sysErroRI have openssl installed on my vps, and I compiled an IRCd with ssl support, yet, it can't find openSSL, can anyone help me?00:01
unit3sysErroR: which openssl package are you using?00:02
=== erichammond1 is now known as erichammond
unit3hmm... looking at those topologies for UEC is interesting. it looks like it's yet another infrastructure with single points of failure. (CLC/Walrus/CC/SC)00:02
unit3I wish someone would design something that isn't that... where you have nodes, and any of them can also be the coordinating node, and if the coordinator disappears, they have an election and make a new one, transparently.00:03
unit3that'd be more useful for failover and management.00:03
sysErroRUnpacking openssl (from .../openssl_0.9.8g-16ubuntu3_amd64.deb) ...00:04
=== erichammond1 is now known as erichammond
unit3sysErroR: and what does "ldd" show for your binary, sysErroR?00:06
unit3erm, which missing ones, anyway?00:06
sysErroRuh, I've never used ldd, what's the command to show missing binaries? sorry if I seem like a noob.00:07
unit3something like:00:08
unit3ldd myprogram | grep "not found"00:08
unit3or without the grep just to see all the lib dependancies.00:08
xperiaunit3: i am just curios ! how can i test on my server what for ports are open at the moment?00:10
unit3xperia: nmap's good. only problem is you have to run it from somewhere outside your firewall to see reasonable results.00:11
sysErroRsyserror@linode:~/ircd/etc$ ldd openssl00:11
sysErroRldd: ./openssl: No such file or directory00:11
sysErroRI might have done that wrong00:11
unit3sysErroR: you run it against the compiled binary you generated, whatever that's called.00:11
unit3whatever it is, it's probably not in the /etc subdir. ;)00:12
unit3xperia: if you just want to see what ports your server has open locally, you can use netstat. "netstat -tlpn" will tell you tcp ports, "netstat -ulpn" will tell you udp ports.00:15
unit3and what processes have them open, which is good for figuring out "mystery" ones. ;)00:15
unit3heh, finally found the answer to my own lvm q earlier (didn't look at man pages hard enough)00:22
unit3"vgscan --mknodes" was what I wanted. I knew it existed! ;)00:22
Guest16660hey i am running postfix on ubuntu server and can email myself and receive email from a windows server 2003 running hmail, but when i try to send from linux box to server 2003 I get a: "recipient address rejected: user unknown in local recipient table" any thoughts?00:34
unit3is server2003 running exchange or some other MTA? and is the user you're trying to send to set up there?00:35
Guest16660no just hmail, and the user is setup on the other end00:36
unit3in the error message you get back on the linux mail server, does it specify which mail server is giving that error (the linux one or the win2k3 one) and is there any more details?00:37
Guest16660the linux mail server is receiving the error from what appears to be the win2k3 server, and there are no more details beyond that.  There are also no log entries regarding the error.00:39
billybigriggerwhat about on the win2k server? surely an error report there no?00:40
unit3can you test sending to the same address on the win2k3 server just via telnet? that's always my fallback when I'm working with two MTAs and I don't know which one is misconfigured.00:41
unit3telnet to port 25 on the server, send it some raw (simple) smtp commands. see what happens.00:41
Guest16660no error in the logs on 2k3, but i can send to myself on 2k3, testing telnet now00:42
piotrekmis it posible to configure own dns server to support subdomains for a dyndns domain?00:43
unit3Guest16660: ideally, you'd telnet from the linux server to the windows server on port 25, and then send a really simple message, and see if it gives you the same error.00:44
unit3piotrekm: I don't see why not, but that'll only work if your dyndns provider does subdomain delegation to you, which they might not do.00:44
piotrekmunit3: so it's not possible in every case?00:45
Guest16660telnet connection refused00:46
Guest16660i think my bind server might be off00:47
unit3erm, should have nothing to do with it. you're telnetting to port 25, right?00:47
unit3on the windows server?00:47
Guest16660from linux to windows00:47
unit3well... sounds like it's not allowing connections from your linux box. which doesn't explain the error you got before.00:47
unit3were either of these machines working properly before this? or are they both new installs?00:48
Guest16660they are basically fresh installs and everything has been configured from scratch00:49
unit3ahhh... that's tough then, since you have two servers where you're not certain either are working or configured correctly.00:49
unit3I'd try them each against an external source, like a gmail account, to try and narrow down which one is broken, since it's unlikely to be both of them.00:49
Guest16660yeah i know, I pretty much have nothing to go off of00:49
unit3and from what we've discussed here, it sounds like it's the windows server. ;)00:50
Guest16660I will do that, I really appreciate the help00:50
Hypnozanyone here familiar with making apt-get install silent? apt-get -y install nis still prompts me. Making it hard to put it in a pxe image00:53
unit3Hypnoz: did you try -qq like was suggested before? what did that do?00:53
Hypnozit silenced output, but it still put up a full screen prompt for NIS domain00:53
Hypnoztried --force-yes too00:54
unit3you need something to change the prompting level for debconf.00:54
Hypnozhmm let me try a higher silence level00:54
Hypnozapt-get install -q=2 didn't change anything00:55
unit3Hypnoz: http://blog.hjksolutions.com/articles/2007/07/27/unattended-package-installation-with-debian-and-ubuntu00:57
unit3that's probably a better solution, where you feed it the answers you want at install time.00:57
Hypnozi'll read through, thanks for the link00:57
kenyabobIs there a way to configure postfix so that when I test comment forms on development sites, the addresses I send the test to dont reject it as spam?01:05
unit3not really... that type of classification is done on the receiving side, obviously, so unless you control the receiving mail servers, there's not much you can do about it.01:06
unit3sort of the point of spam filtering that the sender can't really influence how it gets classified. ;)01:06
kenyabobunit3, someone had mentioned trusted relay?01:06
unit3that works if you know what relays the receiver trusts. again, you'd sort of have to run those mail servers to know that.01:07
unit3if you have spam filtering options on the receiving side, you can possibly whitelist the addresses you're sending from.01:08
=== ajaya_ is now known as ajaya
kenyabobSo, really, there is no way to test out comment forms to other people when you are simple an unmarked machine and IP?01:10
lamontkenyabob: I certainly hope not.   at least not to random addresses...01:16
unit3kenyabob: sure there is, but it's dependant on the receiving mail server.01:16
unit3if you don't control the receiving mail server, then it's really not up to you how it's interpreted at the other end.01:17
lamontkenyabob: given the amount of effort that has gone into making it so that webform-generated spam gets dropped as spam, that is01:17
unit3for test purposes, you'd generally set up your own receiving mail server, and then test against that until you were ready to go live on a real web host.01:18
unit3that's usually sufficient.01:18
ghostlinesdoes virt-manager work with the latest version of Xen?01:21
unit3it should, but check the libvirt page for Xen support info.01:22
ghostlinesthanks will do01:23
kenyabobunit3, lamont, thanks guys01:24
teddymillsis it possible to add mdadm to a single drive server?01:36
RoAkSoAxcemc, ping01:53
krabadorthis is the 64bit version of ubuntu?02:35
billybigriggerhow come i can see one of my users logs in via ssh, but doesn't show in 'who' or 'last' commands?03:14
billybigriggerDec  4 03:13:31 localhost sshd[10128]: Accepted password for matts from 703:15
billybigriggerDec  4 03:13:31 localhost sshd[10128]: pam_unix(sshd:session): session opened for user matts by (uid=0)03:15
jmarsdenbillybigrigger: Do other users that ssh in show up in last output just fine?  And does /var/log/wtmp exist on your machine?03:19
billybigriggermy regular user shows up in last and who03:20
billybigriggerwtmp exists yes03:20
billybigriggeri know root used to show up aswell, before i disabled root logins that is03:21
jmarsdenteddymills: Yes, you can add mdadm to a single drive server.  If you want to take a giant performance hit, you can even create a "RAID array" made from two partitions of the same drive, but that is pretty silly... :)03:21
jmarsdenbillybigrigger: When matts logged in, did he in fact create a shell session, or was he using scp or something like that?03:21
billybigriggerssh port forwarding03:22
billybigriggerthat must be why he doesn't show then03:22
jmarsdenYes, if he isn't running a shell he won't show up in wtmp, I think.03:22
teddymillsi installed ubuntu 8.043 server on single drive server test box..and installed mdadm after the install was done...then i changed the partitions to 'fd' to my amazement the system still boots up!. I changed the partions from ext3 to linux raid autodetect and installed mdadm AFTer the OS was installed. I think I am home free!03:28
=== pipedrea1 is now known as pipedream
Orfeoushi everyone!04:57
Orfeoustrying to get slapd (LDAP server) to work! i have followed guides on https://help.ubuntu.com/9.10/serverguide/C/openldap-server.html but i cant get it to work :( that tutorial is missing that on karmic when installing or configuring slapd there are no password configuration so the first steps doesnt work..05:00
ScottKOrfeous: It tends to be pretty quiet here this time of day.05:03
ScottKYou might ask again during the normal US/European work day.05:03
git___what fs do you guys use when you install ubuntu server?05:05
KurtKrautScottK, or asking in a forum, what would'nt require him and the person that may know the answer to be online at the same time :D05:05
ScottKKurtKraut: True, but in general I don't find forums are typically a source of expert advice.  Along those lines the ubuntu-server mailing list would be better, I think.05:06
Orfeousgit___: EXT4 as default suggested05:07
ScottKgit___: It depends a lot on what you're using it for and which release you are using.05:07
Orfeousbut reiserfs on stuff data disks05:07
OrfeousScottK: what time is it?05:08
ScottKgit___: ext4 is the default.  Personally, I'm conservative, I still use ext3.05:08
Orfeousbrb changing client..05:09
uvirtbotNew bug: #490790 in ubuntuone-client (main) "/etc/samba/smb.conf error in some line" [Undecided,Invalid] https://launchpad.net/bugs/49079005:32
OrfeousScottK: what time is it?06:30
twbTime to respect the rock?06:31
Orfeousits 07.32 overe here :P06:32
Orfeoustime to sleep some hours then come back and ask about LDAP06:33
Orfeoussee you!06:33
RoyKOrfeous: have a coffee06:33
* RoyK is in CET too06:33
Orfeousmy GF just went to work ;) and i havent gone to bed yet06:34
Orfeousshe know what my hobbie and biggest intrest is.06:35
=== git___ is now known as git__
teddymills3am here at 7L, building seven i7 i920 servers.07:58
twbteddymills: 7L?08:07
=== dendrobates is now known as dendro-afk
AisonI added some nfs shares to fstab08:33
Aisondoing mount -a call after worked well08:33
Aisonbut now on reboot, the server hangs because it cant mount these shares08:33
Aisonno idea why, but it guess the networkdevices aren't configured at that point08:34
ivoksubuntu 9.10?08:36
Aisonyes, ubuntu 9.1008:36
Aisonok, I can still boot08:37
Aisonbut it asks for my root password08:37
Aisonthen I can modify fstab, remove the nfs entries08:37
Aisonand reboot08:37
ivoksso.. you have 0 2 on nfs shares?08:37
ivokspaste the line with nfs share08:37
ivoksin fstab08:37
Aisonhmm, no, it's 0 108:38
Aisonis that the fault?08:38
ivoksreplace that with 0 008:38
ivoks0 1 - stop everything if that can not be mounted08:38
ivoksthere's a bug in 9.10, where network shares are started before networking08:38
ivoksso, combination of those two makes your system unbootable08:39
tomodonim currently at a university with an extra computer I would like to serve a page on over the network. I had it working well until it started getting an IPv6 address. I'm not sure how other computers could access it. Could I force it to get an IPv4 address?08:40
ivoksit gets ipv6 address?08:42
ivoksfrom dhcp?08:42
ivoksyou don't get ipv6 address, you set it up08:42
Aisonivoks, it was 0 0 not 0 108:43
ivoks0 0 is ok08:43
Aisonand the error is DNS Resolve failed for
Aison10.0.0.2 is my nfs server08:43
ivoksDNS Resolve failed for
ivoksthere's no dns resolving08:44
Aisonyes, I know, but that's the error08:44
ivoksthat's a client or server?08:45
=== dendro-afk is now known as dendrobates
ivokshow do you set up your ip?08:45
Aisonclient that can't boot08:45
Aisonok, this client is also a server ;)08:45
ivoksso, you have a static ip?08:45
ivoksstatic ip in /etc/network/interfaces?08:46
Aisonyes, static, but i'm using bonding, to get 2gbit/s08:46
Aisonfor bonding, I also added /etc/modprobe.d/bonding.conf  to setup bonding module correctly08:47
Aisonmaybe that's the problem08:47
sorenttx: http://piware.de/workitems/server/lucid/report.html <--- We're in pretty good shape! :)08:47
twbNFS shares shouldn't have "0 1" or "0 2" or anything.  Just remove the fsck and dump fields entirely.08:47
ttxsoren: haha08:47
ttxsoren: let's take a few weeks off and fix that08:48
sorenhttp://piware.de/workitems/qa/lucid/report.html <--- Not so much :)08:48
* soren whistles innocently08:48
ivoksAison: i would suggest adding post-up in interfaces for nfs shares08:48
ttxsoren: you break things where you go, dude :)08:48
sorenI can recognise me by my trail of destruction.08:48
ivoksAison: there's a problem with network filesystems in ubuntu 9.1008:48
ivoksAison: they are mounted before network is started :/08:49
twbThe system *should* wait for the network to be up before attempting to mount NFS filesystems.  It does so for me!  Confirm that NetworkManager isn't installed.08:49
Aisonthat's what I suggested ;)08:49
ivoksAison: so post-up command with mount should fix the issue08:49
twbivoks: oh, sorry, I didn't know 9.10 had a problem08:49
ivokssoren: scott promised fix for network filesystems before network, right?08:50
Aisontwb, network manager isn't installed08:50
ivoksfor karmic08:50
Aisonso where do I have to add this postup command?!?08:51
ivoksAison: man interfaces08:51
ivoksi'm off08:52
sorenivoks: I think he promised to fix Everything[tm].08:52
ivokstake care08:52
Nghuh, so installing eucalyptus takes over avahi?09:39
=== cjwatson_ is now known as cjwatson
* Ng hmms09:45
Ngso I only lose mdns for the CC machine if the eucalyptus upstart jobs are all stopped09:45
sorenNg: "Takes over" avahi?10:11
Ngsoren: on my karmic eucalyptus machine, the avahi upstart job is telling it to use the config file /etc/eucalyptus/avahi-daemon.conf10:13
NgI filed my particular concern about this as bug #492235 :)10:13
uvirtbotLaunchpad bug 492235 in eucalyptus "mDNS for CC hostname is only available while eucalyptus-cc is running" [Undecided,New] https://launchpad.net/bugs/49223510:13
sorenNg: Interesting. I believe cjwatson masterminded the avahi stuff in Eucalyptus (unless someone changed it later on). Perhaps he can shed some light.10:14
Ngsoren: I'm entirely confident that his grasp on the subtleties of this is significantly tighter than mine :)10:15
twbHehe, "masterminded"10:17
cjwatsonNg: this is changed in lucid already10:21
Ngaha :)10:21
cjwatsonit was kirkland's workaround for a bug, which I've now fixed in a different way10:21
cjwatsonwell, by "in lucid" I mean "in eucalyptus bzr not yet uploaded"10:21
twbIs eucalyptus an Ubuntu-specific thing?  I assumed it was an upstream project.10:22
cjwatsonit is an upstream project10:22
cjwatsonhowever Ubuntu is doing a lot of work with it10:22
cjwatsonoh, actually, I think my changes have been uploaded now10:22
cjwatsonkirkland: when doing the sort of thing you did with eucalyptus bzr that creates two changelog stanzas, please use debuild -v so that your upload automatically closes bugs properly10:23
cjwatsonkirkland: in fact, it would have been better to merge the unreleased stanza into the one you were uploading10:23
PupenoI have an ubuntu machine running Zope and Apache with WordPress on MySQL and it can't server more than 100 visits per hour without running out of it 720MB of RAM. Is that normal?10:24
twbInteresting; I'd always just sent emails to NNN-done (with a Version: M-1 on the first line), since I didn't know about dpkg-genchanges -v.10:25
twbPupeno: by "visits" do you mean individual GET requests?10:26
Pupenotwb: yes.10:26
twbPupeno: how much ram do those services use when you first start them?10:26
Pupenotwb: I've restarted half an hour ago, let me check.10:27
twbI mean 720MB just to BOOT UP wouldn't surprise me if it was Java10:27
cjwatsontwb: if you're going to do that with debbugs, it's better to imitate dak precisely and use Source: and Source-Version:10:28
cjwatsonthere are some slight semantic differences10:28
PupenoZope is using the most at 152mb.10:28
PupenoApache second with 46mb.10:28
twbcjwatson: ah, thanks.10:28
PupenoGenerally the first process to be killed due to out of memory is MySQL.10:28
PupenoHold on, I think I'm reading the numbers wrong. That is VIRT in top.10:29
twbPupeno: certainly a badly-written app could achieve that kind of resource usage.  I don't know how fugly zope and wordpress are internally.10:29
PupenoMySQL is already at 131m.10:29
twbPupeno: you'll also want to check that it's not doing something coincidentally, like rebuilding an index or something.10:29
Pupenotwb: well, zope never receives those visits. I mention it just because they eat a big part of the 720MB.10:30
Pupenotwb: it happened pretty consistently. The last three times my blog was on reddit, my server died.10:30
twbThat kind of silliness is why I prefer simple, static infrastructure like ikiwiki.10:31
* soren goes to lunch11:00
nyk2005Hi! My ubuntu server just crashed last night because of low memory condition. In /var/log/messages I saw that when the kernel handled the low memory situation, it only saw 1.3GB swap as free, which is the swap partition on an SD disk, but I added an additional 25GB swap file on a raid5 to give it room in low memory situation. Why didn't the kernel use it?11:11
uvirtbotNew bug: #492257 in samba (main) "package samba-common 2:3.4.0-3ubuntu5.1 failed to install/upgrade: subprocess installed post-installation script returned error exit status 10" [Undecided,New] https://launchpad.net/bugs/49225711:11
nyk2005cat /proc/meminfo shows SwapTotal: 27547744 kB, but in the last message from the kernel before it killed syslog it says Total swap = 1333352kB11:13
nyk2005So why didn't it use the swap file?11:14
kirklandcjwatson: good point; will do so in the future11:18
kirklandcjwatson: sorry about that11:19
cjwatsonnp, I closed the bugs by hand11:19
sorennyk2005: And you're confident it knew about that 25 GB swap file yesterday?11:51
Aisonhow do I suppress error codes on commandline again?  eg. i've got "post-up mount /mnt/public" in my interfaces. but it shouldn't fail, even when the mount command fails11:55
arj|| true ?11:57
arjwithout the ? obviously11:57
nyk2005soren: yes, very confident!11:58
BeardedChimpI'm trying to DNAT incoming packets on a ppp0 interface, however even if i do iptables -t nat -i ppp0 -j ACCEPT ; it doesn't show any packets when I do iptables -t nat -nL ; Does anyone know why this might be happening? They do come up if i do iptables -t mangle -i ppp0 .... but i dont want to mangle them i want to nat them12:02
sorennyk2005: Can you check? Do you your full syslog all the way back to when it was added?12:03
twbBeardedChimp: you can't ACCEPT in a nat table; it's not meaningful to do so.12:03
twbBeardedChimp: talk to #netfilter about it.12:03
nyk2005soren: yes..12:06
sorennyk2005: Try grepping for "Adding .* swap"12:07
Aisonarj, I think it's something like 2>&112:09
nyk2005soren: Dec  3 11:31:50 biodata2 kernel: [603121.488761] Adding 26214392k swap on /mnt/raid/swap_file.  Priority:-2 extents:7 across:81774840k12:09
arjAison, that does not prevent it from failing12:09
twbAison: 2>/dev/null will suppress error MESSAGES.  || true will suppress the error EXIT STATUS, which is what post-up cares about.12:09
arjbut that supresses the messages, not the codes12:10
arjwhat he said12:10
Aisonok, thx12:10
sorennyk2005: Ok. which kernel version is this?12:10
BeardedChimptwb: Ah, I was only doing accept to demonstrate that it wasn't recognising the packets12:13
BeardedChimptwb: If i did -j DNAT .... it still picks up no packets12:14
sorenBeardedChimp: which chain are you adding this rule to?12:14
BeardedChimpie. iptables -t nat -A PREROUTING -i ppp0 -j DNAT --to-destination ....12:16
twbBeardedChimp: #netfilter handles this question every day.  I encourage you to talk to them about it.12:17
BeardedChimpYeah I've gone in there, cheers for the #12:17
nyk2005soren: Linux biodata2 2.6.31-15-server #50-Ubuntu SMP Tue Nov 10 15:50:36 UTC 2009 x86_64 GNU/Linux12:29
sorennyk2005: Ok. Sorry, I don't know. You could ask in #ubuntu-kernel. They should know better than I.12:30
* soren hides for an hour or so to do some hacking12:32
=== dendrobates is now known as dendro-afk
Aisonstrange, I installed phpsysinfo on both servers12:41
Aisonon one server it works, on the other it tries to download the php file?!?12:41
arjinstall php12:41
Aisonit is installed?!?12:42
RoyKAison: perhaps you're missing php file handle12:44
RoyKdon't remember12:45
Aisonwell, it's quite funny, because both servers are installed exactly the same way ;)12:45
* RoyK blames Bill Gates12:45
Aisondamn crap12:47
Aisonok, now it's working12:49
Aisonhmm, but just with knoqueror ;) firefox still try to download the file12:50
sorenzul: Can you make Jos the approver of https://blueprints.edge.launchpad.net/ubuntu/+spec/server-lucid-improve-testcases again?13:28
zulsoren: yep13:29
kane_zul: actually, i was trying to pass that to marjo13:29
sorenkane_: ^ That way you should get access to fiddle with it again.13:29
sorenzul: No, that's the assignee.13:30
zulwhoops done ;)13:30
zulmeh need more caffine13:30
kane_i think zul knew exactly what he was doing ;)13:31
sorenkane_: There we go. Now you should be able to do with it what you want :)13:31
sorenkane_: Heh :)13:31
xperiahello to all. i am trying to get the php extension xdebug on my ubuntu server to run but for some reason i have problems with this.13:31
xperiai was able with "sudo pecl install xdebug" to fetch and install the extension on my server.13:31
xperiain the php.ini file /etc/php5/apache2/php.ini i have added this line here "extension=xdebug.so" and restarted apache213:31
xperiabut php -m dont show me that the extension was loaded till yet.13:31
xperiacan somebody help me with this ?13:31
zulyeah it was a freudian slip13:31
sorenxperia: /etc/php5/apache2/php.ini is the config file for mod_php5.13:33
sorenxperia: If you run php from the command line, you're not using mod_php5.13:33
sorenxperia: If you want xdebug to work from the command line, you should also tweak /etc/php5/cli/php.ini13:33
xperiahmmm i am using a normal ubuntu server setup. in this case i have then also to change /etc/php5/cli/php.ini13:34
xperiaokay thanks13:34
=== dendro-afk is now known as dendrobates
xperiasoren: woow it has worked ! thanks13:37
sorenxperia: sure13:37
=== robbiew-afk is now known as robbiew
Aisoni'm searching a web filebrowser for my fileserver, possibly with ldap authentication13:51
Aisoncan somebody explain how to add a new schema to ldap?!? with this new cn=config crap of 9.10 I don't get it :(14:15
sommer_Aison: here's a guide: http://doc.ubuntu.com/ubuntu/serverguide/C/openldap-server.html14:17
=== sommer_ is now known as sommer
=== dendrobates is now known as dendro-afk
Aisonhmm, thx, I always used this docu: https://help.ubuntu.com/9.10/serverguide/C/openldap-server.html14:20
Aisonthere it's guite strange14:20
sommerAison: ya, that section didn't get updated for some changes in the slapd package for 9.10.  If you have any issues with the doc.ubuntu.com guide (which is the "beta" version) let me know14:21
Aisonnice, with your docu it's better to understand :D14:22
tdnsmartmontools tells me that my disk has 10 in  reallocated_sector_ct. Is this bad? And how serious is it?14:34
uvirtbotNew bug: #492322 in whois (main) "Recently-allocated IP addresses not known by whois" [Undecided,New] https://launchpad.net/bugs/49232214:41
Aisonweeee, radius with ldap is working (proud) lol14:52
jdstrandttx: hey, would you mind looking at my comments in bug #274350?15:00
uvirtbotLaunchpad bug 274350 in likewise-open "apparmor HOMEDIRS not adjusted for likewise" [High,Confirmed] https://launchpad.net/bugs/27435015:00
jdstrandttx: I'd like to get likewise and apparmor playing well together for lucid15:00
ttxjdstrand: that's a worthy goal :)15:02
jdstrandttx: I'm confident it can be done, we just need to think about it a bit15:03
ttxjdstrand: I think forcing to use /home/likewise-open/NAME_OF_AD_DOMAIN/username as home directory is a little... heavy15:05
ttxjdstrand: also there is the upgrade scenario that may get complex15:06
jdstrandttx: this is only for new installs15:06
jdstrandttx: upgrades have presumably fixed the profile15:06
jdstrandpeople doing upgrades have presumably fixed the profile15:06
ttxjdstrand: could a file with accepted domain names be dropped somewhere and the tunable use it ?15:07
jdstrandttx: I see administrative benefits to putting them in /home/likewise-open as well-- it is much easier to do local backups, etc15:07
jdstrandttx: yes15:07
jdstrandttx: we need to update the tools, but it can be done15:07
ttxjdstrand: because I /think/ the domain name is a known quantity once we join the domain15:08
jdstrandthough I guess if %D doesn't really change, there aren't many admin benefits15:08
ttxjdstrand: I'd suggest discussing the issue with Jerry Carter, he knows the likewise side of the story better than I do15:08
jdstrandttx: when installing likewise, are you prompted to configure %D?15:09
ttxjdstrand: and will get very creative to avoid creating homedirs in a subdirectory :)15:09
ttxjdstrand: no, but you actively join the domain15:09
ttxso the domainjoin tool could drop/modify the tunable15:09
ttxthough there is this domain trust thing... joining one domain for auth might give you several "users" domain15:10
ttx... and we are almost reaching the limits of my AD knowledge15:10
ttxjdstrand: I'll send an email to Jerry introducing the issue and yourself to him15:11
* jdstrand wonders if apparmor would need to be reloaded in that scenario...15:11
jdstrandjjohansen: if I change /etc/apparmor.d/tunables/home, do I have to regenerate all the cached profiles?15:12
ttxI don 't want us to design a solution that would end up breaking likewise-open usage, just because we ignore a lot about likewise-open ;)15:12
jdstrandttx: sure15:12
jjohansenjdstrand: yes15:12
jdstrandttx: we carry our own lwiauthd.conf, and 'template homedir' is configurable, so it seemed like an easy change15:13
jjohansenjdstrand: currently the parser only check the stamp on the profile file, and not any of its dependencies (includes)15:13
jdstrandjjohansen: ok15:13
jjohansensomething we intend to fix15:13
jdstrandttx: what is Jerry's nick again? is it coffeedude?15:14
jdstrand(seems like it may be...)15:14
ttxcoffeedude: around ?15:15
jdstrandcoffeedude: hi! when you get a chance, can you look at bug #274350?15:15
uvirtbotLaunchpad bug 274350 in likewise-open "apparmor HOMEDIRS not adjusted for likewise" [High,Confirmed] https://launchpad.net/bugs/27435015:15
ttxjdstrand: I follow-up to him with an email15:15
ttxjust in case he misses the notice15:15
jdstrandjjohansen: if you want to peek at that bug too, I surely wouldn't mind ;)15:15
jdstrandttx: can you privmsg me his email?15:16
coffeedudettx, hey15:16
ttxYou'll have his email in 2 minutes, whe you receive the cc :)15:16
* ttx drops his email draft15:17
ttxcoffeedude: Just a quick reminder, we are expecting the bugs being filed (with appropriate fixes) to kerberos and openldap by December 7 :)15:17
coffeedudeIs this the apparmor home directory things?15:17
ttxcoffeedude: yes15:17
coffeedudettx, I know.15:17
jdstrandcoffeedude: yeah15:17
ttxcoffeedude: Most solutions involve confining homedirs created by likewise-open in a specific directory, which might not look very good from a user perspective.15:17
ttxbut more subtle solutions might break likewise-open or require some actions from domainjoin15:18
coffeedudelet me loot at the whole thing.  brb.15:18
jdstrandcoffeedude: if you read my latest comment in the bug, the current situation and problem should be clear15:18
coffeedudeHey jdstrand.  Yeah.  It's pretty clear.  I don't think most user's would really care where the home directory goes initially.  And if they did (e.g. nfs mounts), then they probably manage that themselves anyways.15:21
coffeedudejdstrand, ttx, that said....upgrades would be a pain.15:21
jdstrandcoffeedude: well, I wasn't really thinking we would do anything on upgrades15:22
coffeedudejdstrand, or would be leave the home directory template left as is on an upgrade?15:22
jdstrandcoffeedude: we'd punt, assuming they already adjusted tunables before now15:22
jdstrandcoffeedude: exactly15:22
coffeedudejdstrand, I'm kind of a noob wrt to apparmor.  When you modify a profile, does it require an apparmor reload or reboot or reparse or something?15:23
jdstrandcoffeedude: yes15:23
jdstrandcoffeedude: it is just one command though15:23
coffeedudejdstrand, Modifying the @HOMEDIRS in apparmor during domain join is not really a viable option either since new domain trusts maybe added after the join....template homedir = /home/likewise-open/%D/%U seems best.15:24
jdstrandcoffeedude: I might say that this bug is as old as likewise is in Ubuntu, so likewise users in the past have had to do something to tunables anyway. it is new installs I'd like to get fixed15:24
ttxcoffeedude: yes, that was my fear15:25
jdstrandcoffeedude: that is excellent news, and the most easy to implement :)15:25
coffeedudejdstrand, ttx, I'll go ahead and add that change the likewise-open 5.4 packaging....15:25
jdstrandso, just need to (not) handle upgrades gracefully15:25
coffeedudejdstrand, I'll need to talk to ssalley (on my side).  We'll figure out something.15:26
jdstrandcoffeedude: cool. if this is Ubuntu specific packaging, do you mind adding the suggested comment above template homedir, so people can more easily avoid pain?15:26
coffeedudettx, Planning on having the openldap/krb5 status and changes to you on Monday.  Tuesday morning GMT-5 at latest.15:26
ttxcoffeedude: sounds good !15:27
MenZaMy 'coffee' highlight is getting abused :(15:27
coffeedudejdstrand, Q - Is this a change going into 8.04 or just moving forward with Lucid?15:27
jdstrandcoffeedude: I'll adjust apparmor tunables accordingly15:27
jdstrandcoffeedude: just Lucid15:27
coffeedudejdstrand, k.  We've agreed on /home/likewise-open/* then15:28
coffeedudeMenZa, Sorry :)  Had this nick for years.15:28
jdstrandcoffeedude: hardy users only got hit by this when the trid to use cups-pdf afaics15:28
MenZacoffeedude: Not a problem.15:28
* MenZa sends a large mug of coffee in coffeedude's direction.15:28
* coffeedude makes a sound like "ahhh....."15:28
jdstrandcoffeedude: there are more profiles in lucid, notably evince, so it'd be painful to not fix15:28
coffeedudejdstrand, ACK.  I'll update the bug report with the decision15:29
jdstrandcoffeedude: thanks!15:29
jdstrandttx: thanks for your help too :)15:29
ttxjdstrand: np15:31
karnameHi , I executed rm * -rf to delete content of directory , but ubuntu server 9.10 start to delete anything , but I denied it in first second , but some folder like /sbin deleted , can me restore my server or I should to reinstall it ?15:45
karnameI have access to ssh now15:45
Picikarname: You're probably better off reinstalling at this point.15:46
karnamebut I should to pay reinstall cost15:47
karnameand time15:47
karnameisn't anyway15:47
ahasenackone could probably cook up a script to compare the existing files with the installed packages, and then list which packages need to be reinstalled15:48
ahasenackrpm -V <package> shows missing files, dpkg probably has something similar15:48
karnamehow ? is there any script like it ?15:49
karnamebash: /usr/bin/python: No such file or directory15:49
ahasenackit depends on how much time you are actually saving by doing this instead of reinstalling from scratch15:49
smosererichammond, ping15:49
PiciIt'll be much faster to reinstall the system imo.15:50
ahasenackand if data files were also deleted (for example, a database) instead of just programs15:50
karnamesbin folder deleted15:51
karnamebin also15:51
karnamethanks , I think I must to reinstall it , bye15:52
ivokshas anyone tried setting up cups with multiple quotas?15:58
ivokslike, one quota per job and another for number of pages per seconds15:58
ivoksor just two quotas for job-quota-period15:59
ScottKivoks: Did you get my request to comment on the mail filtering spec?16:00
ivoksScottK: probably, but i had 0 time for ubuntu development last couple of days16:00
ivoksi'll have two hours now :D16:00
ScottKOK.  Please review as we're at/past the deadline for approval (I didn't have a lot of time for spec writing recently)16:01
=== rgreening_ is now known as rgreening
=== dendro-afk is now known as dendrobates
=== dendrobates is now known as dendro-afk
=== jsalisbury___ is now known as jsalisbury
=== kane_ is now known as kane[jib]
smoserttx, https://bugs.launchpad.net/eucalyptus/+bug/461301 . euca2ools is marked fix-released, but i dont see it anywhere16:37
uvirtbotLaunchpad bug 461301 in eucalyptus "euca-run-instances unnecessarily encodes user data (dup-of: 461156)" [Undecided,Fix committed]16:37
uvirtbotLaunchpad bug 461156 in eucalyptus "User data is not parsed correctly by Eucalyptus in some cases" [High,Fix committed]16:37
smoserhmm... maybe just not filtered through yet.16:41
smosershoot. no, euca2ools 1.0+bzr20091007-0ubuntu2 is currently not in -proposed or in -updates for karmic.16:48
mathiazttx: hi!16:49
mathiazttx: anything else to add on uec-testing on -seeds before I leave?16:49
mathiazttx: I'll send the seeds proposal later today to -server@ to get the discussion started16:49
ttxjust a sec16:50
ttxsmoser: it's fix-released in Lucid16:51
ttxfix-committed in karmic16:51
ttxstill waiting for a gentle AA to approve it to -proposed16:51
ttxsmoser: btw it should show up as one of your uploads, sponsored by me16:53
ttxmathiaz: nothing from me16:53
smoserok. i dont know how to see such things, (link?)16:53
smoserso, johnwillis is trying to set up eucalyptus right now, and needs this fix16:54
smoserhow should i indicate that he get it?16:54
smoseri thought that pitti's comment was that it is in proposed16:54
ttxeucalyptus in proposed, and your PPA16:54
ttx(for euca2ools)16:54
smoserok. so need eucalyptus 1.6~bzr931-0ubuntu7.4 from proposed16:55
smoserand euca2ools from my ppa.16:55
ttxyes, until euca2ools gets accepted in -proposed.16:56
smoserthanks ttx.17:04
mdzkane_, ttx, I filed bug 492387 about the (minor, cosmetic) update-motd issue I saw in my test install17:13
uvirtbotLaunchpad bug 492387 in update-motd "run-parts: /etc/update-motd/00-header exited with status 1" [Undecided,New] https://launchpad.net/bugs/49238717:13
mdzI didn't bother about the kernel/installer issue as cjwatson said he had already fixed it17:13
ttxmdz: ok17:13
Pistol-McGeeCan anyone suggest some good vpn server software?17:32
Pistol-McGeeopenvpn never installed a config17:33
Pistol-McGeeunless im missing something17:34
arjis that the single requirement, "must install config"?17:34
Pistol-McGeetbh, imma bit of a noob when it comes to linux/terminal17:35
arjI am not aware of a good single click solution, but downloading configs from the openvpn website worked for me17:36
mdzsmoser, I just tried to fire up a lucid daily AMI, but I can't get in using my ec2 ssh key. is it me?17:52
smoserhm... i think i verified 20091203 yesterday, but let me check17:53
glphvgacshi, i need some help with using ping to analise my dig Query Time17:55
smosermdz, i just verified ami-4037d529 (20091203 i386) is functional17:59
mdzsmoser, I must have blown it somehow, though I'm not sure how17:59
smosercan you pastebin console-ouptut ?18:00
smoserand remember that '--key' is necissary18:01
mdzsmoser, http://pastebin.com/f2bf7e95918:01
mdzsmoser, I copy/pasted from http://uec-images.ubuntu.com/lucid/current/18:01
mdz(and yes, I updated my environment variable to EC2_KEYPAIR_US_EAST_1)18:02
mdzdebug1: Next authentication method: publickey18:02
mdzdebug1: Trying private key: ./ec2-keypair.pem18:02
mdzdebug1: read PEM private key done: type RSA18:02
mdzdebug1: Authentications that can continue: publickey18:02
mdzdebug1: No more authentication methods to try.18:02
mdzPermission denied (publickey).18:02
smosermdz... hmm... i dont know.18:07
mdzsmoser, somehow my local key file got out of sync with what AWS had18:12
mdzmaybe pilot error in driving eucalyptus18:12
mdzsmoser, it might be nice if the EC2 images provided an "installation media" identifier, like systems installed from the CDs have18:14
mdzsmoser, that way, bug reports would include the build number, not just the AMI18:14
mdzsmoser, see earlier discussion in #ubuntu-devel re: bug 36464918:15
uvirtbotLaunchpad bug 364649 in ubiquity "Please include installation media build number in installation logs" [Wishlist,Fix released] https://launchpad.net/bugs/36464918:15
smosermdz, yeah, amis suck.18:16
smoseryou can get the manifest from the metadata service though18:16
mdzsmoser, all you have to do is drop the appropriate line of text in /var/log/installer/media-info18:16
smoserif we're not collecting that, maybe we should. at least if it is in a bucket that we own18:16
mdzsmoser, we get the ami-manifest-path but that's just a url or something, right?18:17
mdzwe don't try to read it18:17
smoseri'm confused. dont try to read it. i realize i was confused a bit above, but in the manifest path has something like:ubuntu-images-testing-us/ubuntu-lucid-daily-amd64-server-20091203.manifest.xml18:20
smoserwhich is basically the build version18:20
smoserand i thought that apport was getting it. it might be nice to put that in the console output (along with other useful data, like "adding public key with id 'smoser@brickies' to /root/.authorized-keys"18:21
mdzsmoser, apport is getting that string "ubuntu-images-testing-us/..."18:23
mdzor should be, I haven't checked it since it was originally implemented and it seemed to work18:23
mdzsmoser, I don't think we've sufficiently trained folks to report bugs from the instance using ubuntu-bug18:24
mdzblog topic maybe?18:24
erichammondmdz: You finally got me doing it after however many years I've been using Ubuntu.18:25
smoseryeah, i have a major 'blog' todo. primarily in "start writing one" and "get on ubuntu planet"18:25
smoserit acutally suprises me how often people on ec2ubuntu use the ami id18:26
mdzsmoser, you can refer to http://mdzlog.alcor.net/2009/03/31/please-dont-report-ubuntu-bugs-directly-to-launchpad/ for the general spiel on why ubuntu-bug is a good idea18:26
smoseras "i'm running ami-xbaddfsa", which makes me have to check if thats erichammond's fault or mine :)18:26
erichammondsmoser: likewise :)18:26
mdzsmoser, perhaps we should have a bot in here which automatically translates?18:27
erichammondmdz: +118:27
smoserthat would be neat18:27
mdzubottu, can you do that for us?18:28
ubottuError: I am only a bot, please don't think I'm intelligent :)18:28
mdzoh well18:28
erichammondmdz, smoser: If you think it would help, I could do a short blog post on alestic.com about reporting bugs on EC2 instances with ubuntu-bug.18:28
mdzsmoser, http://www.wordpress.com/ and you can be up and running in a few minutes18:28
mdzerichammond, that would be great18:28
mdzsmoser still should have a blog though ;-)18:28
erichammondsmoser: Thanks for trying to kick me out over on ##aws.  I'm really leaving now.18:32
=== robbiew is now known as robbiew-afk
ab2283hi, quick question: is there any known issue with vsftpd and pam_smbpass.o authentication in karmic? my vsftpd segfaults or denies authentication, seemingly at random :/19:25
RoyKab2283: try to compile it and debug it if it happens again :P19:27
RoyKyou prolly can't gdb / backtrace the one installed19:27
ab2283RoyK: i didn't really want to go that far. the configuration is pretty much stock. that's what's bothering me19:28
ab2283RoyK: i don't know what i possibly could have done to screw it up19:28
RoyKthen I'd recompile it with the config from apt-get source19:28
RoyKproblem is that the one installed is stripped, so you don't have much symbols19:28
RoyKmeaning it's not possible to make a backtrace19:28
RoyKif it crashes on random places, the chance of memory error is prominent19:29
RoyKperhaps running memtest86 can find something19:32
RoyKbut then, that takes a while19:33
=== luis__lopez is now known as luis_lopez
cjwatsonRoyK: https://wiki.ubuntu.com/DebuggingProgramCrash explains how to use ddebs.ubuntu.com to get debugging symbols19:41
RoyKcjwatson: k - didn't know that - the guy left anyway19:50
glphvgacshi, i wanna know which ROOT is responding to my queries; any idea what's the best way to use ping or any other tool for that? thnx19:53
arjwhat kind of queries?19:54
unit3can you clarify that?19:54
arjmysql ones?19:54
arjdns ones?19:54
arjand what does ping have to do with it? :)19:54
arjdig +trace19:54
uvirtbotNew bug: #492599 in apache2 (main) "package apache2 2.2.14-2ubuntu1 failed to install/upgrade: error writing to '<standard output>': Input/output error" [Undecided,New] https://launchpad.net/bugs/49259919:56
ahasenackis there a ubuntu-* package for the server installation?19:59
ahasenacklike we have ubuntu-desktop for the desktop one?19:59
ahasenackmaybe a combination of ubuntu-* packages?19:59
unit3ahasenack: not really, it's mostly just a base install + linux-server.20:05
unit3then it's up to you to install what you want. ;)20:05
ahasenackunit3: ok, thanks20:05
unit3ubuntu-minimal + linux-server, maybe?20:06
ahasenackor ubuntu-standard20:11
unit3yeah, or that.20:13
unit3ubuntu-standard may be more accurate.20:13
cjwatsonit's a little more than that. There's a seed for it, and you can see the expanded results at http://people.ubuntu.com/~ubuntu-archive/germinate-output/ubuntu.karmic/20:14
cjwatson(I do mean "a little" literally, it's quite a small number of extra packages on top of ubuntu-standard by default)20:14
unit3oh, neat, handy.20:16
j03lar50nin 9.10, i am trying to setup a DHCP server behind a Charter Business ISP (static ip) - i will be serving Windows clients . Questions: 1)must i include Subnet Mask and Gateway, specific to the static ip, under the Fixed IP section in /etc/dhcp3/dhcpd.conf? 2)dhcp3-server says i "need to specify a WINS server for your Windows clients..", is this just including 'option netbios-name-servers xxx.xxx.x.x;'? what ip should i20:17
unit3ok, a, you don't need a wins server. it's hardly necessary on most networks.20:17
unit3b), you want to have a separate, reserved subnet for your computers, nothing to do with the charter IP.20:18
unit3and you'll want it on a separate interface, firewalled using nat to the interface with the charter IP. otherwise, your DHCP server will interfere with other charter users, and get you in trouble. ;)20:18
aubrepick a nice 192.168.x.x subnet20:19
unit3yeah, or 10.x.x.x.20:20
unit3reminds me, one of these days I need to play with ipv6 at home. get a good handle on that IRL, rather than just reading about it.20:20
j03lar50nright now i'm just using my linksys router to as DHCP - so looking through the config/setup there and pasting into dhcpd.conf most pieces thx all :)20:23
mneptokj03lar50n: what model Linksys?20:24
mneptokj03lar50n: not WRT54GL or WRT54GS?20:25
j03lar50nnope mneptok straight WRT54G20:25
mneptokj03lar50n: which revision?20:26
=== RoAk is now known as RoAkSoAx
j03lar50nv5 mneptok20:27
mneptokj03lar50n: pity. alternative firmwares only support v1-4.20:28
mneptokj03lar50n: Tomato or OpenWRT on the Linksys will give you a lot more functionality. but they do not work with the revision you have.20:29
j03lar50ndang it mneptok - too bad for us. would you know if moving the DHCP to a 'real' server box running 9.10 & acting as our DHCP server would improve performance versus that of the router serving it?20:30
mneptokj03lar50n: no way to tell. that is depenedent on so many variables that any answer without knowing your network topography well will be meaningless.20:31
mneptokj03lar50n: but it may well improve things. the v5 WRT54G has reduced flash and RAM than prior revisions. memory overhead is severely constrained.20:32
unit3it's not a great router.20:33
smosererichammond, getting closer... now i can upload images, just not kernels20:37
=== mathiaz` is now known as mathiaz
=== smoser_ is now known as smoser
cjwatsonkirkland: if the eucalyptus CLC and CC are on separate machines, do they each need their own SSH key?21:15
cjwatsonkirkland: (I'm nearly done with foundations-lucid-uec-installer-enhancement; this is one of the last pieces)21:17
cjwatsonkirkland: oh, also, is a standalone eucalyptus-cloud installation meant to run an httpd? if not, we'll have to figure out how to expose the preseed file through axis somehow, I think; I would welcome help on that21:18
cjwatsonkirkland: lp:~cjwatson/eucalyptus/cloud-preseed21:18
cjwatsona standalone eucalyptus-cloud installation does not appear to run a separate httpd right now, but I don't know whether this is expected/intentional21:19
uvirtbotNew bug: #492639 in postfix (main) "newaliases fails on a system with no IPv4 address configured" [Undecided,New] https://launchpad.net/bugs/49263921:31
donspauldinganyone have any tips on how to do some post-mortem analysis on a remote server that has to be restarted every day?  When it hangs, ping still responds, but ssh connections fail.21:38
jeiworthdonspaulding: i would check where sshd logs to and analyze that file21:42
richierichhey guys is there a way to stop samba and NTP from printing in tty1 login on my ubuntu server?21:42
adaci installed gnoe on my server but now the gdm greeter appears all the time. how can I set that the server starts in textmode again?21:43
jeiworthadac: quick and dirty, you could simply chmod -x  /etc/init.d/gdm21:44
jeiworthbut iirc there is a file where you can configure autostart behaviour, i did that for openvpn but i have absolutely no idea where that was...hmmm21:45
richierichadac: couldnt you just alt+ctrl+backspace and kill X and then start it up when you need it again?21:45
adacrichierich, could do that, but i would prefer that it starts in textmode in the first place21:46
jeiworthadac: ah, i think it was in /etc/default/openvpn maybe you have a file called gdm there?21:46
richierichi think gdm would try and restart it automatically anyways you might have to do something like sudo /etc/init.d/gdm stop to make sure that doesnt happen21:47
adacjeiworth, I meant on the physical server machine starts up gdm/gnome login window21:47
richierichadac: try this http://www.cyberciti.biz/faq/prevent-xorg-from-starting-in-linux/21:48
jeiworthadac: yeah, so?21:49
adacjeiworth, what has that to do with openvpn?21:49
adacrichierich, I'll ty that out!21:49
jeiworthadac: if you would actually read what i wrote i was using openvpn merely as an example21:50
jeiworthchmod -x will do the trick for any service located in /etc/init.d21:51
adacjeiworth, ohh I see!! sorry I missed the last part!21:51
richierichadac: this looks a easier http://hack2live.blogspot.com/2008/05/stop-gdm-from-loading-on-boot.html21:51
jeiworthadac: np21:52
ruben23how do i install..jdk-1_5_0_11 on package...in ubuntu server..?21:52
j03lar50nunit3 you said "you want to have a separate, reserved subnet for your computers, nothing to do with the charter IP...and you'll want it on a separate interface, firewalled using nat to the interface with the charter IP..." - - the bit about separate interface, does this mean i should have eth0 direct to the (Charter) modem and eth1 serving DHCP to my switch(es)?22:01
=== robbiew-afk is now known as robbiew
jfb_h2ofolks, my system hangs with tab completion and a simple 'ls' . It seems to be related to autofs, but not in remote mounted directories?22:51
jfb_h2oNone of my path variables are on mount points either. Any thoughts?22:52
jmarsdenjfb_h2o: Does the issue go away if you do  OLDPATH=$PATH ; PATH=/bin     and then try to tab-complete ?22:57
jmarsdenIn other words, see if you can simplify the test case.22:57
cjwatsonalso try without /etc/bash_completion.22:58
cjwatson(comment it out in .bashrc)22:58
cjwatson(and maybe /etc/bash.bashrc too)22:58
ruben23how do i install..jdk-1_5_0_11 on package...in ubuntu server..?23:00
unit3are you running some really old ubuntu server release that you'd want an old jdk?23:01
unit3as opposed to just installing the current sun-java6-jdk package?23:02
cjwatsonor better openjdk. however, there's a sun-java5-jdk package in releases up to 9.04, in case you need specifically that for some reason23:03
cjwatson(sun-java6 is planned to move to the partner archive for lucid, in the cause of trying to further encourage the use of openjdk when possible)23:04
unit3oh, cool. didn't know that.23:04
unit3makes sense though, since openjdk works fine these days.23:05
cjwatsonapparently not for everything, but yes it's generally a good replacement23:05
=== mtrudel_ is now known as cyphermox
cjwatsonkirkland: could you please commit when you make a release of eucalyptus, so that I'm not blindly carrying on with the existing changelog entry? :-/23:23
* cjwatson goes to tidy up23:23
mabushow do I manage what services are started at boot in 8.1023:37
unit3update-rc.d ?23:37
unit3or did you want something more involved than that?23:37
mabusnot sure, I'll read the man first. thanks23:38
mabusoh, yeah, I didn't want to remove the init script, or chmod -x it. is that the only way?23:39
=== robbiew is now known as robbiew-afk
unit3umm, it doesn't remove init scripts, it just adds and removes links to them in the /etc/rcX.d directories.23:41
unit3which is fairly safe.23:41
unit3the init scripts stay in /etc/init.d/, regardless of where you symlink them to.23:41
TDJACRWhat would be the best way to load balence three web servers running Apache?23:44
unit3depends on the content on them, what kinds of edge cases are acceptable.23:46
unit3if it's just static content, then you can stick keepalived in front of them and be done with it.23:46
unit3otherwise, you'll have to take a look at your data flow, see how to replicated it between servers, etc.23:46
TDJACRIt's dynamic through Django and other Pythonic frameworks23:47
unit3ok, and is all data stored in MySQL? because you could use MySQL multimaster replication then, and still stick keepalived in front.23:47
TDJACRYes, it is. I want to balence both the loads to apache (over 3) and MySQL over two23:48
unit3why just over two? why not over all 3, so you have better failover coverage?23:49
TDJACRI suppose so.23:50
unit3in any case, the only problem you're going to have is keeping data files uploaded by users synced. if you had a SAN you could put the web files on a distributed filesystem like OCFS2, and that'd cover it.23:50
unit3or, if you had only 2 systems you could use DRBD for that as well.23:51
unit3if users never upload files outside of the database, then you're ok too. just make sure that the web files don't get out of sync manually.23:51
unit3regardless, keepalived on a firewall in front of them will handle the load distribution, and works quite well.23:52
TDJACRWell, I expect more database than actual files, but, how does a group such as wikimedia manage their photos across many servers?23:52
TDJACRAlso, does Keepalived need to be in front of the switch, or can it be a node that's purpose is contacting the others23:53
TDJACROn the same network, in the same position23:54

Generated by irclog2html.py 2.7 by Marius Gedminas - find it at mg.pov.lt!