[00:00] <alex88[sleep]> xperia2: r u on?
[00:02] <xperia2> yes i am ! wish you a good sleep alex. we see us sure tommorow
[00:03] <alex88[sleep]> xperia2: thanks...btw, last thing, what you mean with virtual hosts?
[00:03] <alex88[sleep]> for example redirect www.site.com to /var/www and mail.site.com to /var/www/mail? something like that?
[00:05] <xperia2> exactly !
[00:06] <xperia2> i need this for running then my subdomains
[00:06] <xperia2> like page1.wificom.ch -> /var/www/page1  page2.wificom.ch -> /var/www/page2
[00:07] <xperia2> think it must work
[00:07] <alex88[sleep]> xperia2: it should..xD good luck so, when i'll buy my domain i'll use some nice irc vhosts..xD
[00:08] <alex88[sleep]> btw...goodnight really now..
[00:08] <xperia2> okay bye alex88
[00:24] <Bookman> I am looking to get my LPIC certification so that I might be able to enter the Linux job market and was just wondering if there is an up to date self study course available online.  I am using IBMs developerworks, but it seems a bit dated as it is from 2005 I believe.
[00:30] <qman__> from what I've seen, the LPI exam itself is a bit dated, so you should be fine
[00:30] <qman__> they still cover 2.4 kernels AFAIK
[00:31] <qman__> unless the exam has seen a major overhaul in the last year or two, you've got nothing to worry about
[00:32] <Bookman> qman__: apparently the last exam version is current as of 2009-04-01
[00:33] <qman__> ah
[00:34] <Bookman> Not sure of what was updated though.  I do see things like /proc/pci no longer being used.  Obsoleted by lspci.  Things like that.
[00:35] <qman__> yeah, when I was last dealing with LPI, it was way out of date
[00:35] <qman__> covered stuff that's completely obsolete
[00:35] <qman__> that's why I didn't bother taking it, figured I'd wait until they caught up and covered stuff I actually know
[00:36] <Bookman> Well, I assume I cannot go too wrong continuing then.
[00:36] <qman__> you might want to look up a newer source and compare
[00:36] <mushroomblue> Bookman: URL for the developer works LPI study course?
[00:37] <qman__> but if you're pretty familiar with the inner workings of the system you should be ok
[00:37] <qman__> also, be aware of redhat and debian specific stuff, as opposed to just plain linux
[00:38] <qman__> ubuntu is to the point where you never even bother with most of the stuff they cover, because it's all automated
[00:39] <qman__> play with some less refined distros
[00:39] <mushroomblue> yeah.
[00:39] <mushroomblue> just install/compile gentoo
[00:39] <mushroomblue> that'll get you ready for your LPI.
[00:39] <qman__> gentoo, slackware
[00:40] <qman__> maybe even freeBSD
[00:40] <qman__> while BSD is considerably different from linux, it does require you to learn a lot about manually compiling and installing software
[00:40] <Bookman> http://www.ibm.com/developerworks/linux/lpi/
[00:40] <Bookman> mushroomblue: actually that is a great idea.
[00:41] <mushroomblue> Bookman: gentoo is awesome, if I can say that without getting b&d
[00:41] <qman__> gentoo certainly taught me a lot
[00:42] <qman__> but it's not practical for most applications
[00:42] <qman__> good toy and learning tool, though
[00:42] <Bookman> There was also a build your own linux type of distro.  You start from the bottom and work up.....
[00:43] <Bookman> Linux From Scratch or something like that
[00:43] <qman__> gentoo is basically like that, except that it automates the downloading and compiling
[00:45] <Bookman> Got it.  Would this all work in a VM or should this be really done on a play machine?
[00:45] <qman__> well
[00:45] <qman__> you should probably work on a real machine at least once, so that you encounter problems with your hardware
[00:46] <Bookman> Good point
[00:46] <qman__> I know that seems counter intuitive but dealing with that is an important thing to learn
[00:46] <qman__> learning how to figure out what you need in your kernel and such
[00:46] <Bookman> No, not really.  You never really learn about your car until you break down
[00:47] <qman__> make sure whatever you use actually works in other linux distros first though
[00:47] <qman__> test with ubuntu or whatever
[00:47] <Bookman> So try a few distros is the best way.
[00:48] <Bookman> Not just Debian based.
[00:48] <qman__> yes
[00:48] <Bookman> Thank you both for your advice.
[01:17] <everythi_> mneptok: thanks for the advice earlier, but its still causing the error. (just for fun I tried a Xubuntu alternate install cd, same result)
[01:27] <smoser> erichammond, or anyone else interested, there are hardy (8.04) ec2 testing builds available http://paste.ubuntu.com/310111/
[01:28]  * erichammond dances a jig
[01:34] <smoser> even pretty daily build output: http://uec-images.ubuntu.com/hardy/20091105/
[01:35] <smoser> gah!
[01:36] <smoser> they dont think they're "enabled" for ec2-init :-(
[01:37] <smoser> phooey.
[01:47] <preesident> ok alex88 i will see how can i send woman to Italy.... :-)
[01:48] <preesident> lets the challenger....this situation, lets post the best out.
[01:48] <preesident> machine with ubutun server instaled, dont have internet, dont have webmin, dont have winbox,
[01:49] <preesident> how can you make browse configurations ?
[03:42] <smoser> well, those images were bad :-(. i pulled them, but started a build and push with a fix.). new images (listed http://uec-images.ubuntu.com/hardy/20091105/ ) have been sniffed, ssh access working.
[04:39] <rags> Is there a way to configure sbackup to send mail alerts for every backup job completed?
[04:39] <rags> or failures for that matter
[05:12] <KurtKraut> rags, that will probably require some shell scripting.
[05:14] <rags> KurtKraut: I am surprised...I mean it's something very basic...I thought I just missed a config option somewhere..but seems like the tools just doesn't provide this feature.
[05:15] <JJman> can anyone tell me why mysql server would be running on a different port then is set by the config file (the default of 3306)  but netstat isn't showing that as the port thats mysqld is using??
[05:16] <KurtKraut> rags, you should request it as a feature for sbackup developers.
[05:17] <rags> KurtKraut: Yeh..I will...but I see many requests already...now to find the compelling reason y it's not implement..
[05:18] <KurtKraut> rags, the s in sbackup stands for 'simple'. This can be a demonstration that the project meant to be really simple. I'm sure there is other feature rich backup solutions.
[05:31] <rags> But a report is a must..at least an "OK backup complete"
[05:43] <JJman> can anyone tell me why mysql server would be running on a different port then is set by the config file (the default of 3306)  but netstat isn't showing that as the port thats mysqld is using??
[05:44] <KurtKraut> JJman, try lsof -i
[05:49] <JJman6__> KurtKraut: ok.  this shows a completely different port than netstat showed.
[05:50] <KurtKraut> JJman6__, could you paste the output netstat gave you and lsof gave you? I wouldn't expect different results.
[05:51] <JJman6__> lsoft  gave me:  mysqld     2428    mysql   10u  IPv4   5236       TCP localhost:mysql (LISTEN)
[05:51] <JJman6__> netstat gives: unix  2      [ ACC ]     STREAM     LISTENING     5237     /var/run/mysqld/mysqld.sock
[05:52] <JJman6__> so 2 diff ports 5236 & 5237
[05:52] <JJman6__> and well the config file says it should be running on port 3306
[05:56] <KurtKraut> JJman6__, try lsof -i -P
[05:56] <JJman6__> mysqld     2428    mysql   10u  IPv4   5236       TCP localhost:3306 (LISTEN)
[05:57] <JJman6__> hmm ok
[05:57] <JJman6__> i'm still confused
[05:57] <JJman6__> as to which port i should be using to try and connect to  mysql (trying to connect phpmyadmin to DB on a different server)
[05:58] <KurtKraut> JJman6__, Please use pastebin.com or pastie.org to paste me the full output of there two commands: lsof -i -P and netstat --ip -n
[05:59] <JJman6__> k
[06:00] <Maleko> hi. could anyone recommend me a simplest and lightest webserver out here? i just need it to host some files
[06:01] <KurtKraut> Maleko, fnord, thttpd and monkey
[06:01] <KurtKraut> Maleko, I belive fnord is the smallest and simplest.
[06:02] <JJman6__> KurtKraut: http://pastebin.com/dac1a3b6
[06:03] <JJman6__> that netstat output doesn't show anything useful
[06:03] <JJman6__> just my remote connection
[06:04] <KurtKraut> JJman, so netstat shows only this?!
[06:07] <Maleko> KurtKraut: i will give fnord a try, that thttpd looks good too but it's last updated was 2003, and i cant find site for monkey
[06:07]  * flyback is retiring from helping people on irc till further notice, I have had enough
[06:07] <JJman> Yep
[06:07] <JJman> with the cmd u gave
[06:08] <JJman> netstat -l shows more
[06:08] <KurtKraut> Maleko, http://www.monkey-project.com/
[06:08] <KurtKraut> JJman, well, I rely more on lsof.
[06:09] <JJman> i see that shows localhost:3306  but why then does it show 5236 for 'Device'
[06:10] <JJman> i've tried connecting to mysql remotely using all 3 of those ports and none work
[06:13] <KurtKraut> JJman, If I'm not mistaken, mysql only respond to localhost requests by default.
[06:13] <qman__> ^^ this is true
[06:13] <JJman> umm.
[06:13] <qman__> uh, ok
[06:14] <JJman> so it won't even accept external requests from phpmyadmin even.
[06:14] <qman__> you have to configure mysql to listen on an IP if you want remote connections
[06:14] <JJman> any idea how i can change that
[06:14] <qman__> most LAMP configurations have the web server and database on the same server, so it only listens local by default for security reasons
[06:15] <JJman> i want remote connection through phpmyadmin mainly
[06:15] <JJman> (which is on a server behind same firewall)  so could i just use internal IP
[06:15] <qman__> you always use internal IP
[06:15] <qman__> external IP translation is handled by the router
[06:16] <JJman> yea we've seperated the DB & web server out into seperate machines to improve security
[06:16] <qman__> that actually creates a security risk
[06:16] <qman__> but to each his own
[06:17] <qman__> a proper firewall and well-configured SQL server can reduce that risk
[06:18] <qman__> you're introducing network-based connections to your SQL
[06:18] <qman__> where previously they were local only
[06:19] <JJman> True.  but i was taught that this is the best way to do it.  Since your web server opens a number of potential risks especially since PHP runs on it.  so if ppl gain access to your webserver and your DB is sitting on the same machine they've got full access to your data
[06:20] <qman__> not any more or less so than if the database is on another server
[06:20] <qman__> because you have to open up the access to the database anyway
[06:20] <qman__> database security comes down to the configuration
[06:20] <JJman> not to mention its not very scalable to have your web & DB server on the same box
[06:20] <qman__> that's the only good reason to do it that way, if you need the performance
[06:21] <qman__> it is not at all better for security, and is actually worse for security
[06:21] <qman__> and involves more work, and creates more poitns of failure
[06:21] <qman__> points*
[06:22] <JJman> I dunno
[06:22] <qman__> though PHP, you have the same access to the database regardless of which system it is on, local or remote
[06:23] <qman__> also, if someone roots your web server, your sql server is still accepting connections from it
[06:23] <JJman> i can't really rebut that.   I can say for sure which way or another is better.   Just how i was taught
[06:23] <qman__> so you haven't gained anything
[06:24] <qman__> yeah
[06:24] <qman__> I just want to make it clear
[06:24] <JJman>  i meant i can not say for sure
[06:24] <qman__> the only reason to separate your SQL and web servers is performance
[06:24] <JJman> which in itself is a good reason
[06:24] <qman__> a properly configured single-server setup is more secure than a properly configured multiple server setup
[06:25] <JJman> although i've never seen any hard #'s  to indicate what a single machine can handle versus seperate web & db can handle
[06:25] <qman__> it all depends on the hardware you're using and the site you're running
[06:26] <qman__> it's a very tough thing to figure out and basically requires a test bed setup
[06:26] <JJman> what about the bottleneck of your NIC.  sharing both web & db
[06:26] <JJman> just slap in a dedicated NIC for web & DB?
[06:26] <qman__> in a single server setup, database traffic never hits the network
[06:26] <qman__> it stays local
[06:27] <qman__> so you actually reduce your network load
[06:27] <JJman> hmmm i guess that makes sense
[06:27] <qman__> though the network card itself is very rarely a bottleneck for a web server
[06:27] <qman__> more likely is the internet connection
[06:27] <JJman> cause your not really going to have a DB request without the web first requesting it
[06:28] <JJman> at least for web based apps
[06:28] <qman__> the web based apps only return web traffic
[06:28] <qman__> all the database traffic stays on the local machine
[06:28] <qman__> and you only return web pages
[06:28] <JJman> Well you definately present some valid points.  Now i wonder why i've wasted so much time configuring these servers seperatly
[06:29] <JJman> yea thats what i meant
[06:29] <qman__> the idea is, in a secure configuration, users can't directly request from the database
[06:29] <qman__> they request a web page, which renders the information from the database
[06:29] <JJman> Yep
[06:30] <JJman> still comes back to at what point would a seperate DB be required for performance reasons
[06:30] <qman__> if you get a whole lot of complex queries
[06:30] <qman__> if you have a large database, querying it takes longer than sending the request and returning the result
[06:30] <qman__> and eats up CPU time
[06:30] <ninnypants> I'm trying to set dovecot as the MDA for postfix but keep getting this error
[06:31] <qman__> so, you might not be able to handle both the database and the web server on the same hardware
[06:31] <qman__> you have to have a pretty heavy load or application to need this kind of setup though
[06:31] <ninnypants> postfix: fatal: /etc/postfix/main.cf, line 49: missing '=' after attribute name: "dovecot   unix  -       n       n       -       -       pipe     flags=DRhu user=vmail:vmail argv=/usr/lib/dovecot/deliver -d ${recipient} "
[06:31] <qman__> and if you do, you'll probably use multiple web and database servers
[06:32] <JJman> Well i'm going to be running Joomla based websites  So its a lot of data related stuff.  most everything is stored in the DB.  But we are hoping to grow rapidly and have in excess of 100k hits a day
[06:33] <qman__> what kind of hardware are you running on?
[06:33] <JJman> Well we haven't purchased our final hardware.   so i can't give exact specs  ;-)   We are starting out on some low end stuff.
[06:33] <qman__> well that's what it all comes down to
[06:34] <qman__> if you have quad xeons and whatnot, you could do it all on one server no problem
[06:34] <JJman> but within a few months we will probably get a pretty hard core quad-core machine
[06:34] <JJman> we are running multiple VM's
[06:34] <qman__> if you're going with bargain bin single core athlons, you probably need more than one server
[06:34] <JJman> our production server will definately be quad-core server stuff
[06:35] <JJman> i'm setting up development & test servers right now
[06:35] <JJman> which are on just old machines
[06:35] <qman__> in your situation I would actually recommend, if one server is too slow, that you use two single-server setups and distribute the sites across the servers
[06:36] <qman__> since there are a lot of databases, but each one is just for one site
[06:36] <JJman> We aren't live with anything yet so we have no current load
[06:36] <JJman> but our production server will have a good pipe.  100Mb+
[06:38] <qman__> yeah
[06:38] <JJman> if u don't mind my asking what kind of work do you do..  what are you qualifications  ;-)
[06:38] <qman__> Am I correct in assuming your setup will be a whole lot of instances of one site and its database together?
[06:39] <qman__> and not any large databases used by multiple sites?
[06:39] <qman__> well
[06:40] <qman__> I was the apache2/mysql admin on the baker college cyber defense team, we won the national level competition two years in a row
[06:40] <JJman> Well its likely we will do the multiple instances scenario but haven't quite thought that far ahead
[06:40] <qman__> http://nationalccdc.org/
[06:41] <qman__> well, what I'm getting at is
[06:41] <JJman> but its just as likely we will use a single large DB to handle all the sites.   I dunno at this point.   It comes down to how well the first site does and how large hte DB gets and what kind of performance requirements it will have when we are cruising all full speed
[06:41] <qman__> if each site has its own smaller database, and you're not sharing information from one database across multiple sites, it's probably more efficient to run single-server LAMP setups, just more than one of them, and distribute the sites over the servers to balance the load
[06:42] <JJman> Its probably easier to manage all sites with one DB
[06:42] <JJman> oh they wouldn't need to be sharing information most likely.  they would be seperate
[06:42] <qman__> I doubt that, keeping everything in one database for multiple ecommerce/CMS/web apps is a very bad idea
[06:43] <qman__> it can get really messy
[06:43] <JJman> in on DB server but seperate DB's on that server of course
[06:43] <qman__> ok
[06:44] <qman__> yeah, I would just set up a bunch of LAMP servers, rather than setting up remote mysql
[06:44] <JJman> Like i said i really don't know how big to expect our growth to be on the back end.  so its hard to predict
[06:44] <qman__> in what you're looking to host, it's scalable
[06:44] <JJman> which would be easy through VM's
[06:44] <qman__> it's not that hard to move databases from one server to another, if you need to move a site
[06:44] <JJman> since thats how we plan to manage everything through VM's and snapshots
[06:44] <qman__> and if your LAMP servers are VMs, they'd be easy to load balance across real hardware
[06:45] <qman__> so
[06:45] <qman__> server1 hosts 50 sites and the databases for those sites
[06:45] <qman__> server2 hosts 50 more sites and the databases for THOSE sites
[06:45] <qman__> etc...
[06:45] <JJman> but you'd recommend we have seperate VM's environments per each site basically with its own web & db server
[06:46] <qman__> no, not separate VMs
[06:46] <qman__> that's way too much overhead
[06:46] <qman__> I'd have a few VMs, depending on how many real servers you have
[06:46] <qman__> and on each of those VMs, have a given number of sites with their databases hosted
[06:47] <JJman> we will start with 1 powerful production server which should be able to handle all we need for some time
[06:47] <JJman> we aren't going to have  a lot of sites really
[06:47] <qman__> yeah but a VM per site is way too much
[06:47] <JJman> k
[06:47] <qman__> unless you're serving VPS
[06:48] <qman__> just running one VM takes more resources than a dozen sites or more
[06:48] <JJman> true
[06:48] <JJman> ok.  so we will most likely be able to handle all of our sites iwthin 1 vm
[06:48] <qman__> really you don't even need VMs for this setup, they only help if you want to set something up like an ec2 cloud
[06:48] <JJman> The main thing i see growing is the DB needs
[06:49] <qman__> where the VMs are dynamically load balanced on real hardware
[06:49] <JJman> cause we might have a dozen or 2 sites at most i predict
[06:49] <qman__> well, what you're going to run into, if you have an issue, is that too many databases are hosted on one VM
[06:50] <qman__> which would happen the same regardless if you split it up my way, or if you had a separate DB VM
[06:50] <JJman> right
[06:50] <JJman> so whats the best way to handle the growth
[06:51] <qman__> so, by just putting a few sites per VM (going on your figure of 12), with single-server LAMP configurations, you can distribute the load across VMs
[06:51] <qman__> and then distribute the VMs across real hardware
[06:51] <JJman> thats why it seems better ot just start out with seperate DB vm's
[06:51] <qman__> but see, it's not any different than having full LAMP VMs
[06:51] <qman__> which would be easier to configure and inherently more secure
[06:52] <qman__> one more question
[06:52] <qman__> does each site have its own IP?
[06:52] <qman__> or just domain names
[06:52] <JJman> so lets say for example you have 3sites in 1 VM and the DB for one site is getting too big and affecting performance of other sites.
[06:53] <JJman> they will have their own IP's i'm sure
[06:53] <qman__> ok
[06:53] <qman__> continue with your example
[06:53] <JJman> would it then just be time ti migrate say the big site tahts hogging resources to a VM & along with its DB
[06:53] <qman__> yes
[06:54] <JJman> so you'd then have 2 VM's  1 w/ 2 sites & 1 w/ the big site
[06:54] <qman__> if the one site is too big and clogging the whole thing up, it's just actually easier to move the whole site with DB than it is to move the DB to a dedicated DB VM
[06:54] <qman__> right
[06:54] <JJman> Yea i think so
[06:55] <qman__> in this way, it doesn't require much configuration change
[06:55] <qman__> you literally just move the site configuration, files, and db
[06:55] <qman__> and all you have to change then is the IP
[06:55] <JJman> It'd be pretty easy.  just clone the 1 VM and kill the extra sites in new VM
[06:56] <qman__> of course, it's worth noting that in this configuration, the VMs themselves are going to be the biggest performance hit
[06:57] <JJman> Yea.  But it will gives us a good gauge as to when we need to expand our hardware needs also.  ;-)  when our VM's become maxed out means we need more server
[06:57] <JJman> I reckon it will take us more than a year for sure to max out our first server!
[06:58] <JJman> since we are buildinga  business from teh ground up
[06:58] <qman__> well, not sure about real-world time
[06:58] <qman__> but relatively, a nice quad core server is going to last you a while
[06:59] <qman__> and when you max it out, you can get another, and move some VMs over to it
[06:59] <JJman> Yea.   Ram is probably the first thing to go with VM's  I don't have a ton of VM experience.  but iknow Ram is the # one thing that gets eatin up with new VM's
[06:59] <qman__> yes
[07:00] <qman__> make sure you overdo it with the RAM
[07:00] <JJman> yar.  for sure.  we'll probably start with like 16Gb  or so
[07:01] <JJman> Min of 8Gb
[07:02] <qman__> yeah
[07:02] <qman__> with a quad core I'd start with no less than 8GB
[07:02] <JJman> This will actually help reduce our requirements at first.  Since will only need 1 VM to start really
[07:02] <qman__> that CPU is capable of quite a bit
[07:03] <JJman> Rawr.  I want to build myself a quad-core machine for my dailey use
[07:05] <JJman> So your a student?
[07:06] <qman__> yes, about to graduate actually
[07:06] <qman__> but I do this for more than just coursework
[07:06] <qman__> it's a hobby and a profession :)
[07:06] <JJman> yar
[07:06] <JJman> ditto
[07:07] <JJman> i've been in and out of hte industry.  i went back to school recently to refresh some stuff.  now i'm helping build a company (As a Web & DB developer)
[07:07] <JJman> But since we have no linux ppl  on the team i'm also stuck with all the network server setup as well.
[07:08] <JJman> actually i think i remember just before i left school like 6months ago.  our instructor had asked for volunteers for a competition that sounds like what you did.
[07:08] <JJman> It was a DB Admin class i was in
[07:09] <qman__> ah
[07:09] <JJman> Might have been the same event
[07:09] <qman__> yeah, actually my degrees are with microsoft minors, but I can confidently say I'm better with linux than windows
[07:10] <JJman> lol.  Yea i used to work for Microsoft
[07:10] <qman__> I would have taken linux minors but they weren't offered due to lack of interest
[07:10] <JJman> Yuppers
[07:10] <JJman> I've drop kicked microsoft products now and use Linux exclusively
[07:10] <qman__> I'm definitely linux powered, I only keep windows around for games
[07:11] <JJman> Counter Strike Source  Rawr
[07:11] <JJman> Yep me too
[07:12] <JJman> I've been meaning to try and get CSS running in Kubuntu,  but been too busy with work stuff & trying to make money
[07:12] <qman__> I used to run my games on linux back with 6.10
[07:13] <qman__> it actually worked well then, but then some changes went through and wine just wasn't keeping up
[07:13] <JJman> I run a few windows programs in KDE now.  some with marginal success
[07:13] <qman__> so I keep the one windows box
[07:13] <JJman> I play poker online.
[07:14] <JJman> Full Tilt used to work in Wine but hasn't worked for me in last 2 versions.  Fortunately PokerStars still works well
[07:28] <terin_webchat> why des -server install x11?
[07:28] <kblin> what did you select as additional packages?
[07:29] <terin_webchat> kblin: nothing... hint enter instead off the spacebar when i wanted to select OpenSSH
[07:30] <qman__> I think there are a couple x11 packages it depends on for console fonts
[07:30] <qman__> but it should not be installing X server at all
[07:31] <kblin> I just see the x11-common and x11-client libs
[07:33] <terin_webchat> kblin: ok... i just freaked
[07:35] <kblin> terin_webchat: the server packages are called xserver-xorg-*
[07:35] <kblin> you shouldn't see any of those
[07:37] <terin_webchat> kblin: i changed my mind about the encrypted $HOME... easiest way to turn that off (new, mint, system)
[07:38] <qman__> easiest? reinstall
[07:38] <qman__> if you haven't done anything
[07:38] <terin_webchat> qman__: and wait for installation again?
[07:38] <qman__> ten minutes isn't so bad
[07:39] <terin_webchat> qman__: 10 minutes, ha!~
[07:39] <kblin> terin_webchat: I'm sure you can turn that off, but I've never turned it on, so I don't know what "encrypted home directories" actuall does
[07:39] <qman__> 10 minutes is a liberal estimate
[07:40] <terin_webchat> kblin: it uses encryptfs to encrypt home... sounded like a great idea... until i remembered what machine i was on
[07:40] <qman__> I've brought a production LAMP server in 10 minutes, site, database, and all
[07:40] <terin_webchat> qman__: interesting
[07:40] <qman__> if it
[07:40] <qman__> 's taking considerably longer than that
[07:40] <qman__> you have a pretty significant hardware bottleneck
[07:40] <kblin> you're on a lousy internet connection?
[07:40] <kblin> :)
[07:41] <terin_webchat> qman__: i think it's the old CD drive i dug up for installation
[07:41] <qman__> I always skip networking during the install
[07:41] <qman__> speeds it up immensely
[07:41] <kblin> terin_webchat: ok, I take /home is not actually an encrypted partition?
[07:41] <qman__> set it up after reboot, then update
[07:41] <terin_webchat> kblin: encrypted directory (or file, or something)
[07:42] <terin_webchat> qman__: the installer does it for me
[07:42] <kblin> qman__: the last few servers I installed, I created root filesystems on SD cards :)
[07:42] <terin_webchat> guess i could pull the cable
[07:44] <qman__> kblin, how does that go for longevity? I've wanted to do something similar but was worried about burning them out
[07:44] <qman__> I've got one server with a 4GB hard drive of old
[07:44] <kblin> qman__: as long as you don't write lots of data to it, you should be fine
[07:45] <qman__> my concern is the logs
[07:45] <kblin> hm, so far I haven't seen any problems, and one of the boxes is running for a year now
[07:46] <qman__> oh, nice
[07:46] <qman__> I suppose I could use two, and put /var on a separate one
[07:46] <qman__> just in case
[07:47] <qman__> backup the logs nightly and if it tanks, just replace that card
[07:47]  * kblin nods
[07:47] <kblin> basically for a couple of bucks a card, I didn't worry too much
[07:48] <qman__> oh, it's not really the cost I'm worried about, it's the hassle and downtime
[07:48] <qman__> but if you've had one up for a year, that's long enough for me
[07:50] <terin_webchat> so far my server's been down more than it's been up
[07:50] <kblin> terin_webchat: about the home dirs, can you pastebin /tec/fstab?
[07:51] <Jeeves_> Morning
[07:51] <terin_webchat> kblin: i would, but seeing as how mkfs just went to the disk
[07:52] <kblin> ok, no worries then
[07:54] <soren> ttx: Welcome back.
[07:54] <ttx> soren: o/
[07:58] <Jeeves_> soren: If you've got time to debug ubuntu-vm-builder somewhere today, please let me know
[07:58] <soren> Jeeves_: Can you start by showing me the exact command line you're using?
[08:01] <Jeeves_> soren: Doing a full run now, i'll pastebin stuff in a few minutes
[08:01] <terin_webchat> kblin: i named my box nouptime
[08:12] <Jeeves_> soren: http://pastebin.ubuntu.com/310395/
[08:13] <Jeeves_> That's the complete output, including some stuff I do configuring the iscsi lun
[08:13] <Jeeves_> cmdline is at line 29
[08:13] <soren> Jeeves_: Could you try not using the --raw option?
[08:14] <soren> It has... um... issues :(
[08:30] <Jeeves_> soren: What should I use to get it on a device than? :)
[08:32] <soren> Jeeves_: Let's deal with that afterwards. So far, you've claimed it was all about virtio and whatnot, and I'd like to debunk that first.
[08:36] <terin_webchat> anyone know how to lookup a user's groups from the CLI?
[08:37] <soren> terin_webchat: groups
[08:37] <soren> terin_webchat: groups name_of_user
[08:37] <terin_webchat> soren: now i feel like an idiot
[08:37] <Jeeves_> :)
[08:39] <soren> :)
[08:44] <Jeeves_> soren: http://pastebin.ubuntu.com/310405/
[08:46] <soren> Jeeves_: So it worked? Great.
[08:47] <soren> Jeeves_: One option now is to simply move the image onto your device. "kvm-img convert" can do this for you until I fix this properly in VMBuilder.
[08:47] <Jeeves_> Yes, it did
[08:47] <Jeeves_> root@kvm3:~/kms-vms/ubuntu-kvm# qemu-img convert disk0.qcow2 -O raw /dev/sdf
[08:47] <Jeeves_> qemu-img: Error while formatting '/dev/sdf'
[08:47] <soren> I wonder what that means.
[08:47] <Jeeves_> :)
[08:47] <soren> Could you try stracing int?
[08:48] <soren> it?
[08:49] <Jeeves_> http://pastebin.ubuntu.com/310411/
[08:54] <soren> Jeeves_: Sorry, hit the wrong button there :)
[08:54] <Jeeves_> Hmm?
[08:55] <soren> Jeeves_: Oh, you're using -O raw. Use -O host_device instead.
[08:55] <Jeeves_> https://help.ubuntu.com/community/KVM/CreateGuests that might need altering too than
[08:56] <Jeeves_> That seems to work better, it takes more time. :)
[08:56] <Jeeves_>   13  br3                      453.03KiB       7743     116.47MiB      13810
[08:56] <Jeeves_> Writing quite fast too :)
[08:57]  * soren wonders what caused him to /PART that time.
[08:58]  * soren blames empathy
[08:59] <Jeeves_> empathy sucks, if you ask me
[08:59] <Jeeves_> irssi++ :)
[08:59] <Jeeves_> Ok, the converted disk works
[08:59] <terin_webchat> well... printing a document then going down... will finish setting up the server in the morn
[09:01] <soren> Jeeves_: Yeah, I use irssi too. I've started using bip as a proxy (since yesterday), and wanted to see how it worked if I had more than one client connected to it at a time. Specifically, I was hoping to use empathy purely for notifications, and leave the actual IRC usage to a local irssi, but apparantly, I'm not clever enough to use this.
[09:02] <pwnguin> screen+irssi + libnotify ftw
[09:02] <Jeeves_> soren: Just stick to the console :)
[09:02] <soren> pwnguin: That's what I've been doing so far.
[09:03] <pwnguin> although i guess its not smart enough to discard notifications when you're connected to the screen session
[09:03] <Jeeves_> soren: Anyhow, it seems that indeed the --raw function is giving me troubles
[09:03] <Jeeves_> soren: No quick fix for that, I'm afraid?
[09:03] <soren> pwnguin: Well, sort of. I've configured irssi to dump anything that would usually get hilighted into a file, and have a script that tails that file. When something turns up in it, it calls out to notify-send.
[09:03] <soren> Jeeves_: Sorry, no.
[09:03] <soren> Jeeves_: Not that I know of, anyway.
[09:03] <Jeeves_> soren: Might be handy to disable that feature than
[09:04] <pwnguin> soren: right, but it still pops up if you're at the console in question
[09:04] <soren> pwnguin: Yes? That's what I want.
[09:05] <soren> I don't actually close my IRC session, I just don't stare at it all day.
[09:05] <soren> but when people say my name, I probably want to go look at it.
[09:05] <pwnguin> soren: what i mean is, in situations where youre already paying attention to irc, you dont need a popup
[09:05] <soren> If I close my IRC session, it's because I do /not/ care about IRC.
[09:05] <soren> pwnguin: meh
[09:06] <pwnguin> anyways, its bed time for me
[09:07] <pwnguin> i gotta write a resume and philosophy of teaching doc tomorrow =/
[09:07] <soren> pwnguin: To fix that, something would have to inquire whether the window in which my irc sessions runs is partly or fully visible. Way too many layers of goo to work through. It's a mild nuisance at worst. I hadn't even thought about it until you just mentioned it.
[10:26] <alex88> morning all!
[10:42] <alkisg_work> To connect a serial UPS to my ubuntu server, do I need to `modprobe serial` or anything similar? I.e. is the serial module needed for UPSs, and/or loaded by default?
[10:48] <Jeeves_> alkisg_work: Serial works by default, usually
[10:49] <alkisg_work> Jeeves_: thanks - should I be seeing it with lsmod? I only see "serio_raw"...
[10:54] <Jeeves_> alkisg_work: I would be looking at /dev/ttyS0 or /dev/ttyS1, not lsmod :)
[10:54] <alkisg_work> Ah, thanks. /me has no clue about serial modules & UPSs... :(
[11:02] <Gorlist> Morning
[11:04] <Gorlist> ive got a slight proftp concern, today in my logs ive had a number of logins to user "ntml" (which shouldn't doesn't exist), they are then chroot over to a specific subdomain directory. Its coming from allot of different IP address - but I can't track the user at all. How can block this?
[11:06] <Jeeves_> Gorlist: You can try fail2ban
[11:09] <Gorlist> already running
[11:09] <Gorlist> the problem im having is their is no authentication - so its not failing
[11:10] <Gorlist> example:
[11:10] <Gorlist>  pam_unix(proftpd:session): session closed for user ntml  pam_unix(proftpd:session): session opened for user ntml by (uid=0)
[11:10] <Gorlist> they only login 1 time, each time with a new ip address
[11:13] <Gorlist> right ntml does exist
[11:14] <Jeeves_> Than there's nothing you can do, except /etc/init.d/proftpd stop
[11:15] <jhan> how do i configure apt-get server in ubuntu 9.4machine
[11:17] <jhan> apt-get client also.i going to update all packages only server, not for internet
[11:19] <Gorlist> thanks Jeeves, solved the problem. Some smeghead on the server has gotten their ftp password compromised, so someone had logged in changed and been trying to empty the database.
[11:21] <Jeeves_> Gorlist: You do realise that all '/etc/init.d/proftpd stop' does is stopping the ftp-server?
[11:23] <Gorlist> yes yes
[11:23] <Gorlist> sorry was monitoring the logs
[11:32] <alex88> hi all, i have my server ram increasing, and reboot is the only solution to reboot...how can i solve this problem?
[11:34] <Gorlist> what happens if you just leave it
[11:36] <Gorlist> have you checked top
[11:36] <Gorlist> to see what app might be sucking it up
[11:46] <alex88> greenfly: yeah, running top i have some app using about 6-9 % of ram like apache, bind etc..
[11:46] <alex88> for example, now i't 55% used, after restart about 25-30% but apache etc are already running
[12:46] <maxstirner> Hello, I got an ubuntu server with a drupal6 package on it, and I've been manually adding security updates to it. As & when the package gets updated, does this conflict in some manner? What's the "proper way" of handling this?
[13:01] <Skaag> I have an ibm serveraid 6i controller, one of the drives in the raid is faulty, but I can't find a utility that will talk to the ips kernel module and give me information
[13:09] <alex88> if i have a vps with domain, how can i configure my own dns to get custom hostname in irc connection?
[13:15] <kwork> is there something like cpu-z for linux, where you can see the memory slots and the modules details
[13:23] <Daviey> alex88: you need to set the reverse dns, or PTR record
[13:25] <Daviey_1> alex88: like this?
[13:27] <Spajderix> hi
[13:29] <Spajderix> i have fresh 9.10 installation, installed mysql, and configured it to use multiple mysqld instances with [mysqldN] configuration, with mysqld_muliti everything works fine, so i added link to /etc/init.d and made my system to stat it on boot, but after restart i find that it's not running and folder /var/run/mysqld is missing, anyone has any idea what might removed me this folder ??
[13:30] <Spajderix> to make it clear, after creating /var/run/mysqld folder everything goes to normal till next reboot, tested multiple times with start/stop/report
[13:31] <alex88> Daviey: ok thanks man
[13:32] <alex88> i'll do it later..in italy to register a domain you have to send a fax to .it registar... -.-
[13:34] <alex88> Daviey: Daviey in named.conf.local i have to add zone "98.198.94.in-addr.arpa"
[13:35] <Daviey> alex88: it would be worth checking first the ability to set PTR for your IP is delegated to you
[13:35] <alex88> and in the db file "82      IN      PTR     irc.alexnetwork.it"
[13:36] <alex88> Daviey: it is, in my domain i can choose dns servers to use
[13:36] <alex88> and i can use my own
[13:36] <Daviey> alex88: but for the IP address?
[13:36] <alex88> what you mean?
[13:37] <Daviey> alex88: check if it works, but if it doesn't you need to speak to the owner of the IP address.
[13:37] <Daviey> (range)
[13:38] <alex88> Daviey: ok thanks for help, i'll do it..
[14:37] <spiekey> Hello!
[14:37] <spiekey> my fs claims to be full, but i still have 40% space left.
[14:37] <spiekey> am i running into some other limits?
[14:38] <_ruben> inodes possibly
[14:38] <_ruben> which could happen if you have lots and lots of small files for instance
[14:48] <ghankstef> tryning to set my system clock and having no luck.   What's the best way to do it?  tried date --set "2009-11-05 08:33:00"  but doesn't take
[14:49] <Vash108> I am attempting to install Server for the first time. When looking at the walk through instructions it shows a GUI, my install does not use this and I downloaded the newest ISO. What am I doing wrong?
[14:49] <ghankstef> Vash108, my server has no GUI
[14:50] <Vash108> This is what it is showing on the install page
[14:50] <Vash108> https://help.ubuntu.com/community/GraphicalInstall
[14:50] <Vash108> My install looks different
[14:50] <Pici> Vash108: That page is not for the server install, its for the desktop install.
[14:51] <acalvo> hi
[14:51] <Vash108> ah
[14:51] <acalvo> how's it going around here?
[14:51] <Vash108> i just caught that
[14:51] <Vash108> Do you know of any place that has a server install walk through?
[14:52] <Vash108> I am having trouble with the partition setup. This will be my first linux server install ever. I am a fish out of water sadly on this.
[14:53] <acalvo> Vash108: what are your questions?
[14:53] <acalvo> is pretty straight-forward
[14:54] <Vash108> I am telling the installer to use the entire disk and it creates a partition, but it keeps failing when I try to continue
[14:55] <acalvo> what version are you trying to install?
[14:55] <acalvo> jaunty?
[14:55] <acalvo> karmic?
[14:56] <Vash108> Ubuntu Server 9.10
[14:57] <aubre> I think I want to set the console color of my ubuntu servers to brown
[15:02] <acalvo> aubre: check ~/.bashrc
[15:02] <acalvo> man bashrc
[15:02] <aubre> acalvo: ty
[15:03] <aubre> acalvo: thanks
[15:08] <JJman> i had to reinstall phpmyadmin and now i have 2 .conf files with different info in them.  Not sure if i can delete one of these nor what should really be in there.  as i'm getting an error on my page about "Connection for controluser as defined in your configuration failed."
[15:14] <gioele> is there a way to tell to the ubuntu server installer to install a certain list of packages?
[15:17] <nijaba> gioele: yes, through pre-seeding or kickstart.  I talk about it in the automated deployment WP @ http://www.ubuntu.com/products/whitepapers
[15:23] <gioele> nijaba: they are exactly what I was looking for. Thank you
[15:29] <acalvo> JJman: do a diff and check the changes
[15:29] <JJman> i can see the diff.  the user & pw are diff.
[15:30] <JJman> i'm experimenting changing it as i changed hte name of root anyway!
[15:30] <JJman> but i'm getting another error message in phpmyadmin (browser):
[15:30] <JJman> Your PHP MySQL library version 5.0.75 differs from your MySQL server version 5.1.31. This may cause unpredictable behavior.
[15:30] <acalvo> JJman: maybe you should update your mysql DB of phpmyadmin
[15:30] <acalvo> to the new one
[15:31] <acalvo> http://localhost/phpmyadmin/update would be a guess
[15:31] <JJman> i did.  i installed 5.1 at the same time i installed phpmyadmin
[15:31] <acalvo> JJman: check the php-mysql library
[15:32] <JJman> how  ;-)
[15:33] <acalvo> dpkg -s php5-mysql
[15:35] <JJman> 5.2.6.dfsg.1-3ubuntu4.2
[15:35] <acalvo> JJman: which version are you using? 8.04? 9.04? 9.10?
[15:36] <JJman> 9.04
[15:36] <acalvo> same as I do
[15:37] <acalvo> try to reinstall the package
[15:37] <JJman> i had to reinstall mysql-server  i installed the mysql-client-5.1 & server-5.1
[15:37] <JJman> when i reinstalled phpmyadmin it uninstalled mysql (was not happy about that)  and it tried installing mysql 5.0
[15:37] <acalvo> weird
[15:37] <acalvo> should'nt do that
[15:37] <JJman> shouldn't but it did
[15:38] <acalvo> what version of phpmyadmin are you trying to use?
[15:38] <JJman> if i had actually had any data in there i would have been PISSED
[15:38] <JJman> whatever version it installs by default  ;-)
[15:38] <acalvo> JJman: deleting a package does not remove its data
[15:39] <acalvo> 4:3.1.2-1ubuntu0.2
[15:39] <JJman> i purged
[15:39] <acalvo> does not matter, data that does not come with the package is not deleted
[15:39] <JJman> mysql  Ver 14.14 Distrib 5.1.31, for debian-linux-gnu (i486) using  EditLine wrapper
[15:40] <JJman> thats the version i want.  thats whats installed
[15:40] <JJman> but i don't know why phpmyadmin is having problems with that
[15:40] <JJman> Your PHP MySQL library version 5.0.75
[15:41] <JJman> so what i do to make them happy.
[15:41] <acalvo> JJman: try to purge phpmyadmin
[15:41] <acalvo> then delete anything it can leave
[15:42] <JJman> ugg thats exactly what i already did
[15:42] <acalvo> mmm
[15:42] <JJman> ok trying again.  should i deconfigure db?
[15:43] <acalvo> mmm
[15:43] <acalvo> try to remove the DB from mysql
[15:43] <acalvo> but not mysql
[15:43] <nxvl> kirkland: question about encrypted home directory: if i boot a livecd and change the password by hand (crack the user login using a livecd) will that password decrypt my home directory aswell?
[15:44] <JJman> arg it fails
[15:44] <JJman> prolly cause my user is no longer called root
[15:45] <acalvo> JJman: mysql root?
[15:45] <JJman> yea i renamed it
[15:45] <JJman> reinstalling
[15:46] <acalvo> oh
[15:46] <acalvo> well, does not matter
[15:47] <JJman> ok here's the problem.  when i install phpmyadmin it wants to REMOVE mysql 5.1 client & server & install 5.0
[15:47] <JJman> I DON"T WANT 5.0  why the 3)($@#)$(*@#() is it doing this
[15:48] <acalvo> JJman: the problem is not related to phpmyadmin
[15:48] <acalvo> Depends: libapache2-mod-php5 | php5-cgi | php5, php5-mysql | php5-mysqli, php5-mcrypt, perl, debconf (>= 0.5) | debconf-2.0, dbconfig-common
[15:50] <JJman> why is it downgrading mysql version then.
[15:50] <mathiaz> smoser: bug 475354
[15:50] <mathiaz> smoser: I think we've already discussed this around release time - what was the outcome again?
[15:50] <JJman> The following packages will be REMOVED:
[15:50] <JJman>   mysql-client-5.1 mysql-server-5.1
[15:51] <JJman> The following extra packages will be installed:
[15:51] <JJman>   mysql-client mysql-client-5.0
[15:51] <acalvo> JJman: it seems that some other package needs mysql-5.0
[15:52] <JJman> its not even reinstalling mysql server  only the client.  This is fubar
[15:52] <smoser> mathiaz, i think we determined that it wasn't release critical.
[15:52] <mathiaz> smoser: agreed.
[15:52] <smoser> and i dont really have a great idea on how to solve it. local-hostname pretty clearly is "local hostname"
[15:53] <mathiaz> smoser: IIRC it was an issue in ec2-init
[15:53] <smoser> well, the bug is very clear and does a good job of explaining.
[15:53] <smoser> on ec2, the 'local-hostname' metadata includes a local hostname
[15:53] <smoser> on euc, it contains an ip address
[15:54] <smoser> so when ec2-init consumes this, and sets hostname, it uses the first dot-delimited token of the ip address
[15:54] <mathiaz> smoser: ah right. It's an issue with UEC meta-data service then
[15:55] <smoser> obviously we could be more forgiving in ec2, but ideally euca would provide a hostname in something labeled 'hostname'
[15:55] <smoser> the issue is that i'm not sure if euca deals with hostnames at all right now
[15:55] <JJman> so does this mean phpmyadmin is useless if i want to use the mysql 5.1
[15:56] <smoser> ie, i dont know that they provide a dns service for the local names where such a generated hostname would resolve
[15:56] <acalvo> JJman: no, since I've it installed correctly
[15:57] <JJman> errr whats that then
[16:00] <mathiaz> smoser: re bug 421707 - up to hardy landscape-client (and its dependency such as smart) wasn't in the official archive
[16:00] <mathiaz> smoser: they're published in the landscape PPA/archive instead
[16:00] <smoser> mathiaz, right. thus the need for copying to ppa. you need to read the bug, mathiaz
[16:00] <smoser> they're *not* there :)
[16:01] <mathiaz> smoser: they're at http://landscape.canonical.com/packages/hardy
[16:02] <smoser> hm... why the dual maintenance ? ppa and above
[16:03] <smoser> that said, i talked with free, and the ppa is in the process of being updated.
[16:03] <mathiaz> smoser: great.
[16:03] <mathiaz> smoser: in the past, PPA weren't signed
[16:03] <smoser> ah.
[16:04] <mathiaz> smoser: and back in the hardy/dapper timeframe PPA didn't exist at all (not sure for hardy)
[16:09] <kirkland> ttx: nurmi: zoopster: http://pastebin.ubuntu.com/310696/
[16:19] <lenios> nxvl, the newly generated password won't be able to decrypt the data
[16:20] <nxvl> lenios: that's what i thought
[16:21] <acalvo> JJman: try searching another package
[16:21] <acalvo> JJman: BTW, did you update or is a fresh install?
[16:24] <MagicFab> anyone with IPMI here ? I can't seem to access IPMI information from the LAN. -I open work fine though.
[16:24] <MagicFab> Can't ping the IPMI IP either, this is on a Dell PE 1850
[16:39] <Reepicheep> MagicFab: I use IPMI,  it's kinda a love hate relationship .. just not on a dell
[16:40] <Reepicheep> if you can't ping .. it probably isn't configured correctly
[16:40] <Reepicheep> does your IPMI use a dedicated nic or does it share one of the system nics?
[16:41] <timrc> MagicFab: You're clearly another early adopter bloodied by Ubuntu's Karmic Koala, even if you aren't even using Karmic Koala :)
[16:42] <MagicFab> Reepicheep, shared
[16:42] <MagicFab> Reepicheep, at boot it reports DHCPing to a valid network address on my LAN though
[16:42] <MagicFab> timrc, nice troll
[16:43]  * timrc wipes a tear from his eye and goes back under his bridge
[16:44] <Reepicheep> does Dell provide you with a configuration utility that runs from linux? or do you have to configure it from the bios or boot media of some sort?
[16:45] <Reepicheep> I have never actually used ICMP with DHCP.. I have always set static IP on them
[16:55] <jmedina> Reepicheep: try http://linux.dell.com/
[17:08] <Reepicheep> jmedina: thanks, I guess that came across as me asking the question .. I don't actually use dell servers. the question should of been directed at MagicFab
[17:15] <alex88> mmhh.. x forwarding, installed gedit on server, ssh -X, #gedit -> Gtk-WARNING **: cannot open display: any help?
[17:18] <ghankstef> I have this in my crontab for the aegir user: /usr/bin/php '/var/aegir/drush/drush.php' hosting dispatch --php="/usr/bin/php" --root='/var/aegir/hostmaster-0.4-alpha2' --uri=http://aegir.advanceitmn.org
[17:18] <ghankstef> but get a mial form cron saying: cannot open ?php: No such file
[17:18] <ghankstef> mail
[17:18] <ghankstef> where did I go wrong
[17:18] <ghankstef> ?
[17:18] <ghankstef> runs fine from the command line as aegir user
[17:24] <ghankstef> hmm this appears related http://drupal.org/node/615364
[17:29] <ghankstef> looks like putting SHELL=/bin/bash at top of crontab may do the trick  - would explain why it works when running as aegeir iser from command line as I gave aegir the bash shell
[17:44] <jcastro> kirkland, 15 minute warning sir!
[17:44] <kirkland> jcastro: word
[17:44]  * kirkland fills up coffee cup
[17:46] <greenfly> anyone noticed karmic kickseed seeming to ignore kickstart-style partitioning?
[17:47] <greenfly> same partition config that worked with jaunty stopped working on karmic
[17:47] <greenfly> just generated a new partition section from system-config-kickstart in case syntax changed, and it still pops up with the standard partition dialog
[17:56] <netrat> i'm using postfix along with spamassassin and procmail. i have postfix set to hand over email to procmail with mailbox_command = /usr/bin/procmail.... my procmail configuration file is in /etc/procmailrc, everything is working except the user's .procmailrc in their home directory is not processed. can you have a global procmail configuration and per-user at the same time?
[18:14] <xperia2> bogeyd6-: are you online ? have added to my bind9 domain conf fil db.mydomain.com the mx line for resolving mails on my ubuntu server as i want to send and recieve mails on my server. but for what exactly is the number 10 good in this line
[18:14] <xperia2> IN      MX      10      smtp.example.com.
[18:14] <xperia2> isnt it better having @    IN      MX      smtp.example.com.
[18:15] <Reepicheep> xperia2:  the number is the priority
[18:15] <palt> I have a karmic server and have configured /etc/network/interfaces to use a static ip. When I run /etc/init.dnetworking restart I get the correct static ip, but after some time, the server have taken a new dhcp ip. Why is that?
[18:15] <Reepicheep> the lower the number the higher the priority
[18:17] <Reepicheep> xperia2: the @ sign usually just indicates a record for the domain itself opposed to a record for a host within that domain
[18:18] <Reepicheep> palt: can you pastbin your interfaces file?
[18:18] <xperia2> ahh okay in this case i dont need this @
[18:18] <xperia2> for the mail resolving
[18:19] <Reepicheep> xperia2: I usually explicitly define the domain where the @ sign is just to be safe.. something like this:
[18:19] <Reepicheep> example.com. IN MX 10 smpt.example.com.
[18:21] <palt> Reepicheep: http://pastebin.com/d1bcb7ca4
[18:22] <smoser> kirkland, ping
[18:22] <palt> I have a lot of debian servers and there I only need to change the /etc/network/interfaces to configure the static ip's :)
[18:23] <kirkland> smoser: very occupied in #ubuntu-classroom right now
[18:23] <smoser> ah
[18:23] <smoser> k
[18:23] <Reepicheep> palt: that looks ok.. you are after a 23bit mask, is that correct?
[18:23] <xperia2> Reepicheep: interessting ! could it be that you have a working mail server on your ubuntu. this is something that i am trying at the moment to do. i can send mails allready over my isp mail gateway but i need to recieve mails on my server using my domain
[18:23] <smoser> later then.
[18:24] <zul> wheee did my first merge with bzr-builddeb
[18:25] <Reepicheep> xperia2: you should be able to test your DNS settings with dig to verify that the MX records are set correctly
[18:25] <Reepicheep> they need to be set before you will be able to receive mail
[18:27] <xperia2> Reepicheep: thanks for the hint. i have chaged the line as you described and executed dig for testing my dns
[18:27] <xperia2> this here is the output http://pastebin.com/d3ff99c95
[18:28] <xperia2> it looks like that my mx entry is not working
[18:28] <palt> Reepicheep: As far as I can remember yes :)
[18:29] <palt> Reepicheep: I could add that this is a virtual machine, but it is the only one on the host with this problme
[18:29] <jcastro> greenfly, an installer person would probably know better, evand perhaps?
[18:29] <palt> *problem
[18:29] <jcastro> greenfly, I don't use partitioning in my kickstarts so I can't really check
[18:29] <Reepicheep> xperia2: call dig this way to check your MX records "dig example.com MX"
[18:30] <greenfly> jcastro: I know cwatson has done a lot of work on it as well
[18:30] <xperia2> Reepicheep: thanks will test again !
[18:30] <jcastro> greenfly, yeah it's either one or the other
[18:30] <greenfly> jcastro: just weird that it all just stopped working
[18:31] <greenfly> it's like the clearpart command takes effect but any part lines are ignored now
[18:31] <jcastro> do we know if it changed upstream?
[18:31] <jcastro> I recall a spec at some point about catching up to upstream kickstart commands
[18:31] <jcastro> but it's all a blur right now
[18:32] <greenfly> jcastro: that's why I tried to test with system-config-kickstart assuming if the syntax changed it'd be reflected in there
[18:32] <greenfly> if the syntax /has/ changed, it hasn't made it to that package
[18:32]  * jcastro nods
[18:33] <xperia2> Reepicheep: WoooW ! it looks great now :-) http://pastebin.com/d2b9e0dfd
[18:33] <jcastro> greenfly,  my upgrade went fine, however I haven't tried a kickstart since then
[18:33] <jcastro> if I find something I'll let you know
[18:34] <greenfly> thanks. if you use the automated partitioner schemes you probably won't notice anything
[18:34] <jcastro> I do
[18:34] <greenfly> but if you want to do anything outside of that, like add a /home or /opt or whatever, it seems to not work
[18:34] <jcastro> I choose the "blow up my disk for all I care" option
[18:34] <xperia2> need now to open the smtp port on the router and test if i am able to receive mails :-)
[18:34] <greenfly> tried to revert to a preseed config too and that didn't seem to be seen either
[18:35] <greenfly> jcastro: yeah I blow away any existing partitions, but it's more like it's just not reading the part lines
[18:35] <Reepicheep> xperia2: yeah.. according to that you have your MX records defined correctly on your name servers
[18:36] <Reepicheep> xperia2: it looks like you are using an internal name server.. if you want email from the Internet you need to make sure that your public Name servers for your domain resolve correctly
[18:36] <Reepicheep> xperia2: in addition to your internal name server
[18:38] <netritious> Hi, i installed iptables in karmic server i386, but I receive the error 'FATAL: Module ip_tables not found.' (full error: http://pastebin.com/m7e502f61 ). iptables -h returns the help text so it is installed. I think it's configuration but not sure...how to fix?
[18:40] <xperia2> Reepicheep: thank you for this clarification ! at the moment the webdomain is not activated but it will be in the next 2 days. testing at the moment if it will work to send a mail like to test@x.x.x.x (staticip) and if it will works for at least to know if everything works good on the ubuntu server
[18:40] <Reepicheep> netritious: what kernel are you running?
[18:40] <netritious> 2.6.31-14-generic-pae
[18:40] <jmedina> a
[18:41] <Reepicheep> netritious: is that a minimal JEOS install then?
[18:41] <netritious> Reepicheep: yes..I used mode 'minimal vm' for install
[18:42] <netritious> Reepicheep: running in a VMware Server 1.0.9 vm
[18:42] <Reepicheep> netritious: that kernel may not include that module
[18:43] <Reepicheep> netritious: run this to see if the modules even is there for that kernel
[18:43] <Reepicheep> find /lib/modules/`uname -r` -name ip_tables.ko
[18:44] <netritious> Reepicheep: empty return
[18:45] <Reepicheep> netritious: the JEOS install is very stripted down .. even the kernel is
[18:45] <xperia2> well with thunderbird sending a mail to a adress like this test@x.x.x.x (staticip) dont work at least have to wait till the domain is activated
[18:46] <netritious> Reepicheep: hm, so reinstall or recompile kernel?
[18:46] <Reepicheep> netritious: you may be able to install the server kernel in the JEOS install
[18:47] <netritious> Reepicheep: I'm definitely interested in something expedient
[18:48] <netritious> Reepicheep: however, I'm not so far in that I can't just reintall
[18:49] <Reepicheep> netritious: well backup anything important first.. but you may be able to just run:
[18:50] <Reepicheep> sudo apt-get install linux-image-server
[18:51] <smoser> soren, zul ping
[18:51] <zul> smoser: yeeeeeees?
[18:51] <smoser> what do you think about this... we build hardy images with ubuntu-on-ec2 ppa
[18:51] <zul> smoser: we are doing that now arent we?
[18:52] <smoser> the existing images (20090422) do not have said ppa in their /etc/apt/sources.list
[18:52] <smoser> should that be "fixed" ?
[18:52] <zul> yeah that was on purpose
[18:52] <zul> afair we only wanted the basic /etc/apt/sources
[18:53] <zul> besides if you happen to upload a "corrupt" image with a broken ec2-init then you will have some upset users ;)
[18:54] <smoser> right. thats what i was thinking... although, that is the case with the real archive too
[18:54] <smoser> and if we did put the ubuntu-on-ec2 ppa in, we'd need to get the keys in there also
[18:54] <netritious> Reepicheep: apt replied that it required linux-image-generic-pae, which in turn required linux-image-image-2.6.31-14-generic-pae..installing atm
[18:55] <zul> smoser: true but the other use-case is that these can be throw away iamges
[18:55] <smoser> what is "these" ?
[18:56] <zul> smoser: the images sorry im context switching between multiple things
[18:57] <smoser> the reasoning i'd have for this is that you have software from a repository installed on /, i think ideally the repository from which it came is in your sources.list. but i wont go against the existing solution now. especially since it is only for hardy (ie, no need for this in karmic/lucid)
[18:57] <zul> ok
[18:57] <smoser> just wanted to see if you thought it was just overlooked and badly broken. i'm happy knowing someone else thought aobut it
[18:58] <zul> smoser: no problem
[18:58] <zul> thanks for asking
[19:01] <netritious> Reepicheep: ok, it's stange to me this worked, but apt-get install linux-image-`uname -r` did the trick
[19:01] <netritious> Reepicheep: well that and a reboot
[19:04] <netritious> Reepicheep: oh, and before the reboot i did follow that up with apt-get install linux-image-generic-pae and apt-get install linux-image-server...
[19:04] <netritious> Reepicheep: after reboot sudo iptables -L does not return an error (works as expected)
[19:13] <netritious> Reepicheep: there seems to be a 'gotcha'...on boot I receive this error now: ACPI: I/O resource piix4_smbus [0x1040-0x1047] conflicts with ACPI region SMB_ [0x1040-0x104b]..this happened with hardy and jaunty (all vairants)..the only ill affect being a 20-30 sec latency on boot
[19:16] <netritious> Reepicheep: I was pleasantly surprised when I used the minimal_vm mode for install that this the issue was resolved...so is there to track down the offending module and disable it?
[19:18] <netritious> *is there a way
[19:21] <kirkland> smoser: back now
[19:21] <kirkland> smoser: wazzup
[19:21] <smoser> regarding perisstent network storage
[19:22] <smoser> you mentioned NFS or iscsi
[19:22] <smoser> but impllied that the guests disks were stored as images on a filesystem
[19:23] <smoser> (as they are right now)
[19:23] <kirkland> smoser: right NFS clearly being a joke
[19:23] <kirkland> smoser: right
[19:23] <kirkland> smoser: it could be iscsi as a disk image itself
[19:24] <smoser> right. the other option is that the instance actually is given a block device that the host also sees as a block device
[19:24] <smoser> and that block device is detached and attached to migrated-to host
[19:24] <smoser> i think that is more "how the big boys would do it"
[19:25] <netritious> pace_t_zulu: how's it going?
[19:25] <pace_t_zulu> netritious: good ... u?
[19:25] <netritious> good :)
[19:26] <smoser> i'd be surprised if that were achievable in lucid, but that allows you to so much more take advantage of high end storage. kirkland
[19:26] <smoser> and, kirkland, how'd your class go ?
[19:26] <kirkland> smoser: well enough ;-)
[19:26] <kirkland> smoser: i think that's an excellent approach
[19:26] <kirkland> smoser: and agree with "big boys" comment
[19:26] <kirkland> smoser: maybe "big people"
[19:26] <kirkland> smoser: hmm, that's probably offensive too
[19:26] <smoser> true
[19:27] <kirkland> smoser: "adults"?
[19:27] <kirkland> smoser: offends kids....
[19:27] <smoser> cool kids
[19:27]  * kirkland gives up
[19:27] <kirkland> smoser: ah, but that offends the geeks and dorks
[19:27] <kirkland> smoser: anyway, you should respond on thread with that
[19:27] <kirkland> smoser: or add it to the wiki
[19:27] <smoser> but really,thats not going to happen in lucid
[19:28] <kirkland> smoser: mdz indicated that persistent network storage is not required for lucid either
[19:28] <kirkland> smoser: so we should keep it tracked as wishlist
[19:28] <smoser> yeah... that sucks
[19:28] <kirkland> smoser: but i agree, that we'll need it for UEC to really hit the "big time"
[19:28] <smoser> cause copying GB of disk isn't going to be performance friendly
[19:28] <kirkland> smoser:  and to accomplish that would be *phenomenal*
[19:28] <kirkland> smoser: nope; i agree
[19:28] <smoser> especially when you're doing multiple of those copies at once
[19:28] <kirkland> smoser: and we're the ones who are going to be dev'ing and testing it
[19:29] <smoser> :)
[19:29] <smoser> i'm not certain that kvm live migration does this anymore, but at least xen used to...
[19:29] <smoser> they dont stop the machine and then copy the memory
[19:29] <smoser> they copy it and sync it in place
[19:30] <smoser> then stop and do a refresh
[19:30] <smoser> much faster than copying 512M (or 8G) all at once
[19:41] <Reepicheep> netritious: did you get it figured out.. I was away for awhile
[19:46] <netritious> Reepicheep: np, i really appreciate your help..iptables appears to work now, but a new problem has popped up..on boot I receive the error I mentioned above: 'ACPI: I/O resource piix4_smbus...'
[19:48] <kirkland> mathiaz: do we have a wiki page dedicated to Server testing?
[19:49] <Reepicheep> netritious: I don't know if I can help you much with that one.. but it looks like it is a known issue via the message it outputs
[19:51] <Reepicheep> and it doesn't look like it is serious.. I'm would guess it never showed up before because that part of the kernel probably didn't exist in the striped down JEOS kernel
[19:53] <netritious> Reepicheep: I've seen the error on all VMware Server vm's with Ubuntu 8.04+ including jeOS/minimal until today when I tried the minimal_vm install mode with karmic..
[19:53] <netritious> Reepicheep: the error appeared after apt-get install linux-image-`uname -r` linux-image-generic-pae linux-image-server...
[19:54] <netritious> Reepicheep: so now I'm wondering exactly what's the difference is before/after the commands in the system config..i'm not certain how those commands affect the system to be honest
[19:56] <xperia2> hello to all.i have a small question about autobuilders. can somebody tell me what for a autobuilder this here is http://tinderbox.openembedded.net/search/
[19:56] <soren> smoser: If you're fixing up the hardy images, we should get whatever packages are in the ppa SRU'ed into Hardy proper.
[19:56] <Reepicheep> netritious: that makes sence .. it must be something with ACPI and VMWare.. eigther the VM JEOS kernel has it fixed or just doesn't load what ever is causing the message
[19:56] <Reepicheep> the issue for you is that the VM JEOS kernel doesn't include iptables support
[19:56] <soren> smoser: The PPA was a temporary measure.
[19:57] <netritious> Reepicheep: exactly
[19:57] <smoser> soren, well, for landscape, i'd leave that up to the landsape folks. for ec2-init i wasn't planning on SRU and inclusion
[19:57] <smoser> but if you think that is something that is acheivable then we should probably target that.
[19:57] <Reepicheep> netritious: accourding to what it printed out the only issue is a delay at boot
[19:58] <smoser> actually, soren i dont know.
[19:58] <smoser> https://launchpad.net/~ubuntu-on-ec2/+archive/ppa
[19:59] <smoser> it would be a major undertaking to get all of those in. ec2-init , ec2-api-tools, ec2-ami-tools, linux-xen, landscape-client, smart
[20:00] <netritious> Reepicheep: true, but any error on boot irks at me, at least until I give in and move on :)
[20:00]  * Reepicheep does the same..
[20:02] <smoser> soren, you think we want to do all of that into hardy proper ?
[20:02] <netritious> Reepicheep: ok, so for kicks and giggles I ran apt-get install linux-image-virtual, rebooted and the ACPI/SMB_ conflict error is gone, but iptables is not loaded lol..what a vicious cycle
[20:02]  * netritious may not have his cake and eat it too
[20:03] <Reepicheep> netritious: you can always compile your own kernel ;-)
[20:05] <netritious> Reepicheep: i know, but i'm a big chicken lol
[20:05] <smoser> Reepicheep, netritious (regarding compiling your own kernel): http://xkcd.com/456/
[20:06] <zul_> smoser: you can probably get them into hardy-backports though
[20:07] <zul> smoser: also you only really need ec2-init, ec2-api-tools, ec2-ami-tools, landscape-client, smart  SRUed
[20:07] <zul> linux-xen can be worked around
[20:08] <smoser> well, not so much. it is installed in the image and provides kenrel modules.
[20:08] <zul> smoser: you could use the standard xen kernel on hardy
[20:08] <smoser> and the point getting this somewhere else would be to *not* workaround.
[20:08] <zul> you just need a work around
[20:09] <netritious> smoser: lmao, that pretty much sums up what I've read about it
[20:11] <smoser> zul, maybe i'm missing something then.. what do you mean use standard xen kernel on hardy ?
[20:11] <smoser> and if that works, then why do we have what we have in ppa ?
[20:11] <zul> kirkland: hardy ships a dom0/domU kernel
[20:12] <kirkland> zul: ?
[20:12] <zul> smoser: because the requirements at the time was only to have domU
[20:12] <zul> s/kirkland/smoser/g :)
[20:12] <zul> kirkland: sorry is there a wiki page for things that should be tested for in lucid?
[20:13] <kirkland> zul: hmm, like what?
[20:13] <kirkland> zul: are you referring to mdz's question on the list?
[20:13] <kirkland> zul: i was asking mathiaz for a pointer, before I go create one
[20:13] <zul> kirkland: indeed i am
[20:13] <soren> smoser: smart?
[20:13] <zul> kirkland: ah ok...maybe i should stay off the caffine ;)
[20:14] <kirkland> zul: seems that mathiaz has disappeared though
[20:15] <smoser> soren, dependency of landscape-client
[20:17] <zul> kirkland: ok i have a couple of ideas to add as well when the page goes up
[20:17] <soren> smoser: Err... I had /no/ idea we had that in there as well.
[20:17] <soren> $ wget -q -O - http://launchpadlibrarian.net/25136184/smart_0.52-2_1.1.1%7Ebzr20081010-0ubuntu0.8.10.1%7Eppa1.diff.gz | zcat -d | diffstat | tail -n 1
[20:17] <soren>  168 files changed, 50005 insertions(+), 40443 deletions(-)
[20:17]  * soren is not unambiguously excited
[20:18] <Reepicheep> smoser: that's funny.. (and that's comming from a long time gentoo user)
[20:18]  * Reepicheep is a recent convert to using ubunt on the server side of things
[20:19] <xperia2> anybody here with experinece for installing and running the autobuilder software tinderbox or simillar ?
[20:26] <mathiaz> kirkland: hm - not really.
[20:26] <mathiaz> kirkland: we used to have https://wiki.ubuntu.com/Testing/Server
[20:26] <mathiaz> kirkland: that page is empty now though
[20:26] <mathiaz> kirkland: https://wiki.ubuntu.com/ServerTeam/KnowledgeBase#Tester%20resources
[20:27] <mathiaz> kirkland: ^^ may need to be updated for more Testing ressource
[20:28] <kirkland> mathiaz: okay, i'll create one
[20:30] <cemc> kirkland: how can I specify an .iso file for a guest in virt-manager when installing? I can't seem to find a way to browse to where the iso file is
[20:37] <smoser> nekro_, around ? i'm looking for insight to bug 461156.
[20:55] <kirkland> where did zul go?
[20:55] <kirkland> mathiaz: https://wiki.ubuntu.com/Testing/Server
[20:55] <kirkland> mathiaz: just a first draft
[20:59] <mathiaz> kirkland: cool - thanks
[21:00] <ruben23> hi tried to install wubi for my ubuntu desktop, but during installtion i get error occurred---> permission denied on the installation process in windows
[21:02] <xperia2> Reepicheep: do you know why i cant resolve some names on my ubuntu server ? the following command svn co http://svn.exactcode.de/t2/trunk t2-trunk give me this error messagesvn: OPTIONS of 'http://svn.exactcode.de/t2/trunk': Could not resolve hostname `svn.exactcode.de': Host not found (http://svn.exactcode.de)
[21:04] <smoser> kirkland, you want ec2 mentioned there ?
[21:04] <kirkland> smoser: yeah!
[21:04] <xperia2> nslookup of svnexactcode.de give me this here http://pastebin.com/d6b332965
[21:04] <kirkland> smoser: that list was not exhaustive :-)
[21:04] <smoser> y
[21:04] <smoser> editing
[21:09] <qvqvqv> hello
[21:09] <Reepicheep> xperia2: does the "host" command and dig both also return the correct IP?
[21:09] <stephanee> hi all
[21:10] <qvqvqv> i have a quick question, was just wondering if ubuntu server 9.10 comes with a statically linked sh anywhere in the filesystem?
[21:11] <stephanee> I've just installed an ubuntu server 9.10 but I can't install php5.3 dotdeb' packages because of a broken libapache2-mod-php5. I have already installed it the same way last week and it worked all out fine. Does someone can help me ?
[21:11] <xperia2> Reepicheep: dig works good http://pastebin.com/d622c1464
[21:12] <xperia2> host works also good http://pastebin.com/d26cd82f8
[21:13] <xperia2> strange before some miuntes i was able to access the svn repository on a another pc
[21:13] <Reepicheep> k.. and nothing funny in your /etc/hosts file?
[21:14] <Reepicheep> and are you running nscd anywhere?
[21:14] <xperia2> http://pastebin.com/d191e3989
[21:14] <xperia2> i have bind9 running for resolving my new domain for my server
[21:15] <xperia2> i want somehow a own small hosting server with dns, web and mail
[21:15] <xperia2> for multiple webservices
[21:16] <xperia2> for nscd i have to look wih top
[21:16] <Reepicheep> xperia2: and your running svn from a client that is using the server running bind as it's nameserver?
[21:17] <Reepicheep> check your /etc/resolv.conf file
[21:17] <xperia2> what i can say my ubuntu is having the last days heav lags. if i execute a command over ssh to the server i need to wait till 1 minute till i get a response
[21:18] <xperia2> yes i am conected to the server over ssh and i am executingall this commands as a client  over ssh
[21:18] <xperia2> good
[21:19] <xperia2> resolv.conf => http://pastebin.com/d31bba1f2
[21:20] <xperia2> the same lag happen also if i execute a command direct on the server by using the keyboard
[21:20] <Reepicheep> so that resolv.conf is the one from the server? and your are running svn on the server, correct?
[21:20] <xperia2> yes you are right
[21:21] <Reepicheep> xperia2: you may make sure that the hostname of the server is in the /etc/host file
[21:21] <MagicFab> hi all - where would someone install some third party application.. /usr/local/ ? As in "I want the next sysadmin to know it's there"..
[21:22] <Reepicheep> make sure it can resolve itself also
[21:22] <sommer> MagicFab: I like /opt... but that's just me :)
[21:23] <xperia2> Reepicheep: thanks for the hint.
[21:23] <Reepicheep> MagicFab: if your not gonig to install it from packages /usr/local is a good place. or /opt is common also
[21:24] <MagicFab> I can't find any reference to that in Ubuntu docs or in LSB's.
[21:24] <MagicFab> tx I'll look for references top /usr/local
[21:28] <xperia2> Reepicheep: should i use 127.0.0.1 as a ip or the lan ip together with the hostname ? what is better ?
[21:29] <xperia2> my file looks now as follow http://pastebin.com/d38a960d9
[21:29] <andol> MagicFab: I would say /usr/local is the right place for you to install stuff yourself. /opt is more for none-distro installers, kind of
[21:30] <xperia2> hostname give me this here:
[21:30] <andol> MagicFab: http://www.pathname.com/fhs/pub/fhs-2.3.html#USRLOCALLOCALHIERARCHY and http://www.pathname.com/fhs/pub/fhs-2.3.html#OPTADDONAPPLICATIONSOFTWAREPACKAGES
[21:30] <xperia2> $ hostname
[21:30] <xperia2> wificom.ch
[21:33] <MagicFab> andol, great! thank you.
[21:37] <xperia2> Reepicheep: It works ! you are great man :-)
[21:41] <FFEMTcJ> When I try to install a PPA on ubuntu server, I get the error add-apt-repository: command not found.. Is there a package I have to install for it to work?
[21:44] <andol> FFEMTcJ: python-software-properties
[21:45] <FFEMTcJ> thanks andol
[21:47] <nijaba> smoser: heya.  I think that the email you sent to the ubuntu-cloud should also be sent to ubuntu-ec2.  WDYT?
[21:48] <smoser> wdyt?
[21:48] <smoser> yeah, i think it should be, and will send it there.
[21:48] <Reepicheep> xperia2: np
[21:49] <smoser> nijaba, done.
[21:49] <nijaba> smoser: great, thanks a lot
[21:50]  * smoser is so lame, i had to google wdyt
[21:50] <smoser> but didn't understand why you were talking about a charlotte talk radio station
[21:50] <kane_> hah
[21:51]  * nijaba googles acronyms all the times but never tells anyone :P
[21:51] <Aw0L> does the current LTS release have an option to encrypt partitions during the install?
[21:51] <nijaba> Aw0L: yes, you can set up encreypted partition in 8.04LTS
[21:52] <nijaba> Aw0L: but not just home directories as in 9.10
[21:52] <Aw0L> nijaba: 9.10 only allows for encrypted home directories, but not / ?
[21:53] <nijaba> Aw0L: 9.10 allows both
[21:53] <Aw0L> oic, I misunderstood - thanks!
[21:53]  * nijaba was not that clear either
[21:53] <ninjah> Aw0L: I think you need the alternate CD
[21:54] <Aw0L> okay, I'll test it out in a VM
[21:54] <nijaba> ninjah: nope, that's straight in the strandard server installer
[21:54] <Aw0L> thanks
[21:54] <mneptok> Aw0L: encrypted partitions on a server install should use a random key, not a passphrase.
[21:54] <ninjah> nijaba: Oh, well why would you need that on a server
[21:54] <ninjah> ???
[21:54] <lenios> random key?
[21:54] <ninjah> once the system is running everything is unencrypted
[21:54] <nijaba> ninjah: in case someone steals your server?
[21:54] <mneptok> Aw0L: otherwise you will need physical access to the machine every time it boots.
[21:55] <ninjah> nijaba: I see...
[21:55] <Aw0L> that makes sense
[21:55] <Aw0L> normally how swap partitions are encrypted no?
[21:56] <mneptok> correct
[21:56] <nijaba> ninjah: this happens more often that you think, btw
[21:56] <mneptok> Aw0L: of course, using a random key means anyone that steals your server just has to boot it.
[21:56] <nijaba> Aw0L: yes, if you need security, then please encrypt swap or you'll have a lot of your ram laying unencrypted on your disk.
[21:57] <Aw0L> mneptok: true, but they would then have to find some way of breaking into your box - they can't just boot off of a live flash drive and mount your drive
[21:57] <nijaba> Aw0L: kirkland is the expert on the subject if he has a few cycles to spare
[21:57] <lenios> mneptok, i don't follow you with that random key
[21:57] <mneptok> Aw0L: correct. but any server that can reboot unattended only needs the power button pressed to gain access
[21:57] <ninnypants> I'm trying to run dovecot as the mda for postfix but I keep getting this error:
[21:57] <ninnypants> postfix: fatal: /etc/postfix/main.cf, line 49: missing '=' after attribute name: "dovecot unix - n n - - pipe flags=DRhu user=vmail:vmail argv=/user/lib/dovcot/deliver -f ${sender} -d ${recipient}"
[21:58] <mneptok> lenios: what is unclear?
[21:58] <Aw0L> mneptok: howso?
[21:58] <lenios> what is this random key? how is it generated?
[21:59]  * nijaba switches to a star filled frequency...  have a good one...
[21:59] <mneptok> Aw0L: if you want a server to boot without a human being physically present to grant access to partitions, then all someone has to do is take the machine, and plug it in and power it on elsewhere.
[22:00] <mneptok> lenios: http://publib.boulder.ibm.com/infocenter/lnxinfo/v3r0m0/index.jsp?topic=/liaai/secure/liaaisecureencryptswappsles.htm
[22:00] <Aw0L> mneptok: are you referring to someone gaining access to unencrypted partitions?
[22:00] <mneptok> Aw0L: no, encrypted partitions.
[22:00] <ninjah> Aw0L: I don't see the point of encrypting partitions on a server.
[22:00] <mneptok> Aw0L: dm-crypt uses a passphrase or random key.
[22:01] <mneptok> Aw0L: if you encrypt using a passphrase, every time that server boots someone will have to be sitting in front of it and enter the passphrase. not a good idea.
[22:01] <Aw0L> right
[22:02] <mneptok> Aw0L: if you use a random key, like for a swap partition, the machine will *automatically decrypt* those partitions when it boots.
[22:02] <Aw0L> but when it's automatically decrypted, one would still have to break into the box to access files
[22:02] <ninjah> if the server "automatically decrypts" the partitions then you have no security at all.
[22:03] <mneptok> i come to your datacenter. i steal you machine. i take it home, and boot to recovery mode and set a root password. i restart the machine. the encrypted partitions are *automatically decrypted* and i have access.
[22:03] <lenios> oh, the random key is for the swap
[22:03] <Aw0L> ah
[22:04] <ninjah> Encrypted partitions are good for workstations and laptops. I don't see any reason to encrypt a server drive.
[22:04]  * mneptok nods
[22:04] <Aw0L> I was thinking moreso a separate partition to stick sensitive files
[22:04] <Aw0L> still doesn't seem worth it when I can use file encryption when necessary
[22:05] <mneptok> well, then choose whether you want to have to be physically present every time the machine starts, or have worthless security. :)
[22:06] <Aw0L> well if it's not a critical partition, it wouldn't need to be mounted at startup
[22:06] <Aw0L> could be decrypted from the cli
[22:06] <Aw0L> of ssh
[22:07] <Aw0L> still, periodic file encryption seems more pratical
[22:07] <Aw0L> thanks for the input
[22:09] <kees> heya mneptok
[22:09] <mneptok> kees: heya!
[22:10] <mneptok> kees: i assume you'll be at UDS?
[22:11] <kees> mneptok: totally :)
[22:12] <mneptok> smashing
[22:13] <adurity> where can I find some solid documentation on using upstart?
[22:14] <lenios> http://upstart.ubuntu.com/getting-started.html ?
[22:16] <adurity> lenios, thanks
[22:19] <ninnypants> I'm trying to run dovecot as the mda for postfix but I keep getting this error:
[22:19] <ninnypants> postfix: fatal: /etc/postfix/main.cf, line 49: missing '=' after attribute name: "dovecot unix - n n - - pipe flags=DRhu user=vmail:vmail argv=/user/lib/dovcot/deliver -f ${sender} -d ${recipient}"
[22:20] <ninnypants> from the walkthroughs I've found adding that line to postfix's main.cf should allow me to use dovecot as the mda but I keep getting that error and can't find anything on it
[22:22] <kirkland> nijaba: i'm here now, but i see that Aw0L has left
[22:23] <jmedina> ninnypants: could you please pastebin de dovecot line in master.cf?
[22:29] <ninnypants> jmedina: http://pastebin.org/51261 sorry it took so long I ran into one of the greatest uses of javascript ever
[22:39] <adurity> I'd like to run a script based on the presence of certain hardware at boot.  Can upstart help me do this today?
[22:41] <foxbuntu> adurity, what exactl are you trying to accomplish?
[22:42] <adurity> I'd like to change my xorg.conf file based on which video card is installed
[22:44] <lenios> you're changing the video card between boots?
[22:46] <adurity> lenios, yes. well really, i'm booting both as a VM and a physical machine, so in effect I have multiple video cards
[22:47] <foxbuntu> adurity, what?
[22:47] <foxbuntu> adurity, Im not sure I follow, thats two machines, two configs
[22:47] <foxbuntu> unless you are converting back and fourth
[22:52] <adurity> using VirtualBox, you can link a physical disk to a virtual machine.  By doing this, I am able to boot the same ubuntu install either through a VM or by directly booting.
[23:01] <jmedina> ninnypants: this is wrong
[23:01] <jmedina> user=vmail:vmail
[23:01] <jmedina> it doesnt use chown sintax :)
[23:01] <jmedina> change it to user=vmail
[23:08] <jmedina> and this is argv=/user/lib/dovcot/deliver
[23:08] <jmedina> that should be /usr...
[23:17] <ninnypants> still gives the same error
[23:17] <ninnypants> but if I put an = after dovecot it doesn't error
[23:18] <jmedina> show the new line
[23:23] <ninnypants> doesn't error: http://pastebin.org/51266 your suggestions: http://pastebin.org/51266
[23:24] <ninnypants> sorry second link should be http://pastebin.org/51267
[23:24] <jmedina> did you restart postfix?
[23:24] <jmedina> try
[23:24] <jmedina> postfix check before restart
[23:27] <ninnypants> yeah I did
[23:27] <ninnypants> what does check before restart do?
[23:30] <JJman> i have errors installing package and apt-get install -f  aren't fixing it.  what else can i try to get this unstuck
[23:31] <jmedina> :)
[23:31] <jmedina> man postfix
[23:31] <jmedina> I was mean "postfix check"
[23:34] <ninnypants> you had it right I just wrote it wrong
[23:39] <ninnypants> ok tried it and the onlything that doesn't return an error is adding the = after dovecot
[23:43] <jmedina> ninnypants: is this the last line?
[23:43] <jmedina> flags=DRhu user=vmail argv=/usr/lib/dovcot/deliver -f ${sender} -d ${recipient}
[23:43] <jmedina> dovecot is mispelled
[23:43] <jmedina> you missed a "e"
[23:45] <ninnypants> ahh spelling is always the worst
[23:45] <ninnypants> still doesn't get rid of the error though
[23:47] <jmedina> what error
[23:47] <jmedina> please provide details
[23:47] <Gorlist> evening, spot of bother. Someone is doing a brute force on mysql, had to shut it down
[23:47] <nxvl> kirkland: around?
[23:47] <Gorlist> however theirs nothing in mysql log file?
[23:48] <kirkland> nxvl: hi
[23:48] <nxvl> kirkland: hi, just hited kinda of a funny thing with encrypted home
[23:48] <nxvl> kirkland: when i enter a chroot it's not being able to mount my home dir
[23:48] <nxvl> to work from it on the chroot
[23:48] <nxvl> using sbuild
[23:48] <nxvl> have you seen somthing like this
[23:49] <nxvl> (it's completely expected to have that behavior, but i mean, are the workarounds?)
[23:50] <ninnypants> same as in the begining
[23:51] <ninnypants> postfix: fatal: /etc/postfix/main.cf, line 49: missing '=' after attribute name: "dovecot unix - n n - - pipe flags=DRhu user=vmail argv=/usr/lib/dovecot/deliver -f ${sender} -d ${recipient}"
[23:53] <Gorlist> they are putting in massive amounts of querys and killing it