/srv/irclogs.ubuntu.com/2009/08/31/#ubuntu-server.txt

Tom_Assslap: I guess you can use NM to edit a static connection too00:00
slapThat's what I did. But I wanted to set up a static DNS. And after reboot, the /etc/resolv.conf is reset ?00:01
Tom_Assslap: hmm, that's kind of my experiences too, but now I just use dynamic... :(00:02
slapI wanted a primary nameserver to look at (my server at home), then the second (my ISP)00:02
Tom_AssHint Auto created connections are not editable. Modifying them without changing names will not be saved00:04
Tom_Assdoes that help you, slap?00:04
slapHum, it looks like there's another interface that use DHCP (eth1). I think it reset the resolv.conf. I'll check that...00:08
qman__I pit a script in /etc/dhcp3/dhclient-exit-hooks.d/ to modify my resolv.conf after it's regenerated02:00
qman__put*02:00
qman__so I can make use of the dynamic information while still ensuring the correct order and search domains for my local DNS02:00
roxy09i there somebody know if ubuntu 9.04 support hotswap hard drives?02:37
ballhello MunkyJunky03:12
MunkyJunkyHey again ball03:12
MunkyJunkyRight everyone - my server just seemed like it got attacked (I'm thinking DDoS). Which logs do i look at to find out what happened?03:13
roxy09Hi there somebody know if ubuntu 9.04 support hotswap hard drives and double processor?03:21
ballroxy09: I don't see why it wouldn't.03:23
jmarsdenMunkyJunky: Why are you "thinking DDoS"?  What specifically are the symptoms of the issue you are dealing with?  Did you already have a network auditing tool such as argus in place before this happened?03:26
roxy09well i am purchasing HP but they dont give me warranty that it work with ubuntu, so i would like to know if somebody have experience03:26
roxy09with this kind of servers03:26
nick125Does it work with any Linux distro? If so, then it's likely (but not 100%) that it'll work with Ubuntu.03:27
ballroxy09: ML110 ?03:28
MunkyJunkyjmarsden: I don't run the security of the server, the guy who does is sleeping. I'm just trying to learn a bit atm. All websites hosted on the server were inaccessible, and the server was inaccessible except for ssh03:28
jmarsdenMunkyJunky: Is the httpd running? :)03:28
jmarsdenThat does not sound like a DDoS to me.03:29
MunkyJunkyWell, I was going on that by what a friend sugested. All I know is the server wen't pretty kaput, and id like to find out what happened sooner rather than later03:30
jmarsdenDon't guess.  Is httpd running, yes or no?03:30
MunkyJunkyyes it is03:30
ballMunkyJunky: wake up your server geek.03:30
MunkyJunkyI can't, ball. I have no way of reaching him right now :(03:31
ballHe doesn't sleep with a pager under his pillow?03:32
=== lamont` is now known as lamont
MunkyJunkySadly no03:33
ballI wish pagers were cheaper here.03:34
MunkyJunkyI wish Jam was awake to guide me :/03:34
jmarsdenMunkyJunky: A cellphone would work too :)    Is the server running normally now (you said "was" in your problem description)?  if it is, leave it alone until your guy wakes up.03:35
MunkyJunkyYea, I rebooted it and its working fine03:35
jmarsdenThen your work is done, wait for your server guru.03:36
MunkyJunkyI thought id end up having to leave it, im just trying to learn a bit about where i should be looking to see what went wrong03:36
jmarsdenIt's hard to say where to look, and rebooting may have destroyed some of the evidence anyway... but since a DDoS is extremely unlikely to end exactly at the moment you happened to reboot the server, chances are high that your diagnosis was incorrect.  You can look in all the httpd logs and in /var/log/messages if you want to do some boring reading :)03:38
MunkyJunkyhaha ty03:40
MunkyJunkyI'll have a poke about, and I _might_ earn something03:41
roxy09hi, sorry about the delay it is a DL360 and DL185 G604:01
ballroxy09: Nice machines.04:01
roxy09thanks :)04:05
=== root is now known as Guest89086
=== Guest89086 is now known as imchrislabeard
imchrislabeardHey guys, I've been working on this for awhile and it works and then it stops working... A subdomain that is04:08
Guest35625hi i have absolutely no idea how to use ubuntu server. i want to turn my old laptop into a server. can anyone point me in the right direction to learn how to do that?04:56
qman__Guest35625, first you need to decide what you want to use it for05:00
PhotoJimGuest35625: decide what you want to do with it... and then do some googling to see what the packages are that will do that.05:00
Guest35625okay, so.05:00
PhotoJimGuest35625: e.g. if you want to do file sharing... you might want NFS for sharing with Linux/BSD machines, and Samba for windows machines.05:00
PhotoJimGuest35625: if you want it to be a mail server... you might want to use postfix or exim or sendmail.05:00
qman__he probably doesn't want to use sendmail05:01
Guest35625i don't know what my options are. i definitely want to use it for sharing files, especially torrents, but also things that could be downloaded from websites.05:01
PhotoJimqman__: he could.  I agree he wouldn't want to :)05:01
qman__Guest35625, those are jobs for a desktop, not a server05:01
qman__for torrents, you might look into torrentflux05:02
Guest35625ugh05:02
Guest35625i'm so sorry but05:02
Guest35625what really is the difference between a desktop and a server05:02
qman__the pieces of software you install05:03
qman__server does not have a GUI05:03
qman__so browsing websites and downloading files is not for a server05:03
qman__storing files is a server job05:03
Guest35625right, for sure05:03
qman__torrentflux is a website that downloads torrents for you05:04
qman__so you access it from your desktop05:04
qman__I'm not sure if that's what you want, so read up on it05:04
qman__servers do things for clients, they provide functions that would be inconvenient on a client machine, and functions that require 24/7 operation, where you would not want your client running05:05
qman__they provide centralization for other types of functions like mail and file storage05:06
Guest35625right05:06
qman__they provide services like DHCP and DNS, and can be routers05:06
qman__and host web sites05:06
qman__laptops are suited to a particular type of home server, ones that don't need a lot of disk space but need uptime and battery-backup05:08
qman__such as a print server05:08
qman__laptops generally have small hard drives, so they're not good for file servers05:08
qman__and generally can't handle high CPU applications, due to heat05:08
Guest35625oh05:10
Guest35625well05:10
Guest35625i'm kinda learning, and its what i got05:10
qman__well, what you should do05:10
Guest35625and really the biggest need right now is to up my ratio on a private tracker05:10
qman__is instead of setting out to install "a server", you should first figure out what functions you need05:10
PhotoJiman older desktop would make a better 24/7 server than a laptop05:10
Guest35625thats why i'm here :)05:10
PhotoJimbut frankly you just need a desktop you can leave on 24/705:11
qman__seeding torrents can be done on a server, but that's not really the type of thing you get a server for05:11
qman__unless you need a setup like torrentflux, to create user accounts and manage an entire network's torrents together on one machine05:12
Guest35625hmmm interesting05:12
Guest35625so are you saying i'd do better to install ubuntu desktop on my laptop, leave it on 24/7 and seed?05:12
qman__probably not, because laptops aren't designed to run 24/705:13
qman__if you do that, make sure you take precautions for extra cooling05:13
Guest35625but i'm a student with no money and this old laptop05:13
Guest35625will do05:13
PhotoJimwhat you want to do is kind of like running a dirt-hauling business with a hatchback :)05:13
PhotoJimyou can do it but it will kind of suck :)05:13
PhotoJimyou don't need a good desktop.05:14
PhotoJimmy server was a Pentium II for years.05:14
PhotoJimright now it's a Pentium III.05:14
qman__if you're going to do it, I suggest standing it up slightly open, like an A shape05:14
qman__and if it runs particularly hot, get a fan05:14
PhotoJimif you run it on a server distribution you don't need a GUI.05:14
Guest35625what does that mean05:14
qman__you should choose the operating system based on the role05:15
PhotoJimI'm saying that I have two jobs and I have money and I have a server that cost $50.05:15
qman__if you want to run something like torrentflux, server is appropriate, but if you just want to run a GUI torrent client, desktop is better05:15
PhotoJimand you could probably get someone to give you a Pentium III system for nothing.05:15
Guest35625ah i gotcha05:15
PhotoJimso being a student isn't an issue.05:15
PhotoJimyou don't need a Core 2 Quad to run a home server.05:15
qman__my shell server is a 200MHz K605:16
Guest35625well i mean05:16
qman__I probably couldn't give it away05:16
Guest35625i just want to get started with a server05:16
PhotoJima Pentium II or III won't be fast, but it will do fine for what you want.  and it will be cheap.05:16
Guest35625its like what i did with linux05:16
Guest35625i was like05:16
Guest35625TODAY I WILL LEARN LINUX05:16
Guest35625and i did05:16
qman__to "get started with a server"05:16
PhotoJimmy first Linux machine was a 486sx25 :)05:16
qman__you have to first start with a role to fill05:16
Guest35625im no pro, but i can work my way through it competently05:16
PhotoJimI still have it.  it still runs.  I just don't do anything useful with it anymore. :)05:16
Guest35625lol05:16
PhotoJimget the best machine you can get for free or cheap.  disk space and RAM are more important than CPU speed.05:17
PhotoJimI had 400 GB of disk space in my PII server.  it was fine.05:17
PhotoJimthe only reason I upgraded was because I fell into an opportunity.05:17
qman__yes05:17
qman__you choose the hardware based on the role as well05:17
qman__a file server, a slow CPU is fine05:17
PhotoJimit ran my file server and web server and DNS and it barely worked.05:18
PhotoJimit was fine with 256 MB of RAM, but I maxed it out to 768 when I had the chance and a few bucks.05:18
qman__256 is plenty for that grade of machine05:18
qman__my shell server can only hold 256, it's maxed out05:19
qman__the main problem with that machine05:19
qman__it's only i58605:19
qman__so I can't use i686 kernels05:19
PhotoJimnot that that's a huge issue05:20
qman__no, just annoying05:20
qman__I once installed gentoo on that05:20
qman__took three weeks05:20
PhotoJimcompile a custom kernel :) that way you'll have optimized performance.05:21
qman__I did a stage 2 with the 2004 release05:21
qman__back when they still supported that05:21
qman__it was a great learning experience05:21
qman__gentoo is too much hassle for the real world, though05:22
qman__ubuntu gets it done, and quick05:22
Guest35625okay05:22
Guest35625what if i want to run a web cms like dnn05:23
qman__a web cam?05:23
qman__oh05:23
qman__cms05:23
qman__you will first need a web server stack05:23
qman__you can do LAMP, or go with something more lightweight like nginx or lighttpd05:24
qman__that depends on the needs of the web software you choose and your personal preferences05:25
jmarsdenqman__: Do you know what dnn stands for in the context of CMSes?  if not, why are you advising Guest35625  about it?05:25
qman__I don't know what dnn is, but I know plenty of other CMSes05:25
jmarsdenDNN is DotNetNuke which uses the .Net framework...05:25
Guest35625lol05:26
qman__oh05:26
Guest35625which means no lamp05:26
qman__that means no linux05:26
qman__unless it somehow works on mono?05:26
qman__but I wouldn't advise that even if it does work05:26
Guest35625okay05:26
Guest35625so i should install 8.10 desktop 64 on my lappy05:27
Guest35625then use a web gui for torrents or a remote desktop connection?05:27
qman__well05:27
Guest35625to manage the computer05:27
qman__you should not install 8.1005:27
jmarsdenWhy 8.10?  9.04 exists...05:27
qman__you should install 8.04 or 9.0405:27
Guest35625jk 9.0405:27
Guest35625i forgot what today was05:27
Guest35625:)05:27
qman__also, when you said old laptop, I assumed older than that05:28
Guest35625no, its just not my new laptop05:28
Guest35625my old laptop is running a T5200 intel core duo05:29
Guest35625which i think is 1.605:29
qman__I have a PII thinkpad as a print server05:29
Guest356252 gb ram, 120 gb hard drive05:29
Guest35625some gosu gpu that i'll never use D:05:29
Guest35625but run 9.04 64 bit desktop and use remote desktop to access it?05:29
Guest35625would be more advantageous to me than a server?05:30
qman__you couldn't use remote desktop, since that's a windows thing05:30
qman__but you could use VNC or XDMCP05:30
Guest35625i thought ubuntu had a built in remote login05:31
qman__it does, VNC and XDMCP05:31
qman__but that's different from Remote Desktop, which is a windows software05:31
Guest35625sorry05:32
Guest35625could i still use my lappy to host a file and access it through its ip address?05:32
simplexioor run ubuntu-desktop in vbox to in win machine to acces remote desktop to server like i do, i get native  win for games (HOI3) and real production desktop on same computer05:32
jmarsdenAhem... Ubuntu includes an RDP client called rdesktop, but no RDP server component.  But all of this discussion of graphical UIs is off topic for #ubuntu-server.05:33
qman__yes, it is05:33
Guest35625well, could i still use my laptop to host a file and access it throug the ip address on ubuntu desktop? or is that a server only thing?05:34
qman__yes, you can install samba on a desktop05:34
Guest35625good stuff05:34
simplexioGuest35625: yeah. samba/nfs and all other file server thingies still can be installed05:34
Guest35625any ideas for getting started with servers?05:35
Guest35625forreal, server talk is sexy05:35
Guest35625you take a girl out for dinner and you tell her all about how big your SQL server is and they get all hawt05:35
qman__like I've said before, you have to come up with a task or purpose first05:36
Guest35625i don't have one, but certainly its possible to learn about something without needing it quite yet05:36
Guest35625in programming you program the euclidean algorithm to calculate primes--as if you're ever going to use that...05:36
qman__system administration and programming are two very different fields05:37
qman__even if you're not in a production environment, you still need to decide on a task to perform05:37
Guest35625so what kinds of tasks are good for beginniners? charge me with one05:37
qman__we've gone through plenty already05:39
qman__mail, file servers, web servers05:39
Guest35625but which is the one i've been charged with?05:39
qman__DNS, DHCP05:39
Guest35625whats a web server, exactly?05:39
qman__a server which hosts a website or web application05:39
qman__you could do something like oscommerce or phpbb05:40
Guest35625interesting05:41
Guest35625thats a really cool idea05:41
Guest35625thanks for the info05:41
imchrislabeardHey guys i'm not sure what i did but when i restart apache i get this message - http://pastebin.org/1357707:53
AucklaHi.08:19
AucklaI just installed Ubunutu server to try it out. I was hopeing for some kind've graphical interface like Redhat or something. Ehehe. I come form a BSD enviroment. Is there somewhere other then, " https://help.ubuntu.com/9.04/serverguide/C/index.html " <--- Hear to start with?08:20
qman__ubuntu server does not include a GUI, since it is generally considered a security risk on servers08:25
qman__if you want a GUI, look into ubuntu desktop08:26
qman__imchrislabeard, that message means apache couldn't determine the FQDN of the server, a DNS issue08:32
imchrislabeardqman__: ahh okay so thats located somewhere in the hosts directory08:33
qman__apache is a little more picky, it won't just take the system hostname08:34
imchrislabeardwhat do i need to make it my systems name is longhornpc the primary domain is longhornpcrepair.com08:34
qman__it wants an FQDN08:34
imchrislabeardoo okay ... does the server need to have a primary domain just for it08:36
qman__well08:36
qman__your FQDN in that case is longhornpc.longhornpcrepair.com08:36
qman__so, in /etc/hosts08:36
qman__you should have something like08:36
qman__127.0.0.1 localhost08:36
qman__12.34.56.78 longhornpc longhornpc.longhornpcrepair.com08:36
qman__where 12.34.56.78 is your listening IP address08:37
imchrislabeardwell the way i have it set up right now is server is http://longhornpc pointing at the /home directory and then longhornpcrepair.com is home/longhornpc08:37
qman__this doesn't have to do with the sites themselves08:38
qman__this is a systemwide configuration08:38
imchrislabeardoh alright well it seems like all this happend once i tried to set up my RNDC key08:38
qman__for each domain name you're listening on, it must resolve to an IP for the system, and the quickest way is to add it to /etc/hosts08:38
qman__the other way is to set up full DNS08:39
qman__which it looks like you did, and it broke08:39
imchrislabeardyeah i have a dns set up on this server08:39
qman__well, if it's broken08:39
qman__I would back up your zone file and remove bind with the --purge option to clear the config08:40
qman__and then reinstall bind08:40
imchrislabeardwell all of my domains are working fine it seems but my subdomain will work for a little while in then stop working08:40
imchrislabeardbut i just get that warning from apache .. so i was kinda curious what was goin on08:43
qman__yeah, that just means there's a DNS problem08:43
qman__and apache can't determine the FQDN of the system08:43
AucklaI am sorry, I have ran bsd for so long, I was lookng for something I could be lazy about hear for the local network. Excuse me if that sounds offending.08:43
Aucklahear, here. Poor me another screwdriver. :P Hah! :P08:44
qman__Auckla, I'm not sure what you mean, but the Ubuntu Server Guide is the best place to start off in building a new server08:44
qman__you can skip the parts not relevant to your application, of course08:45
AucklaAg, I'm horrible length wireless hear at my new house, and I guess I am going to have to download another cd at 150k\s a second.08:45
imchrislabeardqman__: alright so you said earlier the FQDN would be longhornpc.longhornpcrepair.com08:45
AucklaGod I keep mispelling that word. :P08:45
qman__imchrislabeard, yes08:45
imchrislabeardqman__: would i add this to my named.conf ?08:46
AucklaI would like to install x on this system, so I could then install synergy.08:46
qman__Auckla, you would only need ubuntu desktop if you want a GUI, though that won't help much in setting up a server, since there aren't any GUI server apps08:46
AucklaIf anyone is framiliar with that.08:46
qman__imchrislabeard, no08:46
AucklaGah, I just care about php,mysql and apache. :)08:47
qman__imchrislabeard, you just need to make the system resolve that name to your IP in some way, either by adding it to your zone file, or adding it to /etc/hosts08:47
qman__Auckla, then you want LAMP08:47
AucklaI installed it, but where is my gui to boot? :P08:48
qman__Auckla, there is none08:48
AucklaI have seen a lot of linux distros. Hehe, not use to one being real I guess.08:48
qman__Auckla, you can install a GUI package, but that's not supported in this channel08:48
qman__since ubuntu server is designed to be used console only08:48
AucklaHehe, thank you for your conversation.08:48
imchrislabeardqman__: alright so in "longhornpcrepair.com.hosts" i would add longhornpc.longhornpcrepair.com and give it the public ip or the internal ip...08:49
AucklaWord, dig it. I got it np. :D08:49
qman__if all you want is remote administration, install ssh08:49
imchrislabeardqman__: sorry if im asking too many questions08:49
qman__imchrislabeard, I don't know what that file is, is that your DNS zone file?08:49
qman__that name should point to whatever IP apache is listening on08:50
qman__be it public or internal08:50
imchrislabeardqman__: i have a zone file for each domain... and my dns server is on the longhorn08:50
qman__that naming is confusing08:51
qman__a DNS zone file and a hosts file are completely different08:51
qman__zone files contain records formatted a certain way08:52
qman__but in any case08:52
qman__if you are doing this in DNS, the zone for longhornpcrepair.com should contain an A record pointing longhornpc.longhornpcrepair.com to whichever IP that apache server is listening on08:53
cefqman__: afaik, he's using webmin, which does uses that sort of silly convention08:53
ceferr does use even.. damn brain08:53
qman__hah08:54
cefbeen a long day. :/08:54
qman__been there :)08:54
imchrislabeardi was using webmin but i have been creating the dns hosts files without using webmin08:54
imchrislabeardi like having them separate08:55
imchrislabeardyeah well it looks like my FQDN is "longhornpc" which isn't qualified so i need to just change that08:59
imchrislabeardwhy is that the only web panel that is supported for ubuntu is the worst one ?09:06
acalvoanyone know if profile acls samba directive works with xp sp3?10:11
acalvohi13:20
acalvoI'm trying to manage all my network printers using CUPS in a SAMBA server, so I'm looking for a good tutorial that covers this area13:21
acalvoI've looked in the ubuntu community and didn't find anything useful13:21
=== bogey2 is now known as bogeyd6
clustyhow can I prevent a service from ever starting?14:09
clustysomehow avahi found it's way into my sys :D14:10
subclusty: I forget the exact usage, but update-rc.d should do what you need it to do14:15
clustysub, thanks14:15
subupdate-rc.d -f remove avahi-daemon perhaps14:16
slacker_nli would just chmod -x the init.d script14:29
giovanislacker_nl: that's not a proper solution14:34
slacker_nlgiovani: you are right, just remove the rc?.d/[SK] scripts14:35
slacker_nlbut, when you want them again, you need ro recreate the rc?.d symlinks, and chmod +x is easier14:36
PhotoJimslacker_nl: I tend to just rename scripts I don't want to run.  that way it's obvious why they're not working.  -x isn't obvious.14:50
subslacker_nl, PhotoJim - update-rc.d handles creating and removing of the symlinks and is used by debian packaging14:52
bunnyow do i make an extended partition from the partitioner in the installer?15:05
slacker_nlsub: i know, but if you also maintain solaris boxes, you want a way which is the same on all platforms15:06
VirtualDisasterslacker_nl, there is no "universal" way except to write a wrapper around the native tools15:12
VirtualDisasterespecially w/ solaris....15:13
clustyhey15:47
clustywhat tool would you suggest to automate system configuration?15:47
clustycurrently i am looking at puoppet and maybe cfengine15:48
aubresome people say chef is good , I don't know much about it personally15:49
clustyaubre, looks quite complicated to setup15:53
aubreclusty: yeah15:54
jtimbermanclusty: Chef :-)16:02
* jtimberman works for the company that wrote Chef.16:03
jtimbermanPop into #chef if you have any questions.16:03
clusty:D16:03
clustylool16:03
jtimbermanI also packaged Chef for Ubuntu Karmic :)16:03
clustyjtimberman, bad idea divulging that16:03
jtimbermanWhy?16:03
jtimbermanIts not a secret.16:03
clustynow if i decide to go for chef you will be machine gunned with questions16:03
clusty:D16:04
jtimbermanyeah but thats my job.16:04
aubreI'm looking forward to finishing up my UEC install, just can't work on it at the moment16:08
clustyjtimberman, chef feels a very big gun for what i need. basically we got a new computational cluster: 20 machines conected over the network. I want to keep the conf across these machines homogenous16:10
jtimbermanclusty: you don't need the server part of chef, you can run just solo mode.16:10
clustyjtimberman, so how does it work then: not like configure 1 machine and use some framework to propagate the confs ?16:11
jtimbermanclusty: no, each client is an autonomous unit. the client is 'fat'. it gets the configuration (cookbooks with recipes) from a server (client/server mode), or from a remote url or a local directory (solo mode). then the client / solo parses the recipes and takes the actions appropriate.16:13
clustyjtimberman, i see. so is good enough to mount the same file over NFS and just edit the file16:14
clustyfile=cookbook/recipes16:15
clusty..gotta love the depths to which the analogy was pushed D:16:15
jtimbermanclusty: that's certainly possible. chef-solo supports retrieving from a URL, a la "chef-solo -r http://opsmaster.int.example.com/cookbooks.tar.gz"16:16
jtimbermanbut you could use a directory mounted via NFS instead if thats your preference.16:16
jtimbermanclusty: and yes, the cooking metaphor is highly abused :)16:16
jtimbermanwith shoutout to Chef from South Park, The Swedish Chef from the Muppets, and the Lego Chef minifigs.16:16
clustythat is one thing that makes linux much more full of flavour16:18
clustyall the g33ky inside jokes16:18
clustyi guess 50% of a project success comes from it's funky name/icon16:18
clustylogo16:18
geniiRecursive acronyms, etc16:19
jtimbermandon't forget chef's data gathering counterpart, ohai.16:20
jtimberman'ohai, here's some json about your system'16:20
clustyguess the joke needs to be explained :D16:20
clustywhat is the funny part of ohai ?16:20
clustysome lolcatz spelling?16:21
uvirtbotNew bug: #418220 in php5 (main) "apache2 crashed with SIGSEGV in pdo_parse_params()" [Undecided,New] https://launchpad.net/bugs/41822016:21
jtimbermanyup16:22
jtimbermanso, geeky inside joke :)16:22
clustyyeap16:22
clustyjtimberman, guess chef wins :D16:24
clustynot as scary as it seemed in the beginning16:24
jtimbermanclusty: It really isn't. The big thing is lots of dependencies.16:24
jtimbermanand with Karmic, you can apt-get install chef and have a functional chef client, or chef-server to get a functional server.16:25
jtimbermanand we're working on backporting to other ubuntu releases back to hardy.16:25
clustyjtimberman, what about the stable one?16:26
jtimbermanjaunty?16:26
clustyyes16:26
giovanislacker_nl: no, that's what update-rc.d is for16:26
jtimbermankarmic packages "should" work there, but there aren't backport packages yet.16:26
clustyjtimberman, a wee bit of a turn off. will try to see how annoying is it to get it working from repo16:27
clustyjtimberman, i saw examples to synch conf files. how can I synch list of installed packages?16:27
jtimbermanclusty: sure, join #chef if you have any further questions.16:27
jtimbermanclusty: you can manage packages individually, so if you start from the same base image, you'd have whatever packages installed from chef's recipes that you told it to install. (plus dependencies of those when using apt)16:28
=== cemc1 is now known as cemc
clustygot a small question about updating a PC: it is running ubuntu 8.0416:37
clustyshould update in one go to 9.04 or pass through each intermediate version? 8.04->8.10->9.04 ?16:37
ScottKclusty: Yes.16:38
ScottKEach intermediate version16:38
clustyScottK, how likely is it to break stuff ?16:38
clustyso far I have postgres DNS DHCP and LDAP running on that machine16:39
clustyppl will scream if that goes down for a long time :D16:39
ScottKclusty: running lvm or softraid?16:39
clustyScottK, nope. hardware raid16:39
ScottKThey'll scream less that if it goes down long enough for you to reinstall the box.16:40
ScottKBTW, mostly services stay up during the upgrade.16:40
ScottKMost of the outage would be for the reboot.16:40
clustyScottK, added twist: machine is in germany and i am in canada :D16:40
heath|workIs there a way to tell kvm to unplug a network cable on a virt?16:41
clustythere are some half way savvy ppl there16:41
bobgI want to build a LDAP server for my company. Is ubuntu a decent OS to use for this? Does it have any apps (in the standard repo) to help manage users? Is there much difference between hardy and jaunty in support as an LDAP server?16:45
Sam-I-Amyou'd really want the openldap packages from karmic16:46
Sam-I-Amif possible16:46
Sam-I-Ambut otherwise, ubuntu is finwe16:46
clustybobg, it's as good as any other one16:48
clustySam-I-Am, i just set up ldap user auth with hardy ldap16:48
Sam-I-Amclusty: ok?16:50
* bobg is googling karmic 16:50
Sam-I-Am(its the next release)16:50
bobgoh16:50
Sam-I-Amor... you can run hardy and use my backports.16:50
Sam-I-Amwhich contain most of the fixes since hardy's packages16:51
bobgso there have been a lot of work done recently on it?16:51
Sam-I-AmLTS releases are good for servers16:51
clustySam-I-Am, the actual ldap was hard part16:51
clustythe user auth went very smooth16:51
Sam-I-Amwell, hardy is technically from 04/08... so 1.5 years ago or so.16:51
clustytook me forever to figure out how to import datas and stuff like that16:51
Sam-I-Amopenldap moves quickly, often faster than ubuntu16:51
bobgSam-I-Am: I was trying to stay LTS, but I find if a load up a hardy xen VM it crashes with a "stuck cpu" so I have been migrating to jaunty if a vm experiences that16:52
Sam-I-Ami havent used xen, but hardy seems fine under vmware and vbox16:53
Sam-I-Amyou could search for bug reports on that... see if theres a fix... if not, try to get a bug report going16:54
bobgSam-I-Am: is it the actual openldap that I want a later version of, or is it support  packages that modify the schema or provide tools to manage users?16:54
clustySam-I-Am, so ther eis a high likelihood that updating from 8.04 to 9.04 smething will break?16:54
clustyas far as ldap goes16:54
Sam-I-Amclusty: configuration as a client is roughly the same16:56
clustySam-I-Am, i meant on the server side16:56
clustyonce setup in hardy should work in jaunty?16:56
Sam-I-Ambobg: particularly the openldap packages/libraries... but it might help management tools as well.  i usually just write my own.16:56
clustybobg, that is only sucky part16:57
Sam-I-Amclusty: upgrading *should* work... however, back up the database manually first.16:57
clustybobg, importing users16:57
bobgSam-I-Am:  I went through a huge. long process with xen + hardy -- it turn out that the xen guys considers hardy's kernel  version to be a problematic  xen kernel.  The problem is only with high, prolonged loads (and maybe agrevated by our internal app)16:57
Sam-I-Ami usually dont let ubuntu auto-upgrade anything for me16:57
Sam-I-Ambobg: you could pop another kernel on hardy16:57
bobgSam-I-Am: i could not find a compatible alternate xen kerenel for hardy (after much work:)16:58
Sam-I-Amsurely there are people running hardy on xen16:59
bobgSam-I-Am: but, I am starting from scratch with this ldap project so I could start with jaunty from th start16:59
Sam-I-Amsure, but which release you choose depends on how often you want to do forklift upgrade of server-class stuff17:00
bobgyeah, we have DNS servers, web servers (that are not heavily loaded) and other things taht are working fine with xen - hardy17:00
bobgso for many things its not problem17:01
bobgits intersesting to note that amazon ec2 uses xen and their hard images use a modified fedora  8 xen kernel17:02
bobgs/hard/hardy/17:02
Sam-I-Amthats amusing17:02
bobgclusty: thanks for your comments. I setup our first LDAP server 3 years ago and getting teh schema and user data correct was a real PITA17:08
clustybobg, some guy from #LDAP gave me his pythin script17:08
clustywith some modifications i got it to make the right ldif-s17:09
bobgI was hoping that in the latest ubuntu I could just install some higher level package and have a gui to add, edit and delete users :)17:09
Sam-I-Amtheres phpldapadmin17:10
Sam-I-Amand a few others17:10
bobgclusty: hmmm, I will hang out there (#ldap) will I do this and see what tips I can get17:10
Sam-I-Amluma is a decent gui tool with limited built-in features17:10
clustybobg, problem is they are quick to pull the RTFM line :D17:11
clustynot very understanding with us, mere feable minded mortals that are just starting with LDAP17:11
bobg:) I probably have a lot of reading to do17:11
jtimbermanphpldapadmin is pretty good. jxplorer is a standalone gui that also works but i don't know if its packaged in ubuntu.17:12
Sam-I-Amhttp://packages.ubuntu.com/hardy/web/gosa17:12
jtimbermanclusty: and the problem with that FM (ldap) is its huge, complicated, and ldap itself is confusing.17:12
Sam-I-Ammight be a thought...17:12
bobgi use a old version of phpldapadmin now -- it fine to do IT maitainence, but the higher level stuff sucke -- I will check out to see how they have improved17:13
Sam-I-Amldap is so diverse and open that its difficult to write an app that handles everyones situation17:13
bobgSam-I-Am: gosa looks interesting:)17:13
clustyjtimberman, well they don't easy you in17:13
Sam-I-Amyou're generally stuck picking something and dealing with its crap, or writing your own17:13
clustyyou get shitloads of switches and funny acronyms that make no sense17:13
clustyand to top it up the thing that killed me is: querying the wrong base path gives you bad username :D17:14
clustyso i bashed my head against the wall for a few days to figure that one out17:14
Sam-I-Amwell, duh17:14
Sam-I-Amit can't find who you're looking for17:15
clustyshould say that LD17:15
clusty:D17:15
clustydunno WTF you are talking about, not invalid credentials17:15
bobgif it had decent error messages, then what would the ldap guru's do with their secret decoder rings:)17:16
* Sam-I-Am notes he's also in #openldap and #openldap-devel :P17:16
Sam-I-Amwe dont bite that hard...17:17
Sam-I-Ami'd just make sure you've done some reading first17:18
bobgSam-I-Am: I should have guessed that from your earlier comments:)  It was a general comment that could be said for any open source project (and many closed source too:)17:20
bobg(no offense intended)17:21
Sam-I-Ami know17:23
bobgSam-I-Am: to clarify, if you were building either a hardy or jaunty based ldap server today, you would be looking to get a backported karmic openldap?17:24
Sam-I-Amyes17:24
bobgor is the jaunty version up-todate enough?17:25
bobgok17:25
Sam-I-Amits better than intepid/hardy for sure17:25
bobgthanks17:25
Sam-I-Amdepends on what youre doing with it17:25
Sam-I-Amfor example, multi-master and mirror-mode work much better in 2.4.17 than 2.4.15 and earlier17:25
Sam-I-Ami use LTS because all of the other packages are supported/updated for longer than intermediate releases... not that i plan to run hardy forever, but potentially longer than other releases would be officially supported17:26
Sam-I-Amthen i backport or custom build newer stuff to work on LTS17:27
bobgi am looking for a basic master/slave setup  with a pretty full shema -- postfix for ubuntu logins, samba (PDC if will still have too), raduis, various one off ldap web apps17:28
bobgs/will still.../we still .../17:29
bobgi think building and maintaining the schema is my major fear17:29
Sam-I-Amdo you need a custom schema?17:30
bobgour current schema grew into a mess, so I am starting over17:30
Sam-I-Amotherwise its easy17:30
bobgis there a standard schem that does posfix + samba?17:30
Sam-I-Amsamba has its own schema17:30
mathiazSam-I-Am: have you tried to pushed the new version of openldap in hardy-backports?17:31
mathiazSam-I-Am: https://help.ubuntu.com/community/UbuntuBackports17:31
mathiazSam-I-Am: ^^ seems like a good place to push new versions of openldap for an LTS17:31
Sam-I-Ami think theres a postfix-ldap package which contains the ldap stuff17:32
bobgI am on the fence to try to abandon samba support all together - we are moving from windows clients to linux (for users) but we still have quite a few windows machines that need to access shared file servers17:32
Sam-I-Ammathiaz: no, not yet... it doesn't backport cleanly due to dependency problems.17:32
Sam-I-Ammathiaz: i just backported the newer dependencies for my stuff... havent had time to make it work with original hardy stuff17:33
mathiazSam-I-Am: right. Sometimes you'd also need to backport some of the dependencies to hardy too17:33
Sam-I-Amis there a method to determining which ones are ok to backport?17:34
bobgwoops I realize I was writing postfix when I meant posix  (we need both)17:35
Sam-I-Ami keep everything in launchpad PPAs... so you could check my PPA dependencies for the openldap packages and see if they work for you... then backporting would be easier since most of the work is done17:35
Sam-I-Ammathiaz: https://launchpad.net/~ionosphere80/+archive/msk-717:36
Sam-I-Ambobg: posix is its own schema too17:36
mathiazSam-I-Am: the wiki page listed above outlines how to get things accepted in backports.17:36
=== root is now known as Guest26989
bobgand do the posix and samba schemas coexist well? or would my life be much easier to deal with only posix?17:37
bobgclusty:17:37
Sam-I-Amthey work fine together17:37
Sam-I-Amand you can add kerberos without any issues :)17:37
bobgok cool17:37
Guest26989how do ip show the ip addresses 24.249.66.129 - 24.249.66.142 in the format 24.249.166.129/143?17:38
bobgI have always been fuzy on the role of kerberos in relation to samba / windows pdc / radius17:39
bobgGuest26989: in what context?17:39
Guest26989I have the following static ip address and need to put them into the mynetworks section in postfix and need the correct way to do that.17:39
Guest26989Sorry these are the ips 24.249.66.129 - 24.249.66.14217:40
bobgoh i see17:40
bobgif my math is right, thats a range of 12 ips so it can't be expressed as one range17:41
clustybobg, i did just the posix stuff17:42
Sam-I-Ambobg: single-sign-on for unixy hosts... doesnt do crap with windows nt-style domains... but will with samba417:42
clustybobg, i found a lot of howto's that tell you how to install both smb and posix17:42
Guest26989I the gateway is 24.249.166.129 and my range is 138/14217:42
Guest26989I only have 5 static ips. Netmask is 255.255.255.24017:43
Sam-I-Amthe openldap server guide tells you how to do posix and samba17:43
bobgGuest26989: /30 indicates 4 ip adresses, of which 2 of them are usable.  /29 indicates 8 ip addresses of which 6 are usable17:45
Guest26989My usable addresses according to cox communications is 138 - 142.17:46
Guest26989Does my configuration say I have 6 usable17:47
Guest26989The broadcast according to cox is 24.249.166.14317:48
bobgGuest26989: 138 does not fall on an even  boundary  -- does the config option support a syntax to list a set of ips individually? without doing a range syntax17:48
Guest26989bobg Let me look17:49
bobgyes, 24.249.166.143 can be a braoadcast address (its on the right boundary)17:49
Guest26989_bobg This is the line in my postfix main.cf17:50
Guest26989mynetworks = 127.0.0.0/8 [::ffff:127.0.0.0]/104 [::1]/12817:50
Guest26989I am a noobie to linux and trying hard to learn it.17:50
bobg24.249.166.140/30 is a 4 ip address block (two useable) with that broadcast IP) and 24.249.166.136/29 is a 8 ip block (6 usable) with that broadcast IP)17:50
Guest26989_bobg Thanks much, I will try that one.17:51
bobgthe reason the 'usable' is always two less is that the first ip is the (sub)network address and the last is the broadcast address17:51
bobgGuest26989: glad I could help - good luck17:51
Guest26989Thank you very much.17:52
kboihello channel18:42
uvirtbotNew bug: #422138 in apache2 (main) "Slow memory leak, seen on two machines, appears to be dupe of 224945 even after -updates" [Undecided,New] https://launchpad.net/bugs/42213818:50
=== kirkland` is now known as kirkland
ScottKmathiaz: Someone from the server team might want to talk with the Full Circle magazine people.  I understand their latest edition has a nice story on using webmin on Ubuntu.21:56
mathiazScottK: hm - good point.21:56
Nafalloo\21:56
Sam-I-Ami havent seen this on karmic server yet, but have any of you guys gotten really weird errors from su and sudo on desktop karmic?22:06
Sam-I-Amlike... they're unusable22:06
Sam-I-Amlooks like something is getting in the way near the kernel level... almost like apparmor, but i already ditched that22:06
Sam-I-Amerrors like... setgid operation not permitted22:07
ScottKSam-I-Am: Sounds like policykit integration and it's not relevant to -server.22:08
Sam-I-Amhmmm22:08
Sam-I-Amcould be... thats a new one to me22:09
Sam-I-Amwhy do people insist on using this crap22:09
Sam-I-Amits more irritating than anything22:09
Sam-I-Amlike apparmor22:09
keesSam-I-Am: what are the errors?22:14
Sam-I-Amsudo says "setreuid(ROOT_UID, user_uid): Operation not permitted"22:14
Sam-I-Amsu says "setgid: Operation not permitted"22:14
Sam-I-Amwhich is even before theyd get to their usual error messages if i wasnt in sudoers or didnt know the root password22:15
VirtualDisasterScottK, i dont like webmin tbch22:15
VirtualDisasterneeds to be redone from scratch22:15
VirtualDisastermore simpler22:15
ScottKVirtualDisaster: As a team we don't think much of it here.22:15
VirtualDisasteroic22:15
VirtualDisasteri really feel someone (maybe me) needs to make a SIMPLER web management UI22:16
VirtualDisasterlike advanced items that require CLI need to be done via CLI22:16
VirtualDisasterstop trying to hide the OS from the admin/user22:16
VirtualDisasterppl need to be aware of what they are using/doing/etc22:16
VirtualDisasterand be familiar w/ the required tasks22:16
VirtualDisastertoo much "slap ohhh shiney" on it22:17
VirtualDisasteris what it seems to be today22:17
VirtualDisasterp*sses me off when I show client Ubuntu and their like "Windows 7 has that too"22:17
VirtualDisasterwell guess what we had it before they did ...!!!!!22:17

Generated by irclog2html.py 2.7 by Marius Gedminas - find it at mg.pov.lt!