/srv/irclogs.ubuntu.com/2009/08/14/#ubuntu-server.txt

TimReichhartalright I got a other question how to I know if my modem is linked to tty port because right now its on /dev/536ep000:05
jmedinals -l /dev/ | grep 536?00:08
TimReichhartalright here is the output crw-rw---- 1 root   dialout 240,   1 2009-08-13 19:04 536ep000:09
CppIsWeirdqman__: [16:06] <qman__> CppIsWeird, amd64 is the common, modern 64-bit architecture -- modern xeons and core 2s and i7s use the amd64 architecture00:12
CppIsWeirdinteresting, i did not know that.00:12
giovanireally?00:12
giovaniheh00:12
giovanitechnically its name is x86-6400:13
giovanibut amd branded it amd6400:13
jmedinayea, amd owns sparc developers00:15
TimReichhartis there anyway that I can sym link my modem from /dev/536ep0 to a ttyS0?00:22
giovaniTimReichhart: I'd recommend making it /dev/modem instead00:23
giovanias /dev/ttyS0 probably refers to an actual port00:24
giovaniyou can do this with udev rules00:24
TimReichhartgiovani can you tell me how to sym link it to /dev/modem00:27
giovaniTimReichhart: which release of ubuntu are you using?00:27
TimReichhart8.04.3 TLS00:27
giovaniTimReichhart: adding something along the lines of KERNEL=="536ep0", SYMLINK+="modem" to /etc/udev/rules.d/60-symlinks.rules should do the trick00:30
giovaniyou may or may not have to add some permissions in the permissions rules file00:30
giovaniexperiment, and use google00:31
giovaniif you have problems00:31
giovanithen issuing a "sudo /etc/init.d/udev restart" should put that into place00:32
TimReichhartgiovani: the problems I am having is IM trying to get the modem to come on online on hylafax but when I do faxstat its just saying waiting for modem to come ready00:32
HellMindhow can I remove the rules That I added here before.rules00:32
giovaniTimReichhart: that's unrelated to symlinking, but alright00:32
HellMindcuz my server is portforwarding00:32
giovaniHellMind: I don't understand your question00:32
HellMindI forwarded a port adding rules to before.rules00:33
HellMindNow, i removed that rule00:33
HellMindI restarted ufw00:33
HellMindI flushed every iptables table00:33
TimReichhartgiovani: but see my modem is in a different loaction then what hyalfax is looking for my modem is listed as 536ep0 instead of ttyS000:33
HellMindbut the port is still being forwarded00:33
giovaniHellMind: sorry, I'm not familiar with ufw00:33
giovaniTimReichhart: you can tell hylafax to look anywhere you like00:34
HellMindargh why damn UFW it blacklisted a port :@ I cant use it anymore00:35
* jmedina loves shorewall00:36
jmedinareal firewall00:37
giovanihaha00:37
giovanishorewall is not a firewall00:37
giovaniit's a configuration tool00:37
jmedina:)00:37
jmedinaI know00:37
giovaniso let's not give it any credit beyond that00:37
jmedinaok00:37
HellMindwhat were they thinking bring ubuntu server with that damn ufw00:38
stainermost people firewall long before the server00:38
jmedinaHellMind: whate are you using something that you dont understan?00:38
jmedinadnot blame ubuntu developers, if you have problems report a bug00:39
TimReichhartgiovani: it seems like I dont have a /dev/modem listed00:40
jmedinawell time to go offline00:40
TimReichhartgiovani: so I cant do the sym linking00:40
giovaniTimReichhart: you absolutely can ... I've told you how to do it00:43
giovanihowever, there's no need to make a symlink just for hylafax00:43
giovaniit'd just be for aesthetics00:43
TimReichhartwell im trying to get hylafax to work00:44
TimReichhartits just the modem im trying to get online00:44
giovaniright, and I've explained00:44
giovanithat hylafax can be told to use any device name, so you don't need a symlink00:45
giovanihowever, if you'd like to create a symlink, I told you how to go about that as well00:45
clustyhey00:49
clustyi did a usermod -a -G vboxusers <my user> to allow myself to use VirtualBox, but this wont work00:49
clustyafterwords when i doa  groups, i do not see the vboxusers listed00:50
clustyclues on what can be going on?00:50
giovaniclusty: you need to log out and log back in00:50
giovanifor groups to apply00:50
clustyno difference00:51
giovaniheh00:51
giovanithen you didn't run the command properly00:51
clusty/etc/groups contains:00:51
clustyvboxusers:x:135:j.dittmer,vlazar00:51
clustyi am second00:52
giovaniyou need to log out00:52
giovaniand log back in00:52
giovaniperiod00:52
giovaniit will work00:52
clustyi am in a VNC session00:52
clustykill vnc?00:52
faileasI'm running an IRC/Web server for personal use, and i'm looking for a easy solution to back it up. My hardware's a little old, so i'd like something that'd backup the whole system, and restore it to a bare metal system, without needing to take it down for backups. Any suggestions i should look at?01:15
gophi01:48
gopin joomla, I am getting "he FTP settings are not valid or your FTP server is not compatible with Joomla!:01:48
gopThe function "STOR" failed01:48
gopanyone here on ubuntu got joomla to work with ubuntu server01:48
=== smoser_ is now known as smoser
mathiazjtimberman: hey01:57
mathiazjtimberman: I've acked a couple of your sync requests (see my email)01:58
mathiazjtimberman: what is left on REVU? merb and chef?01:58
foxbuntufaileas, the only thing I know that can do bare metal restores in Linux on a live server atm is Acronis, its not OSS and not free, but I have worked with their products for a long time and love them, however if you are looking for something free and OSS then you might consider looking at CloneZilla (can't image the server live) or using dd (also requires being offline), if you don't need bare metal restores a cron job and tarballs will01:59
foxbuntudo the trick01:59
faileasfoxbuntu: i got acronis home. I've done a tarball of the whole system, and plan on doing periodic database dumps, and home directory dumps (since a lot of things run as a normal user at the moment)02:01
foxbuntufaileas, that should about cover it, although there is no need for whole system backups02:02
foxbuntufaileas, whole system tarballs that is02:02
foxbuntufaileas, I personally just grab /home /etc usually02:03
faileasfoxbuntu: lol, yeah, i'm still trying things02:03
* faileas thinks between /var/www, /home/ircd/ and the database i should be covered02:03
foxbuntufaileas, yeah02:03
foxbuntufaileas, sorry, wasnt thinking about web02:04
foxbuntufaileas, the other thing you might was to grab is the package list02:04
faileasi run web and irc (unreal/anope, a jbouncer bnc (i don't like psybnc) and qwebirc02:04
faileaslol02:04
faileasi know what i installed.. pretty much nothing non standard but java02:04
foxbuntufaileas, yeah...I usually grab one after I get a server deployed and then again after any major change02:05
foxbuntuseems to work for my needs, but thats me02:05
foxbuntu:)02:05
faileasi got it deployed (again) last week. Its been up and down since i'm running on junk hardware ;p02:06
foxbuntulol02:06
foxbuntuI understand that02:06
* faileas does note a tarball is only 620 mb ;p02:06
faileas*full02:06
foxbuntuyea02:06
foxbuntuthe system is pretty light weightttt02:06
faileasit isn't even running ubuntu server. its running minimal, with the necessary things02:07
foxbuntuah02:07
foxbuntuUbuntu JeOS eh?02:07
faileas(screen/screen profiles, java, lamp stack)02:07
faileasno, ubuntu minimal02:07
foxbuntuah02:07
foxbunturight02:07
foxbuntuJeOS is VM optimized02:07
faileasthis is live hardware. PIII 450, 640 mb ram, 40 gb hard disk space02:08
foxbuntunice02:08
faileasI'm not sure, but i'm told its a bad idea to run an irc server on a VM if you intend to link it02:08
faileas(which i might)02:08
foxbuntuI think my cable box has more power ;P02:08
faileaspassively cooled, only fan is in the PSU ;p02:08
foxbuntuirc server or proxy?02:09
faileas(i have a atom box which i use as a 'loaner' desktop, which'll replace this when i goes down02:09
faileasboth02:09
foxbuntuIm on my proxy right now (have been for a year) and its a vm02:09
foxbuntubut I do run VMWare ESX, not the freebie VM02:10
faileasoh, for the VM?02:10
faileasserver - since lots of VMs don't have accurate clocks, and IRC linking is VERY dependant on accurate clocks02:10
foxbuntuoh, the clocks are easy nuff to fix02:11
foxbuntuI hoestly havent worked much with KVM but would assume the same of it02:12
jtimbermanmathiaz: hey there, i was eating.02:15
mathiazjtimberman: hey - my dinner is almost ready here ;)02:16
jtimbermanmathiaz: also added in REVU are coderay (http://revu.ubuntuwire.com/p/coderay), stompserver (http://revu.ubuntuwire.com/p/stompserver), and libsystemu-ruby (http://revu.ubuntuwire.com/p/libsystemu-ruby)02:16
jtimbermanwith those others ack'd in launchpad, how long until they sync into karmic?02:17
mathiazjtimberman: I'll ping an archive admin so that we can get them done before the end of the week02:17
jtimbermanSweet02:18
mathiazjtimberman: are the syncs required for building the packages on REVU?02:18
jtimbermanfor installing02:18
jtimbermanchef requires the mixlib02:18
jtimbermanChef packages taht is, require the mixlibs02:18
jtimbermanwe wrote the mixlibs too :)02:18
mathiazjtimberman: ok02:19
jtimbermanmathiaz: since there was overlap in functionality for those in ohai and chef, we split them out to be useful libraries for other ruby developers too.02:19
jtimbermanmathiaz: by 'end of the week', do you mean tomorrow? :D02:22
mathiazjtimberman: what about libsyntax-ruby  ?02:22
mathiazjtimberman: yes02:22
jtimbermanunneeded with chef 078, we switched to coderay02:22
mathiazjtimberman: ok02:22
jtimbermanDebian didn't want syntax because its 'unmaintained' per the author of the library himself.02:22
mathiazjtimberman: I'll nuke http://revu.ubuntuwire.com/p/libsyntax-ruby then02:22
jtimbermanwho also suggested coderay to replace it, as thats what he's using.02:22
jtimbermanthanks, i thoguht i did that but it might not like me.02:23
mathiazjtimberman: right - it doesn't seem to have work for me either02:24
mathiazjtimberman: anyway everything is upload to REVU now02:24
mathiazjtimberman: I'll give it a look next week02:24
mathiazjtimberman: if you can find another ubuntu dev to sponsor it the better ;)02:25
jtimbermanThom said he would back up on that. and per my email, ScottK had talked to btm about it some time ago but I haven't heard anything from him yet.02:25
jtimbermanmathiaz: fwiw, i've set up an apt repo and tested that 'apt-get install {chef,chef-server}' gets the desired functionality. :)02:27
mathiazjtimberman: Have you looked at PPAs to publish your own chef packages?02:31
mathiazjtimberman: https://help.launchpad.net/Packaging/PPA02:32
jtimbermanthis was on my internal testing VM and LAN02:33
randy_Can anyone help me setup 2 nic cards in ubuntu server 9.04. One for the internet with static ips and the other one for the intranet with dynamic ips (192.168.1.2/50).02:44
giovanihaha02:45
twbrandy_: what is there to set up?02:51
giovanirandy_: man interfaces02:54
randy_My setup right now isn't working so I am trying to fix it.03:07
twbrandy_: what part isn't working?03:08
randy_I have a cox modem with a switch between it and the router. The router is set as dhcp server. The nic card with the static ip addresses on it is connected to the switch. The other nic card is connected to the router with "automatically get ip and dns"03:09
twbIncidentally, /50 doesn't make sense.03:09
twbYou can only go up to /32, which specifies a single IP03:09
randy_yeah, the /50 means the ip address range that is leased from dhcp.03:10
twbI don't think I like your router, then03:10
randy_It doesn't have the /50 in it. that is just the way I wrote it to say that I have it set up to lease 48 addresses.03:11
randy_5903:11
randy_49 I mean03:11
twbThat's still retarded03:13
twba.b.c.d/e by convention means a CIDR block03:14
giovanirandy_: so anyway ... what's the actual problem?03:16
randy_I can't reach the server from the outside world nor can I ping the other computers on the router. They can ping each other but not the server.03:20
randy_I setup the /etc/network/interfaces file with the correct ip address, netmask, and gateway given to me by cox. I set them up as eth0 and the intranet I setup as eth1 and dhcp.03:22
randy_from my home I can ping the gateway which is 24.249.166.129 but not the first of 5 ip addresses 24.249.166.138 through 142.03:25
twbrandy_: are there machines using those IPs?03:29
randy_The 5 static ips are all going to be on one nic card on the server. Right now only one is setup and it is 24.249.166.138.03:30
twbDoes the server know that it owns those five IPs?03:30
twbIt will not respond to pings for IPs it doesn't care about.03:31
randy_Right now, no. I was going to setup the other four with webmin after I can reach it on the static ip that is already set just not working.03:31
twbSorry, I will not help webmin users.03:32
giovaniwebmin is officially unsupported here03:32
twbPlus, I really hate it03:32
randy_I understand. I just need to get the one address working. Can you help me?03:32
randy_I would rather not use webmin either, is there another way to administer a web site from remote?03:34
twbrandy_: sure: ssh.03:34
randy_I use putty too. Sometimes I need the help of a gui. I am somewhat of a newbie to linux. I am trying to learn how to do it all from the command line, but it takes a while. Please help me with my current challenge then we can talk about the mistakes I've made.03:35
randy_I can only use ssh when I can reach the machine remotely and right now I can't.03:36
twbOK, I need to draw a network diagram.03:36
randy_Okay, thank you very much.03:37
twbSo your router is doing NAT?03:38
twbI'm confused as to why you have a second NIC in the ubuntu server at all.03:38
randy_It is a netgear and it has been setup with defaults.03:38
twbUnfortunately, I am not chief architect at Netgear.  I do not know what the default setup is for arbitrary netgear kit.03:39
randy_One for the intranet and one for the internet. If one card can do it, I'll remove the other one. One card is 192.168.0.2-50 with the gateway set at 192.168.0.1 and the network mask at 255.255.255.0. the other nic is for the internet setup as 24.249.166.138-142 with netmask set as 255.255.255.240 and gateway 24.249.166.129. I hope that helps.03:41
twb192.168.0.0/24 is the network used by the router's DHCP server?03:42
randy_Obviously I don't have the 138-142 in the interfaces file, that is just the ip address range that was given to me from cox.03:42
randy_Yes.03:42
twbCox is an ISP?03:43
randy_Yes.03:43
twbAnd they have given you a bunch of public IP addresses, 24.249.166.138 through .142?03:43
randy_Yes.03:43
twbWhat is doing the PPPoE or PPPoA?03:44
twb(I'm assuming an ADSL modem.)03:44
randy_It is a cable modem. I don't know much else about it.03:45
randy_Sorry.03:45
randy_It's not dsl if that helps.03:46
twbHm.03:48
twbWhat is the interface name (e.g. eth2) of the NIC you're currently configuring statically?03:49
twbFor that matter, how do you login to the router?03:49
twbFor that matter, how do you login to the MODEM?03:49
randy_eth103:49
twbI mean, does the modem have an IP address?  If so, what is it?03:50
randy_The modem address is 24.249.166.129 you can ping it but I haven't been able to reach it with a browser.03:51
twbDo you have physical access to the ubuntu server?03:52
randy_I don't right now. I'm at home, it is at the office.03:55
twbOK, then I won't try that.03:55
twbSo what is the process you're using to ssh into it from the office?03:56
randy_I am computer savy, I have setup quite a few windows networks, I am trying to break away from windows and go exclusively to linux. I just have some more learning to do.03:56
randy_I am not able to ssh into it at all. I can only access it physically, not from any other machines on the network.03:57
twbThis is probably the wrong time to ask for help configuring it, then, if you can't configure it until you get home...03:58
randy_I'm sorry, I will try to contact you tomorrow during the day when I'm setting in front of it. I will have to setup irc on the vista box next to it in the office. I was just trying to use my new ubuntu-desktop computer at home.04:00
twbIf you need irc you can just install irssi on the server; that doesn't need a GUI.04:01
randy_How do I do that?04:01
twb"apt-get install irssi"04:01
twbThen "irssi -c irc.freenode.net" and type /join #ubuntu-server04:01
twbIt's pretty straightforward.04:02
randy_I was just typing that. Okay, I will. Thank you so much for your time.04:02
randy_I have copied that line and will do it from the server tomorrow. Thank you04:02
twbNo worrise.04:03
ScottKjtimberman: What did I do/say I'd do?  It's not clear to me from the backscroll.06:29
psi-jackOi! This is fscking annoying!06:57
psi-jackThe OpenLDAP guide is broken on Ubuntu docs.06:57
twbReport it as a bug07:16
twbAnd I think you mean "Oy" ;-)07:16
psi-jackNo, I meant Oi, as I said Oi. :p07:57
psi-jackAnyway, the apparent bug in the community documentation on for openldap is the SASL stuff.. It covers nothing on SASL, and openldap defaults always to use SASL auth binding.07:57
psi-jackAnd I'm not 100% familiar with how to fix it exactly.07:58
acalvoI've a working mail server on my LAN, and I'm setting up a new mail server with dovecot plus postfix. But when I try to send a new mail from the new server, it gets relayed to the old server. How can I avoid that?08:48
stefan__aloha09:21
stefan__do you guys know what package is updating the motd in 9.04 with the packages that need upgraded ?09:22
_rubencombination of update-motd and update-notifier-common09:25
stefan__thanks _ruben09:26
twbCute09:26
twbSticking to 8.04, I didn't know about that new feature09:27
=== gaveen_ is now known as gaveen
stefan__twb: depends on the hardware you use, if you use new hardware 804 won't work09:29
stefan__so sometimes you have to go with 90409:29
twbBelieve me, NEWness of hardware is never a concern for me09:29
twbMy hardware problems are mainly due to kit being chinese knock-offs or fifteen years old.09:30
stefan__i believe you :), I was just saying that sometimes you have to use a different version other than LTS09:30
twbGranted.09:30
RoyKwe use LTS on important servers and 9.04/latest on workstations and development servers09:48
stefan__I know , we have LTS on most servers , but newest hardware doesn't work with 80409:52
RoyKcommon problem :)09:53
maswanSame here, but I run 9.10 on that. ;)09:55
=== ejat is now known as e-jat
stefan__maswan: didn't had the guts to run 9.10 yet :)09:59
maswankarmic also has postgres 8.4, which is a significant point in favour for us. so since we don't need to take this set into production until october, we might as well start out with karmic. especially since it was closest to netboot properly into the installer, just missing some module dependancies. :)10:10
stefan__if it's not going in production than it all for the best to go with the newest10:16
stefan__version10:16
foolanoguys, do you know if ubuntu-vm-builder is capable of creating karmic images already?10:18
sorenIt is.10:18
sorenIf you grab the latest version from Bazaar, at least.10:18
sorenbzr co lp:~vmbuilder10:19
foolanosoren: thanks :)  in that case i wasted my time adding a karmic puglin and getting ride of chpasswd -e :P10:19
acalvocan I use DNS when setting up a DHCP3 server?10:24
acalvofor the wins, dns servers?10:24
acalvoinstead of using their ip address?10:24
stochasticHi, I'm trying to mount a fat32 external harddrive on my Ubuntu Hardy install but no matter what options I put into /etc/fstab it mounts it only readable by root10:40
ravinduUrgent help ,Is there any cases that ubuntu server has implemented in IBM Tower server with clustering support10:42
th0mzstochastic: mount -o,rw /xxx ?10:43
ravinduUrgent help ,Is there any cases that ubuntu server has implemented in IBM Tower server with clustering support10:45
stochasticth0mz, nope the rw option doesn't help10:45
th0mzis it fat32 or ntfs ?10:46
stochasticfat3210:46
th0mzidont know why then, sorry10:46
stochasticI've even specified the gid and uid in /etc/fstab10:46
ravinduhow to implement ubuntu server on IBM Tower server with clustering support any resources?10:48
_rubenacalvo: you want specify your dns server by hostname .. how do you think that would work? :)10:52
acalvo_ruben: you're right, too much hours working make me buzz my head10:52
garymc Hi peeps, everytime i click on my launchers when logged in as a particular user, it loads opens it in text editor and not firefox. I want it to open in firefox? When i right click it there is no option to open with other program. When i goto /var/www/ and right click on insert.php it says open with firefox. So i pressume thats all correct. Now when I log in with another user it all works fine??? whats happening here and how12:28
garymccan i fix it12:28
StrangeCharm_is sysklogd the program that i should  be using to recieve system logs from another machine?12:30
stefan__StrangeCharm_: no , if you want that use syslog-ng12:34
StrangeCharm_thanks, stefan__12:35
stefan__no probs12:35
StrangeCharm_will the apt package for that run it on boot?12:36
pmatulisStrangeCharm_: i just got in, what was your query re logging?12:36
StrangeCharm_pmatulis, i was looking to recieve syslogs from another machine, and stefan__ recommended syslog-ng12:37
pmatulisStrangeCharm_: you should know that rsyslog is now the default logging system in karmic, and it is very powerful12:38
pmatulisStrangeCharm_: it can do anything syslog-ng can do and more12:38
StrangeCharm_pmatulis, i'm not sure how much power i need. however, would you definitively recommend it over syslog-ng?12:39
pmatulisStrangeCharm_: if you will be running karmic and beyond, yes12:40
pmatulisStrangeCharm_: it's also more aligned with open-source (syslog-ng has a dual license)12:40
StrangeCharm_pmatulis, so i noticed. however, i don't currently have plans for karmic12:40
pmatulisStrangeCharm_: ok12:41
StrangeCharm_pmatulis, nonetheless, the licencing argument is persuasive. i'll try rsyslog.12:42
pmatulisStrangeCharm_: great, let us know how it turns out12:42
macrocosm144Whats the easiest (free) way to backup an entire ubuntu 8.10 server?  I am using rsnapshot currently which is nice but I think it would be smart to do full image backups periodically and have them sent to another machine.  How do you prefer to handle this?  For instance I would like to upgrade my system to the latest 9.x branch but I would like to be able to restore the whole system if...12:43
macrocosm144...something goes awry.12:43
StrangeCharm_pmatulis, i have no idea what's going on in this conf file. does rsyslog automatically listen for logs sent from other machines?12:45
pmatulisStrangeCharm_: no, you need to configure that12:47
StrangeCharm_pmatulis, to the documentation, then, what fun!12:48
pmatulisStrangeCharm_: the project has a friendly mailing list as well12:48
StrangeCharm_pmatulis, i'd rather spend an hour of my time working thing out then spend a man-hour or more of other people's time reading and replying to/ignoring my email12:50
macrocosm144lol12:50
_rubensysklog reports remote syslog just fine as well12:56
_rubens/reports/supports/12:56
StrangeCharm__ruben, inbound or outbound?12:56
StrangeCharm_is there a good guide for setting up a samba server on one box, and mounting shares from it on another?13:00
_rubenStrangeCharm_: both13:04
_rubenStrangeCharm_: inbound: add -r to the commandline .. outbound: add @remote.host.com instead of /var/log/whatever to /etc/syslog.con13:04
_rubenf13:04
StrangeCharm__ruben, good to know, but i've set up rsyslog now13:05
=== ScottK2 is now known as ScottK
pmatulisStrangeCharm_: rsyslog will give you more possibilities for remote logging such as SQL logging and encrypted logging13:06
StrangeCharm_pmatulis, i see that, but my requirements here are pretty simple13:06
pmatulisStrangeCharm_: well simple remote logging has been available in the stock sysklog system for many years.  sorry to misguide you13:08
a_okdoes anyone know if hardy is vulnerable for this? http://blog.cr0.org/2009/08/linux-null-pointer-dereference-due-to.html13:11
Jeeves_a_ok: All kernels13:32
Jeeves_As in, *all*13:32
a_okJeeves_: well my gentoo kernel is not. As its configured differently (eg decent mmap_min_addr no SELinux and only protocols i need). so I wonder if my ubuntu systems are vulnerable since I haven't seen a patch yet13:36
a_okJeeves_: ?13:53
Jeeves_a_ok: Afaik, everything is vulnerable13:55
Jeeves_kees might have more info on this13:55
henkjani guess kees is busy updating kernel packages :)13:56
Jeeves_:)13:56
a_oklol hope he is than. thanks13:56
stefan___have you guys seen this ? http://archives.neohapsis.com/archives/fulldisclosure/2009-08/0174.html13:56
stefan___dated today13:56
stefan___yesterday actually :)13:57
Jeeves_stefan___: 14:11 < a_ok> does anyone know if hardy is vulnerable for this? http://blog.cr0.org/2009/08/linux-null-pointer-dereference-due-to.html13:57
stefan___afects all  kernels since 2.4 to 2.6.3013:57
stefan___--------------------13:58
stefan___Affected Software13:58
stefan___------------------------13:58
stefan___All Linux 2.4/2.6 versions since May 2001 are believed to be affected:13:58
stefan___- Linux 2.4, from 2.4.4 up to and including 2.4.37.413:58
stefan___- Linux 2.6, from 2.6.0 up to and including 2.6.30.413:58
a_okstefan___: torvalds patched it already we are waiting on kees aparently.13:58
stefan___good ol torvalds :)13:59
a_okif the ubuntu kernels are vulnerable at all (there are conditions where this adress space can not be executed)14:00
stefan___ok didn't know that . don't have that much understanding of the kernel yet14:00
stefan___from what I understand you need a local account to make this work anyway14:01
a_okstefan___: yes or at least controle a local program. check out on the bottom of the page where it sais solution ;)14:01
stefan___so how does the process work ? torvalds makes a patch and then notifies all the linux distros ?14:02
a_okand also the mitigation section14:02
a_okstefan___: hardly Linus commits patches on kernel.org distro maintainers watch for new kernel things and security stuff anyway and they patch there kernels when nessesary. after making sure it does not conflict with there own (distro spesific) patches14:04
a_okAt least thats how I understand it14:05
stefan___ok , good to know as I had no idea of the process at all14:07
a_okstefan___: well most of the time big security issues with get patched real fast even in the less actively developed distro's.14:08
stefan___from what I see about min_addr in the mitigation section 804 and 904 shouldn't be vulnerable14:08
a_okstefan___: I don't know for sure if it gets overruled when compiling with SELinux support even if it's disabled14:10
stefan___i don't know about SElin as I don't use it14:10
a_okme neighter. never used it barely used ACL. simple is good as long as you don't miss out on key functionality14:12
stefan___older 2.6 kernels , example 2.6.15 don't have the vm.mmap_min_addr implemented though14:13
Psi-Jack_Curious. The OpenLDAP provided from 9.04's packaging, doesn't provide a slapd.conf, so how would I disable SASL authentication globally?14:16
BoohbahPsi-Jack_: what do you mean disable SASL authentication globally? have you setup something to authenticate using SASL? a mail server perhaps?14:23
Psi-Jack_Boohbah, SASL authentication is not needed, nor wanted. OpenLDAP's authentication through SSL and Kerberos is fine, no need for SASL.14:24
=== genii_ is now known as genii
BoohbahPsi-Jack_: there is no global authentication setting that i know of, you need to configure authentication individually for each application14:25
Psi-Jack_Boohbah, In this case, it's OpenLDAP. :p14:26
Psi-Jack_-THE- application trying to use SASL.14:26
Boohbahahh, now i understand14:26
a_okPsi-jack: kill the sasl daemon?14:27
Psi-Jack_Yes. It's an OpenLDAP-specific issue.14:27
Psi-Jack_a_ok, I don't have one running on the server running kdc and openldap. :p14:27
Psi-Jack_Again, this is an OpenLDAP issue, SPECIFICALLY.14:27
a_okPsi-Jack: sorry missed the reest was just reading up on it now. Boohbah is on it, stearing clear14:28
Psi-Jack_Hehe14:28
Psi-Jack_Yeah, don't know if Boohbah is knowledgable enough to be helpful.14:28
Psi-Jack_.. either. ;)14:28
Boohbahnope14:30
Psi-Jack_Yeah. hehe - Judging my your previous words, you didn't know openldap. It's no biggie. I'll find someone who is eventually. :)14:31
Boohbahi am educating myself now14:31
sgsaxPsi-Jack_: is it something you can change in your pam configs or nsswitch?14:32
Psi-Jack_Nope14:32
sgsaxusing openldap for local auth, or auth for a service?14:32
Boohbahhow do you know that openldap is trying to use sasl authentication?14:32
Psi-Jack_The problem is with openldap itself. I'm trying to use the ldapscripts for ldapadduser, but it's using a full v3 bind which includes using sasl auth, but fails because sasl auth isn't in use.14:33
Psi-Jack_Boohbah, ldapscripts.log :)14:33
sgsaxldap.conf has settings for tls, I know, but nothing for sasl14:35
sgsaxwait... have you tried this in your ldap.conf:14:40
sgsaxsasl_secprops maxssf=014:40
Psi-Jack_Yeah, but that's not for the server.. Hmmm, though that is for the client.14:42
Psi-Jack_But no, that doesn't change what I'm seeing. I had had that,.14:43
a_okPsi-Jack have you checked /etc/defaults dir? that kind of settings are often in there14:48
sgsaxslapd seems to be a seperate package, perhaps you need to actually install it to get what you need14:50
* sgsax makes a wild guess14:50
Psi-Jack_Stop wild guessing please. ;)14:50
sgsaxshutting up :)14:50
Psi-Jack_Unless you know openldap, you can't really help me at all.14:50
sgsaxI use it for auth against AD, but not for auth by itself14:51
Psi-Jack_Bleh, AD...14:52
sgsaxtell me about it...14:52
sgsaxrecently went round and round with it14:54
sgsaxblack fscking magic14:54
a_okPsi-Jack: did you check out https://help.ubuntu.com/8.10/serverguide/C/openldap-server.html . I don't know openldap (at least not on ubuntu) but I can't find anything else usefull on SASL and openLDAP. perhaps you need to set up sasl properly and than not use it... bit rediculous but if it gets you going14:54
a_okPsi-Jack: search for SASL on the link i just gave14:55
Psi-Jack_a_ok, Yep. In fact, that's the thing that has bugs in it not mentioning SASL at all, but depends on it.14:55
a_okPsi-Jack: well you would not be the first with this problem than. I'm out of idea's perhaps try openldap channel?14:58
Psi-Jack_I'm doing that too, yes.14:59
Psi-Jack_ldapadduser fails, because of authentication failures, because it's trying to use SASL.15:00
Psi-Jack_Roughly short and simple.15:00
BoohbahPsi-Jack_: perhaps it is a compile-time option that needs to be disabled. in gentoo i see a sasl USE flag suggesting that this support may be set at compile time. though i would imagine there should be a way to turn it off in config.15:25
* Boohbah done wild guessing now15:25
froudhi, server 8.10, I've installed phpmyadmin with apt-get and configured apache2.conf but when I load http://serverip/phpMyAdmin I get msg "Cannot Complete Request". Anyone know of this problem?15:53
froudI also ln -s /usr/share/phpmyadmin/ /var/www/phpmyadmin15:56
froudoh dah fixed needed permissions for www-data15:57
froudthanks'15:57
uvirtbotNew bug: #413640 in mysql-dfsg-5.0 (main) "package mysql-server-5.0 5.0.67-0ubuntu6 failed to install/upgrade: subprocess post-installation script killed by signal (Interrupt)" [Undecided,New] https://launchpad.net/bugs/41364016:01
=== nijaba` is now known as nijaba
keesstefan___: by default, Ubuntu 8.04 and later is not vulnerable.  If, however, you've got wine or dosemu installed, you are.  Basically, check the setting of /proc/sys/vm/mmap_min_addr  If it's zero, you're vulnerable.16:47
stefan___kees: thanks I did that16:48
stefan___only vulnerable on a few old systems16:48
stefan___that run 6 LTS16:48
keesstefan___: correct.  in those cases, you can use the workarounds detailed in the RedHat bug linked from: http://people.canonical.com/~ubuntu-security/cve/2009/CVE-2009-2692.html16:54
uvirtbotkees: ** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem.  When the candidate has been publicized, the details for this candidate will be provided. (http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-2692)16:54
mdzttx: thread forwarded to you16:55
ttxmdz: ok16:56
stefan___thanks kees17:01
keesstefan___: sure!  (note that we are preparing a kernel update too, but that will likely happen on monday)17:02
sgsaxkees: nice to know you guys are on top of this stuff, even if it is somewhat obscure and non-threatening17:14
stefan___good to hear that kees17:20
keessgsax: thanks!  yeah, it certainly keeps us busy.  :)17:21
cemcwhere should I open bugreports that are probably related to the kernel, but I'm not sure (it's a suspend/resume problem) ?17:33
Aisonhello :)17:33
alex_jonicemc: launchpad ;)17:33
cemcalex_joni: yeah but to what package/team exactly ?17:33
Aisoni've got hardy version of ubuntu server, somehow do-release-upgrade don't work17:34
Aisonthought there's a newer version?17:34
keesAison: you need to change the "only upgrade to another LTS" setting: http://www.cyberciti.biz/faq/howto-upgrade-ubuntu-servers-804-to-810/17:40
Aisonkees, thx17:47
Aisonhow can I keep an net intf down? or no config?17:47
Aisonauto eth217:47
Aisoniface eth2 down?17:47
keesAison: I think, just remove "auth eth2"17:48
HellMindhow can I check my bandwidth usage in realtime18:04
qman__anybody know if I have to do anything special to enable sha512 hashing for passwords on 8.04?18:04
qman__like, install any packages, or should just changing 'md5' to 'sha512' in /etc/pam.d/common-password do the trick?18:05
TeLLuSHellMind: iftop is one way.. for console18:05
qman__I use vnstat, but that's not real-time data, that's graphed overall usage data18:06
qman__yeah, it's not working18:13
qman__just changing it made it use UNIX hashing18:13
qman__anybody know what needs to be done?18:13
qman__appears that in gentoo it's a compile time option -- http://www.linux-archive.org/gentoo-hardened/267979-moving-md5-sha512-shadow-password-hashes.html18:21
qman__I'm guessing it's the same for ubuntu, which would mean I'd have to dist-upgrade18:22
giovaniheh18:23
qman__to 8.10, then 9.0418:23
giovaniSHA512 hashes are really not going to get you much18:23
qman__so I guess I'm using md5 for a while yet18:23
giovaniit's not as if plain MD5s are being used18:23
giovanithe crypt function does a ton of weird transforms18:24
qman__true18:24
giovaniit's not at all vulnerable18:24
qman__I just saw the functionality on a 9.04 box and wanted to enable it if I could18:24
giovaniI've looked into writing a GPU bruteforcer for it18:24
giovaniit's complex18:24
keesqman__: PAM in 8.04 does not support sha512, unfortunately.18:25
giovanirandom passwords of 7-9 char lengths I estimate would take 200-300 days on a modern GPU18:25
qman__it would probably also increase the login times too much on my 200MHz shell server ;)18:25
giovanihah, indeed18:26
qman__my personal password policy is no less than 12, 3/4 complexity18:26
qman__simply because windows is pretty vulnerable with anything less than that18:26
giovani3/4 complexity?18:26
giovanihaha, windows18:26
qman__yeah, lowercase, uppercase, numbers, and symbols are your four categories18:26
qman__three of the four18:26
giovanihaha18:27
giovaniis this some windows categorization crap?18:27
qman__no18:28
qman__have you ever configured cracklib?18:28
qman__it's a pretty standard categorization for passwords in general18:28
qman__there's also the 12 or so "common" symbols, and then the rest of the symbols18:28
giovanialright18:29
giovanievery password I have is randomly generated for me ... I wouldn't categorize that way at all18:30
qman__more than 12 actually, but yeah18:30
qman__I don't do random ones, too hard to type18:30
qman__I just make them longer to make up for it18:30
giovaniwhy would you ever type a password?18:30
giovaniI haven't done that in ... years probably18:31
qman__because I don't have retina scanners18:31
giovaniuh, copy-paste from a password storage application ...18:31
qman__you still have to log into the system to begin with18:31
giovanithat's smartcard-based18:32
qman__don't have the hardware18:32
giovani$10 on ebay :)18:32
qman__times...8 systems?18:32
qman__besides, I trust that I'll remember a password more than I won't lose a card18:33
giovaniif you can remember your passwords ... your passwords are likely not very strong18:34
giovanior you don't manage enough passwords18:34
giovanii have a few hundred18:34
qman__oh, they are strong18:34
giovaniremember a few hundred 20-character random strings18:34
giovanijust isn't possible18:34
qman__of course not, but they don't have to be totally random18:34
qman__random is stronger, but the key is length and complexity18:35
giovanibut remembering a 100 or 200 passwords of any type is nearly impossible18:35
giovaniespecially if they're properly rotated18:35
qman__anything complex and over 20 characters is simply not brute-forcable now18:35
giovanithat's not true18:35
giovaniif they're phrase passwords they're easily destroyed18:36
qman__if they're all dictionary words in one case, yes18:36
giovanilength is meaningless if it's a predictable sequence18:36
giovanior transforms of dictionary words18:36
qman__change it just enough, and it's secure18:37
qman__if the encryption is not a flawed algorithm, it won't give any clues18:37
giovanithat's a very unclear line18:37
giovaniwhat's "just enough" transformation is not definable absolutely18:37
giovaniit's up to the attacker what kind of transforms they'll do18:37
giovaniso why take the risk18:38
giovaniuse truly random passwords18:38
giovaniand you'll save your memory for more important things18:39
qman__not much more important than the keys to the kingdom18:40
giovaniit's a completely inefficient, and reasonably less secure way of doing things18:41
giovaniI'm not sure how you could defend it18:41
qman__it's not really any less secure than a smart card, which is easily lost or stolen18:41
qman__or a thumb print reader, which is only about 90% accurate18:41
giovaniwell the smart card is identity-linked ... so either you have a password, or a fingerprint, etc18:42
qman__and even then, 20 character passphrases are worlds better than some of these websites that allow a max 8-10 character password, no symbols allowed18:42
qman__there is always a tradeoff between secure and convenient18:45
Max007I have a problem with apache2+php. I installed MySAR (Mysql Squid Access Report). When I try to access http://myserver/mysar/index.php it download the php file instead of displaying it. But when I try with phpinfo.php and http://myserver/mysar/install/index.php it works.. so PHP5 is working with Apache..18:45
qman__Max007, check the file permissions18:46
Max007-rw-rw-r-- 1 www-data www-data 28914 2007-08-17 05:05 index.php18:46
qman__and on the one that works?18:46
Max007-rw-r--r-- 1 root root 20 2009-08-14 12:09 phpinfo.php18:46
qman__hmm18:46
Max007but mysar is in /usr/local/mysar/www with a symlink18:47
giovaniprobably a filetype misconfiguration18:47
qman__might be an apparmor thing, but I've not run into apache/apparmor issues myself18:47
Max007there's a symlink in /etc/apache2/conf.d18:47
Max007qman__: apparmor is not installed18:47
HellMindHow can I see the real bandwidth use, and the real cpu use18:48
HellMindYou preferred tool18:48
HellMindr18:48
qman__HellMind, for bandwidth you'll have to install something, but for CPU, use top18:48
qman__uptime will show load averages18:48
giovaniload averages aren't an indicator of "cpu use" though18:49
giovaniso you'll want to look at the output of vmstat/top/htop/etc18:50
HellMindwhat is something?  that what im asking for18:54
HellMindi use htop18:54
HellMindbut I would like a graph18:54
HellMindlike a task manager18:54
HellMindmaybe some app for X18:54
qman__ubuntu desktop has "System Monitor"18:54
qman__which does precisely that18:54
HellMindbandwidth monitor?18:56
qman__though having X running on a server is a bad idea18:56
HellMindwho said that?, he was a noob18:56
HellMindhow you can run a server appz that uses a gui without x?18:57
qman__most server apps don't use a GUI18:57
qman__the only real exception to that rule is LTSP18:57
HellMindwell my app uses it :(18:57
HellMindI am always the exception18:58
qman__the thing is, X is very vulnerable to a number of sniffing and spoofing attacks18:58
qman__so it must be properly configured and firewalled, and is a lot of work18:58
HellMindI m not a regular guy that runs apache and mysql18:58
HellMindI run gameservers18:58
qman__so, in general, it's a bad idea to run X on a server18:58
HellMindim runing tightvnc x server18:58
HellMindthats the only way to run wine :(18:58
alex_joniHellMind: install a graphing app18:59
Max007qman__: it works if i copy /usr/local/mysar/index.php to /var/www/index.php (http://mysrver/index.php)18:59
alex_jonilike mrtg or rrdtool or cacti18:59
Max007but if i copy /usr/local/mysar/www/* to /var/www/mysar it doesnt works18:59
giovaniHellMind: no decent server application requires a gui18:59
Max007i dont get it18:59
giovanithere are plenty of tools to graph cpu usage for a server18:59
giovanicacti comes to mind as a simple solution19:00
qman__Max007, that is odd, are you sure your permissions are okay, with your symlink and all?19:00
qman__HellMind, why do you need wine?19:00
qman__most game servers have a linux version19:00
qman__hlds/srcds for pretty much anything on Steam19:01
HellMindosview -geometry 406x488 -font 8x16 +load +cpu +mem +swap \19:01
HellMind +page +disk +int +net &19:01
HellMindI told you all, im not like the regular ppl19:01
HellMindI need to run a server that doesnt got a linux binary19:01
giovanithe "regular people"19:01
HellMindqman__ if you play cs and tf2 thats ok19:01
HellMindbut my clients needs mohaabt19:01
giovaniHellMind: then maybe you shouldn't be using a linux server to host it19:01
jtimbermans/cs/l4d/ :)19:02
HellMindlinux can doit19:02
qman__yeah, unfortunately I have to agree with giovani there19:02
HellMindthats the most stupid thing I eard19:02
qman__running wine and X on a linux server is, security wise, a bit worse than a properly firewalled windows 2003 box19:02
HellMindlinux is made for all the complex stuf!19:02
HellMindthere are no limit19:02
giovaniyou're not doing anything "complex"19:02
qman__you're widening your software footprint19:03
giovaniwine is really not very stable19:03
qman__bringing more potential holes into your system19:03
HellMindqman__ you can run it using a low access user19:03
giovaniand it a hack, at best19:03
HellMindand you miss the concept of all security19:03
jtimbermanHellMind: You can use a trending tools or munin or cacti that will provide you with RRD graphs you can view in a web browser from a desktop system connecting to your server.19:03
Max007qman__: i fixed it.. I changed "Alias /mysar /usr/local/mysar/www" to "Alias /squid /usr/local/mysar/www" in /etc/apache2/conf.d/mysar19:03
giovanimiss the concept?19:03
HellMindits like saying you dont want to store you wallet on your house19:03
HellMindbecause its insecure19:03
Max007qman__: it's weird.. if the folder name is mysar it doesn't work19:03
HellMindmy server isnt a gold bar19:03
HellMindits a tiny game server19:04
qman__Max007, glad you got it working, but I'm not really clear on what that is19:04
qman__HellMind, you're missing the point; the more software you run, the less secure your system is19:04
HellMindI was using munin, but it eat a lot of resource19:04
jtimbermanqman__: you mean the more software you run that opens listen ports ;)19:04
qman__by running a windows set on top of a linux set, you're incorporating the potential flaws of two completely different systems19:04
HellMindqman__ yeah but you must run something right?19:05
qman__by only running a windows set, you limit your potential issues19:05
HellMindso you dont use the appz that you need because its insecure?19:05
qman__no, you run them as securely as possible, by using the least software necessary19:05
qman__in the tightest configuration you can19:05
HellMindthats what im doing :)19:05
qman__running X with wine is not a tight or secure configuration19:05
qman__at all19:05
HellMindit is, is the only way you got19:06
HellMindif you run server linux gameserver19:06
qman__a patched, firewalled windows server is better, from a security standpoint19:06
HellMindand you need a single windows app19:06
HellMindqman__ you secure solution isnt cheap19:06
giovaniwindows can be had for reasonably cheap19:06
qman__windows XP home edition can be had for next to nothing19:06
HellMindI know It would be also cool running every game server in many servers19:06
qman__which is more than enough to run a game server19:07
qman__it can run a proper firewall, and run the server unprivileged19:07
HellMindthe only thing I dont pay if for software19:07
HellMindI dont got many server19:07
HellMindI got 119:07
HellMind1, how you run a linux and a windows app in a server?19:08
HellMindalso my server got a tiny hosting vm19:08
HellMindyou ppl waste hardware and resource19:08
qman__you're doing too much with one machine, frankly19:08
HellMindnot because you make them secure19:08
HellMindbut you got the money to waste19:08
qman__it's not about wasting money19:08
qman__it's about being secure19:08
qman__if you don't understand that, you really shouldn't be running a server19:09
HellMindno one ever hacked me19:09
HellMindI know where are the vulns19:09
HellMindI think you cant estimate the posibility of every vuln19:10
qman__and giovani was worried about my password policy :/19:10
HellMindeverything is insecure, and you can only give  value  of risk to every issue19:10
giovaniqman__: HellMind is clearly completely uneducated19:12
HellMindim educated in the street of data19:12
giovanithat's a completely nonsensical statement19:13
HellMindyou dont know how to measure the risk19:13
HellMindif you got a desktop that isnt use for anything serious19:13
jdstrandI don't think one can make a blanket statement like "running Windows XP as a game server is more secure than a Linux box with wine"19:13
HellMindit doesnt need the top of security19:14
HellMindit needs practicity19:14
jtimbermanNo, he's right. Security is about trust and risk assessment.19:14
qman__jdstrand, that's not what was meant19:14
HellMindthere are many  server, a game server isnt like a bank server19:14
* jdstrand might have misunderstood backscroll19:14
qman__my point was, in his situation, running that application on windows would be more secure than running it in wine, with X, on linux19:14
giovanijdstrand: I think you did19:14
giovanirunning wine on x on a linux server is a completely hacked solution19:14
giovaniit's messy, and there's no good reason for it19:15
HellMindqman__ and also with that argument I can say it would be more secure if you dont run it, and you stay in home away of virus and diseases19:15
qman__of course, I would never connect a windows box directly to the internet19:15
jdstrandI admit that is a rather 'hacked solution'19:16
qman__gotta have a firewall of some sort in between, even if it's just a NAT router19:16
NafalloNAT? aren't we all running IPv6 these days?19:16
qman__not even slightly19:16
HellMindipv6 whats that :D19:16
qman__I CAN'T run IPv619:16
qman__I'm lucky I'm online at all19:17
HellMindthat module is blacklisted :) I dont want to waste resources19:17
jdstrandthat said, and NUL pointer derefences aside, wine on Linux doesn't have to be insecure. one can use apparmor. plus, the number of libraries and applications in a default wine install is far less than a Windows XP Home edition install19:17
qman__my ISP is terrible, and has a monopoly over my entire area19:17
Nafalloqman__: tunnels not an option?19:17
HellMindqman__ my isp too :( the goverment let them19:18
jdstrandanyway, I'm not going to debate the merits of Wine/X/Linux and Windows XP. it just struck me as an odd statement, and I recognize I misunderstood :)19:18
qman__jdstrand, that's ok, you have a valid point19:18
qman__it can be done, but it takes a lot of work19:18
qman__a lot more work than just windows with a firewall19:18
Nafallos/with/and/19:18
HellMindqman__ you practical solution isnt available on the 3rd world19:19
giovanithe 3rd world doesn't need game servers19:19
Nafallobetter keep the boxes separate ;-)19:19
giovanithey need food and shelter19:19
qman__HellMind, if you know where to look, you can dumpster dive and get free, legitimate copies of windows19:19
qman__there's so many of them out there, they can be had for almost nothing19:20
giovaniexactly19:20
HellMindgiovani thats the truth :(19:20
qman__so cost, in this situation, is not really a factor19:20
giovanimy company just threw out 100 windows licenses (attached t ocomputers)19:20
jdstrandplus, if one knows how to maintain and secure a linux box, but knows nothing about maintaining and securing a Windows box, then one should use Linux19:20
giovanijdstrand: but that's not the situation19:20
HellMindmy country is a pirate paradise19:20
giovaniso let's not speak in manufactured hypotheticals19:20
qman__don't get me wrong, I'd be the first one to try and switch a windows server to linux19:21
qman__I'm just saying, that setup is no good19:21
jdstrandgiovani: I don't know HellMind's experience-- I was merely pointing out another consideration when one is choosing an OS19:21
HellMindI know everything19:21
HellMindthats my experience19:21
giovanijdstrand: it's a reasonably rare situation, I think, and was convinient for this disucssion19:22
giovanidiscussion*19:22
jdstrandand IMHO, I don't think it is a manufactured hypothetical-- it is merely something to consider19:22
HellMindIn my situation you all were defeated19:23
jdstrandI think it is also worth mentioning that recommending someone use Windows XP Home as a server in the #ubuntu-server channel is probably not the best use of people's resources here19:26
HellMindpeople should be banned for that ... :P19:27
giovaniI think each channel member can use their own resources how they see fit19:27
giovanihowever, it's a stated channel policy that we don't support x on ubuntu server installs19:27
HellMind:(19:28
HellMindyou know the damn mohaa dedicated server doesnt need gui19:28
HellMindbut they added some skin and a window and a input box19:29
qman__windows xp home wouldn't be my first choice, but given the situation's requirements, it seemed appropriate19:29
HellMindI tried with a xp guest too19:29
HellMindbut the with the lag it were unplayable :(19:29
HellMindI cant virtualize gameservers :(19:30
Aisonis there something like webmin for ubuntu server?19:33
ReepicheepAison: ebox might be your tool19:35
HellMindits better than webmin?19:35
Aisonwebmin is not maintained by ubuntu devel19:36
qman__webmin is considered evil by many here, because of the way it handles configuration files19:36
qman__it's not very nice to them, to say the least19:36
Nafallo!webmin19:37
ubottuwebmin is no longer supported in Debian and Ubuntu. It is not compatible with the way that Ubuntu packages handle configuration files, and is likely to cause unexpected issues with your system. See !ebox instead.19:37
Aisonubottu, but ebox is fine? I don't know it19:37
jpds!ebox | Aison19:37
ubottuAison: ebox is a web-based GUI interface for administering a server. It is designed to work with Ubuntu/Debian style configuration management. See https://help.ubuntu.com/community/eBox19:37
jpdsubottu: tell Aison about yourself19:37
ubottuAison, please see my private message19:37
Aisonoh, nice19:38
HellMindI need something to allow a user to start and stop a service19:39
HellMindby web19:39
HellMindI used webmin but its a waste of resources19:39
HellMindI want to let the client restart their own dedicated server service19:39
qman__I would just write up my own script, in that situation19:41
HellMinda php script?19:41
qman__it'd be fairly trivial to do in php, aside from a secure login19:41
HellMindyep your right19:41
HellMindI want to buy some complete gameserver script19:41
HellMindto manage payments also :(19:42
KamilionHaving trouble getting Alpha 4 installed on a Supermicro  X8DTH-6F, the install media won't find the MPT2 SAS controller.19:45
KamilionWhat's the best course of action to get it installed?19:45
Nafallonot sure I understand the question...19:45
Nafalloah. because I read it wrong.19:46
Kamilionthe latest gparted livecd with kernel 2.6.30 detects the mpt2 controller, but 9.10 Alpha 4 doesn't detect it.19:46
Kamilionit asks me which modules to insert to support it.19:46
AnAntHello, how can I make issue message dynamic ?19:47
qman__AnAnt, do you mean motd?19:47
AnAntyup19:47
qman__AnAnt, see man motd19:48
qman__if you want something more complex than that, you'll have to write a script to do it19:48
Kamilionany idea how to install onto a system with a mpt2 disk controller?19:49
AnAntI see, thanks19:49
KamilionAnAnt: Check the cron scripts, there's some stuff there that automatically updates the motd with the status of the package manager. You can probably work it out from there.19:50
AnAntKamilion: ok, thanks19:50
Kamilion9.04+ I think19:51
Kamilion8.10 might have it as well, but I'm not totally sure.19:51
Kamilioniirc it updates /etc/issue and /etc/issue.net19:51
freemonttrollIs it possible to upgrade from MySQL 5.0 to 5.1 on Ubuntu Hardy? I ran sudo apt-get update / dist-upgrade and then install mysql-server mysql-client, but I was told that I already have latest version.19:54
AnAntKamilion: /etc/update-motd.d/19:58
giovanifreemonttroll: that's because you do ...19:58
freemonttrollgiovani, so there's no way to get 5.1 on Ubuntu Hardy??19:58
giovanifreemonttroll: not through the official ubuntu repositories19:59
freemonttrollgiovani, how do I get it from the unofficial ones?19:59
giovanithe entire point of releases is to use stable, tested softwaqre19:59
giovanithat's up to however the unofficial repository is set up19:59
giovaniyou'd have to find out19:59
freemonttrollgiovani, understood, but I still need to do the upgrade.19:59
freemonttrollgiovani, ok19:59
giovanior use jaunty19:59
giovanias it contains 5.119:59
giovanidon't use an old release if you want new software19:59
Rich-Newbiehas anybody got any how to's to setup a server for soho, which could run local email, and use fetchmail to download from the isp, and then have simple file sharing20:01
giovaniRich-Newbie: I'm sure google can provide that20:02
KamilionRich-Newbie: Yes, there's a very nice howto for setting up postfix with 9.0420:05
Kamiliongive me a second and I'll go find it, it was in the alpha release notes, IIRC20:06
Kamilion"The dovecot-postfix package in Ubuntu 9.04 Beta provides an easy-to-deploy mail server stack, with support for SMTP, POP3, and IMAP with TLS and SASL."20:06
Rich-Newbiethat will be great, thanks. I have found alot on google, but most of them are much bigger than what I want to achieve.20:06
Kamiliontook me about 20 minutes to set up.20:07
giovaniKamilion: that doesn't sound like a smarthost setup20:07
Kamilionit was dead simple to tack fetchmail onto it.20:08
giovanisure, it's just as easy to set up postfix20:08
Kamilionand he said 'run local email', which sounds like he wants a SMTP server.20:08
giovanisure, a smarthost smtp server20:08
Kamilionand the associated pop and imap stuff (soho)20:08
giovanibecause he wants to relay20:09
Psi-Jack_local mail? That could be even as simple as ssmtp20:09
Psi-Jack_If no actual smtp server itself is needed.20:09
KamilionWhen I installed the postfix-dovecot package, it asked me what type of setup I wanted for postfix. I answered smarthost.20:09
Rich-NewbieI wont have a deidicated Ip, so relaying is going to be the best otionn20:09
Kamilionit took care of 90% of the config for me20:09
Kamilionyeah, I'm on a dynamic too, relaying to google's SMTP server20:10
Rich-Newbielocal mail is where I get a bit confused about the config. The only mail server I have dealt with to date, has been exchange 2003 in sbs server 2003 standard.20:11
Kamilionbut the dovecot integration really hit home for me. just make new user accounts on the box and they get an email address.20:11
giovaniRich-Newbie: honestly, you should look into running a VPS on the internet20:12
Kamilionthen just change their shell20:12
giovaniit's a cheap way to get a server running, and then you don't have to use your ISP relay, you get full control, and can host your own domain's email properly, and easily provide access from anywhere20:12
KamilionAmazon's EC2 has 'reserved' pricing if you're willing to pay for a year up front. It's really quite a good deal.20:13
giovaniI wouldn't recommend EC2 for a basic server setup20:13
giovanibut, sure, any provider will do20:13
KamilionMe either, but it's well known and the chances of it going down are near zero except for operator error.20:14
giovaniit's incredibly overpriced20:14
HellMindgkrellm the graphs are so small :(20:14
Kamilionnormally yes, but the reserved pricing is quite good.20:14
giovaniKamilion: mail servers don't need 100% uptime to be effective20:14
KamilionI know, but it helps ;)20:14
giovaniyou can easily get 4-5 VPSes for the price of an EC2 box20:14
giovaniand set up redundant mail delivery20:15
Kamiliontrue, but 4-5 VPSs do not equal a 2Ghz box with 1.7GB of memory on a tier one bandwidth fiber backbone.20:15
Kamilionjust a peace of mind thing, y'know?20:15
giovanithat's entirely wasted20:15
giovaniI'm making a recommendation that's in line with his needs20:15
Kamilion*shrugs*20:16
giovaniamazon is defintiely not immune to failures ... putting all of your eggs in one basket, no matter how huge the basket -- doesn't make it redundant20:16
Kamilionin for a penny, in for a pound. When you have excess capacity, it's funny how you find ways to make use of it. ("Hey, I'll add a wordpress server!"20:16
giovaniyou'd be far better off with two VPSes in diverse geographical areas, and you'd get the benefit of learning to set up a multi-server email system20:16
Kamilionpoint taken.20:16
giovaniand it's far cheaper20:17
KamilionBut as you said, mail delivery doesn't need 100% uptime, as long as the servers have proper timeouts.20:17
giovaniagreed -- but if you're willing to spend an extra $5 a month you can hedge your potential losses if one provider has a failure20:17
KamilionSorry, I'm still stuck with Atari's tagline from the 80s20:17
giovaniand you gain experience20:17
Kamilion"Power without the price" :)20:17
giovaniI regularly scope out $5-7/mo VPSes20:17
giovaniand presume they're not highly reliable ... but together, 3 or 4 of them are an awesome geo-diverse setup20:18
Rich-NewbieI am looking for a simple mail server, that would be able to send mail internaly without the need to send it through an ISP.20:18
giovaniRich-Newbie: I don't know what "send mail internally" means20:18
Kamilionlocal domain20:18
qman__postfix can do exactly that20:18
Rich-Newbiethat it20:18
giovaniright, you can do that locally at your office, or on the internet20:18
giovanieither way20:18
Jeeves_00What's with ipv6 here at har?20:18
Jeeves_[A20:19
KamilionAnyway, does anyone have any experiance with the mpt2 driver? I'm having trouble installing 9.10 alpha 4 because I can't find the module to insert.20:19
Jeeves_ipv6 seems to be broken sometimes20:19
Rich-NewbieI want it at the office, instead of sending it through the isp. It does not make sense to send an email to the person in the next room via the isp20:20
Jeeves_Why would I say that ipv6-shit on #ubuntu-server? :)20:21
* Jeeves_ switches to the right channel :)20:21
giovaniKamilion: this isn't the right channel for 9.10 support20:21
giovaniKamilion: try #ubuntu+120:21
Kamilion9.04 or 9.10, I don't really care.20:22
giovaniRich-Newbie: hosted email is very common -- it's far more reliable to host your mail externally than on a low-class internet connection in your office20:22
KamilionI just figured the server channel would be more likely than #ubuntu to have an answer for a SAS controller :)20:22
* henkjan hands Jeeves_ another beer20:22
henkjanharhar20:23
giovaniKamilion: #ubuntu+1 isn't anything like #ubuntu :)20:23
giovanibut yeah20:23
giovaniif it's not 9.10 specific, it's fine here20:23
Jeeves_henkjan: :)20:24
KamilionI just need to figure out what module needs to be inserted for fusion mpt2 support20:24
Jeeves_mpt_sas20:24
KamilionPretty sure I tried that.20:24
KamilionI tried all of the mpt* modules.20:25
Jeeves_Than you might have a unsupported chipset20:25
Kamilionthe gparted livecd with 2.6.30 finds it.20:25
KamilionIIRC 9.10 has 2.6.31-rc3, so I'm PRETTY sure the kernel module exists to support it20:26
KamilionI'll just boot gparted and try lsmod20:26
KamilionOkay, another question then -- if the module for it doesn't exist, the installer prompts me for a 'floppy or usb drive' with the modules. Where's the howto on how to generate these modules from another system?20:26
KamilionI have two amd64 9.04 boxes and a VM infrastructure on them, so the build environment's not so much of a problem, I could just use a high level overview of the process so I'm not running in circles20:28
Rich-Newbiegiovani: The main purpose of my exersise to to run email on a local domain. Lets say 5 people share an office, person one needs to email person 2 a 5 meg attachments. It does not make sense to me to have to email it to the isp, then the receiving person downloads via pop3. Its much faster to send that file localy, and wont use bandwidth.20:29
KamilionSounds like more of a job for samba ;)20:30
qman__email in general is an inefficient way to do that20:30
qman__but that's another issue altogether20:30
qman__a local mail server for a business is no big deal, postfix in an "internet site" configuration should do that just fine20:30
giovaniRich-Newbie: you shouldn't be using email to move files internally20:31
giovani(and not externally either ... but that's slightly more excusable)20:31
Rich-Newbieafrom what I have seen, thats how alot of users do it.20:31
giovaniwell prevent them from doing that :)20:31
qman__yes, but it's bad practice20:31
qman__it's inefficient for a number of reasons, and just generally a bad idea20:32
qman__if you provide an environment with a better, easier alternative, they won't do that :)20:32
qman__a file share is one good way, using samba20:32
qman__but one approach I rather like is a wiki site20:32
KamilionHey, actually, might wanna take a look at openfiler -- since that can snapshot and version files. We use that type of functionality heavily here (I work for a staffing company)20:33
qman__the main advantages to wiki, everyone can update stuff, and you never lose data, because it keeps all previous versions20:34
Kamilionall of our users talk to a samba share on one of our local boxes, and that box snapshots the filesystem every 15 minutes.20:34
qman__and tracks it all in a nice manageable way20:34
qman__there are a lot of different approaches, but there's one main thing they have in common20:35
qman__they're much better than email for sharing files20:35
Kamilionthe snapshots show up as read-only directories20:36
qman__but back to your original question, it's very simple to set up a local email domain with postfix20:37
Rich-NewbieYes I do a agree email is not the best way to share files. I do use a general shared folder to share files. If the accountant has to send the boss something, say finacial figures ect, they going to general email it.20:37
Rich-Newbiethanks qman20:38
qman__you just install the package, choose internet site, and add users20:38
Rich-Newbieqman: I chose internet site with smart host20:38
giovaniRich-Newbie: you should set up different folders within the general share with permissions20:38
giovaniso that the boss has access to every department's files, and only each department has access to their own private files, etc20:38
qman__I'm pretty sure there's a section in the ubuntu server guide for setting up mail20:40
qman__should cover everything you need to know for that20:40
Rich-Newbieqman, I have been reading the server guide, and a bunch of how to's. In postfix configuration it talks about system mail name, would that be say server.mydomain.com ? I have done the server setup a few times now, get confused abit with some of the config it requires20:43
Rich-Newbiethanks for the advice giovani. Hosted mail is an option eventually, when bandwith is cheaper and faster in South Africa. for small offices of a handfull of people its a bit pricey.20:45
Kamilionhttp://ubuntuserver.wordpress.com/2009/02/13/an-improved-mail-server-stack-in-jaunty-dovecot-and-postfix-integration/20:46
giovaniRich-Newbie: ah, well I didn't realize you were under such strict bandwidth constraints -- in that case, a local server is necessary20:46
Kamilionthat's probably what you're looking for. "sudo apt-get install postfix-dovecot", that will set up pretty much everything for you, ask for your SMTP config (smarthost), and then set up dovecot and postfix with SASL against dovecot's user database (essentally /etc/passwd and /etc/shadow)20:47
qman__Rich-Newbie, the mail name would be your mail domain20:48
qman__where you want your addresses at, per say20:49
Kamilionat that point, it's as simple as 'adduser --disabled-login <username>'20:49
qman__so, for users@mydomain.com, the mail name would be mydomain.com20:49
Rich-Newbiethanks qman, so I dont put the hostname of the server box, just mydomain.com20:50
qman__yes20:50
Kamilionif it asks for FQDN you need to add the hostname too20:50
qman__it depends on what it's asking for20:50
Kamilionso 'mail.mydomain.com' if the machine is named mail20:50
qman__mail name is the domain20:50
Kamilionif it asks for 'domain', it's just domain.ext, if it asks for FQDN, it's hostname.domain.ext20:51
Rich-Newbiethanks for clarifying that for me.20:51
Kamilionyeah, confused me at first too.20:52
Rich-Newbiethanks for that link Kamilion, should I use the apt get, or does the same thing install if I chose mail server in the option on the inital setup20:56
KamilionNot sure, I'd suggest apt-get21:01
Kamilionthat way you don't mix up anything21:02
Kamilionpersonal preference, really. Normally the only thing I'll let the installer do is install openssh.21:02
Kamilionnot sure if the 'task' uses that package or not.21:03
Rich-NewbieI have read alot of people prefer to do it that way, gives more control21:03
Rich-Newbieto administer postfix, would you recomend webmin, or should I use webmin and postfix admin.21:04
Kamilionhonestly, there's not much to administer.21:04
Kamilionyou shouldn't even need webmin.21:05
Rich-Newbiefor ease of use for creating users ect, Played around a bit with webmin21:05
Kamilionusernames and passwords are from host accounts21:05
giovaniwebmin also is specifically not supported by ubuntu21:05
Kamilionit's as simple as 'adduser --disabled-login <username>'21:05
giovaniif you feel the need to use a web interface, use ebox21:05
Kamilionebox 1.2 is pretty good and handles most of the mail stuff for you.21:06
qman__yeah, there's hardly anything to administer21:06
qman__add users, that's it21:06
Kamilionbut it's ISO is a pretty big download.21:06
giovaniwhat iso?21:06
Rich-Newbieebox is one I havent heard of.21:06
giovaniRich-Newbie: it's the only web administration interface supported by ubuntu21:06
Kamilionwhat people mean when they say 'administrate postfix' is 'spend hours trying to make postfix and a delivery agent work together'21:06
qman__I'm not a fan of web administration anyway, I use ssh21:07
Kamilionebox or postfix-dovecot remove 99% of that 'spend hours' part.21:07
Rich-NewbieI see ebox is mentioned in the admin manual.21:07
KamilionI use both -- but one of ebox's big advantages is 'the debian way' -- it asks you to confirm configuration changes for other packages.21:07
Kamilionso you can admin with SSH *AND* use ebox, and they happily share.21:08
qman__but yeah, the package makes it super easy21:09
qman__install, type in what it asks for, then add users21:09
Kamilionyup.21:09
Kamilioneither way, dealing with setting up a mailserver is a veritable breeze compared to ~6-8 months ago.21:10
Rich-Newbiebest I do some reading on the admin manuel21:10
Kamilionebox 0.98 and 1.0 were broken21:10
freemonttrollWould appreciate help from gurus: Is it possible to upgrade from MySQL 5.0 to 5.1 on Ubuntu Hardy? I ran sudo apt-get update / dist-upgrade and then install mysql-server mysql-client, but I was told that I already have latest version. I can't seem to find a backport of mysql 5.1 for hard heron ...21:10
qman__if you want to go from an LTS version to a non-LTS, you have to change your update configuration21:11
qman__I don't know where it is on server21:11
qman__should be in the documentation21:11
qman__or someone else should know21:11
Kamilionbut ebox 1.2 is pretty stable, a lot of the code has been rewritten21:12
Kamilionebox's installer is based on 8.04 LTS.21:12
qman__I've never used ebox or webmin on any of my own servers21:13
qman__web interfaces are great for some things, but for server administration, I prefer more control21:13
Psi-Jack_Heh.21:18
Psi-Jack_Most web-based admin tools are also based on everything running on a single box.21:18
Psi-Jack_Where-as, it's almost always better to split up the services accross multiple physical computers.21:19
Rich-Newbieokay adding users was fairly straight forward21:19
Rich-Newbiethanks to everybody's help, this time I am able to connect to the mail server with imap, well almost. Got to check the user details I setup21:23
Rich-NewbieSucsess thaks qman, kamilion and giovani. I was able to connect to the box with imap.21:28
android6011is there a way to install sound drivers in the server? I am using the server for many things and need to be able to record through line in21:28
qman__if you install a music player like cmus, it should install the dependencies21:32
giovaniyou shouldn't need to do that21:32
giovanithe drivers are already in the kernel21:32
giovanirun "lsmod | grep snd"21:32
giovanito verify that sound drivers have been loaded for your hardware21:32
KamilionRich-Newbie:  Glad to help. Enjoy your new mailserver. Remember to use postconf to increase the maximum size of a message, IIRC it defaults to 10MB or so21:38
Rich-NewbieThanks Kamilion, now that the basic fuction works, I am going to go through the admin manual and play some more untill I break it and start again. Best way to learn, and if I manage to break it a few times, I will know what not to do.21:44
Kamilionpostconf message_size_limit21:45
Kamilionthat's the one21:46
Kamilionsorry, had to troll through my .bash_history21:46
Rich-Newbiethanks, for email anything bigger than 10megs is to big in my opinion. Reminds me of a client who I use to support. They had an sbs server setup, which was done by somebody else, with no limmits, the one user tried to email 30 megs worth of files I think it was, it blocked his mailbox completley.21:49
KamilionI mention it because google's limit is 20MB21:50
Kamilionand if someone sends a 17MB pptx file, the server will flip them the bird ;)21:50
Rich-Newbiethats usefull to know21:50
KamilionAFAIK, 20MB is the largest standard message size in normal use.21:51
giovaniRich-Newbie: I'd honestly make the max email size 1MB or so, at least internally21:52
giovanito completely discourage it as a method of sending files21:52
Rich-NewbieThats a excellent idea giovani.21:52
giovanias long as you offer them an easier, and faster method21:53
giovanithey'll learn to use it21:53
Kamilionthere's no distinction between sending and receiving to postfix, mind you...21:53
Rich-Newbiewikki and open files I think is definitley something I must explore more21:54
Kamilionso preventing them from sending files would also prevent *receiving* attachments.21:54
randy_can anyone help me setup 2 lan cards on one server?21:54
Kamilionjust keep that in mind. :)21:54
Rich-NewbieI would have users after my head, not being able to send jokes. sorry for them. ;)21:55
Kamilionjust filter html messages then :)21:55
Aisonre21:55
Kamilionbtw -- there is libsieve support too for filtering. It's pulled in with postfix-dovecot21:56
AisonI tried to install ebox, but now I get a message like this: Failed to contact configuration server; some possible causes are that you need to enabled TCP/IP networking for ORBit21:56
Kamilionfrom their installer?21:57
randy_can anyone help me setup 2 lan cards on one server?21:57
giovanirandy_: we discussed this yesterday21:58
qman__randy_, man interfaces21:58
Kamilionifconfig eth0 up && ifconfig eth1 up21:58
Kamilion*grins*21:58
randy_Yes. You are the one I talked to from home, right?21:58
giovanirandy_: from home? I don't know where you were21:58
randy_Oh, I talked to the other guy from my home last night and he told me when I got in today and was on the server, come back on and he would help me.22:00
giovanirandy_: ok22:01
Rich-Newbiekamilion when I setup the email I have noticed if I put the email address just user it works, if I put user@mydomain.com it fails. Is this correct22:02
randy_Sorry, I lost connection for a minute.22:02
KamilionRich-Newbie: Hm... try user@hostname.mydomain.com22:03
Kamilionyou may have to add an alias from mydomain.com to mail.mydomain.com22:03
Rich-Newbie:) thank you so much kamilion, now alot of what I have read is also making sense22:04
KamilionNo problem :)22:05
Rich-NewbieI found a couple of forum posts of people trying to do exactly what I am doing, the one poster always had the same response, about use citadel or zimbra, 20 mins to setup as oppose to 2 weeks setting up the way I have just done I have spent maybe 3 hours so far.22:08
Kamilioncitadel was nice, but too much of a pain. I tried it too, but I wasn't happy with their redhat base. I don't like RPM, I'm partial to my apt :)22:13
randy_giovani are you still here and able to help me? my network went down a couple of times so I reset the modem.22:13
randy_kimilion, I did the ifconfig eth0 up and ifconfig eth1 up and now I can ping the outside world, but I still can't ping from the outside world. Any suggestions?22:15
randy_Sorry, Kamilion*22:15
giovanirandy_: it sounds like you misconfigured something22:15
giovanithe documentation and configuration are pretty clear22:15
giovanibeyond that, I can't help you22:15
Kamilionrandy_:  you need to set a route.22:16
KamilionWhat subnet are you on, what's the gateway IP?22:16
Rich-Newbiegiovani: what sort of servers do you manage?22:16
randy_Kamilion_ the settings are address 24.249.166.138 netmask 255.255.255.240 network 24.249.166.0 broadcast 24.249.166.255 and gateway 24.249.166.12922:17
Kamilionrandy_: okay, try 'route add default gw 24.249.166.129'22:18
randy_do i use the initials "gw"?22:18
Kamilionyes22:18
randy_okay, just a minute.22:18
randy_I need to close out of here to do it unless there is another way.22:19
Kamilionany luck?22:20
randy_Kamilion_ Okay, I did it. Can you ping 24.249.166.138?22:20
giovaniRich-Newbie: what do you mean what sort of servers?22:20
Kamilionsec22:21
Kamilionyes22:21
Kamilionsub-100ms22:21
randy_And it works? Is that good?22:21
Kamilionyep22:22
randy_the sub-100ms22:22
KamilionI'm on fibre, so 20ms average is excellent.22:22
randy_Can you go to the same ip in a browser?22:22
randy_It should say It Works!22:22
Kamilion"It works!"22:22
Kamilionapache2 standard page :)22:23
qman__I get 115ms average22:23
Rich-Newbiegiovani: is it servers for corperates, hosting servers.22:23
qman__not excellent but perfectly acceptable22:23
giovaniRich-Newbie: I work for a financial company22:23
Kamilionthe server's in philly?22:23
Kamilionsomewhere on the east coast22:23
randy_Perfect. Are there any changes I need to make to any files so that it automatically does the ifconfig eth0 up and the ifconfig eth1 up and the route line?22:24
Kamilionrandy_: Are you going to use this to route other traffic to the internet?22:24
qman__I'm in Michigan, my fastest pings are to places in chicago22:24
giovanirandy_: yes, you should've put this in /etc/network/interfaces, as we instructed you22:24
giovanithis is all covered in man interfaces22:24
Kamilionrandy_:  should be in /etc/network/interfaces22:24
Rich-Newbiegiovani: how many users on your network?22:25
Kamilionnot sure how to set a route with /etc/network/interfaces though22:25
giovaniRich-Newbie: I don't support users22:25
Kamiliongiovani: any ideas there?22:25
giovaniRich-Newbie: we have a server farm of about 100022:25
qman__Kamilion, the gateway directive22:25
giovaniKamilion: it's covered in man interfaces, clearly22:25
qman__it's all in man interfaces22:26
Kamiliongot it22:26
randy_Kamilion_: I will go to man interfaces and change the file accordingly. I am new at the linux on command line. I have setup many windows boxes and am switching to linux for all our servers after I get this one up.22:27
Kamilionrandy_:  Add this to /etc/network/interfaces  (should be mostly self explanitory)22:27
Kamilioniface eth0 inet static22:27
Kamilion    address 24.249.166.13822:27
Kamilion    netmask 255.255.255.022:27
Kamilion    gateway 24.249.166.12922:27
qman__you really should read through man interfaces anyway22:27
qman__that's networking 101, any sysadmin should know that stuff22:28
Kamilion"tldr;"22:28
randy_Kamilion_: What about the ifconfig eth0 up and all?22:28
giovaniif his gateway is 129 ... he likely isn't on a class c22:28
KamilionHe just wants to know, not to understand.22:28
qman__knowing is not enough22:28
Kamilionrandy_:  /etc/network/interfaces gets called by init scripts. It takes care of the rest22:28
KamilionUnderstanding follows knowing.22:28
randy_I learned on my own over the last 30 years and don't know where to do the same things in linux as windows.22:29
giovanihe probably needs a netmask of 255.255.255.19222:29
KamilionI know I need the mpt2sas kernel module, but I do not understand how to build it as yet. I know the high level block diagram, but not the individual commands.22:29
qman__yes, but as the saying goes22:29
qman__the best answers we find on our own22:30
KamilionAnyway, I gotta get on the road to San Francisco pretty soon22:30
randy_The netmask given to me from the cable provider is 255.255.255.240. I have 5 static ips.22:30
Kamilionso I guess I'll just leave windows server 2008 on this box for now. I wanted to get rid of it before I left, but that doesn't seem likely.22:30
giovanirandy_: ok, then use that22:30
Kamilion*shudders*22:30
qman__2008's not so bad22:31
qman__at least you're not running 2000 :)22:31
randy_I prefer linux so far... Just the learning curve of where everything is done.22:31
KamilionR2, actually. And you're right. 7 and 08R2 are well built for the tasks they are required to do.22:31
KamilionBut I don't trust it for the low level infrastructure, nor do I want to run linux on hyper-v, so I need to get ubuntu and libvirt on there22:31
qman__yeah22:32
randy_Kamilion_: giovani_: Thank you both for your help. I will be back for more help as time goes on, but thank you very much.22:32
qman__windows just doesn't belong on the backbone22:32
Kamilionwhich is proving to be a pain, I need the mpt2sas module, but I can't find any howtos on how to compile kernel modules for ubuntu install CDs22:32
Kamilionrandy_:  Enjoy!22:32
randy_Thanks22:32
qman__I'm actually an MCSE, have a degree and everything22:33
qman__linux is my OS of choice22:33
KamilionAlmost the same. Been hacking windows since "Windows 386", aka 2.03. never bothered with the MSCE though. Kicked to linux with Slackware 1.5, Redhat 4.2, Linux from Scratch 3.2, where I submitted a bunch of bootscripts, then onto gentoo, got sick of compiling packages, tried ubuntu 7.04 and been hooked ever since.22:34
Rich-NewbieI am going to call it a night. Been very succesfull with the help of giovani, qman_, and kamilion. I have learnt a huge amount. :) And wiki, open openfiles for docuemnt sharing is the next project.22:34
Kamilionit's most definitely easier to administrate than windows for me, and I use the modularity to it's fullest advantage.22:34
KamilionRich-Newbie: here's a tip22:35
Kamilionhttp://www.turnkeylinux.org/22:35
qman__yeah, I've managed some solaris and BSD stuff too, but linux is just so much easier22:35
Kamiliontry the mediawiki VM.22:35
Kamilionhttp://www.turnkeylinux.org/appliances/mediawiki22:36
Kamilionbased on ubuntu hardy (8.04 LTS)22:36
Kamilionand you might want to look into ebox for yourself and evaluate if it will meet your needs. (it meets mine!) http://trac.ebox-platform.com/22:37
KamilionVery friendly to manage, and you can still leverage the power of the commandline when you're ready to spend the time to learn.22:38
qman__that picture reminded me22:38
qman__every time I run updates on my openvpn server, it breaks22:38
qman__and a reboot fixes it22:38
Kamilionyep.22:38
qman__restarting services won't fix it22:38
qman__only a full reboot22:38
qman__it's weird and annoying22:39
Kamilionyep.22:39
psi-jackHmmm, Turnkey eh?22:39
KamilionFile a bug. My workaround: Install ebox/openvpn on a VM.22:39
psi-jackHeh22:39
Kamilionnothing but openvpn.22:39
psi-jackI'm just now looking at eBox, curiously about it.22:40
Kamilion1.2 was JUST released.22:40
KamilionThe documentation has not caught up yet.22:40
psi-jackReally?22:40
psi-jackheh22:40
psi-jackBased on 8.04 LTS I noticed.22:40
Kamilionyep.22:40
psi-jackDo you know much about it?22:40
KamilionI try to run everything I can on a JEOS base.22:40
Kamilionyeah, I have a pretty good understanding of it.22:40
Kamilion1.2 was mostly a rewrite, as 0.98, 1.0, and 1.1 were pretty broken.22:41
KamilionI'm not happy that it's mostly perl, but I can deal with it.22:41
psi-jackCool. Some things I'm curious about, I notice it has LDAP built-in, which I've been working on the past couple days on my own with Ubuntu 9.0422:41
Kamilionnot only that22:41
psi-jackDoes it do just LDAP, or does it mix SASL auth and Kerberos V and Samba LDAP?22:41
Kamilionthe ebox-desktop package can be installed on client ubuntu systems that sets up LDAP, evolution, ekiga, and jabber for every user.22:41
Rich-Newbiewhen I first decided to explore ubuntu server about a week go, I have learnt alot, done alot of reading, I think the couple of hours I spent here have been the most valuble. Big thank you.22:41
KamilionRich-Newbie:  IRC always ends up that way :)22:42
qman__Rich-Newbie, no problem, stick to it22:42
Kamilionbut watch out! IRC is an ADDICTION.22:42
qman__the documentation is great, but sometimes you just need to be pointed in the right direction22:42
KamilionI've been addicted since 1993 :)22:42
psi-jackKamilion, Youngin. :p22:42
Kamilionanyway, time for me to head out. Got a long journey up to San Francisco today.22:43
qman__heh22:43
Rich-Newbieindeed it is, for me interacting with people who can explain stuff is a huge help22:43
psi-jack1993 they'd already had named channels on IRC.22:43
Kamilionirc's only been around since 1992, psi-jack22:43
qman__I'm not old enough to have been around that long, but I know the feeling22:43
KamilionI hold one of the distinct pleasures of IRCing on eris.22:43
qman__I've been a regular in the same channels for about 7 years now22:43
Kamilion*laughs*22:43
Kamilionanyway, good luck, Rich-Newbie.22:44
KamilionCheers, everyone. :)22:44
Rich-Newbiethanks22:44
psi-jackKamilion, Bzzz. Wrong. IRC was first around in 198822:44
Rich-Newbiecheers kamilion22:44
Kamilionpsi-jack: the original IRC protocol, not "IRCII", the protocol we now know as IRC.22:44
psi-jackYep. I'm talking irc2.0, not ircii.22:45
KamilionI've actually been around since compuserve's 'cb' and such, back in the 80s before AOL had a gui and didn't suck quite as much.22:45
Kamilionand good old GEnie too.22:45
psi-jackAug 88 - first irc server tolsun.oulu.fi22:45
psi-jack89 - ircII released by Michael Sandrof (BigCheese)22:46
psi-jack:)22:46
KamilionAck, gonna be late. IRC always has this effect... going on 20 years now.22:46
KamilionCheers!22:46
psi-jackD'oh!22:46

Generated by irclog2html.py 2.7 by Marius Gedminas - find it at mg.pov.lt!