/srv/irclogs.ubuntu.com/2009/08/18/#ubuntu-server.txt

psi-jack	Is there an equivalent to linux-igd for ubuntu 9.04?	00:12
clusty	<HellMind> #debian guys are punks	00:18
clusty	well they are more knowledgeable than ubuntu ppl	00:18
clusty	probalem is that they think debian>> ubuntu and look down at us	00:18
KillMeNow	keep up the flattery, i'm sure it'll help	00:19
psi-jack	clusty: Sometimes.	00:19
clusty	i know that ass kissing works awesome	00:19
clusty	and i do it as much as my lungs can handle :D	00:19
clusty	KillMeNow, btw, still no luck with DNS-ing	00:20
clusty	KillMeNow, part 1 of the guide you gave me: http://www.cahilig.org/how-setup-lan-dns-server-using-bind9-under-debian-and-ubuntu-linux	00:20
clusty	KillMeNow, thing is I want my main machine to be called "algorithmica" so I substitued all over the zone files	00:20
clusty	and it still cannot find my domain called debian.lan	00:21
clusty	pfff need to fight another day with this issue	00:21
psi-jack	Okay..	00:21
psi-jack	Odd..	00:21
clusty	thing is it seems all jibberish to me (the zone files)	00:21
clusty	they do not make a whole lotta sense	00:21
clusty	ohh also my net is : 192.168.0.xxx so i changed it accordingly	00:22
psi-jack	So, packages.ubuntu.com says 9.04 (Jaunty) has linux-igd in universe, I checked my apt.sources, and universe was enabled by default, but it's not there.	00:23
* psi-jack snaps his fingers..		00:23
psi-jack	ahhh, I forgot, it's eBox 1.2, from 8.04.2	00:23
KillMeNow	http://www.cahilig.org/debian-and-ubuntu-ddns-bind9-and-dhcp	00:24
KillMeNow	that is the one i sent i do believe	00:24
KillMeNow	you wanted to hvae a local DHCP server push updates to DNS	00:24
KillMeNow	just like Microsoft does with their DHCP to DNS	00:24
clusty	KillMeNow, well they said in first sentence that this is building on the link i sent you	00:25
psi-jack	Crap!	00:25
KillMeNow	gotcha	00:25
clusty	KillMeNow, that is a minimal check that the system works	00:25
psi-jack	linux-igd isn't even available for 8.04-hardy	00:25
KillMeNow	yea, so you set up your DNS server and it's not working?	00:26
clusty	KillMeNow, correct :(	00:26
uvirtbot`	New bug: #414986 in open-iscsi (main) "open-iscsi causes FTBFS for anything that Build-Depends on it" [High,Triaged] https://launchpad.net/bugs/414986	00:26
clusty	KillMeNow, i must be doing somethign seriously wrong	00:26
clusty	KillMeNow, any difference since i am running 8.04?	00:27
KillMeNow	not particularly	00:28
clusty	KillMeNow, thanks for help. will try tomorrow with a fresh head	00:28
clusty	will screw up the whole office network so ppl will hate me :D	00:29
KillMeNow	rightous	00:30
KillMeNow	hate is gud	00:30
KillMeNow	biggest thing is, debian.lan is the domain name they are using	00:31
clusty	tomorrow is hate thy sys admin day :D	00:31
KillMeNow	if you have a internal domain name, and other machines are using this box to resolve, then you need to put that domain name in to the zone	00:31
clusty	KillMeNow, there is no domain really	00:31
clusty	KillMeNow, another example suggested dyn.example.com	00:31
clusty	which was used till now	00:32
KillMeNow	it sets up the reverse zone as well as the main zone	00:32
KillMeNow	yea, but is that the name of the internal domain you're using?	00:32
clusty	probably i screwed up the zone file	00:32
clusty	well you swamped me :D	00:32
clusty	i did not spcify any domain before	00:33
KillMeNow	well that is why they are using debian.lan	00:33
KillMeNow	it can be any name	00:33
KillMeNow	it could be anything.local	00:33
KillMeNow	as long as you specify that is the zone it is authoriative for	00:34
clusty	i figured as much	00:34
clusty	another thing: i could not check the validity of zone files i created	00:34
KillMeNow	so if your work domain is say: prince.corp	00:34
KillMeNow	your DNS server had better have a prince.corp zone file	00:35
clusty	they gave some tool, which is missing some files	00:35
KillMeNow	validity?	00:35
KillMeNow	you mean that the configuration is correct?	00:35
clusty	they say to do a : named-checkzone convergence.lan /etc/bind/zones/db.convergence.lan	00:35
clusty	but i am missing those files	00:35
KillMeNow	then you named it in your named.conf.local	00:35
KillMeNow	did you copy / paste from the website?	00:36
clusty	yeap :D	00:36
clusty	apart from zone files	00:36
clusty	which i doctored	00:36
clusty	to fit my main machine name and ip class	00:36
KillMeNow	http://tldp.org/HOWTO/DNS-HOWTO-5.html	00:38
KillMeNow	brush up on how DNS works	00:38
KillMeNow	http://www.google.com/cse?cx=017644269519104757279%3Agm62gtzaoky&q=Bind9&sa=go	00:38
KillMeNow	if you want a bunch of stuff on DNS and Bind9	00:39
clusty	KillMeNow, thnaks. you're the man	00:41
clusty	...or woman :d	00:41
KillMeNow	man	00:41
clusty	thoguht so	00:41
clusty	linux gals are a rare and precious comodity	00:42
clusty	:D	00:42
KillMeNow	fraid so	00:42
Kamilion	but gaining.	00:42
KillMeNow	yes, now if i could only meet one IRL	00:43
Kamilion	unfortunately, most of them are in the older-than-young-adult category.	00:43
Kamilion	Technically, my grandmother's a linux gal, as her desktop email-station runs 8.10 ;)	00:44
clusty	actually one GF was a linuxoid	00:46
clusty	not even fat and zitty :D	00:46
clusty	and not even computer science, but bio	00:47
clusty	:d	00:47
clusty	miracle really	00:47
HellMind	where should I store a pid file?	00:47
clusty	...and then she left to save the rain forest	00:47
* clusty sighs		00:47
clusty	HellMind, /var/run ?	00:47
clusty	is that not the standard spot?	00:47
HellMind	yep :D	00:49
HellMind	ty	00:49
HellMind	who want to see my init script ?	01:36
HellMind	just see it http://pastebin.com/m13bab642	01:39
KillMeNow	very nice	01:43
HellMind	I know, why ppl dont do thing like that :(	01:43
Q-FUNK	Howdy! Would anyone be available to comment on bug #194140 ?	02:53
uvirtbot`	Launchpad bug 194140 in cyrus-sasl2 "Dependency cycle prevents upgrade of libsasl2-2" [Low,Incomplete] https://launchpad.net/bugs/194140	02:53
psi-jack	Alrighty then.	03:00
psi-jack	Time to setup the ldap client. ;)	03:00
psi-jack	!find ldapsearch	03:59
ubottu	File ldapsearch found in caudium, kdepimlibs5-dev, ldap-utils, libnet-ldap-perl, nessus-plugins (and 2 others)	03:59
psi-jack	!find psql	04:56
ubottu	Found: libqt3-mt-psql, libqt4-sql-psql	04:56
psi-jack	Ugh	04:56
jmarsden	psi-jack: You'd probably get more useful results using apt-cache search psql	06:19
chrisellis	Hey guys... I've tried several times to make a sub domain and i can't get it to work	06:21
firecrotch	chrisellis: I can help!	06:21
chrisellis	firecrotch: awesome	06:22
chrisellis	what i did was create an A record and pointing to my IP address and then created a virtual server with that name	06:22
chrisellis	firecrotch: is that how you do i t?	06:23
firecrotch	chrisellis: you're on the right track	06:23
chrisellis	what am i doing wrong ?	06:24
firecrotch	chrisellis: you created the new virtual server in /etc/apache2/sites-available?	06:24
chrisellis	yes	06:24
firecrotch	chrisellis: Did you then run sudo a2ensite thenameofthefile ?	06:24
chrisellis	wait no i created the .conf file in sites-enabled	06:24
firecrotch	Ok, can you pastebin that file and your 000-default file?	06:25
chrisellis	i have a default-ssl file and my primary longhornpcrepair.com.cof	06:25
chrisellis	conf	06:25
firecrotch	chrisellis: do you get an error when you restart apache?	06:26
chrisellis	oh wait	06:26
chrisellis	i never restarted it	06:26
chrisellis	woops	06:26
firecrotch	chrisellis: that might help ;)	06:27
chrisellis	k let me restart it	06:27
chrisellis	k restarted it	06:27
firecrotch	chrisellis: does your subdomain work now?	06:28
chrisellis	im not sure i can't check it	06:28
chrisellis	http://swot.wwmcd.org	06:28
firecrotch	cannot find server	06:28
chrisellis	hmm	06:29
firecrotch	chrisellis: I did dig swot.wwmcd.org and got no answer	06:29
chrisellis	mmk	06:30
chrisellis	is wwmcd.org still working	06:30
chrisellis	firecrotch: here is my .conf file - http://pastebin.com/m31386711	06:31
firecrotch	chrisellis: the main domain does work, albeit slowly	06:31
chrisellis	thats not good	06:32
firecrotch	Seems to me that your DNS isn't updated	06:32
chrisellis	do i need to restart bind?	06:32
firecrotch	Yup	06:33
chrisellis	k	06:34
chrisellis	restarted it	06:34
jmarsden	It works now, although only one "Singing Woman" is listed and the site name is plural "women" :)	06:35
chrisellis	haha yeah	06:35
chrisellis	I am just starting on the site	06:35
chrisellis	fake content	06:35
chrisellis	and let me just make sure that wwmcd.org is still working	06:35
firecrotch	wwmcd.org is still working, and much faster now	06:36
chrisellis	great	06:37
chrisellis	so it was just a restart issue	06:37
chrisellis	i keep forgetting to restart my servers when i add stuff i will have to make a mental note	06:37
chrisellis	thank you much	06:38
jmarsden	You usually don't need to restart bind, sudo rndc reload wwwmcd.org would probably have been enough in this case.	06:39
chrisellis	what does that do?	06:39
jmarsden	man rndc. rnddc is a tool for sending commands to named	06:39
jmarsden	actually it lets you do all sorts of things to your DNS server except restart it :)	06:40
chrisellis	ahh	06:41
chrisellis	alright	06:41
chrisellis	I'm still learning how this all works	06:41
chrisellis	is there a script out there where i could just say the name of the domain and the directory and it creates all the files for me	06:43
firecrotch	chrisellis: I used to have one that I wrote, let me see if I have a copy somewhere	06:43
chrisellis	awesome	06:44
jmarsden	Well, I have some of those that do that for me and my needs... there can't really be a generic one because what you need for each new zone is up to you and ho wyou set up security for each zone, who can query it, etc etc.	06:44
chrisellis	I just set up all my domains pretty standard	06:45
firecrotch	chrisellis: Unfortunately, I don't see the script on my server anywhere, and my backup drive is at work	06:45
chrisellis	oh alright	06:46
firecrotch	chrisellis: You could write your own :)	06:46
chrisellis	firecrotch: true.. I would have to figure out how	06:46
chrisellis	i would love to create a php file that has a gui to it	06:46
chrisellis	or i mean that can give it a gui	06:46
firecrotch	chrisellis: I don't think that will be possible, since you have to use sudo for a lot of the stuff	06:48
firecrotch	chrisellis: nor would it be a good idea	06:48
chrisellis	yeah	06:48
chrisellis	well make it https and only on local network	06:48
firecrotch	chrisellis: I remember my script prompting me for the domain name and the directory to use	06:49
chrisellis	oh thats cool	06:49
firecrotch	chrisellis: I've always found this guide useful for bash scripting: http://www.freeos.com/guides/lsst/	06:51
chrisellis	awesome i will look into it	06:51
firecrotch	basically, I created a template for my apache configs, and used sed to put the domain name and directory into the file	06:52
jmarsden	I did the same for DNS... See http://pastebin.com/f9acf6b0 and http://pastebin.com/f6446090a for a script and template for DNS setup for new zones... just DNS, not web server setup, because DNS and web servers are separate machines in my case at work :)	06:53
chrisellis	pretty fancy	06:55
jmarsden	Not compared to some of the larger scripts I use :)	06:56
chrisellis	I'm just getting into this linux is very fun	07:00
chrisellis	let me use some punctuation... I'm just getting into linux, It is very fun	07:00
ball	chrisellis: Linux is useful, but the people are fun ;-)	07:00
chrisellis	yes	07:00
chrisellis	finally set up my own server and its been a challenge and very fun	07:01
chrisellis	i can't wait to buy another and set it up	07:01
ball	I'll be right back	07:03
chrisellis	is there an advantage to getting one of those servers at a server farm ?	07:03
jmarsden	Reliability, and less noise from server fans in your bedroom or living room or office :)	07:04
jmarsden	BTw the script for DNS is at http://pastebin.com/f6f861a36	07:04
jmarsden	Apparently I posted the template file twice earlier :)	07:04
ball	chrisellis: what will you use your Ubuntu server for?	07:06
chrisellis	ball: the one i have now is for my websites and my clients websites	07:06
chrisellis	mostly all my sites a php and mysql	07:07
ball	Are you using virtualisation?	07:07
ball	...or do they all live within one OS instance?	07:08
chrisellis	I'm using virtual servers	07:08
ball	What are you using as a hypervisor? KVM?	07:08
chrisellis	apache2	07:09
ball	apache2 is not a hypervisor	07:09
jmarsden	I think chrisellis is confusing cirtual hosts and virtualization :)	07:09
ball	Ah, okay.	07:09
chrisellis	haha yeah	07:09
chrisellis	im a noob	07:09
jmarsden	chrisellis: Virtualization is running multiple OSes "inside" another one. With tools like KVM or virtualbox or vmware server	07:10
chrisellis	oo	07:10
chrisellis	no i just have ubuntu running on a dell poweredge 1750	07:10
chrisellis	and just ssh into it ?	07:12
ball	It's a while since I looked at Dell Servers... is that a tower or rack mount?	07:12
qman__	you're running a single OS, using apache virtualhosts	07:13
chrisellis	its a rack	07:13
chrisellis	k i am running one OS	07:13
ball	I used to work with a 1U PowerEdge and that thing was loud	07:13
chrisellis	haha yeah	07:13
ball	...it was adequate though.	07:13
chrisellis	its a 1u	07:13
chrisellis	and its in the closet cause its sooo loud	07:14
chrisellis	don't worry there is an air condition vent in there	07:14
chrisellis	i want to get a poweredge 6650	07:14
qman__	those cooling systems are designed to deal with much worse than just a closet :)	07:14
qman__	I've got two servers in my closet, though they're towers, not rackmounts	07:15
ball	I would like a server with a matched pair of Shanghai chips in it, but short of winning the lottery, that's unlikely to happen.	07:15
chrisellis	who makes the best servers?	07:16
qman__	one's an athlon 64 3500+, the other's a sempron 64	07:16
chrisellis	I've just been looking at dells cause i live in austin and they are easy to find	07:17
jmarsden	chrisellis: "Best" at any price? And you have the space and power and cooling? IBM zSeries mainframes, probably :) But "best" is very subjective.	07:17
chrisellis	or round rock i mean	07:17
ball	chrisellis: IBM and HP seem to make some credible gear. Sun make some that's probably good for certain applications.	07:17
ball	...I wouldn't mind trying a Lenovo server.	07:17
ball	jmarsden: pSeries ftw ;-)	07:17
chrisellis	isn't lenovo basically IBM	07:18
ball	chrisellis: sort of.	07:18
qman__	dpm	07:18
qman__	don't know about their servers	07:18
qman__	lenovo bought IBM's division for laptops and such though	07:18
chrisellis	yeah	07:18
qman__	but IBM still makes servers, so not sure about them	07:18
jmarsden	No, Lenovo bought IBM PC designs... the IBM zSeries and pSeries stuff are much bigger machines using non-Intel noj-AMD CPUs and are very much not PC's at all...	07:18
ball	HP probably sell Itanium boxen... does anyone else?	07:19
chrisellis	all the servers i'm looking at are quad Xeon processors	07:19
ball	chrisellis: Nehalem?	07:19
chrisellis	ball: Is that a brand?	07:19
qman__	nehalem is also known as i7	07:19
twb	chrisellis: nehalem is an Intel product name	07:19
ball	chrisellis: some quad core Xeons are Nehalem chips	07:20
chrisellis	let me check	07:20
qman__	it's intel's latest and greatest processors	07:20
ball	it's a development codename.	07:20
jmarsden	Nehalem is the "code name" for a recent series of Intel CPUs.	07:20
qman__	they're fast, and they're expensive	07:20
twb	FSVO greatest ;-)	07:20
ball	Supposedly they have some nice power management features.	07:20
twb	It's not like Intel make particularly great chips to begin with, I guess	07:20
chrisellis	I'm not sure ... its a dell poweredge 6650	07:20
ball	twb: any thoughts on Shanghai?	07:20
chrisellis	it doesn't say in the manual	07:20
twb	ball: I don't track that shit closely	07:21
ball	chrisellis: don't buy it if you can't find out.	07:21
ball	twb: any thoughts on Istambul? ;-)	07:21
twb	ball: I don't track that shit closely	07:21
qman__	I can't afford any of that stuff, all my servers are desktop hardware	07:21
twb	qman__: my gear is fucking Pentium IIIs in compaq cases	07:22
ball	chrisellis: If you know you'll be scaling up, consider a blade chassis	07:22
qman__	my shell server is a 200MHz K6	07:22
jetsaredim	is there a guide for setting up raid under ubuntu?	07:22
ball	...perhaps once you get past three x86 boxen	07:22
twb	That's the work machines, of course.	07:22
chrisellis	ball: well this server is only $150	07:22
ball	qman__: I have a 450 MHz K6-2+ box here.	07:22
chrisellis	and for my uses i think it would be perfect	07:22
twb	At home I run everything off an Asus 500gP	07:22
ball	chrisellis: ah well, then you're not going to be all that fussy	07:22
ball	brb	07:22
qman__	you get four or five SSH sessions going, and it starts to lag	07:22
chrisellis	yeah	07:22
twb	Not because I'm poor, but for the challenge	07:23
qman__	perfect for personal use, not useful for much else	07:23
jmarsden	jetsaredim: See https://help.ubuntu.com/9.04/serverguide/C/advanced-installation.html for software RAID	07:24
chrisellis	I know that the 6650 chips have hyper-threading	07:24
qman__	HT means they're either pretty old, or the new nehalems	07:25
chrisellis	i dont think the 6650's are new	07:25
chrisellis	maybe 2006-2007	07:25
chrisellis	but again its only $150.00	07:25
qman__	that's not bad	07:25
chrisellis	yeah quad 2.2GHZ 3x73GB 10K	07:26
twb	I wasn't impressed by HT in the P4s	07:26
qman__	that's a nice machine for so little	07:26
qman__	probably eats up a lot of power though	07:26
chrisellis	its got 2x900 Watt Power supplies	07:27
twb	Gimme SATA's larger capacities for most shit, though	07:27
firecrotch	P4 HT was crap	07:27
twb	firecrotch: is nehalem's any better?	07:27
chrisellis	so hearing that they are 2 900watt power supplies i bet that things loud as crap	07:27
qman__	HT isn't useful on one core	07:27
qman__	but when you throw in 4+, it begins to show worth	07:27
firecrotch	twb: it's lightyears beyond P4's	07:27
qman__	but only in certain applications	07:27
twb	qman__: why?	07:27
twb	qman__: my understanding of HT was that the number of cores wasn't relevant	07:28
qman__	HT doubles your cores effectively	07:28
twb	qman__: bullshit	07:28
soren	qman__: Err.. It really, really doesn't.	07:28
qman__	but on the original P4 implementation, the way it worked, a runaway process would still hang your box	07:28
twb	http://en.wikipedia.org/wiki/Simultaneous_multithreading	07:29
chrisellis	so in theory 1 HT processor is 2 ?	07:29
qman__	well, it doesn't double them without consequence	07:29
twb	chrisellis: FSVO theory = marketing	07:29
qman__	it provides more cores at reduced performance per core	07:29
qman__	to the software	07:29
qman__	so it really depends on what software you run	07:29
qman__	but the new HT is far more useful than the original	07:29
jetsaredim	in what package would i be able to find mkraid?	07:29
* ball nods		07:29
ball	Hyperthreading is snake oil, at least on x86]	07:30
twb	"RMI, a Cupertino-based startup, is the first MIPS vendor to provide a processor SOC based on 8 cores, each of which runs 4 threads."	07:30
twb	32 threads on a soc? I'd like to see Intel do that	07:30
soren	jetsaredim: mkraid?	07:30
ball	soren!	07:31
qman__	jetsaredim, you probably shouldn't be using mkraid, you should use mdadm instead	07:31
chrisellis	If i already have a server thats a dual 2.8 would there be a point in running another server or just replacing that one	07:31
jetsaredim	qman__: ok	07:31
chrisellis	i mean for my needs at least	07:31
ball	chrisellis: look at your utilisation	07:31
qman__	that depends on your needs	07:31
qman__	if what you have is doing the job with a little performance to spare, I wouldn't bother upgrading it	07:32
ball	Look at your upgrade path before the load becomes very high and the users start to suffer.	07:32
twb	ball: if ANYTHING works, leave that thing the fuck alone :-)	07:32
qman__	web servers are an interesting thing	07:32
chrisellis	i just don't want to pass up a great deal like this	07:32
qman__	because it depends entirely on the nature of your sites	07:32
qman__	if you're using complex scripts and SSL, you need a lot of CPU power	07:33
ball	twb: Right, but if it's a production server you'll want another machine anyway.	07:33
qman__	if you're just serving static pages, not so much	07:33
chrisellis	right now i am using 0.00, 0.00, 0.00 cpu load average and 1.97GB Real memory	07:33
jmarsden	chrisellis: There will almost always be a better deal in a few months.... available general purpose computers get better, faster and cheaper over time.	07:33
qman__	it is a great deal, but if you don't need it, you'll just be increasing your electric bill for no good reason	07:33
jetsaredim	qman__: will mdadm automatically save the setup for next boot?	07:33
ball	chrisellis: do you have another machine synced with that, to take over when that one fails?	07:34
jmarsden	If you have 0 load avg you do not need more cores :)	07:34
chrisellis	no thats why i kinda want to get another one	07:34
qman__	jetsaredim, you have to save the mdadm.conf and set up your fstab	07:34
qman__	the howto should go through that, if it's the one I think it is	07:34
qman__	you can always manually reassemble an array	07:35
jetsaredim	not sure which howto you might be talking about?	07:36
qman__	http://tldp.org/HOWTO/Software-RAID-HOWTO.html	07:36
jetsaredim	yea	07:36
chrisellis	But what you said about the power bill ... 2x900watt power supplies plus whatever that 1750 is doing ... might kill me	07:36
qman__	yeah, it's a good deal if you need the CPU power, but it's going to be pretty costly to run	07:37
qman__	AMD's biggest marketing ploy is that opterons are more power efficient than xeons	07:37
ball	chrisellis: just because you have 900W PSUs, doesn't mean your server is going to be burning 900 Watts.	07:38
chrisellis	ball: oh well thats good to know	07:38
qman__	yeah	07:38
qman__	that's just the max capacity	07:38
qman__	and also, it's likely that they're redundant	07:38
ball	chrisellis: but choose your CPU and disk drives with care.	07:38
qman__	meaning that the machine is not designed to use more than 900 watts	07:38
qman__	however, it could still be pretty expensive to run	07:38
qman__	look into the TDP of the processors	07:39
jetsaredim	qman__: trying to figure out how to specify that a given drive is a spare in a raid 5 setup	07:39
ball	...and make sure they can do Cool-n-Quiet (AMD) or SpeedStep (Intel)	07:39
ball	...that those things are enabled too.	07:39
ball	...and 15k drives may be fast, but they also run hot.	07:40
ball	Alright, I really am going to bed now.	07:40
ball	Goodnight everyone.	07:40
ball	I shall dream of a new server, with 2.5" disk drives and stone cold microprocessors.	07:41
twb	2.5 so they fail faster?	07:41
=== lionel_ is now known as lionel
qman__	jetsaredim, http://prefetch.net/blog/index.php/2007/03/11/adding-a-hot-spare-to-an-md-device/	07:41
qman__	yeah, I am not a fan of 2.5" hard drives	07:42
chrisellis	alright talk to you later	07:42
qman__	too slow and too fragile	07:44
soren	qman__: You know that many SAS drives are 2.5", right?	07:46
qman__	nope, though fast and fragile isn't much better	07:47
qman__	I like my nice, cool 3.5" SATA drives	07:48
twb	I think what I like most about my 3.5" SATA drives is their commoditory nature (i.e. cost per byte).	07:49
qman__	yeah	07:50
qman__	RAID a bunch of them together, and you have a reasonably fast filesystem	07:51
firecrotch	I'll stick with my 5.25" drives, tyvm	07:51
jetsaredim	just got 5x wd black 750G for 65 per	07:52
twb	AUD 0.11 / megabyte for 1.5TB seagate sata 3.5	07:55
jetsaredim	$0.0866 for the wd drives - they were the deal of the day last week one day	07:56
twb	Nothing that good on msy.com.au, as at 2009-07-23	08:00
twb	Probably I should take a new snapshot	08:00
jetsaredim	yea - it was a daily deal last week on newegg	08:00
jetsaredim	how does one re-activate a "stopped" md device?	08:01
qman__	probably mdadm --assemble	08:02
jetsaredim	not identified in config file	08:02
qman__	without a config set up you'd have to specify the devices to use	08:06
qman__	syntax would be	08:08
qman__	mdadm --assemble /dev/md? /dev/sd? /dev/sd? /dev/sd?	08:09
qman__	replacing ? with the appropriate devices, of course	08:09
jetsaredim	hrm	08:09
jetsaredim	device or resource busy	08:09
jetsaredim	i'll just reinstall again	08:11
jetsaredim	just setting it up again	08:11
jetsaredim	so when saving the config	08:12
jetsaredim	would be something like mdadm --detail --scan --verbose > /etc/mdadm.conf	08:12
qman__	yes	08:12
jetsaredim	but maybe /etc/mdadm/mdadm.conf	08:12
qman__	I can't remember exactly but that's the idea	08:12
qman__	yes, the second is the correct file	08:12
jetsaredim	should it be appended or overwritten?	08:12
qman__	appended	08:13
jetsaredim	ok cool	08:13
jetsaredim	thanks for the assistance	08:13
qman__	no problem, sorry you have to start over	08:14
jetsaredim	i'm just starting out with it	08:14
jetsaredim	have an existing file server running on a hodgepodge of ide disks	08:14
jetsaredim	and upgrading to a new system i just built using the 5x 750 wd black drives	08:14
jetsaredim	trying to setup raid 5	08:14
jetsaredim	for media/backups/fault tolerance/etc	08:15
qman__	yeah	08:15
jetsaredim	lots of mp3s, tv shows, my kids dvds	08:15
jetsaredim	digital pics etc	08:15
qman__	I did pretty much the same thing with mine, took a few days to get it set up the way I wanted	08:15
jetsaredim	yea	08:15
jetsaredim	took me about a month to find the right parts i wanted	08:15
qman__	but it's worth the effort	08:15
jetsaredim	so it's not like i'm in any huge rush	08:16
qman__	and in the event of a system crash, you can still reassemble the array from a live CD	08:16
jetsaredim	yea	08:16
jetsaredim	well	08:16
jetsaredim	i was going to use 4 active drives and have the 5th for spare	08:16
jetsaredim	since i got them so relatively cheap	08:16
qman__	I started mine with 6 disks, and added 2 later	08:16
jetsaredim	ah	08:17
qman__	it's almost full again though, I'm going to have to get bigger disks and make a new array	08:17
jetsaredim	only 6 sata connectors at the moment on the mobo	08:17
jetsaredim	my case has enough bays for 11 drives	08:17
jetsaredim	so i'm set for expansion	08:17
jetsaredim	oddly enough the case was the one thing i had when i started the project	08:18
jetsaredim	heh	08:18
qman__	I've got room for 4 more, so I figure once 2TB drives get reliable and down in price, I'll create a new array with four of those, move the data, then add more 2TB disks	08:18
jetsaredim	yea	08:18
jetsaredim	though	08:18
jetsaredim	with the higher capacity disks there is greater likelihood of fault	08:19
qman__	yeah, I'd do raid 6 with them	08:19
jetsaredim	ah	08:19
qman__	right now I have raid 5, using 500GB disks	08:19
jetsaredim	sounds like fun	08:19
qman__	so I've got about 3.3TB of space	08:19
jetsaredim	that would be enough to tide me over for a while	08:20
qman__	one thing I didn't realize when I started	08:20
qman__	is that I already had enough data to fill more than half of it	08:20
jetsaredim	heh	08:20
qman__	once I got all my stuff off the various desktops around	08:20
jetsaredim	I'm getting there	08:20
jetsaredim	i have a 500G drive that's completely full	08:21
jetsaredim	plus a bunch of stuff on other random places	08:21
jetsaredim	i'd say i have about 100 movies	08:21
jetsaredim	plus about 400G of tv shows	08:22
jetsaredim	i need to go through them and get rid of some	08:22
qman__	I have about 300GB left	08:22
qman__	I can probably clean up about 150GB of unnecessary stuff	08:22
qman__	but at the rate things are going I'll be full by next year	08:23
jetsaredim	yea	08:23
jetsaredim	it goes fast	08:23
jetsaredim	especially if you use it	08:23
jetsaredim	anyway well - thanks again	08:24
qman__	yeah, no problem	08:24
jetsaredim	i may come back with more questions at some point tomorrow when i try again	08:24
qman__	that linux raid howto is the best resource for it	08:24
qman__	despite how old it is	08:24
jetsaredim	maybe i'll give karmic a go	08:24
jetsaredim	actually - i found something from the forums that's decent	08:24
qman__	cool	08:25
jetsaredim	ok later	08:26
uvirtbot`	New bug: #415224 in samba (main) "package samba 2:3.3.2-1ubuntu3.1 failed to install/upgrade: subprocess post-installation script returned error exit status 139" [Undecided,New] https://launchpad.net/bugs/415224	08:41
acalvo	anyone here using postfix+dovecot (and LDAP as backend)?	08:53
stochastic	can anyone tell me how to prevent my external USB drive from Auto-mounting when I plug it in?	08:54
negge	my /var/mail/<user> has stopped growing since about 6 months back. Has there been an update to the system that changes the location of the mail file or what is going on? I doubt cron haven't had anything to say for that long.	08:58
CopyWriter	hello all	09:12
CopyWriter	today's question :) - i installed 2 network cards into a ubuntu server lts 8:04, configured the eth0 with dhcp and connected it to my adsl modem (can ping google, did updates etc) configured eth1 with static 192.168.1.1 that plugs into a wireless router, other clients will connect to the wireless network fine, but get no internet	09:15
CopyWriter	oh and eth1 also has a dhcp server configured on it also	09:15
=== obstriege is now known as obst
CopyWriter	so it handles assigning addresses	09:15
CopyWriter	disabled dhcp on the wireless router, but then the clients couldn't connect to it	09:16
CopyWriter	when i open a browser it just stays at connecting and then nada	09:16
CopyWriter	i'm thinking to just plug the router into a lan port on the wireless router, but then that would entirely defeat the purpose of having the server act as a firewall	09:18
CopyWriter	!dhcp	09:18
ubottu	dhcp is Dynamic Host Configuration Protocol, a protocol for automatic IP assignment from a router. Ubuntu uses dhclient as a DHCP client but other ones (and DHCP servers too) can be obtained from the !repos. More info at http://en.wikipedia.org/wiki/DHCP	09:18
stefan____	what is the gateway for the wireless router	09:18
stefan____	?	09:18
stefan____	must be eth1s ip address	09:19
CopyWriter	192.168.1.1	09:19
stefan____	and that is the ip of the eth1 nic card ?	09:19
CopyWriter	yep	09:19
stefan____	do you have your 804 server configured as a router ?	09:20
CopyWriter	i'm not sure	09:20
CopyWriter	i don't think so	09:20
stefan____	that is way it is not working	09:20
CopyWriter	how do i do that	09:20
stefan____	http://unixfoo.blogspot.com/2008/02/how-to-configure-linux-machine-as.html	09:20
CopyWriter	i knew it was something i was missing	09:20
stefan____	enable ip_forward	09:21
CopyWriter	thanks stefan	09:22
stefan____	no probs CopyWriter	09:22
CopyWriter	i'll try that at the office, i woke up early to research the problem it's 4:22 now, will most likely still have time to get some shut eye before work	09:23
stefan____	it is good you woke up early then :)	09:23
acalvo	is it possible that the openssh server has some kind of timeout session?	10:26
acalvo	I'm finding that if I ssh one server and do not run any command for a large period (say 15min) it gets blocked	10:26
acalvo	maybe the connection was killed?	10:26
_ruben	most likely a connection tracking issue of one routers/firewalls in between	10:35
acalvo	_ruben: but it does not makes sense	10:36
_ruben	why not?	10:36
acalvo	since if I log in thru ssh and starting working, it does not get killed the connection	10:36
acalvo	only after a period	10:36
_ruben	so you're experiencing a timeout somewhere, a fairly common one is a busted connection tracking along the way	10:37
acalvo	oh, I see	10:38
acalvo	maybe you're right	10:38
andol	ttx: Regarding bug #334374, aside from having ldap-auth-config as an explicit Recommend, do you agree with the change otherwise?	11:04
uvirtbot	Launchpad bug 334374 in libnss-ldap "libnss-ldap should not depend on libpam-ldap" [Medium,Confirmed] https://launchpad.net/bugs/334374	11:04
ttx	andol: I was wondering what was the best way to fix it, given that other related bug. Wanted to ping mathiaz/dendrobates about it since they authored the original design	11:05
andol	ttx: Thinking of bug #11:36 < acalvo> _ruben: but it does not makes sense	11:06
uvirtbot	Launchpad bug 11 in rosetta "Rosetta says there are untranslated strings, but it isn't" [Medium,Fix released] https://launchpad.net/bugs/11	11:06
andol	ohh, bad paste there, sorry	11:06
andol	ttx: Thinking of bug #306054 I assume?	11:07
uvirtbot	Launchpad bug 306054 in ldap-auth-client "Not using LDAP for auth, please downgrade libpam-ldap to Recommends:" [Wishlist,Confirmed] https://launchpad.net/bugs/306054	11:07
ttx	yes	11:07
ttx	both are about the current design not allowing some specific setups	11:07
ttx	Downgrading a depends to a recommends would fix it, I'm just unsure which depend should be converted :)	11:08
ttx	Your solution would not fix 306054.	11:08
andol	ttx: Yeah, been thinking about that one too, but haven't really used ldap-auth{config,client} enough to have an an actual opinon on those.	11:08
andol	ttx: No, it wouldn't. Nevertheless I don't think ldap-auth-config should be a hard dependency to libnss-ldap. You can very well use that lib without any extra configuration utility.	11:10
ttx	true, the design was done at a time where recommends would not get installed, so it needs to be salted with some recommends to allow better flexibility.	11:11
andol	ttx: Which is basically the solution I suggest, especially if we add -auth-config as an explicit recommend. I belive that's a good change, no matter what.	11:12
andol	ttx: Still, I guess there is no hurry, if we anyway should solve the whole situation.	11:12
ttx	andol: ok	11:13
andol	ttx: So, what's the plan now? Try getting some input from matiaz and/or dendrobates?	11:14
ttx	andol: yes, I'll ask them to have a look and comment, then if they are ok with your debdiff, I'll uplaod it	11:14
ttx	upload it, even	11:15
andol	ttx: Does that mean I should add a new debdiff, with auth-recommends listed under Recommends as well?	11:15
ttx	andol: doesn't hurt to prepare it, yes :)	11:16
andol	ttx: Being a rather easy change I'll create a new one when I get off from work.	11:17
andol	Work is by the way something I probably should return to now.	11:17
ttx	andol: makes sense :)	11:18
sebrock	I just installed a vncserver on a headless ubuntu 9.04 server	11:40
sebrock	When I connect to it all I see is the X11 desktop, I cannot start a terminal or anything... how do I do that?	11:41
_ruben	install the desktop edition instead? :)	11:41
sebrock	uh nope no good	11:42
sebrock	I want to keep the installs at a minimum	11:42
sebrock	got the mouse ans everything, just no terminal	11:42
sebrock	so I can't start anything really	11:43
_ruben	perhaps you have no terminal program installed	11:43
ogra	install a minimal window manager	11:43
sebrock	Should it really be necessary to install a window manager?	11:44
ogra	openbox or fluxbox	11:44
sebrock	vncserver acts as a window manager	11:44
ogra	huh ?	11:44
_ruben	vncserver a wm??	11:44
sebrock	it installs X11 libs	11:44
ogra	vnc server acts as an X server	11:44
_ruben	its an X server, not a wm	11:44
sebrock	I heard a wm should not be needed	11:45
ogra	why do you use vnc at all ? as i understand you you just want to be able to run a terminal, using ssh should provide you with that	11:46
ogra	you just add useless overhead	11:46
dorvan83	hi to all	11:47
sebrock	ogra, it's for a mytht-backend	11:47
dorvan83	i have a problem with /dev/random.... seems doesn't work...	11:48
sebrock	Last time X-forward did not work very well with the initil setup	11:48
_ruben	dorvan83: you probably lack entropy .. which is a nasty problem .. i run into it every now and then on mostly idle systems	11:49
dorvan83	_ruben: yes i this this too, but entropy pool in kernel is 4096 and i'm trying different keygen executebles, have problem to generate a 1024 key from /dev/random	11:51
_ruben	dorvan83: its total size is probably 4096, yet empty (so 4096 of nothingness)	11:52
dorvan83	_ruben: but if i launch a dd if=/dev/random of=/root/text.txt and after some time i stop it..	11:52
dorvan83	_ruben: the results from dd statistics is zero	11:52
_ruben	which indicates lack of entropy	11:52
_ruben	there are some tricks to increase entropy to be found on the 'net, but i never found one that actualy worked well	11:53
dorvan83	_ruben: but if i make the same with "urandom" dd print something	11:53
_ruben	because urandom is less "secure" than random	11:53
dorvan83	_ruben: i'm using ubuntu server 9.04 in which way i can solve this, to try?	11:54
dorvan83	_ruben: some doc on the net suggest to remove rando and make an alis to urandom named random	11:57
_ruben	http://stupefydeveloper.blogspot.com/2007/12/random-vs-urandom.html .. little post on the differences between random and urandom .. as for increasing entropy itself, google, tho like i said, i dont recall ever being able to increase the entropy on a "problematic" box	11:57
dorvan83	_ruben: but sound stupid...	11:57
_ruben	that'd work as a temp work around	11:57
_ruben	and it depends on how much you care about "real" randomness	11:58
_ruben	if a certain box lacks enough entropy for a given task, i run the task on another box which does have enough entropy .. when possible that is	11:58
MatBoy	_ruben: do you still live ?	12:12
sebrock	yup, vncserver should start twm, so it includes a wm	12:15
sebrock	I see it should also start a terminal by default	12:17
sebrock	FYI all I had to do was to add the full path to xterm in the xstartup file	12:35
sebrock	works now	12:35
garymc	Hi people, do i need an antivirus software on my ubuntu server? if so which one and does it cost anything?	12:40
pmatulis	garymc: no a/v s/w necessary	12:43
garymc	s/w?	12:49
pmatulis	software	12:50
garymc	ahh :S	12:51
pmatulis	garymc: what kind of server are you talking about anyway?	12:51
ivoks	ttx: here?	12:51
ttx	ivoks: yes	12:51
garymc	im using an LTSP setup	12:51
pmatulis	ok, an LTSP server	12:51
ivoks	ttx: regarding the corosync sync	12:51
garymc	ive got 3 servers, trying to use two of them right now	12:51
garymc	Im gonna put Astlinux on one of them	12:52
ttx	ivoks: yes	12:52
ivoks	ttx: my laptop died couple of days ago, so it's kind of pain to do anythnig now using my phone	12:52
garymc	and try to link it through so each ltsp user has a phone too	12:52
ttx	hehe	12:52
ivoks	ttx: so, i'll be finishing my vacation tomorrow and should be able to fix those things day after tomottow	12:53
ivoks	tomorrow	12:53
ttx	ivoks: works for me, I'm mostly concerned by the NBS	12:53
ivoks	nbs?	12:53
ttx	the library transition	12:53
ivoks	ah.	12:53
ivoks	rhcs will need rebuild	12:53
ivoks	acctualy, new version	12:54
ivoks	and	12:54
ivoks	but we need to sync corosync first	12:54
ivoks	then we will sync openais	12:54
ivoks	and new pacemaker and new rhcs	12:54
ivoks	corosync is first step	12:55
ivoks	openais second	12:55
ivoks	everything except rhcs is in the ppa i mentioned in the bug	12:56
ivoks	i couldn't finish rhcs cause my thinpad died... £%$&*£"!	12:56
ivoks	... and i won't be at the meeting today for the same reason...	12:57
ttx	ivoks: There is no laptop reparirman on your beach ?	12:58
ivoks	no :/	12:58
garymc	pmatulis: do you know if i can do this?	12:58
garymc	pmatulis: setup a separate server with astlinux on ubuntu then link it to my ltsp clients and giv them a phone each?	12:59
pmatulis	garymc: best ask on #ltsp	12:59
ivoks	ttx: oh, and we can't sync from experimental since that version isn't there yet	12:59
ttx	it is now	12:59
ttx	ivoks: since Aug 15	13:00
ivoks	eh... i couldn't know that :/	13:00
ivoks	does it has all my changes?	13:00
ivoks	have	13:01
ivoks	i hate lenovo :/	13:01
_ruben	MatBoy: nah :)	13:02
ivoks	anyway, i'll be back in 48 hours... take care	13:02
dorvan83	ivoks: i'm using your last released packages on launchpad for ubuntu for corosync and pacemaker. Yesterday night sdake of #linux-cluster have bypassed an issue with corosync-keygen binary, but there are other problems with system entropy.	13:53
ttx	dorvan83: he is no longer in-channel. You should send an email to him.	13:55
dorvan83	ah, ok	13:55
dorvan83	where i can get it?	13:55
dorvan83	from whois command?	13:55
dorvan83	i can't see	13:57
dorvan83	ttx: have you suggestion for increase system entropy?	13:57
dorvan83	i found this:http://ubuntumagnet.com/2007/11/creating-more-entropy-linux-kernel-virtualized-environment	13:58
ttx	dorvan83: see pm	14:00
dorvan83	ttx: pm?	14:03
ttx	dorvan83: I just sent you the email address by Private Message (pm)	14:05
dorvan83	ooppss sorry... that pm aaaaaaaaaaaaahhhhh	14:07
dorvan83	ttx: thanks, sorry but i'm in remote console on irssi.	14:08
smoser	soren, would it make sense to allow the user to provide the ssh host keys for a new instance (in user-data or something).. they could run ssh-keygen the system that started the instance and send them over to the new instance, rather than trying to verify by scraping console output (which sometimes doesn't work)	14:10
soren	smoser: i thought about it, but I think it's a bad idea. The user-data is not protected, so if someone finds a way to query your meta-data, they get your ssh host private key, and that would be bad news.	14:11
smoser	this is true	14:12
smoser	obviously, that info (the private key) is also in /etc/ssh	14:12
smoser	but there it is file system permissions protected	14:12
smoser	i think you might have mentioned before the possibility of locking up (via iptables) the user data	14:13
smoser	after it is used. perhaps crawl it, store it in /var/run/ec2-user data with secure filesystem permissions and then deny access to 169.254.169.254:80	14:14
smoser	soren, ^ (no hurry, just so you see it)	14:15
soren	smoser: Hm. Interesting idea. That could work, I guess.	14:16
=== magnetic_ is now known as foolano
=== nick125_ is now known as nick125
rayno_b	Hi there, I need to forward port 3840 to a specific IP address on the network (this should happen from internal). Can someone here please assist me to get that to work?	16:01
PhotoJim_	there are lots of ways of doing that.	16:01
PhotoJim_	I use shorewall. /etc/shorewall/rules has the configuration.	16:02
rayno_b	If I use webmin could I do this with ip tables?	16:02
PhotoJim_	DNAT net loc:192.168.222.13 tcp 5050	16:02
PhotoJim_	DNAT net loc:192.168.222.13 udp 5050	16:02
PhotoJim_	that forwards port 5050 from my router's external IP (my router is an Ubuntu box) to that private IP on my LAN (my Slingbox in this case).	16:02
giovani	rayno_b: your ubuntu box is the firewall/router?	16:03
rayno_b	no	16:03
PhotoJim_	iptables can do it, but I'm not experienced in doing that. and I don't use webmin . my router has no GUI. better performance that way.	16:03
PhotoJim_	ahh. you have to do this on your router.	16:03
giovani	rayno_b: then this isn't an ubuntu question -- this is a question for your router/firewall company	16:03
rayno_b	but is there any way to do this on this ubuntu machine that is currently getting the request?	16:03
giovani	rayno_b: no ...	16:04
giovani	you need to open the port at the router/firewall	16:04
rayno_b	look, the port is open.	16:04
giovani	the entire function of that device is to stop random traffic from entering your network -- so that's where the exception has to be made	16:04
giovani	rayno_b: on the router/firewall? or on the server? there's a big difference	16:04
rayno_b	Giovani - I know. The port is only going to be used in the local lan, not from external to internal.	16:05
PhotoJim_	why do you want to do local port forwarding?	16:05
giovani	rayno_b: then there's nothing you need to do -- the port is open	16:05
rayno_b	but	16:05
PhotoJim_	port forwarding is usually done as a kludge to get around NAT. local IPs don't need to work around it.	16:05
rayno_b	If the request comes to the ubuntu box on port 3840, I want that request to be processed by another machine on the network.	16:05
PhotoJim_	can you not direct the request to the proper machine?	16:05
rayno_b	You would think - That's what I would have done, but I'm not the admin of this network. The network admin insists that I do it this way.	16:06
giovani	rayno_b: there's no good solution to this	16:06
PhotoJim_	this is a really dumb way to do it. no offense. :)	16:06
giovani	you need to do it the right way	16:06
uvirtbot	New bug: #387257 in bacula (universe) "Bacula crashed on installation" [Medium,Invalid] https://launchpad.net/bugs/387257	16:06
giovani	which is to send the client to the correct server	16:06
giovani	also, what protocol are you using on this port?	16:07
rayno_b	I'm using tcp	16:07
giovani	no	16:07
giovani	I meant application protocol	16:07
rayno_b	It's an http address	16:08
giovani	well, you can issue an http redirect	16:08
giovani	it's far cleaner than any kind of weird port-tunneling you want to do	16:08
rayno_b	okay... but say I insist on doing this weird tunneling thing. can you just help me to get it working please? I understand it's not the right thing to do.	16:09
giovani	an HTTP 301 reply will ensure the client sends their traffic (for the entire session) to that new server	16:09
giovani	rayno_b: nope, sorry, I can't help do something so silly	16:10
giovani	maybe someone else will	16:10
rayno_b	can I explain the network admin's point of view.	16:10
giovani	well you've also decided not to use my perfectly valid solution	16:11
giovani	for some unknown reason	16:11
rayno_b	giovani - ok, can you help me with the HTTP 301 reply?	16:11
giovani	sure, set up a webserver, and configure it that way	16:11
giovani	lighttpd will do	16:11
giovani	it's still serious overkill	16:12
giovani	but at least it'll make sure you're not duplicating tons of traffic for no good reason	16:12
rayno_b	okay, i'll try that. thank you.	16:12
PhotoJim_	that seems the most elegant solution.	16:13
=== PhotoJim_ is now known as PhotoJim
giovani	PhotoJim: it still makes me cringe :)	16:13
rayno_b	you wouldn't do it?	16:14
giovani	rayno_b: I'd talk to the network admin	16:14
giovani	I don't know why this is the network admin's decision anyway	16:14
rayno_b	okay	16:14
giovani	you don't need his permission to tell clients to access the server directly	16:14
giovani	http://redmine.lighttpd.net/projects/1/wiki/Docs:ModRedirect	16:14
pmatulis	rayno_b: give giovani the admin's telephone number	16:15
giovani	there's the (pretty good) documentation on mod_redirect (which you'd need to use lighttpd here)	16:15
giovani	just make sure to set the url.redirect-code to 301	16:15
rayno_b	the thing is, the server sends 'n url link to the clients in their mailboxes and this contains the wrong address at the moment.	16:15
giovani	so fix it?	16:15
rayno_b	the dns name on other ports should point to the ubuntu server. it's just this one single port that's the problem.	16:16
PhotoJim	yeah, that's a good point. can you change it to give the correct address?	16:16
giovani	rayno_b: I don't follow you -- ports aren't related to domain names	16:16
giovani	domain names map to ip addresses -- you can't specify which ports are accessible when using a given name to resolve the ip	16:17
rayno_b	I know I know.	16:17
rayno_b	This is a special case.	16:17
rayno_b	From outside, the address somename.dyndns.org maps to the router that comes into the client's network.	16:18
rayno_b	From inside, the network administrator has mapped that name (somename.dyndns.org) to the ubuntu server that I'm administrating.	16:18
rayno_b	Because all ports on that name should go to the ubuntu server, except for this one port 3840 which should go back to another address.	16:18
giovani	so use a different name ...	16:19
giovani	for the right server	16:19
giovani	and send that one out in the emails	16:19
PhotoJim	sounds to me like the optimal solution is to just give the Ubuntu server the public IP, and have it port forward that one port.	16:22
PhotoJim	using a router to forward all ports to a single machine means the router isn't really routing.	16:22
PhotoJim	it's superfluous.	16:22
rayno_b	Okay, will talk to the network admin.	16:25
rayno_b	I have another question which is not related to my current topic... Do you mind?	16:25
giovani	rayno_b: as long as it's an ubuntu question, sure	16:26
rayno_b	I've been trying to understand traffic shaping, but I have no clue how to get this right. At the moment, I use an ubuntu server as gateway to the internet. How can I control that one user cannot simply use all available bandwidth to the internet? And maybe always allow mail traffic to be able to flow through, etc.?	16:28
rayno_b	I'll be right back	16:29
rayno_b	Right, I'm back.	16:32
rayno_b	Giovani - Can you or PhotoJim help with this?	16:39
=== Jare_ is now known as Jare
giovani	rayno_b: honestly, it's a reasonably complex topic	16:42
giovani	there are a number of howtos on traffic queueing in linux -- but I wouldn't advise taking it on	16:43
rayno_b	I must say, I've been very much unsuccessfull so far in what I've been trying.	16:44
rayno_b	But everytime someone on the network now downloads something, the internet is unusable to anyone else.	16:44
giovani	downloads something over http? or with something abusive like bittorrent?	16:46
rayno_b	just straight forward download	16:46
giovani	so over http then	16:46
giovani	that shouldn't be happening	16:46
rayno_b	remember, we're in africa. download speeds are really slow.	16:46
giovani	alright, well then it sounds like you may need traffic shaping	16:47
giovani	but it's not a simple task	16:47
giovani	so I'm not sure what to offer you	16:47
rayno_b	Are you prepared to help me set it up?	16:49
Sam-I-Am	mathiaz: yo	17:00
mathiaz	Sam-I-Am: hi	17:00
mathiaz	Sam-I-Am: what is the subject of your email?	17:01
Sam-I-Am	looking...	17:01
Daviey	nijaba & kirkland: Let me know when you have 5 mins to chat about ubuntu-server-tips	17:02
kirkland	Daviey: i'm working a hard math problem at the moment	17:02
nijaba	Daviey: I'm free now (well, let me grab a coffee first)	17:02
nijaba	kirkland: well, since I know you do not have kids, I guess it is not a school relted pb ;)	17:03
Sam-I-Am	its on pkg-openldap-devel, cc'd you... 'enable nss-slapd to be built'	17:03
=== diehaai is now known as thefish
Sam-I-Am	and steve...	17:04
Sam-I-Am	since i'm kinda new to this i wasnt sure where i should run it by you guys, submit a bug/patch, or whatever...	17:04
Sam-I-Am	s/where/whether	17:04
mathiaz	Sam-I-Am: submitting a patch is always a good idea	17:05
Sam-I-Am	also added a patch to fix test058's failing issue	17:05
Sam-I-Am	sure, so just submit a bug and attach the udiff?	17:05
Daviey	kirkland: heh, ok.. ping me and nijaba when you are free :)	17:05
Sam-I-Am	and patches which patch the build mechanism are ok too?	17:06
mathiaz	Sam-I-Am: sure	17:06
mathiaz	Sam-I-Am: what's your patch about test58?	17:06
mathiaz	Sam-I-Am: I'd also suggest to file the patches in the upstream bug tracker	17:06
nijaba	Daviey: from what I have gathered so far, you should just add a file starting with a number inside /etc/update-motd.d/ which contains the command to be executed to display tips. Once there the command will be executed at login to display the tip. kirkland will confirm, but I am quite sure that's all there is to it	17:08
kirkland	nijaba: Daviey: right... or a symlink to a file	17:08
mathiaz	Sam-I-Am: test58 randomly fails - try to rebuild the package and the build may succeed	17:08
kirkland	Daviey: do you have a binary that just plucks and prints one random tip?	17:08
Sam-I-Am	mathiaz: the patch for test058 was from hyc... it got committed to openldap CVS	17:08
mathiaz	Sam-I-Am: part of 2.4.18 then?	17:09
Sam-I-Am	mathiaz: so i added it to the build for 2.4.17 ... and it seems to reduce or eliminate the random failures that arent already caught	17:09
Sam-I-Am	it will be	17:09
Sam-I-Am	which means it becomes moot if 2.4.18 makes it into karmic	17:09
nijaba	kirkland: /usr/bin/ubuntu-server-tip	17:10
mathiaz	Sam-I-Am: that's ok - we backport patches from upstream if they're relevant	17:10
Sam-I-Am	yeah, this was a minor one that just cleaned up builds... along with my nssov patch which clear out the temporary build files leftover in the nssov tree	17:10
mathiaz	Sam-I-Am: this seems like a good candidate to send to upstream	17:11
nijaba	kirkland: so I guess a ln -s /usr/bin/ubuntu-server-tip /etc/update-motd.d/60_ubuntu-server-tip should be it?	17:11
mathiaz	Sam-I-Am: so I'd file a bug in ITS too	17:11
Sam-I-Am	mathiaz: the nssov patch?	17:11
mathiaz	Sam-I-Am: yes - if you modify the Makefile to add a clean target it would be beneficial to upstream too	17:11
kirkland	nijaba: Daviey: yeah, that should do it ;-)	17:11
Sam-I-Am	that was the question i had in my email... whether i should patch debian/rules to manually purge the files... or patch the nssov makefile to include a 'clean' rule and then debian/rules to call it	17:12
mathiaz	Sam-I-Am: I didn't pay too much attention to your patch as I don't build package more than once in the same tree	17:12
mathiaz	Sam-I-Am: patch the nssov Makefile	17:12
mathiaz	Sam-I-Am: and submit the patch to upstream	17:12
Sam-I-Am	ok... and what about calling it during build cleanup?	17:13
Sam-I-Am	i originally just added the clean target to 'all' which solved it, but felt a bit clunky	17:14
mathiaz	Sam-I-Am: the clean target in the rules doesn't clean up the build	17:14
mathiaz	Sam-I-Am: the clean target in the rules doesn't clean up the build tree	17:14
Sam-I-Am	what does then?	17:14
mathiaz	Sam-I-Am: hm - well it does: rm -rf $(builddir) $(builddir_notls) $(installdir)	17:14
mathiaz	Sam-I-Am: however it's not done from a Makefile target	17:15
Sam-I-Am	ah, right	17:15
mathiaz	Sam-I-Am: It doesn't use make clean	17:15
Sam-I-Am	nssov gets built in the regular source tree, not build iirc	17:15
Sam-I-Am	which explains where the leftovers come from	17:15
mathiaz	Sam-I-Am: right - so may be modifying the nssov to be build in the build tree?	17:15
Sam-I-Am	sounds like a better plan	17:16
Sam-I-Am	now that i see how its working :)	17:16
mathiaz	Sam-I-Am: and while you're working on this, the latest version of slapd in ubuntu doesn't load the nssov	17:16
Sam-I-Am	figure its also pertinent for building things like smbk5pwd	17:16
Daviey	kirkland: sorry, went AFK.. Something nijaba mentioned about it being 160 chars or less.. I was thinking of adding a "-s" switch to /usr/bin/ubuntu-server-tip that returns a tip less than 160 chars, as this might be more suitable for MOTD? What do you think?	17:16
Sam-I-Am	which would also be a nice thing to integrate...	17:16
mathiaz	Sam-I-Am: I haven't tracked down the reason why the nssov shared library is not loaded correctly	17:16
Daviey	kirkland: That obv breaks your symlink, unless -s is default behaviour	17:17
Sam-I-Am	mathiaz: hmm... i'll look into it	17:17
mathiaz	Sam-I-Am: that would be very helpful	17:17
mathiaz	Sam-I-Am: take the latest version of slapd in karmic and try to load the slapd overlay	17:17
Daviey	kirkland: i guess if user = root, it could default to -s ?	17:17
mathiaz	Sam-I-Am: take the latest version of slapd in karmic and try to load the nssov overlay	17:17
Sam-I-Am	k... looking at that now...	17:18
mathiaz	Sam-I-Am: smbk5pwd is also interesting however it's build for heimdal	17:19
Sam-I-Am	yeah, that was another question	17:19
mathiaz	Sam-I-Am: so the overlay needs to be ported to support MIT kerberos	17:19
Sam-I-Am	with samba4 integrating heimdal, whats the plans with MIT?	17:19
Sam-I-Am	or are they orthogonal	17:19
mathiaz	Sam-I-Am: MIT is the supported version of kerberso in ubuntu	17:19
Sam-I-Am	yeah...	17:19
mathiaz	Sam-I-Am: ie MIT kerberos is in main while heimdal is in universe	17:20
mathiaz	Sam-I-Am: so the smbkrb5pwd needs to be ported to MIT	17:20
Sam-I-Am	i saw something on the server pages about getting heimdal into main (which i think it was a long time ago)	17:20
mathiaz	Sam-I-Am: there is someone from redhat working on adding support for MIT kerberos to samba4	17:20
nijaba	Daviey: ln -s is what you would do from the command line to add the symlink. The script ubuntu-server-tip can have whatever you want in it	17:20
Sam-I-Am	mathiaz: ah, cool	17:20
mathiaz	Sam-I-Am: that must have been a long time ago	17:20
mathiaz	Sam-I-Am: the current plan is to stick with MIT kerberos in main and have heimdal in universe	17:21
Daviey	nijaba: sure, but just wanted to clarify that the MOTD should be <160 chars.. and if so, should i make this the default behaviour if ran as root? As update-motd no doubt runs as root.	17:21
Daviey	Can't think of a cleaner way, i'm sure update-motd doesn't introduce any enviroment variables?	17:21
nijaba	Daviey: ah, ok... in that case add a real file 60_ubuntu-server-tip in update-motd.d that contains a call to /usr/bin/ubuntu-server-tip and all the options you want	17:22
Daviey	The reason i'm suggesting this, as i think the user should be able to run further ubuntu-server-tip on demand	17:22
Sam-I-Am	the thing about heimdal is it'll set your smb password automatically when you change your kerberos password... so patching smbk5pwd might take a bit more work	17:22
Sam-I-Am	since i think it lets heimdal handle some of the footwork automagically	17:23
Daviey	nijaba: I was pondering the idea of a --submit option, so people could easily send a tip via the command line :)	17:23
mathiaz	Sam-I-Am: does heimdal use the EXT OP to change the ldap password?	17:23
Sam-I-Am	mathiaz: not for samba.. it just writes the NT hash	17:24
nijaba	Daviey: that would be cool! I guess it could just use the standard bug reporting interface...	17:24
Sam-I-Am	i dont think theres an exop for md4	17:24
Sam-I-Am	it would be nice if it was all exop...	17:24
nijaba	Daviey: ie: ubuntu-bug command	17:24
nijaba	Daviey: err.... no	17:25
Daviey	nijaba: well i was thinking this.. using ubuntu-bug, but it is my understanding that; only works for ubuntu packages, not projects (not a long term issue once it is included), they also require a LP account.. and i don't know if this is a good or bad thing for making suggestions	17:25
nijaba	Daviey: yes, that's what I was just looking at. Might be simpler to have an email sent to some generic address	17:26
Daviey	nijaba: but we don't install a smtp server on base :/	17:26
nijaba	Daviey: for example the ubuntu-server-tip team ml	17:26
Daviey	nijaba: that is a good idea, then there can be discussion per thread on the validity of the command.	17:27
psi-jack	Hmm interesting.	17:28
nijaba	Daviey: well... if smtp is not configured (ie no smtp-mta available) maybe we could just tell the person to send an email to the list?	17:28
nijaba	Daviey: we need something simple..	17:29
psi-jack	I have ldaps:/// in my etc/default/slapd, and it's listening to 636, but tls is failing.	17:29
nijaba	Daviey: btw, there is a tip about iotop and another about iftop, but none are in main, which, in the principle, breaks rule #3 on https://wiki.ubuntu.com/server-tips	17:31
nijaba	Daviey: I do however find the tip useful, so I am wondering if we should request an exception	17:32
Sam-I-Am	psi-jack: 636 is not tls, its ssl	17:32
Sam-I-Am	tls uses 389	17:32
Clusty	hey	17:33
Daviey	nijaba: hmm.. do you think we should generally review rule #3 ?	17:33
Sam-I-Am	in fact, you should probably not be using ssl unless one of your clients doesnt speak tls	17:33
Clusty	i wanted to give out static IP addresses to certain MACs and dynamic tot he rest	17:33
Daviey	nijaba: I mean, if the server admin is happy to use universe stuff - then it's enabled in sources.list.. and if they try and run the command, they'll get command-not-found telling them how to install it?	17:33
VSpike	If I'm connected with ssh to my server and am partway through a long backup script, and if I now discover I have to leave and shutdown my client machine....	17:34
Clusty	unfortunately google gives me just how to configure static addresses from the client side	17:34
nijaba	Daviey: yep, I think it is quite important that we do not advise people to use stuff not in main. but that can be discussed for utilities	17:34
VSpike	Is there anyway, given that I didn't use nohup or screen, to prevent the backup from stopping?	17:34
nijaba	Daviey: I would be much more concern for long standing deamons to tell you the truth	17:34
Sam-I-Am	VSpike: use nohup? :)	17:34
Clusty	VSpike, if i am not mistaking you can do some magic, to give a process a new parent	17:34
VSpike	I do not like that Sam-I-Am ;)	17:35
Daviey	nijaba: yeah, i can see that point..	17:35
Clusty	VSpike, not sure thoiugh	17:35
Clusty	VSpike, consider running all in a VNC ?	17:35
Daviey	nijaba: TBH, i actually forgot about the rules on the wiki page.. not purposely disobeyed them :(	17:35
VSpike	Clusty: I have heard of such things, I agree	17:35
nijaba	Daviey: hey, no prob, we are still in early stages here	17:35
VSpike	Clusty: it sounds quite voodoo	17:35
Clusty	VSpike, i know it's possible. but i would not know where to start	17:36
VSpike	I guess I'll just kill the backup, start screen, restart the process and check it later	17:36
Daviey	nijaba: "Ubuntu Enterprise Cloud" tip does sail close to the wind.. :/	17:36
VSpike	I would rather not, but if there is no other way then c'est la vie	17:36
nijaba	Daviey: why is that? will be in main in karmic	17:37
Daviey	"Tips are not advertisement, but information. No paid services or product can be referred to here, except if an exception is granted during a server community meeting."	17:37
Clusty	VSpike, so you are running backups from a ssh?	17:37
Clusty	and want to be protected against net stops?	17:37
VSpike	Clusty: yes, running a script on the server to backup to NAS using tar/ssh/dd	17:37
Daviey	nijaba: Links to a page that is largely advertisment for Canonical	17:38
VSpike	Clusty: It's a one-off hack at the moment, just to get one backup	17:38
Clusty	VSpike, the right thing to do is to cron the task	17:38
VSpike	Agreed	17:38
Clusty	since anyways you prolly want to do it weekly....	17:38
VSpike	I need to put some logging and error handling in the script and so on	17:38
VSpike	Clusty: quite	17:38
nijaba	Daviey: Well, agreed, the cloud pages are pushing our services around it	17:38
VSpike	this is just a first cut "get a backup" script	17:38
Clusty	VSpike, till then screen is a quick hack	17:38
VSpike	Yep :)	17:39
Clusty	VSpike, there is backup-manager	17:39
VSpike	oh? don't know it	17:39
Clusty	it';s a decent proggie	17:39
Clusty	it supports incremental tars	17:39
Clusty	so i do daily incremental	17:39
Clusty	and weekly full backups	17:39
VSpike	I need that elsewhere	17:39
Clusty	and it autodeletes olb backups	17:39
Clusty	old*	17:39
nijaba	Daviey: http://www.ubuntu.com/products/whatisubuntu/serveredition/cloud/uec would be better, I think. I just need to setup a short url for it :P	17:39
VSpike	Clusty: http://pastebin.com/f6f8f0061	17:40
VSpike	Clusty: ^ current script :)	17:40
Clusty	you're the man :D	17:40
VSpike	The destination is a WD Mybook World Edition with hacks applied to enable ssh access etc	17:40
Clusty	sed-master	17:40
Clusty	:D	17:40
VSpike	heh	17:40
Daviey	nijaba: I'm not happy with using tinyurl.com etc either.. one of the tips has that short url	17:40
Clusty	so any1 can help me with my DHCP issue?	17:41
Clusty	is it even possible?	17:41
nijaba	Daviey: yep, that's not great.	17:41
Daviey	(especially as i heard tinyurl are in difficulty atm)	17:41
nijaba	Daviey: tell me which url and I'll find a way to get a short url on ubuntu.com for it	17:41
Daviey	but it's also a third party that could potentially redirect that url to anywhere.. perhaps RHEL website :)	17:41
VSpike	Clusty / Sam-I-Am : thanks for the help - backup running anew in screen. Gotta dash!	17:42
VSpike	Clusty: will check out backup-manager	17:42
Sam-I-Am	Clusty: as long as the mac addresses are different, dhcp should hand out whatever IPs are configured	17:42
nijaba	Daviey: https://help.ubuntu.com/9.04/serverguide/C/etckeeper.html, I guess	17:43
Clusty	Sam-I-Am, i want to give a certain mac a certain address	17:43
Sam-I-Am	sure	17:43
Sam-I-Am	thats handled on the dhcp server	17:43
Daviey	nijaba: http://tinyurl.com/etckeeper	17:43
Daviey	yeah	17:43
Clusty	Sam-I-Am, any place i can start reading?	17:44
Clusty	Sam-I-Am, the server gives now dynamic to all	17:44
Sam-I-Am	the default dhcpd.conf file includes examples of how to configure a static IP for a MAC	17:44
Daviey	nijaba: Is a redirect from ubuntu.com/$NAME a good long term solution.. i imagine that many more tips will have urls..	17:45
Daviey	struggling to think of something better tbh..	17:45
nijaba	Daviey: I am writing a proposal to our webmaster as we speak. Something like ubuntu.com/go/$name	17:46
Daviey	nijaba: that would make sense, especially if they can create/update urls regulary on demand.	17:46
nijaba	yep	17:47
Daviey	nijaba: It also has the added benefit that a url that is on someones installation can be quickly resolved, if the real link turns bad..	17:48
Clusty	Sam-I-Am, http://pastebin.com/m8bd587f	17:48
Sam-I-Am	thats the example	17:49
Clusty	this is the closest thing	17:49
psi-jack	Okay. So ldapsearch -x -Z works for me, presently, but ldapsearch -x -ZZ fails with just this error: ldap_start_tls: Connect error (-11)	17:49
Sam-I-Am	if you're using dns, you can use the hostname... otherwise, put the IP in there	17:49
Clusty	but how do i tell it i want to give 192.168.0.201 ?	17:49
Sam-I-Am	after fixed-address	17:49
Sam-I-Am	fixed-address <ip>	17:49
Sam-I-Am	psi-jack: does the cert hostname match how you're connecting?	17:50
psi-jack	Hmm. Well I'd thought. but apparently not. I added -h ldap.mydomain.tld and ZZ worked.	17:51
Sam-I-Am	yeah, so you can set that in ldap.conf	17:51
Sam-I-Am	under URI	17:51
* psi-jack nods.		17:51
psi-jack	Got it. Finally working.	17:52
Sam-I-Am	yay	17:52
psi-jack	But, okay, so I wanted to create an SSL cert that was *.mydomain.tld	17:52
psi-jack	And that one, failed, because the cn didn't match.	17:52
Sam-I-Am	that should work fine	17:53
Clusty	Sam-I-Am, thanks. worked	17:53
Sam-I-Am	hmm @ installing slapd on karmic and it not asking me for a default admin password	17:54
psi-jack	Okay, NOW * worked.	17:55
psi-jack	Poifect.	17:56
clusty	hey	18:23
clusty	i am trying to get NIS running	18:23
clusty	unfortunately this nis thing does not start	18:23
clusty	it tries to bind to the yp server	18:24
clusty	and it chokes (after a few attempts)	18:24
clusty	https://help.ubuntu.com/community/SettingUpNISHowTo	18:24
clusty	served as how-to guide	18:25
Sam-I-Am	mathiaz: think i figured out the nssov problem... its compiled with the wrong libdir	18:31
clusty	there seems to be some problem with this: if [ "`ypwhich 2>/dev/null`" != "" ]	18:34
clusty	i cannot do ypwhich	18:35
Sam-I-Am	yp?	18:35
clusty	NIS	18:35
clusty	i am trying to get nis running	18:35
clusty	Sam-I-Am, ypwhich is supposed to tell me the domain name of the NIS	18:36
Sam-I-Am	what uses yp/nis anymore?	18:36
clusty	Sam-I-Am, that would be me :D	18:37
clusty	you know a better way to have centralized user management?	18:37
Sam-I-Am	any uh.. reason?	18:37
Sam-I-Am	try ldap	18:37
clusty	besides ldap	18:37
Sam-I-Am	nis is a dinosaur	18:38
clusty	that feels overkill	18:38
clusty	really?	18:38
Sam-I-Am	its insecure and broken	18:38
clusty	ldap felt complicated	18:38
Sam-I-Am	your other choice is AD heh	18:38
clusty	AD?	18:38
Sam-I-Am	ldap is not bad	18:38
Sam-I-Am	active directory :)	18:38
clusty	is that not some windoze thing?	18:38
Sam-I-Am	it is	18:38
Sam-I-Am	so theres your choices...	18:38
clusty	then billy can go suck a lemon	18:39
clusty	won't promote M$ junk	18:39
Sam-I-Am	ldap or... AD... which is basically microsoftified ldap	18:39
clusty	debian fellas were not very outraged by the idea of having NIS	18:39
clusty	and NIS+ipsec seemed a decently securized variant	18:39
Sam-I-Am	i guess, but openldap is really the way to go	18:40
Sam-I-Am	if nis worked, we'd have documentation for configuring it in ubuntu heh	18:40
clusty	https://help.ubuntu.com/community/SettingUpNISHowTo	18:41
clusty	seems very straight forward	18:41
clusty	if it only did not choke	18:41
Sam-I-Am	https://help.ubuntu.com/9.04/serverguide/C/network-authentication.html	18:43
Sam-I-Am	pretty straightforward	18:43
clusty	Sam-I-Am, yaiks. this is serious work :D	18:46
clusty	compared with nis	18:46
psi-jack	!find pam_ldap.conf	18:49
ubottu	Package/file pam_ldap.conf does not exist in jaunty	18:49
jtimberman	ldap is the way to go for single sign on, as it will work with a lot of other places you might also need authn. I would not bother with NIS.	18:50
nick125	I thought pam_ldap.conf was just a symlink to another file in Debian/Ubuntu...	18:50
psi-jack	Well, if it is, it's not been set properly.	18:51
Sam-I-Am	psi-jack: its just /etc/ldap.conf	18:51
psi-jack	My problem is ldapscripts aren't working.	18:54
psi-jack	ldappasswd, fails, cause it tries to use SASL for some aweful reason, no matter what.	18:54
psi-jack	Even though the ubuntu setup uses -x everywhere I can see.	18:54
psi-jack	Otherwise, authentication is fully functional so far that I can tell.	18:55
dmclain	Anyone here familiar with /etc/sysctl.conf?	19:05
dmclain	Im wondering : Whats the equivalent of kern.maxproc for Ubuntu in /etc/sysctl.conf? I didn't see a default in there for it, but I think I need to set it higher than the default for the box.	19:05
psi-jack	dmclain: sysctl.conf is not different per distributions.	19:07
psi-jack	It's a standard thing.	19:07
dmclain	ah, excellent. Thanks for taking the time :-)	19:07
sbeattie	dmclain: that said, 'sysctl -a \| grep maxproc' doesn't find anything on karmic, so I'm not sure what you're trying to set.	19:09
psi-jack	True that.	19:09
psi-jack	Nothing in /proc for maxproc, either.	19:10
clusty	pffff	19:11
clusty	i love it when the debian guys jump at your juggular	19:11
clusty	i love it when the debian guys jump at your juggular	19:11
clusty	when you mention ubuntu	19:11
clusty	i feel like lining them all and bitchslapping them silly	19:11
psi-jack	clusty: I love it when people complain about debian.. NOT	19:11
clusty	psi-jack, even though my question is more linux rather then distro specific	19:12
psi-jack	clusty: Point?	19:12
clusty	psi-jack, debian ppl are knowledgeable, but damn snobs	19:12
psi-jack	General linux, ##linux	19:12
clusty	most of them	19:12
psi-jack	clusty: Funny. Most Debian people I meet, don't know jack crap.	19:13
clusty	psi-jack, i mean irc ppl	19:13
psi-jack	Most of the time, in fact, they hide behind their ego.	19:13
psi-jack	clusty: So do I.	19:13
clusty	#ubuntu is not very usefull	19:13
clusty	most questions are quite basic	19:13
psi-jack	This is why ##linux exists.	19:14
clusty	and is also insanely large traffic	19:14
clusty	this is best really. cause it'sa bit more customized	19:14
clusty	best of both worlds. ppl know their shitr generally	19:14
clusty	and replies are ubuntu specific	19:15
clusty	such as conf file location ...	19:15
psi-jack	How many questions do you have that are ubuntu-specific that cannot be resolved without being distribution-specific?	19:15
psi-jack	Conf file location /etc	19:15
psi-jack	Simple	19:15
clusty	anyways back to debian, i would rather them be a bit more understanding	19:15
psi-jack	Why do you think Ian Murdock isn't with them anymore?	19:16
psi-jack	Or even supporting them?	19:16
clusty	who is he?	19:16
clusty	sorry for asking :D	19:16
psi-jack	The founder of Debian.	19:16
clusty	i know stallman, which i don't particularilyl like	19:16
clusty	but respect still	19:16
psi-jack	Heh	19:17
psi-jack	I wish there was a TurnKey for just making an authentication box and/or a router box.	19:17
clusty	most starters of trends end up dissociating themselves from their creations	19:17
clusty	psi-jack, there is	19:17
psi-jack	clusty: Erm?	19:17
clusty	there are routing distros	19:17
clusty	like entangle	19:17
psi-jack	Like?	19:17
clusty	or something like that	19:17
psi-jack	Untangle?	19:18
clusty	that one :D	19:18
clusty	might have to cough up some cash if you want really fancy stuff	19:18
clusty	like balancing and smart filters	19:19
clusty	spam	19:19
psi-jack	Bleh	19:19
* psi-jack turns back on Untangle right away.		19:19
psi-jack	Next!	19:19
clusty	:D	19:19
psi-jack	Hell, eBox is better	19:19
clusty	it's fine	19:20
clusty	only antivir/load balance are paid	19:20
psi-jack	Yeah, which are standard Linux features.	19:20
clusty	load balanciong is hard	19:21
clusty	you cna always implement it yourself	19:21
clusty	but you loose the fancy GUI thing	19:21
clusty	or whatever	19:21
psi-jack	Hmm. Dunno.. So far it looks okay.. Without the load balancing part, it has QoS	19:22
psi-jack	And tailored QoS at that, not just basics like wondershaper gives	19:22
psi-jack	It's Debian-based I see?	19:24
psi-jack	Might toss this on my spare server to test it out, so I have a backup router just in case.	19:26
psi-jack	Still wondering how in the frack they do it under Windows.	19:27
clusty	psi-jack, it's debian i guess	19:27
clusty	psi-jack, you could actually install a package at some point	19:27
clusty	on top of an ubuntu	19:27
psi-jack	Using apt?	19:28
clusty	yes	19:28
clusty	but when i tried it failed	19:28
clusty	actually i never got the thing running	19:28
psi-jack	Oh nice!	19:28
clusty	cause i did nto want to dedicate a box for just routing	19:28
psi-jack	I already do.	19:28
psi-jack	routing, mail, and dns cachine.,	19:28
clusty	i will suggest the big chief buys a new box	19:28
psi-jack	caching	19:28
clusty	i did not do cahceing just yet	19:29
clusty	i am fighting with getting dns working for local pc-s	19:29
psi-jack	dns caching, not web caching.	19:29
clusty	i know	19:29
clusty	dnsmasq	19:29
clusty	or how is it called	19:29
psi-jack	No, bind.	19:29
giovani	bind is incredible bloat for a dns cache	19:29
clusty	i failed yesterday getting bind to like my local pc-s	19:29
clusty	i postponed the task for now	19:30
clusty	and wanna get central user management	19:30
clusty	guess there is not way around it	19:30
clusty	but using ldap	19:30
psi-jack	What I reaaaaly want, though, is a turnkey like this, for just authentication.	19:30
psi-jack	Like you just said, central user management.	19:30
clusty	i never set up such a thing, so it's a learnign 3experience	19:31
KillMeNow	i reaaaaally want Telekinesis and Omnipotence but that's not gonna happen anytime soon	19:31
clusty	i am a self taught sys admin	19:31
clusty	:D	19:31
psi-jack	It's a pain in the arse.	19:31
clusty	wonder are there ppl actually learning linux in school?	19:31
psi-jack	clusty: So am I, since before Linux 1.0.0 was released, I've been using Linux.	19:31
clusty	besides taking certifications	19:31
psi-jack	I've 0 certifications.	19:31
psi-jack	Just a lot of hands-on experience and know-how.	19:32
clusty	i sinstalled linux in 5th grade first D:	19:32
clusty	that was like 15 years ago	19:32
clusty	was damn strange toy, i did not know what it was good for	19:32
giovani	15 years ago, linux 1.0 hadn't been released	19:32
clusty	think it was first slackware	19:32
clusty	10 years	19:33
clusty	not 15	19:33
clusty	what is linux 1.0?	19:33
clusty	some homebew thing before distro concept?	19:33
clusty	:D	19:33
giovani	...	19:33
giovani	the kernel version	19:33
clusty	ohh	19:34
clusty	holly molly	19:34
clusty	what about first slackware?	19:34
clusty	what kernel did that have?	19:34
clusty	lemme look	19:34
giovani	probably slightly before that	19:34
clusty	had the most god awful WM :D	19:35
clusty	anyways i started using linux full time in university	19:35
clusty	and that was debian	19:35
giovani	slackware 1?	19:36
giovani	highly doubt there was a window manager :)	19:36
clusty	there was a horrid TWM-like thing	19:36
clusty	can hardly call it WM :D	19:36
clusty	slackware 1 came in 1992	19:37
clusty	twm came in 1987	19:37
clusty	or so wiki says	19:38
=== jdstrand_ is now known as jdstrand
psi-jack	Hmmm. I might look into zeroshell.	19:42
clusty	psi-jack, that is cool i hear	19:52
clusty	psi-jack, a lot of people are doing mlppp with it	19:53
psi-jack	mlppp?	19:53
clusty	psi-jack, multi link ppp	19:53
psi-jack	Ewww	19:53
clusty	psi-jack, you basically bind multiple DSL lines	19:53
clusty	awesome	19:53
clusty	:D	19:53
clusty	for a multitude of reasons:	19:53
psi-jack	sadism?	19:53
psi-jack	:p	19:53
clusty	1 you get all the transfer rate in 1 conection	19:53
clusty	2 you bypass DPI	19:54
clusty	in canada all DSL is screwed	19:54
clusty	all DSL traffic is throtelled	19:54
clusty	no torrents, no encrypted stuff	19:54
clusty	psi-jack, i am having ldap trouble	19:55
clusty	following this guide: https://help.ubuntu.com/9.04/serverguide/C/openldap-server.html	19:55
giovani	in canada, dsl owns you!	19:55
clusty	giovani, yeap.the EWUL bell is choking the life of the net	19:55
giovani	clusty: I don't know what "no encrypted stuff" means -- I assure you the major candian isps don't block ssl	19:55
clusty	they dont block	19:55
clusty	here is deal:	19:56
clusty	80% of dsl goes through bell infrastructure	19:56
clusty	bell is slowing down every1 cause they claim their netowrk cant do full speed	19:56
clusty	so whatever DPI can't figure out it assumes it's not legitimate traffic	19:56
clusty	all SSL=torrents	19:57
clusty	in their mind	19:57
giovani	I don't believe that	19:57
giovani	it's easy enough to test	19:57
giovani	find an ssl webserver and do a speed test on it	19:57
clusty	i did test	19:58
clusty	there is a big fuss now about it	19:58
clusty	i mean ppl going to ottawa and screaming BELL GO HOME :D	19:58
clusty	anyways, i installed ldap set the admin password, but when i do a ldapsearch the thing rejects credentials	19:59
KillMeNow	which is why i'm praying that Net Neutrality laws come to life here in the US	20:00
giovani	clusty: probably doing the wrong auth, etc	20:00
clusty	giovani, me, the good little tool is doing copy paste from site	20:00
giovani	clusty: sasl or simple?	20:00
clusty	giovani, not clue what that is :D	20:01
clusty	ldapsearch -xLLL -b cn=config -D cn=admin,cn=config -W olcDatabase={1}hdb	20:01
giovani	time to read more about ldap then	20:01
clusty	is what i am doing	20:01
clusty	giovani, so yes, that is sassl :D	20:06
mookatt	hi everyone, looking for advice --- i'm very much in need of generating pdf's of internal webpages on my dapper server and I can do this with firefox+commandline print extension. I need gtk+ toolkit however. How big of an issue is it to have gtk+ on my server? Obviously it's overhead not needed and may present security issues, but I'm not seasoned enough to know exactly what caveats will creep up	20:09
Claw6	anybody may can help me with mysqldump ?	20:11
Claw6	i run it but nothing seems to happen	20:12
mookatt	what do you need to know?	20:12
Claw6	may im doing something wrong	20:12
mookatt	what command did you run?	20:12
Claw6	mysql -u root -p -h localhost db260642497 < dumpDB_.sql	20:12
Claw6	where will it be saved to ?	20:12
mookatt	try mysql -u root -p -h localhost db > dump.sql	20:13
mookatt	> instead of <	20:13
Claw6	mh... seems processing	20:15
Claw6	well i just copied that commandline from a website	20:16
Claw6	did not recognized that < was the wrong way	20:16
mookatt	the < typically means to read that file as input and the > means to put the result of the command to a file	20:17
mookatt	man mysqldump	20:17
KillMeNow	you can also "stream" in a sql dump file from within the mysql command line, just FYI	20:18
Claw6	where will the dumpDB_.sql will be stored to ?	20:18
Claw6	im realy new to unix	20:18
KillMeNow	in the directory you ran the mysqldump command	20:18
KillMeNow	if you don't explicitly state the path	20:18
KillMeNow	so if you're in /tmp	20:19
KillMeNow	and run mysqldump -u root -p --database > DBsql.sql	20:19
KillMeNow	you should find a DBsql.sql file in the /tmp dir	20:19
mookatt	anybody have any opinions on installing gtk+ toolkit on a dapper server?	20:20
clusty	well gonna run home. hopefully electricity is back up	20:21
Claw6	KillMeNow nope it does not appear there	20:24
Claw6	or its not even created	20:24
Claw6	should i get a echo out when its done?	20:25
KillMeNow	don't think so, don't remember getting one in the past	20:25
KillMeNow	ls -la	20:25
KillMeNow	mysqldump -u[user] -p[password] [databasename] > dumpfile.sql	20:26
KillMeNow	that is the command you should run	20:27
KillMeNow	you can do it like this: mysqldump -u[user] -p[password] [databasename] > /path/to/dumpfile.sql	20:27
KillMeNow	if you want to explicitly state the path the archive should be dumped to	20:27
KillMeNow	if you leave the -p blank, it should prompt you for a password	20:28
=== genii_ is now known as genii
uvirtbot	New bug: #415559 in freeradius (universe) "Unable to open file "/etc/freeradius/sql/mysql/dialup.conf": No such file or directory" [Undecided,New] https://launchpad.net/bugs/415559	20:30
Claw6	well after importing the db (it should overwrite an existing one) do i have to restart mysql or anything like that ?	20:33
KillMeNow	nope... shouldn't need to	20:33
KillMeNow	however, if you accidentally imported a blank file, i think that may bork your old database	20:34
KillMeNow	I know I've accidentally taken a empty .sql DB backup before and over wrote the DB i was trying to backup	20:34
KillMeNow	thankfully i did have good backups stored elsewhere	20:35
uvirtbot	New bug: #412059 in vtun (universe) "MIR for vtun" [Undecided,New] https://launchpad.net/bugs/412059	20:51
psi-jack	Hmmm	23:00
psi-jack	Well, I'd tried zeroshell, and was not impressed.. At all.	23:00
psi-jack	Now, what I seriously would like, is like a distribution or "appliance" that uses gosa.	23:01
psi-jack	That... Would be utterly sweet.	23:01
Djannakhan	Hi,	23:05
Djannakhan	I've a issue with locale on a fresh new ubuntu server 9.04 install	23:06
Djannakhan	http://pastebin.ca/1534376	23:06
Djannakhan	dpkg-reconfigure locales won't solve the issue	23:06
Djannakhan	(it gave the same issue)	23:06
sub	Djannakhan: Try installing the language pack - sudo apt-get install language-pack-en	23:08
Djannakhan	sub: it's allready installed (i've just run the command)	23:09
Djannakhan	http://pastebin.ca/1534383	23:10
Djannakhan	I still got the warning	23:10
Djannakhan	strange this file : /var/lib/locales/supported.d/local does not exists on this server, while on other servers, it exists	23:11
sub	Ah hmm, have you tried manually running locale-gen ?	23:13
sub	I believe it's what's actually responsible for populating that directory/file	23:14
Djannakhan	sub: yes I did and it didn't change anything	23:15
Djannakhan	sub: I'll retry just now, as i've reinstalled the system this afternoon	23:16
Djannakhan	sub: still no change	23:16
Djannakhan	same warning on 'locale' command	23:16
sub	I don't know, I'd say you could try local-gen --purge but I'm not sure if that will really fix anything or somehow make it worse. You lost me =)	23:19
Djannakhan	;)	23:20
Djannakhan	don't solve the problem either	23:21
Djannakhan	but what's strange is that en_US.ISO-8859-15 is not regenerated	23:21
Djannakhan	could this be the problem ? if I change the system local to en_US.ISO-8859-1, which is generated?	23:21
Djannakhan	Yes !	23:24
Djannakhan	I've changed to en_US.ISO-8859-1, then sudo dpkg-reconfigure locales, 'locales' command still show the issue, but after a reboot it's gone !	23:25
uvirtbot	New bug: #415627 in mysql-dfsg-5.1 (main) "mysql-server + akonadi-server = conflict" [Undecided,New] https://launchpad.net/bugs/415627	23:26
sub	excellent	23:28

Generated by irclog2html.py 2.7 by Marius Gedminas - find it at mg.pov.lt!