[00:00] <v0lksman> https://bugs.launchpad.net/hardy-backports/+bug/286337
[00:00] <jayvee> apt-get build-dep openssh-server
[00:00] <jayvee> that'll get the build-dependencies right, and you can just ./configure && make && sudo make install
[00:01] <v0lksman> so I won't need to re-compile openssl?
[00:02] <v0lksman> also does that compile in support for pam and all that?
[00:03] <jayvee> no idea
[00:03] <jayvee> v0lksman: uh, why don't you use this PPA like in the bug comments? https://launchpad.net/~rainct/+archive
[00:03] <lifeless> if you use debuild, it will do a normal ubuntu build, so yes pam included. however, PPA's ++
[00:03] <v0lksman> cause it's a bit of a security risk?
[00:04] <jayvee> so is compiling it yourself
[00:04] <v0lksman> I'd rather blame myself than tell my client I got the software from some joe...
[00:04] <lifeless> v0lksman: you can check the signatures on the ppa, check the diff against the lucid diff
[00:04] <jayvee> it's not like the PPA binaries are closed source
[00:04] <v0lksman> lifeless: hrm...not a bad idea
[00:04] <v0lksman> the ppa is outdated too though
[00:04] <jayvee> yeah, that's what you'll be dealing with from here on out
[00:05] <jayvee> at least hardy's 4.9 is maintained
[00:05] <v0lksman> until lucid is released
[00:05] <v0lksman> 4.9?  4.7
[00:05] <v0lksman> where is 4.9 for hardy?  that'll do...anything more than 4.8
[00:05] <jayvee> whoops, yeah
[00:05] <jayvee> 4.7
[00:05] <v0lksman> damn
[00:05] <v0lksman> had me hoping there
[00:06] <jayvee> lifeless: I'm really slack. I haven't looked into that test-driven stuff at all.
[00:06] <lifeless> jayvee: de nada
[00:06] <jayvee> I've now got some people using python-iview as an "upstream". :-D
[00:07] <jayvee> The xbmc and boxee iview plugins re-use python-iview. I honestly didn't think it was *that* reusable. :)
[00:07] <jayvee> So yeah, the test-driven whatever is all the more important.
[00:07] <lifeless> \o/
[00:09] <jayvee> most things I set my mind to, I "just get"
[00:09] <jayvee> but not unit testing
[00:10] <jayvee> the things I don't "just get" are unit testing, BGP, Wave Robot API, and OAuth.
[00:10] <jayvee> everything else I can get my head around in an hour or so.
[00:10] <jayvee> Oh, and D-Bus. I don't get that either.
[00:11] <lifeless> BGP is fune.
[00:12] <lifeless> dbus is NIH DCOM is NIH CORBA
[00:24] <axisys> still trying to find out why i need to have a monitor plug in to see the login prompt in serial console ?
[00:31] <lullabud> axisys: that is a very strange problem.  never heard of that one...
[00:31] <lullabud> i'm curious to know the solution.
[00:32] <lullabud> what package do i need to install to get ubuntu to auto-register in Active Directory DNS?
[00:52] <axisys> posted my message in ubuntu server and user mailing list ..
[00:53] <axisys> looks like exact same problem was posted before
[00:53] <axisys> https://lists.ubuntu.com/archives/ubuntu-users/2009-April/182662.html
[00:53] <axisys> but on older version ubuntu
[00:55] <axisys> this seems to be similar bug in lucid
[00:55] <axisys> https://bugs.launchpad.net/ubuntu/+source/linux/+bug/529234
[01:16] <axisys> looks like i need to disable gdm .. becasue it is a desktop ..
[01:17] <axisys> so update-rc.d -f gdm remove should do it?
[01:18] <MTecknology> axisys: should - i prefer rcconf
[01:20] <axisys> MTecknology: rcconf ? i have not used it
[01:20] <MTecknology> !info rcconf
[01:20] <MTecknology> ubottu: *tap* *tap*
[01:21] <MTecknology> 20:21 < mtbot> MTecknology: rcconf (source: rcconf): Debian Runlevel configuration tool. In component universe, is optional. Version 2.2 (karmic), package size 22 kB, installed size 132 kB
[01:22] <persia> update-rc.d is the solution used by all the maintainer scripts : other stuff also works, but be warned that it's 1) not default and 2) it's essential not to break update-rc.d
[01:22] <MTecknology> axisys: /pp 18
[01:23] <MTecknology> axisys: sorry
[01:23] <axisys> persia: hmm... i guess i will just go with update-rc.d then
[01:24] <MTecknology> axisys: rcconf is extremely simple. I only use update-rc.d when I need to add a script manually to /etc/init.d
[01:28] <MTecknology> there's a lot of opinions in here - but usually something to back up the reason.. postgresql vs mysql.. opinions and reasons for picking one over the other?
[02:15] <Razernok> hi
[02:17] <Razernok> Anyone here?
[02:18] <lifeless> no
[02:21] <Razernok> So much for getting help then
[02:21] <lifeless> well, its a bit of a silly question
[02:21] <lifeless> perhaps you could ask your questions
[02:21] <persia> There's lots of folk here
[02:21] <persia> !ask
[02:21] <lifeless> 'don't ask to ask, just ask'
[02:22] <Razernok> no point to ask if no one is here to answer.
[02:23] <persia> Razernok: /names will give you a list of folk.  Also, when lifeless said "no" he meant approximetely the opposite.
[02:23] <lifeless> Razernok: people don't reply to 'is there anyone here' style questions: folk are generally working and thats a fairly social question.  Its also very disruptive if everyone answers (because you get a lot of noise)
[02:26] <Razernok> What is the point of the DNS server?
[02:27] <persia> It translates arbitrary strings into IP addresses.
[02:27] <persia> Or translates arbitrary strings into other strings (depending)
[02:32] <cef> a DNS is basically a semi-flat database of mappings of names to ip addresses, names, or informational data about the name, and as such can also provide mapping of ip addresses back to names. without one, you can't get a computer to recognise that www.google.com.au maps to an IP address that is used behind the scenes to make the connection. Think of it a bit like a phone book.
[02:34] <Razernok> so with it a dynamic ip can have a .com domain?
[02:34] <persia> cef: "IP addresses back to names" is just a superset of names to infomational data.
[02:35] <lifeless> Razernok: the DNS Server in Ubuntu can be used to do that but isn't needed for that. They are separate problems.
[02:35] <lifeless> Razernok: you need the DNS Server if you want to run a DNS server. You only need to run a DNS Server if you need to maintain a DNS zone yourself: small organisations and below generally outsource this to their domain registrar
[02:35] <cef> persia: sort of.. it's constrained.. you can get a name to an ip, but not necessarily get an ip back to a name. that depends on if it's say a CNAME or if they have bothered to even provide reverse mapping (in-addr.arpa)
[02:36] <Razernok> my server is on a dynamic ip
[02:37] <cef> Razernok: there are services that allow you to give a constant name to a dynamic ip, but it does have issues (eg: when the ip changes, etc). places like dyndns.org and the like.
[02:38] <Razernok> dyndns.org only gives dynamic ips a subdomain
[02:38] <persia> cef: My point is that when do you the in-addr.arpa dance, you're back into the "names into *" area.  Just a nitpick of mine: there *is no* reverse DNS, just a cooperative convention that mimics it.
[02:39] <cef> persia: ahh I see what you mean.. yeah true
[02:40] <Razernok> I guess no .com domain for my server then... :(*
[02:40] <Razernok> :(
[02:41] <cef> Razernok: you get a unique hostname, and that you can point at with a different DNS (eg: ISP/DNS Registrar hosted) using a CNAME record. But, it'll still suffer all the dyndns type issues.
[02:41] <Razernok> i can only get dynamic ips not static ips
[02:42] <cef> eg: get a DNS Registrar to host iwantafunnyname.com for you, then set up a CNAME record that maps www.iwantafunnyname.com to whaterveritis.dyndns.org
[02:45] <cef> it's a hack, and you can have issues (eg: you can't the CNAME use the name for an MX - mail exchange - record, etc etc.)
[02:45] <Razernok> hmm, I hope no-ip.com's software works on linux then
[02:46] <cef> Razernok: there are a number of things and services like that, so there are options if you do go down that path
[02:46] <Razernok> hmmm, its a download. I dunno how to transfer it to the server or install it from a file. Unless they gave me a apt-get command I'm clueless on how to install it.
[02:47] <Razernok> well, then again I could run the no-ip.com software on my windows pc since the public ip is the same
[02:47] <Razernok> but prefer it on the actually server though
[02:48] <Razernok> anyone know the apt-get for no-ip.com's software?
[02:49] <sekyourbox> Having trouble designating an ethernet port for sending DHCP communication using DHCPD3 on ubuntu
[02:50] <sekyourbox> What needs to be added in DCHPD3.CONF to only set up dhcp on one interface connected to a router?
[02:51] <Razernok> i guess no one knows then :(
[02:51] <Razernok> bye then
[02:53] <persia> apt-cache search dynamic shows several
[02:54] <persia> apt-cache seach no-ip even shows three.
[02:54] <lunaphyte> sekyourbox: see /etc/defaults/dhcp3-server
[02:55] <lunaphyte> although i don't quite know what "connected to a router" means.
[02:56] <sekyourbox> thx, brb
[03:03] <sekyourbox> test
[03:09] <KD7SPO-rod> need help settig up virtual host on ubuntu server 9.10, I can configure on other linux and bsd no problem so I must be missing something. I've copied the default file to www.ezyaspi.com in my sites-available folder and ran a2en  www.ezyaspi.com and restarted apache with sudo /etc/init.d/apache2 restart. But I still get the default page when I browse to www.ezyaspi.com page. DNS is pointed correctly. Any suggestions?
[03:14] <sekyourbox> do you need network manager for ATH0 / wifi connections?
[03:15] <sekyourbox> How does this work exactly, I have a physical interface WIFI0, and what seems to be some type of virtual interface ATH0.. ath0 is where im picking up my ip address.
[03:16] <sekyourbox> sorry, wlan0
[03:17] <jayvee> yeah, they're a bit funny
[03:17] <jayvee> don't touch the one that doesn't do anything
[03:17] <jayvee> I have an aironet card that comes up as wifi0 and wmaster0
[03:18] <jayvee> I don't touch wmaster0
[03:19] <sekyourbox> I need to remove network manager
[03:19] <sekyourbox> I have wmaster0 too
[03:19] <sekyourbox> ath0 has the ip of the wifi network
[03:19] <sekyourbox> I dont want to hose my internet if I drop netman
[03:55] <Razernok> how do i open a file using command line?
[04:00] <jayvee> Razernok: you mean like a text editor?
[04:00] <jayvee> nano is a good text editor to use if you're not familiar with the command line.
[04:00] <jayvee> $ nano the_file.txt
[04:02] <Razernok> hmmm, and it looks like there is no way to add users to the ftp server. weird
[04:04] <pwnguin> Razernok: maybe it's based on system users?
[04:04] <jayvee> maybe the ftp server uses your unix users as authentication
[04:05] <jayvee> what pwnguin said :)
[04:05] <pwnguin> personally, i avoid ftp
[04:05] <jayvee> strongly agree
[04:05] <Razernok> nope
[04:05] <jayvee> Razernok: install openssh-server, and use an SFTP program to transfer files
[04:05] <pwnguin> slowly training our interactive media dept that it's bad
[04:05] <jayvee> most FTP cilents support SFTP these days
[04:05] <Razernok> i just tried my user and pass
[04:05] <jayvee> it's not even worth getting FTP going
[04:05] <jayvee> just use SFTP
[04:06] <Razernok> need ftp for dreamweaver
[04:06] <jayvee> eww
[04:06] <pwnguin> pretty sure dreamweaver supports SCP
[04:06] <jayvee> that's another thing you'll want to get rid of :P
[04:07] <pwnguin> http://webmaster.iu.edu/tool_guide_info/dreamweaver_pc.shtml
[04:07] <Razernok> from the ftp server "Response:	530 This FTP server is anonymous only."
[04:07] <Razernok> wtf
[04:07] <pwnguin> heh
[04:07] <pwnguin> Razernok: you have ssh set up for administration right?
[04:08] <Razernok> yea
[04:08] <Razernok> I'm on putty
[04:09] <pwnguin> i haven't checked but im pretty sure that if you can scp to the box, you can sftp
[04:09] <Razernok> need ftp so i can use Filezilla
[04:10] <pwnguin> filezilla should support sftp as well
[04:10] <jayvee> Razernok: filezilla supports sftp
[04:10] <pwnguin> #
[04:10] <pwnguin> # Supports FTP, FTP over SSL/TLS (FTPS) and SSH File Transfer Protocol (SFTP)
[04:10] <jayvee> like I said, most FTP clients out there support SFTP
[04:10] <pwnguin> Razernok: if you want to get really crazy, set up WebDAV
[04:11] <sbeattie> actually, I believe it is possible to configure sshd to not support sftp while allowing scp, but it's not a common configuration.
[04:12] <pwnguin> probably, but i think openssh-server allows both out of box on ubuntu?
[04:15] <Razernok> i got it but it won't let me transfer files
[04:15] <Razernok> open for write: permission denied
[04:15] <Razernok> :(
[04:15] <pwnguin> with FTP?
[04:16] <Razernok> sftp
[04:16] <pwnguin> where you trying to write to and with what user?
[04:16] <Razernok> yes
[04:16] <Razernok> its an admin user
[04:17] <pwnguin> if it's root
[04:17] <pwnguin> that's disabled by default
[04:17] <Razernok> its a folder in root
[04:17] <pwnguin> where you trying to write to and with what user?
[04:18] <Razernok> in /Storage
[04:18] <jayvee> Razernok: ubuntu "admin" users aren't automatically root
[04:18] <jayvee> they are only "root" when they use sudo
[04:19] <jayvee> when you use sftp, you just have normal permissions
[04:19] <jayvee> so you have to "chown razernok:razernok /Storage"
[04:19] <jayvee> or the equivalent
[04:19] <Razernok> so how do i upload into root?
[04:19] <Razernok> huh?
[04:19] <jayvee> what is the user you are trying to log in as?
[04:19] <jayvee> s/log in/upload/
[04:20] <Razernok> my admin user
[04:20] <jayvee> yeah, but what's his username?
[04:20] <pwnguin> does it matter?
[04:20] <Razernok> john
[04:20] <jayvee> you want to go "chown john /Storage"
[04:20] <pwnguin> unless
[04:20] <pwnguin> it's web data
[04:22] <Razernok> where do i do chown john /Storage
[04:22] <pwnguin> ubuntu web server doesn't run as root
[04:22] <jayvee> /Storage doesn't sound like it's being served by the web server to me
[04:23] <Razernok> its so i have an easy to find folder for my uploads to the server but not to be seen on the web server.
[04:23] <pwnguin> thats what your homedir is for?
[04:24] <Razernok> but you then have to type "/home/john"
[04:24] <Razernok> and i don't want the extra stuff to remember
[04:25] <pwnguin> depends on the client
[04:25]  * jayvee bangs head on desk
[04:25] <pwnguin> many will automatically chdir ~
[04:25] <jayvee> true
[04:25] <Razernok> chdir???
[04:25] <jayvee> and if you use "scp some_file.txt myserver:" it automatically copies it to your home directory
[04:26] <jayvee> change directory to ~ (where ~ means home directory)
[04:26] <jayvee> cd and chdir mean change directory
[04:26] <Razernok> ok you've lost me
[04:27] <Razernok> I just want to be able to upload to anywhere on the server.
[04:27] <jayvee> you could enable the root user, but you're really shooting yourself in the foot
[04:27] <qman__> Razernok, that can't be done without massively destroying the system permission scheme
[04:28] <jayvee> mmm...it's a very Windows-like attitude
[04:28] <pwnguin> qman__: you could just use root, which preserves permissions but opens up another fun attack. perhaps theres a way to limit it to scp, but even then, yikes
[04:28] <qman__> allowing root to log on remotely is something I don't ever consider doing
[04:28] <jayvee> yeah, rssh can limit it to scp, but with root permissions, you could just delete rssh with scp
[04:29] <qman__> and when you run as root, everything you create is owned as root, which mucks up permissions anyway
[04:29] <jayvee> Razernok: I know when I was new to Linux, I wanted the same too, so I understand where you're coming from.
[04:29] <jayvee> But really, it's shooting yourself in the foot still. :)
[04:29] <Razernok> so if I'm only allowed to upload to my user's home directory then how am i expected to upload to say the htdocs folder? or custom folders used as storage?
[04:29] <qman__> yes
[04:30] <qman__> it's a Very Bad Idea (tm)
[04:30] <pwnguin> Razernok: you could make yourself the owner of that directory
[04:30] <Razernok> ya can't then unless you place the folders in the home directory
[04:30] <pwnguin> you can totally change the ownership of files
[04:30] <jayvee> exactly
[04:30] <pwnguin> probably there's a smarter way
[04:30] <qman__> Razernok, there's also ~/public_html
[04:30] <sekyourbox> I need to configure /etc/networ/interfaces.. Can i configure ath0 (wireless) in here or do I have to use some IW config file???
[04:31] <jayvee> Razernok: you should "chown" (i.e. "change owner") of your htdocs directory to yourself so you can upload to it
[04:31] <jayvee> which is why I was talking about chown earlier
[04:31] <pwnguin> im thinking, mod_userdir and mod_rewrite
[04:31] <Razernok> i don't see a command line in filezilla
[04:31] <pwnguin> use ssh
[04:31] <jayvee> yeah you'll need to do it from putty
[04:31] <Razernok> oh god
[04:32] <jayvee> sudo chown john:john /var/www/htdocs
[04:32] <jayvee> or wherever htdocs is
[04:32] <qman__> actually
[04:32] <qman__> you probably want john:www-data
[04:32] <qman__> otherwise it might break the website
[04:32] <jayvee> true
[04:32] <pwnguin> what you can do is use mod_userdir to provide a mapping from www.example.com/~john to /home/john/public_html
[04:32] <Razernok> i have no idea where htdocs is located at
[04:33] <qman__> well, there is no htdocs by default in ubuntu
[04:33] <jayvee> well if you haven't touched anything, it's actually /var/www
[04:33] <qman__> so unless you created it, it doesn't exist
[04:33] <pwnguin> and then make a public_html dir with group www-data, and set it to be sticky
[04:33] <jayvee> Razernok: I'm guessing you're reading tutorials for Fedora or Red Hat?
[04:33] <qman__> and the default website is /var/www
[04:33] <jayvee> Red Hat uses htdocs by default, but Debian and Ubuntu call it different
[04:33] <jayvee> don't read Fedora tutorials
[04:33] <qman__> yeah, that'll really mess you up
[04:33] <Razernok> I use apache
[04:33] <qman__> stick to ubuntu docs for ubuntu
[04:33] <jayvee> yeah
[04:34] <pwnguin> Razernok: the apache tutorials for Fedora aren't the same as the ones for Ubuntu/Debian
[04:34] <jayvee> my head definitely explodes when I try and do things the Fedora way in Ubuntu, or vice versa
[04:34] <qman__> debian docs are secondarily preferred, since most of the packages are similar
[04:34] <qman__> but definitely use ubuntu centric docs wherever possible
[04:35] <pwnguin> Razernok: for example, last i checked, apache ran as root on Fedora, while it runs as its own user in Debian
[04:35] <Razernok> i came from windows not fedora
[04:35] <jayvee> pwnguin: on CentOS 5.4 at least, it runs as the 'httpd' user
[04:35] <qman__> debian and ubuntu also have a very different apache configuration setup
[04:36] <qman__> apache on windows is a disaster waiting to happen
[04:36] <pwnguin> jayvee: perhaps. my rhel env at work is best described as pathological
[04:36] <jayvee> Razernok: but you must have been reading a Red Hat–centric tutorial or heard from a Red Hat using user if you wanted to access a "htdocs" folder
[04:36] <jayvee> Ubuntu has never had a "htdocs" folder. :)
[04:36] <pwnguin> i think htdocs is the default apache stuff
[04:36] <Razernok> no
[04:36] <Razernok> on apache its called htdocs
[04:36] <pwnguin> it's probably that way on windows too
[04:37] <jayvee> yeah, possibly
[04:37] <pwnguin> Razernok: trust me, apache doesn't care
[04:37] <jayvee> pwnguin: come to think of it, you might be right
[04:37] <pwnguin> Razernok: its all in the config files in /etc/apache2/
[04:37] <jayvee> %PROGRAMFILES%\Apache\htdocs or something
[04:38] <jayvee> last time I ran Apache on Windows was way back in 2007
[04:38] <pwnguin> heh
[04:38] <jayvee> or 2006, actually
[04:38] <pwnguin> i havent but my boss tried
[04:38] <jayvee> yeah, 2006
[04:38] <qman__> the only thing worse than trying to run apache on windows, is trying to run PHP in IIS 5
[04:38]  * jayvee shudders
[04:38] <jayvee> I've done that...briefly
[04:38] <pwnguin> i accidentally recomended we replace our IIS ftp site with webdav
[04:38] <pwnguin> but it turns out apple is spawn satan
[04:38] <pwnguin> and only supports apache, poorly
[04:39] <jayvee> you mean apple can only connect to apache webdav servers, and not, say, iis webdav servers?
[04:39] <pwnguin> correct
[04:39] <jayvee> ouch
[04:39] <pwnguin> it demands webdav 2.0
[04:39] <jayvee> webdav is kind of...meh
[04:39] <pwnguin> and even then, fucks up the syntax
[04:39] <jayvee> it was new back in...1998
[04:39] <pwnguin> webdav is neat; pokes straight through firewalls
[04:40] <jayvee> Windows 98 had the glorious new "Web Folders" feature in My Computer
[04:40] <pwnguin> supported out of box by windows, ubuntu and OSX.... IF you run apache
[04:40] <jayvee> it is easier to secure than sftp if you don't trust your users, I have to admit
[04:40] <jayvee> rssh is kind of meh as well
[04:40] <pwnguin> anyways
[04:41] <pwnguin> ive taken to a simple /var/www/www.pwnguin.net approach, with Virtual Directory in apache config
[04:41] <jayvee> that's what I do on my linode
[04:42] <qman__> userdir is a great solution when you want normal users to be able to upload to a web server
[04:42] <jayvee> dead easy to maintain
[04:42] <pwnguin> qman__: is it possible to combine userdir and modrewrite?
[04:42] <qman__> not sure, never tried
[04:43] <Razernok> so what do i need to do????
[04:43] <qman__> I've done userdir, and I've done rewrite, but not both at the same time
[04:44] <qman__> Razernok, if you're the only user, just SSH in, and `sudo chown john:www-data /var/www`
[04:44] <qman__> then you'll be able to upload files there, and they'll show up in the default apache site
[04:44] <qman__> assuming your username is john
[04:44] <pwnguin> protip: set the group sticky bit if you want new dirs to inherit the group
[04:45] <pwnguin> (you do)
[04:45] <Razernok> and what about normal folders for storage?
[04:45] <qman__> just use your home folder, or a folder within it
[04:45] <pwnguin> i'd just use my homedir, because thats what should show up if you dont' type in anything for a directory
[04:45] <qman__> a tilde, ~, magically refers to your home folder
[04:46] <qman__> so you don't have to type /home/john every time
[04:46] <Razernok> i want to avoid typing long paths like /home/john/something/fgse.txt
[04:46] <qman__> use tab completion
[04:46] <pwnguin> Razernok: in your HTML?
[04:46] <qman__> also, that's not a long path
[04:46] <Razernok> so i need to place it in the root
[04:46] <qman__> you do not want to place files in the root
[04:46] <Razernok> like /Storage
[04:47] <qman__> that's also a Very Bad Idea
[04:47] <qman__> to clarify
[04:47] <Razernok> alot faster to type /Storage then /home/john/Storage/file.txt
[04:48] <qman__> if your user is john, '~/Storage' means the same thing as '/home/john/Storage'
[04:48] <jayvee> yes
[04:48] <jayvee> 100% agree
[04:48] <jayvee> home folders are there for a reason
[04:49] <qman__> you can also type that path very quickly
[04:49] <jayvee> I use the ~ shortcut all the time
[04:49] <qman__> keys pressed, in order: / h TAB j TAB shift+S TAB
[04:49] <jayvee> I probably haven't typed /home/jeremy for years
[04:49] <pwnguin> well
[04:49] <pwnguin> my bash autocomplete isn't network aware
[04:50] <qman__> mine isn't either, but I have a /home/ryan on all my machines
[04:51] <Razernok> damnit, can't find a remove folder command
[04:51] <Razernok> wtf
[04:51] <qman__> the new version of openssh that just came out a few days ago adds tab completion to the built in sftp client
[04:52] <pwnguin> rm
[04:52] <qman__> I use scp the most, though
[04:52] <jayvee> Razernok: use "rmdir" if the folder is empty
[04:52] <Razernok> this is ticking me off
[04:52] <pwnguin> mostly i just use gnome's remote scp mount tool
[04:52] <qman__> Razernok, rm -r if you want to remove a directory and all files within
[04:52] <jayvee> or "rm -r" if you want to remove all files inside it but BE CAREFUL with that command — you can do a lot of damage
[04:52] <Razernok> rmdir: failed to remove `/Storage': Permission denied
[04:53] <jayvee> sudo rmdir
[04:53] <pwnguin> ls -l /Storage
[04:53] <pwnguin> well, maybe that lists out the dir contents, i just want to know it's ownership and permissions =/
[04:53] <jmarsden> pwnguin: ls -ld /Storage
[04:53] <pwnguin> ^ Razernok that one
[04:54] <pwnguin> wth
[04:54] <Razernok> didn't work
[04:54] <Razernok> still won't let me delete it
[04:54] <qman__> yeah, ^ is apparently a bot command
[04:54] <jayvee> sudo rm -r /Storage
[04:54] <qman__> Razernok, this must be done from SSH or local command line
[04:54] <jayvee> it will delete everything inside /Storage, if that's what you want to do
[04:54] <qman__> not from inside an SFTP connection
[04:55] <pwnguin> ls just lists the files & permissions. its how you tell what the permissions currently are
[04:55]  * pwnguin is surprised
[04:55] <pwnguin> i upgraded my linode to 10.04 and it still works
[04:56] <qman__> ha
[04:56] <qman__> jumping the gun a bit, eh
[04:56] <Razernok> there
[04:56] <pwnguin> well
[04:56] <lifeless> heh, been running lucid since jan
[04:56] <pwnguin> i split my disk in two
[04:56] <Razernok> hmmmm, how do you unpack webmin_1.510_all.deb on windows?
[04:56] <pwnguin> one is the in case of emergency undo snapshot
[04:57] <pwnguin> Razernok: 7zip can probably do it, however...
[04:57] <Razernok> so i can place it in the preuploading folder for dreamweaver
[04:57] <qman__> Razernok, webmin is not supported on ubuntu
[04:57] <Razernok> i use winrar
[04:57] <lifeless> Razernok: you don't unpack debs on windows
[04:57] <pwnguin> Razernok: if you really want webmin, just upload the deb directl
[04:57] <pwnguin> directly
[04:57] <Razernok> Debian package suitable for Debian, Ubuntu or other derived Linux
[04:57] <Razernok> http://prdownloads.sourceforge.net/webadmin/webmin_1.510_all.deb 14M
[04:57] <Razernok> says on webmin's site
[04:57] <qman__> !webmin
[04:58] <Razernok> wtf, then what do i use????
[04:58] <pwnguin> !ebox
[04:58] <Razernok> same as webmin?
[04:58] <Razernok> this is gonna be a web hosting site
[04:59] <pwnguin> hahahahh
[04:59] <qman__> you have a long way to go before you host people
[04:59] <pwnguin> well, i guess you mean one for personal use?
[04:59] <qman__> you should not be using webmin or ebox for a web hosting site, either
[04:59] <qman__> you want something more like cpanel I'm guessing
[05:00] <qman__> webmin and ebox are aimed at general server administration, not web hosts
[05:01] <Razernok> I'm planning to host only about 5 trusted clients
[05:01] <qman__> and anyone hosting others should know his way around the command line, otherwise when something breaks you're going to be in for a world of hurt
[05:02]  * pwnguin is barely qualified to host his own stuff, let alone other people's
[05:03] <pwnguin> is there a file or command to just identify the ubuntu release you're running?
[05:03] <qman__> pwnguin, cat /etc/issue
[05:03] <qman__> I think you can also run 'lsb-release'
[05:03] <pwnguin> ah, i always go for something specific like debian_version
[05:03] <pwnguin> thanks
[05:04] <jayvee> cat /etc/lsb/lsb_release
[05:04] <qman__> ah, that's what it is
[05:04] <jayvee> cat /etc/lsb-release, sorry
[05:04] <lifeless> lsb_release -a
[05:05] <lifeless> the interface is the command, not the file AIUI
[05:05] <Razernok> I have a friend who will be my site testing partner
[05:10] <Razernok> weird, sudo apt-get install “^ebox-.*” won't install ebox
[05:10] <Razernok> wtf
[05:10] <Razernok> the site said it would
[05:12] <qman__> Razernok, apt-cache search ebox
[05:17] <Razernok> wtf
[05:17] <Razernok> ebox doesn't do anything i need
[05:17] <pwnguin> firewalls, vpn, network config, cert authority
[05:17] <Razernok> I wasted all that time to install it and its not at all like webmin
[05:18] <pwnguin> you wasted all of 20 minutes, if that
[05:18] <Razernok> webmin is for managing accounts and stuff. aka a web host
[05:18] <Razernok> ebox does none of that
[05:18] <Razernok> and i don't know how to remove it
[05:19] <pwnguin> sudo apt-get remove ebox
[05:19] <pwnguin> however
[05:19] <pwnguin> i see an ebox-usersandgroups
[05:19] <Razernok> so how do i install webmin then?
[05:20] <Razernok> i just installed ebox and it has nothing webmin does
[05:20] <Razernok> so how do i install webmin?
[05:20] <pwnguin> ebox is modularized; does it install any extra modules by default?
[05:20] <pwnguin> nope
[05:21] <Razernok> A web-based interface for system administration for Unix. Setup user accounts, DNS, file sharing and the program is freeware.
[05:21] <Razernok> thats webmin
[05:21] <Razernok> eBox Platform is an open source SMB network server that acts as a network gateway, a unified threat manager, a network infrastructure manager, ...
[05:21] <Razernok> two different things
[05:21] <pwnguin> http://www.ebox-platform.com/
[05:22] <pwnguin> i think you have to install extra modules?
[05:22] <Razernok> So i need to know how to install webmin_1.510_all.deb
[05:22] <pwnguin> ie, apt-get install ebox-usersandgroups ebox-ca ebox-dns
[05:22] <pwnguin> personally, i dont use ebox or webmin
[05:23] <pwnguin> just ssh and emacs
[05:23] <Razernok> I need to webmin so i can manage clients and hosting plans and such
[05:24] <pwnguin> however, if you have an ubuntu .deb, just upload it and use sudo dpkg -i wtfever.deb
[05:24] <pwnguin> it sounds like people think it wont work
[05:25] <pwnguin> i didnt know webmin supported hosting plans
[05:26] <twb> I think what he's really asking for is a free version of cpanel.
[05:27] <pwnguin> good luck with that
[05:27] <twb> Yeah
[05:27] <Razernok> thats what webmin said it does
[05:28] <Razernok> allowing you to manage the clients and plans
[05:28] <twb> Webmin is made by people that couldn't find their arse with both hands
[05:29] <pwnguin> Razernok: i cant find any webpage describing webmin with that phrase
[05:31] <Razernok> thats what i found
[05:32] <Razernok> that its suppose to be for managing a hosting site. (hosting plans, accounts, etc.)
[05:32] <pwnguin> its supposed to be for administrating a server
[05:32] <pwnguin> there's a virtualmin plugin, but hell if i know if the GPL version works
[05:33] <Razernok> this server is gonna be a hosting site. so thats why i need webmin for the (hosting plans, accounts, etc. management)
[05:34] <pwnguin> have you ever actually used webmin?
[05:34] <pwnguin> looks like their demo site is down
[05:34] <Razernok> no cause i can't figure out how to install it
[05:34] <pwnguin> http://www.webmin.com/demo.html look at screenshots
[05:39] <twb> Can we just agree that webmin is offtopic here and move it to -overflow or whatever?
[05:40] <pwnguin> how bout we point Razernok at #webmin and never speak of the matter again
[05:40] <Razernok> no idea what to do now :(
[05:41] <pwnguin> apparently the webmin channel is on undernet? are they still around?
[05:42] <pwnguin> Razernok: try joining #virtualmin; maybe they can help you out
[05:42] <FireCrotch> You don't want to use Webmin on Ubuntu. Trust me.
[05:42]  * pwnguin is off to go watch House or something
[05:43] <FireCrotch> actually you don't want to use it on any debian-based distro
[05:45] <pwnguin> But it says 'Supports Ubuntu Linux!'
[05:46] <twb> pwnguin: support is a directed relation.
[05:47] <pwnguin> i think you're trying to say we don't support it, but i never claimed otherwise. im trying to drop the subject, really
[05:47] <twb> Find by me
[05:49] <Razernok> i guess there is no way to do hosting plans, user accounts, etc.
[05:49] <pwnguin> there tools that do that for a price. obviously we don't support it, but if you're paying for it the vendor should
[05:50] <Razernok> need a free one
[05:51] <pwnguin> seriously now. house time
[05:53] <FireCrotch> Razernok: There's one called VHCS that I've looked at in the past. Never used it so I can't say  how good it is, but I've considered using it
[05:54] <FireCrotch> They have a live demo that you can try out though
[06:01] <jayvee> I thought ISPConfig was like a next-generation VHCS
[06:02] <FireCrotch> ah ISPConfig. that's the other one that I couldn't think of the name of
[06:07] <twb> Grr!
[06:07] <twb> Lucid's coreutils doesn't have timeout
[06:42] <au> ajmitch: your linode just stop replying? i had to reboot mine just then
[06:47] <twb> OK, it appears to be in a separate "timeout" package there, for some reason.
[07:44] <NoReflex>  hello! I'm having some problems with upstart in karmic server 64bit. It won't start postgresql. I tried http://superuser.com/questions/98702/how-to-make-postgresql-start-at-boot-time-in-ubuntu but it didn't work. can I remove upstart? I'm afraid to test it because the machine is at a remote location and if I mess it up I won't be able to connect to it anymore
[07:44] <NoReflex> I can start postgresql using /etc/init.d/postgresql-8.4 manually after login. There are links in /etc/rc*.d to postgresql init script but for some reason it isn't started automatically after reboot
[07:45] <lifeless> you cannot remove upstart
[07:45] <lifeless> its how the server is booted
[07:45] <NoReflex> lifeless: i thought that removing upstart would install the old init system
[07:46] <NoReflex> I also searched for a logging possibility because I don't know why it won't start....and it's hard to "debug" a problem when you don't have the error message
[07:50] <FireCrotch> NoReflex: there should be an error somewhere... /var/log/syslog, the postgres log file, somewhere
[07:52] <NoReflex> FireCrotch: there isn't...I searched messages, dmesg, syslog, postgresql log, the entire log dir - I believe the log should be created by upstart - but upstart does not work with bootlogd
[07:54] <lifeless> usual thing here is it not being enabled in /etc/default/postresql or some such
[07:57] <NoReflex> lifeless: the error log is enabled in /etc/postgresql/8.4/main/postgresql.conf...and I can find there the error messages that occured after I started the application manually...but there's nothing about the "automatic" failed startup
[07:59] <sherr> NoReflex: Is there a bug logged about this? Sounds like there should be. This situation would not be ideal for Lucid.
[08:01] <NoReflex> sherr: I couldn't find a bug related to this fact...I did however find a bug regarding the inability of upstart to work with a boot logger
[08:19] <twb> Sigh.  acpid is broken in lucid atm
[08:20]  * persia points at all the lovely hardware that doesn't use ACPI :)
[08:21] <twb> I only want to use it to shut down machines that aren't responding to ssh or PS/2
[08:21] <twb> Usually because there was no PS/2 keyboard plugged in when they booted
[08:21] <persia> Do they have USB ports?  That's always a convenient way to hotplug /dev/kbd
[08:22] <twb> In this case it probably does, but that's beside the point.
[08:23] <twb> If acpid provides support for ONE event, the power button, that event handler shouldn't assume the not-depended-upon acpi-support package is installed.
[08:23] <persia> Oh, good bug.  File & fix :)
[08:24] <twb> Yeah, so now I have to install firefox into a vm, because apport-cli doesn't honour BROWSER=w3m
[08:24]  * twb grumbles
[08:24] <persia> You already filed that bug?
[08:24] <persia> That should be *easy* to fix.
[08:25] <twb> I'm assuming it doesn't because it would inconvenience the GUI-only people
[08:25] <twb> Actually, probably s/BROWSER=w3m/sensible-browser/, because this is a VM, so my dotfiles aren't present.
[08:28] <twb> OK, it does honour the x-www-browser alternative, so if I'm running X on my server, any graphical browser would work.
[08:29] <persia> No.  Any browser should work.
[08:29] <persia> It tries x-www-browser *before* www-browser
[08:29] <twb> Hm.
[08:29] <twb> When I tried in pbuilder --login, it simply failed to use w3m.
[08:29] <persia> So for me, www-browser is w3m and x-www-browser is epiphany-browser (on my laptop)
[08:30] <persia> Was w3m installed there?
[08:30] <twb> Oh, I bet I forgot to install w3m, forgetting it was priority: standard, not essential: yes.
[08:31] <persia> That would do it.  Most build environments are type=buildd which is very minimal indeed, and doesn't include such fripperies as a browser.
[08:31] <twb> The other exciting problem I'm gonna have now is that Xorg appears to disable the pointer emulation key (shift + num lock), so I gotta shave that yak before I can copy the transcript into the browser
[08:32] <persia> twb: A clean yak is a beautiful yak :)
[08:33] <twb> No, it's even weirder than that.
[08:33] <twb> Mouse emulation is working, it's just the pointer's location doesn't change onscreen until I redraw the window under it.
[08:34] <twb> OK, screen env BROWSER=w3m apport-bug acpid, and I can copy the typescript into the browser that way.
[08:40] <twb> #539432
[08:40] <twb> ubottu: malone bug #539432
[08:41] <twb> "PATH=(custom, no user)"... sounds like an apport fuckup
[08:41] <persia> !ohmy
[08:41] <twb> Sorry.
[08:42] <persia> But yes, that does indeed.
[08:42] <twb> I was logged in as ubuntu (uid 999), as created by casper.
[08:44] <GeorgeJ> Hello, is it possible to create a lvm from a software mirror without having to erase all data? If so, where could I find a tutorial?
[08:45] <GeorgeJ> I have no lvm groups set up, so I'm not trying to extend one, but create a group.
[08:46] <persia> GeorgeJ: I've never found a way short of having sufficient space and copying from one place to another.
[08:47] <twb> Now I'm getting timeout errors from the launchpad "edge server" telling me I'm part of the "launchpad beta team", so I'm not going to bother reporting that apport bug
[08:47] <twb> GeorgeJ: what is a "software mirror"?
[08:48] <GeorgeJ> Well, I'm running ubuntu server and I realy don't know which channel this goes to.
[08:48] <GeorgeJ> Basicaly I have two hard drives which are mirrored using software raid.
[08:48] <persia> twb: Note that due to bug #538097, there might be issues anyway.
[08:49] <twb> persia: I got it after punching in the Summary line on the first page it takes me to
[08:50] <twb> persia: I would normally blame my end, because it's being used to implement/test network failures, but if that was the case I wouldn't expect to even get to the edge server.
[08:50] <persia> Hard to say, really.
[08:53] <jayvee> GeorgeJ: this channel is fine for raid questions
[08:53] <jayvee> although I'm not a raid person
[08:53] <a_ok> I'm getting tired ssh and her known host problems. For some reason all my servers have a new rsa fingerprint. Is there a way i can reset this known host nonsense without disabling ssh?
[08:54] <GeorgeJ> Well, I'm not having any issues with my raid setup. I'm trying to create an iSCSI target, which requires me to create a LVM group.
[08:55] <GeorgeJ> And when I want to create a LVM group, I'm instructed that all my data will be erased, and I was looking to go around this.
[09:15] <twb> OK, now I have an even more exciting behaviour.
[09:15] <twb> On the lucid host, this loop stops after an unpredictable number of iterations:
[09:15] <twb> while ip route show dev eth0 | grep -q .; do printf .; done
[09:16] <twb> If I take out either side of the pipeline, the problem goes away and the loop runs forever
[09:16] <twb> From just running "ip route show dev eth0" in a loop, it certainly seems that nothing is changing...
[09:19] <twb> OK, and it's ip, not grep, that's failing, because I can't reproduce it without set -o pipefail
[09:23] <twb> Sod it, I'll turn pipefail off and this error detection script can just be flaky.
[09:38] <nenne> does apt-get upgrade have a function to ensure no upgrades that need reboot will be installed?
[09:38] <acalvo> hi!
[09:38] <acalvo> in order to deploy a HA Cluster, is it really necessary to have separated service servers and load-balancer servers?
[09:38] <twb> nenne: it does not.
[09:39] <nenne> twb: ok, thanks
[09:39] <twb> nenne: *usually*, the only thing that would require a reboot would be kernel packages.
[09:40] <nenne> twb: aah yes. would a "safe upgrade" skip thoose?
[09:40] <twb> "aptitude safe-upgrade" should skip any paths that require removing or installing new packages.
[09:40] <philthno2> nenne: for most packages that recommend reboot a simple restart of the graphical interface or respective servce would be enough
[09:41] <twb> nenne: but even if you upgrade the kernel, the old kernel will continue to work indefinitely.
[09:41] <twb> nenne: packages name linux-image-* (i.e. kernels) are NEVER automatically removed in the default configuration.
[09:43] <nenne> twb: Aaah true, thing is im gonna be upgrading a server with some sensitive services and it would be nice to know what upgrades will need a reboot on forehand. To warn users. But i guess i can allways upgrade and then do the reboot 1 week later(with planned downtime) ?
[09:44] <twb> nenne: what I normally do is "aptitude -s full-upgrade", and look at what will happen (-s for simulate).
[09:45] <twb> nenne: then I just know, from experience, what is likely to need an update, and I report those to my customer
[09:45] <nenne> twb: aah i see. that seems like the best way of doing it :)
[09:47] <twb> Actually I have a cron job do the -s run and email me the result
[09:48] <nenne> Aah nice
[10:13] <RoyK> hi all. the package linux-image-virtual, is that for a virtual guest?
[10:31] <twb> RoyK: yes
[10:32] <RoyK> k
[12:23] <zul> morning
[13:08] <blinkiz> Hi. I have a iscsitarget LUN up and active. I have now added more LUNs. It seems like I have to do /etc/init.d/iscsitarget restart. No reload function. Will this create any disturbance in the already existing active LUN? It can NOT go down.
[13:22] <zul> timmah!
[13:25]  * zul does his gollum php impression
[13:37] <jalons> Thoughts on how to return the TLS version exim is using?
[13:39] <persia> jalons: e.g. `apt-cache show exim4-daemon-heavy | grep ^Depends` : check the gnutls library version dependency.
[13:43] <jalons> persia: thanks, but I was looking for TLS version 1.2 (per RFC 5246) vs RFC 4346, and how an exim install running (built from source to utilize libssl over gnutls due to the smaller entropy pool required for libssl)
[13:43] <jalons> I built it about a year ago and recall nothing other than that - am I stuck stracing and looking for the calls to the libraries?
[13:43] <persia> I'd guess you could determine the protocol version from the library version, but I could be entirely wrong.
[13:44] <persia> If you built it yourself without a packaging framework, perhaps so.
[13:44] <persia> Although I'd recommend using nm rather than stracing to determine how it's linked.
[13:53] <blinkiz> How do I add more iscsi targets (ietd.conf) without having to restart iscsitarget service?
[14:20] <stanman246> guys.. My datacenter is changing it's default gateways, how can i be sure my server will be accessible?
[14:22] <ball> stanman246: ask your sysop for his mobile number and blackberry email address. ;-)
[14:22] <stanman246> lol
[14:23] <stanman246> thought maybe it 's possible to use a 'backup' default gateway
[14:23] <stanman246> is that possible?
[14:23] <zul> to ask your sysop for his mobile and blackberry email address? yes probably
[14:23] <persia> stanman246: Yes, but you don't really want to do that.  if you want that kind of function, look at a dynamic routing solution.
[14:24] <persia> (and for which is the right choice : ask your network admin)
[14:54] <jalons> I'm trying to dump all remote ciphers accepted by this mail server - anybody know the magic combination of openssl s_client -connect <host> -starttls smtp, and getting -cipher into the mix?
[14:54] <jalons> i know server decides what, but is there a way to trace what it's contemplating?
[14:55] <jalons> other than guessing what the lowest cipher suite is, and watching it step through them
[14:59] <jalons> nevermind, it appears I just needed to keep googling to find the answer: http://rt.openssl.org/Ticket/Display.html?id=1162&user=guest&pass=guest
[15:01] <invisime> I am formatting a second hard drive on my home server. should I format it as ext3 or ext4?
[15:04] <ball> invisime: yes.
[15:05] <invisime> ball: should I format it as ext3 xor ext4? :P
[15:06]  * ball grins
[15:06] <ball> I suppose that would still be a "yes", assuming a single partition.
[15:07] <invisime> damn clumsy english language. *must learn lojban*
[15:08] <invisime> I'm basically looking for a comparison of the two or best practices. could you supply the information or a pointer to the information?
[15:10] <ball> invisime: I don't use Linux much, so I'm not the best person to ask.  I think I ran ext4 experimentally on my last Linux box and it seemed to work.
[15:10] <ball> invisime: but I'd want more sensible testing before I used it for anything important.
[15:10] <invisime> I see.
[15:16] <jalons> invisime: for all intents and purposes ext4 is just ext3 + extents
[15:16] <invisime> jalons: k. thanks for the clarification.
[15:16]  * invisime types 'sudo mkfs -t ext4 /dev/sdb1' and hits enter.
[15:25] <acalvo> in order to deploy a HA Cluster, is it really necessary to have separated service servers and load-balancer servers?
[15:56] <jalons> acalvo: no, but it works better.
[16:06] <ricdanger> hi there
[16:06] <ricdanger> I just stup ubuntu server 9.10 with a separate /boot and LVM
[16:06] <ricdanger> but grub will now create a wrong "set root=" entry
[16:34] <nimrod10`> ricdanger, is /boot outside of LVM ?
[16:35] <ricdanger> nimrod10: yes
[16:35] <ricdanger> update-grub will set my "/" volume as root
[16:36] <ricdanger> my / is a LVM volume btw
[16:41] <jalons> what's it generating that's incorrect?
[17:03] <maxx_h> Hi. I have a new Intel MB with built-in Hardware-VNC-overIP which is used for a server. (no monitor connected)
[17:03] <maxx_h> Is there a way to send the video output even if no monitor is connected, so i can fetch it with vnc?
[17:06] <persia> maxx_h: You essentially need video drivers for your hardware-VNC solution.  It oughn't be any different from any other framebuffer, except for the drivers.
[17:07] <jalons> when you power up the motherboard, the baseboard management controller will likely request a DHCP address for the management port: watch your dhcp server logs and VNC in
[17:07] <jalons> or as persia said, if I misunderstood what you're trying to do
[17:08] <maxx_h> i can connect via vnc(management ip), see the bios and grub - but when the linux kernel loads i only have a black screen
[17:08] <persia> That's definitely a driver issue then.
[17:08] <maxx_h> if a monitor is connected, vnc works too
[17:08] <persia> You'll need framebuffer drivers and to direct console to that framebuffer.
[17:09] <persia> Oh, cool.  That means you don't need new drivers, you just need to fix the bug in the drivers you have.
[17:09] <persia> Essentially, they need to not inform the kernel there's no monitor attached when VNC is active.
[17:12] <warmexxus> i have a similar problem... a headless ubuntu server, that I can only SSH when the keyboard/monitor is attached.
[17:12] <persia> warmexxus: That's not similar at all.  That's likely a buggy BIOS failing to initialise properly without a keyboard.  There are hardware stubs you can buy that fake it.
[17:13] <warmexxus> :( it's just so strange... I can ssh with a monitor/kb attached, and I can connect while headless but it disconnects after so many minutes... but only when headless...
[17:13] <warmexxus> i will take your tip and google up the best I can... thank you
[17:15] <maxx_h> graphiccard: VGA compatible controller: Intel Corporation Core Processor Integrated Graphics Controller (rev 12)
[17:15] <maxx_h> chipset: intel Q57
[17:16] <maxx_h> what i see is that it uses the vga16fb - should i trie different fb drivers?
[17:21] <persia> maxx_h: I'd just report a bug against the driver you have.
[17:23] <RoAkSoAx> kirkland, ping
[17:23] <kirkland> RoAkSoAx: howdy
[17:23] <RoAkSoAx> kirkland, how's it going? :)
[17:28] <RoAkSoAx> kirkland, could you take a look to: https://wiki.ubuntu.com/GSoC/2010/AndresRodriguez and give me some feedback?
[17:29] <kirkland> RoAkSoAx: sure thing
[17:29] <RoAkSoAx> zul, for apport hooks, attaching info from the syslog should be whenever the user accepts to attach the conffile or should it always be attached?
[17:29] <RoAkSoAx> kirkland, awesome, thanks :)
[17:42] <zul> RoAkSoAx: if the user agress then attach the syslog info
[17:43] <RoAkSoAx> zul, ok will do it that way then
[17:44] <persia> RoAkSoAx: I'll suggest you grep syslog for the class of interesting stuff, and only attach that.  I'd be happier showing you my output from bind without showing you that cron is executing mirrorpr0n every 12 minutes.
[17:45] <RoAkSoAx> persia, yeah I'm doing that actually: report['SyslogBind9'] = recent_syslog(re.compile(r'named\['))
[17:45] <persia> Cool :)
[17:45] <RoAkSoAx> :)
[18:16] <kirkland> zul: howdy howdy
[18:16] <zul> kirkland: hey
[18:16] <kirkland> zul: where are the daily qemu-kvm builds?
[18:16] <zul> https://edge.launchpad.net/~ubuntu-server-edgers/+archive/server-edgers-qemu-kvm
[18:18] <zul> is it just me or is the wiki slow today?
[18:19] <kirkland> zul: really slow
[18:19] <zul> k thats what i thought
[18:20] <kirkland> zul: did you take a snapshot of the debian/ from the lucid package, I guess?
[18:21] <zul> kirkland: yeah I havent had a chance to update it yet
[18:21] <kirkland> zul: okay, cool; yeah, there's some good stuff that would be nice to get in the daily too
[18:21] <zul> kirkland: k ill put that on my todo list
[18:21] <kirkland> zul: i was going to blog about your work, announce it, etc.... is that okay with you?
[18:22] <zul> kirkland: sure
[18:32] <kirkland> zul: http://blog.dustinkirkland.com/2010/03/qemu-kvm-daily-builds-thanks-chuck.html
[18:32] <zul> kirkland: nifty cool
[18:35] <kirkland> zul: same to you ;-)
[18:39] <preben> sorry to bother, but I may need som help with Karmic+multipath+lvm2
[18:39] <preben> anyone got this to work?
[18:46] <axisys> how do I safely enable telnetd on ubuntu server? there is no host on the same network, just cisco router and it needs to access the ubuntu server .. so telnet seems only option
[18:48] <persia> axisys: Install the IOS ssh client (reed)
[18:48] <persia> axisys: http://www.cisco.com/en/US/tech/tk583/tk617/technologies_tech_note09186a00800949e2.shtml#settingupaniosrouterasssh
[18:50]  * persia has no good recommendations for CatOS other than "Upgrade"
[18:50] <axisys> persia: hmm.. that wont be an option for this scenario due to company policy .. but i am glad it is a valid option
[18:51] <axisys> how do I start telnetd .. may be then use ufw limit telnetd ? i do that limit for ssh
[18:52] <persia> There exists no safe way to enable telnetd, unfortunately.  There are lots of unsafe ways.  `apt-get install telnetd` is likely the easiest of these.
[18:53] <axisys> persia: yep.. telnetd is not safe period.. looks like it will be sitting in a  private network
[18:56] <axisys> persia: what you know looks like that router has ssh already there.. these network guys never ever used it.. lol
[18:58] <jaypur> if i run sudo apt-get update on server
[18:58] <jaypur> it will download AND  install  the updates or i need to run something to install them
[18:59] <zul> mdeslaur: does this look sense to you? https://bugs.edge.launchpad.net/ubuntu/+source/ntp/+bug/517701
[19:01] <preben> anyone used /etc/lvm/lvm.conf ?
[19:01] <persia> jaypur: Neither.  It just updates the status of updates available.  "upgrade" and friends perform upgrades.
[19:01] <jaypur> hm
[19:01] <jaypur> let me try
[19:01] <mdeslaur> zul: yeah, that looks okay...don't remove the old one just in case, just add the new one
[19:02] <zul> k
[19:02] <jaypur> .yeah it's upgrade  thanks persia
[19:03] <zul> mdeslaur: rw?
[19:04] <mdeslaur> zul: same as the old one
[19:04] <jalons> preben: yes, but I haven't touched multipathd on anything newer than hardy
[19:05] <preben> jalons: it seems to me that lvm somehow prevents multipathd to add the mulipath devices if diskgroups are on the pvs
[19:06] <preben> jalons: so I'm trying to configure lvm.conf, so it wont touch the disks before the multipath devices are available
[19:06] <preben> .. or something
[19:06] <jalons> which is logical, you don't want to start your lvm until the physical disks are ready
[19:07] <jalons> I'm trying to find a host I have this one, as I seem to recall fighting CLVM vs LVM on this issue
[19:08] <preben> it works pretty good. multipath -ll is good, pvs, vgs, lvs all good.
[19:08] <preben> but soon as I reboot, the lvm access the pvs as /dev/sda,c,d and so on, instead of /dev/mapper/alias (from multipath)
[19:09] <preben> and multipath -ll is completly silent
[19:09] <jalons> ok, so you want to strip out the devices {} section of lvm.conf?
[19:10] <jalons> basically, ignore /dev/sd{a,b,c}*, and manually specify what you want
[19:10] <RoAkSoAx> kirkland, how do I change the color of the byobu's status bar?
[19:11] <jalons> there's a regex in there somewhere to ignore all sd{a-z}.{1-9} devices, so if you drop another drive in later it doesn't freak out - is that the jist?
[19:11] <preben> it gets worse, I have installed the os on lvs to
[19:11] <kirkland> RoAkSoAx: F9
[19:11] <jalons> hrm.
[19:11] <RoAkSoAx> kirkland, oh got it thanks lol :)
[19:11] <preben> there is a filter seciont in /etc/lvm/lvm.conf - but I havent managed it to work yet
[19:12] <jalons> preben: you want to multiplath the connection to the OS i take it?
[19:12] <preben> jalons: I have managed this to work in a linux kvm guest with a single path
[19:12] <preben> jalons: the os boots on a single internal disk, the multipathed disks are on a EMC san
[19:12] <jalons> right, it's replacing the LVM devices with their multipath siblings
[19:14] <preben> I think so
[19:14] <kirkland> RoAkSoAx: ;-)
[19:15] <jalons> preben: ok, it definitely sounds like you want to set up filtering (although if the system disk is seperate from the actual LVM, you should be fine)
[19:15] <preben> I tried this filter: filter = [ "a|^/dev/sdc|", "a|^/dev/mapper/|", "r/.*/" ]
[19:16] <preben> to include the boot disk(/dev/sdc) and include the multipath devices under /dev/mapper and ignoer evrything else
[19:16] <jalons> so that's accepting sdc and anything under /dev/mapper, and rejecting everything else
[19:16] <jalons> why do you want the boot disk included?  is it part of the LVM that's hanging off your SAN/
[19:17] <preben> no, buts the boot drive is in a diskgroup by it's own
[19:17] <preben> with root and swap volumes
[19:17] <jalons> ah.
[19:17] <jalons> duh, even though it's seperated out we still have to tell lvm about it
[19:18] <jalons> so to start from the top now that i get it - upon reboot it's finding the LVM that contains / and swap, but it's mangling the mpath hosts, showing them up as /dev/sdX rather than the appropriate mpathX devices
[19:19] <jalons> you're sure LVM is starting after multipath daemon?
[19:19] <jalons> or before, not sure on the logic there - sorry to wall-o-text and run, but market closes in 40 minutes and I need to start final checks
[19:20] <preben> I think thats the core of the problem. But i tried grepping under /etc/init.d after lvm, but no such luck
[19:20] <preben> jalons: thanks for helping out
[19:31] <RoAkSoAx> zul, bug #533603 bug #533601 and bug #531978
[19:32] <zul> RoAkSoAx: the vsftpd one is pending
[19:32] <RoAkSoAx> zul, oh ok :)
[19:33] <Fougner> Hi! I'm trying to setup lighttpd+rtorrent with a scgi_local, but all I get from lighttpd is 500 - internal server error, where should I start looking?
[19:34] <wack479> trying to get the "SetEnvIf Request_URI "^/robots\.txt$" dontlog" (keep the server from logging any robots.txt requests) but for some reason its not working for me. does the code not just go in the apache.conf?
[19:43] <wack479> trying to get the "SetEnvIf Request_URI "^/robots\.txt$" dontlog" (keep the server from logging any robots.txt requests) but for some reason its not working for me. does the code not just go in the apache.conf?
[20:04] <ventz> Trek: hey
[20:04] <Trek> hiya ventz, i'm just here to track your issue is all
[20:04] <ventz> thanks :)
[20:04] <ventz> so here's the problem
[20:04] <Trek> ventz: sounds to me like whatever you used to set your IPs went *poof* and isnt operating properly
[20:05] <ventz> we bootup templates of ubuntu (jeos actually). At somepoint, we forget to re-ip a template. Now there's a duplicate IP.
[20:05] <ventz> The problem is that the system doesn't tell us when we boot it up
[20:05] <ventz> this constantly happens and we manually trace it down
[20:06] <ventz> i am wondering if there's a way to at least know right away that there's a duplicate system IP
[20:06] <ventz> in RHEL, when you boot it up, when it takes the network IP, it tells you about this
[20:06] <ventz> Same for windows.
[20:10] <ventz> anyone? :)
[20:10] <Trek> if anyone is here, please poke me with /CTCP Trek IAMHERE
[20:10] <ventz> when you have > 1200 hosts, it can become somewhat of a hassle to deal with this
[20:11] <Trek> ventz: a thought, have you tried using a script to find the culprit computers, rather than tracking it down manually?
[20:12] <Trek> ventz: i'm not a networking expert, but just a thought
[20:12] <ventz> Usually the network guys trace it to an esx rack and from there to an esx port
[20:12] <ventz> after that it's usually our job to find it
[20:12] <jalons> a HA dhcpd that assigns the initial IP, a script that runs on the host that converts itself from the DHCP ip to static with whatever IP is assigned via DHCP?
[20:13] <ventz> my problem is not just finding it -- that's annoying, but it's something that we can do in a finite steps. What kills me is finding out that this has happened in the first place. Usually we notice as people start getting different results running projects from different networks (thus hitting different resources or not reaching a resource)
[20:13] <jalons> a central server that runs through each network class arping the IPs, looking for collisions is a passive solution
[20:15] <jalons> i've used both, didn't like either method
[20:17] <jalons> ventz: IPwatchD? http://www.linuxconfig.org/IPwatchD_an_IP_conflict_detection_tool_for_Linux
[20:17] <jalons> looks like it might have some X dependencies from the page, which would be evil
[20:17] <jalons> but, *shrug*
[20:17] <jalons> might be a starting point
[20:21] <Maletor> Hey I added ServerName mydomain.com to a sites-available file, but I can't get apache to start up without this error "Could not reliably determine the server's fully qualified domain name, using 127.0.1.1 for ServerName"
[20:22] <Maletor> I have multiple TLDs so I need to be able to put them in the virtual host file...
[20:22] <ventz> jalons: let me check that out. I've never used that
[20:22] <ventz> I think it's for a running system though
[20:23] <jalons> ventz: so you need something in the installer that's able to detect an IP conflict?
[20:24] <Fougner> Maletor: set ServerName in apache2.conf to a FQDN
[20:25] <Maletor> Fougner: I'm reading about that, but it doesn't say what to do if I want to link multiple FQDNs to this IP...
[20:26] <jalons> Just pick one.
[20:26] <jalons> determine a ServerName, and then user ServerAlias for the others
[20:27] <Fougner> Maletor: you might as well use the hostname
[20:27] <Maletor> Fougner: ?
[20:28] <Maletor> How would I forward requests from domain1.com to 192.168.1.13 internally and requests to domain2.com to 192.168.1.10 ?
[20:29] <jalons> with virtual hosts
[20:33] <brontosaurusrex> i'am trying with some basic ircd-hybrid setup..., but i can only connect to 127.0.0.1, what is minimum one should do in ircd.conf ?
[20:35] <jalons> brontosaurusrex: in your listen {} block, make sure you don't have host localhost or host 127.0.0.1.  You really shouldn't be asking what's the minimum you need for ircd.conf, but rather actually go through and understand each configuration option before you fire up your daemon
[20:39] <ventz> jalons: yes
[20:39] <ventz> something that will detect it on bootup
[20:39] <ventz> and not take the IP if there's an ip conflict
[20:46] <brontosaurusrex> jalons: thanks
[21:01] <jalons> ventz: I think you're going to need to script it to ifup then arp during install
[21:01] <jalons> that's the only way I can think to solve that
[21:05] <jalons> ifup && arping <IP to use>.  if response die else carry on
[21:08] <klaas> I'm running a full encrypted system using luks and cryptsetup plus dropbear for remote unlocking - I want to change the dropbear port from 22 to something else but I can't fint the setting where its changed - adjusting etc/init.d/dropbear /etc/defaults/dropbear does not work - anyone got an idea where the port could be hidden? :)
[21:12] <McWiney> help! when accessing my server through a browser, php files are being downloaded instead of displaying in the browser. How can i fix?
[21:14] <McWiney> here's what i mean: http://eckcite.com/test has two folders with identical index files (with html and php file extensions)
[21:18] <Maletor> How do I add a virtual host so that it is going to 192.168.1.10 ?
[21:18] <Maletor> When my web server is 192.168.1.13
[22:01] <faileas> i'm noticing that there have been a LOT of attempts to brute force my system via SSH. While they haven't suceeded, (mostly due to incompetance) any suggestions on what i should do, other than changing the port i'm listening on?
[22:02] <jiboumans> faileas: this is Normal unfortunately. there's 2 obvious things you can do
[22:02] <jiboumans> 1) use knock to only open ports if you know the knock sequence
[22:02] <jiboumans> 2) add a rule to your firewall to block IP addresses after X unsuccessful attempts
[22:02] <faileas> jiboumans: how do i do that?
[22:03] <jiboumans> faileas: there'll be tutorials all over the web. I'm sure google can point you there quicker than I could
[22:03] <faileas> alternately, could i restrict SSH access to maybe 2-4 ip addresses - all my systems are ipv6 enabled and static?
[22:04] <jiboumans> faileas: if you dont have a need to have access open to the world, of course you shouldn't
[22:04] <jiboumans> personally, i have my ssh open to a very finite set of IP addresses, 2 of which are company jump boards which are open to the world
[22:19] <Maletor> use certificates
[22:20] <Maletor> How do I tell apache2 to forward incoming requests to mydomain.com to a another IP address (internal)?
[22:21] <\sh> Maletor: you should read about apache2 mod-proxy, or iptables ... depending on your needs
[22:22] <Maletor> well can i just set it so that all requests go to some default, and the ones that go specifiically to mydomain.com go to my computer ip
[22:23] <Maletor> given that my computer is the web server
[22:31] <goose> is there some way I can have all emails sent to /var/mail/ forwarded to my real email address via sendmail?
[22:31] <qotsa> i successfully set up a bridge-interface with bridge-utils (version 1.4-5). after i got an ip from my adsl-modem with dhclient my computer justs shuts down. no joke. this is reproducible. any help is highly appreciated.
[23:37]  * Mojo- waves
[23:37] <Mojo-> Anyone got a moment for a n00b question?
[23:42] <Mojo-> For 225 people, it sure is quiet in here...
[23:42] <goose> just ask, don't ask to ask :p
[23:43] <Mojo-> Hah
[23:43] <Mojo-> Alright
[23:44] <Mojo-> Anyone had any issues with SSH hanging takin the cpu(s) to 100%?
[23:45] <goose> um. I could maybe see that if you were using like, a 30 GiB RSA key, but otherwise no, I'd say that's an abnormal problem
[23:45] <Mojo-> Heh
[23:45] <Mojo-> 4 separate installs.
[23:45] <Mojo-> Debian 5, and 3 ubuntu server installs
[23:45] <Mojo-> No major changes done
[23:45] <Mojo-> Save a static ip and installing vim-nox
[23:46] <Mojo-> Also, not using the keys yet, just using passwords.
[23:46] <goose> I just checked
[23:46] <goose> when I SSH into my server, my CPU does spike to 100% when verifying my RSA key, but it doesn't hang
[23:46] <goose> I barely even caught it
[23:46] <Mojo-> Mine doesn't even offer a password prompt.
[23:46] <Mojo-> Even on the localhost.
[23:47] <goose> it didn't even have time to show up on the graphs, just flew by the htop screen
[23:47] <pwnguin> you have ssh keys
[23:47] <pwnguin> just how crazy were they?
[23:47] <Mojo-> I do.
[23:47] <Mojo-> Um
[23:47] <goose> lol. of course I do :p as compared to my 8192 bit RSA key, a "password login" is crap
[23:47] <Mojo-> Whatever the default install is.
[23:48] <goose> anyways, incase anyone was wondering, the answer to my question was simple:
[23:48] <goose> echo "your@email.com" > ~/.forward
[23:48] <goose> (and ofc, have "sendmail" installed)