[02:12] <clusty> hey. i am having some trouble getting LDAP based auth to work. i installed and imported data in the ldap server, installed on the client ldap-nss
[02:12] <clusty> and configured it to the bets of my knowledge, but getend still does not give out any new entries
[02:13] <clusty> how can I check if it's a server issue or a client conf issue?
[02:13] <clusty> rather stuck i gotta say :(
[02:31] <LiraNuna> is there a way to run apache2 with mod_chroot and provide it to what user to drop privilidges to per vhost?
[02:31] <twb> clusty: you must use auth-client-config to enable the lac_example template
[02:32] <clusty> twb, would you please tell me how to do it? :D
[02:32] <twb> No.
[02:32] <twb> You need to work from hints because I am too busy to hold your hand.  Sorry.
[02:41] <clusty> twb, that profice does not exist
[02:41] <clusty> twb, only: 'ldap_example', 'lac_ldap'
[02:41] <clusty> that seems related
[02:41] <twb> clusty: I can't remember which
[02:42] <clusty> twb, if i enable both?
[02:51] <qman__> how do I disable the automatic installation of 'recommended' packages? I can't seem to find what I'm looking for on google
[02:53] <qman__> I have a package that wants to install X and a ton of deps, and I don't think it needs them
[02:56] <qman__> figured it out, it actually does depend on X
[03:02] <ScottK> kirkland: I think now I know better than to rely on packages.qa.debian.org for Ubuntu status of a package.  Sorry for the trouble.
[03:04] <twb> They're m
[03:04] <twb> Bleh, network problems here
[03:05] <twb> qman__: disable it in aptitude?
[03:28] <clusty> twb, i got the two parts to talk to each other nicely (including PAM). now i got the problem that the passwords in the LDAP db are bad (all set to {crypt}x)
[03:28] <clusty> if i remember correctly those are not good for logging in
[03:29] <twb> clusty: there's a filthy hack in /etc/passwd
[03:29] <twb> clusty: if the hash isn't valid, then there are no passwords which will match it
[03:29] <clusty> any clue how can i replace the passwd info from LDAP with the right stuff from /etc/passwd?
[03:29] <twb> clusty: I would not advise following that hack in LDAP
[03:29] <clusty> twb, what would you suggest i do?
[03:30] <twb> Lock the account with the appropriate attribute
[03:30] <twb> I don't remember which it is offhand
[03:30] <clusty> twb, no no. i want accounts to be loggable. the import ldiff file must have been bad
[03:31] <clusty> ldiff was generated by migrationtools
[03:31] <twb> Shrug
[03:31] <clusty> i want all in LDAP to actyually be able to log in
[03:31] <twb> I haven't had to migrate users, so I don't know
[03:31] <twb> Oh, I see what happened
[03:31] <twb> In passwd, if the password is x it's because you're using shadow passwords
[03:31] <twb> You need to teach migrationtools to get the password from /etc/shadow
[03:32] <clusty> ohhhh gosh
[03:32] <clusty> so i shoul dbe able to log in with x D:?
[03:32] <twb> It's probably just a CLI option
[03:32] <twb> clusty: no, not at all.
[03:32] <twb> clusty: in /etc/passwd, x has special meaning.  It doesn't in LDAP AFAIK.
[03:32] <clusty> got it. lemme look at migran tools
[03:33] <twb> x is a hack because passwd is a file and you can't restrict read access to individual fields in a file, like you can in LDAP.  Hence /etc/shadw.
[03:33] <clusty> twb, but you would not know how I can replace the stuff ?
[03:33] <twb> clusty: no
[03:33] <twb> Rather: I do not know.
[03:33] <clusty> thanks a bunch
[11:23] <\sh> hmm...why don't we have in our heartbeat package the iscsi resource.d script? looks like it's gone missing or was never there
[11:24] <ivoks> which version?
[11:24] <ivoks> in karmic heartbeat is just a part of pacemaker
[11:24] <\sh> ivoks: jaunty heartbeat 2.1.4-2
[11:25] <\sh> dpkg -L heartbeat|grep resource.d -> no iscsi resource script ;)
[11:25] <\sh> oh wait
[11:26] <\sh> it's in /usr/lib/ocf/resource.d/ not in /etc/ha.d/resource.d
[11:34] <\sh> ivoks: do you think that this ocf powered shell script can be used in a heartbeat 1 haresource configuration?
[11:35] <ivoks> don't know :/
[11:44] <a_ok> why do i get these errors from /etc/cron.daily/apt: No value set for `/system/http_proxy/use_http_proxy'
[11:45] <cjwatson> soren: where would be a good place on the filesystem to put the node preseed file generated at cluster installation time?
[11:45] <mattt> anyone here using LDAP to authenticate system users?
[12:07] <a_ok> how can I see what package pulled in gconf2?
[12:11] <alvin_> a_ok: aptitude why gconf2
[12:13] <a_ok> alvin_: thank you
[12:21] <soren> cjwatson: hmm.. Does it have any information that the user might want to edit?
[12:24] <cjwatson> it's possible, yes
[12:25] <soren> cjwatson: In that case, I think I'd stick it in /etc/eucalyptus somewhere.
[12:26] <cjwatson> ok
[12:26] <cjwatson> /etc/eucalyptus/node-preseed.cfg?
[12:26] <soren> cjwatson: Sounds good.
[12:26] <cjwatson> or I suppose .conf is more in line with everything else there
[12:28] <cjwatson> I was then planning to add a <Location/> section to httpd-cc.conf to make /node.preseed point to that
[12:29] <soren> I was thinking of using an Alias, but that's just a matter of style.
[13:00] <cjwatson> soren: yeah, I realised that Alias was better myself, and then came back and read your comment :)
[13:00] <cjwatson> soren: lp:~cjwatson/eucalyptus/installer ?
[13:03] <stefan___> n
[13:06] <soren> cjwatson: Sorry, I'm sorting out a trainwreck that demands my full concentration. Give me 20 minutes.
[13:11] <soren> cjwatson: Looks good (I had a spare few minutes waiting for a build to complete).
[13:12] <soren> cjwatson: Feel free to upload. It will ftbfs, though, due to aforementioned trainwreck.
[13:16] <cjwatson> soren: ok. not tested at all anyway. I'm still working on some of the preseeding details
[13:35] <cjwatson> soren: I've done the bit to stick the cluster's public key on each node. I think the last major remaining bit is the code to discover avahi-advertised nodes
[13:35] <cjwatson> soren: any thoughts on the interface? euca_conf --register-nodes already exists - maybe if it's given no nodes it should fall back to avahi? or should it be a different option?
[13:41] <rtg_> kirkland, are there any userspace packages that take advantage of KSM yet? I'm considering ripping it out completely.
[13:46] <cjwatson> soren: (this is all for when you have a moment) I'm having real difficulty setting up a proper test environment for this, though. I only really have one kvm-capable machine and it's a bit low on memory, so setting up VMs takes ages. I heard you have a nice quick server-testing setup ...?
[13:46] <soren> rtg_: kvm does.
[13:46] <mattt> trying to understand if libpam-ldap is actually required to authenticate ALL logins against LDAP
[13:46] <rtg_> soren, did ti work OK with -rc6 ?
[13:46] <soren> rtg_: It's hard to tell.
[13:46] <garymc> anyone know how I could in stall xlite softphone?
[13:47] <soren> rtg_: I don't know how to tell (other than loading up a bunch of identical VMs and see how it affects the total memory usage.
[13:47] <soren> cjwatson: I do. It won't work for this, though.
[13:47] <soren> cjwatson: How about euca_conf --discover-nodes?
[13:47] <rtg_> soren, ok, perhaps I'll restore KSM to the way it was for -rc6
[13:48] <soren> rtg_: I'm curious how it manages to break encrypted swap.
[13:48] <garymc> ive tried sudo apt-get install x-lite
[13:49] <cjwatson> soren: oh, are your VMs not bridged or something?
[13:49] <rtg_> soren, its too deep for me to figure out in a short while, but the KSM stuff reaches into the VM, so it seems likely.
[13:49] <cjwatson> soren: --discover-nodes would be OK
[13:50] <soren> cjwatson: They are, but the server-testing setup won't help you. It's just good for testing a whole bunch of installs really quickly.
[13:51] <soren> rtg_: I'm just surprised encrypted swap breaks, but regular swap doesn't, /because/ it's in the VM layer. I would have thought the vm layer was agnostic as to whether or not the underlying swap device was encrypted or not.
[13:51] <cjwatson> soren: well, maybe I didn't mean the actual server-testing setup, I was wondering if you had machines beefy enough to be able to test this stuff before the heat death of the universe
[13:52] <soren> cjwatson: I suppose I do.
[13:52] <soren> cjwatson: They're just busy building stuff for me these days.
[13:53] <cjwatson> I'll see what I can do, but I've tended to end up doing yak-shaving to try to cobble together enough disk space and such when I've tried ...
[13:53] <soren> cjwatson: I don't actually need the vm extensions to do the install, I suppose, so if you have other hardware for testing, you can just use that?
[13:54] <soren> cjwatson: Err... "/You/ don't actually need" etc.
[13:54] <cjwatson> not very conveniently :-( I keep having too much to do to maintain the computers around here properly ...
[13:54] <cjwatson> I'll see what I can do but don't hold out a lot of hope just noww
[13:54] <soren> Alright.
[13:55] <cjwatson> hmm, the iMac over <- there has the VM extensions, that might help
[14:03] <a_ok> i have a jaunty server that is verry slow at establishing incomming connections but only from an external source. listing arp is very slow aswel. what could be wrong here?
[14:04] <a_ok> once connection is established its fast though
[14:07] <cjwatson> a_ok: usually slow or broken reverse DNS
[14:08] <a_ok> cjwatson: but it uses the same DNS server etc as the rest
[14:08] <cjwatson> just a guess to point you in the right direction, afraid I don't have time to dig into details
[14:08] <a_ok> cjwatson: besides arp -a should still show entries almost on the fly regardless of dns
[14:09] <soren> a_ok: No.
[14:09] <soren> a_ok: arp also tries to resolve IP addresses to host names.
[14:09] <a_ok> soren: ?
[14:09] <soren> a_ok: Try: arp a-n
[14:09] <soren> Err..
[14:09] <soren> arp -an
[14:10] <soren> -n tells arp to not attempt DNS resolution.
[14:10] <a_ok> ahh
[14:11] <a_ok> brb
[14:13] <ewook> a_ok: is it running apache?
[14:13] <ewook> lol
[14:14] <ewook> oh, wrong person.
[14:14] <ewook> a_ok: disable the lookup in apache and it will run faster.
[14:15] <alvin_> What's the alternative for XDMCP nowadays?
[14:16] <a_ok> ewook: nope tomcat, ssh, mysql
[14:17] <ewook> well, is tomcat doing lookups on connections?
[14:17] <a_ok> ewook: don't know but will check if arp -an is fast in a min
[14:18] <henkjan> alvin_: http://en.wikipedia.org/wiki/NX_technology
[14:20] <alvin_> NX is cool. (I'm using it already), but I'm really looking for (more or less) the same functionality as XDMCP. Give multiple users a desktop environment. Server and clients are Ubuntu.
[14:22] <alvin_> We're migrating from Solaris CDE desktops to Linux KDE. People are used to XDMCP, but I've noticed  it's hard to set it up on Ubuntu Server.
[14:24] <henkjan> alvin_: check the ltsp-server project
[14:26] <soren> alvin_: Really? I find it extremely straightforward.
[14:28] <alvin_> henkjan: ltsp is another cool project, but we will not be using diskless clients. (A mix of Ubuntu clients (well, X servers...) and Exceed on Windows)
[14:28] <soren> alvin_: Find the [xdmcp] section in your gdm.conf. Add "enable=true". Done.
[14:29] <soren> alvin_: What's the problem you're running into?
[14:30] <alvin_> soren: Well, there are several. We're not using gdm, but kdm (Kubuntu) or just X. I'd like to be able to use something like 'exec X -indirect {name-of-server}'
[14:30] <soren> alvin_: I don't know how kdm does it. If it helps, you can easily use gdm even though the desktop session will run KDE.
[14:31] <VirtualDisaster> alvin_, freeNX?
[14:31] <VirtualDisaster> sounds better imo
[14:32] <alvin_> VirtualDisaster: NX is not an option. They suffer from a bug which crashes TK windows. Some of our software is TK based.
[14:32] <alvin_> Thanks soren. I'll do a few tests
[14:33] <VirtualDisaster> alvin_, oic, well good luck
[14:33] <ScottK> alvin_: You might ask Riddell in #kubuntu-devel.  I think he knows about such stuff too.
[14:33] <VirtualDisaster> alvin_, btw thx for mentioning Exceed, never heard of it before
[14:34] <alvin_> ScottK: Thanks, I will
[14:34] <alvin_> VirtualDisaster: Well, it's costly, but has a lot of functions and works very good
[14:35] <VirtualDisaster> yeah
[14:43] <a_ok> alvin_: so how do I fix reverse dns stuff?
[14:44] <a_ok> its just a test machine in a localnetwork so no need for DNS stuff at all
[14:45] <henkjan> alvin_: ssh -X also works great
[14:48] <alvin_> henkjan: yes, but only for single applications. I really want a full desktop (even dual screen)
[14:49] <alvin_> In the meantime, it works. I was forgotten that I had these problems before: (Bug 86021)
[14:57] <garymc> when i ssh to my other server connected to my ethernet switch, how do i bring up a terminal window for that server? im in ubuntu 9.04 LTSP
[15:05] <garymc> nevermind done it
[15:08] <hattoricaca1> hello i have a firewall with filter policy DROP on INPUT and FORWARD. Would i do better dropping in PREROUTING-nat? (as the packets don't have to travel all prerouting, conntrack, routing and most of the input/forward chains to be discarded)
[15:23] <aubre> is there some more definitive guidance on how to set up Eucalyptus on jaunty? The community Eucalyptus documentation leaves me with a lot of questions.
[15:29] <giovani> by "the community documentation" do you mean help.ubuntu.com?
[15:29] <giovani> aubre: *
[15:33] <aubre> giovani: yes
[15:34] <aubre> I think I need to step back , reinstall and follow the instructions more closely
[16:06] <BrixSat_> Hello how can i view the spent resources of a process?
[16:32] <clusty> BrixSat_, like ram/cputime... ?
[16:43] <BrixSat_> clusty yes
[16:43] <clusty> BrixSat_, i use htop for that
[16:43] <clusty> you have to install it
[16:44] <clusty> top is an ugly version
[16:45] <BrixSat_> ok ;)
[16:46] <BrixSat_> do yo know any free shell?
[16:48] <monteith> my connection to proftpd times out/fails to retrieve a directory listing while trying to connect
[16:48] <monteith> anybody know what config setting i likely missed?
[16:51] <monteith> Aug 27 15:41:31 fiveunder proftpd[8104] fiveunder (c-24-118-215-40.hsd1.mn.comca                                                                                                                               st.net[::ffff:24.118.215.40]): Passive data transfer failed, possibly due to net                                                                                                                               work issues
[17:00] <clusty> hey
[17:00] <clusty> is there some guide how to get NFS homes working?
[17:03] <sgsax> clusty: many ways to do that
[17:03] <sgsax> we use the automount daemon
[17:04] <clusty> sgsax, so i just managed to get auth working with ldap
[17:04] <sgsax> congrats, that can be a pain
[17:04] <clusty> sgsax, is it that the mount is a post-auth step and unmount is delog?
[17:04] <clusty> or the mounts are persistent?
[17:05] <sgsax> amd leaves the share mounted for a period after it is no longer needed, I don't know for sure what the timeout is
[17:06] <sgsax> honestly, this was setup before I got here, so I don't know what the reasoning was insted of just nfs-mounting /home directly
[17:07] <clusty> sgsax, ok. lemme set the server to export the /home and test by hand. will come back with questions after that :D
[17:07] <sgsax> sure, that's easy enough :)
[17:08] <sgsax> you can skip amd by just adding the nfs mountpoint in your /etc/fstab
[17:09] <clusty> do i need to worry about permissions over nfs?
[17:09] <sgsax> nope, they are carried forward
[17:10] <sgsax> uids/gids are looked up in ldap
[17:10] <clusty> great
[17:21] <clusty> sgsax, you have any suggestion for rsize and wsize or however that stuff is called?
[17:29] <sgsax> clusty: nope, I don't set those values, so it's using whatever the default is
[17:30] <clusty> sgsax, hard or soft mount?
[17:31] <sgsax> I think hard is the default
[17:31] <sgsax> I don't specify this either
[17:36] <clusty> sgsax, is there any advantage to have automount do it's thing?
[17:36] <giovani> aubre: the instructions seem very adaquate to me -- they're for getting it installed, they're not meant to be a howto on how to use it in general -- the official project docs are for that
[17:37] <aubre> giovani: I'm making progress now, thanks
[17:37] <aubre> I may raise some bugs later though
[17:37] <sgsax> like I said, I don't know what the justification was for going that route
[17:50] <chmac> Ubuntu 8.04. Jobs created through `crontab -e` work for my user, but jobs created via `sudo crontab -e` are not being run. Any suggestions on how to debug?
[17:53] <Oracle11g> good day guys...
[17:55] <Oracle11g> I have a question on partitioning... is advisable install swap space in the lower cylinders?
[17:55] <chmac> Hola Oracle11g
[17:55] <Oracle11g> hola chmac :)
[17:56] <chmac> Oracle11g: Do you have a single disk?
[17:56] <Oracle11g> chmac: theoretically, yes :P
[17:56] <chmac> Oracle11g: :-)
[17:57] <chmac> Oracle11g: Personally, I would lay out my disk in a nice fashion orderly fashion purely for recovery purposes, etc
[17:57] <chmac> Oracle11g: I think seek times are based on where the read head is now and where it needs to get to, so the start or the end of the disk probably isn't any quicker
[17:58] <chmac> Oracle11g: Statistically, the centre of the disk is probably the fastest to access, it's only ever 50% away from the head, whereas one edge could be 100% from the head
[17:59] <chmac> Oracle11g: Know anything about debugging cron? root's crontab is not being called on my server for some reason :-(
[18:00] <Oracle11g> sorry chmac I don't know about debugging cron :(
[18:01] <Oracle11g> chmac: I don't remember where I read about is a good experience install swap and /var in the partitions that could be the edge of the disk
[18:05] <jmedina> chmac: probably it is about env varibables
[18:05] <jmedina> I remember there is a option for sudoers or something...
[18:07] <chmac> jmedina: Ok, thanks, I'll do some searching
[18:07] <jmedina> chmac: are the cron entry actually written ?
[18:07] <jmedina> try sudo crontab -l
[18:08] <chmac> jmedina: Yeah, it's being written ok, or at least read back by crontab -l
[18:08] <jmedina> chmac: chec your logs
[18:09] <chmac> jmedina: Good thinking :-)
[18:09] <jmedina> chmac: you need to comment out the line
[18:09] <jmedina> #cron.*                         /var/log/cron.log
[18:09] <jmedina> from /etc/syslog.conf and restart sysklogd and then check your log :)
[18:10] <chmac> Hmm, I see "User account has expired" in the logs
[18:10] <chmac> Looks like because the root account is disabled, cron won't run it's tasks
[18:14] <chmac> Logs, logs, logs, always a good place to start. :-)
[18:18] <chmac> Turns out the workaround is `sudo passwd --unlock root` then `sudo usermod --lock root` :-)
[18:33] <philsturgeon> hey guys. im no linux noob i have just completly forgotten how to go about this. my server has no network connection after a period of inactivity. how to even start debugging?
[18:33] <philsturgeon> my inactivity, i mean i havent fired it up in a few months, now it doesnt work
[18:33] <chmac> philsturgeon: Can you connect to the machine in another way?
[18:34] <chmac> philsturgeon: Are you physically in front of it?
[18:34] <philsturgeon> yes
[18:34] <chmac> philsturgeon: I'd start with `sudo /etc/init.d/network restart`
[18:34] <philsturgeon> got a monitor and keyboard
[18:34] <chmac> philsturgeon: Run that command without the back ticks :-)
[18:36] <Linaxys> hey I'm trying to install ubuntuserver on my new server, it's the first time I install a server, my harddisks are detected in RAID, and when I'm at the partitions table screen setup, I see no partition table at all, I can't install...
[18:36] <Linaxys> has anyone got an idea please ?
[18:36] <Linaxys> when I use fdisk, it detects my hard drive :/
[18:36] <clusty> Linaxys, hardware raid?
[18:36] <philsturgeon> chmac: still no luck
[18:36] <chmac> Linaxys: Does fdisk show any partitions?
[18:36] <philsturgeon> chmac: no
[18:36] <chmac> philsturgeon: sudo ifconfig eth0
[18:36] <philsturgeon> chmac: No DHCPOFFERS recieved
[18:37] <Linaxys> chmac, it shows the hard disk, but I was able to create a new partition inside it with "n" and save with "w"
[18:37] <chmac> philsturgeon: Is your server configured to get an IP address dynamically?
[18:37] <Linaxys> clusty, I think yes, it's hardware raid
[18:37] <philsturgeon> should do
[18:37] <Linaxys> clusty, I'm not sure how to enable/disable it in the bios
[18:37] <chmac> Linaxys: When you go through the installer, can you create partitions as part of the setup process?
[18:37] <philsturgeon> chmac: eth0 shows results
[18:37] <chmac> philsturgeon: sudo ifconfig
[18:37] <clusty> Linaxys, well you are tryign to install/boot from the raid?
[18:38] <philsturgeon> chmac: only eth0 and lo
[18:38] <Linaxys> chmac, I really can't at all, it says like "Help for partition setup" "[white space]" "Cancel every partitions modifications", "Back"
[18:38] <clusty> Linaxys, if yes, you need to init the raid ARRAY before you start installation
[18:38] <Linaxys> clusty, I don't really know, I'm a pure newbie with servers and raids...
[18:38] <clusty> Linaxys, ok. tell me how you know it's a raid? :D
[18:38] <chmac> Linaxys: Sounds like clusty can help, I'm out of my depth with raid stuff :-)
[18:38] <Linaxys> hmm, something that handles the hard disk and prevent it from crashing ?
[18:39] <clusty> Linaxys, no no. not what is a raid. how do you know your disks are in raid now?
[18:39] <chmac> philsturgeon: The error message suggests to me that eth0 is trying to get an IP dynamically
[18:39] <Linaxys> aaaah
[18:39] <chmac> philsturgeon: Does it show the IP via sudo ifconfig eth0 ? If not, you could set it manually
[18:39] <Linaxys> yeah because I saw in my config my hard disks are in raid, and the setup always asks me something about raid
[18:39] <philsturgeon> chmac: my bad dude its a physical networking issue
[18:39] <clusty> Linaxys, using intel matrix storage by any chance?
[18:39] <Linaxys> hmmm, I've never seen that, but my serverboard and cpu are both intel
[18:40] <Linaxys> gonna check it out in the bios
[18:40] <clusty> Linaxys, where are your HDD's plugged in?
[18:40] <clusty> in the mobo or in some funny extra card?>
[18:40] <Linaxys> i don't know exactly, I've checked that out, I haven't seen a SATA plug into the mainboard
[18:40] <Linaxys> but maybe it's some funny extra card
[18:41] <clusty> when you boot the PC what do you see? any mentions of stuff like: "Loading BIOS" press alt+i or whatever toi enter RAID BIOS ?
[18:41] <Linaxys> I try that
[18:46] <Linaxys> so, in the bios config, SATA Mode, I see : Enhanced, Compatibility, Ahci, SW RAID
[18:47] <Linaxys> should I use SW RAID ? When I use Enhanced, I see my hard disk in the bios config list, I see it two times, same name, same space :/
[18:47] <clusty> Linaxys, is it some ASUS type of mobo?
[18:48] <Linaxys> hmm, I think it's Intel
[18:48] <Linaxys> completely intel, it show the "Intel Serverboard" logo on the boot, I see no other ASUS
[18:50] <clusty> i am a bit lost. did you configure the type of raid?
[18:50] <clusty> Linaxys, like RAID 0,1,5,10 ?
[18:50] <clusty> the RAID scheme to use
[18:51] <Linaxys> hmm I haven't touched anything once I received the server
[18:51] <Linaxys> it was plugged, ready..
[18:51] <Linaxys> soo, do I have to unplug the hard drive ? which RAID mode should I use ?
[18:52] <ScottK> If it's SW RAID, then it needs a 'driver'.  Consult Google to see if one exists (or might be in the Linux kernel already)
[18:52] <ScottK> If you don't find one, SW RAID is definitely not what you want.
[18:53] <clusty> well worse case worst you can use MD
[18:53] <clusty> that is the linux soft raid thing
[18:53] <clusty> but that will probably suck for a lot of reasons
[18:53] <deathtech> Hello All
[18:54] <deathtech> Were looking to possibly implement a linux based solution ( LTSP ) as a terminal server. I have been tasked with finding out the best software packages to use for linux that would allow us to manage the systems at an enterprise level
[18:54] <deathtech> Patching, security, remote usage, reporting, etc
[18:55] <pmatulis> deathtech: begin here -> https://help.ubuntu.com/community/UbuntuLTSP/
[18:55] <deathtech> Landscape appears to do something similar to this, but i was wondering if there are alternative s?
[18:55] <deathtech> yes, the LTSP part i have done, its just "Ok , it works great. Now how do we manage 1500 of them ?"
[18:56] <pmatulis> 1500 LTSP servers?
[18:56] <stefg> deathtech: you mean load balancing?
[18:59] <pmatulis> kirkland: do you have much experience in converting from vmdk to quemu disk formats?
[18:59] <kirkland> pmatulis: sorry, none at all
[18:59] <Linaxys> yessss
[18:59] <Linaxys> I've just switched to Enhanced SATA mode
[18:59] <Linaxys> then when the setup asked me to enable the RAID service stuff, I said no
[19:00] <Linaxys> and I'm formatting the hard disk now :D
[19:01] <Linaxys> well, I hope I won't need RAID in the future
[19:01] <stefg> deathtech: http://www.nomachine.com/products.php might be worth a look, too
[19:07] <deathtech> Sorry , no not load balancing
[19:07] <deathtech> Conf call  :p
[19:07] <deathtech> just mass server management basically
[19:09] <stefg> deathtech: http://www.ubuntu.com/news/landscape-system-management-tool
[19:11] <stefg> deathtech: but forget 'bout the sparc machines... http://www.phoronix.com/scan.php?page=news_item&px=NjM5MA
[19:11] <deathtech> and that is EXACTLY what im looking for. however, i have looked at that, and im looking for other alternatives, so i have a comparison
[19:28] <clusty> deathtech, i am planing to use puppet
[19:29] <clusty> deathtech, to clone confs accros multiple servers
[19:46] <sgsax> deathtech: you looked at cfengine?
[19:47] <Linaxys> hmm I don't really understand... how can I connect to my openssh server with winscp ? I've just done a little sudo apt-get install openssh-server, and rebooted, "sudo /etc/init.d/ssh start", and I try to login inside it it doesn't reply at all :S
[19:47] <Linaxys> do i have anything else to do once I've installed it ?
[19:48] <deathtech> No sir
[19:48] <deathtech> cfengine ?
[19:48] <sgsax> Linaxys: out of the box config should be sufficient
[19:48] <VirtualDisaster> Linaxys, ssh is pretty much plug and play
[19:48] <VirtualDisaster> install and then connect
[19:48] <sgsax> deathtech: http://www.cfengine.org/
[19:48] <VirtualDisaster> Linaxys, make sure youre using the proper IP and username etc
[19:49] <deathtech> Linaxys : Also check your Routing :)
[19:49] <Linaxys> hmm yeah I'm using a router, I don't know if it blocks ports but I am in the same network, like 192.168.2.50...
[19:49] <sgsax> Linaxys: and make sure apparmor isn't getting in the way
[19:49] <VirtualDisaster> sgsax, apparmor?
[19:49] <sgsax> Linaxys: if you can connect via ssh, you should be able to connect via scp
[19:49] <VirtualDisaster> ubuntu doesnt use that by default does it?
[19:50] <sgsax> I believe 8.04 does
[19:51] <VirtualDisaster> oic
[20:01] <jdstrand> apparmor does not confine ssh
[20:02] <jdstrand> https://wiki.ubuntu.com/SecurityTeam/KnowledgeBase/AppArmorProfiles
[20:03] <jdstrand> VirtualDisaster, sgsax: ^
[20:03] <VirtualDisaster> ah nice ty
[20:05] <sgsax> jdstrand: good to know
[20:42] <aubre> for some reason when I try to gunzip ubuntu-uec-jaunty-amd64.img.gz (a 600mb file) it grows until it fills the hard disk partition or I kill it
[20:43] <aubre> last time I killed it it had gotten up to 30 GB
[20:45] <nick125> aubre: That's possible..
[20:46] <aubre> well it seemed odd
[20:46] <nick125> You can compress a lot of zeros down to nothing :)
[20:46] <aubre> I got those from here http://uec-images.ubuntu.com/jaunty/current/
[20:46] <aubre> are they supposed to be that large?
[20:48] <Sam-I-Am> hmm
[20:48] <Sam-I-Am> anyone here use xubuntu karmic?
[20:49] <Sam-I-Am> er, wrong chan...
[20:50] <aubre> hmm maybe I was a decimal point off with that lol
[21:04] <ruben23> hi
[21:04] <ruben23> hi guys i run apt-get as root and i got this output----->http://pastebin.ca/1545008  its like no activity its not downloading any packages or files..
[21:04] <ruben23> anyone have ideas on this
[21:05] <ruben23> i run apt-get update
[21:05] <ruben23> what i mean sorry
[21:07] <qman__> looks like it updated fine
[21:07] <qman__> if you want to install updated packages, you now need to run sudo apt-get upgrade
[21:08] <qman__> apt-get update updates the database information, apt-get upgrade installs new package versions
[21:08] <qman__> you need to run both, in that order, to fully update your system
[23:01] <cemc> is there a way to boot with a non-default kernel once, so that grub selects that, but only at the next reboot?
[23:01] <cemc> after that it reverts back to the default kernel
[23:01] <kinnaz> you can use e to edit the boot line
[23:01] <kinnaz> at boot time
[23:01] <kinnaz> or modify default for one boot
[23:01] <giovani> kinnaz: he might be interested in testing a new kernel remotely
[23:02] <kinnaz> testing new kernel without drac :P?
[23:02] <kinnaz> sounds like fail
[23:02] <giovani> freebsd has a feature for this, where you can boot a kernel once, and if it fails to boot, it'll boot the last kernel next
[23:02] <giovani> kinnaz: let's not get manuf-specific
[23:02] <giovani> using non-standard IPMI cards is fail
[23:02] <clusty> i am trying to get DNS working on the local host. so far I can ping the DNS server from the rest of network, but i cannot ping the rest of the network from the DNS machine (ping=resolve DNS)
[23:02] <giovani> but not everyone has thatl uxury
[23:03] <clusty> any got a clue what could be going on?
[23:03] <giovani> s/thatl uxury/that luxury/
[23:03] <clusty> :D
[23:03] <cemc> yeah, it's like that. It's a remote server and I have impi to reset it,
[23:03] <giovani> clusty: that you haven't set /etc/resolv.conf correctly?
[23:03] <cemc> but I don't have SOL (yet)
[23:03] <giovani> cemc: SOL?
[23:03] <cemc> Serial Over LAN, to control grub
[23:04] <clusty> giovani, the server has a search debian.lan and a nameserver stanza
[23:04] <giovani> gotcha -- just hadn't heard the acronym used much
[23:04] <clusty> debian.lan being the local domain
[23:04] <kinnaz> serial over lan
[23:04] <kinnaz> never heard of that
[23:04] <giovani> clusty: I don't know what stanza is to you ... but you shouldn't be putting DNS names in /etc/resolv.conf
[23:04] <giovani> kinnaz: it's standard in good IPMI cards
[23:04] <giovani> it's serial console for the 21st century
[23:04] <kinnaz> hmmmz i do have serials on some servers never figured out for what to use them thou
[23:04] <kinnaz> how does it work ?
[23:05] <giovani> kinnaz: google it
[23:05] <kinnaz> do i need some extra hw for that ?
[23:05] <kinnaz> not including the card itself
[23:05] <giovani> if you don't have an IPMI card that provides serial console, then yes, you need one
[23:05] <giovani> or you can do it the way it's been done for a decade or two
[23:05] <giovani> which is to use a serial terminal server
[23:05] <giovani> but then you're using the physical serial port
[23:05] <cemc> back to my original question :) can I boot with a kernel once ?
[23:05] <giovani> not a virtual serial interface over the internet
[23:06] <giovani> cemc: I'm not sure -- I'd google it
[23:06] <giovani> you're using grub, I presume?
[23:06] <giovani> look at that
[23:06] <giovani> first google hit
[23:06] <giovani> http://www.gnu.org/software/grub/manual/html_node/Booting-once_002donly.html
[23:06] <giovani> why I had to do that I don't know
[23:06] <clusty> giovani, http://pastebin.com/m78044328
[23:06] <clusty> 192.168.0.1 is localhost
[23:07] <cemc> giovani: mhm, found it also
[23:07] <giovani> clusty: nope, it's 192.168.0.1
[23:07] <clusty> other is the DSL router
[23:07] <giovani> that's not the loopback
[23:07] <giovani> netstat -anp | grep :53
[23:07] <cemc> grub ftw ;)
[23:07] <clusty> should i switch to loopback?
[23:07] <giovani> ... sigh
[23:07] <giovani> no
[23:07] <giovani> type 127.0.0.1 in there
[23:07] <giovani> but I don't know that your DNS server is listening on that interface
[23:07] <giovani> so run the netstat line I gave you above
[23:09] <clusty> giovani, not working: http://pastebin.com/m71c13e13
[23:09] <clusty> will run now
[23:09] <clusty> giovani, http://pastebin.com/m464beee7
[23:09] <clusty> seems to be running
[23:09] <giovani> of course it's working
[23:09] <giovani> you just pasted output showing that it's working
[23:10] <clusty> yeah
[23:10] <giovani> I don't know why you're not providing dig with a FQDN
[23:10] <giovani> that's silly
[23:10] <clusty> wanna see zone file?
[23:10] <giovani> nope
[23:10] <clusty> and the dns conf?
[23:10] <giovani> nope
[23:10] <giovani> I'm not gonna help with configuring that
[23:10] <giovani> maybe someone else has the time
[23:10] <giovani> you haven't demonstrated that anything's wrong
[23:10] <kinnaz> money can buy anything
[23:11] <clusty> giovani, well i spent maybe 1 week to get dns up to this stage :D
[23:29] <cemc> giovani: it worked, with this: http://www.gnu.org/software/grub/manual/html_node/Booting-fallback-systems.html#Booting-fallback-systems
[23:29] <cemc> thanks
[23:37] <giovani> cemc: is that a different method than the url I pasted? (just curious)
[23:44] <cemc> just a little bit different, it's on the same page actually,
[23:44] <cemc> on what you pasted