/srv/irclogs.ubuntu.com/2010/05/02/#ubuntu-server.txt

cclausenalienseer23: wget -S the URL the content type is listed in teh headers00:00
alienseer231cclausen: duh...yes it is00:00
* alienseer231 is feeling like a rockhead00:00
alienseer231cclausen: this was happening before when I would log into gallery2, so I went to do an upgrade, and now it's doing this in the middle of the upgrade process00:03
alienseer231There is an issue with gallery2.3 not being happy with the latest version of php5, I think it is messing with authentication, which killed my drupal installations using the gallery2 integration, so I upgraded to 2.3.1., and am now stuck half way through the upgrade... gallery2 and drupal are now both defunct00:06
cclausendrupal5 doesn't support php 5.2 either00:06
cclausenerr, php 5.300:06
cclausenI'm having that problem right now myself...00:06
cclausenand I will have the gallery problem soon too...00:07
alienseer231but many of the other issues I was having turned out to be the version of php-apc in the repo, so I purged it and tt-rss is go, as is a few of my other scripts00:07
* alienseer231 is using drupal600:07
cclausenis php-apc an opcode cacher?00:09
cclausenI think I'm having problems with xcache...00:09
alienseer231yeah, "alternative php cache"00:11
alienseer231i got rid of that after fixing the issues you helped me find, and a lot of my stuff just started working right along00:12
cclausenproblem is if I get rid of xcache, everything starts running really slow00:16
alienseer231hrm...00:17
alienseer231I am going to be installing APC via pecl, worked fine b400:18
KaprenakisDoes anyone know of the most simple configuration of have a local server with file storing?00:21
cclausenKaprenakis: what do you need to be able to do?00:22
cclausenKaprenakis: just using SSH/SFTP to copy files to and from the server is pretty simple00:22
Kaprenakiscclausen: ok i have pcs and ubuntu machines what kind of setup would you recommmend?00:22
cclausenwhen you say "pcs" what do you mean?00:23
Kaprenakiscclausen: Windows..00:23
Kaprenakiscclausen: sorry.00:23
cclausenok, so you need shared storage that works on Windows and Linux00:23
cclausenhave you tried samba? or some other cifs server?00:24
Kaprenakiscclausen: Samba is one that I havent messed around with but many people say its a good option00:24
alienseer231ssh is still good, just use filezilla to get to them from your windows pc?00:25
Kaprenakisalienseer231: Is filezilla like Putty? Or am I confused?00:25
alienseer231Kaprenakis: filezilla is an (s)ftp resource browser, it is in the ubuntu repo if you want to check it out00:27
Kaprenakisok00:27
alienseer231it is a two paned browser so it's pretty easy to get fikles from one resource to the other00:27
LynXnzHey Guys Looking at getting some help if anyone is able to :)00:52
cclausendid you read the message when you joined the channel?  "Don't ask to ask, just ask."00:53
fourcolorshi I was wondering if someone could help me with some mysql set up? for my development machine00:54
cclausenfourcolors: what problems are you having?00:54
fourcolorsccheney, well I have the newest version of ubuntu LTS and I installed mysql just fine and its working. I also downloaded the emma gui client to manage everything.....00:55
fourcolorsccheney, my question is this, I'm coming from postgreql and I am trying to understand how mysql is structured. For instance, I logged into my root mysql database then said "create database foo"00:56
fourcolorsand that created a database under the mysql root database? or something like that00:56
cclausenfourcolors: there isn't a heirarchy.  it created a new database.00:56
fourcolorsbut don't I want to create a regular database not under the mysql root00:57
fourcolorsoh00:57
cclausenyou probably need to create a user account and grant access to this new database to the user you create00:57
LynXnz@fourcolours i would personally get phpmyadmin to manage the database as its easier to manage it00:57
fourcolorsok my question is then, how do I set up the correct username and password for that database and what connection should I be making etc.00:57
fourcolorsoh00:57
fourcolorscclausen, when you say user account do you mean a ubuntu user or a new mysql user00:58
fourcolorsif there is such a thing00:58
cclausenmysql user00:58
cclausenmysql has its own internal accounts00:58
fourcolorsoooh00:58
fourcolorsthat's perfect. Makes a lot of sense00:58
cclausengrant all on foo.* to user 'foo'@'localhost' identified by password ... or something like that00:59
fourcolorscclausen, ok so the steps i need to take (ll look up the sql). Is Create a new user, give it a username and password etc. and then create a new database with that user .01:00
=== dendrobates is now known as dendro-afk
cclausenI would create the db first01:00
cclausenyou can't grant permissions on something that doesn't exist yet01:00
cclausen(or at least I don't think you can)01:00
cclausenand you need to flush priv...; for teh changes to take effect01:01
cclausenLynXnz: what did you need help with?01:01
* cclausen just upgraded a MySQL server to Lucid01:01
LynXnzgot a call of duty 4 server running but i have a console open for it to stay running, therefor i want to run it on boot and background'ed with an init script but i have no idea where to start for writing it01:02
cclausenLynXnz: you can probably control it from inittab and have init attach it to a tty directly at bootup01:05
cclausennot sure if you want to do that or not though01:05
LynXnzi want to be able to issue a command like service cod4-1 restart or something to restart it01:05
cclausenif using inittab, you could just kill it and init would respawn it01:06
cclausenor, look into writing an upstart config file01:07
cclausenwhich I guess is the init in lucid now01:07
LynXnzyeah, ill look into that, do you have any good links that i can have a look at?01:08
cclausenman upstart01:09
cclausenand start reading01:09
LynXnzokay will do :)01:09
cclausenalso look in /usr/share/doc/upstart01:09
cclausenand read through those01:09
LynXnzokay cheers01:10
owen1i want to run my website in a vm (vbox). both guest and host are ubuntu. anyone did that? what network should i chose? (NAT or Bridged)?01:12
cclausena NAT sounds like a pain for a server01:13
cclausenI would use bridged01:13
cclausendo you have multiple IPs to use ?01:13
lwizardlhi01:14
cclausenlwizardl: hi01:14
lwizardlI was wondering if it would be possable to have a IPCOP firewall and a httpd server on the same machine?01:15
cclausenyou can have a firewall and a webserver on teh same machine01:15
owen1cclausen: no. it's just for testing btw. i only have whatever ip the isp gives me.01:15
cclausenIPCOP appears to be its own distro though01:15
cclausenowen1: do you have a router now or are you using your one IP directly on your host system?01:16
cclausenlwizardl: I would just use the built-in linux iptables firewall instead of IPCOP.  do you have a specific reason to use IPCOP?  I think it will limit what you can do01:17
owen1cclausen: when u say router, r u talking about the box i got from my isp? if that what u mean yes. i have one.01:17
Kaprenakisowen1: thats the modem.01:18
cclausenowen1: then you have an internal non-routable IP that your computer is on? 192.168.*.* or similar?01:18
lwizardlcclausen, well IPCOP has lots of features that I like. for example if you download an update  for any os you can configure it to store the updates on the firewall server to cut down on how many times you need to download itfor other machines (which cuts down on the hosts bandwitdhs01:18
lwizardlcclausen, plus you can dissable sites and such. like block all p2p on the network01:19
cclausenlwizardl: apt-cacher does this too01:19
cclausenor you can setup a full blown http proxy like squid01:19
lwizardlcclausen, yeah but i don't think apt-cacher would work for windows and osx01:20
cclausenwell, no01:20
cclausensquid would though01:20
owen1cclausen: my machine is also available with external ip (it might change my the isp though).01:20
lwizardlcclausen, i think ipcop uses aquid01:20
lwizardlerr squid01:20
owen1cclausen: i can ssh from work for example.01:20
cclausenowen1: pick one and see if it works01:20
cclausenlwizardl: will IPCOP let you install a web server?  if so, you've answered your own question01:20
=== dendro-afk is now known as dendrobates
owen1cclausen: pick what?01:21
lwizardlcclausen, i think ipcop uses apache so yes but not sure if it uses a modded version or not01:21
cclausenowen1: NAT or bridged01:21
owen1cclausen: i am reading about bridged vbox now01:21
cclausena network "bridge" passes data between the networks at the OSI layer 2 level01:22
cclausene.g. at the ethernet level for the common case01:22
cclausenNAT works at layer 3 and does voodoo with IP addresses and port mappings01:22
owen1ah. memories from networking class..01:25
MTecknologyIs it possible to make a duplicate partition on two servers? .. Like a RAID1 volume where the drive sits on two systems. Then each is identical and accessible to the system as a normal partition.01:58
cclausenMTecknology: like drdb?01:59
cclausenMTecknology: you can also iSCSI share a volume for two servers and mirror the data locally on the initiator server02:00
MTecknologycclausen: EXACTLY like that :D02:00
cclausennote that I'd only use drdb over a dedicated network (or a cross-over cable)02:00
MTecknologyprobably not very secure?02:01
cclausennope02:01
MTecknologywhich makes perfect sense02:01
cclausen(unless you use a dedicated storage network)02:01
cclausenyou can also IPsec wrap the connection, but that would make it slow02:01
MTecknologyhow much slower?02:01
cclausendepends on the CPU of the systems02:02
MTecknologyif you can geustimate any number :P02:02
cclausenand if your network cards can offload IPsec transactions02:02
MTecknologyWe'll probably get a quad core02:02
cclausenI think single DES can be done at line speeds on 100BASE02:02
MTecknologysystems weren't purchased yet02:02
cclausennot sure about anything else.  haven't looked into it at all02:02
cclausenMTecknology: I'd test the setup with VMs before buying hardware02:03
MTecknologyactually.....02:03
MTecknologythey'll be vm's anyway :P02:03
cclausenit says mainline in 2.6.33.  lucid has 2.6.32...02:03
cclausenMTecknology: so what is your goal here?02:03
cclausenseveral systems already do VM failover between hosts02:03
MTecknologylol.. seriously that far off...02:03
MTecknologyMy goal is to make Drupal websites fully redundant - even file uploads02:04
MTecknologyI could use NFS or rsync but a lot of reasons ruled out those options02:04
MTecknologyiSCSI is going to get too expensive for what we need it for02:05
cclausenyou can run software iscsi02:05
cclauseniSCSI enterprise target02:06
MTecknologyhow much different is that from drbd?02:06
cclausenits a standard instead of some random protocol drdb invented02:06
cclauseniSCSI will work with other vendors and other products02:07
cclausenyou could even use drbd on the backend to your software iSCSI02:07
cclausenso you get redundancy and standard protocols02:07
cclausenI guess the bigger question is, do you need this at the storage layer?  Or just run your VMs on ISCSI directly?02:08
MTecknologyIf I were to buy a server today, would I be able to easily find one with 3 nic's?02:09
cclausenif not, just add NICs to it02:09
MTecknologysorry, popping thoughts - thinking about the cx cable02:09
cclausenthey still make them for PCI and PCIe slots02:09
cclausengigE is auto-cross02:09
cclausenits in the spec02:09
cclausenyou could probably go 10gig for just two systems02:09
MTecknologygigE?02:09
cclausenfor just the storage02:10
MTecknologyoh02:10
cclausen1000BASE - gigE = gigabit Ethernet02:10
MTecknologyI like that idea02:10
MTecknologyMy thought is to bind the other nic's to a single interface02:10
cclausenhmm... maybe not.  like $1000 per 10gig NIC02:11
* MTecknology eyes pop02:11
MTecknologymaybe just a gigabit nic02:11
cclausenyeah02:11
MTecknologylol02:12
cclausenthat should be like around $100 for a good one02:12
MTecknologysave ~$1,80002:12
MTecknologyback to the other part...02:12
owen1i have a guest ubuntu server with bridged interface. i see this in showvminfo: 'NIC 1: MAC: 0800275D70EA, Attachment: Bridged Interface 'eth0', Cable connected: on, Trace: off (file: none), Type: Am79C973, Reported speed: 0 Mbps'02:13
MTecknologyMy goal is to have multiple web servers. I can easily deal with thy02:13
owen1how to ssh to my guest? ssh <name><host-ip>:port ??02:13
MTecknologyMy goal is to have multiple web servers. I can easily deal with the sql behind it and the proxy, my biggest challenge is the changing files02:13
cclausenowen1: for the most part, yes, it should work the same way it does now02:13
MTecknologyowen1: user@host02:14
cclausenMTecknology: do you want to handle planned outages?  Or scheduled outages?02:14
MTecknology-p<port>02:14
owen1cclausen: do i need to port forward on my router?02:14
owen1cclausen: and what port is my guest on?02:14
cclausenowen1: if you only have a single external IP, yes, probably02:14
MTecknologycclausen: both02:14
cclausenMTecknology: ah, ok.  I was going to suggest using openafs.  but it doesn't do read-write replication, just read-only02:15
MTecknologycclausen: My thoughts are 2 physical systems. Then on one, my primary vm's; then ont eh other, near copies. Then if somebody unplugs (or more likely, I need to reboot) the host; then everything will keep working without a hiccup.02:16
MTecknologycclausen: can I use drbd without the .33 kernel?02:16
cclausenMTecknology: probably, but you'd need to compile it in yourself02:16
MTecknologycclausen: you mean, compile module (package), then modprobe?02:17
cclausennot sure02:17
cclausenmight need to be compiled into the kernel directly02:17
MTecknologyif it'll work as a module..02:17
cclausenand not a module02:17
MTecknologyHow long until 10.05?02:18
MTecknology:P02:18
cclausen10.04.01 will be out in July, I think02:18
cclausenbut that isn't likely to have a newer kernel02:18
MTecknologywhat kernel does 8.04 have?02:19
cclausenactually, there is drbd0.7-module-source02:19
MTecknologyI suppose there's always the upstream kernel releases too02:19
cclausenyou should be able to install that02:19
cclausenerr, drbd802:19
MTecknology:CD02:19
cclausenhttp://packages.ubuntu.com/lucid/drbd8-source02:19
MTecknology:D *02:19
cclausenhardy has 2.6.24, I think02:19
bluethundr_my courier authlib is missing libauthmysql.so .. how do I get my grubby little paws on this one file I need to get my imap server to log me in?02:20
MTecknologyI tried .34-rc5 on my laptop - it hated me02:20
owen1how to find the port my guest os is running on? showvminfo doesn't show any info about ports.02:20
MTecknologycclausen: I think I really really want to hug you right now02:20
bluethundr_MTecknology: lsof -i02:20
MTecknologyowen1: did you install openssh-server in the vm?02:20
lwizardlhey guys02:21
MTecknologybluethundr_: hm?02:21
bluethundr_also netstat -tulpn02:21
owen1MTecknology: yes02:21
bluethundr_these commands will show you what ports are active on your system02:21
owen1MTecknology: i can ssh to the host02:21
lwizardlhave anyone here ever used a cobolt qube 2700 ?02:21
MTecknologyowen1: it's probably running on 2202:21
MTecknologybluethundr_: you answered the wrong person02:21
bluethundr_k02:21
MTecknology:P02:21
bluethundr_I see owen1 was needing help heh02:22
MTecknologyowen1: check out what bluethundr_ said too02:22
bluethundr_anyone got a clue on my libauthmysql.so problem? :)02:22
MTecknologycclausen: you need to make a wiki page for yourself02:22
owen1bluethundr_: let me see02:23
MTecknologyowen1: you should bridge the interface, setup your vm to grab a lan ip, then ssh into that ip02:23
bluethundr_owen1 grazi02:23
cclausenMTecknology: I have a wiki page: https://wiki.cites.uiuc.edu/wiki/display/~cclausen02:23
MTecknologyowen1: if you have to ssh from outside the lan and only have one ip, then setup your router to forward a random port to 22 inside the lan02:24
owen1MTecknology: all i did so far is: VBoxManage modifyvm "ubuntu server" --nic1 bridged --bridgeadapter1 eth0.02:24
MTecknologycclausen: I meant wiki.ubuntu.com02:24
MTecknologyowen1: what ip does your guest have? and what does the host have?02:24
cclausenMTecknology: I don't even have an account there...02:24
MTecknologyowen1: pastebin ifconfig output from both02:24
MTecknologycclausen: your launchpad account - openid magically creates your account02:25
owen1MTecknology: my host is 72.129.82.140 but it can also be accessed from 192.168.1.2. i don't know the ip of my guest. how do i find it?02:27
MTecknologycclausen: you host is a public IP? You have no router in between?02:27
MTecknologyowen1: ipconfig02:27
MTecknologyowen1: your host is a public IP? You have no router in between? **02:27
cclausenMTecknology: yes.  I just have one IP and my home desktop is on it02:28
cclausenI share the connection from my desktop using internet connection sharing02:28
MTecknologycclausen: sorry, wrong person02:28
MTecknologyI always use a router in between02:28
owen1MTecknology: my host was given to my by my isp. and i can access it from anywhere. does that mean it's public ip?02:28
cclausenowen1: just pastebin ipconfig -a output from both systems02:29
owen1cclausen: when u say both system, what do u mean? host and guest? i can't find a way to ssh into my guest so i can't provide you this.02:29
MTecknologyowen1: .. you should probably check out kvm instead of vmware - for ubuntu it's much better supported and documented02:30
owen1i can run it from the host (i ssh into the host, start the guest vm, etc)02:30
owen1MTecknology: i use vbox02:30
MTecknologyowen1: then s/vmware/vbox/02:30
MTecknologyin the setup guide for kvm it specifically says how to deal with bridged interfaces, how to setup the IP's, how to get into the system if you can't ssh in, etc.02:31
MTecknology!kvm | owen102:32
ubottuowen1: kvm is the preferred virtualization approach in Ubuntu. For more information see https://help.ubuntu.com/community/KVM02:32
owen1MTecknology: thanks, i'll check it out after i'll feel that vbox failed me..02:33
MTecknologyowen1: vbox will work but your support may be easier found in #vbox02:34
MTecknologyfor the issue you're having - we're going to have a hard time helping you02:34
MTecknologycclausen seems brilliant and may be able to come up with something else to help02:35
owen1here is a pastebin of my hosts's ifconfig and netstat - http://pastebin.com/zmw5y2Hs02:35
owen1reading your doc02:35
MTecknologyowen1: ya... you don't even have a bridged interface - you need that02:36
MTecknologycclausen: hey... maybe you can help me with one other thing...02:38
cclausenMTecknology: maybe, what?02:39
owen1MTecknology: thanks, i found this - http://www.ubuntugeek.com/how-to-set-up-host-interface-networking-for-virtualbox-on-ubuntu.html  i hope it's what u meant.02:39
MTecknologycclausen: kvm on my host - I can't enable ufw because it kills my connection to every other system. ideally, if something is detined for the host it'll have to match the rules; otherwise it just passes through the rules into the vm's where the vm's deal with it02:40
MTecknologyowen1: no - just a simple bridged interface - there's nothing vbox speficic about it02:41
MTecknologyowen1: but ya, that looks about right02:41
cclausenMTecknology: you want the firewall on teh host to block for teh VMs too?02:41
MTecknologycclausen: nope, I want ti blocking for itself only - vm's have ufw and they can deal with it themselves02:42
cclausenMTecknology: ok, that should work.  I'm not sure what is being blocked, but can you run the firewall in a log-only mode first?  e.g. log what would be blocked?02:43
* MTecknology upgrades production systems to 10.04 in 17min02:43
MTecknologycclausen: alrighty - once I get the production systems moved up I'll get some output and then annoy you so I don't have to run off shortly into it :)02:44
cclausenMTecknology: sounds good.  I'm watching windows 2008 do the upgrade to R2 right now..02:45
MTecknologyouch02:45
* MTecknology cusses at identi.ca+jabber+bitlbee02:48
MTecknology4min - I'll loose irc in the process :(02:55
KaprenakisDoes anyone know anything about file server + music streaming?03:06
MTecknology!anyone03:07
ubottuA large amount of the first questions asked in this channel start with "Does anyone/anybody..."  Why not ask your next question (the real one) and find out?03:07
cclausenKaprenakis: i know the people working on http://github.com/avuserow/amp03:08
cclausenKaprenakis: the setup I know of reads music out of openafs as needed03:08
cclausenalthough its not exactly streaming03:08
MTecknologyI used to have a vibe music streaming system - but iirc - it's windows only03:09
cclausenI've had good luck getting the darwin streaming server to work on multiple platforms.  worked much better than icecast03:09
MTecknologythere- one production system back up and running completely03:10
Kaprenakismmm i disconnected03:10
MTecknologyKaprenakis: 21:09 < MTecknology> I used to have a vibe music streaming system - but iirc - it's windows only    21:09 < cclausen> I've had good luck getting the darwin streaming server to work on multiple platforms.  worked much better than icecast03:11
KaprenakisMTecknology: darwin streaming server, can you set that up on a clean install of ubuntu server 10.04 ?03:12
MTecknologycloakable: I think he meant you03:12
Kaprenakisyes sorry.03:13
KaprenakisMTecknology Tys for the repost.03:13
Kaprenakiscclausen: Could I install Ubuntu Server 10.04. Install Samba for the file server. Then install darwin streaming server to play those files that are being hosted on the file server?03:14
cclausenKaprenakis: that should work03:15
cclausenKaprenakis: there are probably some much newer music streaming programs out there too.  I'd look around (or apt-cache search)03:16
cclausenKaprenakis: do you need to stream over the internet?  Or just on the local subnet?03:16
Kaprenakiscclausen: I would like to be able to stream over the internet03:19
Kaprenakiscclausen: Also I would like to have something that would require you to log in.03:20
=== dendrobates is now known as dendro-afk
cclausenKaprenakis: http://www.ubuntugeek.com/streaming-media-server-in-ubuntu-gnulinux-using-gnump3d.html <- check that out03:21
cclausennot sure if it has a password though...03:22
cclausenKaprenakis: do you really need to stream across the internet?  Or can you run the player anywhere and just get to files from across the internet?03:22
cclausenI keep some of my music in openafs and just listen to it from anywhere by acessing teh file space03:23
cclausenKaprenakis: there is also: http://www.oreillynet.com/xml/blog/2004/12/streaming_itunes_from_ubuntu.html03:24
Kaprenakiscclausen: what is openafs?03:25
cclausenKaprenakis: openafs is a distributed filesystem -> http://www.openafs.org  its not easy to setup though03:25
Kaprenakiscclausen: yeah that doesnt look to noob friendly..03:27
cclausenKaprenakis: the ubuntu packages actually are fairly easy to install, but you'd need an afs client on various computers that you'd use so I'm not sure if that would work or not03:29
cclausenworks great for me.  secure, (encrypted) file space I can literally access from anywhere in the world.03:30
Kaprenakiscclausen: you access it from your computer correct? or any computer anywhere?03:30
cclausenany computer with an AFS client03:30
Kaprenakiscclausen: ok03:30
Kaprenakiscclausen: well then thats not exactly what I'm looking for then.03:31
Kaprenakiscclausen: I need it to be built in the browser, streaming03:31
Kaprenakiscclausen: So do you think samba server is the best to host files for local or outside access?03:40
MTecknologyCommercial on the TV: "Everything that goes into your linux system is designed to save you money." - Turns out she said "Lennox"03:41
cclausenKaprenakis: samba probably isn't good to use over the internet03:46
Kaprenakiscclausen: well i would store the files via samba but stream those files from the samba server.. does that work?03:47
cclausenmaybe03:47
Kaprenakiscclausen: or should i say is it secure?03:48
cclausenits as secure as your streaming program03:51
AdamDVIs howtoforge down for anyone else04:07
cclausenappears to be, yes04:08
Kaprenakiscclausen: alrighty, so is it secure enough? or should i seek other options?04:08
cclausenKaprenakis: go with it and see how it works04:12
owen1i followed the ubuntu docs for enabling networking for vbox (sudo modprobe vboxnetflt) and now i have br0 interface. here is my ifconfig and netstat.  what is the ip and port of my guest?04:13
owen1http://pastebin.com/ptdsvRE904:14
cclausencan you get to the guests console?04:15
cclausenand run ifconfig there?04:15
owen1cclausen: if wish i knew the port of the guest so i could ssh to it.04:16
owen1can i get to the guest's console from the host and not from outside?04:16
cclausenI'd say virtualbox is useless if you can't get to a VM's console04:17
cclausenhow do you fix network problems?04:17
cclausenyeah, it probably works by default only from the host04:17
cclausenyou can also try looking in an arp cache for other IPs04:18
owen1cclausen: it's the first time i am trying it, so i can't tell if it's possible.04:18
cclausendoes arp -a work on Linux systems?04:18
owen1(192.168.1.1) at 00:1b:2f:fd:17:aa [ether] on br004:18
owen1maybe that's the ip?04:18
cclausenmaybe04:19
cclausencan you ssh there?04:19
owen1let me try04:19
cclausenusually the .1 is the network's default gateway.  but if you don't have a router, I'm not sure how that works04:19
owen1cclausen: connection refused. i tried from my laptop and from the host.04:20
cclausenowen1: well, that could mean anything04:20
owen1maybe i need to add a port04:20
cclausenyou need to get to the console on your VM and just run ifconfig to see what is going on04:20
owen1cclausen: yeah. what user should i ssh with? myself?04:21
MTecknologycclausen: hi :D04:21
MTecknologycclausen: data collection time04:21
cclausenif connection is refused, that isn't going to matter04:21
owen1i'll post this in vbox forum. thank you!04:22
owen1cclausen: do u use kvm for hosting websites?04:23
MTecknologycclausen: May  1 22:24:22 pessum kernel: [19981.061455] [UFW BLOCK] IN=br0 OUT=br0 PHYSIN=eth0 PHYSOUT=vnet1 SRC=192.168.3.6 DST=192.168.1.5 LEN=196 TOS=0x10 PREC=0x00 TTL=63 ID=40752 DF PROTO=TCP SPT=55015 DPT=22 WINDOW=126 RES=0x00 ACK PSH URGP=004:24
cclausenowen1: I use Microsoft Hyper-V for VMs and have Windows 2k8 IIS7 and Ubuntu 8.04 apache2 VMs right now04:26
cclausenMTecknology: looks like it is blocking ssh traffic?04:27
cclausenMTecknology: allow all IPs to send to port 22 and allow all outbound connections to port 2204:28
owen1cclausen: on the same physical box?04:28
cclausenowen1: actually, yes04:28
cclausenI just moved a production apache webserver and an iis test box to the same physical box04:28
cclausenowen1: physical box has windows 2008 r2 installed and I just upgraded the IIS install to r2 as well.04:29
cclausenowen1: the physical box just runs the VMs04:29
owen1so your guest os in windows?04:29
owen1sorry ,04:29
owen1your host04:29
MTecknologycclausen: so ufw allow from any port 22 proto tcp to any ?04:29
cclausenyes04:29
MTecknologyand vise versa04:29
cclausenMTecknology: I don't know the firewall rules, sorry.  I just turn off firewalls.  I don't believe in them04:30
cclausenif I don't want to run a service, I don't run it.  and for ssh brute force attempts I have fail2ban installed04:30
uvirtbotNew bug: #573436 in php5 (main) "PHP Deprecated:  Comments starting with '#' are deprecated in /etc/php5/cli/conf.d/ldap.ini on line 1 in Unknown on line 0" [Undecided,New] https://launchpad.net/bugs/57343604:31
MTecknologycclausen: still blocks when I add that04:31
cclausenMTecknology: you need to allow to any as well.  ssh out to port 22 and into port 2204:32
MTecknologycclausen: what I think I want is from any to any on PHYSOUT=vnet* is allowed04:33
cclausenMTecknology: and note that the client randomly gets a source port from the OS, so you can't restrict on source and destination port apirs04:33
MTecknologyyup any -> 22 and 22 <- any04:33
MTecknologycclausen: I even did 'ufw allow from any to any' - still nothing04:40
cclausenMTecknology: how about setting sudo ufw default allow04:41
cclausenand then just block stuff you don't want as needed04:41
cclausencan you pastebin ufw status  ?04:41
MTecknology'ufw enable' 'ufw default allow' 'ufw allow from any to any' - still blocks04:42
MTecknologycclausen: http://dpaste.com/189908/04:43
cclausenyour default allow rules should let you in04:44
cclausenand a rule to block traffic you don't want in04:44
cclausenhttps://help.ubuntu.com/community/UFW04:44
MTecknologyright04:44
MTecknologyI normally use default deny04:44
cclausenyeah, I figured04:44
MTecknologybut for this case..04:44
MTecknologyeverything is allowed04:45
cclausenI think you want to ufw allow 22 for all inbound ssh04:46
MTecknologythat should be covered in that allow any any, right?04:47
cclausenyep04:47
cclausenif you want to do it the other way you are going to need better rules04:47
MTecknologythe config in that pastebin - i enable ufw and things still block04:47
cclausenyou only allowed inbound to port 2204:48
MTecknologyhttp://dpaste.com/189908/04:48
MTecknologycheck the last one04:48
MTecknology'ufw allow from any to any'04:48
cclausenyep04:48
cclausenand that blocks things?04:48
MTecknologythat's not just ssh04:48
MTecknologyyup04:48
cclausenhmm04:48
MTecknologyI 'ufw enable' and can't do anything with my vm's04:48
=== erichammond1 is now known as erichammond
cclausenI'm not sure what to tell you04:49
cclausenif it were me, I'd look at the actual iptables rules that were generated and see what is going on04:49
cclausenalso, what is your goal here?  those IPs are all non-routable.  its not like you are going to have internet traffic on RFC1918 IPs04:50
MTecknologybut I do have those vm's available to the world04:50
cjsWhere's a good place to go get advice on routing related to a PPPoE link, a bridge, and some machines in the DMZ to which this host is routing?04:52
cjsBasically, the hosts are accessible remotely, but not from the router itself, though I do have a route for that network to br2.04:52
MTecknologycclausen: the internal nat isn't via world, but those vm's running on it are available via the world04:53
cclausencjs: can you writeup a pastebin describing your network setup in more details?  ifconfig -a output from varous machines would be helpful04:53
cclausenMTecknology: I thought you said the VMs would block their own traffic?04:54
MTecknologycclausen: no, the host blocks it04:54
MTecknologycclausen: everything I did was on the host04:55
cjscclausen: Sure.04:55
cclausenMTecknology: hmm.. ok.. that works differently than hyper-V.  I don't even see guest traffic registered on the host04:55
MTecknologycclausen: ideally, I could have one rule that applies to vm's that says - pass it; then I could control the rules for the system itself04:57
MTecknologycclausen: basically because ufw is absolutely amazing... :P04:57
cclausenMTecknology: ok, well, I'm not sure what is going on.  Try working with a small set of rules at once.  and basically add the rule that allows whatever shows up in your block logs and try and work at what is going on04:59
MTecknologycclausen: there is no 'rule' that's blocking it though.. ufw being enabled kills connections to the vm's05:00
cjscclausen: http://pastebin.com/LqVYqPAp05:00
MTecknologycclausen: maybe I should show you /etc/network/interfaces05:00
cclausenMTecknology: does the firewall bind to a single network interface?  is that the problem?05:00
MTecknologycclausen: http://dpaste.com/189909/05:00
MTecknologyyup05:00
MTecknologyoh..05:00
cclausencjs: you're abusing routing.  don't and I suspect you'll have better luck.  there is a reason you can't use the broadcast and network addresses05:01
cjscclausen: Oh, yes? And what would that be?05:02
cclausencjs: those are used for CIDR routing05:03
cjs(Not that I'm using them at the moment anyway.)05:03
cjsIn what way are they used for CIDR routing? (I am familiar with CIDR.)05:03
cclausencjs: yes and if you need to contact hosts in that space you won't be able to get to them05:03
cclausencjs: its how the arp tables are built on the routers.  the traffic is sent to an AS for the specific network05:04
MTecknologycclausen: would 'ip addr' output help you help me any?05:04
cjscclausen: I am aware that I cannot contact hosts in the space I allocated to myself that isn't actually routed to me. It's a trade-off I'm willing to make.05:04
cclausenMTecknology: I do not know05:04
cjscclausen: ARP tables? For a point-to-point link?05:04
cclausencjs: arp tables for the internet routers.  its only a point to point link for a single hop.  then its actually routed05:05
cjsWhat would such ARP tables map? From what to IP addresses, or IP addresses to what?05:05
cclausencjs: if you don't need the ips, why do that anyway?  It just confuses things05:05
MTecknologycclausen: http://dpaste.com/189913/05:05
cjscclausen: point-to-point is also routed.05:05
cjscclausen: I will need the IPs. I'm just not using them yet.05:05
cclausencjs: err, sorry. routing tables.  its not at the MAC layer, you are correct05:05
cclausencjs: what is the "router" in your setup?05:07
cjscclausen: Thank you. And so, given that there is no MAC layer, there's no need for broadcast or network addresses. In fact, the outside world has no idea (until it gets to my ISP) of how the network is divided anyway. And my ISP just takes anything destined for .192 or .199 and pumps it down my link, just as it does for .193 or any other address in that range. (I've tested this by the way, on this link, and I've configured things this way man05:07
cjsy, many times on various systems in the past 15 years.)05:07
MTecknologyMy swordfish is nearly cooked :)05:07
cclausencjs: well, whatever, lets figure out the .192 <-> .194 problem right now.05:07
cjsThe only reason I need to fake that /25 thing is due to the Linux kernel being unable to handle the idea of a "network" that doesn't have a physical layer.05:07
cjscclausen: Great, thank-you. .193 is the router.05:07
cjsAnd those address and routing tables I showed are from it.05:07
cclausencjs: what is it? a linux system?05:08
cjsOh, sorry. (Doh!). Ubuntu 10.04 server.05:08
jnsshey hows the ubuntu server05:08
cclausenand the VM is also a linux system?05:08
cjsIt is: also 10.04 server.05:08
cclausencjs: from the .193 system, if you ping the .194 (yes, it fails) and then run arp -a, does the correct MAC show up?05:09
jnsswould you recommend this ubuntu server over centos or debian05:09
cclausenjnss: over centos, yes.  debian depends.  I like the 5 year support on ubuntu05:10
cjscclausen: Gah! Yes it does, and suddenly it's working.05:10
cclausencjs: pings work now?05:10
cjscclausen: Would you believe "I didn't change anything"? (No, I wouldn't either.)05:10
cclausencjs: glad I could help :-)05:10
cjscclausen: yes, they work now. For .193 as well. I wonder what I did.05:10
cjscclausen: Just make sure you're around next time my networking breaks. :-)05:10
cjscclausen: Wait. It works in one terminal (ssh login), but not another. I am using -n on ping.05:11
cclausencjs: same system?05:11
cjsIt certainly appears to be.05:12
cclausencjs: both consoles running as root?05:12
cjsYes.05:13
jnssgot specific reasons why you would rather use ubuntu than centos? ;)05:13
cjsAnother one works, too. It's just this one window. This is...interesting.05:13
cclausenusing same ping binary?  which ping is same on both?05:13
cjsYup.05:14
cclausencjs: close it and open a new one and hope the problem goes away...05:14
cjscclausen: Tempting. But I want to poke at this a bit. It's insane enough that it must be me, not the machine.05:14
jnssim just looking for ideas05:14
cclausenjnss: 5 year support, I know the release cycle.  RPMs make babies cry05:14
cjsDropping back out of my sudo shell, same problem. Hmm!05:15
cclausencjs: I could see a network capability rule applying to a specific session at login time05:15
cjsHm. Ok, that would be plausible. Except for how the capability rule got there.05:15
MTecknologycclausen: You see anything obvious that would make it not work?05:16
cclausencjs: selinux?  apparmor?05:16
cjsI am using apparmor. Just the default thing.05:16
cjsOh...hmmm...doesn't apparmor apply to ping?05:16
cclausenMTecknology: sorry, got distracted.  looking now05:16
MTecknologycclausen: :P05:16
cclausencjs: I have no idea.  I disable such things05:16
cjsNo, not in my case, if /etc/apparmor.d is anything to go by.05:16
MTecknologycclausen: meanwhile I ate swordfish - first time - that was yummy05:17
cclausenMTecknology: does eth0 need its own IP?  I see you have it set to static, but didn't give it an IP05:17
cclausenerr, I guess you have it set to "manual" and not "static"05:18
cclausendoes the bridge device manually up it as needed?05:19
cclausenMTecknology: does ifconfig list eth0?  does ifconfig -a ?05:19
MTecknologycclausen: ifconfig shows it05:20
MTecknologyhttp://dpaste.com/189915/05:20
cclausenMTecknology: but it doesn't have an IP assigned...  what exactly wasn't working here again?05:21
cclausenMTecknology: just the firewall rules?05:21
MTecknologyya05:21
MTecknologywhen I enable ufw, I can't communicate with the vm's anymore05:21
cclausenall your VM networks are in 192.168.0.0/22 space ?05:23
cclausenreduce your rules and just allow all traffic in that single CIDR block05:23
MTecknology192.168.1.0/2405:23
MTecknologyufw allow from any to any should cover that05:23
cclausenrtue, but just to test05:24
cclausenremove all teh rules05:24
MTecknologyI don't think my issue is in the rules themselves..05:24
MTecknologyok.05:24
cclausenand add just a ufs allow all from 192.168.0.0/2205:24
MTecknologyyou mean 192.168.1.0/24 ?05:25
MTecknologyor do I want it wider like that?05:25
cclausenone of the message you posted had a 192.169.3.x IP in it, didn't uit?05:25
cclausenMay  1 22:24:22 pessum kernel: [19981.061455] [UFW BLOCK] IN=br0 OUT=br0 PHYSIN=eth0 PHYSOUT=vnet1 SRC=192.168.3.6 DST=192.168.1.5 LEN=196 TOS=0x10 PREC=0x00 TTL=63 ID=40752 DF PROTO=TCP SPT=55015 DPT=22 WINDOW=126 RES=0x00 ACK PSH URGP=005:26
cclausensee the SRC=192.168.3.6  in there05:26
cclausenwhere is that coming from ?05:26
MTecknologyoh.. sorry - I was thinking backward05:27
MTecknologythe vm's are all in 1.0/24 - the 3.0/24 is my vpn ip05:28
cclausenMTecknology: does your VPN get blocked too?  Or just the VMs?05:28
MTecknologyERROR: 'Wrong number of arguments'05:28
MTecknologyClient->VPN = blocked05:28
cclausenwhat is your client IP?  in that same range?05:29
* MTecknology is 192.168.3.xxx05:29
* MTecknology is 192.168.3.605:29
MTecknologyservers are 192.168.1.0/2405:29
cclausenok05:29
cclausenpastebin iptables -L and ufw status05:30
MTecknologywireless clients 2.0/24; pptp are 4.0/2405:30
MTecknologyhere we go05:31
MTecknologycclausen: http://dpaste.com/189917/05:31
MTecknologycclausen: meh - I need to generate traffic to be blocked.... here's an actual sample line that I just generated - May  1 23:32:44 pessum kernel: [24082.584639] [UFW BLOCK] IN=br0 OUT=br0 PHYSIN=eth0 PHYSOUT=vnet1 SRC=192.168.3.6 DST=192.168.1.5 LEN=100 TOS=0x10 PREC=0x00 TTL=63 ID=25825 DF PROTO=TCP SPT=55015 DPT=22 WINDOW=126 RES=0x00 ACK PSH URGP=005:33
cclausenthat is a lot of iptables rules...05:34
cclausenso you see anything that looks funky?05:34
MTecknologywell, ufw does make a lot of rules :P05:34
cclausenhmm... I wonder if its just affecting existing connections05:35
MTecknologycclausen: line 127?05:36
cclausenits is stateful and iptables probably needs to see the connect in the TCP handshake to allow the traffic05:36
uvirtbotNew bug: #573451 in dbconfig-common (main) "package dbconfig-common 1.8.44ubuntu1 failed to install/upgrade: subprocess installed post-installation script returned error exit status 1" [Undecided,New] https://launchpad.net/bugs/57345105:36
MTecknologyI wish that was it...05:36
MTecknologyany new connections fail05:36
cclausenMTecknology: ah, ok05:36
cclausengood to know though05:36
cclausenwait, your rule is allow in anywhere05:37
cclausenwhat about allow out ?05:37
MTecknologyallow from any to any05:37
MTecknologythat should go both ways05:38
MTecknologyDefault: allow (incoming), allow (outgoing)05:38
MTecknology^ there's that too - ufw default allow05:38
uvirtbotMTecknology: Error: "there's" is not a valid command.05:38
cclausencan you remove your single rule05:38
cclausenand try that?05:38
MTecknologyok05:38
cclausenjust enable ufs without a rule set?05:38
cclausenerr, ufw05:38
MTecknologyhttp://dpaste.com/189926/05:39
cclausenrule is still htere: Anywhere                   ALLOW IN    Anywhere05:40
MTecknologysorry... wrong pastebin05:40
MTecknologythere we go - http://dpaste.com/189928/05:41
cclausendid that block stuff too?05:41
cclausenwhat are teh rules with 192.168.122.0/24 about ?05:42
MTecknologyno idea..05:42
=== erichammond1 is now known as erichammond
MTecknologyhrm..05:42
MTecknologyI think that's the virt network05:43
MTecknologyI should try iptables -flush05:43
MTecknologymaybe?05:43
MTecknologyor could that likely kill me?05:44
cclausenyeah, flush the iptables rule sets05:44
MTecknologythere - chains listed - but all empty05:44
MTecknologyshould I do ufw enable from here?05:44
cclausentake a look at this05:44
cclausenhttp://www.cyberciti.biz/tips/linux-iptables-how-to-flush-all-rules.html05:44
cclausenI'd try flushing all of those05:45
MTecknologyI did iptables -F05:45
MTecknologyoh05:45
cclausenyeah, but does that actually flush eveything?05:45
cclausen(it might, I don't know)05:45
MTecknologyeverything except purging the chains05:45
MTecknologywhich have nothing in them05:45
cclauseniptables -X just in case05:46
MTecknologyok - EVERYTHING is wiped05:46
cclausennow try ufw again05:46
MTecknologyok..05:46
* MTecknology crosses fingers...05:46
MTecknologyexact same thing05:47
cclauseniptables -L pastebin?05:47
cclausene.g. is the rule set the same?  with that 192.168.122 net?05:47
MTecknologyhttp://dpaste.com/189937/05:48
cclausenok, well at least the 192.168 stuff is gone now05:49
cclausentry switch ufw the other way05:50
cclausento deny by default05:50
cclausenwill the same allow from any to any rule05:51
cclausenand see if it still blocks05:51
MTecknologyhttp://dpaste.com/189941/05:52
MTecknologythat's w/o allow allow05:52
cclausenif you have the text, diff the two05:52
cclausenif the only difference the ACCEPT to DROP in teh first line ?05:52
MTecknologyhttp://dpaste.com/189943/05:53
cclausenthat is the same thing, isn't it?05:54
MTecknologyjust with the allow everything05:54
cclausenhmm05:54
cclausenI wonder if allow everything doesn't work b/c of teh default rule sets05:54
cclausentry just allow from 192.168.0.0/1605:55
MTecknologyallow from 192.168.0.0/16 to any ?05:55
cclausenjust ufs allow from 192.168.0.0/1605:56
cclausenthe "to any" should be implied05:56
MTecknologyyou can't do that05:56
cclausen(at least according to the wiki page I'm reading)05:56
cclausenso this is wrong? https://help.ubuntu.com/community/UFW05:56
cclausen"sudo ufw allow from 192.168.1.0/24"05:56
MTecknologyoh..05:56
cclausenits one of the examples05:56
MTecknologynifty05:56
MTecknologyI'll try05:56
MTecknologysame thing05:57
cclausenhmm05:57
cclausenI've got no ideas then05:57
MTecknologyalrighty05:57
cclausenunless you want to try purging and reinstalling ufw and iptables05:57
MTecknologyI'll just file a bug report and include this whole log :P05:58
MTecknologyit happened on a fresh install05:58
MTecknologythis whole setup is only a few months old with mostly all default configs05:58
MTecknologycclausen: thanks VERY much for the help :)05:59
MTecknologycclausen: sticking with it this long was impressive :)05:59
MTecknologycclausen: if you make a wiki page I'll happily add a recommendation for you if you decide you want to become an ubuntu member someday06:00
MTecknologycclausen: any objections if I include this whole log?06:03
cclausenMTecknology: none from my end.  I'm not really a firewall expert though.  maybe someone who knows what they are doing shoould take a look at it first?06:04
MTecknologycclausen: there we go - bug filed :)06:29
MTecknologycclausen: worst case I did something stupid06:29
MTecknology!kvm06:33
ubottukvm is the preferred virtualization approach in Ubuntu. For more information see https://help.ubuntu.com/community/KVM06:33
Flam`I opened some ports in my iptables, here's an "iptables -L" http://pastie.org/private/k6nygx4hznny241abt1whq, but when I try to connect to the ports (8484 for example) with nmap it says that it is still closed.07:08
=== KB1JWQ is now known as TheOracle
MTecknologyFlam`: ufw status verbose07:09
Flam`Also, what's the easiest way to remove the last 4 ACCEPT entries in the "chain INPUT" section... added those by mistake.07:09
Flam`k 1sec07:09
Flam`I see a lot of blocked attempts.07:11
Flam`MTecknology: What am I supposed to see?07:13
MTecknologyFlam`: a verbose output of the current status of ufw07:14
MTecknologyFlam`: if you're using ufw, you shouldn't be workin with iptables directly if you can help it07:15
cclausenFlam`: what does netstat -ant show?  do you actually have something listening on port 8484 ?07:15
cclausenFlam`: and do you want to allow udp or tcp?  by default, nmap only scans tcp07:15
MTecknologyya.. cclausen can help you much better..07:16
cclausenMTecknology: no, go ahead.  you actually use the commands.07:16
MTecknologycclausen: :P07:16
MTecknologyFlam`: do you want to use ufw or iptables directly? you shouldn't really intermix them unless you really much up things (like me a little while ago)07:17
Pirate_Hunterhas anyone managed to successfully combine any type raid with lvm in 10.04 without being directed to busybox stating "gave up waiting for root device", if so is there any fix for this bug?07:17
MTecknologys/much/muck/07:17
Pirate_HunterI am starting to think I should go back to 8.0407:18
MTecknologyPirate_Hunter: what type of setup? do you have root on lvm?07:18
MTecknologyI like keeping / and /boot off of any funky setups07:19
Flam`Thanks for the tip, I'll try not to mix and match between ufw and iptables.  I'll stick with ufw.   I just did "sudo ufw allow 8484" which im hoping enabled it for both udp/tcp from any location.  I ran my service and tried netstat -ant and nothing is even listening.07:20
Flam`:/07:20
Pirate_HunterMTecknology, been a while i've seen you here or maybe i am the one whos been missing, well originally it was raid1 /boot raid0+lvm however that sent me to busybox, now after searching online a few have had problems with other raid combinations but no one has provided a fix. However those were either alpha or beta stages of lucid07:21
cclausenFlam`: nmap won;t show a port as open if it can't connect to it.  you can run something there to test if you want07:21
MTecknologyFlam`: if you run ufw status it tells you if it's by tcp, udp, or both - i think default is it's as open as you specify it should be closed07:21
Flam`ufw status shows that it is indeed both udp/tcp from anywhere.  Thanks for the help guys it seems the problem lies in my service software itself.07:22
cclausenFlam`: easiest thing to test with is probably sshd: sudo `which sshd` -D -p 8484 and then nmap once sshd starts up07:22
Flam`hm07:22
Flam`How do I close it afterwards?07:22
Pirate_HunterMTecknology, it takes four hours to wipe the disks I can't do that again, if no definite answer I'll go back to hardy07:22
cclausenFlam`: you can Ctrl-C it if its still running after nmap07:23
cclausenin debug mode, it will shutdown after a single connection07:23
MTecknologyPirate_Hunter: /boot should always be on the simplest system you can muster. The generic kernel has initrd which should handle booting the rest of the system on some pretty obscure setups.07:23
Flam`cclausen: it worked. Thanks07:23
cclausenPirate_Hunter: you don;t have to completely wipe the disks.  just wiping out the parition table should work for a reinstall07:24
MTecknologyPirate_Hunter: I've been on here a lot for a long time, just always busy with other things07:25
Pirate_HunterMTecknology, I wanted boot on both since I can run degraded, more like an insurance that boot would work if something went wrong on one of the disks, also obscure setup?07:25
cclausenPirate_Hunter: boot shouldn't change much, just put a copy of it on each disk07:26
cclausen(you'd have to manually keep them in sync though)07:26
Pirate_HunterMTecknology, no wonder and I show up once in a while still nice seeing you07:26
MTecknologyPirate_Hunter: nice seeing you too07:26
Pirate_Huntercclausen, keeping in sync manually seems like more wok than it is worth while raid1 will do that for me, it actually works on 8.04 just can't understand why 10.4 is giving me so much trouble also something weird when setting up raid0 it takes a few kb and makes it unusable, something I didnt notice on the previous lts07:28
Pirate_HunterMTecknology, :)07:28
cclausenPirate_Hunter: can you make /boot a mirror that is not in lvm?07:29
MTecknologyPirate_Hunter: like, lvm on soft raid on hard raid with zfs on everything07:29
MTecknologyPirate_Hunter: if /boot is on a simple standard partition - it can boot that07:29
MTecknologyI think so anyway..07:30
Pirate_HunterI understand what both are saying, however, the problem is that boot is actually not finding the lvm / partition or to be correct initramfs, some say its grub2 others its something with lucid and im clueless07:32
MTecknologyyou can always dd if=/dev/sda1 of=/boot.img07:32
cclausenPirate_Hunter: what is your hardware setup?07:34
KaprenakisHi again .07:34
Pirate_Huntercclausen, its just a machine with two disks and 4gb ram to be as simple as possible its nothing to do with the hardware07:35
MTecknologyya.. my gf called me just so she can make me feel bad because she's crying because I didn't agree to why she was upset with me07:35
KaprenakisDoing a install of Ubuntu 10.04 server, and was wondering for a file server/media server, with hopefully outside access. What option should i do for Partition disks?07:36
Pirate_HunterI assume no one has encountered this or have tried  any raid setup with lvm?07:36
cclausenPirate_Hunter: what disk controller?07:36
Callum__Umm, WHY is Ubuntu 10.04 Server's default GRUB install behaviour is to install to the first drive if there isn't any other OS on the computer?07:36
Kaprenakisuse entire disk .. use entire disk and set up LVM .... use entire disk and set up encrypted LVM .... Manual set up07:36
cclausenPirate_Hunter: can you do an install to  a single partition on a single drive?07:36
Callum__Why doesn't it install GRUB to the installed drive, like EVERY other Ubuntu derivative?07:37
cclausenCallum__: that sounds reasonable to me and is what I prefer07:37
Pirate_Huntercclausen, nope normal ide connectors no controllers and by god I would expect to be able to pull of a single install of lucid or may something bad happen... I can install any version of ubuntu just not the setup I want, which is why I need to find out why07:38
Callum__cclausen: What if you take out the drive it installed to? Won't be able to boot the Ubuntu installation because its actually on another drive, and the bootloader is installed on the drive you took out >_>07:38
Callum__Basically, it installed the bootloader to the MBR of one of my RAID arrays (/dev/sda) when I need it installed onto a 40GB OS drive (/dev/sde)07:39
Pirate_HunterCallum__, you can do that manually however that is soemthing google will help you with or soemone with expertise in grub2 can help you with07:39
cclausenCallum__: that is already filed as a bug it seems07:39
Callum__I know how do install GRUB manually, but it's a really annoying problem >_> and now the server is refusing to boot, great07:39
cclausenCallum__: yep, I know.  this is why I stopped trying to run dual boot systems.  its not worth the hassle07:39
Callum__This ISN'T a dual-boot system, just Ubuntu Server 10.04 on it07:40
cclausenso why is it a problem to have grub on disk 0?07:40
Pirate_HunterCallum__, welcome to my world at least your problem is simple mine has no answer so far07:40
cclausenPirate_Hunter: what motherboard?07:40
Callum__because I want it to boot GRUB off the 80GB drive when its booting off one of my RAID arrays >_>07:41
Pirate_Huntercclausen, any reason why you asking about the mob?07:41
cclausenPirate_Hunter: yes, the release notes list some specific issues on asus boards07:41
cclausenCallum__: can you make that drive appear as drive 0 ?07:41
Callum__cclausen: no07:42
Callum__well, at least I think /dev/sda is one of my RAID arrays on this, it might be the other, backup, IDE drive I have in the machine07:42
Callum__either way, don't want to reinstall this crap again, took forever07:43
Pirate_Hunterits an old generation IBM Think Centre most if not all the components are intel exact mob type not sure but since it is open I can see IBM written on it07:43
KaprenakisDoing a install of Ubuntu 10.04 server, and was wondering for a file server/media server, with hopefully outside access. What option should i do for Partition disks?07:43
Kaprenakisuse entire disk...07:43
Kaprenakisuse entire disk and set up LVM ....07:43
Kaprenakisuse entire disk and set up encrypted LVM ....Manual set up07:43
cclausenPirate_Hunter: model?  I might have one of those I can test with actually...07:43
cclausenKaprenakis: we don't know enough about your setup to answer you.  in general I;d put data and the OS on two different partitions07:44
cclausenKaprenakis: I think lvm is just a world of pain and avoid it at all costs.  I would just create a reasonable / primary partition, a reasonable /data primary partition and a 500MB swap partition07:45
Pirate_Huntercclausen, IBM REV: 2.1 that is all I can see printed on the mob, lspci hasn't been of much help07:45
Callum__<cclausen> Callum__: that is already filed as a bug it seems - where?07:46
cclausenPirate_Hunter: can you install dmidecode and try and get more info from that?07:46
cclausenCallum__: bug 41499607:46
uvirtbotLaunchpad bug 414996 in grub2 "[karmic] grub re-writes boot sector on wrong drive on fresh install" [Critical,Confirmed] https://launchpad.net/bugs/41499607:46
Kaprenakiscclausen: ok thanks, ok so primary is for your everyday files.. /data primary partition is for system os files?07:46
Pirate_Huntercclausen, that may be true but it is easily achieved through the previous lts would not understand why the new lts can't do something simple like raid and lvm, I have always used it without a problem until today my opinion of Lucid is poor at this moment07:46
cclausenas far as I can tell, its not fixed in lucid either.07:47
cclausenPirate_Hunter: did you read the release notes?07:47
Pirate_Huntercclausen, parts of it, no not really07:48
Callum__maybe it refuses to boot because of the drive I installed it to, its caused me problems with booting before...07:48
Callum__I know that it installs to the wrong drive, but this refuses to boot at all07:48
Callum__"GRUB " then nothing07:48
cclausenPirate_Hunter: http://www.ubuntu.com/getubuntu/releasenotes/1004 read the part about "Partition alignment changes may break some systems"07:49
cclausenso might be bug 55196507:50
uvirtbotLaunchpad bug 551965 in partman-base "BIOS hang - Unable to boot after installation" [High,Fix released] https://launchpad.net/bugs/55196507:50
Callum__So, that bug 414996 has been open and left unfixed for months?07:50
uvirtbotLaunchpad bug 414996 in grub2 "[karmic] grub re-writes boot sector on wrong drive on fresh install" [Critical,Confirmed] https://launchpad.net/bugs/41499607:50
Callum__>_>07:51
cclausenI assume it isn't easy to fix07:51
Callum__doesn't sound hard to fix07:51
Pirate_Huntercclausen, IBM / product name: 8187D1G / serial n: KKFDB8P07:51
cclausenPirate_Hunter: ThinkCentre M50 8187-D1G07:53
cclausendo you know is that is an Intel ICH8 controller?07:53
Pirate_Huntercclausen, it should be everything else is by intel07:55
cclausenthat is the model that has the problem07:56
cclausen"If you find that you need to use the old cylinder alignment instead, then add the {{{partman/alignment=cylinder}}} boot parameter when starting the installer."07:56
Pirate_Hunterhuh it is? hmmm... where would I check the exact controler type and will try that on the server cd I add that to the boot options?07:58
cclausenlspci -vvv work?08:02
cclausenyeah, add that to the boot options I think will help.08:03
cclausenat least that is what people said in the bugReport08:03
Pirate_Hunterwill try my last attempt of lucid before going back to hardy which is rock solid, thanks for your help and patience, will attempt the same setup that In used to have on my server raid+lvm which is another issue in itself08:05
Pirate_Huntercclausen, before you go is the forward slash part of the actual command or I have to choose either of those?08:06
cclausenPirate_Hunter: I think the / is part of teh command08:17
cclausenI am not sure though08:17
cclausenI think it is an option that gets passwed to partman, so having the / makes sense08:18
Pirate_Hunterno problem will attempt and see, hopefully it will work, thanks for the help at least this might help better08:18
MTecknologycclausen: what was that link for clearing iptables?08:30
cclausenhttp://www.cyberciti.biz/tips/linux-iptables-how-to-flush-all-rules.html08:33
MTecknologycclausen: thanks. I can't bring my system up now..08:33
MTecknology:P08:34
MTecknologycclausen: just networking. I figure out howt o fix what was going on - rebooted, now no network - just wanted to go back over what I changed08:35
MTecknologycclausen: GAAAAAHH!09:02
MTecknologycclausen: we only screwed with iptables, right?09:03
cclausenMTecknology: and ufw09:03
cclausenbut in theory, yes09:04
cclausendid you really break something?09:04
MTecknologycclausen: iptables -F and ufw disable - should ignore anything we did....09:04
MTecknologyya... I can't get networking back to this system09:04
MTecknologyI have somebody else local09:04
cclausenstart simple09:05
cclausencan you ping your own ip09:06
cclausencan you ping the default gateway09:06
cclausenetc.09:06
MTecknologyno09:06
MTecknologyown ip will work - it's a static ip09:06
cclausenif you can't ping the default gateway, that is either an interface problem or a calbe problem09:09
MTecknologyit's config issue - I'm 99.999% sure09:09
jdstrandMTecknology: oh, I just thought of something before really going to bed09:15
* MTecknology thinks please be the answer....09:15
jdstrandMTecknology: you have dnsmasq enabled on boot-- is it possible that it is starting and giving out an invalid ip to your host? iirc, you shouldn't be using dnsmasq with bridging VMs (you'd have to check the Ubuntu wiki for libvirt/bridging configuration)09:16
MTecknologyjdstrand: that's the only system I have that uses it - I wonder how it got on there09:17
MTecknologyI'm too tired to search reverse deps - or- to remember how09:17
jdstrandMTecknology: test it by moving /etc/init/libvirt-bin.conf somewhere out of /etc/init09:18
MTecknologyah..09:18
jdstrandMTecknology: dnsmasq is pulled in by libvirt09:18
jdstrandMTecknology: by moving /etc/init/libvirt-bin.conf aside, libvirt won't start on boot, and it won't start up dnsmasq. I'm hoping that is your issue09:20
MTecknologyI'll try that...09:20
MTecknologyjdstrand: would mv /etc/init/libvirt-bin.conf /etc/init/libvirt-bin.conf.dis work?09:20
MTecknologyidk if upstart reads specific files or everything..09:21
jdstrandMTecknology: if that works, you'll have to setup libvirt with bridging using the wiki09:21
MTecknologyor... if I read what you said.....09:21
jdstrandMTecknology: I think it only read *.conf-- I am not 100% sure09:21
MTecknologyI'll just move it to /09:22
jdstrandMTecknology: for a quick test, that is reasonable09:22
Pirate_Hunterwaaaaaaaaaaaaaaaaaaah it works its alive lucid server works09:22
Pirate_Huntercclausen, thanks apparently it must have been the disk alignment09:23
MTecknologyjdstrand: rebooting to try it out09:23
jdstrandMTecknology: "if that works, you'll have to setup libvirt with bridging using the wiki" *and* put libvirt-bin.conf back in /etc/init09:23
cclausenPirate_Hunter: when all else fails, read the instructions09:23
MTecknologyjdstrand: I followed https://help.ubuntu.com/community/KVM/Networking09:24
MTecknologyjdstrand: and .... still nothing... I'm halfway considering just blowing away all configs on the thing and starting from scratch with just the old vm's - I'm completely at a loss.....09:25
jdstrandwell, it was an idea09:25
Pirate_Huntercclausen, :p, just wished I had chosen ext4 instead of ext3, but that is a minor issue09:26
MTecknologyjdstrand: ya, thanks :)09:26
jdstrandMTecknology: I'd recommend checking /var/log/kern.log and /var/log/syslog and /var/log/daemon.log for reasons as to why dhcp isn't working09:26
MTecknologyjdstrand: you have any other ideas at all?09:26
Pirate_Huntercclausen, that was driving me nuts for the past two days so it isn't anything to do with lvm as some of the bug reports, those should be corrected09:27
jdstrandMTecknology: you could use a static ip on the host instead of dhcp temporarily09:27
jdstrandMTecknology: then see if it can ping your gateway, etc09:27
MTecknologyI'e been doing that09:27
MTecknologyit's static 192.168.1.409:27
MTecknologybr0 is static09:27
MTecknologytried dhclient eth0 and br0; nothing09:27
MTecknologyreconfigured a lot of packages, nothing09:28
cclausenMTecknology: check dmesg for errors?09:28
MTecknologysm-mtp[1396]: gethostbyaddr(192.168.1.4) failed: 209:28
jpdssudo mii-tool09:28
MTecknologydoes that look interesting?09:28
cclausenI had mii-diag uninstalled when I upgraded to lucid.... or is mii-tool not  the same thing?09:29
Pirate_Hunterwell of to sleep my brain is drained and im happy see yah folks09:29
MTecknologysm-mtp - that doesn't matter, does it?09:30
joschi<rant>the guys that came up with the syntax for partman-auto in preseed files should really be forced to actually use it... argh!</rant>09:30
MTecknologyjpds: I'm going to have him try it with the expectationthat you know I have low expectations, high hopes, and currently a giganticaly crushed soul09:31
cclausenjoschi: the alternative is no options at all in preseed files, so I'd not say that too loudly...09:31
joschicclausen: I'm somehow spoiled by setup-storage from FAI ;)09:32
cclausenjoschi: yeah, ditto that09:33
joschicurrently I'm primarily using FAI only for partitioning the machines and thought I could try it with only preseed files. well, it works but it was a pain to setup the partitioning :(09:33
cclausenwell, you only need to setup it up once09:33
MTecknology$mii-tool  eth0: no link    $mii-tool br0  SIOCGMIIPHY on 'br0' failed: Operation not supported09:33
MTecknologyjpds: no idea what that means - but it sounds bad09:34
joschicclausen: yes, but that doesn't make the pain go away ;)09:34
cclausenMTecknology: /etc/init.d/networking restart and see if that helps09:34
cclausenjoschi: I wish there was a do-release-upgrade for preseed files and other FAI stuff...09:35
MTecknologyjoschi: my pain never goes away09:35
MTecknologyjoschi: I live in a tub of deep despair09:35
MTecknologycclausen: nothing - no errors or anything09:35
joschicclausen: hm, maybe through FAI softupdates? didn't look into them any further, though09:36
cclausenjoschi: oh, hmm...09:36
MTecknologycclausen: any other ideas?09:36
MTecknologycclausen: if this doesn't work I'm just going to blow apart this system and start anew09:36
cclausenMTecknology: down all interfaces expect your real one and get it to work again09:36
MTecknologytried that09:37
cclausenhmm...09:37
cclausenreboot one last time and pray :-)09:37
MTecknologylol09:37
MTecknologyole #~2009:37
MTecknologyor 3009:37
MTecknologyI fought this puppy long and hard. I think it's time to just let'r go09:38
cclausenhmm.. did you try booting up in single user mode?09:39
cclausenor "recovery mode" as listed in grub09:39
cclausenoh well, I need to go home.  its so late its early here..09:39
MTecknologyya09:40
MTecknologycclausen: alrighty, thanks for the help09:40
MTecknologyat this point, i'd have spent less time starting from scratch :P09:40
MTecknology!iso09:53
ubottuTo mount an ISO disc image, type « sudo mount -o loop <ISO-filename> <mountpoint> » - There is a list of useful cd image conversion tools at http://wiki.linuxquestions.org/wiki/CD_Image_Conversion - Always verify the ISO using !MD5 before !burning.09:53
cjs!gpt10:20
cjsDoes that mean, "Don't even think about talking about it"? :-)10:21
uvirtbotNew bug: #573542 in openssh (main) "package openssh-server 1:5.3p1-3ubuntu3 failed to install/upgrade: subprocess installed post-installation script returned error exit status 2" [Undecided,New] https://launchpad.net/bugs/57354210:26
uvirtbotNew bug: #573391 in net-snmp (main) "package snmpd failed to upgrade: userdel: user snmp is currently logged in" [Undecided,New] https://launchpad.net/bugs/57339110:31
=== Barre_ is now known as Barre
uvirtbotNew bug: #573591 in php5 (main) "Uploads greater than 64 kilobytes corrupted under PHP 5.3.2" [Undecided,New] https://launchpad.net/bugs/57359112:01
TJ^hi guys12:04
TJ^trying to setup pptp server12:05
TJ^GRE read is failing12:05
TJ^http://pastebin.com/QpNXrGaT12:05
TJ^tried everything!12:05
joschihi, when using partman-auto with an "expert recipe" in a preseed file it always seems to generate a faulty partition table. installation eventually works and the system boots, but cfdisk and fdisk say the partition table (esp. the first partition) is incorrect13:53
joschiI used the example from https://help.ubuntu.com/9.10/installation-guide/example-preseed.txt to verify it and it also results in a faulty partition table13:54
joschihas anyone else the same problem?13:54
joschiI couldn't find a bug report for this issue13:54
uvirtbotNew bug: #573657 in irqbalance (main) "irqbalance enabled unconditionally, can't be disabled via debconf" [Undecided,New] https://launchpad.net/bugs/57365714:26
=== dendro-afk is now known as dendrobates
kim0Hi folks, I want install ubuntu-server, and point the installation CD at an automatic preseed file. Must I use the alternate-DVD ? or can I use the normal server DVD ?15:04
jnsswhy's 64bit downloads defaulted15:47
TJ^cos most servers these days are 64bit15:49
=== dendrobates is now known as dendro-afk
=== dendro-afk is now known as dendrobates
=== dendrobates is now known as dendro-afk
FFF666hi, I've installed UEC following the guide in the page. I can run images and login it via ssh, but if I terminate the instance and run it again(it has the same ip), when I tried to login it via ssh appears this problem16:49
FFF666@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@16:49
FFF666@ WARNING: REMOTE HOST IDENTIFICATION HAS CHANGED! @16:49
FFF666@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@16:49
FFF666IT IS POSSIBLE THAT SOMEONE IS DOING SOMETHING NASTY!16:49
FFF666Someone could be eavesdropping on you right now (man-in-the-middle attack)!16:49
FFF666It is also possible that the RSA host key has just been changed.16:49
FFF666The fingerprint for the RSA key sent by the remote host is16:49
FFF66672:bb:6d:43:96:1f:e9:7e:da:bf:de:a3:53:b3:fe:e2.16:49
FFF666Please contact your system administrator.16:49
FFF666Add correct host key in /root/.ssh/known_hosts to get rid of this message.16:49
FFF666Offending key in /root/.ssh/known_hosts:216:49
FFF666RSA host key for has changed and you have requested strict checking.16:49
FFF666Host key verification failed.16:49
FFF666any ideas?16:50
=== dendro-afk is now known as dendrobates
KaprenakiI'm doing a clean install of ubuntu 10.04... what % should be primany.... what % should be primary data.... what % should be swap...16:53
hggdhFFF666: first of all, please do not dump lines here; use pastebin16:53
hggdhFFF666: second, each instance you run will have a *NEW* and, consequently, most certainly different SSH key16:54
FFF666new ssh key?, so what I have to do before ssh it?16:54
hggdhFFF666: so. I am assuming you are just doing ' ssh ubuntu@1.2.3.4' . This, by default, will save the public key of 1.2.3.4 in your ~ /.ssh/known_hosts16:55
hggdhFFF666: if the instances are really ephemeral, you should either not save the public keys, or delete them after use16:56
FFF666ahhh16:56
PiciYou could disable strict host key checking as well, but that may open you to other issues.16:57
FFF666what kind of issues?, I'm a student testeng cloud computing16:57
FFF666what kind off issues?, how can I do that?16:58
hggdhyou can do both on the call to SSH: ssh -o UserKnownHostFile=/dev/null -o StrictHostKeyChecking=no16:58
hggdhFFF666: a real MITM attack...16:58
Piciaye.16:58
FFF666I dont care, this is for a college work16:58
FFF666I have another question.16:59
hggdhFFF666: 'I dont care' is usually a bad answer in a test ;-)16:59
FFF666haha, yes it will carry problems17:00
FFF666other17:00
FFF666I want to know how can I do to save the changes that I make to the image. For example, I run an ubuntu image and I install the mysql server, but if I turn off the image and run it again that mysql won't be there.17:00
hggdhyeah, good one, but I have not gotten that far in Euca/uec yet ;-)17:03
hggdhthis would be a rebundling17:04
FFF666ahh17:05
=== dendrobates is now known as dendro-afk
FFF666I want to know how can I do to save the changes that I make to the image. For example, I run an ubuntu image and I install the mysql server, but if I turn off the image and run it again that mysql won't be there.17:31
=== dendro-afk is now known as dendrobates
KaprenakiAre swap partitions a primary or logical partition?17:45
hggdheither, plust LVM17:49
Pirate_Hunterjust bonded my interfaces and transferring large files, however I notice on my router only one of the server cards are is active yet iftop tells me transfer speed is at 40MB, how do I test whether both cards are actually working as lacp?17:51
uvirtbotNew bug: #573815 in pptpd (main) "package pptpd 1.3.4-2.1ubuntu1.9.04.2 failed to install/upgrade:" [Undecided,New] https://launchpad.net/bugs/57381518:01
=== dendrobates is now known as dendro-afk
MTecknologyjdstrand: hey, you around?18:12
jamesturkis anyone running 10.04 on EC2 and seeing high load before their server is even doing anything?18:15
jamesturktried searching and asking around before, but so far no luck and few leads18:16
MTecknologyWell.. I got my landscape account. yay- now to wait for my 60day trial to be approved.18:20
cjsjamesturk: How long does that high load last? If it's only for a minute or three, perhaps just startup costs?18:22
jamesturkcjs:  17:23:08 up 1 day, 19:06,  2 users,  load average: 0.74, 0.74, 0.5518:23
jamesturkall that I have done on that server is install postgres (no databases are even created as of yet)18:23
cjsjamesturk: Hmmm. That is a little high, though not huge.18:24
cjsWhat does top or htop tell you?18:24
jamesturkmy 9.10 and 9.04 servers idle at 0.02 (and some of those are active)18:24
jamesturktop shows Cpu(s):  0.0%us,  0.0%sy,  0.0%ni,100.0%id,  0.0%wa,  0.0%hi,  0.0%si,  0.0%st18:24
jamesturkand next to no memory used and no swap touched18:25
cjsOk, so no CPU. What are those processes waiting on, then? Next: iostat.18:26
jamesturkavg-cpu:  %user   %nice %system %iowait  %steal   %idle18:26
jamesturk           0.00    0.00    0.00    0.01    0.00   99.9818:26
cjsBTW, do you know what that load average means?18:26
storrgieCan somebody help me bring up another network interface on my server? I have two nics, both of them connected... but the second one wont come online.18:27
cjsjamesturk: That is, typically, the number of processes waiting to run, but which cannot because there are no resources available. Clearly, the resource that's not available is not CPU.18:28
cjsSo that's why I asked about iostat: you want to know what your disks are doing. (That's another common resource that starves processes.)18:29
jamesturkcjs: yes but if I'm reading iostat correctly tough 99.98% in the idle state18:30
jamesturkthough*18:30
cjsjamesturk: That's CPU, not disk.18:30
jamesturkah18:30
jamesturkjust a second18:30
jamesturkDevice:            tps   Blk_read/s   Blk_wrtn/s   Blk_read   Blk_wrtn18:30
jamesturksda1              0.19         1.97         1.36     305458     21204818:30
jamesturksdb               0.00         0.00         0.00        762         8018:30
cjsTry "iostat 5" and wait for an update or two (the first won't tell you anything)....18:31
jamesturkafter the first read all numbers are 018:31
jamesturkon sda1 and sdab18:31
cjsTry iostat -m 5, and see what your MB read/written is after the first display.18:31
cjsHm. That would mean no disk I/O.18:31
cjs(The first display is since boot, averaged over time since boot.)18:32
jamesturkI also have EC2 monitoring and looking at my graph over the last day is literally a flat line on disk I/o, cpu utilization, network I/o18:32
cjsHmmm!18:32
cjsAnd is anything slow?18:33
cjsI wouldn't like to say "ignore that load average number," but if your CPU, disk and network are all fine, I suppose it could be an artifact of VM stuff.18:34
jamesturknot that we've noticed. I started up this server to experiment with because we'd like to move our 9.04 machines to 10.04 -- I haven't actually gotten around to using them, in part because we noticed the load average anomaly18:35
cjsAs I said, that number is supposed to be how many processes are ready to run and are yet blocked because there's a resource they're waiting on (e.g., CPU time to run, disk I/O to complete, network I/O to complete....)...18:35
cjsWell, EC3 is all VMs, so it could be they're waiting for other stuff on the "real" server that's really not affecting you. I suggesting bringing up a typical server and trying to subject it to a typical load (real or test) and see if it makes any difference.18:36
cjsSorry, "EC2." I get ahead of myself sometimes. :-)18:37
cjsAnyway, I guess my lesson here is that, "the load average number can lie." Especially these days.18:38
jamesturkmy coworker and I were close to the same conclusion, probably what we'll wind up doing Monday.  seems like something must have changed between 9.10 and 10.04 to cause the calculation to take into account activity outside the vm though as we've never seen an issue like this on any of our others18:38
jamesturkwe'll just have to adjust our monitoring accordingly (usually sustained load like this would set off a minor alarm)18:38
cjsjamesturk: Well, good. Remember, it is a number that may have information for you, but is not to be confused with what actually happens.18:39
cjsjamesturk: What sort of app do you run?18:39
cjsWeb-based?18:39
jamesturkyes, we run nginx and postgres18:40
cjsAnyway, see if you can't find a more direct way to test. E.g., a page that forces a DB query.18:40
cjsAnd then look at the response time on that.18:40
cjsAh, with postgres you may want to try to force a write on something that may have some contention. Reads should always be pretty darn fast, unless you have an absolutely enormous DB.18:41
cjsWell, anyway, the point is, test something as close as you can get to what the user sees, and alert on that.18:42
jamesturkcjs: sound advice for sure18:43
cjsI need to run. Hope I helped!18:43
uvirtbotNew bug: #573839 in squid (main) "Local Squid quits working on interface change" [Undecided,New] https://launchpad.net/bugs/57383918:46
jamesturkcjs: thanks, you definitely did18:48
MTecknologyCould somebody do me a favor? Just tell me if you can open staging.profarius.com ?18:52
jnsswhy is the 64bit recommended over the 32bit one18:54
jnssreally18:54
jnssi need a netinstall18:56
jnssis that doable?18:56
philgarrMTecknology: yes18:56
JanCjnss: taht are 2 seemingly unrelated questions18:56
jnssboth can be answered18:57
JanCif you want to do a netinstall: https://help.ubuntu.com/community/Installation/MinimalCD18:57
JanCwell, there are other netinstall images in the same directories as those minimal isos18:58
jnssthanks19:00
jnssthat may help em a lot19:00
Pirate_Hunterjust bonded my interfaces and transferring large files, however I notice on my router only one of the server cards are is active yet iftop tells me transfer speed is at 40MB, how do I go about testing if both cards are actually working at the same time under mode=4?19:05
philgarrwhat is the cleanest way to remove the "helpful" tasksel motd?  just remove 51_update-motd?19:10
philgarrnevermind, just had to read the manpage for update-motd; answer:yes19:13
ShadowTalehi folks19:13
ShadowTaleok, so i've installed ubuntu server. it's hooked up to the internet. How do I get it to connect to the internet so that "ping google.com" works19:14
ShadowTale'ello?19:24
IanFHoodI did: mount /dev/sdf /mnt but when I try to unmount /mnt I get command not found.. so how/where do I get 'unmount' ??19:43
IanFHoodusing 8.0419:43
stgraberIanFHood: umount19:45
IanFHoodstgraber: omg.. too easy.. thanks!!19:45
stgrabernp19:46
KaprenakisI have a 20gb hard drive. How should i split it up? Primary partition, Primary data partition and swap partition. How many gbs for each?20:27
KaprenakisIm using a old computer and installing ubuntu 10.04 for a file server + media streming20:27
RoyKKaprenakis: usually a single partition will work well, but it might be a good idea to use 1-2GB for the root in case the data volume fills up20:28
RoyKyou don't want to end up with a full root partition20:29
KaprenakisRoyK: So make 3 partitions one for the data and then make another (Primary?) partition for the root20:34
Kaprenakisand then a swap of like 1gb20:34
KaprenakisRoyK: Is swap a primary or logical partition?20:35
uvirtbotNew bug: #573919 in autofs (main) "autofs doesn't work with lucid" [Undecided,New] https://launchpad.net/bugs/57391920:35
RoyKKaprenakis: doesn't really matter if swap is on a primary or logical partition20:37
KaprenakisRoyK: which one would you perfer?20:37
RoyKdoesn't matter20:37
RoyKthe reason for using logical partitions is if you want >4 partitions20:38
RoyKnothing else20:38
RoyKalso, if you're only serving files with the system, you won't need much swap20:38
RoyKprobably nothing, but half a gig will probably suffer20:38
RoyKeven if you set vm.swappiness = 100, linux won't use much of it if processes don't allocate a lot20:39
KaprenakisRoyK: Alright Thanks. One more question.20:41
KaprenakisRoyK: after i make the 3 partitions do i select the 2gb root partition for the install?20:42
nealmcbKaprenakis: if you'll be installing many packages, you want room for them and for major upgrades20:42
RoyKin the installer, select mount point /20:42
RoyKfor the root partition20:42
RoyKnealmcb: a NAS setup doesn't need a lot of stuff - two gigs should suffice20:43
nealmcbthe reason I usually have multiple partitions is to have two system partitions (one for when I install another release etc) and one bigger data one for /srv or /honem20:43
nealmcbahh - I didn't hear the NAS part :)20:44
RoyKnealmcb: [21:27]  <Kaprenakis> Im using a old computer and installing ubuntu 10.04 for a file server + media streming20:44
RoyK20 gigs for media will probably suffice for like three DVDs :)20:44
Kaprenakisok this is very temporary i just want to mess around with this stuff20:45
Kaprenakisi know it will mainly be .mp3s and i have about 15GB that I want to access20:45
RoyKok20:46
Kaprenakisshould root be at the beginning of the available space?20:46
RoyKmostly it doesn't matter, but the outer rim of the drive, that is, the beginning, is about twice as fast as the inner part20:46
RoyKso place the swap in the outer area20:47
RoyKthe root isn't much used during normal operation except for logs anyway20:47
RoyKso it hardly matters where it is20:48
Kaprenakisok the use of the partitions: swap is going to be swap area. root should be EXt4 hournaling file system?20:49
KaprenakisI got way to many questions...20:51
CaptainTrekRE: apache.20:52
CaptainTrekhow can I set my username to be able to write to /var/www?20:52
CaptainTreki hear it needs sudo20:52
CaptainTrekanyone?20:53
nealmcbCaptainTrek: see e.g. comment 10: http://ubuntuforums.org/showpost.php?p=2045715&postcount=1020:59
CaptainTrekbut is that safe?20:59
CaptainTrekguntbert in #ubuntu says not20:59
nealmcbbut note there are many issues with security and permissions to consider as noted in the link at the last comment20:59
nealmcbit all depends on exactly what you intend to do, what dynamic apps are running etc21:00
CaptainTreki'm just wanting it to run so I can put my html pages into there without sudo21:00
CaptainTrekits a friggin pain xD21:00
nealmcbif you don't have dynamic apps, then the chmod option isn't a bad option21:02
nealmcb(and chown)21:02
RoyKKaprenakis: doesn't really matter what filesystem you use - ext3 is rock stable, ext4 is better for large volumes, xfs or jfs are also good21:02
guntbertCaptainTrek: you know I'm just of the old school in this regard - and I was thinking several users  :-)21:04
CaptainTrekheh indeed21:04
CaptainTrekregardless, if I'm just hosting normal HTML pages, would there be any risk in changing ownership of /var/www?21:05
CaptainTrekand how could I switch it back to root if I have to?21:05
nealmcbchange username to "root"21:05
billybigriggeranyone know where the 10.04 server guide is hiding?21:05
CaptainTreknealmcb: would there be any risks by switching /var/www ownership to my user then?21:06
carolijahi21:06
guntbertbillybigrigger: not out yet ?21:06
billybigriggerguntbert, can't find it21:07
nealmcbCaptainTrek: that's what I suggested, if it is just static content21:07
RoyKbillybigrigger: the 8.04 guide will probably be good enough21:07
billybigriggeryou'd think the server guide would be released with lucid21:07
guntbertbillybigrigger: neither can I - it was an assumption not a question :-)21:07
CaptainTreknealmcb: didnt get it, lost net connectivity srry21:07
nealmcbCaptainTrek: see e.g. comment 10: http://ubuntuforums.org/showpost.php?p=2045715&postcount=1021:08
nealmcbbillybigrigger: apt-get install ubuntu-serverguide21:09
CaptainTreknealmcb: if I chmod the thing to have +r -w permissions, only root will be able to write to /var/www, right?21:11
ujjainUbuntu keeps asking for password after Ubuntu upgrade, despite me giving the right username/password in GNOME login window.21:24
scarhas anyone been able to change the console resolution in 10.04?  i tried adding GRUB_GFXMODE=1024x768 to /etc/default/grub and running 'sudo update-grub' but that only seems to be adjusting grub's resolution but not the console21:27
ujjainUbuntu keeps asking for password after Ubuntu upgrade, despite me giving the right username/password in GNOME login window.  NOTHING happens when I try to log in...21:32
scarujjain, can you reboot into recovery mode and drop to a root shell? then change the password?21:35
Kaprenakisshould i be encrypting my home directory if im going to be accessing my server outsite of my local network21:35
scarKaprenakis, the encryption is good if someone steals your server21:45
KaprenakisScar: thats the only reason to use it?22:14
cclausenKaprenakis: why do you think you need in the first place?22:15
cclausenKaprenakis: I suspect it will just cause problems if you need to try and recover data later on in case of a filesystem or hard drive problem22:15
scarKaprenakis, also if someone hacks into the server and you're not logged in, then it may help22:15
cclausenif someone hacks into the server, they can just install a keylogger and wait for you to login22:16
Kaprenakiscclausen: alrighty thanks youve been too much of a help. :P22:17
Kaprenakiscclausen: what do you do for a living?22:17
cclausenKaprenakis: https://wiki.cites.uiuc.edu/wiki/display/~cclausen/Resume22:18
Kaprenakiscclausen: wow thats pretty good.22:20
Kaprenakiscclausen: I've really looked into going to school for network specialist, or some kind of network security not sure yet.. I'm a senior in HS.22:20
cclausenwell, most of the networking classes here are kind of lame22:21
cclausenunfortunately networking and security really needs to be learned on the job22:22
Kaprenakisyeah so what would be a good area to go for if i want to eventually over time transition into that kind of job.22:22
cclausenthings like SANS training can help, but there is no better way than actual problems22:22
cclausenI'd start at an IT help desk22:22
cclausenand work on learning things and try and learn on your own22:23
cclausenyou can read through course materials like: http://www.cs.uiuc.edu/class/sp10/cs438/lectures.html22:24
Kaprenakisyeah everything that ive learned is all by googleing my questions and searching everything that i come across while doing server setups.22:24
cclausenyeah, me too22:25
cclausenI've just been doing in longer22:25
dominicdinada!download23:05
ubottuUbuntu installation CDs can be downloaded from http://releases.ubuntu.com - Mirrors can be found at http://wiki.ubuntu.com/Mirrors - PLEASE use the !torrents to download !Lucid, and help keeping the servers' load low!23:05
dominicdinadaHow to install server from an iso without burning it ? and no not on a thumb either. How can I mount the image to run it   ?23:13
cclausendominicdinada: what are you installing onto?23:13
cclausenyou can do a network install if you can PXE boot23:14
dominicdinadaOk someone told me to gpart the drive and use usb startup creater and write the live cd to the disk then boot into the installer23:17
cclausenI suspose you could23:17
cclausenwhy though?23:17
cclausenno blank CDs around?23:17
dominicdinadaBecause           A the server it is going into has no dvd drive   B cant wipe my thumbs as 1 is broken other is full of 3.9 gigs secure back up, C the PC is in pieces at the moment23:18
cclausenI see23:19
cclausendominicdinada: what is the server running now?  you can upgrade from a previous ubuntu version23:19
dominicdinadaThere is no server now. I have an old PC that I gutted and throwing in 2 TB worth of hard drives.... The hard drive in question is a WD onetouch 750 that the housing broke so the drive was yanked so no OS23:20
dominicdinadaNow it is in another external enclosure and gonna get a file system on there23:21
cclausenwhat are you typing this off of?23:21
cclausenyou coudl try the netboot install23:21
cclausendownload http://archive.ubuntu.com/ubuntu/dists/lucid/main/installer-amd64/current/images/netboot/  into your tftpboot space on another linux system on the same subnet23:22
cclausenerr, oops, just get the netboot.tar.gz file23:22
dominicdinadaSame for 32bit i take it just the i386 correct23:23
cclausenyeah, pretty much23:23
cclausenserver not new enough to support 64-bit ?23:23
dominicdinadaok23:23
cclausendominicdinada: do you have the ability to run your own DHCP and TFTP service briefly?23:24
dominicdinadaThe "Server" is just for home use it is a dell 4600c that I ripped out the mb and stuff because i got 4 HD's here and the slim doesnt allow any more drives23:24
cclausenyou can't just run them in all setups23:24
dominicdinadaYes... I can do it from my router an automatically assign the ips...23:24
cclausenyeah, I have many users with Dimenions still... that lack of actual drive space is annoying...23:24
cclausencan you set a next-server parameter from your router?23:25
cclausen(its a DHCP option)23:25
dominicdinadaWell like i said I got around 2 TB of drives literally sitting in my room just chillin and well... gonna throw the 4600c mb into an old Box with all the drives... IT doesnt help that i broke my keyboard also haha23:25
cclausenhmm... no keyboard is a problem23:26
dominicdinadaI believe so I have seen it before23:26
cclausensome of the basic tftp and dhcp stuff is at: http://www.debian-administration.org/articles/47823:26
cclausenactually, I guess I should do this too23:26
cclausenwould make lucid installs go quicker...23:27
dominicdinadaI got one I can steal briefly but eventually it the server will act as a File Server, Test Webserver, Wireless Access point extender, etc... With Remote Desktop23:27
cclausencool23:27
dominicdinadaI guess23:27
KaprenakisFor a File/media streaming server what should i install? Samba file server for the files.23:28
dominicdinadaIf i get sick of it 2 years ago I got every version of Winblows Free from school :D23:28
Kaprenakiswhat is a LAMP server?23:28
dominicdinadaLinux Apache Mysql PHP23:29
cclausenKaprenakis: http://en.wikipedia.org/wiki/LAMP_(software_bundle)23:29
KaprenakisIs a openSSH server is so you can acess your server using putty for example?23:29
cclausenKaprenakis: yes, putty connects to an openssh server23:29
Kaprenakisdoes filezilla use openssh?23:30
cclausenfilezilla can use ssh/sftp, yes23:30
cclausenit is also an (SSL) FTP client23:31
Kaprenakiscclausen: ok thanks again!23:31
cclausennote that SFTP through ssh and SSL FTP are not the same thing even though I've seen both called SFTP23:31
Kaprenakisok lets say for example i want to add .mp3s to my server using filezilla what would i need to do in order for that to happen?23:32
cclausenKaprenakis: just openssh-server on teh server side23:34
cclausenand disk space to place them in of course23:34
dominicdinadaBlah23:35
dominicdinadaHow to Gpart the drive Management flag issue ?? Select all flags?23:37
cclausenI'm not sure what you mean23:38
Kaprenakisccleausen: ok tys23:39
Kaprenakisis it wise to install the GRUB boot loader to the master boot record?23:39
cclausenKaprenakis: you probably want to if you are only running one OS on the system23:40

Generated by irclog2html.py 2.7 by Marius Gedminas - find it at mg.pov.lt!