[00:01] HI, i am creating a ldap server and i want mac desktop can login to my server. where i can find a apple.schem? === erichammond1 is now known as erichammond === erichammond1 is now known as erichammond [00:10] Apple don't use RFC 2307? [00:11] Christ. Why does EVERY LDAP auth deployment want to NIHG their own schema? [00:11] *NIH === dendrobates is now known as dendro-afk === dendro-afk is now known as dendrobates === LyonJT__ is now known as LyonJT [01:46] New bug: #516862 in ntp (main) "/usr/bin/timeadj doesn't appear to have stack protection" [Undecided,New] https://launchpad.net/bugs/516862 [01:46] nurmi: ping [01:47] s/join 3opensuse [02:56] hey I'm having issues connecting a printer on a samba server to a windows 7 client [02:56] I'm using ubuntu-server 9.10 (latest security updates) [02:57] What's the KVM name for the dom0/HN? [02:57] windows 7 (64-biit) release [02:58] the error message I get is "Windows can't connect to the printer" [02:58] error 0x0000000d [02:58] animeloe[net]: can normal machines use the printer via samba? [02:58] (a not very helpful error message from windows) [02:58] yes [02:58] my XP box can connect [02:59] and print [02:59] Hi i am following this how to and when i do this command :root@palm:/var/lib/ldap# sudo ldapsearch -LLL -Y EXTERNAL -H ldapi:/// -b cn=config dn [02:59] SASL/EXTERNAL authentication started [02:59] SASL username: gidNumber=0+uidNumber=0,cn=peercred,cn=external,cn=auth [02:59] SASL SSF: 0 [02:59] No such object (32) [02:59] and the Vista box can as well [02:59] why this error? [02:59] Roxyhart0, PASTEBIN!!!!!!!!!!!!!!!!!!!!!!!!!!!!!1 [02:59] ups sorry [02:59] animeloe[net]: then we can start by assuming it's Windows 7's fault. I suggest you try ##windows [02:59] lol [02:59] s/assuming/hypothesizing/ [02:59] I kinda figured [02:59] go figure [03:00] Roxyhart0: I normally need an -x in there, but I've no idea what that actually means. [03:01] why are you using ldapi? [03:01] animeloe[net]: oh, yeah, ldapi never worked for me, either [03:01] * animeloe[net] uses ldaps [03:01] IIRC ldapi means "use sockets" or so [03:01] I used ldap://127.0.0.1 [03:02] IIRC we ran out of budget before getting LDAP/SSL working, sigh. [03:02] Hi again, i am following this how http://doc.ubuntu.com/ubuntu/serverguide/C/openldap-server.html to and when I execute a command I got the error on http://pastebin.com/d4a509bf6. any idea? [03:02] lol [03:03] http://ubuntuforums.org/showthread.php?t=1313472 [03:03] look here Roxyhart0 [03:03] they didn't complete the guide [03:03] * animeloe blames the Pres for that [03:08] animeloe: what does Mbeki have to do with it? [03:09] yes i follow this one, but when i want to continue with the next process such as that i shows before i got this error [03:11] budget cuts :P [03:18] other weir thing is when i try to see the acls that i did just shows me the first line but not the acls. It means for some reason the acls are not configured? or the command is not working properly? http://pastebin.com/d378dae74 [03:26] wherelse can I see my acls? [03:34] Roxyhart0: acls in what? [03:34] Oh, LDAP. [03:35] I don't know anything about slapd's config after they moved it INTO slapd's database (yuck) [03:35] (Self-hosting is all well and good, but for auth infrastructure it makes me nervous.) [03:55] hello everyone. i'm having an issue where i can login with my password but sudo is not working. [03:56] i have just installed ubuntu server [03:56] and i haven't brought the network up yet [03:56] this is for a home server and i'll be using wifi. [03:57] furthermore, sudo sometimes ignores my first return keypress. this does not happen with login. [03:57] any clues? [03:58] Try "sudo -l" [04:00] no luck. it dropped me straight to asking me my password and once again nothing works. [04:01] Your password is wrong, then. [04:01] i had to hit return twice for it to register [04:01] this doesn't happen neither at bash or at login. [04:01] You cannot reset it without root access, so you will need to break into your host to fix it. Do you have physical access? [04:02] I suppose it's also possible that your keyboard is playing up or something, but for now I'll assume you're just fat-fingered. [04:02] i'm standing next to it. this is a home server. i'm typing from another computer. [04:02] "typing from another computer" how? [04:03] Or do you just mean you're IRCing from another host? [04:03] at irc i mean, not at the server lol [04:03] yes [04:03] OK, bounce the server and pick the second option, which should be "... (rescue)" [04:03] doing it... [04:03] It will then give you full root access, from which you can run "passwd gwynddyllyd" to reset your password. [04:08] Hello im looking for some help with setting up my first mail server using postfix [04:08] i have it installed and all that [04:09] its using mail.bizkitsplace.co.cc, I never set up the subdomain mail, so do i need to do that? and do i need to make a dns forward for that subdomain? [04:09] twb: actually i took the keyboard off the server and replugged it (the horror!) and it started working again. [04:10] gwynddyllyd: ok [04:10] twb: but thanks! [04:26] when setting up a postfix+dovecot mail server, do I need to specify that the domain is mail.my_domain.com somewhere? From what I am seeing it looks like I just do my_domain.com [04:31] how does the server know if you are attempting tosetup your mail client for imap, pop3, etc? [04:36] hey how about that! im tryign to setup postfix too, and not i cant figure out how to set up a subdomain :D [04:37] im tired [04:37] been thinking about this way to long [04:37] have you been able to succesfully connect a mail client to your server? [04:37] no [04:37] i cant even get it to send an email from the webmin [04:38] I'm sure there is an easier way, but do you have php+apache installed on your server? [04:38] yea [04:39] its currently hosting www.bizkitsplace.co.cc [04:39] I tested my mail server by writing a quick php script [04:39] to see if the thing was able to send mail [04:40] i think the only thing setting me back is my inablity to set up a sub-domain === jehovah_ is now known as jehovah [04:41] Anyone seen this before?: http://ubuntuforums.org/showthread.php?p=8771621#post8771621 === jehovah is now known as Guest24250 [04:41] I have a 2nd disk that gets deecting in PIO mode when its on the second IDE channel [04:41] lawls [04:41] if it shares the same IDE channel as the first disk (IDE0) it works fine [04:49] when I try to telnet into mail.my_domain.com it says "Trying ip_address" but the ip_address it shows isn't mine; When I do telnet my_domain.com is says the it is trying my ip address - why would this be? [04:51] hi, somebody have a really good doc to install openldap it is getting me crazy, i has been 1 week trying and is error over error [05:10] Roxyhart0: Just use the Ubuntu Server Guide: https://help.ubuntu.com/9.10/serverguide/C/openldap-server.html [05:11] nah, just error...doesn't work [05:11] Then (if you are 100% sure of this) file a bug against it. It works here. [05:12] includying phpldap? [05:13] is that mentioned in the guide? :) Either the guide works, or it doesn't. Try it. Once you have openldap itself working, you can add whatever extra stuff around it you need. [05:15] i did many times [05:44] for exmpale id follow that how to but when i try to do it, i got the last error: [05:44] root@palm:~# sudo ldapsearch -LLL -Y EXTERNAL -H ldapi:/// -b cn=config dn [05:44] SASL/EXTERNAL authentication started [05:44] SASL username: gidNumber=0+uidNumber=0,cn=peercred,cn=external,cn=auth [05:44] SASL SSF: 0 [05:44] No such object (32) [05:52] can be all that error because i just upgrade ubuntu to 9.10 instead install from zero? [06:04] Roxyhart0: I do not see that sudo command in the guide. if you work through the guide and get to ldapsearch -xLLL -b "dc=example,dc=com" uid=john sn givenName cn then you have a working LDAP server. [06:04] Did you get that far? [06:07] that is not the problem, it work doind search but when i try to do something else like i put before i got problems [06:07] Then most likely you have a working LDAP server, but you are using invalid or incorrect commands against it. [06:07] wich ubuntu version do you have? [06:08] but i am following the doc [06:08] Many :) The machine I am typing on runs Ubuntu 9.10 Desktop amd64. [06:08] Roxyhart0: Which doc?? [06:08] i am installing in a upgraded ubuntu 9.10 server [06:08] the guide [06:09] OK. and where in the guide does it say that the command sudo ldapsearch -LLL -Y EXTERNAL -H ldapi:/// -b cn=config dn should work ? [06:10] in Further configuration [06:10] is just to know about my configuration... [06:10] but form there any command that i run shown in the guide doesn work as should be [06:12] I still can't find that command in the Guide... can you give me a URL to the guide you are using? [06:12] http://doc.ubuntu.com/ubuntu/serverguide/C/openldap-server.html [06:14] That one says DRAFT all over it. The official Guide is at https://help.ubuntu.com/9.10/serverguide/C/openldap-server.html [06:18] ok, i will try one more time with this wide doind exactly everything [06:18] thanks [06:19] are you sure this is the last one? [06:21] weel, first dpkg-reconfigure doesn't shows me the dialog to write nothing [06:22] Notice that it does not have the DRAFT DRAFT background :) As far as I know it is the official one. You can also install it (sudo apt-get install ubuntu-serverguide ) and use that if you want. [06:23] Roxyhart0: Perhaps you need to apt-get purge the packages you already added from your earlier attempts? [06:24] yes, but dpkd-reconfugure doesnt work [06:25] it is so stressing to be honest [06:37] Roxyhart0: You are saying that you followed the (official) guide, after removing all the stuff you did earlier, and it's instructions do not work? That's... unhelpful, if true. I'll srat up a Karmic Server VM and see what happens when I try to follow the Guide... [06:38] thanks a lot jmarsden [06:40] OK, so I did sudo apt-get install slapd ldap-utils and installed the packages. Then I did sudo dpkg-reconfigure slapd and I'm in debconf menus asking me about configuring it. Where's the issue? [06:41] yes, but just ask you one time...close that ...can you try again? [06:41] i dont know why i cant do that anymore [06:44] Works for me. It doesn't ask me about modifying the olcSuffix in those questions, but it let;s me go through the debconf questions it *does* ask as many times as I want. [06:44] so you are lucky ..what do you recomend to me? [06:45] You've tried sudo apt-get purge slapd and then sudo apt-get install slapd again? [06:46] BTW, I'm not sure I'm lucky... I'm just running a fairly normal test Karmic server. Apparently you have got yours into some strange state. [06:47] Well, or you didn't do what I suggested 20 minutes ago when I said: Roxyhart0: Perhaps you need to apt-get purge the packages you already added from your earlier attempts? [06:47] so, i will format the server (is new) and install from zero [06:47] Seems like overkill, but if you want, sure. [06:49] i got another new server as well but i upgraded from 9.04 to 9.10. could be it a problem? [06:49] i mean doesn't work the same way when i install from zero v/s upgrade? [06:49] Was there a 9.04 openldap installation on it? That might be different, if you need to keep that data... [06:50] no 9.10 [06:50] no problems there is no nata [06:50] Then I don't see a problem :) [06:52] i have http://pastebin.com/m683431e6 , i can telnet to 25 on localhost but not from the remote ip address, why? [06:53] thanks a lot for your help [06:54] also i am following now this doc and is going a little bit better. http://www.howtoforge.com/install-and-configure-openldap-on-ubuntu-karmic-koala [06:55] Roxyhart08: It's up to you. I generally don't reocmmend those howto's "out there". It is safer to stick to the official documentation and the man pages. [06:55] *recommend [06:55] error404notfound: Maybe you are missing a line something like ACCEPT all -- 0.0.0.0/0 0.0.0.0/0 state RELATED,ESTABLISHED [06:56] Wow, he disappeared already? [06:56] maybe we found the error [06:57] Roxyhart08: We did -- the error was that you used a document with DRAFT all over it instead of the real Server Guide :) [06:58] hahaha...is not victory yet...but, is a mix of document to be honest [06:59] Don't do that. You will confuse yourself. Use *one* guide, the Ubuntu Server Guide, and man pages. [07:00] i will try with the new server and will see [08:10] how to change default gnome language pack in preseed file? say from "en" to "fr" or "ru" ? [08:55] d-i preseed/late_command string wget -O /target/var/lib/gconf/debian.defaults http://192.168.1.1/preseed/%25gconf-tree.xml [08:55] can you help me with this command? how to wget in preseed %gconf-tree.xml with % <-- this char ? [08:55] %25 doesn't work [09:52] solved "http://xxx/%25so" [10:13] from where this file is copied? or some template ? ~/home/.dmrc [10:46] hi. i'm trying to install Xen on Karmic. from what i read online, it looks like Ubuntu is supporting KVM and not Xen. outside of compiling from source, is there any simpler package-based way to get Xen running? i got xen-create-image working, just the failure on xm create /etc/xen/myserver.cfg [10:46] Any knows a good guide to configure slapd in Ubuntu from scratch? [10:47] have you checked ubuntu server guide? [10:47] you mean the url in the topic? [10:47] hey...if you find one let me know i has been one week crazy whit it [10:48] https://help.ubuntu.com/9.10/serverguide/C/openldap-server.html [10:48] Roxyhart0, I found this http://www.grennan.com/ldap-HOWTO.html but it mentions a slapd.conf file I don't find in ubuntu install, and it is based on redhat so I dont really know how to translate things [10:48] ivoks, thank you, will take a look now [10:49] new versions of openldap keep config in tree, not in files [10:49] yes, new ubuntus version doesn't come with sladp.conf [10:51] I'm sorry If I sound clueless it is my first attempt at playing with ldap by myself [10:51] ezra-s: get apache directory studio as interface to your slapd [10:51] i check this pages:http://ubuntuforums.org/showthread.php?p=8154148 and http://ubuntuforums.org/showthread.php?t=1313472 and http://www.howtoforge.com/install-and-configure-openldap-on-ubuntu-karmic-koala. If the Offitial Guie doesn't work for you ..have a look those pages can help to understand a little bit more the new configuration [10:52] Roxyhart0: have you looked at official documentation? [10:52] there is a reason why it's official [10:52] use slaptest command to convert slapd.conf to spad.d/ [10:52] and find working slapd.conf [10:53] ivoks, apache directory studio, have any url I can check right there I dont find coincidences in ubuntu package listing [10:53] yes, was the first but doesn't work for me properly but because was my first time doing it. I will try again from zero [10:53] ezra-s: it's not packaged, but you could use it once you set up slapd [10:53] alright, googling for download ;) [10:53] http://directory.apache.org/studio/ [10:53] got it! [10:54] ivoks, you're most helpful I apreciate [10:54] ivock do you know how set phpadminldap? s is not working. [10:54] i never used phpadminldap [10:55] it is a good tool to visualize [10:58] Roxyhart0, if you want to visualize I can help you --> ldapbrowser :P [10:58] lightweight and easy to use [10:59] better tahn phpldapadmin? [11:02] ezra-s: start it with GDK_NATIVE_WINDOWS=1 [11:03] GDK_NATIVE_WINDOWS=1 ./ApacheDirectoryStudio [11:03] Hi guys. I just bought a machine (Dell Poweredge M610 Blade Server) that I wanted to setup with Ubuntu server 9.10 [11:04] but for some reason the guy who's setting it up for me (a technician at the hosting provider where my machine is kept) says he's tried setting 9.10 up, but it doesn't seem to be workingþ [11:04] He suggests using Ubuntu 8.04 LTS server instead [11:04] (which is supposedly supported until 2013) [11:05] I noticed that [11:05] thank you very much [11:05] gzur: ok, and? [11:06] I'm wondering whether I should ask him to try setting up 9.03 jaunty instead perhaps? [11:06] ivoks, the ldap guide is missing some basic point, I havent be able to set up my root password for the ldap at any poing in time, not even the name of the root branch in the ldap.. and dpkg-reconfigure does not ask me for any of that [11:06] or is the LTS a better deal? [11:06] any ideas on how to set the admin password? [11:06] LTS is better deal [11:07] I've been preparing the deployment(on a dev machine) using 9.10 so far [11:07] ezra-s: dpkg-reconfigure slapd [11:07] ezra-s: that doesn't work? [11:07] ivoks, that won't do [11:07] nope :( [11:07] is that work down the drain? [11:07] i had the same problem before, doesn't work [11:08] it just asks if I want to remove database when the package is purged, about ldapv2 support and if I want to omit ldapd config [11:08] gzur i had the same question than you but no body asnser me something clear and different opinios about that, even some guys told me better use 10.04 LTS [11:08] I choose I don't want to omit sand continues to the next two questions but nothing else [11:09] i suppose we can always upgrade versions [11:10] awrighthy [11:10] 8.04 LTS it is then. [11:11] there's no password, if i read this line correct [11:12] olcAuthzRegexp: {0}gidNumber=[[:digit:]]+\+uidNumber=0,cn=peercred,cn=external ,cn=auth cn=localroot,cn=config [11:12] ezra-z sis you check this one: http://doc.ubuntu.com/ubuntu/serverguide/C/openldap-server.html [11:13] did sorry [11:13] ivoks, It won't let you use no passwrd either, you have to enter something [11:14] will check right now [11:16] # Allow unlimited access to cn=localroot,cn=config which is the dn to wich a [11:16] # local connection from the local root user is mapped to [11:17] gzur i am installin 9.10 and i am having problems but others people thinks is very good. maybe you can try with 8.04 and when 10.04LTS come you can upgrade...i think it is like the new windows versions...at the first time always problems and after a time improve (sorry for the comparation) [11:20] ivoks, doing this fails ldapsearch -xLLL -b cn=config -D cn=admin,cn=config -W olcDatabase={1}hdb [11:20] it asks for a password, i use the root pw and fails :P [11:20] cn=localroot should be? [11:20] set olcRootPW [11:20] maybe [11:20] i know [11:21] in any case, Im checking Roxy's guide now see if I have more success there [11:21] there's /usr/share/slapd/slapd.init.ldif [11:21] I've got trouble with something similar and fix it with slapd.conf conversion [11:21] ezra-s i think you should try with the link that i told you last time. If that link doesn't work totally this link worked for me in th first part http://www.howtoforge.com/install-and-configure-openldap-on-ubuntu-karmic-koala. Pleas let me know which work for you [11:22] Roxyhart0, I'm on it [11:23] i got it working [11:23] so [11:23] go to /usr/share/slapd [11:23] there's slapd.init.ldif [11:23] before you edit it, run slappasswd [11:23] that will generate a password for you [11:23] then open slapd.init.ldif [11:24] find olcRootDN [11:24] and bellow it, add olcRootPW: [11:24] dpkg-reconfigure slapd and answer to all questions as proposed [11:25] that's it [11:25] Roxyhart0, in that guide it says "Change olcRootPW: secret to a password of your choosing" maybe it should also comment, "use slappasswd" to make an encrypted one [11:26] ivoks, you're a machine! [11:26] yes you can use sldappassw and copy the result there [11:27] lol [11:27] there's even easier way [11:27] ldapsearch -Y EXTERNAL -H ldapi:/// [11:28] :) [11:28] ldapsearch -Y EXTERNAL -H ldapi:/// -b cn=config [11:28] i knew it can read users uid :) [11:29] that howtoforge link is correct one [11:30] so the best guide is the howtoforge link then? [11:30] depends on what you want [11:31] if you really want to set up a password for admin account [11:31] then you need to do that i told you [11:31] howtoforge explains how to create new directory, dc=example,dc=com [11:32] and creates new admin user for it [11:32] I just want to set one up to learn how the thing works for once and for all, ldap is a pain and a scratch in my resume [11:33] there's no 'once and for all' in IT industry [11:34] lol [11:34] ivoks, well as long as I get a good "basement" knowledge about it then it is easier later on to build on it [11:34] ldap is unique and bizarre :P [11:36] https://help.ubuntu.com/9.10/serverguide/C/openldap-server.html [11:36] ^^^ this is correct [11:36] ivoks: Error: "^^" is not a valid command. [11:36] except one thing [11:36] instead of: [11:36] ldapsearch -xLLL -b cn=config -D cn=admin,cn=config -W olcDatabase={1}hdb [11:37] there should be: [11:37] which is the error [11:37] ldapsearch -Y EXTERNAL -b cn=config olcDatabase={1}hdb [11:37] and later on... instead of 'ldapsearch -xLLL -b cn=config -D cn=admin,cn=config -W', you need only 'ldapsearch -Y EXTERNAL -b cn=config' [11:38] ohh I see [11:38] -x = simple auth [11:38] I was wondering now why that line even if accepted the password was not "puking" anything [11:38] -Y EXTERNAL = external auth [11:39] whole documment needs 's/-x -D cn=admin,cn=config -W/-Y EXTERNAL/' [11:39] sommer: ^^ [11:43] The openldap serverguide is out of date (bug 463684). I think there was a draft for lucid documentation that might be useful. [11:43] Launchpad bug 463684 in ubuntu-docs "openldap sections in ubuntu server guide not updated for packages in karmic" [Medium,Fix released] https://launchpad.net/bugs/463684 [11:44] Aha: https://help.ubuntu.com/9.10/serverguide/C/openldap-server.html [11:44] Im going to make my own plain text guide just in case [11:44] ok, that was the link that was posted earlier... [11:45] Is that documentation now working for you? (I'd like to try too. First time ldap, so I was waiting for documentation too.) [11:45] alvin, so what is the best link to follow? [11:45] There are 2 in the bug report. A draft: http://doc.ubuntu.com/ubuntu/serverguide/C/openldap-server.html, and the one that was posted here: https://help.ubuntu.com/9.10/serverguide/C/openldap-server.html I didn't try them yet. [11:46] The draft is probably the one you want. [11:48] a [11:48] ivoks, after I set the root password I am doing a ldapsearch -Y EXTERNAL -b cn=config olcDatabase={1}hdb and Im getting: ldap_sasl_interactive_bind_s: Unknown authentication method (-6) [11:49] do I have to add the mentioned schemas in the other link first? [11:49] i got in one server 9.04 is ok upgrade to 9.10 or 9.04 have less problems? [11:50] I guess he upgraded :-) [11:50] which version do you have? [11:52] who what? [11:52] ubuntu version [11:52] everyone is working with the last one? [11:54] Im in 9.10 [11:54] Roxyhart08: What problems are you expecting? Are you concerned about ldap or other things? [11:55] i need to install ldap, samba, kerberos, posfix [11:55] and i have one week trying just with ldap [11:56] hehehe [11:56] my condolences [11:56] postfix is easy [11:56] just install postfix-dovecot and you'll functional smtp/pop3/imap [11:56] well at least one is easy :) [11:56] er... dovecot-postfix [11:57] in 10.04, there should be amavis-postfix, that should install antispam and antivirus stuff [11:57] I have no experience with kerberos, postfix and ldap on karmic. Samba works, except for mounting shares at boot. Also, install the latest updates for samba, or nmbd will not start at boot. Postfix is probably working just fine [11:59] ivoks: will there also be a dovecot-amavis-postfix? [11:59] or maybe do-everything-for-me meta package [11:59] alvin: nope, but you could install dovecot-postfix and amavis-postfix at the same time [11:59] yeah, package names aren't quite good [11:59] ivoks: ok, makes more sense [12:00] but we'd like to have everything in place before calling it ubuntu-mail or something [12:01] For everything-in-one solution, I use kolab. It's hell to install, but works quite good. If Ubuntu would package it, you'd have the same (and more, maybe make it modular) [12:03] which version is harder to work 9.04 or 9.10? [12:04] alvin, actualy i have heard that the provided ubuntu packages are worse then the ones in openpkg [12:04] alvin, the guy making the openpkgs is doing it @ some goverment [12:04] alvin, so they are thruely tested and stuff [12:04] kwork: The ubuntu/debian packages should be removed from the repositories. They are impossible to install [12:04] kwork: openpkg is the only option [12:04] nodnod [12:05] which packages are you talking about...even ldap? [12:05] All of them. Don't even try to install kolab through apt-get [12:05] in ldap group they told me is better work with my own openldap [12:06] I don't know about that. The Ubuntu openldap package should be well maintained. It's only the documentation that is lacking and that is fixed for 10.04 [12:07] The kolab ldap is another matter. I'm running that in a JeOS, so it doesn't touch other packages [12:08] alvin so which version do you recomend work with? [12:08] Roxyhart0: which version of what? [12:09] ah, Ubuntu. Well... hard to say. Hardy actually, unless you want the newer stuff like ext4 or stable kvm [12:12] ups, there any way to downgrade ubuntu? [12:13] crap [12:14] a crash in the last step, the acl of the doc in howtoforge [12:14] which is the error [12:15] ldapmodify -x -D cn=admin,cn=config -W -f acl.ldif [12:15] Enter LDAP Password: [12:15] *** glibc detected *** ldapmodify: malloc(): memory corruption: 0x014e9d70 *** [12:15] hi [12:16] is there any utility to view and manage a pool of dhcp addresses for dhcp3-server? [12:16] ups [12:16] i didnt have this error before [12:17] ezra-s: I've been having something like that, and it was related to indexes [12:17] acalvo, to manage in the config file, to view currently given addresses I would be it should be somewhere in /var :P [12:17] before you try with any guie, did you clean tha database? [12:18] Roxyhart0, how [12:18] I did several reinstalls [12:18] purging everything in between [12:19] i mean do pk..-reconfigre slapd and delte the files i2x.dbd and d2x.dbd from /var/lib/dap/ [12:19] did you do that? [12:20] also maybe try doing apt-get purge slapd ldap-utils and then install again [12:21] ezra-s: try to index everything you'll need [12:22] I've had so many crashes until I've found out that was mainly the cause [12:22] acalvo, Im a complete newbie, I dont even know how to index [12:23] ezra-s: http://www.openldap.org/doc/admin24/tuning.html#Indexes [12:24] checking, thank you [12:25] * ezra-s shoots himself [12:26] ezra-s: don't worry, I've been looking for this error for 6 months, even using a cron job to restart the ldap server if the PID was not found (or zombie) [12:31] did you try with a small data first, i mean exactly like in the example? [12:31] yes [12:31] it crashes with the alc.ldif [12:32] ldapmodify -x -D cn=admin,cn=config -W -f acl.ldif [12:32] try with -Y EXTERNAL [12:32] :) [12:33] SASL/EXTERNAL authentication started [12:33] ldap_sasl_interactive_bind_s: Unknown authentication method (-6) [12:33] try to restart slapd /etc/init.d/slapd restart sometimes worked for me [12:34] ldapmodify -Y EXTERNAL -H ldapi:/// -f acl.ldif [12:34] when you do slapcat shows you something, i mean to know there are something in the tree [12:34] same stack trace after restart [12:35] can you do slapcat [12:35] ivoks, im going to try it [12:35] ASL/EXTERNAL authentication started [12:35] SASL username: gidNumber=0+uidNumber=0,cn=peercred,cn=external,cn=auth [12:35] SASL SSF: 0 [12:35] *** glibc detected *** ldapmodify: malloc(): memory corruption: 0x00551070 *** [12:35] wow [12:35] I basically copy pasted :P [12:36] just to know if the step before was ok [12:36] Roxyhart0, the only thing that changes from the guide to what I did is the password is incrypted in SSHA [12:36] Roxyhart0, slapcat shows stuff [12:36] let me paste it in pastebin [12:37] http://pastebin.com/d306b3568 <-- here we go [12:37] weird it works for me, but we never know. maye you should try to purge slapd and try again [12:38] thats what I will do [12:38] after committing suicide once more :P [12:38] I am trying 'apt-get install apt-show-versions' on a 8.04.4 and get the error 'Weak references are not implemented in the version of perl at /usr/lib/perl5/AptPkg/hash.pm line 8' after '** initializing cache. This may take a while **' [12:38] Google could not help me.. [12:39] haha i did many times...and finally works.. [12:40] apt-get purge slapd ldap-utils [12:41] purge like that works? [12:41] I thought it was apt-get remove --purge [12:42] no, i try before but doesn't work properly, i was suggested to use purge intead remove [12:42] purging [12:42] you always learn something new [12:42] after one week ... [12:43] doing the same think many times... [12:44] its funny how i followed the guide and I dont understand most of it, ldap syntax reminds me of sendmail :P [12:46] if you read all the link that i told you (calm) you can undestand something, still i am very new in it [12:47] <_ruben> following tutorials blindly without knowing what you're doing isn't among my list best practices .... [12:47] <_ruben> "list of best practices" even [12:47] _ruben, you got to start somewhere [12:47] <_ruben> ezra-s: yes, by trying to understand what you're doing [12:47] once you do it a second or third time things start looking familiar [12:48] _ruben, I could go to RFC's and go equally crazy [12:48] ruben_ do you knoe what mean EXTERNAL and when you use that with ldapadd? [12:49] I can understand some of the ldap basics, but the syntax, the commands behind it are just very complicated [12:49] what is ldapi:/// [12:49] for example [12:50] oh wait.. there is no man for ldapadd [12:50] ldapi is socket interface [12:50] ldap and ldaps are tcp interfaces [12:51] * ezra-s blushes, no man because I had it purged [12:51] lol [12:52] I mean I have dealt with other daemons and ldap is a pain :P [12:52] thanks ivoks [12:52] <_ruben> Roxyhart0: i never played with ldap (yet) .. well, apart from messing with our AD, which i tend to avoid whenever possible :) [12:52] ivoks, and why ldapi:/// and not -s ldapi or something like that? [12:52] you are lucky guy [12:54] ezra-s: ldapi:/// is URL and is universal; -s ldapi is not universal [12:55] ivoks, 3 /'s ? [12:55] and for strange reason why is it slapd and not sldap, ask openldap.org :) [12:55] hehehe [12:55] ezra-s: URLs. ldapi://localhost/ = ldapi:/// [12:55] I think I read about it some other time in the past when I was trying to learn something from it [12:56] ivoks, I know I know.. Im a complete ignorant, hehehe ;) thx for the explanation [12:56] soren: ;...( bon voyage ;...( [12:57] hehee, im not leaving [12:57] i will stay and bug or try helping others for a while :) [13:06] hi all [13:09] how do i get man working a server install? [13:10] mrp: don't understand the question [13:10] pmatulis: there is no man on my server install [13:10] mrp: jeos install? [13:11] pmatulis: yeah [13:11] mrp: just install it: [13:11] sudo aptitude install man [13:11] ta [13:11] it said some pkgs weren't authitincated? [13:11] WARNING: The following packages cannot be authenticated! bsdmainutils groff-base man-db [13:11] you shoul be good [13:11] kk [13:12] nah, tried again, memory corruption [13:13] I think ill give sun one directory server a try [13:15] can i disable/enable scgi with lighty-enable-mod? [13:18] directory studio doesn't add the ldap either, i fill the hostname and name for the connection, click next and nothing happens... [13:18] ezra-s: did you add that GD..thing? [13:18] oh right, i did but in .bashrc [13:18] forgot to call it before launching [13:18] GDK_NATIVE_WINDOWS=1 ./ApacheDirectoryStudio [13:18] * ezra-s slaps himself [13:19] Good morning. I have a remote machine running on the Ubuntu live CD. I've installed openssh-server, but I didn't create any users/passwords. Can I still login as either "root" or "ubuntu"? [13:19] root is usually disabled for ssh [13:19] try ubuntu ubuntu [13:20] and you can't ssh for users without passwd, so only ubuntu/ubuntu should work [13:20] Italian_Plumber: root is enabled but it doesn't have a p/w. ssh default however does not allow blank passwords [13:20] ubuntu ubuntu does not work :( [13:21] can't auth to the ldap [13:22] user should be cn=admin or something like that? [13:22] cn=admin,dc=example,dc=com [13:22] yes [13:22] replace example com with what you set up [13:22] I did example [13:24] still failing :( [13:24] additionally, spaces after the equal sign (and before the coma), and the ordering are important [13:24] and case... [13:25] ezra-s: is your ldap listening on IP other than 127.0.0.1? :) [13:25] yes [13:25] listening in 0.0.0.0 [13:25] try: [13:25] im connecting to 127.0.0.1 [13:26] ivoks where you rote GDK_NATIVE_WINDOWS=1 ./ApacheDirectoryStudio? [13:26] ldapsearch -x -d dc=example,dc=com -D cn=admin,dc=example,dc=com -W [13:26] er [13:26] ldapsearch -x -d dc=example,dc=com -D cn=admin,dc=example,dc=com -W -H ldap://IP/ [13:26] Roxyhart0: nowhere [13:26] Roxyhart0: enter ADS directory and start it like that [13:27] ldapsearch -x -d dc=example,dc=com -D cn=admin,dc=example,dc=com -W -H ldap://127.0.0.1 [13:27] ldapsearch: unable to parse debug value "dc=example,dc=com" [13:27] slapcat pukes this -> http://pastebin.com/d3e3fee9b [13:28] my bad [13:28] ldapsearch -x -b dc=example,dc=com -D cn=admin,dc=example,dc=com -W -H ldap://IP/ [13:28] ldapsearch -x -b dc=example,dc=com -D cn=admin,dc=example,dc=com -W -H ldap://IP/ "(objectclass=*)" [13:29] that works without the objectclass specification [13:29] slapcat reads files, doesn't connect to ldap [13:29] the first example asks me for a password I type it and voilá [13:29] I would like as a ramdisk file system and real filesystem will be read only. What is better choice/solution for this? [13:29] then cn=admin,dc=example,dc=com is username [13:29] and password is... [13:30] password is the same I tried in the console [13:30] ezra-s: don't use TLS/SSL while connecting [13:30] should I use other than simple auth? [13:30] ivoks, lol, you got me there [13:30] you didn't set up certificates [13:30] that's right then, no SSL and simple auth works [13:31] :) [13:35] now I jump right into the issue on how to restrict certain branch from view from normal users, muahahahaha [13:35] I guess that's the acl [13:36] or something similar to what the acl.ldif was trying to do in the guide [13:47] New bug: #517067 in libvirt (main) "Using virtio for block devices makes disks and partitions disappear in KVM/QEMU (using vmbuilder and libvirt)" [Undecided,New] https://launchpad.net/bugs/517067 [13:50] ivoks, whats the difference between an entry and a context entry? [13:51] no idea [13:52] seems they both lead to the same thing [13:58] join #ubuntu+1 [14:22] well, im off, thx for the help people! (you specially ivoks) [14:22] np [14:29] why is it so hard for the maintainers to understand that any answer of "the images should.." means that UEC's EC2 compatibility is -broken-? [15:00] whats the latest kernel in karmic [15:09] mrp: They'll probably have a fast answer for you in #ubuntu-devel [15:09] mrp: 2.6.31.17, but .18 is in -proposed [15:10] http://www.apache.org/dist/httpd/Announcement1.3.html <--- last version of apache 1.3 released [15:12] just updated i think [15:12] hw can i see last install packages? [15:12] its crashing my vm [15:13] mrp: /var/log/dpkg.log might hold some clues [15:13] genii: yup .31-17 installed [15:13] killing it ;) [15:14] how can i find out when -17 came in [15:15] mrp: came in? available in the archives? installed on your system? [15:16] came into the archive [15:16] mrp: check packages.ubuntu.com [15:20] bah doesn't say :8 [15:20] http://packages.ubuntu.com/karmic-updates/linux-image-2.6.31-17-generic-pae === dendrobates is now known as dendro-afk [15:39] can i specify what arches apt-mirror fetches ? === dendro-afk is now known as dendrobates [17:09] jiboumans: ttx: http://www.itworld.com/operating-systems/94984/ubuntu-advances-why-ubuntu-server-installations-will-surge-2010?source=ITWNLE_nlt_today_2010-02-03 [17:49] smoser: http://women.debian.org/wiki/English/MaintainerScripts [18:18] Hi all, quick opinion/experience based question ... is there any real advantage to running 64bit on a server as opposed to 32bit? (services used will be samba,apache2,mysql, php,rdiff-backup,etc.) [18:46] is anyone familiar with sendmail? I installed it on ubuntu and can't find /etc/mail/sendmail.mc [18:52] techsupport: Wow, sendmail? Really? I didn't think anyone voluntarily ran sendmail anymore. [18:55] techsupport: Anyhow, sendmail.mc is in /usr/share/sendmail/cf/debian/sendmail.mc [18:59] iirc, qmail is preferred now [19:05] soren, thats a good question, I already have dovecot and postfix running, its just that i'm setting up OpenEMM and it says it to use sendmail http://www.openemm.org/wiki/Installation:InstallGuideDebian [19:05] soren, if you can help me run through this guide really quickly I would apreciate it [19:06] Italian_Plumber: Uh, no. [19:07] Italian_Plumber: postfix is where it's at these days. [19:08] techsupport: Feel free to ask questions if you run into problems. I can't guarantee answers. [19:09] well its telling me to isntall sendmail [19:09] and configure it [19:09] i don't know if I should really do it [19:09] the installation guide is way outdated [19:09] No clue. I don't know openemm. [19:09] I don't even know what it is. [19:11] heh... we do qmail with toaster (freeBSD) here. FUN! :) === techsupport is now known as orudie [19:18] Hi, I'm trying to get my site running with Cherokee running on Ubuntu atop EC2. I've set up a subdomain to point to my EC2 Public DNS name, and I've tied an ElasticIP to a running instance. I can't seem, however, to get the host to respond to lookups on the subdomain. [19:18] ivoks: ping [19:23] alexcabrera: need to ask the obvious...you did setup the security policy to allow access to port 80? [19:24] ttx: http://paste.ubuntu.com/369050/ [19:32] Anyone know who manages Ubuntu's EC2 images? [19:36] smoser: ^ [19:36] indeed i do [19:37] whats up gholms [19:38] can someone recommend a nice program for email campaigns [19:38] smoser: We're working on getting EC2 images set up for Fedora. Would you mind if we called on you to help answer any questions about the processes behind that? Getting kernels approved and whatnot? [19:39] i'd just use ubuntu :) [19:40] but seriously, if you need some help, yeah, i can help out. [19:40] Awesome! Thanks. [19:40] there is really no "getting kernels approved". you have to get a account that has the proper acls [19:40] and to be honest, i'm not exactly sure how that negotiation with amazon went. that was before my time. [19:41] once you get that, there is no review, they just trust. [19:41] Oh, all right. [19:42] smoser: We'll be meeting in #fedora-cloud in 18 minutes if you want to sit in on it. Otherwise I could always ping you if there are any questions for you. === luis__lopez is now known as luis_lopez [20:26] kirkland: lp:~mathiaz/+junk/uec-testing-scripts [20:42] help list [20:43] !list | as1965 [20:43] as1965: This is not a file sharing channel (or network); be sure to read the channel topic. If you're looking for information about me, type « /msg ubottu !bot » [20:59] Can anyone direct me to a tutorial of a list of applications such as rkhunter that will help me keep my Ubuntu Server secure since I am a newb? Thanks in Advance? [21:13] If it helps, my server is basically just a file server and a torrent server [21:17] Xpistos|work: not sure it's that simple. [21:17] Xpistos|work: I assume you've looked at https://help.ubuntu.com/9.10/serverguide/C/index.html === dendrobates is now known as dendro-afk === dendro-afk is now known as dendrobates [21:31] thebwt: i started too, I have been looking over source forge's Perfect ubuntu server, but I don't need an email server [21:32] thebwt: I guess it is going to be a lot of trial and error [21:35] I keep getting "Connection closed by 74.208.11.211" when I try to ssh in from my Linux box, but I can get in from windows. Anybody know why that's happening? [21:36] quizme: did an upgrade lately did ya [21:37] hello [21:37] xpistos|work: yeah maybe [21:37] i am trying to get irexec run in daemon mode at boot via /etc/rc.local [21:37] but it does not work, anybody has any idea why that miught be? [21:38] Xpistos|work did something break in a recent upgrade ? [21:38] xpistos|work do you mean an upgrade on the server side or client side ? [21:39] i'm using ubuntu for both client and server [21:40] I did an apt-get dist-upgrade earlier this week and when I ssh it said the same [21:40] I looked at the server [21:41] it's weird, cuz I can't login from any of my unix boxes, but I can log into the server from windows... [21:41] and it said that /Folder/ME was not present and I couldn't login [21:41] Well samba works under a different username right? [21:41] is anybody aware of a bug preventing /etc/rc.local to be run at boot? [21:42] miranda_82: Did you check the logs carefully and see if there's an irexec error? e.g. logs : /var/log/syslog [21:42] quizme: I am willing to bet that if you looked at the server it would say your user account was gone [21:42] xpistos|work ok. I'll check. thanks for the tip [21:43] quizme: the upgrade was on the server, i don't think I said that [21:43] quizme: I am just going to reinstall tomorrow [21:43] xpistos|work that makes sense. thanks. [21:43] as1965, yes, and no errors there [21:43] rebooting to windows.... [21:43] why would you boot into windows? [21:45] Is rc.local executable? [21:45] yes it is [21:46] -rwxr-xr-x 1 root root 324 2010-02-04 21:44 /etc/rc.local [21:46] -rwxr-xr-x 1 root root 801 2009-09-07 19:58 /etc/init.d/rc.local [21:47] To check it runs - perhaps add a "logger" message bfore and after - see : man logger [21:47] i.e. before and after the irexec cmd [21:47] ok [21:47] give me one sec [21:48] Also - make sure it runs OK interactively i.e. not as a daemon - run from a shell [21:48] oh yes [21:48] Perhaps then try running it from a shell as a daemon [21:48] it runs [21:48] and as a daemon as well [21:51] ok [21:51] rebooting [21:52] interesting [21:52] logger works === erichammond1 is now known as erichammond [21:52] seems to be irexec that refuses to run [21:54] if i type /usr/bin/irexec -d manually it works [21:54] if it is inside rc.local it wont [21:54] bizarre [21:55] Odd - nothing in syslog, daemon.log etc.? [21:55] nothing [21:56] I'd be afraid of messing your boot, but perhaps do some error checking/logging e.g. 2>&1 > /tmp/irexec.log ... [21:57] Or ask on the irexec forum [21:57] yeah they are quite.. relaxed there [22:31] it is very stupid [22:31] i managed to get it running [22:31] i created a script in /etc/init.d/ [22:31] and linked it [22:31] so it starts [22:31] however [22:32] any program run from irexec, does not know where ~/ path is [22:34] would HOME=/home/user/ work? [22:37] it does work indeed [22:39] No idea, sorry. I'd be temptempted to look at the source, but that might just be a waste of time [22:40] Ask on the irexec forum (or ubuntuforum search) and see if anyone is running it on ubuntu (and what version) [22:41] What about installing lirc from a repository (should have asked)? [22:41] Else - grab the repo source and see how they do the init script ... === erichammond1 is now known as erichammond [22:45] soren: dude, don,t disable the mysql ssl tests...I gave zul a patch to update the certs to 2015 [22:55] mdeslaur: Where? [22:56] mdeslaur: I spent most of a day pulling hair out wondering why the heck it failed before I spotted the SSL expiry thing... and now you're telling me you knew all along and didn't fix it? [22:57] mdeslaur: You are now officially off my christmas card list. [22:57] soren: dude! zul told me he was preparing an upload, and I gave him the patch [22:57] mdeslaur: So EVERYONE knew?!? [22:57] soren: remove _him_ from your christmas card list [22:57] You're ALL off my christmas card list! [22:57] soren: I though you were on the QA team?? :) [22:58] soren: let me locate the patch for you [22:58] mdeslaur: pft. That was last month. Get with the programme. Quit living in the past. [23:06] hi [23:08] Hey my webserver is on the net I know the IP but I need to tunnel somehow to a polycom phone on the subnet of my server. Anyone know how I can do this? [23:24] Hi, any reason why a debootstrapped ubuntu install wouldn't look in /etc/apt/sources.list.d/ ? [23:27] Hi, How can i redirect all the my users traffice comming from 192.168.0.1/24 to 192.168.0.1:80 using iptables,(my thtpd running here) browsers traffice only.,,= === hggdh_ is now known as hggdh [23:36] Hi, How can i redirect all the my users traffice comming from 192.168.0.1/24 to 192.168.0.1:80 using iptables,(my thtpd running here) browsers traffice only.,,= === dendrobates is now known as dendro-afk === dendro-afk is now known as dendrobates