/srv/irclogs.ubuntu.com/2009/08/14/#ubuntu-server.txt

TimReichhart	alright I got a other question how to I know if my modem is linked to tty port because right now its on /dev/536ep0	00:05
jmedina	ls -l /dev/ \| grep 536?	00:08
TimReichhart	alright here is the output crw-rw---- 1 root dialout 240, 1 2009-08-13 19:04 536ep0	00:09
CppIsWeird	qman__: [16:06] <qman__> CppIsWeird, amd64 is the common, modern 64-bit architecture -- modern xeons and core 2s and i7s use the amd64 architecture	00:12
CppIsWeird	interesting, i did not know that.	00:12
giovani	really?	00:12
giovani	heh	00:12
giovani	technically its name is x86-64	00:13
giovani	but amd branded it amd64	00:13
jmedina	yea, amd owns sparc developers	00:15
TimReichhart	is there anyway that I can sym link my modem from /dev/536ep0 to a ttyS0?	00:22
giovani	TimReichhart: I'd recommend making it /dev/modem instead	00:23
giovani	as /dev/ttyS0 probably refers to an actual port	00:24
giovani	you can do this with udev rules	00:24
TimReichhart	giovani can you tell me how to sym link it to /dev/modem	00:27
giovani	TimReichhart: which release of ubuntu are you using?	00:27
TimReichhart	8.04.3 TLS	00:27
giovani	TimReichhart: adding something along the lines of KERNEL=="536ep0", SYMLINK+="modem" to /etc/udev/rules.d/60-symlinks.rules should do the trick	00:30
giovani	you may or may not have to add some permissions in the permissions rules file	00:30
giovani	experiment, and use google	00:31
giovani	if you have problems	00:31
giovani	then issuing a "sudo /etc/init.d/udev restart" should put that into place	00:32
TimReichhart	giovani: the problems I am having is IM trying to get the modem to come on online on hylafax but when I do faxstat its just saying waiting for modem to come ready	00:32
HellMind	how can I remove the rules That I added here before.rules	00:32
giovani	TimReichhart: that's unrelated to symlinking, but alright	00:32
HellMind	cuz my server is portforwarding	00:32
giovani	HellMind: I don't understand your question	00:32
HellMind	I forwarded a port adding rules to before.rules	00:33
HellMind	Now, i removed that rule	00:33
HellMind	I restarted ufw	00:33
HellMind	I flushed every iptables table	00:33
TimReichhart	giovani: but see my modem is in a different loaction then what hyalfax is looking for my modem is listed as 536ep0 instead of ttyS0	00:33
HellMind	but the port is still being forwarded	00:33
giovani	HellMind: sorry, I'm not familiar with ufw	00:33
giovani	TimReichhart: you can tell hylafax to look anywhere you like	00:34
HellMind	argh why damn UFW it blacklisted a port :@ I cant use it anymore	00:35
* jmedina loves shorewall		00:36
jmedina	real firewall	00:37
giovani	haha	00:37
giovani	shorewall is not a firewall	00:37
giovani	it's a configuration tool	00:37
jmedina	:)	00:37
jmedina	I know	00:37
giovani	so let's not give it any credit beyond that	00:37
jmedina	ok	00:37
HellMind	what were they thinking bring ubuntu server with that damn ufw	00:38
stainer	most people firewall long before the server	00:38
jmedina	HellMind: whate are you using something that you dont understan?	00:38
jmedina	dnot blame ubuntu developers, if you have problems report a bug	00:39
TimReichhart	giovani: it seems like I dont have a /dev/modem listed	00:40
jmedina	well time to go offline	00:40
TimReichhart	giovani: so I cant do the sym linking	00:40
giovani	TimReichhart: you absolutely can ... I've told you how to do it	00:43
giovani	however, there's no need to make a symlink just for hylafax	00:43
giovani	it'd just be for aesthetics	00:43
TimReichhart	well im trying to get hylafax to work	00:44
TimReichhart	its just the modem im trying to get online	00:44
giovani	right, and I've explained	00:44
giovani	that hylafax can be told to use any device name, so you don't need a symlink	00:45
giovani	however, if you'd like to create a symlink, I told you how to go about that as well	00:45
clusty	hey	00:49
clusty	i did a usermod -a -G vboxusers <my user> to allow myself to use VirtualBox, but this wont work	00:49
clusty	afterwords when i doa groups, i do not see the vboxusers listed	00:50
clusty	clues on what can be going on?	00:50
giovani	clusty: you need to log out and log back in	00:50
giovani	for groups to apply	00:50
clusty	no difference	00:51
giovani	heh	00:51
giovani	then you didn't run the command properly	00:51
clusty	/etc/groups contains:	00:51
clusty	vboxusers:x:135:j.dittmer,vlazar	00:51
clusty	i am second	00:52
giovani	you need to log out	00:52
giovani	and log back in	00:52
giovani	period	00:52
giovani	it will work	00:52
clusty	i am in a VNC session	00:52
clusty	kill vnc?	00:52
faileas	I'm running an IRC/Web server for personal use, and i'm looking for a easy solution to back it up. My hardware's a little old, so i'd like something that'd backup the whole system, and restore it to a bare metal system, without needing to take it down for backups. Any suggestions i should look at?	01:15
gop	hi	01:48
gop	in joomla, I am getting "he FTP settings are not valid or your FTP server is not compatible with Joomla!:	01:48
gop	The function "STOR" failed	01:48
gop	anyone here on ubuntu got joomla to work with ubuntu server	01:48
=== smoser_ is now known as smoser
mathiaz	jtimberman: hey	01:57
mathiaz	jtimberman: I've acked a couple of your sync requests (see my email)	01:58
mathiaz	jtimberman: what is left on REVU? merb and chef?	01:58
foxbuntu	faileas, the only thing I know that can do bare metal restores in Linux on a live server atm is Acronis, its not OSS and not free, but I have worked with their products for a long time and love them, however if you are looking for something free and OSS then you might consider looking at CloneZilla (can't image the server live) or using dd (also requires being offline), if you don't need bare metal restores a cron job and tarballs will	01:59
foxbuntu	do the trick	01:59
faileas	foxbuntu: i got acronis home. I've done a tarball of the whole system, and plan on doing periodic database dumps, and home directory dumps (since a lot of things run as a normal user at the moment)	02:01
foxbuntu	faileas, that should about cover it, although there is no need for whole system backups	02:02
foxbuntu	faileas, whole system tarballs that is	02:02
foxbuntu	faileas, I personally just grab /home /etc usually	02:03
faileas	foxbuntu: lol, yeah, i'm still trying things	02:03
* faileas thinks between /var/www, /home/ircd/ and the database i should be covered		02:03
foxbuntu	faileas, yeah	02:03
foxbuntu	faileas, sorry, wasnt thinking about web	02:04
foxbuntu	faileas, the other thing you might was to grab is the package list	02:04
faileas	i run web and irc (unreal/anope, a jbouncer bnc (i don't like psybnc) and qwebirc	02:04
faileas	lol	02:04
faileas	i know what i installed.. pretty much nothing non standard but java	02:04
foxbuntu	faileas, yeah...I usually grab one after I get a server deployed and then again after any major change	02:05
foxbuntu	seems to work for my needs, but thats me	02:05
foxbuntu	:)	02:05
faileas	i got it deployed (again) last week. Its been up and down since i'm running on junk hardware ;p	02:06
foxbuntu	lol	02:06
foxbuntu	I understand that	02:06
* faileas does note a tarball is only 620 mb ;p		02:06
faileas	*full	02:06
foxbuntu	yea	02:06
foxbuntu	the system is pretty light weightttt	02:06
faileas	it isn't even running ubuntu server. its running minimal, with the necessary things	02:07
foxbuntu	ah	02:07
foxbuntu	Ubuntu JeOS eh?	02:07
faileas	(screen/screen profiles, java, lamp stack)	02:07
faileas	no, ubuntu minimal	02:07
foxbuntu	ah	02:07
foxbuntu	right	02:07
foxbuntu	JeOS is VM optimized	02:07
faileas	this is live hardware. PIII 450, 640 mb ram, 40 gb hard disk space	02:08
foxbuntu	nice	02:08
faileas	I'm not sure, but i'm told its a bad idea to run an irc server on a VM if you intend to link it	02:08
faileas	(which i might)	02:08
foxbuntu	I think my cable box has more power ;P	02:08
faileas	passively cooled, only fan is in the PSU ;p	02:08
foxbuntu	irc server or proxy?	02:09
faileas	(i have a atom box which i use as a 'loaner' desktop, which'll replace this when i goes down	02:09
faileas	both	02:09
foxbuntu	Im on my proxy right now (have been for a year) and its a vm	02:09
foxbuntu	but I do run VMWare ESX, not the freebie VM	02:10
faileas	oh, for the VM?	02:10
faileas	server - since lots of VMs don't have accurate clocks, and IRC linking is VERY dependant on accurate clocks	02:10
foxbuntu	oh, the clocks are easy nuff to fix	02:11
foxbuntu	I hoestly havent worked much with KVM but would assume the same of it	02:12
jtimberman	mathiaz: hey there, i was eating.	02:15
mathiaz	jtimberman: hey - my dinner is almost ready here ;)	02:16
jtimberman	mathiaz: also added in REVU are coderay (http://revu.ubuntuwire.com/p/coderay), stompserver (http://revu.ubuntuwire.com/p/stompserver), and libsystemu-ruby (http://revu.ubuntuwire.com/p/libsystemu-ruby)	02:16
jtimberman	with those others ack'd in launchpad, how long until they sync into karmic?	02:17
mathiaz	jtimberman: I'll ping an archive admin so that we can get them done before the end of the week	02:17
jtimberman	Sweet	02:18
mathiaz	jtimberman: are the syncs required for building the packages on REVU?	02:18
jtimberman	for installing	02:18
jtimberman	chef requires the mixlib	02:18
jtimberman	Chef packages taht is, require the mixlibs	02:18
jtimberman	we wrote the mixlibs too :)	02:18
mathiaz	jtimberman: ok	02:19
jtimberman	mathiaz: since there was overlap in functionality for those in ohai and chef, we split them out to be useful libraries for other ruby developers too.	02:19
jtimberman	mathiaz: by 'end of the week', do you mean tomorrow? :D	02:22
mathiaz	jtimberman: what about libsyntax-ruby ?	02:22
mathiaz	jtimberman: yes	02:22
jtimberman	unneeded with chef 078, we switched to coderay	02:22
mathiaz	jtimberman: ok	02:22
jtimberman	Debian didn't want syntax because its 'unmaintained' per the author of the library himself.	02:22
mathiaz	jtimberman: I'll nuke http://revu.ubuntuwire.com/p/libsyntax-ruby then	02:22
jtimberman	who also suggested coderay to replace it, as thats what he's using.	02:22
jtimberman	thanks, i thoguht i did that but it might not like me.	02:23
mathiaz	jtimberman: right - it doesn't seem to have work for me either	02:24
mathiaz	jtimberman: anyway everything is upload to REVU now	02:24
mathiaz	jtimberman: I'll give it a look next week	02:24
mathiaz	jtimberman: if you can find another ubuntu dev to sponsor it the better ;)	02:25
jtimberman	Thom said he would back up on that. and per my email, ScottK had talked to btm about it some time ago but I haven't heard anything from him yet.	02:25
jtimberman	mathiaz: fwiw, i've set up an apt repo and tested that 'apt-get install {chef,chef-server}' gets the desired functionality. :)	02:27
mathiaz	jtimberman: Have you looked at PPAs to publish your own chef packages?	02:31
mathiaz	jtimberman: https://help.launchpad.net/Packaging/PPA	02:32
jtimberman	this was on my internal testing VM and LAN	02:33
randy_	Can anyone help me setup 2 nic cards in ubuntu server 9.04. One for the internet with static ips and the other one for the intranet with dynamic ips (192.168.1.2/50).	02:44
giovani	haha	02:45
twb	randy_: what is there to set up?	02:51
giovani	randy_: man interfaces	02:54
randy_	My setup right now isn't working so I am trying to fix it.	03:07
twb	randy_: what part isn't working?	03:08
randy_	I have a cox modem with a switch between it and the router. The router is set as dhcp server. The nic card with the static ip addresses on it is connected to the switch. The other nic card is connected to the router with "automatically get ip and dns"	03:09
twb	Incidentally, /50 doesn't make sense.	03:09
twb	You can only go up to /32, which specifies a single IP	03:09
randy_	yeah, the /50 means the ip address range that is leased from dhcp.	03:10
twb	I don't think I like your router, then	03:10
randy_	It doesn't have the /50 in it. that is just the way I wrote it to say that I have it set up to lease 48 addresses.	03:11
randy_	59	03:11
randy_	49 I mean	03:11
twb	That's still retarded	03:13
twb	a.b.c.d/e by convention means a CIDR block	03:14
giovani	randy_: so anyway ... what's the actual problem?	03:16
randy_	I can't reach the server from the outside world nor can I ping the other computers on the router. They can ping each other but not the server.	03:20
randy_	I setup the /etc/network/interfaces file with the correct ip address, netmask, and gateway given to me by cox. I set them up as eth0 and the intranet I setup as eth1 and dhcp.	03:22
randy_	from my home I can ping the gateway which is 24.249.166.129 but not the first of 5 ip addresses 24.249.166.138 through 142.	03:25
twb	randy_: are there machines using those IPs?	03:29
randy_	The 5 static ips are all going to be on one nic card on the server. Right now only one is setup and it is 24.249.166.138.	03:30
twb	Does the server know that it owns those five IPs?	03:30
twb	It will not respond to pings for IPs it doesn't care about.	03:31
randy_	Right now, no. I was going to setup the other four with webmin after I can reach it on the static ip that is already set just not working.	03:31
twb	Sorry, I will not help webmin users.	03:32
giovani	webmin is officially unsupported here	03:32
twb	Plus, I really hate it	03:32
randy_	I understand. I just need to get the one address working. Can you help me?	03:32
randy_	I would rather not use webmin either, is there another way to administer a web site from remote?	03:34
twb	randy_: sure: ssh.	03:34
randy_	I use putty too. Sometimes I need the help of a gui. I am somewhat of a newbie to linux. I am trying to learn how to do it all from the command line, but it takes a while. Please help me with my current challenge then we can talk about the mistakes I've made.	03:35
randy_	I can only use ssh when I can reach the machine remotely and right now I can't.	03:36
twb	OK, I need to draw a network diagram.	03:36
randy_	Okay, thank you very much.	03:37
twb	So your router is doing NAT?	03:38
twb	I'm confused as to why you have a second NIC in the ubuntu server at all.	03:38
randy_	It is a netgear and it has been setup with defaults.	03:38
twb	Unfortunately, I am not chief architect at Netgear. I do not know what the default setup is for arbitrary netgear kit.	03:39
randy_	One for the intranet and one for the internet. If one card can do it, I'll remove the other one. One card is 192.168.0.2-50 with the gateway set at 192.168.0.1 and the network mask at 255.255.255.0. the other nic is for the internet setup as 24.249.166.138-142 with netmask set as 255.255.255.240 and gateway 24.249.166.129. I hope that helps.	03:41
twb	192.168.0.0/24 is the network used by the router's DHCP server?	03:42
randy_	Obviously I don't have the 138-142 in the interfaces file, that is just the ip address range that was given to me from cox.	03:42
randy_	Yes.	03:42
twb	Cox is an ISP?	03:43
randy_	Yes.	03:43
twb	And they have given you a bunch of public IP addresses, 24.249.166.138 through .142?	03:43
randy_	Yes.	03:43
twb	What is doing the PPPoE or PPPoA?	03:44
twb	(I'm assuming an ADSL modem.)	03:44
randy_	It is a cable modem. I don't know much else about it.	03:45
randy_	Sorry.	03:45
randy_	It's not dsl if that helps.	03:46
twb	Hm.	03:48
twb	What is the interface name (e.g. eth2) of the NIC you're currently configuring statically?	03:49
twb	For that matter, how do you login to the router?	03:49
twb	For that matter, how do you login to the MODEM?	03:49
randy_	eth1	03:49
twb	I mean, does the modem have an IP address? If so, what is it?	03:50
randy_	The modem address is 24.249.166.129 you can ping it but I haven't been able to reach it with a browser.	03:51
twb	Do you have physical access to the ubuntu server?	03:52
randy_	I don't right now. I'm at home, it is at the office.	03:55
twb	OK, then I won't try that.	03:55
twb	So what is the process you're using to ssh into it from the office?	03:56
randy_	I am computer savy, I have setup quite a few windows networks, I am trying to break away from windows and go exclusively to linux. I just have some more learning to do.	03:56
randy_	I am not able to ssh into it at all. I can only access it physically, not from any other machines on the network.	03:57
twb	This is probably the wrong time to ask for help configuring it, then, if you can't configure it until you get home...	03:58
randy_	I'm sorry, I will try to contact you tomorrow during the day when I'm setting in front of it. I will have to setup irc on the vista box next to it in the office. I was just trying to use my new ubuntu-desktop computer at home.	04:00
twb	If you need irc you can just install irssi on the server; that doesn't need a GUI.	04:01
randy_	How do I do that?	04:01
twb	"apt-get install irssi"	04:01
twb	Then "irssi -c irc.freenode.net" and type /join #ubuntu-server	04:01
twb	It's pretty straightforward.	04:02
randy_	I was just typing that. Okay, I will. Thank you so much for your time.	04:02
randy_	I have copied that line and will do it from the server tomorrow. Thank you	04:02
twb	No worrise.	04:03
ScottK	jtimberman: What did I do/say I'd do? It's not clear to me from the backscroll.	06:29
psi-jack	Oi! This is fscking annoying!	06:57
psi-jack	The OpenLDAP guide is broken on Ubuntu docs.	06:57
twb	Report it as a bug	07:16
twb	And I think you mean "Oy" ;-)	07:16
psi-jack	No, I meant Oi, as I said Oi. :p	07:57
psi-jack	Anyway, the apparent bug in the community documentation on for openldap is the SASL stuff.. It covers nothing on SASL, and openldap defaults always to use SASL auth binding.	07:57
psi-jack	And I'm not 100% familiar with how to fix it exactly.	07:58
acalvo	I've a working mail server on my LAN, and I'm setting up a new mail server with dovecot plus postfix. But when I try to send a new mail from the new server, it gets relayed to the old server. How can I avoid that?	08:48
stefan__	aloha	09:21
stefan__	do you guys know what package is updating the motd in 9.04 with the packages that need upgraded ?	09:22
_ruben	combination of update-motd and update-notifier-common	09:25
stefan__	thanks _ruben	09:26
twb	Cute	09:26
twb	Sticking to 8.04, I didn't know about that new feature	09:27
=== gaveen_ is now known as gaveen
stefan__	twb: depends on the hardware you use, if you use new hardware 804 won't work	09:29
stefan__	so sometimes you have to go with 904	09:29
twb	Believe me, NEWness of hardware is never a concern for me	09:29
twb	My hardware problems are mainly due to kit being chinese knock-offs or fifteen years old.	09:30
stefan__	i believe you :), I was just saying that sometimes you have to use a different version other than LTS	09:30
twb	Granted.	09:30
RoyK	we use LTS on important servers and 9.04/latest on workstations and development servers	09:48
stefan__	I know , we have LTS on most servers , but newest hardware doesn't work with 804	09:52
RoyK	common problem :)	09:53
maswan	Same here, but I run 9.10 on that. ;)	09:55
=== ejat is now known as e-jat
stefan__	maswan: didn't had the guts to run 9.10 yet :)	09:59
maswan	karmic also has postgres 8.4, which is a significant point in favour for us. so since we don't need to take this set into production until october, we might as well start out with karmic. especially since it was closest to netboot properly into the installer, just missing some module dependancies. :)	10:10
stefan__	if it's not going in production than it all for the best to go with the newest	10:16
stefan__	version	10:16
foolano	guys, do you know if ubuntu-vm-builder is capable of creating karmic images already?	10:18
soren	It is.	10:18
soren	If you grab the latest version from Bazaar, at least.	10:18
soren	bzr co lp:~vmbuilder	10:19
foolano	soren: thanks :) in that case i wasted my time adding a karmic puglin and getting ride of chpasswd -e :P	10:19
acalvo	can I use DNS when setting up a DHCP3 server?	10:24
acalvo	for the wins, dns servers?	10:24
acalvo	instead of using their ip address?	10:24
stochastic	Hi, I'm trying to mount a fat32 external harddrive on my Ubuntu Hardy install but no matter what options I put into /etc/fstab it mounts it only readable by root	10:40
ravindu	Urgent help ,Is there any cases that ubuntu server has implemented in IBM Tower server with clustering support	10:42
th0mz	stochastic: mount -o,rw /xxx ?	10:43
ravindu	Urgent help ,Is there any cases that ubuntu server has implemented in IBM Tower server with clustering support	10:45
stochastic	th0mz, nope the rw option doesn't help	10:45
th0mz	is it fat32 or ntfs ?	10:46
stochastic	fat32	10:46
th0mz	idont know why then, sorry	10:46
stochastic	I've even specified the gid and uid in /etc/fstab	10:46
ravindu	how to implement ubuntu server on IBM Tower server with clustering support any resources?	10:48
_ruben	acalvo: you want specify your dns server by hostname .. how do you think that would work? :)	10:52
acalvo	_ruben: you're right, too much hours working make me buzz my head	10:52
garymc	Hi peeps, everytime i click on my launchers when logged in as a particular user, it loads opens it in text editor and not firefox. I want it to open in firefox? When i right click it there is no option to open with other program. When i goto /var/www/ and right click on insert.php it says open with firefox. So i pressume thats all correct. Now when I log in with another user it all works fine??? whats happening here and how	12:28
garymc	can i fix it	12:28
StrangeCharm_	is sysklogd the program that i should be using to recieve system logs from another machine?	12:30
stefan__	StrangeCharm_: no , if you want that use syslog-ng	12:34
StrangeCharm_	thanks, stefan__	12:35
stefan__	no probs	12:35
StrangeCharm_	will the apt package for that run it on boot?	12:36
pmatulis	StrangeCharm_: i just got in, what was your query re logging?	12:36
StrangeCharm_	pmatulis, i was looking to recieve syslogs from another machine, and stefan__ recommended syslog-ng	12:37
pmatulis	StrangeCharm_: you should know that rsyslog is now the default logging system in karmic, and it is very powerful	12:38
pmatulis	StrangeCharm_: it can do anything syslog-ng can do and more	12:38
StrangeCharm_	pmatulis, i'm not sure how much power i need. however, would you definitively recommend it over syslog-ng?	12:39
pmatulis	StrangeCharm_: if you will be running karmic and beyond, yes	12:40
pmatulis	StrangeCharm_: it's also more aligned with open-source (syslog-ng has a dual license)	12:40
StrangeCharm_	pmatulis, so i noticed. however, i don't currently have plans for karmic	12:40
pmatulis	StrangeCharm_: ok	12:41
StrangeCharm_	pmatulis, nonetheless, the licencing argument is persuasive. i'll try rsyslog.	12:42
pmatulis	StrangeCharm_: great, let us know how it turns out	12:42
macrocosm144	Whats the easiest (free) way to backup an entire ubuntu 8.10 server? I am using rsnapshot currently which is nice but I think it would be smart to do full image backups periodically and have them sent to another machine. How do you prefer to handle this? For instance I would like to upgrade my system to the latest 9.x branch but I would like to be able to restore the whole system if...	12:43
macrocosm144	...something goes awry.	12:43
StrangeCharm_	pmatulis, i have no idea what's going on in this conf file. does rsyslog automatically listen for logs sent from other machines?	12:45
pmatulis	StrangeCharm_: no, you need to configure that	12:47
StrangeCharm_	pmatulis, to the documentation, then, what fun!	12:48
pmatulis	StrangeCharm_: the project has a friendly mailing list as well	12:48
StrangeCharm_	pmatulis, i'd rather spend an hour of my time working thing out then spend a man-hour or more of other people's time reading and replying to/ignoring my email	12:50
macrocosm144	lol	12:50
_ruben	sysklog reports remote syslog just fine as well	12:56
_ruben	s/reports/supports/	12:56
StrangeCharm_	_ruben, inbound or outbound?	12:56
StrangeCharm_	is there a good guide for setting up a samba server on one box, and mounting shares from it on another?	13:00
_ruben	StrangeCharm_: both	13:04
_ruben	StrangeCharm_: inbound: add -r to the commandline .. outbound: add @remote.host.com instead of /var/log/whatever to /etc/syslog.con	13:04
_ruben	f	13:04
StrangeCharm_	_ruben, good to know, but i've set up rsyslog now	13:05
=== ScottK2 is now known as ScottK
pmatulis	StrangeCharm_: rsyslog will give you more possibilities for remote logging such as SQL logging and encrypted logging	13:06
StrangeCharm_	pmatulis, i see that, but my requirements here are pretty simple	13:06
pmatulis	StrangeCharm_: well simple remote logging has been available in the stock sysklog system for many years. sorry to misguide you	13:08
a_ok	does anyone know if hardy is vulnerable for this? http://blog.cr0.org/2009/08/linux-null-pointer-dereference-due-to.html	13:11
Jeeves_	a_ok: All kernels	13:32
Jeeves_	As in, all	13:32
a_ok	Jeeves_: well my gentoo kernel is not. As its configured differently (eg decent mmap_min_addr no SELinux and only protocols i need). so I wonder if my ubuntu systems are vulnerable since I haven't seen a patch yet	13:36
a_ok	Jeeves_: ?	13:53
Jeeves_	a_ok: Afaik, everything is vulnerable	13:55
Jeeves_	kees might have more info on this	13:55
henkjan	i guess kees is busy updating kernel packages :)	13:56
Jeeves_	:)	13:56
a_ok	lol hope he is than. thanks	13:56
stefan___	have you guys seen this ? http://archives.neohapsis.com/archives/fulldisclosure/2009-08/0174.html	13:56
stefan___	dated today	13:56
stefan___	yesterday actually :)	13:57
Jeeves_	stefan___: 14:11 < a_ok> does anyone know if hardy is vulnerable for this? http://blog.cr0.org/2009/08/linux-null-pointer-dereference-due-to.html	13:57
stefan___	afects all kernels since 2.4 to 2.6.30	13:57
stefan___	--------------------	13:58
stefan___	Affected Software	13:58
stefan___	------------------------	13:58
stefan___	All Linux 2.4/2.6 versions since May 2001 are believed to be affected:	13:58
stefan___	- Linux 2.4, from 2.4.4 up to and including 2.4.37.4	13:58
stefan___	- Linux 2.6, from 2.6.0 up to and including 2.6.30.4	13:58
a_ok	stefan___: torvalds patched it already we are waiting on kees aparently.	13:58
stefan___	good ol torvalds :)	13:59
a_ok	if the ubuntu kernels are vulnerable at all (there are conditions where this adress space can not be executed)	14:00
stefan___	ok didn't know that . don't have that much understanding of the kernel yet	14:00
stefan___	from what I understand you need a local account to make this work anyway	14:01
a_ok	stefan___: yes or at least controle a local program. check out on the bottom of the page where it sais solution ;)	14:01
stefan___	so how does the process work ? torvalds makes a patch and then notifies all the linux distros ?	14:02
a_ok	and also the mitigation section	14:02
a_ok	stefan___: hardly Linus commits patches on kernel.org distro maintainers watch for new kernel things and security stuff anyway and they patch there kernels when nessesary. after making sure it does not conflict with there own (distro spesific) patches	14:04
a_ok	At least thats how I understand it	14:05
stefan___	ok , good to know as I had no idea of the process at all	14:07
a_ok	stefan___: well most of the time big security issues with get patched real fast even in the less actively developed distro's.	14:08
stefan___	from what I see about min_addr in the mitigation section 804 and 904 shouldn't be vulnerable	14:08
a_ok	stefan___: I don't know for sure if it gets overruled when compiling with SELinux support even if it's disabled	14:10
stefan___	i don't know about SElin as I don't use it	14:10
a_ok	me neighter. never used it barely used ACL. simple is good as long as you don't miss out on key functionality	14:12
stefan___	older 2.6 kernels , example 2.6.15 don't have the vm.mmap_min_addr implemented though	14:13
Psi-Jack_	Curious. The OpenLDAP provided from 9.04's packaging, doesn't provide a slapd.conf, so how would I disable SASL authentication globally?	14:16
Boohbah	Psi-Jack_: what do you mean disable SASL authentication globally? have you setup something to authenticate using SASL? a mail server perhaps?	14:23
Psi-Jack_	Boohbah, SASL authentication is not needed, nor wanted. OpenLDAP's authentication through SSL and Kerberos is fine, no need for SASL.	14:24
=== genii_ is now known as genii
Boohbah	Psi-Jack_: there is no global authentication setting that i know of, you need to configure authentication individually for each application	14:25
Psi-Jack_	Boohbah, In this case, it's OpenLDAP. :p	14:26
Psi-Jack_	-THE- application trying to use SASL.	14:26
Boohbah	ahh, now i understand	14:26
a_ok	Psi-jack: kill the sasl daemon?	14:27
Psi-Jack_	Yes. It's an OpenLDAP-specific issue.	14:27
Psi-Jack_	a_ok, I don't have one running on the server running kdc and openldap. :p	14:27
Psi-Jack_	Again, this is an OpenLDAP issue, SPECIFICALLY.	14:27
a_ok	Psi-Jack: sorry missed the reest was just reading up on it now. Boohbah is on it, stearing clear	14:28
Psi-Jack_	Hehe	14:28
Psi-Jack_	Yeah, don't know if Boohbah is knowledgable enough to be helpful.	14:28
Psi-Jack_	.. either. ;)	14:28
Boohbah	nope	14:30
Psi-Jack_	Yeah. hehe - Judging my your previous words, you didn't know openldap. It's no biggie. I'll find someone who is eventually. :)	14:31
Boohbah	i am educating myself now	14:31
sgsax	Psi-Jack_: is it something you can change in your pam configs or nsswitch?	14:32
Psi-Jack_	Nope	14:32
sgsax	using openldap for local auth, or auth for a service?	14:32
Boohbah	how do you know that openldap is trying to use sasl authentication?	14:32
Psi-Jack_	The problem is with openldap itself. I'm trying to use the ldapscripts for ldapadduser, but it's using a full v3 bind which includes using sasl auth, but fails because sasl auth isn't in use.	14:33
Psi-Jack_	Boohbah, ldapscripts.log :)	14:33
sgsax	ldap.conf has settings for tls, I know, but nothing for sasl	14:35
sgsax	wait... have you tried this in your ldap.conf:	14:40
sgsax	sasl_secprops maxssf=0	14:40
Psi-Jack_	Yeah, but that's not for the server.. Hmmm, though that is for the client.	14:42
Psi-Jack_	But no, that doesn't change what I'm seeing. I had had that,.	14:43
a_ok	Psi-Jack have you checked /etc/defaults dir? that kind of settings are often in there	14:48
sgsax	slapd seems to be a seperate package, perhaps you need to actually install it to get what you need	14:50
* sgsax makes a wild guess		14:50
Psi-Jack_	Stop wild guessing please. ;)	14:50
sgsax	shutting up :)	14:50
Psi-Jack_	Unless you know openldap, you can't really help me at all.	14:50
sgsax	I use it for auth against AD, but not for auth by itself	14:51
Psi-Jack_	Bleh, AD...	14:52
sgsax	tell me about it...	14:52
sgsax	recently went round and round with it	14:54
sgsax	black fscking magic	14:54
a_ok	Psi-Jack: did you check out https://help.ubuntu.com/8.10/serverguide/C/openldap-server.html . I don't know openldap (at least not on ubuntu) but I can't find anything else usefull on SASL and openLDAP. perhaps you need to set up sasl properly and than not use it... bit rediculous but if it gets you going	14:54
a_ok	Psi-Jack: search for SASL on the link i just gave	14:55
Psi-Jack_	a_ok, Yep. In fact, that's the thing that has bugs in it not mentioning SASL at all, but depends on it.	14:55
a_ok	Psi-Jack: well you would not be the first with this problem than. I'm out of idea's perhaps try openldap channel?	14:58
Psi-Jack_	I'm doing that too, yes.	14:59
Psi-Jack_	ldapadduser fails, because of authentication failures, because it's trying to use SASL.	15:00
Psi-Jack_	Roughly short and simple.	15:00
Boohbah	Psi-Jack_: perhaps it is a compile-time option that needs to be disabled. in gentoo i see a sasl USE flag suggesting that this support may be set at compile time. though i would imagine there should be a way to turn it off in config.	15:25
* Boohbah done wild guessing now		15:25
froud	hi, server 8.10, I've installed phpmyadmin with apt-get and configured apache2.conf but when I load http://serverip/phpMyAdmin I get msg "Cannot Complete Request". Anyone know of this problem?	15:53
froud	I also ln -s /usr/share/phpmyadmin/ /var/www/phpmyadmin	15:56
froud	oh dah fixed needed permissions for www-data	15:57
froud	thanks'	15:57
uvirtbot	New bug: #413640 in mysql-dfsg-5.0 (main) "package mysql-server-5.0 5.0.67-0ubuntu6 failed to install/upgrade: subprocess post-installation script killed by signal (Interrupt)" [Undecided,New] https://launchpad.net/bugs/413640	16:01
=== nijaba` is now known as nijaba
kees	stefan___: by default, Ubuntu 8.04 and later is not vulnerable. If, however, you've got wine or dosemu installed, you are. Basically, check the setting of /proc/sys/vm/mmap_min_addr If it's zero, you're vulnerable.	16:47
stefan___	kees: thanks I did that	16:48
stefan___	only vulnerable on a few old systems	16:48
stefan___	that run 6 LTS	16:48
kees	stefan___: correct. in those cases, you can use the workarounds detailed in the RedHat bug linked from: http://people.canonical.com/~ubuntu-security/cve/2009/CVE-2009-2692.html	16:54
uvirtbot	kees: RESERVED This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided. (http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-2692)	16:54
mdz	ttx: thread forwarded to you	16:55
ttx	mdz: ok	16:56
stefan___	thanks kees	17:01
kees	stefan___: sure! (note that we are preparing a kernel update too, but that will likely happen on monday)	17:02
sgsax	kees: nice to know you guys are on top of this stuff, even if it is somewhat obscure and non-threatening	17:14
stefan___	good to hear that kees	17:20
kees	sgsax: thanks! yeah, it certainly keeps us busy. :)	17:21
cemc	where should I open bugreports that are probably related to the kernel, but I'm not sure (it's a suspend/resume problem) ?	17:33
Aison	hello :)	17:33
alex_joni	cemc: launchpad ;)	17:33
cemc	alex_joni: yeah but to what package/team exactly ?	17:33
Aison	i've got hardy version of ubuntu server, somehow do-release-upgrade don't work	17:34
Aison	thought there's a newer version?	17:34
kees	Aison: you need to change the "only upgrade to another LTS" setting: http://www.cyberciti.biz/faq/howto-upgrade-ubuntu-servers-804-to-810/	17:40
Aison	kees, thx	17:47
Aison	how can I keep an net intf down? or no config?	17:47
Aison	auto eth2	17:47
Aison	iface eth2 down?	17:47
kees	Aison: I think, just remove "auth eth2"	17:48
HellMind	how can I check my bandwidth usage in realtime	18:04
qman__	anybody know if I have to do anything special to enable sha512 hashing for passwords on 8.04?	18:04
qman__	like, install any packages, or should just changing 'md5' to 'sha512' in /etc/pam.d/common-password do the trick?	18:05
TeLLuS	HellMind: iftop is one way.. for console	18:05
qman__	I use vnstat, but that's not real-time data, that's graphed overall usage data	18:06
qman__	yeah, it's not working	18:13
qman__	just changing it made it use UNIX hashing	18:13
qman__	anybody know what needs to be done?	18:13
qman__	appears that in gentoo it's a compile time option -- http://www.linux-archive.org/gentoo-hardened/267979-moving-md5-sha512-shadow-password-hashes.html	18:21
qman__	I'm guessing it's the same for ubuntu, which would mean I'd have to dist-upgrade	18:22
giovani	heh	18:23
qman__	to 8.10, then 9.04	18:23
giovani	SHA512 hashes are really not going to get you much	18:23
qman__	so I guess I'm using md5 for a while yet	18:23
giovani	it's not as if plain MD5s are being used	18:23
giovani	the crypt function does a ton of weird transforms	18:24
qman__	true	18:24
giovani	it's not at all vulnerable	18:24
qman__	I just saw the functionality on a 9.04 box and wanted to enable it if I could	18:24
giovani	I've looked into writing a GPU bruteforcer for it	18:24
giovani	it's complex	18:24
kees	qman__: PAM in 8.04 does not support sha512, unfortunately.	18:25
giovani	random passwords of 7-9 char lengths I estimate would take 200-300 days on a modern GPU	18:25
qman__	it would probably also increase the login times too much on my 200MHz shell server ;)	18:25
giovani	hah, indeed	18:26
qman__	my personal password policy is no less than 12, 3/4 complexity	18:26
qman__	simply because windows is pretty vulnerable with anything less than that	18:26
giovani	3/4 complexity?	18:26
giovani	haha, windows	18:26
qman__	yeah, lowercase, uppercase, numbers, and symbols are your four categories	18:26
qman__	three of the four	18:26
giovani	haha	18:27
giovani	is this some windows categorization crap?	18:27
qman__	no	18:28
qman__	have you ever configured cracklib?	18:28
qman__	it's a pretty standard categorization for passwords in general	18:28
qman__	there's also the 12 or so "common" symbols, and then the rest of the symbols	18:28
giovani	alright	18:29
giovani	every password I have is randomly generated for me ... I wouldn't categorize that way at all	18:30
qman__	more than 12 actually, but yeah	18:30
qman__	I don't do random ones, too hard to type	18:30
qman__	I just make them longer to make up for it	18:30
giovani	why would you ever type a password?	18:30
giovani	I haven't done that in ... years probably	18:31
qman__	because I don't have retina scanners	18:31
giovani	uh, copy-paste from a password storage application ...	18:31
qman__	you still have to log into the system to begin with	18:31
giovani	that's smartcard-based	18:32
qman__	don't have the hardware	18:32
giovani	$10 on ebay :)	18:32
qman__	times...8 systems?	18:32
qman__	besides, I trust that I'll remember a password more than I won't lose a card	18:33
giovani	if you can remember your passwords ... your passwords are likely not very strong	18:34
giovani	or you don't manage enough passwords	18:34
giovani	i have a few hundred	18:34
qman__	oh, they are strong	18:34
giovani	remember a few hundred 20-character random strings	18:34
giovani	just isn't possible	18:34
qman__	of course not, but they don't have to be totally random	18:34
qman__	random is stronger, but the key is length and complexity	18:35
giovani	but remembering a 100 or 200 passwords of any type is nearly impossible	18:35
giovani	especially if they're properly rotated	18:35
qman__	anything complex and over 20 characters is simply not brute-forcable now	18:35
giovani	that's not true	18:35
giovani	if they're phrase passwords they're easily destroyed	18:36
qman__	if they're all dictionary words in one case, yes	18:36
giovani	length is meaningless if it's a predictable sequence	18:36
giovani	or transforms of dictionary words	18:36
qman__	change it just enough, and it's secure	18:37
qman__	if the encryption is not a flawed algorithm, it won't give any clues	18:37
giovani	that's a very unclear line	18:37
giovani	what's "just enough" transformation is not definable absolutely	18:37
giovani	it's up to the attacker what kind of transforms they'll do	18:37
giovani	so why take the risk	18:38
giovani	use truly random passwords	18:38
giovani	and you'll save your memory for more important things	18:39
qman__	not much more important than the keys to the kingdom	18:40
giovani	it's a completely inefficient, and reasonably less secure way of doing things	18:41
giovani	I'm not sure how you could defend it	18:41
qman__	it's not really any less secure than a smart card, which is easily lost or stolen	18:41
qman__	or a thumb print reader, which is only about 90% accurate	18:41
giovani	well the smart card is identity-linked ... so either you have a password, or a fingerprint, etc	18:42
qman__	and even then, 20 character passphrases are worlds better than some of these websites that allow a max 8-10 character password, no symbols allowed	18:42
qman__	there is always a tradeoff between secure and convenient	18:45
Max007	I have a problem with apache2+php. I installed MySAR (Mysql Squid Access Report). When I try to access http://myserver/mysar/index.php it download the php file instead of displaying it. But when I try with phpinfo.php and http://myserver/mysar/install/index.php it works.. so PHP5 is working with Apache..	18:45
qman__	Max007, check the file permissions	18:46
Max007	-rw-rw-r-- 1 www-data www-data 28914 2007-08-17 05:05 index.php	18:46
qman__	and on the one that works?	18:46
Max007	-rw-r--r-- 1 root root 20 2009-08-14 12:09 phpinfo.php	18:46
qman__	hmm	18:46
Max007	but mysar is in /usr/local/mysar/www with a symlink	18:47
giovani	probably a filetype misconfiguration	18:47
qman__	might be an apparmor thing, but I've not run into apache/apparmor issues myself	18:47
Max007	there's a symlink in /etc/apache2/conf.d	18:47
Max007	qman__: apparmor is not installed	18:47
HellMind	How can I see the real bandwidth use, and the real cpu use	18:48
HellMind	You preferred tool	18:48
HellMind	r	18:48
qman__	HellMind, for bandwidth you'll have to install something, but for CPU, use top	18:48
qman__	uptime will show load averages	18:48
giovani	load averages aren't an indicator of "cpu use" though	18:49
giovani	so you'll want to look at the output of vmstat/top/htop/etc	18:50
HellMind	what is something? that what im asking for	18:54
HellMind	i use htop	18:54
HellMind	but I would like a graph	18:54
HellMind	like a task manager	18:54
HellMind	maybe some app for X	18:54
qman__	ubuntu desktop has "System Monitor"	18:54
qman__	which does precisely that	18:54
HellMind	bandwidth monitor?	18:56
qman__	though having X running on a server is a bad idea	18:56
HellMind	who said that?, he was a noob	18:56
HellMind	how you can run a server appz that uses a gui without x?	18:57
qman__	most server apps don't use a GUI	18:57
qman__	the only real exception to that rule is LTSP	18:57
HellMind	well my app uses it :(	18:57
HellMind	I am always the exception	18:58
qman__	the thing is, X is very vulnerable to a number of sniffing and spoofing attacks	18:58
qman__	so it must be properly configured and firewalled, and is a lot of work	18:58
HellMind	I m not a regular guy that runs apache and mysql	18:58
HellMind	I run gameservers	18:58
qman__	so, in general, it's a bad idea to run X on a server	18:58
HellMind	im runing tightvnc x server	18:58
HellMind	thats the only way to run wine :(	18:58
alex_joni	HellMind: install a graphing app	18:59
Max007	qman__: it works if i copy /usr/local/mysar/index.php to /var/www/index.php (http://mysrver/index.php)	18:59
alex_joni	like mrtg or rrdtool or cacti	18:59
Max007	but if i copy /usr/local/mysar/www/* to /var/www/mysar it doesnt works	18:59
giovani	HellMind: no decent server application requires a gui	18:59
Max007	i dont get it	18:59
giovani	there are plenty of tools to graph cpu usage for a server	18:59
giovani	cacti comes to mind as a simple solution	19:00
qman__	Max007, that is odd, are you sure your permissions are okay, with your symlink and all?	19:00
qman__	HellMind, why do you need wine?	19:00
qman__	most game servers have a linux version	19:00
qman__	hlds/srcds for pretty much anything on Steam	19:01
HellMind	osview -geometry 406x488 -font 8x16 +load +cpu +mem +swap \	19:01
HellMind	+page +disk +int +net &	19:01
HellMind	I told you all, im not like the regular ppl	19:01
HellMind	I need to run a server that doesnt got a linux binary	19:01
giovani	the "regular people"	19:01
HellMind	qman__ if you play cs and tf2 thats ok	19:01
HellMind	but my clients needs mohaabt	19:01
giovani	HellMind: then maybe you shouldn't be using a linux server to host it	19:01
jtimberman	s/cs/l4d/ :)	19:02
HellMind	linux can doit	19:02
qman__	yeah, unfortunately I have to agree with giovani there	19:02
HellMind	thats the most stupid thing I eard	19:02
qman__	running wine and X on a linux server is, security wise, a bit worse than a properly firewalled windows 2003 box	19:02
HellMind	linux is made for all the complex stuf!	19:02
HellMind	there are no limit	19:02
giovani	you're not doing anything "complex"	19:02
qman__	you're widening your software footprint	19:03
giovani	wine is really not very stable	19:03
qman__	bringing more potential holes into your system	19:03
HellMind	qman__ you can run it using a low access user	19:03
giovani	and it a hack, at best	19:03
HellMind	and you miss the concept of all security	19:03
jtimberman	HellMind: You can use a trending tools or munin or cacti that will provide you with RRD graphs you can view in a web browser from a desktop system connecting to your server.	19:03
Max007	qman__: i fixed it.. I changed "Alias /mysar /usr/local/mysar/www" to "Alias /squid /usr/local/mysar/www" in /etc/apache2/conf.d/mysar	19:03
giovani	miss the concept?	19:03
HellMind	its like saying you dont want to store you wallet on your house	19:03
HellMind	because its insecure	19:03
Max007	qman__: it's weird.. if the folder name is mysar it doesn't work	19:03
HellMind	my server isnt a gold bar	19:03
HellMind	its a tiny game server	19:04
qman__	Max007, glad you got it working, but I'm not really clear on what that is	19:04
qman__	HellMind, you're missing the point; the more software you run, the less secure your system is	19:04
HellMind	I was using munin, but it eat a lot of resource	19:04
jtimberman	qman__: you mean the more software you run that opens listen ports ;)	19:04
qman__	by running a windows set on top of a linux set, you're incorporating the potential flaws of two completely different systems	19:04
HellMind	qman__ yeah but you must run something right?	19:05
qman__	by only running a windows set, you limit your potential issues	19:05
HellMind	so you dont use the appz that you need because its insecure?	19:05
qman__	no, you run them as securely as possible, by using the least software necessary	19:05
qman__	in the tightest configuration you can	19:05
HellMind	thats what im doing :)	19:05
qman__	running X with wine is not a tight or secure configuration	19:05
qman__	at all	19:05
HellMind	it is, is the only way you got	19:06
HellMind	if you run server linux gameserver	19:06
qman__	a patched, firewalled windows server is better, from a security standpoint	19:06
HellMind	and you need a single windows app	19:06
HellMind	qman__ you secure solution isnt cheap	19:06
giovani	windows can be had for reasonably cheap	19:06
qman__	windows XP home edition can be had for next to nothing	19:06
HellMind	I know It would be also cool running every game server in many servers	19:06
qman__	which is more than enough to run a game server	19:07
qman__	it can run a proper firewall, and run the server unprivileged	19:07
HellMind	the only thing I dont pay if for software	19:07
HellMind	I dont got many server	19:07
HellMind	I got 1	19:07
HellMind	1, how you run a linux and a windows app in a server?	19:08
HellMind	also my server got a tiny hosting vm	19:08
HellMind	you ppl waste hardware and resource	19:08
qman__	you're doing too much with one machine, frankly	19:08
HellMind	not because you make them secure	19:08
HellMind	but you got the money to waste	19:08
qman__	it's not about wasting money	19:08
qman__	it's about being secure	19:08
qman__	if you don't understand that, you really shouldn't be running a server	19:09
HellMind	no one ever hacked me	19:09
HellMind	I know where are the vulns	19:09
HellMind	I think you cant estimate the posibility of every vuln	19:10
qman__	and giovani was worried about my password policy :/	19:10
HellMind	everything is insecure, and you can only give value of risk to every issue	19:10
giovani	qman__: HellMind is clearly completely uneducated	19:12
HellMind	im educated in the street of data	19:12
giovani	that's a completely nonsensical statement	19:13
HellMind	you dont know how to measure the risk	19:13
HellMind	if you got a desktop that isnt use for anything serious	19:13
jdstrand	I don't think one can make a blanket statement like "running Windows XP as a game server is more secure than a Linux box with wine"	19:13
HellMind	it doesnt need the top of security	19:14
HellMind	it needs practicity	19:14
jtimberman	No, he's right. Security is about trust and risk assessment.	19:14
qman__	jdstrand, that's not what was meant	19:14
HellMind	there are many server, a game server isnt like a bank server	19:14
* jdstrand might have misunderstood backscroll		19:14
qman__	my point was, in his situation, running that application on windows would be more secure than running it in wine, with X, on linux	19:14
giovani	jdstrand: I think you did	19:14
giovani	running wine on x on a linux server is a completely hacked solution	19:14
giovani	it's messy, and there's no good reason for it	19:15
HellMind	qman__ and also with that argument I can say it would be more secure if you dont run it, and you stay in home away of virus and diseases	19:15
qman__	of course, I would never connect a windows box directly to the internet	19:15
jdstrand	I admit that is a rather 'hacked solution'	19:16
qman__	gotta have a firewall of some sort in between, even if it's just a NAT router	19:16
Nafallo	NAT? aren't we all running IPv6 these days?	19:16
qman__	not even slightly	19:16
HellMind	ipv6 whats that :D	19:16
qman__	I CAN'T run IPv6	19:16
qman__	I'm lucky I'm online at all	19:17
HellMind	that module is blacklisted :) I dont want to waste resources	19:17
jdstrand	that said, and NUL pointer derefences aside, wine on Linux doesn't have to be insecure. one can use apparmor. plus, the number of libraries and applications in a default wine install is far less than a Windows XP Home edition install	19:17
qman__	my ISP is terrible, and has a monopoly over my entire area	19:17
Nafallo	qman__: tunnels not an option?	19:17
HellMind	qman__ my isp too :( the goverment let them	19:18
jdstrand	anyway, I'm not going to debate the merits of Wine/X/Linux and Windows XP. it just struck me as an odd statement, and I recognize I misunderstood :)	19:18
qman__	jdstrand, that's ok, you have a valid point	19:18
qman__	it can be done, but it takes a lot of work	19:18
qman__	a lot more work than just windows with a firewall	19:18
Nafallo	s/with/and/	19:18
HellMind	qman__ you practical solution isnt available on the 3rd world	19:19
giovani	the 3rd world doesn't need game servers	19:19
Nafallo	better keep the boxes separate ;-)	19:19
giovani	they need food and shelter	19:19
qman__	HellMind, if you know where to look, you can dumpster dive and get free, legitimate copies of windows	19:19
qman__	there's so many of them out there, they can be had for almost nothing	19:20
giovani	exactly	19:20
HellMind	giovani thats the truth :(	19:20
qman__	so cost, in this situation, is not really a factor	19:20
giovani	my company just threw out 100 windows licenses (attached t ocomputers)	19:20
jdstrand	plus, if one knows how to maintain and secure a linux box, but knows nothing about maintaining and securing a Windows box, then one should use Linux	19:20
giovani	jdstrand: but that's not the situation	19:20
HellMind	my country is a pirate paradise	19:20
giovani	so let's not speak in manufactured hypotheticals	19:20
qman__	don't get me wrong, I'd be the first one to try and switch a windows server to linux	19:21
qman__	I'm just saying, that setup is no good	19:21
jdstrand	giovani: I don't know HellMind's experience-- I was merely pointing out another consideration when one is choosing an OS	19:21
HellMind	I know everything	19:21
HellMind	thats my experience	19:21
giovani	jdstrand: it's a reasonably rare situation, I think, and was convinient for this disucssion	19:22
giovani	discussion*	19:22
jdstrand	and IMHO, I don't think it is a manufactured hypothetical-- it is merely something to consider	19:22
HellMind	In my situation you all were defeated	19:23
jdstrand	I think it is also worth mentioning that recommending someone use Windows XP Home as a server in the #ubuntu-server channel is probably not the best use of people's resources here	19:26
HellMind	people should be banned for that ... :P	19:27
giovani	I think each channel member can use their own resources how they see fit	19:27
giovani	however, it's a stated channel policy that we don't support x on ubuntu server installs	19:27
HellMind	:(	19:28
HellMind	you know the damn mohaa dedicated server doesnt need gui	19:28
HellMind	but they added some skin and a window and a input box	19:29
qman__	windows xp home wouldn't be my first choice, but given the situation's requirements, it seemed appropriate	19:29
HellMind	I tried with a xp guest too	19:29
HellMind	but the with the lag it were unplayable :(	19:29
HellMind	I cant virtualize gameservers :(	19:30
Aison	is there something like webmin for ubuntu server?	19:33
Reepicheep	Aison: ebox might be your tool	19:35
HellMind	its better than webmin?	19:35
Aison	webmin is not maintained by ubuntu devel	19:36
qman__	webmin is considered evil by many here, because of the way it handles configuration files	19:36
qman__	it's not very nice to them, to say the least	19:36
Nafallo	!webmin	19:37
ubottu	webmin is no longer supported in Debian and Ubuntu. It is not compatible with the way that Ubuntu packages handle configuration files, and is likely to cause unexpected issues with your system. See !ebox instead.	19:37
Aison	ubottu, but ebox is fine? I don't know it	19:37
jpds	!ebox \| Aison	19:37
ubottu	Aison: ebox is a web-based GUI interface for administering a server. It is designed to work with Ubuntu/Debian style configuration management. See https://help.ubuntu.com/community/eBox	19:37
jpds	ubottu: tell Aison about yourself	19:37
ubottu	Aison, please see my private message	19:37
Aison	oh, nice	19:38
HellMind	I need something to allow a user to start and stop a service	19:39
HellMind	by web	19:39
HellMind	I used webmin but its a waste of resources	19:39
HellMind	I want to let the client restart their own dedicated server service	19:39
qman__	I would just write up my own script, in that situation	19:41
HellMind	a php script?	19:41
qman__	it'd be fairly trivial to do in php, aside from a secure login	19:41
HellMind	yep your right	19:41
HellMind	I want to buy some complete gameserver script	19:41
HellMind	to manage payments also :(	19:42
Kamilion	Having trouble getting Alpha 4 installed on a Supermicro X8DTH-6F, the install media won't find the MPT2 SAS controller.	19:45
Kamilion	What's the best course of action to get it installed?	19:45
Nafallo	not sure I understand the question...	19:45
Nafallo	ah. because I read it wrong.	19:46
Kamilion	the latest gparted livecd with kernel 2.6.30 detects the mpt2 controller, but 9.10 Alpha 4 doesn't detect it.	19:46
Kamilion	it asks me which modules to insert to support it.	19:46
AnAnt	Hello, how can I make issue message dynamic ?	19:47
qman__	AnAnt, do you mean motd?	19:47
AnAnt	yup	19:47
qman__	AnAnt, see man motd	19:48
qman__	if you want something more complex than that, you'll have to write a script to do it	19:48
Kamilion	any idea how to install onto a system with a mpt2 disk controller?	19:49
AnAnt	I see, thanks	19:49
Kamilion	AnAnt: Check the cron scripts, there's some stuff there that automatically updates the motd with the status of the package manager. You can probably work it out from there.	19:50
AnAnt	Kamilion: ok, thanks	19:50
Kamilion	9.04+ I think	19:51
Kamilion	8.10 might have it as well, but I'm not totally sure.	19:51
Kamilion	iirc it updates /etc/issue and /etc/issue.net	19:51
freemonttroll	Is it possible to upgrade from MySQL 5.0 to 5.1 on Ubuntu Hardy? I ran sudo apt-get update / dist-upgrade and then install mysql-server mysql-client, but I was told that I already have latest version.	19:54
AnAnt	Kamilion: /etc/update-motd.d/	19:58
giovani	freemonttroll: that's because you do ...	19:58
freemonttroll	giovani, so there's no way to get 5.1 on Ubuntu Hardy??	19:58
giovani	freemonttroll: not through the official ubuntu repositories	19:59
freemonttroll	giovani, how do I get it from the unofficial ones?	19:59
giovani	the entire point of releases is to use stable, tested softwaqre	19:59
giovani	that's up to however the unofficial repository is set up	19:59
giovani	you'd have to find out	19:59
freemonttroll	giovani, understood, but I still need to do the upgrade.	19:59
freemonttroll	giovani, ok	19:59
giovani	or use jaunty	19:59
giovani	as it contains 5.1	19:59
giovani	don't use an old release if you want new software	19:59
Rich-Newbie	has anybody got any how to's to setup a server for soho, which could run local email, and use fetchmail to download from the isp, and then have simple file sharing	20:01
giovani	Rich-Newbie: I'm sure google can provide that	20:02
Kamilion	Rich-Newbie: Yes, there's a very nice howto for setting up postfix with 9.04	20:05
Kamilion	give me a second and I'll go find it, it was in the alpha release notes, IIRC	20:06
Kamilion	"The dovecot-postfix package in Ubuntu 9.04 Beta provides an easy-to-deploy mail server stack, with support for SMTP, POP3, and IMAP with TLS and SASL."	20:06
Rich-Newbie	that will be great, thanks. I have found alot on google, but most of them are much bigger than what I want to achieve.	20:06
Kamilion	took me about 20 minutes to set up.	20:07
giovani	Kamilion: that doesn't sound like a smarthost setup	20:07
Kamilion	it was dead simple to tack fetchmail onto it.	20:08
giovani	sure, it's just as easy to set up postfix	20:08
Kamilion	and he said 'run local email', which sounds like he wants a SMTP server.	20:08
giovani	sure, a smarthost smtp server	20:08
Kamilion	and the associated pop and imap stuff (soho)	20:08
giovani	because he wants to relay	20:09
Psi-Jack_	local mail? That could be even as simple as ssmtp	20:09
Psi-Jack_	If no actual smtp server itself is needed.	20:09
Kamilion	When I installed the postfix-dovecot package, it asked me what type of setup I wanted for postfix. I answered smarthost.	20:09
Rich-Newbie	I wont have a deidicated Ip, so relaying is going to be the best otionn	20:09
Kamilion	it took care of 90% of the config for me	20:09
Kamilion	yeah, I'm on a dynamic too, relaying to google's SMTP server	20:10
Rich-Newbie	local mail is where I get a bit confused about the config. The only mail server I have dealt with to date, has been exchange 2003 in sbs server 2003 standard.	20:11
Kamilion	but the dovecot integration really hit home for me. just make new user accounts on the box and they get an email address.	20:11
giovani	Rich-Newbie: honestly, you should look into running a VPS on the internet	20:12
Kamilion	then just change their shell	20:12
giovani	it's a cheap way to get a server running, and then you don't have to use your ISP relay, you get full control, and can host your own domain's email properly, and easily provide access from anywhere	20:12
Kamilion	Amazon's EC2 has 'reserved' pricing if you're willing to pay for a year up front. It's really quite a good deal.	20:13
giovani	I wouldn't recommend EC2 for a basic server setup	20:13
giovani	but, sure, any provider will do	20:13
Kamilion	Me either, but it's well known and the chances of it going down are near zero except for operator error.	20:14
giovani	it's incredibly overpriced	20:14
HellMind	gkrellm the graphs are so small :(	20:14
Kamilion	normally yes, but the reserved pricing is quite good.	20:14
giovani	Kamilion: mail servers don't need 100% uptime to be effective	20:14
Kamilion	I know, but it helps ;)	20:14
giovani	you can easily get 4-5 VPSes for the price of an EC2 box	20:14
giovani	and set up redundant mail delivery	20:15
Kamilion	true, but 4-5 VPSs do not equal a 2Ghz box with 1.7GB of memory on a tier one bandwidth fiber backbone.	20:15
Kamilion	just a peace of mind thing, y'know?	20:15
giovani	that's entirely wasted	20:15
giovani	I'm making a recommendation that's in line with his needs	20:15
Kamilion	shrugs	20:16
giovani	amazon is defintiely not immune to failures ... putting all of your eggs in one basket, no matter how huge the basket -- doesn't make it redundant	20:16
Kamilion	in for a penny, in for a pound. When you have excess capacity, it's funny how you find ways to make use of it. ("Hey, I'll add a wordpress server!"	20:16
giovani	you'd be far better off with two VPSes in diverse geographical areas, and you'd get the benefit of learning to set up a multi-server email system	20:16
Kamilion	point taken.	20:16
giovani	and it's far cheaper	20:17
Kamilion	But as you said, mail delivery doesn't need 100% uptime, as long as the servers have proper timeouts.	20:17
giovani	agreed -- but if you're willing to spend an extra $5 a month you can hedge your potential losses if one provider has a failure	20:17
Kamilion	Sorry, I'm still stuck with Atari's tagline from the 80s	20:17
giovani	and you gain experience	20:17
Kamilion	"Power without the price" :)	20:17
giovani	I regularly scope out $5-7/mo VPSes	20:17
giovani	and presume they're not highly reliable ... but together, 3 or 4 of them are an awesome geo-diverse setup	20:18
Rich-Newbie	I am looking for a simple mail server, that would be able to send mail internaly without the need to send it through an ISP.	20:18
giovani	Rich-Newbie: I don't know what "send mail internally" means	20:18
Kamilion	local domain	20:18
qman__	postfix can do exactly that	20:18
Rich-Newbie	that it	20:18
giovani	right, you can do that locally at your office, or on the internet	20:18
giovani	either way	20:18
Jeeves_	00What's with ipv6 here at har?	20:18
Jeeves_	[A	20:19
Kamilion	Anyway, does anyone have any experiance with the mpt2 driver? I'm having trouble installing 9.10 alpha 4 because I can't find the module to insert.	20:19
Jeeves_	ipv6 seems to be broken sometimes	20:19
Rich-Newbie	I want it at the office, instead of sending it through the isp. It does not make sense to send an email to the person in the next room via the isp	20:20
Jeeves_	Why would I say that ipv6-shit on #ubuntu-server? :)	20:21
* Jeeves_ switches to the right channel :)		20:21
giovani	Kamilion: this isn't the right channel for 9.10 support	20:21
giovani	Kamilion: try #ubuntu+1	20:21
Kamilion	9.04 or 9.10, I don't really care.	20:22
giovani	Rich-Newbie: hosted email is very common -- it's far more reliable to host your mail externally than on a low-class internet connection in your office	20:22
Kamilion	I just figured the server channel would be more likely than #ubuntu to have an answer for a SAS controller :)	20:22
* henkjan hands Jeeves_ another beer		20:22
henkjan	harhar	20:23
giovani	Kamilion: #ubuntu+1 isn't anything like #ubuntu :)	20:23
giovani	but yeah	20:23
giovani	if it's not 9.10 specific, it's fine here	20:23
Jeeves_	henkjan: :)	20:24
Kamilion	I just need to figure out what module needs to be inserted for fusion mpt2 support	20:24
Jeeves_	mpt_sas	20:24
Kamilion	Pretty sure I tried that.	20:24
Kamilion	I tried all of the mpt* modules.	20:25
Jeeves_	Than you might have a unsupported chipset	20:25
Kamilion	the gparted livecd with 2.6.30 finds it.	20:25
Kamilion	IIRC 9.10 has 2.6.31-rc3, so I'm PRETTY sure the kernel module exists to support it	20:26
Kamilion	I'll just boot gparted and try lsmod	20:26
Kamilion	Okay, another question then -- if the module for it doesn't exist, the installer prompts me for a 'floppy or usb drive' with the modules. Where's the howto on how to generate these modules from another system?	20:26
Kamilion	I have two amd64 9.04 boxes and a VM infrastructure on them, so the build environment's not so much of a problem, I could just use a high level overview of the process so I'm not running in circles	20:28
Rich-Newbie	giovani: The main purpose of my exersise to to run email on a local domain. Lets say 5 people share an office, person one needs to email person 2 a 5 meg attachments. It does not make sense to me to have to email it to the isp, then the receiving person downloads via pop3. Its much faster to send that file localy, and wont use bandwidth.	20:29
Kamilion	Sounds like more of a job for samba ;)	20:30
qman__	email in general is an inefficient way to do that	20:30
qman__	but that's another issue altogether	20:30
qman__	a local mail server for a business is no big deal, postfix in an "internet site" configuration should do that just fine	20:30
giovani	Rich-Newbie: you shouldn't be using email to move files internally	20:31
giovani	(and not externally either ... but that's slightly more excusable)	20:31
Rich-Newbie	afrom what I have seen, thats how alot of users do it.	20:31
giovani	well prevent them from doing that :)	20:31
qman__	yes, but it's bad practice	20:31
qman__	it's inefficient for a number of reasons, and just generally a bad idea	20:32
qman__	if you provide an environment with a better, easier alternative, they won't do that :)	20:32
qman__	a file share is one good way, using samba	20:32
qman__	but one approach I rather like is a wiki site	20:32
Kamilion	Hey, actually, might wanna take a look at openfiler -- since that can snapshot and version files. We use that type of functionality heavily here (I work for a staffing company)	20:33
qman__	the main advantages to wiki, everyone can update stuff, and you never lose data, because it keeps all previous versions	20:34
Kamilion	all of our users talk to a samba share on one of our local boxes, and that box snapshots the filesystem every 15 minutes.	20:34
qman__	and tracks it all in a nice manageable way	20:34
qman__	there are a lot of different approaches, but there's one main thing they have in common	20:35
qman__	they're much better than email for sharing files	20:35
Kamilion	the snapshots show up as read-only directories	20:36
qman__	but back to your original question, it's very simple to set up a local email domain with postfix	20:37
Rich-Newbie	Yes I do a agree email is not the best way to share files. I do use a general shared folder to share files. If the accountant has to send the boss something, say finacial figures ect, they going to general email it.	20:37
Rich-Newbie	thanks qman	20:38
qman__	you just install the package, choose internet site, and add users	20:38
Rich-Newbie	qman: I chose internet site with smart host	20:38
giovani	Rich-Newbie: you should set up different folders within the general share with permissions	20:38
giovani	so that the boss has access to every department's files, and only each department has access to their own private files, etc	20:38
qman__	I'm pretty sure there's a section in the ubuntu server guide for setting up mail	20:40
qman__	should cover everything you need to know for that	20:40
Rich-Newbie	qman, I have been reading the server guide, and a bunch of how to's. In postfix configuration it talks about system mail name, would that be say server.mydomain.com ? I have done the server setup a few times now, get confused abit with some of the config it requires	20:43
Rich-Newbie	thanks for the advice giovani. Hosted mail is an option eventually, when bandwith is cheaper and faster in South Africa. for small offices of a handfull of people its a bit pricey.	20:45
Kamilion	http://ubuntuserver.wordpress.com/2009/02/13/an-improved-mail-server-stack-in-jaunty-dovecot-and-postfix-integration/	20:46
giovani	Rich-Newbie: ah, well I didn't realize you were under such strict bandwidth constraints -- in that case, a local server is necessary	20:46
Kamilion	that's probably what you're looking for. "sudo apt-get install postfix-dovecot", that will set up pretty much everything for you, ask for your SMTP config (smarthost), and then set up dovecot and postfix with SASL against dovecot's user database (essentally /etc/passwd and /etc/shadow)	20:47
qman__	Rich-Newbie, the mail name would be your mail domain	20:48
qman__	where you want your addresses at, per say	20:49
Kamilion	at that point, it's as simple as 'adduser --disabled-login <username>'	20:49
qman__	so, for users@mydomain.com, the mail name would be mydomain.com	20:49
Rich-Newbie	thanks qman, so I dont put the hostname of the server box, just mydomain.com	20:50
qman__	yes	20:50
Kamilion	if it asks for FQDN you need to add the hostname too	20:50
qman__	it depends on what it's asking for	20:50
Kamilion	so 'mail.mydomain.com' if the machine is named mail	20:50
qman__	mail name is the domain	20:50
Kamilion	if it asks for 'domain', it's just domain.ext, if it asks for FQDN, it's hostname.domain.ext	20:51
Rich-Newbie	thanks for clarifying that for me.	20:51
Kamilion	yeah, confused me at first too.	20:52
Rich-Newbie	thanks for that link Kamilion, should I use the apt get, or does the same thing install if I chose mail server in the option on the inital setup	20:56
Kamilion	Not sure, I'd suggest apt-get	21:01
Kamilion	that way you don't mix up anything	21:02
Kamilion	personal preference, really. Normally the only thing I'll let the installer do is install openssh.	21:02
Kamilion	not sure if the 'task' uses that package or not.	21:03
Rich-Newbie	I have read alot of people prefer to do it that way, gives more control	21:03
Rich-Newbie	to administer postfix, would you recomend webmin, or should I use webmin and postfix admin.	21:04
Kamilion	honestly, there's not much to administer.	21:04
Kamilion	you shouldn't even need webmin.	21:05
Rich-Newbie	for ease of use for creating users ect, Played around a bit with webmin	21:05
Kamilion	usernames and passwords are from host accounts	21:05
giovani	webmin also is specifically not supported by ubuntu	21:05
Kamilion	it's as simple as 'adduser --disabled-login <username>'	21:05
giovani	if you feel the need to use a web interface, use ebox	21:05
Kamilion	ebox 1.2 is pretty good and handles most of the mail stuff for you.	21:06
qman__	yeah, there's hardly anything to administer	21:06
qman__	add users, that's it	21:06
Kamilion	but it's ISO is a pretty big download.	21:06
giovani	what iso?	21:06
Rich-Newbie	ebox is one I havent heard of.	21:06
giovani	Rich-Newbie: it's the only web administration interface supported by ubuntu	21:06
Kamilion	what people mean when they say 'administrate postfix' is 'spend hours trying to make postfix and a delivery agent work together'	21:06
qman__	I'm not a fan of web administration anyway, I use ssh	21:07
Kamilion	ebox or postfix-dovecot remove 99% of that 'spend hours' part.	21:07
Rich-Newbie	I see ebox is mentioned in the admin manual.	21:07
Kamilion	I use both -- but one of ebox's big advantages is 'the debian way' -- it asks you to confirm configuration changes for other packages.	21:07
Kamilion	so you can admin with SSH AND use ebox, and they happily share.	21:08
qman__	but yeah, the package makes it super easy	21:09
qman__	install, type in what it asks for, then add users	21:09
Kamilion	yup.	21:09
Kamilion	either way, dealing with setting up a mailserver is a veritable breeze compared to ~6-8 months ago.	21:10
Rich-Newbie	best I do some reading on the admin manuel	21:10
Kamilion	ebox 0.98 and 1.0 were broken	21:10
freemonttroll	Would appreciate help from gurus: Is it possible to upgrade from MySQL 5.0 to 5.1 on Ubuntu Hardy? I ran sudo apt-get update / dist-upgrade and then install mysql-server mysql-client, but I was told that I already have latest version. I can't seem to find a backport of mysql 5.1 for hard heron ...	21:10
qman__	if you want to go from an LTS version to a non-LTS, you have to change your update configuration	21:11
qman__	I don't know where it is on server	21:11
qman__	should be in the documentation	21:11
qman__	or someone else should know	21:11
Kamilion	but ebox 1.2 is pretty stable, a lot of the code has been rewritten	21:12
Kamilion	ebox's installer is based on 8.04 LTS.	21:12
qman__	I've never used ebox or webmin on any of my own servers	21:13
qman__	web interfaces are great for some things, but for server administration, I prefer more control	21:13
Psi-Jack_	Heh.	21:18
Psi-Jack_	Most web-based admin tools are also based on everything running on a single box.	21:18
Psi-Jack_	Where-as, it's almost always better to split up the services accross multiple physical computers.	21:19
Rich-Newbie	okay adding users was fairly straight forward	21:19
Rich-Newbie	thanks to everybody's help, this time I am able to connect to the mail server with imap, well almost. Got to check the user details I setup	21:23
Rich-Newbie	Sucsess thaks qman, kamilion and giovani. I was able to connect to the box with imap.	21:28
android6011	is there a way to install sound drivers in the server? I am using the server for many things and need to be able to record through line in	21:28
qman__	if you install a music player like cmus, it should install the dependencies	21:32
giovani	you shouldn't need to do that	21:32
giovani	the drivers are already in the kernel	21:32
giovani	run "lsmod \| grep snd"	21:32
giovani	to verify that sound drivers have been loaded for your hardware	21:32
Kamilion	Rich-Newbie: Glad to help. Enjoy your new mailserver. Remember to use postconf to increase the maximum size of a message, IIRC it defaults to 10MB or so	21:38
Rich-Newbie	Thanks Kamilion, now that the basic fuction works, I am going to go through the admin manual and play some more untill I break it and start again. Best way to learn, and if I manage to break it a few times, I will know what not to do.	21:44
Kamilion	postconf message_size_limit	21:45
Kamilion	that's the one	21:46
Kamilion	sorry, had to troll through my .bash_history	21:46
Rich-Newbie	thanks, for email anything bigger than 10megs is to big in my opinion. Reminds me of a client who I use to support. They had an sbs server setup, which was done by somebody else, with no limmits, the one user tried to email 30 megs worth of files I think it was, it blocked his mailbox completley.	21:49
Kamilion	I mention it because google's limit is 20MB	21:50
Kamilion	and if someone sends a 17MB pptx file, the server will flip them the bird ;)	21:50
Rich-Newbie	thats usefull to know	21:50
Kamilion	AFAIK, 20MB is the largest standard message size in normal use.	21:51
giovani	Rich-Newbie: I'd honestly make the max email size 1MB or so, at least internally	21:52
giovani	to completely discourage it as a method of sending files	21:52
Rich-Newbie	Thats a excellent idea giovani.	21:52
giovani	as long as you offer them an easier, and faster method	21:53
giovani	they'll learn to use it	21:53
Kamilion	there's no distinction between sending and receiving to postfix, mind you...	21:53
Rich-Newbie	wikki and open files I think is definitley something I must explore more	21:54
Kamilion	so preventing them from sending files would also prevent receiving attachments.	21:54
randy_	can anyone help me setup 2 lan cards on one server?	21:54
Kamilion	just keep that in mind. :)	21:54
Rich-Newbie	I would have users after my head, not being able to send jokes. sorry for them. ;)	21:55
Kamilion	just filter html messages then :)	21:55
Aison	re	21:55
Kamilion	btw -- there is libsieve support too for filtering. It's pulled in with postfix-dovecot	21:56
Aison	I tried to install ebox, but now I get a message like this: Failed to contact configuration server; some possible causes are that you need to enabled TCP/IP networking for ORBit	21:56
Kamilion	from their installer?	21:57
randy_	can anyone help me setup 2 lan cards on one server?	21:57
giovani	randy_: we discussed this yesterday	21:58
qman__	randy_, man interfaces	21:58
Kamilion	ifconfig eth0 up && ifconfig eth1 up	21:58
Kamilion	grins	21:58
randy_	Yes. You are the one I talked to from home, right?	21:58
giovani	randy_: from home? I don't know where you were	21:58
randy_	Oh, I talked to the other guy from my home last night and he told me when I got in today and was on the server, come back on and he would help me.	22:00
giovani	randy_: ok	22:01
Rich-Newbie	kamilion when I setup the email I have noticed if I put the email address just user it works, if I put user@mydomain.com it fails. Is this correct	22:02
randy_	Sorry, I lost connection for a minute.	22:02
Kamilion	Rich-Newbie: Hm... try user@hostname.mydomain.com	22:03
Kamilion	you may have to add an alias from mydomain.com to mail.mydomain.com	22:03
Rich-Newbie	:) thank you so much kamilion, now alot of what I have read is also making sense	22:04
Kamilion	No problem :)	22:05
Rich-Newbie	I found a couple of forum posts of people trying to do exactly what I am doing, the one poster always had the same response, about use citadel or zimbra, 20 mins to setup as oppose to 2 weeks setting up the way I have just done I have spent maybe 3 hours so far.	22:08
Kamilion	citadel was nice, but too much of a pain. I tried it too, but I wasn't happy with their redhat base. I don't like RPM, I'm partial to my apt :)	22:13
randy_	giovani are you still here and able to help me? my network went down a couple of times so I reset the modem.	22:13
randy_	kimilion, I did the ifconfig eth0 up and ifconfig eth1 up and now I can ping the outside world, but I still can't ping from the outside world. Any suggestions?	22:15
randy_	Sorry, Kamilion*	22:15
giovani	randy_: it sounds like you misconfigured something	22:15
giovani	the documentation and configuration are pretty clear	22:15
giovani	beyond that, I can't help you	22:15
Kamilion	randy_: you need to set a route.	22:16
Kamilion	What subnet are you on, what's the gateway IP?	22:16
Rich-Newbie	giovani: what sort of servers do you manage?	22:16
randy_	Kamilion_ the settings are address 24.249.166.138 netmask 255.255.255.240 network 24.249.166.0 broadcast 24.249.166.255 and gateway 24.249.166.129	22:17
Kamilion	randy_: okay, try 'route add default gw 24.249.166.129'	22:18
randy_	do i use the initials "gw"?	22:18
Kamilion	yes	22:18
randy_	okay, just a minute.	22:18
randy_	I need to close out of here to do it unless there is another way.	22:19
Kamilion	any luck?	22:20
randy_	Kamilion_ Okay, I did it. Can you ping 24.249.166.138?	22:20
giovani	Rich-Newbie: what do you mean what sort of servers?	22:20
Kamilion	sec	22:21
Kamilion	yes	22:21
Kamilion	sub-100ms	22:21
randy_	And it works? Is that good?	22:21
Kamilion	yep	22:22
randy_	the sub-100ms	22:22
Kamilion	I'm on fibre, so 20ms average is excellent.	22:22
randy_	Can you go to the same ip in a browser?	22:22
randy_	It should say It Works!	22:22
Kamilion	"It works!"	22:22
Kamilion	apache2 standard page :)	22:23
qman__	I get 115ms average	22:23
Rich-Newbie	giovani: is it servers for corperates, hosting servers.	22:23
qman__	not excellent but perfectly acceptable	22:23
giovani	Rich-Newbie: I work for a financial company	22:23
Kamilion	the server's in philly?	22:23
Kamilion	somewhere on the east coast	22:23
randy_	Perfect. Are there any changes I need to make to any files so that it automatically does the ifconfig eth0 up and the ifconfig eth1 up and the route line?	22:24
Kamilion	randy_: Are you going to use this to route other traffic to the internet?	22:24
qman__	I'm in Michigan, my fastest pings are to places in chicago	22:24
giovani	randy_: yes, you should've put this in /etc/network/interfaces, as we instructed you	22:24
giovani	this is all covered in man interfaces	22:24
Kamilion	randy_: should be in /etc/network/interfaces	22:24
Rich-Newbie	giovani: how many users on your network?	22:25
Kamilion	not sure how to set a route with /etc/network/interfaces though	22:25
giovani	Rich-Newbie: I don't support users	22:25
Kamilion	giovani: any ideas there?	22:25
giovani	Rich-Newbie: we have a server farm of about 1000	22:25
qman__	Kamilion, the gateway directive	22:25
giovani	Kamilion: it's covered in man interfaces, clearly	22:25
qman__	it's all in man interfaces	22:26
Kamilion	got it	22:26
randy_	Kamilion_: I will go to man interfaces and change the file accordingly. I am new at the linux on command line. I have setup many windows boxes and am switching to linux for all our servers after I get this one up.	22:27
Kamilion	randy_: Add this to /etc/network/interfaces (should be mostly self explanitory)	22:27
Kamilion	iface eth0 inet static	22:27
Kamilion	address 24.249.166.138	22:27
Kamilion	netmask 255.255.255.0	22:27
Kamilion	gateway 24.249.166.129	22:27
qman__	you really should read through man interfaces anyway	22:27
qman__	that's networking 101, any sysadmin should know that stuff	22:28
Kamilion	"tldr;"	22:28
randy_	Kamilion_: What about the ifconfig eth0 up and all?	22:28
giovani	if his gateway is 129 ... he likely isn't on a class c	22:28
Kamilion	He just wants to know, not to understand.	22:28
qman__	knowing is not enough	22:28
Kamilion	randy_: /etc/network/interfaces gets called by init scripts. It takes care of the rest	22:28
Kamilion	Understanding follows knowing.	22:28
randy_	I learned on my own over the last 30 years and don't know where to do the same things in linux as windows.	22:29
giovani	he probably needs a netmask of 255.255.255.192	22:29
Kamilion	I know I need the mpt2sas kernel module, but I do not understand how to build it as yet. I know the high level block diagram, but not the individual commands.	22:29
qman__	yes, but as the saying goes	22:29
qman__	the best answers we find on our own	22:30
Kamilion	Anyway, I gotta get on the road to San Francisco pretty soon	22:30
randy_	The netmask given to me from the cable provider is 255.255.255.240. I have 5 static ips.	22:30
Kamilion	so I guess I'll just leave windows server 2008 on this box for now. I wanted to get rid of it before I left, but that doesn't seem likely.	22:30
giovani	randy_: ok, then use that	22:30
Kamilion	shudders	22:30
qman__	2008's not so bad	22:31
qman__	at least you're not running 2000 :)	22:31
randy_	I prefer linux so far... Just the learning curve of where everything is done.	22:31
Kamilion	R2, actually. And you're right. 7 and 08R2 are well built for the tasks they are required to do.	22:31
Kamilion	But I don't trust it for the low level infrastructure, nor do I want to run linux on hyper-v, so I need to get ubuntu and libvirt on there	22:31
qman__	yeah	22:32
randy_	Kamilion_: giovani_: Thank you both for your help. I will be back for more help as time goes on, but thank you very much.	22:32
qman__	windows just doesn't belong on the backbone	22:32
Kamilion	which is proving to be a pain, I need the mpt2sas module, but I can't find any howtos on how to compile kernel modules for ubuntu install CDs	22:32
Kamilion	randy_: Enjoy!	22:32
randy_	Thanks	22:32
qman__	I'm actually an MCSE, have a degree and everything	22:33
qman__	linux is my OS of choice	22:33
Kamilion	Almost the same. Been hacking windows since "Windows 386", aka 2.03. never bothered with the MSCE though. Kicked to linux with Slackware 1.5, Redhat 4.2, Linux from Scratch 3.2, where I submitted a bunch of bootscripts, then onto gentoo, got sick of compiling packages, tried ubuntu 7.04 and been hooked ever since.	22:34
Rich-Newbie	I am going to call it a night. Been very succesfull with the help of giovani, qman_, and kamilion. I have learnt a huge amount. :) And wiki, open openfiles for docuemnt sharing is the next project.	22:34
Kamilion	it's most definitely easier to administrate than windows for me, and I use the modularity to it's fullest advantage.	22:34
Kamilion	Rich-Newbie: here's a tip	22:35
Kamilion	http://www.turnkeylinux.org/	22:35
qman__	yeah, I've managed some solaris and BSD stuff too, but linux is just so much easier	22:35
Kamilion	try the mediawiki VM.	22:35
Kamilion	http://www.turnkeylinux.org/appliances/mediawiki	22:36
Kamilion	based on ubuntu hardy (8.04 LTS)	22:36
Kamilion	and you might want to look into ebox for yourself and evaluate if it will meet your needs. (it meets mine!) http://trac.ebox-platform.com/	22:37
Kamilion	Very friendly to manage, and you can still leverage the power of the commandline when you're ready to spend the time to learn.	22:38
qman__	that picture reminded me	22:38
qman__	every time I run updates on my openvpn server, it breaks	22:38
qman__	and a reboot fixes it	22:38
Kamilion	yep.	22:38
qman__	restarting services won't fix it	22:38
qman__	only a full reboot	22:38
qman__	it's weird and annoying	22:39
Kamilion	yep.	22:39
psi-jack	Hmmm, Turnkey eh?	22:39
Kamilion	File a bug. My workaround: Install ebox/openvpn on a VM.	22:39
psi-jack	Heh	22:39
Kamilion	nothing but openvpn.	22:39
psi-jack	I'm just now looking at eBox, curiously about it.	22:40
Kamilion	1.2 was JUST released.	22:40
Kamilion	The documentation has not caught up yet.	22:40
psi-jack	Really?	22:40
psi-jack	heh	22:40
psi-jack	Based on 8.04 LTS I noticed.	22:40
Kamilion	yep.	22:40
psi-jack	Do you know much about it?	22:40
Kamilion	I try to run everything I can on a JEOS base.	22:40
Kamilion	yeah, I have a pretty good understanding of it.	22:40
Kamilion	1.2 was mostly a rewrite, as 0.98, 1.0, and 1.1 were pretty broken.	22:41
Kamilion	I'm not happy that it's mostly perl, but I can deal with it.	22:41
psi-jack	Cool. Some things I'm curious about, I notice it has LDAP built-in, which I've been working on the past couple days on my own with Ubuntu 9.04	22:41
Kamilion	not only that	22:41
psi-jack	Does it do just LDAP, or does it mix SASL auth and Kerberos V and Samba LDAP?	22:41
Kamilion	the ebox-desktop package can be installed on client ubuntu systems that sets up LDAP, evolution, ekiga, and jabber for every user.	22:41
Rich-Newbie	when I first decided to explore ubuntu server about a week go, I have learnt alot, done alot of reading, I think the couple of hours I spent here have been the most valuble. Big thank you.	22:41
Kamilion	Rich-Newbie: IRC always ends up that way :)	22:42
qman__	Rich-Newbie, no problem, stick to it	22:42
Kamilion	but watch out! IRC is an ADDICTION.	22:42
qman__	the documentation is great, but sometimes you just need to be pointed in the right direction	22:42
Kamilion	I've been addicted since 1993 :)	22:42
psi-jack	Kamilion, Youngin. :p	22:42
Kamilion	anyway, time for me to head out. Got a long journey up to San Francisco today.	22:43
qman__	heh	22:43
Rich-Newbie	indeed it is, for me interacting with people who can explain stuff is a huge help	22:43
psi-jack	1993 they'd already had named channels on IRC.	22:43
Kamilion	irc's only been around since 1992, psi-jack	22:43
qman__	I'm not old enough to have been around that long, but I know the feeling	22:43
Kamilion	I hold one of the distinct pleasures of IRCing on eris.	22:43
qman__	I've been a regular in the same channels for about 7 years now	22:43
Kamilion	laughs	22:43
Kamilion	anyway, good luck, Rich-Newbie.	22:44
Kamilion	Cheers, everyone. :)	22:44
Rich-Newbie	thanks	22:44
psi-jack	Kamilion, Bzzz. Wrong. IRC was first around in 1988	22:44
Rich-Newbie	cheers kamilion	22:44
Kamilion	psi-jack: the original IRC protocol, not "IRCII", the protocol we now know as IRC.	22:44
psi-jack	Yep. I'm talking irc2.0, not ircii.	22:45
Kamilion	I've actually been around since compuserve's 'cb' and such, back in the 80s before AOL had a gui and didn't suck quite as much.	22:45
Kamilion	and good old GEnie too.	22:45
psi-jack	Aug 88 - first irc server tolsun.oulu.fi	22:45
psi-jack	89 - ircII released by Michael Sandrof (BigCheese)	22:46
psi-jack	:)	22:46
Kamilion	Ack, gonna be late. IRC always has this effect... going on 20 years now.	22:46
Kamilion	Cheers!	22:46
psi-jack	D'oh!	22:46

Generated by irclog2html.py 2.7 by Marius Gedminas - find it at mg.pov.lt!