/srv/irclogs.ubuntu.com/2010/03/16/#ubuntu-server.txt

v0lksman	https://bugs.launchpad.net/hardy-backports/+bug/286337	00:00
uvirtbot	Launchpad bug 286337 in hardy-backports "Please backport OpenSSH 5.1 to Hardy" [Wishlist,Won't fix]	00:00
jayvee	apt-get build-dep openssh-server	00:00
jayvee	that'll get the build-dependencies right, and you can just ./configure && make && sudo make install	00:00
v0lksman	so I won't need to re-compile openssl?	00:01
v0lksman	also does that compile in support for pam and all that?	00:02
jayvee	no idea	00:03
jayvee	v0lksman: uh, why don't you use this PPA like in the bug comments? https://launchpad.net/~rainct/+archive	00:03
lifeless	if you use debuild, it will do a normal ubuntu build, so yes pam included. however, PPA's ++	00:03
v0lksman	cause it's a bit of a security risk?	00:03
jayvee	so is compiling it yourself	00:04
v0lksman	I'd rather blame myself than tell my client I got the software from some joe...	00:04
lifeless	v0lksman: you can check the signatures on the ppa, check the diff against the lucid diff	00:04
jayvee	it's not like the PPA binaries are closed source	00:04
v0lksman	lifeless: hrm...not a bad idea	00:04
v0lksman	the ppa is outdated too though	00:04
jayvee	yeah, that's what you'll be dealing with from here on out	00:04
jayvee	at least hardy's 4.9 is maintained	00:05
v0lksman	until lucid is released	00:05
v0lksman	4.9? 4.7	00:05
v0lksman	where is 4.9 for hardy? that'll do...anything more than 4.8	00:05
jayvee	whoops, yeah	00:05
jayvee	4.7	00:05
v0lksman	damn	00:05
v0lksman	had me hoping there	00:05
jayvee	lifeless: I'm really slack. I haven't looked into that test-driven stuff at all.	00:06
lifeless	jayvee: de nada	00:06
jayvee	I've now got some people using python-iview as an "upstream". :-D	00:06
jayvee	The xbmc and boxee iview plugins re-use python-iview. I honestly didn't think it was that reusable. :)	00:07
jayvee	So yeah, the test-driven whatever is all the more important.	00:07
lifeless	\o/	00:07
jayvee	most things I set my mind to, I "just get"	00:09
jayvee	but not unit testing	00:09
jayvee	the things I don't "just get" are unit testing, BGP, Wave Robot API, and OAuth.	00:10
jayvee	everything else I can get my head around in an hour or so.	00:10
jayvee	Oh, and D-Bus. I don't get that either.	00:10
lifeless	BGP is fune.	00:11
lifeless	dbus is NIH DCOM is NIH CORBA	00:12
=== erichammond1 is now known as erichammond
axisys	still trying to find out why i need to have a monitor plug in to see the login prompt in serial console ?	00:24
lullabud	axisys: that is a very strange problem. never heard of that one...	00:31
lullabud	i'm curious to know the solution.	00:31
lullabud	what package do i need to install to get ubuntu to auto-register in Active Directory DNS?	00:32
=== erichammond1 is now known as erichammond
axisys	posted my message in ubuntu server and user mailing list ..	00:52
axisys	looks like exact same problem was posted before	00:53
axisys	https://lists.ubuntu.com/archives/ubuntu-users/2009-April/182662.html	00:53
axisys	but on older version ubuntu	00:53
axisys	this seems to be similar bug in lucid	00:55
axisys	https://bugs.launchpad.net/ubuntu/+source/linux/+bug/529234	00:55
uvirtbot	Launchpad bug 529234 in linux "monitor drops to standby with "no signal" during boot splash on luicd alpha 3" [Undecided,New]	00:56
axisys	looks like i need to disable gdm .. becasue it is a desktop ..	01:16
axisys	so update-rc.d -f gdm remove should do it?	01:17
MTecknology	axisys: should - i prefer rcconf	01:18
axisys	MTecknology: rcconf ? i have not used it	01:20
MTecknology	!info rcconf	01:20
MTecknology	ubottu: tap tap	01:20
MTecknology	20:21 < mtbot> MTecknology: rcconf (source: rcconf): Debian Runlevel configuration tool. In component universe, is optional. Version 2.2 (karmic), package size 22 kB, installed size 132 kB	01:21
ubottu	rcconf (source: rcconf): Debian Runlevel configuration tool. In component universe, is optional. Version 2.2 (karmic), package size 22 kB, installed size 132 kB	01:21
persia	update-rc.d is the solution used by all the maintainer scripts : other stuff also works, but be warned that it's 1) not default and 2) it's essential not to break update-rc.d	01:22
MTecknology	axisys: /pp 18	01:22
MTecknology	axisys: sorry	01:23
axisys	persia: hmm... i guess i will just go with update-rc.d then	01:23
MTecknology	axisys: rcconf is extremely simple. I only use update-rc.d when I need to add a script manually to /etc/init.d	01:24
MTecknology	there's a lot of opinions in here - but usually something to back up the reason.. postgresql vs mysql.. opinions and reasons for picking one over the other?	01:28
Razernok	hi	02:15
Razernok	Anyone here?	02:17
lifeless	no	02:18
Razernok	So much for getting help then	02:21
lifeless	well, its a bit of a silly question	02:21
lifeless	perhaps you could ask your questions	02:21
persia	There's lots of folk here	02:21
persia	!ask	02:21
lifeless	'don't ask to ask, just ask'	02:21
ubottu	Please don't ask to ask a question, simply ask the question (all on ONE line and in the channel, so that others can read and follow it easily). If anyone knows the answer they will most likely reply. :-)	02:22
Razernok	no point to ask if no one is here to answer.	02:22
persia	Razernok: /names will give you a list of folk. Also, when lifeless said "no" he meant approximetely the opposite.	02:23
lifeless	Razernok: people don't reply to 'is there anyone here' style questions: folk are generally working and thats a fairly social question. Its also very disruptive if everyone answers (because you get a lot of noise)	02:23
Razernok	What is the point of the DNS server?	02:26
persia	It translates arbitrary strings into IP addresses.	02:27
persia	Or translates arbitrary strings into other strings (depending)	02:27
cef	a DNS is basically a semi-flat database of mappings of names to ip addresses, names, or informational data about the name, and as such can also provide mapping of ip addresses back to names. without one, you can't get a computer to recognise that www.google.com.au maps to an IP address that is used behind the scenes to make the connection. Think of it a bit like a phone book.	02:32
Razernok	so with it a dynamic ip can have a .com domain?	02:34
persia	cef: "IP addresses back to names" is just a superset of names to infomational data.	02:34
lifeless	Razernok: the DNS Server in Ubuntu can be used to do that but isn't needed for that. They are separate problems.	02:35
lifeless	Razernok: you need the DNS Server if you want to run a DNS server. You only need to run a DNS Server if you need to maintain a DNS zone yourself: small organisations and below generally outsource this to their domain registrar	02:35
cef	persia: sort of.. it's constrained.. you can get a name to an ip, but not necessarily get an ip back to a name. that depends on if it's say a CNAME or if they have bothered to even provide reverse mapping (in-addr.arpa)	02:35
Razernok	my server is on a dynamic ip	02:36
cef	Razernok: there are services that allow you to give a constant name to a dynamic ip, but it does have issues (eg: when the ip changes, etc). places like dyndns.org and the like.	02:37
Razernok	dyndns.org only gives dynamic ips a subdomain	02:38
persia	cef: My point is that when do you the in-addr.arpa dance, you're back into the "names into " area. Just a nitpick of mine: there is no* reverse DNS, just a cooperative convention that mimics it.	02:38
cef	persia: ahh I see what you mean.. yeah true	02:39
Razernok	I guess no .com domain for my server then... :(*	02:40
Razernok	:(	02:40
cef	Razernok: you get a unique hostname, and that you can point at with a different DNS (eg: ISP/DNS Registrar hosted) using a CNAME record. But, it'll still suffer all the dyndns type issues.	02:41
Razernok	i can only get dynamic ips not static ips	02:41
cef	eg: get a DNS Registrar to host iwantafunnyname.com for you, then set up a CNAME record that maps www.iwantafunnyname.com to whaterveritis.dyndns.org	02:42
cef	it's a hack, and you can have issues (eg: you can't the CNAME use the name for an MX - mail exchange - record, etc etc.)	02:45
Razernok	hmm, I hope no-ip.com's software works on linux then	02:45
cef	Razernok: there are a number of things and services like that, so there are options if you do go down that path	02:46
Razernok	hmmm, its a download. I dunno how to transfer it to the server or install it from a file. Unless they gave me a apt-get command I'm clueless on how to install it.	02:46
Razernok	well, then again I could run the no-ip.com software on my windows pc since the public ip is the same	02:47
Razernok	but prefer it on the actually server though	02:47
Razernok	anyone know the apt-get for no-ip.com's software?	02:48
sekyourbox	Having trouble designating an ethernet port for sending DHCP communication using DHCPD3 on ubuntu	02:49
sekyourbox	What needs to be added in DCHPD3.CONF to only set up dhcp on one interface connected to a router?	02:50
Razernok	i guess no one knows then :(	02:51
Razernok	bye then	02:51
persia	apt-cache search dynamic shows several	02:53
persia	apt-cache seach no-ip even shows three.	02:54
lunaphyte	sekyourbox: see /etc/defaults/dhcp3-server	02:54
lunaphyte	although i don't quite know what "connected to a router" means.	02:55
sekyourbox	thx, brb	02:56
sekyourbox	test	03:03
KD7SPO-rod	need help settig up virtual host on ubuntu server 9.10, I can configure on other linux and bsd no problem so I must be missing something. I've copied the default file to www.ezyaspi.com in my sites-available folder and ran a2en www.ezyaspi.com and restarted apache with sudo /etc/init.d/apache2 restart. But I still get the default page when I browse to www.ezyaspi.com page. DNS is pointed correctly. Any suggestions?	03:09
sekyourbox	do you need network manager for ATH0 / wifi connections?	03:14
sekyourbox	How does this work exactly, I have a physical interface WIFI0, and what seems to be some type of virtual interface ATH0.. ath0 is where im picking up my ip address.	03:15
sekyourbox	sorry, wlan0	03:16
jayvee	yeah, they're a bit funny	03:17
jayvee	don't touch the one that doesn't do anything	03:17
jayvee	I have an aironet card that comes up as wifi0 and wmaster0	03:17
jayvee	I don't touch wmaster0	03:18
sekyourbox	I need to remove network manager	03:19
sekyourbox	I have wmaster0 too	03:19
sekyourbox	ath0 has the ip of the wifi network	03:19
sekyourbox	I dont want to hose my internet if I drop netman	03:19
Razernok	how do i open a file using command line?	03:55
jayvee	Razernok: you mean like a text editor?	04:00
jayvee	nano is a good text editor to use if you're not familiar with the command line.	04:00
jayvee	$ nano the_file.txt	04:00
Razernok	hmmm, and it looks like there is no way to add users to the ftp server. weird	04:02
pwnguin	Razernok: maybe it's based on system users?	04:04
jayvee	maybe the ftp server uses your unix users as authentication	04:04
jayvee	what pwnguin said :)	04:05
pwnguin	personally, i avoid ftp	04:05
jayvee	strongly agree	04:05
Razernok	nope	04:05
jayvee	Razernok: install openssh-server, and use an SFTP program to transfer files	04:05
pwnguin	slowly training our interactive media dept that it's bad	04:05
jayvee	most FTP cilents support SFTP these days	04:05
Razernok	i just tried my user and pass	04:05
jayvee	it's not even worth getting FTP going	04:05
jayvee	just use SFTP	04:05
Razernok	need ftp for dreamweaver	04:06
jayvee	eww	04:06
pwnguin	pretty sure dreamweaver supports SCP	04:06
jayvee	that's another thing you'll want to get rid of :P	04:06
pwnguin	http://webmaster.iu.edu/tool_guide_info/dreamweaver_pc.shtml	04:07
Razernok	from the ftp server "Response:530 This FTP server is anonymous only."	04:07
Razernok	wtf	04:07
pwnguin	heh	04:07
pwnguin	Razernok: you have ssh set up for administration right?	04:07
Razernok	yea	04:08
Razernok	I'm on putty	04:08
pwnguin	i haven't checked but im pretty sure that if you can scp to the box, you can sftp	04:09
Razernok	need ftp so i can use Filezilla	04:09
pwnguin	filezilla should support sftp as well	04:10
jayvee	Razernok: filezilla supports sftp	04:10
pwnguin	#	04:10
pwnguin	# Supports FTP, FTP over SSL/TLS (FTPS) and SSH File Transfer Protocol (SFTP)	04:10
jayvee	like I said, most FTP clients out there support SFTP	04:10
pwnguin	Razernok: if you want to get really crazy, set up WebDAV	04:10
sbeattie	actually, I believe it is possible to configure sshd to not support sftp while allowing scp, but it's not a common configuration.	04:11
pwnguin	probably, but i think openssh-server allows both out of box on ubuntu?	04:12
Razernok	i got it but it won't let me transfer files	04:15
Razernok	open for write: permission denied	04:15
Razernok	:(	04:15
pwnguin	with FTP?	04:15
Razernok	sftp	04:16
pwnguin	where you trying to write to and with what user?	04:16
Razernok	yes	04:16
Razernok	its an admin user	04:16
pwnguin	if it's root	04:17
pwnguin	that's disabled by default	04:17
Razernok	its a folder in root	04:17
pwnguin	where you trying to write to and with what user?	04:17
Razernok	in /Storage	04:18
jayvee	Razernok: ubuntu "admin" users aren't automatically root	04:18
jayvee	they are only "root" when they use sudo	04:18
jayvee	when you use sftp, you just have normal permissions	04:19
jayvee	so you have to "chown razernok:razernok /Storage"	04:19
jayvee	or the equivalent	04:19
Razernok	so how do i upload into root?	04:19
Razernok	huh?	04:19
jayvee	what is the user you are trying to log in as?	04:19
jayvee	s/log in/upload/	04:19
Razernok	my admin user	04:20
jayvee	yeah, but what's his username?	04:20
pwnguin	does it matter?	04:20
Razernok	john	04:20
jayvee	you want to go "chown john /Storage"	04:20
pwnguin	unless	04:20
pwnguin	it's web data	04:20
Razernok	where do i do chown john /Storage	04:22
pwnguin	ubuntu web server doesn't run as root	04:22
jayvee	/Storage doesn't sound like it's being served by the web server to me	04:22
Razernok	its so i have an easy to find folder for my uploads to the server but not to be seen on the web server.	04:23
pwnguin	thats what your homedir is for?	04:23
Razernok	but you then have to type "/home/john"	04:24
Razernok	and i don't want the extra stuff to remember	04:24
pwnguin	depends on the client	04:25
* jayvee bangs head on desk		04:25
pwnguin	many will automatically chdir ~	04:25
jayvee	true	04:25
Razernok	chdir???	04:25
jayvee	and if you use "scp some_file.txt myserver:" it automatically copies it to your home directory	04:25
jayvee	change directory to ~ (where ~ means home directory)	04:26
jayvee	cd and chdir mean change directory	04:26
Razernok	ok you've lost me	04:26
Razernok	I just want to be able to upload to anywhere on the server.	04:27
jayvee	you could enable the root user, but you're really shooting yourself in the foot	04:27
qman__	Razernok, that can't be done without massively destroying the system permission scheme	04:27
jayvee	mmm...it's a very Windows-like attitude	04:28
pwnguin	qman__: you could just use root, which preserves permissions but opens up another fun attack. perhaps theres a way to limit it to scp, but even then, yikes	04:28
qman__	allowing root to log on remotely is something I don't ever consider doing	04:28
jayvee	yeah, rssh can limit it to scp, but with root permissions, you could just delete rssh with scp	04:28
qman__	and when you run as root, everything you create is owned as root, which mucks up permissions anyway	04:29
jayvee	Razernok: I know when I was new to Linux, I wanted the same too, so I understand where you're coming from.	04:29
jayvee	But really, it's shooting yourself in the foot still. :)	04:29
Razernok	so if I'm only allowed to upload to my user's home directory then how am i expected to upload to say the htdocs folder? or custom folders used as storage?	04:29
qman__	yes	04:29
qman__	it's a Very Bad Idea (tm)	04:30
pwnguin	Razernok: you could make yourself the owner of that directory	04:30
Razernok	ya can't then unless you place the folders in the home directory	04:30
pwnguin	you can totally change the ownership of files	04:30
jayvee	exactly	04:30
pwnguin	probably there's a smarter way	04:30
qman__	Razernok, there's also ~/public_html	04:30
sekyourbox	I need to configure /etc/networ/interfaces.. Can i configure ath0 (wireless) in here or do I have to use some IW config file???	04:30
jayvee	Razernok: you should "chown" (i.e. "change owner") of your htdocs directory to yourself so you can upload to it	04:31
jayvee	which is why I was talking about chown earlier	04:31
pwnguin	im thinking, mod_userdir and mod_rewrite	04:31
Razernok	i don't see a command line in filezilla	04:31
pwnguin	use ssh	04:31
jayvee	yeah you'll need to do it from putty	04:31
Razernok	oh god	04:31
jayvee	sudo chown john:john /var/www/htdocs	04:32
jayvee	or wherever htdocs is	04:32
qman__	actually	04:32
qman__	you probably want john:www-data	04:32
qman__	otherwise it might break the website	04:32
jayvee	true	04:32
pwnguin	what you can do is use mod_userdir to provide a mapping from www.example.com/~john to /home/john/public_html	04:32
Razernok	i have no idea where htdocs is located at	04:32
qman__	well, there is no htdocs by default in ubuntu	04:33
jayvee	well if you haven't touched anything, it's actually /var/www	04:33
qman__	so unless you created it, it doesn't exist	04:33
pwnguin	and then make a public_html dir with group www-data, and set it to be sticky	04:33
jayvee	Razernok: I'm guessing you're reading tutorials for Fedora or Red Hat?	04:33
qman__	and the default website is /var/www	04:33
jayvee	Red Hat uses htdocs by default, but Debian and Ubuntu call it different	04:33
jayvee	don't read Fedora tutorials	04:33
qman__	yeah, that'll really mess you up	04:33
Razernok	I use apache	04:33
qman__	stick to ubuntu docs for ubuntu	04:33
jayvee	yeah	04:33
pwnguin	Razernok: the apache tutorials for Fedora aren't the same as the ones for Ubuntu/Debian	04:34
jayvee	my head definitely explodes when I try and do things the Fedora way in Ubuntu, or vice versa	04:34
qman__	debian docs are secondarily preferred, since most of the packages are similar	04:34
qman__	but definitely use ubuntu centric docs wherever possible	04:34
pwnguin	Razernok: for example, last i checked, apache ran as root on Fedora, while it runs as its own user in Debian	04:35
Razernok	i came from windows not fedora	04:35
jayvee	pwnguin: on CentOS 5.4 at least, it runs as the 'httpd' user	04:35
qman__	debian and ubuntu also have a very different apache configuration setup	04:35
qman__	apache on windows is a disaster waiting to happen	04:36
pwnguin	jayvee: perhaps. my rhel env at work is best described as pathological	04:36
jayvee	Razernok: but you must have been reading a Red Hat–centric tutorial or heard from a Red Hat using user if you wanted to access a "htdocs" folder	04:36
jayvee	Ubuntu has never had a "htdocs" folder. :)	04:36
pwnguin	i think htdocs is the default apache stuff	04:36
Razernok	no	04:36
Razernok	on apache its called htdocs	04:36
pwnguin	it's probably that way on windows too	04:36
jayvee	yeah, possibly	04:37
pwnguin	Razernok: trust me, apache doesn't care	04:37
jayvee	pwnguin: come to think of it, you might be right	04:37
pwnguin	Razernok: its all in the config files in /etc/apache2/	04:37
jayvee	%PROGRAMFILES%\Apache\htdocs or something	04:37
jayvee	last time I ran Apache on Windows was way back in 2007	04:38
pwnguin	heh	04:38
jayvee	or 2006, actually	04:38
pwnguin	i havent but my boss tried	04:38
jayvee	yeah, 2006	04:38
qman__	the only thing worse than trying to run apache on windows, is trying to run PHP in IIS 5	04:38
* jayvee shudders		04:38
jayvee	I've done that...briefly	04:38
pwnguin	i accidentally recomended we replace our IIS ftp site with webdav	04:38
pwnguin	but it turns out apple is spawn satan	04:38
pwnguin	and only supports apache, poorly	04:38
jayvee	you mean apple can only connect to apache webdav servers, and not, say, iis webdav servers?	04:39
pwnguin	correct	04:39
jayvee	ouch	04:39
pwnguin	it demands webdav 2.0	04:39
jayvee	webdav is kind of...meh	04:39
pwnguin	and even then, fucks up the syntax	04:39
jayvee	it was new back in...1998	04:39
pwnguin	webdav is neat; pokes straight through firewalls	04:39
jayvee	Windows 98 had the glorious new "Web Folders" feature in My Computer	04:40
pwnguin	supported out of box by windows, ubuntu and OSX.... IF you run apache	04:40
jayvee	it is easier to secure than sftp if you don't trust your users, I have to admit	04:40
jayvee	rssh is kind of meh as well	04:40
pwnguin	anyways	04:40
pwnguin	ive taken to a simple /var/www/www.pwnguin.net approach, with Virtual Directory in apache config	04:41
jayvee	that's what I do on my linode	04:41
qman__	userdir is a great solution when you want normal users to be able to upload to a web server	04:42
jayvee	dead easy to maintain	04:42
pwnguin	qman__: is it possible to combine userdir and modrewrite?	04:42
qman__	not sure, never tried	04:42
Razernok	so what do i need to do????	04:43
qman__	I've done userdir, and I've done rewrite, but not both at the same time	04:43
qman__	Razernok, if you're the only user, just SSH in, and `sudo chown john:www-data /var/www`	04:44
qman__	then you'll be able to upload files there, and they'll show up in the default apache site	04:44
qman__	assuming your username is john	04:44
pwnguin	protip: set the group sticky bit if you want new dirs to inherit the group	04:44
pwnguin	(you do)	04:45
Razernok	and what about normal folders for storage?	04:45
qman__	just use your home folder, or a folder within it	04:45
pwnguin	i'd just use my homedir, because thats what should show up if you dont' type in anything for a directory	04:45
qman__	a tilde, ~, magically refers to your home folder	04:45
qman__	so you don't have to type /home/john every time	04:46
Razernok	i want to avoid typing long paths like /home/john/something/fgse.txt	04:46
qman__	use tab completion	04:46
pwnguin	Razernok: in your HTML?	04:46
qman__	also, that's not a long path	04:46
Razernok	so i need to place it in the root	04:46
qman__	you do not want to place files in the root	04:46
Razernok	like /Storage	04:46
qman__	that's also a Very Bad Idea	04:47
qman__	to clarify	04:47
Razernok	alot faster to type /Storage then /home/john/Storage/file.txt	04:47
qman__	if your user is john, '~/Storage' means the same thing as '/home/john/Storage'	04:48
jayvee	yes	04:48
jayvee	100% agree	04:48
jayvee	home folders are there for a reason	04:48
qman__	you can also type that path very quickly	04:49
jayvee	I use the ~ shortcut all the time	04:49
qman__	keys pressed, in order: / h TAB j TAB shift+S TAB	04:49
jayvee	I probably haven't typed /home/jeremy for years	04:49
pwnguin	well	04:49
pwnguin	my bash autocomplete isn't network aware	04:49
qman__	mine isn't either, but I have a /home/ryan on all my machines	04:50
Razernok	damnit, can't find a remove folder command	04:51
Razernok	wtf	04:51
qman__	the new version of openssh that just came out a few days ago adds tab completion to the built in sftp client	04:51
pwnguin	rm	04:52
qman__	I use scp the most, though	04:52
jayvee	Razernok: use "rmdir" if the folder is empty	04:52
Razernok	this is ticking me off	04:52
pwnguin	mostly i just use gnome's remote scp mount tool	04:52
qman__	Razernok, rm -r if you want to remove a directory and all files within	04:52
jayvee	or "rm -r" if you want to remove all files inside it but BE CAREFUL with that command — you can do a lot of damage	04:52
Razernok	rmdir: failed to remove `/Storage': Permission denied	04:52
jayvee	sudo rmdir	04:53
pwnguin	ls -l /Storage	04:53
pwnguin	well, maybe that lists out the dir contents, i just want to know it's ownership and permissions =/	04:53
jmarsden	pwnguin: ls -ld /Storage	04:53
pwnguin	^ Razernok that one	04:53
uvirtbot	pwnguin: Error: "Razernok" is not a valid command.	04:54
pwnguin	wth	04:54
Razernok	didn't work	04:54
Razernok	still won't let me delete it	04:54
qman__	yeah, ^ is apparently a bot command	04:54
jayvee	sudo rm -r /Storage	04:54
qman__	Razernok, this must be done from SSH or local command line	04:54
jayvee	it will delete everything inside /Storage, if that's what you want to do	04:54
qman__	not from inside an SFTP connection	04:54
pwnguin	ls just lists the files & permissions. its how you tell what the permissions currently are	04:55
* pwnguin is surprised		04:55
pwnguin	i upgraded my linode to 10.04 and it still works	04:55
qman__	ha	04:56
qman__	jumping the gun a bit, eh	04:56
Razernok	there	04:56
pwnguin	well	04:56
lifeless	heh, been running lucid since jan	04:56
pwnguin	i split my disk in two	04:56
Razernok	hmmmm, how do you unpack webmin_1.510_all.deb on windows?	04:56
pwnguin	one is the in case of emergency undo snapshot	04:56
pwnguin	Razernok: 7zip can probably do it, however...	04:57
Razernok	so i can place it in the preuploading folder for dreamweaver	04:57
qman__	Razernok, webmin is not supported on ubuntu	04:57
Razernok	i use winrar	04:57
lifeless	Razernok: you don't unpack debs on windows	04:57
pwnguin	Razernok: if you really want webmin, just upload the deb directl	04:57
pwnguin	directly	04:57
Razernok	Debian package suitable for Debian, Ubuntu or other derived Linux	04:57
Razernok	http://prdownloads.sourceforge.net/webadmin/webmin_1.510_all.deb 14M	04:57
Razernok	says on webmin's site	04:57
qman__	!webmin	04:57
ubottu	webmin is no longer supported in Debian and Ubuntu. It is not compatible with the way that Ubuntu packages handle configuration files, and is likely to cause unexpected issues with your system. See !ebox instead.	04:57
Razernok	wtf, then what do i use????	04:58
pwnguin	!ebox	04:58
ubottu	ebox is a web-based GUI interface for administering a server. It is designed to work with Ubuntu/Debian style configuration management. See https://help.ubuntu.com/community/eBox	04:58
Razernok	same as webmin?	04:58
Razernok	this is gonna be a web hosting site	04:58
pwnguin	hahahahh	04:59
qman__	you have a long way to go before you host people	04:59
pwnguin	well, i guess you mean one for personal use?	04:59
qman__	you should not be using webmin or ebox for a web hosting site, either	04:59
qman__	you want something more like cpanel I'm guessing	04:59
qman__	webmin and ebox are aimed at general server administration, not web hosts	05:00
Razernok	I'm planning to host only about 5 trusted clients	05:01
qman__	and anyone hosting others should know his way around the command line, otherwise when something breaks you're going to be in for a world of hurt	05:01
* pwnguin is barely qualified to host his own stuff, let alone other people's		05:02
pwnguin	is there a file or command to just identify the ubuntu release you're running?	05:03
qman__	pwnguin, cat /etc/issue	05:03
qman__	I think you can also run 'lsb-release'	05:03
pwnguin	ah, i always go for something specific like debian_version	05:03
pwnguin	thanks	05:03
jayvee	cat /etc/lsb/lsb_release	05:04
qman__	ah, that's what it is	05:04
jayvee	cat /etc/lsb-release, sorry	05:04
lifeless	lsb_release -a	05:04
lifeless	the interface is the command, not the file AIUI	05:05
Razernok	I have a friend who will be my site testing partner	05:05
Razernok	weird, sudo apt-get install “^ebox-.*” won't install ebox	05:10
Razernok	wtf	05:10
Razernok	the site said it would	05:10
qman__	Razernok, apt-cache search ebox	05:12
Razernok	wtf	05:17
Razernok	ebox doesn't do anything i need	05:17
pwnguin	firewalls, vpn, network config, cert authority	05:17
Razernok	I wasted all that time to install it and its not at all like webmin	05:17
pwnguin	you wasted all of 20 minutes, if that	05:18
Razernok	webmin is for managing accounts and stuff. aka a web host	05:18
Razernok	ebox does none of that	05:18
Razernok	and i don't know how to remove it	05:18
pwnguin	sudo apt-get remove ebox	05:19
pwnguin	however	05:19
pwnguin	i see an ebox-usersandgroups	05:19
Razernok	so how do i install webmin then?	05:19
Razernok	i just installed ebox and it has nothing webmin does	05:20
Razernok	so how do i install webmin?	05:20
pwnguin	ebox is modularized; does it install any extra modules by default?	05:20
pwnguin	nope	05:20
Razernok	A web-based interface for system administration for Unix. Setup user accounts, DNS, file sharing and the program is freeware.	05:21
Razernok	thats webmin	05:21
Razernok	eBox Platform is an open source SMB network server that acts as a network gateway, a unified threat manager, a network infrastructure manager, ...	05:21
Razernok	two different things	05:21
pwnguin	http://www.ebox-platform.com/	05:21
pwnguin	i think you have to install extra modules?	05:22
Razernok	So i need to know how to install webmin_1.510_all.deb	05:22
pwnguin	ie, apt-get install ebox-usersandgroups ebox-ca ebox-dns	05:22
pwnguin	personally, i dont use ebox or webmin	05:22
pwnguin	just ssh and emacs	05:23
Razernok	I need to webmin so i can manage clients and hosting plans and such	05:23
pwnguin	however, if you have an ubuntu .deb, just upload it and use sudo dpkg -i wtfever.deb	05:24
pwnguin	it sounds like people think it wont work	05:24
pwnguin	i didnt know webmin supported hosting plans	05:25
twb	I think what he's really asking for is a free version of cpanel.	05:26
pwnguin	good luck with that	05:27
twb	Yeah	05:27
Razernok	thats what webmin said it does	05:27
Razernok	allowing you to manage the clients and plans	05:28
twb	Webmin is made by people that couldn't find their arse with both hands	05:28
pwnguin	Razernok: i cant find any webpage describing webmin with that phrase	05:29
Razernok	thats what i found	05:31
Razernok	that its suppose to be for managing a hosting site. (hosting plans, accounts, etc.)	05:32
pwnguin	its supposed to be for administrating a server	05:32
pwnguin	there's a virtualmin plugin, but hell if i know if the GPL version works	05:32
Razernok	this server is gonna be a hosting site. so thats why i need webmin for the (hosting plans, accounts, etc. management)	05:33
pwnguin	have you ever actually used webmin?	05:34
pwnguin	looks like their demo site is down	05:34
Razernok	no cause i can't figure out how to install it	05:34
pwnguin	http://www.webmin.com/demo.html look at screenshots	05:34
twb	Can we just agree that webmin is offtopic here and move it to -overflow or whatever?	05:39
pwnguin	how bout we point Razernok at #webmin and never speak of the matter again	05:40
Razernok	no idea what to do now :(	05:40
pwnguin	apparently the webmin channel is on undernet? are they still around?	05:41
pwnguin	Razernok: try joining #virtualmin; maybe they can help you out	05:42
FireCrotch	You don't want to use Webmin on Ubuntu. Trust me.	05:42
* pwnguin is off to go watch House or something		05:42
FireCrotch	actually you don't want to use it on any debian-based distro	05:43
pwnguin	But it says 'Supports Ubuntu Linux!'	05:45
twb	pwnguin: support is a directed relation.	05:46
pwnguin	i think you're trying to say we don't support it, but i never claimed otherwise. im trying to drop the subject, really	05:47
twb	Find by me	05:47
Razernok	i guess there is no way to do hosting plans, user accounts, etc.	05:49
pwnguin	there tools that do that for a price. obviously we don't support it, but if you're paying for it the vendor should	05:49
Razernok	need a free one	05:50
pwnguin	seriously now. house time	05:51
FireCrotch	Razernok: There's one called VHCS that I've looked at in the past. Never used it so I can't say how good it is, but I've considered using it	05:53
FireCrotch	They have a live demo that you can try out though	05:54
jayvee	I thought ISPConfig was like a next-generation VHCS	06:01
FireCrotch	ah ISPConfig. that's the other one that I couldn't think of the name of	06:02
twb	Grr!	06:07
twb	Lucid's coreutils doesn't have timeout	06:07
au	ajmitch: your linode just stop replying? i had to reboot mine just then	06:42
twb	OK, it appears to be in a separate "timeout" package there, for some reason.	06:47
NoReflex	hello! I'm having some problems with upstart in karmic server 64bit. It won't start postgresql. I tried http://superuser.com/questions/98702/how-to-make-postgresql-start-at-boot-time-in-ubuntu but it didn't work. can I remove upstart? I'm afraid to test it because the machine is at a remote location and if I mess it up I won't be able to connect to it anymore	07:44
NoReflex	I can start postgresql using /etc/init.d/postgresql-8.4 manually after login. There are links in /etc/rc*.d to postgresql init script but for some reason it isn't started automatically after reboot	07:44
lifeless	you cannot remove upstart	07:45
lifeless	its how the server is booted	07:45
NoReflex	lifeless: i thought that removing upstart would install the old init system	07:45
NoReflex	I also searched for a logging possibility because I don't know why it won't start....and it's hard to "debug" a problem when you don't have the error message	07:46
FireCrotch	NoReflex: there should be an error somewhere... /var/log/syslog, the postgres log file, somewhere	07:50
NoReflex	FireCrotch: there isn't...I searched messages, dmesg, syslog, postgresql log, the entire log dir - I believe the log should be created by upstart - but upstart does not work with bootlogd	07:52
lifeless	usual thing here is it not being enabled in /etc/default/postresql or some such	07:54
NoReflex	lifeless: the error log is enabled in /etc/postgresql/8.4/main/postgresql.conf...and I can find there the error messages that occured after I started the application manually...but there's nothing about the "automatic" failed startup	07:57
sherr	NoReflex: Is there a bug logged about this? Sounds like there should be. This situation would not be ideal for Lucid.	07:59
NoReflex	sherr: I couldn't find a bug related to this fact...I did however find a bug regarding the inability of upstart to work with a boot logger	08:01
twb	Sigh. acpid is broken in lucid atm	08:19
* persia points at all the lovely hardware that doesn't use ACPI :)		08:20
twb	I only want to use it to shut down machines that aren't responding to ssh or PS/2	08:21
twb	Usually because there was no PS/2 keyboard plugged in when they booted	08:21
persia	Do they have USB ports? That's always a convenient way to hotplug /dev/kbd	08:21
uvirtbot	New bug: #276472 in samba (main) "cp -p on CIFS mount does not preserve permissions and returns a permission denied error" [Medium,In progress] https://launchpad.net/bugs/276472	08:22
twb	In this case it probably does, but that's beside the point.	08:22
twb	If acpid provides support for ONE event, the power button, that event handler shouldn't assume the not-depended-upon acpi-support package is installed.	08:23
persia	Oh, good bug. File & fix :)	08:23
twb	Yeah, so now I have to install firefox into a vm, because apport-cli doesn't honour BROWSER=w3m	08:24
* twb grumbles		08:24
persia	You already filed that bug?	08:24
persia	That should be easy to fix.	08:24
twb	I'm assuming it doesn't because it would inconvenience the GUI-only people	08:25
twb	Actually, probably s/BROWSER=w3m/sensible-browser/, because this is a VM, so my dotfiles aren't present.	08:25
twb	OK, it does honour the x-www-browser alternative, so if I'm running X on my server, any graphical browser would work.	08:28
persia	No. Any browser should work.	08:29
persia	It tries x-www-browser before www-browser	08:29
twb	Hm.	08:29
twb	When I tried in pbuilder --login, it simply failed to use w3m.	08:29
persia	So for me, www-browser is w3m and x-www-browser is epiphany-browser (on my laptop)	08:29
persia	Was w3m installed there?	08:30
twb	Oh, I bet I forgot to install w3m, forgetting it was priority: standard, not essential: yes.	08:30
persia	That would do it. Most build environments are type=buildd which is very minimal indeed, and doesn't include such fripperies as a browser.	08:31
twb	The other exciting problem I'm gonna have now is that Xorg appears to disable the pointer emulation key (shift + num lock), so I gotta shave that yak before I can copy the transcript into the browser	08:31
persia	twb: A clean yak is a beautiful yak :)	08:32
twb	No, it's even weirder than that.	08:33
twb	Mouse emulation is working, it's just the pointer's location doesn't change onscreen until I redraw the window under it.	08:33
twb	OK, screen env BROWSER=w3m apport-bug acpid, and I can copy the typescript into the browser that way.	08:34
twb	#539432	08:40
twb	ubottu: malone bug #539432	08:40
uvirtbot	Launchpad bug 539432 in acpid "powerbtn.sh assumes acpi-support is installed." [Undecided,New] https://launchpad.net/bugs/539432	08:40
ubottu	Error: I am only a bot, please don't think I'm intelligent :)	08:40
twb	"PATH=(custom, no user)"... sounds like an apport fuckup	08:41
persia	!ohmy	08:41
ubottu	Please remember that all Ubuntu IRC channels share the same attitude of providing friendly and polite interaction with all users of all ages and cultures. Basically, this means no foul language and no abuse towards others.	08:41
twb	Sorry.	08:41
persia	But yes, that does indeed.	08:42
twb	I was logged in as ubuntu (uid 999), as created by casper.	08:42
GeorgeJ	Hello, is it possible to create a lvm from a software mirror without having to erase all data? If so, where could I find a tutorial?	08:44
GeorgeJ	I have no lvm groups set up, so I'm not trying to extend one, but create a group.	08:45
persia	GeorgeJ: I've never found a way short of having sufficient space and copying from one place to another.	08:46
twb	Now I'm getting timeout errors from the launchpad "edge server" telling me I'm part of the "launchpad beta team", so I'm not going to bother reporting that apport bug	08:47
twb	GeorgeJ: what is a "software mirror"?	08:47
GeorgeJ	Well, I'm running ubuntu server and I realy don't know which channel this goes to.	08:48
GeorgeJ	Basicaly I have two hard drives which are mirrored using software raid.	08:48
persia	twb: Note that due to bug #538097, there might be issues anyway.	08:48
uvirtbot	Launchpad bug 538097 in apport "+storeblob fails with "500 Internal server error" on production (works on edge)" [High,Invalid] https://launchpad.net/bugs/538097	08:48
twb	persia: I got it after punching in the Summary line on the first page it takes me to	08:49
twb	persia: I would normally blame my end, because it's being used to implement/test network failures, but if that was the case I wouldn't expect to even get to the edge server.	08:50
persia	Hard to say, really.	08:50
jayvee	GeorgeJ: this channel is fine for raid questions	08:53
jayvee	although I'm not a raid person	08:53
a_ok	I'm getting tired ssh and her known host problems. For some reason all my servers have a new rsa fingerprint. Is there a way i can reset this known host nonsense without disabling ssh?	08:53
GeorgeJ	Well, I'm not having any issues with my raid setup. I'm trying to create an iSCSI target, which requires me to create a LVM group.	08:54
GeorgeJ	And when I want to create a LVM group, I'm instructed that all my data will be erased, and I was looking to go around this.	08:55
twb	OK, now I have an even more exciting behaviour.	09:15
twb	On the lucid host, this loop stops after an unpredictable number of iterations:	09:15
twb	while ip route show dev eth0 \| grep -q .; do printf .; done	09:15
twb	If I take out either side of the pipeline, the problem goes away and the loop runs forever	09:16
twb	From just running "ip route show dev eth0" in a loop, it certainly seems that nothing is changing...	09:16
twb	OK, and it's ip, not grep, that's failing, because I can't reproduce it without set -o pipefail	09:19
twb	Sod it, I'll turn pipefail off and this error detection script can just be flaky.	09:23
nenne	does apt-get upgrade have a function to ensure no upgrades that need reboot will be installed?	09:38
acalvo	hi!	09:38
acalvo	in order to deploy a HA Cluster, is it really necessary to have separated service servers and load-balancer servers?	09:38
twb	nenne: it does not.	09:38
nenne	twb: ok, thanks	09:39
twb	nenne: usually, the only thing that would require a reboot would be kernel packages.	09:39
nenne	twb: aah yes. would a "safe upgrade" skip thoose?	09:40
twb	"aptitude safe-upgrade" should skip any paths that require removing or installing new packages.	09:40
philthno2	nenne: for most packages that recommend reboot a simple restart of the graphical interface or respective servce would be enough	09:40
twb	nenne: but even if you upgrade the kernel, the old kernel will continue to work indefinitely.	09:41
twb	nenne: packages name linux-image-* (i.e. kernels) are NEVER automatically removed in the default configuration.	09:41
nenne	twb: Aaah true, thing is im gonna be upgrading a server with some sensitive services and it would be nice to know what upgrades will need a reboot on forehand. To warn users. But i guess i can allways upgrade and then do the reboot 1 week later(with planned downtime) ?	09:43
twb	nenne: what I normally do is "aptitude -s full-upgrade", and look at what will happen (-s for simulate).	09:44
twb	nenne: then I just know, from experience, what is likely to need an update, and I report those to my customer	09:45
nenne	twb: aah i see. that seems like the best way of doing it :)	09:45
twb	Actually I have a cron job do the -s run and email me the result	09:47
nenne	Aah nice	09:48
uvirtbot	New bug: #539454 in mysql-dfsg-5.1 (main) "package mysql-server-5.1 5.1.37-1ubuntu5 failed to install/upgrade: il sottoprocesso nuovo script pre-removal ha restituito lo stato di errore 1" [Undecided,New] https://launchpad.net/bugs/539454	09:51
uvirtbot	New bug: #227837 in libvirt (main) "[Hardy] overzealous masquerading affects vm to vm traffic" [High,Fix committed] https://launchpad.net/bugs/227837	10:07
RoyK	hi all. the package linux-image-virtual, is that for a virtual guest?	10:13
uvirtbot	New bug: #539469 in squid (main) "does not terminate at computer shutdown" [Undecided,New] https://launchpad.net/bugs/539469	10:26
twb	RoyK: yes	10:31
RoyK	k	10:32
=== Airells is now known as airells
zul	morning	12:23
uvirtbot	New bug: #357067 in beautifulsoup "javascript parsing error" [Undecided,Confirmed] https://launchpad.net/bugs/357067	12:32
blinkiz	Hi. I have a iscsitarget LUN up and active. I have now added more LUNs. It seems like I have to do /etc/init.d/iscsitarget restart. No reload function. Will this create any disturbance in the already existing active LUN? It can NOT go down.	13:08
zul	timmah!	13:22
* zul does his gollum php impression		13:25
jalons	Thoughts on how to return the TLS version exim is using?	13:37
persia	jalons: e.g. `apt-cache show exim4-daemon-heavy \| grep ^Depends` : check the gnutls library version dependency.	13:39
jalons	persia: thanks, but I was looking for TLS version 1.2 (per RFC 5246) vs RFC 4346, and how an exim install running (built from source to utilize libssl over gnutls due to the smaller entropy pool required for libssl)	13:43
jalons	I built it about a year ago and recall nothing other than that - am I stuck stracing and looking for the calls to the libraries?	13:43
persia	I'd guess you could determine the protocol version from the library version, but I could be entirely wrong.	13:43
persia	If you built it yourself without a packaging framework, perhaps so.	13:44
persia	Although I'd recommend using nm rather than stracing to determine how it's linked.	13:44
blinkiz	How do I add more iscsi targets (ietd.conf) without having to restart iscsitarget service?	13:53
stanman246	guys.. My datacenter is changing it's default gateways, how can i be sure my server will be accessible?	14:20
ball	stanman246: ask your sysop for his mobile number and blackberry email address. ;-)	14:22
stanman246	lol	14:22
stanman246	thought maybe it 's possible to use a 'backup' default gateway	14:23
stanman246	is that possible?	14:23
zul	to ask your sysop for his mobile and blackberry email address? yes probably	14:23
persia	stanman246: Yes, but you don't really want to do that. if you want that kind of function, look at a dynamic routing solution.	14:23
persia	(and for which is the right choice : ask your network admin)	14:24
jalons	I'm trying to dump all remote ciphers accepted by this mail server - anybody know the magic combination of openssl s_client -connect <host> -starttls smtp, and getting -cipher into the mix?	14:54
jalons	i know server decides what, but is there a way to trace what it's contemplating?	14:54
=== airells is now known as Airells
jalons	other than guessing what the lowest cipher suite is, and watching it step through them	14:55
jalons	nevermind, it appears I just needed to keep googling to find the answer: http://rt.openssl.org/Ticket/Display.html?id=1162&user=guest&pass=guest	14:59
invisime	I am formatting a second hard drive on my home server. should I format it as ext3 or ext4?	15:01
ball	invisime: yes.	15:04
invisime	ball: should I format it as ext3 xor ext4? :P	15:05
* ball grins		15:06
ball	I suppose that would still be a "yes", assuming a single partition.	15:06
invisime	damn clumsy english language. must learn lojban	15:07
invisime	I'm basically looking for a comparison of the two or best practices. could you supply the information or a pointer to the information?	15:08
ball	invisime: I don't use Linux much, so I'm not the best person to ask. I think I ran ext4 experimentally on my last Linux box and it seemed to work.	15:10
ball	invisime: but I'd want more sensible testing before I used it for anything important.	15:10
invisime	I see.	15:10
jalons	invisime: for all intents and purposes ext4 is just ext3 + extents	15:16
invisime	jalons: k. thanks for the clarification.	15:16
* invisime types 'sudo mkfs -t ext4 /dev/sdb1' and hits enter.		15:16
acalvo	in order to deploy a HA Cluster, is it really necessary to have separated service servers and load-balancer servers?	15:25
jalons	acalvo: no, but it works better.	15:56
ricdanger	hi there	16:06
ricdanger	I just stup ubuntu server 9.10 with a separate /boot and LVM	16:06
ricdanger	but grub will now create a wrong "set root=" entry	16:06
uvirtbot	New bug: #539663 in php5 (main) "FFE for php 5.3.2" [High,New] https://launchpad.net/bugs/539663	16:07
nimrod10`	ricdanger, is /boot outside of LVM ?	16:34
ricdanger	nimrod10: yes	16:35
ricdanger	update-grub will set my "/" volume as root	16:35
ricdanger	my / is a LVM volume btw	16:36
jalons	what's it generating that's incorrect?	16:41
maxx_h	Hi. I have a new Intel MB with built-in Hardware-VNC-overIP which is used for a server. (no monitor connected)	17:03
maxx_h	Is there a way to send the video output even if no monitor is connected, so i can fetch it with vnc?	17:03
persia	maxx_h: You essentially need video drivers for your hardware-VNC solution. It oughn't be any different from any other framebuffer, except for the drivers.	17:06
jalons	when you power up the motherboard, the baseboard management controller will likely request a DHCP address for the management port: watch your dhcp server logs and VNC in	17:07
jalons	or as persia said, if I misunderstood what you're trying to do	17:07
maxx_h	i can connect via vnc(management ip), see the bios and grub - but when the linux kernel loads i only have a black screen	17:08
persia	That's definitely a driver issue then.	17:08
maxx_h	if a monitor is connected, vnc works too	17:08
persia	You'll need framebuffer drivers and to direct console to that framebuffer.	17:08
persia	Oh, cool. That means you don't need new drivers, you just need to fix the bug in the drivers you have.	17:09
persia	Essentially, they need to not inform the kernel there's no monitor attached when VNC is active.	17:09
warmexxus	i have a similar problem... a headless ubuntu server, that I can only SSH when the keyboard/monitor is attached.	17:12
persia	warmexxus: That's not similar at all. That's likely a buggy BIOS failing to initialise properly without a keyboard. There are hardware stubs you can buy that fake it.	17:12
warmexxus	:( it's just so strange... I can ssh with a monitor/kb attached, and I can connect while headless but it disconnects after so many minutes... but only when headless...	17:13
warmexxus	i will take your tip and google up the best I can... thank you	17:13
maxx_h	graphiccard: VGA compatible controller: Intel Corporation Core Processor Integrated Graphics Controller (rev 12)	17:15
maxx_h	chipset: intel Q57	17:15
maxx_h	what i see is that it uses the vga16fb - should i trie different fb drivers?	17:16
persia	maxx_h: I'd just report a bug against the driver you have.	17:21
RoAkSoAx	kirkland, ping	17:23
kirkland	RoAkSoAx: howdy	17:23
RoAkSoAx	kirkland, how's it going? :)	17:23
RoAkSoAx	kirkland, could you take a look to: https://wiki.ubuntu.com/GSoC/2010/AndresRodriguez and give me some feedback?	17:28
kirkland	RoAkSoAx: sure thing	17:29
RoAkSoAx	zul, for apport hooks, attaching info from the syslog should be whenever the user accepts to attach the conffile or should it always be attached?	17:29
RoAkSoAx	kirkland, awesome, thanks :)	17:29
uvirtbot	New bug: #539727 in vm-builder (universe) "python-vm-builder_0.12.2-0ubuntu3 doesn't set locales correctly" [Undecided,New] https://launchpad.net/bugs/539727	17:42
zul	RoAkSoAx: if the user agress then attach the syslog info	17:42
RoAkSoAx	zul, ok will do it that way then	17:43
persia	RoAkSoAx: I'll suggest you grep syslog for the class of interesting stuff, and only attach that. I'd be happier showing you my output from bind without showing you that cron is executing mirrorpr0n every 12 minutes.	17:44
RoAkSoAx	persia, yeah I'm doing that actually: report['SyslogBind9'] = recent_syslog(re.compile(r'named\['))	17:45
persia	Cool :)	17:45
RoAkSoAx	:)	17:45
kirkland	zul: howdy howdy	18:16
zul	kirkland: hey	18:16
kirkland	zul: where are the daily qemu-kvm builds?	18:16
zul	https://edge.launchpad.net/~ubuntu-server-edgers/+archive/server-edgers-qemu-kvm	18:16
zul	is it just me or is the wiki slow today?	18:18
kirkland	zul: really slow	18:19
zul	k thats what i thought	18:19
kirkland	zul: did you take a snapshot of the debian/ from the lucid package, I guess?	18:20
zul	kirkland: yeah I havent had a chance to update it yet	18:21
kirkland	zul: okay, cool; yeah, there's some good stuff that would be nice to get in the daily too	18:21
zul	kirkland: k ill put that on my todo list	18:21
kirkland	zul: i was going to blog about your work, announce it, etc.... is that okay with you?	18:21
zul	kirkland: sure	18:22
uvirtbot	New bug: #526823 in mysql-dfsg-5.0 (universe) "error al actualizar" [Low,Invalid] https://launchpad.net/bugs/526823	18:32
kirkland	zul: http://blog.dustinkirkland.com/2010/03/qemu-kvm-daily-builds-thanks-chuck.html	18:32
zul	kirkland: nifty cool	18:32
kirkland	zul: same to you ;-)	18:35
uvirtbot	New bug: #526827 in mysql-dfsg-5.0 (universe) "package mysql-server-5.0 5.1.30really5.0.75-0ubuntu10.3 failed to install/upgrade: subprocess post-installation script returned error exit status 1" [Low,Invalid] https://launchpad.net/bugs/526827	18:37
preben	sorry to bother, but I may need som help with Karmic+multipath+lvm2	18:39
preben	anyone got this to work?	18:39
axisys	how do I safely enable telnetd on ubuntu server? there is no host on the same network, just cisco router and it needs to access the ubuntu server .. so telnet seems only option	18:46
persia	axisys: Install the IOS ssh client (reed)	18:48
persia	axisys: http://www.cisco.com/en/US/tech/tk583/tk617/technologies_tech_note09186a00800949e2.shtml#settingupaniosrouterasssh	18:48
* persia has no good recommendations for CatOS other than "Upgrade"		18:50
axisys	persia: hmm.. that wont be an option for this scenario due to company policy .. but i am glad it is a valid option	18:50
axisys	how do I start telnetd .. may be then use ufw limit telnetd ? i do that limit for ssh	18:51
persia	There exists no safe way to enable telnetd, unfortunately. There are lots of unsafe ways. `apt-get install telnetd` is likely the easiest of these.	18:52
axisys	persia: yep.. telnetd is not safe period.. looks like it will be sitting in a private network	18:53
axisys	persia: what you know looks like that router has ssh already there.. these network guys never ever used it.. lol	18:56
jaypur	if i run sudo apt-get update on server	18:58
jaypur	it will download AND install the updates or i need to run something to install them	18:58
zul	mdeslaur: does this look sense to you? https://bugs.edge.launchpad.net/ubuntu/+source/ntp/+bug/517701	18:59
uvirtbot	Launchpad bug 517701 in ntp "ntpd apparmor rule does not allow reading dhcp based config" [Low,Incomplete]	18:59
preben	anyone used /etc/lvm/lvm.conf ?	19:01
persia	jaypur: Neither. It just updates the status of updates available. "upgrade" and friends perform upgrades.	19:01
jaypur	hm	19:01
jaypur	let me try	19:01
mdeslaur	zul: yeah, that looks okay...don't remove the old one just in case, just add the new one	19:01
zul	k	19:02
jaypur	.yeah it's upgrade thanks persia	19:02
zul	mdeslaur: rw?	19:03
mdeslaur	zul: same as the old one	19:04
jalons	preben: yes, but I haven't touched multipathd on anything newer than hardy	19:04
preben	jalons: it seems to me that lvm somehow prevents multipathd to add the mulipath devices if diskgroups are on the pvs	19:05
preben	jalons: so I'm trying to configure lvm.conf, so it wont touch the disks before the multipath devices are available	19:06
preben	.. or something	19:06
jalons	which is logical, you don't want to start your lvm until the physical disks are ready	19:06
jalons	I'm trying to find a host I have this one, as I seem to recall fighting CLVM vs LVM on this issue	19:07
preben	it works pretty good. multipath -ll is good, pvs, vgs, lvs all good.	19:08
preben	but soon as I reboot, the lvm access the pvs as /dev/sda,c,d and so on, instead of /dev/mapper/alias (from multipath)	19:08
preben	and multipath -ll is completly silent	19:09
jalons	ok, so you want to strip out the devices {} section of lvm.conf?	19:09
jalons	basically, ignore /dev/sd{a,b,c}*, and manually specify what you want	19:10
RoAkSoAx	kirkland, how do I change the color of the byobu's status bar?	19:10
jalons	there's a regex in there somewhere to ignore all sd{a-z}.{1-9} devices, so if you drop another drive in later it doesn't freak out - is that the jist?	19:11
preben	it gets worse, I have installed the os on lvs to	19:11
kirkland	RoAkSoAx: F9	19:11
jalons	hrm.	19:11
RoAkSoAx	kirkland, oh got it thanks lol :)	19:11
preben	there is a filter seciont in /etc/lvm/lvm.conf - but I havent managed it to work yet	19:11
jalons	preben: you want to multiplath the connection to the OS i take it?	19:12
preben	jalons: I have managed this to work in a linux kvm guest with a single path	19:12
preben	jalons: the os boots on a single internal disk, the multipathed disks are on a EMC san	19:12
jalons	right, it's replacing the LVM devices with their multipath siblings	19:12
preben	I think so	19:14
kirkland	RoAkSoAx: ;-)	19:14
jalons	preben: ok, it definitely sounds like you want to set up filtering (although if the system disk is seperate from the actual LVM, you should be fine)	19:15
preben	I tried this filter: filter = [ "a\|^/dev/sdc\|", "a\|^/dev/mapper/\|", "r/.*/" ]	19:15
preben	to include the boot disk(/dev/sdc) and include the multipath devices under /dev/mapper and ignoer evrything else	19:16
jalons	so that's accepting sdc and anything under /dev/mapper, and rejecting everything else	19:16
jalons	why do you want the boot disk included? is it part of the LVM that's hanging off your SAN/	19:16
preben	no, buts the boot drive is in a diskgroup by it's own	19:17
preben	with root and swap volumes	19:17
jalons	ah.	19:17
jalons	duh, even though it's seperated out we still have to tell lvm about it	19:17
jalons	so to start from the top now that i get it - upon reboot it's finding the LVM that contains / and swap, but it's mangling the mpath hosts, showing them up as /dev/sdX rather than the appropriate mpathX devices	19:18
jalons	you're sure LVM is starting after multipath daemon?	19:19
jalons	or before, not sure on the logic there - sorry to wall-o-text and run, but market closes in 40 minutes and I need to start final checks	19:19
preben	I think thats the core of the problem. But i tried grepping under /etc/init.d after lvm, but no such luck	19:20
preben	jalons: thanks for helping out	19:20
uvirtbot	New bug: #539791 in samba (main) "mount.cifs cannot mount a DFS share when using Kerberos authentication" [Undecided,New] https://launchpad.net/bugs/539791	19:21
RoAkSoAx	zul, bug #533603 bug #533601 and bug #531978	19:31
uvirtbot	Launchpad bug 533603 in net-snmp "Apport hook for net-snmp" [Wishlist,Confirmed] https://launchpad.net/bugs/533603	19:31
uvirtbot	Launchpad bug 533601 in bind9 "Apport hook for bind9" [Wishlist,Confirmed] https://launchpad.net/bugs/533601	19:31
uvirtbot	Launchpad bug 531978 in vsftpd "Apport hook for vsftpd" [Wishlist,Confirmed] https://launchpad.net/bugs/531978	19:31
zul	RoAkSoAx: the vsftpd one is pending	19:32
RoAkSoAx	zul, oh ok :)	19:32
Fougner	Hi! I'm trying to setup lighttpd+rtorrent with a scgi_local, but all I get from lighttpd is 500 - internal server error, where should I start looking?	19:33
wack479	trying to get the "SetEnvIf Request_URI "^/robots\.txt$" dontlog" (keep the server from logging any robots.txt requests) but for some reason its not working for me. does the code not just go in the apache.conf?	19:34
wack479	trying to get the "SetEnvIf Request_URI "^/robots\.txt$" dontlog" (keep the server from logging any robots.txt requests) but for some reason its not working for me. does the code not just go in the apache.conf?	19:43
ventz	Trek: hey	20:04
Trek	hiya ventz, i'm just here to track your issue is all	20:04
ventz	thanks :)	20:04
ventz	so here's the problem	20:04
Trek	ventz: sounds to me like whatever you used to set your IPs went poof and isnt operating properly	20:04
ventz	we bootup templates of ubuntu (jeos actually). At somepoint, we forget to re-ip a template. Now there's a duplicate IP.	20:05
ventz	The problem is that the system doesn't tell us when we boot it up	20:05
ventz	this constantly happens and we manually trace it down	20:05
ventz	i am wondering if there's a way to at least know right away that there's a duplicate system IP	20:06
ventz	in RHEL, when you boot it up, when it takes the network IP, it tells you about this	20:06
ventz	Same for windows.	20:06
ventz	anyone? :)	20:10
Trek	if anyone is here, please poke me with /CTCP Trek IAMHERE	20:10
ventz	when you have > 1200 hosts, it can become somewhat of a hassle to deal with this	20:10
=== luis__lopez is now known as luis_lopez
Trek	ventz: a thought, have you tried using a script to find the culprit computers, rather than tracking it down manually?	20:11
Trek	ventz: i'm not a networking expert, but just a thought	20:12
ventz	Usually the network guys trace it to an esx rack and from there to an esx port	20:12
ventz	after that it's usually our job to find it	20:12
jalons	a HA dhcpd that assigns the initial IP, a script that runs on the host that converts itself from the DHCP ip to static with whatever IP is assigned via DHCP?	20:12
ventz	my problem is not just finding it -- that's annoying, but it's something that we can do in a finite steps. What kills me is finding out that this has happened in the first place. Usually we notice as people start getting different results running projects from different networks (thus hitting different resources or not reaching a resource)	20:13
jalons	a central server that runs through each network class arping the IPs, looking for collisions is a passive solution	20:13
jalons	i've used both, didn't like either method	20:15
jalons	ventz: IPwatchD? http://www.linuxconfig.org/IPwatchD_an_IP_conflict_detection_tool_for_Linux	20:17
jalons	looks like it might have some X dependencies from the page, which would be evil	20:17
jalons	but, shrug	20:17
jalons	might be a starting point	20:17
Maletor	Hey I added ServerName mydomain.com to a sites-available file, but I can't get apache to start up without this error "Could not reliably determine the server's fully qualified domain name, using 127.0.1.1 for ServerName"	20:21
Maletor	I have multiple TLDs so I need to be able to put them in the virtual host file...	20:22
ventz	jalons: let me check that out. I've never used that	20:22
ventz	I think it's for a running system though	20:22
jalons	ventz: so you need something in the installer that's able to detect an IP conflict?	20:23
Fougner	Maletor: set ServerName in apache2.conf to a FQDN	20:24
Maletor	Fougner: I'm reading about that, but it doesn't say what to do if I want to link multiple FQDNs to this IP...	20:25
jalons	Just pick one.	20:26
jalons	determine a ServerName, and then user ServerAlias for the others	20:26
Fougner	Maletor: you might as well use the hostname	20:27
Maletor	Fougner: ?	20:27
Maletor	How would I forward requests from domain1.com to 192.168.1.13 internally and requests to domain2.com to 192.168.1.10 ?	20:28
jalons	with virtual hosts	20:29
brontosaurusrex	i'am trying with some basic ircd-hybrid setup..., but i can only connect to 127.0.0.1, what is minimum one should do in ircd.conf ?	20:33
jalons	brontosaurusrex: in your listen {} block, make sure you don't have host localhost or host 127.0.0.1. You really shouldn't be asking what's the minimum you need for ircd.conf, but rather actually go through and understand each configuration option before you fire up your daemon	20:35
ventz	jalons: yes	20:39
ventz	something that will detect it on bootup	20:39
ventz	and not take the IP if there's an ip conflict	20:39
brontosaurusrex	jalons: thanks	20:46
=== andreas__ is now known as ahasenack
jalons	ventz: I think you're going to need to script it to ifup then arp during install	21:01
jalons	that's the only way I can think to solve that	21:01
jalons	ifup && arping <IP to use>. if response die else carry on	21:05
klaas	I'm running a full encrypted system using luks and cryptsetup plus dropbear for remote unlocking - I want to change the dropbear port from 22 to something else but I can't fint the setting where its changed - adjusting etc/init.d/dropbear /etc/defaults/dropbear does not work - anyone got an idea where the port could be hidden? :)	21:08
McWiney	help! when accessing my server through a browser, php files are being downloaded instead of displaying in the browser. How can i fix?	21:12
McWiney	here's what i mean: http://eckcite.com/test has two folders with identical index files (with html and php file extensions)	21:14
Maletor	How do I add a virtual host so that it is going to 192.168.1.10 ?	21:18
Maletor	When my web server is 192.168.1.13	21:18
faileas	i'm noticing that there have been a LOT of attempts to brute force my system via SSH. While they haven't suceeded, (mostly due to incompetance) any suggestions on what i should do, other than changing the port i'm listening on?	22:01
jiboumans	faileas: this is Normal unfortunately. there's 2 obvious things you can do	22:02
jiboumans	1) use knock to only open ports if you know the knock sequence	22:02
jiboumans	2) add a rule to your firewall to block IP addresses after X unsuccessful attempts	22:02
faileas	jiboumans: how do i do that?	22:02
jiboumans	faileas: there'll be tutorials all over the web. I'm sure google can point you there quicker than I could	22:03
faileas	alternately, could i restrict SSH access to maybe 2-4 ip addresses - all my systems are ipv6 enabled and static?	22:03
jiboumans	faileas: if you dont have a need to have access open to the world, of course you shouldn't	22:04
jiboumans	personally, i have my ssh open to a very finite set of IP addresses, 2 of which are company jump boards which are open to the world	22:04
Maletor	use certificates	22:19
Maletor	How do I tell apache2 to forward incoming requests to mydomain.com to a another IP address (internal)?	22:20
\sh	Maletor: you should read about apache2 mod-proxy, or iptables ... depending on your needs	22:21
Maletor	well can i just set it so that all requests go to some default, and the ones that go specifiically to mydomain.com go to my computer ip	22:22
Maletor	given that my computer is the web server	22:23
goose	is there some way I can have all emails sent to /var/mail/ forwarded to my real email address via sendmail?	22:31
qotsa	i successfully set up a bridge-interface with bridge-utils (version 1.4-5). after i got an ip from my adsl-modem with dhclient my computer justs shuts down. no joke. this is reproducible. any help is highly appreciated.	22:31
* Mojo- waves		23:37
Mojo-	Anyone got a moment for a n00b question?	23:37
Mojo-	For 225 people, it sure is quiet in here...	23:42
goose	just ask, don't ask to ask :p	23:42
Mojo-	Hah	23:43
Mojo-	Alright	23:43
Mojo-	Anyone had any issues with SSH hanging takin the cpu(s) to 100%?	23:44
goose	um. I could maybe see that if you were using like, a 30 GiB RSA key, but otherwise no, I'd say that's an abnormal problem	23:45
Mojo-	Heh	23:45
Mojo-	4 separate installs.	23:45
Mojo-	Debian 5, and 3 ubuntu server installs	23:45
Mojo-	No major changes done	23:45
Mojo-	Save a static ip and installing vim-nox	23:45
Mojo-	Also, not using the keys yet, just using passwords.	23:46
goose	I just checked	23:46
goose	when I SSH into my server, my CPU does spike to 100% when verifying my RSA key, but it doesn't hang	23:46
goose	I barely even caught it	23:46
Mojo-	Mine doesn't even offer a password prompt.	23:46
Mojo-	Even on the localhost.	23:46
goose	it didn't even have time to show up on the graphs, just flew by the htop screen	23:47
pwnguin	you have ssh keys	23:47
pwnguin	just how crazy were they?	23:47
Mojo-	I do.	23:47
Mojo-	Um	23:47
goose	lol. of course I do :p as compared to my 8192 bit RSA key, a "password login" is crap	23:47
Mojo-	Whatever the default install is.	23:47
goose	anyways, incase anyone was wondering, the answer to my question was simple:	23:48
goose	echo "your@email.com" > ~/.forward	23:48
goose	(and ofc, have "sendmail" installed)	23:48

Generated by irclog2html.py 2.7 by Marius Gedminas - find it at mg.pov.lt!