/srv/irclogs.ubuntu.com/2009/10/02/#ubuntu-server.txt

zzz2009	Hi, I trying move my servers from fedora to ubuntu, and am looking for advice on setting up the disks, each machine has 2tb.	01:05
zzz2009	I have currently partioned as follows: 250mb /boot raid 1, 4gb swap raid 0, 40gb /tmp raid 0 nosuid, noexec, 200gb / raid 0, 1.2 tb /data	01:07
zzz2009	i'd like to use the /data as storage pool and was wondering if there is some way of sub-allocating it to /var and /home	01:08
=== orudie___ is now known as orudie
Jagged	zzz2009: why no have 1.5 tb in raid0 and use lvm?	01:17
Jagged	*not	01:17
zzz2009	jagged: as far as I can see LVM is not an option when etting up 9.04	01:20
zzz2009	jagged etting = setting	01:20
Jagged	it is	01:20
Jagged	go into manual partitioning	01:20
zzz2009	jagged: doesn't show up in my setup	01:20
Jagged	after you dedicate your boot and swap md devices, you should be able to create the last md and specify "LVM" for "Use as"	01:21
Jagged	that will in turn give you another option for setting up your lvm	01:22
zzz2009	jagged: Of course he says hitting forhead on ground, forgot the use as LVM, back to drawing board	01:24
zzz2009	jagged: thanks	01:24
Jagged	Anytime :D	01:24
zzz2009	quit	01:25
zzz2009	How does one exit IRc politly	01:26
zzz2009	#bye	01:27
Jagged	/quit	01:28
Jagged	/quit So long and thanks for all the fish!	01:28
=== dendro-afk is now known as dendrobates
=== dendrobates is now known as dendro-afk
zzz2009	I know that the linux gurus generally disapprove of GUIs on servers, however I would like to install a GUI at least until i hae fully configured this server. ? which GUI would the peole here recommend?	02:13
=== dendro-afk is now known as dendrobates
=== Jagged_ is now known as Jagged
ewrjiwor	!ops	02:56
ubottu	Help! Channel emergency! infinity, soren, lamont, mathiaz or tom	02:56
ewrjiwor	Ban me	02:56
ball	oh good.	03:00
=== dendrobates is now known as dendro-afk
=== dendro-afk is now known as dendrobates
zul	smoser: ill upload your ec2-ami-tools patch tomorrow	03:14
maxagaz	how to cat a file and color a given word in the output ?	04:47
jmarsden	maxagaz: egrep --color=auto word afile	04:49
blue-frog	grep	04:49
maxagaz	jmarsden, egrep cuts my output	04:52
jmarsden	Sure it does. Oh, you want to see all lines of output? I guess you could use sed and put the escape sequences for color around the word that way?	04:53
maxagaz	jmarsden, good idea	04:53
jmarsden	bold=$(tput smso); nobold=$(tput rmso) ; sed -e "s/WORD/${bold}WORD${nobvold}/" filename	05:03
maxagaz	does someone know how to set the color of searched strings with the command less ?	07:31
jmarsden	maxagaz: It uses whatever your termcap entry does for smso (enter standout mode) I think... so you could create a custom termcap entry if you really had to :) Or if the term is a terminal emulator such as xterm or exvt you can probably do something appropriate in the .Xresources file to change what color standout mode is displayed as...	07:40
jmarsden	Seems weird to care that much.. as long as standout mode stands out, does it really matter what color it is?	07:40
jmarsden	less +/word filename # should highlight word in the file filename ...	07:42
jmarsden	maxagaz: ^^	07:42
maxagaz	jmarsden, i wanted some customized colors	07:45
jmarsden	maxagaz: A little googling found: http://nion.modprobe.de/blog/archives/572-less-colors-for-man-pages.html	07:47
jmarsden	Which basically does it by setting the termcap entries in variables... should be workable for you?	07:48
maxagaz	jmarsden, that's exactly what i needed, thanks a lot!	07:54
jmarsden	No problem.	07:54
maxagaz	jmarsden, how did you google that ?	07:54
jmarsden	I searched for less colors and it was the first entry returned :)	07:55
maxagaz	jmarsden, ok, i tried "less color" it was in 3rd, i missed it ;)	07:56
=== dendrobates is now known as dendro-afk
Bilge	How can I make the kernel modules stuff work?	08:58
Bilge	/proc/modules doesn't exist	08:58
Bilge	After running depmod, modprobe -l returns nothing	08:58
jmarsden	Bilge: Is your /proc filesystem mounted? What does mount -t proc output?	09:00
=== Axims_ is now known as Axims
twb	jmarsden: good heavens, I never knew of that usage.	09:11
twb	jmarsden: I always just cat or grep /proc/mounts (or mtab, if proc isn't available).	09:11
jmarsden	twb: Learn something new every day :) I sometimes do mount -t ext3 if I only care about "real" filesystems... in this instance it is the reverse...	09:11
twb	I also don't trust /etc/mtab because on some of my systems where chroots are used heavily, it regularly lies.	09:13
atomic_1	dammit, security.ubuntu.com is stuck again	09:13
atomic_1	curse that samba bug :)	09:14
twb	Seemed like a pretty severe bug	09:18
spiekey	Hello!	09:29
spiekey	i need to bridge eth0 and tap0 ...so i get br0: http://pastebin.com/da6f917	09:30
spiekey	is there a way to rename eth0 to peth0 and to keep eth0 as a bridge?	09:31
spiekey	problem: if eth0 changes to br0 i need to adjust iptables, configs...all based on "eth0"	09:31
twb	Fortunately you keep those under version control, so it is not difficult.	09:32
uvirtbot	New bug: #440440 in samba (main) "On regular system update, samba asked what to do with different smb-conf files. I cliked the last option ("open ??? with external application"(?)) and it hanged up." [Undecided,New] https://launchpad.net/bugs/440440	09:36
kosolapiy	Hi all!	09:43
kosolapiy	can some one help me with ubuntu server?	09:44
kosolapiy	please?	09:44
uvirtbot	New bug: #437014 in eucalyptus/1.6 "excessive number of CLC sockets to the backend cause the system to stop updating state" [High,Fix committed] https://launchpad.net/bugs/437014	09:48
_ruben	!ask	09:50
ubottu	Please don't ask to ask a question, simply ask the question (all on ONE line, so others can read and follow it easily). If anyone knows the answer they will most likely reply. :-)	09:50
=== Visigoth_ is now known as Visigoth
Bilge	jmarsden: sure it's mounted	09:57
twb	_ruben: !anyone would've been more appropriate	09:57
Bilge	jmarsden: proc on /proc type proc (rw,noexec,nosuid,nodev)	09:59
Bilge	There's just no /modules	09:59
Bilge	Come to think of it, I think my hosting provider builds a custom kernel	09:59
jmarsden	Bilge: I'm guessing at this point... Did you compile your own kernel without module support??	10:00
jmarsden	Ah, did the provider do that? :)	10:00
Bilge	I'm with OVH who may mod the distro	10:00
Bilge	:(	10:00
Bilge	So what are my options?	10:00
jmarsden	I'd ask them about it. If they really gave you a kernel with no module support, you can't load modules, period, running that kernel.	10:01
Bilge	Can I not rebuild the kernel remotely	10:01
jmarsden	Sure, but if they did that they probably did other things... so there is little guarantee your new kernel will run in their (virtual hosting?) environment...	10:02
Bilge	It's a dedicated server	10:02
jmarsden	OK. And do you have remote access to the console or serial port, or a way to do remote reboots? if so you can try installing the default Ubuntu server kernel and booting that, and see what happens...	10:03
Bilge	I can do remote deboots	10:03
Bilge	reboots	10:03
Bilge	Only access to the server is via SSH though	10:03
Bilge	There's a web interface to administer hard reboots to the hardware	10:04
jmarsden	Um... so how would you recover from an attempt to boot a bad kernel? I think you may be stuck...	10:04
Bilge	I might order a new box and migrate to that	10:04
Bilge	So that flagrant errors won't be a problem	10:05
Bilge	Just so long as I know remote kernel deployment is possible	10:05
jmarsden	Oh sure, you can compile or install a new kernel and set up grub to use it and reboot.	10:05
kwork	drac for the win	10:05
kwork	or some other decent remote admin card	10:06
kwork	via what you can install op sys :)	10:06
Bilge	jmarsden: OK I'm ordering a new box	10:10
Bilge	How do I actually build the stock Ubuntu kernel	10:10
jmarsden	Easier to just apt-get install it, I would think.	10:12
Bilge	Well sure, whatever works	10:14
Bilge	I'm not looking to make things more difficult than they need to be	10:14
jmarsden	So just do that.	10:15
Bilge	I am, however, looking for how to do it, because I really have no clue when it comes to kernel swapping	10:15
jmarsden	sudo apt-get install linux-image-server	10:15
jmarsden	It's no different from installing other packages...	10:15
uvirtbot	New bug: #440457 in samba (main) "when updating to jaunty i couldn't j keep my current version of samba" [Undecided,New] https://launchpad.net/bugs/440457	10:16
jmarsden	Then check /boot/grub/menu.lst to see which kernel will boot by default, and edit it if necessary.	10:16
Bilge	No doubt, but I don't know how I'm supposed to find out the package name	10:17
Bilge	It strikes me as being one of those things that you either know or you don't	10:18
atomic_1	apt-cache search linux-image	10:19
jmarsden	Same as for other packages too: dpkg -S /boot/vml* will display the name of the package that contains the file... sounds like you need to learm a lot more about apt and dpkg	10:19
atomic_1	or dpkg -l \| grep linux-image ;)	10:19
jmarsden	atomic_1: As I said ... apt and dpkg :) In other words, this is package management, not anything super kernel-specific.	10:20
atomic_1	yeah, its easy as pie	10:21
jmarsden	Pie is more tasty :)	10:21
Bilge	You're not actually telling me anything I didn't already know, there, but I still wouldn't know to server for linux-image or /boot/anything because I know nothing about the kernel or booting	10:21
atomic_1	funny behaviour though, regular apt-get upgrade does not upgrade to a newer kernel, its kept back	10:21
atomic_1	but once you do it manually	10:21
Bilge	server = search	10:22
atomic_1	every other upgrade will include a newer kernel build, if there is one in the repo	10:22
jmarsden	Bilge: So, did it work? Have you rebooted yet? I need to go to bed, it is 2:24am here...	10:24
Bilge	I thank you for your help, but you have no responsibility to assist further ;)	10:26
Bilge	By which I mean, don't let me keep you	10:26
jmarsden	OK... do you need to backup a ton of data from one server to the new spare one first?	10:26
Bilge	I don't know yet because the delivery of the box takes time	10:26
Bilge	Few hours, but more than you can spare I'm sure	10:26
Bilge	I will need to migrate a lot of settings	10:26
jmarsden	Ah, OK. Then yes, I should get some sleep. Goodnight all.	10:27
Bilge	Thanks again	10:27
jmarsden	No problem.	10:27
Bilge	I'm sure it will be fine	10:27
tarvid	any default support for saving and restoring iptables?	10:33
_ruben	iptables-save > /some/file ... iptables-restore < /some/file	10:36
tarvid	is there nothing for /etc/init.d?	10:37
_ruben	!ufw	10:37
ubottu	Ubuntu, like any other linux distribution, has firewall capabilities built-in. The firewall is managed using the 'ufw' command (see https://help.ubuntu.com/community/Uncomplicated_Firewall_ufw), or 'iptables' (https://help.ubuntu.com/community/IptablesHowTo). GUI applications such as Firestarter/Gufw (Gnome) or Guarddog (KDE) also exist	10:37
_ruben	ufw does have an init script	10:37
tarvid	ufw did not play well on my first foray and I'd just as soon write my rules	10:38
AlexC_	g'morning,	10:39
tarvid	fwbuilder corrupts display on my workstation, works at home sort of	10:39
tarvid	i need nat to work and not much else	10:40
AlexC_	I've got 2 servers, 1 of them is dedicated for email and we'd like to use SMTPS/IMAPS - so we need an SSL cert, however - for what domain do I buy this for? The MX records setup for domains is 'mail.example.com' - however the hostname of the mail server is 'mercury.example.com', (mail.example.com is a CNAME to mercury.example.com)	10:40
atomic_1	+1 for iptables-save & iptables-restore	10:41
atomic_1	put it in rc.local and forget about it	10:41
_ruben	tarvid: if you know how to write scripts for iptables, writing an additional init script would be peanuts	10:41
tarvid	just surprised that this is overloooked in Ubuntu	10:42
atomic_1	fwbuilder adds a lot of stuff that i dont recognize in its scripts	10:42
tarvid	and network-manager threatens to mess with iptables	10:42
_ruben	AlexC_: with any ssl cert (https/imaps/smtps/etc) the name of cert must match the name the client is using to connect to that service	10:42
AlexC_	_ruben, so that would be mail.example.com correct?	10:43
* _ruben is glad there's no default handling of iptables on ubuntu		10:43
_ruben	AlexC_: if that's what the clients will be using, yes	10:43
AlexC_	_ruben, cool, ok thanks	10:43
AlexC_	1 more similar question, DKIM - the 'Domain' entry in /etc/dkim-filter.conf, should that be 'mail.example.com' as well?	10:44
AlexC_	instead of mercury.	10:44
gamla_kossan	could anyone perhaps explain the sandbox mode for do-release-upgrade?	10:47
_ruben	AlexC_: been a while since i messed with DKIM, but i think the domain should be example.com	10:49
gamla_kossan	sigh crap. I'm getting a problem when trying do-release-upgrade. anyone encountered this before?	10:52
gamla_kossan	http://fpaste.org/k5cg/	10:52
gamla_kossan	(googled it but can't seem to find anything useful)	10:52
_ruben	!info network-manager	10:54
ubottu	network-manager (source: network-manager): network management framework daemon. In component main, is optional. Version 0.7.1~rc4.1.cf199a964-0ubuntu2 (jaunty), package size 290 kB, installed size 2080 kB	10:55
_ruben	oh crap .. tarvid already left	10:55
_ruben	its a desktop thing	10:55
_ruben	gamla_kossan: tried running apt-get update && apt-get dist-upgrade prior to it?	10:55
gamla_kossan	_ruben: wait, I want to do that?	10:56
gamla_kossan	I thought dist-upgrade was something that do-release-upgrade made obsolete =)	10:56
* gamla_kossan doesn't know htough		10:56
_ruben	dist-upgrade is an old name, its no longer used to upgrade from one version to another, but to make your current version fully up to date	10:57
gamla_kossan	oh	10:57
gamla_kossan	what's the difference between it and upgrade then?	10:57
_ruben	with aptitude they chose better names: upgrade => safe-upgrade and dist-upgrade => full-upgrade	10:58
_ruben	upgrade doesnt install new packages (new dependencies for instance), dist-upgrade does	10:58
gamla_kossan	I see	10:58
gamla_kossan	oh	10:58
gamla_kossan	thanks a lot, this really clears some stuff up	10:58
* gamla_kossan is used to yum		10:58
ewook	muuu	10:58
alex_joni	for example kernel updates	10:59
gamla_kossan	muuu	10:59
gamla_kossan	^_^	10:59
uvirtbot	gamla_kossan: Error: "_^" is not a valid command.	10:59
alex_joni	you only get them with dist-upgrade	10:59
gamla_kossan	right	10:59
alex_joni	apt-get moo	10:59
ewook	apt-moo	10:59
gamla_kossan	awesome. lunch then upgrade time :>	10:59
gamla_kossan	lunch!	10:59
alex_joni	-bash: apt-moo: command not found	10:59
ewook	oh, right. apt-get moo it is.	11:00
_ruben	nice .. successfully updated my pxe install setup to include jaunty as well .. tho i should put some effort into creating a boot menu (now i have write out my selections on the boot: prompt)	11:00
_ruben	aww .. they didnt even include 'moo' in the bash autocomplete ;)	11:01
SockPants	hey all	11:09
SockPants	how do i stop the nfs server from borking every time i do something wrong on a client	11:10
twb	SockPants: define `wrong'	11:18
SockPants	twb: i'm not sure, but for example trying to delete something without having permission	11:31
SockPants	or deleting a very big file, even if i do have permission	11:31
SockPants	after that it just keeps saying 'lockd is not responding'	11:31
gamla_kossan	SockPants: depends on what you mean, but mount it with the option soft instead of hard	11:38
gamla_kossan	could resolve it	11:38
gamla_kossan	uh ohh	12:40
gamla_kossan	this is not good	12:40
gamla_kossan	I can't boot properly	12:40
gamla_kossan	did a dist-upgrade,	12:40
gamla_kossan	now I get this:	12:40
gamla_kossan	[ 5.480000] devicemapper: table: 254:1: snapshot-origin: unknown target type	12:40
gamla_kossan	during boot	12:40
gamla_kossan	and a couple of other errors, then I'm dropped into a busybox	12:41
gamla_kossan	anyone have a clue what'sup here?	12:41
_ruben	doesnt ring a bell here	12:43
_ruben	might wanna ask in #ubuntu-kernel as well	12:44
zul	morning	12:50
gamla_kossan	_ruben: think I know what it is - I'm missing the dm-snapshot module	12:56
gamla_kossan	so I guess I need to make a new initrd, right?	12:56
gamla_kossan	can I do that from a live-cd?	12:57
_ruben	gamla_kossan: grub should show your previous kernel as well	13:05
gamla_kossan	oh fsck. the ubuntu live cd doesn't have mkinitrd	13:05
gamla_kossan	_ruben: yeah - I agree - but it doesn't :/	13:05
_ruben	odd	13:06
gamla_kossan	very	13:06
_ruben	and you need update-initramfs	13:06
gamla_kossan	that one's available	13:06
gamla_kossan	sigh	13:09
kwork	can you use dd to replicate compact flash	13:18
_ruben	kwork: wouldnt know why not :)	13:18
kwork	would it work if i first make disk image	13:19
kwork	and then write it to other device ?	13:19
kwork	i have only one card reader	13:19
kwork	but i need to replicate the data structure to other compact	13:19
bogeyd6	kwork yes that works, i have doen it before	13:22
bogeyd6	however i might suggest o&o disk image for future usage	13:22
kwork	o&o whats that ?	13:22
=== dendro-afk is now known as dendrobates
bogeyd6	http://tinyurl.com/ydsgody	13:29
bogeyd6	kwork http://tinyurl.com/ydsgody	13:29
kwork	lol	13:30
kwork	with what you made that video	13:30
kwork	bogeyd6, the problem is i have compact flash what has routers operating system on it just wondering will copyng it with dd to diskimage and from there to other compact	13:32
kwork	will it work	13:32
_ruben	sure	13:35
bogeyd6	lololol	13:36
bogeyd6	yes it works	13:37
bogeyd6	:P	13:37
kwork	i sure hope so	13:42
J_P	hi all..	13:45
J_P	How I disable beep always I use key TAB to completation?	13:45
atomic_1	anyone using dhcpd encountered this in the logs: Abandoning IP address: x.y.z.w; Pinged before offer ?	14:05
bogeyd6	atomic_1 the dhcp server is checking to see if the ip address is in use	14:05
fbc-mx	Where can I find all the new features for 9.10 on the ubuntu website?	14:06
atomic_1	bogeyd6: i figured that out, but my clients never gets an IP address	14:06
atomic_1	this happens with a few of my clients	14:06
bogeyd6	fbc-mx http://www.ubuntu.com/testing/karmic/beta	14:06
bogeyd6	Is there a reservation setup atomic_1	14:07
smoser	zul, you have any idea where you would send a patch to ec2-ami-tools ?	14:07
atomic_1	for certain clients, yes	14:07
zul	smoser: not really let me poke around	14:07
smoser	all i could see was the forums	14:08
atomic_1	but not the addreses that i can see dhcp pings	14:08
bogeyd6	atomic_1 What's most likely happening is that the DHCP server is assigning the	14:08
bogeyd6	host an address, the host is verifying that the address is not in use,	14:08
bogeyd6	and concluding that it is in use	14:08
bogeyd6	atomic_1 Ping one of the addresses in the DHCP range that has not been assigned to any device (try it from each side of the bridge with a different IP address)and make sure you do not see any ARP relies in the ARP cache.	14:09
atomic_1	hmm, good idea	14:10
atomic_1	i should probably check my leases file too	14:10
bogeyd6	duplicate lease will cause the same problem	14:10
atomic_1	i kind of messed with it on occasions when dhcp failed	14:10
bogeyd6	plus you gotta make sure you configure your leases separately from the pool	14:10
=== dendrobates is now known as dendro-afk
bogeyd6	reser*	14:11
atomic_1	thanks bogeyd6	14:12
=== dendro-afk is now known as dendrobates
bogeyd6	yw	14:12
bogeyd6	running failover dhcp servers will give those problems ALOT	14:12
atomic_1	its only one instance here	14:13
=== genii_ is now known as genii
atomic_1	sometimes i also have troubles when i change a hostname here and there, because i use dynamic updates with bind	14:18
atomic_1	dhcpd does NOT like that	14:18
atomic_1	:)	14:18
bogeyd6	very true atomic_1 but there is an interesting thing in a centos book about dhcp and dns	14:28
bogeyd6	For Dynamic DNS to work, both the DHCP server and the DNS server need to be configured	14:28
bogeyd6	correctly: they both need to allow the use of Dynamic DNS, and the DNS server	14:28
bogeyd6	needs to “trust” the DHCP server. The latter is usually accomplished through the use of a	14:28
bogeyd6	cryptographic key.	14:28
=== dendrobates is now known as dendro-afk
=== dendro-afk is now known as dendrobates
zul	ttx: when you get a chance can you look at #420639?	14:51
ttx	bug 420639	14:51
uvirtbot	Launchpad bug 420639 in php5 "php-pear package problems (Karmic)" [High,Confirmed] https://launchpad.net/bugs/420639	14:52
ttx	just the title doesn't make me want to touch it	14:52
zul	ttx: heh...sometimes you dont have a choice	14:57
atomic_1	bogeyd6: i just read what you wrote, my services are configured correctly, rndc-key and everything	15:00
atomic_1	and it works, only 95% of the time	15:01
atomic_1	:)	15:01
bogeyd6	kk	15:02
=== orudie_ is now known as petia
uvirtbot	New bug: #440598 in samba (main) "package samba-common 2:3.3.2-1ubuntu3.2 failed to install/upgrade: subprocess post-installation script returned error exit status 1" [Undecided,New] https://launchpad.net/bugs/440598	15:11
acalvo	hi	15:26
acalvo	how can I repair manually a mysql DB?	15:26
=== kees_ is now known as kees
ivoks	hi guys and girls	16:01
ivoks	looks like one of recent kernel uploads broke drbd	16:02
ivoks	this is known upstream and there's a new version of drbd that works with 2.6.31	16:02
ivoks	but it's in rc3 state	16:02
ivoks	so, i'd ask for sponsor on uploading new version of drbd, as soon as it gets released	16:03
ivoks	is that possible?	16:03
zul	is there just a patch for it?	16:03
ivoks	i'll try isolating the patch, but imho we should move to new version	16:04
ivoks	except the support for 2.6.31	16:04
ivoks	with this new version, upstream supports drbd+pacemaker integration	16:04
zul	any other regressions if we go with rc3?	16:04
ivoks	so, there are no new files, it's just that they support it now	16:05
ivoks	i haven't found any	16:05
ivoks	i've been testing it for couple last two days	16:05
ivoks	s/couple//	16:05
zul	ok well you know the FFE process, when it gets approved let me know and Ill sponsor it	16:05
ivoks	sure	16:05
ivoks	i'll ping you	16:05
zul	k thanks	16:07
mathiaz	ivoks: is drbd still in the karmic kernel?	16:13
ivoks	it's dkmsed	16:13
mathiaz	ivoks: is it one of the 2.6.31 API that broke drbd?	16:14
mathiaz	ivoks: the current version of drbd in karmic is 2:8.3.2-2	16:15
ivoks	basically, 8.3.2 drbd (which we have now) worked with 2.6.31rc1	16:15
ivoks	but it doesn't with 2.6.31	16:15
ivoks	http://git.drbd.org/?p=drbd-8.3.git;a=blob;f=ChangeLog;hb=HEAD	16:15
mathiaz	ivoks: ok	16:15
mathiaz	ivoks: debian has 2:8.3.2-3	16:15
mathiaz	ivoks: and 2:8.3.3~rc3-1 in experimental	16:15
ivoks	8.3.3 is mostly fixes	16:15
ivoks	yep	16:16
mathiaz	ivoks: if 8.3.3rc3 is mostly fixes, then a FFe is not needed	16:16
ivoks_	looking at the changelog, only added functionality is support for infiniband	16:17
mathiaz	ivoks: well - there are new features though: Support for Infiniband via SDP (sockets direct protocol)	16:17
ivoks_	since there was no support for that before, i don't expect regressions :D	16:17
mathiaz	ivoks: right	16:17
mathiaz	ivoks: Improvements on the crm-fence-peer Pacemaker integration ?	16:17
ivoks_	that was new in 8.3.2	16:18
ivoks_	and it was unsupported	16:18
mathiaz	ivoks: well - it depends how SDP support was added	16:18
mathiaz	ivoks: it may break other parts of the code	16:18
ivoks_	8.3.3 has upstream support for crm integration	16:18
ivoks_	and that's really cool	16:18
ivoks_	i know	16:18
ivoks_	i'll ask for FFE	16:18
=== ivoks_ is now known as ivoks
mathiaz	ivoks: do you plan to sync from experimental?	16:19
ivoks	i'll take a look at the package	16:19
mathiaz	ivoks: 2:8.3.2-3 seems to have DKMS dropped	16:19
ivoks	i used my own package	16:19
mathiaz	ivoks: 'Drop DKMS support for now, to get the package back into testing.	16:19
ivoks	right, they removed dkms from drbd in testing	16:19
mathiaz	ivoks: is it back in experimental?	16:20
ivoks	i have to take a look at it	16:20
ivoks	i was a bit out of development these days	16:20
mathiaz	ivoks: ok - so it seems that we need to have at least 'Following Linux upstream changes 2.6.31' in karmic	16:21
mathiaz	ivoks: since drbd doesn't work for now in karmic	16:21
ivoks	right	16:21
ivoks	it would be much easier if we would rush for the latest kernel :)	16:21
mathiaz	ivoks: I'd have a look at the experimental package - if it supports dkms then as a sync	16:21
ivoks	wouldn't	16:21
mathiaz	ivoks: then ask a sync	16:22
mathiaz	ivoks: with a FFe outlining the new features as well as the reason for syncing (2.6.31 broke drbd)	16:22
ivoks	i'll be presenting pacemaker in ubuntu during oracle conference, here in croatia	16:24
mathiaz	ivoks: awesome! Do you plan to post the slides?	16:25
ivoks	yes	16:25
ivoks	but it will be in croatian	16:26
mathiaz	ivoks: well - put pictures in there	16:26
ivoks	hehe	16:26
ivoks	bbl	16:37
=== monteith is now known as monteith_afk
* zul stabs php		16:45
uvirtbot	New bug: #440662 in samba (main) "package samba-common 2:3.3.2-1ubuntu3.2 failed to install/upgrade: subprocess post-installation script returned error exit status 1" [Undecided,New] https://launchpad.net/bugs/440662	16:51
skrite	hey all, what is a good command to find out the ip address of all ssh traffic ?	17:08
giovani	skrite: I don't understand your question	17:09
skrite	well i am logged into another server and i don't want to stop the process, but i need to know the ip to log into that server again, different session	17:11
jjohansen	smoser: did you get a chance to try those akis?	17:18
smoser	jjohansen, i've not. other htan i booted a 32 bit with it. not done much testin gon it other than that.	17:18
jjohansen	smoser: okay, thanks. I am going to kick a few more instances again	17:19
smoser	so far for you they've been good ?	17:20
smoser	and how different are the configs "server" -> ec2, jj	17:21
smoser	jjohansen,	17:21
jjohansen	smoser: I saw one instance on 64 bit give cpu lockup errors, so it worries me	17:22
jjohansen	smoser: the configs are fairly close, I had to disable a few things like HIGHPTE to get them to run	17:23
jjohansen	smoser: there were a couple of other things I disabled too, would have to go back and check. It was 4 or 5 config options total	17:24
=== monteith_afk is now known as monteith
smoser	jjohansen, kexec	17:26
smoser	:)	17:26
jjohansen	smoser: hehe, no I didn't had that to these ones, but there just might be a need to revise the configs yet ;)	17:26
uvirtbot	New bug: #440683 in samba (main) "Samba server upgrade crashed" [Undecided,New] https://launchpad.net/bugs/440683	17:28
uvirtbot	New bug: #440692 in samba (main) "package samba-common 2:3.3.2-1ubuntu3.2 failed to install/upgrade: subprocess post-installation script returned error exit status 1" [Undecided,New] https://launchpad.net/bugs/440692	17:41
* zul perks up		18:04
zul	ec2 configs?	18:04
jbernard_	kirkland: ive got a byobu plugin for rackspace cloud server cost (like ec2_cost) brewing, you're gonna love it	18:08
kirkland	jbernard_: nice ;-)	18:11
uvirtbot	New bug: #440725 in samba (main) "package samba-common 2:3.3.2-1ubuntu3.2 failed to install/upgrade: subprocess post-installation script returned error exit status 3" [Undecided,Won't fix] https://launchpad.net/bugs/440725	18:27
=== jsalisbury_ is now known as jsalisbury
=== georg is now known as kwork
mathiaz	hm - interesting - shorewall got dropped to universe in karmic	19:06
mathiaz	zul: kirkland: ^^	19:07
genii	Licensing maybe	19:07
kirkland	mathiaz: never heard of shorewall	19:07
zul	firewall thing?	19:07
mathiaz	zul: yes	19:07
mathiaz	zul: it used to be in main	19:07
mathiaz	zul: dapper++	19:08
ScottK	I wonder why it would have been in Main?	19:08
mathiaz	kees: jdstrand: ^^	19:08
mathiaz	kees: jdstrand: should shorewall be back in main - or is ufw enough?	19:08
zul	mathiaz, hasnt been updated in 193 in weeks	19:08
mathiaz	ScottK: it's been in main since dapper	19:08
mathiaz	zul: karmic saw a package split	19:09
ScottK	I just don't know why it would have been. Before ufw, Ubuntu didn't provide a default firewall	19:09
mathiaz	zul: http://packages.ubuntu.com/search?keywords=shorewall	19:09
zul	ufw should be ok i dont see why it should be in main (shorewall)	19:12
aubre	what are the chances that when the cluster controller is being installed we can get the opportunity to set up dhcpd on the network that the ncs are connected to? Or at least a reminder to do so?	19:18
mathiaz	zul: does ufw support all of the shorewall features?	19:20
mathiaz	zul: shorewall is still in the supported-network-common seed	19:22
kees	mathiaz: I'm fine with dropping shorewall.	19:22
zul	mathiaz: i dunno i never ran shorewall	19:22
zul	jdstrand: ^^^	19:22
kees	mathiaz: it was grandfathered in from before I did security work. :)	19:22
mathiaz	kees: you mean that it was move into main before you were doing ubuntu security work?	19:23
zul	is there such a thing? ;)	19:24
kees	mathiaz: correct	19:24
mathiaz	kees: ok - so I'll update the seed then	19:25
jdstrand	I'm here now	19:28
jdstrand	mathiaz: ufw does not support all of shorewall's features	19:28
mathiaz	jdstrand: ok	19:28
jdstrand	ufw is a fully featured host-based firewall, with the ability to add any kind of routing you want	19:28
jdstrand	shorewall has a steeper learning curve, but helps with routing/nat/etc	19:29
mathiaz	jdstrand: right	19:29
mathiaz	jdstrand: it supports gateways and zones	19:29
* jdstrand nods		19:29
mathiaz	jdstrand: it was in main since at least dapper	19:29
mathiaz	jdstrand: and is currently in universe in karmic because of a package name change in debian	19:30
jdstrand	ufw can do anything shorewall or netfilter can do via its framework (man ufw_framework), but it doesn't help a lot when you need the FORWARD chain	19:30
mathiaz	jdstrand: kees suggested to really drop shorewall from main	19:30
mathiaz	jdstrand: (it's still in the supported-network-common seed)	19:31
jdstrand	meaning, you need to know about iptables atm to doing useful things with the FORWARD chain (though, there are examples in the man page, etc)	19:31
jdstrand	tbh, it doesn't make a difference. I don't think shorewall has ever had a CVE against it	19:31
mathiaz	jdstrand: right - but you can't easily (as ufw should be) create a gateway system with multiple zones	19:31
mathiaz	jdstrand: which is quite usual when you deal with network gateways	19:32
jdstrand	ufw's target audience has been desktops, servers, and bastion hosts	19:33
jdstrand	a routing firewall has been out of scope until only very recently	19:33
mathiaz	jdstrand: how about keeping shorewall in main until ufw provides these features?	19:34
jdstrand	mathiaz: like I said. I don't care either way, but I will make this point: ufw is easy to getting started with immediately. its framework allows for doing any filtering/routing you want (with supporting documentation for common scenarios). I am not sure a newcomer to both ufw and shorewall would find shorewall easier overall	19:36
jdstrand	mathiaz: meaning, you have to learn all about how to use shorewall in the first place	19:36
* mathiaz nods		19:36
jdstrand	you could likely spend less time learning the couple things you need to get the routing going within ufw	19:36
mathiaz	jdstrand: and support for the FORWARD chain can be done in ufw as well?	19:37
jdstrand	that is not to disrespect shorewall in any way. I am a fan, and think it is very cool. it has a different target audience than ufw though	19:37
jdstrand	mathiaz: yes! (man ufw-framework)	19:37
jdstrand	mathiaz: you edit configuration files and add iptables style rules	19:38
jdstrand	mathiaz: it's the ufw cli command that doesn't have FORWARD support	19:38
mathiaz	jdstrand: right.	19:38
mathiaz	jdstrand: shorewall provides another layer of abstraction	19:38
jdstrand	which is why I say it doesn't help with FORWARD 'much'	19:38
mathiaz	jdstrand: considering that the target audience are different, I'd be inclined to keep shorewall in main	19:39
jdstrand	mathiaz: yes, but with ufw you can mix and match cli commands and hand edited rules	19:39
kees	mathiaz: if it fell into universe because of a package name change, and the old package is still in the supported seed, it should probably just follow and stay in main.	19:39
kees	mathiaz: that said, I do like the idea of dropping stuff from main. ;)	19:39
jdstrand	so you can have a host that does NAT and provide services. so use the ufw cli command for the services, and add your few NAT lines to the config file (all detailed, again, in ufw-framework)	19:39
mathiaz	kees: right - that's my current analysis of the reason why it fell in universe	19:39
jdstrand	but I'll say it again, with shorewall, I doubt it'll make any difference	19:40
=== jldugger is now known as pwnguin
mathiaz	kees: if things keep getting dropped from universe there will less reasons to grow the security team ;)	19:40
jdstrand	mathiaz: believe me, there is more than enough work to go around	19:40
jdstrand	:)	19:40
uvirtbot	New bug: #440772 in samba (main) "Problems started occurring when i added 'mediubuntu' to the package sources list: package smbclient 2:3.3.2-1ubuntu3.1 failed to install/upgrade: short read in buffer_copy (backend dpkg-deb during `./usr/bin/rpcclient')" [Undecided,New] https://launchpad.net/bugs/440772	19:41
jdstrand	mathiaz: in previous releases, I have been asked whether shorewall should be dropped from main. I have said 'no', do to the fact that ufw doesn't help much with routing in your firewall. that has not changed	19:41
jdstrand	s/do/due/	19:41
mathiaz	jdstrand: ok - I'll update the seed then	19:42
mathiaz	jdstrand: and keep shorewall in main	19:42
jdstrand	that sounds fine	19:42
jdstrand	ufw will be growing routing support. I don't know for lucid, but soon	19:42
mathiaz	jdstrand: I still think it's a useful tool to configure a routing firewall/complex gateway (which is its target use cases)	19:42
mathiaz	jdstrand: kees: thanks for your input	19:43
jdstrand	mathiaz: I agree (like I said, it is a nice application)	19:43
uvirtbot	New bug: #415799 in network-manager (main) "dhclient doesn't get any dhcpack" [Undecided,New] https://launchpad.net/bugs/415799	20:02
JanC	FWIW: shorewall is quite easy to use as well as powerful after reading the (very fine!) manual; much easier than learn about "cryptic netfilter rules" (which is what you need for ufw ATM AFAIK), so +1 from me to keep it in main ;)	20:16
benventura	test	20:19
* _ruben is tempted to look into shorewall for his ipv6 firewalling needs, see if it might be a decent candidate for our inhouse-developed bash-bashed scripts		20:21
nicholas_	Hi, I'm looking for a kind of user logging system, which can help me create/give an overview of SSH loging and SFTP logings _without_ I have to look through raw logs? Know any? (It's for creating an overview of students activity on a school server)	20:39
zul	jdstrand: ping have you seen this? http://pastebin.ubuntu.com/284064/	20:44
=== dendrobates is now known as dendro-afk
mfoster	heh, sucks for jeiworth	20:58
adamsweet	hey jcastro	21:15
jcastro	hi adamsweet	21:15
adamsweet	hi, looking at the ec2 stuff, they refer to alpha6, should I concentrate on the beta now instead?	21:15
adamsweet	the instructions refer to alpha6, that is	21:16
jcastro	adamsweet: yes please	21:18
adamsweet	jcastro: cool, thought I better check	21:19
jcastro	adamsweet: I'll update the page	21:19
jcastro	adamsweet: also, it seems that amazon devpay thing isn't working	21:19
jcastro	so you'll probably end up with a bill of 2 dollars or something	21:19
jcastro	but I am working to resolve that	21:19
adamsweet	jcastro, :)	21:19
adamsweet	bad timing :)	21:19
jcastro	well they don't charge you until the end of the month	21:20
jcastro	I should have it fixed by then. :D	21:20
adamsweet	no problem	21:20
jcastro	wiki fixed, thanks!	21:20
Orfeous	hi again! got into a problem :P my friend has borrowed my dvd-reader and i need to reinstall ubuntu-server. so i thought that i could install from a usb stick.. but it dont work!! i have tried several methods that ive found on different forums. only desktop-ubuntu.. etc works but not server.. strange.	21:43
Orfeous	any ideas to get it work?	21:43
Jagged	Break said friend's legs and retrieve property.	21:43
Orfeous	when i tried to boot from usb stick it only told me to insert a bootable disk and press enter..	21:45
Orfeous	i selected my usb stick as bootup drive in bios	21:45
Jagged	did you install to the usb stick correctly?	21:46
adamsweet	Orfeous, are you sure your BIOS supports booting from USB? I have machines which don't	21:49
Orfeous	Jagged, yes tried a program called unetbootinf and also followed guides on forums.. :)	21:50
Orfeous	Jagged, got the 1gb fat16 partition om my usb stick.. copied all files from iso to usb stick.. renamed isolinux to syslinux and isolinux.cfg to syslinux.cfg..	21:50
Orfeous	adamsweet, the usb stick is selectable from bios under boot devices..	21:51
Orfeous	Asus P5B Premium vista edition is motherboard.	21:51
Orfeous	also tried booting it from my htpc and it not worked.. :P	21:52
Orfeous	i now i have been trying XBMC LiveCD USB and that booted from my usb-stick	21:52
Orfeous	is the size on fat 16 partition important? i mean if its 1gb or if its likw 3gb?	21:53
Orfeous	i can give links to what guide i have followed	21:53
Orfeous	this is one guide: https://help.ubuntu.com/community/UbuntuServerFlashDriveInstaller	21:55
Orfeous	this is another guide: http://www.ubuntugeek.com/how-to-install-ubuntu-linux-from-usb-stick.html	21:56
adamsweet	Orfeous, do you have an existing Ubuntu machine?	21:59
Orfeous	adamsweet, yes i have	22:01
Orfeous	installed ubuntu-server 9.10 on it	22:01
adamsweet	no desktops?	22:02
Orfeous	no, just windows	22:02
Orfeous	but i got a dvd-drive on my laptop	22:03
Orfeous	and can boot up a livecd from that and make a bootable usb-stick from gnome	22:03
Orfeous	but i havent tried that	22:04
adamsweet	yes, try that	22:04
Orfeous	really dont know why it doesnt work	22:04
Orfeous	and why it doesnt work with ubuntu-server version :)	22:04
adamsweet	In the Gnome desktop, System > Administration > USB Startup Disk Creator	22:04
adamsweet	you'll need iso image on your laptop filesystem	22:05
adamsweet	otherwise, I have no idea how to help you :)	22:05
adamsweet	might be easier to go to your friends house and ask for your DVDd rive	22:06
Orfeous	i can try that tomorrow, but are there no other isos that i can boot from and use netinstall for ubuntu-server?	22:06
adamsweet	I don't think the iso image is your problem, rather your creation of bootable USB disks is, but I'm only guessing	22:08
uvirtbot	New bug: #440918 in samba (main) "Did todays update, samba failed? can still browse mounted network shares" [Undecided,New] https://launchpad.net/bugs/440918	22:22
=== nick125_ is now known as nick125
edulacomadreja	hi everyone	22:27
edulacomadreja	after editing "/etc/udev/rules.d/70-persistent-net.rules" ubuntu server hangs on boot at "configuring network intefaces.."	22:27
=== Pici` is now known as Guest77758
edulacomadreja	how should i skip this?	22:28
Hypnoz	I think if you comment the lines out ubuntu will regenerate them	22:28
edulacomadreja	but how can i edit that file again?	22:29
edulacomadreja	i'm stuck there...	22:30
edulacomadreja	is someone there?	22:35
allanon_	hi	22:37
allanon_	could anyone tell me how i might figure out why 'netcat localhost 25' returns nothing?	22:38
ScottK-desktop	Why did you expect it too? Default Ubuntu Server doesn't listen on port 25.	22:39
allanon_	ok I didnt think i'd need to bust it all out..	22:40
allanon_	Im running postfix/squirrelmail/dovecot, etc	22:40
allanon_	so yeah I assumed it would be ;p	22:40
ScottK-desktop	Right, we we aren't mind readers.	22:40
ScottK-desktop	I guess I'd look at postfix logs and see if it's complaining about anything first	22:41
allanon_	sorry :( i guess nubs flow in here asking tarded questions and what not. my apologies	22:41
allanon_	the only thing in mail.log, in a repeating fashion, is:	22:42
allanon_	Oct 2 16:42:00 sputnik postfix/smtpd[8135]: fatal: bad numerical configuration: unknown_client_reject_code = 450-Unknown_Client	22:42
allanon_	Oct 2 16:42:01 sputnik postfix/master[2846]: warning: process /usr/lib/postfix/smtpd pid 8135 exit status 1	22:42
allanon_	Oct 2 16:42:01 sputnik postfix/master[2846]: warning: /usr/lib/postfix/smtpd: bad command startup -- throttling	22:42
allanon_	every 1 minute too..	22:43
allanon_	tried googling but crap you get so many conflicting ideas on what the culprit is	22:43
Orfeous	hmmm	22:46
allanon_	are those entries possibly meaning that something is causing smtpd to term, which its restarting but being killed again in a loop?	22:50
allanon_	ok so it appears my convo with scott has rendered any further help null here. So much for community.	22:53
Jagged	Insults are always a good way to get help =\	22:56
bventura	there's a typo on the Ubuntu Server Guide page that I bet was causing that problem allanon had	22:58
bventura	I didnt notice till after he left	22:59
Mike_lifeguard	Hello, I am going to be installing server edition for the first time. I'm not sure how to do that if I don't have a monitor to hook up to the machine though. Is it possible to ssh from a connected laptop or something to do the install?	23:08
bventura	I'm trying to use qemu on jaunty with the 'Virtaul Machine Manager' GUI app and when I try to start up the virtual network I get the error "Error starting network cannot create bridge 'vibr1' : Operation not permitted.. anyone know how to fix this? None of the stuff I found on google works	23:08
=== sgsax_ is now known as sgsax
ScottK	Mike_lifeguard: No.	23:26
Mike_lifeguard	I suppose I will buy a monitor then :\	23:28
ScottK	Once it's set up you can do anything you need via SSH, but not the install	23:28
ScottK	So perhaps you can just borrow a monitor from another machine.	23:28
Mike_lifeguard	I don't have access to hardware that's not a laptop. But I'll just find some cheap shit to use for a day while I get it set up, then dump it :)	23:29
=== erichammond1 is now known as erichammond
Mike_lifeguard	Thanks for your help.	23:29
Orfeous	i will give it a try tomorrow ;)	23:35
Orfeous	the install from usb stick thing :D	23:35
erichammond	elmo: archive.ubuntu.com has been painfully slow the last couple days and sometimes times out on responses altogether.	23:40
bventura	you know I've noticed that too lately takes forever	23:40
erichammond	This has prevented me from being able to create new Ubuntu images for EC2 using the latest kernel Amazon built to fix the big security bug.	23:41
bventura	what's the big bug I don't think I heard about it	23:43
erichammond	bventura: http://developer.amazonwebservices.com/connect/thread.jspa?threadID=35410	23:46
erichammond	Until we have modern, updated kernels for EC2 from Canonical, folks using Ubuntu on EC2 depend on Amazon updating older (2.6.18, 2.6.21) kernels. It means we're not truly running complete "Ubuntu" but it works well enough to get the job done.	23:48
jjohansen	erichammond: I have some new kernels to test if you want	23:50
erichammond	jjohansen: cool. I'm a bit backlogged right now, but like to keep notes on what's available so I know the development directions to take.	23:53
bventura	.	23:54
erichammond	jjohansen: My first attempt to use a recent 2.6.31 kernel with my own Karmic build resulted in an AMI which didn't boot well. It's obviously my fault since Canonical's Alpha-6 works with it, but I haven't had the time to investigate further yet.	23:54
jjohansen	erichammond: want me to mail you the details, or just post them here	23:55
=== bytor4232 is now known as arthurjohnson

Generated by irclog2html.py 2.7 by Marius Gedminas - find it at mg.pov.lt!