[00:21] any idea [00:38] Hey guys. Recently, my Samba server totally stopped enforcing file/folder permissions for my domain users. Permissions at the system level are working as intended. Help. [00:43] http://paste.ubuntu.com/387947/ <-- smb.conf [00:45] kirkland, yeah, i just saw that. [00:47] any ideas on this issue? [00:59] Ooooh, the 'force group' parameter is a sneaky little bugger [01:42] New bug: #531646 in vm-builder (universe) "vm build using --raw and LVM logical volume doesn't boot because of Grub install error" [Undecided,New] https://launchpad.net/bugs/531646 === dendro-afk is now known as dendrobates [02:42] lookin for a oneliner, tried this: enabling Restricted proprietary drivers cli site:help.ubuntu.com [02:58] Is there a 'sane' way to use libvirt / virt-manager to handle bridged networks, or is it a matter of configuring the machine's XML file to manually prod the "br0" (or whatever) interface? [03:02] Overand: I do nothing at all to configure bridged networks, and it just works for me. [03:03] (using virt-manager to define the guests) [03:03] Make sure you have a virbr0 interface reported in ifconfig -a [03:04] persia: from what I can tell, the 'vibr0' interface is used for the NAT stuff [03:05] But - this is admittedly a pre-release ubuntu-server 10.04 machine, managed from virt-manager on my arch-linux workstation for the moment =] [03:06] Ah. My guests are on the same machine as my virt-manager. I'm unsure how to help you with the remote model. [03:06] persia: Based on what little I read here, a 'bridge' network seems to be handled differently than a standard 'network' http://wiki.libvirt.org/page/Networking#Bridged_networking_.28aka_.22shared_physical_device.22.29 [03:06] persia: I'm not sure if that's the issue or not. [03:06] * persia either [03:06] It would make sense, though. [03:06] hm [03:07] I wonder if I could use some commandline apps rather than 'virt-manager' - and instead of editing the XML files [03:07] virsh maybe [03:11] persia: so you've got guests running - without NAT - on the same physical segment as the host? [03:11] zul, how do I test the apport hooks? [03:11] STAGING=1 ubuntu-bug [03:12] I've got that sort of bridge working, but I had to manually stuff it into the XML file for the machine! [03:13] zul, by STAGING=1 you mean to set that environmen variable? [03:13] yep [03:13] Overand: No. I have guests running with NAT. [03:14] zul, ok thanks [03:14] persia: Oh. That's why I specified 'bridged' [03:15] bridged != NAT [03:15] Sorry. My misunderstanding. [03:15] zul, and do I just test "ubuntu-bug package.apport" or should I install the package and do that? [03:16] i would install the package [03:17] zul, ok will do that way then, thanks ;) === dendrobates is now known as dendro-afk [03:27] zul, what if a package a binary package has 2 daemons. How will the hook change? [03:27] you can do it with the source package name [03:29] zul, yeah but each daemon has different conf file [03:29] i mean [03:29] net-snmp has two binaries, snmpd has 2 daemons, snmpd and snmptrapd [03:29] each with different conffiles [03:29] so do a source_net-snmp.py [03:31] zul, and then a add_info_snmpd function, then add_info_snmptrapd function and so on? [03:31] yep [03:31] cool I'll do that thanks === robbiew is now known as robbiew_ [03:47] how to set default runlevel for a service ? [04:20] zul, the apport hook must only be as root? Because in my tests says it cannot attach the conffile because of permissions === ttx_ is now known as ttx [07:21] Hello! [07:21] Where can I find documents or ebooks about Ubuntu server? [07:22] noty: apt-get install ubuntu-serverguide [07:23] :) [07:23] Thank you! [07:23] I'll try now [08:14] i have a bit general question regarding webserver behavior, anybody would mind if i ask it in here? [08:14] !anyone [08:14] A large amount of the first questions asked in this channel start with "Does anyone/anybody..." Why not ask your next question (the real one) and find out? [08:15] twb, my question was a bit different of "anyone" though :P, okay here comes the questions. [08:16] How about: "Don't ask to ask unless you're prepared to ask to ask to ask" [08:16] That just encourages recursion and useless traffic :) [08:16] Anyone is always free to ask, and lots of folk read backscroll, so waiting can get an answer hours later sometimes. [08:17] I am trying to setup a cookie-less domain to serve static content. Say i own abc.com and abc.net, both domain are defined in single vhost. If i use abc.net would it become cookie-less? or do i still need cname here? [08:17] if i use abc.net to load css and images* [08:18] CNAME is only vaguely related to cookies in the sense that most browsers won't send a cookie to domains other than those from which they came. [08:18] s/most/many/ [08:19] yes, but all traffic on abc.com will use the cookie which is set to domain=abc.com or in worst case for subdomains as well, i think even though both domain use single vhost, due to tld difference it would be cookie-less. [08:21] So my colcusion is using cname for a cookie-less domain is same as use "A" record, and adding the other domain as ServerAlias in vhost config. [08:22] I have also seen stuff like no-cookies.example.net being a cname for www.example.net [08:22] I think the important point is not how the DNS server is configured, but what URL the webserver reports back to the browser. [08:23] Yeah [08:23] That may depend on the DNS configuration, but whether it does or not depends on the webserver configuration. [08:23] * persia does not happen to know the defaults [08:31] morning [08:46] New bug: #531779 in samba (main) "package libwbclient0 2:3.4.0-3ubuntu5.4 failed to install/upgrade: il sottoprocesso dpkg-deb --control ha restituito lo stato di errore 2" [Undecided,New] https://launchpad.net/bugs/531779 [09:21] New bug: #499389 in bacula (main) "karmic->lucid auto-ugprade test failure" [High,Triaged] https://launchpad.net/bugs/499389 [09:54] server live migration seems to work with libvirt on Lucid, yeah :) [09:57] TeTeT: I'm going to try that later on :) [09:59] Jeeves_: worked fine with virsh on the command line and seems to work even with virt-manager [10:00] TeTeT: I just tested with karmic -> lucid, that didn't work [10:01] But than again, I've never seen it work :) [10:01] Jeeves_: yep, I tested karmic last week and it wasn't working [10:02] Ah, ok. [10:02] That gives me hope :) [10:05] The netboot image doesn't seem to come with IPv6 support — is this intentional? [10:06] I just spent absolutely ages trying to add IPv4 support to my network because I finally figured out why my netboot ISO wouldn't install on my IPv6-only network. [10:08] jayvee: bummer [10:09] Xubuntu 9.10 localhost server. One virtual host setup. Put a 'RewriteMap' as one of rules in the sites-enabled for the virtual host. Tried to reload apache which returned an error 'RewriteMap not allowed here'. Where can 'RewriteMap' go - httpd.conf? [10:09] TeTeT: indeed [10:09] jayvee: I wanted to create a bug for that! [10:09] I noticed it too, last week. [10:09] I don't think it intentional, just clueless :) [10:09] go knock yourself out :-) [10:10] launchpad is a-waiting [10:10] jayvee: i'm not really in the mood :) [10:10] I think all it needs is the ipv6 kernel module [10:10] everything else seems to be there [10:10] Probably an oversight, rather than cluelessness. I'm sure there are folk who know *how* to do it. [10:11] ubuntu-vm-builder keeps crashing for me, and is buggy as hell. Is there a more rapid way to deploy VMs than the netboot image when vm-builder isn't an option? [10:11] persia: cluelessness as in 'ipv6 is nowhere in our prioritylist' [10:11] jayvee: How is it crashing? [10:11] bleh, I closed the terminal already [10:12] it was crashing in a grub step [10:12] so it got 99.999% of the way, and then bombed out and deleted the whole lot [10:12] Ah, are you trying to directly install onto an device? [10:12] Bah. Just because one person doesn't make it a priority doesn't mean someone else can't. Just about anything in Ubuntu is subject to fixing by anyone who wants to fix it. [10:12] Jeeves_: into a disk image [10:12] jayvee: Hmm. [10:12] to be placed into libvirt, but it didn't get to the libvirt stage [10:12] let me run it again [10:13] I've seen Grub having issues when I tried to install directly to an iscsi-disk, not to an image [10:13] running now: $ sudo ubuntu-vm-builder kvm lucid -m 512 --libvirt=qemu:///system -d /mnt/terror/jeremy/VM/lucid --hostname=lucid [10:13] I'll get back to you when it finished [10:13] the -d option doesn't work, btw [10:14] actually, tbh, haven't tested the -d option successfully in the lucid version of vm-builder, as I've not got a vm to build yet :) [10:17] actually, looks like it *is* caused by the libvirt component — my mistake [10:17] AttributeError: 'Libvirt' object has no attribute 'vm' [10:17] I'd hazard a guess a fix would be s/Libvirt/libvirt/, but not sure [10:20] File "/usr/lib/python2.6/dist-packages/VMBuilder/plugins/libvirt/__init__.py", line 54, in preflight_check [10:20] if hostname in self.all_domains() and not self.vm.overwrite: [10:21] doesn't like the "self.vm.overwrite". trying again with that bit deleted. [10:21] bleh heh heh [10:28] VMBuilder.exception.VMBuilderException: Process (['sed', '-ie', 's/^# kopt=root=\$[^ ]*\$\$.*\$/# kopt=root=UUID=cdf0293f-032c-43ac-a4a2-da4a5775834f\n1.0\next4\nfilesystem\\2/g', '/tmp/tmp18YkH0/boot/grub/menu.lst']) returned 1. stdout: , stderr: sed: -e expression #1, char 84: unterminated `s' command [10:29] and now I get that [10:29] I don't call vm-builder buggy as hell for nothing [10:40] so, installing lamp-server doesn't restart apache2 after installation [10:40] it should, cause otherwise php5 module isn't loaded === ogra_ is now known as ogra [11:04] Should mod_rewrite rules be inside a container? [11:10] eekeek: Only if you want apache to start even though that module isn't loaded [11:13] i see. I'm having trouble with RewriteMap. Upon reloading apache I get "RewriteMap not allowed here" [11:14] I thought I might need a container, but I guess not. [11:42] New bug: #531854 in bind9 (main) "bind9 will not install on a clean system" [Undecided,New] https://launchpad.net/bugs/531854 [11:45] my Network Tools show that port 80 is open, I have local access to my second PC, but not over the internet [11:45] hints & tips please? [11:47] Stargaze: what exactly is the problem? [11:48] do you want to know what process is opening port 80? [11:48] $ sudo fuser -v 80/tcp [11:48] i want to display index.html in /var/www [11:48] so it works when you browse to http://localhost/ right? [11:49] when i go to the local ip adress [11:49] forgot to mention: i'm using DynDNS [11:49] okay, and you have port forwarded port 80 to that machine with your router? [11:50] yes [11:50] can I try to browse to it? [11:50] try 81.241.46.249 [11:50] that's my current IP address [11:51] Stargaze: I'm getting an error “ICMP administratively filtered” [11:51] so I’d say that it’s a firewall problem [11:52] i guess my ISP blocks all ports [11:52] that's sh* [11:52] brb [11:52] not necessarily [11:52] Um, ICMP should not affect other stuff. [11:53] There'S no reason why TCP/UDP/GRE/etc. shouldn't work just because ICMP is blocked. [11:53] nope, you misunderstand [11:53] I tried to access him via TCP port 80, and got an ICMP error in response [11:53] Oh. heh. [11:53] Stargaze: my ISP by default blocks port 80 too, but they let me unblock it if I log onto the ISP control panel. [11:53] Maybe yours will let you too. [11:55] Stargaze: I’m only getting the ICMP error when accessing on port 80. If I try ports 12000 or 81, I get RST packets, so it’s definitely a port-specific block. [11:56] persia: oops, I see where you misunderstand — my fault. I should have written “ICMP: communication administratively filtered”. I forgot the “communication” part. ;) [11:56] Yes. THat would have made more sense :) [11:57] The first message usually means that a ping was blocked, the second indicatse that something else was blocked. [11:57] (although the first could also be a trapped response to a block on the second, etc.) [11:57] jayvee: just contacted my IP, they do not allow setting up personal servers [11:57] ouch [11:57] IP =ISP [11:57] Might want to look at somebody like Rollernet. [11:58] i live in Belgium, Europe [11:58] Or use port 81 [11:58] ah, is that possible? [11:58] I’d change ISP if I were you. :) [11:58] Stargaze: yes, edit /etc/apache2/ports.conf [11:58] they provide my tv too :) [11:58] and /etc/apache2/sites-available/default, I think [11:59] and obviously edit the settings on your router. :) [12:01] not better with port 81 :( [12:01] Hi, I'm trying to get 10.04 alpha3 to work in a VMWare ESX setup, however after installationg it won't boot and grub complains of "error: no such disk" [12:02] did you run “service apache2 restart”? [12:02] Stargaze: did you run “service apache2 restart”? [12:03] merlijn-, does grub actually load? [12:03] like, do you see the kernel list, and so on? [12:04] jayvee: nope, it just says Grub loading... [12:04] then it gives me the error [12:04] merlijn-: have you tried changing the disk type? is it scsi or ide? lsi logic or buslogic? [12:05] jayvee: it is a SCSI disk currently and VMWare bios is recognizing it [12:06] try changing to ide just temporarily [12:06] or doesn't ESX support ide disks? [12:06] I don’t remember. The server in my garage running ESX hasn’t been powered on since 2007 because it chewed too much power. :-) [12:06] modified both files and the router to *81, but not better [12:06] darn ISP [12:07] Stargaze, you restarted apache? [12:07] run sudo fuser -v 81/tcp [12:08] oops :s [12:09] ok, done [12:10] not better [12:10] Stargaze, does fuser say anything is listening on port 81? [12:10] I just type fuser to find out? [12:10] sudo fuser -v 81/tcp [12:11] it did not say anything [12:11] then apache isn't configured correctly [12:11] ah [12:11] did you edit the config files? [12:12] i edited /etc/apache2/ports.conf and the default in sites-available [12:13] jayvee: okay tried different controllers without luck, to switch to IDE disks I have to do a complete reinstall (can't transition a virtual disk from SCSI to IDE) [12:13] merlijn-: ouch [12:14] ubuntu must support the disk if it installed to it [12:14] maybe grub just doesn't [12:14] but grub only uses the bios [12:14] yea, grub2 is a pain :( [12:14] grub doesn't care what disk type it is [12:14] oh, it's grub2!? [12:14] ouch [12:14] ouch ouch [12:14] you said it bro [12:14] iirc 10.04 uses grub2 by default [12:14] to boot from ext4 partitions [12:15] even the simplest things are so complicated in grub2 [12:15] like moving Windows to the top of the list [12:15] you mv 40_os-prober to 0001_os-prober [12:15] might be the right time to dust off LILO of GPXE :P [12:15] or* [12:15] and pray that they don't update the grub-pc package, because /etc/grub.d/40_os-prober is owned by the grub-pc package [12:16] heh [12:16] or grub1 [12:16] grub 0.97, that is [12:16] grub1 will not boot ext4 unless you apply some patches [12:16] which ubuntu have done [12:16] thankfully [12:17] the grub1 in 9.04 and up support ext4 [12:17] I wouldn't really consider those patches stable :P [12:17] merlijn-: http://kezhong.wordpress.com/2009/07/02/converting-ext2-filesystems-to-ext3ext4/ [12:17] (ik ben ook nederlandstalig) [12:17] hmm, could have sworn that 9.10 boots off ext2 with root on ext4 [12:17] Any comments on what would be the best password backend for samba against AD Server 2008r2; idmap_ldap or idmap_ad, need it to give least possible user management in the long run. [12:18] Stargaze: I have no intention to migrate my filesystem, thank you [12:18] merlijn-: nope, in fact my /boot is ext3 because I installed this system during the 9.04 alphas, before grub1 supported ext4 [12:19] but subsequent systems I installed definitely used grub1 + ext4 [12:19] including a few VMs on here [12:20] hmm, http://news.softpedia.com/news/GRUB-2-The-New-Boot-Loader-in-Ubuntu-9-10-113671.shtml [12:20] looks like 9.10 was already using grub2 [12:21] it is === pts_ is now known as pths [12:22] merlijn-: why not chroot in and install grub1 instead? [12:22] funnily enough, 9.10 just boots right away with the same config on the vmware ESXi cluster [12:22] or maybe re-run grub-install [12:22] jayvee: too much hassle for a release that's in alpha stage :) [12:22] oops, yeah, forgot [12:23] anyway, time to grab some lunch - thanks for your help jayvee [12:23] time for me to grab some shuteye :-) [12:24] right after I've done testing these images, anyways [12:24] good night then :) [12:24] :) [12:24] Is anyone else having issues with Lucid, server and X-forwarding? [12:32] Jeeves_: you'll need to be more specific [12:39] pmatulis: I've got xauth and ssh installed [12:39] and doesn’t Jeeves normally have the *answers*, not the questions? ;-) [12:39] *we’re* supposed to Ask Jeeves. ;-) [12:39] 'normally', if you login, you get a message like '.Xauthority created' [12:40] On Karmic, that's broken as you need to add '-4' to the sshd-options, otherwise X-forwarding doesn't work [12:40] On lucid, it doesn't seem to work at al; [12:40] are you referring to “ssh -X”? because I use that all the time. [12:41] jayvee: Yes, that's what I'm referring to [12:41] admittedly not on lucid, but it works on karmic no trouble [12:41] I have no idea what -4 even does, let alone have to use it. [12:42] oh, right, forces IPv4 [12:42] jayvee: Like I said, I've got the issue with lucid .. [12:42] of course [12:42] um [12:42] are you trying to connect via DNS name or IP address? [12:42] How would that matter? [12:42] because you could be suffering from the broken DNS forwarder problem [12:42] on Karmic, that is [12:43] 'broken DNS forwarder'? [12:43] (logging in on ip doesn't help, btw) [12:44] right [12:44] hmm, not really sure [12:45] I presume $DISPLAY is being set [12:45] from within the ssh -X session, type "echo $DISPLAY" [12:45] it should say localhost:10.0 [12:45] No, it isn't [12:45] Also, xauth is being run [12:45] try export DISPLAY=localhost:10.0 [12:45] Doesn't work\ [12:45] tried it, I spose [12:45] hmm [12:45] I've been around long enough to try that stuff :) [12:46] well I'm about to fall off this chair [12:46] I need zzzz's :) [12:46] good luck with your problem [12:47] Failed to allocate internet-domain X11 display socket. [12:47] debug1: x11_create_display_inet failed. [12:53] Jeeves_: lucid ubuntu-desktop install x-forwarding works [12:53] Got it [12:54] henkjan: it's again the -4 switch, but somehow, /etc/init.d/ssh doesn't seem to pass that option to sshd [13:02] morning [13:05] Hi zul [13:08] Hello! [13:08] Has anyone ever tried bridging a bonded interface? [13:09] I'm largely unsuccessful... [13:10] when I try doing it through the interfaces conf file, my system crashes and starts coredumping to the point of being completely unusable (couldn't even log in, had to use the rescue cd) [13:10] http://ubuntu.pastebin.com/qU0wdAvn [13:11] ^ this got -server 9.10 to really fuck up [13:11] Rada: Error: "this" is not a valid command. [13:11] sorry uvirtbot, I wasn't talking to you. [13:17] bridging a bonded interface? [13:17] Sounds yukkie :) [13:18] :) [13:19] I've had good luck doing this with vmware-server... but now I'm trying to convert to kvm [13:20] and kvm won't let me "just use" my bonded interface [13:24] Yay! Got it working. [13:24] ok, so ssh in Lucid is broken [13:26] cjwatson: Awake? [13:30] about my DynDS issue, i need a Bussiness subscription for my personal webserver [13:31] Jeeves_: mm? [13:31] Jeeves_: broken how? works for me [13:32] actually, let me upgrade before saying that [13:32] :) [13:32] I didn't change that much though [13:32] not user-visibly anyway [13:32] cjwatson: I tried to restart sshd using /etc/init.d/ssh [13:32] DDTT [13:32] Which seems to work, but actually doesn't [13:32] why not use the upstart job? [13:33] Pick either one, but please don't use them both :) [13:33] I have no option. /etc/init.d/ssh is for the benefit of people running sshd in a chroot, since upstart doesn't work there [13:33] use 'restart ssh' outside a chroot [13:33] Well, this is very weird, if you ask me [13:33] and we need the upstart job for other things depending on it [13:33] once upstart works in a chroot, it'll be de-weirdified [13:34] We're using /etc/init.d for years, we think of something new (which is fine by me), but than we finish it half, so we use two methods? [13:34] not my fault [13:34] feel free to file a bug on openssh saying that /etc/init.d/ssh should spot that you're using upstart and do the right thing [13:34] cjwatson: Where should I configure the defaults for ssh ? [13:34] that would make sense, imo [13:35] Jeeves_: /etc/init/ssh.conf [13:35] or sshd_config of course [13:35] argh [13:35] So now we're back to editing configfiles that originate from packages? [13:36] it's a design feature of upstart that jobs are simple enough that editing them directly isn't going to create the sort of hideous conflicts that editing /etc/init.d/ssh used to, so we shouldn't need the /etc/default/ssh indirection layer [13:36] uh, that's nonsense [13:36] /etc/default/ssh originated from a package too [13:36] it was split out due to the complexity of editing /etc/init.d/ssh correctly [13:37] not in order to avoid editing conffiles [13:37] But if I was to upgrade ssh now, would that end up in a message saying 'you changed a configfile' ? [13:37] not if /etc/init/ssh.conf didn't change [13:37] you'd have got such a message if I changed /etc/default/ssh in the package [13:37] so this is something of a red herring [13:37] But it did (because ssh 'needs' the -4 switch to get X-forwarding to work) [13:37] I mean if it didn't change in the package [13:38] ok. Well. [13:38] If I may give Canonical some feedback: [13:38] you could also use 'AddressFamily inet' in /etc/ssh/sshd_config, and avoid having to edit /etc/init/ssh.conf or /etc/default/ssh at all [13:38] 1: Good work on upstart [13:38] which is almost certainly easier [13:38] 2: Please don't mess up like you're doing now [13:39] I don't think we're messing up; I respectfully disagree [13:39] You may. [13:39] Me, as a user, think you're messing up :) [13:39] I have given you reasons, corrected your misunderstandings, and given you an alternative [13:39] I, as a user, that is :) [13:40] I was also there when /etc/default/ was introduced in Debian, and I remember the reasons for it [13:40] and I truly don't think they apply nearly as strongly as they did [13:40] ttx: are you busy tomorrow (ha ha) [13:40] zul: ha ha... why [13:41] ttx: wanna schedule the samba bug zapping thing tomorrow? [13:41] zul: no, I want to plug a bugday for triaging first [13:41] ttx: ok sounds good [13:41] not sure when Pedro will be available for that [13:42] Jeeves_: I think it would be an excellent idea to help out people who try to use /etc/init.d/ssh (or invoke-rc.d) without realising that it's switched to upstart, and I would definitely appreciate a bug report for that [13:43] cjwatson: So I will file it. But what's that issue with chrooting that still requires it? [13:43] En why isn't that just fixed? [13:43] because it's extremely hard work in upstart [13:43] s/En/And [13:43] En == Dutch :) [13:43] many people want to run sshd in a chroot, for one reason or another [13:43] upstart can't yet manage services running in chroots [13:44] it might, but this creates a lot of fuzzyness [13:44] so /etc/init.d/ssh is there so that people can start it the old-fashioned way [13:44] but you actually can't [13:44] Because it's allready running [13:44] And it's not complaining [13:44] sure you can - just pick a different port [13:44] this is not a terribly unusual configuration [13:45] It doesn't complain in any way. [13:45] it probably does in auth.log [13:45] but are you talking about running /etc/init.d/ssh *outside* a chroot? [13:46] I'm not doing anything fancy. [13:46] could you just say yes or no :) [13:46] The default is outside a chroot? Than yes. [13:46] right. then that's just part of the bug I asked you to file [13:47] there's no reason /etc/init.d/ssh couldn't spot that the service is being managed by upstart and pass requests through to it in that case, given that we have to dual-run for a while for other reasons [13:47] I'd be happy to make that change, I just need a reminder of it since I'm doing some other things at the moment [13:48] running inside a chroot is a more complicated case that we can't handle any other way at the moment, which is why we still need the init script - but we can make it less confusing [13:52] Thanks [13:52] bug 531912 [13:52] Launchpad bug 531912 in openssh "[LUCID] /etc/init.d/ssh seems to work, but actually upstart is used." [Undecided,New] https://launchpad.net/bugs/531912 [13:52] Also, do you have a clue why x-forwarding is broken, unless you disable ipv6? [13:53] It's not really an issue on this specific box, but we're using ipv6 in production here. :) [13:54] I think there is a bug about that somewhere; I'll see if I can find time to deal with it before lucid [13:55] if you could get me ssh -vvv output from an affected system, that wouldn't hurt [13:55] sure, got a bugnr where you want that in? [13:56]