PatrickDK | erichammond, as response to your blog post :) | 00:10 |
---|---|---|
PatrickDK | I had issue with ubuntu ami not having ext4 support, but it did include mkfs.ext4 :) | 00:10 |
erichammond | pquerna: Yes, The Canonical Ubuntu AMIs do run user-data as root on first boot if it starts with #! just like the Alestic AMIs. http://alestic.com/2009/06/ec2-user-data-scripts | 00:13 |
pquerna | erichammond: sweet. | 00:13 |
erichammond | PatrickDK: Which blog post? What AMI id? | 00:14 |
PatrickDK | let me see if I can find the ami number | 00:14 |
ruben23 | hi, anyone can suggest an opensource ticketing system.. | 00:14 |
PatrickDK | I had deleted the instanse I was testing with, and ext4 was just something I tried for the hell of it, and found /proc/filesystems didn't list support, and mount wouldn't mount it | 00:15 |
PatrickDK | so I assume there wasn't a module for it build either | 00:15 |
PatrickDK | I've been reading all your ec2 posts :) most informative posts in planet.ubuntu | 00:15 |
sbeattie | ruben23: request-tracker (aka rt) and roundup are the two I've seen used; IIRC trac can also be used as a ticketing system. | 00:20 |
ruben23 | sbeattie: thanks ill check thid | 00:23 |
PatrickDK | ami-1515f67c | 00:27 |
smoser | pquerna, yes | 00:27 |
=== tonyyarusso is now known as Guest62353 | ||
=== Wandrewvious is now known as WALoeIII | ||
genii | ruben23: ticgit looks interesting, haven't used it tho | 00:55 |
erichammond | PatrickDK: ami-1515f67c is out of date. You might want to upgrade to ami-bb709dd2. Bug 428692 talks about ext4 support on EC2 kernels. | 01:15 |
uvirtbot` | Launchpad bug 428692 in linux-ec2 "ec2 kernel needs CONFIG_BLK_DEV_LOOP=y and other config changes" [Medium,Triaged] https://launchpad.net/bugs/428692 | 01:15 |
patdk-lap | I had installed that ami, and ran apt-get to update it | 01:16 |
patdk-lap | maybe it needed a reboot :( | 01:16 |
erichammond | patdk-lap: It's not clear to me that ext4 is supported, even in the most recent EC2 AMI. In any case, apt-get upgrade and reboot will not upgrade a kernel in EC2. | 01:34 |
uvirtbot` | New bug: #512633 in eucalyptus (main) "CLC+Walrus+SC+CC installed even if node is preseeded" [Undecided,New] https://launchpad.net/bugs/512633 | 02:32 |
=== erichammond1 is now known as erichammond | ||
kees | soren: I've updated the fetchmail/dovecot tests a bit more. they work fine on karmic, so if dovecot changed for lucid, please update the tests. | 03:09 |
=== Guest62353 is now known as tonyyarusso | ||
=== erichammond1 is now known as erichammond | ||
=== __ruben__ is now known as _ruben | ||
jiboumans | good mornig | 08:45 |
error404notfound | can i hide ssh signature from apppearing in portscan? | 10:30 |
_ruben | probably not | 10:32 |
error404notfound | _ruben: i guess i would need to recompile ssh from code to do that, right? | 10:32 |
error404notfound | i wonder why didn't ubutnu-server team did this, its better to hide what runs where and which version. | 10:32 |
error404notfound | do this* | 10:33 |
* error404notfound super drunk:( | 10:33 | |
_ruben | hiding != security | 10:33 |
error404notfound | _ruben: more layers, more time to breach, more secure | 10:33 |
error404notfound | the less i show you, the more secure i am | 10:33 |
_ruben | lets agree to disagree on that one | 10:34 |
error404notfound | thats the whole purpose of SSL, hiding via encryption | 10:34 |
error404notfound | hmm, okay :) | 10:34 |
jpds | error404notfound: Do you mean the host key fingerprint? | 10:35 |
error404notfound | jpds: nope, version signatures printed in portscan | 10:35 |
jpds | error404notfound: re: version> I believe the client software depends on this to know which protocol of SSH to abide to. | 10:36 |
error404notfound | jpds: hmmm, may be, can't say. will check into it.. | 10:36 |
soren | I've never believed it makes any difference. Assuming that people actually look at this string before they toss their arsenal of exploit at you (another assumption I find questionable), and assuming that their check will go "Oh, I don't know which exact version of SSH this is. I might as well not try anything and just be on my merry way" | 10:43 |
soren | ...rather than "Oh, I don't know what version this is. I'll just try ALL my SSH exploits rather than just the ones meant for version X."... | 10:43 |
soren | ..then yes, it might make a tiny bit of a difference. | 10:44 |
jpds | error404notfound: https://bugzilla.mindrot.org/show_bug.cgi?id=764#c1 | 10:44 |
error404notfound | soren: yes, but it makes a difference, of probably seconds... | 10:44 |
soren | What will make a /massive/ difference, though, is whether you are diligent in applying security updates when we publish them. | 10:44 |
uvirtbot` | bugzilla.mindrot.org bug 764 in sshd "fully remove product and version information" [Enhancement,Closed: wontfix] | 10:44 |
soren | That will make more of a differnce than /anything/ else. | 10:44 |
jpds | error404notfound: Security through obscurity, not the answer. | 10:46 |
soren | error404notfound: If you're vulnerable, it doesn't matter whether you get broken into right now or in two seconds. Fix the problem rather than hiding it. | 10:46 |
error404notfound | hmm, guess i would go with the second option of running a VPN server on the machine and bind ssh to vpn ip, that way outside world won't even see it.. | 10:48 |
uvirtbot` | New bug: #512732 in libvirt (main) "package libvirt-bin 0.7.5-5ubuntu3 failed to install/upgrade: subprocess installed post-installation script returned error exit status 1" [Undecided,New] https://launchpad.net/bugs/512732 | 10:56 |
mealstrom | I've got problem with permissions, I want to mount samba share (smb://server/share) (cifs from fstab) but only get read permission and w for created files (but not create or delete) . Windows user can mount it as network disk with rw. Also I have rw permission on smb://server/share . Where can be the problem ? | 12:34 |
zul | wtf i l have to log on to nickserv in order to join the channel? | 13:09 |
zul | morning anyways | 13:12 |
laen | May be a weird question, but we're wondering (production environment) if we really need deb-src in the sources list? | 13:13 |
laen | Or, if maybe, is there a way to check? We don't develop, we don't build from source. | 13:14 |
uvirtbot` | New bug: #512777 in samba (main) "first login fails when NIC is managed by NM-wicd" [Undecided,New] https://launchpad.net/bugs/512777 | 13:16 |
laen | Anyone? | 13:30 |
soren | zul: Yeah, there's been a lot of problems lately with bots joining channels, posting links to sites that will turn your browser into a bot as well, etc. Or something. | 13:31 |
soren | zul: ...so I +R'ed the channel (as per advice from Freenode staff) | 13:32 |
soren | laen: then you don't need it. | 13:32 |
zul | soren: ah ok | 13:32 |
laen | soren: thanks, awesome. The system itself doesn't install stuff from deb-src'es either? | 13:32 |
soren | laen: Never. | 13:32 |
laen | Cool. | 13:32 |
EtienneG | hey soren! | 13:32 |
EtienneG | soren, is this a good place for vmbuilder qustions? | 13:33 |
soren | laen: I belive it's configured by default to really deliver on the promise to make source available "right next to" the binary packages. | 13:33 |
soren | EtienneG: Everywhere is a good place to ask vmbuilder questions :) | 13:33 |
EtienneG | soren, I am having a problem with vmbuilder, and I think it might be due to the fact that I am trying to build a 32 bits on a 64 bits host | 13:34 |
soren | EtienneG: Time will tell if it's a good place to ge tanswers. | 13:34 |
soren | EtienneG: That should work. | 13:34 |
soren | EtienneG: what's the difficulty? | 13:34 |
laen | soren: and you're a member of the ubuntu team, developer, or any special rank besides user? | 13:34 |
EtienneG | soren, well, I get a debootstrap error | 13:35 |
EtienneG | lemme pastebin it | 13:35 |
soren | laen: Something like that. | 13:35 |
soren | laen: I work for Canonical on the Ubuntu server team. | 13:35 |
EtienneG | soren, http://ubuntu.pastebin.com/m288dcae0 | 13:36 |
laen | soren: Just asking cause i need to report back to the rest of my team with reasons :) thanks! | 13:36 |
EtienneG | soren, this is an esxi vm i am trying to build, using an ISO | 13:36 |
EtienneG | brb | 13:37 |
soren | EtienneG: You can't install from a desktop ISO. | 13:37 |
soren | EtienneG: Desktop ISO's do not contain .deb's. You can install from server or alternate, but not desktop. | 13:37 |
soren | laen: Any time. | 13:40 |
* EtienneG bang head | 13:40 | |
EtienneG | soren, thanks a bunch, my bad! | 13:41 |
soren | EtienneG: No worries. | 13:42 |
EtienneG | oh boy ... | 13:43 |
kwork | does anyone use some like keeppass but what would have distribute password saving | 13:53 |
kwork | like somekind of "password server" | 13:53 |
kwork | where multiple users could hold passwords securely | 13:53 |
patdk-wk | damn, even the nightly build doesn't contain ext4 support :( | 14:10 |
patdk-wk | tested ami-bb709dd2 and ami-495ab720 | 14:11 |
Omahn | Anyone in here fancy having a look at why Puppet is broken in Lucid? https://bugs.launchpad.net/ubuntu/+source/puppet/+bug/509625 | 14:36 |
uvirtbot` | Launchpad bug 509625 in puppet "Puppet client is broken on Lucid Alpha 2" [Undecided,New] | 14:36 |
Omahn | EtienneG: Another support case heading your way I suspect :-) | 14:39 |
EtienneG | Omahn, hey Paul! | 14:40 |
Omahn | Hi :-) | 14:40 |
EtienneG | fortunately, you have the whois info set to your real name, otherwise I would have been completely puzzled! | 14:40 |
Omahn | ;-) | 14:40 |
EtienneG | Omahn, I am oversea for the next two weeks, on-site consulting | 14:40 |
Omahn | I go by Omahn in IRC and on launchpad | 14:40 |
EtienneG | Omahn, I doubt I will be handling your case this time :( | 14:41 |
Omahn | Aha, you might get a rest from this one then | 14:41 |
EtienneG | Omahn, i am confident the gys at the support center can deal! :) | 14:41 |
Omahn | I'm sure they can. Any idea what the policy is for support cases on unreleased releases? I suspect the relevant devs might want to pay attention to this bug as puppet is due to go into main for lucid and it's currently broken. | 14:42 |
EtienneG | Omahn, that's a big one | 14:43 |
EtienneG | it is central to many blueprints, so I would expect it to get fixed indeed | 14:43 |
EtienneG | no harm in filing a support case, it is going to be tracked in two places! | 14:43 |
EtienneG | Omahn, just fyi, we are usually pretty reluctant to deal with cases on unreleased release (ouf, tautology!) | 14:44 |
Omahn | EtienneG: I can appreciate that :-) | 14:44 |
EtienneG | Omahn, reason being that stuff are actually expected to break from time to time, and it is hard to keep track | 14:44 |
Omahn | I just thought the developers would have picked up on my bug report a bit sooner with it going to main. | 14:44 |
Omahn | EtienneG: Understood. | 14:44 |
Omahn | I've had a quick look at it myself but it's going to involve someone with ruby experience to fix. | 14:45 |
EtienneG | Omahn, mathiaz is the ne who spent the most time on Puppet. I guess you may poke him gently, especially yif you are colunterring to test a fix ;) | 14:45 |
EtienneG | (ouch, so may typos, damn caffeine!) | 14:45 |
Omahn | ;-) I'll keep an eye out for mathiaz then and give him a gentle prod next time I see him online. | 14:46 |
EtienneG | Omahn, no harm in filing a support case nonetheless | 14:47 |
EtienneG | we can track that on two fronts | 14:47 |
Omahn | I'll do that, thanks. | 14:47 |
ttx | zul: looking at eucalyptus apport hooks code, I think there is a typo on line 13 @ http://bazaar.launchpad.net/~ubuntu-branches/ubuntu/lucid/eucalyptus/lucid/annotate/head%3A/debian/source_eucalyptus.py | 14:48 |
zul | ttx: looking | 14:49 |
ttx | also "Eucalytptus" on line 42 | 14:49 |
ttx | rsponse on line 48 | 14:49 |
EtienneG | I always spells it eucalytpus | 14:50 |
EtienneG | damn annoying | 14:50 |
ttx | benefial on line 58 | 14:50 |
ttx | EtienneG: yes, I do the same | 14:50 |
zul | ttx: ok ill fix | 14:51 |
twb | EtienneG: you need to get hippie-expand completion in your IRC client, then ;-) | 14:55 |
EtienneG | twb, what's that? | 14:55 |
EtienneG | shang, is pmatulis in the office today? | 14:56 |
EtienneG | shang, wrong channel, plese ignore | 14:56 |
twb | hippie-expand is an interactive autoloaded Lisp function. It is bound to M-/. Try to expand text before point, using multiple methods. The expansion functions in `hippie-expand-try-functions-list' are tried in order, until a possible expansion is found. Repeated application of `hippie-expand' inserts successively possible expansions. | 14:57 |
EtienneG | twb, interesting | 14:58 |
twb | EtienneG: you type, say, euc M-/, and it sees "eucalyptus" earlier in the scrollback and autocompletes on it | 14:58 |
EtienneG | twb, that is pretty useful inded | 14:59 |
soren | vim has the same thing. | 15:02 |
Elad | when I type: ls -al /var/mail/root it shows "total 8" but only 2 items are listed. So I am assuming that I have mail, but when I run mutt, at the bottom of the page is shows "/var/mail/root is not a mailbox" | 15:03 |
Elad | anyone else ever had a similar problem? | 15:03 |
soren | Elad: How does "ls" show "total 8"? | 15:04 |
zul | ttx: fixed | 15:04 |
soren | Elad: Oh, it's a Maildir? | 15:04 |
Elad | It should be my mail dir | 15:04 |
soren | Elad: Then you probably want to refer to it as /var/mail/root/ (note the slash at the end) | 15:04 |
ttx | mathiaz: I'd be interested in getting some more explanation on your gPXE setup, so that I can use it / base my own setup on it | 15:04 |
Elad | soren: note, taken :) | 15:04 |
mathiaz | ttx: yeah - I plan to blog about it real soon now | 15:05 |
mathiaz | ttx: do you have a deadline? | 15:05 |
ttx | mathiaz: I would have loved playing with it now, but I can wait until tomorrow :) | 15:05 |
mathiaz | ttx: ok - I'll write something up later today then | 15:05 |
Elad | soren: when you run ls -a it displays "total x" where x is the number of items in the directory, well at least normally. So it says 8, but only 2 things are displayed. [1] . [2] .. | 15:06 |
Elad | which is expected for an empty directory | 15:06 |
Elad | I don't know how the mail stuff works - which is why I'm a little confuse | 15:06 |
Elad | confused | 15:06 |
ttx | mathiaz: don't let that prevent you from burning WIs, you're quite low :) | 15:07 |
Elad | all I am really trying to do, is see what messages the machine has for the root user | 15:11 |
patdk-wk | heh, both of you are wrong | 15:23 |
patdk-wk | when doing ls -al | 15:23 |
patdk-wk | total is the amount of space used | 15:23 |
patdk-wk | not total files | 15:23 |
patdk-wk | and that would be correct, what elad said | 15:23 |
patdk-wk | 8, 8kbytes used, 4kbits for each file, . and .. | 15:24 |
Elad | patdk-wk: thanks for the info | 15:24 |
Elad | patdk-wk: I can see it now that you mentino it | 15:24 |
patdk-wk | so that would be, NO MAIL :) | 15:24 |
_ruben | 4kbits + 4kbits != 8kbytes | 15:25 |
patdk-wk | heh :) | 15:25 |
patdk-wk | so used to typing in bits lately | 15:25 |
patdk-wk | 8kbytes used, 16kbits for each file :) | 15:25 |
_ruben | so your bytes are 4 bits ? | 15:27 |
patdk-wk | yep, they where cercumsized | 15:28 |
Elad | lol | 15:28 |
mealstrom | I've got trouble with dhcpd.leases -- no leases at all :( . | 15:31 |
mealstrom | ps ax | grep dhcpd -- /usr/sbin/dhcpd3 -q -pf /var/run/dhcp3-server/dhcpd.pid -cf /etc/dhcp3/dhcpd.conf eth1 eth3 | 15:31 |
mealstrom | and there is no -cl flag (for leases) .. any idea why? | 15:31 |
patdk-wk | heh, mine is running without any flags | 15:32 |
mealstrom | sr. no -lf flag (lease file , and it should be /var/lib/dhcp3/dhcpd.leases) | 15:32 |
mealstrom | lucky one ). and how you know if someone gets it IP or not? | 15:33 |
mealstrom | please check /var/lib/dhcp3/dhcpd.leases | 15:33 |
Jeeves_ | less /var/log/daemon.log | 15:33 |
patdk-wk | hmm, you don't need to use -lf -pf and -cf if you want to OVERRIDE the defaults | 15:34 |
mealstrom | Jeeves: only warning dhcpd: WARNING: Host declarations are global. They are not limited to the scope you declared them in. But its ok. | 15:34 |
patdk-wk | by default, in 8.04 atleast, /var/state/dhcp/dhcpd.leases is where it is | 15:34 |
Jeeves_ | mealstrom: Do you see a DCHPDISCOVER, DHCPOFFER, DHCPREQUEST and DHCPACK > | 15:35 |
Jeeves_ | ? | 15:35 |
uvirtbot` | New bug: #512459 in samba (main) "Winbind failed to connect to AD: Program lacks support for encryption type" [High,Confirmed] https://launchpad.net/bugs/512459 | 15:35 |
mealstrom | patdk-wk: im using 9.10 now, but with 8.04 were the same | 15:36 |
mealstrom | I don't specify any flags. -cf -pf takes from default | 15:36 |
patdk-wk | let me check my dhcpd on 9.10 | 15:36 |
mealstrom | Jeeves: in my dhcplient Jan 26 17:20:01 skywalker dhclient: DHCPREQUEST of 192.168.1.20 on eth0 to 192.168.1.1 port 67 | 15:37 |
mealstrom | Jan 26 17:20:01 skywalker dhclient: DHCPACK of 192.168.1.20 from 192.168.1.1 | 15:37 |
mealstrom | Jan 26 17:20:01 skywalker dhclient: bound to 192.168.1.20 -- renewal in 3471 seconds. | 15:37 |
Jeeves_ | mealstrom: Than you have a lease, 192.168.1.20 to be exact | 15:37 |
mealstrom | nope. I've got client lease on client side | 15:37 |
patdk-wk | yep, on 9.10, it's using /var/lib/dhcp3/dhcpd.leases | 15:38 |
mealstrom | and no lease from dhcpd | 15:38 |
patdk-wk | mine is working no issues on 9.10 :) | 15:38 |
mealstrom | patdk-wk: ps ax | grep dhcpd please | 15:38 |
patdk-wk | /usr/sbin/dhcpd3 -q -pf /var/run/dhcp3-server/dhcpd.pid -cf /etc/dhcp3/dhcpd.conf eth0 eth0.4 eth0.5 | 15:38 |
mealstrom | you don't have -lf either | 15:39 |
patdk-wk | ya, cause it uses the default | 15:39 |
Jeeves_ | mealstrom: So where did you client get the ip from, if it's not from the dhcpd? :) | 15:39 |
patdk-wk | why do you need to override a default? | 15:39 |
mealstrom | I don't need to override them | 15:39 |
patdk-wk | there is no need for -lf :) | 15:39 |
mealstrom | I just need dhcpd.leases to work | 15:39 |
mealstrom | Jeeves: client takes and client side have got dhcplient.leases , and my server who gave it -- didn't | 15:40 |
patdk-wk | where is the log info from the server? | 15:40 |
mealstrom | and I don't know why | 15:40 |
patdk-wk | I see you posted dhclient, but not dhcpd | 15:40 |
patdk-wk | is 192.168.1.1 the ip of your server running dhcpd? | 15:41 |
mealstrom | my server messages.log | 15:41 |
mealstrom | Jan 26 17:26:01 dreamguard dhcpd: DHCPACK on 192.168.2.25 to 00:21:91:2d:ef:7a via eth3 | 15:41 |
mealstrom | Jan 26 17:40:12 dreamguard dhcpd: DHCPREQUEST for 192.168.1.20 from 00:19:5b:38:c9:5a via eth1 | 15:41 |
mealstrom | Jan 26 17:40:12 dreamguard dhcpd: DHCPACK on 192.168.1.20 to 00:19:5b:38:c9:5a via eth1 | 15:41 |
patdk-wk | directory permissions on /var/lib/dhcp3? | 15:41 |
mealstrom | hmm.. | 15:41 |
mealstrom | drwxr-xr-x 2 dhcpd dhcpd 4096 2010-01-26 15:24 dhcp3 | 15:42 |
patdk-wk | and dhcpd.leases doesn't exists? | 15:42 |
mealstrom | -rw-r--r-- 1 dhcpd dhcpd 126 2010-01-26 15:24 dhcpd.leases | 15:42 |
mealstrom | dhcpd 23787 0.0 0.0 15408 1136 ? Ss 15:24 0:00 /usr/sbin/dhcpd3 -q -pf /var/run/dhcp3-server/dhcpd.pid -cf /etc/dhcp3/dhcpd.conf eth1 eth3 | 15:43 |
mealstrom | permissions looks fine for me | 15:43 |
mealstrom | ill try dirty hack with init.d | 15:44 |
_ruben | mealstrom: i guess you do use dynamic leases and not static ones? | 15:45 |
Jeeves_ | mealstrom: init.d? | 15:45 |
Jeeves_ | /etc/default would be to efficient? :) | 15:45 |
patdk-wk | did you specify lease-file-name in dhcpd.conf? | 15:46 |
mealstrom | patdk-wk: what it shoud be ? | 15:47 |
patdk-wk | personally? I dont have it in my files :) | 15:47 |
patdk-wk | but if you use it, it will override you leases file | 15:47 |
mealstrom | Jeeves_: hm, there is no -lf parameter in init.d | 15:47 |
mealstrom | I don't use it either | 15:47 |
mealstrom | maybe its because global host declaration ? | 15:51 |
Jeeves_ | maybe it's in /etc/default/dhcp3-server? | 15:51 |
patdk-wk | ya, you defently have a bad config | 15:53 |
patdk-wk | dunno if that can cause the leases file problem, but I think it might | 15:53 |
mealstrom | Jeeves_: there is only interfaces are declared | 15:53 |
patdk-wk | cause dhcp doesn't know what ip goes with what interface | 15:53 |
mealstrom | it should know | 15:54 |
mealstrom | cos I've got 2 subnets on 2 different nics | 15:54 |
mealstrom | with static ip on them | 15:54 |
patdk-wk | ya, but the purposes of the leases file is for cross boot | 15:54 |
patdk-wk | and things could change | 15:54 |
mealstrom | I've put declared hosts in subnets | 15:55 |
mealstrom | for "fixed-address" | 15:55 |
patdk-wk | where do you get that warning? | 15:56 |
uvirtbot` | New bug: #507616 in apache2 (main) "CustomLog directive in apache2.conf makes it impossible to change default logging without editing the global config." [Wishlist,Confirmed] https://launchpad.net/bugs/507616 | 15:56 |
patdk-wk | hmm, I am not getting that warning | 15:57 |
patdk-wk | and I have hosts outside subnet sections | 15:57 |
mealstrom | patdk-wk: dhcpd: WARNING: Host declarations are global. They are not limited to the scope you declared them in. | 15:58 |
patdk-wk | oh, you put the hosts INSIDE a subnet | 15:58 |
patdk-wk | instead of outside, when you wanted them to work with both subnets? | 15:58 |
mealstrom | they are already inside subnets | 15:58 |
patdk-wk | the fixed ip's on them don't match the subnet they are in is what it's saying | 15:58 |
mealstrom | 192.168.1.0/24 with 192.168.1.20 host | 15:59 |
mealstrom | they match | 15:59 |
patdk-wk | guess I am going have to see your config file to figure out what is wrong | 16:00 |
patdk-wk | never had issues with dhcp, it's always worked fine, and I don't have a simple setup | 16:00 |
patdk-wk | only problem I had with dhcpd was ping-check was on :( making pxe boots take forever | 16:01 |
mealstrom | I've managed with pxe | 16:01 |
mealstrom | its ok ) | 16:01 |
mealstrom | now working on preseed configuration | 16:02 |
mealstrom | and I habent try options.preseed or something like this in dhcpd | 16:02 |
_ruben | 16:45 < _ruben> mealstrom: i guess you do use dynamic leases and not static ones? | 16:04 |
_ruben | static leases (defined in dhcpd.conf) arent added to the leases file | 16:05 |
_ruben | only dynamic ones are | 16:05 |
mealstrom | hehehe... | 16:05 |
mealstrom | where you was 2 hours ago? | 16:05 |
_ruben | here :) | 16:06 |
mealstrom | "you are so cruel " :) | 16:06 |
_ruben | only you didnt ask here 2 hrs ago ;) | 16:06 |
_ruben | anyway .. time to head home | 16:06 |
mealstrom | ). ok . lets check with dynamic ... | 16:07 |
uvirtbot` | New bug: #512833 in bind9 (main) "package bind9 1:9.6.1.dfsg.P1-3ubuntu0.2 failed to install/upgrade: subprocess new pre-removal script returned error exit status 1" [Undecided,New] https://launchpad.net/bugs/512833 | 16:11 |
incorrect | is anyone putting together a ubuntu based firewall product like pfsense? | 16:13 |
jjohansen | smoser: ec2 kernel update is being obnoxious, hopefully we will have something today but it has been a mess so far | 16:15 |
smoser | patches rebase ? | 16:15 |
zul | incorrect: have use used ufw? | 16:21 |
zul | jjohansen: hah hah ;) | 16:21 |
jjohansen | zul: you sadist | 16:22 |
zul | jjohansen: who me? | 16:22 |
jjohansen | zul: yeah you :) | 16:22 |
zul | hehe | 16:23 |
jjohansen | zul: perhaps sadist is the wrong word, its not so much that you love others peoples misery its that you love that its not your misery | 16:23 |
zul | jjohansen: yeah thats more true | 16:23 |
incorrect | zul, nope i will have a look | 16:24 |
incorrect | zul, can i build a NAT box with it? | 16:25 |
zul | incorrect: you should be able to i think | 16:25 |
zul | jdstrand: ^^^ | 16:25 |
jpds | I don't think ufw supports NAT. | 16:26 |
patdk-wk | use shorewall then | 16:26 |
patdk-wk | or is this an attempt to use a pretty gui? :( | 16:27 |
jdstrand | the ufw cli command does not support NAT. the ufw framework does (see 'man ufw-framework' and/or https://wiki.ubuntu.com/UncomplicatedFirewall for details) | 16:27 |
jdstrand | incorrect: ^ | 16:28 |
incorrect | thanks | 16:28 |
incorrect | i just found the same info | 16:28 |
mealstrom | during ubuntu-server instalattion there is a lot of "Fail to download" files with *.udeb . Are they critical ? (I've make local mirror with apt-mirror) and there is no udeb files | 16:29 |
patdk-wk | hmm, I have a whole crapload of udeb files in my mirror | 16:30 |
mealstrom | oem-config-check_2.0.6_all.udeb ? | 16:31 |
jpds | Omahn: Puppet is all fixed. :) | 16:31 |
incorrect | ok so is there anything more powerful than ufw? | 16:32 |
incorrect | other than directly using iptables | 16:32 |
incorrect | not used iptables since 05 | 16:33 |
patdk-wk | /pool/main/u/ubiquity/oem-config-check_2.0.6_all.udeb | 16:33 |
mealstrom | you've got it? | 16:33 |
patdk-wk | yep | 16:33 |
patdk-wk | and 2.0.10, 2.1.7 and 2.1.8 | 16:33 |
patdk-wk | your mirror is screwed :) | 16:33 |
jdstrand | incorrect: if by more powerful you mean supports NAT without having to know iptables syntax, you might look at shorewall | 16:33 |
incorrect | jdstrand, ok i will just remind myself about iptables | 16:34 |
* patdk-wk just stopped using iptables manually about 6 months ago, and switched to shorewall | 16:34 | |
incorrect | i want to use ubuntu so i can move ldap, munin, tftp and a bunch of other services off my kvm box | 16:34 |
mealstrom | patdk-wk: what mirror you are using for sync ? | 16:35 |
patdk-wk | us.archive.ubuntu.com | 16:35 |
mealstrom | ...hm .. | 16:35 |
patdk-wk | I don't use apt-mirror, I found that a worthless attempt | 16:36 |
mealstrom | it didn't copy *.udeb files | 16:36 |
patdk-wk | I use rsync | 16:37 |
jcastro | those are for the installer | 16:37 |
jcastro | if you're just mirroring for updates and all that you don't need them | 16:37 |
patdk-wk | I pxe boot the installer | 16:38 |
patdk-wk | so I guess I need them | 16:38 |
mealstrom | I need em too | 16:38 |
mealstrom | you ve made full mirror with rsync , right? | 16:38 |
jcastro | grab a 2-stage rsync script from the wiki, that would work better I bet | 16:38 |
patdk-wk | I make an almost complete mirror | 16:39 |
mealstrom | I've only need mirror for karmic | 16:39 |
patdk-wk | well, rsync can't do that | 16:39 |
patdk-wk | it will sync all versions | 16:39 |
patdk-wk | you would have to read the toc's to do just the ones needed, that is what apt-mirror does | 16:39 |
patdk-wk | but only updates, not for installations | 16:40 |
patdk-wk | the next solution is to use squid :) | 16:40 |
patdk-wk | and the just use a normal default mirror | 16:40 |
mealstrom | im using archive.ubuntu.com | 16:40 |
mealstrom | to use rsync for karmic only - a need a package parser | 16:41 |
patdk-wk | na, rsync wouldn't be usefull that way either | 16:41 |
patdk-wk | would probably just have to wget each file | 16:41 |
uvirtbot` | New bug: #512462 in bacula (main) "bacula-console-qt missing config file crash" [Undecided,New] https://launchpad.net/bugs/512462 | 16:41 |
uvirtbot` | New bug: #512863 in mysql-dfsg-5.0 (universe) "mysqld.sock not found after restart" [Undecided,New] https://launchpad.net/bugs/512863 | 16:41 |
patdk-wk | rsync is really for groups of files, I guess you could feed it a list, :( | 16:41 |
patdk-wk | just gets ugly fast | 16:41 |
mealstrom | package.gz has md5 sums for each package | 16:42 |
mealstrom | crap... all missing files are from http://archive.ubuntu.com/ubuntu/dists/karmic/main/debian-installer | 16:42 |
patdk-wk | well, that is easy then | 16:43 |
patdk-wk | zcat Packages.gz | awk '/^Filename: / { print $2; }' | 16:44 |
patdk-wk | download all those files | 16:44 |
patdk-wk | or feed that into a rsync list to download | 16:44 |
mealstrom | there should be something easier | 16:49 |
* patdk-wk doesn't know how that is *hard* | 16:50 | |
=== jjohansen is now known as waves | ||
=== waves is now known as jjohansen | ||
mealstrom | patdk-wk: deb-XXX http://archive.ubuntu.com/ubuntu karmicXXXXXX main restricted universe multiverse main/debian-installer (+ univerce/debian and so on) | 17:13 |
mealstrom | that's easier ) | 17:13 |
patdk-wk | that doesn't download udeb files | 17:14 |
patdk-wk | or will it? | 17:14 |
ScottK | SpamAssassin 3.3.0 released! | 17:14 |
mealstrom | it downloafs | 17:14 |
ScottK | \o/ | 17:14 |
ScottK | Daviey: ^^^ | 17:14 |
mealstrom | apt-mirror gets package.gz parse it and downloads . all those *.udeb were in /debian-installer/i386(amd)/package.gz. | 17:15 |
mealstrom | so I've addet debian-installer to be mirrored localy | 17:15 |
patdk-wk | just got the email :) | 17:16 |
mealstrom | so it was karmic /main and I've added karmic /main/debian-installer and that's all | 17:16 |
Daviey | ScottK: \o/ | 18:09 |
Daviey | ScottK: I emailed the debian maintainer a while ago who pretty much said he had it in hand, but patches welcome | 18:09 |
smoser | erichammond, would you mind if i took runurl and added to ec2init ? | 18:30 |
smoser | and is http://run.alestic.com/runurl the right runurl ? and any reason why it is #!/bin/bash not #!/bin/sh | 18:30 |
koolhead17 | hi all | 18:35 |
koolhead17 | hello kees | 18:35 |
* koolhead17 waves propagandist | 18:35 | |
zul | smoser: you'll have to update the debian/copyright file if you do that just an fyi | 18:49 |
smoser | yeah, i have other udpates there too | 18:49 |
=== rberger_ is now known as rberger | ||
=== A-Tuin-ghost is now known as A-Tuin_ | ||
* soren just had a rockin' idea for Lucid+1 | 19:34 | |
ajmitch | soren: demoting most of main? | 19:38 |
soren | No, but also sounds like fun :) | 19:39 |
* ajmitch was just reading kees' suggestions about web apps | 19:40 | |
kees | mmmm profiles | 19:43 |
ajmitch | I know some people who use moodle, but not sure if it's hosted on ubuntu or debian | 19:44 |
soren | kees: Has anyone ever done a profile for a webapp? | 19:45 |
kees | soren: in a published package? not that I know of. but I've personally profiled squirrelmail, wordpress, cacti, and awstats. | 19:47 |
ajmitch | and for a PHP web app at that? Are apache modules still needed for that? | 19:47 |
kees | oh, and mailman | 19:47 |
soren | kees: How? | 19:47 |
soren | kees: I mean... It's all run by Apache. | 19:47 |
ajmitch | changing hats? | 19:47 |
kees | ajmitch: yeah | 19:48 |
kees | soren: mod_apparmor | 19:48 |
soren | kees: What if you have something that doesn't have a profile? | 19:48 |
soren | kees: Oh. | 19:48 |
* soren was not aware of such a thing | 19:48 | |
* ajmitch found the spec for it for karmic | 19:48 | |
jdstrand | I've got moin | 19:48 |
kees | soren: http://bazaar.launchpad.net/~apparmor-dev/apparmor/master/annotate/head%3A/profiles/apparmor.d/usr.lib.apache2.mpm-prefork.apache2 | 19:48 |
jdstrand | kees: mdeslaur did phpsysinfo (but not really a big app) | 19:49 |
kees | jdstrand: right, true. | 19:49 |
jdstrand | it's hard to ship a profile in these webapps cause of the traditional issues with webapps in Debian/Ubuntu-- they can put stuff all over the place (including for virtual hosts) | 19:51 |
myk_robinson | evening, all | 19:51 |
jdstrand | ship an *enforcing* profile that is-- we can ship complain mode or disabled profiles | 19:51 |
kees | jdstrand: I think it still might be possible in some cases. | 19:51 |
myk_robinson | I have a system we just built with 8*1.5TB hard drives. We have built a hardware raid and we are trying to partition the drives. | 19:51 |
myk_robinson | we are having an issue creating a 9TB partition, any ideas? | 19:52 |
jdstrand | oh I am not saying it is impossible, just difficult | 19:52 |
soren | myk_robinson: What is the issue? | 19:52 |
patdk-wk | myk_robinson, using 64bit I hope | 19:52 |
mdeslaur | well, it may not be so bad for webapps | 19:52 |
mdeslaur | depending on what they do, they are usually restricted to their own directory anyway | 19:52 |
mdeslaur | ie: not many of them want to mess with system stuff | 19:52 |
ajmitch | jdstrand: those problems exist just for trying to package web apps, especially those that have their own installer pages that want to write all over the filesystem to mode 777 files | 19:52 |
jdstrand | mdeslaur: not for a default install-- but as soon as you go beyond it or have virtual hosts somewhere, then you get in trouble | 19:52 |
jdstrand | ajmitch: yeah :( | 19:53 |
mdeslaur | jdstrand: yes, it's only good for default installations | 19:53 |
myk_robinson | soren: partition length of 17500327425 secotrs exceeds the ms-dos-partition-table-imposed maximum of ######### | 19:53 |
jdstrand | eg, moin has a farmconfig | 19:53 |
soren | myk_robinson: Yes. Don't use MS-DOS partition tables. | 19:53 |
mdeslaur | if you're not using a default install, you're probably not using packages anyway | 19:53 |
jdstrand | where do the non-default 'farmed' files go? | 19:53 |
myk_robinson | soren: perhaps we missed a step, we'd like to format it to ext4, but never get the option | 19:53 |
soren | myk_robinson: You want to use GPT. If you use parted for partitioning, it will sort all of this out for you. | 19:53 |
* patdk-wk just doesn't use partition tables at all | 19:53 | |
patdk-wk | just format /dev/sda :) | 19:54 |
jdstrand | mdeslaur: oh I don't know about that... moin is quite useful with farmconfig | 19:54 |
jdstrand | mdeslaur: though you are surely right for some | 19:54 |
smoser | jjohansen, ping | 19:54 |
patdk-wk | myk_robinson, think about just formatting ext4 right to the device, no partitions | 19:55 |
patdk-wk | or if you do need them, put lvm right on it | 19:55 |
smoser | https://bugs.launchpad.net/ubuntu/+bug/428692 any thoughts on possibly SRU-ing the minor changes to build in ext4 and loop ? | 19:55 |
uvirtbot` | Launchpad bug 428692 in linux-ec2 "ec2 kernel needs CONFIG_BLK_DEV_LOOP=y and other config changes" [Medium,Triaged] | 19:55 |
myk_robinson | just a sec, Jeremy is gonna take my place, he speaks the language better.. | 19:56 |
jjohansen | smoser: loop and ext4 should be builtin | 19:59 |
myk_robinson | soren: patdk-wk: Ok...I have a total of 9.0TB available after a raid 6 configuration. I want to partition using ext4. I am using the ubuntu alternate install, and it is erroring out saying max msdox-partition-table-imposed maximum error | 19:59 |
jjohansen | smoser: oh oops, SRU | 19:59 |
myk_robinson | how do i get a new partition table and format this thing | 19:59 |
patdk-wk | do you need to boot from that drive? | 20:00 |
jjohansen | smoser: I think that might be SRUable | 20:00 |
soren | Session on server testing in 5 seconds in #ubuntu-classroom | 20:00 |
myk_robinson | yes..well it is one logical volume, and i want a swap, a root, and a storage partition | 20:00 |
smoser | could we move toward that? those changes would be extremely low likelyhood for regression as they're built in everywhere else | 20:00 |
jjohansen | smoser: yeah, I will request an SRU for that | 20:01 |
patdk-wk | myk_robinson, hmm, boot partition causes in issue with how I would do it :( | 20:01 |
patdk-wk | can you select a different partition layout? maybe bsd? | 20:01 |
myk_robinson | won't be a boot partition, will be in mbr | 20:01 |
smoser | can you put a comment in that bug? someone is asking on ec2ubuntu and i'd liek to have some status there. | 20:01 |
patdk-wk | I dunno the installer very good, never use it really | 20:01 |
patdk-wk | you have to have a boot partition, in your case, your boot partition would be / (root) | 20:02 |
myk_robinson | one second | 20:02 |
myk_robinson | might have it | 20:02 |
myk_robinson | i gave the drive a new partition table and it is working | 20:03 |
myk_robinson | must have been something goofed by suse when i tried installing using ext3 | 20:03 |
myk_robinson | cause ext3 has a max size of 4TB | 20:04 |
patdk-wk | heh :) maybe it put the msdos table on there | 20:04 |
patdk-wk | and ubuntu tried to reuse it | 20:04 |
myk_robinson | don't know..but it works | 20:04 |
myk_robinson | thanks for the help | 20:04 |
patdk-wk | hmm, ext3 should be able to do 16tb | 20:04 |
myk_robinson | ok..thought it said 4TB but may be wrong | 20:05 |
patdk-wk | 4tb is the max if using dunno | 20:05 |
myk_robinson | suse crapped out on trying to do the 8.15TB parition | 20:05 |
patdk-wk | 2tb max using 1k blocks | 20:05 |
patdk-wk | 8tb max using 2k blocks | 20:05 |
patdk-wk | maybe you forgot to tell it to use 4k blocks :) | 20:05 |
patdk-wk | ext4 has same limits | 20:06 |
myk_robinson | could be...it is now formatting the parition..should be a while so i will hopefully not have anymore problems | 20:06 |
myk_robinson | thanks for your help | 20:06 |
patdk-wk | oh wait, no it doesn't, my bad :) | 20:06 |
patdk-wk | it's filesize max out at 16tb :) | 20:06 |
myk_robinson | it can go to 1,000 TB | 20:06 |
myk_robinson | filesize is 16tb yeah | 20:06 |
* ajmitch just saw the regression test ppa mentioned in the developer week session, how often is that meant to be updated? | 20:16 | |
mealstrom | what should look like preseed user encrypted password ? | 20:45 |
mealstrom | d-i passwd/user-password-crypted password (what's next) [md5hashpass] or just md5hash pass ? | 20:45 |
genii | mealstrom: I'm pretty sure just: d-i passwd/user-password-crypted password md5hash-here | 21:07 |
mealstrom | doesn't work :) | 21:09 |
mealstrom | md5sum is right for that ? | 21:10 |
mealstrom | oops :( wrong hash | 21:10 |
kees | soren: the dovecot issue appears to be a real regression in dovecot. I've filed: https://bugs.edge.launchpad.net/ubuntu/+source/dovecot/+bug/512975 | 21:30 |
uvirtbot` | Launchpad bug 512975 in dovecot "mail_location not set and autodetection failed: Mail storage autodetection failed with home=/home/USERNAME" [Undecided,New] | 21:30 |
mrayzenoss | Is it possible to use the Live Desktop CD to kickoff a server install? The Live CD handles the EFI weirdness on my Mac, but I just want to use it as a server | 21:44 |
zul | kees: i broke dovecot? | 21:49 |
mdeslaur | mathiaz: fyi: upstream mysql bug for certs expiring in 2 days: http://bugs.mysql.com/bug.php?id=50642 | 21:58 |
mathiaz | mdeslaur: great thanks | 21:58 |
patdk-wk | mdeslaur, hehe, thanks, I have one expiring today :( luckly it's not critical :) | 21:58 |
kees | zul: I think dovecot broke dovecot. *shrug* I don't have time to investigate today | 22:03 |
maxfiles | can you run a desktop on the server environment/ | 22:49 |
maxfiles | ? | 22:49 |
patdk-wk | heh? | 22:51 |
patdk-wk | you mean, run ubuntu desktop on a server? sure | 22:51 |
maxfiles | would it run slower or faster | 22:51 |
maxfiles | I'm having an issue with my current desktop version | 22:52 |
maxfiles | where I did an update | 22:52 |
patdk-wk | not much slower, shouldn't be noticable | 22:52 |
maxfiles | and now none of my services will start | 22:52 |
patdk-wk | it just installs all the gui stuff that server doesn't | 22:52 |
mealstrom | you can run vnc server on it | 22:52 |
maxfiles | cant get apache, mysql, pureftpd to start at boot | 22:52 |
maxfiles | have tried everything so far that I can think of | 22:52 |
maxfiles | so I figured a fresh start would be useful | 22:53 |
patdk-wk | did you ever figure out why they wouldn't start? | 22:55 |
maxfiles | no | 22:55 |
maxfiles | I have tried every bit of software that I can think of after reading | 22:55 |
maxfiles | asking for help and getting nowhere | 22:55 |
patdk-wk | the only reason for me, besides syntax errors | 22:55 |
patdk-wk | is if the network ip's didn't come up correctly | 22:55 |
maxfiles | then it would be an ubuntu update that did that | 22:56 |
patdk-wk | dunno | 22:56 |
patdk-wk | I have never seen an ubuntu update kill something like that | 22:56 |
patdk-wk | but then, I dunno what all you have, that I might not | 22:56 |
maxfiles | well I run irc, crons, ftp, apache, mysql for the most part | 22:57 |
maxfiles | hddtemp for temp monitoring | 22:57 |
maxfiles | and I cant even get that to start | 22:57 |
maxfiles | runlevel says unknown when I use that | 23:00 |
maxfiles | so I have no idea what run level I'm on | 23:00 |
patdk-wk | I don't believe runlevels have been used for a long time | 23:00 |
patdk-wk | but have been imitated | 23:00 |
maxfiles | ok then why are they related to boot up rc0.d et el | 23:01 |
maxfiles | or are they not | 23:01 |
mealstrom | who used preseed file with password-crypt ? | 23:17 |
mealstrom | d-i passwd/user-password-crypted password md5 -- I've got problem after system install with this password. it doesn't match | 23:17 |
mealstrom | I've used htpasswd (from apache2) to create md5 hash and now don't know what password to put :( | 23:20 |
erichammond | mealstrom: I recommend generating a new password and saving it this time. | 23:26 |
Italian_Plumber | Hello. I am trying to add a new hard drive to my server, 804. The BIOS correctly identifies the drive, but I can't mount it because I can't find it in the /dev directory. I have a /dev/sda and /dev/sdb, but no /dev/sdc. The machine already had a primary master and slave, and a secondary master. I have added the new drive as the secondary slave. | 23:26 |
mealstrom | erichammond: I've generate md5 from text file. I've checked md5 for that file and command line input. they were the same | 23:27 |
erichammond | mealstrom: Ah, I misunderstood and thought you had lost the password. | 23:31 |
tarski | so i got my ubuntu server to be my router, it's doing fine, im wondering if i use a switch connecting two laptops to the switch and the switch to the router/server, if i assign those laptops static IP's in the range i specified on my server, will i get internet on both? | 23:36 |
mealstrom | internet *** router *** swich ** N-laptops --- yes | 23:37 |
erichammond | mealstrom: You might try generating the encrypted password using this command: openssl passwd -l file:$PASSWORDFILE | 23:39 |
mealstrom | erichammond: thanks for advise | 23:39 |
erichammond | er, that option should be -1 (one), so: openssl passwd -1 file:$PASSWORDFILE | 23:40 |
erichammond | argh, with no space after "file:" | 23:40 |
erichammond | Actually tested this one: openssl passwd -1 file:$PASSWORDFILE | 23:41 |
mealstrom | how to arg md5 ? | 23:41 |
erichammond | The -1 means "md5" | 23:41 |
erichammond | To see other options: openssl passwd -help | 23:42 |
erichammond | (where -help is not a valid option) | 23:42 |
erichammond | Also, for other info: man htpasswd | 23:42 |
erichammond | er, man openssl | 23:42 |
erichammond | can't type today | 23:42 |
mealstrom | yes, I've got it | 23:42 |
erichammond | or think | 23:42 |
erichammond | Odd, looks like TMTOWTDO, so this also works: openssl passwd -1 -in $PASSWORDFILE | 23:44 |
erichammond | but nobody ever accused Unix/Linux command lines of being consistent. | 23:46 |
mealstrom | ill try to remap hdd in system to see what password there was actually stored | 23:48 |
RoyK | erichammond: erm, what's wrong with the unix commandline? | 23:59 |
Generated by irclog2html.py 2.7 by Marius Gedminas - find it at mg.pov.lt!