | I'm just fond of being able to pause and minimise WindowsXP | 22:21 |
Deevz | toy os? | 22:21 |
nick125 | I have a lot of hatrid for Windows, unfortunately. | 22:21 |
mushroomblue | most of us have to deal with at least Active Directory PDC's on a daily basis. | 22:22 |
nick125 | mushroomblue: How many keyboards have you thrown dealing with that? | 22:22 |
Deevz | I do wish windows wouldn't be so widespread | 22:23 |
mushroomblue | none, actually. | 22:23 |
mushroomblue | likewise-open is my friend. | 22:23 |
mushroomblue | and a server license for likewise enterprise is cheap. | 22:23 |
mushroomblue | so if I have to use windows, I can at least use it to push down sane GPO's for the rest of the network. | 22:25 |
nick125 | Can you even do GPOs with Samba? | 22:25 |
mushroomblue | sure. | 22:25 |
nick125 | If I could do a GPO with my Samba PDC, it'd make my life so much easier. | 22:26 |
mushroomblue | look into likewise | 22:26 |
mushroomblue | http://www.likewise.com/ | 22:26 |
nick125 | Otherway around. My Windows machines are authenticating to a Samba PDC. | 22:26 |
mushroomblue | ah. that's way easier. | 22:27 |
mushroomblue | you need Samba4 tho. | 22:27 |
nick125 | Darnit. | 22:27 |
Deevz | if I'm not in the same subnet, how can I connect to my server? | 22:27 |
nick125 | Well, how much different is samba4? Is it stable? | 22:28 |
mushroomblue | it's a little less stable, but I haven't had any problems. | 22:28 |
Deevz | I mean, right now, im in a LAN, so its easy, but if I'm not in a LAN, how do I do it? What will be its ip since I have a router? | 22:28 |
nick125 | mushroomblue: How hard is it to create the policies? | 22:28 |
mushroomblue | nick125: not as easy as in Windows. | 22:29 |
mushroomblue | but learnable in an afternoon. | 22:29 |
nick125 | Ah, okay. | 22:29 |
* nick125 should investigate Samba4 | 22:29 | |
nick125 | mushroomblue: Do you recommend the Ubuntu samba4 package? | 22:30 |
Bookman | Does anyone have a jabber server installed that would be able to assist me in getting mine to run? | 22:31 |
mushroomblue | nick125: it's what I'm using. | 22:31 |
jpds | Deevz: You'd have to NAT the server's IP from the router. | 22:31 |
mushroomblue | Deevz: you have to make a bridge from your subnet to the subnet you're connecting to | 22:32 |
mushroomblue | if they're physically-connected, it's just ethernet bridging. | 22:32 |
mushroomblue | if you're not on the same physical network, then you'll need to set up VPN or something. | 22:32 |
nick125 | mushroomblue: Is there a decent tutorial on how to get Samba4 to work with OpenLDAP, etc? | 22:32 |
mushroomblue | sadly, no. | 22:32 |
mushroomblue | though it isn't much different than getting openldap and samba3 | 22:33 |
mushroomblue | just read the docs | 22:33 |
nick125 | Hmm...all of these "tutorials" use some provision script. Hmm. | 22:33 |
Deevz | I'll give a look at that, thx | 22:34 |
nick125 | Going around with a USB drive with the group policy just...isn't fun. | 22:36 |
sgsax | unless you're a masochist | 22:40 |
nick125 | sgsax: of course | 22:41 |
nick125 | w00t. Requests per second: 0.97 [#/sec] (mean) | 22:43 |
nick125 | Go Wordpress, go! | 22:44 |
nick125 | There. A little bit better. Requests per second: 160.15 [#/sec] (mean) | 22:46 |
Bookman | Ok, jabber is a no go.....is there any other easy to setup IM server out there for ubuntu? | 22:47 |
nick125 | Not really. Jabber is going to be your best bet, but it's a PITA to setup. | 22:48 |
Bookman | Yeah, I've given up completely | 22:49 |
nick125 | especially if you're going to do a MySQL-backed Jabber server, it's a REAL PITA. | 22:50 |
Bookman | So I take it IM serving is just something that should not be done except by server pros then. | 22:51 |
sgsax | well, it *shouldn't* be hard, but... | 22:53 |
Bookman | Yeah, that was the impression I got. | 22:53 |
sgsax | when there are so many options, seems like insourcing it is making extra work | 22:53 |
Bookman | "If you don't know how to do it, don't bother" kind of attitude seems to be the case. | 22:53 |
sgsax | unless you have a "no outside IM" policy | 22:53 |
sgsax | jabber is one of those projects that I never really understood the need for | 22:54 |
Bookman | I tried connecting to services like jabber.org, but they have connection problems every afternoon, bar none. | 22:54 |
sgsax | what about setting up an irc server instead? | 22:54 |
Bookman | irc would be just fine.... | 22:55 |
nick125 | sgsax: The biggest advantage of Jabber is that you can communicate with users on other Jabber servers. | 22:55 |
sgsax | distributed server kindof thing? | 22:55 |
sgsax | that would be nifty, but again: why bother? | 22:55 |
Bookman | I just want to host a chat system for a small group of users that I have control over. | 22:55 |
nick125 | sgsax: What if we went back to where interserver communication was unheard of for email? ;-) | 22:56 |
sgsax | no, I was still stuck on "why bother with yet another IM protocol?" | 22:56 |
nick125 | Probably because all but a few IM protocols are closed-source and propietary. | 22:57 |
Bookman | sgsax: is there an easy to setup irc server? | 22:57 |
sgsax | Bookman: haven't done one in a while, but it was easy when I was a newb :) | 22:58 |
nick125 | Yeah, IRC servers aren't that hard to setup, especially if you aren't peering them or using services. | 22:58 |
sgsax | I see at least 5 that are available from apt | 22:59 |
Bookman | I see clients | 23:00 |
Bookman | No servers | 23:00 |
Bookman | In synaptic | 23:01 |
sgsax | apt-cache search irc|grep -i server | 23:01 |
nick125 | Bookman: search for ircd | 23:01 |
nick125 | AFAIR, ratbox was pretty lightweight | 23:03 |
nick125 | and not that difficult to configure | 23:03 |
nick125 | I definitely wouldn't recommend something like unreal | 23:04 |
Bookman | I'll give ratbox a shot. | 23:04 |
sgsax | howto for dancer: https://help.ubuntu.com/community/Dancer-IRCD | 23:06 |
nick125 | I'm not sure I'd use dancer, especially considering that it's likely not developed anymore. | 23:07 |
milko | Hotmail filter the emails sent with postfix? | 23:07 |
Bookman | can't seem to find documentation for ratbox | 23:07 |
milko | (sorry for my english | 23:07 |
milko | do Hotmail filter the emails sent with postfix? | 23:07 |
nick125 | milko: If they filter mail, it's not usually by MTA but rather by network/IP. | 23:08 |
KillMeNow | yep.... they may check your reverse inaddr.arpa pointer | 23:10 |
=== roaksoax__ is now known as RoAkSoAx | ||
Deevz | how can dyndns.com offer their service for free? have they found a way to slip adds somewhere? | 23:40 |
hggdh | they reroute bad addresses to their ads | 23:50 |
hggdh | no | 23:51 |
hggdh | sorry, I confused dyndns with a DNS server service. DynDNS gets money by selling add-on services to the DNS entry you get | 23:51 |
Generated by irclog2html.py 2.7 by Marius Gedminas - find it at mg.pov.lt!