/srv/irclogs.ubuntu.com/2009/09/11/#ubuntu-server.txt

Bookman	I'm pretty new to this whole remote ssh computing. How do I copy a file from one computer to another using ssh access in terminal?	00:00
domas	scp file computer:	00:00
ahe	Bookman: scp file user@computer:/path/where/to/put/the/file	00:01
domas	my method is shorter!	00:01
* domas giggles		00:01
Bookman	Thank you kindly.	00:03
Bookman	That is from local to remote, correct? How about reverse?	00:03
Bookman	A simple reverse would work?	00:04
Bookman	scp user@computer:/file file	00:04
ahe	yes	00:04
erichammond	rsync -Paz localfile user@computer:/remotefile	00:04
erichammond	rsync -Paz user@computer:/remotefile localfile	00:04
erichammond	:)	00:04
Bookman	lots of ways, eh?	00:04
erichammond	rsync can do compression and is super-smart about updating files which have minor changes.	00:05
Hypnoz1	also rsync is smarter about copying symlinked directories	00:11
Bookman	hmmm....having trouble with scp though.	00:11
Hypnoz1	probably need to to do -r to have it copy recursively if you're doing directories	00:12
Hypnoz1	what issue are you seeing with scp?	00:12
Bookman	I'm having trouble copying a file with spaces in the name.	00:13
Bookman	I have it between quotes	00:13
=== scratched_ is now known as scratched
Bookman	Here is what I tried http://pastebin.ca/1561630	00:19
Hypnoz1	ya spaces in scp is a mess, I sometimes end up using *	00:20
Bookman	Just a wildcard?	00:20
Hypnoz1	I had that same issue a few days ago and never got it figured out, just did the wildcard to get the dir	00:21
Hypnoz1	should be able to \ before the space right	00:21
Hypnoz1	that would make too much sense though	00:21
Bookman	I guess I can rename the file.....	00:21
Bookman	Not sure if I have those permissions in that directory though.	00:22
Hypnoz1	might try to google a little about scp with a space in the filename	00:22
Hypnoz1	or use some wildcards to get it	00:23
Hypnoz1	just replace each space with a * it should be ok	00:23
Hypnoz1	gotta go, good luck	00:23
Bookman	Thanks!	00:24
=== ktk_ is now known as KurtKraut
Bookman	Anyone else know how to scp a file with spaces in its name?	00:32
KillMeNow	you need to escape the spaces	00:35
Bookman	I tried that	00:36
KillMeNow	here is a link: http://www.thingy-ma-jig.co.uk/blog/14-05-2007/how-to-scp-a-path-with-spaces	00:36
Bookman	Ah, let me try again.....	00:37
Bookman	KillMeNow: Thank you kindly. Got it. PITA though.	00:38
soren	mdeslaur: C version of HOTP and TOTP done.	00:40
KillMeNow	yes it is	00:40
qman__	I'm pretty sure you can use quotes, but you have to format it like this	00:40
qman__	scp -r user@host:"/path/to/file" user@host:"/path/to/file"	00:41
Bookman	No problem, escaping the spaces works. I just have to remember.	00:51
Bookman	Thank you all for your help this evening. Much appreciated.	01:06
mdeslaur	soren: you rock :)	01:35
smoser	soren, around ?	01:53
smoser	Bookman, other option is probably to use lftp . i dont know why, but recently i'm really high on how nice lftp is (it supports scp)	01:54
Bookman	I have to look that up!	01:55
pmatulis	smoser: i wonder whether adding an application layer on top of ssh is a good thing	02:00
smoser	pmatulis, i dont really understand.	02:01
smoser	lftp does some really nice things. tab completion, caching of server side data. it does these things for http, ftp, ftps, https, ssh . really helpful.	02:02
pmatulis	smoser: well if you connect with keys you're entrusting them with another program	02:02
smoser	the one major benefit of it is 'pget' (parallel get)	02:02
smoser	which does multiple opens/concurrent downloads . on high bandwidth and high latency links (like my cable modem) 5 parallel gets scales almost linearly in many cases.	02:02
smoser	pmatulis, lftp meerly invokes ssh.	02:03
smoser	so i dont think you're entrusting it to the key more than any other app that could potentially read it from ~/.ssh/...	02:03
smoser	(at least i know for "fish" support it invokes ssh).	02:04
pmatulis	smoser: i guess it's a matter of principle, it's the reason why i don't use gui programs to "help" me with my keys, it's bad enough the ssh-agent invokes some weird sub-process (seahorse-agent?)	02:05
pmatulis	but thanks for the info on lftp and scp. didn't know that	02:06
robd	Hey guys	02:44
robd	Can I use the default Ubuntu server ISO or the alternate install ISO and define my own boot args?	02:44
robd	I'm trying to use my own preseeding file and I'd really rather not have to setup a TFTP server and all that jazz... Can I just use the media you guys provide?	02:44
robd	At the moment I'm not sure how to just edit the boot parameters on the cd	02:45
robd	Is there an easy way to break out of the retarded isolinux gui?	02:45
=== robd is now known as Guest2188
kahrg	Heya, so I have a mini server play around that I am taking to class and I have only a network card installed on it (eth port burned up) I managed to get the wireless card on, but i do not know how to manage its connection through terminal. Is there a tool to help me do this?	03:29
kahrg	Only has a wireless card i mean	03:29
twb	kahrg: that depends on what wifi infrastructure you have installed.	03:36
twb	If NetworkManager is installed, for example, you must talk to it using XML via dbus.	03:36
twb	If only wpa-supplicant is installed, and you have configured it as a "wpa-roam" interface in /etc/network/interfaces as described in wpasupplicant's README.Debian, then you can use the wpa_cli and wpa_action to talk to it like a shell.	03:37
=== mushroomb1ue is now known as mushroomblue
aubre	hey , is the vmware support just announced by Eucalyptus only available in their commercial product, or is it coming to UEC as well?	04:24
ball	I have a site with a small LAN (about ten workstations give or take a laptop or three). We pay someone off site to host our Web site and email. Given suitable hardware, would Ubuntu Server enable us to bring Web hosting and email in-house, as well as hosting our document files?	05:16
ScottK	ball: Yes, but suitable also includes, connectivity, backups, offsite storage, and a lot of other stuff too.	05:18
* ball nods		05:18
ball	rsync is great for off-site backups.	05:18
ball	...also need to replace my tape drive :-/	05:18
ball	What about easy administration?	05:19
KurtKraut	ball, to host a website or an email server it would be rather important to have a static IP address and low demand on traffic on those services.	05:19
ball	KurtKraut: we have that.	05:19
KurtKraut	ball, the IP address has a reverse domain?	05:20
ball	KurtKraut: Not recently, but in the past I've had a domain pointed to it.	05:20
ball	(we would again)	05:20
ScottK	soren: python-mhash accepted. Some packaging improvements can be found in Bug #427692. Please review and upload if you're good with the changes.	05:22
uvirtbot	Launchpad bug 427692 in python-mhash "Please build python-mhash for all supported Python versions" [Undecided,New] https://launchpad.net/bugs/427692	05:22
error404notfound	is there a way i can log all commands executed by any user on shell and then email those to a certain email address at the end of day, delete the log?	05:23
ScottK	soren: I acceptedt the binaries that were done too.	05:28
* ball thinks about giving up		06:11
twb	IMO it's not worth the hassle of maintaining your own hardware in your own office.	06:19
twb	Particularly here in .au, where bandwidth is expensive.	06:20
twb	If I had a company, I'd stick the website and MTA on a VPS in .us, that I have root on.	06:20
giovani	twb: depends on who your web audience is, right?	06:21
twb	giovani: yes	06:21
giovani	clearly if 99% of your visitors are .au -- then you won't want to be hosting in .us	06:21
twb	Mainly I just hate dealing with read hardware :-)	06:21
twb	*real	06:21
giovani	abstractionist!	06:22
giovani	vpses are evil	06:22
twb	Certainly most VPS technology I've seen has been evil	06:22
giovani	and it's all totally insecure	06:23
giovani	I mean, I wouldn't trust any security-sensitive server on a virtualized system at this point	06:23
twb	giovani: web and mail are sensitive now? ;-)	06:23
cef	also depends on where the majority of your mail is going. if it's predominantly internal, having a mail server at your office makes sense (esp. given how expensive bandwidth is here)	06:23
giovani	twb: depends on what they're hosting, right?	06:23
twb	giovani: yep	06:23
giovani	for us, mail is critical security-wise	06:24
twb	end-to-end s/mime? ;-)	06:24
giovani	depends on the individual	06:24
giovani	but yes	06:24
giovani	and everything is tlsed with client certs	06:24
giovani	mail is only accessible from within the network, no webmail, etc	06:25
giovani	vpn in is your only option	06:25
giovani	and only authorized devices can vpn in	06:25
twb	Local hosting is also a lot nicer if you have a dedicated machine room with a rack, proper ac, proper case, hot-swappable drives, etc.	06:25
cef	volume is what kills it for us.. and why we host our own mail. that said, we've thought about hosting the primary MX outside and having it do the main grunt of spam/whatever (and face the brunt of DDOS), and then forward stuff to the real server here at the office	06:26
twb	As opposed to a lot of what I am exposed to, which is an ATX tower stuck under someone's desk	06:26
giovani	haha	06:26
giovani	yeah, that would suck, twb	06:26
cef	heh.. ours are ATX towers stuck on desks next to the rack cos the rack is full. ;)	06:26
twb	It's hard to justify rack mounting when your client only has a dozen staff	06:27
giovani	twb: I've rack mounted for companies of 2	06:27
ball	twb: I dunno, it's nice to keep things tidy	06:27
twb	giovani: yeah, but in YOUR rack, or their rack?	06:27
giovani	theirs	06:27
ball	...same rack-mount UPS are expensive though	06:27
ball	s/same/shame/	06:27
giovani	I had them buy a 22U half-height locking APC cab	06:27
giovani	and we installed 2 servers, 1 router, 1 switch, 1 patch panel	06:27
twb	giovani: yeah, that could work	06:27
giovani	fully locked, and controlled	06:27
giovani	environmental monitoring, etc	06:28
giovani	I've never visited the site since	06:28
giovani	it's all IPMI managed	06:28
twb	A lot of our customers are also running FC3 or CentOS4.2 still, too :-/	06:28
giovani	yeah, that company I have running ubuntu	06:28
twb	Set up by the previous generation of sysadmins	06:28
giovani	yeah, at my day job ... we have a shitton of that	06:29
giovani	1,100 servers	06:29
giovani	set up over the past 10 years	06:29
twb	I tell myself "at least it's not solaris"	06:29
giovani	90% of it from the past 3 years	06:29
twb	Or AIX	06:29
ball	Is there some way to make Ubuntu Server easy to manage?	06:30
giovani	heh	06:30
ball	(for my successor?)	06:30
giovani	yeah, learn to use linux	06:30
twb	ball: document what you're doing	06:30
twb	esp. etckeeper	06:30
ball	twb: I don't know what an etckeeper is.	06:31
twb	ball: apt-get install etckeeper	06:31
twb	It keeps a history of /etc in version control	06:31
ball	I don't have Ubuntu Server installed on a production machine. I've thought about it, but I'm worried about the people who come after me.	06:32
twb	ball: what are you using instead?	06:32
ball	NetBSD. Need to replace that, obviously.	06:33
twb	Heh.	06:33
twb	One of our customers has half a dozen staff... each has a FreeBSD workstation, which is also running part of their core services	06:33
giovani	awesome	06:33
giovani	we do that too	06:34
twb	e.g. one is running NFS, one is running NIS, etc.	06:34
giovani	we have desktops that trade a few million dollars	06:34
giovani	it's horrific	06:34
twb	And their last admin compiled stuff from source, with his own patches, "to make it more secure"	06:34
giovani	twb: ... sure ... why wouldn't you?	06:34
ball	twb: did he leave you the source?	06:34
* JanC wants to know IPs to blacklist certain companies :P		06:34
twb	ball: I dunno, I'm not directly involved with those poor bastards	06:35
giovani	JanC: blacklist for what reason?	06:35
ball	twb: that seems like something to be thankful for.	06:35
twb	Yeah... mostly I work on building desktop SoEs for use by remanded prisoners in DoJ gaols. Requirements elicitation and security analysis is FUN.	06:36
giovani	how do you do your "security analysis"?	06:36
twb	As is getting new copies of the SoE onto their airgapped network	06:36
twb	giovani: mainly by proactively adding layers and layers of cruft	06:37
giovani	how is that analysis?	06:37
giovani	analysis isn't action ... it's passive	06:37
twb	Like removing gettys and xterms and gedit to make it harder to write sh scripts.	06:37
giovani	oh god	06:37
twb	giovani: yeah, OK, so not analysis	06:37
giovani	I'm so going to break into a prison network just to prove a point	06:38
twb	You can still write sh scripts using oowriter and putting "exec >output" at the top, saving them in /tmp (which isn't mounted -o noexec), and then chmodding and executing them in nautilus.	06:38
JanC	well, if you have a mail client, you can always mail scripts and save them ;-)	06:39
giovani	twb: why would I have oowriter or nautilus on a server?	06:39
twb	giovani: this is on the desktop	06:39
giovani	oh, why do you care if people write shell scripts?	06:39
twb	The server I have managed to prevent them putting x on at all, thank the gods.	06:39
twb	giovani: like I said, layers and layers of cruft	06:39
giovani	but why do you care?	06:40
twb	If they can write their own sh scripts, they are one step closer to getting root on the local desktop.	06:40
giovani	what is the shell script going to do?	06:40
giovani	uh	06:40
giovani	that's just false	06:40
twb	Once they get root on the local desktop, they can remove the local firewall	06:40
giovani	this is a disconnected chain of events	06:40
giovani	anything you can write in a shell script file can be written directly into a bash shell -- trying to prevent them from writing to a file is foolish and simply security theater	06:41
giovani	there's nothing in a shell script that's dangerous	06:41
twb	They have no tty, so they can't run bash interactively.	06:41
giovani	it's just a series of commands they can type manually	06:41
giovani	twb: they don't have a shell? that's unlikely if they can start x	06:41
twb	They have a shell, they don't have a terminal to run it in.	06:42
giovani	this is a windows-like view on security	06:42
giovani	there is nothing dangerous in a shell	06:42
giovani	please stop this silliness	06:42
twb	That's just one layer.	06:42
giovani	no, it's not a layer	06:42
giovani	it's theater	06:42
giovani	"if they can't -see- the command line, then they clearly can't use it!"	06:42
giovani	it's absurd	06:42
twb	No, it just means it takes them longer to see the output	06:43
giovani	no, it doesn't	06:43
giovani	anyway, why can't I single-user the machine?	06:43
twb	eh?	06:43
giovani	reboot it and place it into single user	06:43
giovani	change the root password, and now I own the box	06:43
twb	Because you'd need to open the case to reset the BIOS password	06:43
giovani	period	06:43
twb	Or to boot it off local media	06:44
giovani	the bios is not related to single user mode	06:44
giovani	the boot manager is	06:44
giovani	most bioses have generic passwords anyway	06:44
twb	The bootloader (pxelinux) does not allow you to change anything on the client side.	06:44
giovani	ok, so I either use a generic bios password, or I pop the jumper	06:44
giovani	now what?	06:44
giovani	I still own the box	06:44
twb	You can't open the case without a torx screwdriver.	06:44
giovani	right, because I can't buy those at any hardware store	06:45
twb	giovani: not if you're in prison	06:45
giovani	you've placed all the wrong security measures	06:45
giovani	oh this is a prisoner-accessed computer?	06:45
giovani	I thought it was just a regular computer in the prison	06:45
twb	As I said initially, this SOE is for remanded prisoners.	06:45
giovani	I don't know what SOE is	06:45
twb	SOE just means a standardized environment	06:46
JanC	twb: considering that prisoners succeed in getting knives, files, mobile phones, drugs, etc., why not a torx screwdriver? ;-)	06:46
giovani	you don't even need a torx screwdriver to take off a torx screw	06:47
twb	JanC: OK, so smuggle in a torx screwdriver AND a hard disk with an OS on it	06:47
ball	Do you use ltsp terminals?	06:47
giovani	a flat piece of metal of the right size will work fine	06:47
twb	ball: no, but something broadly similar	06:47
ball	Sun Ray? ;-)	06:48
twb	ball: custom x86 hardware and a netbootized version of the LTS desktop live CD	06:48
ball	twb: Ah, there you go.	06:49
ball	I'm thinking of rolling out ltsp, but I'm worried about ongoing support.	06:49
twb	ball: I would like to switch to LTSP, but right now it's a little too much effort.	06:49
JanC	twb: honestly, I'm sure this setup is 99.9% secure, but I won't bet any money on it unless it's never used without supervision...	06:50
giovani	heh	06:50
giovani	99.9%?	06:50
giovani	are you smoking crack?	06:50
JanC	no, I'm just making up a number :P	06:50
giovani	it sounds very inadaquately secure	06:51
JanC	and I think it's mostly secure considering most users probably don't know the difference between IE & the internet	06:51
twb	Certainly the system we replaced was a bunch of Windows desktops	06:52
twb	Where some guy's entire job was to go around opening them up, checking for contraband, putting them back together, reinstalling Windows	06:52
JanC	lol	06:52
twb	I would like to spend more time locking it down more, but what we've rolled out is orders of magnitude tighter than what they had	06:53
JanC	and it's probably possible to automaticly detect tampering if you want too	06:54
twb	Yeah, that'd be good.	06:55
uvirtbot	New bug: #427718 in samba (main) "owner of sticky directory cannot delete files created by others" [Undecided,New] https://launchpad.net/bugs/427718	07:35
=== Maelos` is now known as Maelos
=== cjwatson_ is now known as cjwatson
uvirtbot	New bug: #418112 in qemu "qemu-img should give reasons for failing" [Wishlist,In progress] https://launchpad.net/bugs/418112	08:56
PecisDarbs	How to change a limit of UNIX sockets within Ubuntu system?	09:35
PecisDarbs	googling it, but can't find it	09:35
twb	PecisDarbs: man limits?	09:47
twb	man limits.conf, rather.	09:48
twb	But that doesn't seem to cover it, so I guess it's an option in the kernel?	09:48
PecisDarbs	yes	09:52
PecisDarbs	but I can't find it	09:52
PecisDarbs	twb: limits.conf is for files	09:52
twb	Well, it also specifies core size and fork count, for example	09:53
twb	Doesn't matter	09:53
PecisDarbs	it specifies amount of memory how much you can use on socket messages	09:53
PecisDarbs	I think you can create as much sockets as you want	09:54
twb	btw, HOW do you create sockets?	09:55
twb	I couldn't work it out the other day	09:55
PecisDarbs	in application or from command line?	09:56
soren	twb: You just start listening on them.	09:56
twb	soren: I mean when the socket file doesn't exist yet	09:56
soren	So do I	09:56
twb	qemu didn't like that	09:56
twb	e.g. qemu -serial unix:/tmp/x	09:57
soren	twb: It tries to /connnect/, not listen.	09:59
soren	qemu -serial unix:/tmp/x,server	09:59
soren	is what you ant.	09:59
soren	want, even.	09:59
twb	soren: oh, duh, thanks	09:59
twb	As it happens, I found -serial pty was more awesome	10:00
twb	Then connect to it with "screen pts/27"	10:00
=== garymc_ is now known as garymc
* soren lunches		11:25
stas	hi, anybody knows about how can i obtain stats from an apt mirror?	11:35
stas	I have an apt mirror, and would like to see the monthly hits	11:35
=== garymc_ is now known as garymc
Jeeves_	stas: awstats?	12:35
Jeeves_	wc ?	12:35
stas	Jeeves_: I got it nevermind. I used visitors :)	12:38
ahasenack	Sam-I-Am: hey	12:58
ahasenack	Sam-I-Am: are you still having problems with sudo+ldap in karmic?	12:58
uvirtbot	New bug: #427826 in openvpn (universe) "openvpn 2.1~rc7-1ubuntu3.5 bug" [Undecided,New] https://launchpad.net/bugs/427826	13:06
mdeslaur	kirkland: thank you for your manpages.ubuntu.com...I use it every week.	13:22
kirkland	mdeslaur: :-) awesome!	13:22
kirkland	mdeslaur: i have a new one for you, in case you're interested ...	13:23
kirkland	mdeslaur: linuxsearch.org	13:23
kirkland	mdeslaur: helps find resources across several linux distributions	13:23
kirkland	mdeslaur: ie, you can search for a bug, and then narrow that search to ubuntu, fedora, debian, gentoo, etc	13:23
kirkland	mdeslaur: really helps me as upstream maintainer of projects, and ubuntu maintainer of certain packages	13:24
mdeslaur	kirkland: wow...that is _so_ cool	13:24
kirkland	mdeslaur: :-)	13:26
mdeslaur	kirkland: your site?	13:26
kirkland	mdeslaur: yeah	13:26
mdeslaur	cool	13:26
rtg	kees, lool - can one of you guys gimme some MIR review for linux-ec2? bug #427658	13:43
uvirtbot	Launchpad bug 427658 in ubuntu "Main Inclusion Request: linux-ec2" [Undecided,New] https://launchpad.net/bugs/427658	13:43
ScottK	soren: Thanks for quickly following up on my suggestions about mhash. You're correct that the XS-foo doesn't make a practical difference in this case, but from a python packaging best practices case it is preferred to have it there.	13:56
lool	rtg: not even in the archive!	14:10
lool	rtg: And I dont see it in NEW	14:11
Sam-I-Am	ahasenack: not particularly with ldap, but sudo itself... that weird permission denied issue	14:35
ahasenack	Sam-I-Am: ah, so you narrowed it down. I ask because I was just messing around with sudo-ldap yesterday and it's working	14:35
ahasenack	at least for my test case	14:35
Sam-I-Am	yeah	14:35
=== lamont` is now known as lamont
Sam-I-Am	the things i've found broken with ldap enabled in nsswitch.conf (but not necessarily used) are su, sudo, and passwd	14:36
Sam-I-Am	so whether or not i have sudoers: ldap doesnt seem to matter... but passwd: ldap does	14:36
ahasenack	Sam-I-Am: you still using "compat" there? Tried changing it to "files"?	14:37
Sam-I-Am	tried both	14:37
Sam-I-Am	ordering sometimes fixes one or the other	14:38
Sam-I-Am	spent most of last friday banging my head on the desk trying to figure out why my PAM passwd stack wasnt working... turns out passwd could not write /etc/.pwd.lock	14:38
Sam-I-Am	unless i called passwd as root	14:38
Sam-I-Am	which is strange since passwd is suid root	14:39
soren	ScottK: No worries. Thanks for pointing it out.	14:39
smoser	soren, ping.	14:39
smoser	uec/ec2 images failed last night.	14:40
uvirtbot	New bug: #427873 in qemu-kvm (main) "Please enable vde support" [Wishlist,New] https://launchpad.net/bugs/427873	14:41
smoser	package dependency problems	14:41
smoser	http://pastebin.com/f6e968b36	14:41
soren	smoser: We should be shipping the euca2tools anyway.	14:42
smoser	well the issues are greater than that	14:42
smoser	ruby is not able to be installed? curl? upstart?	14:43
soren	I would't worry that much about it. Archive inconsistencies are not rare in development releases.	14:44
smoser	i will agree that we should ship euca2ools	14:45
smoser	i wouldn't have noticed other than i was hoping to put a new set of images up with the new kernels	14:45
ScottK	smoser: You can always check http://people.canonical.com/~ubuntu-archive/testing/karmic_probs.html and if you see the same issues there (e.g. upstart in this case) you know this issue isn't unique to your images.	14:48
smoser	ScottK, thanks for that link	14:49
soren	I don't believe that's the issue we're seeing, really. I don't think only main is enabled at that point of the ubild.	14:52
soren	build,even.	14:52
soren	smoser: I can't see what else it would be, though.	14:58
smoser	soren, i'm going to re-try here in a bit from my account	14:58
soren	smoser: alright. chances are it will just work.	14:59
smoser	yeah.	14:59
smoser	soren, please look at that bug i requested sponsorship of . it currently is marked as alpha6 milestone	14:59
soren	smoser: Can you push them as branches on Launchpad? That makes my life so much easier.	15:01
smoser	soren, yeah, easy enough	15:02
smoser	let me do that.	15:02
soren	smoser: ta	15:05
uvirtbot	New bug: #427842 in openldap (main) "[karmic] frontend DB needs ACLs for base="" and cn=schema" [Wishlist,Triaged] https://launchpad.net/bugs/427842	15:11
ruben23	hi anyone used zimbra opensource email system.	15:15
smoser	soren, branches for karmic and trunk attached to bug 420581	15:18
uvirtbot	smoser: Bug 420581 on http://launchpad.net/bugs/420581 is private	15:18
smoser	well pfft to you uvirtbot	15:18
niemeyer	Morning guys	15:18
* ball waves		15:19
niemeyer	soren: Does this ring any bells:	15:19
niemeyer	$ euca-describe-images	15:19
niemeyer	Warning: failed to parse error message from AWS: <unknown>:1:0: syntax error	15:19
niemeyer	EC2ResponseError: 403 Forbidden	15:19
smoser	niemeyer, what do you have for EC2_URL ?	15:22
niemeyer	smoser: Some background: this was working fine, and it suddenly stopped working	15:23
niemeyer	smoser: No changes in the configuration or anything	15:23
niemeyer	If I login to the admin interface, it works..	15:25
niemeyer	I then ask for a credentials zip file, and it returns a 0 bytes file	15:25
rtg	lool, its never been clear to me that you're supposed to upload a package prior to MIR review. will do so now.	15:25
smoser	niemeyer, so this is not ec2. i didn't know if you were talking ec2 or uec/eucalyptus	15:26
niemeyer	smoser: Oh, yeah, it's Eucalyptus indeed	15:26
lool	rtg: The process is a) upload source b) NEW source and binary c) MIR d) seed e) promotion	15:27
lool	rtg: The problem with MIRing stuff in NEW or out of archive is that the uploaded thing can differ and we cant even compare them	15:28
rtg	lool, ok, it'll be uploaded in a bit	15:28
lool	What did you expect me to review exactly? :-)	15:28
rtg	lool, well, slangasek wanted an MIR before I uploaded the ec2 kernel package. pro forma?	15:29
lool	Odd	15:29
lool	slangasek: ^ I dont understand how we're supposed to review such a MIR	15:29
rtg	lool, linux-ec2 uploaded	15:31
lool	rtg: I prefer getting to it when it's through NEW in case it gets rejected + reuploaded	15:31
lool	I dont think there's any hurry anyway; we can promote before MIRing	15:32
rtg	ok, its the server dudes taht are hot for this	15:32
lool	Yeah the server team certainly knows how to keep us busy with MIRs ;-)	15:33
zul	lool: sorry	15:34
zul	my bad	15:34
lool	zul: Eh I'm just kidding	15:35
lool	It's certainly right to file MIRs	15:35
zul	lool: yeah so am i	15:35
KRyPTyK	Good morning all! Does anyone have experience with FOG imaging on Ubuntu Server?	15:42
smoser	soren, i'm hitting the same error now as the nightly hit earlier	15:48
soren	smoser: Interesting.	15:48
smoser	or a bummer, depends on how you look at it	15:48
smoser	its definitely not a universe/multiverse-not-enabled issue	15:50
smoser	ec2-ami-tools is in multiverse	15:50
soren	Precisely.	15:50
smoser	ruby is in main	15:50
soren	Oh!	15:50
soren	I know what's wrong.	15:50
soren	Look further up in the build log	15:50
soren	2009-09-11 05:12:42,243	15:50
smoser	yep	15:51
soren	It's the upstart thing.	15:52
soren	It'll get fixed shortly. No doubt.	15:53
slangasek	lool: you're supposed to decide whether it's reasonable to add another kernel source package to main, because I don't want that on me :)	15:53
lool	A trap.	15:55
lool	I'll pretend I dont know what linux-ec2 til I'm forced to keep my eye lids open	15:56
smoser	ec2 is a trap. there is no doubt about that	15:56
smoser	jjohansen1, are we to have the karmic-kernel/ec2 status meeting in 3 minutes here?	15:57
jjohansen1	smoser: yes	15:57
zul	succobus	15:57
zul	hey rtg	15:58
rtg	zul, dude	15:59
soren	smoser: I thought those were at 1700 UTC?	16:00
jjohansen1	it is 16:00 UTC shall we begin the EC2 kernel status meeting	16:00
soren	jjohansen1: No,it'snot.	16:01
jjohansen1	soren: no, I messed up the mail, and put 16:00 GMT but we are doing 16:00 UTC	16:01
soren	That's an hour from now.	16:01
soren	Really	16:01
jjohansen1	ah, my bad. I am messed up	16:01
smoser	well i helped	16:01
smoser	sorry	16:01
soren	Who's representing the server team at the release team meeting?	16:01
jjohansen1	np.	16:02
apw	16:00 GMT == 16:00 UTC by definition	16:02
* smoser lifts soren's hand		16:02
jjohansen1	we should just do the meeting now, so it doesn't conflict with the release team meeting	16:02
soren	smoser: Gah, I hate that.	16:02
apw	th release meeting is now	16:02
soren	jjohansen1: Hahah.	16:03
soren	jjohansen1: Dude.	16:03
soren	jjohansen1: The release team meeting is now.	16:03
jjohansen1	apw: hrmm, for some reason I thought that was an hour later	16:03
jjohansen1	ah the joys of pain	16:03
* soren puts "A UTC clock for jjohansen1" on his shopping list for christmas		16:03
jjohansen1	and still being half asleep	16:03
apw	nope they are both the same, we are however on BST right now, which means 16:00 GMT/UTC re now +1	16:03
jjohansen1	apw: right, that is part of what messed me up	16:04
smoser	apw, strictly UTC is an atomic time scale which only approximates GMT with a tolerance of 0.9 second.	16:05
smoser	just to be a jerk	16:05
apw	they are however in the same timezone :)	16:05
jjohansen1	hehe	16:05
apw	and utc is of course french so we have to hate it	16:06
tarvid	vsftpd 530 Login incorrect. problem	16:06
tarvid	jaunty	16:06
tarvid	user has a local account with shell /bin/false	16:07
tarvid	is this a pam problem?	16:08
zul	yes	16:09
zul	apw: the french hate everything	16:09
apw	very true	16:09
tarvid	any way to use local auth?	16:10
soren	smoser: I actually haven't tested whether we can boot now with no user-data. Have you?	16:14
smoser	no. its on the list today to publish a karmic nightly and use new karmic kernels also	16:15
soren	smoser: I've tested the bits and pieces unit test style,but not a full "intregration test".	16:15
smoser	yeah	16:15
smoser	soren, you have suggestions on http://pastebin.com/f33bc2571	16:17
smoser	thats from a attempt at a hardy build	16:17
soren	smoser: The hardy builds need the ppa to work.	16:18
smoser	i hate nectarine	16:19
smoser	i knew it needed the ppa, but didn't think about the fact that it couldn't get there	16:19
smoser	soren, maybe you can explain to me why (back to the karmic build failure)	16:21
smoser	['/usr/sbin/debootstrap', '--arch=i386', 'karmic', '/tmp/vmbuilderxwUgID/root', 'http://archive.ubuntu.com/ubuntu']	16:21
smoser	would return success, after "Failure while configuring base packages."	16:21
smoser	seems like that is wrong	16:21
soren	Because debootstrap only pulls from main, and right now, upstart has a dependency in universe.	16:21
smoser	i didn't ask why it would fail	16:22
soren	oh,sorry :)	16:22
smoser	i asked why it would fail and return success	16:22
soren	Oh,sorry, started typing after your first line :)	16:22
smoser	does debootstrap have general issues like that ?	16:22
soren	I'm not sure. I'd ask Colin.	16:22
soren	Well, no, I would probably stare at code for a few hours, but I /should/ ask Colin :)	16:23
smoser	the scary thing is if apt is returning success to debootstrap	16:23
smoser	as thats a largeer problem	16:23
soren	smoser: debootstrap does not use apt.	16:29
smoser	oh. wow.	16:29
soren	smoser: It's the thing that installs apt :)	16:29
smoser	i figured it installed apt, then started using it	16:29
soren	No. Once apt works, debootstrap is done.	16:30
soren	(de facto, not de jure)	16:30
niemeyer	ARGH	16:50
niemeyer	Eucalytpus stopped again.. :-(	16:50
soren	Which part of it?	16:50
niemeyer	soren: The same error I mentioned about euca-describe-images	16:51
niemeyer	soren: I can't manage to bring it back to a usable state after this	16:51
soren	niemeyer: How'd you fix it last time? Reinstall?	16:52
niemeyer	soren: Yeah, remove, rip everything off, reinstall	16:52
soren	niemeyer: All components or only cloud controlleR?	16:53
soren	niemeyer: Can you check if your cluster controller is running?	16:53
soren	niemeyer: And node controller?	16:53
niemeyer	soren: Hmm	16:55
niemeyer	soren: Only cloud controller.. I've only got it running	16:55
niemeyer	soren: Or rather, only what /etc/init.d/eucalyptus-cloud starts	16:55
soren	niemeyer: Oh.	16:56
soren	niemeyer: Then I'm not sure, really.	16:56
niemeyer	soren: They continue running, but wedged	16:56
niemeyer	soren: I can login to the admin interface, for instance	16:57
soren	niemeyer: They?	16:57
macrocosm	Anyone have a tip on the safest way to email blast my leads without getting my IP blacklisted? I have a legitimate cleaned list but still precautions are always good with email ..something that breaks it over multiple cron runs would be nice too. Googling came up with a bunch of junk	16:57
niemeyer	soren: But if I ask for my credentials, it returns an empty file	16:57
niemeyer	soren: Yeah, there are multiple things running (ports 8443, 8773, 9001)	16:57
niemeyer	soren: Ok, I'll try to capture someone from Eucalyptus to see if they want to debug it, next time it wedges	16:58
clusty	any of you using puppet to manage confs?	17:01
clusty	i am getting a hell of a time trying to get it running on server 9.04	17:02
clusty	godamn certs are killing me	17:02
soren	clusty: I use it a little bit.	17:03
clusty	soren, i am getting cert not trusted	17:04
clusty	on client	17:04
clusty	cannot even get the barindead sudoes example running	17:04
soren	Haven't seen that, sorry.	17:04
clusty	got proper dns working on LAN ?	17:04
clusty	curious if that is to be blamed	17:05
uvirtbot	New bug: #424459 in eucalyptus (main) "Temporary file vulnerability in euca_conf" [Low,Triaged] https://launchpad.net/bugs/424459	17:06
* soren dinners		17:14
smoser	soren, so if we put lib6-xen into ec2 images, i would presume some negative affect on said images as kvm	17:14
smoser	i'm guessing conflict with libc6	17:15
clusty	do you guys use clusterssh?	17:40
cemc	clusty: cssh ? I did a little bit	17:41
clusty	cemc, i cannot get it running	17:41
cemc	what does it say?	17:41
cemc	it needs X	17:41
clusty	crap. now i don;t have vnc running	17:41
clusty	sec	17:41
clusty	cemc, well first of all how do i specify list of machines i want to ssh into?	17:43
cemc	clusty: cssh machine1 machine2 ...	17:43
cemc	then it will open 1 command window, and one window for every machine	17:43
Hypnoz	I'm not sure exactly what clusterssh does, but I use a tool called DSH to run commands on large groups of servers at once	17:44
Hypnoz	its easy, $ dsh -f allmachines.list -- 'command'	17:44
Hypnoz	then it runs the command on every machine in the list	17:44
clusty	Hypnoz, works as you type?	17:45
Hypnoz	not sure what that means	17:45
clusty	cemc, warning unkown host <IP>	17:45
clusty	Hypnoz, i mean is like demultiplexing keyboard	17:45
clusty	typeing in 10 windows at once	17:46
Hypnoz	oh, no	17:46
Hypnoz	its just for sending one time commands to remote machines, its not streaming	17:46
cemc	clusty: unknown host? it mean you didn't specify the hostname correctly I guess	17:47
ScottK	cemc: You probably saw, the qpsmtpd backport got done, so I think we are all up to date now.	17:48
vlazar_	cemc, WARNING: unknown host 192.168.0.201 (see -i switch, or ignore_host_errors in .csshrc) - ignoring	17:48
clusty	that is me :D	17:48
clusty	this is from both the command line	17:49
clusty	and cloicking add host	17:49
cemc	clusty: I don't use any .csshrc, I just run the command like this: cssh host1 host2 hostn	17:50
clusty	cemc, me neither	17:50
clusty	anyways fok it	17:51
clusty	my patience is thin today	17:51
clusty	thanks for help	17:51
cemc	should work and it's really nice, IF you have a bunch of really similar servers	17:51
clusty	cemc, they are identical	17:51
clusty	:D	17:51
clusty	9 of them	17:51
cemc	because every keystroke gets replicated to every server	17:51
cemc	ScottK: yep, I saw, nice ;) I'll look at the php stuff this weekend	17:53
jmedina	morning	17:53
clusty	moin	17:53
Hypnoz	would be nice if there was a tool like that for command line	17:58
Hypnoz	instead of being a gui tool	17:58
cemc	it would be harder to display all the server'	18:00
cemc	s terminals ;)	18:00
clusty	a small question: what is the permission number for this mode?	18:22
clusty	-rw-r--r--	18:22
clusty	?	18:22
smoser	jjohansen1, zul either of you have a minute to poke at bug 427288 ?	18:22
clusty	u+wr a+r :D	18:22
uvirtbot	Launchpad bug 427288 in linux "Karmic i386 EC2 kernel emulating unsupported memory accesses" [High,Triaged] https://launchpad.net/bugs/427288	18:22
zul	smoser, jjohansen1 was working on it	18:23
smoser	well, the plan was for me to test if simply installing libc6-xen fixed it. and it doesn't. i definitely have it installed, but it appears to not be being picked up. at least not used by the init process	18:24
smoser	wanted to see if either of you wanted to poke at the system and maybe find out why	18:24
erichammond	smoser: Did you also remove -i686 and add the nosegneg thing?	18:25
erichammond	er, remove libc6-i686	18:25
smoser	neither.	18:26
smoser	:)	18:26
erichammond	I got to the instructions in ec2ubuntu-build-ami through years of research, tips from others, and trial and error. I don't always remember which statements fix which problems.	18:26
smoser	yeah. hopefully we dont have to remove libc6-i686	18:28
erichammond	For a long time I used to remove /lib/tls but then one day a simple apt-get upgrade broke the system: http://groups.google.com/group/ec2ubuntu/browse_thread/thread/1a3fd33f04766361/8f82524bd298a4a2	18:29
erichammond	Please make sure that the sample perl command in that message works with the solution you end up with or things will be broken.	18:30
smoser	erichammond, thats a great post, thanks.	18:33
apw	smoser, the divert stuff at the end is also interesting	18:34
uvirtbot	New bug: #277114 in vsftpd (main) "vsftpd quits when there's no working internet connection" [Undecided,Invalid] https://launchpad.net/bugs/277114	18:41
niemeyer	soren: Do you know where libomxmlsec was moved to (was in librampart in 9.04)	18:44
domas	hiii! what is the easiest way to reseed random?	18:45
domas	whatever I do, gpg seems to wait for random stuff forever	18:46
domas	'reseed' in a loop doesn't help (it just sets urandom as far as I understand)	18:46
uvirtbot	New bug: #271555 in vsftpd (main) "vsftpd: hard coded /home/ftp install breaks in NFS environment" [Undecided,Fix released] https://launchpad.net/bugs/271555	18:46
uvirtbot	New bug: #308946 in vsftpd (main) "GnuTLS error" [Undecided,Incomplete] https://launchpad.net/bugs/308946	18:46
* domas looks at sysctls		18:46
domas	hmmm, apt-get install rng-tools	18:49
domas	rngd -r /dev/urandom \o/	18:50
Hypnoz	could you reseed random by tail -f /dev/urandom ?	18:51
Hypnoz	hmm doesn't work like I thought it would	18:52
Hypnoz	cat /dev/urandom does though	18:52
Hypnoz	that rng-tools looks interesting if i used /dev/random for anything	18:54
erichammond	apw, smoser: The xen-divert-tls-libc approach requires the user to always use that command to do upgrades which is not an acceptable solution to force on unsuspecting EC2 users.	18:57
apw	erichammond, not sure it does, doen't it only go wrong if we add files to libs	18:57
apw	libc? i would expect it to mean when you see the libc files installing shove them over here instead	18:57
smoser	that was my understanding (obviosly either my read of it or the doc could be wrong)	18:58
erichammond	apw, smoser: The problem is that upgrades to libc6 can restore /lib/tls breaking the system. The divert approach requires you to know this is going to happen and run a command before and after upgrading libc6.	19:00
uvirtbot	New bug: #427553 in bind9 (main) "bind9 fails to start on boot" [Undecided,New] https://launchpad.net/bugs/427553	19:01
* apw tries to imaging uvirtbot on #u-k ... it'd be like a torrent		19:01
smoser	"But if a libc upgrade contains a new file for /lib/tls"	19:02
erichammond	smoser: Fair 'nuff.	19:02
erichammond	Still requires the user to know what's going on in a system that is not configured like normal Ubuntu.	19:03
=== rickspencer3 is now known as rickspencer3-afk
smoser	erichammond, the interest in it is because i really dont want to uninstall libc6-i686. right now our ec2 images are identical for ec2 and uec. that would penalize uec (i'm not exaclyt sure of the effects, but at very least, libc6-i686 is part of "ubuntu-minimal" metapackage which the images are installing at the moment	19:05
smoser	i'm not sure how likely a libc upgrade including a new file in /lib/tls is over a given release (ignoring change-in-release upgrades at the moment)	19:06
smoser	ec2 networking is completely random	19:06
smoser	i do a wget of a file, and i get ~ 300k or something. then, using axel, it sustains better than 1.5M for 500M file	19:07
erichammond	smoser: A year ago a simple "apt-get upgrade" broke Hardy servers on EC2. It wasn't my favorite time.	19:08
smoser	well, for some of the threads at least	19:08
=== TeLLuS_ is now known as TeLLuS
smoser	erichammond, zul do you have any ideas why canonicals hardy images do not have this issue ?	19:08
zul	because its using libc6-xen	19:09
erichammond	smoser: If Xen needs something different from KVM, then you may need different images.	19:09
_nofear	Hi guys, does anyone know a good tutorial on what configuration must be done to authenticate a user in an OpenLDAP server?	19:09
smoser	erichammond, well, yeah, but thats what we're trying to avoid :)	19:09
erichammond	Or different bootup	19:09
erichammond	nah, that's probably impossible with libc6	19:10
mushroomblue	_nofear: do you have the server already set up?	19:13
_nofear	mushroomblue: yes, I can authenticate Windows users with Samba already.	19:15
Hypnoz	I forgot which link got me there, but I went through these 4	19:16
Hypnoz	http://beginlinux.com/server_training/server-managment-topics/1016-ldap-server-on-ubuntu-804	19:16
Hypnoz	http://linuxadministration.us/2008/05/17/ubuntu-804-hardy-ldap-client/	19:16
Hypnoz	http://www.linuxhomenetworking.com/wiki/index.php/Quick_HOWTO_:_Ch31_:_Centralized_Logins_Using_LDAP_and_RADIUS	19:16
Hypnoz	http://www.aselabs.com/articles.php?id=246&page=2&asesessid=fb756c0d4961f3f258c9927563f326f84cc89783	19:16
mushroomblue	that'll do.	19:16
_nofear	Hypnoz: thanks very much :)	19:16
Hypnoz	the crappy part is the PAM files	19:16
Hypnoz	if you don't set them up EXACTLY right, it fails	19:17
_nofear	Hypnoz: That's exactly where I think I'm losing it.	19:17
mushroomblue	yeah. that's my current issue.	19:17
mushroomblue	you'd think someone would provide an updated LDAP howto that doesn't rely on slapd.conf	19:18
Hypnoz	yep, i set up pam over and over in VM's till i got it working clean, it took forever	19:18
mushroomblue	since it's now been deprecated.	19:18
mushroomblue	"Ubuntu 7.10 was a nightmare when it came to setting up ldap"	19:19
mushroomblue	lol. it's still a nightmare.	19:19
Hypnoz	truth	19:19
_nofear	Actually I gave setting this on Ubuntu, I'm using Debian 5 now.	19:20
_nofear	*gave up	19:20
uvirtbot	New bug: #425993 in samba (main) "Windows Network in Karmic" [Undecided,Incomplete] https://launchpad.net/bugs/425993	19:20
domas	hypnoz: I have no idea why 'cat /dev/urandom > /dev/random' didn't work :)	19:23
uvirtbot	New bug: #399199 in samba (main) "fstab cifs mounted drive won't write" [Undecided,New] https://launchpad.net/bugs/399199	19:25
uvirtbot	New bug: #238684 in virt-manager (universe) "[patch?] alt-gr does not work inside kvm debian terminal" [Medium,Confirmed] https://launchpad.net/bugs/238684	19:26
uvirtbot	New bug: #386372 in openssh (main) "sshd fails to execute PAM session modules on logout." [Undecided,New] https://launchpad.net/bugs/386372	19:36
soren	niemeyer: I believe it's built into librampart or some such now.	19:39
niemeyer	soren: Hmm.. euca 1.6 seems to depend on it still	19:40
smoser	soren, quickliy glance at bug 426424 . you have opposition to that ?	19:41
uvirtbot	Launchpad bug 426424 in vmbuilder "need md5sums created for uec-images" [Medium,Triaged] https://launchpad.net/bugs/426424	19:41
NCommander	anyone here a SPARC wizard :-)?	19:41
soren	niemeyer: Upstream, yes.	19:43
soren	niemeyer: In Ubuntu, it shouldn	19:43
soren	t.	19:43
soren	niemeyer: We carry a patch to fix that.	19:43
niemeyer	soren: Yeah, sorry, this was me trying to install from source to get a working environment somehow	19:43
soren	niemeyer: There's a patch in the ubuntu source package. It uses quilt. Do you know how to find it?	19:44
niemeyer	soren: I do, thanks. I've just grabbed the apt-get source from it	19:45
Hypnoz	_nofear:: are you still here, and interested in seeing how I set up my pam.d files for ldap?	19:45
zul	NCommander: i used to be but that probably wont help you now	19:45
soren	niemeyer: Alright, cool.	19:45
niemeyer	soren: I got Neil giving a hand now, so will wait to see how this goes	19:45
_nofear	Hypnoz: that sure won't hurt :)	19:45
NCommander	zul, you know if a sunfire can be forced into proper TFTP booting?	19:45
soren	niemeyer: IIRC, it's the debian/patches/04* one.	19:46
NCommander	zul, I just had a kernel panic (or something) occur during a dist-upgrade, and the machine won't boot now	19:46
Hypnoz	i'll paste them somewhere and link it to you, one sec	19:46
zul	NCommander: stop-a doesnt work anymore?	19:46
NCommander	Its a v120	19:46
NCommander	zul, I can get into the PROM	19:46
NCommander	zul, but it doesn't seem to want to talk to my TFTP server	19:46
niemeyer	soren: Btw, I've reported the crazy behavior at #428010, just to keep track of it	19:46
zul	NCommander: not sure :(	19:46
NCommander	I can't remember how I forced Ubuntu onto it before (I had issues with this sunfire at installation)	19:46
* NCommander is trying to fix ubuntu karmic on sun		19:46
soren	bug 428010	19:47
NCommander	Its a pity I didn't fix it BEFORE my SPARC decided to die	19:47
uvirtbot	Launchpad bug 428010 in eucalyptus "Eucalyptus cloud controller stops working suddenly" [Undecided,New] https://launchpad.net/bugs/428010	19:47
zul	NCommander: i got rid of my sparc's or more specific my wife got me to get rid of them	19:47
NCommander	zul, they can be load :-/	19:47
NCommander	The problem is my sunfire is the only thing that can do TTL serial, so I need IT to talk to an ARM development board I have	19:48
zul	NCommander: especially when I had two sitting on my desk	19:48
soren	smoser: Looks good to me.	19:48
smoser	i do have one change to make to it	19:48
smoser	i really, really hate sh -e	19:48
smoser	in sh -e, the following is happily ignored:	19:48
smoser	( false )	19:48
smoser	it can be fixed / worked around by:	19:49
smoser	( false ) \|\| false	19:49
smoser	so i'll append '\|\| false' to the end of those 2 gzip lines	19:49
soren	smoser: That changed in bash recently, actually.	19:51
smoser	changed to doing what it should you mean ?	19:51
soren	Yes.	19:51
smoser	someday i will fix that script (and others) to not use sh -e, but rather check and give error output themselves.	19:52
soren	It happened to stumble upon this when debugging a kernel build issue with rtg last week.	19:53
soren	"Last week"? Was it really last week?	19:53
soren	It seems like a distant memory.	19:53
smoser	i'm surprised they would intentionally change something like that	19:54
Hypnoz	_nofear:: http://pastebin.com/d75fdac87	19:54
Hypnoz	I know there's some stuff I'm missing, but if you have the server set up right, http://linuxadministration.us/2008/05/17/ubuntu-804-hardy-ldap-client/ should go a long way to getting some stuff resolved	19:54
soren	smoser: They decided that the old behaviour was wrong.	19:55
soren	smoser: I'm looking up the changelog entry.	19:55
smoser	and anyone who depended on it should now be broken :)	19:56
_nofear	Hypnoz: alright, thanks very much. I'll take a look, I guess I'm missing something to set on these files.	19:56
soren	smoser: l. Changed behavior of shell when -e option is in effect to reflect consensus of Posix shell standardization working group.	19:56
smoser	ah. wow.	19:56
smoser	so in theory dash should change too	19:56
soren	smoser: dash will likely follow suit given the context.	19:56
soren	right.	19:56
soren	Eventually.	19:56
smoser	change pushed.	19:58
=== rickspencer3-afk is now known as rickspencer3
uvirtbot	New bug: #334588 in samba (main) "Don't get write permissions via smbmount on XP-Server, when the shared-folder-name has spaces" [Undecided,Incomplete] https://launchpad.net/bugs/334588	20:16
J_P	Hi all..	20:17
J_P	People, I install ubuntu server 9.04. and after install xorg and icewm. well, startx works ok. But resolutions are there in 1024x768, and I would like 800x600. But /etc/X11/xorg.conf is empty. where are the Xorg configurations ?	20:18
J_P	anyone ?	20:20
ScottK	J_P: It's off topic for ubuntu-server as we don't ship X.	20:22
KillMeNow	http://ubuntuforums.org/showthread.php?t=83973	20:22
KillMeNow	check that out	20:22
KillMeNow	does that help?	20:22
smoser	soren, on nectarine, can you update your automated-ec2-build directory ? you're at revision 5 and current is 7	20:57
smoser	2 things missing are md5sums and --lock-user	20:57
soren	Feel free to do so yourself.	20:57
soren	I'm about to head out.	20:58
soren	Oh, right. You can't really, can you?	20:59
soren	smoser: Done.	20:59
* soren calls it a day (and week)		20:59
smoser	well, i can...	20:59
smoser	just have to ask sudo :)	20:59
smoser	figured i'd be nice	21:00
bobg	i am setting up a ldap server in jaunty and I am not finding much information about the new openldap /etc/slapd.d/ config method that jaunty uses by default.	21:24
bobg	does anyone know of a "how to " on configuring openldap in jaunty?	21:25
=== ahasenack is now known as andreas-away
bobg	there are lots of how to's for older Ubuntus but that do not seem to apply any more	21:27
=== andreas-away is now known as ahasenack
ahasenack	mathiaz: fwiw, I just updated openldap-dit to use cn=config	22:02
mathiaz	ahasenack: cool - thanks	22:03
ahasenack	mathiaz: sample run in karmic: http://pastebin.ubuntu.com/269401/	22:03
ahasenack	it was fun	22:04
mathiaz	ahasenack: cool	22:04
ahasenack	mathiaz: did you know that ldapdelete is not supported in cn=config?	22:04
mathiaz	ahasenack: where are the admin tools now?	22:04
mathiaz	ahasenack: hm - I thought so	22:05
ahasenack	mathiaz: hmm, admin tools...?	22:05
ahasenack	mathiaz: yeah, something to keep in mind and document, I may do it	22:05
mathiaz	ahasenack: like - how do I add a user to this directory?	22:05
mathiaz	ahasenack: a group?	22:05
mathiaz	ahasenack: add a user to a group?	22:05
ahasenack	mathiaz: I will use smbldap-tools	22:05
ahasenack	mathiaz: the structure is empty, it should be straight forward to use almost any tool out there, bar the "big" ones that want to take over the directory	22:06
mathiaz	ahasenack: how would you manage the sudoer entries?	22:06
ahasenack	mathiaz: ldapvi, apache directory studio, luma, gq	22:06
ahasenack	mathiaz: not sure how a wrapper would look like, given that the official sudo admin tool is visudo	22:07
ahasenack	i.e., a plain text editor	22:07
bobg	how do you read the .gz files in the /usr/share/doc/... folders?	22:12
ahasenack	bobg: less reads them	22:14
bobg	ahasenack, thanks. It never ocured to me that less would decompress gz files. Thats a a lot easier that gunzup -> nano -> gzip :)	22:23
ahasenack	welcome	22:23
ahasenack	bobg: there is also zless in some distributions	22:23
=== domas is now known as _3^3
=== rickspencer3 is now known as rickspencer3-afk
uvirtbot	New bug: #419590 in qemu-kvm "kvm core dump on hotplug (pci_add)" [Wishlist,Triaged] https://launchpad.net/bugs/419590	22:31
tlyng	hmm, i'm reading up on eucalyptus, ubuntu and ec2. I'm pretty new with cloud computing, but do understand some of the terminology :) Amazon offer an EBS storage solution, what is Eucalyptus / Ubuntu's equivalent?	22:31
Hypnoz	anyone know if M$ office can open an openoffice drawing file	22:42
uvirtbot	New bug: #237635 in qemu (main) "qemu mouse and keyboard grab is an accessibility problem" [Medium,Triaged] https://launchpad.net/bugs/237635	22:46
ahasenack	mathiaz: the karmic bind9 package is using the so called "dlz ldap" implementation/patch?	22:55
ahasenack	mathiaz: have you ever used the bind9 ldap backend?	22:55
mathiaz	ahasenack: I don't know	22:55
mathiaz	ahasenack: I've never used it	22:56
ahasenack	ok	22:56
uvirtbot	New bug: #331331 in qemu "Non-root guest doesn't have permission to access sys-fs USB devices" [Wishlist,Won't fix] https://launchpad.net/bugs/331331	22:56
clusty	got a small question: how can one install sun-java6-bin unattended?	23:12
clusty	cause it bugs me about accepting license	23:12
Hypnoz	get one of those rocking things with the water inside, and have it keep falling down and pecking on the Y key	23:14
Hypnoz	I guess you would need two, one for Y and one for Enter, slightly staggered of course	23:14
erichammond	Not sure who's building the EC2 images these days but had a suggestion for the manifest prefix which is currently: canonical-alphas-us/karmic-i386-alpha5.1.manifest.xml	23:14
erichammond	Please include (1) the word "ubuntu" so that folks can find it when they search for that keyword, and (2) the date that the image was built so that folks know how fresh it is.	23:15
ahasenack	mathiaz: https://bugs.launchpad.net/ubuntu/+source/bind9/+bug/227344 (which has a patch) is needed for ldap support in bind9	23:15
uvirtbot	Launchpad bug 227344 in bind9 "bind-dlz and ldap api: invalid use of "%" character" [Undecided,Confirmed]	23:15
mathiaz	lamont: ^^? does it make sense to include the patch?	23:16
clusty	Hypnoz, not gonna work :D	23:16
clusty	puppet needs to install package remotely	23:17
erichammond	Ideally, all of these images would be using exactly the same format so that it is easy to scan down a sorted list and find the appropriate one. Here's a proposed format: ubuntu-9.10-karmic-20090911-alpha5.1	23:17
lamont	mathiaz: I've been waiting for upstream to fix it	23:17
mathiaz	ahasenack: seems that poking upstream would get it included in debian/ubuntu	23:18
lamont	mathiaz: I suppose I could also push it upstream	23:18
ahasenack	mathiaz: the bug history shows that has not been working :)	23:18
lamont	ahasenack: upstream refusing to accept it is a reason for me to choose to not diverge from upstream	23:19
ahasenack	lamont: is dlz part of upstream? It's in contrib, no?	23:19
ahasenack	lamont: and did upstream actually refuse?	23:19
lamont	it's in the upstream tarball, in contrib - I didn't pull it from anywhere	23:19
lamont	dunno if I've even ever asked	23:19
lamont	my presumption being that dlz upstream was, you know, taking care of the code they'd gotten into the ISC distribution	23:20
lamont	but yeah, history would tend to indicate that the code is being ignored	23:20
ahasenack	lamont: I find it odd anyway. ./configure has an option to use it, but it's in contrib/	23:20
ahasenack	lamont: so, it is in the code, but at the same time isn't	23:21
lamont	contrib _is_ part of the code. It's just explicitly not managed by ISC	23:21
ahasenack	let me check how the real upstream for dlz is	23:21
lamont	anyway, long week, runny nose, tired and almost thinking. so... --> bed for now	23:22
* ahasenack downloads from sourceforge		23:22
ahasenack	lamont: fwiw, the real upstream didn't apply the patch either, that makes one wonder how well maintained this is	23:23
uvirtbot	New bug: #341682 in qemu "Block I/O crashes after migration" [High,Fix committed] https://launchpad.net/bugs/341682	23:46

Generated by irclog2html.py 2.7 by Marius Gedminas - find it at mg.pov.lt!