[01:40] <jono> kirkland, hey
[02:22] <golem_> during the install i chose 'automatic updates' - where is that configured if i wish to change to manual updates?
[02:24] <jmarsden> dpkg -L unattended-upgrades    will show you all the files.  The one to edit to quickly disable them is probably /etc/apt/apt.conf.d/50unattended-upgrades
[02:24] <golem_> gotcha, thanks
[02:24] <jmarsden> No problem.
[02:25] <golem_> i just commented out jaunty-security
[02:26] <jmarsden> If you know you don't want it, sudo apt-get purge unattended-upgrades   will do the trick cleanly :)
[02:26] <golem_> ah cool, so i can just apt-get update/upgrade
[02:27] <jmarsden> Of course; the unattended-updates package effectively scripts doing that on a regular basis.
[03:07] <aubre> how's the cureent state of karmic eucalyptus? thinking of updating when I go to work tomorrow
[07:15] <darksmac> ok guys new to ubuntu server was wondering if any one has had any experience installing crda
[07:16] <darksmac> comming aross an issue with it stating that i dont have a supported version of libnl and i have installed libnl1-1.1-3
[08:06] <Anirban1987> I want to host a game server on my VPS
[09:04] <claw> guten morgen ich bin auch der suche nach nem tool, dass meinen netzwerktraffic zählt
[09:04] <claw> ich bezahl nämlich pro megabyte und hätte gerne sowas wie ne monatsübersicht
[09:04] <claw> gibts da etwas?
[09:13] <_ruben> claw: asking in english will yield more responses probably .. as for traffic accounting tools, there's tons of those around
[10:18] <maxagaz> how to use find to do this "ls -lart", but recursively
[10:18] <maxagaz> ?
[10:19] <domas> maxagaz: just use 'ls -R'
[10:19] <domas> if you want ls functionality
[10:19] <domas> you can also do find ./ -print0 | xargs -0 ls -lart
[10:19] <domas> etc
[10:20] <domas> :)
[10:25] <maxagaz> domas, thanks
[10:25] <maxagaz> but the result is not that good with find
[10:25] <maxagaz> domas, because files are separated by directory
[10:26] <maxagaz> domas, but the good thing is that their full path is shown
[10:29] <cemc> is there a simple freespace disk checker package which sends mail when a partition is X % full ? something really simple
[12:05] <Mohammad[B]> how i can resolve this problem in apache2 http://paste.ubuntu.com/280284/ please help me
[12:13] <Jagged> Mohammad[B]: you need to correctly configure apache vhosts, or don't use vhosts.
[13:01] <zul> morning
[13:06] <oc> hi
[13:06] <oc> Is it possible to somehow make aptitude -not ever- install gcj?
[13:07] <oc> i.e. I have installed sun-java{5,6}-jdk
[13:07] <oc> when I install tomcat, glassfish, ant, etc I do not want GCJ
[13:08] <oc> gcj should never ever ever ever ever come into my OS
[13:08] <oc> this is a major issue, not a minor one
[13:11] <VK7HSE> oc: well install with '--no-install-recommends" then...
[13:12] <pmatulis> (that would be for apt-get)
[13:12] <VK7HSE> Oh yes forgot to mention that bit! ;)
[13:13] <oc> that sort of helps
[13:13] <oc> how do I set it as default?
[13:13] <VK7HSE> oc: so then use this ... 'sudo apt-get install tomcat --no-install-recommends'
[13:13] <oc> I understood that.. how do I set it as default?
[13:14] <oc> (can I set it in apt.conf somehow?)
[13:14] <VK7HSE> thinks so! ... just having a look through some settings stuff to see...
[13:15] <oc> in server mode, that should be default IMHO :)
[13:15] <oc> it's ok to be lax in desktop installations
[13:15] <oc> but too much crap on the server will quickly escalate
[13:16] <pmatulis> that option will only prevent "recommends" packages from being installed.  not sure if that is the case here
[13:16] <VK7HSE> well its a defalt inubutnu.. I had a similar grizzle! when I was messing with KDE and i wanted to use firefox 3.5 and it wanted to pull in a heap of stuff from gnome!
[13:17] <pmatulis> but you can make this the default by adding 'APT::Install-Recommends "0";' to /etc/apt/apt.conf
[13:18] <oc> thanks
[13:18] <VK7HSE> pmatulis: Gahh! ya beat me to it ;)
[13:18] <VK7HSE> pmatulis: BTW I realised my error yesterday re: the server kernel on i386 (DOH)
[13:19] <oc> I traced the deps now.. Seems like java2-runtime-headless asks me to install install gij istead of sun-javaX-jre (which are installed)
[13:19] <oc> (and thats just an alias package -- which I find strange)
[13:20] <pmatulis> oc: maybe openjdk will be friendlier
[13:21] <oc> problem is, I'm setting up a buildserver, and it'll compile some "very enterprisey (tm)" code that only runs well in particular JDKs :o)
[13:21]  * pmatulis nods
[13:22] <oc> which I've found is an issue many places Ive worked :>
[13:22]  * oc shrugs
[13:22] <pmatulis> oc: how does gij mess you up?
[13:23] <oc> I haven't tried yet, but it being installed makes my mind flash for potential errors :)
[13:24] <pmatulis> !find gij
[13:24] <pmatulis> !info gij
[13:24] <pmatulis> ah, only 36kB
[13:25] <pmatulis> oc: what release are you running?
[13:26] <oc> I don't want to potentially have to spend hours tracing runtime bugs in vastly untested code only to find out thats why
[13:26] <oc> 9.04 server
[13:26] <pmatulis> why you say untested?
[13:27] <pmatulis> gij is in main which suggests it is very well tested
[13:27] <oc> because alot of the code that is to be built is sadly untested :)
[13:27] <pmatulis> i think you're over-reacting  :)
[13:28] <oc> probably, but still better to be safe that sorry :)
[13:28] <pmatulis> if it's an important project then you should have a development box built first
[13:29] <oc> I'm installing a new CI server to replace an old Windows-server they've used for a while...
[13:30] <oc> it'll be a dev/ci/integration-test/functional test box
[13:30] <VK7HSE> I realise that each has their own way of things, but I tend to start with the default that tweak... ;)
[13:30] <VK7HSE> *then!
[13:30]  * pmatulis agrees
[13:31] <pmatulis> default, test, and *then* monkey around
[13:31] <oc> I have started with the default
[13:31] <oc> testing it would take years :)
[13:31] <oc> millions of lines of code :)
[13:32]  * pmatulis doesn't have anything else to add.  goes away for a while
[13:32] <VK7HSE> bit like me last night (UTC+10) I was jumping up & down cause I couldn't install an i386 server kernel! to be pointed to an article by pmatulis, that pointed me in the right direction! ;)
[14:28] <smoser> anyone have time to ubuntu-educate me ?
[14:28] <smoser> $ rmadison linux-ec2
[14:28] <smoser>  linux-ec2 | 2.6.31-300.3 |        karmic | source
[14:28] <smoser>  linux-ec2 | 2.6.31.300.0 |        karmic | amd64, i386
[14:28] <smoser> i've 2 questions about that:
[14:28] <smoser> 1. where does rmadison see the 300.3 source ? http://packages.ubuntu.com/source/karmic/linux-meta-ec2 indicates 2.6.31-300.0
[14:29] <smoser> 2. what causes build of amd64/i386 of the .3 ? how would i go about getting that?
[14:38] <zul> have you done an apt-get updaet?
[14:38] <zul> apt-get update even
[14:39] <zul> or not
[14:41] <smoser> hm... i thought that rmadison was querying remote info. apt-get update doesn't change results for me
[14:43] <Mohammad[B]> hi all
[14:43] <Mohammad[B]> what is this ? :-s in apache2 please help me for resolving this http://paste.ubuntu.com/280396/
[14:43] <aubre> Eucalyptus question: I have a newly added node which is acting like it can't connect to walrus, and libvirt is saying Domain not found, so it won't launch instances : http://paste.ubuntu.com/280394/ any ideas?
[14:44] <VK7HSE> Mohammad[B]: what's the content of your ports file?
[14:45] <VK7HSE> Mohammad[B]: see ... http://paste.ubuntu.com/280400/
[14:46] <Mohammad[B]> VK7HSE, http://paste.ubuntu.com/280402/ this is my ports file
[14:46] <Mohammad[B]> VK7HSE, some kind of my ports file :-s
[14:46] <VK7HSE> Mohammad[B]: good! now are you by chance using webmin to administer that server?
[14:47] <Mohammad[B]> VK7HSE, no, this is manually
[14:47] <Mohammad[B]> and Ubuntu 9.04 in a VPS
[14:48] <VK7HSE> Mohammad[B]: OK! I'm now just trying to remember what causes that issue!
[14:48] <Mohammad[B]> ooh ok :)
[14:48] <Mohammad[B]> thnx
[14:49] <VK7HSE> Mohammad[B]: what's in your /etc/apache2/sites-available/default file?
[14:50] <Mohammad[B]> VK7HSE, i'm change it to "boozary" wait
[14:50] <VK7HSE> ok...
[14:52] <Mohammad[B]> VK7HSE, http://paste.ubuntu.com/280410/
[14:52] <Mohammad[B]> this is working but that error ... http://boozary.com/
[14:53] <VK7HSE> Mohammad[B]: here's mine so you can compare...  http://paste.ubuntu.com/280409/
[14:54] <Mohammad[B]> this is like my file
[14:55] <Mohammad[B]> hummm
[14:55] <VK7HSE> Mohammad[B]: the only thing I can see is that I haven't specified an ServerAlias in that file I have stated a ServerName www.vk7hse.hobby-site.org in apache2.conf  ???
[14:56] <VK7HSE> Mohammad[B]: is that server online ? and what's its URL?
[14:56] <Mohammad[B]> VK7HSE, yes, www.boozary.com
[14:57] <VK7HSE> ok no content on it just yet I see! ;)
[14:57] <Mohammad[B]> VK7HSE, http://boozary.com/ but this
[14:59] <VK7HSE> Mohammad[B]: Hmm... sorry not sure what's happening there... but it's certainly accessible but I realise to get rid of that warning would be nice! ;)
[15:00] <VK7HSE> Mohammad[B]: you haven't setup a second alias in /etc/apache2/conf.d  by chance? (I'm assuming you have not!)
[15:03] <VK7HSE> Mohammad[B]: have a look at...  http://www.mydigitallife.info/2007/08/11/apache-warn-namevirtualhost-80-has-no-virtualhosts-error-when-start/
[15:04] <Mohammad[B]> VK7HSE, thanks i seen it yet
[15:04] <VK7HSE> Mohammad[B]: ok...  ;)
[15:05] <Mohammad[B]> thanks alot ;)
[15:06] <VK7HSE> Mohammad[B]: it kind of points to a duplication of the virtualhost of *:80 ... best of luck getting it sorted, sorry I wasn't of any help to you :(
[15:07] <cemc> is there a way to disable disk caching in ram for a partition, or mountpoint?
[15:08] <Mohammad[B]> VK7HSE, oh forget it dear ;) forget it
[15:28] <Mohammad[B]> VK7HSE, problem resolved with comment the NameVirtualHost * in ports.conf ;)
[15:29] <VK7HSE> Mohammad[B]: Ahh! glad to hear you sorted it ;)
[15:34] <Mohammad[B]> VK7HSE, i have 2 domains one boozary.com is root and boozary.cn setted to boozary.com's DNS i want boozary.cn open another directory do you can help me ?
[15:35] <VK7HSE> Mohammad[B]: as I'm only running one domain (vk7hse.hobby-site.org) I haven't attempted that ... sorry
[15:35] <Mohammad[B]> oh ok thanks
[15:35] <VK7HSE> but remember, GIYF (Google Is Your Friend)  ;)
[15:35] <Mohammad[B]> =))
[15:36] <Mohammad[B]> just fucking google :D
[15:37] <genii> !language
[15:46] <Mohammad[B]> VK7HSE, without google resolved :D
[16:19] <Skami_18> Hello
[16:21] <Skami_18> Someone have a web/mail server at home?
[16:23] <remote> hi
[16:24] <Skami_18> have you a box?
[16:28] <Skami_18> I'm trying to configure my NeufBox for a web server... but without success!
[16:29] <giovani> what's a NeufBox?
[16:33] <pmatulis> Newfoundland computer?
[16:34] <pmatulis> (joke)
[16:35] <Skami_18> A neufbox in an internet-box, a NeufBox sucks!
[16:42] <genii> Weird, i read that originally as NerfBox
[16:47] <Vog> Hmm that would be an interesting theme on a graphical desktop...
[16:47] <Vog> Nerf box... the computer you can't hurt yourself or anyone else with...
[16:49] <remote> i'm having troubles compiling compat-wireless on ubuntu-server, did anyone else do it?
[16:50] <remote> first i was having errors about /lib/modules/`uname -r`/build that didn't exist even though i had the kernel source and kernel headers installed
[16:53] <dholbach> hi guys
[16:54] <dholbach> could it be that dovecot's reload script (that is triggered after upgrades) does leave the services in a state where they're not listening or something?
[16:54] <dholbach> maybe it's a configuration issue at my place, that could very well be
[16:54] <f00fSteR> hey guys
[16:55] <f00fSteR> i'm trying to start a new server instance for this one contract
[16:55] <f00fSteR> now i set the internal static address ...
[16:55] <dholbach> I usually test with  sudo lsof | grep DEL  to find out if "old libraries and stuff are still loaded" and things were fine
[16:55] <f00fSteR> like a 192.168.0.4 as the internal
[16:55] <f00fSteR> but for an external ip address i cant seem to configure anything
[16:56] <f00fSteR> i tried changing the /etc/networking/interface file to include the seconbd external static ip with the name server but notthing
[16:56] <f00fSteR> any suggestions guys ?
[16:59] <jjohansen> smoser, erichammond: EC2 kernel status meeting
[17:00] <smoser> woohoo
[17:00] <smoser> http://paste.ubuntu.com/280496/
[17:00] <jjohansen> uh oh, smoser  is excited about it, must have a bug :)
[17:01] <smoser> no, i'm just excited that jjohansen is back
[17:01] <jjohansen> hehe
[17:01] <jjohansen> so basically I don't have much status
[17:02] <jjohansen> I am going to try to finish bisecting the ec2 virtual style config this morning
[17:02] <f00fSteR> jjohansen: hrmm... i'm in this too
[17:02] <jjohansen> rtg committed zuls tty patch, so hopefully we will have log messages now
[17:03] <jjohansen> f00fSteR: cool, welcome
[17:03] <smoser> jjohansen, so the big things are that bug 434755 and bug 431103 are marked as "fixed released", but we dont have an official build with them
[17:04] <smoser> if possible, i'd like to get one, and get it published. that way, in case you dont finish the bisecting by beta, we'll have these 2 bugs fixed in beta
[17:04] <smoser> with officially built kernels
[17:04] <jjohansen> smoser: right, I'll ping rtg when he gets back
[17:04] <smoser> and note, that with the AMIs having the kernel modules in them, bug 428692 is less severe (because the user has loop.ko available)
[17:05] <smoser> i really am happy you're back
[17:06] <f00fSteR> hrmm
[17:06] <f00fSteR> lol
[17:06] <f00fSteR> so anyone know how to set an external static ip on the same interface
[17:06] <f00fSteR> ?
[17:06] <jjohansen> smoser: were you involved in the ec2 installer fiasco at the end of last week?
[17:06] <f00fSteR> where an internal static ip has been set
[17:06] <f00fSteR> ?
[17:08] <jjohansen> f00fSteR: sorry to say I don't
[17:08] <jjohansen> alright anything else we should cover?  Or shall we call this meeting adjourned
[17:09] <f00fSteR> lol
[17:09] <smoser> jjohansen, adjourned is fine.
[17:09] <f00fSteR> maybe... setting up two static ip's on a single interface
[17:09] <f00fSteR> FUCK!
[17:09] <f00fSteR> lmfao
[17:09] <smoser> ec2 installer fiasco ? i think you mean uec
[17:10] <Pici> !language | f00fSteR
[17:10] <jjohansen> smoser: err yeah
[17:10] <smoser> i didn't follow it too much
[17:10] <jjohansen> and fiasco as in crunch
[17:10] <jjohansen> smoser: ah, me neither except my machine got drafted into service :)
[17:11] <smoser> f00fSteR, maybe look at https://wiki.ubuntu.com/UEC/Images/Testing , search for eth0:0
[17:11] <smoser> jjohansen, i now have some hardware for testing UEC, but have been bogged down in ec2 stuff to deep to attempt setting up.
[17:12] <jjohansen> smoser: good to hear you have hardware,
[17:13] <erichammond> smoser: Can we get AMIs published with all the latest fixes?  Jono says Jorge's got testers working and it would be nice to make sure they're testing the best we have.
[17:13]  * jjohansen completely understands being bogged down
[17:13] <smoser> erichammond, actually...
[17:13] <smoser> let me see if they're public, but i have some up there.
[17:14] <f00fSteR> smoser: dude thanks :)
[17:16] <smoser> erichammond, can you see ami-28a34041 ?
[17:16] <erichammond> smoser: Yes, 20090926
[17:17] <smoser> .1
[17:17] <erichammond> yes
[17:17] <smoser> and i just made ami-24a3404d public.
[17:18] <smoser> so those are the latest. i'm not aware of any fixes outside of what they have
[17:18] <smoser> US-i386-karmic: ami-28a34041
[17:18] <smoser> US-x86_64-karmic: ami-24a3404d
[17:18] <smoser> there are no EU ones for those.
[17:18] <erichammond> smoser: Cool.  Can you make sure Jono/Jorge are aware of what should be tested?  I'm not sure how the communication works there or who's in charge.
[17:19] <smoser> yeah
[17:19] <smoser> hopefully we'll get a new kernel build from jjohansen sometime today and i'll get that uploaded / tested and attached to a nightly
[17:19] <zul> smoser: there is a new version of ec2-api-tools out ill package and get a FFE for post-beta
[17:20] <erichammond> zup: yippee!
[17:20] <erichammond> zul: Any chance it can get into pre-Karmic releases, too?
[17:21] <smoser> ppa releases would be easy
[17:22] <smoser> erichammond, please see my comment in bug 414997
[17:22] <smoser> i expect i know your feelings, but would like your thoughts
[17:23] <erichammond> smoser: Yes, I've been reviewing it based on your note on #ubuntu-ec2
[17:23] <zul> erichammond: we'll see
[17:26] <erichammond> smoser: I think you've found the correct place to document the behavior if the file is overwritten on first boot.
[17:27] <erichammond> smoser: The primary concern I have is for users who append PPAs to /etc/apt/sources.list
[17:28] <erichammond> It would probably be more appropriate for them to be creating additions under /etc/apt/sources.list.d/ which I've just started doing myself.
[17:31] <erichammond> smoser: Did you find anybody else who supported overwriting sources.list on rebundled AMIs?
[17:40] <smoser> i've not gone asking much, erichammond (other than that bug)
[17:42] <mathiaz> Nafallo: hey - are you still working on bug 127836?
[17:43] <Nafallo> mathiaz: not really, no.
[17:44] <Nafallo> mathiaz: went with another backup solution IIRC.
[17:44] <erichammond> smoser: If folks feel that this is an area where it's really worth breaking existing users' code when they migrate, then I can help spread the word.  I'm just pushing for as smooth a migration plan as possible.
[17:44] <mathiaz> Nafallo: ok - I'll unassign you from the dapper task then
[17:45] <Nafallo> kewl.
[17:45] <erichammond> smoser: I think you solved the problem for people who are paying attention which is good.
[17:47] <smoser> erichammond, i'm glad you're reasonably ok with the idea
[17:47] <erichammond> smoser: If I didn't tell the person building my company's AMIs, the process would break and he'd have to track it down, but he would probably figure it out when he went to look at sources.list
[17:47] <smoser> i wish soren were around. i feel like its rude to put this change in (and get it into beta) in his absense
[17:47] <smoser> erichammond, right
[17:55] <baffle> smoser: Where is soren?
[17:59] <smoser> I dont really know details, but he's out at the moment
[18:04] <kutukepik> hi all
[18:05] <kutukepik> anyone have a hand on tutorial for ubuntu-server esp cloud
[18:09]  * biczd ola
[18:10] <eliaswimmer> hello, i'm playing around with kvm/vmbuilder, therefor i wanna know if it is possible to specify a "use all available space" parameter in the partition file
[18:13] <smoser> erichammond, regarding above, i think at this point, my suggested code change isn't warranted.  i think simpler to just modify the .tmpl files.
[18:13] <smoser> if we find that we have a bunch of them in the future, and such maintenance is a pain, we could do something like my patch
[18:15] <smoser> or maybe it is. i dont know.
[18:16] <smoser> 6 in one half a dozen in the other
[18:24] <erichammond> smoser: I haven't thought much about the locale, but wonder if a comment is less likely to be noticed.  I don't even know what file it would be found in.
[18:25] <smoser> well, the file you would be changing if you were changing the locale
[18:25] <smoser> (/etc/default/locale)
[18:25] <smoser> my guess is its not often changed. we set it based on region
[18:26] <smoser> us = en_US.UTF-8 , eu = en_GB.UTF-8
[18:27] <smoser> (in ec2init/__init__.py)
[18:27] <erichammond> Yeah, and there were no particularly good reasons for choosing those except that we had to choose something.
[18:27] <erichammond> So if the user has made a selection, perhaps it is even less beneficial to arbitrarily overwrite the change.
[18:27] <smoser> right. so, you get the queens english or US
[18:28] <erichammond> If somebody wants Hungarian on a server in Washington, they are not likely to want en_GB on a server in Dublin.
[18:28] <smoser> this is actually a reasonable example
[18:29] <zul> smoser: can you test out the new ec2-api-tools in my ppa when it builds
[18:29] <smoser> especially since it appears to me that the user sets that not by editing the file (which would work) but by running 'update locale <locale>'
[18:29] <smoser> err... update-locale
[18:29] <erichammond> When I build images it looks like I update /etc/default/locale and run "localdef"
[18:30] <erichammond> But I'm sure I just copied this from some sample I found somewhere.  I'm not a locale expert.
[18:30] <smoser> yeah. ec2-set-defaults does
[18:30] <smoser> locale-gen and then update-locale
[18:33] <smoser> even here, though, if the user is making that change, they can easily change the template file. i agree, it kind of sucks that it will break out of the box if you didn't know about the template file.
[18:34] <smoser> the same case could be true for modifying /etc/apt/sources.list, but I think the user is more likely to be modifying that file with an editor (rather than a tool)
[18:38] <erichammond> smoser: In my experience changes to sources.list are generally made with commands which append or a system like Puppet to overwrite so the user will not see the comment.
[18:38] <erichammond> smoser: But I'm glad you see that it sucks to break what the user has done :-)
[18:40] <smoser> well, if they're done with puppet, you think they're then re-bundled ?
[18:41] <smoser> i would have thought puppet changes would have been done to a installed instance, and then the thing wihch does rebundling or reates the master would be handled differently
[18:43] <smoser> so, i think the gist of all of this is that the template system is a more powerful system, and has good reason for existance.
[18:43] <smoser> not re-generating on every "first boot", means the user loses the power that the templating system gained us
[18:45] <smoser> and, as i pointed out, simply overwriting only if the file is different from the one you *would* write isn't sufficient, as it doesn't take into consideration the fact that the user is only able to write one file, while the template system outputs multipel based on environment conditions.
[18:46] <erichammond> smoser: For some of our images CampusExplorer.com generates the base image using puppet and rebundling.  When the instance is started it runs puppet again to bring the system up to date and apply any local configuration changes.
[18:46] <erichammond> The reason we do this is that the initial setup takes about 4 hours.
[18:47] <smoser> interesting.
[18:48] <erichammond> smoser: I think the template system is nice, and users should be encouraged to use it where they can take advantage of it.  I still would lean towards not breaking user changes to get them to notice the template system :)
[18:49] <smoser> so then, i think maybe best to do a combination of the two.
[18:49] <smoser> do not overwrite if different than would be generated
[18:49] <smoser> that is "safe"
[18:50] <smoser> but also put headers in those files about the primary source
[18:52] <dassouki> i just got some hosting on a ubuntu server (linode), it's meant to be for an opensource project. I'm gonna give access to some users, what are some of the ways i can create groups, give access, to people so they can only access for example svn, their home folder, and postgresql connection ?
[18:53] <smoser> but even that solution stinks. because the, the user almost *can't* take advantage of the templating system. because any file they write, and include in their rebundled image is going to be seen by ec2-set-defaults as "different" in some cases, thus making the existing file the one that is used.
[18:54] <smoser> the only solution to that is for the user to delete the generated file before building (or otherwise indicate "please overwrite this all the time")
[18:55] <smoser> i can't come up with a way to allow the user to take advantage of the templating and intelligently not overwrite their decision.
[19:00] <jacovt> Hello guys.
[19:00] <mathiaz> smoser: how are the templates structured?
[19:01] <mathiaz> smoser: is there a place for the user to define their own templates?
[19:01] <jacovt> Trying to get an answer in #kerberos for this without much luck, hoping there is a kerberos geek in here...
[19:01] <smoser> they can modify existing templates
[19:01] <mathiaz> smoser: where are these templates located?
[19:01] <smoser> but cannot control the input to the template rendering
[19:02] <smoser> /etc/ec2-init/templates
[19:02] <mathiaz> smoser: so what's the use case you're trying to solve?
[19:02] <smoser> ec2-set-defaults reads from there, and writes to the actual location
[19:03] <smoser> well, the use case that the template system is designed to provide is that we wish to use a different mirror in EU and US
[19:03] <jacovt> I want my notebook to authenticate agains 2 different kerberos realms, one at home and one in the office. These networks are not connected. If I take a look at the default krb5.conf it seems there are multiple realms defined, and I have my own realms aswell. Is it possible to authenticate against my home realm when I am at home and the work realm when I am at work using the same notebook?
[19:03] <smoser> so sources.list has "mirror" in it, that ec2-set-defaults renders to the correct ec2 internal mirror for that region
[19:04] <smoser> the issue that the bug raises is that this decision happens only "once ever". so if a user re-bundles, they're stuck with the output of that first run.
[19:04] <smoser> they will no longer get magical optimized settings of sources.list
[19:04] <mathiaz> jacovt: yes - if you use the kinit command to get a ticket for login@HOME_REALM or login@WORK_REALM
[19:04] <mathiaz> jacovt: however gdm won't support that IIRC
[19:05] <jacovt> mathiaz: Ah, thanks. But GDM?
[19:05] <jacovt> ah.
[19:05] <jacovt> lol.
[19:05] <smoser> however, there is the possibility that they've mdoified sources.list (adding a line) and rebundled, but hopeed that that line would be in the new instance.  if ec2-set-defaults runs in their new image, it would blow away their changes.
[19:05] <mathiaz> jacovt: you could try to login via gdm as login@REALM
[19:05] <jacovt> mathiaz: Do you know if its do-able via PAM ?
[19:05] <mathiaz> jacovt: but I don't that would work
[19:05] <mathiaz> smoser: how about leveraging source.list.d?
[19:05] <jacovt> mathiaz: Was kinda hoping for a transparent solution. :)
[19:06] <smoser> that solves for a single case. and yes, the usre should use that, but they may not.
[19:06] <mathiaz> jacovt: well - you'll always need to give the realm you want authenticate against
[19:06] <erichammond> mathiaz: Some use cases are listed in bug 414997.  smoser and I differ (politely) in our opinions of which uses cases might be more frequent and how severe the risks are for each.
[19:06] <smoser> right now, the templating system only deals with /etc/default/locale and /etc/apt/sources.list
[19:07] <smoser> and i disagree violently with erichammond's assertion that we disagree politely.
[19:08] <smoser> well, ok, i dont.
[19:08] <erichammond> :)
[19:08] <erichammond> I have to run, so I won't be able to defend my position, but I think I put most of it in the bug.
[19:08] <smoser> in the end, i dont think its really a big deal at the moment
[19:08] <jacovt> mathiaz: Well, I was hoping to do away with the krb5.conf completely, use srv and txt records for DNS to identify the kdc for the domain that is given to the notebook via DHCP (so it will auto lookup the kdc) and then just have pam authenticate agains whatever comes back for the domain. But I dont suppose its that easy.
[19:09] <smoser> as if you want the stuff re-run in the new bundle, you can just remove the semaphore ".ever" file
[19:09] <smoser> so maybe i would even agree that the best thing to do is to document *that* and otherwise leave code alone
[19:10] <mathiaz> jacovt: it should be possible - if you trust your dns system.
[19:11] <mathiaz> jacovt: I'd have a look at the pam_krb5 documentation and the krb5 documentation
[19:12] <jacovt> mathiaz: I looked at it, saw a lot about cross-realm auth, but that seems to imply that I need to create trust between the 2 networks, which is nt possible.
[19:14] <mathiaz> smoser: why not put the ec2 mirror information in /etc/apt/sources.list.d/?
[19:15] <mathiaz> smoser: ie in /etc/apt/sources.list.d/ec2-mirror
[19:15] <mathiaz> smoser: and leave the sources.list untouched
[19:15] <mathiaz> smoser: or empty
[19:16] <|rt|> hey guys I just mentioned this in #ubuntu but this is probably more server related than desktop related
[19:16] <|rt|> in this case /etc/init.d/README suggests that you use update-rc.d to add init scripts to runlevels bu the man page for update-rc.d says that users should use sysv-rc-conf or bum should I file a bug to get the README updated to be in line with the man page
[19:17] <smoser> i tihnk there are several reasonable solutions for /etc/apt/sources.list, and that that is one of them (not one i'd thought of). the bigger problem is more generic, but since we only have 2 files, its not that big of a deal.
[19:18] <smoser> i think the solution i like best is to change nothing. if the user wants files regenerated after rebundle then they remove the semaphore ("already ran that") files.
[19:18] <mathiaz> |rt|: on which version of ubuntu do you see that?
[19:18] <|rt|> mathiaz: on 9.06
[19:18] <|rt|> or 04
[19:19] <mathiaz> |rt|: this has already been fixed in karmic - http://manpages.ubuntu.com/manpages/karmic/en/man8/update-rc.d.8.html
[19:20] <mathiaz> smoser: agreed - supporting a .d/ include mechanism is usually the best way around that
[19:20] <|rt|> mathiaz: yeah looks like it....then no need to file a bug
[19:21] <mathiaz> smoser: you drop file in there and you can add comment to not touch it
[19:21] <smoser> i think even then you still have an issue if the user *wants* to touch it
[19:21] <smoser> ie, they do not like your selection of a mirror
[19:21] <mathiaz> smoser: that's fine - they can delete the ec2-mirror file
[19:22] <mathiaz> smoser: and if the /etc/apt/sources.list.d/ec2-mirror doesn't exist, don't regenerate it
[19:22] <mathiaz> smoser: if it's there, update it
[19:22] <mathiaz> smoser: always
[19:23] <smoser> i think that works reasonably well there.
[19:33] <erichammond> Who runs keyserver.ubuntu.com? It does not seem to be responding to apt-key commands or to links from launchpad PPAs like http://keyserver.ubuntu.com:11371/pks/lookup?search=0xEC3735E12A0C5C1B98F0CF350EC7E508BE09C571&op=index
[19:34] <erichammond> I was about to add commands to my EC2 instance startup (and recommend them to the world) which would require that keyserver.ubuntu.com be available, but if it's not considered a high-uptime server I'll have to adjust.
[19:39] <mathiaz> Ng: ^^?
[19:43] <smoser> erichammond, i dont know the correct answer. i've seen it have issues before, but it is a fairly important service
[19:52] <erichammond> I've been having problems since yesterday or before, but just tracked it down to the keyserver.
[19:52] <smoser> erichammond, if you agree with my most recent comment in that bug, please go ahead and comment to that affect. if anyone here disagrees with it, do the same.
[19:53] <smoser> err.. i see your response. hold on.
[20:03] <erichammond> Eek, what is "127.0.1.1 $hostname" still doing in /etc/hosts in the EC2 template?
[20:05] <smoser> it doesn't get used
[20:05] <erichammond> and /etc/hostname
[20:05] <erichammond> Yes, this is showing up in /etc/hosts on the Karmic Alpha6 AMI: 127.0.1.1 ubuntu.canonical.com ubuntu
[20:05] <smoser> that file istn used, so we probably should delete it from ect-init to avoid confusion
[20:06] <smoser> yeah, that gets written by vmbuilder
[20:06] <smoser> not by ec2-init
[20:06] <smoser> i thought you had opened a bug at once point, but couldn't find anything
[20:06] <smoser> you have a reference ?
[20:06] <erichammond> smoser: Me too
[20:07] <erichammond> I can't spend time on this right now, but these two files should be fixed/removed.
[20:09] <smoser> bug 316201 and bug 402273 i find now.
[20:12] <smoser> and one of those points to bug 407861
[20:15] <erichammond> smoser: Thanks for the research. So my "eek" was appropriate.  "Fixed" bugs popping up again are the worst.  One reason I like automating tests, especially for previously reported bugs.
[20:16] <smoser> i dont think it was ever fixed
[20:19] <smoser> the last comments in bug 407861 indicate that soren wanted to leave /etc/hostname with 'ubuntu' in it. it seems not to have side effects.
[20:19] <smoser> and for /etc/hosts, soren suggested opening a bug, which never got opened.
[20:35] <xt3mp0r> Any idea how i can make my tinyproxy(running on my ubuntu VPS) undetectable as a PROXY.. !?!!!?!?
[20:37] <g-hennux> hi!
[20:37] <RoyK> hi!!!
[20:37] <g-hennux> why does the python-vm-builder package have sooo many dependencies? (postfix? mysql? subversion?)
[20:37] <g-hennux> i don't actually want any of that on my vm server
[20:38] <RoyK> perhaps the designers thought that was good
[20:38] <RoyK> it'll just take a handful of megabytes
[20:38] <RoyK> you can stop the services after they have been started or you can install the stuff by hand - your choice
[20:40] <xt3mp0r> Any idea how i can make my tinyproxy(running on my ubuntu VPS) undetectable as a PROXY.. i tried looking a manpages..nothing helpful
[20:45] <sub> xt3mp0r: You probably want to use the "Anonymous" directive, if the config format hasn't changed you add lines similar to: "Anonymous Header1", "Anonymous Header2", "Anonymous HeaderN" where HeaderN is the name of the header you want to ALLOW through
[20:46] <sub> xt3mp0r: The example my config file has is located here: http://pastebin.com/da341278
[20:48] <xt3mp0r> sub: Thanks :)
[20:48] <xt3mp0r> giving it a try now
[21:01] <jthomas_sb_> Whenever I run any command on a Jaunty server setup I get errors that begin with "perl: warning: Setting locale failed." and there are a few more line.  I can pastebin the whole thing if it matters.  How can I fix this??
[21:03] <xt3mp0r> sub: I tried it, but didn't help me out.. i can still see the message "Possible Proxy Detected: 1.1 tinyproxy (tinyproxy/1.6.3)" when i go at whatismyip.com :s
[21:04] <qman__> jthomas_sb_, I probably can't help with that specific problem, but the whole error does matter, every time. You really should pastebin it.
[21:04] <sub> jthomas_sb_: Try installing the appropriate language pack, ie: sudo apt-get install language-pack-en for english
[21:06] <jthomas_sb_> i assumed it was a common error since this is a clean install.  here it is: http://pastebin.ca/1583110
[21:06] <qman__> xt3mp0r, using an alternate port may help
[21:08] <jthomas_sb_> sub that did it, thanks.
[21:09] <g-hennux> i am amazed by how much stuff works in ubuntu server "out of the box" concerning virtualization
[21:09] <g-hennux> e.g. bridging, this dnsmasq thingy etc
[21:10] <g-hennux> just one thing: i want the dnsmasq server to return some additional hostnames (i.e. it should host the names of the virtual machines). any way to do that?
[21:10] <xt3mp0r> qman__ : Tried it, still the same.
[21:15] <sub> g-hennux: I think dnsmasq might parse /etc/hosts for that, so you could try that
[21:16] <g-hennux> sub: yeah, just read that, thank you
[21:31] <davmor2> guys quick query on uec node is it meant to just spit the cd and reboot regardless.  Normally the cd is spat out and you're asked if you want to reboot.
[22:29] <manusoftar> Guys, How do I allow connections from the outside in postfix? I've tried 0.0.0.0/128 though I'm sure I'm doing something wrong.
[22:29] <manusoftar> Connecting from the localhost is allowd.
[22:29] <manusoftar> The firewall is set to forward incoming requests to the correct PC, and it's been proven working
[22:29] <manusoftar> When I do dpkg-reconfigure I'm sure I'm messing up  in that stge
[22:30] <manusoftar> sed 's/stge/stage/g'
[22:41] <g-hennux> hi!
[22:42] <g-hennux> i have a problem with my kvm virtual machines: i'm using this virt-manager and can start them and say "open" and then sit directly in front of the console, i.e. see boot messages etc. however, once the console blanks (after a couple of minutes of inactivity), i get the message "connecting to console for guest", but cannot interact with the vm any more.
[22:42] <g-hennux> then how is it possible to get this console back?
[22:43] <g-hennux> i tried "console kvmtest" from the virsh, but get "no console available for the domain"
[22:43] <g-hennux> ssh'ing still works
[22:47] <reya276> how can I setup multiple websites on the apache server? I have internal IP addresses which are pointed to a NAT.
[22:48] <reya276> On IIS I would create the virtual website then assign the IP address and Hostname. On Apache I created a virtual host with the IP address and hostname but the site does not show. Is there additional config which I need to do to a host file of the system or something and if so where can I find this file.
[22:50] <Daviey> Is the -pae kernel karmic server default?
[22:55] <jthomas_sb_> reya276 where did you create the apache2 config file?  and, have you linked it to /etc/apach2/sites-enabled/ (or used a2ensite _sitename.com_ ?)
[22:55] <jthomas_sb_> i meant, linked it to /etc/apache2/sites-enabled/
[22:55] <reya276> no, I'm new to apache as I've always used IIS
[22:56] <jthomas_sb_> ok, where did you create the config file?
[22:56] <reya276> if you could walk me step by step on how to do this it would be great
[22:56] <jthomas_sb_> i have 5 minutes, but it may be enough
[22:56] <jthomas_sb_> where did you create the config file?
[22:56] <reya276> no right now I deleted the virtual host
[22:56] <jthomas_sb_> ah.  ok... are you running on a command line or with a gui ?
[22:56] <reya276> the website domain is www.finrcvgrp.com
[22:57] <reya276> using webmin
[22:57] <jthomas_sb_> sorry can't help you there then.  i don't know webmin at all but i've heard that it's full of security holes, I don't know for sure though.
[22:57] <reya276> but I can do command if you give me the command
[22:58] <jthomas_sb_> there is more to it than that; command line means you know some command-line editors like vim or nano or something.
[22:58] <reya276> nano
[22:58] <reya276> I have used that
[22:58] <reya276> sudo nano /etc/filename
[23:00] <reya276> on webmin there is a tab which allows me to create a virtual host then I can pastebin for you so you can see what it looks like
[23:01] <jthomas_sb_> ok so, i have to go but:  use nano to edit a file like this (no quotes) :  'nano /etc/apache2/sites-available/www.finrcvgrp.com '  In that file set up <VirtualHost 123.IP.Add.Ress:80> blah blah documentroot /var/www/folder/to/htdocs/  blah blah </VirtualHost>  Then at the command line run 'a2ensite /etc/apache2/sites-available/www.finrcvgrp.com '  which links that document to /etc/apache2/sites-enabled/www.finrcvgrp.com   Then restart
[23:01] <jthomas_sb_> apache, 'sudo /etc/init.d/apache2 restart'
[23:02] <jthomas_sb_> sorry i know that is pretty useless, perhaps someone else can assist you more
[23:02] <reya276> is ok, thanks
[23:03] <reya276> jthomas_sb_: I got this error ERROR: No site found matching /etc/apache2/sites-available/www.finrcvgrp.com!
[23:03] <reya276> but I think is /etc/apache2/sites-available/www.finrcvgrp.com.conf
[23:03] <jthomas_sb_> hm maybe just  ' a2ensite www.finrcvgrp.com '
[23:04] <jthomas_sb_> perhaps it looks in the right place and doesn't need to full path
[23:04] <jthomas_sb_> note that thie really requires that the file exists :)
[23:05] <jthomas_sb_> to restart apache2 you can also try 'apache2ctl -t' to test, and 'apache2ctl -k graceful' to (re)start the server, reya276
[23:06] <jthomas_sb_> webmin may not put the apache2 config files in /etc/apache2/sites-available/  i am not sure
[23:06] <jthomas_sb_> gotta go
[23:06] <JanC> webmin is evil...
[23:06] <reya276> no is there but it is called www.finrcvgrp.com.conf
[23:07] <jthomas_sb_> lol ok use that file name for a2ensite
[23:07] <reya276> JanC: I understand but I have no experience with command line
[23:07] <g-hennux> is there any howto what i have to do (concerning port forwarding etc) if i want to have port 80 of my kvm guest be available from the outside of the kvm host?
[23:07] <jthomas_sb_> reya276 no worry, you'll get there if you want to :)
[23:08] <reya276> jthomas_sb_: ok that gave me a msg "Site www.finrcvgrp.com.conf already enabled"
[23:08] <JanC> reya276: learn to use a linux server at home before you put one on-line, and you won't need webmin
[23:09] <reya276> JanC: I do use Ubuntu at home, just never tried to configured a server before besides this is the time I'm taking to learn it
[23:09] <reya276> JanC: 3 kids at home and a nagging wife is not a fun time to do this