[00:30] is apparmor still being developed for ubuntu? [00:30] ??? [00:34] mihalisxfsee: It certainly is still being used in Ubuntu - I don't know about where the development happens. [00:36] i am a litle bit woried about this SElinux's substitute (wonderful though) future after crispin cowan's left! [01:05] ??? [01:05] sorry my connection went out [01:06] #help [01:31] mathiaz: no i havent === eBolorama is now known as _eB === vraa_ is now known as vraa [02:42] anybody care to help me with this postfix/dovecot/mysql configuration problem I'm having? === vraa_ is now known as vraa [02:57] Think it would be beneficial to me to reinstall ubuntu server edition without and of the servers installed during install but rather install them one at a time post install? [03:22] Question - is it viable to run a server locally on my Desktop machine (laptop) for a sandbox? or will it just get too junked up by everything? [03:24] d33d, you do you mean by 'junked up by everything'? [03:25] I mean - is it a bad idea to mix server with desktop... [03:26] i need help getting virtualhost to work for apache2.. both of my domains go to the /var/www when i specify for the 2nd domain to go to /var/www2 [03:26] wow, I had that very simular problem this afternoon....I think I got it resolved, but I can't see because I can't connect to my own web pages on my own server! [03:27] d33d; If it is just for a sandbox I don't think it would matter much. But it might be a better idea to install it on a spare box and console it up. [03:27] did you use the ServerName myexamplesite1.com in each VirtualHost? [03:27] no spare box - what about VirtualBox? [03:28] skuld, yes [03:31] okay, ummmm..... let me see.... [03:31] in the second domain, it was different than the first one, I'm assuming.... [03:31] yes [03:31] definately [03:31] lol [03:32] how do i enable from sites-available to sites-enabled [03:32] ok...yeah, I forgot that servername directive [03:32] I copyied them to sites-enabled [03:32] oh thatsall? [03:32] yup [03:37] did that help? [03:38] nah [03:40] its sayin this crap [03:40] [Tue Oct 20 21:36:13 2009] [error] (EAI 2)Name or service not known: Could not resolve host name ejsweetsonline.com -- ignoring! [03:40] [Tue Oct 20 21:36:23 2009] [error] (EAI 2)Name or service not known: Failed to resolve server name for 216.24.138.154 (check DNS) -- or specify an explicit ServerName [03:40] but it resolves for me [03:41] * Dns resolved ejsweetsonline.com to 24.155.117.48 [03:41] - [03:42] dont even know what the hell this ip is ---> 216.24.138.154 [03:42] lol [03:43] did that deadlock bug ever get sorted out? I was gone longer than I thought I would be and didn't get a chance to test it [03:44] the UEC deadlock bug? [03:44] is ejsweetsonline.com your domain? [03:45] yes [03:45] im running dns serveron this box too [03:46] for servername are you using an ip address or name? [03:46] name [03:47] ok.ummmm [03:47] should there be anything in ports.conf [03:47] do you have like an example.com in your sites-enabled? [03:48] yea i made a file for each site [03:48] this is what i have in ports.conf [03:48] do you specifically have example.com? [03:48] should this be there [03:48] NameVirtualHost ejsweetsonline.com:80 [03:48] NameVirtualHost cconnectx.com:80 [03:48] Listen 80 [03:49] I'm assuming cconnectx.com is your other domain? [03:49] yes [03:49] yeah, that's fine [03:49] k [03:53] do you have something like: [04:00] no i replaced that with the domain name:80 [04:00] for each config file [04:01] try just using *:80 [04:02] with the servername directive below. that's what got mine to work [04:02] ok restarting... [04:03] ok it said this... [04:03] I wonder if the fact that I am using XFS on my CC and NC would cause my UEC SC volumes to fail to attach to instances? [04:03] * Restarting web server apache2 [Tue Oct 20 22:03:13 2009] [warn] _default_ VirtualHost overlap on port 80, the first has precedence [04:03] [Tue Oct 20 22:03:13 2009] [warn] _default_ VirtualHost overlap on port 80, the first has precedence [04:03] [Tue Oct 20 22:03:13 2009] [warn] NameVirtualHost cconnectx.com:80 has no VirtualHosts [04:03] [Tue Oct 20 22:03:13 2009] [warn] NameVirtualHost ejsweetsonline.com:80 has no VirtualHosts [04:03] ... waiting [04:05] where you have your namevirtualhost...change the name to the IP address instead [04:05] aah [04:06] and its NameAlias *.whatever.com to make wildcard? [04:06] okit worked [04:06] thanks!! [04:06] np [04:06] now if I can just get my server working! LOL [04:06] whats wrong with urs [04:07] I've been 'told' that my sites are up, but I can't validate it by navigating to them from my laptop [04:07] internal netowrk) [04:07] ill test it.. whats the site [04:08] http://www.intelatech.net is one [04:08] ya its working [04:09] that's a relief, but I can't surf my own pages! LOL...I can get to my server if I use my eth2 IP (192.x.x.x) though [04:09] can you get to other pages [04:09] yes, any other pages on the Net, just not my own [04:11] blank page or what? [04:11] can you ping [04:11] I can ping, yes, I get..."Could not connect"...I think...let me try it again [04:12] flush dns [04:12] ? [04:12] "unable to connect" very fast [04:12] how do I do that wiht the console? [04:12] in windows [04:12] ? [04:12] oh. you know I've never done that command [04:13] ipconfig /flushdns [04:13] in win [04:13] dont know the linux [04:13] cmd [04:13] I can't do it..."the command requires elevation" [04:14] lol [04:14] what os r u on [04:14] Vista [04:15] runn command as administrator [04:15] commandprompt [04:15] right click and click run as admin [04:17] okay, I guess my windows is foobarred too...I click run as admin but nothing happens LOL [04:17] hm [04:18] ya i m using win7 and it lets me run anything [04:18] dont know vista [04:18] nvr used it [04:18] be glad [04:18] xpto 7 [04:18] lol [04:21] do you know a good webmail server solution for ubuntu [04:21] oh instead of flushdns.. restart.. [04:21] maybe? [04:21] I'm in the middle of installing postfix/dovecot with mysql for my mail solution.....i've used....um.... round somehtingorother email before for the web [04:22] postfix cool [04:22] thanks. [04:22] I think it was roundcubemail [04:22] okay, I'm going to try something.... [04:23] hopefully I won't get disconnected... [04:23] sounds like a dns problem..but im not sure [04:23] or browser [04:34] How can i give a user permissions to upload files to a web directory. I've added that user to the admin group & even www-data group and still it says permission denied [04:39] this really sucks, I *have* to use firestarter to get my laptop and any other computer on my internal network onto the internet....yet I can't see my own stupid webpages from my own server! GRRR [04:39] I have successfully set up my first LAMP server! [04:41] chmod 777 dirname [04:41] ? [04:41] or even chmod 776 dirname [04:43] ....I've tried numerous tutorials on the web for masquarading (sp?) port forwarding and stuff for internet connection sharing, nothing seems to work -- except by using Firestarter with ICS turned on [04:43] I'm sure something in my network config is messed up for me not to surf my own webpages [04:44] ...and I can ping my own sites by domain name, they connecct, I can also connect to my apache server by internal IP, not by domain name though. [04:45] are the name server set up and propagated? [04:45] is the domain name www.yourdomain.com set to target your IP? [04:45] I'm not sure [04:45] yes [04:46] How long ago was the request made to have your domain target your IP? [04:46] for example: http://www.intelatech.net is set to (216.x.x.x) [04:46] months. [04:46] it's worked before when I used Fedora Core 7 [04:46] And it has work prior? [04:46] Ahh [04:46] just not since I've moved to ubuntu server [04:46] That is about the extent I can help then =) [04:47] other people can see my sites, just not me [04:47] oh [04:48] and I don't use a router....just linux with two NICs [04:49] so if you type in the domain name in your web browser you do not get directed to your site? But if you type in the local ip you do? But people outside of your land can use the domain name and access the site? [04:50] mostly yes. only I can't access my page becuase it's a virtual page, but I get my first virutal domain.\ [04:50] I have six domains [04:50] Question to anyone listening. I just got done following the server guide and installing and configuring apache2/mysql/php5/phpmyadmin and everything seemed to work fine until I uploaded a php cms and went to configure it and got this http://pastebin.com/d28284b9b [04:51] what are the permissions of /srv/www/index.php ? [04:52] senkusha; I am afraid my knowledge is not that extensive to be able to help you. I am a bit of a novice when it comes to setting up linux servers. In fact I am trying to set up my first now and if it goes well I will be hosting my domain locally. [04:52] You know... I had not thought to check that. [04:52] senkusha: You have a problem with apache virtualhosts? [04:52] :) it's cool. I'm pretty sure my problem lies somewhere with my networking interfaces config or something with iptables [04:53] LOL [04:53] yeah, AdamDV...sortof [04:53] iptables wouldn't make your first virtualhost show up. [04:53] let me break it down. [04:53] The first virtualhost is displayed when another is not found. [04:53] people on the Net can see all my domains by name [04:53] ALright, shoot. [04:53] I can't see any of them by name [04:54] So, say for example. [04:54] but if I type in http://192.x.x.x I get the very first domain directory [04:54] Yes. [04:54] You should. [04:54] The only way your going to see others. [04:54] Is by typing the name. [04:54] NAME absed virtual hosting. [04:54] right. [04:54] Typing the IP will default to the first. [04:54] okay.... type in http://www.intelatech.net [04:54] Unless you install mod_userdir [04:54] you'll see the page for that site [04:55] Ok [04:55] Whats the problem? [04:55] but if I type in my internal IP, I get http://www.americansombo.com [04:55] senkusha: Typing in the IP [04:55] the problem is that *I* cant type in http://www.intelatech.net to see my own page [04:55] Will show the FIRST virtualhost. [04:55] I get Unable to connect [04:55] Hmm [04:55] Ok [04:55] wait a seconf [04:55] Its the same page. [04:55] I typed int he IP to verify that I can get to apache at all [04:56] Both URL's load the same page. [04:56] Can you show me your apache conf? [04:56] WHAT>!! [04:56] yeah [04:56] Becuase somethingain't right. [04:56] Heh [04:56] it's all seperated out by virtualhost [04:56] Lemme see :P [04:56] All of it [04:56] I haven't messed with the apache2.conf, but I'll show it [04:57] Alright. [04:57] I'm guessing. [04:57] That you haven't uncommented NameVirtualHost *:80 ? [04:57] in apache2.conf ? [04:57] Because. [04:57] let met double check [04:57] If you have'nt. Thats your problem. [04:58] how can I chmod all files and subdirectories of a directory? [04:58] crohakon: chmod -R 0774 dir/* [04:58] -R is recursive. [04:58] thanks [04:59] No problem. [04:59] it's not in apache2.conf...it's in ports.conf, and yes, it's not commented. [05:00] Can you show me your: [05:00] apache2.conf [05:00] ports.conf [05:00] And your virtualhosts. [05:00] http://pastebin.com/f64ed377 [05:00] ports.conf: http://pastebin.com/f3e82f95 [05:01] so, for example... sudo chmod -R 0644 /srv/www/* should set all stuffs under www to 644? [05:01] crohakon: Yes. [05:01] americansombo.com: http://pastebin.com/f68a093a [05:01] senkusha: Whats your document root? [05:01] well, it did not work =( [05:01] crohakon: YOu sure? [05:02] Try: [05:02] intelatech.net: http://pastebin.com/f28b4ee81 [05:02] sudo chmod -R 0644 /srv/www [05:02] yes, they are still all 700 [05:02] we'll start with those two [05:02] senkusha: Okay. [05:02] I already see issues. [05:02] Whats your doc root? === _eB is now known as eBo [05:02] it's /var/www/sites/ [05:03] I see. [05:03] Okay. [05:03] No, that did not work either. blah [05:03] Are you logged in as root in your server? [05:03] (Interactively via sudo -i or else?) [05:03] Shutdown apache [05:03] I am not logged in as root, but using sudo [05:03] Okay. [05:03] Sudo up to root. [05:04] For now. [05:04] sudo -i [05:04] brb [05:04] for permissions I always just navigate to the dir and do : chmod -R 777 * (or what ever permissions I need) [05:04] for permissions I always just navigate to the dir and do : sudo chmod -R 777 * (or what ever permissions I need) [05:04] Alright [05:05] Whoa. [05:05] Nick confuse. [05:05] crohakon: I dunno. [05:05] senkusha: You root? [05:05] yes. my I can sudo my username if needed [05:06] Alright [05:06] I'm gonna change your confs a little. [05:06] okay, cool [05:06] Iobviously missed something LOL [05:07] Hah [05:11] senkusha: [05:11] http://pastebin.com/m1833ce12 [05:11] http://pastebin.com/m8708639 [05:11] http://pastebin.com/m3694b96b [05:12] Also [05:12] Remove the trailing slash from any "Directory" statements [05:13] damn, permissions are a b*tch sometimes.. [05:14] Also, make this: [05:14] Options Indexes FollowSymLinks MultiViews AllowOverride None Order allow,deny allow from all [05:14] The 'allow from all' [05:14] make it 'Allow from all\ [05:14] *'Allow from all' [05:14] Apache is picky. [05:15] senkusha: Working now? [05:16] * crohakon thinks adamDV knows is sh*t lol [05:16] I do. [05:16] :) [05:16] Hehe. Not to brag, but I run a computer company that does web design and server admin. [05:16] And, I'm 13. [05:16] :) [05:16] Anyway, good that its working now. [05:16] VirtualHosts can be a bitch sometimes. [05:17] senkusha: Are the other domains working? [05:17] Damn, i'm 25 and struggling over chmods. Keep up the good work. [05:17] Heh. [05:17] =) [05:17] crohakon: Are you on debian? [05:17] [warn] NameVirtualHost *:80 has no VirtualHosts [05:17] yes [05:17] ubuntu [05:17] crohakon: I see. [05:17] 1 sec, and I'll try to help. [05:18] other domains, probably not yet [05:18] senkusha: [warns] aren't too hazardous. [05:18] I can see that both those domains now work. [05:18] hi there... I am getting this error with Winbind : Failed to issue the StartTLS instruction: Connect error. Somebody can help me? [05:18] And go to seperate sites. [05:18] I did notice while in VI that intelatech was color coded differently than american sombo [05:18] senkusha: Thats vi's fault. But, I'll look. [05:18] brb [05:18] ok [05:19] I'll fix the other domains === kirkland` is now known as kirkland [05:21] Alrighty. [05:21] senkusha: Lemme see about ports,conf and that warning. [05:21] okay, all other domains fixed. [05:22] Cool [05:22] What was the issue? [05:22] now, that everybody else sees (the correct) sites, I can not. I get Unable to connect. [05:23] senkusha: Release your DNS. [05:23] how do I do that? [05:23] Firstly, restart apache. [05:23] I just did that [05:23] Secondly, are you on windows or linux? [05:23] Okay. [05:23] my laptop is windows vista [05:23] K [05:23] Press start - type in cmd [05:23] ipconfig /release [05:23] ipconfig /renew [05:24] WAIT [05:24] DONT DO THAT [05:24] hehe [05:24] hehe [05:24] 1second. [05:24] okay...windows was being slow about finding 'cmd' LOL [05:24] =) [05:24] Haha [05:25] Alright do this. [05:25] ipconfig /flushdns [05:25] ipconfig /release [05:25] ipconfig /renew [05:25] senkusha, why not install ubuntu on your laptop? [05:25] crohakon: Ubuntu is bitchy on laptops. [05:25] when I tried /flushdns, I got: this operation requires elevation [05:25] If its a dell, it'll most likely brick it. [05:25] senkusha: Run cmd as administrator. [05:25] I need windows for a couple of applications that ubuntu just can't handle yet [05:27] Did you flush the DNS? [05:27] okay. doen [05:27] done [05:27] How the fuck did you stay connected? [05:27] You sure you did it all? [05:27] good question... [05:27] As an administrator? [05:27] let me run it again... [05:27] Yea. [05:27] Yeah, it should have killed your connection for a moment. [05:28] An error occurred while releasing interface Loopback Pseudo-Interface 1 : The sy [05:28] stem cannot find the file specified. [05:28] The operation failed as no adapter is in the state permissible for [05:28] this operation. [05:28] when I tried to /release [05:28] crap [05:28] hi there... I am getting this error with Winbind : Failed to issue the StartTLS instruction: Connect error. Somebody can help me? [05:28] What should happen ^^ [05:29] Anyway, if you say its flushed. [05:29] Alright. [05:29] Try viewing your sites. [05:29] yeah, flushing worked [05:29] no, he has an error [05:29] oh.. [05:29] guess not.. [05:29] Can you see the sites? [05:30] no [05:31] What happens when you type in the domain name? [05:31] if I'm running a webserver, do I need to run a DNS server too? [05:31] Also, before I continue, tell me your not using IE. [05:31] "unable to connect" after about three seconds [05:31] firefox [05:31] Thank god. [05:31] Hmm [05:31] LOL [05:31] lol [05:31] WHat happens when you type in the internal IP? [05:32] I get americansombo.com [05:32] Okay. [05:32] Now, open up cmd [05:32] and do: [05:32] ping americansombo.com [05:32] 216.x.x.x [05:32] pinged ok [05:33] Then its firefox. [05:33] Open firefox. [05:33] Press [05:33] shift ctrl delete [05:33] And delete it all. [05:33] Then refresh [05:33] (Combination memorization = win) [05:33] okay...it's thinking about it LOL [05:33] Haha [05:34] ...and still thinking... [05:34] You must have been suring lots of porn. [05:34] If it takes that long :P [05:34] *surfing [05:35] refreshed using Ctrl-f5 [05:35] =) Naughty Naughty [05:35] still see americansombo. [05:35] That would also work. I liked my way :P [05:35] intelatech.net comes up as unable to connect [05:35] Ping intelatech. [05:35] See if it comes up under the same IP. [05:35] works fine for me... I can see intelatech.net just fine. [05:35] 216.x.x.x OK [05:35] =) [05:36] GODDAMN IT. [05:36] I SEE AMERICAN THING WHEN I TYPE INTELATECH. [05:36] AUGHHH. [05:36] FUCK APACHE. [05:36] cool, I'm not the only one pulling my hair out [05:36] [05:36] Yea [05:36] Comes with the job Haha. [05:36] Alright. [05:36] IP comes back. [05:36] ^clears cache ? [05:36] senkusha: Error: "clears" is not a valid command. [05:36] yes [05:36] Hmm [05:36] I see the intelatech website at intelatech.com where I used to see americansombo before you helped him. [05:37] did you clear YOUR history? [05:37] It works on my end [05:37] Did you change the apache conf ? [05:37] Alright, clearing mine. [05:37] it's intelatech.NET [05:37] mistype, [05:37] hehe [05:37] I meant intelatech.net [05:37] ok [05:37] crohakon: What do you see? [05:37] Blue background? [05:37] American Sombo [05:37] up top? [05:38] i think i figured it out, i need to add "auto eth0" "auto eth1" all the way to "auto eth3" in my /etc/network/interfaces -- that's why my ubuntu doesnt boot - right? [05:38] or having multiple "auto" s will cause issues, i am not understanding some of these examples, it says it's okay for loop back interface [05:38] I see American Sombo [05:38] auto eth0 will automatically start that network interface on boot up [05:39] I see "Finally: Affordable, 24-Hour Computer Service!" [05:39] Okay [05:39] Its me then. [05:39] flushed your DNS? [05:39] thanks senkusha , and if there is no wire in corresponding ethernet jack? it will just assume it is disconnected right? currently i only have "auto lo" and "auto eth2" , eth2 being the plug i have connected in [05:39] Don't have one. [05:39] :P [05:40] yes [05:40] I do my own DNS, because I roll like that. [05:40] Haha [05:40] Anyway. [05:40] lol [05:40] so curious: why didn't ubuntu already add auto ethX for the rest of the ethernet ports? btw my mobo has 4 onboard ethernet [05:40] * senkusha is scared of the creepy DNS server configurations [05:41] @vraa: I think it only does it for eth0 by default [05:41] senkusha: Good idea. [05:41] Whats another domain thats on that server? [05:41] Because I think it might be broken. [05:41] eth0? you mean ... the first connected/detectable connected network interface? [05:41] i thought the eth#'s were assigned in an order of detection? [05:41] vraa: Not at all. [05:41] aos-ff.com, sombojoe.com, asylumtattoo.com, goldenrule345.com ... .I think that's all of them [05:42] Ok. [05:42] okay, so then how come that is eth2 consistantly then? wouldn't it be eth0 ? [05:42] @vraa: nope, I found that out the hard way when I discovered that one of my NIC's (used to be eth0 died) [05:42] vraa: Are you on a Linode VPS? [05:43] oh, then i guess i forgot i must've changed it a while ago, no i am not on vps, this is a computer i built at work, i have done port forwarding so i can ssh into it [05:43] Ah, I see. [05:43] This web site at goldenrule345.com has been reported as an attack site and has been blocked based on your security preferences. <---wtf is this all about? [05:43] crohakon: Google+Firefox [05:44] I told the owner of his site about that....I guess he never fixed it [05:44] He can't. [05:44] Its Google. [05:44] I think he was using some hitcounter he found on the Net [05:44] Once they make that domain a bad one. [05:44] It aint never coming back. [05:44] the sombo joe site is giving me a directory list... not safe methings.. [05:44] thinks* [05:44] Yea. [05:44] Indexes should be turned off. [05:44] -Indexes [05:44] crap...I need to set the directoryindex for it [05:45] senkusha: Just set -Indexes in an .htaccess [05:45] or in the virtualhost options [05:45] and aos-ff only returns "Table 'smf_avatars.smf_settings' doesn't exist" hehe [05:45] I think you have more work then just the vh issues =) [05:45] +1 [05:46] senkusha: If you wan't my honest opinion. [05:46] Start with making the virtualhosts just say stuff like [05:46] This is intelatech.com [05:46] This is [05:46] And then [05:46] Once that all works [05:46] Put content. [05:46] OR. [05:46] Install virtualmin+webmin [05:47] I can fix the aos site....just need to rerun the forum installer and recreate the database...that was a brand new site that was added just after the backup I had on file [05:47] so i have added auto ethX for 0 1 3, along side eth2, but this time i need to make it like so -- http://pastebin.com/df652592 -- and that will work even if there are no cables connected? [05:47] I just need to be able to access it first! :) [05:47] Heh. [05:47] Well. [05:47] The only thing I can think of is Mozilla. [05:47] I hate to say this but. [05:47] Try it in IE. [05:47] ok [05:47] *gasps* [05:47] No... no... [05:48] *dies* [05:48] chome... [05:48] Chrome is better. [05:48] chrome.. [05:48] If you have it installed. [05:48] hehe [05:48] I only use IE when I *absolutly* have to [05:48] Yea [05:48] I've got chrome too [05:49] k [05:49] use that. [05:49] As for IE: [05:49] Pull a 4chan. [05:49] KILL IT WITH FIRE. [05:50] :) [05:50] chrome: OOPS broken link. [05:50] Shit [05:50] IE: msgbox: unablable [05:51] I only use IE to see how broken my websites are on it. And then to attempt work arounds to get them to look right. [05:51] lol [05:54] I wish there was a log in firefox that would show me what the hell is going on as to WHY it can't connect LOL [05:54] Sorry bout that. [05:54] Hmm [05:54] senkusha: Do you use a proxy? [05:54] seriously... I had IE... it is such a pain in the ass when designing websites. It does not follow any of the standards. [05:54] no [05:54] crohakon: +1 [05:54] senkusha: I hate to say it but: [05:55] "When in doubt, pull the power cable out" [05:55] Reboot. [05:55] LOL [05:55] Three finger salute. [05:55] i've tried that already [05:55] Hmm [05:55] Alright. [05:55] I do not have any trouble with accessing any of your domains. *shrugs* [05:55] I've got another trick in my bag. [05:55] well, that's a good thing... :) [05:55] senkusha: Can you access go-techo.com? [05:55] taht too! [05:56] ? [05:56] I can [05:56] =) [05:56] go-techo.com doesn't work? [05:56] I see "Main" [05:56] crohakon: Good. [05:56] And, good. [05:56] That is my company. [05:56] TO be opened in January. [05:56] Anyway. [05:56] Lemme see about the hosts file. [05:56] that's in /etc/hosts , right? [05:57] senkusha: On linux. [05:57] On windows its in: [05:57] C:\Windows\System32\drivers\etc\HOSTS [05:57] Copy cats. [05:57] Anyway. [05:57] Open that file in notepad. [05:57] And paste here. [05:58] 127.0.0.1 localhost [05:58] ::1 localhost [05:59] Fuck [05:59] Hmm [06:00] Do you have any other computers? [06:00] I'm thinking it has to be like a iptables thing [06:00] yes [06:00] Unless your vista has aids. [06:00] I see no issue. [06:00] let me go try on the other one [06:00] Yes. [06:03] okay, I think it's my laptop...but aos-ff turns up with americansombo [06:03] (on th eother computer) [06:04] it all works fine for me. [06:04] Then you've got an issue with a virtualhost. [06:04] Most likely its your computer. [06:04] Or network. [06:04] Because, it works fine for crohakon [06:04] Works somewhat for me. [06:04] And doesn't for you. [06:06] figures LOL [06:07] Hha [06:08] okay...It...It looks like I might just have to wipe and start over on the laptop [06:08] I'd reccomend that for both the laptop and the server, honestly. [06:08] And start with the basics [06:08] And slowly work up. [06:09] if only I didn't need firestarter to share the internet connection...that could be one issue the server has [06:09] firestarter? [06:09] it's a gui firewall app for linux [06:10] Wait. [06:10] What? [06:10] Why do you need a firewall to share the internet connection? [06:10] yeah, I am a bit lost here as well... [06:10] senkusha: ping. [06:11] you use firestarter for DHCP? [06:11] Oh god. [06:11] I really really really really hope not. [06:11] Please say you don't. [06:11] Please. [06:11] I see firestarter also does NAT [06:11] I found firestarter back in my fedora days years ago. It has DHCP and ICS with a simple wizard. so I set it up and never gave it a second though. then the other day when I reinstalled the server, I was welcomed to a terminal only world. I tried several tutuorals on the net to share my connection, but none of them worked. So I was forced to put the desktop on with firestarter. [06:12] *gasps* [06:12] *shudders* [06:12] *faints* [06:12] I don't use DCHP...all ip's are statically assigned for all my computers...since the dhcp seems to be broken in firestarter anyway [06:13] *dies* [06:13] https://help.ubuntu.com/9.04/serverguide/C/networking.html [06:13] i'd be very happy if I could find a iptables structure that get's my ICS working without firestarter [06:14] ubuntu's network guide really nice... simply to understand for novices like me. I got a lamp server running in 1 hour using it. My FIRST ever attempt. [06:14] ubuntu's server guide* [06:14] Yea [06:14] help.ubuntu.com [06:14] sommer: ^^^ [06:14] is great sometimes [06:14] and shit others. [06:14] Anyway, I'm out [06:14] senkusha: I hope you get it working. [06:15] wow... wait... let me try this again... ubuntu's server guide is really nice... simple to understand for novices like me. I got a lamp server running in 1 hour using it. My FIRST ever attempt. [06:15] I'm not done fighting yet...just today LOL [06:15] I need sleep [06:15] crohakon: That's why I highlighted sommer, so he'd see that comment. He coordinated putting most of it together [06:16] yeah, me as well. [06:16] I'll check out the guide...quickly looking through, I don't see anything mention of ICS, but I'm not looking indepth yet [06:16] read the networking section when you are more awake. =) I am sure something will help. [06:17] thanks for the pointer. Later! [06:17] Man... that guy has an odd setup. [06:18] Anyway, sleep for me as well. Goodnight all, and thanks sommer for the great guide! === crohakon is now known as crohakon|afk [06:26] hi I am gettin this error when connect to ldap-samba: Failed to issue the StartTLS instruction: Connect error [06:26] someone know about this error === obstriege is now known as obst [07:05] roxy08: does the ldap server have StartTLS configured? [07:06] I suppose yes, My samba is an member server [07:06] you configurated in my samba server or LDAP server? [07:07] The only thing that i change yesterday was a digital certificate in my ldap server but is wrk in Postfix an Courier, so should no affect? [07:09] roxy08: so did it work before the certificate was changed? [07:09] yes [07:10] but is a certificate to use with email server (which is in the same ldap server), cab it be a problem? [07:10] and does Postfix and Courier-authlib use the startTLS or are they just using standard unencrypted LDAP? [07:11] they use SSL [07:11] I suppose is the same than TLS? [07:12] yes they use TLS [07:13] startTLS and ldaps are different [07:13] they are both SSL but implemented differently [07:14] ah, ok. but my question is if i didnt any change in my samba server why i am geeting that error. [07:15] is it a self signed cert? [07:15] also, when i do smbclient -L myserver i got failed (Error NT_STATUS_CONNECTION_REFUSED) [07:16] what do you mean ? is a digital certificate that I got from third part [07:17] your SSL certificate is singed by somebody.. did you sign it or did you have some CA sign it [07:18] I did [07:19] the reason I ask is that some clients need special settings to allow self signed certs, or chained CAs [07:19] I'm not really a samba user but I do you ldap quite abit [07:20] so the old certificate was also self signed? [07:20] well, i didn nothing in ldap...but i dont know why my samber server cannot connect now [07:20] i suppose i am new here [07:21] so where did you install the SSL cert? the ldap server? [07:21] in postfix folder and courier-imap [07:22] but i am not sure if this is the problem? [07:22] woot [07:22] * Hajuu just got a new job :) [07:22] ok.. I was thinking you put a new cert in openldap [07:22] startTLS and ldaps both require a SSL certificate [07:22] no [07:23] is the ldap server and the samba server separated by an untrusted network? [07:23] but openldap require a third part certficate? I mean we need to buy it? [07:24] lol huh [07:24] no [07:24] are in the same network but different vlan [07:24] why would you need a third party cert? [07:24] and moreover why would you need to buy one [07:24] :/ [07:24] you can use a self signed cert with open ldap if you want.. you just need to make sure that the client will accept the self signed cert.. it's different per client [07:24] but i can ping and I can get information about ldap directly [07:25] for example with getent [07:25] Yeah just generate your own ssl cert, who cares. [07:26] so getent shows ldap users from the samba server? [07:27] in my samba server if i do it i got users from ldap [07:27] the problems is the connection in samba with ldap [07:27] ok.. check your ldap.conf file on the samba server is it using startTLS or ldaps? [07:27] smbd/connection.c:yield_connection(42) [07:29] ldap [07:29] does show me nothing with TLD [07:29] TLS [07:29] it's usually best to get it working with out SSL first if it's on a trusted network .. then add the SSL in when everything else is working fine if you feel you need it. [07:30] I realize it used to work .. but it may help to trouble shoot it with out the startTLS [07:31] so your connection string should be just ldap://ldap.server.name and port 389 [07:31] how i do it? [07:32] yes [07:32] does Samba talk directly to the ldap server or does it use local users through nss_ldap? [07:33] use nss_ldap [07:33] Hajuu: so what kinda job did you get? [07:33] and "getent passwd" shows all the users? [07:34] yes [07:34] sorry [07:34] i am not sure what do you mean ...i configurate nsswitch but i suppose is using the ldap directly [07:34] no local users [07:35] getent passwd should show all the ldap users + the local users found in /etc/passwd depending on what you have set in nsswitch [07:36] no just show me ldap users [07:38] that should be fine. by local users i was referring to system users (root, syslog, ssh, and the sort) [07:39] so the error shows up in samba's logs? [07:39] yes [07:41] hmm. so if the system can see the ldap users through nss_ldap and if samba uses nss_ldap for it's users and ldap.conf does't have any startTLS or SSL stuff in it, where is it getting the startTLS stuff from? [07:43] that is dont know [07:43] i didn see any configuration whit that [07:44] also say ssl no [07:48] does samba start? [07:48] what do you mean? [07:48] yes [07:48] is running [07:50] I was wondering if the errors where at the time when samba started.. and if so if the daemon wouldn't start at all? [07:52] roxy08: one more thought.. is openldap, postfix, courier-authlib all running on the same machine? [08:01] roxy08: I was wondering if they are on the same server is it possible that openldap was also using the certificate that was replaced with out you realizing it. [08:02] maybe it was using startTLS all along with the old cert. [08:02] if that's the case maybe a solution would be a simple as restarting slapd to get it to read the new certificate. [08:03] or make sure that openldap is not advertising support for startTLS.. that way no clients should attempt to us it [08:08] uf...let me read again [08:08] i will try with the first thing [08:20] the first one does not work :( [08:21] and the second one...i dont know how i should chek it [08:26] ok, yes you was right...i restart sladp and I dont get the error for smbclient now [08:26] i can see my samba client [08:26] server [08:33] Reepicheep, i can now do smbclient but still i cannt coonect to ldap with the same error [08:39] <_ruben> hmm .. wonder if i could /dev/shm similar to physical disks like with iostat .. running a very disk intensive job on a ram disk [08:40] Hi all [08:41] I've just installed apache2, php5 with apache2 mod, mysql-server on Ubuntu server 9.10 but when I've request: http://127.0.0.1 it return to me a index.phtml contain php source instead of html [09:07] hi people! [09:07] what do I need in order to run NFS on my server? [09:07] I've got portmapper installed [09:07] but can't seem to find the package with nfsd [09:10] tiger2wander: You might want to try enabling ExecCGI in the Options line [09:11] gamla_kossan: nfs-kernel-server or unfs3 I think [09:14] jmarsden: I have install only php5 package not php5-cgi, is it ok to run without cgi mod? [09:14] jmarsden: thanks, was nfs-kernel-server [09:14] tiger2wander: Yes. [09:14] gamla_kossan: Good :) [09:16] jmarsden: I have seen this problem yesterday then I have purge all installed package with configuration then re-install, it working well [09:17] jmarsden: today, I have this problem again in another Ubuntu server and it problem remain even after purge and install again [09:18] tiger2wander: Strange. I had something similar before trying to get PHP on Ubuntu 9.04 working, and I am pretty sure I added Options ExecCGI to fix it. [09:19] jmarsden: Where you add the Options ExecCGI ? apache2.conf [09:19] * tiger2wander is away: Away [09:21] tiger2wander: No, /etc/apache2/sites-available/default -- the Options line for the /var/www directory. [09:21] jmarsden:: ah, OK, let's me try it out [09:24] jmarsden:: Its still response php source code :( [09:24] tiger2wander: Did you restart apache2? [09:24] jmarsden:: yep, of course [09:25] OK... if you create a file test.php and browse to that does it work as expected? [09:25] lol jmarsden like, the author? [09:25] jmarsden like the network admin :) [09:26] jmarsden:: I have installed joomla and it has index.php file [09:26] lol thats less interesting [09:26] tiger2wander: And it worked fine? [09:26] jmarsden:: not yet [09:27] Hajuu: But maybe more useful in #ubuntu-server :) [09:27] No way, what we need is some fiction! [09:27] :D [09:27] tiger2wander: Then don't mess with big apps like Joomla until you have PHP working :) [09:27] jmarsden:: I've just created a test.php file and it work fine, may I need to check .htaccess file :) [09:27] tiger2wander: Rename the index.phtml to test.phtml, maybe the issue is with DirectoryIndex ?? [09:31] jmarsden:: May be that problem related to joomla configuration in content-type response [09:31] tiger2wander: OK... *that* sounds like a different thing altogether. [09:32] jmarsden:: I'm do a deep checking about it :). Anyway, thanks [09:32] tiger2wander: Sure, no problem. I need to get some sleep anyway... 01:30am here... [09:33] jmarsden:: g9 [09:33] tiger2wander: Goodnight. [09:34] how do you figure g9 translates to goodnight? [09:34] thats taking that fad too far. [09:34] jmarsden:: My time zone is afternoon :) [09:34] thats obviously: Gee nine. [09:36] Hajuu:: if you can speak aloud it, it is likely digital *slang* :P [09:36] well, 'gee nine' and 'goodnight' have.. 3 letters in common [09:37] out of a possible 9. [09:37] so its like me just using 1/3rd of all my words and just expecting people to understand [09:37] 'digital slang' version: so its me just 1/3rd of my words just expecting to understand [09:38] Because almost people think and work with their relative, not absolute like machine, then I think it is for people who working much with computer can be understand it easy :) [09:45] Because people think work with relative, not like, then think is for who working with computer be it easy [09:45] Do you like my digital slang converter? [09:45] Its based on your research [09:46] Hey, 8.1 Server, is it possible to have virtual ftp users that can access multiple directories served by apache. Currently using pure-ftpd-mysql and have users connecting, but I can seem to get the permissions right [09:46] *can't [09:46] Hajuu:: I've not like it, because your way can not understand my words but a really human can :P [09:47] * maxb reminds bios that there's no such thing as "8.1" server :-) [09:47] lol, indeed maxb, but I'm sure you know what I mean [09:47] Yeah, sorry, just a pet hate of mine - malformed version numbers [09:47] Unfortuately I don't have any ftpd experience [09:48] yeah, same here, I think its a permissions issue but I can't be sure [09:52] lol tiger2wander [09:52] I can also understand a painting. [09:52] That doesnt mean it has good language skills. [09:52] :P [09:52] :D [10:00] Anyone known there error: http://openpaste.org/en/17474/ ? [10:01] It is seen like package is hold by dpkg purge process, error happen even after I reboot server [10:02] tiger2wander: There's no error there? [10:02] I see it after purge and install package again [10:03] Then I purge it, the message still display like that without version, is it normal? [10:04] tiger2wander: You remove a package and wonder why dpkg says it's not installed? Am I understanding this correctly? [10:06] soren:: yes, but why it says "|/ Err?=(none)/Reinst-required (Status,Err: uppercase=bad)" ? [10:06] It just explains what the second column denotes. [10:07] Sorry, third. [10:07] tiger2wander: Look at the full output: The first line of text has a line drawn from it down to the first column. The second line of text has a line drawn from it down to the second column. The third line has a line from it down to the third column. [10:09] soren:: Yeah, It is report error for another, right? [10:09] What? [10:09] It explains how to read the three status columns. [10:10] "Desired=Unknown/Install/Remove/Purge/Hold" == "This column denotes the desired status of this package: "u" means "unknown", "i" means install, etc. etc." [10:11] soren:: ah, :(, thanks for explains [10:11] "Status=Not/Inst/Cfg-files/Unpacked/Failed-cfg/Half-inst/trig-aWait/Trig-pend": "This column denotes the current status of the package: "n" for "not (installed)", "i" for "inst(alled)", "c" for "cfg-files (left over from unpurged package)", etc. etc." [10:11] ok, I understand [10:12] "Err?=(none)/Reinst-required (Status,Err: uppercase=bad)": "This column denotes error conditions of the package. Etc. ETc.". [10:13] so, about apache2: is it control defaults page will be read in /etc/apache2/mod-enabled/dir.conf such as: index.php, index.html ? [10:17] Caused by I have got response with content-type=application/x-httpd-php instead of text/html when I'm trying to request http://domain.com/ [10:17] but server response right content-type when I request http://domain.com/index.php [10:17] is there any idea about that problem? [10:26] tiger2wander: How are you testing this? [10:26] Where are you seeing this content-type=application/x-httpd-php? [10:26] I'm using curl: curl -D - http://domain.com [10:27] Then I don't know. [10:27] and firefox display download dialog with file type also [10:28] Forget about firefox for this. [10:28] Rely on curl (or wget). [10:28] yeah, It is strange, may it is a bug from Ubuntu server or apache2 :) [10:29] yeah, anyway, it can be netcat :D [10:31] No, my point is that Firefox is unreliable for this. [10:32] It has an extremely annoying habit of caching the mime-type. [10:45] * soren lunches [10:45] * Hajuu launches [10:47] New bug: #457045 in bind9 (main) "Command host chooses another DNS server to query than I specified" [Undecided,New] https://launchpad.net/bugs/457045 [10:50] Hi [10:50] How can I completely remove a package? [10:50] using apt-get purge package sometimes leaves directories with files [11:01] acalvo: That's usually a bug in the package. Which package is it, and which files are left behind? [11:01] soren: while I'm installing a mailing list server, I've tried sympa and mailman [11:02] mailman has left lots of files under /var/lib/mailman [11:02] it should, at least, ask to remove them [11:08] acalvo: Debian bug 176154 [11:08] Debian bug 176154 in mailman "mailman: purge of package deletes list archives and member lists." [Important,Fixed] http://bugs.debian.org/176154 [11:08] acalvo: It's intentional. [11:09] uvirtbot`: nick uvirtbot === uvirtbot` is now known as uvirtbot [11:14] soren: thanks then [11:15] acalvo: Feel free to file a bug about it, if you think it's wrong. [11:16] soren: i'd rather ask first here, filling bugs that already exist or are useless does not help too much [11:16] acalvo: It's useful to a) know that there are differences of opinion as to what should happen to /var/lib/mailman on purge, and b) for other users who -- like yourself -- wonder why this is so. [11:23] soren: I'll take a closer look to the bugtracker [11:23] by the way, sometimes I need to return a package to its original state (configuration, files, etc...) === Hajuu is now known as ae === ae is now known as Hajuu [11:45] sorry [11:47] you will be. [11:47] * Hajuu shakes fist [11:48] pre-emptive strike! [11:56] Anyone know how I link a Domain name to my server ip address? [11:57] so my server has a somain name linked to it? [12:10] kirkland: I just completed and install following https://help.ubuntu.com/community/UEC/PackageInstall [12:11] kirk it works like a charm. great job [12:11] * nijaba -> lunch [12:16] New bug: #457092 in libvirt (main) "starting a VM with an SDL display hangs virtmanager and virsh" [Undecided,New] https://launchpad.net/bugs/457092 [12:22] nijaba: cool [12:33] Hajuu: all your base are belong to us [12:45] hi [12:45] does anyone have installed mailman? [12:46] I'm trying to follow the 9.04 server guide howto, but I ended up having lists with name@domain.com, instead of name@lists.domain.com [12:46] is there any file where the address template can be defined (lists.domain.com)? [12:49] acalvo: DEFAULT_EMAIL_HOST = 'lists.ubuntu-dk.org' [12:49] acalvo: For instance. [12:49] acalvo: In /etc/mailman/mm_cfg.py [12:50] soren: thank you [12:50] I was taking a look at that file right now === aubre_afk is now known as aubre [13:03] guten morgen people [13:03] did the meeting link get put up yet? [13:04] meeting log actually? [13:23] has anyone else tried an apt-get update and failed? [13:24] if you have, you need to "apt-get autoclean" and "apt-get clean" [13:29] wenas [13:29] alguien por ahi? [13:30] whew! we broke a thousand tickets this week [13:33] Is it possible that since my host filesystem is XFS - that it is what is preventing me from mounting SC (EBS-style) volumes in my VMs? [13:36] what deb pkg is php5-rewrite in ? [13:38] So, I have an issue where if I leave the server box running for a while with no activity, and I come back later, the box appears to be frozen up. Cannot SSH, no screen will come up on the monitor. Any reason this might happen? [13:42] Can anybody help me set up internet connection sharing (without having to use Firestarter)? [13:42] well, got to go to a trade show, I suppose I will ask when I return. [13:44] https://help.ubuntu.com/community/Internet/ConnectionSharing [13:44] New bug: #456660 in openssh (main) "ssl(8) man page missing from package (or distribution)" [Wishlist,Confirmed] https://launchpad.net/bugs/456660 [13:45] I read that tutorial, but I guess I did something wrong, becuase it didn't work [13:45] I did the following before running following the doc: [13:45] iptables -F (which closed down my ICS from firestarter) [13:46] sudo apt-get purge firestarter [13:46] then added the three lines for iptables [13:46] it would be wise to disable firestarter before trying to configure your iptables... [13:46] anyway, gotta go bye [13:46] okay, I'll try that [13:53] can somebody review my /etc/network/interfaces ... when I tried the ICS tutorial, my eth2 didn't come up. I want to make sure I have my interfaces set right [13:53] Sure. Pastebin it. [13:54] Thanks! [13:54] http://pastebin.com/f6b60a956 [13:56] New bug: #456308 in ntp (main) "drift file blocked by apparmor ntp profile" [Medium,Fix committed] https://launchpad.net/bugs/456308 [13:56] Well, first off, your gateway for eth2 is on a completely different network than the address or network declaration. [13:56] lol [13:57] I wasn't sure what to put for it, since I thought my gateway was eth0 [13:57] eth0 doesn't talk to the 192.168.1.0 network. [13:57] Describe the purpose of the system. Is it a gateway/router? [13:58] but it should after I add these, right: [13:58] Ahhh, yes. The "Add More Shit" approach. [13:58] sudo iptables -A FORWARD -i eth0 -o eth1 -s 192.168.0.0/24 -m conntrack --ctstate NEW -j ACCEPT [13:58] sudo iptables -A FORWARD -m conntrack --ctstate ESTABLISHED,RELATED -j ACCEPT [13:58] sudo iptables -A POSTROUTING -t nat -j MASQUERADE [13:58] fixing the ip ofcourse [13:58] Halt. [13:58] Cease. What is the purpose of the system? [13:59] the server is a web and mail server [13:59] hahah [13:59] I need internet connection sharing so my laptop and other PC can get on the Net [13:59] You're already dead. [13:59] But it's got two NICs, with one appearing to point to an external network, and the other is an internal network. [13:59] I know this must come as a shock [13:59] also the server is going to be acting as a firewall [13:59] So, it's a router, right? [13:59] yeah [13:59] Okay, NOW, I can work with this. [14:00] Second question: Why is eth0 NOT using DHCP? [14:00] eth0 is my DSL connection...using a static IP for my webserver...that my ISP gave me [14:00] Okay. [14:01] Network lines in the interfaces file are superfluous. The network is extrapolated via the address and netmask. [14:01] I was wondering why I've never seen that before [14:01] http://pastebin.com/m2cc96732 [14:01] but the doc says it's required [14:01] Whatever tutorial you followed was written by a gorilla on acid. [14:02] Who wants to help me setup the largest turnip porn empire the world has ever seen? [14:02] LOL [14:02] Hajuu: I am totally up for that. [14:02] Cool, ill cut you in at 1% [14:02] let me just do the maths.. [14:02] skuld: My interfaces file is very similar, as my server is my router. [14:02] hm 1%.. multiply by.. nothing... *taps on calculator* [14:02] skuld: Secondly, why did you decide to not assign eth2 a 192.168.1.1 address? [14:03] 192.168.1.* is so.. 2008 [14:03] this is 2009 [14:03] get with the NOW [14:03] Hajuu: 10.4.20.0? [14:03] The future is all about 10.1.1.* === SyL is now known as Guest96240 [14:04] for some reason, I thought 192.168.1.1 was being used by something else...maybe my wireless access point? [14:04] you can have multiple networks on the same subnet as long as they arent freaking huge dhcp monsters [14:04] subnet/ip block [14:04] skuld: Oh, you've got a WLAN AP. You're going to have fun configuring that to NOT serve DHCP, and to not try routing packets. [14:04] lol huh routers usually have a dhcp on/off thingy [14:04] even wireless ones [14:04] :o [14:05] Hajuu: That's the easy part. Disabling its routing function is a little harder, usually. [14:05] Damn, freenode wont let me change my nick to CiscoJuu [14:05] meh well the easiest way is to have it as a gateway, not a router [14:05] and have all trafic simply port forwarded to the gateway [14:06] Hajuu: I just uploaded DD-WRT and disabled routing. [14:06] lol why would you buy a router [14:06] then turn it into a dsl modem? [14:06] seems extrenuous [14:06] Because it's not my modem. [14:06] It's a WLAN AP, and that's it. [14:06] okay, I'm going to restart this and see what happens. [14:06] routing is like love.. even wireless AP's want it. [14:06] <3 [14:07] Hajuu: Eff that. [14:07] this is a good tutuorial for ICS? [14:07] lol [14:07] https://help.ubuntu.com/community/Internet/ConnectionSharing [14:07] ICS aint no thang but a chicken wing [14:07] ya herd. [14:07] Hajuu: My AP is like a whore with no condom. It doesn't matter if she wants it or not - She gets it all, and just passes it on. [14:08] hahah [14:08] .. Damn. [14:10] Heh... That was actually pretty good... :P [14:10] too true. [14:10] If not mildly de-childhoodizing. [14:10] :(((((( [14:10] :D [14:17] what php deb pkg is php5-rewrite in ? [14:18] I cant find it on ubuntu [14:18] in the pkgs [14:19] um [14:19] php5-rewrite? [14:19] yes php5-rewrite [14:19] * soren wanders off for a while [14:19] surely you mean the apache mod_rewrite [14:19] ... [14:19] there is also a phpr-rewrite [14:19] its not anything to do with php [14:19] php5 [14:19] I doubt that. [14:19] extension === jono_ is now known as jono [14:20] ok now I know you're full of shit, as an extension would still require a script to.. use the extension [14:20] and for all trafic to be directed to that script [14:20] which you can setup without any extension [14:20] * Hajuu is the manager of a php channel [14:20] sorry wrong module [14:20] There is no php5-rewrite. [14:20] brain fart [14:20] lol [14:21] xmlwriter.so [14:21] php5-xmlwriter [14:21] I think. [14:21] ...... [14:21] THATS what you meant? [14:21] lol [14:21] use simplxml [14:21] ftw [14:21] I'm wrong. [14:22] ok [14:22] AREN'T YOU ALWAYS? [14:22] :D [14:22] * The2morrowMan cries endlessly. "I'm such a failure!" [14:23] It's because you're too busy livin in tomorrow [14:23] :o [14:25] If I produced porn, i'd make the ladies say stuff not at all related to whats happening [14:25] "Ohhh, butter! All over my hot northern kingmouth salmon!" [14:26] "Mmmm, marygo round, pop my balloon sixteen times!" [14:26] ...Is that weird? [14:27] This is pretty offtopic for this channel.. [14:27] *shrug* how do you figure? [14:27] Seems perfectly on topic. [14:27] Maybe you've lost touch with what the topic is. :( [14:27] this is -server [14:27] lol [14:27] brb [14:27] I'm just joking. [14:27] i'll leave you guys in peace for a bit [14:28] if anyone needs help with apache or php say my nick [14:28] :o [14:28] Hajuu: If you want to say random crap like that, you should go to #ubuntu-offtopic [14:28] ;) [14:30] ok and yes I need apache mod_rewrite it seems [14:31] What a mystery! [14:34] I dont see it in apt-cache search apache2 [14:36] it probably comes with apache [14:36] it might even be built into the binary [14:36] not sure [14:37] saludos [14:38] hi all [14:38] * Hajuu waves [14:39] how speak spanish? [14:41] ubuntu/deb o this so diff then the other linux/inix I have used [14:41] lol [14:41] how do you speak spanish [14:41] Well [14:41] First [14:41] you learn spanish [14:41] right? you with me so far? [14:42] Next, you kind of.. hm, move your mouth, roughly up and down [14:42] this is a distraction for your enemies [14:42] to allow your toungue and throat to have time to work [14:42] So, once you're moving your mouth mechanically up and down [14:42] start to vibrate your toungue lightly [14:43] and move this down, into the back of your throat [14:43] Think of a word, phonetic symbol by symbol [14:43] got it [14:43] its now loaded [14:43] slowly move from left to right [14:43] Voila [14:43] Speach! [14:44] UnixDawg: I've never felt so proud [14:44] solciito por favor colaboracion [14:44] I promised myself I wouldn't cry :') [14:44] No, I will not colaborate on killing your father! [14:44] :o [14:44] and im offended that you would ask. [14:44] Hajuu: please bring random chatter to another channel, please. [14:45] smoser: can I test the current UEC/EC2 or do you plan to respin them ? [14:45] cuando estoy instalando ubuntu server en configuracion de discos raid en virtualbox [14:45] they're good. 20091020.1 [14:45] smoser: ok thx [14:45] i'll start testing ec2 here shortly. [14:46] me aparece una advertencia de que los multidiscos no son leidos pero el sigue instalando normalmente [14:46] cuando hago sudo fdisk -l [14:46] helynux: #ubuntu-es please [14:46] ok ok gracias ttx [14:47] I really need some more help with this ICS [14:48] and for some reason my eth2 comes up as state:UNKNOWN [14:48] skuld: you'll get more help in a generic support channel, like #ubuntu [14:49] ok [15:01] wow, okay, I have no clue what changed, but now I can visit my own websites LOL [15:03] now to move on to the other problem: postfix +dovecot using msyql .... [15:04] lol [15:04] Quit networking. [15:10] well, I thought I had my virtual hosts figured out last night, but i just found out that I'm going to other virutal domains on my server instead of the correct one [15:18] smoser: is the ec2 images up yet? [15:18] indeed. the iso tracker has the ids [15:19] they can also be seen at the beautifully revamped daily output, thanks to slangasek [15:19] http://uec-images.ubuntu.com/karmic/20091020.1/ [15:19] but trust the tracker ids [15:19] smoser: I got this message in my UEC console-output: [15:19] * Waiting for EC2 meta-data service One or more of the mounts listed in /etc/fstab cannot yet be mounted: [15:19] (ESC for recovery shell) [15:20] What's EC2? [15:20] anybody know how to use the apache rewrite so I don't have to specify both a www.sitename.com and a sitename.com virualhost? [15:20] :D [15:20] smoser: doesn't seem to prevent them from working [15:20] ttx, what is in /etc/fstab ? [15:21] my guess is that there is an entry for /mnt and eucalyptus is not providing a partition table and formated filesystem in the same way that ec2 does [15:21] i dont think that should be new though [15:22] smoser: starting a new instance to look in [15:24] smoser: http://pastebin.ubuntu.com/298304/ [15:25] and i'm guessing you dont have a /proc/sd b [15:25] err... /proc/partitions/sdb [15:25] or if you do, its not formated. [15:26] I don't have a /dev/sdb, I checked that already [15:26] (sorry I already terminated that instance to let another test go) [15:26] I can rerun one if needed [15:27] skuld: why not fix it in dns? [15:30] ttx, so what i think is that this is a case where UEC is not behaving identically to ec2 [15:31] smoser: what should it do exactly ? [15:32] let me check ec2 real quick. [15:41] @zul: I'm not running a dns server [15:42] MagicFab: if you're running karmic as the host, you should get 1024x768 by default, at least [15:42] kirkland, ah, no, we're on a Jaunty host [15:43] MagicFab: move to a karmic host and you'll get better res [15:43] .. [15:43] Or [15:43] change your res :/ [15:43] Its not rocket science. [15:43] bbl [15:45] ttx, dump-data.sh at http://pastebin.com/f4ac20bc3 [15:45] m1.large type output at http://pastebin.com/f3c6840c0 === SyL is now known as Guest70615 [15:46] m1.small type output at http://pastebin.com/f5bfb9b54 [15:48] smoser: just a sec, starting i386 image right now [15:49] so, ec2 does [15:49] a.) gives you some block devices , that vary based on type [15:49] b.) puts an ext2 filesystem on unpartitioned block devices that it gave you in a [15:50] personally, i kind of think that b. is a bit frivolous, but i guess it does possibly save mke2fs time in the event that you're just going to use it that way. [15:50] http://docs.amazonwebservices.com/AWSEC2/latest/DeveloperGuide/index.html?instance-types.html explains what you get per instance type. [15:52] the way this is implemented in vmbuilder is: [15:52] http://bazaar.launchpad.net/%7Eubuntu-virt/vmbuilder/trunk/annotate/head%3A/examples/ec2-amd64-part-file.txt [15:52] and [15:52] http://bazaar.launchpad.net/%7Eubuntu-virt/vmbuilder/trunk/annotate/head%3A/examples/ec2-i386-part-file.txt [15:52] smoser: output in my current c1.medium instance is : http://pastebin.ubuntu.com/298329/ [15:52] why ubuntu moved to bazaar and drop svn? [15:52] I had two servers that according to /var/log/messages rebooted , I dont know why. Anyway I can check how the reboot was started? [15:53] they did not reboot the same time [15:53] smoser: want me to start a m1.large to compare ? [15:55] ttx: I wonder if the fact that my front-end (and my nodes) use XFS file system is causing https://bugs.edge.launchpad.net/ubuntu/+source/eucalyptus/+bug/452185 [15:55] aubre: Error: Could not parse data returned by Launchpad: The read operation timed out [15:55] ttx, i'm surprised that your /dev/sda2 didn't get mounted. [15:57] can you mount it manually ? [15:57] ie: sudo mount /dev/sda2 /mnt [15:58] smoser: yes [15:58] smoser: the issue is that fstab says its ext3 [15:58] while its ext2 [15:59] ah. [15:59] so sudo mount /dev/sda2 /mnt works [15:59] but sudo mount /dev/sda2 doesn't [15:59] funny [15:59] the change from ext2 to ext3 might be something that is reasonable to "fix" in uec [16:00] but other than that, i think the differences are expected as designed [16:00] ie, as long as they're consistent with: [16:01] output of euca-describe-availability-zones verbose [16:07] smoser: I'll gile a bug -- against what ? [16:07] file, even [16:07] well "eucalyptus". [16:07] whatever does the mkfs invocation of the disks it gives to the guest [16:08] smoser: eucalyptus writes that /etc/fstab ? [16:08] no [16:08] could using xfs as the file system on the front-end/node cause problems with SC functionality? [16:08] but its a "not like ec2" bug to have ext2, not ext3. [16:09] ttx, vmbuilder writes that /etc/fstab entry, and i will agree that a more flexible solution would useful there (possibly ec2-init changes) [16:09] smoser: because I have strange things there. Different behavior between amd64 and i386 [16:09] so if you want to open a "vmbuilder should let ec2-init dynamically update /etc/fstab" bug, i think that might be good for lucid [16:09] The amd64 UEC has /dev/sdb in its fstab [16:10] The i386 UEC image has /dev/sda2 [16:10] in both cases defined as ext3 [16:10] ttx, those are designed differences based on amd64 and i386 instance types [16:10] well above, i put the urls of the two files in vmbuilder that get rendered to /etc/fstab in the guest. [16:11] smoser: so the error in amd64 case is that there is no /dev/sdb... [16:11] smoser: while in the i386 case the error in that its not the right fs that is on it [16:11] on it = on /dev/sda2 [16:11] ok. i see two bugs [16:11] 1.) parititions presented to instance have ext2, not ext3 [16:12] 2.) partitions presented to guests are not identical to ec2 [16:12] i dont really think that '2' is a bug, but rather a difference in instance type configurations (which i believe is possibly even modifyable in uec) [16:13] as long as the partitions that the guest sees are determinable by the instance type configurations, i think thats fine. [16:13] that make sense ? [16:14] anyone know how I link a doamin name to my server at home? [16:14] zul, you rock. thanks for running all those tests. [16:14] smoser: i know ;) thanks for building the images [16:15] garymc, dyndns ? [16:15] ttx, that make sense above ? [16:15] smoser: but (2) triggers a bug on our side, right ? [16:16] yes, we expect (via /etc/fstab) a certain layout [16:16] smoser: like having a fstab with /dev/sdb while it should contain /dev/sda2 [16:16] is dydns free? [16:17] garymc, there are free services. google will be able to tell you more (dynamic dns provider) [16:17] I have already purchased the doamin name with UKREG [16:17] zoneedit.com might be good for you then. [16:17] ttx, i think that we should have a bug for lucid for that. [16:18] something like "auto-mounting of partitions in guests should be more dynamic/flexible" [16:18] which woudl affect i think ec2-init primarily (outside of removing that line in /etc/fstab in vmbuilder) [16:21] smoser: this gets mounted correctly in EC2 ? I mean, the /dev/sdb on amd64 images ? [16:21] yes [16:21] ok, so I agree those are both eucalyptus EC2 non-conformity [16:23] but the second bug is somewhat a configuration thing [16:23] smoser I have a static Ip address do i still need dyndns? [16:24] smoser: we could workaround (2) with a smarter ec2-init... but we wouldn't have the problem in the first place if they were compliant. right ? [16:24] probably not, then. you might find better help in #ubuntu, i think this is offtopic here, though. [16:24] sorry if i misled you garymc [16:25] ok [16:25] ttx, for 1, absolutely that shoudl be ext3. simple. [16:25] but even that could be worked around with smarter dynamic mounting [16:25] smoser: ext2, you mean [16:25] but why would anyone want ext2 is a reasonable question [16:25] hm [16:25] forget what I just said [16:26] ext3. [16:26] right [16:26] i was confused there for a minute [16:26] * ttx gets confused at the end of the day [16:26] shouldn't parallelize discussions [16:26] ok, heres a source of one of my confusions: http://testcases.qa.ubuntu.com/System/EC2CloudImages [16:27] where are results to "User-data test" and "Rebundle test" supposed to be recorded ? [16:27] i'm guessing that zul didn't run those, right? [16:28] no I didnt run the rebundle test [16:29] is it possible that using XFS on the CC or NC could keep SC functionality from working? [16:30] ttx, could you comment on my test-case question above? [16:30] zul, did you do user-data test ? [16:31] smoser: nope just the basic functionality ill run the user-data test right now [16:31] and where will you record those results ? [16:31] i'm just constantly baffled by the iso testing ui [16:32] smoser: they are not part of the ISO tracker tests [16:32] smoser: they would warrant two extra lines in the tracker [16:33] as of now I'd [16:33] just report any failure in those tests as a minor bug i the instance run test [16:33] (not triggering a FAIL) [16:34] i dont have failures in them to report, just am always confused when i click a link that says "more information about running this test" and its got a bunch of seemingly un-relevant information [16:35] smoser: the page contains descriptions for 4 tests [16:35] smoser: but only two of them are used in the ISO tracker [16:35] right. [16:35] (if that makes any sense :) [16:35] it does [16:35] but because there are these 2 extra tests... its just confusing [16:35] to my feeble brain [16:36] smoser: upgrade it [16:42] gaa.... we seem to not have ssh fingerprint output on ec2 again [16:42] why does this happen! === dendro-afk is now known as dendrobates [16:49] smoser: the cloud wants you dead [16:50] or bald [16:54] smoser: I filed bug 457281 and bug 457283 [16:54] ttx: Error: Could not parse data returned by Launchpad: The read operation timed out [16:54] ttx: Error: Could not parse data returned by Launchpad: The read operation timed out [16:55] sigh [16:57] New bug: #457281 in eucalyptus (main) "Partitions presented to instance should be ext3, not ext2" [Medium,New] https://launchpad.net/bugs/457281 [16:58] smoser: btw I implemented the qemu-img -b COW style for my scrappable test VMs, its a lot fatser now, thank you for the tip you gave me back in Dublin [17:07] hi, what is the equivalent command of locate on ubuntu server..? [17:08] locate is avaiable on ubuntu server [17:19] derp [17:20] ttx: does the ssh keys get displayed on the console for uec? === dendrobates is now known as dendro-afk [17:33] an opinion question for you all, setting up a webserver for a department at my university, deparment has its own page, but much of the faculty then have their own sub pages which they update and manage themselves, whats the best solution for that? webdav? would you split it across multiple vhosts? [17:33] smoser: its not anything obvious to me maybe ask Keybuk [17:34] zul, you verify that the beta had it? [17:35] not yet..gimme a sec [17:36] I have a server. [17:37] Set up to authenticate against LDAP. [17:37] id ldapusername doesn't work [17:37] Returns no such user. [17:37] I straced it. [17:37] Found it isn't connecting to the LDAP server. [17:37] nsswitch.conf is OK. [17:37] Ideas? [17:38] fahadsadah: libnss-ldap needs to be installed, and /etc/ldap.conf to be configure [17:39] ahasenack: It is [17:39] fahadsadah: then the user in ldap is not posixAccount [17:40] Is. [17:41] does dovecot not compile with mysql support when installing ubuntu server? [17:43] It weirdly started working now. [17:44] I know caching wasn't the issue, though. [17:44] As I tried multiple users. [17:44] fahadsadah: nscd running? [17:45] ahasenack: Yes. [17:45] fahadsadah: then it's the culprit [17:45] I cleared the cache, though. [17:45] nscd -i or something? [17:45] -i passwd [17:45] Be right back. Reboot. [17:45] well, nscd is like that, weird [17:46] it helps and also gets in the way [17:46] Talking about DNS cache, please vote for my idea: http://brainstorm.ubuntu.com/idea/20842/ [17:52] ttx/soren: do you think it is normal that on all the clouds I have created, my access key is the same? Secret key is different though (and I am glad it is)? [17:53] anyone here manage web servers? [17:53] addisonj: Among other things [17:53] !ask [17:53] Please don't ask to ask a question, simply ask the question (all on ONE line and in the channel, so that others can read and follow it easily). If anyone knows the answer they will most likely reply. :-) [17:54] alright, well anyways, just trying to figure out the best content management system, have one main site with sections that are managed by individual users, just trying to figure out the most pain free way that isn't just giving them ssh access [17:55] * nijaba loves drupal [17:55] used on www.ubuntu.com too [17:55] was thinking WebDav, but not so sure about security of it [17:55] addisonj: webdav with certs on ssl is pretty strong [17:56] but how do i give users only access to their section of the site under webdav? [17:57] addisonj: That's harder. [17:57] As usually, sections tend to be part of the same file. [17:57] See a CMS. [17:57] Joomla or Drupal. [17:58] okay so Drupal, I don't need its actual content management as much as just users and file management [17:58] is there a way that i can tell if dovecot is compiled with mysql support? [17:59] skuld: dovecot --build-options? [18:00] skuld: and on 9.04, at least, it is [18:00] cool! now to find out why passdb sql{...} is blowing up [18:01] skuld: good luck [18:01] thanks [18:17] I truly don't get this. [18:19] I followed the tutuorial exactly to set up postfix/dovecot with mysql virtual users. The only problem i'm getting is when I try to start dovecot, I get: Error: Error in configuration file /etc/dovecot/dovecot-postfix.conf line 5: Unknown section type [18:19] and line 5 is: passdb sql { [18:20] !firewall [18:20] Ubuntu, like any other linux distribution, has firewall capabilities built-in. The firewall is managed using the 'ufw' command (see https://help.ubuntu.com/community/Uncomplicated_Firewall_ufw), or 'iptables' (https://help.ubuntu.com/community/IptablesHowTo). GUI applications such as Firestarter/Gufw (Gnome) or Guarddog (KDE) also exist [18:20] and that header is defined in http://wiki.dovecot.org/MainConfig [18:25] hi how do i make my application run automatically upon reboot with ubuntu server [18:25] like mysql, apache [18:26] anyone have idea..? [18:27] ruben23: You could call it via a daemon script in /etc/init.d [18:28] ummm, I know there's a way...I can't remember the file though....but I know when I installed from apt-get, that was done for me automatically [18:28] Tohuw: how would i do it..? [18:30] ruben23: See https://help.ubuntu.com/community/UbuntuBootupHowto but consider doing it the "new" Ubuntu way, using Upstart (http://www.linux.com/archive/feature/125977) [18:44] Is there any Ubuntu documentation floating around on setting up an iptables firewall with 2 NICs (one for outside interface, one for inside interface)? [18:47] Tohuw: I've got what you need right here [18:48] http://pastebin.com/f3a1d7b6d [18:48] that's mine [18:48] skuld: lovely, many thanks [18:49] and this: https://help.ubuntu.com/community/Internet/ConnectionSharing [18:49] hi i have installed apache2 on my ubuntu server----> what config shoudl i be setting it, is it apache2.conf or httpd.conf-----> httpd.conf is empty [18:50] apache2.conf is the main.... [18:51] then you add virtualhosts (if you need them) in sites-enabled. [18:51] I can show you mine ifyou'd like [18:51] mostly I just left apache2.conf alone [18:51] everything is now done in the sites-enabled files [18:52] one of my domains: http://pastebin.com/f5929b1d9 [18:52] kirkland: are you still editing https://help.ubuntu.com/community/UEC/PackageInstall? [18:53] mathiaz: i don't think so; still locked? [18:53] kirkland: yes [18:53] kirkland: it says the lock timed out 30 mn ago [18:53] mathiaz: i had to restart my browser, upgrade [18:53] mathiaz: you can have it [18:53] mathiaz: are you reviewing it? [18:53] kirkland: okdiokoiekdoi [18:53] mathiaz: if so, thanks! [18:55] Where do I view logs about a client pinging my server? === maxb_ is now known as maxb [19:01] smoser: pinging won't be logged unless you have something like iptables set to capture icm p [19:04] ikonia: how do I set iptables to capture it? [19:06] iptables -L will show them [19:06] you need a program like pastebinit to capture [19:06] or you could just redirect: myIPtables.txt < iptables -L [19:07] snth: iptalbes -L only shows your rules [19:07] sorry [19:07] skuld: iptables -L only shows your current rules [19:09] okay. I didn't know that :) [19:10] snth: you need to use tools such as ulog to log and capture the packets, but the rule you need is to block and log icmp [19:13] * skuld wants to know if anybody has experiance with setting up postfix/dovecot with mysql userbase? [19:20] ikonia: I don't necessarily want to block it. I just want to log it and be aware that/when it happens. [19:20] ok, so you need to accept and log [19:21] Does that work the same for nmap packets? [19:22] nmap packets ? [19:22] nmap is a tool [19:24] What kind of packets does nmap use? I am sorry if this isn't in the right channel. [19:24] I am just trying to figure out how to capture different kind of requests and log them. [19:27] ikonia: Thanks. ulog is what I was looking for. [19:27] no problem [19:33] qt [19:35] ikonia: to log ping traffic to syslog.. you can enter an iptables rule like this: [19:35] Reepicheep: it's snth ^^^ who's looking for iptables rules [19:35] iptables -A INPUT -p icmp -m icmp --icmp-type 8/0 -j LOG --log-prefix "ICMP PING: Echo Request : " [19:35] I'm sure he'd appreicate any suggestion [19:36] on.. sorry about that .. that's for snth then [19:36] * nijaba calls it a day. maybe back later [19:36] I've never used --icmp-type before though, what's that ? [19:36] Reepicheep: not at all, you've just shown me something new [19:36] MenZa: Fucking faggot. [19:36] Reepicheep: Thanks for that. [19:36] How about that language? [19:36] !ops | Hajuu [19:36] Hajuu: Help! Channel emergency! infinity, soren, lamont, mathiaz or tom [19:36] Does it offend you? [19:36] kthxbye. [19:36] icmp type 0/8 is echo requests, ping requests [19:36] Keep your fucking superficial selfrighteous standards to yourselves [19:36] !ops | hajuu [19:37] Hajuu, please see my private message [19:37] !ops | hajuu [19:37] !ops | hajuu [19:37] !ops | hajuu [19:37] !ops | hajuu [19:37] !ops | hajuu [19:37] !ops | hajuu [19:37] !ops | hajuu [19:37] you can use this to see the replies: [19:37] iptables -A INPUT -p icmp -m icmp --icmp-type 0/0 -j LOG --log-prefix "ICMP PING: Echo Replies : " [19:38] thank you niko [19:38] YAY! I finally have the postfix/dovecot/mysql email solution working! [19:38] now....how the heck do I add the email users? LOL [19:38] Reepicheep: what other --tcmp-type options are there ? [19:38] niko: you might want to make the host ban wider, and ident narrower [19:39] skuld: where are you telling it to authenticate against ? [19:39] *shrug* [19:39] mysql database [19:39] snth: just make sure that those lines are before you accept the icmp traffic [19:39] skuld: ok - have you looked at postfix admin ? [19:39] ikonia: http://www.iana.org/assignments/icmp-parameters [19:39] duh! [19:39] LOL [19:39] Reepicheep: thank you [19:40] i misstated it earlier .. in iptables it is 8/0 not 0/8 [19:40] I had it write on the rules I posted though [19:41] the URL is http://192.168.1.1/postfixadmin....right? LOL [19:41] skuld: if that's where your webserver is bound to [19:42] skuld: and it depends where you got postfix admin from, as the package installs it to specific places depending on who packaged it [19:42] okay. now I just have to go find it again [19:44] oh yeah snth, also nmap scans many different ways. for instance if nmap scans with -sP it will use ICMP pings. but it will not on some other scan types like -sS which is a tcp syc scan [19:56] nijaba: Yes, that's perfectly normal. [19:56] nijaba: The access key is some sort of hash of the username or something like that. [19:57] nijaba: ...and since your username is always "admin"... [19:57] nijaba: It's better now than a couple of months ago. [19:57] . [19:57] nijaba: Back then, the secret key would have been the same as well. [19:59] Is there a way to capture nmap requests on your server? [20:00] s/requests/scans/ [20:00] Sure. [20:00] snort, for one, detects that sort of thing. [20:14] any here have experience installing ubuntu to an iscsi target? [20:26] Reepicheep: How can I block ping requests from a specific internal IP? [20:27] where can I find the 10-10-2009 version of the beta karmic CD? [20:28] Guest70615: We don't keep all the iso's around. [20:29] Guest70615: What do you need it for? [20:30] soren: I'm trying to find one for eucalyptus working out of the box and the ISO I have doesn't pass the MD5 checksums. [20:31] Guest70615: The current one doesn't work? [20:31] snth: using iptables you can block it by adding a source to the iptables rule "-s" followed by the ip address than change the "-j LOG" to "-j DROP" [20:32] you may want to look at ufw.. it could be simpler for you [20:32] has anyone installed ubuntu server to an iscsi target? [20:32] soren: correct. [20:32] Reepicheep: Thanks. [20:33] snth: and as for detecting all nmap scans.. you would need an IDS of some kind .. like snort that has been already suggested [20:33] Guest70615: Have you filed bugs about your problems? We need to fix everything before the release next week. The only way we can do that is if people report the problems they find. [20:34] Thanks for the help guys [20:34] flagg0204: i've installed machines to iscsi targens before .. but never ubuntu :| [20:34] soren: will do [20:34] Reep - yeah same here. Is it possible to use one iscsi target for multiple machines [20:34] i.e. readonly root fs [20:35] hey guys [20:35] only one machine can have access to one iscsi target at a time [20:36] Reepicheep: Are you sure? [20:36] Reep - i think more than 1 can have access, but only 1 can write to the target at any given time [20:36] i was thinking about doing a read only root file system, then mount /var /proc. etc into a ramfs [20:37] I'd be surprised if only one initiator could connect read-write to a target. [20:38] afaik, iscsi is block level you would need something a little higher up to handle locking and block level access [20:38] Well, sure. [20:39] the only way I have ever got multiple things reading on iscsi target is by creating a snapshot and sharing the snapshot as a target.. but that is definitely read only and also a snapshot in time [20:39] I've done some stuff like that to get backups before [20:40] gfs2 or similar should handle it, though I haven't done it personally [20:40] flagg0204: you may be better of using something like NFS.. I have done that before for read only system files [20:40] i thought about that too, might have to go down that road [20:43] reep - you know of any good articles on doing nfsroot / readonly filesystems on ubuntu server? [20:43] flagg0204: have you looked at the LTSP project? [20:45] no i havent. looking at it now [20:46] interesting.... [20:46] and sorry i'm not aware of any articles about sharing system files with NFS.. but I'm guessing google knows a lot.. probably not ubuntu specific though .. but that shouldn't matter [20:48] I have a box at home that uses LTSP to be a diskless mythtv frountend.. it works pretty good and mythbuntu pretty much sets it up for you [20:48] reep - ill have to do some more research with iscsi/nfs options.....thanks for the suggestions reep [20:50] what's the command to determine if port 25 is actually open on my box? [20:50] skuld: netstat [20:51] skuld: lsof -i [20:51] well lsof -i only showed 5900 open...I don't remember EVER opening that port [20:51] skuld: thats vnc [20:52] right. [20:52] is there a way to only show the ports using netstat, and not all the other... ??files?? [20:52] skuld: what does "netstat -tap" show [20:53] or if you don't want the resolutions done "netstat -tapn" [20:54] http://pastebin.com/f8e3bb98 [20:55] skuld: it looks like snmp is not listening [20:56] you could narrow it down a bit to look just for snmp like this "netstat -tap | grep LISTEN | grep snmp" [20:56] hello everyone [20:57] I see...now to find out why? [20:58] for that port to show up, doesn't something have to be listening for it? [20:59] skuld: yeah some process has to have that port open and listening [21:00] flagg0204: I share filesystems all the time using iscsi and nfs [21:00] I just installed postfix/dovecot and sudo /etc/init.d dovecot start and postfix start. That *should* do it, right? [21:01] that should start the daemons as long as everything is configured correctly and it doesn't error on start up. [21:01] what I tend to do is use OpenSolaris as an iscsi host, set up the iscsi volumes using zfs, and then share them to the ubuntu hosts that need them using ZFS [21:01] no errors showed up [21:02] if that's the case it should show up in the logs [21:02] postfix uses port 25 be default, and dovecot uses 110 by default, right? [21:02] if we can ever get Oracle/Sun to release ZFS under GPLv2 then I will replace the OpenSolaris host with an Ubuntu host [21:03] EtienneG: is it possible that using XFS on the CC or NC could keep SC functionality from working? [21:03] crap I'm late for a meeting see yall later === aubre is now known as aubre_afk [21:04] aubre_afk, I do not think the underlying file system would matter much to the SC [21:05] skuld: yeah postfix should us port 25 (SMTP) dovecot uses both 110 (POP3) and 143 (IMAP) depending on what dovecot services you start [21:05] I don't have to set anything in a conf do I? [21:05] my ubunut server network interface is not responding starting last night.. http://pastebin.com/d4caf3592 .. any suggestion how to troubleshoot it? [21:06] how do I check from console if the link light is on ? [21:06] mii-tool is not helping [21:08] skuld: does /var/log/mail.err say anything? [21:09] no, it's empty [21:09] how about /var/log/mail.warn [21:11] [21:11] Oct 20 03:55:29 ayeka postfix/proxymap[21111]: fatal: dict_open: unsupported dictionary type: mysql: Is the postfix-mysql package installed? [21:11] Oct 20 03:55:30 ayeka postfix/smtpd[21110]: warning: private/proxymap socket: service dict_proxy_open: Success [21:11] Oct 20 03:55:30 ayeka postfix/master[15613]: warning: process /usr/lib/postfix/proxymap pid 21111 exit status 1 [21:11] Oct 20 03:55:31 ayeka postfix/proxymap[21112]: fatal: dict_open: unsupported dictionary type: mysql: Is the postfix-mysql package installed? [21:11] Oct 20 03:55:32 ayeka postfix/smtpd[21110]: warning: private/proxymap socket: service dict_proxy_open: Success [21:11] [21:11] [21:11] I know I installed the postfix-mysql package...I think or was that dovecot-mysql? hold on [21:12] yup, already installed [21:13] probably should use pastebin on that .. but google that error and see if you find anything [21:13] error as in the lines with "fatal" in it [21:14] axisys: apt-get install ethtool [21:14] then "ethtool eth0" or what ever interface you are looking at [21:14] ok, I'll try that [21:15] axisys: that is if you have access to install ethtool on that machine with the interface problems [21:15] the hardware link light on the interface and on the switch should aslo indicate the interfaces link state [21:16] Reepicheep: apt-get install ethtool will need for the network to work first [21:17] axisys: have you tried restarting the interface? "ifdown eth0" "ifup eth0" [21:17] Reepicheep: yep [21:18] do you have physical access to the machine and the switch to see if there is a link light? === dendro-afk is now known as dendrobates [21:18] Reepicheep: yes.. and i unplug and replug the cable on both switch side and server side [21:19] [ 992.259472] nv_stop_tx: TransmitterStatus remained busy<6>eth3: link down. [21:19] [ 999.342789] nv_stop_tx: TransmitterStatus remained busy<6>eth3: link up. [21:19] Reepicheep: ^ happend when i unplugged and plugged [21:19] well that would indicate a link [21:19] but i think some other issue here .. [21:19] it does not say eth3 link is ready [21:19] use tcpdump to see if you see any traffic on that interface [21:20] ok.. let me run it for a min.. be right back.. need to grab a coffee real quick [21:26] mathiaz, good news! it looks to me that bug 451881 is "must fix" now. [21:26] smoser: Error: Could not parse data returned by Launchpad: The read operation timed out [21:26] you stink uvirtbot [21:27] smoser: "must fix"? [21:27] smoser: it's marked as won't fix [21:27] it affects ec2 also :-( [21:27] smoser: ouch [21:27] at least i think they're the same. ec2 regressed since beta [21:30] Reepicheep: back.. tcpdumo sees no traffic [21:31] tcpdump* [21:31] any iptables rules? [21:31] Reepicheep: ufw is disabled [21:32] and iptables-save returns no rules? [21:32] Reepicheep: http://pastebin.com/d50c95f84 .. does not look like it [21:33] Reepicheep: i think some hardware.. [21:33] Reepicheep: maybe modprobe -r followed by modprobe [21:34] there are some iptables rules in there .. although the should just be logging rules .. but you may run iptables -F just in case [21:34] axisys: do you have any other available interfaces on that machine that you could try with? [21:35] smoser: about 451881 -- do you know how to fix it already ? [21:35] i have a couple options [21:35] i'm testing the least intrusive at the moment [21:36] smoser: I think it's valid to respin the UEC/EC2 images for that, just confirm with the release team -- there aren't so many tests to redo [21:37] Reepicheep: yes.. but on same card [21:37] I can retest the UEC images tomorrow morning if needed [21:37] i will go ahead swith over to the other if you suggest so [21:37] Reepicheep: ^ [21:37] axisys: it may be worth a try [21:37] * ttx goes to bed [21:38] does postfix compile with mysql support when installing from the CD during a fresh server installation? [21:39] axisys: you have ufw rules in your iptables-save paste. if you are moving away from ufw to your own iptables script, please perform 'sudo ufw disable && sudo /usr/share/ufw/ufw-init flush-all' [21:39] that will disable ufw now and on boot, and flush the builtin chain hooks [21:40] jdstrand: did the disable and flush [21:41] here is the new iptables-save http://pastebin.com/d5a92ecb7 [21:41] jdstrand: ^ [21:42] skuld: what does "aptitude show postfix-mysql | grep State" [21:42] axisys: that is correct. your firewall is completely flushed [21:42] return? [21:42] Reepicheep: ran the iptables -F [21:42] jdstrand: still no traffic [21:43] Reepicheep: State: installed [21:43] axisys: the iptables -F will do the same as the sudo /usr/share/ufw/ufw-init flush-all [21:44] skuld: I don't use postfix but, afaik, you should have mysql support in postfix then [21:45] that's what it looks like. I can't find any answers to this warn message.... [21:45] I'm sure it needs configured though.. if you haven't done that all ready? [21:45] fatal: dict_open: unsupported dictionary type: mysql: Is the postfix-mysql package installed? [21:46] skuld: are you following a howto of some sort? if so which one? [21:46] yeah....let me get them... [21:48] here's one: http://craigballinger.com/blog/2009/07/postfix-dovecot-mailserver-on-ubuntu-904-jaunty-jackalope/ [21:51] and I used this to fix a problem with that tutuorial: http://pastebin.com/f65ef08c0 [21:52] skuld: and you have setup the stuff in the my_*_map.cf files like my_alias_map.cf and my_domains_map.cf and the sort? [21:52] yes [21:56] how can i bind my domainname.com to my static ip [22:00] I noticed an error in my dovecot.warn file....pointed to this line: [22:00] dovecot unix -n n --pipe flags=DRhu user=vmail:mail argv=/usr/lib/dovecot/deliver -c /etc/dovecot/dovecot-postfix.conf -f ${sender} -d $(recipient) [22:02] fatal: /etc/postfix/master.cf: line 84: field "private": bad value: "-n" [22:02] BTW, is there a command in VI to let me get to the bottom of a document quickly? === dendrobates is now known as dendro-afk [22:06] Reepicheep: trying on a different port [22:07] skuld: in vi just type "G" will take you to the end .. but if your looking at logs you may want to use less or even tail to look at them [22:08] okay. I know a lot of times I just need to get to the bottom or near bottom of a document :) thanks [22:13] can I rm /var/log/mail.warn to clean out the log? [22:14] skuld: You can, but why would you want to? [22:14] I want to get rid of all the past errors to see if I have fixed all the problems [22:15] The file is time stamped, so you'll know if something new appears. [22:15] That or tail -f /var/log/mail.warn [22:15] skuld: just run "tail -f /var/log/mail.warn" on a second terminal [22:16] cool, thanks [22:16] I think I got all the problems fixed YAY! [22:17] soren: ok, thanks for getting back on this one. [22:17] maybe....now I just have to figure out why port 110 isn't open LOL [22:17] kirkland: the url you gave i [22:17] kirkland: you gave me is not a feed but a full html [22:18] nijaba: oh, let me check [22:18] kirkland: planet will only accept feeds such as RSS or Atom [22:18] nijaba: okay, one minute... i just want to give you stuff i tag "Cloud" [22:18] skuld: if you got postfix up and working port 110 (POP3) should be handled by dovecot [22:19] yeah, it should, but I just did one of those internet port scan pages and tested 110, it error'd out [22:19] but 25 is open :) [22:22] well that netcat command we used earlier would be more accurate then a scan from the internet [22:22] netcat -tapn | grep LISTEN [22:23] Reepicheep: netcat -l only shows listening ports, IIRC [22:23] nijaba: http://blog.dustinkirkland.com/feeds/posts/default/-/Cloud [22:23] well, now I;ve got a "local configuration error"...with dovecot [22:23] kirkland: updating [22:24] nijaba: i added a note about your survey at the bottom of mine [22:24] nijaba: if you'd like the text to read differently, let mek now [22:24] Hello [22:24] kirkland: I have seen that, thanks [22:25] good evening AdamDV! [22:25] skuld: Evening :) [22:25] Any issues that need fixing? (I'm here to help) [22:25] I got my webserver working 100%, and mail is almost working [22:26] Cool. [22:26] trying to resolve a "local configuration error" with (dovecot, I think) [22:26] is there anyway I can see _how_ my server was shutdown? by some user? by cron? by ... whatever? [22:26] skuld: Search postfix dovecot on debianadmin.com [22:26] Great guide. [22:26] Appiah: Not that I think. [22:27] Appiah: shutdown requires sudo. [22:27] I meant reboot but ok [22:27] hmm [22:27] then I should be able to see in auth for someone who used sudo... [22:27] Yes. [22:27] reboot/shutdown need sudo [22:28] but what about cron? [22:28] It would need to be run through root's cron. [22:30] Reepicheep: this is odd.. when I added IP address to all the interfaces now i can ping all [22:30] Reepicheep: and now i were able to install ethtool [22:31] axisys: you put the same IP on multiple interfaces? [22:31] just out of curiosity what does "ip route show" return? [22:31] Reepicheep: this is Sun Fire(TM) X2100 .. no each one seprate IP [22:32] are they different IP on the same subnet? [22:33] Reepicheep: http://pastebin.com/d3802337c .. different IP on same subnet [22:33] i can ping them all from another host on same subnet.. but only one port is physically connected.. [22:33] that is crazy [22:34] i guess they have 4 mac address on each physical port .. it has two physical port [22:34] what does "ip link show" return? [22:35] and I think on interface can respond for another interface's traffic if it sees it [22:35] you may try unplugging on interface at a time and see if they all quit working [22:35] Reepicheep: http://pastebin.com/d3802337c [22:36] or better yet.. plug one interface in at a time [22:36] Reepicheep: what u mean plug? i have two ports on this x2100 .. only one port has a cable going to switch [22:37] Reepicheep: but as you can see multiple mac addresses [22:37] Reepicheep: the second port has nothing connected to it [22:38] actually you pasted the old pastebin address in again [22:38] we only got your routes [22:38] http://pastebin.com/f764dacfd (sorry) [22:38] what does ethtool eth0 through eth4 show, do they all show links and negotiation? [22:39] it looks like only eth0 is up [22:40] but like I said .. I think eth0 can actually respond to traffic destine to ip address on other interfaces [22:40] Reepicheep: how come? ethtool shows only eth0 Link deteced: yes .. rest are no [22:41] Reepicheep: how does eth0 respond to 192.47.0.88 when it is bind to 192.47.0.85 [22:41] I think that is actually what is happening. "ip link show" shows the same [22:41] Reepicheep: ^ ? [22:42] Reepicheep: ip link show show only eth3 down [22:42] i mean No-CARRIER [22:43] I would count eth2 and eth3 as having issues also.. notice the "state UNKNOWN" [22:43] Reepicheep: never mind `state UP' only for eth0 .. you are correct [22:44] try running "ifdown eth1" and also on eth2 and eth3 and see if it changes anything [22:45] Reepicheep: shows 'state DOWN' for all except eth0 and network is still working [22:45] Reepicheep: that other port might be bad [22:45] how can i check what driver eth0 is using? [22:45] that could be a possibility [22:45] try replacing the cable if you haven't done that already [22:46] can anyone suggest a simple pop server? I have 1 account that needs to pop, I havent done mail in years so im outa the game [22:46] Reepicheep: i have same prblem with a solaris OS on x2100 .. hmm [22:46] just noticed [22:47] is it actually a 4 port nic card or is it something different .. like maybe one of the ports is an IMPI port or even a console port? [22:48] of course the ethernet interfaces do show up to the system [22:48] you have 4 nics [22:48] Reepicheep: one port network and second port is a ipmi port .. i am using ipmi port [22:48] Reepicheep: builtin to x2100 [22:48] you may be able to find the module that the nic card uses via "dmesg | grep eth0" [22:49] Reepicheep: yep.. tg3 [22:49] Reepicheep: thanks [22:50] Broadcom Corporation NetXtreme BCM5721 Gigabit Ethernet PCI Express (rev 11) [22:50] mack: what is your backend mail box stores? [22:50] yikes [22:50] mack: mbox, maildir, .. [22:51] axisys: you may also scan through dmesg and see if the kernel is reporting any errors on any of the nics [22:52] Reepicheep: http://pastebin.com/d2b2d7393 .. looks like intel one is not working .. but broadcom is [22:56] mathiaz, any chance you could help smoser with sponsorship for ec2-init? [22:56] kirkland, or you? [22:56] mdz: sure [22:57] mdz: yeah, you bet [22:57] context is on #ubuntu-release [22:57] ah, mathiaz isn't in there. kirkland, would you mind taking care of it? it's earlier for you and you have the scrollback [22:57] mdz: sure [22:57] thanks [22:58] smoser: point me to it [22:58] I think he may have wandered off [23:02] Reepicheep: does did a reboot to make sure all is working.. lost network again... hehe [23:02] s/does/i/ [23:03] ethtool eth0 show Link detected: yes [23:05] axisys: what does your interfaces file look like? [23:05] and what does your /etc/udev/rules.d/70-persistent-net.rules file look like? [23:07] Reepicheep: interfaces -> http://pastebin.com/d20a138a8 [23:10] Reepicheep: rebooted and now I can ping again.. this is going to be fun [23:11] http://pastebin.com/f64971976 <-- /etc/udev/rules.d/70-persistent-net.rules [23:12] that looks fine. "00:e0:81:5d:ed:84" should always be eth0 [23:13] do an iptables-save again and make sure there are no rules [23:15] Reepicheep: iptables-save came out empty [23:18] axisys: I suppose if you can.. reboot it a couple more time and see what it does each time [23:19] make sure that the same mac address is always eth0 and check the link of eth0 with ethtool [23:21] kirkland, in bug [23:21] smoser: link me [23:22] https://bugs.edge.launchpad.net/ubuntu/karmic/+source/ec2-init/+bug/451881/comments/5 [23:22] Launchpad bug 451881 in ec2-init "ssh public key fingerprint not available on console in UEC environement" [High,In progress] [23:22] i'll just turn off daily build and hold it until its in [23:27] with the latest 9.10 server, is there a way to set your iscsi initiator name during install? [23:27] smoser: mdz: ec2-init uploaded [23:28] other os's i have done iscsi installs allow you to specify an initiator name. ubuntu seems to make you use the default openscsi [23:28] iqn.2005-03.org.open-iscsi:db53f7b59e56 [23:28] for example [23:47] Question: I get a "local configuration error" bad email reply when I try to send something to my postfix/dovecot server. Which configuration would I need to look at? Dovecot or Postfix? [23:52] skuld: sending and receiving email is handled by the MTA (Postfix in your instance) dovecot is for mail retrieval (POP or IMAP), for when you are checking mail that is stored in an INBOX on a server from a client [23:53] so the configuration error is part of postfix then, since something is being bounced back to my sending (gmail) account [23:53] yeah. check your /var/log/mail.* logs [23:53] both postfix and dovecot should log there [23:54] I gotta run now.. so good luck with that [23:54] Postfix is very careful about logging, so if it's a postfix problem, the logs will tell you === cjwatson_ is now known as cjwatson