/srv/irclogs.ubuntu.com/2009/09/28/#ubuntu-server.txt

=== dendro-afk is now known as dendrobates
uvirtbotNew bug: #437881 in mysql-dfsg-5.0 (main) "fail" [Undecided,New] https://launchpad.net/bugs/43788100:31
jonokirkland, hey01:40
=== erichammond1 is now known as erichammond
golem_during the install i chose 'automatic updates' - where is that configured if i wish to change to manual updates?02:22
jmarsdendpkg -L unattended-upgrades    will show you all the files.  The one to edit to quickly disable them is probably /etc/apt/apt.conf.d/50unattended-upgrades02:24
golem_gotcha, thanks02:24
jmarsdenNo problem.02:24
golem_i just commented out jaunty-security02:25
jmarsdenIf you know you don't want it, sudo apt-get purge unattended-upgrades   will do the trick cleanly :)02:26
golem_ah cool, so i can just apt-get update/upgrade02:26
jmarsdenOf course; the unattended-updates package effectively scripts doing that on a regular basis.02:27
=== monteith is now known as monteith_afk
=== monteith_afk is now known as monteith
aubrehow's the cureent state of karmic eucalyptus? thinking of updating when I go to work tomorrow03:07
=== monteith is now known as monteith_afk
uvirtbotNew bug: #437944 in samba (main) "Samba session request failure when using IP address" [Undecided,New] https://launchpad.net/bugs/43794405:16
=== erichammond1 is now known as erichammond
=== erichammond1 is now known as erichammond
darksmacok guys new to ubuntu server was wondering if any one has had any experience installing crda07:15
darksmaccomming aross an issue with it stating that i dont have a supported version of libnl and i have installed libnl1-1.1-307:16
Anirban1987I want to host a game server on my VPS08:06
=== gamla_ko2san is now known as gamla_kossan
clawguten morgen ich bin auch der suche nach nem tool, dass meinen netzwerktraffic zählt09:04
clawich bezahl nämlich pro megabyte und hätte gerne sowas wie ne monatsübersicht09:04
clawgibts da etwas?09:04
_rubenclaw: asking in english will yield more responses probably .. as for traffic accounting tools, there's tons of those around09:13
maxagazhow to use find to do this "ls -lart", but recursively10:18
maxagaz?10:18
domasmaxagaz: just use 'ls -R'10:19
domasif you want ls functionality10:19
domasyou can also do find ./ -print0 | xargs -0 ls -lart10:19
domasetc10:19
domas:)10:20
maxagazdomas, thanks10:25
maxagazbut the result is not that good with find10:25
maxagazdomas, because files are separated by directory10:25
maxagazdomas, but the good thing is that their full path is shown10:26
cemcis there a simple freespace disk checker package which sends mail when a partition is X % full ? something really simple10:29
Mohammad[B]how i can resolve this problem in apache2 http://paste.ubuntu.com/280284/ please help me12:05
JaggedMohammad[B]: you need to correctly configure apache vhosts, or don't use vhosts.12:13
zulmorning13:01
ochi13:06
ocIs it possible to somehow make aptitude -not ever- install gcj?13:06
oci.e. I have installed sun-java{5,6}-jdk13:07
ocwhen I install tomcat, glassfish, ant, etc I do not want GCJ13:07
ocgcj should never ever ever ever ever come into my OS13:08
octhis is a major issue, not a minor one13:08
VK7HSEoc: well install with '--no-install-recommends" then...13:11
pmatulis(that would be for apt-get)13:12
VK7HSEOh yes forgot to mention that bit! ;)13:12
octhat sort of helps13:13
ochow do I set it as default?13:13
VK7HSEoc: so then use this ... 'sudo apt-get install tomcat --no-install-recommends'13:13
ocI understood that.. how do I set it as default?13:13
oc(can I set it in apt.conf somehow?)13:14
VK7HSEthinks so! ... just having a look through some settings stuff to see...13:14
ocin server mode, that should be default IMHO :)13:15
ocit's ok to be lax in desktop installations13:15
ocbut too much crap on the server will quickly escalate13:15
pmatulisthat option will only prevent "recommends" packages from being installed.  not sure if that is the case here13:16
VK7HSEwell its a defalt inubutnu.. I had a similar grizzle! when I was messing with KDE and i wanted to use firefox 3.5 and it wanted to pull in a heap of stuff from gnome!13:16
pmatulisbut you can make this the default by adding 'APT::Install-Recommends "0";' to /etc/apt/apt.conf13:17
octhanks13:18
VK7HSEpmatulis: Gahh! ya beat me to it ;)13:18
VK7HSEpmatulis: BTW I realised my error yesterday re: the server kernel on i386 (DOH)13:18
ocI traced the deps now.. Seems like java2-runtime-headless asks me to install install gij istead of sun-javaX-jre (which are installed)13:19
oc(and thats just an alias package -- which I find strange)13:19
pmatulisoc: maybe openjdk will be friendlier13:20
ocproblem is, I'm setting up a buildserver, and it'll compile some "very enterprisey (tm)" code that only runs well in particular JDKs :o)13:21
* pmatulis nods13:21
ocwhich I've found is an issue many places Ive worked :>13:22
* oc shrugs13:22
pmatulisoc: how does gij mess you up?13:22
ocI haven't tried yet, but it being installed makes my mind flash for potential errors :)13:23
pmatulis!find gij13:24
ubottuFound: gij, gij-4.3, gij-4.213:24
pmatulis!info gij13:24
ubottugij (source: gcc-defaults (1.78ubuntu1)): The GNU Java bytecode interpreter. In component main, is optional. Version 4:4.3.3-1ubuntu1 (jaunty), package size 1 kB, installed size 36 kB13:24
pmatulisah, only 36kB13:24
pmatulisoc: what release are you running?13:25
ocI don't want to potentially have to spend hours tracing runtime bugs in vastly untested code only to find out thats why13:26
oc9.04 server13:26
pmatuliswhy you say untested?13:26
pmatulisgij is in main which suggests it is very well tested13:27
ocbecause alot of the code that is to be built is sadly untested :)13:27
pmatulisi think you're over-reacting  :)13:27
ocprobably, but still better to be safe that sorry :)13:28
pmatulisif it's an important project then you should have a development box built first13:28
ocI'm installing a new CI server to replace an old Windows-server they've used for a while...13:29
ocit'll be a dev/ci/integration-test/functional test box13:30
VK7HSEI realise that each has their own way of things, but I tend to start with the default that tweak... ;)13:30
VK7HSE*then!13:30
* pmatulis agrees13:30
pmatulisdefault, test, and *then* monkey around13:31
ocI have started with the default13:31
octesting it would take years :)13:31
ocmillions of lines of code :)13:31
* pmatulis doesn't have anything else to add. goes away for a while13:32
VK7HSEbit like me last night (UTC+10) I was jumping up & down cause I couldn't install an i386 server kernel! to be pointed to an article by pmatulis, that pointed me in the right direction! ;)13:32
smoseranyone have time to ubuntu-educate me ?14:28
smoser$ rmadison linux-ec214:28
smoser linux-ec2 | 2.6.31-300.3 |        karmic | source14:28
smoser linux-ec2 | 2.6.31.300.0 |        karmic | amd64, i38614:28
smoseri've 2 questions about that:14:28
smoser1. where does rmadison see the 300.3 source ? http://packages.ubuntu.com/source/karmic/linux-meta-ec2 indicates 2.6.31-300.014:28
smoser2. what causes build of amd64/i386 of the .3 ? how would i go about getting that?14:29
zulhave you done an apt-get updaet?14:38
zulapt-get update even14:38
zulor not14:39
smoserhm... i thought that rmadison was querying remote info. apt-get update doesn't change results for me14:41
Mohammad[B]hi all14:43
Mohammad[B]what is this ? :-s in apache2 please help me for resolving this http://paste.ubuntu.com/280396/14:43
aubreEucalyptus question: I have a newly added node which is acting like it can't connect to walrus, and libvirt is saying Domain not found, so it won't launch instances : http://paste.ubuntu.com/280394/ any ideas?14:43
VK7HSEMohammad[B]: what's the content of your ports file?14:44
VK7HSEMohammad[B]: see ... http://paste.ubuntu.com/280400/14:45
Mohammad[B]VK7HSE, http://paste.ubuntu.com/280402/ this is my ports file14:46
Mohammad[B]VK7HSE, some kind of my ports file :-s14:46
VK7HSEMohammad[B]: good! now are you by chance using webmin to administer that server?14:46
Mohammad[B]VK7HSE, no, this is manually14:47
Mohammad[B]and Ubuntu 9.04 in a VPS14:47
VK7HSEMohammad[B]: OK! I'm now just trying to remember what causes that issue!14:48
Mohammad[B]ooh ok :)14:48
Mohammad[B]thnx14:48
VK7HSEMohammad[B]: what's in your /etc/apache2/sites-available/default file?14:49
Mohammad[B]VK7HSE, i'm change it to "boozary" wait14:50
VK7HSEok...14:50
Mohammad[B]VK7HSE, http://paste.ubuntu.com/280410/14:52
Mohammad[B]this is working but that error ... http://boozary.com/14:52
VK7HSEMohammad[B]: here's mine so you can compare...  http://paste.ubuntu.com/280409/14:53
Mohammad[B]this is like my file14:54
Mohammad[B]hummm14:55
VK7HSEMohammad[B]: the only thing I can see is that I haven't specified an ServerAlias in that file I have stated a ServerName www.vk7hse.hobby-site.org in apache2.conf  ???14:55
VK7HSEMohammad[B]: is that server online ? and what's its URL?14:56
Mohammad[B]VK7HSE, yes, www.boozary.com14:56
VK7HSEok no content on it just yet I see! ;)14:57
Mohammad[B]VK7HSE, http://boozary.com/ but this14:57
VK7HSEMohammad[B]: Hmm... sorry not sure what's happening there... but it's certainly accessible but I realise to get rid of that warning would be nice! ;)14:59
VK7HSEMohammad[B]: you haven't setup a second alias in /etc/apache2/conf.d  by chance? (I'm assuming you have not!)15:00
VK7HSEMohammad[B]: have a look at...  http://www.mydigitallife.info/2007/08/11/apache-warn-namevirtualhost-80-has-no-virtualhosts-error-when-start/15:03
Mohammad[B]VK7HSE, thanks i seen it yet15:04
VK7HSEMohammad[B]: ok...  ;)15:04
Mohammad[B]thanks alot ;)15:05
VK7HSEMohammad[B]: it kind of points to a duplication of the virtualhost of *:80 ... best of luck getting it sorted, sorry I wasn't of any help to you :(15:06
cemcis there a way to disable disk caching in ram for a partition, or mountpoint?15:07
=== dendrobates is now known as dendro-afk
Mohammad[B]VK7HSE, oh forget it dear ;) forget it15:08
Mohammad[B]VK7HSE, problem resolved with comment the NameVirtualHost * in ports.conf ;)15:28
VK7HSEMohammad[B]: Ahh! glad to hear you sorted it ;)15:29
=== dendro-afk is now known as dendrobates
Mohammad[B]VK7HSE, i have 2 domains one boozary.com is root and boozary.cn setted to boozary.com's DNS i want boozary.cn open another directory do you can help me ?15:34
VK7HSEMohammad[B]: as I'm only running one domain (vk7hse.hobby-site.org) I haven't attempted that ... sorry15:35
Mohammad[B]oh ok thanks15:35
VK7HSEbut remember, GIYF (Google Is Your Friend)  ;)15:35
Mohammad[B]=))15:35
Mohammad[B]just fucking google :D15:36
genii!language15:37
ubottuPlease watch your language and topic to help keep this channel family friendly.15:37
Mohammad[B]VK7HSE, without google resolved :D15:46
uvirtbotNew bug: #394021 in vm-builder (universe) "[karmic] ubuntu-vm-builder crashed with AttributeError in preflight_check()" [Undecided,Fix released] https://launchpad.net/bugs/39402115:57
uvirtbotNew bug: #403149 in vm-builder (universe) "vmbuilder should allow for no swapfile" [Wishlist,Confirmed] https://launchpad.net/bugs/40314915:57
uvirtbotNew bug: #329458 in landscape "vmbuilder fails to work with grub2 (dup-of: 410886)" [High,Confirmed] https://launchpad.net/bugs/32945815:58
=== roaksoax_ is now known as RoAkSoAx
uvirtbotNew bug: #392190 in vm-builder (universe) "vmbuilder fails silently when providing invalid hostname" [Undecided,Incomplete] https://launchpad.net/bugs/39219016:02
uvirtbotNew bug: #316538 in vm-builder (universe) "allow for vmbuilder to change VM name and directory with the --hostname option" [Wishlist,Triaged] https://launchpad.net/bugs/31653816:17
Skami_18Hello16:19
Skami_18Someone have a web/mail server at home?16:21
remotehi16:23
Skami_18have you a box?16:24
uvirtbotNew bug: #436407 in eucalyptus/1.6 "if apache2 is using worker MPM, rampart causing periodic CC segfaults" [Critical,Fix committed] https://launchpad.net/bugs/43640716:26
Skami_18I'm trying to configure my NeufBox for a web server... but without success!16:28
giovaniwhat's a NeufBox?16:29
pmatulisNewfoundland computer?16:33
pmatulis(joke)16:34
Skami_18A neufbox in an internet-box, a NeufBox sucks!16:35
=== erichammond1 is now known as erichammond
geniiWeird, i read that originally as NerfBox16:42
VogHmm that would be an interesting theme on a graphical desktop...16:47
VogNerf box... the computer you can't hurt yourself or anyone else with...16:47
remotei'm having troubles compiling compat-wireless on ubuntu-server, did anyone else do it?16:49
remotefirst i was having errors about /lib/modules/`uname -r`/build that didn't exist even though i had the kernel source and kernel headers installed16:50
=== nxvl_ is now known as nxvl
dholbachhi guys16:53
dholbachcould it be that dovecot's reload script (that is triggered after upgrades) does leave the services in a state where they're not listening or something?16:54
dholbachmaybe it's a configuration issue at my place, that could very well be16:54
f00fSteRhey guys16:54
f00fSteRi'm trying to start a new server instance for this one contract16:55
f00fSteRnow i set the internal static address ...16:55
dholbachI usually test with  sudo lsof | grep DEL  to find out if "old libraries and stuff are still loaded" and things were fine16:55
f00fSteRlike a 192.168.0.4 as the internal16:55
f00fSteRbut for an external ip address i cant seem to configure anything16:55
f00fSteRi tried changing the /etc/networking/interface file to include the seconbd external static ip with the name server but notthing16:56
f00fSteRany suggestions guys ?16:56
uvirtbotNew bug: #409958 in nagios2 (universe) "Sends false disk space alerts" [Undecided,Incomplete] https://launchpad.net/bugs/40995816:57
jjohansensmoser, erichammond: EC2 kernel status meeting16:59
smoserwoohoo17:00
smoserhttp://paste.ubuntu.com/280496/17:00
jjohansenuh oh, smoser  is excited about it, must have a bug :)17:00
smoserno, i'm just excited that jjohansen is back17:01
jjohansenhehe17:01
jjohansenso basically I don't have much status17:01
jjohansenI am going to try to finish bisecting the ec2 virtual style config this morning17:02
f00fSteRjjohansen: hrmm... i'm in this too17:02
jjohansenrtg committed zuls tty patch, so hopefully we will have log messages now17:02
jjohansenf00fSteR: cool, welcome17:03
smoserjjohansen, so the big things are that bug 434755 and bug 431103 are marked as "fixed released", but we dont have an official build with them17:03
uvirtbotLaunchpad bug 434755 in linux-ec2 "ec2 kernel has unnecessary dependencies" [Medium,Fix released] https://launchpad.net/bugs/43475517:03
uvirtbotLaunchpad bug 431103 in linux-ec2 "ssh host key fingerprint no longer available in the console log" [High,Fix released] https://launchpad.net/bugs/43110317:03
smoserif possible, i'd like to get one, and get it published. that way, in case you dont finish the bisecting by beta, we'll have these 2 bugs fixed in beta17:04
smoserwith officially built kernels17:04
jjohansensmoser: right, I'll ping rtg when he gets back17:04
smoserand note, that with the AMIs having the kernel modules in them, bug 428692 is less severe (because the user has loop.ko available)17:04
uvirtbotLaunchpad bug 428692 in ubuntu "ec2 kernel needs CONFIG_BLK_DEV_LOOP=y and other config changes" [Medium,Confirmed] https://launchpad.net/bugs/42869217:04
smoseri really am happy you're back17:05
f00fSteRhrmm17:06
f00fSteRlol17:06
f00fSteRso anyone know how to set an external static ip on the same interface17:06
f00fSteR?17:06
jjohansensmoser: were you involved in the ec2 installer fiasco at the end of last week?17:06
f00fSteRwhere an internal static ip has been set17:06
f00fSteR?17:06
jjohansenf00fSteR: sorry to say I don't17:08
jjohansenalright anything else we should cover?  Or shall we call this meeting adjourned17:08
f00fSteRlol17:09
smoserjjohansen, adjourned is fine.17:09
f00fSteRmaybe... setting up two static ip's on a single interface17:09
f00fSteRFUCK!17:09
f00fSteRlmfao17:09
smoserec2 installer fiasco ? i think you mean uec17:09
Pici!language | f00fSteR17:10
ubottuf00fSteR: Please watch your language and topic to help keep this channel family friendly.17:10
jjohansensmoser: err yeah17:10
smoseri didn't follow it too much17:10
jjohansenand fiasco as in crunch17:10
jjohansensmoser: ah, me neither except my machine got drafted into service :)17:10
smoserf00fSteR, maybe look at https://wiki.ubuntu.com/UEC/Images/Testing , search for eth0:017:11
smoserjjohansen, i now have some hardware for testing UEC, but have been bogged down in ec2 stuff to deep to attempt setting up.17:11
jjohansensmoser: good to hear you have hardware,17:12
erichammondsmoser: Can we get AMIs published with all the latest fixes?  Jono says Jorge's got testers working and it would be nice to make sure they're testing the best we have.17:13
* jjohansen completely understands being bogged down17:13
smosererichammond, actually...17:13
smoserlet me see if they're public, but i have some up there.17:13
f00fSteRsmoser: dude thanks :)17:14
smosererichammond, can you see ami-28a34041 ?17:16
erichammondsmoser: Yes, 2009092617:16
smoser.117:17
erichammondyes17:17
smoserand i just made ami-24a3404d public.17:17
smoserso those are the latest. i'm not aware of any fixes outside of what they have17:18
smoserUS-i386-karmic: ami-28a3404117:18
smoserUS-x86_64-karmic: ami-24a3404d17:18
smoserthere are no EU ones for those.17:18
erichammondsmoser: Cool.  Can you make sure Jono/Jorge are aware of what should be tested?  I'm not sure how the communication works there or who's in charge.17:18
smoseryeah17:19
smoserhopefully we'll get a new kernel build from jjohansen sometime today and i'll get that uploaded / tested and attached to a nightly17:19
zulsmoser: there is a new version of ec2-api-tools out ill package and get a FFE for post-beta17:19
erichammondzup: yippee!17:20
erichammondzul: Any chance it can get into pre-Karmic releases, too?17:20
smoserppa releases would be easy17:21
smosererichammond, please see my comment in bug 41499717:22
uvirtbotLaunchpad bug 414997 in ec2-init "ec2-set-defaults should be 'run_once_per_ami'" [Medium,In progress] https://launchpad.net/bugs/41499717:22
smoseri expect i know your feelings, but would like your thoughts17:22
erichammondsmoser: Yes, I've been reviewing it based on your note on #ubuntu-ec217:23
zulerichammond: we'll see17:23
erichammondsmoser: I think you've found the correct place to document the behavior if the file is overwritten on first boot.17:26
erichammondsmoser: The primary concern I have is for users who append PPAs to /etc/apt/sources.list17:27
erichammondIt would probably be more appropriate for them to be creating additions under /etc/apt/sources.list.d/ which I've just started doing myself.17:28
erichammondsmoser: Did you find anybody else who supported overwriting sources.list on rebundled AMIs?17:31
smoseri've not gone asking much, erichammond (other than that bug)17:40
mathiazNafallo: hey - are you still working on bug 127836?17:42
uvirtbotLaunchpad bug 127836 in bacula "[SRU] bacula-director-pgsql not installable" [Medium,In progress] https://launchpad.net/bugs/12783617:42
Nafallomathiaz: not really, no.17:43
Nafallomathiaz: went with another backup solution IIRC.17:44
erichammondsmoser: If folks feel that this is an area where it's really worth breaking existing users' code when they migrate, then I can help spread the word.  I'm just pushing for as smooth a migration plan as possible.17:44
mathiazNafallo: ok - I'll unassign you from the dapper task then17:44
Nafallokewl.17:45
erichammondsmoser: I think you solved the problem for people who are paying attention which is good.17:45
smosererichammond, i'm glad you're reasonably ok with the idea17:47
erichammondsmoser: If I didn't tell the person building my company's AMIs, the process would break and he'd have to track it down, but he would probably figure it out when he went to look at sources.list17:47
smoseri wish soren were around. i feel like its rude to put this change in (and get it into beta) in his absense17:47
smosererichammond, right17:47
bafflesmoser: Where is soren?17:55
=== sleeping`dragon is now known as error404notfound
smoserI dont really know details, but he's out at the moment17:59
kutukepikhi all18:04
kutukepikanyone have a hand on tutorial for ubuntu-server esp cloud18:05
* biczd ola18:09
eliaswimmerhello, i'm playing around with kvm/vmbuilder, therefor i wanna know if it is possible to specify a "use all available space" parameter in the partition file18:10
smosererichammond, regarding above, i think at this point, my suggested code change isn't warranted.  i think simpler to just modify the .tmpl files.18:13
smoserif we find that we have a bunch of them in the future, and such maintenance is a pain, we could do something like my patch18:13
smoseror maybe it is. i dont know.18:15
smoser6 in one half a dozen in the other18:16
erichammondsmoser: I haven't thought much about the locale, but wonder if a comment is less likely to be noticed.  I don't even know what file it would be found in.18:24
smoserwell, the file you would be changing if you were changing the locale18:25
smoser(/etc/default/locale)18:25
smosermy guess is its not often changed. we set it based on region18:25
smoserus = en_US.UTF-8 , eu = en_GB.UTF-818:26
smoser(in ec2init/__init__.py)18:27
erichammondYeah, and there were no particularly good reasons for choosing those except that we had to choose something.18:27
erichammondSo if the user has made a selection, perhaps it is even less beneficial to arbitrarily overwrite the change.18:27
smoserright. so, you get the queens english or US18:27
erichammondIf somebody wants Hungarian on a server in Washington, they are not likely to want en_GB on a server in Dublin.18:28
smoserthis is actually a reasonable example18:28
zulsmoser: can you test out the new ec2-api-tools in my ppa when it builds18:29
smoserespecially since it appears to me that the user sets that not by editing the file (which would work) but by running 'update locale <locale>'18:29
smosererr... update-locale18:29
erichammondWhen I build images it looks like I update /etc/default/locale and run "localdef"18:29
erichammondBut I'm sure I just copied this from some sample I found somewhere.  I'm not a locale expert.18:30
smoseryeah. ec2-set-defaults does18:30
smoserlocale-gen and then update-locale18:30
smosereven here, though, if the user is making that change, they can easily change the template file. i agree, it kind of sucks that it will break out of the box if you didn't know about the template file.18:33
smoserthe same case could be true for modifying /etc/apt/sources.list, but I think the user is more likely to be modifying that file with an editor (rather than a tool)18:34
erichammondsmoser: In my experience changes to sources.list are generally made with commands which append or a system like Puppet to overwrite so the user will not see the comment.18:38
erichammondsmoser: But I'm glad you see that it sucks to break what the user has done :-)18:38
smoserwell, if they're done with puppet, you think they're then re-bundled ?18:40
smoseri would have thought puppet changes would have been done to a installed instance, and then the thing wihch does rebundling or reates the master would be handled differently18:41
smoserso, i think the gist of all of this is that the template system is a more powerful system, and has good reason for existance.18:43
smosernot re-generating on every "first boot", means the user loses the power that the templating system gained us18:43
smoserand, as i pointed out, simply overwriting only if the file is different from the one you *would* write isn't sufficient, as it doesn't take into consideration the fact that the user is only able to write one file, while the template system outputs multipel based on environment conditions.18:45
erichammondsmoser: For some of our images CampusExplorer.com generates the base image using puppet and rebundling.  When the instance is started it runs puppet again to bring the system up to date and apply any local configuration changes.18:46
erichammondThe reason we do this is that the initial setup takes about 4 hours.18:46
smoserinteresting.18:47
erichammondsmoser: I think the template system is nice, and users should be encouraged to use it where they can take advantage of it.  I still would lean towards not breaking user changes to get them to notice the template system :)18:48
smoserso then, i think maybe best to do a combination of the two.18:49
smoserdo not overwrite if different than would be generated18:49
smoserthat is "safe"18:49
smoserbut also put headers in those files about the primary source18:50
dassoukii just got some hosting on a ubuntu server (linode), it's meant to be for an opensource project. I'm gonna give access to some users, what are some of the ways i can create groups, give access, to people so they can only access for example svn, their home folder, and postgresql connection ?18:52
smoserbut even that solution stinks. because the, the user almost *can't* take advantage of the templating system. because any file they write, and include in their rebundled image is going to be seen by ec2-set-defaults as "different" in some cases, thus making the existing file the one that is used.18:53
smoserthe only solution to that is for the user to delete the generated file before building (or otherwise indicate "please overwrite this all the time")18:54
smoseri can't come up with a way to allow the user to take advantage of the templating and intelligently not overwrite their decision.18:55
jacovtHello guys.19:00
mathiazsmoser: how are the templates structured?19:00
mathiazsmoser: is there a place for the user to define their own templates?19:01
jacovtTrying to get an answer in #kerberos for this without much luck, hoping there is a kerberos geek in here...19:01
smoserthey can modify existing templates19:01
mathiazsmoser: where are these templates located?19:01
smoserbut cannot control the input to the template rendering19:01
smoser/etc/ec2-init/templates19:02
mathiazsmoser: so what's the use case you're trying to solve?19:02
smoserec2-set-defaults reads from there, and writes to the actual location19:02
smoserwell, the use case that the template system is designed to provide is that we wish to use a different mirror in EU and US19:03
jacovtI want my notebook to authenticate agains 2 different kerberos realms, one at home and one in the office. These networks are not connected. If I take a look at the default krb5.conf it seems there are multiple realms defined, and I have my own realms aswell. Is it possible to authenticate against my home realm when I am at home and the work realm when I am at work using the same notebook?19:03
smoserso sources.list has "mirror" in it, that ec2-set-defaults renders to the correct ec2 internal mirror for that region19:03
smoserthe issue that the bug raises is that this decision happens only "once ever". so if a user re-bundles, they're stuck with the output of that first run.19:04
smoserthey will no longer get magical optimized settings of sources.list19:04
mathiazjacovt: yes - if you use the kinit command to get a ticket for login@HOME_REALM or login@WORK_REALM19:04
mathiazjacovt: however gdm won't support that IIRC19:04
jacovtmathiaz: Ah, thanks. But GDM?19:05
jacovtah.19:05
jacovtlol.19:05
smoserhowever, there is the possibility that they've mdoified sources.list (adding a line) and rebundled, but hopeed that that line would be in the new instance.  if ec2-set-defaults runs in their new image, it would blow away their changes.19:05
mathiazjacovt: you could try to login via gdm as login@REALM19:05
jacovtmathiaz: Do you know if its do-able via PAM ?19:05
mathiazjacovt: but I don't that would work19:05
mathiazsmoser: how about leveraging source.list.d?19:05
jacovtmathiaz: Was kinda hoping for a transparent solution. :)19:05
smoserthat solves for a single case. and yes, the usre should use that, but they may not.19:06
mathiazjacovt: well - you'll always need to give the realm you want authenticate against19:06
erichammondmathiaz: Some use cases are listed in bug 414997.  smoser and I differ (politely) in our opinions of which uses cases might be more frequent and how severe the risks are for each.19:06
uvirtbotLaunchpad bug 414997 in ec2-init "ec2-set-defaults should be 'run_once_per_ami'" [Medium,In progress] https://launchpad.net/bugs/41499719:06
smoserright now, the templating system only deals with /etc/default/locale and /etc/apt/sources.list19:06
smoserand i disagree violently with erichammond's assertion that we disagree politely.19:07
smoserwell, ok, i dont.19:08
erichammond:)19:08
erichammondI have to run, so I won't be able to defend my position, but I think I put most of it in the bug.19:08
smoserin the end, i dont think its really a big deal at the moment19:08
jacovtmathiaz: Well, I was hoping to do away with the krb5.conf completely, use srv and txt records for DNS to identify the kdc for the domain that is given to the notebook via DHCP (so it will auto lookup the kdc) and then just have pam authenticate agains whatever comes back for the domain. But I dont suppose its that easy.19:08
smoseras if you want the stuff re-run in the new bundle, you can just remove the semaphore ".ever" file19:09
smoserso maybe i would even agree that the best thing to do is to document *that* and otherwise leave code alone19:09
mathiazjacovt: it should be possible - if you trust your dns system.19:10
mathiazjacovt: I'd have a look at the pam_krb5 documentation and the krb5 documentation19:11
jacovtmathiaz: I looked at it, saw a lot about cross-realm auth, but that seems to imply that I need to create trust between the 2 networks, which is nt possible.19:12
mathiazsmoser: why not put the ec2 mirror information in /etc/apt/sources.list.d/?19:14
mathiazsmoser: ie in /etc/apt/sources.list.d/ec2-mirror19:15
mathiazsmoser: and leave the sources.list untouched19:15
mathiazsmoser: or empty19:15
|rt|hey guys I just mentioned this in #ubuntu but this is probably more server related than desktop related19:16
|rt|in this case /etc/init.d/README suggests that you use update-rc.d to add init scripts to runlevels bu the man page for update-rc.d says that users should use sysv-rc-conf or bum should I file a bug to get the README updated to be in line with the man page19:16
smoseri tihnk there are several reasonable solutions for /etc/apt/sources.list, and that that is one of them (not one i'd thought of). the bigger problem is more generic, but since we only have 2 files, its not that big of a deal.19:17
smoseri think the solution i like best is to change nothing. if the user wants files regenerated after rebundle then they remove the semaphore ("already ran that") files.19:18
mathiaz|rt|: on which version of ubuntu do you see that?19:18
|rt|mathiaz: on 9.0619:18
|rt|or 0419:18
mathiaz|rt|: this has already been fixed in karmic - http://manpages.ubuntu.com/manpages/karmic/en/man8/update-rc.d.8.html19:19
mathiazsmoser: agreed - supporting a .d/ include mechanism is usually the best way around that19:20
|rt|mathiaz: yeah looks like it....then no need to file a bug19:20
mathiazsmoser: you drop file in there and you can add comment to not touch it19:21
smoseri think even then you still have an issue if the user *wants* to touch it19:21
smoserie, they do not like your selection of a mirror19:21
mathiazsmoser: that's fine - they can delete the ec2-mirror file19:21
mathiazsmoser: and if the /etc/apt/sources.list.d/ec2-mirror doesn't exist, don't regenerate it19:22
mathiazsmoser: if it's there, update it19:22
mathiazsmoser: always19:22
smoseri think that works reasonably well there.19:23
erichammondWho runs keyserver.ubuntu.com? It does not seem to be responding to apt-key commands or to links from launchpad PPAs like http://keyserver.ubuntu.com:11371/pks/lookup?search=0xEC3735E12A0C5C1B98F0CF350EC7E508BE09C571&op=index19:33
uvirtbotNew bug: #437445 in dhcp3 (main) "No Wired Network Connection: Attansic Technology Corp. Atheros AR8121/AR8113/AR8114 PCI-E Ethernet Controller (rev b0)" [Undecided,New] https://launchpad.net/bugs/43744519:33
erichammondI was about to add commands to my EC2 instance startup (and recommend them to the world) which would require that keyserver.ubuntu.com be available, but if it's not considered a high-uptime server I'll have to adjust.19:34
mathiazNg: ^^?19:39
smosererichammond, i dont know the correct answer. i've seen it have issues before, but it is a fairly important service19:43
erichammondI've been having problems since yesterday or before, but just tracked it down to the keyserver.19:52
smosererichammond, if you agree with my most recent comment in that bug, please go ahead and comment to that affect. if anyone here disagrees with it, do the same.19:52
smosererr.. i see your response. hold on.19:53
erichammondEek, what is "127.0.1.1 $hostname" still doing in /etc/hosts in the EC2 template?20:03
smoserit doesn't get used20:05
erichammondand /etc/hostname20:05
erichammondYes, this is showing up in /etc/hosts on the Karmic Alpha6 AMI: 127.0.1.1 ubuntu.canonical.com ubuntu20:05
smoserthat file istn used, so we probably should delete it from ect-init to avoid confusion20:05
smoseryeah, that gets written by vmbuilder20:06
smosernot by ec2-init20:06
smoseri thought you had opened a bug at once point, but couldn't find anything20:06
smoseryou have a reference ?20:06
erichammondsmoser: Me too20:06
erichammondI can't spend time on this right now, but these two files should be fixed/removed.20:07
uvirtbotNew bug: #388934 in eucalyptus "not applying access authorisation checks" [Undecided,Fix committed] https://launchpad.net/bugs/38893420:09
smoserbug 316201 and bug 402273 i find now.20:09
uvirtbotLaunchpad bug 316201 in ec2-init "Use EC2 DHCP hostname and domain name instead of "ubuntu."" [Undecided,Fix released] https://launchpad.net/bugs/31620120:09
uvirtbotLaunchpad bug 402273 in ec2-init "ec2 doesnt set /etc/hostname properly." [Undecided,Invalid] https://launchpad.net/bugs/40227320:09
smoserand one of those points to bug 40786120:12
uvirtbotLaunchpad bug 407861 in ubuntu-on-ec2 "ec2-init: ec2-set-hostname should be eliminated, trust DHCP" [Wishlist,Fix released] https://launchpad.net/bugs/40786120:12
erichammondsmoser: Thanks for the research. So my "eek" was appropriate.  "Fixed" bugs popping up again are the worst.  One reason I like automating tests, especially for previously reported bugs.20:15
smoseri dont think it was ever fixed20:16
smoserthe last comments in bug 407861 indicate that soren wanted to leave /etc/hostname with 'ubuntu' in it. it seems not to have side effects.20:19
uvirtbotLaunchpad bug 407861 in ubuntu-on-ec2 "ec2-init: ec2-set-hostname should be eliminated, trust DHCP" [Wishlist,Fix released] https://launchpad.net/bugs/40786120:19
smoserand for /etc/hosts, soren suggested opening a bug, which never got opened.20:19
xt3mp0rAny idea how i can make my tinyproxy(running on my ubuntu VPS) undetectable as a PROXY.. !?!!!?!?20:35
g-hennuxhi!20:37
RoyKhi!!!20:37
g-hennuxwhy does the python-vm-builder package have sooo many dependencies? (postfix? mysql? subversion?)20:37
g-hennuxi don't actually want any of that on my vm server20:37
RoyKperhaps the designers thought that was good20:38
RoyKit'll just take a handful of megabytes20:38
RoyKyou can stop the services after they have been started or you can install the stuff by hand - your choice20:38
xt3mp0rAny idea how i can make my tinyproxy(running on my ubuntu VPS) undetectable as a PROXY.. i tried looking a manpages..nothing helpful20:40
subxt3mp0r: You probably want to use the "Anonymous" directive, if the config format hasn't changed you add lines similar to: "Anonymous Header1", "Anonymous Header2", "Anonymous HeaderN" where HeaderN is the name of the header you want to ALLOW through20:45
subxt3mp0r: The example my config file has is located here: http://pastebin.com/da34127820:46
xt3mp0rsub: Thanks :)20:48
xt3mp0rgiving it a try now20:48
jthomas_sb_Whenever I run any command on a Jaunty server setup I get errors that begin with "perl: warning: Setting locale failed." and there are a few more line.  I can pastebin the whole thing if it matters.  How can I fix this??21:01
xt3mp0rsub: I tried it, but didn't help me out.. i can still see the message "Possible Proxy Detected: 1.1 tinyproxy (tinyproxy/1.6.3)" when i go at whatismyip.com :s21:03
qman__jthomas_sb_, I probably can't help with that specific problem, but the whole error does matter, every time. You really should pastebin it.21:04
subjthomas_sb_: Try installing the appropriate language pack, ie: sudo apt-get install language-pack-en for english21:04
jthomas_sb_i assumed it was a common error since this is a clean install.  here it is: http://pastebin.ca/158311021:06
qman__xt3mp0r, using an alternate port may help21:06
jthomas_sb_sub that did it, thanks.21:08
g-hennuxi am amazed by how much stuff works in ubuntu server "out of the box" concerning virtualization21:09
g-hennuxe.g. bridging, this dnsmasq thingy etc21:09
g-hennuxjust one thing: i want the dnsmasq server to return some additional hostnames (i.e. it should host the names of the virtual machines). any way to do that?21:10
xt3mp0rqman__ : Tried it, still the same.21:10
subg-hennux: I think dnsmasq might parse /etc/hosts for that, so you could try that21:15
g-hennuxsub: yeah, just read that, thank you21:16
davmor2guys quick query on uec node is it meant to just spit the cd and reboot regardless.  Normally the cd is spat out and you're asked if you want to reboot.21:31
manusoftarGuys, How do I allow connections from the outside in postfix? I've tried 0.0.0.0/128 though I'm sure I'm doing something wrong.22:29
manusoftarConnecting from the localhost is allowd.22:29
manusoftarThe firewall is set to forward incoming requests to the correct PC, and it's been proven working22:29
manusoftarWhen I do dpkg-reconfigure I'm sure I'm messing up  in that stge22:29
manusoftarsed 's/stge/stage/g'22:30
=== jjohansen1 is now known as jjohansen
g-hennuxhi!22:41
g-hennuxi have a problem with my kvm virtual machines: i'm using this virt-manager and can start them and say "open" and then sit directly in front of the console, i.e. see boot messages etc. however, once the console blanks (after a couple of minutes of inactivity), i get the message "connecting to console for guest", but cannot interact with the vm any more.22:42
g-hennuxthen how is it possible to get this console back?22:42
g-hennuxi tried "console kvmtest" from the virsh, but get "no console available for the domain"22:43
g-hennuxssh'ing still works22:43
reya276how can I setup multiple websites on the apache server? I have internal IP addresses which are pointed to a NAT.22:47
reya276On IIS I would create the virtual website then assign the IP address and Hostname. On Apache I created a virtual host with the IP address and hostname but the site does not show. Is there additional config which I need to do to a host file of the system or something and if so where can I find this file.22:48
DavieyIs the -pae kernel karmic server default?22:50
jthomas_sb_reya276 where did you create the apache2 config file?  and, have you linked it to /etc/apach2/sites-enabled/ (or used a2ensite _sitename.com_ ?)22:55
jthomas_sb_i meant, linked it to /etc/apache2/sites-enabled/22:55
reya276no, I'm new to apache as I've always used IIS22:55
jthomas_sb_ok, where did you create the config file?22:56
reya276if you could walk me step by step on how to do this it would be great22:56
jthomas_sb_i have 5 minutes, but it may be enough22:56
jthomas_sb_where did you create the config file?22:56
reya276no right now I deleted the virtual host22:56
jthomas_sb_ah.  ok... are you running on a command line or with a gui ?22:56
reya276the website domain is www.finrcvgrp.com22:56
reya276using webmin22:57
jthomas_sb_sorry can't help you there then.  i don't know webmin at all but i've heard that it's full of security holes, I don't know for sure though.22:57
reya276but I can do command if you give me the command22:57
jthomas_sb_there is more to it than that; command line means you know some command-line editors like vim or nano or something.22:58
reya276nano22:58
reya276I have used that22:58
reya276sudo nano /etc/filename22:58
reya276on webmin there is a tab which allows me to create a virtual host then I can pastebin for you so you can see what it looks like23:00
jthomas_sb_ok so, i have to go but:  use nano to edit a file like this (no quotes) :  'nano /etc/apache2/sites-available/www.finrcvgrp.com '  In that file set up <VirtualHost 123.IP.Add.Ress:80> blah blah documentroot /var/www/folder/to/htdocs/  blah blah </VirtualHost>  Then at the command line run 'a2ensite /etc/apache2/sites-available/www.finrcvgrp.com '  which links that document to /etc/apache2/sites-enabled/www.finrcvgrp.com   Then restart23:01
jthomas_sb_apache, 'sudo /etc/init.d/apache2 restart'23:01
jthomas_sb_sorry i know that is pretty useless, perhaps someone else can assist you more23:02
reya276is ok, thanks23:02
reya276jthomas_sb_: I got this error ERROR: No site found matching /etc/apache2/sites-available/www.finrcvgrp.com!23:03
reya276but I think is /etc/apache2/sites-available/www.finrcvgrp.com.conf23:03
jthomas_sb_hm maybe just  ' a2ensite www.finrcvgrp.com '23:03
jthomas_sb_perhaps it looks in the right place and doesn't need to full path23:04
jthomas_sb_note that thie really requires that the file exists :)23:04
jthomas_sb_to restart apache2 you can also try 'apache2ctl -t' to test, and 'apache2ctl -k graceful' to (re)start the server, reya27623:05
jthomas_sb_webmin may not put the apache2 config files in /etc/apache2/sites-available/  i am not sure23:06
jthomas_sb_gotta go23:06
JanCwebmin is evil...23:06
reya276no is there but it is called www.finrcvgrp.com.conf23:06
jthomas_sb_lol ok use that file name for a2ensite23:07
reya276JanC: I understand but I have no experience with command line23:07
g-hennuxis there any howto what i have to do (concerning port forwarding etc) if i want to have port 80 of my kvm guest be available from the outside of the kvm host?23:07
jthomas_sb_reya276 no worry, you'll get there if you want to :)23:07
reya276jthomas_sb_: ok that gave me a msg "Site www.finrcvgrp.com.conf already enabled"23:08
JanCreya276: learn to use a linux server at home before you put one on-line, and you won't need webmin23:08
reya276JanC: I do use Ubuntu at home, just never tried to configured a server before besides this is the time I'm taking to learn it23:09
reya276JanC: 3 kids at home and a nagging wife is not a fun time to do this23:09
=== orudie_ is now known as orudie

Generated by irclog2html.py 2.7 by Marius Gedminas - find it at mg.pov.lt!