/srv/irclogs.ubuntu.com/2009/09/01/#ubuntu-server.txt

Claw6do i need a DNS running if i want to connect to a vhost? vhost ist X.X.X.1 and client is X.X.X.200:01
Claw6i need some information how that vhost thing works00:01
Chriz2how do i get make?00:06
Chriz2can someone give me their sources.list?00:12
howieIs there a good chat server in the ubuntu apt database?00:54
howieweb based00:54
howieuser ..00:54
Chriz2howie, unrealircd :D01:05
Chriz2and setup something like pjirc...01:05
howiecool ill check it out ty01:06
howieChriz2: ya im not finding it in the repository01:41
jmarsdenhowie: Do something like apt-cache search "irc server" and pick one of those that meets your needs.02:23
howiewill an irc server work as a website chat program?02:23
jmarsdenNot without a lot of work02:25
jmarsdenI didn't realize you were looking for web chat.  For web chat, try any CMS platform and look for its chat module... Django maybe?02:28
lamontScottK: have I mentioned how much pain it is when he revs 4 stable versions?02:28
jmarsdenlamont: Wrong channel?02:28
ScottKlamont: I thought the wonder of Git made it all easy.02:28
ScottKjmarsden: Not at all.02:28
lamontjmarsden: nah - just context free02:29
jmarsdenAh, OK...02:29
lamontScottK: it's more the iterations02:29
ScottKNot free, just well detached.02:29
ScottKjmarsden: Context is in the scrollback it you care.02:29
ScottKit/if02:29
Chriz2anyone around that can lend a hand with apache?, it keeps saying permission denied =\02:30
Chriz2Forbidden02:30
Chriz2You don't have permission to access / on this server.02:30
jmarsdenChriz2: How did you install it, and what did you do after installing it to configure it?02:31
Chriz2jmarsden, i changed the root dir to my local home dir (i just prefer it i suppose...), and added suphp, i disabled suphp and i still get this problem02:31
jmarsdenChriz2: Undo your change and learn how to configure virtual hosts so you can set one up for your home dir (if you really must).02:32
Chriz2jmarsden, well the domain (only one...) is in my home dir :D02:33
Chriz2i changed 000-default02:33
Chriz2ive done this before just this time its being a **** lol02:34
jmarsdenWell, what are the perms on your home dir?  0755 ?02:35
Chriz2i tried 777, 755, 700, etc02:35
Chriz2like wise with public_html02:35
jmarsdenIf you had left things alone, public_html is for  http://example.com/~username/02:36
Chriz2jmarsden, i know and i was getting the same problem i am now even doing ip/~chr183102:37
jmarsdenMight be best to apt-get purge apache2 and then reinstall, then see if it works unmodified... then go forward (more carefully) from there.02:38
lamontScottK: context is what, 2 days ago?02:59
ScottKlamont: Roughly.02:59
lamontwow.  I never did 2.6.4, eh?03:00
ScottKWe just handle disjointness better than most.03:00
ScottKIIRC from the release announcement it was never announced.03:00
ScottK... 2.6.5 ...03:00
lamontyah - scraping the bts for trivials now03:01
lamontScottK: any thoughts on 504027?03:01
lamontand 52883903:02
lamont307186 is just funny03:03
ScottK504027 conceptually makes sense except for the part about updating the chroot seems a bit of a corner case.03:04
* ScottK has to run.03:05
ScottKWill look in again later.03:05
lamontta03:06
CrawfordComeauxis there any reason why I shouldn't install enterprise cloud on desktop instead of server?03:11
CrawfordComeauxit's purely for testing right now, not production03:11
jmarsdenWell... the cloud virtual machines won't have screens on them.  Desktop installs X and expects a GUI; server does not.  So you could try it, but why would you prefer a desktop installation in the cloud anyway?03:30
jmarsdenSee https://help.ubuntu.com/community/ServerFaq#What%27s%20the%20difference%20between%20desktop%20and%20server?03:31
lamontScottK: E: postfix: python-script-but-no-python-dep ./usr/sbin/postfix-add-filter03:34
lamontpls to be providing a patch. kthx03:34
lamontScottK: 2.6.5-1 uploaded to debian.. you wanna request the sync?  if not, I'll do it tomorrow or wednesday03:34
CrawfordComeauxI'm just testing cloud implementations on my laptop to explore the differences before putting anything into production03:38
jmarsdenAh, sorry I read that backwards... you can install the server or cloud editions onto a desktop PC, sure.03:39
uvirtbotNew bug: #414507 in dhcp3 (main) "broken AppArmor profile " [Undecided,New] https://launchpad.net/bugs/41450704:56
wfiuewfewHi---I am wondering if Ubuntu server automounts usb hard drives05:46
jmarsdenwfiuewfew: It should automount them, just as Ubuntu Desktop does, yes.06:05
jmarsdenIt's not something most servers have high on their list of requirements, but it should work fine :)06:05
wfiuewfewjmarsden: Thanks, what about internal hard drives?06:06
jmarsdenUbuntu Server is just Ubuntu Desktop with no GUI and a server-optimized kernel... it works fine with internal hard drives, as you'd expect.06:06
jmarsdenSee https://help.ubuntu.com/community/ServerFaq#What%27s%20the%20difference%20between%20desktop%20and%20server?06:07
jmarsdenIf you need to know exactly what it does, check /lib/udev/rules.d/60-persistent-storage.rules for the gory details.06:10
jmarsdenYou can alter that behaviour by copying the file to /etc/udev/rules.d/ or creating your own config file in there.06:12
qman__ubuntu server does not automount drives, but it does autodetect and assign a device name06:18
qman__which you can then use to mount the drive06:18
jmarsdenIf that's the case, I suspect autofs could easily be configured to mount them on demand, or udev rules written to do it.  One way or another the capability is there, even if it isn't enabled by default.06:34
qman__you might be able to, but that functionality is provided by gnome/KDE in the desktop versions of ubuntu06:35
qman__it's high level and is actually undesirable in many server situations06:35
qman__however, configuring your fstab or creating a script yourself is a fine way to handle it06:36
jmarsdenOK... that would explain it... though why an automounter is seen as being part of a GUI is an interesting question.  fstab and scripts are fine, but not fully automatic.  And yes, people running around plugging USB hard drives into machines in our server room would generally be considered "undesirable", too :)06:40
qman__well, besides the security concerns06:42
qman__automounting a failing device could cause a crash06:42
qman__and an automounter is fairly unnecessary and a waste of resources in most server environments06:43
qman__it's also undesirable for RAID devices, since you need to mount them in a particular way06:43
CppIsWeirddoes fdisk -l list raid5 volumes?07:35
jmarsdenIt lists partitions.  Partitions with type 0xFD are (I think) ones use to create software RAID volumes in Linux.07:41
CppIsWeirdhmm, lets try something shorter, (yes/no)?07:42
CppIsWeird:P07:42
jmarsdenDefine what you mean by "RAID5 volume" if you need that sort of brevity of response.07:43
jmarsdenIt knows nothing about RAID, so of course it can't know that the 3 or 4 or 5 partitions underlying a given RAID volume are somehow related and show you one RAID5 volume.07:44
jmarsdenIt can and will display the partitions, as being of type 0xFD07:44
jmarsdenIf in doubt, try it out :)07:44
CppIsWeirdbasically i have a raid 5 set up on a computer and i'm trying to find its volume so that i can mount it. how do i find this? it does not appear using fdisk -l or df.07:46
jmarsden"Find its volume"?  What do you mean?  Is this Software RAID5, or is a hardware RAID controller involved?07:47
CppIsWeirdim looking for the device representation that is assigned to the raid 5. software raid 5 using mdadm.07:48
jmarsdenOK, what does   cat /proc/mdstat     output?07:49
CppIsWeirdthats it, thanks. :D07:49
Barrei'm trying to use bonnie++, but a lot of the ouput i just a bunch of +++++, what parameters do I need to feed to bonnie++ to do all tests?08:08
spiekeyHello!08:13
spiekeyhow can i turn off the blank console screensaver?08:13
spiekeyi have a ILO and when the server crashed i only see a black screen.08:14
Barrespiekey: i think its: setterm -blank 008:20
spiekeyBarre: thanks08:21
spiekeycan i check it somehow, too? If it was set correctly?08:22
macrocosmis it normal to have the mysql packages not authenticate when doing apt-get update/upgrade? im on ubuntu-server 8.10 ... getting this warning08:31
macrocosmWARNING: The following packages cannot be authenticated!08:31
macrocosm  mysql-common mysql-server libmysqlclient16 mysql-client-5.1 mysql-server-5.108:31
jmarsdenBarre: How long did you let bonnie++ run for?  The default should be to run all the tests, but they do take a while.08:33
macrocosmonly thing I added to my sources list from the start is deb http://packages.dotdeb.org stable all   &   deb-src http://packages.dotdeb.org stable all which I added for some gd stuff .. do you think that could be mucking up my mysql?  Or should I disregard the warning?08:37
jmarsdenmacrocosm: I'd guess you picked up mysql 5.1 stuff from there and not from real official Ubuntu repositories.08:38
macrocosmno .. that was installed already .. or do you mean its trying to go there now?08:38
jmarsdenIt seems to be trying to update the packages it lists... I'm guessing they are from there.08:39
Barrejmarsden: I just did a "RTFM", and learned that the ++++ indecates that the tests completed to fast. I should use the -n paramter to specify more files for the metadata tests.. thanks for the input though :)08:39
macrocosmhmm .. strange .. guess I could just comment those sources out, but that seems a bit antithetical and I need the gd stuff... is dotdeb.org considered pretty safe?08:40
jmarsdenOK.  Nice when things happen "too fast", usually it's the other way around and hardware is "too slow" :)08:40
Barretrue08:41
macrocosmYeah ... that was it .. updates went clean .. guess I need a better source for the gd extras .. lol it tried to take over!09:00
macrocosmugh .. apparently the last time I updated a while back ... it changed my php to the dotdeb version which screwed up my pecl and other things cause it didnt update or remove my /usr/bin/php-config to its php-config5 ... ive looked around but cant find a way to go back to the ubuntu version of php without loosing my stuff.  Anyone have any ideas on what I should do?09:36
macrocosmnevermind all that .. just going to revert to before the update ... lol10:02
acalvohi10:40
acalvoI'm trying to configure a samba server which allows anonymous access to a share10:41
acalvoseems so easy10:41
acalvobut I cannot see the share10:41
acalvonor access directly10:41
acalvook, done, was a DNS realted problem10:45
smulcahy hi, i'm having problems getting the forcedeth module to use options at boot-time (using 8.10). I've put them in /etc/modprobe.d/options but they seem to get ignored.12:12
smulcahyhas this changed in ubuntu 8.10 server edition or am I missing something?12:13
smulcahyThe docs seem to suggest this is the right place to put them12:13
stefan___y13:41
ScottKlamont: The solution to the homework problem you gave me is just to add python to the postfix depends.  Any objection if I just upload it to Ubuntu?14:23
twbpostfix depends on python now?14:24
ScottKThere's some helper scripts I wrote that are in Python.14:25
ScottKEvery Ubuntu install has Python in it anyway, so it doesn't actually add anything.14:25
lamontScottK: I'll go ahead and roll it, I expect14:27
lamontit's not like it hasn't been broken that way for months14:27
lamontbut thanks14:27
ScottKlamont: I can just hit dput and save the trouble of the sync bug.14:28
lamontand meh.  I'll look at where it gets used, and maybe just make it a recommends.14:28
lamontheh.  whatevah14:28
lamontdoes recommends fix it?14:28
lamontas in shut  lintian up>14:28
* ScottK will check14:28
ScottKlamont: Recommends is sufficient to make lintian happy.14:40
* ScottK will upload it that way since my scripts are the only use of Python in the package.14:40
Psi-Jack_Just out of curiosity, will ubuntu actually make use of onboard fakeraid, allowing it to use the raid stripes, instead of the actual hdd's directly?14:43
* ScottK considers lamont's "whateveh" and uploads.14:44
lamontta14:45
ScottKDone.14:46
ScottKIf I'm offline when slangasek comes looking for me, "It was a bug fix only update." is my answer.14:46
fnkyhi, can anybody give me the name of the virtual package (or list of packages) I'd need in order to get sound (alsa/pulseaudio) working on ubuntu server?14:55
Psi-Jack_On a server?14:55
fnkyyes14:55
Psi-Jack_First of all, you don't want pulseaudio. That's not good for a server, as it's alpha/beta quality at best.14:56
fnkyyeah, I've noticed on my desktop :/14:56
Psi-Jack_Second, all you'd need is alsa at the /most/ which is /the/ kernel sound system.14:56
Psi-Jack_apt-cache search alsa14:56
fnkyit seems that's what jaunty uses from what I can tell though14:56
fnkyah14:56
Psi-Jack_Yeah, most distributions come with pulseaudio these days. It's always the first piece of crap I remove.14:57
twbPsi-Jack_: I remove NM before that14:57
fnkyit's been flaky as hell on my notebook14:57
fnkyI read the new nokia phone is going to use it14:57
Psi-Jack_I never use NM, so, it's never setup to be used in the first place14:57
Psi-Jack_Oh Lovely!14:57
fnkykind of wondering how that's going to work out since that's pretty much its primary function14:57
Psi-Jack_A phone with a really bad sound mixing engine! Great!14:57
Sam-I-Ammeh @ #ubuntu15:02
Sam-I-Amtoo busy...15:02
Sam-I-Amstill cant solve my su/sudo blockage problem15:02
giovaniblockage?15:03
Sam-I-Amyeah15:04
Sam-I-Amsudo: setreuid(ROOT_UID, user_uid): Operation not permitted15:04
Sam-I-Ambefore it even gets a chance to look at the sudoers file15:04
Sam-I-Amas root it works, but thats kinda useless15:04
Sam-I-Amits supposed to read the sudoers from ldap15:04
twbSam-I-Am: ask #openldap?15:06
Sam-I-Amthis is not an ldap problem15:06
Sam-I-Amthis is something in ubuntu blocking system calls15:07
twbSam-I-Am: apparmor?15:07
Sam-I-Amlike polkit15:07
Sam-I-Amremoved apparmor completely15:07
Sam-I-Amfirst thing i do15:07
Sam-I-Amthis isnt -server, its the desktop ver...15:07
ahasenackSam-I-Am: can you paste a complete session?15:07
Sam-I-Amfigure i hang out enough in here maybe someone'd know15:07
jdstrandSam-I-Am: please file a bug15:07
ahasenackSam-I-Am: you can also try to enable debug in sudo's ldap support, it's just a config line15:08
Sam-I-Amyeah i did15:08
jdstrandSam-I-Am: you'll get more dev involvement15:08
jdstrandok cool15:08
Sam-I-Amthe kernel wont even let sudo get to where it reads from ldap15:08
Sam-I-Amits completely blocked15:08
ahasenackSam-I-Am: is sudo still suid root?15:08
Sam-I-Amif i'm root i can see it contacting ldap...15:08
Sam-I-Amues15:08
=== dendrobates_ is now known as dendrobates
Sam-I-Amthis is a standard install of karmic... replaced sudo with sudo-ldap15:08
jdstrandSam-I-Am: this doesn't sound like a default protection mechanism in Ubuntu, but rather a bug15:08
Sam-I-Ameven running 'su' it blocked15:09
twbSam-I-Am: I'm assuming you've read the logs15:09
Sam-I-Amyeah15:09
Sam-I-Amsu says this... setgid: Operation not permitted15:09
Sam-I-Amafter i enter my password15:09
Sam-I-Ami've been deploying all -server until now, so thats why this hasnt come up... i dont think its ever been an issue on -server15:09
twbSam-I-Am: shoud just use windows on the desktop ;-)15:10
ahasenackSam-I-Am: is it still suid root? Is the filesystem mounted in such a way that the suid bit is honored, i.e., not disabled with "nosuid" mount option?15:10
Sam-I-Amtwb: ha15:10
Sam-I-Amthe root fs is not nosuid15:10
Sam-I-Amsome of the others are, but they're temp places and whatnot15:11
Sam-I-Amsu is suid root15:11
Sam-I-Amdoes anyone know if polkit could do stuff like this?15:11
Sam-I-Amits not in -server ..15:11
ahasenackperhaps capabilities15:12
ahasenackyou could try ps fauxwZ15:12
ahasenacksee if anything is restricted15:12
ahasenackdo you see a "+" symbol next to the sudo binary permissions listing in ls -la?15:12
Sam-I-Amnope15:13
ahasenackwell, karmic, I'm just guessing now, I don't know what they are doing15:13
Sam-I-Am-rwsr-xr-x 2 root root 140440 2009-06-22 10:14 /usr/bin/sudo15:13
Psi-Jack_Just out of curiosity, will ubuntu actually make use of onboard fakeraid, allowing it to use the raid stripes, instead of the actual hdd's directly?15:13
Psi-Jack_I'm curious cause I'm thinking the onboard raid would be a little bit faster than using mdadm softraid directly.15:13
Sam-I-Ami'm going to re-install regular sudo... not sudo-ldap... see if it works that way15:13
ahasenackSam-I-Am: yeah, I was going to ask if regular sudo worked15:14
PhotoJimPsi-Jack_: it depends on the fakeraid chipset, but I see little advantage to using hardware fakeraid when Linux softraid works so well and performs just as well.  and if the controller dies, you still have options to rescue the data.15:15
* ahasenack would also prefer softraid15:16
Sam-I-Amahasenack: hmm, nope15:16
Psi-Jack_Hmmm. I see. Well, that's partly why I'd layer on top of it, LVM, so I could do lvm snapshots.15:16
Sam-I-Amlemmie try as a local user vs. ssh15:16
ahasenackSam-I-Am: did you change stuff in your pam config?15:17
Sam-I-Amyes, to get ldap working15:17
ahasenackSam-I-Am: sudo-ldap doesn't need pam changes iirc, just nss_ldap15:17
ahasenackhmm, maybe for account15:17
Sam-I-Amyup15:17
Sam-I-Amit shouldnt...15:17
Sam-I-Amjust nss stuff15:17
ahasenackSam-I-Am: so regular sudo is not working either?15:18
Sam-I-Ami have this working fine on ubuntu server boxes... they're ldap auth, sudo, autofs, and kerberos clients with no issues.15:18
Sam-I-Ameven karmic.15:18
Sam-I-Amahasenack: nope... su doesnt work either... and i did enable the root account by adding a password to it15:18
ahasenackSam-I-Am: so something is wrong with your pam setup it seems15:18
ahasenackSam-I-Am: can regular users read /etc/ldap.conf?15:19
ahasenackSam-I-Am: er, make that whatever ubuntu decided to call nss_ldap's ldap.conf15:19
Sam-I-Amyeah, /etc/ldap.conf ... readable15:19
ahasenackSam-I-Am: no specific user needed to bind to the ldap server?15:19
Sam-I-Amnope15:19
ahasenackSam-I-Am: does getent passwd list the ldap users?15:20
Sam-I-Amyup15:20
Sam-I-Ami can log in as an ldap user just fine15:20
Sam-I-Ammy home dir mounts with autofs/nfs15:20
Sam-I-Ami just cant su or sudo... unless i'm root15:20
VirtualDisasterSam-I-Am, edited /etc/suders ?15:21
Sam-I-Amkerberos was acting stupid too... host/service keys didnt seem to work... but i havent looked at that yet15:21
Sam-I-AmVirtualDisaster: yeah, it ignores my entries15:21
VirtualDisasterhmm odd15:21
Sam-I-Amthe output from running sudo almost seems like it can't even get far enough to read /etc/sudoers15:21
VirtualDisasterSam-I-Am, ironic part is that it works w/ likewise ...15:21
ahasenackSam-I-Am: is /etc/passwd 0644?15:22
ahasenackSam-I-Am: and, about the getent, does it work for a regular user?15:22
ahasenackSam-I-Am: try making a copy of ls and make it suid root, see if a regular user can run it15:22
Sam-I-Amyeah getent works for all users15:23
Sam-I-Amone sec..15:23
Sam-I-Amls seems to work both ways15:27
Sam-I-Amjust for fun, i'll change the pam config back to defaults15:30
ScottKmathiaz or whoever is doing the Alpha 5 release notes: You can put updated Postfix to 2.6.5 on the list of new stuff.15:30
Sam-I-Amahasenack: so... su definitely knows when i enter the root password wrong... it dies with the correct error.  when i enter it correctly, thats when i get the setgid error15:34
Sam-I-Amwell, its an nsswitch thing15:37
Sam-I-Amputting that file back made sudo/su work again15:37
Sam-I-Amas soon as i put 'ldap' for passwd it breaks15:38
Sam-I-Amreturning it to 'files' or 'compat' works fine15:39
Sam-I-Amlets see if sudo-ldap works15:39
Psi-Jack_compat is actually usually better anyway.15:39
Sam-I-Amwell, yeah, but that doesnt do ldap15:40
Sam-I-Ami usually do 'ldap compat'15:40
Psi-Jack_Hmm15:40
Sam-I-Amsudo-ldap works fine15:40
Psi-Jack_I dunno. I just simply use NIS these days.15:40
Sam-I-Amwell, at least it tries looking at ldap15:40
Psi-Jack_heh15:40
Sam-I-Amnis is evil15:40
Psi-Jack_It works, and works well, though.15:41
twbBut at least it's an easy evil15:41
uvirtbotNew bug: #420729 in squid (main) "squid stable permissions problems with log files" [Low,Incomplete] https://launchpad.net/bugs/42072915:41
Sam-I-Ami guess... its also insecure and unsupported.15:41
Psi-Jack_I just hate how netgroups work in nis.15:41
Psi-Jack_Sam-I-Am, How is it insecure? :p15:41
Sam-I-Amthis isnt an ldap problem though15:41
twbPsi-Jack_: are you serious?15:41
Psi-Jack_Yes, I'm serious.15:41
Sam-I-Amthis is something broken in ubuntu15:41
twbPsi-Jack_: NIS allows any user on any machine to get passwords protected by only crypt (or at best, md5)15:42
twbPsi-Jack_: it also allows root on ANY machine on the network to get the privileges of any user, even with root_squash in place15:42
Psi-Jack_Really? All my passwords are encrypted by blowfish algorithm, in NIS.15:42
Psi-Jack_twb, As for root, that's normal, anyway. root can pretty much do as he pleases.15:43
twbPsi-Jack_: but root on a contractor's laptop should not be able to read files belonging to the CEO on the fileserver15:43
Psi-Jack_Hmmm.15:43
Psi-Jack_So, basically, NIS on laptops, is bad?15:43
Psi-Jack_Root's not in my NIS database, just uid's > 100015:44
Psi-Jack_>=15:44
twbroot doesn't need to be.15:44
Psi-Jack_And besides.15:44
Psi-Jack_With a proper firewall setup, it's secured. My NIS server is open to my network, but not to my guest subnet, which is where laptops live.15:45
twbFair enough15:45
twbIf you ultimately trust root on every NIS client, then that problem goes away15:45
* Psi-Jack_ nods.15:45
Psi-Jack_Presisely. ;)15:45
Psi-Jack_Though admittedly.15:45
Psi-Jack_I would prefer an ldap method overall, but it's such a bitch to setup /and/ maintain. Especially when even the ubuntu ldap docs are incomplete.15:46
twbPsi-Jack_: exactly15:46
Sam-I-Amits really not bad to set up15:46
twbSam-I-Am: yeah, it is15:46
twbSam-I-Am: compared to NIS, which is turnkey for both server and client side15:47
garymcHi if i make changes in php.ini do i need to restart httpd or something?15:47
Psi-Jack_Sam-I-Am, Yes, it is, especially since between openldap 2.0, what I last used, and 2.4, are so different.15:47
twbldap-auth-config is pretty good for the client side of LDAP, but the server side is a ridiculous pain in the arse.15:47
Sam-I-Amwell, yeah15:47
Sam-I-Amthings progress over time15:47
Psi-Jack_Sam-I-Am, And the ubuntu ldap docs, are incomplete, majorly.15:47
Psi-Jack_It gets down to the ldaputils stuff, and they don't even work because the packages themselves are broken.15:48
twbFor example, if you want password aging to work, you apparently have to turn on the ppolicy stuff, or give root binddn to root on every client.15:48
Psi-Jack_They keep trying to use SASL even though SASL isn't even used.15:48
twbAnd of course ppolicy + exop is COMPLETELY DIFFERENT to the documented RFC 2307 password aging attributes.15:48
Sam-I-Amppolicy is fine... it works15:49
twb(Oh, and if you're doing it the raw RFC 2307 way, and forget to give the rootbindpw to the LDAP client, it will silently allow expired passwords.)15:49
twbSam-I-Am: yes, it's fine, but it's not turnkey.15:49
Sam-I-Amtheres a reason sun deprecated NIS years ago15:49
twbSam-I-Am: I noticed that the post-LTS releases actually documented some of it.15:49
Sam-I-Ameven nis+15:49
twbSam-I-Am: I don't dispute that15:50
Sam-I-Amits old, insecure, and broken15:50
twbMy only point is that compared to NIS, setting up LDAP is a chore.15:50
Sam-I-Ammaybe i've just done it too often...15:50
twbI wouldn't even have known ppolicy existed if I hadn't been talking to upstream on #openldap; IIRC it isn't mentioned at all in the LTS Ubuntu server guide.15:51
Sam-I-Amldap isnt easy at first, but it gets much better15:51
Psi-Jack_heh15:52
Psi-Jack_Sam-I-Am, So, can you look at the 9.04 ldap docs, and correct it? ;)15:52
Sam-I-Ami think the ubuntu guides need a bit of work... i have a ton of docs here at work i wrote for building redundant ldap servers from the ground up with ppolicy, sudo, autofs, etc... trying to get them integrated15:52
Psi-Jack_Or send me your docs? ;)15:52
Sam-I-Amhowever, one thing about ldap and all the ancillary stuff... no one way satisfies everyones needs :/15:53
Sam-I-AmPsi-Jack_: yeah... i can15:53
Psi-Jack_Cool! Email me them to erenfro@gmail.com I'd be greatly appreciative. ;)15:53
Sam-I-Amthey just need to be sanitized to remove employer-specific stuff15:53
Psi-Jack_Sometime soon, I'm going to try to convince my employers to let me setup ldap, so we can add one user, once, instead of on EACH server.15:53
twbPsi-Jack_: except if you need, say, squid to talk to LDAP securely :-(15:54
Psi-Jack_No, I don't.15:54
Psi-Jack_I just need it for system authentication primarily.15:54
Psi-Jack_I'll be SURE to use it at my home network of ~20 systems, but at work, it'll be for about ~14 dedicated servers.15:55
twbWe have a *really* exciting way to update squid's digest password database, instead of setting up samba as a PDC purely to be a LDAP<-->squid bridge...15:55
Psi-Jack_Samba inegration would be useful too. ;)15:55
Psi-Jack_Both at home, and work, since we annoyingly have a few Windows servers coming in from a company we now own. ;)15:56
Sam-I-Ammy docs have samba too15:56
Sam-I-Amand heimdal kerberos15:56
Sam-I-Amits all there :)15:56
Psi-Jack_Perfect.15:56
Psi-Jack_That's the exact setup I wanted.15:56
Sam-I-Amyou'll need to tweak stuff for your needs...15:56
Psi-Jack_Of course.15:56
Sam-I-Amand i cant provide the exact ldifs15:56
Psi-Jack_I know the ldap-migration tools stuff enough to generate the initial base structure.15:57
Sam-I-Ami just start from scratch with a base ldif15:57
Sam-I-Amkeeps the junk out15:57
Sam-I-Ambbiab..15:57
Psi-Jack_Yeah.15:58
Psi-Jack_I trim the fat, easily and quickly15:58
mathiazkirkland: https://wiki.ubuntu.com/ServerTeam/Membership17:04
uvirtbotNew bug: #422177 in nut (universe) "nut init isn't functional at all " [Undecided,New] https://launchpad.net/bugs/42217717:41
quantumcan anyone help me with a reverse DNS issue. client machines "nslookup" can't find server name address17:53
quantumposted reverse DNS on http://pastebin.ca/155049817:53
sorenquantum: What exactly are you trying? Can you post nslookup output?18:26
=== xikteny_ is now known as xikteny
Sam-I-Amhmm, i think sudo-ldap's binding to gnutls in karmic is bad.18:36
* mneptok arrives unclad like a radiant dawn19:15
Bellotoanyone knows howto change the bluetooth device name of my server from command line? (i.e. the name my telephone sees when searching for bluetooth devices) ... is there a way to change it NOT changing the computer host name?19:40
giovaniBelloto: you'll probably get better support in #ubuntu -- as bluetooth isn't a typical server service (and arguably shouldn't be)19:41
giovanibut a 2 second google returned the answer19:41
giovanidevice { name "Your Name Here"; } in hcid.conf19:42
giovaniit seems you can also use %h and %d in there for hostname and deviceid, respectively19:42
Bellotocurrently I see "ubuntu-0" as my server bluetooth name ... you mean I should change %h and %d by "Belloto", for example?19:45
giovaniBelloto: no, I mean you should do exactly what I wrote19:45
giovaniand %h and %d can be used inside of that string to expand -- this is all documented19:46
giovanihow is this #ubuntu-server related?19:46
Bellotothanks giovani, can you pass me that url?19:46
giovanithere's no url19:46
giovaniplease READ what I wrote here19:47
Belloto"server related"? well, this is an image http server which is gonna send some photos by bluetooth to people passing nearby computer center19:47
giovanibluetooth just isn't a server service ... but, fine -- I've done the research and provided the answer19:47
Bellotoimages come from people that send them to server by bluetooth19:47
giovaniit's documented in the config19:47
giovaniso I'd recommend you read it19:48
guntbertBelloto: it seems that the comment #local device name means just what you want, but it does'nt hurt to try anyway :-)19:49
BellotoI was just asking what did your google search look like ... thats what I meant asking you for the url ... but dont wanna bother you, thanks man19:49
Bellotoof course I googled before entering her19:50
giovaniBelloto: my first (and only google search) was "bluetooth linux name"19:50
giovanithe very first result19:50
giovaniis a commented config file on gentoo's wiki19:50
giovaniexplaining exactly how to do it19:50
giovanithe 2nd result is the manpage for the config19:51
giovaniand the 3rd is a blog post explaining how to do it again19:51
giovanior rather, the 3rd is how to manually change your deviceid19:51
giovaninot the name19:51
firecrotch!google | giovani19:54
ubottugiovani: While Google is useful for helpers, many newer users don't have the google-fu yet. Please don't tell people to "google it" when they ask a question.19:54
giovanifirecrotch: I didn't, please don't forward incorrect information to me like that19:55
giovaniI provided him with the answer, and pointed him to the config19:55
giovanihe didn't seem happy with being handed the answer19:56
firecrotchgiovani: You're coming across as an elitist jackass though while doing it19:56
erewnohsorry to bother, but will ubuntu server be good to use as a proxy/file server for a home network?19:56
firecrotchif that wasn't your intent, then I apologize19:56
giovanifirecrotch: I don't see how your opinion relates to sending me some notice about "telling users to google"19:57
erewnohI plan on streaming video to my PS3, about to return home from Iraq, angry to find out Hulu has blocked PS319:57
giovaniwhen that clearly wasn't my first response -- I only went into detail about google after he explicitly asked about it19:57
giovanierewnoh: an ubuntu server can definitely do all of that19:57
firecrotch"I found it in 2 seconds with google"19:57
giovanifirecrotch: that's relevant, imo19:57
giovaniif it's a 10-minute google hunt, I'm not likely to mention it19:58
giovanibut it's insanely well documented19:58
erewnohsweet. I know this probably isn't the room, but could you go over hardware I'd need? plan on purchasing it all and having it sent home, want to make sure I buy the right things19:58
erewnohmy internet is very slow otherwise I'd plug away on google. as it is, I'd rather rip my fingernails out19:58
giovanierewnoh: hardware for what exactly?  I'm not sure what you're asking19:58
firecrotchgiovani: let's just drop it, this isn't really the place for this conversation, regardless19:58
erewnohfor a home network / server setup19:59
giovanierewnoh: I don't know what kind of answer you want ... I definitely can't build a server for you over irc19:59
giovaninearly any hardware will do -- if you're looking to buy a computer to run linux, it's best to google around and make sure everything you'll be using is supported, but beyond that, there isn't a simple answer I (or anybody else) can provide on what to buy20:00
giovanimost people I know would use an old desktop you have laying around, or a friend's machine, etc20:00
erewnohno no, don't need the server built. the way I have it set up now is all my game consoles are behind a hub connected to my router. All computers connect directly to the router. can I just plug the server into the router and set all other systems to proxy through it or do I need more?20:01
giovanierewnoh: you specifically want to proxy hulu traffic? I don't know what protocol hulu uses20:01
giovanithere shouldn't be any special hardware needed for the project -- but, the software side could be complex20:02
erewnohfrom what I read I just need to rip out the ps3 specific header? I want to proxy it all though, use as a firewall20:02
giovaniok, a firewall and an application proxy aren't at all the same thing20:02
giovaniif it's an HTTP header, then you need an HTTP proxy20:02
giovaniif it's some weird video streaming protocol header, then you may or may not be able to find software to proxy it, and strip out that header20:03
giovaniyou'd need to do some research on how exactly other people have done this (it sounds like you've already found some)20:03
erewnohah, I must have read it wrong then, sorry to bother. Looked at squid and thought it could do all20:04
giovanisquid may very well be able to do it all20:04
giovaniI'm saying that I don't know what protocol hulu is using for their streaming -- so you should look into it20:04
erewnohi'll keep plugging away. appreciate the help, also nice to know don't need to spend a lot of money to get it set up20:04
erewnohwill do, thanks giovani20:05
firecrotcherewnoh: I believe that hulu uses the RTMP protocol20:05
erewnohgoogling20:06
erewnohI apologize, I'm very stupid about all this20:06
giovaniwell the first question is -what- needs to be proxied/modified20:06
firecrotcherewnoh: No need to apologize :)20:06
giovaniif only the HTTP requests need to be, then you don't need another proxy for a media protocol20:06
erewnohthe website I read said the header just needs to be replaced20:07
erewnohso the ps3 looks like it is a desktop20:07
giovaniok -- you need to find out what header they're talking about20:07
erewnohmoment, pulling the site up20:07
erewnohthe user agent string20:07
giovaniok, again :)20:07
giovanimany protocols have user agent strings20:07
giovaniI know many media streaming protocols do, as does HTTP20:08
erewnohwaiting for my bookmark to load, it had the specifics there20:08
erewnohhttp://tinyurl.com/l3s2hn20:09
giovaniok, so, it's the HTTP header you're editing20:10
giovaniand they provide you will full instructions :)20:10
giovanisounds like a good resource if you just want to do this20:10
erewnohyes, I was just more concerned about the server itself20:10
giovaniconcerned about what, specifically?20:11
firecrotcherewnoh: you won't need a very powerful machine to do that at all20:11
erewnohI can just plug it into my router, set it up, and won't need to buy a better switch or anything?20:11
giovaninope20:11
giovaninope to the better switch, that is20:11
erewnohmain concern is someone from tigerdirect tried selling me on a thousand dollar server, a 75 dollar switch, so on20:12
giovaniespecially if hulu doesn't use http for the media streaming20:12
giovanierewnoh: no need for that at all20:12
erewnohalright, appreciate it. military doesn't pay all that way, look to save money where I can20:12
giovaniyeah, I'd definitely try this with an incredibly low-end box20:12
giovaniand see if it performs well enough20:12
giovanii.e. grab some old desktop you almost ditched20:13
erewnohperfect. have an old hp desktop wasting space20:13
firecrotcherewnoh: I would say that a pentium 3 or better would work20:13
erewnohi'm sure when I get home and think of other stuff to do I'll have more questions. really appreciate the help20:14
firecrotcherewnoh: I'll most likely be around, if not here, in #ubuntu-offtopic, feel free to come find me later20:15
erewnohwill do, thanks20:15
firecrotcherewnoh: no problem :)20:16
mortuis99i have used ubuntu desktop for a while and am wanting to try server.  what do i need to know?20:20
giovanimortuis99: ... that it's for servers (or stripped-down desktops)20:20
giovaniit's the same operating system, with a different default set of packages from the ubuntu desktop install20:21
giovaniso, almost nothing is different, other than its target user base20:21
mortuis99is it commandline or gui?20:22
mortuis99i have a PIII machine and it can use 2 CPUs but has just one installed which version do i ise the 32 or 64 bbbbbbit?20:22
giovaniit doesn't provide a gui20:23
giovanimortuis99: pentium 3s are 32-bit20:23
mortuis99is it possible to run with a gui or is it commandline only?20:24
thowlandyou can add a gui later, but if you're doing that you might as well install desktop20:24
giovanimortuis99: if you install a gui, you're not going to be supported by #ubuntu-server -- it's definitely not recommended20:27
mortuis99is their a guide to running it commandline?20:27
giovania guide to what, specifically?20:27
firecrotchmortuis99: what purpose is this computer going to have that you're interested in installing Ubuntu Server Edition?20:28
mortuis99alll i really wanna do is store data like movies and vids for in house use..  can i just use the desktop version?20:28
giovanimortuis99: you can do that from a desktop, yes20:28
firecrotchmortuis99: You can certainly use the desktop version for that20:28
firecrotchmortuis99: for someone who is relatively new to the whole thing, which I assume you are, it may be more efficient for you to use the desktop version20:29
=== Belloto is now known as Bellot
=== Bellot is now known as Belloto
mortuis99kewl thanks again to the UBUNTU community for the great help :-)20:49
Psi-Jack_Wow.20:50
Psi-Jack_Google's having issues.20:50
giovaninoticed that too?20:50
firecrotchPsi-Jack_: What kind of issues?20:50
Psi-Jack_Heh.20:50
Psi-Jack_gmail's completely down.20:50
giovaniyep20:50
Psi-Jack_Someone typed google in google!20:50
mathiazahasenack: hey - if the bzr package branches for smartpm exists, I'd recommend to use them20:51
Psi-Jack_Their IMAP works fine, but not their web interface.20:51
mathiazahasenack: otherwise just add a debdiff20:51
ahasenackmathiaz: I have no idea if they exist. I didn't find them in free's code.launchpad.net listing20:51
ahasenackmathiaz: and I don't know how to generate a debdiff, is a "diff -uNr old/ new/" enough?20:52
mathiazahasenack: https://code.launchpad.net/ubuntu/+source/smart20:53
mathiazahasenack: ^^ doesn't show any packaging branches20:53
mathiazahasenack: https://wiki.ubuntu.com/PackagingGuide/Recipes/Debdiff20:54
mathiazahasenack: ^^ will walk you through preparing a debdiff20:54
ahasenackmathiaz: thanks20:54
mortuis99the motheboard in the server can support up to 8 ultra ATA HDs with 9.04 have any problems with that?20:56
giovanimortuis99: nope ... but that's very rare -- 8 UATA driveS?20:57
mortuis99yeah has 4 connector slots20:58
giovaniok20:59
giovanipresuming the controller is supported by linux, sure20:59
mortuis99THAT is the question20:59
guntbertmortuis99: not a "server answer" but you can of course try it out with the live CD21:00
mortuis99ok21:01
giovanimortuis99: no, the question you asked was if ubuntu would support 8 UATA HDs21:03
giovanimortuis99: we can't help figure out if your server's controller is supported without more information21:03
mortuis99lemme gee MOBO manual21:04
mortuis99the mobo is the ABIT VP621:16
=== mdz_ is now known as mdz
mortuis99im not sure the controller that is on the mobo21:20
giovanineither am I21:23
giovaniI suggest you research a bit on it21:23
giovanishould be relatively easy to find21:23
mortuis99i thin it is the Ultra DMA 100/RAID21:26
mortuis99High Point HPT370 IDE Controller21:26
Psi-Jack_Well now. gmail is /still/ down.21:29
Psi-Jack_That's very long for anything google to be down!21:29
giovaniPsi-Jack_: their emergency outage page shows that they won't have an ETA for an hour21:34
giovaniimap is up though21:34
giovanieveryone smart uses imap21:34
Psi-Jack_Yep. I know, IMAP's working.21:34
Psi-Jack_But, all our CSR team is supposed to be using the web interface, at most. LOL21:36
Psi-Jack_IMAP usage, since we're not QoSing right now, was choking the office bandwidth. ;)21:37
giovaniyou're using gmail for corporate stuff?21:38
giovaniouch21:38
Psi-Jack_Yes. Yes. I /know/ and I've warned them repeatedly, it's NOT a good idea. EVER. ;)21:38
giovaniwhat industry is the company in?21:38
Psi-Jack_They think it's too much work to administer their own mail servers, and I'm like, Dude.. You got me. I can do it in seconds.21:38
Psi-Jack_giovani, SaaS. :)21:39
giovaniwhat kind of software then?21:39
Psi-Jack_We deal with hotelier channel management, yielding rates to expedia, travelocity, orbitz, etc.21:39
giovaniah21:39
giovaniwell if you're in SaaS, I guess you use SaaS eh? :)21:40
Psi-Jack_Heh, apparently so!21:40
giovanidrank a little too much of the koolaid21:40
Psi-Jack_LOL21:40
ahasenackmathiaz: my case is a bit more complicated than that wiki page about debdiff unfortunately22:19
ahasenackit goes nuts apparently22:20
Sam-I-Amahasenack: remember my problem from this morning?22:20
ahasenackdebdiff intrepid/smart_1.2-0ubuntu1.8.10.1.dsc landscape/smart_1.2-0ubuntu1.9.04.1.dsc22:20
ahasenackI get even the wrong order in the diff lines22:20
ahasenackSam-I-Am: yeah, what was it?22:20
Sam-I-Amwell, i configured a jaunty box same way... works fine22:20
Sam-I-Amso its definitely a karmic problem22:20
ahasenackand it invents a "smart.orig" directory that I don't have22:20
ahasenackSam-I-Am: ok, would be cool if you could pinpoint it22:21
Sam-I-Amalso found out another problem... sudo w/ ldap won't connect with TLS22:21
Sam-I-Amwhich smells like another gnutls problem22:21
ahasenackSam-I-Am: yeah, I was just about to say that22:21
ahasenackgnutls--22:21
Sam-I-Amso thats another issue i need to look into22:21
ahasenackwhat's the point of having a better license if it doesn't work22:21
Sam-I-Amhowever, thats not the problem with su/sudo getting those weird messages22:21
Sam-I-Amso now that i've eliminated some stuff i'm going to drill down... also curious if it affects karmic server22:22
ahasenackthe openldap maintainer already said gnutls was just bad to work and develop with22:22
Sam-I-Amita awful22:22
Sam-I-Amits22:22
Sam-I-Ami came across a critical functionality bug about a month ago that was only recently fixed... with a patch provided in the report.22:23
Sam-I-Amhoward chu from openldap is who got the ball rolling and it didn't seem to speed things up22:23
ahasenackif you get too many problems with tls, you might be better off rebuilding it yourself with openssl22:25
ahasenackbut that can bring library hell down upon you22:25
mathiazSam-I-Am: at least try to report the bug to upstream (openldap or gnutls)22:25
mathiazSam-I-Am: we can't go back to openssl - so better debug/improve the gnutls support22:26
Sam-I-Ammathiaz: yeah, licensing sucks :/22:27
Sam-I-Amopenssl is clearly a better product22:27
mathiazahasenack: seems like you managed to fix your debdiff problem?22:27
ahasenackmathiaz: not really22:28
Sam-I-Ami'm going to install karmic server now... try to find the same bug w/ gnutls... then try a version compiled against openssl.22:28
ahasenackmathiaz: I have two source packages, I downloaded them and fed the .dsc files to debdiff22:28
ahasenackmathiaz: the output is insane22:28
mathiazSam-I-Am: may be. But we respect everyone licensing choice.22:28
ahasenackmathiaz: the one I attached was easier, as the difference between jaunty and landscape-branch is small22:28
ahasenackbut the rest...22:28
ahasenackintrepid, I mean22:28
Sam-I-Amthe other issue is those weird errors... what i CAN say is that as soon as i put 'ldap' for passwd in /etc/nsswitch.conf, it breaks.  soon as i change it back to 'files' or 'compat' its fine.22:28
ahasenackI have no idea how to give you a diff22:28
ahasenackSam-I-Am: I wouldn't use "compat"22:29
Sam-I-Amwell, even files works22:29
mathiazahasenack: is this because there is a new upstream version?22:29
ahasenackSam-I-Am: brings back some vague recollections about issues22:29
Sam-I-Amputting 'ldap' anywhere gives those issues22:29
Sam-I-Amnsswitch.conf is part of base-files iirc...22:29
mathiazahasenack: have you build the source package correctly?22:29
ahasenackSam-I-Am: initgroups() is something that springs to mind as not bothering with the order in there22:29
mathiazahasenack: what about the size of the diff.gz?22:29
Sam-I-Amthats kinda like the error i was getting...22:30
ahasenackmathiaz: I downloaded both sources with dget22:30
ahasenackmathiaz: no need to build, right? It's already built22:30
mathiazahasenack: agreed.22:30
ahasenackmathiaz: ran this: ebdiff intrepid/smart_1.2-0ubuntu1.8.10.1.dsc landscape/smart_1.2-0ubuntu1.9.04.1.dsc22:30
mathiazahasenack: I'm onto something else right now22:31
ahasenackmathiaz: the simpler diff -uNr intrepid/smart-1.2 landscape/smart-1.2 generates a much more comprehensible output22:31
mathiazahasenack: I'll get back to you later if I can22:31
ahasenackmathiaz: np, I'm off for the day22:31
mathiazahasenack: try to ask in #ubuntu-motu or #ubuntu-devel22:31
Sam-I-Amhopefully i'll have this narrowed down by tomorrow...22:31
ahasenackSam-I-Am: did you try the suid root ls trick?22:32
Sam-I-Amls worked fine22:32
Sam-I-Amits just su/sudo best i can tell22:32
ahasenackwell, good luck22:33
ahasenackseems to be well inside the system22:33
Sam-I-Amyeah :/22:33
ahasenackcya22:33
Sam-I-Amthx22:33
=== bc_ is now known as bc
smosersoren, http://www.zlib.net/pigz/ and http://compression.ca/pbzip2/23:15
lamontScottK: HTH did it get to be a 1.3MB package, I wonder?  (amd64)23:19
sorensmoser: $ apt-cache search pigz23:20
sorenpigz - Parallel Implementation of GZip23:20
soren[2009-09-01 17:20:44] soren@ralph:~/src/eucalyptus$23:20
soren\o/23:20
sorenGo for it :)23:20
sorensmoser: Oh. Do you think it'll be able to extract to stdout?23:21
sorensmoser: Oh, the description also suggests that it's only for compression.23:21
smoseryeah.. .i sweare there was one for uncompression though..23:21
smoserand htis does (as you thought) write extra metadata23:22

Generated by irclog2html.py 2.7 by Marius Gedminas - find it at mg.pov.lt!