[00:19] I want to install postfix with apt-get, but I want to do it in an unmanned script. How do I get it to just use the "Internet Site" option and not require user input? [00:21] pigflu: you need to preseed the package. [00:22] http://wiki.debian.org/DebianInstaller/Preseed [00:22] jtimberman: and then he complains about it not being entirely preseedable... long painful story there. [00:22] jtimberman: Thanks for the link [00:22] pigflu: the other option is to just create /etc/postfix/main.cf before doing the install, and then it'll choose to "not change the configuration" [00:23] lamont: Ah, that works too [00:23] I'll need to look into both options. [00:23] Thanks! === monteith is now known as monteith_afk === monteith_afk is now known as monteith [01:41] hi [01:41] i just burned off ubuntu-9.04-server-i386 and booted it [01:41] it wont let me selected english, once the cd boots my keyboard lights go out [01:41] i have tried every keyboard in the house [01:41] they all work in bois untill cd boots [01:42] why does it not have the countdown that defaults to english like every other operating system on the planet? [02:12] if you have a USB keyboard, try changing the BIOS settings regarding that [02:13] if your keyboard doesn't work to select the language, it won't work to select "Install" either [03:36] New bug: #426597 in net-snmp (main) "Huy Pham" [Undecided,New] https://launchpad.net/bugs/426597 [04:01] hey guys [04:02] ihave an install of apt-get while trying to update it stalled on me so i cntrl-z now it seems apt0get is currupted [04:02] i am completely stumped [04:02] can anyone help [04:02] i can paste messages etc for you if you need [04:02] i am getting E: dpkg was interrupted, you must manually run 'dpkg --configure -a' to correct the problem. [04:02] but when i type it [04:02] it just gets stuck at Setting up module-init-tools (3.3-pre11-4ubuntu5.8.04.1) ... [04:03] checking the log file [04:03] i see a whole bunch of these [04:03] kernel: 4gb seg fixup, process klogd (pid 1541), cs:ip 73:006dbc6c [04:03] where process is syslogd klogd sshd [04:03] etc... [04:05] also ps shows: root 3434 21.4 0.0 4724 1676 pts/1 R+ 20:03 0:12 /usr/bin/perl /usr/sbin/update-rc.d module-init-tools start 15 S . [04:07] anyone ? [04:18] How long did you let it run? [04:18] around 8 mins [04:19] why do i keep getting these 4gb seg fixup, process nrpe (pid 14995), cs:ip 73:00192240 errors [04:19] nrpe is the nagios daemon [04:19] but that dreaded 4gb seg fixup error keeps coming [04:19] Not sure about that. [04:19] and i have no cliue what it is [04:19] Does Google know about it? [04:20] supposedly it's a kernel lib that runs atop xen architectures [04:20] yeah google says to install the xen lib [04:20] but i cant bc apt-get dpkg doesnt really work :-/ === chrislabeard is now known as artillerytx [04:21] Hey guys i heard there was a way to download torrents remotely on a server [04:22] artificialexit: torr ... check out the torr network... if your not talking about that then be more specific [04:23] ScottK: any idea what these error messages are http://www.pastie.org/610529 ? [04:24] ScottK: also it's been running for over 5 mins now [04:24] USER PID %CPU %MEM VSZ RSS TTY STAT START TIME COMMAND [04:24] root 3434 21.3 0.0 4724 1676 pts/1 R+ 20:03 4:17 /usr/bin/perl /usr/sbin/update-rc.d module-init-tools start 15 S . [04:24] root 3870 0.0 0.0 3636 1028 pts/0 R+ 20:24 0:00 ps aur [04:26] This isn't in a xen vm is it? [04:27] ScottK: yes it is on a amazon ec2 instance [04:29] f00f: http://www.google.com/search?q=4gb+seg+fixup&ie=UTF-8&oe=UTF-8 may have some useful information. I can't say for sure. [04:32] hello - what does iU mean in dpkg -l pls? [04:34] Alysum: thats a list of your packages... iU is a simple package... google is your friend [04:35] google was not my friend mate [04:35] hence I asked here [04:35] ahh [04:35] i dunno [04:36] internet university [04:38] haha [04:38] jk [04:38] i dunno dude [04:38] did you use the dpkg utility [04:38] just do a dpkg -l iU [04:39] or just do a dpkg -p iU [04:39] easy [04:55] Alysum: if you tried other resources (e.g. google), you should mention that in your initial question. It shows that you are trying to help yourself. [04:56] Alysum: iU in dpkg -l's output means that the package is installed and (IIRC) unconfigured. The first few lines of dpkg -l's output should explain what each letter means. [04:56] "Unpacked", not unconfigured. [05:26] no [05:26] iU is a state [05:26] like ii etc... [06:49] is there a way i can log commands run by any user in a file, and if possible daily emailed to me and then deleted? [06:59] well there is command history for the shell the user runs (eg: .bash_history in the users home dir), but it's not exactly infallible, or reliable. but it might be a start [07:01] or you might be able to implement something using the auditd architecture to log them all, but then you'd want to filter stuff out as well for things like cron, certain apps and the like [07:04] err apparmor even, but I doubt it would be useful, and if the machine is busy you'll have a LOT of logs to go thru [07:07] There is really no way to do that kind of thorough, clandestine monitoring of a stock Linux system. [07:08] You either need to give the user a VERY restricted environment, without the ability to perform arbitrary commands, and then wrap their entry point in a monitoring app -- or better, to insert something into the kernel that logs everything they do. === monteith is now known as monteith_afk === monteith_afk is now known as monteith [10:02] New bug: #349331 in qemu "limited screen resolution" [Low,Confirmed] https://launchpad.net/bugs/349331 [10:02] New bug: #426704 in mysql-dfsg-5.1 (main) "package mysql-server-5.1 5.1.37-1ubuntu4 failed to install/upgrade: subprocess installed post-installation script returned error exit status 1" [Undecided,New] https://launchpad.net/bugs/426704 === johe|work is now known as johe [10:55] * soren lunches [10:57] I suspect 349331 is not-a-bug. === erichammond1 is now known as erichammond [12:31] hi [12:32] how to enable the connection to a machine in root mode ? [12:37] maxagaz: from where_ [12:38] hjmf, from my server [12:39] hjmf, i mean to connect as root in ssh to a server [12:39] 'PermitRootLogin yes' in /etc/ssh/sshd_config [12:40] maxagaz: take a look to /etc/ssh/sshd_config [12:40] That is actually the default [12:40] maxagaz: You probably don't want to do that though. [12:40] maxagaz: and check PermitRootLogin yes [12:41] and add root to AllowUsers [12:41] On the off chance you actually do have a need for a true root account, it's better to ssh in as a non-priviledged user and su to root. [12:41] maxagaz: also be sure that the root account is enabled and not just sudo [12:41] I mean> root has a password [12:42] maxagaz: finally an advice [12:42] access the server via ssh keys [12:42] and install some kind of denyhosts stuff [12:43] maxagaz: I agree with ScottK [12:43] thanks for those advices [12:43] OK [12:59] kees, jdstrand, mdeslaur: Are any of you guys familiar with HOTP or TOTP? [13:00] soren: no...first I have heard of it...interesting [13:01] mdeslaur: It gets better.. [13:02] totp = top of the pops? [13:02] mdeslaur: http://www.gemalto.com/products/ezio_time_token/ [13:02] http://onlinenoram.gemalto.com/Ezio-Time-Token-for-use-with/M/B002CRN5X8.htm [13:03] $12.99 a piece beats the ¤#&!"#¤ out of RSA SecurID. [13:03] yeah, and RSA's crappy algorithm [13:03] wow [13:04] it uses TOTP? [13:05] Yes. [13:05] * mdeslaur is excited [13:08] mdeslaur: I've not yet seen a pam-totp module, but I doubt it would be a huge task to make one. [13:09] damn, no shipping outside US [13:09] Yeah :( [13:09] * pmatulis is not surprised [13:10] my dream is having own TOTP auth, federated via openid etc elsewhere [13:10] The key generation code is also quite simple, so an android app to generate it wouldn't be a big task either. [13:10] mm, good idea too :) [13:10] pmatulis: About the shipping thing? [13:10] soren: have you found a TOTP implementation somewhere? [13:10] mdeslaur: The spec contains a reference implemention, IIRC. [13:10] * soren checks [13:11] oh duh [13:11] you're right [13:11] TOTP is simple once you have HOTP, though. And HOTP certainly has a reference implementation in the spec. [13:12] It would be soo awesome to ship these modules with Ubuntu and have Canonical sell branded tokens. [13:12] interesting...some of the totp authors are from verisign...I wonder if the verisign token uses that [13:14] Lots of folks are involved in OATH, apparantly. [13:14] Perhaps I've been living under a rock, but I didn't know about it until earlier today. [13:14] mdeslaur: Yup, that seems to be what verisign uses. [13:15] "VeriSign Identity Protection service is an open standards platform that supports OATH-compliant, time-based OTP generation for user authentication" [13:15] soren: me either...and..I used to make a living selling authentication devices and smart cards [13:17] it [13:18] It's funny how, when you know the secret keywords to google for, you can find lots and lots of manufacturers making these tokens. [13:19] it's about time they standardize these things [13:20] Indeed. [13:24] smoser: I either disagree or do not understand your tagging bug 420635 with [13:24] Launchpad bug 420635 in ubuntu-on-ec2/intrepid "Update Hardy kernel AKI for local privilege escalation" [High,Triaged] https://launchpad.net/bugs/420635 [13:24] smoser: 'uec-images' [13:25] * soren continues to try to get used to his apostrophe being where it is.. [13:25] soren, gone [13:25] mdeslaur: So... When can I apt-get libpam-totp, you think? :) [13:26] soren, i just updated a bunch of bugs, sorry for being a human with limited focus on long page loads :) [13:26] smoser: :) [13:26] thanks for noticing [13:27] mdeslaur: Do USN's always have corresponding bugs on Launchpad? [13:27] soren: no, not necessarily [13:27] mdeslaur: If so, how can I look up the bug corresponding to, say, USN-819-1? [13:28] soren: you can look up the CVE number, hold on... [13:28] https://bugs.launchpad.net/bugs/cve/CVE-2009-2692 [13:28] mdeslaur: The Linux kernel 2.6.0 through 2.6.30.4, and 2.4.4 through 2.4.37.4, does not initialize all function pointers for socket operations in proto_ops structures, which allows local users to trigger a NULL pointer dereference and gain privileges by using mmap to map page zero, placing arbitrary code on this page, and then invoking an unavailable operation, as demonstrated by the sendpage operation (sock_sendpage function) on a PF_PPPOX sock [13:30] soren: you can also look in the ubuntu cve tracker, we usually put bug links there: http://people.canonical.com/~ubuntu-security/cve/2009/CVE-2009-2692.html [13:30] mdeslaur: The Linux kernel 2.6.0 through 2.6.30.4, and 2.4.4 through 2.4.37.4, does not initialize all function pointers for socket operations in proto_ops structures, which allows local users to trigger a NULL pointer dereference and gain privileges by using mmap to map page zero, placing arbitrary code on this page, and then invoking an unavailable operation, as demonstrated by the sendpage operation (sock_sendpage function) on a PF_PPPOX sock [13:30] die, bot, die die die [13:32] i'm having a ubuntu 8.04 server, i'm wanting to get some virtual server on it (i prefer gentoo, but that doesn't matter). Is it possible to get any virtualization software (vbox?) working without having to reboot? [13:45] evert: vmware i.e. [13:46] will it work without the need of a reboot? [13:46] evert: yes [13:46] hello [13:46] and is vbox possible without reboot too then? [13:46] for some reason i'd like to use vbox instead of vmware :) [13:46] evert: I guess so; kvm too [13:47] ok, nice :) [13:47] New bug: #362013 in qemu "kvm migration fails with large-memory VMs" [High,Fix released] https://launchpad.net/bugs/362013 [13:47] evert: You'll only need to reboot in case of installing a new kernel in your host [13:52] soren: i have the hardy updated ec2 kernels built im just testing them out [13:53] zul: Why isn't John doing this? [13:53] * soren seems to be asking that question a lot [13:53] soren: because scott asked me to do that [13:54] smoser: ^? [13:54] zul, i guess probably john should be doing that, yes. [13:55] k [14:00] Hi guys, my flash in firefox is messing with the sound. I need to uninstall this verion (dont know how to do it) and i need to install the best version (Dont know which one that is?) im in Ubuntu Server 9,04 [14:01] garymc: Not if you're running Firefox you aren't (no X in ubuntu server) [14:02] sorry im using LTSP server im logged in through Thin client GUI [14:02] so am i still not using ubuntu server? [14:03] OK [14:03] smoser, do you have time to try the Ubuntu ec2 kernel in my PPA ? https://edge.launchpad.net/~timg-tpi/+archive/ppa [14:04] This still isn't a good channel for flash/firefox questions. [14:04] rtg, you have it built ? or you want me to build too [14:05] smoser, binaries await your pleasure [14:05] smoser, I don't know how to extract the right bits and pump them into the cloud. [14:06] I've just built a kernel with the 3.02 xen patch set according to the results that zul and jj came up with last friday [14:06] zul can help with that. i'm not exactly sure what you need to upload. [14:07] i can get to it later this morning probably [14:09] zul, maybe preferable for you to just document what i need to do ? [14:10] smoser: its already documented on the wiki [14:12] zul, the only thing i dont know is what goes at '' [14:12] the vmlinuz file [14:13] maybe get jj to upload it and have him ask you to test it [14:13] i'll upload it. [14:14] zul, fyi, i have centos 5.0 dvds, they are sitting at http://smoser.brickies.net/iso/centos/5.0/ [14:14] how long did it take you to get them? ;) [14:14] but apparently the apache there has a 2gb file limit, so they dont show up and it wont give them to you [14:15] someone pushed them ftp for me from a fairly fat pipe, and then i copied. [14:15] i actually lost all peers sometime yesterday. [14:15] heh [14:15] if you're interested in downloading, i can give you ftp access [14:15] sure [14:16] smoser, I think I've plenty of space on zinc if you wanna store them there. [14:18] just been looking at logrotate file in /etc/logrotate.d/ i would like to know if you can tell it to work recursively through folders ? [14:19] ie scan /home/www/*/*.log type syntax, because each domain has its own log file in seperate folders [14:19] anyone know if this is possible ? [14:19] zinc ? [14:19] rtg, if you want to pull them to there, that might be useful [14:20] i can give you access. [14:20] smoser, well, I'm only gonna bother if its really useful 'cause it'll take awhile. [14:20] rtg, then dont bother [14:21] what is zinc? [14:21] smoser, kernel.ubuntu.com [14:21] ah. dont worry about it. [14:25] hi all , telnet localhost 10024 is not working ... please help [14:27] New bug: #394967 in apache2 (main) ""aptitude upgrade apache2" overrides run-level settings (dup-of: 416318)" [Undecided,New] https://launchpad.net/bugs/394967 [14:36] New bug: #414997 in ec2-init "ec2-set-defaults should be 'run_once_per_ami'" [Undecided,In progress] https://launchpad.net/bugs/414997 [14:44] konza: what do you expect to find at 10024? [14:45] hjmf, i am tryinig to install a mailserver... while following the instructions in ubuntu docs it was writen ther to telnet port 10024 [14:46] amavisd? [14:46] hjmf,ya [14:46] konza: what version of ubuntu are you using? and what docs are you following? [14:47] ubuntu 9.04 https://help.ubuntu.com/community/PostfixAmavisNew [14:48] please see this http://paste.ubuntu.com/267946/ [14:48] konza: looking [14:48] hjmf, please see this http://paste.ubuntu.com/267946/ [14:49] konza: I'd check out https://help.ubuntu.com/9.04/serverguide/C/mail-filtering.html since it's the official docs. [14:50] konza: Do what it says in your paste. [14:50] ScottK, how to change that ......... when i run uname i get 'Linux' [14:51] konza: Then set it in /etc/amavis/conf.d/05-node_id using your favorite editor. [14:52] konza: run hostname -f or use localhost [14:52] as fqdn; it might work [14:52] hjmf, hostname -f gives KONASA [14:53] but konasa doesn't include the domain part [14:53] edit /etc/hosts [14:53] with something 127.0.0.1 konasa.localdomain konasa [14:53] hjmf, what should i do to include domain name [14:54] if you are playing include whatever you want: ie localdomain or local.lan [14:54] as long as you reflect it in /etc/hosts too [14:54] I guess. [14:55] I havent never configured amavisd, but should work [14:55] I would use localhost.localdomain as fqdn [14:55] and in etc/host I'd put [14:56] 127.0.0.1 localhost.localdomain if it isn't already [14:56] hjmf, http://paste.ubuntu.com/267953/ [14:57] konza: then add the domain part :-) [14:57] man hosts [15:00] konza: as I said before, localhost might work for amavisd conf. [15:02] hjmf, can u pls make the necessary changes in /etc/hosts and paste it [15:03] konza: leave etc/hosts as it is for the moment [15:03] hjmf, k [15:03] just configure amavis to use localhost as $myhostname [15:04] is anyone from ubuntu security team here? :) [15:04] k [15:06] hjmf, http://paste.ubuntu.com/267961/ [15:06] mdeslaur: ping! :) [15:07] domas: yes? [15:07] mdeslaur: can I have private security inquiry with you? [15:07] konza: please pastebin the amavis conf file [15:07] domas: sure [15:10] hjmf, http://paste.ubuntu.com/267964/ [15:11] konza: sorry, I meant the /etc/amavis/conf.d/50-user where you put the localhost setting [15:13] konza: also pastebin the offending /etc/amavis/conf.d/05-node_id [15:14] hjmf, problem solved [15:14] konza: cool [15:15] hjmf, thanks [15:15] hjmf, thanks a lot. [15:15] konza: you are wellcome [15:16] hjmf, i just added $myhostname = "shyam.localhost.com" [15:18] konza: you should use your real hostname and your real domain name or just localhost [15:18] konza: per real hostame and real domain name it might be konasa.local.lan [15:19] hjmf, so should i change shyam.localhost.com to localhost [15:19] konza: It would be better if it works [15:19] k [15:20] hjmf, its working [15:21] konza: great! [15:24] Anyone have experience with AppArmor not allowing/complaining about read-access to '/usr/share/zoneinfo' when such access is clearly ( and redundantly ) allowed in the profile? [15:30] hjmf, imap login failed... [15:30] hj what to do [15:31] hjmf, u there dude? [15:32] konza: what are you using as imap server? [15:32] konza: is it running? [15:32] hjmf, courier [15:32] konza: which is the error? [15:32] you might want to check the logs at /var/log [15:33] konza: what are you using for auth backend? vpopmail? sql? pam? [15:33] hjmf, i used the command imap login shyam mypassword [15:34] imap NO Login failed. [15:34] bobo, sql [15:35] what db? [15:35] bobo, actually i didnt understand ur question [15:36] konza: you should provide more info. Check if the process is running and the log info [15:36] hjmf, how should i check it [15:37] konza: I don't have experience with courier-imap I use dovecot in my servers [15:37] konza: however there should be some files named courier or similar in /var/log [15:37] konza: check them [15:38] courier has ( or at least used to have ) an auth-daemon which could use various different back-ends for obtaining user-credentials. Other parts of the courier mail system ( like the IMAP server ) would talk to the auth-daemon. The Auth-daemon would check provided credentials against any store it was configured to use: a sql-database ( mysql/pgsql ) or /etc/passwd or a vpopmail installation or others [15:38] konza: also check if courier is running; ie ps aux | grep -i courier [15:38] soren, ping [15:38] bobo: I'm sure that konza is vaildating against passwd [15:39] https://bugs.launchpad.net/ubuntu/+source/landscape-client/+bug/421707 or maybe zul, or kirkland or anyone. [15:39] Launchpad bug 421707 in landscape-client "landscape-client cron job is broken" [Undecided,Fix committed] [15:39] am i doing the above "right" ? nominating that for release ? [15:39] * kirkland looks [15:39] smoser: What's up? [15:39] ^^ [15:39] smoser: Error: "^" is not a valid command. [15:40] funny. silly uvirtbot [15:40] * zul looks [15:40] i'm trying to mark that we need to fix landscape-client in those hardy and in intrepid (well, maybe not intrepid) [15:40] soren: So, the error is a bit weird.. when the admin interface on port 8443 comes up, the API on 8773 goes down [15:40] soren: Rings any bells? [15:41] smoser: you should just be able to copy from the landscape ppa to the ubuntu-on-ec2 ppa [15:42] zul, yes. i'm just wondering about the "Nominated for Hardy" [15:42] smoser: accepted [15:42] konza: check the logs as hjmf suggests, first ( courier logs , /var/log/auth ) ; Worst case, if it is file-system based authentication you can stop the courier auth-daemon and restart it under 'strace -f' and look for the unsuccessful system call. [15:42] is that the right way to do this stuff ? [15:42] niemeyer: Not off the top of my head. [15:42] smoser: set the status/importance appropriate [15:42] kirkland: Have you seen niemeyer's problem before? [15:42] soren: niemeyer: hrm, no, i haven't [15:43] niemeyer: Nothing of interest in the logs? [15:44] ok, now please reload that page. [15:44] soren: There are errors there, but nothing I can parse myself [15:44] smoser: I just accepted the nominatoins. [15:45] what i'm trying to indicate in those tasks (under "landscape-client (Ubuntu)") is that karmic is "fixed" (no problem) . [15:45] smoser: Actually, I wanted to just accept the Hardy one, but Launchpad accepted both when I clicked the button. [15:45] smoser: In that case, it looks correct to me. [15:46] soren, do you think it should be fixed in intrepid ? (I'm actually not certain the bug exists there, my guess i sprobably not, but need to verify) [15:47] smoser: I would say it's low/wishlish importance for Intrepid. If we suddenly have a lot of time on our hands, we can look at it. [15:47] and, given the indication that this is the new way to do things, i am going to get bug 420635 in line also [15:47] Launchpad bug 420635 in linux "Update Hardy kernel AKI for local privilege escalation" [Undecided,New] https://launchpad.net/bugs/420635 [15:47] soren, i'll verify whether or not its present there really quick and just kill it as invalid if not [15:48] soren: I'll leave for a quick lunch and try to get hold of someone from Eucalyptus [15:49] niemeyer: They're only just starting to turn up. They're on the US west coast. [15:49] soren, can you accept nomination for 420635 to hardy and intrepid [15:49] bug 420635 [15:49] Launchpad bug 420635 in linux "Update Hardy kernel AKI for local privilege escalation" [Undecided,New] https://launchpad.net/bugs/420635 [15:50] smoser: Done [15:51] anyone have luck with installing latest e1000e intel drivers on 9.04? readme states it cant be compiled and has to use modprobe. Im able to make binary, assign ip, and ping but disappers with reboot... [15:51] * soren will be back later.. [15:53] mxzypltk: hmm ill test it tonigt [15:55] thx. Using it as a wshark capture card for netflow box and it starting to frustrate me a bit! === monteith is now known as monteith_afk [16:00] soren, please accept nominations for bug 308530 [16:01] Launchpad bug 308530 in ubuntu-on-ec2 "Wait for network before downloading ssh credentials or user-data" [Medium,Fix released] https://launchpad.net/bugs/308530 [16:06] Is anyone using AppArmor on Ubuntu? Is there a better channel for AppArmor stuff? [16:07] bobo: virtually everyone is using apparmor on Ubuntu-- it is installed by default and several applications have default profiles [16:07] (in other words, you have to turn it off to not use it) [16:08] No one has run into my /usr/share/zoneinfo problem? [16:09] bobo: what problem? what profile? paste your profile and dmesg output somewhere [16:10] somewhere NOT in this irc? I am unfamiliar with the basic conventions and courtesies of IRC. [16:11] bobo: http://paste.ubuntu.com/ [16:11] bobo: also paste the output of aa-status [16:13] kirkland, can you accept nominations for bug 308530 [16:13] smoser: Error: Could not parse data returned by Launchpad: timed out [16:13] jdstrand, sometime today, when you have a minute can we talk ? [16:15] smoser: absolutely [16:15] whenever you've got a minute or 15 or 20 [16:15] smoser: right, let me ping you [16:15] k [16:16] jdstrand: http://paste.ubuntu.com/267993/ ( re: AppArmor ) [16:17] hey [16:17] got a small problem [16:17] bobo: you have access to all files under /usr/share/zoneinfo, but not /usr/share/zoneinfo itself [16:17] i got 10 machines that are accessing the same NFS resource and the clocks are all screwy [16:17] or at least make complains [16:17] bobo: add '/usr/share/zoneinfo/ r,' [16:17] thanks [16:18] do i need to make some machine a NTP server? [16:18] and all other machines conect to it? [16:18] clusty: If they have Internet connectivity you could just make all of them NTP clients, no need for your own NTP server. [16:19] jmarsden, ok. they are connected to net [16:19] It would be kinder to upstream time-servers to maintain your own master [16:19] If it was 100 machines you should definitely have your own server, but for 10 it's up to you. [16:19] jmarsden, is there some service i can install to regularilly fix times? [16:19] jmarsden, or it's a job for cron? [16:19] just use router as NTP server [16:19] thats what i do, pfsense as router/ntp etc [16:19] dns if need be [16:20] clusty: sudo apt-get install ntp [16:20] It that service is running it will keep the machines time in sync for you. [16:20] jmarsden, awesme. thanks [16:21] You can check to see that it is working (after a few minutes for the time sync to happen) using ntpq -p which shows what NTP sever(s) your machine is talking to and whoch one it is synced to. [16:23] whats a good place to ask something about dh_make? [16:24] #ubuntu-motu , if you are creating packages for Ubuntu. [16:24] jmarsden, is the list of servers changing dynamically? [16:24] jmarsden: thx :) [16:25] clusty: No, see /etc/ntp.conf you can set them in there. [16:25] But for "good enough for NFS" the default will be fine. [16:26] the-dude: No problem. [16:28] jmarsden, offset is the time offset in seconds? [16:35] hjmf, hi... there was some problem with my net connection... srry...... [16:37] konza: then, It is working now? [16:41] hjmf, nope === dyh is now known as roodyk [16:52] hello , how to reinstall nagios ? [16:52] jdstrand: hello. Just read your apparmor addition to karmic's tech overview. great stuff. Just one question: what do you mean by "transistion" in the sentence "AppArmor also now supports 'pux' which, when specified, means a process can transition to an existing profile if one exists or simply run unconfined if one does not."? [16:53] Techtronic: sudo apt-get install nagios? [16:53] reinstall or reconfigure? [16:54] or sudo apt-get install --reinstall nagios [16:54] nijaba 1min [16:54] Not replacing deleted config file /etc/nagios3/conf.d/host-gateway_nagios3.cfg include file /etc/nagios3/apache2.conf does not exist! E: Sub-process /usr/bin/dpkg returned an error code (1) [16:56] Not replacing deleted config file /etc/nagios-plugins/config/disk.cfg .... howto fix this ? [16:56] nijaba: if a process is confined by a profile (eg, firefox), and it needs to execute another process, that is a transition [16:57] Errors were encountered while processing: nagios3-common , nagios3 [16:58] installing hardy on server and want to preserve /home on lvm volume; will the install reformat these? [16:59] jdstrand: ok. so in other word, pux would be used to have firefox ask the system "hey, please execute this with its own profile if it has one, otherwise without?" [16:59]