=== dendrobates is now known as dendro-afk === FireCrotch_ is now known as FireCrotch [00:45] nvm Q. gsh [01:35] New bug: #484562 in libvirt (main) "apparmor prevents libvirt-vnc certificate from being read" [Undecided,New] https://launchpad.net/bugs/484562 [03:24] hi [03:24] error: failed to connect to the hypervisor [03:24] in hardy [03:25] i enabled the backport === vxnick_ is now known as vxnick [03:34] Anybody use Kaspersky Enterprise? [03:38] Doorman352: isn't that a Windows thing? [03:38] !anybody [03:38] A large amount of the first questions asked in this channel start with "Does anyone/anybody..." Why not ask your next question (the real one) and find out? [03:40] Kaspersky is for everyone, since Im adding Ubuntu servers I wanted to know if anyone has used it on linux. [03:41] New bug: #484594 in mysql-dfsg-5.0 (main) "mysql not woking" [Undecided,New] https://launchpad.net/bugs/484594 [03:42] Since I don't have any Windows desktops, I don't bother with virus scanning. [03:42] See also: http://linuxmafia.com/~rick/faq/index.php?page=virus [03:44] I have seen widespread use of clamav for when you are providing, say, a Unix fileserver to a bunch of Windows desktops. [03:45] For security of the server itself, you want to look at "intrusion detection" systems, rather than virus scanners. [03:46] Kaspersky runs on windows, Linux, etc so I figured I use it. [03:59] Hi everyone! [04:11] virtual machine not booting from cdrom / iso .. [04:11] anyone can help me ? [04:13] the console came up .. but didnt booting the cdrom / iso [04:13] ejat: what virtualization technology? [04:13] kvm [04:14] Don't you just pass -boot d ? [04:14] im using the virtual machine manager [04:14] I'm not familiar with virt-manager, sorry [04:15] AFAIK the backend needs you to specify what to boot from BEFORE starting the VM [04:15] And it defaults to the hard disks [04:21] ic [04:22] I'm struggling to find the .torrent file for Ubuntu Server (amd64, iso) [04:25] Aha! Found it. [04:25] Completely not where it should have been though. [04:26] So I was reading about UncomplicatedFirewall and got a bit confused about this: http://paste.ubuntu.com/321252 [04:31] you guys know which page is correct, or if I got it wrong? === specialK1vin is now known as specialKevin [04:54] Bo7: I can't answer your question, but I can teach you how to find out [04:54] Bo7: first, put your ufw config back to however you found it. [04:54] Bo7: then, run "iptables-save" and pastebin the output [05:06] can someone help me out with mx records? [05:09] yes billybigrigger [05:09] !ask | billybigrigger [05:09] billybigrigger: Please don't ask to ask a question, simply ask the question (all on ONE line and in the channel, so that others can read and follow it easily). If anyone knows the answer they will most likely reply. :-) [05:10] ok, last time i setup my mailserver all the mail was to thefrozencanuck.ca, and this was my MX record [05:10] twb, oh the firewall works allright for me, I was just curious about what the default state of ufw was, the documentation says different things. [05:10] now i want to be able to setup my mail clients to point to mail.thefrozencanuck.ca, and not the "sally" i had setup as a hostname [05:10] so you are looking for [05:11] so do i create a new AHOST for mail.thefrozencanuck.ca [05:11] and then just make my MX record for mail.thefrozencanuck.ca? [05:12] you create an A record for the mail.thefrozencanuk.co and the MX record changes to mail.thefrozencanuck.ca [05:12] right on [05:13] mail.thefrozencanuk.ca A ip.addy [05:13] heh [05:13] mail.thefrozencanuk.ca. [05:14] thefrozencanuk.ca. IN MX 10 mail.thefrozencanuk.ca [05:14] replace 10 with whatever priority system you want to use [05:16] i keep forgettting to type the trailing . [05:17] ok, now how do i confirm this is all setup? [05:17] i need to use the dig command or something here? [05:19] billybigrigger give it like 10 minutes and then check www.nwtools.com [05:19] billybigrigger or http://www.mxtoolbox.com/ [05:20] billybigrigger you can also use "host -t MX thefrozencanuck.ca [05:21] billybigrigger@cabo:/etc/default$ host -t MX thefrozencanuck.ca [05:21] thefrozencanuck.ca mail is handled by 10 mail.thefrozencanuck.ca. [05:21] :) [05:22] :PPPP [05:23] billybigrigger im just saying that you should also set an A record for just plain old thefrozencanuck.ca [05:23] i have one [05:23] Host Points To TTL Actions [05:23] @ 68.146.139.247 1/2 Hour [05:24] @ = thefrozencanuck.ca [05:24] quick poll, what do you prefer Maildir or mbox? [05:25] i have always setup Maildir, not too familiar with mbox, and was going to try it on this setup [05:25] should i try out mbox or stick with Maildir? [05:29] bogeyd6, ? [05:37] billybigrigger i have no preference [05:37] ive had a few scotches so im in and out [05:38] of conciousness? [05:38] !dovecot | billybigrigger [05:38] billybigrigger: IMAP and POP are protocols for fetching email. The officially-supported server in Ubuntu is Dovecot (packages "dovecot-imapd" for IMAP, and "dovecot-pop3d" for POP) - See also !MailServer for information on the SMTP protocol [05:38] yeah i have postfix and dovecot installed [05:38] but obviously not configured [05:38] i prefer using ZCS personally, i dont use dovecot, but dovecot is the official maildir package in ubuntu server [05:39] jesus i hate evolution [05:39] oh im watching Lock n Load with r leee ermey :) [05:39] lock n load [05:39] don't think i've seen it [05:39] if you like military stuff it is highly recommended [05:39] oh yeah [05:39] who's in it? [05:40] r lee ermey [05:40] what year did it come out? 1990? [05:41] 2009 [05:41] tv series [05:41] oh its a tv series [05:42] all of your stuff resolves but your www, blog, and smtp isnt responding [05:44] smtp is handled by my ispo [05:44] isp [05:44] have to use shawmail.cg.shawcable.net as a relay for my outgoing mail [05:45] isp blocks port 25 on me :( [05:45] ok cool [05:45] www. and blog. don't respond? [05:45] oh [05:45] duh, haha have not setup apache yet [05:46] :P [05:46] i have a full complete server setup, mail/ftp/web/mysql all that jazz already [05:46] but its on a 40GB virtual hard disk [05:46] time to put some work in [05:46] so i decided i'd start fresh and do it on a dynamic hdd [05:47] im bored and have nothing to do for a few days :) so i don't mind starting over [05:47] i prefer to use VMware to run any server [05:47] whats the difference between vmware or vbox? [05:47] hosted on a san [05:47] thought they were both pretty much the same [05:47] stability and compatibility. vmware being the superior, vbox being simpler [05:48] billybigrigger: a few letters [05:49] Ubuntu recommends KVM for full virtualization. [05:49] !kvm | billybigrigger [05:49] billybigrigger: kvm is the preferred virtualization approach in Ubuntu. For more information see https://help.ubuntu.com/community/KVM [05:49] Thaks. [05:49] :) [05:49] (Gah! More coffee!) [05:50] i still like vmware [05:50] I have had countless bad experiences with VMware, and VMware 2's move of putting everything inside tomcat didn't impress me favourably. [05:51] I daresay VMware is more attractive if you're running Windows guests in a Windows host. [05:54] Likewise I suspect both VMware and Virtualbox are more attractive if you're wanting to run virtual machines on your overspecced laptop (rather than on a server in the rack), and you want AIGLX and USB and such to work. [05:54] hmm hmm [05:55] can't connect to mail.thefrozencanuck.ca [05:55] As for me, qemu's features like -kernel/-initrd/-append and its raster-less tty emulation (i.e. -curses or PTYs) are killer features. [05:55] in either thunderbird or evo... [05:55] billybigrigger: you should try netcat/socat first, since that'll tell you if there's anything there at all. [05:55] nmap shows 143 and 993 are open, and router is routing 143 and 993 to 192.168.1.111 which is correct.... [05:55] "nc mail.thefrozencanuck.ca submission" or whatever [05:56] billybigrigger@cabo:/etc/default$ nc mail.thefrozencanuck.ca submission [05:56] mail.thefrozencanuck.ca [68.146.139.247] 587 (submission) : Connection refused [05:57] billybigrigger: I'm assuming you're actualy using submission for SMTP/SSL [05:57] You seem to be talking about imap2 and imaps [05:58] * billybigrigger needs to look over postfix config [05:58] setup postfix last night and dovecot today...so its not too fresh in my memory [05:58] i haven't done anything for smtp [05:59] billybigrigger: so you'd change "submission" to "imaps" or "993" then [05:59] Not that it matters, since you indicated that nmap can see them. [06:11] New bug: #484621 in samba (main) "The Samba 'panic action' script, /usr/share/samba/panic-action, was called for PID 5886 (/usr/sbin/smbd)" [Undecided,New] https://launchpad.net/bugs/484621 === vxnick_ is now known as vxnick [07:51] How do I know is dns server working properly, or are my configurations right === scott_nwoktech_ is now known as scott_nwoktech [08:06] How do I know that DNS is working properly [08:07] <_ruben> uhh .. you ask the dns server a question and see if you get the right result? [08:08] <_ruben> and "working properly" is about as vague as it can get [08:08] mine \ NoPE [08:08] _ruben: "how many roads must a man walk down?" === owh is now known as onno [08:15] _ruben: I configured in named.conf zone for our school network "ele.local" and made a zone file "db.ele". Now what should some up anywhere to make me sure that I have actually configured a master server for the network "ele.local" [08:15] some=come [08:16] _ruben: its my thesis see, and i have to proof that I have now done a mster server for ele.local, so how do i know, i think ive done all the work, but wheres the trophy [08:17] u no === onno is now known as owh === owh is now known as onno [08:27] <_ruben> ESEDU: assuming you have added some (bogus) records (for example: bogus.ele.local) to the db.ele zonefile and the ip address of the nameserver is 1.2.3.4, do: host bogus.ele.local. 1.2.3.4 [08:29] _ruben: and what should I see [08:29] <_ruben> the ip address you specified in the zonefile [08:30] _ruben: the address for the NS record? [08:30] in the zone file [08:30] <_ruben> ESEDU: do you know how dns works? [08:30] somewhat [08:31] <_ruben> lets start by putting your named.conf and db.ele on a pastebin [08:31] now pastebins are a totally diffrent thing [08:32] never heard [08:32] <_ruben> !pastebin [08:32] pastebin is a service to post multiple-lined texts so you don't flood the channel. Ubuntu pastebin is at http://paste.ubuntu.com | To post !screenshots use http://tinyurl.com/imagebin | !pastebinit to paste directly from command line | Make sure you give us the URL for your paste - see also the channel topic [08:33] u want me to give pictures [08:35] im so confused! [08:35] <_ruben> forget about the screenshot part, the important part was: "pastebin is a service to post multiple-lined texts so you don't flood the channel. Ubuntu pastebin is at http://paste.ubuntu.com" ... you copy/paste the contents of a file to that site so others can see/read it [08:38] _ruben: ok i put part of named.conf there. [08:40] ESEDU: I'm no expert on DNS, but I've configured some easy servers (dnsmasq). Just a warning because you are using ele.local. The .local extension is used by Avahi! (http://avahi.org/wiki/AvahiAndUnicastDotLocal) === alvin_ is now known as alvin [08:42] This can screw domain lookups if you are using avahi [08:46] _ruben: did u check out the pastebin [08:47] <_ruben> ESEDU: no, because you didnt give us the url of your post [08:48] you need to paste named.conf.local & named.conf.options too [08:48] in whole [08:48] _ruben:http://paste.ubuntu.com/321349/ [08:48] can't really see just from a named.conf snippet [08:49] hello to all. i have a litlle a non specific ubuntu server question. need to register a .com domain name. can anybody say me what is the best registerer for that ? who has good experience with .com domains. thanks in advance for reply [08:49] atomic_1: see whay [08:49] t [08:50] ESEDU: i see that you have a bind9 specific question. what exectly do you want to have ? [08:50] you can also try #bind, but those guys are brutal :) [08:50] yes i can confirm it :-) [08:52] xperia2: A master server for ele.local network [08:52] _ruben: http://paste.ubuntu.com/321357/ [08:52] <_ruben> snippet looks ok, your choice of filenames is uhm.. odd [08:53] <_ruben> zonefile looks ok too [08:53] <_ruben> host server.ele.local. 1.2.3.4 should return 10.130.140.241 (assuming your dns server is 1.2.3.4) [08:53] <_ruben> on the box itself you could use 127.0.0.1 [09:01] how would I get php with my apache installation? [09:06] tangentcollision: install it [09:07] well, of course, how did I not see the blatantly obvious before? [09:07] what package would I have to install [09:07] that's more of what I was asking [09:09] twb: if you answer that question, I'll forgive you for being a jackass [09:09] I don't remember offhand. [09:09] tangentcollision: in the wiki page of ubuntu is all described https://help.ubuntu.com/9.10/serverguide/C/php5.html [09:09] apt-cache search apache.*php [09:10] That finds libapache2-mod-php5 [09:10] https://help.ubuntu.com/9.10/serverguide/C/index.html [09:12] you are quite forgiven good (sir/madame) [09:13] oh crap, I forgot, ubuntu upgraded in the past year, hasn't it [09:14] apt-get upgrade [09:14] oops [09:16] <_ruben> ubuntu "upgrades" twice a year [09:16] _ruben: http://paste.ubuntu.com/321371/ [09:16] I forget this [09:16] anyways, I'm going to upgrade, good evening to all [09:26] hello i have a karmic server which has many udev --daemon and /lib/udev/watershed sh -c /sbin/lvm vgscan; /sbin/lvm vgchange -a y that appears [09:27] i saw similar bugs in bugzilla but there are too old for be for karmic [09:27] any idea ? [09:41] http://paste.ubuntu.com/321371/ [09:41] does that look right? [09:41] for a reverse zone file [09:46] <_ruben> yup [10:12] _ruben: how do I know that they work for sure then? [10:40] ESEDU: you can use the rndc command, check syslog [10:41] and dig offcourse [10:42] i like to setup separate log channels for query and named [10:43] you can do this by using logging in named.conf [10:43] keeps things clean [10:44] to test, add some entries by hand in the zones, reload them [10:45] and check forward and reverse lookup from another machine [10:47] i solved my problem with a dpkg-reconfigure udev, thanks for your help [10:52] Hi all, could some gurus give me tips about setting PXE installer server for Ubuntu 9.10 desktop? [10:55] <_ruben> eason: got any more specific questions? been a while since i set up my pxe environment (only using it for servers install currently though) [10:55] atomi c_1: ok, hypothetically lets say ive done this, now how am i reassured? [10:59] odd, I didn't need to restart my server after apt-get upgrade [10:59] is that normal? [11:00] Ruben: I have installed Dhcp, tftp, Nfs, apache on server side, and copied linux kernel and initrd in tftpboot. Client can boot from lan to choose install menu. But client is not able to install Ubuntu desktop from lan [11:02] <_ruben> tangentcollision: yes, as only kernel upgrades require reboots generally [11:02] in client side, it always yield that can't find mirro [11:02] _ruben: would it make any difference that the network allready has a main server [11:02] <_ruben> eason: (where) do you specify the mirror? [11:03] How can I configure to use my web server as mirro? [11:04] <_ruben> by selecting it during the installation process? [11:04] <_ruben> bbiab .. lunchtime [11:05] Can I set it in preseed file as I hope it can be installed automatically? [11:24] hello [11:25] I have an odd problem, but i am sure you have heard this before, I have had my server attached all this week, I have ubuntu-server 9.10 [11:25] attacked.. oops [11:25] I am not sure how there doing, it besides the box shutting down, or totally locking up [11:26] reading on google, i get the idea that its the ftp server their going after. [11:26] X-Seti: So, the attack was successful? [11:26] yeah, 3 times now, same time every day [11:26] i only noticed this today [11:27] What ftp server are you using? [11:27] proftpd [11:27] Is it anonymous? [11:27] no, just normal user and passworded accounts [11:27] i took off anon stuff [11:28] Are they doing a dictionary attack? (guessing passwords) [11:28] If not, it must be a vulnerability. Also, ftp passwords are easy to sniff. [11:28] not sure, i have bounce attacked in the logs, and what ever server is running, like they scanned anything that is running and tried their luck [11:29] well i cant really shut down the ftp server, change the passwords, they came onto the ircd i have running on there, and tried to send me a file too, which suggested that ftp wasnt all that successful [11:30] Automated attacks are normal. (This pc is currently under attack (ssh). The cracker tries to guess the password for 'root') [11:31] killing the server is a first, crashing it and making it usless till i reboot is another [11:31] That's weird, yes. [11:32] i use modified hardware, i wanted to go the eco way, the box itself uses 70watt, total [11:32] Im must admit that I'm not familiar with proftpd. [11:32] atom? [11:32] <_ruben> eason: yeah, mirror can be preseeded just fine [11:33] old modded laptop with everything removed, even the screen [11:33] i took the motherboard out and put it in a desktop case. [11:34] i removed everything that used power, added more usb ports for the back of the case, and its but fine for 6 years now [11:34] till now [11:34] X-Seti: Now, that is a cool idea :-) [11:34] saved me alot of money hosting sites [11:34] ruben: could you tell what is directory structure of mirror server? [11:35] i noticed that ubuntu 9.10 is heavier, 8.04 wasnt so resource depanding.. [11:35] <_ruben> eason: you shouldnt have to worry about that, assuming you're using a "supported" method of creating a local mirror, im using debmirror myself currently, but i might just switch to a full rsync someday [11:35] as installer always yield can't find mirror, maybe some thing wrong in my mirror server [11:36] <_ruben> eason: check your access logs to see what its failing on [11:36] I just copied Ubuntu desktop cd into web directory [11:36] X-Seti: My slowest machine currently running karmic server is an atom. No speed problems, except when you use Qemu (no VT, so that's entirely normal) [11:37] But back to your crashes. I have no idea. Did you check /var/log/auth.log [11:37] i run 2 apache servers, tomcat, ircd (custom unrealircd), proftpd, sshd, gother and thats it [11:37] i never got email to work [11:38] but then, when i had email running on my older server (Amiga4000t) all i got was spam) [11:38] That's not only ftp. Do you know how they got in? [11:39] not sure, i could install firestarter [11:39] !firestarter [11:39] Ubuntu, like any other linux distribution, has firewall capabilities built-in. The firewall is managed using the 'ufw' command (see https://help.ubuntu.com/community/Uncomplicated_Firewall_ufw), or 'iptables' (https://help.ubuntu.com/community/IptablesHowTo). GUI applications such as Firestarter/Gufw (Gnome) or Guarddog (KDE) also exist [11:39] if these unknowns happen, does ubuntu log them anywhere [11:39] <_ruben> eason: ah, that probably wouldnt work indeed, not sure how/if a cd can be turned into a webmirror [11:39] Hmm, that's a gui application. No need to install X. The damage is already done, so I would check existing logs [11:40] Yes, /var/log/auth.log is for security [11:40] i do have gnome running on there, i was working on porting an old amiga app to ubunut [11:40] lets have a look at that [11:42] holly hell [11:42] i have a dir full of stuff [11:44] Your log dir? Or do you mean a rather large auth.log? [11:44] the log dir is packed, but i am looking at auth.log now [11:46] same ip has been hammering root for days [11:46] none stop, even now [11:48] Ruben: could you show me the directory structure of your mirror? [11:49] pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=2031691$ [11:49] Nov 15 07:55:19 events sshd[15070]: Failed password for invalid user tester from 203.169.139.171 port 52470 ssh2 [11:49] thats weird [11:49] i have a 1gig log file [11:49] X-Seti: block it :-) I actually don't know how to do that. I'll look it up. If I'm not mistaken, there is a script for ssh to do stuff like that automatically. [11:49] lol, maybe the log file crashed your server? :-) Is the disk full? [11:49] checking [11:50] now i have a 1tb drive on there [11:50] it would be hard to full that :) [11:51] from what i can see, that got password the router firewall [11:51] there port scanning everything beyond that, hitting the server i had and this comp [11:52] A short search tells me to use /etc/hosts.deny if you want to manually block ip ranges [11:52] looking at all the ip addresses, thats alot of blocking [11:52] In my experience, a default ubuntu (without firewall) doesn't crash under those circumstances. (ssh active) [11:53] ive never had any problems till, now, panic when my server crashed, i couldnt log in or connect to any services [11:54] My Server is not available via the Internet at its Hostname, NS1.LOYALRELIABLE.COM [11:54] It is available by IP [11:58] ; <<>> DiG 9.6.1-P1 <<>> @173.11.38.195 any loyalreliable.com [11:58] ;; ANSWER SECTION: [11:58] loyalreliable.com. 86400 IN MX 10 mail.loyalreliable.com. [11:58] loyalreliable.com. 86400 IN SOA ns1.loyalreliable.com. loyalreliable.com. 0 10800 3600 604800 3600 [11:58] loyalreliable.com. 86400 IN A 173.11.38.195 [11:58] loyalreliable.com. 86400 IN NS ns1.loyalreliable.com. [11:58] loyalreliable.com. 86400 IN NS ns5.loyalreliable.com. [11:58] ;; ADDITIONAL SECTION: [11:58] ns1.loyalreliable.com. 86400 IN A 173.11.38.195 [11:58] mail.loyalreliable.com. 86400 IN A 173.11.38.196 [11:58] ;; SERVER: 173.11.38.195#53(173.11.38.195) [11:59] <_ruben> http://paste.ubuntu.com/321462/ [11:59] 5 days worth, 5 ips [11:59] so it started 5 days ago [11:59] hm? [12:00] 5 days worth? [12:01] someone is hacking my server [12:01] oh [12:08] <_ruben> fail2ban is nice 'n simple method to "protect" yourself again bruteforce attacks (non-distributed ones) [12:08] Ruben: now my client installer can find my mirror server, but yield 'The installer failed to download a file from the server', any tips for solving it? [12:09] <_ruben> eason: check the access logs of your server, it probably requires a file that isnt avail on the cd, or in a different place [12:13] hi can anyone help probably a simple problem (learner) [12:15] im getting an error unable to resolve host "name of server" [12:15] what service are you running [12:16] roytech: resolv.conf configured ? [12:16] roytech: when do you see this error? [12:16] apache? [12:16] Ruben: I have checked the apache's error log file, nothing been shown there [12:18] <_ruben> the installer log might show some hints too (virtual console 4 has that log) [12:24] epinky opensuse prefers people use the yast2 tool to configure network settings [12:24] !pastebin @ dei [12:24] Sorry, I don't know anything about pastebin @ dei [12:24] wrong channel [12:24] im an idiot [12:25] bogeyd6: excuse me? [12:25] no problem [12:25] thank you [12:25] i figured our my problem :) [12:25] dei did you have to use the hostname tool at your registrar? [12:25] i made a dumb mistake on my firewall... [12:26] and that was blocking everything [12:26] i just did not suspect such a simple change to cause this problem :) [12:26] kk [12:26] thats why i prefer firewall appliances [12:29] when just making any change to svr just after sudo [12:29] Ruben: thank you very much, I found it [12:35] I need help, I have setup LAMP for Ubuntu 9.10 setup 2 vitalhosting by name and when going to one of the domain it does not give me any thing? in the /etc/hosts file I have "000.000.000.000 hostname-server.abc.org hostname-server" where 000.000.000.000 is the real IP address [12:36] spirits-sight: you mean VirtualHost? [12:36] yes :-) epinky [12:37] spirits-sight:000.000.000.000 is another machine? [12:38] I am using linode and it says to put the public IP address where the 000.000.000.000 is [12:39] epinky: this is the line above that one 127.0.0.1 localhost.localdomain localhost [12:40] spirits-sight: 000.000.000.000 is another machine? [12:41] I don't think so, its the linode that was assigned it linode.com [12:42] spirits-sight: /etc/nsswitch.conf checked? [12:44] one sec [12:46] epinky: what should I be looking for, I don't see any thing in there that says domain [12:46] hosts: files dns [12:46] networks: files [12:47] files dns means check hosts first, if not found ther go to dns, it's ok then ... [12:47] OK so I understood that then :-) [12:50] when I go to the domain.org in brower it says "Oops! This link appears to be broken." [12:52] spirits-sight: try using nslookup with some external server, to check resolution [12:53] spirits-sight: I mean resolution of your server :) [12:53] so in my destop term do mslookup domain.org [12:54] it gave good respone it gave the ip address, so how do I know its from the server [12:55] i think it should be equal to 000.000.000.000.000 [12:56] Server: 192.168.1.1 [12:56] Address: 192.168.1.1#53 [12:56] Non-authoritative answer: [12:56] Name: domain.org [12:56] Address: 00.000.000.000 [12:56] sorry for the mulite lines [12:58] spirits-sight: use pastebin , do you have a DNS server local?, i'd like to check Authorative-Answer [12:58] no its hosted with linode.com [12:59] I am using godaddy which point to the linode nameserver and then doing DNS control with linode [13:00] spirits-sight: can you reach the server using IP? [13:01] hi there. I am running Ubuntu8.10 32bit on an "AMD Athlon(tm) 64 Processor 3500+", which is a K8 64bit processor. should i upgrade to a 64bit linux distro? will I pull all of my hair off for this? [13:03] epinky: ok when I use nslookup ip address it give me ip.in-addr.arpa name = xxxxx-xxx.members.linode.com the ip address is backwards and where xxxxx-xxx is the linode marker I think [13:05] spirits-sight: ok, can you reach the server using IP(public)? [13:07] ok, when using just IP address it gives me oops again, but I also am not telling it any vitiualhost site, how do I pass that along with the ip address of it know which one [13:10] that public IP address is already configured on your VPS, right? [13:10] I believe so [13:12] spirits-sight: can you ping that ip? [13:12] Yes [13:13] spirits-sight: to administer your VPS you use SSH? [13:17] correct [13:18] spirits-sight: you've installed LAMP on your VPS or are you using DNS Manager to redirect to some local server? [13:19] I have installed LAMP on the VPS using this guide http://library.linode.com/lamp-guides/ubuntu-9.10-karmic/ [13:20] I skipped over the area that says Configure for IP-based Virtual Hosting [13:22] ok, on your SSH session to VPS, check if apache2 is up with netstat [13:23] Hi all. I'm newbie in cloud computing. I've configured mico-cloud using eucalyptus and running two instances in it. I would like to know how one can install some packages in running instance *persistently* so that I can use that package upon reboot. Any help ? [13:25] epinky: OK I don't see the service apache2 there how ever I have a number of time say to reload it it say it did, is this different? [13:25] spirits-sight: reload is different from restart [13:25] I have done restart also but will do again [13:26] spirits-sight: netstat has to indicate that port 80 is LISTENING [13:26] /etc/init.d/apache2 restart is what I have run one sec see if see port 80 is LISTENING [13:27] ok I don't see that either, that strange [13:27] spirits-sight: then check on your logs, there could be some error [13:28] ok I did a restart and still not see any thing [13:28] spirits-sight: check your logs [13:28] ok under etc/logs right [13:28] spirits-sight: /var/log/... [13:29] yep yep :-( forgot type var not etc [13:30] when ever i try to do any restarting of say samba i get unable to resolve host "name of server" [13:30] which log apache2 has nothing in it [13:30] epinky: ^^ [13:31] spirits-sight: error.log and access.log I guess [13:32] epinky: in error.log it says unable to open log three times [13:33] epinky: in access.log there is nothing [13:33] spirits-sight: "unable to open" or "unable to open log"? [13:34] spirits-sight: use "more" [13:34] it says "Unable to open logs" I am using nano to open them [13:34] hi can any one help with this? [13:35] spirits-sight: use "more" [13:35] epinky: also other_vhosts_access.log has nothing in it [13:36] when ever i try restart samba i get unable to resolve host "name of server" [13:36] epinky: http://pastebin.com/d7b08e3c1 [13:37] epinky: all the others are empty [13:40] epinky: this is what it gave me for netstat http://pastebin.com/d65780373 [13:40] spirits-sight: type "locate ports.conf" [13:42] -bash: locate: command not found [13:43] spirits-sight: type "find /etc/apache2 -name ports.conf" [13:44] ok found it its in /etc/apache2/ports.conf [13:45] yes... [13:45] sudo nano /etc/apache2/ports.conf [13:46] epinky: done [13:46] is there a line like "Listen XXX.XXX.XXX.XXX:80" ? [13:47] yes [13:47] well, there should be [13:47] or Listen 80 [13:47] without the IP [13:49] epinky: yes it says [13:49] NameVirtualHost *:80 [13:49] Listen 80 [13:52] spirits-sight: try changing to "Listen 127.0.0.1:80", save, and restart to see if it opens 80 [13:55] can anyone tell me where karmic's syslog server resides? [13:55] previously, it was /sbin/syslogd [13:55] epinky: it did not change the netstat [13:55] spirits-sight: try changing to "Listen 127.0.0.1:8080", save, and restart to see if it opens 8080 [13:55] epinky: brb [13:56] ok [13:57] epinky: nothing changed again, netstat [13:57] brb [14:03] spirits-sight: "Listen your.linode.ip.address:80" also change "NameVirtualHost your.linode.ip.address:80" , save and restart, netstat a t the end [14:15] epinky: it gave me some errors [14:16] spirits-sight: cat /proc/sys/fs/file-max [14:17] 34992 epinky === rcaskey is now known as ^robertj [14:19] http://pastebin.com/d4a4d5275 [14:19] epinky: ^^^ [14:22] spirits-sight: change "NameVirtualHost your.linode.ip.address:8080", to check use "/usr/sbin/apache2ctl restart" and post results [14:27] http://pastebin.com/d6b2eb25 [14:28] I changed listen and name... to linode ip:8080 [14:28] will u be on later then evening USA Est time [14:29] spirits-sight: it says trying to start, did it finish? [14:30] no [14:30] don't you have prompt then? [14:30] I have prompt [14:30] netstat -an? [14:31] just try again same issue [14:31] its listening to mysql and otehr stuff but not apache2 [14:32] maybe you'll need to change ulimit on /etc/init.d/apache2, not sure, however "Unable to open logs" is your error and the reason why apache2 does not start :( [14:32] OK I have to leave, if any other stuff please PM me try when get home [14:33] ok thank [14:33] spirits-sight: good luck and bye [14:33] thanks alot for the help [14:33] spirits-sight: you're welcome [14:37] hi all any EC2 users about? I am just getting started using the command line tools... Wondering if I should install eucalyptus... Also how to bundle a instance... Cheer [14:37] s [14:40] <_ruben> ugh .. i really needa set me up a distcc environment .. compiling a kernel just takes to long [14:40] <_ruben> s/to/too/ [14:41] hello [14:42] Good morning === chuck_ is now known as zul [15:07] New bug: #484807 in qemu-kvm (main) "module blacklisting not respected" [Undecided,New] https://launchpad.net/bugs/484807 [15:18] <_ruben> bah .. lvm breaks when backporting a karmic/jaunty kernel to hardy .. guess im doing something wrong :/ [15:22] maybe you need to backport lvm userspace? [15:23] Hm. So, with theew new fancy upstart init job scripts, how do I prevent a service from starting automatically at boot? [15:31] maswan: rcconf? [15:32] ooh, never heard of it [15:32] "It is a TUI(Text User Interface) frontend to the update-rc.d command." doesn't sound very useful though [15:36] maswan: why not? it means you can manage all your services at the different run levels [15:36] "how do I prevent a service from starting automatically at boot?" doesn't sound very difficult though [15:38] As far as I can tell, there are no rc?.d/*-links to delete, for say portmap [15:38] I've a VM with a virtual hard disk, and I want to make it bigger. So far so easy, but since the partition are made with LVM, is it difficult to expand the logical volumes? is it safer? is as easy as running the lvextend command? [15:38] If I'm not mistaken, There are no runlevels anymore [15:38] ttx: Can we move https://blueprints.launchpad.net/ubuntu/+spec/server-lucid-more-mail-integration from the last session today to tomorrow or Friday? There's another session that I absolutely have to attend at that time. [15:39] Greetings and salutations [15:39] So I'm not sure what use update-rc.d or any interface to that will be for those services that don't use that legacy interface [15:39] acalvo: yes, it's that easy. You need to to 2 things. Want an example? [15:39] alvin: yes, thank you [15:40] Suppose you have vg0/opt . t is 1G and you want to make it 2: [15:40] $ sudo lvextend -L 2G vg0/opt [15:40] $ sudo resize2fs /dev/vg0/opt [15:40] alvin: ok, fine [15:40] I guess for ext4 there is a similar utility [15:40] Any admins here familiar with rsyslog? I'm having a logging duplication issue after applying templates for remote hosts. [15:41] acalvo: this works perfectly for ext4 [15:41] ScottK: we can [15:41] ttx: Thanks. [15:41] alvin: thank you so much then [15:42] epinky: That's what I thought, except all the documentation and help thingies I could find is just for the "legacy" sysv init stuff... [15:42] ScottK: tomorrow 10am ? [15:42] ttx: Checking [15:42] ttx: Yes, please. [15:44] ScottK: done [15:44] Which filesystem is best for logs? [15:45] ivoks: ^ [15:45] Thank you. [15:46] <_ruben> i tend to store /var/log on an ext3 partition with noatime [15:46] Fenix|work: NILFS :) [15:48] epinky, meh, don't need continuous snapshotting [15:49] devnullfs? :) [15:49] * Fenix|work sighs [15:49] Fenix|work: sorry, it was a joke, "logs for your logs" :D [15:49] * Fenix|work wondered why he never changed his syslog rules to log to /dev/nul [15:50] err /dev/null [15:50] epinky, I thought it was funny actually :) [15:50] I understand though that NILFS is pretty good with solid state drives [15:51] at least that's what linux-mag told me a few months ago [15:51] or I could be dreaming it. [15:52] anyway ... [15:52] between reiser and ext, which would handle system logs better? [15:54] Fenix|work: my two cents on ReiserFS , BUT it's only an opinion [15:55] I'm leaning towards reiserfs myself... [15:55] ... just internally debating 3 or 4 [15:55] ... but I somehow find myself drifting my thoughts to inventor and wondering how his new life is coming along. [15:56] Fenix|work: why not the new ext4? [15:56] Fenix|work: What he said ^^^ :) [15:57] I have no problem with ext4... I just don't want a lost+found folder [15:57] my drive is already formatted ext4 [15:57] and it's nice to know I can create 16TiB files :) [15:58] Fenix|work: so afraid of l+f? [15:59] not afraid no... I'm just a freak I guess who doesn't like something for the sake of something to be there... create the folder when you actually have files that are lost and found... [15:59] but I have a drive for logging and there will be a folder for every device on my network logging to it... then there is lost+found [16:00] I think that folder has been there since older versions [16:00] acalvo, and hence why I moved to resierfs :) [16:00] I keep my boot as ext2 though, for all you old-timers :) [16:00] well, I guess is a matter of taste [16:00] I like the new ext4 [16:01] I've played with reiser4 (in the gentoo old-times) [16:01] gentoo still around, or have they compiled themselves to oblivion yet? [16:01] * Fenix|work laughs... used to be an ArchTester [16:02] I'm curious, is not critical to have one device to log all your network systems? what happen if someone gets inside? or if you lose connectivity? [16:02] I still have the tag in my whois. [16:02] well, I know is still around, but I don't want a 24h installation [16:02] moreover, I haven't seen a new release since the main progammer left (in 2006 I think) [16:02] acalvo, I'll have two syslog servers as a central repository for all logs, and all machines are still going to log to themselves if something happened to both central servers. [16:03] I just want a single point to browse all logs from all devices [16:03] throw in some utils to send out email alerts on warnings and up, and some utils to parse through the logs... and it'll make life easier [16:03] what do you suggest? (it seems pretty interesting) [16:04] manually searching over 150 devices is a pain in the ass [16:04] acalvo, I just started this project... I decided to use Karmic as the base because of the switch to rsyslogd from sysklogd [16:05] I'm going to try logging to files first and see how that works out... [16:05] i'm using postfix with cyrus and an sasl database for users. is there a way to extract a list of users for local_recipient_maps from the sasldb? [16:05] on the other box I'm going to experiment with logging to MySQL [16:05] netrat, and hello to you as well. [16:06] acalvo, I'm not sure on what I'm going to use for the actual log interface... whether it'll be Splunk, or PHPLogCon [16:06] Fenix|work, hello [16:06] Fenix|work: I'm using nagios + cacti [16:06] and I was planning to use splunk in a centralized syslog system [16:06] Fenix|work: did you try SNMP? [16:06] acalvo, right now I'm leaning nagios + splunk + rove. rove for the mobile aspect [16:07] acalvo, not yet. although rsyslogd has a facility for outputting SNMP traps [16:07] most of the network systems already have SNMP into it [16:07] and it's pretty easy to set them up [16:07] and to catch it all with nagios [16:08] acalvo, yeah, I still want a central location for all logs, specifically for auditing purposes... [16:08] SOx sucks. === RoAkS is now known as RoAkSoAx [16:08] well, if you need any advise about SNMP, or examples to control routers,printers,etc... drop around and ask :) [16:10] acalvo, send me a PM and tell me the pros and cons... [16:10] don't want to bore everyone else with off topic ;) === dendro-afk is now known as dendrobates [16:41] how do I find out why scripts under cron.daily is not running ? [16:45] anacron is not running.. doh! [16:45] /usr/sbin/anacron is present.. interesting [16:45] is NOT present i meant [16:47] just installed it [16:50] wait.. i am reading it wrong.. anacron is not needed .. so how come cron.daily's scripts did not run ? which log would tell me why cron.daily's script not running [17:02] New bug: #484426 in mysql-dfsg-5.1 (main) "package mysql-server-5.1 5.1.37-1ubuntu5 failed to install/upgrade: subprocess installed post-installation script returned error exit status 127" [Low,Incomplete] https://launchpad.net/bugs/484426 [17:21] New bug: #484051 in ubuntu "package samba 2:3.2.3-1ubuntu3.6 failed to install/upgrade: subprocess post-installation script returned error exit status 1" [Undecided,New] https://launchpad.net/bugs/484051 [17:40] i'm trying to use a eucalyptus insta-cloud. i followed the instructions on the Ubuntu site, but when I try to connect to the virtual machine, my keys get denied. Has any one run into this issue, and how does one fix/diagnose it? [18:00] yeah, it's very odd. it takes much longer than I'd suspect trying to connect, and then just doesn't connect. I've searched online for eucalyptus and the error I see (Permission denied (publickey)), but to no avail. is there a way to have an image that doesn't require ssh keys? === hggdh_ is now known as hggdh [18:13] 2.4.18-0ubuntu1 is hanging at 100% cpu in karmic when I try to add data to a database defined in cn=config, has anybody seen this recently? [18:13] 64bits [18:13] it just sits in pid 16635] futex(0x7ff5f8a57c48, FUTEX_WAIT_PRIVATE, 2, NULL [18:14] 16594 openldap 20 0 187m 8500 4128 S 185 0.2 2:52.14 slapd === steve__ is now known as sbeattie [18:15] Hmm, I think Ubuntu should have compiled clvm against corosync instead of cman. [18:36] I've a question. How do I go about making an image of my server configuration so in the event of a catastrophy I can re-apply that image to the same hardware and have the system up and running as if nothing ever were to have happened... without the need to reinstall and reconfigure everything? [18:37] Hmm... server configuration is a little ambiguous... I mean the entire server [18:38] If I am setting up a small web server for a client using Ubuntu server... what are some things I should take into consideration to provide as much uptime as cheaply as possible. Any suggestions? [18:38] OBviously i've thought of mirrrored drives, back up to an off site location to tape.. etc === mushroomtwo is now known as mushroomblue [18:46] New bug: #484944 in bacula (universe) "package bacula-director-mysql 2.4.4-1ubuntu9 failed to install/upgrade: Unterprozess installiertes post-installation-Skript gab den Fehlerwert 1 zurück" [Undecided,New] https://launchpad.net/bugs/484944 [19:26] How do I go about creating a bootable recovery CD/DVD of my server install? [19:48] mine \ NoPE [20:09] Anyone have a how-to to create an apt mirror for local use? [20:14] Fenix|work: have a look at apt-mirror [20:14] guntbert, ok, thanks. [20:15] Fenix|work: there also is good tutorial - but I cannot remember where - sorry [20:15] I will search for it. [20:16] guntbert, you use nagios? [20:16] Fenix|work: no [20:16] bummer... [20:18] Fenix|work: the tutorial I used: http://www.howtoforge.com/local_debian_ubuntu_mirror [20:18] that's the one I'm looking at now. [20:18] thanks :) [20:19] guntbert, how big is the repo? [20:20] Fenix|work: not sure, I don't have the disk with me right now - several 10GB I'd say [20:21] can you mirror multiple releases? [20:21] or multiple arches? [20:21] Fenix|work: yes and yes [20:22] sweet and sweeter. [20:23] guntbert, Fenix|work, last time I looked into it it was something of the 20G for a "quick and dirty mirror", where you get just the release stuff, and more like 200G or so for "everything" [20:23] not sure if this was per arch, but I guess (hope) not :) [20:23] 20GB isn't too bad. [20:24] most likely it would be per arch... [20:24] cyphermox: I didn't count the src repos, but they do come only once :) [20:24] yeah :) [20:24] per arch, I don't know. It seems steep, even though there is a lot of stuff [20:24] well, gcc for i686 and gcc for amd64 are two different beasts :) [20:24] note that these were numbers from the page about mirroring ubuntu... [20:25] cyphermox, out of curiousity... do you use nagios? [20:25] I'm debating about using a source install vs a package install [20:27] Fenix|work, no, i don't use nagios. The fact that it was text-based configs, changed manually, or having to install additional packages with weird deps annoyed me [20:27] http://www.ubuntu.com/getubuntu/mirror/2 [20:29] it appears nagios' quick-start guide suggests install from source [20:29] so, that is what i'll do. [20:30] nagios from source gives you very much up-to-date stuff. on the other hand, installing it from a package might be more convenient [20:34] cyphermox, until an update that could potentially break my config :) [20:34] pros and cons [20:34] packages vs. source [20:34] * Fenix|work sighs === robbiew1 is now known as robbiew [21:32] - Since a packet is assigned to a FEC when it enters the network, [21:32] the ingress router may use, in determining the assignment, any [21:32] information it has about the packet, even if that information [21:32] cannot be gleaned from the network layer header. For example, [21:32] packets arriving on different ports may be assigned to [21:32] different FECs. Conventional forwarding, on the other hand, [21:32] can only consider information which travels with the packet in [21:32] the packet header. [21:33] Whoops! wrong irc room === occy1 is now known as occy [21:41] New bug: #485026 in openldap (main) "[karmic] slapd hangs at 100% cpu and is unkillable" [Undecided,New] https://launchpad.net/bugs/485026 [21:41] Hey guys... anyone here ever used cgiirc? I'm trying to get it set up on my Ubuntu server. I have the irc server already up and going [21:41] I did apt-get install cgiirc [21:42] and have googled trying to find some sort of howto... but :/ (and I've read the docs) but am still confused [21:45] Better question. Where can I find the Ubuntu cgiirc documentation? [21:53] For UDS folks, Community server team dinner tonight. Let's meet in the lobby by 6:30PM. Everyone welcome. [21:54] grr.. i think i'm double booked. [22:20] Can anybody recommend a VPN server to use? Clients will be ubuntu, and windoze. [22:26] Wallace: http://openvpn.net/ ? [22:26] didn't have to setup a VPN but if i had to i would go with openvpn [22:29] so better than pptpd, or any of the other options available? [22:43] Wallace: I use both pptpd and openvpn.. pptp is great for simplicity.. it integrates natively with many clients including linux and ubuntu.. but [22:44] when security is a concern I reach for openvpn.. I like the fact that it is based on SSL [22:45] s/linux and ubuntu/linux and windows/ ^^ === dendrobates is now known as dendro-afk === alex88 is now known as alex88[sleep] [23:56] Community Server Team dinner postponned to 7:15PM in the lobby.