/srv/irclogs.ubuntu.com/2009/08/15/#ubuntu-server.txt

uvirtbot	New bug: #407379 in bind9 (main) "After an update the vpnc is not able to pick up dns information" [Undecided,Invalid] https://launchpad.net/bugs/407379	00:01
=== funkyHat is now known as funkyCat
=== funkyCat is now known as funkyHat
=== lamont` is now known as lamont
shadow98	just trying to find the best option here for failover...i have one server currently and a 2nd server that i am setting up now to do a failover...	02:49
shadow98	i was planning to rysnc the directories and replicate mysql	02:49
shadow98	is that the best option...	02:50
shadow98	this is for my website and sql server	02:50
shadow98	i was going to replicate /var/www	02:50
shadow98	sorry rsync	02:50
shadow98	hello	03:05
qman__	shadow98, that sounds like a good plan to me	03:24
shadow98	awesome	04:13
uvirtbot	New bug: #393792 in lighttpd (main) "lighttpd reload executes restart (bad on logrotate!)" [Medium,Fix released] https://launchpad.net/bugs/393792	04:21
psi-jack	Okay, so if X has a problem finding the 'fixed' font, what package would I need to reinstall to fix it?	05:29
ScottK	One that's not related to Ubuntu Server	05:33
TimReichhart	hi guys i am having problems compiling a drivers for my 56k modem on my server and here what I am getting http://pastebin.com/pastebin.php?dl=m76fb116d	05:41
psi-jack	Do people actually still use modems? o.O	05:42
jmarsden	FAXes are still fairly common in the business world, so yes, they do use modems for FAX transmission and reception.	05:43
TimReichhart	that is correct jmarsden	05:44
jmarsden	The more pertinent question here is why one would build a FAX server and use an unsupported internal modem rather than one known to work with the appropriate FAX server software...	05:44
psi-jack	Okay.. So, I have a gigabit switch and gigabit NIC, but my switch is showing only 100mbit connection, not 1000mbit. Is there something I need to be doing to get it to go up to 1000?	05:45
ScottK	How far apart are they?	05:45
psi-jack	The computer and the switch?	05:45
TimReichhart	jmarsden: its on a research that I am doing on and please I wanted to know how to build a fax server on linux	05:45
psi-jack	ScottK: About... 2 inches.. Cable's a 6 inch.	05:46
jmarsden	TimReichhart: Step one is choose appropriate hardware :) I'll take a look, but...	05:46
psi-jack	Err, well, not 6 inch, but like, 2 foot.	05:46
ScottK	OK. so much for that idea	05:46
psi-jack	And it's cat5e :)	05:46
TimReichhart	jmarsden: but what	05:47
jmarsden	TimReichhart: But you make life difficult when you choose to ignore that step! I have built multiport FAX servers for clients... see http://www.hylafax.org/content/Hardware_Compatibility_List	05:48
TimReichhart	jmarsden: yes I do have a external modem but I dont have a null cable for it so that is why I am trying to get this intel/internal card to work and I know the modem is working bc I can hear a dial tone and I can call out but I just cant get it to send out any faxes.....	05:49
jmarsden	Are you sure the driver for it supports FAXing? What Class is is supposed to handle? 2.0 ?	05:50
TimReichhart	from what I was told this driver is supported for faxing and I dont know what classs its handling on	05:51
jmarsden	So... ask it... use minicom or whatever terminal emulatir you are using for debugging and try the AT+FCLASS=2.0 command, etc... what have you tried exactly?	05:53
TimReichhart	I havent really tried anything except for trying to get this driver to work	05:54
jmarsden	Define "work"? You got it to give you dial tone and dial out... how did you do that? What did you use to make the outgoing calls?	05:54
TimReichhart	I dont remember how I got the modem to make a outgoing call	05:55
TimReichhart	modem to make it to work to make the outgoing call*	05:55
jmarsden	A research you are doing... but you made no notes as you did the research? Lesson #1: Take good notes.	05:56
jmarsden	Looks like the thing you are trying to compile is a kernel module, is that correct?	05:56
TimReichhart	that is what I have been told to do	05:57
TimReichhart	but when I tried to search for the modem there isnt anything showing for the modem	05:57
jmarsden	Been told? This is a research project, you should be the one deciding what to do. Following what other people tell you do to is not research. Do you have the kernel sources installed?	05:57
TimReichhart	how do I know if I got the kernal sources installed?	05:58
jmarsden	Because you installed them as part of your work on this research project? :)	05:58
TimReichhart	i dont think I installed them but how can I make sure I got them installed	05:59
jmarsden	Same way you tell if you have any other package installed... dpkg -l PACKAGENAME -- in this case the PACKAGENAME is probably linux-generic	06:00
psi-jack	Hmmmm	06:01
TimReichhart	see I tried the linux-generic it was telling me to re-install the server part of it when I did the updates	06:02
jmarsden	Be specific... you used what command and got what exact error message back from it?	06:02
TimReichhart	when I did the sudo apt-get update	06:03
TimReichhart	I dont have the linux-generic anymore I got the server part of re-installed	06:03
psi-jack	Bleh. Still no 1gbit.	06:03
jmarsden	TimReichhart: So try installing linux-generic now and then try compiling your kernel module again.	06:04
artillerytx	If i wanted to add a subdomain pointing at a url in bind wouldn't that be a server alias	06:09
artillerytx	or i mean an alias record	06:09
psi-jack	Okay, so it's an on-board 3c940 10/100/1000 NIC that's not going 1000 mbit mode.. On another system, I have it with a nForce 2 10/100/1000 and Linksys 10/100/1000, the Linksys will go 1000 no problem, but neither on-board 1000-capable NIC is going 1000.	06:15
jmarsden	artillerytx: DNS records can only point to an IP address, not to a URL.	06:30
artillerytx	so i would create a new virtual host	06:30
artillerytx	with that subdomain	06:30
jmarsden	Sure, you could do that.	06:31
artillerytx	and then point the dns record to the same ip	06:31
jmarsden	Yes.	06:31
artillerytx	does this work for you http://invoice.longhornpcrepair.com	06:31
nick125	Doesn't look like it	06:31
jmarsden	Nope, that is not in the DNS here.	06:31
artillerytx	alright oh well no big deal	06:31
artillerytx	i will figure it out later	06:31
qman__	psi-jack, it is possible that your cable is too short	06:37
qman__	the specification requires 3' minimum length	06:37
qman__	shorter ones usually work but not always	06:39
psi-jack	qman__: Oh no, it's not too short.	06:42
psi-jack	The Linksys 10/100/1000 connected to my switch at 1000, but neither the nForce2 or 3c940 on-board NIC's of two computers will do it at 1000.	06:44
qman__	nforce 2?	06:44
psi-jack	The Linksys one is PCI card.	06:44
psi-jack	qman__: Yeah.	06:44
qman__	those aren't gigabit	06:44
qman__	so there's your problem	06:44
psi-jack	Yes, actually, it is.	06:44
qman__	nforce 4 is gigabit	06:45
psi-jack	Hey, the mobo manual says the NIC is 10/100/1000, so I'm trusting the manufacturer here. ;)	06:45
qman__	must be a pretty unusual setup then	06:45
qman__	nforce 2 is pretty old, before gigabit was common or cheap enough for most people	06:46
psi-jack	The new NVIDIA nForce2 Gigabit MCP delivers industry-leading Gigabit Ethernet performance/	06:46
psi-jack	Not uncommon at all, nVidia even says it.	06:47
psi-jack	And the nforce2 was well after gigabit was out.	06:48
psi-jack	But the 3c940 is also having the same problem, it won't go 1000mbit.	06:48
qman__	if the cable is tested good, then that's pretty strange	06:49
psi-jack	So far, the only one I've managed to actually go 1000mbit, is the bloody Linksys off-board one.	06:49
jmarsden	psi-jack: Trying a longer and different cable would be worth it at this point, IMO.	06:49
psi-jack	Yep. Same cable that went to the nforce2 that wouldn't go 1000, is hooked into the linksys, and connecting at 1000	06:49
psi-jack	jmarsden: I tried that too.	06:50
jmarsden	Maybe the Linksys is more tolerant of the too-short out of spec cable than the others?	06:50
jmarsden	OK.	06:50
qman__	that type of thing is generally handled by the NIC itself, with hooks for the drivers to interfere if needed	06:50
psi-jack	I switched out cables for brand new freshly made cables. heh	06:50
jmarsden	Which were over 3 feet, right?	06:51
psi-jack	Correct.	06:51
qman__	if the switch is behaving correctly, and the cables are working, the next logical step is hardware failure, but two NICs at the same time is unlikely	06:51
jmarsden	Seems odd indeed. Can you test with a different switch at some point?	06:51
psi-jack	Yeah. Both the on-board NIC's won't do 1000, but are capable of it.	06:52
qman__	what happens if you connect the NICs to each other?	06:52
psi-jack	jmarsden: Only have the one gigabit switch.	06:52
jmarsden	Borrow one from a friend, move PC to friends house, etc etc... ?	06:52
psi-jack	jmarsden: Heh, I literally just bought the switch from a friend. :p	06:52
qman__	gigabit is automagic, so you can connect anything to anything	06:53
qman__	while connecting two NICs in one machine to each other isn't very practical, it should at least get you a gigabit link light	06:54
psi-jack	qman__: That's a negative.	06:54
psi-jack	Gigabit did not go.	06:54
qman__	do they link at 100, or not at all	06:54
psi-jack	100, yes. 1000, no.	06:55
psi-jack	And both nic's I see are using the sk98lin driver for them.	06:55
qman__	so far that's the only thing in common	06:56
qman__	one way to verify would be, if they have lights for gigabit, to reboot the machine and see if they go gigabit before the OS loads	06:57
qman__	though that'd be very inconvenient and somewhat inconclusive	06:57
jmarsden	Boot from a *BSD LiveCD and see if its drivers do any better??	06:58
psi-jack	qman__: I believe when I first booted back up my system it was 1000, initially.	06:58
psi-jack	jmarsden: That's also a thought. I'll prolly try that. ;)	06:58
psi-jack	Once my backups finish.	06:59
qman__	that wou;d confirm it as being the driver	06:59
qman__	funny how that works	06:59
qman__	the driver removes functionality	06:59
psi-jack	Heh.	07:00
psi-jack	Well, both these systems are the last two still actually running opensuse, but that's very soon to be changing to ubuntu-server and ubuntu-desktop within the next few hours, hence the backup. ;)	07:00
psi-jack	Hmm, now, the 3c940 apparently can use the skge driver as well? the sk98lin was actually in the modules.d blacklist. heh	07:02
drurew	!img3	07:19
ubottu	Sorry, I don't know anything about img3	07:19
jmarsden	drurew: See http://theiphonewiki.com/wiki/index.php?title=IMG3_File_Format	07:20
drurew	heh, im looking at already...	07:21
drurew	tx tho	07:21
jmarsden	No problem :)	07:22
drurew	does anyone know of any "succesful" attempts at iphonelinux ?	07:30
* drurew waits for a bunch of trouts to fly his way		07:30
drurew	let me rephrase...*successfully documented (including all sources) attempts	07:32
jmarsden	Unless Ubuntu server was ported to it, that's off topic here... maybe ask at irc://irc.osx86.hu/iphonelinux instead?	07:34
drurew	yeah your probly right...just the only way to install it is with ubuntu 8.10....so	07:38
drurew	k	07:38
drurew	laterz	07:38
jtxx0001	is it sensible to configure dovecot/postfix to use passwords which are different from the system passwords, particularly for users with root access?	08:57
andol	jtxx0001: Could be, yes. Especially if there is also a webmail, which those users use from wherever.	09:04
jtxx0001	andol: would the best way to go about this be to use dovecot's authentication with a passwd file?	09:07
andol	jtxx0001: No idea what the best way is for your needs. The easiest is probably to simply to configure dovecot to use another auth source, and have postfix auth by using dovecot.	09:09
andol	jtxx0001: Then of course, there is always PAM.	09:10
andol	jtxx0001: By the way, this is really not my expertiece. I know enough to figure out what I need to do myself, but not really to give other people (good) advice.	09:11
jtxx0001	andol: i'll look into PAM, but i think i've managed to get it working now. thanks for the help!	09:12
acalvo	Hi	09:28
acalvo	I'm trying to configure a DNS and DHCP server	09:28
acalvo	DHCP is working	09:28
acalvo	DNS seems to be working	09:28
acalvo	but I cannot access anything from outside this lan	09:28
acalvo	I can't even ping my gateway, but I can ping and resolve any other machines in the lan	09:29
uvirtbot	New bug: #413985 in dhcp3 (main) "dhcp3-server fails to install on ubuntu 9.04" [Undecided,New] https://launchpad.net/bugs/413985	12:01
Rich-Newbie	Hi all, got a question about post fix. I have a simple email server setup, and can send and recive. I have setup masquerading_domain, with this I am able to send to outside email addresses, relaying through my isp. When the email arrives it showes name@server.mydomain.com, would I need to setup aliases to show it as name@mydomain.com.	12:27
jdive	hello folks, i have an issue with a soft raid 5 array, ext4 .. userspace application get's cut from data read on the storage, this last for less than a sec, then goes again	12:56
jdive	if someone could help on how to dig this out,i would appreciate it	12:56
=== \|sunny\| is now known as dzzz
uvirtbot`	New bug: #412501 in php5 (main) "php5 crashed with SIGSEGV in _Unwind_ForcedUnwind()" [Medium,New] https://launchpad.net/bugs/412501	13:25
=== Nightlurs is now known as Nightlurker
uvirtbot`	New bug: #403599 in php5 (main) "Installing PHP5 performs a reload to apache instead of a restart" [Low,Confirmed] https://launchpad.net/bugs/403599	14:02
=== ^grim76^ is now known as Grim76
Maleko	hmm this chan is as good as dead	14:22
ewook	no, idle is not dead.	14:22
giovani	Maleko: it's a Saturday morning in the US ... clearly most people won't be around	14:22
Maleko	oh..	14:23
ewook	and brunch/ early dinner in Sweden	14:23
Maleko	weve just had dinner here and are now slowly approaching saturday's midnight in next couple of hours	14:24
Maleko	btw any idea how i could start X through ssh?	14:25
giovani	Maleko: x	14:25
giovani	xorg isn't supported in #ubuntu-server	14:25
ewook	X11-forwarding is a good suggestion.	14:25
ewook	giovani: nah, but perhaps settings in sshd.conf server-side is? :)	14:26
Maleko	i have some apps on my ubuntu server that need to run under wine but its being picky and refuse to launch without window manager. so i then installed both wine and window manager on the os	14:26
Maleko	now i need to start the X.. tried startx but that doesnt work	14:27
giovani	ewook: not when they relate to running xorg on the server	14:27
ewook	giovani: I get your point.	14:28
giovani	Maleko: what applications are you referring to?	14:28
Maleko	gameserver daemon apps that run in windows cmd prompt mode	14:29
giovani	Maleko: sound like applications suited for windows then	14:30
Maleko	maybe but they should be able to run fine under wine with X support on the os	14:35
giovani	Maleko: except that wine and x aren't appropriate on a server setup unless you really know what you're doing	14:36
Boohbah	Maleko: maybe you need to get a windows server	14:50
RoyK	Boohbah: shame on you and your foul language	14:59
uvirtbot`	New bug: #414017 in samba (main) "Reloading /etc/samba/smb.conf smbd only" [Undecided,New] https://launchpad.net/bugs/414017	15:50
uvirtbot`	New bug: #414109 in samba (main) "package samba 2:3.3.2-1ubuntu3.1 failed to install/upgrade: il sottoprocesso post-installation script ha restituito un codice di errore 127" [Undecided,New] https://launchpad.net/bugs/414109	17:01
BlueFaceMonster	Hi - I have a question. Trying to set up my first email sever (emix/dovecot). I can connect to the IMAP no worries, and test emails genereted at the server get delievered to my client fine, but I'm not reciving email from external addresses. Any ideas?	17:09
BlueFaceMonster	(and obviously by emix I mean exim 8o\ )	17:14
BlueFaceMonster	OK, update, so I can "telnet localhost 25" but can't telnet remotely - connection refused. How do I change this?	17:25
Grim76__	BlueFaceMonster: Sounds like a Firewall/Port Forwarding issue. Also could be an ISP block on port 25 if you are doing this on residential Internet access.	17:33
BlueFaceMonster	Hi, Grim76__. Not residential, but firewall/forwarding sounds about right. Is there a default firewall for ubuntu-server? I thought it might be AppArmor but that's not installed.	17:34
Grim76__	BlueFaceMonster: I don't recall there being one by default on the last installation that I did. There might be a firewall at the perimeter of your network that needs to be configured to point traffic to the server.	17:36
BlueFaceMonster	Noted, will look into it. Thank you!#	17:36
Grim76__	BlueFaceMonster: Really quick. Can you telnet to port 25 from another machine on the same network?	17:37
BlueFaceMonster	Not sure how to check that, it a hostes VPS	17:37
Grim76__	BlueFaceMonster: OK. I know some VPS providers have a firewall that you can self configure. Also you might try an sudo iptables -L to see if there are any rules in place based on their build.	17:39
BlueFaceMonster	To be honest, Grim76__, I've got no idea what I'm looking at. Could you check it for me if you have a chance? http://www.pastie.org/585055	17:42
jmarsden	BlueFaceMonster: Before digging into iptables rules, are you sure exim is listening on the external IP address as well as on localhost? Try netstat -ntl \| grep :25 to find out	17:44
BlueFaceMonster	tcp 0 0 127.0.0.1:25 0.0.0.0:* LISTEN	17:44
BlueFaceMonster	It's not!	17:45
jmarsden	So configure it to do so and life will be better :)	17:45
BlueFaceMonster	you make it sound so easy! :)	17:45
BlueFaceMonster	You know what's coming next, don't you...	17:45
Grim76__	Thanks jmarsden...Forgot to check for that.	17:45
BlueFaceMonster	...how do I do that then?	17:46
jmarsden	You;ve never configured exim in your life and have no idea how... right?	17:46
BlueFaceMonster	Genius	17:46
jmarsden	Wait a sec... I use postfix more than exim these days... let me check...	17:46
BlueFaceMonster	Thank you!	17:46
* BlueFaceMonster is slowly getting used to being a newb		17:47
Grim76__	BlueFaceMonster: We all have to learn sometime.	17:47
BlueFaceMonster	I only recently discovered ubuntu IRC, and so far I've configured a webserver, made a Python/Pylons webpage from scratch and now this... all in a week. It's great! Hopefully get to "pay it forward" someday and help other	17:49
jmarsden	BlueFaceMonster: Let's try sudo dpkg-reconfigure exim4-config	17:51
Grim76__	BlueFaceMonster: Look at your configuration and look for dc_local_interfaces according to what I am reading that is where you specify what interfaces to listen.	17:51
jmarsden	Grim76__: Probably better to use the "friendly" config tools rather than manual file editing, don't you think?	17:52
sub	It depends who you ask :-)	17:53
sub	hehe	17:53
Grim76__	Good point.	17:53
BlueFaceMonster	nah, I'm an expert at "sudo nano /etc/foo.conf" now	17:54
Grim76__	BlueFaceMonster: Follow jmarsden and ignore me on that one. I am used to editing the config files directly.	17:54
jmarsden	sub: It depends who you are and your level of experience, IMO. I'd hack it, but I've been doing Unix system and network admin for 15+ years...	17:54
BlueFaceMonster	I'm happy with that, just can find exim.conf! Friendly tools it is...	17:54
BlueFaceMonster	* can't	17:55
jmarsden	Hmmm. When you installed exim what did you do regarding configuring it? Didn't you get the debconf dialogs about it then?	17:55
sub	jmarsden: Yes, very true, I agree. I've been doing *nix admin for about 5 total (though I have been using Linux for 10!)	17:56
sub	BlueFaceMonster: The friendly config tool is can be launched via: sudo dpkg-reconfigure exim4-config	17:57
sub	s/is//	17:57
BlueFaceMonster	I did, jmarsden, but I just forgot to add the external IP address. I have now, it was very easy and I am composing a suitable test email to myself... fingers crossed...	17:57
sub	Ah sorry, misunderstood :)	17:57
jmarsden	Good. Looks like all is well, I'll go eat my breakfast... have fun with exim :)	17:58
ivantis	Does anyone here run ubuntu server with mysql installed?	17:58
BlueFaceMonster	Tadaa! Worked like a charm! My thanKs to you all!	17:59
jdstrand	BlueFaceMonster: re firewall in Ubuntu> the default firewall tool is 'ufw'. It is not enabled be default. see 'man ufw' and https://wiki.ubuntu.com/UbuntuFirewall for details	18:00
BlueFaceMonster	will do, thanks.	18:01
jmarsden	ivantis: Ask you real question and find out who can help answer it...	18:01
Grim76__	BlueFaceMonster: Out of curiosity where did you get your VPS?	18:02
BlueFaceMonster	tagadab.com - can't fault them, service so far has been impeccible and cheap and chips, too	18:02
Grim76__	BlueFaceMonster: Ok thanks for the information.	18:02
=== JanC_ is now known as JanC
vecy	hey guys i have purchased a Dedicated Server - first time with multiple IP's i have a IP range - 72.232.190.90 to 72.232.190.94 - but when i try to ssh into it using lets say 72.232.190.91 - i never am connecting, do i need to activate these IPs somewhere before i can use them ? if so how ?	19:35
vecy	i am connecting fine using ..*.90	19:36
vecy	but not connecting at all using ..*.91-94	19:36
jmarsden	vecy: Do you have interfaces (or interface aliases) that actually are set to those IP addresses? If not, your sever will not respond to traffic send to those IPs.	19:37
vecy	i honestly dont know, i am logged in as root and i have not set anything besides installed LAMP (apache ..)	19:38
jmarsden	Do you need to use the other IPs for something in particular? If so, what?	19:38
vecy	when i type 'ifconfig' i see only the *.90 set	19:38
jmarsden	Then you are only listening on .90	19:38
vecy	well i want to setup my Apache for 5 websites if ip: 72.232.190.91 go to /home/user1/www if 72.232.190.92 go to /home/user2/www ... and perhaps some other stuff just incase	19:39
vecy	do you know the commands how to set those ips up ?	19:39
Daviey	vecy: Do you know how to do virtualhosts? It's similar	19:40
vecy	ohh true vhosts i totally forgot about them, yes i can use those and bind to domain name even better... :)	19:41
Daviey	thar you go :)	19:41
jmarsden	vecy: if you decide you do need the other IPs, man interfaces and also less /usr/share/doc/ifupdown/examples/network-interfaces.gz will probably get you on your way to configuring interface aliases for the other addresses.	19:42
vecy	thx :) reading on it now.. seems simple lets try rebooting now for changes to take affect.. a reboot is required right ?	19:45
jmarsden	No, just restart networking or probably just ifup the newly defined interface aliases	19:46
jmarsden	But I'd only add them if you need to use them; otherwise, keep it simple.	19:46
vecy	ah i rebooted before ive seen your msg and its been 5minutes	19:49
vecy	server still not up hmm could it get stuck anywhere ?	19:49
jmarsden	That's a long reboot... well, it could if you broke things and misconfigured the network interfaces...	19:49
jmarsden	Maybe you need to see whether your provider offers you remote console access of some kind?	19:50
vecy	well the /etc/.../interfaces file had if i recall eth0 auto... then eth0 ... static my ip .. subnet.. gateway	19:51
vecy	and i just copy pasted that from eth0 static .. 3 times changed ip only	19:51
jmarsden	That's unlikely to work, you need separate interface aliases for each IP, I think... like eth0:0, eth0:1 ... which were in the examples.	19:51
vecy	iface eth0 inet static; address 192.168.1.5; netmask 255.255.255.0; gateway 192.168.1.254	19:52
jmarsden	Get yourself remote console access and see what is going on.	19:52
vecy	it had this line	19:52
vecy	i just copy pasted and changed ip	19:52
vecy	thats just an example ok	19:52
vecy	ill give them a call to see if they can give me remote console access	19:52
sub	try the last IP you configured	19:52
sub	because jmarsden is correct about the interface aliases	19:53
sub	also the gateway only needs to be configured once	19:54
vecy	im such a noob lol first try locked myself out ... waiting for support to reply	19:58
sub	You've gotta learn somehow :P	20:00
vecy	is anyone here with LayeredTech by the way - just wondering where does one find the 'Automatic OS reloads' button which they advertise but not found within the Customer Portal	20:01
vecy	so you guys are saying i should be doing	20:22
vecy	iface eth0 inet static; address 192.168.1.5; netmask 255.255.255.0; gateway 192.168.1.254	20:22
vecy	for ip #1	20:22
vecy	iface eth1 inet static; address 192.168.1.5; netmask 255.255.255.0; gateway 192.168.1.254	20:22
vecy	for ip #2	20:22
vecy	?	20:22
vecy	and etc eth2, eth3..	20:22
jmarsden	No... use eth0, eth0:0 and eth0:1 since you only have one physical network interface, eth0. eth0:X are the aliases	20:24
jmarsden	I'm out of here... on my way to attend a wedding...	20:24
vecy	cool thx	20:25
vecy	should	20:44
vecy	auto eth0 eth0:1 eth0:2 eth0:3	20:44
vecy	cause any problems ?	20:44
vecy	i added it and not again! it looks like i broke my server again, cant connect to it anymore	20:45
giovani	vecy: you should never be editing core networking config files without an alternate means of accessing the server	21:01
giovani	you WILL break something if you're not very careful and experienced with how the files work	21:02
giovani	however, to answer your question, yes you can auto multiple interfaces on one line, that's fine	21:02
giovani	you probably had a typo elsewhere in the config	21:02
HellMind	When should I chroot?	21:03
giovani	when you have a need for it ...	21:03
giovani	when the process is self-contained within a specific directory structure, or can be easily adapted to	21:03
HellMind	for security is useful?	21:04
giovani	it can be	21:04
HellMind	I want to run a ventrilo server	21:04
HellMind	I dont know if doing that is necesary	21:04
giovani	necessary? definitely not	21:04
HellMind	but its a lot secure or its the same :(	21:05
HellMind	doing that what Im preventing?	21:06
giovani	there's no way for me to give you a simple answer	21:06
giovani	the security advantages are, if the ventrilo software is compromised, they only have access to files that were placed in the chroot	21:06
giovani	and they won't be able to access other files on your server, unless there's a bug or vulnerability in the kernel	21:07
HellMind	but if the attacker gain root?	21:07
HellMind	oh	21:07
giovani	well it's unlikely that they'd gain root through a chrooted server	21:07
infinity	They shouldn't, if Ventrilo isn't running as root, and if there are no root escalation vulnerabilities in your kernel.	21:07
giovani	however, if someone gains root on a server ... it's game over	21:07
HellMind	and there are many levels of chroot, because I saw you can chroot ftp	21:07
giovani	there are not many "levels" of chroot	21:08
giovani	chroot is a concept, it's either in use or not	21:08
giovani	chrooting users to their home directory is a common step where users on a system aren't trusted	21:08
giovani	(the ftp server is an example of where that might be used)	21:08
HellMind	for every user I must creat an enviroment?	21:09
giovani	if you wanted to chroot your users, yes	21:09
giovani	but that's separate from chrooting a particular server binary	21:09
HellMind	and what is the bad about it?,	21:10
HellMind	wasting hd space	21:11
giovani	chrooting is a pain to set up, it sometimes required a lot of work, and if you don't do it properly, you'll spend hours troubleshooting missing binaries, etc	21:11
giovani	s/required/requires/	21:11
HellMind	I tried and I failed	21:11
giovani	my point exactly	21:11
HellMind	I wonder which files are required to create the environment	21:12
giovani	ldd, and google usually help with that	21:12
HellMind	I can remove all thats unnecesary	21:12
HellMind	I got a guide	21:15
HellMind	but not for ubuntu	21:15
giovani	very little (if any) of this is ubuntu-specific	21:15
giovani	so that's not a problem	21:15
vecy	hey guys i am changing the motd.. are there any variable aliases i can use like Hello %username% welcome! << example ?	21:16
vecy	i havent touched linux much so unsure	21:16
giovani	vecy: /etc/motd is a static file	21:16
giovani	/etc/issue on the other hand allows text substitution along the lines of what you'd like	21:17
giovani	to my knowedge, you can't print the username though -- you could write a wrapper script to handle this	21:18
vecy	ok one more thing lets say i have a program i want to start it everytime i reboot automatically	21:21
vecy	how do i do such thing ?	21:21
vecy	its web server.. but i need to run it manually all the time (xampp)	21:21
giovani	what is xampp?	21:22
vecy	its a combination of apache,mysql,ftp... all in one	21:22
giovani	most server applications installed in ubuntu-server are automatically placed in /etc/rcX.d/ so that they start on bootup	21:22
vecy	but i need to type ./lampp everytime to run it	21:22
giovani	that doesn't sound like something built properly for ubuntu	21:22
giovani	I'd recommend installing packages from ubuntu which will work well together, and properly integrate into the system	21:23
HellMind	root@arctica:/opt/chrooted/ventrilo# su ventrilo	21:23
HellMind	root@arctica:/opt/chrooted/ventrilo#	21:23
HellMind	why I cant su :(	21:23
giovani	HellMind: "su - ventrilo"	21:23
HellMind	its the same	21:24
HellMind	it returns #	21:24
giovani	then you didn't set up the user properly	21:24
HellMind	it says I must set it /bin/false	21:24
HellMind	the shell	21:24
giovani	if you set the shell to /bin/false ... then you can't log in as the user like you're trying to	21:24
giovani	you can do one or the other, but not both	21:25
HellMind	but I can run the server right	21:25
giovani	yes ...	21:25
giovani	but su is going to start the shell	21:25
giovani	which you've disabled	21:25
giovani	so clearly it won't work	21:25
infinity	su -s /bin/sh - ventrilo	21:26
infinity	That will log in as the ventrilo user. Not sure why you'd want to, but there you go.	21:26
giovani	uh	21:26
giovani	let's not provide workarounds like that	21:26
giovani	that serves no purpose	21:26
infinity	It's not a "workaround".	21:26
infinity	If you need to test something as a user with a false shell, that's how you do it.	21:27
giovani	it absolutely is -- either the user has a shell or not	21:27
HellMind	giovani he is a pro	21:27
HellMind	infinity you rock	21:27
HellMind	i dont understand, if I can do that	21:28
giovani	you shouldn't be doing that	21:28
HellMind	and I see am not chrooted,	21:28
giovani	that's the point	21:28
HellMind	how can I see the chrooted environment	21:28
HellMind	How can I see it working	21:28
vecy	i asked this question on another linux channel without response.. lets try here	21:28
vecy	hi guys is there a way to make aliases to commands .. lets say i have /opt/lampp/lampp (a webserver) can i make a global alias so i could just type startwebserver and it would automatically go to /opt/lampp/lampp	21:28
giovani	vecy: yep, you're probably looking to set bash aliases	21:29
giovani	this can be done in the .bashrc file in each user's home directory	21:29
vecy	nice	21:30
HellMind	How do I know my user is being chrooted	21:30
infinity	Users aren't chrooted, processes are.	21:31
HellMind	thats why I asked the lvl of chroot,	21:31
HellMind	if I execute the sever using your tip, the process will be chrooted?	21:32
infinity	Is /opt/chrooted/ventrilo a chroot containing what will be run?	21:32
HellMind	yes	21:32
infinity	If so, "chroot /opt/chrooted/ventrilo" would get you "in that environment".	21:32
HellMind	but how should I start the process to chroot it then ?	21:33
infinity	But, you probably want a nice init script or something that will start your vent server in the chroot.	21:33
HellMind	"chroot /opt/chrooted/ventrilo" will spawn the shell chrooted	21:33
HellMind	i got a .c script but it doesnt do chroot	21:33
giovani	vecy: if you want to make aliases for every user on the system, best to place them in /etc/profile	21:33
HellMind	it only does setgid( and setgroups(	21:34
HellMind	So I should chroot lets say in the /etc/init.d script?	21:37
infinity	Assuming the application doesn't chroot itself (and I'm pretty sure vent doesn't/can't), then doing it in the init script is the cleanest place, yeah.	21:38
infinity	With a nice init script, you can also do some clever things like make sure the chroot is always fresh (copy over libc6, etc) before you start your application.	21:39
infinity	I tend to do sketchy things like mount a tmpfs, copy the libraries that my application depends on, copy in the application itself, then start it. Then you get a nice, fresh chroot every time you restart.	21:39
infinity	(Which means that package updates will stay in sync with the chroot)	21:40
HellMind	if you do a sym link for that	21:40
HellMind	you are unchrooting?	21:40
infinity	You can't symlink out of a chroot..	21:41
HellMind	thats right :D	21:41
HellMind	so all the symlink on the chroot will be unavailable	21:42
HellMind	if you chroot?	21:42
HellMind	it will show broken link	21:42
HellMind	or something?	21:42
infinity	Well, if they're absolute symlinks using full filesystem paths, yeah.	21:42
infinity	Any symlinks that are internally consistent IN the chroot would be fine.	21:42
HellMind	nice	21:43
infinity	A symlink is literally just a text string. There's nothing fancy about it.	21:43
infinity	So, if "foo" points to "/unf/whatever", if the latter exists in the chroot, the symlink works.	21:43
infinity	If not, it doesn't.	21:43
infinity	The file doesn't need to exist when you create the symlink, just when you want to resolve it. :P	21:44
HellMind	what happen if you do a cycling linking	21:46
HellMind	like a => b => c => a	21:46
infinity	Don't? :)	21:46
HellMind	dont know?	21:46
infinity	Depends on your application.	21:46
infinity	It won't hurt the system in any way. They're just files on the disk.	21:47
infinity	But an application reading "a" could get itself caught in an infinite loop if it's written by people unprepared for such siliness.	21:47
HellMind	but isnt about the app, is about the filesystem, the app doesnt resolve a symlink -_-	21:49
infinity	The filesystem just hands back a pointer to the real inode.	21:50
infinity	Which libc then hands off to the application as the new file handle.	21:50
infinity	If the application then opens that, finds another symlink, and loops... And doesn't notice it's in a loop.	21:51
infinity	shrug	21:51
infinity	It's somewhat academic. The answer is "don't do that, then".	21:51
sub	ln -s a b; ln -s b a; cat a gives me "cat: a: Too many levels of symbolic links	22:19
sub	:-)	22:19
r3rman_	Hey gais - http://my.brandeis.edu/bboard/q-and-a-fetch-msg?msg_id=0000Dn << how does that translate into ubuntu land?	23:15
r3rman_	I want ot tweak my /proc/sys/fs/file-max, inode-max (didn't find this one!) and perhaps something on ulimit	23:16
r3rman_	I am getting Too many files open exception	23:16
giovani	r3rman_: it has nothing to do with ubuntu	23:17
giovani	r3rman_: those are linux kernel settings ... feel free to modify them in ubuntu, it's no different than elsewhere	23:17
r3rman_	giovani, I don't see the inode-max on my install tho'	23:17
giovani	however, those posts are from years ago	23:18
r3rman_	yeah :s	23:18
giovani	r3rman_: those are from 2.2	23:19
giovani	long ago, things have changed heavily in 2.6	23:19
giovani	adjust file-max instead	23:19
r3rman_	aaah, pkill -9 actually works, whereas killall -p 9 fails and stops when it matches one process you don't own	23:20
r3rman_	giovani, where is file-max?	23:20
giovani	... same place as you thought inode-max was	23:20
r3rman_	w00t	23:20
giovani	googling clearly identifies all of this	23:20
giovani	you should know that these settings don't stay after a reboot	23:20
r3rman_	yeah, so I'll emacs that file, set it high, like 65535, and I can put a init.d to reconf it though right? or just even ~.bashrc ? (or ~/.profile?) - does it take effect immediately though?	23:21
giovani	you can either place the settings in /etc/sysctl.conf, or in /etc/sysctl.d/ -- read the README in that dir	23:21
r3rman_	thanks	23:22
giovani	r3rman_: no no no	23:22
giovani	r3rman_: sysctls don't belong in any of the places you mentioned	23:22
infinity	Err.	23:22
infinity	r3rman_: If you're getting "too many open files", it's probably not a kernel setting you're after, but a session limit.	23:22
infinity	r3rman_: See /etc/security/limits.conf	23:22
r3rman_	aah, right, I bumped into that one before I fell asleep earlier, cheers infinity	23:23
infinity	(See ulimit(1))	23:23
infinity	Default for open files is 1024.	23:23
r3rman_	infinity, you think 65535 is the max?	23:24
accol	hey guys random question, if i get the 'host key verification failed' error when trying to connect to a server, what am i doing wrong (this is before i even get a chance to enter a password/username)	23:24
infinity	r3rman_: I think that if you have a process using 65535 open handles, you have a very broken application.	23:24
r3rman_	infinity, or a very awesome one	23:24
infinity	r3rman_: Raising ulimits is usuall a troubleshooting step, not a fix. :P	23:25
r3rman_	it isn't broke, it is just slamming two 8 cores like bitches, and ripping up lots of files, across two machines with 200Tb of storage. and doing crazy stuff. I've finally written something to organise my porn	23:25
infinity	Not seeing how 8 threads translates to 65 thousand open handles at once, but sure.	23:26
infinity	You'll be heavily I/O limited if you don't serialise that a bit.	23:27
r3rman_	infinity, yeah, you are right, I was thinking to dump it all into a berkley db, maybe I will	23:27
r3rman_	but, I have zillions of threads raeping the nets and when they complete they touch a file and impregnate it with awesome	23:28
r3rman_	that front end is well tuned, and gets the highest throughput right nao, but as I cranked it up past 11 it didn't like it	23:29
r3rman_	* soft nofile 65535 < infinity do I need to restart session now?	23:29
infinity	r3rman_: Logging out and logging in should be enough to make it happy.	23:30
infinity	(Or whatever starts a new session for your process... su, sudo, etc)	23:30
infinity	r3rman_: You can verify you got it right with "ulimit -a" and check the values.	23:30
r3rman_	open files is still 1024	23:31
r3rman_	aah need to log in / out	23:31
r3rman_	I could also run run a ulimit command to set it in memory now?	23:31
infinity	r3rman_: Yeah. Limits are set by PAM, so you need a fresh session.	23:31
r3rman_	oh ok... I am accessing via vnc... perhaps I can logoff and on graphically... who knows, never tried	23:31
infinity	r3rman_: ulimit will only let you change user limits up to the hard limit, since root controls those.	23:32
infinity	r3rman_: But that would be lost on the next session start, hence why setting the default(s) for the user(s) makes a bit more sense.	23:32
r3rman_	ok. I've fusked my vnc now, I loaded gnome-session to see if I could logout that way, but that brough about the asdf abfh bug	23:33
r3rman_	lol	23:33
r3rman_	ulimit -n still gives 1024.... reshoe tiem	23:37
uvirtbot`	New bug: #414232 in munin (universe) "munin-node tries to "autoconf" /usr/share/munin/plugins/postgres_space_" [Undecided,New] https://launchpad.net/bugs/414232	23:48
andol	By the way, if someone feels like confirming that one	23:49
andol	...feel free to do so :)	23:49
psi-jack	Okay.. Since my on-board NIC's capable of doing Gigabit isn't working as I'd hoped they would...	23:52
psi-jack	I'm looking for options of PCI-based NIC's that can do it and are well supported by Linux.	23:52
psi-jack	Intel and or Netgear brands would be preferred.	23:52
psi-jack	Anyone with suggestions of hardware and model numbers?	23:58
giovani	any of the intel pro stuff is good	23:58
giovani	not cheap though	23:58
psi-jack	I don't mind spending about $100/card	23:59
psi-jack	As long as they're worth it.	23:59

Generated by irclog2html.py 2.7 by Marius Gedminas - find it at mg.pov.lt!