=== orudie___ is now known as orudie [00:36] New bug: #311316 in lm-sensors (main) "Wrong readings of sensors" [Low,Invalid] https://launchpad.net/bugs/311316 [00:40] I'm having a little trouble figuring out the right way to assign a group to a share in samba [00:40] . [01:01] New bug: #459771 in mysql-dfsg-5.0 (main) "package mysql-server-5.0 5.1.30really5.0.75-0ubuntu10.2 [modified: usr/share/mysql/errmsg.txt] failed to install/upgrade: subprocess post-installation script killed by signal (Interrupt)" [Medium,Incomplete] https://launchpad.net/bugs/459771 [01:35] Noah0504, depends on what precisely you mean by assign a group [01:35] do you mean you want to grant a group access, or that you want to require all new files to belong to a given group [01:38] in this example, all the users in the group 'smbusers' have access to the files in the share, and all new files are created belonging to the group smbusers http://pastebin.com/m2797cc13 [01:39] the filesystem permissions grant access, the 'force group' causes new files to be created with the right group owner [01:43] qman__: Well, I have a work around right now, but I was just trying to get only the users of a group be able to access a share, and give them group permissions to rwx... [01:44] But, when I added myself to a group and changed the permissions on the system... [01:44] Nothing! [01:44] Ha. [01:47] well, if you need to restrict within samba instead of filesystem permissions, 'valid users = @group' should work [01:47] where 'group' is your desired local system group [01:47] though I have not tested it myself [01:47] I've got a network question; not sure if this is the forum for it, but since I run Ubuntu galore thought it'd work. I've got a network that I'm trying to get synced all around. An image of it can be seen at http://picasaweb.google.com/67comet/TechnicalCrap#5396332539025922882 .. I would like all devices to see/talk to one another, right now they can only see one another on the same router. Help? [01:48] NineTeen67Comet, define "see" [01:49] I had all devices (routers and otherwise) daisy chained from one port on my ISP's router. SLOW as heck, so I pulled it apart, put a router to each port on the ISPs ADSL router and it's much better, but seperate (all have 192.168.15.* IP addresses) .. [01:49] See as in ssh to one another, file/print share etc .. [01:49] you can't do that unless you put the routers into routing mode, instead of gateway mode [01:50] most home routers use what's called NAT overloading, or masquerading, and as such you can't directly connect to any machines behind them unless port forwarding is configured [01:50] you want them to act as normal routers with separate networks [01:50] dd-wrt can do this, not sure about the others [01:51] qman__: Do you know the terminology I could google it? I'd like it to all be the same node (assuming 192.168.15.---) is the same node .. [01:51] you can't do that either [01:51] behind each router, you will need to use a different network [01:51] qman__: I've got DD-WRT on one router, and Tomato on the other. Tomato seems to be a little faster is all .. but I like both. [01:51] for example, on one router, 192.168.1.x, another, 192.168.2.x, etc... [01:52] if you want to run all 192.168.15.x, you need switches, not routers [01:52] qman__: aha .. I assigned them 50 address blocks 100-150, 151-200 etc .. [01:52] in order to route, you need two different networks [01:52] 192.168.15.x is one network [01:53] So if I give them all seperate nodes (192.1168.1/2/3 etc) .. would that help in gaining ssh access to them all? [01:53] you could subnet but that's complicated and unnecesary [01:53] that's one step that's needed [01:53] The WAN side of the routers are all 192.168.1.() .. [01:53] the other step is changing the routers from NAT overloading to just routing [01:53] dd-wrt can do that [01:53] tomato probably can [01:54] qman__: Pretty sure (gotta go google routing though) .. [01:54] The Vonage router isn't a big deal if it doesn't work like this. I can just use the ports on the WRT54G (v6 with DD-WRT micro) [01:54] of course, all this routing would be unnecessary if you just had one big switch [01:54] lol [01:54] yeah tell me about i [01:54] it [01:55] I've e-bayed switches and they are all so expencive .. [01:55] I would need managed switch right? [01:55] no [01:55] and can I still use all the ports on the ADSL router? I hate to push 17 devices through one port on the router (physical port) [01:55] just a switch [01:55] yes [01:56] though, that's also pointless [01:56] I've got an 8 port hub, but when I run it things are really slow [01:56] you only need one port on the ADSL router [01:56] think of it this way [01:56] your internet connection is what, 10mb/s more or less [01:56] ethernet is 100mb/s [01:56] gigabit ethernet is 1000mb/s [01:56] yeah, less .. Verizon (in Japan) sucks. [01:57] if you put everything on one big switch behind the DSL router, only internet-bound traffic will go through that 100mb/s port [01:57] which is far more than what your internet connection can sustain [01:58] Do you have a suggestion on what kind of switch to hunt down? Let alone, I've never used one (just hubs and routers) .. [01:58] any will do, really [01:58] I have a 24-port netgear I like [01:58] you don't need a managed switch [01:59] This one I had a friend order .. he seems to like it .. http://www.tplink.com/products/product_des.asp?id=59 [01:59] I'll do some e-bay'in then .. if I can keep it under $100 that'd be a bonus .. [01:59] overkill [01:59] that's a managed switch [01:59] you don't need that [01:00] K .. I'll so some more searching .. [01:00] I like running static IP addresses when I can too .. that's why I was searching for a managed switch .. [01:00] something like this is more than enough http://www.newegg.com/Product/Product.aspx?Item=N82E16817111031 [01:01] that's irrelevant to the switch [01:01] qman__: thanks for this help .. I really appreciate it .. [01:01] a switch is like a hub, in regard to management [01:01] but it's better than a hub in every way [01:01] My servers are all Ubuntu-Server (well, two of the really old Cyrix processored boxes are just Debian) [01:01] you just plug things into it and ignore it [01:02] Doesn't a switch at least keep traffic orginized a little? I know a hub is basically a line splitter .. [01:02] unless you have a really large or compelx setup, a managed switch is completely unnecessary [01:02] yesw [01:02] a switch keeps track of MAC addresses [01:02] and sends packets where it knows they need to go [01:02] it's all automatic, behind the scenes [01:02] and reduces line noise [01:03] that's better .. I'll keep looking .. I see a lot of people saying "Switch HUB" . aka: http://cgi.ebay.com/D-LINK-DFE-2624-NETWORK-switch-Hub-24-ports_W0QQitemZ250515930961QQcmdZViewItemQQptZCOMP_EN_Hubs?hash=item3a53e9bf51 [01:03] Do they just not know what they are talking about? Or are there hubs they "call" a switch ? [01:03] NineTeen67Comet, look for something like this. http://www.newegg.com/Product/Product.aspx?Item=N82E16833129010 [01:04] If you need that many ports that is. [01:04] that's a hub [01:04] you don't want a hub [01:04] grim76: yes I need ports .. lol [01:04] regarding the ebay listing [01:05] I've got a server room with around 10 server/computers running it it, and I run cat6 through my walls to my computer and my mythbuntu box and what ever box I'm working on .. [01:05] usually, they put "switch hub" in the listing because either will work in many situations, but switches are always better [01:05] qman__: that's wat I've been worried about . [01:05] with hubs you have to worry about collisions [01:06] grim76: thanks for the link .. I'll search for similar items .. [01:06] qman__: I notice with the cheap little 8 port hub I've already got anything hooked to it (that carries much data like my movie server, file server and workstation) get really slow if I use all three at once .. [01:07] NineTeen67Comet, no problem. [01:07] can't wait to button up my degree so I can go learn more networking stuff. My home network has reached the point it's getting bigger than a small businesses .. lol and my kids want more computers so its only going to get bigger. [01:08] Think of your hub as you are trying to shove 8 lanes of traffic down a two lane road. A switch is like the highway where you can have all the lanes flowing and working at the same time. [01:09] grim76: exactly how I think of it . That's why I've been pulling my hair out trying to get all my Linksys routers to play nice with each other .. [01:09] the hub was just clogging up everything (movies wouldn't even stream through it with out a sputter) [01:09] Understood...your setup is just way more complicated than it needs to be as qman__ pointed out. [01:10] yeah [01:10] one big switch behind your DSL router will do [01:10] then put your wireless and vonage behind that switch [01:10] but plug all the computers into the switch [01:10] Not a broblem . I can sell one of my Linksys routers and just have the Vonage and Wireless routers plugged in .. all other devices will come strait off the switch .. [01:11] home routers are actually a misnomer [01:11] We're thinking of tossing Vonage too .. so that'll be gone (I'm trying to get MagicJack working in Linux .. Once I get that .. POOF no more Vonage .. [01:11] since they have a router, a switch, and usually a wireless access point all in one device [01:12] and are configured in a NAT overloading setup by default, instead of a routing setup [01:12] qman__: I know they are pretty powerful little deals for the price .. DD-WRT and Tomato make them awesome once you figure them out .. [01:12] * NineTeen67Comet still trying to figure out all the bells and whistles [01:14] Thanks again guys .. I'm going to go hit up Amazon, Tigerdirect, Newegg and ebay for a switch .. the sooner I get one going the sooner I can kick my mythboxes back on .. [01:14] awesome good help .. if you are ever in Japan I'll buy the first round .. :) [02:01] Any postfix/sasl experts in here tonight? [02:03] skuld, if anyone appears, I suggest you to post your question in ubuntuforums.org [02:03] *if no one [02:03] postconf -n [http://pastebin.com/f5294863e] [02:03] okay. [02:04] I've got postfix working (at least when I telnet) but I don't think I've got the authentication quite right. I've got some errors in my log.... [02:08] mail log snippit: [http://pastebin.com/f5b76146a] [02:12] looks like a problem with /usr/lib/smtpd. I looked it up, the file exists, I'm just not sure where *it* is expecting it to be. [02:16] skuld: You broke postfix somehow. Pastbin the output of postconf -n [02:16] postconf -n [http://pastebin.com/f5294863e] [02:17] in the mail.err log, I see over and over again: "postfix/smtpd[#####]: fatal: open lock file pid/inet.smtp: cannot create file exclusively: No such file or directory. [02:18] chroot issue? [02:18] Have patience. My system is very slow because I'm test building several packages at once right now. [02:19] in mail.warn I see over and over: postfix/master[######]: warning: master_wakeup_timer_event: service qmgr (public/qmgr): No such file or directory. [02:19] pmatulis: Not typically [02:19] it's cool, I'm still trying to figure out where the "arrow" ispointing to LOL [02:20] OK, well that looked normal. [02:20] I have my system configured (supposedly) for postfix, dovecot using a mysql backend for virtual mailboxes/domains [02:20] what's in master.cf? [02:20] I think something with saslauthd...or smtpd...whatever that is is misconfigured somewhere, but I really have no clue where to look [02:21] hold on.... [02:21] Just pastebin the whole file [02:22] master.cf [http://pastebin.com/f2d5fba03] [02:24] the only things I changed in that was the very first smtp line. chroot now = 'n', before it was '-' and the very last line, I added (dovecot) [02:29] skuld: how much space is available for the /var directory? [02:30] df -h [http://pastebin.com/f792acee9] [02:31] it's not on a seperate partition, I have lots of room, somewhere between 0% and 1% are in use [02:31] skuld: I suspect you have postfix partly chrooted and partly not chrroted. [02:31] ok [02:32] What happens if you change all the chroot '-' to 'n' then stop and start postfix [02:32] trying now [02:34] now I see [in mail.log] postfix/master [#####} fatal: open lock file /var/lib/postfix/master.lock: unable to set exclusive lock: Resource temporaily unavaiable [02:35] [mail.err] fatal: open /etc/postfix/my_domains_maps.cf: no such file or directory. [02:35] but I know that file is there [02:36] oh, wait...disregard that...I wasn't at the bottom of the log [02:36] no change in the mail.err file [02:36] still blowing up on pid/inet.smtp..... [02:36] skuld: there may be some errant process(es) running. kill all postfix-related processes and then start freshly [02:37] that I know of it would be postfix, dovecot, saslauthd.......right? is there anyway to check? [02:37] skuld: reboot the server if you're not sure [02:38] okay, hold on.... [02:44] okay, now when I try to send a message, I get: postfix/smtpd[######] warning: SASL authentication problem: unknown password verifier [02:44] warning: SASL LOGIN authentication failed: no mechanism available [02:44] lost connection after AUTH [02:47] skuld: how did you configure smtpd.conf? [02:48] the only line in that file is pwcheck_method: pam [02:48] it's located: /var/postfix/sasl/smtpd.conf [02:48] not var /etc [02:52] skuld: well it looks to me like you just need to configure SASL properly [02:52] skuld: what documentation are you following? [02:52] let me pull it up.... [02:53] http://enc.com.au/myscripts/postfixmysql.html === skuld_ is now known as skuld [03:00] skuld_: well i've never used the sasl/pam/mysql combo. the problem is in that chain somewhere [03:04] skuld: check pam-related log messages, maybe increase pam logging. is pam even being invoked? [03:05] how do I check if pam is being invoked? [03:05] logs [03:05] I don't see anything in /var/logs for pam or pam.d [03:06] syslog maybe? [03:06] /var/log/auth.log [03:06] ah, okay [03:07] I see saslauthd[####]: ipc_init [03:09] dbus-daemon: rejected send message, 4 matched rules; type="error, sender=":1.10" (uid=0 pid=4163 comm="/sbin/wap_supplicant -u -f /var/log/wpa_supplicant") interface="(unser)" member="(unser)" error name=fi.epitest.hostap.WPASupplicant.InvalidInterface" requested_reply=0 desitnation=":1.9" (uid="0" pid=4149 comm="/usr/sbin/NetworkManager --pi-file /var/run/Netwo")) [03:10] I guess that means that pam is being invoked? [03:11] skuld: not at all [03:12] skuld: also, you're not using saslauthd for authentication. you're using PAM [03:12] okay...I'm confused. LOL [03:13] I need to use pam becuase postfix can't authenticate against mysql directly...so I've read [03:13] skuld: correct [03:14] skuld: at this point you just need to take the time to read the docs, one how-to is often not enough to understand what's going on [03:14] okay, well i guess I need a good document on postfix and authentication...in this case PAM I guess? [03:17] skuld: actually, i just learned that saslauthd can authenticate against pam, so that's another option for you [03:17] sasl/saslauthd/pam/mysql [03:18] so It'd go something like postfix -> saslauthd -> pam -> mysql ? [03:19] skuld: more like i wrote before your last comment [03:19] skuld: start by reading http://www.postfix.org/SASL_README.html, then google for "sasl pam mysql" [03:19] skuld: good luck, need to jet [03:19] thanks [03:33] is there any way to tell if I have cyrus already installed? [03:35] I guess I do becuase I have saslauthd LOL [03:51] New bug: #460183 in postfix (main) "Postfix package errors during Ubuntu 9.10 upgrade" [Undecided,New] https://launchpad.net/bugs/460183 [04:22] this isnt the place to ask about dedicated packages [04:22] is it [04:31] dedicated packages? [04:32] "My package is so dedicated, it runs 24/7 ?" Or maybe "This package is dedicated to my beloved mother...." ?? [04:33] kosmic: Do you mean native packages? Or something else? [04:40] oh no [04:40] i mean dedicated servers [04:41] found a place selling a decent dedicated for $40 a month [04:41] but the silly site requires i have a domain registration [04:41] or register a domain with them [04:41] doesnt make sense to me ;) [04:46] If it doesn't make sense, don't do business with that company :) If it looks too good to be true, it probably *is*. BTW, this doesn't seem to be Ubuntu server related. [04:46] yes yes [04:47] cant think of another place to ask this question ;) [05:32] hey there, when ever i ssh into my ubuntu server, i get a long like automated message [05:32] anyway i can get rid of it or edit it to my needs? [05:33] the msg has the info uname -a spits out as well as a long message about ubuntu and software included being free and what not [05:36] SuspectZero: check out /etc/update-motd.d/ maybe? [05:40] i saw a movie called suspect zero [05:40] kosmic, yep :D good movie [05:40] haha thought so <;) [05:59] maswan, ah found it. its /etc/motd [06:01] SuspectZero: Yes, but that is being created by the scripts in /etc/update-motd.d/ where maswan told you to look... so unless you deal with those scripts, any changes you make to /etc/motd itself are likely to be overwritten by the scripts... [06:02] aaahh i see [06:02] missed that [06:02] awesome thanks [06:08] SuspectZero: man motd.tail should also help you understand how this stuff works [06:08] jmarsden, im getting rid of it [06:08] i dont need motd at all [06:08] :P [07:27] http://action.metaffiliation.com/suivi.php?mclic=S42665516A5D131 [07:35] does anyone have idea howto tell my box that it should not take 2002: ipv6 address at all [07:36] New bug: #460234 in image-store-proxy (main) "Image story's logrotate config triggers an email every day" [Low,New] https://launchpad.net/bugs/460234 [08:26] New bug: #460256 in samba (universe) "when creating share through nautilus, i cant access it until i run smbpasswd" [Undecided,New] https://launchpad.net/bugs/460256 [08:28] Hi -- What is the easiest way to add commands/scripts in the startup? I recently added something in /etc/rc.local -- but I don't want it to run as root -- but rather as my username. Suggestion? [08:31] New bug: #458542 in euca2ools (main) "euca-bundle-vol creates unuseable image?" [Undecided,New] https://launchpad.net/bugs/458542 [10:33] Are DNS servers depolyed only to companys who have web sites [10:36] huh? [10:36] http://en.wikipedia.org/wiki/Domain_name_system [10:36] read up about it [10:49] fahadsadah: Hello! [10:51] bogdanbiv: Ohai! [10:53] I saw you entered the channel just after me! :) [10:57] I'm in here 24/7 [10:58] But infinity died. [10:58] Taking my znc with it. [12:41] hello does anyone know how to make a vpn IN home to connect from anywhere? [12:45] hello does anyone know how to make a vpn IN home to connect from anywhere? [12:54] Guys and gals, how can I upgrade my server to Karmic? [12:55] I ran sudo apt-get dist-upgrade, but after it upgraded my packages to the latest version, nothing happened. I still have Jaunty! [13:59] i'm thinking of moving apache, mysql, to be supervised by daemontools, is this a viable idea? Any cons? [15:13] monostone: Why? [15:14] soren, what do you mean why? I want to have those services supervised and autostart if they fall [15:14] monostone: I mean why would you want to? Are they crashing for you? [15:16] i am having trouble accessing the ubuntu server on my lan. I recently set it up with a static ip and can ping from my laptop to it and vise versa but cannot access it through ssh or the browser as a webserver. Any ideas? [15:16] soren, no, but sometimes they do, due to diverse reasons, and I'm not going to be available to restart them, so I need a method to do that automatically, u have qmail running under daemontools, and i love the way it handles the services, clean, organized, I would love to put all daemon processes under daemontools if possible [15:17] monostone: You really should be spending your time getting those crashes fixed. [15:18] It's not unlikely that data is lost during those crashes. [15:19] soren, that is only one of the reasons, and the crashes are random, usually due to me having a not very good server machine handling ALOT of traffic, and once or twice every month the mysql or apache process gets blocked [15:20] bogdanbiv: There's a command called "do-release-upgrade". That's the one you want. [15:20] soren, my question was if any daemon process can be handled by daemontools though, not 'why does my apache or mysql crash' [15:20] bogdanbiv: It may need an extra option to upgrade to a development version (Karmic isn't released for another few days, so is still considered a development rlease). [15:21] monostone: I know what you asked. I'm just trying to save you from trouble. [15:21] soren: Oh, ok. I'll try it and come back with the results. [15:21] monostone: But of course you can manage whatever you want with daemontools. [15:21] monostone: Doing so just isn't the supported way of running apache nor mysql under Ubuntu. [15:22] monostone: And it's a horrible, horrible way to deal with crashes. [15:22] soren, ok, my worry was precisely that, if it was ill advised to use daemontools for anything else except qmail, djbdns, tiny-dns,etc [15:23] monostone, http://ubuntuforums.org/showthread.php?t=352546 ? [15:23] soren: Oh, 4 more days before Karmic is released. [15:23] soren, not so horrible, why would qmail run supervised then? [15:23] monostone: No clue. [15:23] I thought that it's launching sooner. [15:23] monostone: Dealing with crashes by wrapping stuff in an "whlie true; do run service; done" loop is a bad, bad, bad, horrible idea. [15:24] You should spend time fixing the crashes instead. [15:24] I do think MySQL already does something like this, though, just more elegantly. [15:25] Yeah, that's part of what mysqld_safe does. [15:26] bogdanbiv: The expected date has not changed since it was first announced back in March. [15:26] soren, I understand what you're saying, and a constant crashing process needs to be revised in detail. But my case isn't a constantly crashing daemon, only very randomly, in fact for a 1 year, 2 month, 3 day uptime, apache has crashed, 4 times, and mysql blocked or became unresponsive 6, and mainly due probably to me running migration scripts which took system usage to over 7.5 [15:27] bogdanbiv: My mistake. The date was set in February. And hasn't changed since then. [15:36] any ideas why i can't access my server on lan with ssh but can ping to it? [16:03] Hi [16:03] how can i test out dns server in practice without registering a real domain name [16:09] set up a dns server on your lan and configure your other computers to use that as a dns server [16:14] for resolving? [16:20] what for MK13 [16:21] would the clients use it for sending queries? [16:23] Googa: for starters I suggest you use 2 virtual machines - so no harm should be done [16:23] on same computer [16:25] Googa: I said that because it sounds as if you have no idea about nameservers - so play in a "sandbox" to get a feeling [16:25] but i do [16:26] Im just missing pieces of the puzzle [16:27] Googa: sorry, then I misunderstood your questions - maybe you should be more specific as to what pieces are missing :) [16:27] I´ve been reading all day about how to set a server for a domain, but i cant figure out some things about domains, where you use them etc. [16:31] So if i have 20 computers(small buisness), why would i want to put up a dns server for them or would i [16:31] ? [16:57] how can I tell if my dovecot is working? [16:57] re [16:57] cups seems broken for me in karmic [16:57] anyone familiar with the changes regarding hal in karmic? [16:58] until jaunty was the hal backend for cups in hal-cups-utils [16:58] http://packages.ubuntu.com/search?suite=jaunty&arch=any&searchon=contents&keywords=%2Fusr%2Flib%2Fcups%2Fbackend%2Fhal [16:58] gone in karmic :( [16:59] trying to install that package from jaunty dpkg tells me that: "system-config-printer-udev conflicts with hal-cups-utils (<< 1.1.10)" [16:59] so, now, who tells me how I get my printer running without the hal backend then? [16:59] :) [17:13] New bug: #460528 in samba (main) "package samba-common 2:3.3.2-1ubuntu3.2 failed to install/upgrade: Unterprozess post-installation script gab den Fehlerwert 10 zurück" [Undecided,New] https://launchpad.net/bugs/460528 [17:13] anyone out there using an ubuntu-server ECU image as a domU (guest) on a Xen system? [17:19] i'm trying to install the karmic rc. during the 'detect disks' stage, it prompts me whether to activate SATA RAID devices, but - either way - they are not visible in the partitioner. how can i make the disks attached to the SATA 'RAID' device on my mobo show up in the partitioner? [17:19] does anybody know the command that I can use to see what the name of a group is that belongs to a GID? [17:26] skuld: getent group [17:26] cool, thanks1 [17:27] skuld: you're welcome :-) [17:29] Jayde: I use ubuntu-server as XEN image, but I have no clue what the ECU image is o.O [17:31] phaidros, i think ecu is for certain server farm environments [17:32] k [17:32] If I manually compile a program that is dynamically linked to a bunch of libraries installed using the package manager, will updates to those libraries be available in my program immediately or will I still need to recompile? [17:33] Bilge, depends whether they're compile-time dependancies, or runtime ones [17:33] Compile-time [17:33] Or so I would assume given that the configure script needs to find them for them to be enabled [17:36] Bilge, you'll need to recompile compile-time dependancies [17:47] I thought as much [17:47] So the only benefit of choosing dynamic over static is going to be smaller binaries, right? [17:48] What would be the optimal swap settings for a web+mail+xmpp server with 128+64M RAM? [17:50] Bilge: no - the main benefit is that in a running system there need be only one copy of the module - instead of one for every program using it [17:51] But that's not a benefit [17:51] That's just an explanation of the difference [17:53] Bilge: I'd say thats a benefit for the system - think about memory usage [17:57] Reducing memory usage is a benefit [17:57] Reducing disk usage is a benefit [17:57] "there need be only one copy of the module" is not a benefit [17:58] And sadly, being able to autoamtically take advantage of library updates is also not a benefit, as it turns out [18:00] Bilge: I don't want to argue, but suppose there are 100 programs running on your system, all using the same library - that certainly makes a difference [18:07] Is there a way to prevent or invalidate "unset HISTFILE" ? [18:08] genii: a guess. look into .bashrc or .bash_profile [18:10] guntbert: I want to prevent either: user from setting that value in their .bashrc or sneakier: make it not work when they do [18:11] genii: should not be possible! [18:12] genii: admins don't spy on their users :) [18:12] guntbert: admins DO spy on compromised account bash history, however [18:14] genii: that'd be a forensics task - not really my field of expertise :) [18:14] guntbert: I'm guessing English isn't your first language because you're completely missing my point [18:15] Bilge: right you are [18:15] Perhaps you don't know the definition of benefit [18:16] Bilge, English is my first language, and I agree with guntbert [18:16] reducing the number of copies is in and of itself a benefit [18:17] Bilge: never mind - its off topic anyway [18:18] qman__: no, you only understand that reducing the number of copies is beneficial because you understand the benefits associated with reducing the number of copies implicitly. But that doesn't mean that reducing the number of copies is itself a benefit. To someone who does not understand what the benefit of reducing the number of copies is, it would not appear beneficial at all [18:20] appearances can be deceiving [18:28] I'd like to be able to let my users change their own real names. Any existing way to do that, other than writing my own wrapper around usermod and making it suid root? [18:30] * genii considers making bash execute for instance with something like bash --rcfile /somewhere-not-user-writeable/immutable-bashrc to prevent .bash_history from not being written when user does "unset HISTFILE" [18:32] But I'm wondering if it pulls in for instance what order of /etc/bash.bashrc ~/.bashrc and /somewhere-not-user-writeable/immutable-bashrc and if it stops when the first one is found or keeps going and does all of them, if so in what order since if ~/.bashrc is last the "unset" still works [18:34] genii: wouldn't help - an intruder can easily bring his own bash or use a completely different shell [18:36] dosent bash ctrl+r reverse-search depend from historyfile ? [18:40] * genii sips and thinks [18:41] New bug: #460581 in bind9 (main) "[Karmic] host lookup error" [Undecided,New] https://launchpad.net/bugs/460581 [18:50] what in this mess [http://pastebin.com/f5b57a14e] tells me that port 110 is open? it's supposed to be [18:52] 110 *is* pop3....right? [18:53] skuld: yes - # [18:53] ACCEPT tcp -- anywhere anywhere tcp dpt:pop3 [18:53] okay, I'm confused. why then is a port scan showing that it's closed? [18:55] skuld: a port scan from where? inside your network or outside? [18:55] and I guess dovecot is messed up somewhere...not listening to pop3.... [http://pastebin.com/f46f2e379] is my lsof -i [18:55] using one of those web port scans [18:55] https://www.grc.com/x/ne.dll?rh1dkyd2 (port scan I used) [18:55] skuld: you are behind a router? [18:56] linux is my router [18:59] skuld: they don't show the results to anyone :) but by default dovecot only listens on imap [19:00] but I've got 'protocols = imap imaps pop3 pop3s' defined in dovecot.conf [19:02] this is my dovecot -n listing: [http://pastebin.com/f50bc6e00] [19:03] skuld: may I try a pop3 connection to your host? [19:03] yes [19:05] skuld: I really get connection refused [19:05] skuld: sorry, I have to leave for some time [19:05] I'm stumped. I've got that port open in my firewall, yet dovecot doesn't seem to be listening to it [19:06] it's okay, thanks. I'll keep plugging at it [19:06] at least I *finally* got my postfix working LOL [19:06] skuld: one last thought - can you tell dovecot on which interfaces to listen? [19:07] I'm not sure...what should I check? [19:23] I'm running ubuntu 8.04 on a virtual server over on Amazons cloud. If I run "apt-get -y dist-upgrade" will that upgrade to another version of ubuntu? [19:23] I hope not... [19:29] ninjah: No. [19:30] soren: Cool! I just need to upgrade the package "tzdata" [19:32] soren: I normally use "apt-get upgrade". Is there a difference between the two? Which one should I use? [19:33] ninjah: they are mostly the same. [19:33] ninjah: dist-upgrade allows new packages to be pulled in. upgrade does not. [19:33] soren: Thanks! I'll use "apt-get -y dist-upgrade" [19:33] ninjah: This happens if another package being upgraded has a dependency added. [19:34] soren: I see... so if a dependency needs to be upgraded "apt-get upgrade" won't work. [19:34] hey soren [19:34] that should never happen after release [19:35] JanC: Well, it does, occasionally. [19:35] The openssl vulnerabality last year did, for instance. [19:35] openssh-server suddenly had a dependency on the ssl blacklist package. [19:35] (or whatever it was called) [19:36] It's reasonably rare, though. [19:36] oh right, but it's very very uncommon, and that was an extreme case ;) [19:40] skuld: you still around? [19:45] zul: Oh, hey :) [19:48] I want to be able to use passwordless ssh to connect to my student accounts in remote machines. So I do `ssh-copy-id student@remote-pc`, no problem there. [19:48] But I also want the students to be unable to delete their ~/.ssh directories, because that would prevent me from remotely executing commands on their accounts. How would I do that, while allowing ssh to work? [19:50] alkisg, I suppose you could make the relevant files immutable [19:51] qman__: right, thanks!!! chattr, I always forget about it... [20:17] is there a way to get a list of all my users (except like system users and daemons...)? [20:18]