[00:26] what is the T bit on a permissions mask? [00:28] later all [00:29] nv [00:29] nvm [01:00] ok figured it out [01:00] mrX rom should delete that cm_guardian dll [01:00] no exe's left. [01:20] Hey all - anyone know why server install doesn't let me choose where to install grub, but always installs in in the MBR? Still trying to find out why this happens. [01:35] Hello all [01:35] I have just installed ubuntu server edition on my proliant server [01:36] It did not install a GUI by default. [01:36] That's by design [01:36] oh [01:36] I can install the gui if I want to? [01:36] Typically in Linux/Unix systems servers don't have a gui. [01:36] Certainly [01:37] orvonton: Use Desktop instead [01:37] However any issues you have with it would be off topic for the server IRC channel for help. [01:37] Ok, so then most of the admin functions are performed from the command line? [01:38] orvonton: yes, they are [01:38] Well, I mean, most people do not install a gui, is that right? [01:38] I guess I'm just spoiled with the desktop version [01:38] orvonton, yes [01:39] it's my first time with a server, so excuse my ignorance [01:39] generally, a GUI is considered unnecessary at best, and a security risk at worst [01:39] ok, then no gui [01:39] I will learn more that way anyway [01:39] In my opinion it's a bit of a learning curve to get started, but well worth it. [01:39] Yes, exactly. [01:40] any suggestions as to the path I might take [01:40] orvonton, read the server guide [01:40] Should I start with an email server or something simpler? [01:41] I would like to provide some service [01:41] server guide, ok [01:41] got it [01:41] orvonton, you need to decide what you want first, then find out how to do it [01:41] ok [01:41] the server guide is a great starting point once you have your goal in mind [01:42] that's the problem [01:42] I dont have a goal yet [01:42] hmm [01:42] emai [01:42] web server [01:42] something [01:42] any suggestions? [01:43] my goal I guess is to learn how to run a server and provide some service on the net [01:44] Ok, can you point me to the server guide? [01:45] orvonton, it's in the topic, server guide: http://tinyurl.com/65jzxw [01:45] orvonton: it's better to start with the concepts then practice is required, I mean RFC is a must [01:45] if you're using a different version, just replace the version number in the URL [01:47] Thanks Qman [01:47] I will start reading [01:49] Qman, thanks again, I am looking at the url now. I have my work cut out for me. [01:51] I was very surprised when I installed ubuntu on my laptop; it found the wireless card and everything is working great; not so with Fedora [01:52] So as I progress with my server training, is this the correct group to come too for help? [01:54] i hope so [01:55] ok, great [01:55] I guess I have a lot of reading to do. [01:57] orvonton: I tried to join samba to my existing Windows domain to practice and it wasn't pretty, recomend to do all your testing away from critcal systems...... [01:58] That's generally a good rule. [01:58] oh, absolutely [01:58] unfortunately not possible for me as I didn't have two whole networks at my disposal. [01:58] not hooked into anything critical [01:58] stuck in the man cave [01:59] its going to be a long winter [02:00] I used webmin to manage the server, but I'm told now that is not a good idea. The gui was much easier..... [02:01] So far they tell me that the command line is the way to go [02:01] I think with the comman line you really have to know your stuff [02:02] That's probably a good thing [02:02] I'm so used to gui's [02:02] but I can do the command line [02:02] how you learn is up to you, IMHO, however in your final endeavor you should eventually do it according to the best practices. [02:03] yes, but I'm sure now what the best practises are. [02:03] I mean not sure [02:03] orvonton: I had trouble as a lot of how to docs insist on root access and that wasn't possible with ubuntu and sudo so they didnt work right. [02:04] Doorman352, if you need root access, use sudo -i [02:04] read my post again..... [02:04] however, make sure the docs are specific to debian or ubuntu [02:04] sudo -i gives you a root terminal [02:05] but it didnt make persistent changes on some steps, hence why I said it didnt work with sudo for me. [02:05] that has nothing to do with sudo, it has to do with incorrect instructions [02:06] sudo -i gives you a root terminal, literally [02:06] there is no "better" root than that [02:06] logging in as root, is not recommended; correct? [02:06] yes [02:06] Well, running as root [02:06] qman__: You are changing what I said, this is not about what sudo does. It is a statement that several how tos didnt work as they required root access and sudo didnt work. [02:07] Doorman352, I am not putting words in your mouth, I'm saying, sudo -i IS root access [02:07] and the problem is not with sudo, it is with the instructions [02:08] qman__: That is what I said. It was a warning to watch out for certain how tos that will require root acces ans they didnt work. [02:08] different distros do things different ways, so not instructions for another distro may not work on ubuntu [02:08] Well, thanks everyone for the advice. I'm going to go and do some reading. I will see you all soon. [02:09] That is again what I said. I found a lot of BAD how tos. [02:13] The Ubuntu Server Guide is pretty carefully reviewed for each release. [02:14] BTW, if there's stuff you need to do that's not covered there, write it up and we'll get in the next release. [02:14] it didnt cover kerberos and windbing for joining a samba to a windows domain. [02:15] winbind [02:15] hence my journey back to the darkside with windows..... [02:15] Doorman352: Well if you get it figured out, let us know. [02:16] I wish somebody else with better skills would figure it out and let ME know...... [02:16] I sounded so simple....... my first step to getting rid of Microsoft...... Who new [02:17] And the how tos at samba.org were very confusing and didn't match any of my screens or details....... [02:20] What I need is a guide like: "Fed up with microsoft and want to replace their servers with your own Ubuntu servers in 3 easy steps"..... with pictures, lots of pictures [02:21] Doorman352, the reason there isn't an easy how to is because that's not an easy process [02:21] it's actually very complicated and buggy as of right now [02:21] but when samba 4 releases, it will get a lot easier [02:22] the whole goal behind samba 4 is an all in one domain controller replacement [02:22] OK, I found that out. Nowhere did I find anything rating difficulties Samba was supposed to be simple.... [02:23] What could be more basic than a file server..... right? [02:23] samba file sharing is not very difficult [02:23] getting it to interact with a domain is [02:24] simple workgroup file sharing is fairly straightforward [02:24] Wish I had seen a single warning anywhere before I went down that road..... Now I lurk here and in #Samba waiting for someone whos done it to walk me through. [02:24] workgroups wont work in my WAN [02:25] the problem is that windows doesn't use standard implementations for kerberos and ldap, and it's completely undocumented [02:26] but, samba 4 is going to address that [02:26] maybe, but there are a lot of docs out there saying do this and it works....only it doesn't [02:26] they even spent some time working with microsoft to get it right [02:27] samba 3's domain compatibility is basically a cross between NT4 PDC and windows 2000 sharing attributes [02:27] as such it doesn't really work well with newer windows installations [02:27] I'd love to get rid of my DCs and redo everything following the LINUX user model instead, AD doesnt do anything magic for me....just beyond my learning curve ATM [02:27] What do I need to do besides adding a Listen directive to access the CUPS web interface from another machine? (Currently getting "403 Forbidden") [02:27] SAMBA'a website said Windows 2003 Domain...... [02:28] you can get it to work with 2003, but you need to be in 2000 mixed mode IIRC [02:28] and it's ridiculously complicated, and requires everything to be just so [02:29] I've gotten linux clients to authenticate to AD, but that's it [02:29] never did succeed in a samba DC [02:30] yeah, it made a real mess [02:30] tonyyarusso: cups has an apparmor profile. That may need to me modified. [02:30] ScottK: ah. Alternatively, can I add my printer from the command line? [02:30] No idea. [02:31] Printing has always just worked for me in Kubuntu, never needed to configure anything. [02:31] * tonyyarusso notes that the documentation on this subject on h.u.c is a bit lacking [02:31] ScottK: Yeah, it works great when I have the Gnome GUI - I'm just trying to figure out how to set it up headless. [02:31] Never needed it myself, sorry. [02:32] Im running 2003 native and got to the winbind/kerberos parts when it Demoted my DCs and scrambled the secure channels, modified the UID for the domain accounts and then locked itself out of AD.... took MS 5 hours to recover, backups of system state were useless. [02:34] qman__: needless to say I know my limitations and wont try it again without some support from a veteran..... Too bad as I want to show of what Ubuntu could do for my organization if we devoted more energy into using it. [02:35] Doorman352, yeah, it definitely has a long way to go in that regard [02:35] samba 4 isn't too far off though [02:35] and that should really help [02:36] too bad, hate the MS model of upgrade and buy more hardware even if you dont need it.... [02:36] We're getting close on AD. Samba 4 will be a big help. [02:37] If I could use the budget I have for MS crud, I'd be running some sweet toys on the network.. [02:37] When is it expected? [02:38] Doorman352, I don't think there's a set date, it's pre-alpha right now, but it does work [02:38] still a lot of bugs to iron out [02:39] and it's not totally feature complete yet [02:39] Would be nice to have, but Im not going to enjoy the experience if it's buggy, gave up on 9.10 after I got it working as too much work for my users, so went back to 9.04 [02:41] in the mean time what is the current config for using Ubuntu on a windows network? [02:44] ScottK: Do you know which kind of SSH port forwarding I would use to get around this?' [02:45] No. Sorry [02:45] Doorman352: Unfortunately I don't have a Windows network. Sorry. [02:45] Wish I didn't either.... although then I wouldn't have a job.... ok nevermind [02:46] Heh [02:46] ScottK: Whoo, figured it out - ssh -L 1631:localhost:631 192.168.1.215 [03:04] What packages allow cups to connect to Windows-served printers? [03:08] New bug: #482910 in apache2 (main) "Screen (the program) is buggy when called from apache2 and php5 in cgi mode" [Undecided,New] https://launchpad.net/bugs/482910 [03:14] I'm having trouble sending email from my server. the amavis permissions seem to be configured incorrectly. I followed the directions here:https://help.ubuntu.com/8.04/serverguide/C/mail-filtering.html when I set it up [03:15] and these are the mail.log lines that are associated with it http://pastebin.com/d1973e5a5 [03:15] Found it - smbclient [03:18] i am trying install over the network .. but i do not see any netboot/netboot.tar.gz in the iso.. i see this http://pastebin.com/f4ea267be [03:19] where do I get netboot/netboot.tar.gz from ? === clusty_ is now known as clusty [03:55] I have a system with a broken mysql install, and I need to reinstall the mysql-server package while making sure it re-generates the files in /etc when it does not... any advice? [03:58] jpiche: If you purge it instead of just remove it, that will happen. sudo apt-get purge ... [04:00] ScottK, well, lets say the /etc/mysql was removed after the apt-get remove. how do i tell apt to regenerate a my.cnf? [04:01] Well if you manually removed it, then the packaging system assumes you don't want it there and won't put it back. [04:01] Install mysql again, this time purge, and then install fresh. [04:01] ScottK, okay, that makes sense. thanks [04:43] ever since i upgraded to 9.10 my server stops responding after few mins.. i cannot get to it from console or ssh [04:45] http://pastebin.com/f5a9fd8ec here is my dmesg [04:52] axisys: What type of CPU? [04:52] ScottK: http://pastebin.com/f3e534a50 intel p 4 [04:53] ScottK: was working fine for last 6 months w/ 9.04 [04:53] and 8.10 as well before that [04:54] Dunno what to tell you then. [04:54] Sorry [04:55] do I need to worry abou this? not sure if it was there in previous release or if relevant [04:55] [ 0.328055] * The chipset may have PM-Timer Bug. Due to workarounds for a bug, [04:55] [ 0.328057] * this clock source is slow. If you are sure your timer does not have [04:55] [ 0.328059] * this bug, please use "acpi_pm_good" to disable the workaround [04:56] I don't think so. [04:56] [ 1.001348] PnPBIOS: Disabled by ACPI PNP [04:56] i know it is disabled in BIOS [04:56] i guess i should enable it ? [04:57] ScottK: what do you think might be the cause of loosing console or ssh response..? [04:57] Do you have local access to the server? [04:57] ScottK: yes i do [04:58] My guess would be a kernel bug, but I'm not an expert in such things. [06:22] anyone here? [06:28] ey [06:31] /quit [06:41] i'm having an issue with apt-proxy where I have to restart it quite often if one of the client PC's stops updating in the middle of an update. What is the recommended ubuntu-server apt caching proxy? Or is there a known fix for this issue with apt-proxy? [06:42] Anyone know how to add a guest (with a GUI) to a virtual Ubuntu server? [06:49] Merlin_, you cant really [06:50] i think [06:59] AnRkey: :O So you are saying there is no way to virtualise a server with guests that have GUIs? (like servers at school and universitys etc) [07:26] Merlin_, you don't virtualize the server, you virtualize the guests [07:26] I don't know the finer details of how KVM works, but when you need guests with GUIs, what you generally do is connect with a 'virtual console'-type application [07:27] and run the guest GUI from a regular desktop machine, over the network [07:27] this is how vmware server and virtual PC server both work, and I have to guess there is a way to do this with KVM as well [07:42] qman__: I installed Ubuntu server in Virtual Box and (have not port forwarded or anything, dunno how). So I would install a new Ubntu Desktop Edition (in VB) and connect it to the server? [07:43] qman__: After I find out how to port forward and so on [07:47] why do servers need static ip? [07:50] googa, they actually don't. But if you intend to run a daemon, like a httpd, having a static IP is important to avoid downtime. [07:51] Merlin_, that's all handled in virtualbox's configuration [07:51] you just create more machines and configure networking appropriately [07:51] KurtKraut: downtime? [07:52] googa, yes, leading your server to be unreachable through the internet if your IP address changes. [07:53] qman__: so all I really need to do is install an Ubuntu Desktop Edition and connect to the server? [07:53] Merlin_, I don't understand what you mean by "connect" [07:54] KurtKraut: Isin´t also for say a dns server, so that it can be found from the same ip always by clients? [07:55] googa, sorry, I couldn't understand clearly your question. Are you asking me if DNS servers need to have a static IP? [07:55] Merlin_, if you want a virtual desktop and a virtual server to be on the same network, you just configure virtualbox for it [07:55] KurtKraut: yes, and why [07:56] KurtKraut: same reason, downtime? [07:56] googa, DNS servers need a static IP because you need to be able to reach them to get DNS queries [07:57] other server types don't necessarily need a static IP, by using DNS [07:57] but DNS needs to be there for it to work, so it's a catch-22 if you DNS server doesn't have a static IP [07:57] googa, let us make an analogy: think IP addresses like telephone numbers. So, a static telephone number is a phone that never changes. A dynamic phone number may change randomly, almost daily. [07:57] qman__: for consistensy in other words? [07:57] googa, no, for it to work [07:58] clients need to know where the DNS server is [07:58] googa, Police Departament has an important telefone number, and it is static: 911. If police had a dynamic telephone number, it would lead police to be unreachable by phone because nobody would now the current police number. [07:58] if it's moving around all the time, things won't work [07:58] Ok [07:58] qman__: what are servers called that schools and universities use that every computer is on? [07:58] googa, you should read http://searchwindevelopment.techtarget.com/sDefinition/0,,sid8_gci520967,00.html [07:59] Merlin_, there really is no such thing, you use different servers for different purposes [07:59] if you're looking for directory services, or single sign-on, check the server guide [07:59] there's quite a few different ways to do that, including ldap and kerberos [08:01] Merlin_, client machines aren't "on" a server, they simply connect to them to use functions provided by the server [08:01] with the exception of thin clients, which actually do run on the server [08:03] KurtKraut: What is default gateway in terms of phone numbers :)? [08:03] googa, the switch box at the telephone company [08:03] qman__: I have never set up a server. I want to set up a server, like university, and each computer signs in on to a desktop and the actions are regulated (such as you can't access certain websites, can't access C:/ directly). I understand it is on Windows, however I want to do it on Linux. [08:04] Merlin_, that's mostly done with client configuration [08:04] with the exception of web filtering, which is done via a proxy server [08:06] Merlin_, to restrict users from changing systemwide settings, simply don't add them to the admin group or sudoers file; ubuntu does not allow regular users to make changes to the system by default [08:07] Merlin_, if you need to restrict them further, you will need to create chroot jails, or some form of mandatory access control, which is a fairly complex configuration and depends entirely on what your users need to do [08:08] qman__: Aaah... [08:08] but to affirm, unlike in windows, users are unprivileged by default [08:09] they must be added to the admin group/sudoers file to make administrative changes [08:10] if I want a sub network for about 54 clients do I use a Net mask of 255.255.255.201? [08:10] qman__: fair enough. You said about restricting websites via a proxy server. [08:10] googa, no, that's an invalid mask [08:11] So if I want a subnetwork for 254 clients ill use a net mask of 255.255.255.0 [08:11] qman__: How does this work? [08:11] and for 500 clients 255.255.0.0 [08:11] Merlin_, yes, if you want to filter web traffic, you need a proxy server, such as squid [08:12] googa, for 500 clients you could use 255.255.252.0, or 255.255.0.0, or 255.0.0.0, it all depends on what IPs you're using and your preference [08:13] qman__: so in a short analogy what does a netmask do? [08:13] Merlin_, in the proxy server configuration, you can create a blacklist, or a whitelist, or create user/password combinations [08:13] googa, a netmask defines the separation between the network portion of the IP address and the host portion [08:15] googa, http://www.ralphb.net/ipsubnet/ [08:18] qman__: How is this web blacklist work? Does it go on the meta tags of the websites? [08:18] Merlin_, no, you define in your proxy configuration what sites you don't want people to go to, by URL, wildcards supported [08:19] so, if you didn't want your users to go to myspace, you would add a deny rule for *.myspace.com [08:19] I don't remember the exact syntax but that's the general idea [08:19] googa, you're lacking some essential concepts of networking. You should dedicate a few hours on the internet reading about all those essential concepts. You need to understand them if you intend to maintain a server. [08:20] qman__: I remember at school a few years ago that they blocked EVERY proxy server that I tried and I tried at least 50 of them. So they manually denied all of them? [08:21] Merlin_, what most schools and companies do is hire a third party service, which runs a proxy for them [08:21] that service constantly searches the web for "bad" sites and maintains a large list [08:21] ok [08:21] and provides a web proxy for the schools and companies to use [08:22] the school would then configure its network such that all web traffic is directed through the third party proxy [08:22] and so "bad" websites are blocked, including other proxy siets [08:22] sites* [08:22] qman__: is this third party server a software or a group of people? [08:22] Merlin_, there are many companies that provide this type of service [08:23] one example is websense [08:23] I think openDNS offers a DNS-based filtering service too [08:23] Is joining linux machine to windows domain very complicated? [08:23] googa, yes [08:24] qman__: oh. and this company would also search the websites visited (and maybe keylog??)? [08:25] Merlin_, the company would definitely NOT keylog, but they may review visited URLs and check for content to update their lists [08:25] qman__: how accurate is this explanation? [08:26] googa, what explanation? [08:26] qman__: aah.. thanks [08:27] im sorry [08:27] http://www.linuxquestions.org/questions/slackware-14/join-linux-to-windows-domain-371794/ [08:28] that [08:28] googa, that is accurate, but not complete [08:29] what do you mean, not complete [08:29] it would allow you to access file shares on a windows domain, but to actually "join" a domain, and share users and information, you need to configure winbind or ldap, and pam [08:29] it is a fairly advanced configuration setup [08:31] googa, that information also pertains to slackware, configuring it on ubuntu will be different [08:31] I have bind on a machine. will it not work using those settings in the link for windows users [08:31] bind and winbind are two different programs, with two very different purposes [08:32] yes i see [08:32] tough, will a dns server not work for windows client without all those advanced configuring ldap pam .... [08:33] googa, you do not need to join a domain to provide DNS [08:33] good [08:33] the DNS server will work regardless [08:33] what about vsftpd daemon [08:33] same [08:33] do you need to join domain for that to be availble [08:33] no? [08:33] good [08:33] no [08:33] and last CUPS [08:33] what about that [08:33] windows doesn't support connecting to CUPS out of the box [08:34] be more specific [08:34] if you want to share printers to windows clients, I suggest sharing them with samba [08:34] also, does not require joining the domain, though it is optional [08:34] are u sure, someone told me i can share them trew cups [08:35] it is possible to connect windows to a CUPS printer, but it isn't the same as windows print sharing [08:36] both ways work, it depends on what you want [08:36] ey, qman__: How do you create a download limit? [08:36] Merlin_, can you be more specific? [08:37] qman__: I remember at school that you could not download files over 1GB. If you tried you would only download the first GB of that file so, thus, the file would be useless. [08:38] Merlin_, yes, squid supports that type of configuration [08:38] I don't know off hand how to do it, but you should be able to find it [08:38] qman__: Could people bypass this configuration? [08:38] Merlin_, not if you configure squid as a transparent inline proxy [08:39] however, this only works for http [08:39] ftp and other protocols, if you allow them out, will not be limited by it [08:40] it is possible to limit other protocols too, but I don't know how to do it, and it would probably require purchasing software or equipment [08:40] qman__: what about using wget or by pausing the download, restarting the computer and resuming the download? [08:41] Merlin_, it would still be prevented [08:41] at least, I think it would [08:41] you would have to test to make sure [08:42] So there is no way to bypass this unless you didn't go through the proxy? [08:42] aah [08:42] a transparent inline proxy doesn't require any special client configuration, it just mangles all web traffic [08:42] and applies the rules [08:42] there are other ways to tackle the problem too [08:42] such as with complicated firewall rules [08:43] like what ways? [08:44] you could create or buy a software or device designed specifically to do it, or you could configure the firewall in such a way that it would prevent files over a certain size from passing through [08:44] a proxy is the simplest and most typical method [08:45] aah [08:45] generally when this type of configuration is needed, there is a large budget to be spent on it [08:45] so as you might imagine getting better than a proxy can get expensive [08:46] either in manpower to set it up or tools to do the job [08:46] or both [08:48] I could imagine [08:49] By hosting a proxy server in a virtual environment, then connecting to that server in the same computer keeps the same IP, right? [08:50] Merlin_, no, each of your virtual machines will have its own IP on the virtual network [08:50] it's possible to bridge everything together but that would prevent any of this from working [08:50] what you want is a virtual network routed to your real network, with all the VMs on the virtual network [08:51] I don [08:51] t understand [08:52] By creating a virtual proxy server and connecting to it on the same computer will dramatically increase my security of the computer would it not? [08:52] in order to configure the client and server in this way, you need to run a virtual network that is separate from your actual network [08:52] and then route the two together [08:53] To get all the machines with the same IP? [08:53] Merlin_, the machines cannot have the same IP, they must have different IPs [08:54] that's what the virtual network is for, to allow your virtual machines to each have their own IP on the network, and then you route your virtual network onto the real network [08:54] effectively, it's as if your host machine was a router, and all the virtual machines were behind it on a switch [08:55] aah [08:56] now, that is not the only way to configure networking for virutal machines, but it is the way you need to configure them for this setup to work [08:57] IIRC, virtualbox makes setting it up that way especially difficult, if not impossible [08:57] To set up a server, the network would need to be on 'host-only'? [08:58] I think the way you would need to do it is [08:58] on all the clients, set host-only [08:58] on the server, create two network adapters, one host-only, and one NAT or bridged [08:58] then configure the server to route traffic for the clients [08:59] ah ok [09:00] but you would need to check into virtualbox's manual and support, because I remember having a hard time getting it to work that way [09:00] I've done it on vmware, and on virtual PC just fine, but virtualbox was difficult [09:01] You like VMware, virtual PC or VB better? [09:01] depends on what for [09:01] for performance, virtualbox is best [09:01] for networking, vmware is best [09:01] for a quick, easy, windows VM on a windows host, virtual PC is best [09:02] mm.. k [09:06] qman__: by connecting to a proxy that I would host in a virtual machine, this would increase my security, right? [09:17] qman__: you there? [09:27] Merlin_, it wouldn't really affect security at all [09:27] it would merely alter your web browsing experience [09:32] qman__: but then wouldn't a hacker/website only get the IP of the proxy server? THEN they would have to get my IP from being in the proxy server? [09:32] Thus, taking longer [09:34] all the traffic is funneled through your external IP anyway [09:34] and, attempting to hide your IP address is futile and pointless, in regards to security [09:35] oh [09:36] What about, since you are going through a proxy, then wouldn't the hacker only 'hack' into the proxy server, and since it is a virtual server, they cannot be much that would harm my computer?? [09:38] that is a pretty misguided view of how "hacking" works, but even in that scenario, your host machine is more accessible than the virtual machines running on it regardless if you use a proxy to browse the web [09:38] to actually secure your network, you need to lock down access at the perimeter, your connection to the internet [09:40] oh [09:51] qman__: How would you make a user connect only to the proxy? [09:54] Merlin_, you can configure the proxy to be inline and transparent [09:54] so that all outbound web traffic is forced through it [09:55] how would youuu do that? [09:55] there are guides for it [09:56] like this one: http://www.cyberciti.biz/tips/linux-setup-transparent-proxy-squid-howto.html [09:59] thanks [10:00] obviously you need a little adapting to your network design, but it covers the squid configuration completely and gives you the concepts [10:01] thx [11:17] i have a remote VPS, it has 12G hd, out of which around 6G is used. I want to take its backup so that i can restore it in one command. I want whole backup without putting it down. ideas? === Claw_ is now known as Claw6 [13:29] New bug: #483066 in postfix (main) "package postfix (not installed) failed to install/upgrade: ?????????? ????? ???????? pre-installation ????????? ??? ?????? 1" [Undecided,New] https://launchpad.net/bugs/483066 === johe_ is now known as johe [14:27] what kind of backup do i need to restore a system state? by state i mean the same set of packages with relevant same set of configuration and documents as of now? [14:27] any other option than just using dd? [14:28] without putting the server down.... and it would be great if it could be incremental [14:51] what is the best way to create an sftp user to access a specific folder [14:51] and its subfolders [14:52] dassouki: you want to limit what the connecting user can see? [14:53] pmatulis: just for wordpress, I want to create an sftp user, so I can automatically update my plugins folder [14:53] so it can only upload to that folder [14:54] dassouki: you could force a chroot for that user [14:55] dassouki: he would only be able to see his home folder for instance (that contains the dir you want him to update) [14:56]