/srv/irclogs.ubuntu.com/2009/09/09/#ubuntu-server.txt

pigflu	I want to install postfix with apt-get, but I want to do it in an unmanned script. How do I get it to just use the "Internet Site" option and not require user input?	00:19
jtimberman	pigflu: you need to preseed the package.	00:21
jtimberman	http://wiki.debian.org/DebianInstaller/Preseed	00:22
lamont	jtimberman: and then he complains about it not being entirely preseedable... long painful story there.	00:22
pigflu	jtimberman: Thanks for the link	00:22
lamont	pigflu: the other option is to just create /etc/postfix/main.cf before doing the install, and then it'll choose to "not change the configuration"	00:22
pigflu	lamont: Ah, that works too	00:23
pigflu	I'll need to look into both options.	00:23
pigflu	Thanks!	00:23
=== monteith is now known as monteith_afk
=== monteith_afk is now known as monteith
djshotglass	hi	01:41
djshotglass	i just burned off ubuntu-9.04-server-i386 and booted it	01:41
djshotglass	it wont let me selected english, once the cd boots my keyboard lights go out	01:41
djshotglass	i have tried every keyboard in the house	01:41
djshotglass	they all work in bois untill cd boots	01:41
djshotglass	why does it not have the countdown that defaults to english like every other operating system on the planet?	01:42
qman__	if you have a USB keyboard, try changing the BIOS settings regarding that	02:12
qman__	if your keyboard doesn't work to select the language, it won't work to select "Install" either	02:13
uvirtbot	New bug: #426597 in net-snmp (main) "Huy Pham" [Undecided,New] https://launchpad.net/bugs/426597	03:36
f00f	hey guys	04:01
f00f	ihave an install of apt-get while trying to update it stalled on me so i cntrl-z now it seems apt0get is currupted	04:02
f00f	i am completely stumped	04:02
f00f	can anyone help	04:02
f00f	i can paste messages etc for you if you need	04:02
f00f	i am getting E: dpkg was interrupted, you must manually run 'dpkg --configure -a' to correct the problem.	04:02
f00f	but when i type it	04:02
f00f	it just gets stuck at Setting up module-init-tools (3.3-pre11-4ubuntu5.8.04.1) ...	04:02
f00f	checking the log file	04:03
f00f	i see a whole bunch of these	04:03
f00f	kernel: 4gb seg fixup, process klogd (pid 1541), cs:ip 73:006dbc6c	04:03
f00f	where process is syslogd klogd sshd	04:03
f00f	etc...	04:03
f00f	also ps shows: root 3434 21.4 0.0 4724 1676 pts/1 R+ 20:03 0:12 /usr/bin/perl /usr/sbin/update-rc.d module-init-tools start 15 S .	04:05
f00f	anyone ?	04:07
ScottK	How long did you let it run?	04:18
f00f	around 8 mins	04:18
f00f	why do i keep getting these 4gb seg fixup, process nrpe (pid 14995), cs:ip 73:00192240 errors	04:19
f00f	nrpe is the nagios daemon	04:19
f00f	but that dreaded 4gb seg fixup error keeps coming	04:19
ScottK	Not sure about that.	04:19
f00f	and i have no cliue what it is	04:19
ScottK	Does Google know about it?	04:19
f00f	supposedly it's a kernel lib that runs atop xen architectures	04:20
f00f	yeah google says to install the xen lib	04:20
f00f	but i cant bc apt-get dpkg doesnt really work :-/	04:20
=== chrislabeard is now known as artillerytx
artillerytx	Hey guys i heard there was a way to download torrents remotely on a server	04:21
f00f	artificialexit: torr ... check out the torr network... if your not talking about that then be more specific	04:22
f00f	ScottK: any idea what these error messages are http://www.pastie.org/610529 ?	04:23
f00f	ScottK: also it's been running for over 5 mins now	04:24
f00f	USER PID %CPU %MEM VSZ RSS TTY STAT START TIME COMMAND	04:24
f00f	root 3434 21.3 0.0 4724 1676 pts/1 R+ 20:03 4:17 /usr/bin/perl /usr/sbin/update-rc.d module-init-tools start 15 S .	04:24
f00f	root 3870 0.0 0.0 3636 1028 pts/0 R+ 20:24 0:00 ps aur	04:24
ScottK	This isn't in a xen vm is it?	04:26
f00f	ScottK: yes it is on a amazon ec2 instance	04:27
ScottK	f00f: http://www.google.com/search?q=4gb+seg+fixup&ie=UTF-8&oe=UTF-8 may have some useful information. I can't say for sure.	04:29
Alysum	hello - what does iU mean in dpkg -l pls?	04:32
f00f	Alysum: thats a list of your packages... iU is a simple package... google is your friend	04:34
Alysum	google was not my friend mate	04:35
Alysum	hence I asked here	04:35
f00f	ahh	04:35
f00f	i dunno	04:35
f00f	internet university	04:36
f00f	haha	04:38
f00f	jk	04:38
f00f	i dunno dude	04:38
f00f	did you use the dpkg utility	04:38
f00f	just do a dpkg -l iU	04:38
f00f	or just do a dpkg -p iU	04:39
f00f	easy	04:39
twb	Alysum: if you tried other resources (e.g. google), you should mention that in your initial question. It shows that you are trying to help yourself.	04:55
twb	Alysum: iU in dpkg -l's output means that the package is installed and (IIRC) unconfigured. The first few lines of dpkg -l's output should explain what each letter means.	04:56
twb	"Unpacked", not unconfigured.	04:56
Alysum	no	05:26
Alysum	iU is a state	05:26
Alysum	like ii etc...	05:26
error404notfound	is there a way i can log commands run by any user in a file, and if possible daily emailed to me and then deleted?	06:49
cef	well there is command history for the shell the user runs (eg: .bash_history in the users home dir), but it's not exactly infallible, or reliable. but it might be a start	06:59
cef	or you might be able to implement something using the auditd architecture to log them all, but then you'd want to filter stuff out as well for things like cron, certain apps and the like	07:01
cef	err apparmor even, but I doubt it would be useful, and if the machine is busy you'll have a LOT of logs to go thru	07:04
twb	There is really no way to do that kind of thorough, clandestine monitoring of a stock Linux system.	07:07
twb	You either need to give the user a VERY restricted environment, without the ability to perform arbitrary commands, and then wrap their entry point in a monitoring app -- or better, to insert something into the kernel that logs everything they do.	07:08
=== monteith is now known as monteith_afk
=== monteith_afk is now known as monteith
uvirtbot	New bug: #349331 in qemu "limited screen resolution" [Low,Confirmed] https://launchpad.net/bugs/349331	10:02
uvirtbot	New bug: #426704 in mysql-dfsg-5.1 (main) "package mysql-server-5.1 5.1.37-1ubuntu4 failed to install/upgrade: subprocess installed post-installation script returned error exit status 1" [Undecided,New] https://launchpad.net/bugs/426704	10:02
=== johe\|work is now known as johe
* soren lunches		10:55
twb	I suspect 349331 is not-a-bug.	10:57
=== erichammond1 is now known as erichammond
maxagaz	hi	12:31
maxagaz	how to enable the connection to a machine in root mode ?	12:32
hjmf	maxagaz: from where_	12:37
maxagaz	hjmf, from my server	12:38
maxagaz	hjmf, i mean to connect as root in ssh to a server	12:39
alvin	'PermitRootLogin yes' in /etc/ssh/sshd_config	12:39
hjmf	maxagaz: take a look to /etc/ssh/sshd_config	12:40
alvin	That is actually the default	12:40
ScottK	maxagaz: You probably don't want to do that though.	12:40
hjmf	maxagaz: and check PermitRootLogin yes	12:40
hjmf	and add root to AllowUsers	12:41
ScottK	On the off chance you actually do have a need for a true root account, it's better to ssh in as a non-priviledged user and su to root.	12:41
hjmf	maxagaz: also be sure that the root account is enabled and not just sudo	12:41
hjmf	I mean> root has a password	12:41
hjmf	maxagaz: finally an advice	12:42
hjmf	access the server via ssh keys	12:42
hjmf	and install some kind of denyhosts stuff	12:42
hjmf	maxagaz: I agree with ScottK	12:43
maxagaz	thanks for those advices	12:43
hjmf	OK	12:43
soren	kees, jdstrand, mdeslaur: Are any of you guys familiar with HOTP or TOTP?	12:59
mdeslaur	soren: no...first I have heard of it...interesting	13:00
soren	mdeslaur: It gets better..	13:01
zul	totp = top of the pops?	13:02
soren	mdeslaur: http://www.gemalto.com/products/ezio_time_token/	13:02
soren	http://onlinenoram.gemalto.com/Ezio-Time-Token-for-use-with/M/B002CRN5X8.htm	13:02
soren	$12.99 a piece beats the ¤#&!"#¤ out of RSA SecurID.	13:03
mdeslaur	yeah, and RSA's crappy algorithm	13:03
mdeslaur	wow	13:03
mdeslaur	it uses TOTP?	13:04
soren	Yes.	13:05
* mdeslaur is excited		13:05
soren	mdeslaur: I've not yet seen a pam-totp module, but I doubt it would be a huge task to make one.	13:08
domas	damn, no shipping outside US	13:09
soren	Yeah :(	13:09
* pmatulis is not surprised		13:09
domas	my dream is having own TOTP auth, federated via openid etc elsewhere	13:10
soren	The key generation code is also quite simple, so an android app to generate it wouldn't be a big task either.	13:10
domas	mm, good idea too :)	13:10
soren	pmatulis: About the shipping thing?	13:10
mdeslaur	soren: have you found a TOTP implementation somewhere?	13:10
soren	mdeslaur: The spec contains a reference implemention, IIRC.	13:10
* soren checks		13:10
mdeslaur	oh duh	13:11
mdeslaur	you're right	13:11
soren	TOTP is simple once you have HOTP, though. And HOTP certainly has a reference implementation in the spec.	13:11
soren	It would be soo awesome to ship these modules with Ubuntu and have Canonical sell branded tokens.	13:12
mdeslaur	interesting...some of the totp authors are from verisign...I wonder if the verisign token uses that	13:12
soren	Lots of folks are involved in OATH, apparantly.	13:14
soren	Perhaps I've been living under a rock, but I didn't know about it until earlier today.	13:14
soren	mdeslaur: Yup, that seems to be what verisign uses.	13:14
soren	"VeriSign Identity Protection service is an open standards platform that supports OATH-compliant, time-based OTP generation for user authentication"	13:15
mdeslaur	soren: me either...and..I used to make a living selling authentication devices and smart cards	13:15
soren	it	13:17
soren	It's funny how, when you know the secret keywords to google for, you can find lots and lots of manufacturers making these tokens.	13:18
mdeslaur	it's about time they standardize these things	13:19
soren	Indeed.	13:20
soren	smoser: I either disagree or do not understand your tagging bug 420635 with	13:24
uvirtbot	Launchpad bug 420635 in ubuntu-on-ec2/intrepid "Update Hardy kernel AKI for local privilege escalation" [High,Triaged] https://launchpad.net/bugs/420635	13:24
soren	smoser: 'uec-images'	13:24
* soren continues to try to get used to his apostrophe being where it is..		13:25
smoser	soren, gone	13:25
soren	mdeslaur: So... When can I apt-get libpam-totp, you think? :)	13:25
smoser	soren, i just updated a bunch of bugs, sorry for being a human with limited focus on long page loads :)	13:26
soren	smoser: :)	13:26
smoser	thanks for noticing	13:26
soren	mdeslaur: Do USN's always have corresponding bugs on Launchpad?	13:27
mdeslaur	soren: no, not necessarily	13:27
soren	mdeslaur: If so, how can I look up the bug corresponding to, say, USN-819-1?	13:27
mdeslaur	soren: you can look up the CVE number, hold on...	13:28
mdeslaur	https://bugs.launchpad.net/bugs/cve/CVE-2009-2692	13:28
uvirtbot	mdeslaur: The Linux kernel 2.6.0 through 2.6.30.4, and 2.4.4 through 2.4.37.4, does not initialize all function pointers for socket operations in proto_ops structures, which allows local users to trigger a NULL pointer dereference and gain privileges by using mmap to map page zero, placing arbitrary code on this page, and then invoking an unavailable operation, as demonstrated by the sendpage operation (sock_sendpage function) on a PF_PPPOX sock	13:28
mdeslaur	soren: you can also look in the ubuntu cve tracker, we usually put bug links there: http://people.canonical.com/~ubuntu-security/cve/2009/CVE-2009-2692.html	13:30
uvirtbot	mdeslaur: The Linux kernel 2.6.0 through 2.6.30.4, and 2.4.4 through 2.4.37.4, does not initialize all function pointers for socket operations in proto_ops structures, which allows local users to trigger a NULL pointer dereference and gain privileges by using mmap to map page zero, placing arbitrary code on this page, and then invoking an unavailable operation, as demonstrated by the sendpage operation (sock_sendpage function) on a PF_PPPOX sock	13:30
mdeslaur	die, bot, die die die	13:30
evert	i'm having a ubuntu 8.04 server, i'm wanting to get some virtual server on it (i prefer gentoo, but that doesn't matter). Is it possible to get any virtualization software (vbox?) working without having to reboot?	13:32
hjmf	evert: vmware i.e.	13:45
evert	will it work without the need of a reboot?	13:46
hjmf	evert: yes	13:46
blackxored	hello	13:46
evert	and is vbox possible without reboot too then?	13:46
evert	for some reason i'd like to use vbox instead of vmware :)	13:46
hjmf	evert: I guess so; kvm too	13:46
evert	ok, nice :)	13:47
uvirtbot	New bug: #362013 in qemu "kvm migration fails with large-memory VMs" [High,Fix released] https://launchpad.net/bugs/362013	13:47
hjmf	evert: You'll only need to reboot in case of installing a new kernel in your host	13:47
zul	soren: i have the hardy updated ec2 kernels built im just testing them out	13:52
soren	zul: Why isn't John doing this?	13:53
* soren seems to be asking that question a lot		13:53
zul	soren: because scott asked me to do that	13:53
soren	smoser: ^?	13:54
smoser	zul, i guess probably john should be doing that, yes.	13:54
zul	k	13:55
garymc	Hi guys, my flash in firefox is messing with the sound. I need to uninstall this verion (dont know how to do it) and i need to install the best version (Dont know which one that is?) im in Ubuntu Server 9,04	14:00
ScottK	garymc: Not if you're running Firefox you aren't (no X in ubuntu server)	14:01
garymc	sorry im using LTSP server im logged in through Thin client GUI	14:02
garymc	so am i still not using ubuntu server?	14:02
ScottK	OK	14:03
rtg	smoser, do you have time to try the Ubuntu ec2 kernel in my PPA ? https://edge.launchpad.net/~timg-tpi/+archive/ppa	14:03
ScottK	This still isn't a good channel for flash/firefox questions.	14:04
smoser	rtg, you have it built ? or you want me to build too	14:04
rtg	smoser, binaries await your pleasure	14:05
rtg	smoser, I don't know how to extract the right bits and pump them into the cloud.	14:05
rtg	I've just built a kernel with the 3.02 xen patch set according to the results that zul and jj came up with last friday	14:06
smoser	zul can help with that. i'm not exactly sure what you need to upload.	14:06
zul	i can get to it later this morning probably	14:07
smoser	zul, maybe preferable for you to just document what i need to do ?	14:09
zul	smoser: its already documented on the wiki	14:10
smoser	zul, the only thing i dont know is what goes at '<path of kernel>'	14:12
zul	the vmlinuz file	14:12
zul	maybe get jj to upload it and have him ask you to test it	14:13
smoser	i'll upload it.	14:13
smoser	zul, fyi, i have centos 5.0 dvds, they are sitting at http://smoser.brickies.net/iso/centos/5.0/	14:14
zul	how long did it take you to get them? ;)	14:14
smoser	but apparently the apache there has a 2gb file limit, so they dont show up and it wont give them to you	14:14
smoser	someone pushed them ftp for me from a fairly fat pipe, and then i copied.	14:15
smoser	i actually lost all peers sometime yesterday.	14:15
zul	heh	14:15
smoser	if you're interested in downloading, i can give you ftp access	14:15
zul	sure	14:15
rtg	smoser, I think I've plenty of space on zinc if you wanna store them there.	14:16
oly-	just been looking at logrotate file in /etc/logrotate.d/ i would like to know if you can tell it to work recursively through folders ?	14:18
oly-	ie scan /home/www//.log type syntax, because each domain has its own log file in seperate folders	14:19
oly-	anyone know if this is possible ?	14:19
smoser	zinc ?	14:19
smoser	rtg, if you want to pull them to there, that might be useful	14:19
smoser	i can give you access.	14:20
rtg	smoser, well, I'm only gonna bother if its really useful 'cause it'll take awhile.	14:20
smoser	rtg, then dont bother	14:20
smoser	what is zinc?	14:21
rtg	smoser, kernel.ubuntu.com	14:21
smoser	ah. dont worry about it.	14:21
konza	hi all , telnet localhost 10024 is not working ... please help	14:25
uvirtbot	New bug: #394967 in apache2 (main) ""aptitude upgrade apache2" overrides run-level settings (dup-of: 416318)" [Undecided,New] https://launchpad.net/bugs/394967	14:27
uvirtbot	New bug: #414997 in ec2-init "ec2-set-defaults should be 'run_once_per_ami'" [Undecided,In progress] https://launchpad.net/bugs/414997	14:36
hjmf	konza: what do you expect to find at 10024?	14:44
konza	hjmf, i am tryinig to install a mailserver... while following the instructions in ubuntu docs it was writen ther to telnet port 10024	14:45
hjmf	amavisd?	14:46
konza	hjmf,ya	14:46
hjmf	konza: what version of ubuntu are you using? and what docs are you following?	14:46
konza	ubuntu 9.04 https://help.ubuntu.com/community/PostfixAmavisNew	14:47
konza	please see this http://paste.ubuntu.com/267946/	14:48
hjmf	konza: looking	14:48
konza	hjmf, please see this http://paste.ubuntu.com/267946/	14:48
ScottK	konza: I'd check out https://help.ubuntu.com/9.04/serverguide/C/mail-filtering.html since it's the official docs.	14:49
ScottK	konza: Do what it says in your paste.	14:50
konza	ScottK, how to change that ......... when i run uname i get 'Linux'	14:50
ScottK	konza: Then set it in /etc/amavis/conf.d/05-node_id using your favorite editor.	14:51
hjmf	konza: run hostname -f or use localhost	14:52
hjmf	as fqdn; it might work	14:52
konza	hjmf, hostname -f gives KONASA	14:52
hjmf	but konasa doesn't include the domain part	14:53
hjmf	edit /etc/hosts	14:53
hjmf	with something 127.0.0.1 konasa.localdomain konasa	14:53
konza	hjmf, what should i do to include domain name	14:53
hjmf	if you are playing include whatever you want: ie localdomain or local.lan	14:54
hjmf	as long as you reflect it in /etc/hosts too	14:54
hjmf	I guess.	14:54
hjmf	I havent never configured amavisd, but should work	14:55
hjmf	I would use localhost.localdomain as fqdn	14:55
hjmf	and in etc/host I'd put	14:55
hjmf	127.0.0.1 localhost.localdomain if it isn't already	14:56
konza	hjmf, http://paste.ubuntu.com/267953/	14:56
hjmf	konza: then add the domain part :-)	14:57
hjmf	man hosts	14:57
hjmf	konza: as I said before, localhost might work for amavisd conf.	15:00
konza	hjmf, can u pls make the necessary changes in /etc/hosts and paste it	15:02
hjmf	konza: leave etc/hosts as it is for the moment	15:03
konza	hjmf, k	15:03
hjmf	just configure amavis to use localhost as $myhostname	15:03
domas	is anyone from ubuntu security team here? :)	15:04
konza	k	15:04
konza	hjmf, http://paste.ubuntu.com/267961/	15:06
domas	mdeslaur: ping! :)	15:06
mdeslaur	domas: yes?	15:07
domas	mdeslaur: can I have private security inquiry with you?	15:07
hjmf	konza: please pastebin the amavis conf file	15:07
mdeslaur	domas: sure	15:07
konza	hjmf, http://paste.ubuntu.com/267964/	15:10
hjmf	konza: sorry, I meant the /etc/amavis/conf.d/50-user where you put the localhost setting	15:11
hjmf	konza: also pastebin the offending /etc/amavis/conf.d/05-node_id	15:13
konza	hjmf, problem solved	15:14
hjmf	konza: cool	15:14
konza	hjmf, thanks	15:15
konza	hjmf, thanks a lot.	15:15
hjmf	konza: you are wellcome	15:15
konza	hjmf, i just added $myhostname = "shyam.localhost.com"	15:16
hjmf	konza: you should use your real hostname and your real domain name or just localhost	15:18
hjmf	konza: per real hostame and real domain name it might be konasa.local.lan	15:18
konza	hjmf, so should i change shyam.localhost.com to localhost	15:19
hjmf	konza: It would be better if it works	15:19
konza	k	15:19
konza	hjmf, its working	15:20
hjmf	konza: great!	15:21
bobo	Anyone have experience with AppArmor not allowing/complaining about read-access to '/usr/share/zoneinfo' when such access is clearly ( and redundantly ) allowed in the profile?	15:24
konza	hjmf, imap login failed...	15:30
konza	hj what to do	15:30
konza	hjmf, u there dude?	15:31
hjmf	konza: what are you using as imap server?	15:32
hjmf	konza: is it running?	15:32
konza	hjmf, courier	15:32
hjmf	konza: which is the error?	15:32
hjmf	you might want to check the logs at /var/log	15:32
bobo	konza: what are you using for auth backend? vpopmail? sql? pam?	15:33
konza	hjmf, i used the command imap login shyam mypassword	15:33
konza	imap NO Login failed.	15:34
konza	bobo, sql	15:34
bobo	what db?	15:35
konza	bobo, actually i didnt understand ur question	15:35
hjmf	konza: you should provide more info. Check if the process is running and the log info	15:36
konza	hjmf, how should i check it	15:36
hjmf	konza: I don't have experience with courier-imap I use dovecot in my servers	15:37
hjmf	konza: however there should be some files named courier or similar in /var/log	15:37
hjmf	konza: check them	15:37
bobo	courier has ( or at least used to have ) an auth-daemon which could use various different back-ends for obtaining user-credentials. Other parts of the courier mail system ( like the IMAP server ) would talk to the auth-daemon. The Auth-daemon would check provided credentials against any store it was configured to use: a sql-database ( mysql/pgsql ) or /etc/passwd or a vpopmail installation or others	15:38
hjmf	konza: also check if courier is running; ie ps aux \| grep -i courier	15:38
smoser	soren, ping	15:38
hjmf	bobo: I'm sure that konza is vaildating against passwd	15:38
smoser	https://bugs.launchpad.net/ubuntu/+source/landscape-client/+bug/421707 or maybe zul, or kirkland or anyone.	15:39
uvirtbot	Launchpad bug 421707 in landscape-client "landscape-client cron job is broken" [Undecided,Fix committed]	15:39
smoser	am i doing the above "right" ? nominating that for release ?	15:39
* kirkland looks		15:39
soren	smoser: What's up?	15:39
smoser	^^	15:39
uvirtbot	smoser: Error: "^" is not a valid command.	15:39
smoser	funny. silly uvirtbot	15:40
* zul looks		15:40
smoser	i'm trying to mark that we need to fix landscape-client in those hardy and in intrepid (well, maybe not intrepid)	15:40
niemeyer	soren: So, the error is a bit weird.. when the admin interface on port 8443 comes up, the API on 8773 goes down	15:40
niemeyer	soren: Rings any bells?	15:40
zul	smoser: you should just be able to copy from the landscape ppa to the ubuntu-on-ec2 ppa	15:41
smoser	zul, yes. i'm just wondering about the "Nominated for Hardy"	15:42
kirkland	smoser: accepted	15:42
bobo	konza: check the logs as hjmf suggests, first ( courier logs , /var/log/auth ) ; Worst case, if it is file-system based authentication you can stop the courier auth-daemon and restart it under 'strace -f' and look for the unsuccessful system call.	15:42
smoser	is that the right way to do this stuff ?	15:42
soren	niemeyer: Not off the top of my head.	15:42
kirkland	smoser: set the status/importance appropriate	15:42
soren	kirkland: Have you seen niemeyer's problem before?	15:42
kirkland	soren: niemeyer: hrm, no, i haven't	15:42
soren	niemeyer: Nothing of interest in the logs?	15:43
smoser	ok, now please reload that page.	15:44
niemeyer	soren: There are errors there, but nothing I can parse myself	15:44
soren	smoser: I just accepted the nominatoins.	15:44
smoser	what i'm trying to indicate in those tasks (under "landscape-client (Ubuntu)") is that karmic is "fixed" (no problem) .	15:45
soren	smoser: Actually, I wanted to just accept the Hardy one, but Launchpad accepted both when I clicked the button.	15:45
soren	smoser: In that case, it looks correct to me.	15:45
smoser	soren, do you think it should be fixed in intrepid ? (I'm actually not certain the bug exists there, my guess i sprobably not, but need to verify)	15:46
soren	smoser: I would say it's low/wishlish importance for Intrepid. If we suddenly have a lot of time on our hands, we can look at it.	15:47
smoser	and, given the indication that this is the new way to do things, i am going to get bug 420635 in line also	15:47
uvirtbot	Launchpad bug 420635 in linux "Update Hardy kernel AKI for local privilege escalation" [Undecided,New] https://launchpad.net/bugs/420635	15:47
smoser	soren, i'll verify whether or not its present there really quick and just kill it as invalid if not	15:47
niemeyer	soren: I'll leave for a quick lunch and try to get hold of someone from Eucalyptus	15:48
soren	niemeyer: They're only just starting to turn up. They're on the US west coast.	15:49
smoser	soren, can you accept nomination for 420635 to hardy and intrepid	15:49
soren	bug 420635	15:49
uvirtbot	Launchpad bug 420635 in linux "Update Hardy kernel AKI for local privilege escalation" [Undecided,New] https://launchpad.net/bugs/420635	15:49
soren	smoser: Done	15:50
mxzypltk	anyone have luck with installing latest e1000e intel drivers on 9.04? readme states it cant be compiled and has to use modprobe. Im able to make binary, assign ip, and ping but disappers with reboot...	15:51
* soren will be back later..		15:51
VirtualDisaster	mxzypltk: hmm ill test it tonigt	15:53
mxzypltk	thx. Using it as a wshark capture card for netflow box and it starting to frustrate me a bit!	15:55
=== monteith is now known as monteith_afk
smoser	soren, please accept nominations for bug 308530	16:00
uvirtbot	Launchpad bug 308530 in ubuntu-on-ec2 "Wait for network before downloading ssh credentials or user-data" [Medium,Fix released] https://launchpad.net/bugs/308530	16:01
bobo	Is anyone using AppArmor on Ubuntu? Is there a better channel for AppArmor stuff?	16:06
jdstrand	bobo: virtually everyone is using apparmor on Ubuntu-- it is installed by default and several applications have default profiles	16:07
jdstrand	(in other words, you have to turn it off to not use it)	16:07
bobo	No one has run into my /usr/share/zoneinfo problem?	16:08
jdstrand	bobo: what problem? what profile? paste your profile and dmesg output somewhere	16:09
bobo	somewhere NOT in this irc? I am unfamiliar with the basic conventions and courtesies of IRC.	16:10
jdstrand	bobo: http://paste.ubuntu.com/	16:11
jdstrand	bobo: also paste the output of aa-status	16:11
smoser	kirkland, can you accept nominations for bug 308530	16:13
uvirtbot	smoser: Error: Could not parse data returned by Launchpad: timed out	16:13
smoser	jdstrand, sometime today, when you have a minute can we talk ?	16:13
jdstrand	smoser: absolutely	16:15
smoser	whenever you've got a minute or 15 or 20	16:15
jdstrand	smoser: right, let me ping you	16:15
smoser	k	16:15
bobo	jdstrand: http://paste.ubuntu.com/267993/ ( re: AppArmor )	16:16
clusty	hey	16:17
clusty	got a small problem	16:17
jdstrand	bobo: you have access to all files under /usr/share/zoneinfo, but not /usr/share/zoneinfo itself	16:17
clusty	i got 10 machines that are accessing the same NFS resource and the clocks are all screwy	16:17
clusty	or at least make complains	16:17
jdstrand	bobo: add '/usr/share/zoneinfo/ r,'	16:17
bobo	thanks	16:17
clusty	do i need to make some machine a NTP server?	16:18
clusty	and all other machines conect to it?	16:18
jmarsden	clusty: If they have Internet connectivity you could just make all of them NTP clients, no need for your own NTP server.	16:18
clusty	jmarsden, ok. they are connected to net	16:19
bobo	It would be kinder to upstream time-servers to maintain your own master	16:19
jmarsden	If it was 100 machines you should definitely have your own server, but for 10 it's up to you.	16:19
clusty	jmarsden, is there some service i can install to regularilly fix times?	16:19
clusty	jmarsden, or it's a job for cron?	16:19
VirtualDisaster	just use router as NTP server	16:19
VirtualDisaster	thats what i do, pfsense as router/ntp etc	16:19
VirtualDisaster	dns if need be	16:19
jmarsden	clusty: sudo apt-get install ntp	16:20
jmarsden	It that service is running it will keep the machines time in sync for you.	16:20
clusty	jmarsden, awesme. thanks	16:20
jmarsden	You can check to see that it is working (after a few minutes for the time sync to happen) using ntpq -p which shows what NTP sever(s) your machine is talking to and whoch one it is synced to.	16:21
the-dude	whats a good place to ask something about dh_make?	16:23
jmarsden	#ubuntu-motu , if you are creating packages for Ubuntu.	16:24
clusty	jmarsden, is the list of servers changing dynamically?	16:24
the-dude	jmarsden: thx :)	16:24
jmarsden	clusty: No, see /etc/ntp.conf you can set them in there.	16:25
jmarsden	But for "good enough for NFS" the default will be fine.	16:25
jmarsden	the-dude: No problem.	16:26
clusty	jmarsden, offset is the time offset in seconds?	16:28
konza	hjmf, hi... there was some problem with my net connection... srry......	16:35
hjmf	konza: then, It is working now?	16:37
konza	hjmf, nope	16:41
=== dyh is now known as roodyk
Techtronic	hello , how to reinstall nagios ?	16:52
nijaba	jdstrand: hello. Just read your apparmor addition to karmic's tech overview. great stuff. Just one question: what do you mean by "transistion" in the sentence "AppArmor also now supports 'pux' which, when specified, means a process can transition to an existing profile if one exists or simply run unconfined if one does not."?	16:52
nijaba	Techtronic: sudo apt-get install nagios?	16:53
VirtualDisaster	reinstall or reconfigure?	16:53
the-dude	or sudo apt-get install --reinstall nagios	16:54
Techtronic	nijaba 1min	16:54
Techtronic	Not replacing deleted config file /etc/nagios3/conf.d/host-gateway_nagios3.cfg include file /etc/nagios3/apache2.conf does not exist! E: Sub-process /usr/bin/dpkg returned an error code (1)	16:54
Techtronic	Not replacing deleted config file /etc/nagios-plugins/config/disk.cfg .... howto fix this ?	16:56
jdstrand	nijaba: if a process is confined by a profile (eg, firefox), and it needs to execute another process, that is a transition	16:56
Techtronic	Errors were encountered while processing: nagios3-common , nagios3	16:57
thk	installing hardy on server and want to preserve /home on lvm volume; will the install reformat these?	16:58
nijaba	jdstrand: ok. so in other word, pux would be used to have firefox ask the system "hey, please execute this with its own profile if it has one, otherwise without?"	16:59
kaushal	hi	16:59
jdstrand	nijaba: so, if firefox needs to launch evince, it must either transition out of confinement (ux) for the forked process, or transition into a new profile for the forked process (px)	16:59
kaushal	i want to set ulimit for nofile to 32000 for a particular user, it doesnot allow me on ubuntu 8.04 . is there a specific reason ?	16:59
jdstrand	nijaba: exactly	16:59
kaushal	I have set it in limits.conf file	16:59
nijaba	jdstrand: ok, thanks a lot	16:59
jdstrand	nijaba: before, you couldn't do that	16:59
nijaba	jdstrand: I guess :)	16:59
jdstrand	nijaba: before, you could only specify 'ux' or 'px', but 'px' wasn't practical because if the profile didn't exist and you tried to transition to it, the fork would fail	17:00
konza	hjmf, when loging , we should type the username and passwd of my account in linux rite?	17:01
uvirtbot	New bug: #426769 in mysql-dfsg-5.0 (main) "mysql-{common,client,server} still (also) build from mysql-dfsg-5.0" [High,In progress] https://launchpad.net/bugs/426769	17:01
niemeyer	Hmm.. I'm having some issues with defunct bash processes (child of ssh) and CTRL-* keys not working on the terminal after upgrading to Karmic	17:03
konza	anyone knows to login to imap using telnet.............. plsssssssss help	17:03
niemeyer	Has anyone faced something similar?	17:03
jdstrand	niemeyer: known bug...	17:03
niemeyer	jdstrand: Oh, woohay	17:03
* jdstrand goes to get it		17:03
jdstrand	bug #407428	17:04
uvirtbot	Launchpad bug 407428 in udev "worker signal mask inherited by children" [High,Confirmed] https://launchpad.net/bugs/407428	17:04
bobo	konza: telnet <imaphost> 143	17:04
niemeyer	jdstrand: Thanks!	17:04
jdstrand	niemeyer: sure! :)	17:04
bdmurray	kirkland: where does bug 426272 belong?	17:05
uvirtbot	Launchpad bug 426272 in ubuntu "Encrypted home directory file Input/output error" [Undecided,New] https://launchpad.net/bugs/426272	17:05
konza	bobo, how to login after this?	17:05
bobo	dunno ; I am not sure that IMAP is human friendly. Can you login via POP3?	17:06
kirkland	bdmurray: looking	17:07
konza	bobo, nope... i am using courier-imap	17:07
kaushal	checking in again for my query ?	17:07
konza	VirtualDisaster, u there dude?	17:07
VirtualDisaster	yeah sec	17:08
bobo	Courier does pop3 as well. If you can't login in with POP3 either, you know something you don't know now.	17:08
konza	VirtualDisaster, after connecting to imap server how should i login........?	17:08
kirkland	bdmurray: ecryptfs-utils is fine to start	17:10
kirkland	bdmurray: i'll update it	17:10
VirtualDisaster	depends on what/how you want to accomplish that	17:10
konza	VirtualDisaster, i used the login command but its not working	17:11
bdmurray	kirkland: cool thanks!	17:12
VirtualDisaster	konza: sec cat busted nose	17:13
Techtronic	pleas help http://pastebin.com/m3c2d1307	17:18
kaushal	checking in again for my query	17:18
kaushal	?	17:18
KillMeNow	a Nagios question... not my cup of tea... i like Zenoss better	17:20
Techtronic	who is better ? Zenoss or nagios	17:22
KillMeNow	Zenoss IMHO	17:22
* KillMeNow waits for the flames to start		17:22
Techtronic	looks great , thanks	17:27
kaushal	AppArmor is an alternative of selinux in Ubuntu Hardy ?	17:29
jdstrand	kaushal: it is the default MAC system for Ubuntu, yes. See http://wiki.ubuntu.com/AppArmor for details and links to docs	17:30
kaushal	jdstrand: how can i disable it ?	17:31
KillMeNow	gah! i've never gotten apparmor to work properly	17:31
kaushal	sudo /etc/init.d/apparmor kill <enter>	17:31
kaushal	sudo update-rc.d -f apparmor remove <enter>	17:31
kaushal	?	17:31
jdstrand	kaushal: are you having trouble with a profile?	17:31
kaushal	nope	17:31
jdstrand	kaushal: do you want to use selinux or no MAC?	17:32
kaushal	I am having issue with ulimit for a particular user ?	17:32
kaushal	I have set ulimit for a particular user to 32000 and set it in limits.conf	17:33
jdstrand	kaushal: that is doubtfully an apparmor problem. to temporarily see if it is a problem, 'sudo /etc/init.d/apparmor stop'	17:33
kaushal	ok	17:33
jdstrand	s/is a/is the/	17:33
kaushal	sure	17:33
jdstrand	kaushal: apparmor will complain in /var/log/kern.log if it was the problem	17:33
jdstrand	kaushal: see https://wiki.ubuntu.com/DebuggingApparmor for details	17:34
kaushal	jdstrand: it isnt there	17:34
jdstrand	kaushal: what isn't there?	17:34
kaushal	I mean apparmor script is not present under /etc/init.d	17:35
jdstrand	kaushal: what does 'sudo aa-status' say?	17:35
kaushal	that program is not there	17:36
jdstrand	kaushal: do you have a /sys/kernel/security/apparmor directory?	17:36
kaushal	apparmor directory isnt there	17:37
kaushal	jdstrand: what could be the issue of ulimit ?	17:37
jdstrand	kaushal: then apparmor isn't installed (and definitely not the problem ;)	17:37
kaushal	yeah	17:37
kaushal	I believe so	17:37
kaushal	jdstrand: what could be the issue of ulimit ?	17:38
jdstrand	I'm not sure	17:39
=== niemeyer_ is now known as niemeyer
Daviey	mathiaz: When you get a moment, can you lookover Bug #426919	17:42
uvirtbot	Launchpad bug 426919 in mysql-dfsg-5.1 "thread_stack setting is too small" [Undecided,New] https://launchpad.net/bugs/426919	17:42
=== niemeyer is now known as niemeyer_
=== niemeyer__ is now known as niemeyer
smoser	landscape-client as a ppa in ubunt-on-ec2 seems to make reasonable sense for hardy given it wasn't packaged.	17:54
smoser	i was confused by existance of http://packages.ubuntu.com/hardy/landscape-client	17:54
smoser	zul,	17:54
zul	smoser: okies..	17:55
smoser	i'll wait for soren to weigh in, but how common / difficult is it to get a new package for a stable release ?	17:55
zul	depends on the package but I dont think it would be a big issue you might want to talk to the landscape guys	17:59
uvirtbot	New bug: #419150 in ipsec-tools (main) "Setkey has no policy priority support compiled in" [Undecided,Incomplete] https://launchpad.net/bugs/419150	18:06
mathiaz	jdstrand: hi	18:12
mathiaz	jdstrand: could you have a quick a look at the stock reply I've added to https://wiki.ubuntu.com/DebuggingMySQL to cover the case where mysqld apparmor hasn't been updated correclty	18:13
mathiaz	jdstrand: ?	18:13
jdstrand	ok	18:13
jdstrand	mathiaz: I might reference https://wiki.ubuntu.com/DebuggingApparmor#Debugging%20procedure specifically	18:15
mathiaz	jdstrand: ok - I'll update the wiki page	18:15
jdstrand	cool	18:15
mathiaz	jdstrand: I'm adding more information about debugging mysqld and reading the log file	18:16
niemeyer	soren: nurmi helped solving the issue	18:16
jdstrand	mathiaz: I might also say that they really only need to send audit messages from kern.log	18:16
smoser	mathiaz, ttx, zul kirkland soren http://www.bizjournals.com/stlouis/stories/2009/04/06/daily40.html	18:17
mathiaz	jdstrand: are you refering to the first stock reply?	18:17
zul	smoser: thats alot of pi	18:17
niemeyer	soren: Somehow there was an old /usr/share/eucalyptus/eucalyptus-commons-ext-0.4.jar from an old package, even though the file was being claimed by the newer libeucalyptus-commons-ext-java 0.4.2-0ubuntu1	18:18
jdstrand	mathiaz: yeah. somthing like the output of "egrep 'audit\(\|apparmor\|selinux\|security' /var/log/kern.log"	18:18
jdstrand	mathiaz: you can drop the selinux part, but may want to keep it just in case	18:18
mathiaz	jdstrand: ok	18:18
niemeyer	soren: This was solved by	18:18
niemeyer	<nurmi> apt-get purge `apt-cache search eucalyptus \| awk '{print $1}'`	18:18
niemeyer	<nurmi> rm -rf /etc/eucalyptus /var/lib/eucalyptus /var/log/eucalyptus /usr/share/eucalyptus	18:18
niemeyer	<nurmi> apt-get install eucalyptus-cloud	18:18
jdstrand	mathiaz: that is taken from apport hooks that grab the stuff automatically	18:18
mathiaz	jdstrand: apport hooks from with package?	18:19
jdstrand	mathiaz: several actually. I grabbed the regex from evince	18:19
jdstrand	mathiaz: /usr/share/apport/package-hooks/source_apparmor.py should have some good stuff in it	18:20
mathiaz	jdstrand: ok - I've used a different approach for adding audit messages in the mysql apport hooks	18:20
kirkland	mathiaz: if the american taxpayer is funding the delivery of pizza from St Louis to Washington DC, my opinion of obama will be even lower than it already is	18:22
pmatulis	kirkland: wrong channel? :)	18:28
kirkland	pmatulis: sorry, yes, you're right	18:29
* kirkland apologizes for going political :-)		18:29
kirkland	pmatulis: that was for smoser's link	18:29
pmatulis	kirkland: ah	18:29
kirkland	pmatulis: we ate at that pizza joint last week in St. Louis	18:30
smoser	kirkland, i wondered who paid for the 2 pizzas and "delivery"	18:30
smoser	what do you tip on that ?	18:30
kirkland	smoser: taking this to PM, as I don't want to get too political in #ubuntu-server :-)	18:31
smoser	:)	18:31
kaushal	hi	18:32
kaushal	is there a way to find if any updates are available for a package	18:32
kaushal	?	18:32
kaushal	For example autossh	18:32
pmatulis	kaushal: apt-cache policy autossh	18:32
pmatulis	kaushal: after an 'apt-get update'	18:33
SirMontu	Hey guys, I just installed Ubuntu Server 8.10 and I'm trying to figure out how to install this Linksys nic, anyone have any directions or a link i could get?	18:40
kaushal	jdstrand: hi again	18:40
kaushal	i got a reply from the mailing list	18:40
kaushal	Are you calling pam_limits.so somewhere in your PAM stack?	18:40
kaushal	please help me understand this ?	18:40
kaushal	for the ulimit issue	18:41
jdstrand	kaushal: I am not a pam_limits.so expert, but they are referring to files in /etc/pam.d. probably most specifically /etc/pam.d/common-*	18:43
J_P	hi all	19:14
J_P	are there a problem with sources.list of jaunty?	19:14
J_P	here is very very slow or stop..	19:14
J_P	a apt-get update	19:14
J_P	or apt-get dist-upgrade	19:14
J_P	anyone know what is the problem?	19:14
KillMeNow	haven't heard of any issue	19:15
Pici	J_P: It may just be the mirror you are hitting, I've not seen or heard of any issues today.	19:15
henkjan	J_P: you can try another mirror	19:15
J_P	henkjan: humm, what are the list of mirrors?	19:16
the-dude	or change country mirror	19:16
henkjan	https://wiki.ubuntu.com/Mirrors	19:16
J_P	the-dude: henkjan ok	19:17
henkjan	J_P: https://launchpad.net/ubuntu/+archivemirrors	19:17
henkjan	on the last one from launchpad you can check if the mirror is up2date	19:17
henkjan	of course, the best one to use is nl.archive :)	19:18
J_P	I change country mirror and works	19:18
toehio	is there a package that contains everything necessary to turn ubuntu-server into ubuntu-desktop (Gnome + all other desktop apps)?	19:21
uvirtbot	New bug: #362603 in unixodbc (main) "ODBCConfig fails on configure existing data source" [Undecided,Incomplete] https://launchpad.net/bugs/362603	19:21
henkjan	toehio: apt-get install ubuntu-desktop	19:21
toehio	henkjan: thank you!	19:22
toehio	is there something similar for xfce?	19:22
toehio	xubuntu-desktop :)	19:23
henkjan	toehio: thats right	19:23
toehio	So simple. I love it :)	19:24
pan12345	http://www.thaiadpoint.com/tap8.1/bin/redir.php?p=2042&l=1357&u_id=363435	19:51
zul	smoser: you might want to add a section about removing images with big fat security holes	19:53
smoser	hm... doesn't that seem rude ?	19:54
pan12345	http://www.thaiadpoint.com/tap8.1/bin/redir.php?p=2042&l=1357&u_id=363435	19:54
zul	smoser: it might but better safer than sorry	20:00
zul	im pretty sure rhel does it	20:00
zul	just thought I would bring it up	20:02
smoser	i'm not aware of any software release that actively destroys old release media	20:03
smoser	ie, fedora doesn't remove install isos because they have security flaws, nor does ubuntu	20:04
kees	smoser: nothing what was in release is removed, but anything between release and current -security or -updates is removed (though not the source)	20:05
smoser	hm... i didn't realize that.	20:06
borior	hi all, I'm running ubuntu-server 9.04 and am trying to get a xen-compatible kernel up and running. where can I find the default server kernel config? no /proc/config.gz... =(	20:26
borior	oh, duh. /boot.... sorry for not looking there first!	20:30
giovani	heh	20:31
giovani	that's where they always are ...	20:31
zul	kees: but didnt we release new isos when that ssh key vuln was found?	20:32
kees	zul: correct.	20:33
kees	zul: er, actually, I can't remember now	20:33
soren	kees: Had you heard of TOTP and/or HOTP before?	20:33
zul	kees, smoser: maybe have something like ec2-init check the ami id against a blacklist of amis you are running and print out a big fat warning when the user login	20:34
kees	soren: hadn't, no	20:35
soren	kees: Alright.	20:35
ruben23	hi	20:54
ruben23	how do i completely stop an application running form my ubuntu server- even when the server is restarted....	20:55
soren	ruben23: What's the application?	20:55
ruben23	the application will not still run	20:55
ruben23	like mysql and apache	20:55
ruben23	that two application..	20:56
soren	Eh? Are you trying to start or stop it?	20:56
ruben23	i mean completely disable	20:56
ruben23	the two service	20:56
ruben23	anyone have idea...?	20:57
ruben23	anyone...?	21:00
soren	I don't understand your question.	21:02
domas	update-rc.d	21:02
zoopster	ruben23: use update-rc.d to remove it	21:02
soren	Are we talking about apache and mysql or something like apache and mysql?	21:02
soren	And are you trying to start it or stop it?	21:02
ruben23	zoopster: how do i execute it..	21:03
ruben23	yes--i said stop it	21:03
=== monteith_afk is now known as monteith
uvirtbot	New bug: #302962 in mailman (main) "Mailman web interface does not work with suexec" [Undecided,Incomplete] https://launchpad.net/bugs/302962	21:56
qman__	kees, yeah, new ISOs were built shortly after the SSH key vulnerability	22:05
qman__	it was 6.06.1 IIRC	22:05
George1	Hi Guys, basic question about Ubuntu server 9 running the cloud software. If I add a virtual machine into the cloud is that then running on a single server or does it run over multiple servers within the cloud?	22:09
George1	Assuming I had say 2 servers in my cloud config.	22:09
KillMeNow	no idear	22:11
guntbert	I wanted to know to which package "man" belongs, apt-file search "/usr/bin/man" gives several results but nothing for man itself - whats the trick?	22:15
dmacnutt	/usr/bin/man	22:17
guntbert	dmacnutt: ??	22:18
dmacnutt	probably part of base-files	22:18
dmacnutt	maybe doc-base	22:19
guntbert	dmacnutt: let me test some ideas	22:21
dmacnutt	nevermind it's called "man"	22:23
=== foxbuntu` is now known as foxbuntu
kees	qman__: dapper wasn't affected :)	22:37
guntbert	dmacnutt: do me a favor - please try dpkg -S man \| grep bin/man on your system - that should give /usr/bin/man and a few more...	22:39
jdstrand	guntbert: dpkg -S /usr/bin/man	22:46
jdstrand	man-db: /usr/bin/man	22:47
* soren is getting annoyed.		22:48
soren	Can some please calculate the HMAC_SHA1 with key "12345678901234567890" and data 0 (ASCII 0, not '0')? I have a document that says it should yield one value, but I'm getting another.	22:48
qman__	kees, ah, my bad, but I do distinctly remember a new build right after the vulnerability	22:48
guntbert	jdstrand: strange here I get ...not found but man-db is installed	22:53
jdstrand	guntbert: what version of Ubuntu?	22:53
guntbert	9.04 server	22:54
jdstrand	$ ls -l /usr/bin/man	22:54
jdstrand	lrwxrwxrwx 1 root root 17 2009-04-24 18:03 /usr/bin/man -> ../lib/man-db/man	22:54
jdstrand	dpkg -S /usr/lib/man-db/man	22:55
jdstrand	man-db: /usr/lib/man-db/man	22:55
jdstrand	guntbert: ^	22:55
* soren headdesks		22:55
soren	Never mind about that HMAC.	22:55
guntbert	jdstrand: ok, thx - I finally understand - silly me	22:56
* soren kicks himself and learns the difference between bits and bytes		22:56
guntbert	soren: 8bits are .... uuhhmm what? ;-)	22:57
KillMeNow	but what about nibbles guntbert??	23:01
ScottK	guntbert: two nibbles.	23:01
guntbert	KillMeNow: oh you naughty boy ;-)	23:01
KillMeNow	LOL	23:04
* KillMeNow likes nibbles		23:04
soren	guntbert: Something very different from 8 bytes. I know that much.	23:05
soren	Now.	23:05
guntbert	soren: don't worry, I hear those sentences rather often (as in "an IPv4 address consists of 4 bit" :-))	23:07
soren	mdeslaur: In other news, in case you're interested, I have a HOTP key generator in Python now.	23:10
mdeslaur	soren: oh, cool :)	23:12
mdeslaur	soren: so, besides adding time drift handling...is there anything missing to make a validator?	23:13
mdeslaur	soren: did you order a token?	23:13
soren	mdeslaur: Yeah, there are a few things like throttling, resynchronisation (in case someone accidentally generates a stack of keys that are never used..)	23:14
soren	mdeslaur: I'm also not US based, so no.	23:14
mdeslaur	I thought it was time-based...it needs resynchronisation?	23:15
mdeslaur	oh! HOTP!	23:15
mdeslaur	I thought TOTP	23:15
soren	mdeslaur: That's next.	23:16
mdeslaur	sweet :)	23:16
* soren is enjoying having written unit tests for this.		23:18
kees	qman__: yeah	23:20
* soren calls it a day		23:24
JanC	guntbert: 8 bits = 1 octet (I'm also not sure if 1 byte could not be 1 bit; is a 1-bit computer architecture possible? ;) )	23:55
guntbert	JanC: lets not split hairs - I'm content if the general difference is understood (as "there are 10 kinds of people, those who understand binary and those who don't")	23:58

Generated by irclog2html.py 2.7 by Marius Gedminas - find it at mg.pov.lt!