[00:10] <PatrickDK> erichammond, as response to your blog post :)
[00:10] <PatrickDK> I had issue with ubuntu ami not having ext4 support, but it did include mkfs.ext4 :)
[00:13] <erichammond> pquerna: Yes, The Canonical Ubuntu AMIs do run user-data as root on first boot if it starts with #! just like the Alestic AMIs. http://alestic.com/2009/06/ec2-user-data-scripts
[00:13] <pquerna> erichammond: sweet.
[00:14] <erichammond> PatrickDK: Which blog post? What AMI id?
[00:14] <PatrickDK> let me see if I can find the ami number
[00:14] <ruben23> hi, anyone can suggest an opensource ticketing system..
[00:15] <PatrickDK> I had deleted the instanse I was testing with, and ext4 was just something I tried for the hell of it, and found /proc/filesystems didn't list support, and mount wouldn't mount it
[00:15] <PatrickDK> so I assume there wasn't a module for it build either
[00:15] <PatrickDK> I've been reading all your ec2 posts :) most informative posts in planet.ubuntu
[00:20] <sbeattie> ruben23: request-tracker (aka rt) and roundup are the two I've seen used; IIRC trac can also be used as a ticketing system.
[00:23] <ruben23> sbeattie: thanks ill check thid
[00:27] <PatrickDK> ami-1515f67c
[00:27] <smoser> pquerna, yes
[00:55] <genii> ruben23: ticgit looks interesting, haven't used it tho
[01:15] <erichammond> PatrickDK:  ami-1515f67c is out of date.  You might want to upgrade to ami-bb709dd2.  Bug 428692 talks about ext4 support on EC2 kernels.
[01:15] <uvirtbot`> Launchpad bug 428692 in linux-ec2 "ec2 kernel needs CONFIG_BLK_DEV_LOOP=y and other config changes" [Medium,Triaged] https://launchpad.net/bugs/428692
[01:16] <patdk-lap> I had installed that ami, and ran apt-get to update it
[01:16] <patdk-lap> maybe it needed a reboot :(
[01:34] <erichammond> patdk-lap: It's not clear to me that ext4 is supported, even in the most recent EC2 AMI.  In any case, apt-get upgrade and reboot will not upgrade a kernel in EC2.
[02:32] <uvirtbot`> New bug: #512633 in eucalyptus (main) "CLC+Walrus+SC+CC installed even if node is preseeded" [Undecided,New] https://launchpad.net/bugs/512633
[03:09] <kees> soren: I've updated the fetchmail/dovecot tests a bit more.  they work fine on karmic, so if dovecot changed for lucid, please update the tests.
[08:45] <jiboumans> good mornig
[10:30] <error404notfound> can i hide ssh signature from apppearing in portscan?
[10:32] <_ruben> probably not
[10:32] <error404notfound> _ruben: i guess i would need to recompile ssh from code to do that, right?
[10:32] <error404notfound> i wonder why didn't ubutnu-server team did this, its better to  hide what runs where and which version.
[10:33] <error404notfound> do this*
[10:33]  * error404notfound super drunk:(
[10:33] <_ruben> hiding != security
[10:33] <error404notfound> _ruben: more layers, more time to breach, more secure
[10:33] <error404notfound> the less i show you, the more secure i am
[10:34] <_ruben> lets agree to disagree on that one
[10:34] <error404notfound> thats the whole purpose of SSL, hiding via encryption
[10:34] <error404notfound> hmm, okay :)
[10:35] <jpds> error404notfound: Do you mean the host key fingerprint?
[10:35] <error404notfound> jpds: nope, version signatures printed in portscan
[10:36] <jpds> error404notfound: re: version> I believe the client software depends on this to know which protocol of SSH to abide to.
[10:36] <error404notfound> jpds: hmmm, may be, can't say. will check into it..
[10:43] <soren> I've never believed it makes any difference. Assuming that people actually look at this string before they toss their arsenal of exploit at you (another assumption I find questionable), and assuming that their check will go "Oh, I don't know which exact version of SSH this is. I might as well not try anything and just be on my merry way"
[10:43] <soren> ...rather than "Oh, I don't know what version this is. I'll just try ALL my SSH exploits rather than just the ones meant for version X."...
[10:44] <soren> ..then yes, it might make a tiny bit of a difference.
[10:44] <jpds> error404notfound: https://bugzilla.mindrot.org/show_bug.cgi?id=764#c1
[10:44] <error404notfound> soren: yes, but it makes a difference, of probably seconds...
[10:44] <soren> What will make a /massive/ difference, though, is whether you are diligent in applying security updates when we publish them.
[10:44] <uvirtbot`> bugzilla.mindrot.org bug 764 in sshd "fully remove product and version information" [Enhancement,Closed: wontfix]
[10:44] <soren> That will make more of a differnce than /anything/ else.
[10:46] <jpds> error404notfound: Security through obscurity, not the answer.
[10:46] <soren> error404notfound: If you're vulnerable, it doesn't matter whether you get broken into right now or in two seconds. Fix the problem rather than hiding it.
[10:48] <error404notfound> hmm, guess i would go with the second option of running a VPN server on the machine and bind ssh to vpn ip, that way outside world won't even see it..
[10:56] <uvirtbot`> New bug: #512732 in libvirt (main) "package libvirt-bin 0.7.5-5ubuntu3 failed to install/upgrade: subprocess installed post-installation script returned error exit status 1" [Undecided,New] https://launchpad.net/bugs/512732
[12:34] <mealstrom> I've got problem with permissions, I want to mount samba share (smb://server/share) (cifs from fstab) but only get read permission and w for created files (but not create or delete) . Windows user can mount it as network disk with rw. Also I have rw permission on smb://server/share . Where can be the problem ?
[13:09] <zul> wtf i l have to log on to nickserv in order to join the channel?
[13:12] <zul> morning anyways
[13:13] <laen> May be a weird question, but we're wondering (production environment) if we really need deb-src in the sources list?
[13:14] <laen> Or, if maybe, is there a way to check? We don't develop, we don't build from source.
[13:16] <uvirtbot`> New bug: #512777 in samba (main) "first login fails when NIC is managed by NM-wicd" [Undecided,New] https://launchpad.net/bugs/512777
[13:30] <laen> Anyone?
[13:31] <soren> zul: Yeah, there's been a lot of problems lately with bots joining channels, posting links to sites that will turn your browser into a bot as well, etc. Or something.
[13:32] <soren> zul: ...so I +R'ed the channel (as per advice from Freenode staff)
[13:32] <soren> laen: then you don't need it.
[13:32] <zul> soren: ah ok
[13:32] <laen> soren: thanks, awesome. The system itself doesn't install stuff from deb-src'es either?
[13:32] <soren> laen: Never.
[13:32] <laen> Cool.
[13:32] <EtienneG> hey soren!
[13:33] <EtienneG> soren, is this a good place for vmbuilder qustions?
[13:33] <soren> laen: I belive it's configured by default to really deliver on the promise to make source available "right next to" the binary packages.
[13:33] <soren> EtienneG: Everywhere is a good place to ask vmbuilder questions :)
[13:34] <EtienneG> soren, I am having a problem with vmbuilder, and I think it might be due to the fact that I am trying to build a 32 bits on a 64 bits host
[13:34] <soren> EtienneG: Time will tell if it's a good place to ge tanswers.
[13:34] <soren> EtienneG: That should work.
[13:34] <soren> EtienneG: what's the difficulty?
[13:34] <laen> soren: and you're a member of the ubuntu team, developer, or any special rank besides user?
[13:35] <EtienneG> soren, well, I get a debootstrap error
[13:35] <EtienneG> lemme pastebin it
[13:35] <soren> laen: Something like that.
[13:35] <soren> laen: I work for Canonical on the Ubuntu server team.
[13:36] <EtienneG> soren, http://ubuntu.pastebin.com/m288dcae0
[13:36] <laen> soren: Just asking cause i need to report back to the rest of my team with reasons :) thanks!
[13:36] <EtienneG> soren, this is an esxi vm i am trying to build, using an ISO
[13:37] <EtienneG> brb
[13:37] <soren> EtienneG: You can't install from a desktop ISO.
[13:37] <soren> EtienneG: Desktop ISO's do not contain .deb's. You can install from server or alternate, but not desktop.
[13:40] <soren> laen: Any time.
[13:40]  * EtienneG bang head
[13:41] <EtienneG> soren, thanks a bunch, my bad!
[13:42] <soren> EtienneG: No worries.
[13:43] <EtienneG> oh boy ...
[13:53] <kwork> does anyone use some like keeppass but what would have distribute password saving
[13:53] <kwork> like somekind of "password server"
[13:53] <kwork> where multiple users could hold passwords securely
[14:10] <patdk-wk> damn, even the nightly build doesn't contain ext4 support :(
[14:11] <patdk-wk> tested ami-bb709dd2 and ami-495ab720
[14:36] <Omahn> Anyone in here fancy having a look at why Puppet is broken in Lucid? https://bugs.launchpad.net/ubuntu/+source/puppet/+bug/509625
[14:36] <uvirtbot`> Launchpad bug 509625 in puppet "Puppet client is broken on Lucid Alpha 2" [Undecided,New]
[14:39] <Omahn> EtienneG: Another support case heading your way I suspect :-)
[14:40] <EtienneG> Omahn, hey Paul!
[14:40] <Omahn> Hi :-)
[14:40] <EtienneG> fortunately, you have the whois info set to your real name, otherwise I would have been completely puzzled!
[14:40] <Omahn> ;-)
[14:40] <EtienneG> Omahn, I am oversea for the next two weeks, on-site consulting
[14:40] <Omahn> I go by Omahn in IRC and on launchpad
[14:41] <EtienneG> Omahn, I doubt I will be handling your case this time :(
[14:41] <Omahn> Aha, you might get a rest from this one then
[14:41] <EtienneG> Omahn, i am confident the gys at the support center can deal!  :)
[14:42] <Omahn> I'm sure they can. Any idea what the policy is for support cases on unreleased releases? I suspect the relevant devs might want to pay attention to this bug as puppet is due to go into main for lucid and it's currently broken.
[14:43] <EtienneG> Omahn, that's a big one
[14:43] <EtienneG> it is central to many blueprints, so I would expect it to get fixed indeed
[14:43] <EtienneG> no harm in filing a support case, it is going to be tracked in two places!
[14:44] <EtienneG> Omahn, just fyi, we are usually pretty reluctant to deal with cases on unreleased release (ouf, tautology!)
[14:44] <Omahn> EtienneG: I can appreciate that :-)
[14:44] <EtienneG> Omahn, reason being that stuff are actually expected to break from time to time, and it is hard to keep track
[14:44] <Omahn> I just thought the developers would have picked up on my bug report a bit sooner with it going to main.
[14:44] <Omahn> EtienneG: Understood.
[14:45] <Omahn> I've had a quick look at it myself but it's going to involve someone with ruby experience to fix.
[14:45] <EtienneG> Omahn, mathiaz is the ne who spent the most time on Puppet.  I guess you may poke him gently, especially yif you are colunterring to test a fix ;)
[14:45] <EtienneG> (ouch, so may typos, damn caffeine!)
[14:46] <Omahn> ;-) I'll keep an eye out for mathiaz then and give him a gentle prod next time I see him online.
[14:47] <EtienneG> Omahn, no harm in filing a support case nonetheless
[14:47] <EtienneG> we can track that on two fronts
[14:47] <Omahn> I'll do that, thanks.
[14:48] <ttx> zul: looking at eucalyptus apport hooks code, I think there is a typo on line 13 @ http://bazaar.launchpad.net/~ubuntu-branches/ubuntu/lucid/eucalyptus/lucid/annotate/head%3A/debian/source_eucalyptus.py
[14:49] <zul> ttx: looking
[14:49] <ttx> also "Eucalytptus" on line 42
[14:49] <ttx> rsponse on line 48
[14:50] <EtienneG> I always spells it eucalytpus
[14:50] <EtienneG> damn annoying
[14:50] <ttx> benefial on line 58
[14:50] <ttx> EtienneG: yes, I do the same
[14:51] <zul> ttx: ok ill fix
[14:55] <twb> EtienneG: you need to get hippie-expand completion in your IRC client, then ;-)
[14:55] <EtienneG> twb, what's that?
[14:56] <EtienneG> shang, is pmatulis in the office today?
[14:56] <EtienneG> shang, wrong channel, plese ignore
[14:57] <twb> hippie-expand is an interactive autoloaded Lisp function.  It is bound to M-/.  Try to expand text before point, using multiple methods.  The expansion functions in `hippie-expand-try-functions-list' are tried in order, until a possible expansion is found.  Repeated application of `hippie-expand' inserts successively possible expansions.
[14:58] <EtienneG> twb, interesting
[14:58] <twb> EtienneG: you type, say, euc M-/, and it sees "eucalyptus" earlier in the scrollback and autocompletes on it
[14:59] <EtienneG> twb, that is pretty useful inded
[15:02] <soren> vim has the same thing.
[15:03] <Elad> when I type: ls -al /var/mail/root it shows "total 8" but only 2 items are listed. So I am assuming that I have mail, but when I run mutt, at the bottom of the page is shows "/var/mail/root is not a mailbox"
[15:03] <Elad> anyone else ever had a similar problem?
[15:04] <soren> Elad: How does "ls" show "total 8"?
[15:04] <zul> ttx: fixed
[15:04] <soren> Elad: Oh, it's a Maildir?
[15:04] <Elad> It should be my mail dir
[15:04] <soren> Elad: Then you probably want to refer to it as /var/mail/root/ (note the slash at the end)
[15:04] <ttx> mathiaz: I'd be interested in getting some more explanation on your gPXE setup, so that I can use it / base my own setup on it
[15:04] <Elad> soren: note, taken :)
[15:05] <mathiaz> ttx: yeah - I plan to blog about it real soon now
[15:05] <mathiaz> ttx: do you have a deadline?
[15:05] <ttx> mathiaz: I would have loved playing with it now, but I can wait until tomorrow :)
[15:05] <mathiaz> ttx: ok - I'll write something up later today then
[15:06] <Elad> soren: when you run ls -a it displays "total x" where x is the number of items in the directory, well at least normally. So it says 8, but only 2 things are displayed. [1] . [2] ..
[15:06] <Elad> which is expected for an empty directory
[15:06] <Elad> I don't know how the mail stuff works - which is why I'm a little confuse
[15:06] <Elad> confused
[15:07] <ttx> mathiaz: don't let that prevent you from burning WIs, you're quite low :)
[15:11] <Elad> all I am really trying to do, is see what messages the machine has for the root user
[15:23] <patdk-wk> heh, both of you are wrong
[15:23] <patdk-wk> when doing ls -al
[15:23] <patdk-wk> total is the amount of space used
[15:23] <patdk-wk> not total files
[15:23] <patdk-wk> and that would be correct, what elad said
[15:24] <patdk-wk> 8, 8kbytes used, 4kbits for each file, . and ..
[15:24] <Elad> patdk-wk: thanks for the info
[15:24] <Elad> patdk-wk: I can see it now that you mentino it
[15:24] <patdk-wk> so that would be, NO MAIL :)
[15:25] <_ruben> 4kbits + 4kbits != 8kbytes
[15:25] <patdk-wk> heh :)
[15:25] <patdk-wk> so used to typing in bits lately
[15:25] <patdk-wk> 8kbytes used, 16kbits for each file :)
[15:27] <_ruben> so your bytes are 4 bits ?
[15:28] <patdk-wk> yep, they where cercumsized
[15:28] <Elad> lol
[15:31] <mealstrom> I've got trouble with dhcpd.leases -- no leases at all :( .
[15:31] <mealstrom> ps ax | grep dhcpd -- /usr/sbin/dhcpd3 -q -pf /var/run/dhcp3-server/dhcpd.pid -cf /etc/dhcp3/dhcpd.conf eth1 eth3
[15:31] <mealstrom> and there is no -cl flag (for leases) .. any idea why?
[15:32] <patdk-wk> heh, mine is running without any flags
[15:32] <mealstrom> sr. no -lf flag (lease file , and it should be /var/lib/dhcp3/dhcpd.leases)
[15:33] <mealstrom> lucky one ). and how you know if someone gets it IP or not?
[15:33] <mealstrom> please check /var/lib/dhcp3/dhcpd.leases
[15:33] <Jeeves_> less /var/log/daemon.log
[15:34] <patdk-wk> hmm, you don't need to use -lf -pf and -cf if you want to OVERRIDE the defaults
[15:34] <mealstrom> Jeeves: only warning dhcpd: WARNING: Host declarations are global.  They are not limited to the scope you declared them in.  But its ok.
[15:34] <patdk-wk> by default, in 8.04 atleast, /var/state/dhcp/dhcpd.leases is where it is
[15:35] <Jeeves_> mealstrom: Do you see a DCHPDISCOVER, DHCPOFFER, DHCPREQUEST and DHCPACK >
[15:35] <Jeeves_> ?
[15:35] <uvirtbot`> New bug: #512459 in samba (main) "Winbind failed to connect to AD: Program lacks support for encryption type" [High,Confirmed] https://launchpad.net/bugs/512459
[15:36] <mealstrom> patdk-wk:  im using 9.10 now, but with 8.04 were the same
[15:36] <mealstrom> I don't specify  any flags. -cf -pf takes from default
[15:36] <patdk-wk> let me check my dhcpd on 9.10
[15:37] <mealstrom> Jeeves: in my dhcplient  Jan 26 17:20:01 skywalker dhclient: DHCPREQUEST of 192.168.1.20 on eth0 to 192.168.1.1 port 67
[15:37] <mealstrom> Jan 26 17:20:01 skywalker dhclient: DHCPACK of 192.168.1.20 from 192.168.1.1
[15:37] <mealstrom> Jan 26 17:20:01 skywalker dhclient: bound to 192.168.1.20 -- renewal in 3471 seconds.
[15:37] <Jeeves_> mealstrom: Than you have a lease, 192.168.1.20 to be exact
[15:37] <mealstrom> nope. I've got client lease on client side
[15:38] <patdk-wk> yep, on 9.10, it's using /var/lib/dhcp3/dhcpd.leases
[15:38] <mealstrom> and no lease from dhcpd
[15:38] <patdk-wk> mine is working no issues on 9.10 :)
[15:38] <mealstrom> patdk-wk: ps ax | grep dhcpd please
[15:38] <patdk-wk> /usr/sbin/dhcpd3 -q -pf /var/run/dhcp3-server/dhcpd.pid -cf /etc/dhcp3/dhcpd.conf eth0 eth0.4 eth0.5
[15:39] <mealstrom> you don't have -lf either
[15:39] <patdk-wk> ya, cause it uses the default
[15:39] <Jeeves_> mealstrom: So where did you client get the ip from, if it's not from the dhcpd? :)
[15:39] <patdk-wk> why do you need to override a default?
[15:39] <mealstrom> I don't need to override them
[15:39] <patdk-wk> there is no need for -lf :)
[15:39] <mealstrom> I just need dhcpd.leases to work
[15:40] <mealstrom> Jeeves: client takes and client side have got dhcplient.leases , and my server who gave it -- didn't
[15:40] <patdk-wk> where is the log info from the server?
[15:40] <mealstrom> and I don't know why
[15:40] <patdk-wk> I see you posted dhclient, but not dhcpd
[15:41] <patdk-wk> is 192.168.1.1 the ip of your server running dhcpd?
[15:41] <mealstrom> my server messages.log
[15:41] <mealstrom> Jan 26 17:26:01 dreamguard dhcpd: DHCPACK on 192.168.2.25 to 00:21:91:2d:ef:7a via eth3
[15:41] <mealstrom> Jan 26 17:40:12 dreamguard dhcpd: DHCPREQUEST for 192.168.1.20 from 00:19:5b:38:c9:5a via eth1
[15:41] <mealstrom> Jan 26 17:40:12 dreamguard dhcpd: DHCPACK on 192.168.1.20 to 00:19:5b:38:c9:5a via eth1
[15:41] <patdk-wk> directory permissions on /var/lib/dhcp3?
[15:41] <mealstrom> hmm..
[15:42] <mealstrom> drwxr-xr-x  2 dhcpd     dhcpd    4096 2010-01-26 15:24 dhcp3
[15:42] <patdk-wk> and dhcpd.leases doesn't exists?
[15:42] <mealstrom> -rw-r--r--  1 dhcpd dhcpd  126 2010-01-26 15:24 dhcpd.leases
[15:43] <mealstrom> dhcpd    23787  0.0  0.0  15408  1136 ?        Ss   15:24   0:00 /usr/sbin/dhcpd3 -q -pf /var/run/dhcp3-server/dhcpd.pid -cf /etc/dhcp3/dhcpd.conf eth1 eth3
[15:43] <mealstrom> permissions looks fine for me
[15:44] <mealstrom> ill try dirty hack with init.d
[15:45] <_ruben> mealstrom: i guess you do use dynamic leases and not static ones?
[15:45] <Jeeves_> mealstrom: init.d?
[15:45] <Jeeves_> /etc/default would be to efficient? :)
[15:46] <patdk-wk> did you specify lease-file-name in dhcpd.conf?
[15:47] <mealstrom> patdk-wk: what it shoud be ?
[15:47] <patdk-wk> personally? I dont have it in my files :)
[15:47] <patdk-wk> but if you use it, it will override you leases file
[15:47] <mealstrom> Jeeves_: hm, there is no -lf parameter in init.d
[15:47] <mealstrom> I don't use it either
[15:51] <mealstrom> maybe its because global host declaration ?
[15:51] <Jeeves_> maybe it's in /etc/default/dhcp3-server?
[15:53] <patdk-wk> ya, you defently have a bad config
[15:53] <patdk-wk> dunno if that can cause the leases file problem, but I think it might
[15:53] <mealstrom> Jeeves_: there is only interfaces are declared
[15:53] <patdk-wk> cause dhcp doesn't know what ip goes with what interface
[15:54] <mealstrom> it should know
[15:54] <mealstrom> cos I've got 2 subnets on 2 different nics
[15:54] <mealstrom> with static ip on them
[15:54] <patdk-wk> ya, but the purposes of the leases file is for cross boot
[15:54] <patdk-wk> and things could change
[15:55] <mealstrom> I've put declared hosts in subnets
[15:55] <mealstrom> for "fixed-address"
[15:56] <patdk-wk> where do you get that warning?
[15:56] <uvirtbot`> New bug: #507616 in apache2 (main) "CustomLog directive in apache2.conf makes it impossible to change default logging without editing the global config." [Wishlist,Confirmed] https://launchpad.net/bugs/507616
[15:57] <patdk-wk> hmm, I am not getting that warning
[15:57] <patdk-wk> and I have hosts outside subnet sections
[15:58] <mealstrom> patdk-wk: dhcpd: WARNING: Host declarations are global.  They are not limited to the scope you declared them in.
[15:58] <patdk-wk> oh, you put the hosts INSIDE a subnet
[15:58] <patdk-wk> instead of outside, when you wanted them to work with both subnets?
[15:58] <mealstrom> they are already inside subnets
[15:58] <patdk-wk> the fixed ip's on them don't match the subnet they are in is what it's saying
[15:59] <mealstrom> 192.168.1.0/24 with 192.168.1.20 host
[15:59] <mealstrom> they match
[16:00] <patdk-wk> guess I am going have to see your config file to figure out what is wrong
[16:00] <patdk-wk> never had issues with dhcp, it's always worked fine, and I don't have a simple setup
[16:01] <patdk-wk> only problem I had with dhcpd was ping-check was on :( making pxe boots take forever
[16:01] <mealstrom> I've managed with pxe
[16:01] <mealstrom> its ok )
[16:02] <mealstrom> now working on preseed configuration
[16:02] <mealstrom> and I habent try options.preseed or something like this in dhcpd
[16:04] <_ruben> 16:45 < _ruben> mealstrom: i guess you do use dynamic leases and not static ones?
[16:05] <_ruben> static leases (defined in dhcpd.conf) arent added to the leases file
[16:05] <_ruben> only dynamic ones are
[16:05] <mealstrom> hehehe...
[16:05] <mealstrom> where you was 2 hours ago?
[16:06] <_ruben> here :)
[16:06] <mealstrom> "you are so cruel "  :)
[16:06] <_ruben> only you didnt ask here 2 hrs ago ;)
[16:06] <_ruben> anyway .. time to head home
[16:07] <mealstrom> ). ok . lets check with dynamic ...
[16:11] <uvirtbot`> New bug: #512833 in bind9 (main) "package bind9 1:9.6.1.dfsg.P1-3ubuntu0.2 failed to install/upgrade: subprocess new pre-removal script returned error exit status 1" [Undecided,New] https://launchpad.net/bugs/512833
[16:13] <incorrect> is anyone putting together a ubuntu based firewall product like pfsense?
[16:15] <jjohansen> smoser: ec2 kernel update is being obnoxious, hopefully we will have something today but it has been a mess so far
[16:15] <smoser> patches rebase ?
[16:21] <zul> incorrect: have use used ufw?
[16:21] <zul> jjohansen: hah hah ;)
[16:22] <jjohansen> zul: you sadist
[16:22] <zul> jjohansen: who me?
[16:22] <jjohansen> zul: yeah you :)
[16:23] <zul> hehe
[16:23] <jjohansen> zul: perhaps sadist is the wrong word, its not so much that you love others peoples misery its that you love that its not your misery
[16:23] <zul> jjohansen: yeah thats more true
[16:24] <incorrect> zul, nope i will have a look
[16:25] <incorrect> zul, can i build a NAT box with it?
[16:25] <zul> incorrect: you should be able to i think
[16:25] <zul> jdstrand: ^^^
[16:26] <jpds> I don't think ufw supports NAT.
[16:26] <patdk-wk> use shorewall then
[16:27] <patdk-wk> or is this an attempt to use a pretty gui? :(
[16:27] <jdstrand> the ufw cli command does not support NAT. the ufw framework does (see 'man ufw-framework' and/or https://wiki.ubuntu.com/UncomplicatedFirewall for details)
[16:28] <jdstrand> incorrect: ^
[16:28] <incorrect> thanks
[16:28] <incorrect> i just found the same info
[16:29] <mealstrom> during ubuntu-server instalattion there is a lot of "Fail to download" files with *.udeb . Are they critical ? (I've make local mirror with apt-mirror) and there is no udeb files
[16:30] <patdk-wk> hmm, I have a whole crapload of udeb files in my mirror
[16:31] <mealstrom> oem-config-check_2.0.6_all.udeb ?
[16:31] <jpds> Omahn: Puppet is all fixed. :)
[16:32] <incorrect> ok so is there anything more powerful than ufw?
[16:32] <incorrect> other than directly using iptables
[16:33] <incorrect> not used iptables since 05
[16:33] <patdk-wk> /pool/main/u/ubiquity/oem-config-check_2.0.6_all.udeb
[16:33] <mealstrom> you've got it?
[16:33] <patdk-wk> yep
[16:33] <patdk-wk> and 2.0.10, 2.1.7 and 2.1.8
[16:33] <patdk-wk> your mirror is screwed :)
[16:33] <jdstrand> incorrect: if by more powerful you mean supports NAT without having to know iptables syntax, you might look at shorewall
[16:34] <incorrect> jdstrand, ok i will just remind myself about iptables
[16:34]  * patdk-wk just stopped using iptables manually about 6 months ago, and switched to shorewall
[16:34] <incorrect> i want to use ubuntu so i can move ldap, munin, tftp and a bunch of other services off my kvm box
[16:35] <mealstrom> patdk-wk: what mirror you are using for sync ?
[16:35] <patdk-wk> us.archive.ubuntu.com
[16:35] <mealstrom> ...hm ..
[16:36] <patdk-wk> I don't use apt-mirror, I found that a worthless attempt
[16:36] <mealstrom> it didn't copy *.udeb files
[16:37] <patdk-wk> I use rsync
[16:37] <jcastro> those are for the installer
[16:37] <jcastro> if you're just mirroring for updates and all that you don't need them
[16:38] <patdk-wk> I pxe boot the installer
[16:38] <patdk-wk> so I guess I need them
[16:38] <mealstrom> I need em too
[16:38] <mealstrom> you ve made full mirror with rsync , right?
[16:38] <jcastro> grab a 2-stage rsync script from the wiki, that would work better I bet
[16:39] <patdk-wk> I make an almost complete mirror
[16:39] <mealstrom> I've only need mirror for karmic
[16:39] <patdk-wk> well, rsync can't do that
[16:39] <patdk-wk> it will sync all versions
[16:39] <patdk-wk> you would have to read the toc's to do just the ones needed, that is what apt-mirror does
[16:40] <patdk-wk> but only updates, not for installations
[16:40] <patdk-wk> the next solution is to use squid :)
[16:40] <patdk-wk> and the just use a normal default mirror
[16:40] <mealstrom> im using archive.ubuntu.com
[16:41] <mealstrom> to use rsync for karmic only - a need a package parser
[16:41] <patdk-wk> na, rsync wouldn't be usefull that way either
[16:41] <patdk-wk> would probably just have to wget each file
[16:41] <uvirtbot`> New bug: #512462 in bacula (main) "bacula-console-qt missing config file crash" [Undecided,New] https://launchpad.net/bugs/512462
[16:41] <uvirtbot`> New bug: #512863 in mysql-dfsg-5.0 (universe) "mysqld.sock not found after restart" [Undecided,New] https://launchpad.net/bugs/512863
[16:41] <patdk-wk> rsync is really for groups of files, I guess you could feed it a list, :(
[16:41] <patdk-wk> just gets ugly fast
[16:42] <mealstrom> package.gz has md5 sums for each package
[16:42] <mealstrom> crap... all missing files are from http://archive.ubuntu.com/ubuntu/dists/karmic/main/debian-installer
[16:43] <patdk-wk> well, that is easy then
[16:44] <patdk-wk> zcat Packages.gz | awk '/^Filename: / { print $2; }'
[16:44] <patdk-wk> download all those files
[16:44] <patdk-wk> or feed that into a rsync list to download
[16:49] <mealstrom> there should be something easier
[16:50]  * patdk-wk doesn't know how that is *hard*
[17:13] <mealstrom> patdk-wk: deb-XXX http://archive.ubuntu.com/ubuntu karmicXXXXXX main restricted universe multiverse main/debian-installer (+ univerce/debian and so on)
[17:13] <mealstrom> that's easier )
[17:14] <patdk-wk> that doesn't download udeb files
[17:14] <patdk-wk> or will it?
[17:14] <ScottK> SpamAssassin 3.3.0 released!
[17:14] <mealstrom> it downloafs
[17:14] <ScottK> \o/
[17:14] <ScottK> Daviey: ^^^
[17:15] <mealstrom> apt-mirror gets package.gz parse it and downloads . all those *.udeb were in /debian-installer/i386(amd)/package.gz.
[17:15] <mealstrom> so I've addet debian-installer to be mirrored localy
[17:16] <patdk-wk> just got the email :)
[17:16] <mealstrom> so it was karmic /main    and I've added karmic /main/debian-installer and that's all
[18:09] <Daviey> ScottK: \o/
[18:09] <Daviey> ScottK: I emailed the debian maintainer a while ago who pretty much said he had it in hand, but patches welcome
[18:30] <smoser> erichammond, would you mind if i took runurl and added to ec2init ?
[18:30] <smoser> and is http://run.alestic.com/runurl the right runurl ? and any reason why it is #!/bin/bash not #!/bin/sh
[18:35] <koolhead17> hi all
[18:35] <koolhead17> hello kees
[18:35]  * koolhead17 waves propagandist
[18:49] <zul> smoser: you'll have to update the debian/copyright file if you do that just an fyi
[18:49] <smoser> yeah, i have other udpates there too
[19:34]  * soren just had a rockin' idea for Lucid+1
[19:38] <ajmitch> soren: demoting most of main?
[19:39] <soren> No, but also sounds like fun :)
[19:40]  * ajmitch was just reading kees' suggestions about web apps
[19:43] <kees> mmmm profiles
[19:44] <ajmitch> I know some people who use moodle, but not sure if it's hosted on ubuntu or debian
[19:45] <soren> kees: Has anyone ever done a profile for a webapp?
[19:47] <kees> soren: in a published package? not that I know of.  but I've personally profiled squirrelmail, wordpress, cacti, and awstats.
[19:47] <ajmitch> and for a PHP web app at that? Are apache modules still needed for that?
[19:47] <kees> oh, and mailman
[19:47] <soren> kees: How?
[19:47] <soren> kees: I mean... It's all run by Apache.
[19:47] <ajmitch> changing hats?
[19:48] <kees> ajmitch: yeah
[19:48] <kees> soren: mod_apparmor
[19:48] <soren> kees: What if you have something that doesn't have a profile?
[19:48] <soren> kees: Oh.
[19:48]  * soren was not aware of such a thing
[19:48]  * ajmitch found the spec for it for karmic
[19:48] <jdstrand> I've got moin
[19:48] <kees> soren: http://bazaar.launchpad.net/~apparmor-dev/apparmor/master/annotate/head%3A/profiles/apparmor.d/usr.lib.apache2.mpm-prefork.apache2
[19:49] <jdstrand> kees: mdeslaur did phpsysinfo (but not really a big app)
[19:49] <kees> jdstrand: right, true.
[19:51] <jdstrand> it's hard to ship a profile in these webapps cause of the traditional issues with webapps in Debian/Ubuntu-- they can put stuff all over the place (including for virtual hosts)
[19:51] <myk_robinson> evening, all
[19:51] <jdstrand> ship an *enforcing* profile that is-- we can ship complain mode or disabled profiles
[19:51] <kees> jdstrand: I think it still might be possible in some cases.
[19:51] <myk_robinson> I have a system we just built with 8*1.5TB hard drives. We have built a hardware raid and we are trying to partition the drives.
[19:52] <myk_robinson> we are having an issue creating a 9TB partition, any ideas?
[19:52] <jdstrand> oh I am not saying it is impossible, just difficult
[19:52] <soren> myk_robinson: What is the issue?
[19:52] <patdk-wk> myk_robinson, using 64bit I hope
[19:52] <mdeslaur> well, it may not be so bad for webapps
[19:52] <mdeslaur> depending on what they do, they are usually restricted to their own directory anyway
[19:52] <mdeslaur> ie: not many of them want to mess with system stuff
[19:52] <ajmitch> jdstrand: those problems exist just for trying to package web apps, especially those that have their own installer pages that want to write all over the filesystem to mode 777 files
[19:52] <jdstrand> mdeslaur: not for a default install-- but as soon as you go beyond it or have virtual hosts somewhere, then you get in trouble
[19:53] <jdstrand> ajmitch: yeah :(
[19:53] <mdeslaur> jdstrand: yes, it's only good for default installations
[19:53] <myk_robinson> soren: partition length of 17500327425 secotrs exceeds the ms-dos-partition-table-imposed maximum of #########
[19:53] <jdstrand> eg, moin has a farmconfig
[19:53] <soren> myk_robinson: Yes. Don't use MS-DOS partition tables.
[19:53] <mdeslaur> if you're not using a default install, you're probably not using packages anyway
[19:53] <jdstrand> where do the non-default 'farmed' files go?
[19:53] <myk_robinson> soren: perhaps we missed a step, we'd like to format it to ext4, but never get the option
[19:53] <soren> myk_robinson: You want to use GPT. If you use parted for partitioning, it will sort all of this out for you.
[19:53]  * patdk-wk just doesn't use partition tables at all
[19:54] <patdk-wk> just format /dev/sda :)
[19:54] <jdstrand> mdeslaur: oh I don't know about that... moin is quite useful with farmconfig
[19:54] <jdstrand> mdeslaur: though you are surely right for some
[19:54] <smoser> jjohansen, ping
[19:55] <patdk-wk> myk_robinson, think about just formatting ext4 right to the device, no partitions
[19:55] <patdk-wk> or if you do need them, put lvm right on it
[19:55] <smoser> https://bugs.launchpad.net/ubuntu/+bug/428692 any thoughts on possibly SRU-ing the minor changes to build in ext4 and loop ?
[19:55] <uvirtbot`> Launchpad bug 428692 in linux-ec2 "ec2 kernel needs CONFIG_BLK_DEV_LOOP=y and other config changes" [Medium,Triaged]
[19:56] <myk_robinson> just a sec, Jeremy is gonna take my place, he speaks the language better..
[19:59] <jjohansen> smoser: loop and ext4 should be builtin
[19:59] <myk_robinson> soren: patdk-wk: Ok...I have a total of 9.0TB available after a raid 6 configuration.  I want to partition using ext4.  I am using the ubuntu alternate install, and it is erroring out saying max msdox-partition-table-imposed maximum error
[19:59] <jjohansen> smoser: oh oops, SRU
[19:59] <myk_robinson> how do i get a new partition table and format this thing
[20:00] <patdk-wk> do you need to boot from that drive?
[20:00] <jjohansen> smoser: I think that might be SRUable
[20:00] <soren> Session on server testing in 5 seconds in #ubuntu-classroom
[20:00] <myk_robinson> yes..well it is one logical volume, and i want a swap, a root, and a storage partition
[20:00] <smoser> could we move toward that? those changes would be extremely low likelyhood for regression as they're built in everywhere else
[20:01] <jjohansen> smoser: yeah, I will request an SRU for that
[20:01] <patdk-wk> myk_robinson, hmm, boot partition causes in issue with how I would do it :(
[20:01] <patdk-wk> can you select a different partition layout? maybe bsd?
[20:01] <myk_robinson> won't be a boot partition, will be in mbr
[20:01] <smoser> can you put a comment in that bug? someone is asking on ec2ubuntu and i'd liek to have some status there.
[20:01] <patdk-wk> I dunno the installer very good, never use it really
[20:02] <patdk-wk> you have to have a boot partition, in your case, your boot partition would be / (root)
[20:02] <myk_robinson> one second
[20:02] <myk_robinson> might have it
[20:03] <myk_robinson> i gave the drive a new partition table and it is working
[20:03] <myk_robinson> must have been something goofed by suse when i tried installing using ext3
[20:04] <myk_robinson> cause ext3 has a max size of 4TB
[20:04] <patdk-wk> heh :) maybe it put the msdos table on there
[20:04] <patdk-wk> and ubuntu tried to reuse it
[20:04] <myk_robinson> don't know..but it works
[20:04] <myk_robinson> thanks for the help
[20:04] <patdk-wk> hmm, ext3 should be able to do 16tb
[20:05] <myk_robinson> ok..thought it said 4TB but may be wrong
[20:05] <patdk-wk> 4tb is the max if using dunno
[20:05] <myk_robinson> suse crapped out on trying to do the 8.15TB parition
[20:05] <patdk-wk> 2tb max using 1k blocks
[20:05] <patdk-wk> 8tb max using 2k blocks
[20:05] <patdk-wk> maybe you forgot to tell it to use 4k blocks :)
[20:06] <patdk-wk> ext4 has same limits
[20:06] <myk_robinson> could be...it is now formatting the parition..should be a while so i will hopefully not have anymore problems
[20:06] <myk_robinson> thanks for your help
[20:06] <patdk-wk> oh wait, no it doesn't, my bad :)
[20:06] <patdk-wk> it's filesize max out at 16tb :)
[20:06] <myk_robinson> it can go to 1,000 TB
[20:06] <myk_robinson> filesize is 16tb yeah
[20:16]  * ajmitch just saw the regression test ppa mentioned in the developer week session, how often is that meant to be updated?
[20:45] <mealstrom> what should look like preseed user encrypted password ?
[20:45] <mealstrom> d-i passwd/user-password-crypted password (what's next) [md5hashpass] or just md5hash pass ?
[21:07] <genii> mealstrom: I'm pretty sure just: d-i passwd/user-password-crypted password md5hash-here
[21:09] <mealstrom> doesn't work :)
[21:10] <mealstrom> md5sum is right for that ?
[21:10] <mealstrom> oops :( wrong hash
[21:30] <kees> soren: the dovecot issue appears to be a real regression in dovecot.  I've filed: https://bugs.edge.launchpad.net/ubuntu/+source/dovecot/+bug/512975
[21:30] <uvirtbot`> Launchpad bug 512975 in dovecot "mail_location not set and autodetection failed: Mail storage autodetection failed with home=/home/USERNAME" [Undecided,New]
[21:44] <mrayzenoss> Is it possible to use the Live Desktop CD to kickoff a server install?  The Live CD handles the EFI weirdness on my Mac, but I just want to use it as a server
[21:49] <zul> kees: i broke dovecot?
[21:58] <mdeslaur> mathiaz: fyi: upstream mysql bug for certs expiring in 2 days: http://bugs.mysql.com/bug.php?id=50642
[21:58] <mathiaz> mdeslaur: great thanks
[21:58] <patdk-wk> mdeslaur, hehe, thanks, I have one expiring today :( luckly it's not critical :)
[22:03] <kees> zul: I think dovecot broke dovecot.  *shrug*  I don't have time to investigate today
[22:49] <maxfiles> can you run a desktop on the server environment/
[22:49] <maxfiles> ?
[22:51] <patdk-wk> heh?
[22:51] <patdk-wk> you mean, run ubuntu desktop on a server? sure
[22:51] <maxfiles> would it run slower or faster
[22:52] <maxfiles> I'm having an issue with my current desktop version
[22:52] <maxfiles> where I did an update
[22:52] <patdk-wk> not much slower, shouldn't be noticable
[22:52] <maxfiles> and now none of my services will start
[22:52] <patdk-wk> it just installs all the gui stuff that server doesn't
[22:52] <mealstrom> you can run vnc server on it
[22:52] <maxfiles> cant get apache, mysql, pureftpd to start at boot
[22:52] <maxfiles> have tried everything so far that I can think of
[22:53] <maxfiles> so I figured a fresh start would be useful
[22:55] <patdk-wk> did you ever figure out why they wouldn't start?
[22:55] <maxfiles> no
[22:55] <maxfiles> I have tried every bit of software that I can think of after reading
[22:55] <maxfiles> asking for help and getting nowhere
[22:55] <patdk-wk> the only reason for me, besides syntax errors
[22:55] <patdk-wk> is if the network ip's didn't come up correctly
[22:56] <maxfiles> then it would be an ubuntu update that did that
[22:56] <patdk-wk> dunno
[22:56] <patdk-wk> I have never seen an ubuntu update kill something like that
[22:56] <patdk-wk> but then, I dunno what all you have, that I might not
[22:57] <maxfiles> well I run irc, crons, ftp, apache, mysql for the most part
[22:57] <maxfiles> hddtemp for temp monitoring
[22:57] <maxfiles> and I cant even get that to start
[23:00] <maxfiles> runlevel says unknown when I use that
[23:00] <maxfiles> so I have no idea what run level I'm on
[23:00] <patdk-wk> I don't believe runlevels have been used for a long time
[23:00] <patdk-wk> but have been imitated
[23:01] <maxfiles> ok then why are they related to boot up rc0.d et el
[23:01] <maxfiles> or are they not
[23:17] <mealstrom> who used preseed file with password-crypt ?
[23:17] <mealstrom> d-i passwd/user-password-crypted password md5    -- I've got problem after system install with this password. it doesn't match
[23:20] <mealstrom> I've used htpasswd (from apache2) to create md5 hash and now don't know what password to put :(
[23:26] <erichammond> mealstrom: I recommend generating a new password and saving it this time.
[23:26] <Italian_Plumber> Hello.  I am trying to add a new hard drive to my server, 804.  The BIOS correctly identifies the drive, but I can't mount it because I can't find it in the /dev directory.  I have a /dev/sda and /dev/sdb, but no /dev/sdc.  The machine already had a primary master and slave, and a secondary master.  I have added the new drive as the secondary slave.
[23:27] <mealstrom> erichammond: I've generate md5 from text file. I've checked md5 for that file and command line input. they were the same
[23:31] <erichammond> mealstrom: Ah, I misunderstood and thought you had lost the password.
[23:36] <tarski> so i got my ubuntu server to be my router, it's doing fine, im wondering if i use a switch connecting two laptops to the switch and the switch to the router/server, if i assign those laptops static IP's in the range i specified on my server, will i get internet on both?
[23:37] <mealstrom> internet *** router *** swich ** N-laptops  --- yes
[23:39] <erichammond> mealstrom: You might try generating the encrypted password using this command: openssl passwd -l file:$PASSWORDFILE
[23:39] <mealstrom> erichammond: thanks for advise
[23:40] <erichammond> er, that option should be -1 (one), so: openssl passwd -1 file:$PASSWORDFILE
[23:40] <erichammond> argh, with no space after "file:"
[23:41] <erichammond> Actually tested this one: openssl passwd -1 file:$PASSWORDFILE
[23:41] <mealstrom> how to arg md5 ?
[23:41] <erichammond> The -1 means "md5"
[23:42] <erichammond> To see other options: openssl passwd -help
[23:42] <erichammond> (where -help is not a valid option)
[23:42] <erichammond> Also, for other info: man htpasswd
[23:42] <erichammond> er, man openssl
[23:42] <erichammond> can't type today
[23:42] <mealstrom> yes, I've got it
[23:42] <erichammond> or think
[23:44] <erichammond> Odd, looks like TMTOWTDO, so this also works: openssl passwd -1 -in $PASSWORDFILE
[23:46] <erichammond> but nobody ever accused Unix/Linux command lines of being consistent.
[23:48] <mealstrom> ill try to remap hdd in system to see what password there was actually stored
[23:59] <RoyK> erichammond: erm, what's wrong with the unix commandline?