maddhat | cclausen: yes, pfsense is BSD based as cain stated. ive tried etherwake from an ubuntu peer though. and yes, WOL is enabled in BIOS | 00:01 |
---|---|---|
maddhat | cclausen:ii have other machines working with WOL on the subnet so i know that my tools are working correctly.. jsut not the destination machine. | 00:02 |
reckoner | can i get support here for ec2? | 00:17 |
erichammond | reckoner: Go ahead and ask your question | 00:20 |
=== dendro-afk is now known as dendrobates | ||
RoAkSoAx | mathiaz, in server-maverick-uds-cloud-loadbalancing means to set up lighttpd/nginx/apache as loadbalancers/proxys or to have loadbalancing for those services? | 00:38 |
mathiaz | RoAkSoAx: how to use lighty/nginx/apache as load balancers | 00:39 |
RoAkSoAx | mathiaz, ok. Why not IPVS? | 00:39 |
mathiaz | RoAkSoAx: the use case is that you have apps servers running into the cloud and need to distribute http request among them | 00:39 |
mathiaz | RoAkSoAx: that's another option | 00:40 |
mathiaz | RoAkSoAx: you're welcome to add more options to the Blueprint | 00:40 |
RoAkSoAx | mathiaz, will do :) | 00:40 |
mathiaz | RoAkSoAx: as we'll be discussing what's the best option | 00:40 |
RoAkSoAx | mathiaz, i was planing to talk about that (loadbalancinhg for web apps in the cloud) in the cluster-stack session | 00:41 |
mathiaz | RoAkSoAx: seems like there is a dedicated session to load balancing | 00:41 |
mathiaz | RoAkSoAx: make sure you attend the session as well :) | 00:41 |
RoAkSoAx | mathiaz, I will for sure, and I guess that what I planned to talk at the cluster stack session will fit better in the load balancing session :) | 00:42 |
=== dendrobates is now known as dendro-afk | ||
mathiaz | jiboumans: https://blueprints.launchpad.net/ubuntu/+spec/server-maverick-aws-client-libraries | 00:59 |
mathiaz | jiboumans: ^^ AWS client library seemed to be missing from the roadmap | 00:59 |
mathiaz | jiboumans: I've just creating a blueprint for it | 01:00 |
jiboumans | mathiaz: very good | 01:00 |
jiboumans | the mail-stack and cluster-stack ones that carried over from last cycle aren't showing up either | 01:01 |
jiboumans | jcastro's looking into that | 01:01 |
smoser | mathiaz, that was already present | 01:03 |
smoser | https://blueprints.launchpad.net/ubuntu/+spec/server-maverick-cloud-libs | 01:03 |
mathiaz | smoser: hm - ok - I hadn't found it | 01:04 |
mathiaz | smoser: I'll update my blueprint then | 01:04 |
smoser | it was linked off https://wiki.ubuntu.com/ServerTeam/MaverickIdeaPool | 01:04 |
smoser | :) | 01:04 |
smoser | where did you look ? | 01:04 |
mathiaz | smoser: https://blueprints.launchpad.net/~jib/+specs?searchtext=server-maverick&role=approver | 01:04 |
smoser | ah... | 01:05 |
smoser | i called it 'cloud-libs' | 01:05 |
smoser | so it didn't have aws in the blueprint name | 01:05 |
jiboumans | smoser, mathiaz: the summit system doesn't actually show me what i have scheduled and not and what fell through the cracks | 01:05 |
jiboumans | so please be vigilant | 01:05 |
smoser | hggdh, still around ? | 01:06 |
Daviey | jiboumans: If summit isn't doing what you want/expect, you can raise a bug :) | 01:06 |
smoser | i think that cloud install needs a full kick | 01:07 |
jiboumans | Daviey: can i have it fixed before tomorrow? ;) | 01:07 |
smoser | i can't even run an instance now | 01:07 |
Daviey | jiboumans: well tommorrow for me is the 5th.. so perhaps :) | 01:07 |
jiboumans | Daviey: heh | 01:07 |
mathiaz | Daviey: o/ | 01:07 |
Daviey | mathiaz: \o | 01:08 |
jiboumans | Daviey: amidst my massive multi-tasking; specs that were in previous sprints don't show up. specs have to be manually assigned to the server track, it says 'oops' a whole damn lot, tracks with spaces in the name don't work and i can't see what fell between the cracks (items that are uds-m' but not scheduled to a track, or in LP, but didnt make it to summit) | 01:09 |
Daviey | jiboumans: last time i had an oops, i seem to remember some colourful language in the error box :) | 01:10 |
jiboumans | Daviey: this is when dragging/dropping in the organizing window | 01:10 |
jiboumans | it says 'oops' and then loads the lp blueprint page of the thing youw ere moving | 01:10 |
jiboumans | not useful :) | 01:10 |
Daviey | jiboumans: Is this for blueprints that were defered from a previous UDS? | 01:11 |
jiboumans | Daviey: simply not completed | 01:11 |
jiboumans | renamed to server-maverick-* | 01:11 |
Daviey | ^^ sorry, for the missing specs | 01:11 |
uvirtbot | Daviey: Error: "^" is not a valid command. | 01:11 |
jiboumans | Daviey: https://blueprints.edge.launchpad.net/ubuntu/+spec/server-maverick-cluster-stack | 01:11 |
jiboumans | for example. i 'declined' it for uds-l now on jcastro's suggestion | 01:11 |
jiboumans | but it doesn't seem to make it show up (yet) | 01:11 |
jiboumans | made the change about an hour ago | 01:12 |
* Daviey looks | 01:12 | |
jiboumans | mathiaz, smoser: do we now have a duplicate session for cloud-libs/aws or do we need both? please check summit.ubuntu.com | 01:13 |
smoser | do not need both | 01:13 |
Daviey | hmm, certainly not imported.. server-lucid-cluster-stack is only in summit for uds-l | 01:13 |
smoser | page does not exist ? | 01:14 |
smoser | did we already go over that ? | 01:14 |
mathiaz | jiboumans: server-maverick-aws-client-libraries is a duplicate BP | 01:16 |
mathiaz | jiboumans: I've removed you as the approver | 01:16 |
mathiaz | jiboumans: but cannot decline it from the uds-m sprint | 01:16 |
jiboumans | mathiaz: i think i already hit accept. not sure how to unaccept | 01:16 |
mathiaz | jiboumans: yeah - there may be a link to decline the BP afterward - I don't know :/ | 01:17 |
jiboumans | Daviey: ^ suggestions? :) | 01:17 |
jiboumans | or just remove the 'uds-m' from the blueprint itself? | 01:17 |
Daviey | jiboumans: no idea of the LP side i'mafraid | 01:17 |
mathiaz | jiboumans: right - declining a BP for a sprint is done in LP | 01:17 |
Daviey | jiboumans: LP API and summit, i can help with.. | 01:17 |
jiboumans | mathiaz: mark it superseded with smoser's spec please? that way it doesn't show up as 'dangling' | 01:18 |
mathiaz | jiboumans: have you tried to make a BP superseeded in LP? | 01:19 |
jiboumans | mathiaz: i have not | 01:19 |
mathiaz | jiboumans: it's pretty much impossible | 01:19 |
mathiaz | jiboumans: the UI isn't working well | 01:19 |
mathiaz | jiboumans: done | 01:21 |
jiboumans | thank you | 01:21 |
jiboumans | cloud-libs isn't in the summit system either | 01:22 |
jiboumans | smoser: propose it for uds-m please? | 01:23 |
smoser | done | 01:24 |
jiboumans | ta | 01:24 |
smoser | and i verified the others that i wrote are | 01:24 |
smoser | but i'm out now | 01:25 |
=== dendro-afk is now known as dendrobates | ||
zain | hi there. I'm running ubuntu 10.4 server, and for some reason, nothing in /etc/hosts is being picked up. I add something there and ping says "unknown host" when i try to ping it. ideas? | 01:43 |
zain | i've tried restarting /etc/init.d/networking, no good. | 01:43 |
bc | anyone have any experience getting ubutnu server to install as a guest under Xen? | 01:44 |
MTecknology | Is there anything I can use to keep track of my servers as far as their uptime and heartbeats and such? | 01:47 |
MTecknology | landscape look snice but the cost is way out of the question | 01:47 |
MTecknology | $150/node/year * 25 nodes... | 01:47 |
erichammond | Thanks to the Ubuntu Server Team for the great work on Lucid. The day after it was released a group of friends used it to build a prototype of http://CrowdPhoto.com which we launched over the weekend (running on EC2): http://alestic.com/2010/05/crowdphoto-net | 01:53 |
=== dendrobates is now known as dendro-afk | ||
uvirtbot | New bug: #574867 in samba (main) "package samba-common-bin 2:3.4.7~dfsg-1ubuntu3 failed to install/upgrade: subprocess installed post-installation script returned error exit status 2" [Undecided,New] https://launchpad.net/bugs/574867 | 02:06 |
=== TheOracle is now known as KB1JWQ | ||
zul | jiboumans: server-maverick-addtional-stacks didnt make it? | 02:37 |
zul | jiboumans: its the vscan zafara etc spec | 02:39 |
zul | jiboumans: sorry didnt read the email | 02:55 |
imjess | Hello...? | 03:03 |
lifeless | !ask | 03:03 |
ubottu | Please don't ask to ask a question, simply ask the question (all on ONE line and in the channel, so that others can read and follow it easily). If anyone knows the answer they will most likely reply. :-) | 03:03 |
imjess | Is everyone else afk? lol... | 03:04 |
handheldCar | wat | 03:05 |
lifeless | imjess: no, but you don't want 200 people all saying hi; it would be very low signal | 03:05 |
lifeless | imjess: this isn't a chat channel, its ubuntu-server assistance-and-development | 03:06 |
imjess | Ah I see. Ok, well I'm new to ubuntu server stuff. My company are going to use ERP system under open source server. So I not sure if Ubuntu going to be right choice considering we might use "Active Directory" etc | 03:07 |
imjess | And do we actually need Cloud? | 03:08 |
lifeless | cloud is entirely up to you; it depends on what you're doing | 03:08 |
lifeless | UEC can be great for deployment of many related systems and/or test labs and/or dynamic load scaling | 03:08 |
imjess | What I have in mind is LTS server / virtualization / cloud , Hmm wondering which one should I go for the first time on ERP.. | 03:15 |
imjess | Am I asking too general? #Ubuntu eh? | 03:15 |
lifeless | well | 03:15 |
lifeless | you're not really asking questions | 03:15 |
lifeless | all that you say sounds plausible ;P | 03:15 |
imjess | Hah! Ok, say we want to set up an ERP system with "Active Directory logins" for the staffs.. and in the future we might host a web server as well... So should we go for virtualization using Ubuntu server of course.. hmmm :D | 03:19 |
lifeless | virtualisation sounds unrelated to this | 03:21 |
lifeless | like, it won't make it easier or harder | 03:21 |
lifeless | it would bring its normal benefits | 03:21 |
lifeless | we have pretty good AD integration via ldap | 03:22 |
lifeless | which AD speaks | 03:22 |
imjess | No, I thought separate the LDAP(ERP) and the web server by using virtualization would be easier to implement in the future eh? | 03:24 |
lifeless | consider the difference between a vm and real hardware | 03:25 |
lifeless | in a vm you usally use NFS or something for persistent storage | 03:25 |
lifeless | you can do that with real hardware (and should if you're trying to run separate servers for different tasks) | 03:25 |
handheldCar | The purpose of virtualization is to utilize the unused power of one's server. | 03:26 |
imjess | lifeless: I don't want get another physical server to keep the IT budget low :P | 03:28 |
lifeless | handheldCar: or provide dynamic deployment of different images - to shuffle around tasks more easily than having every server configured to do everything. | 03:28 |
lifeless | imjess: you'll need 2 machines to run UEC anyway | 03:28 |
lifeless | imjess: *and* | 03:28 |
qman__ | yeah, if you're in a one or two server deployment, you don't need virtualization | 03:28 |
lifeless | imjess: databases can be an issue on VM environments [depending on load/optimisation needs] | 03:28 |
qman__ | it doesn't show most of its benefits until you get into at least half a dozen | 03:29 |
lifeless | qman__: I'd say its really domain specific - some domains are a win with just 2 vm's, others need many more [e.g. clustered static ubuntu archive mirrors] :) | 03:29 |
imjess | I see. I guess UEC out of question since we got only 1 machine lol | 03:30 |
qman__ | yeah, it's software specific | 03:30 |
qman__ | if you wanted to run a whole bunch of services that don't really belong on the same machine for security/manageability reasons, but don't want/need a bunch of physical servers, virtualization is great | 03:31 |
qman__ | but you've only listed two | 03:31 |
imjess | Two? | 03:31 |
qman__ | LDAP and web | 03:32 |
lifeless | ERP server, web server | 03:32 |
qman__ | how many clients are you intending to serve? and is the web server public-facing? | 03:32 |
imjess | Yes to be excat.. ERP+LDAP , web server maybe next year. | 03:33 |
imjess | Not many in the beginning, like 10 staffs. | 03:33 |
qman__ | if you're just looking to serve an intranet site, I would just install both on the same physical server | 03:34 |
imjess | Yes public web. Company's home page. | 03:34 |
qman__ | in that case, I suggest two physical servers, or getting a VPS for the website | 03:34 |
qman__ | either of those would be much easier to set up and maintain than a virtual configuration | 03:35 |
imjess | Hmm I see. | 03:37 |
imjess | Because the OpenERP has this integrated ecommerce, that's why we might need a web server aahh lol | 03:38 |
qman__ | if the ERP needs to interact with a web server, it would not be any more difficult to configure it to use a VPS running the web half over a virtual machine running the web half | 03:39 |
qman__ | or another server in your closet running the web half | 03:40 |
qman__ | now, it may be easier if both run on the same machine without virtualization | 03:40 |
qman__ | but security concerns come into play | 03:40 |
qman__ | having your user database on a public facing server is a risk | 03:41 |
handheldCar | is it possible to install a virtual machine in a command-line environment like ubuntu-server? | 03:43 |
imjess | Hmm so if we want to use a web server for public viewing, its not recommended on same machine.. | 03:43 |
qman__ | handheldCar, of course | 03:43 |
qman__ | imjess, yes, because if the web server were to be compromised, it enables access to all that data | 03:44 |
ChmEarl | handheldCar, apt-get install Vnc4server tightvnc then you have vfb for xen | 03:44 |
imjess | I guess we will put LDAP+ERP using LTS server on a single machine at the moment... but what about ERP to other branches of company> | 03:45 |
imjess | Linking* | 03:45 |
qman__ | I'd probably use a VPN setup | 03:46 |
imjess | Oh | 03:46 |
qman__ | openVPN is pretty easy to use and very secure | 03:46 |
qman__ | you could configure a site to site VPN, and have it 'just work' | 03:46 |
qman__ | there are other ways to do it, I'm sure | 03:47 |
qman__ | and probably SSL-enabled | 03:47 |
=== dendro-afk is now known as dendrobates | ||
imjess | So all I need is LDAP+ERP+VPN for ubuntu server... for now :) | 03:48 |
imjess | Hows the reliability of using ubuntu as production server? | 03:49 |
lifeless | good | 03:49 |
lifeless | we run all our stuff on it :) | 03:49 |
qman__ | very reliable, only downside I ever run into is semi frequent reboots because of kernel updates | 03:49 |
imjess | lol they kept advise me on Redhat | 03:49 |
lifeless | who? | 03:50 |
qman__ | I honestly can't stand to work with redhat/fedora, just don't like the system at all | 03:50 |
qman__ | but that's my personal preference | 03:50 |
fbc-mx | hi all!!! | 03:51 |
imjess | Some linux forums, forgot which. | 03:51 |
imjess | Oh | 03:51 |
handheldCar | Does Debian have less kernel updates? | 03:51 |
* fbc-mx ducks are random things a thrown at his way! | 03:51 | |
qman__ | handheldCar, debian stable perhaps | 03:51 |
lifeless | handheldCar: should be identical | 03:51 |
qman__ | not sure, I don't use it on a regular basis | 03:51 |
lifeless | handheldCar: releases in both distros only changes kernels on security updates | 03:51 |
qman__ | but ksplice is honestly very cool | 03:52 |
qman__ | haven't run into any problems with it yet | 03:52 |
imjess | How good is ubuntu.. can we run server 365 days without restarting it lol.. | 03:52 |
fbc-mx | Yes, it's me again guys with another question that probably requires another brainlessly easy solution.. | 03:52 |
qman__ | and I haven't had to reboot my router machine yet | 03:52 |
qman__ | imjess, yes | 03:52 |
imjess | Router? | 03:53 |
qman__ | I get power outages here frequently, so my longest uptime is ~156 days | 03:53 |
qman__ | but there's no reason it couldn't run longer | 03:53 |
fbc-mx | How do I enable ACPI shutdown on my server again? Before I upgraded to LUCID I used to be able to press my power button and shut down my server. now I can't any more. What might be the issue? | 03:53 |
qman__ | yes, my router runs ubuntu | 03:53 |
qman__ | Jaunty, that was the latest when I set it up | 03:53 |
qman__ | haven't rebooted it | 03:53 |
qman__ | ryan@gatekeeper:~$ uptime | 03:54 |
qman__ | 22:54:17 up 208 days, 8:14, 4 users, load average: 0.00, 0.00, 0.00 | 03:54 |
imjess | Never seen people use server as router lol... | 03:54 |
handheldCar | is this an actual routing device or a computer that's routing? | 03:55 |
qman__ | a computer that's routing | 03:55 |
qman__ | four NICs, nice long iptables script | 03:55 |
qman__ | vnstat | 03:55 |
imjess | What's the advantages compared to those regular router? | 03:56 |
qman__ | cheaper for the feature set | 03:56 |
qman__ | a professional grade router with four interfaces and the kind of software I'm using would be pretty pricey | 03:56 |
imjess | Load-balancing eh | 03:57 |
qman__ | as opposed to a low-power PC with a few extra NICs, loaded up with free software | 03:57 |
qman__ | nah, operating three separate internal nets | 03:58 |
qman__ | one's a public wifi | 03:58 |
handheldCar | what protocol if u don't mind telling | 03:59 |
qman__ | protocol? | 03:59 |
handheldCar | no RIP, OSPF? | 04:00 |
qman__ | no, no other routers | 04:00 |
qman__ | just separate internal nets, sharing one net connection | 04:00 |
qman__ | firewall rules between them, bandwidth tracking | 04:00 |
qman__ | and a few other little things | 04:00 |
qman__ | my ISP's network is a total mess | 04:01 |
qman__ | messages coming from everywhere | 04:01 |
qman__ | like their whole network is just hubbed together | 04:02 |
imjess | Oh, by the way, once the LDAP server established, should we reinstall client's PC... | 04:03 |
qman__ | not sure why you would, but I've never set up an LDAP outside a lab setting | 04:04 |
imjess | What do you mean...? | 04:05 |
qman__ | my network doesn't have enough users to justify LDAP | 04:05 |
imjess | I see. The Client PC's data all will automatically stored in LDAP server.. right? | 04:06 |
qman__ | not with just LDAP | 04:06 |
qman__ | you'd need to set up a file server and configure the clients to store the user data on the server | 04:07 |
imjess | So no files will stored in Client PC. | 04:07 |
imjess | Oh file server | 04:07 |
qman__ | LDAP only manages the users and authentication | 04:07 |
imjess | Right. | 04:07 |
qman__ | your ERP package may handle that, but LDAP alone does not | 04:08 |
imjess | Got it. | 04:08 |
imjess | So this file server will restrict user to store any data on thier client PC eh | 04:10 |
qman__ | no, that needs to be configured separately | 04:10 |
qman__ | the file server just stores the files | 04:10 |
qman__ | are your clients running windows or linux? | 04:10 |
imjess | 2 Windows, others Linux. | 04:11 |
handheldCar | redirect profile and home folders to server | 04:12 |
qman__ | yeah, that's going to be quite a bit of work | 04:12 |
qman__ | you're probably going to need to set up security policies for the windows clients | 04:12 |
handheldCar | wsus | 04:12 |
imjess | Can Windows client PC connect to LDAP server...? Or I need another apps | 04:14 |
qman__ | you're going to need to configure samba+winbind most likely | 04:14 |
qman__ | on the server, to allow the windows clients to join the domain | 04:15 |
imjess | What is this Zimbra? | 04:15 |
fbc-mx | where can I find the menu-lst for grub in lucid? | 04:15 |
qman__ | zimbra is basically an alternative to microsoft exchange | 04:16 |
qman__ | fbc-mx, lucid uses grub2, and doesn't have a menu.lst | 04:16 |
qman__ | !grub2 | 04:16 |
ubottu | GRUB2 is the default Ubuntu boot manager since Karmic. For more information and troubleshooting on GRUB2 please refer to https://wiki.ubuntu.com/Grub2 | 04:16 |
imjess | Ok. So by steps, I should install LTS>LDAP>SAMBA>Winbind>File>ERP... | 04:19 |
* handheldCar think when you install #ubuntu-server , there is an option for file server, which is samba. | 04:19 | |
imjess | File server = samba? | 04:20 |
qman__ | well, not necessarily | 04:20 |
qman__ | but samba is the tool for windows-compatible file sharing | 04:20 |
qman__ | there's also things like nfs, sshfs, sftp | 04:21 |
imjess | Should during install Ubuntu server, I should go for file server option? | 04:21 |
imjess | What's nfs, sshfs, sftp? | 04:21 |
qman__ | samba also is used for integrating with windows clients in a domain-style environment | 04:21 |
fbc-mx | qman__, I'm kinda lost with this new grub. I've found the new config file that generates the one in /boot, but how or where do I put in acpi=force? | 04:21 |
imjess | Do I need those as well? | 04:21 |
qman__ | probably not, depends on what you want | 04:22 |
qman__ | those are other ways to share files, that are less windows friendly | 04:22 |
fbc-mx | qman__, disregard... found it | 04:22 |
imjess | So even I install them randomly, it won't messed up the setting huh | 04:23 |
qman__ | no, when you install them, they will install dependencies | 04:24 |
qman__ | so generally, it doesn't matter | 04:24 |
imjess | Right. | 04:24 |
qman__ | but be prepared, setting this up is not a simple task | 04:24 |
qman__ | you're going to want to find some guides and do research on it | 04:24 |
qman__ | and don't do it in your production environment until you know it's going to work | 04:24 |
imjess | The ubuntu website for guides is sufficient for newbies eh? | 04:25 |
qman__ | getting windows to play nice can be quite difficult | 04:25 |
qman__ | setting up a directory server and clients is definitely an "advanced" task | 04:26 |
qman__ | where a simple file server or web server is "easy", and email is "intermediate" | 04:26 |
imjess | I'm screwed lol | 04:26 |
imjess | Well I got like 2 months to put it into production.. operation | 04:27 |
imjess | I'm going bug this channel in the mean time. | 04:28 |
qman__ | unfortunately ubuntu doesn't have an easy single-checkbox directory server yet | 04:29 |
qman__ | it's definitely high on my wish list | 04:29 |
imjess | Oh another thing, is this LTS ubuntu server is GUI? | 04:29 |
qman__ | no, ubuntu server does not have a GUI | 04:29 |
qman__ | you can install one if you really want, but that's not a supported configuration in this channel | 04:30 |
imjess | Without GUI is all right, but would OpenERP able to run under non-GUI format | 04:31 |
qman__ | it looks to be web-based, so yes | 04:32 |
imjess | I tried on ubuntu desktop, couldn't find the server guides. | 04:33 |
imjess | So during the installation, should we pick file server(Samba) or install it right after. | 04:34 |
qman__ | looks like the 10.04 guide isn't up yet | 04:34 |
qman__ | but don't worry, it should be soon | 04:34 |
qman__ | lucid just released | 04:34 |
imjess | This latest LTS version is Lucid? | 04:35 |
qman__ | the 9.10 guide should be mostly accurate | 04:35 |
qman__ | yes | 04:35 |
imjess | How long this Lucid LTS will last..? | 04:36 |
ScottK | Five years for servers. | 04:36 |
qman__ | and an LTS to LTS upgrade path is supported | 04:37 |
qman__ | so you don't have to upgrade to each release in between | 04:37 |
imjess | I see. | 04:38 |
handheldCar | lts every 2 years | 04:38 |
imjess | It is wise to choose latest version of Ubuntu's considering new bugs may arise.. | 04:40 |
qman__ | well, the main releases can be bleeding edge, meaning there are some issues | 04:42 |
qman__ | but the LTS is designed to avoid that as much as possible | 04:42 |
qman__ | while still providing new and useful software | 04:42 |
qman__ | right now lucid is still a bit up in the air, because it just released a few days ago | 04:42 |
qman__ | but give it a week or two and it should get much better | 04:43 |
handheldCar | it's not too bad in my case, a couple bumps | 04:43 |
twb | Five years for *some server packages* | 04:44 |
imjess | So we should stick with 8.04 LTS for now | 04:44 |
twb | AFAICT it's non-trivial to avoid packages with less-than-five-years support | 04:44 |
twb | You can't e.g. apt pin based on support lifetime | 04:45 |
qman__ | no, only if you're already running 8.04 | 04:45 |
qman__ | on a new setup, start with 10.04 | 04:45 |
imjess | Right. | 04:45 |
qman__ | documentation and such will be a little hard to find right now, but it'll be easier than upgrading after you get it set up | 04:45 |
twb | Especially given Ubuntu's track record for upgrading | 04:46 |
uvirtbot | New bug: #574901 in bind9 (main) "package liblwres60 1:9.7.0.dfsg.P1-1 failed to install/upgrade: ErrorMessage: subprocess installed post-installation script returned error exit status 2" [Undecided,New] https://launchpad.net/bugs/574901 | 04:46 |
qman__ | I haven't upgraded any of my servers yet, should be interesting | 04:47 |
qman__ | I upgraded my laptop, and it broke my fingerprint reader | 04:47 |
qman__ | otherwise fine, once I fixed the window buttons | 04:47 |
twb | There's no way I will trust do-release-upgrade on a server without making a block-level snapshot first | 04:48 |
twb | I tried it in an 8.04 VM in early April, and it fell over hard | 04:48 |
twb | I'll stick to aptitude safe-upgrade, which I know how to use. | 04:48 |
imjess | It seems Dell monitors can't function properly on Xscreen | 04:49 |
twb | Xscreen? | 04:49 |
imjess | The dual screen thing. I had to disable special effects. | 04:49 |
twb | Xinerama breaks hardware acceleration, yes. | 04:50 |
imjess | Oh | 04:50 |
twb | (Unless matters have improved in the last six years...) | 04:50 |
qman__ | I've always had trouble with compiz | 04:50 |
qman__ | I still don't use it, because every time I tried, it leaks memory | 04:50 |
qman__ | fancy effects are not worth having your computer crash every week or so | 04:51 |
imjess | Excatly. | 04:51 |
twb | That's how I feel about X | 04:51 |
qman__ | for the most part, I agree | 04:52 |
qman__ | need it for some things, but servers are not one of them | 04:52 |
imjess | Seem interesting, like learning to write ABC again lol | 04:53 |
imjess | Does anyone here using ERP on ubuntu server.... | 04:54 |
twb | !anyone | 04:54 |
ubottu | A large amount of the first questions asked in this channel start with "Does anyone/anybody..." Why not ask your next question (the real one) and find out? | 04:54 |
qman__ | to be perfectly honest, I couldn't figure out what it was for through all the buzz words | 04:54 |
twb | ERP is something you don't need to care about unless you're big business | 04:55 |
imjess | I will do that. Just curious. Take it easy. | 04:55 |
qman__ | zimbra is interesting because one of the major stopping blocks I see, when getting windows based businesses to switch, is that they use outlook and outlook's calendars | 04:56 |
qman__ | I'll have to try that out | 04:56 |
twb | Zimbra is extremely Not Fun | 04:56 |
twb | Wait until it's packaged properly | 04:57 |
qman__ | ah, good to know | 04:57 |
imjess | Good to use on Evolution Mail as well? | 04:57 |
twb | The current install process involves installing Zimbra's custom-patched versions of stuff like postfix and openldap in /opt/zimbra | 04:57 |
qman__ | yuck | 04:57 |
twb | imjess: Evolution is the only FOSS client I know of with Outlook calendar support | 04:57 |
twb | (Maybe if mutt supported calendars, I'd actually give a shit about them...) | 04:58 |
qman__ | I use thunderbird, but I don't really like it | 04:59 |
RoAkSoAx | kirkland, ping | 04:59 |
qman__ | slow, features I don't need, etc | 04:59 |
qman__ | though it's nothing compared to Flash | 05:01 |
uvirtbot | New bug: #574906 in clamav "Clamav 0.96.0 clamd fails to start on powerpc" [Undecided,New] https://launchpad.net/bugs/574906 | 05:11 |
=== dendrobates is now known as dendro-afk | ||
=== rgreening__ is now known as rgreening | ||
drusepth | I downloaded a 32-bit ubuntu install cd and have booted to it to try to follow the steps at http://www.ubuntu.com/cloud/private-steps, but I never get the menu in step 2, I'm thrown directly into the usual ubuntu server installer -- is this.. normal? | 05:45 |
LynXnz | Hey Can Anyone Help Me With Getting a startup daemon to run as a user that i select? | 06:11 |
twb | !anyone | 06:12 |
ubottu | A large amount of the first questions asked in this channel start with "Does anyone/anybody..." Why not ask your next question (the real one) and find out? | 06:12 |
twb | LynXnz: simply pass the appropriate arguments to start-stop-daemon. --runas, IIRC. | 06:12 |
_eagles0513875_ | hey guys is there a 32bit version of ubuntu server floatin around | 06:31 |
_eagles0513875_ | as it seems on the site that there is only 64bit available for download | 06:31 |
_eagles0513875_ | nm | 06:32 |
LynXnz | Still having issues with starting an init daemon as a specified user :( | 07:10 |
twb | LynXnz: without detail, it is impossible to help you further. | 07:11 |
twb | !smart questions | 07:11 |
twb | Grmph | 07:11 |
LynXnz | how about i post my init config up somewhere so you can have a look? | 07:11 |
twb | Sure. | 07:12 |
LynXnz | http://www.tactical-response.net/cod4.txt | 07:13 |
twb | Any reason you aren't using metainit? | 07:15 |
LynXnz | whats metainit? | 07:15 |
twb | Ask apt. | 07:15 |
LynXnz | roger | 07:15 |
twb | For that matter, why aren't you using upstart? | 07:16 |
LynXnz | dunno, this is always the way that has been taught | 07:16 |
twb | Yes, well, Ubuntu is helpful and annoying and likes to do things differently just to annoy me | 07:17 |
LynXnz | do you segest me using upstart? | 07:17 |
twb | I don't really care. | 07:18 |
LynXnz | okay, what can i put into that init script to excucute it as a specified user? | 07:18 |
twb | 15:12 <twb> LynXnz: simply pass the appropriate arguments to start-stop-daemon. --runas, IIRC. | 07:19 |
yasuhito | Hi I have a question about python-vm-builder | 08:07 |
yasuhito | when I executed "sudo vmbuilder xen ubuntu --ec2", I met an error: "vmbuilder: error: no such option: --ec2" | 08:08 |
yasuhito | my ubuntu version is 10.4 | 08:08 |
yasuhito | any idea?? thanks in advance | 08:11 |
yasuhito | Hi I have a question about python-vm-builder | 08:13 |
qman__ | hey, does lucid still have a 386-compatible kernel? I've got a machine that doesn't work with the generic kernel (i686) running hardy | 08:20 |
twb | qman__: check /boot/config | 08:21 |
twb | But I think it's unlikely that lucid would run on a genuine 386 | 08:21 |
qman__ | yeah, this one's i586 IIRC, I had to install linux-image-386 to get it working | 08:22 |
twb | Huh. | 08:23 |
qman__ | I know they changed around the kernels and naming schemes | 08:23 |
qman__ | since hardy, that is | 08:23 |
qman__ | just wondering if I should try to upgrade or not | 08:23 |
qman__ | I need to just replace the thing, but it's still running | 08:24 |
qman__ | hard to argue with results | 08:24 |
twb | If you're still running an i386, I'd say leave it the hell alone | 08:24 |
qman__ | yeah, it'll still get security updates for a while yet, so might as well | 08:26 |
qman__ | see if the hardware outlasts hardy | 08:26 |
imjess | Hey guys, is encrypted LVM do any good? | 08:29 |
twb | If you go down to your local hardware recycling place, you can probably get a complete, second-hand Pentium4 of Celeron system for $20 | 08:29 |
twb | imjess: define "good" | 08:29 |
twb | qman__: unless you're in China or India or something | 08:29 |
qman__ | nah, the only thing is | 08:30 |
qman__ | I've got lots of dead P4s and celerons | 08:30 |
qman__ | but this old thing just keeps going | 08:30 |
imjess | I don't know. I mean do we need encrypted LVM? | 08:31 |
qman__ | that's entirely up to you | 08:31 |
qman__ | more work than it's worth in most cases, if you ask me | 08:32 |
imjess | Oh we do not need it then lol | 08:32 |
qman__ | according to http://packages.ubuntu.com/lucid/allpackages?format=txt.gz there is still a linux-386 | 08:32 |
qman__ | surprised they haven't dropped it, frankly | 08:32 |
qman__ | I must not be the only person still using 14 year old hardware | 08:33 |
twb | Most of them wouldn't be using ubuntu, though | 08:34 |
twb | What with it being targeted at schmucks running the latest bleeding-edge powerbook or whatever | 08:34 |
lifeless | heh | 08:34 |
imjess | If we don't use multiple partition or drives.. I guess we could ignore LVM perhaps | 08:35 |
imjess | ? | 08:35 |
qman__ | you don't have to use LVM at all if you don't want to, it's entirely optional | 08:35 |
qman__ | makes some things easier, like encryption or resizing partitions | 08:35 |
twb | "do we need encrypted LVM" depends on whether you need block-level encryption | 08:36 |
imjess | Normal guided entire disk with raid 1... | 08:36 |
twb | What security cert do you need to qualify for? | 08:36 |
qman__ | encrypted LVM makes sense on a laptop, but otherwise it's not very useful | 08:37 |
qman__ | or perhaps removable backup disks or something | 08:37 |
imjess | I see. | 08:37 |
twb | qman__: that depends on whether the laptop contains confidential information, whether you take it offsite, etc. | 08:37 |
qman__ | but if your server isn't in a secure location, that's a bigger problem | 08:37 |
twb | imjess: with security, you should start by working out what attack vectors you care about, rather than looking at what techniques you can use. | 08:38 |
twb | For example, there is not much point learning about iptables if your host isn't connected to a network. | 08:38 |
imjess | Got it. | 08:39 |
qman__ | also keep in mind, in order to use encrypted LVM, you will either need to type in a password or insert a removable storage device containing a key every time you boot | 08:40 |
qman__ | not very convenient | 08:40 |
imjess | Not going to use encrypted LVM... | 08:40 |
twb | block-level encryption is most useful when your physical security is weak (i.e. your disks aren't bolted into a rack behind a locked door. | 08:40 |
twb | qman__: that's assuming the root device is encrypted. | 08:41 |
twb | You could conceivably encrypt your "user data" filesystem but not your root filesystem. | 08:41 |
qman__ | yes, but it would be difficult to use the server without unlocking said filesystem | 08:41 |
qman__ | and if your swap isn't encrypted, that's a pretty big hole in the scheme | 08:42 |
twb | But yeah, any kind of encryption should have multi-factor authentication | 08:42 |
twb | qman__: well, I think you've heard my policy on swap :-) | 08:42 |
imjess | Reconfigure partition with LVM.. it stopped at 33% like 20 mins now... | 08:42 |
qman__ | my general policy on that matter, RAM is cheap | 08:42 |
imjess | Without* | 08:42 |
qman__ | that's normal | 08:43 |
qman__ | the progress bar only goes by the steps themselves | 08:43 |
qman__ | the first step is quick | 08:43 |
twb | qman__: you could conceivably have a /srv/customers encrypted, but /home not encrypted. That way you could do web browsing and suchlike, while your customers' data is relatively safe. | 08:43 |
qman__ | the second step is slow | 08:43 |
twb | qman__: e.g. if the laptop has a combined work + personal role | 08:43 |
imjess | Is this encrypted LVM is a new thing on Lucid or just server only? | 08:44 |
qman__ | it's not very new | 08:44 |
qman__ | but it's not in the desktop CD, only the server and alternate CDs | 08:44 |
qman__ | the desktop CD supports encrypted home directories though I think | 08:44 |
imjess | Oh no wonder I haven't encountered em before. | 08:45 |
qman__ | the desktop CD doesn't support RAID at all either | 08:45 |
qman__ | if you want features like that on a desktop, use the alternate disc | 08:45 |
twb | That's because Ubuntu makes the desktop CD, and they lag behind Debian :P | 08:46 |
qman__ | I'm not really sure why it doesn't | 08:46 |
qman__ | since it apparently uses the same partitioner | 08:46 |
qman__ | and other than the GUI-fication, it looks the same as the menus | 08:46 |
twb | I hear that ubiquity backs onto d-i, but that doesn't mean that ubiquity is just a GUI for d-i | 08:46 |
twb | Otherwise, ubiquity would be g-i, which is Debian's GTK-based d-i GUI | 08:47 |
imjess | The server documentation doesn't show the installation proccess doh.. | 08:48 |
twb | imjess: apt-get install installation-guide-amd64 | 08:48 |
imjess | Cool thing we do not need install drivers for Raid software | 08:49 |
baffle | Hum, "service <not running service> status" returns with 0, not 4. | 08:50 |
baffle | That's quite shitty. | 08:50 |
baffle | :-) | 08:50 |
twb | baffle: isn't that for compatibility with broken RHEL/LSB service(8)? | 08:50 |
imjess | twb: After install the guide, how to retrieve it lol | 08:50 |
twb | imjess: dpkg -L will tell you where files are installed. | 08:51 |
baffle | twb: Well, /etc/init.d/upstart-job status also returns 0. | 08:51 |
baffle | (I.e. a upstart-job wrapped upstart-service) | 08:51 |
twb | I hate upstart | 08:51 |
* baffle too. | 08:51 | |
twb | At least cinit didn't embed sh in a completely non-sh DSL | 08:51 |
baffle | This means that a cluster is now unable to check if deamons are running! \o/ | 08:52 |
twb | (Yes, I realize that it was job-based not event-based) | 08:52 |
twb | baffle: just use pgrep like the muck-dwellers | 08:52 |
baffle | twb: Well, I don't really want to change all kinds of agents just because upstart is stupid; I'd rather fix upstart. :-) | 08:53 |
twb | Good luck with that | 08:54 |
imjess | Listfiles needs at least one package name argument.. | 08:55 |
imjess | Oh no, it seem without LVM, can't configure Raid lol... | 08:57 |
baffle | twb: https://bugs.launchpad.net/ubuntu/+source/upstart/+bug/552786 | 08:58 |
uvirtbot | Launchpad bug 552786 in upstart "initctl: lacks proper exit codes" [Medium,Invalid] | 08:58 |
=== oubiwann is now known as oubiwann_ | ||
twb | baffle: thanks | 08:59 |
baffle | twb: So it seems I'm not the first. :-) | 08:59 |
baffle | twb: But this will lead to data loss at some point, I'm quite certain. | 09:00 |
twb | Yeah, well, my plan is to get shit-faced tonight | 09:00 |
twb | I've been dealing with oracle and sybase and sles all day. | 09:01 |
twb | Annoying as ubuntu is, at least I can RTFS and sometimes fix stuff by in-house monkey patching | 09:01 |
baffle | twb: Well, to be honest, I prefer Ubuntu over SLES/RHEL any day. | 09:12 |
twb | Me too | 09:13 |
twb | I'd just prefer it to be more anal and less cool, i.e. debian | 09:14 |
baffle | twb: But there are some quite critiacal bugs that slips thru the cracks, I feel that the Canonical server team does not have the resources to test enterprise grade solutions. Not enough manpower, possbily not enough experience (not in general, ofcourse) and not the lab environment. | 09:14 |
baffle | Wow, that sentence was broken. | 09:14 |
baffle | those sentences. \o/ | 09:15 |
willemb | Hi there. I have spent the morning reading documentation about uec, eucalyptus, etc, and I am still unsure how some of it works. | 09:15 |
baffle | willemb: How it works? | 09:15 |
imjess | willemb: Make it two of us. | 09:15 |
willemb | What I want to know is: If I have a cluster of servers with cloud packages installed, can I instantiate what is effectively a single vm combingin the resources of all of them? | 09:15 |
baffle | willemb: That's why they call it cloud; You're not supposed to understand. :-) | 09:16 |
baffle | willemb: No, a VM runs on one machine. But you have a pool of server resources that you can deploy your VMs to. | 09:16 |
willemb | ok, so I can run apache with multiple vhosts 'on the coud' ? | 09:16 |
baffle | willemb: It doesn't really solve your scaling problems; You just have a bit simpler deployment. | 09:16 |
willemb | :-( so i can't just install a cloud version of apache, set up 2000 web sites and point all their a-records to my node controller? | 09:17 |
baffle | willemb: Nopes. It is not magic. :-) | 09:18 |
willemb | adding more nodes as demand increases | 09:18 |
willemb | right, so it is called cloud cause it solves nothing and is merely nice to look at? | 09:18 |
baffle | willemb: That's cloud for you. | 09:18 |
willemb | ie, i could do the same thing with xen/kvm anyway | 09:18 |
baffle | willemb: Yup. | 09:18 |
imjess | Very cloudy if you ask me. | 09:18 |
baffle | willemb: But it has a nice webinterface. And you kindof can't use nice enterprise features. | 09:18 |
willemb | right, so ubuntu cloud services is to xen and kvm what gedit is to vi | 09:19 |
baffle | willemb: You have cool distributed storage, tho'. Wich ofcourse isn't as fast as a nice SAN. And probably not as reliable. And you kindof loose control of the network. And basically you just loose control. | 09:20 |
baffle | s/loose/lose/ | 09:20 |
baffle | In my not so humble opinion, ofcourse. | 09:21 |
willemb | So what is everyone so excited about? | 09:21 |
baffle | I'm not? | 09:21 |
twb | willemb: kool-aid | 09:21 |
=== larsemil is now known as Hans-Erik_H | ||
willemb | looks like an easy way to get into virtualization if you don't want to spend any time figuring out how any of it works. like an mcse's fast-track to consolidating resouce usage | 09:22 |
baffle | willemb: If you buy into the amazing cloud thingy, it's kindof neat. If you design your applications from the start to be deployed on a cloud it is kindof neat. But it has to be done from the ground up. :) | 09:22 |
soren | willemb: Trust me... This is not the easy path to virtualisation. | 09:22 |
twb | I think the excitable weenies are just the usual kids running a server in their dowm | 09:22 |
twb | s/dowm/dorm/ | 09:22 |
willemb | right, so as a web hosting company, I can't move my mom and pop clients with joomla/wordpress into a cloud | 09:22 |
soren | Sure you can. | 09:23 |
willemb | without rewriting their sites? | 09:23 |
soren | It's just not going to magically make stuff scale better. | 09:23 |
soren | Sure. | 09:23 |
twb | I'd be more inclined to use jails than full VMs for those | 09:23 |
baffle | In other news, our web based KVM management software is kindof progressing. :-) I'm thinking about opensourcing it. | 09:23 |
=== Hans-Erik_H is now known as larsemil | ||
twb | baffle: just remember that "let's open-source it!" doesn't mean "then our developers will work for free!" | 09:23 |
baffle | willemb: It's nice if you just think of it as a nice way to deploy VMs. For simple VMs without high demands for high availability it is probably cool. | 09:24 |
willemb | i was really hoping all the vm's would kind of share disk space and connection handlers | 09:24 |
lil_cain | we have something already partly written (and open source) | 09:24 |
twb | willemb: that sounds like a jail to me | 09:24 |
soren | willemb: Cloud (in this context) means that you have a programmatic interface to server provisioning. If your application can make good use of that, you win. | 09:24 |
lil_cain | altough, ours is far more for !centrally managed VMs. | 09:24 |
twb | lil_cain: where "!" means "non-" ? | 09:25 |
willemb | ok, so maybe migrating our 1300 web servers (each with hundreds of sites on it) onto vm's first, then worry about a nice cloud interface for managing it afterwards | 09:25 |
baffle | twb: Yeah, I know that. I'm thinking about open sourcing it to share our work for free, basically. Because it is something people want. A nice web GUI, that can talk to a cluster of KVM machines, that can use a proper cluster backend, where there is access control so you can give customers remote control of their VMs. :) | 09:25 |
* twb grumbles about web interfaces | 09:25 | |
baffle | twb: I.e. a free VMWare VirtualCenterish application. | 09:25 |
lil_cain | twb: Aye. | 09:26 |
twb | Sounds more like cpanel backed onto euc | 09:26 |
baffle | twb: Hey, you're free to do everything from commandline, it just uses libvirt and the cluster (pacemaker/corosync) tools. :) | 09:26 |
lil_cain | pretty much. A cpanel backend is handy for a lot of things though. | 09:26 |
baffle | Ye of little faith. | 09:26 |
twb | baffle: that's nice in theory, but I have had to fight too many sites running stuff like sysconfig-blah and webmin, where you can *technically* use the CLI, but you're instructed not to because it'll webmin will either break or delete your changes | 09:27 |
twb | Not that I much like libvirt's UI as it stands | 09:28 |
baffle | twb: All state lives in libvirt and the clustering software. | 09:28 |
twb | I'm used to just using qemu's user-space networking with dnats and curses and maybe no disks at all, but libvirt wants to be in charge of brctl and run everything as root and suchlike | 09:29 |
=== |eagles0513875| is now known as eagles0513875 | ||
larsemil | are there any public PXE servers that i could use to install ubuntu? | 10:23 |
Jeeves_ | larsemil: Not that I know off | 10:24 |
Jeeves_ | It is on my todo-list, for about a year and a half now :) | 10:24 |
larsemil | Jeeves_: would be cool. | 10:24 |
baffle | larsemil: Hmm, I seem to remember there being a public TFTP server for all kinds of distros actually.. | 10:27 |
twb | You can't PXE boot off a remote network | 10:30 |
twb | PXE starts with a DHCP broadcast | 10:30 |
Jeeves_ | No | 10:30 |
Jeeves_ | Your dhcp server needs to be local | 10:30 |
soren | tftp can be routed. | 10:30 |
twb | Right | 10:30 |
soren | So yeah, what Jeeves_ just said. | 10:30 |
Jeeves_ | But you can tftp from somewhere else | 10:30 |
twb | Personally I found di-netboot-assistant to be pretty awesome, though a highly available tftp.debian.org would be awesome | 10:31 |
twb | *more awesome | 10:31 |
larsemil | any news in 10.04 server edition except newer packages? | 10:33 |
twb | larsemil: I don't understand the question | 10:34 |
halvors | I have heard it is simple to setup a emailserver on Ubuntu using the package "dovecot-postfix" but what more will i need to done? | 10:34 |
halvors | ?? | 10:34 |
twb | halvors: have you read the Ubuntu server guide? | 10:34 |
larsemil | twb: are there any new feats? like in 8.04 its easy to make your machine virtual host etc.. | 10:34 |
twb | larsemil: did you read the release documentation? | 10:35 |
larsemil | twb: actually not | 10:35 |
larsemil | twb: :) | 10:35 |
larsemil | what service is a gpg key server running, cant find when searching | 10:43 |
jpds | larsemil: SKS. | 10:43 |
larsemil | thanks | 10:43 |
=== cloakable_ is now known as cloakable | ||
halvors | Yes, i have tryed but it didn't work, i only wounder if i only need to install dovecot-postfix or need i to do more? | 11:11 |
halvors | ?? | 11:11 |
halvors | ?? | 11:11 |
uvirtbot | New bug: #575040 in tftp-hpa (main) "tftpd-hpa.postinst keeps hanging with a Password: prompt" [Undecided,New] https://launchpad.net/bugs/575040 | 11:47 |
baffle | Regarding me complaining about upstart-job not returning 3 (or, well, not 0) when doing "/etc/init.d/service status"; I made a small change to upstart job that makes it at least report 1, so stuff works. https://bugs.launchpad.net/ubuntu/+source/upstart/+bug/552786 | 12:48 |
uvirtbot | Launchpad bug 552786 in upstart "initctl: lacks proper exit codes" [Medium,Invalid] | 12:48 |
baffle | In upstart it is by design, but in the LSB-wrapper it should support it... | 12:49 |
=== dendro-afk is now known as dendrobates | ||
andriijas | are there any known issues in lucid with php5 and apache segfaulting?? | 12:58 |
zul | andriijas: yes please use the version in lucid-proposed | 13:12 |
andriijas | zul: how? | 13:14 |
zul | andriijas: https://wiki.ubuntu.com/Testing/EnableProposed | 13:16 |
andriijas | ty | 13:16 |
andriijas | zul: any eta when this will be published to lucid? | 13:17 |
zul | andriijas: after it gets some testing | 13:18 |
andriijas | zul: but i can disable proposed after upgrading php again? | 13:18 |
zul | andriijas: yep | 13:19 |
halvors | It is possible to make self maded sertficates for Webmin?? | 13:19 |
soren | halvors: Ubuntu does not support webmin. | 13:19 |
halvors | How admin panels should i use? | 13:31 |
lil_cain | !ebox | 13:31 |
ubottu | ebox is a web-based GUI interface for administering a server. It is designed to work with Ubuntu/Debian style configuration management. See https://help.ubuntu.com/community/eBox | 13:31 |
zul | admin panels? | 13:31 |
zul | ttx: ping | 13:36 |
=== oubiwann_ is now known as oubiwann | ||
=== oubiwann is now known as oubiwann_ | ||
smoser | hggdh, are you around ? | 13:55 |
hggdh | smoser almost ;-) what can I do for you? | 14:04 |
zul | *sigh* if it was only that easy | 14:10 |
ahasenack | smoser: hi | 14:10 |
ahasenack | smoser: just noticed that the lucid AMIs don't have a ramdisk | 14:11 |
ahasenack | smoser: so, that was unexpected. What's the change, how does it work? The kernel has all the drivers and stuff? | 14:12 |
smoser | ahasenack, yes, that was a feature we chased. | 14:23 |
smoser | they just dont' need one. | 14:23 |
smoser | the kernel can mount the root filesystem. | 14:24 |
ahasenack | smoser: ok, so that's going to be the norm from now on, if possible | 14:24 |
smoser | thats the goal, yeah. | 14:24 |
ahasenack | smoser: also for the other distros you think? | 14:24 |
smoser | i dont know about other distros. it works here, its always been possible, its just that ramdisks are more generic, and "standard" | 14:25 |
ahasenack | ok | 14:25 |
smoser | but since the cloud environments (UEC and ec2) have well known hardware profiles we dont really need them. the ramdisk never actually did much. | 14:25 |
smoser | hggdh, i was going to ask about the order of powering up topo2 | 14:26 |
hggdh | smoser: still looking for me? | 14:26 |
smoser | i turned on cempedak first | 14:26 |
hggdh | heh | 14:26 |
hggdh | yes | 14:26 |
ahasenack | smoser: thanks | 14:26 |
hggdh | smoser: when cempedak is up, copy the SSH key to the mabolo and marula preseeds | 14:27 |
hggdh | then up both | 14:27 |
hggdh | smoser: the docs are up-to-date, BTW | 14:28 |
smoser | hggdh, sorry, how to copy ssh key ? what key ? | 14:28 |
smoser | hggdh, sorry, please point me to TFM | 14:29 |
=== JanC_ is now known as JanC | ||
hggdh | smoser: under mathiaz tamarind bzr, README.testing | 14:30 |
hggdh | smoser: the SSH keys I am talking about are the eucalyptus user keys | 14:30 |
smoser | yeah, i can read. i didn't open README.testing. sorry . i'll bother you if i have more | 14:31 |
=== dendrobates is now known as dendro-afk | ||
=== dendro-afk is now known as dendrobates | ||
smoser | hggdh, wiat. i'm sorry. | 14:32 |
smoser | i didn't do "lucid-amd64-multi" | 14:32 |
smoser | i set topo to lucid-amd64-topo2 | 14:32 |
smoser | is that not right ? | 14:32 |
halvors | Does ebox provide adminpanel for domains? | 14:39 |
=== oubiwann_ is now known as oubiwann | ||
hggdh | smoser: yes, lucid-amd64-topo2 is the correct one | 14:46 |
smoser | i didn't realize this was 4 steps | 14:47 |
hggdh | you need to copy the keys anyways (at least this was my experience) | 14:47 |
smoser | yeah. | 14:47 |
hggdh | so you copy the bloody CLC key to Walrus and CC preseed, then copy both CLC and CC keys to the SC/NCs | 14:48 |
hggdh | smoser: oh, I follow you now. The README.testing states you only need to copy on -multi... | 14:49 |
halvors | I installed ebox, but how access the interface? I tryd https://myip/ebox but it does not work | 14:49 |
smoser | hggdh, would be nice if that could be a single 'go' command. | 14:56 |
smoser | (which i'm sure is no new thought to you) | 14:56 |
hggdh | smoser: you bet... but it might be possible | 15:05 |
smoser | well its definitely possible | 15:07 |
henkjan | hmm, disabling ipv6 autoconfiguration | 15:09 |
henkjan | net.ipv6.conf.all.autoconf = 0 | 15:09 |
henkjan | that should be enough i thouhgt? | 15:09 |
henkjan | on lucid I still get my eui-64 address | 15:10 |
_ruben | henkjan: might need to change default as well? | 15:13 |
_ruben | (not just all) | 15:13 |
Mkools | Hello, I want to add a virtual host in tomcat6 for that I have read doc on tomcat6, from which I concluded that I have to add three elements namely: 1. Engine 2. Host 3. Context in my server.xml. I have also created one instance of tomcat. I wanted a review on my above statements that is whether they correct or not or any further addition is needed. Do I have to defaultHost= 'ip of dns or name of dns'? | 15:14 |
Mkools | I am using bind9 and I have created domain prctimp.private. | 15:15 |
Mkools | I am using Ubuntu 9.10 Karmic | 15:16 |
uvirtbot | New bug: #575175 in apache2 (main) "apache running at 100% indefinitely" [Undecided,New] https://launchpad.net/bugs/575175 | 15:16 |
henkjan | _ruben: didnt help.. | 15:17 |
_ruben | henkjan: http://marc.info/?l=linux-kernel&m=123599691025508&w=2 (havent fully read it myself yet) | 15:19 |
smoser | hggdh, ping | 15:36 |
aurigus | pong! | 15:39 |
ttx | jdstrand: https://blueprints.edge.launchpad.net/ubuntu/+spec/security-m-apparmor-profile-packaging is currently scheduled in the cloud_and_server track, I suppose it's a misplacement ? | 15:40 |
jdstrand | ttx: yes, that would be. kees? ^ | 15:40 |
ttx | jdstrand: want me to fix that ? | 15:40 |
jdstrand | ttx: sure | 15:40 |
ttx | Will mark it a "security" track | 15:41 |
jdstrand | ttx: should be in the security track (semi-obviously) | 15:41 |
hggdh | smoser: I am here | 15:41 |
ttx | and let kees carry on from there | 15:41 |
jdstrand | ttx: thanks | 15:41 |
* ttx tests admin superpowers | 15:41 | |
smoser | hggdh, pm | 15:41 |
Mkools | It is written in the docs that Engine should have one default host as localhost. Now I want to add a virtual host is there any other syntax like <virtualHost> in apache 2.0 or <Host name = > will do it? | 15:50 |
Mkools | Please reply. | 15:50 |
henkjan | _ruben: thnx for that url. Enabling forwarding helps to disable autoconf. ugly | 16:10 |
kees | ttx: the scheduler is so strange... why did it mark it as cloud? | 16:16 |
ttx | kees: someone must have marked it as such in the summit admin system | 16:17 |
ttx | kees: takes special power to assign a session to a "track" | 16:17 |
kees | ttx: well, they're supposed to be auto-marked on creation. | 16:17 |
ttx | kees: ? | 16:17 |
kees | ttx: yeah, you (or I) can change it, though. | 16:18 |
halvors1 | Can i make new domains on my server with ebox? | 16:18 |
ttx | kees: auto-marked based on what ? | 16:18 |
ttx | kees: natural language analysis ? spec name ? | 16:18 |
kees | stuff named $WHATEVER-m-$NAME is supposed to be automatically marked by the summit system into track $WHATEVER | 16:18 |
ttx | kees: first time I heard such a thing :) | 16:18 |
kees | anyway, thanks for fixing it. :) | 16:18 |
kees | ttx: hm, well maybe there is some quiet human doing it, but most of my BPs were already in the right track when I did scheduling. | 16:19 |
kees | and the rest lacked any track at all. | 16:19 |
ttx | kees: I suspect some quiet human interaction yes | 16:19 |
uvirtbot | New bug: #570648 in libubuntuone (main) "rhythmbox crashed with SIGSEGV in _nss_wins_gethostbyname_r() (dup-of: 529714)" [Medium,New] https://launchpad.net/bugs/570648 | 16:22 |
=== luis__lopez is now known as luis_lopez | ||
=== SpamapS is now known as clintb | ||
bondiblueos9 | after booting the 9.10 server cd and select rescue system, how can I get my tape drive into /dev ? | 17:11 |
bondiblueos9 | maybe I'll just start downloading the 10.04 cd to do a clean reinstall in the meantime | 17:14 |
AlexMax | I've just updated to ubuntu server 10.04. My IP Aliases aren't working anymore. What am I missing? http://bpaste.net/show/9lHotcyYnGQh7LaiuMPc/ | 17:33 |
AlexMax | Hrm, I added the netmask and it works....but restarting networking doesn't seem to bring them up automatically | 17:37 |
AlexMax | i still have to use ifup | 17:37 |
clintb | AlexMax: maybe 'auto eth0:0' ? I haven't tried aliases in lucid yet | 17:40 |
AlexMax | I have that | 17:40 |
clintb | I see 'auth eth0:0' | 17:40 |
clintb | mispelled? | 17:40 |
jiboumans | moring clintb | 17:47 |
=== oubiwann is now known as oubiwann_ | ||
SirDerigo_ | hello people, i just installed ubuntu 8.04 server edition, i ran apt-get upgrade, and it decided to download grub-pc, the problem is that when it is installing gives this error msg and dies: grub-probe: error: cannot find a GRUB drive for /dev/cciss/c0d0p1. | 18:10 |
SirDerigo_ | it is and hp proliant ml150G6 server | 18:11 |
pmatulis | SirDerigo_: sounds like we are pushing GRUB2 on people | 18:15 |
=== KB1JWQ is now known as MrPancake | ||
arthurjohnson | I'm not a big fan of grub2, the failcount thing scares me | 18:16 |
htc | anyone familiar with server 10.04 / cannot set static ip problem? | 18:16 |
pmatulis | htc: no, tell us about it | 18:17 |
htc | pmatulis, well i was in main there, but ok. | 18:18 |
htc | hm.. apparently my new host is incapable of setting a static network ip with server 10.04 | 18:18 |
htc | now this sounds rather redonculous to me, but i figured i'd check in and see if it was a bug, as i've seen a few vm's do this | 18:18 |
htc | vm images rather, build by some faulty humans i'm assuming, or more likely deployed by some faulty human logic that we dont need to check :)_ | 18:19 |
htc | any decently common nic's not included these days? some odd realtek or so? but something that would still have very large scale sales.. say the odd desktop board? | 18:20 |
pmatulis | htc: seems good over here | 18:26 |
htc | hm, depressing... i might have to teach this guy to host then. thx for the input | 18:27 |
pmatulis | htc: maybe get more details at the very least | 18:28 |
bondiblueos9 | I often boot up my system without some drives connected; after upgrading to 10.04, I have a prompt that tells me they are not present and wants me to wait or press a key to continue; how can I disable this prompt (as though I hit S to skip) | 18:28 |
htc | pmatulis, wish i could :P | 18:28 |
pmatulis | bondiblueos9: you've changed your nick. i believe we've gone over this | 18:29 |
bondiblueos9 | pmataulis: this is the first time I've gotten an answer about it, though I have asked a couple times the past couple days in #ubuntu | 18:30 |
htc | that was only with 64bit host/vm's btw | 18:30 |
bondiblueos9 | pmatulis: but it was with this nick | 18:30 |
htc | ttyl o/ | 18:30 |
pmatulis | htc: ok, i've just tested with 64-bit lucid server (kvm guest) | 18:31 |
federico | hi, I want to login via ssh to an UEC instance with credentials that I've downloaded from the firefox | 18:31 |
htc | pmatulis, and let me guess, its fine :P | 18:31 |
pmatulis | htc: yeah, like i said before | 18:31 |
htc | i dont doubt YOUR competence | 18:31 |
htc | :) | 18:31 |
federico | What I have to do? | 18:31 |
htc | nor mine - unfortunately no real-time connection to host, so lame | 18:31 |
htc | but cheap heh | 18:31 |
htc | l8 and thx again m8 | 18:31 |
pmatulis | bondiblueos9: ok, your nick is getting truncated, looked different | 18:32 |
federico | hi, I want to login via ssh to an UEC instance with credentials that I've downloaded from the firefox | 18:33 |
neverblue | ok, in attempting to setup eth0, statically, I need to enter a search domain, what is that going to be, the address of my router? | 18:37 |
pmatulis | neverblue: no | 18:38 |
neverblue | i setup the IP, mask and gateway, and the DNS Server, but no idea on what to set the Search domain to | 18:39 |
pmatulis | neverblue: it should be optional but if it's not just put in your local domain name (ex: 'example.com') | 18:39 |
neverblue | and I am unable to get outside my netwoek | 18:39 |
bondiblueos9 | pmatulis: do you have a quick tip to bypass this prompt? or can you at least point me in the right direction to search for the answer? | 18:40 |
pmatulis | bondiblueos9: what kind of device again? usb or sata | 18:41 |
bondiblueos9 | sata, ide, and firewire; all of them prompt unless I remove them from the fstab | 18:41 |
pmatulis | bondiblueos9: what kind of device is troubling you? | 18:42 |
=== RoAk is now known as RoAkSoAx | ||
neverblue | ok, something else is messed | 18:43 |
neverblue | cannot get online at all | 18:43 |
chasmanrors__ | New to list, How do I move my setup to better hardware? Do I need to reinstall everything? | 18:43 |
bondiblueos9 | pmatulis: external firewire drives if they are not turned on at boot time, and internal sata drives if they are disconnected at boot time | 18:43 |
pmatulis | bondiblueos9: try the 'nofail' option in /etc/fstab | 18:47 |
federico | alguien habla espanol, porque quiero preguntar algo de una traduccion | 18:48 |
mathiaz | bdmurray: hi - could you investigate why http://qa.ubuntu.com/reports/ubuntu-server-team/fixedbugs.ubuntu-server.2010-05-03.html is empty? | 18:50 |
mathiaz | bdmurray: running the script from a lucid chroot works correctly | 18:50 |
bdmurray | mathiaz: of course, thanks for letting me know | 18:50 |
federico | hi, I don't undestand this sentence(I'm learning english), * Source eucarc script to make sure that the environmental variables used by euca2ools are set properly. To validate that the euca2ools are able to communicate with the UEC, try fetching the local cluster availability details. | 18:51 |
federico | $ . ~/.euca/eucarc | 18:51 |
federico | what . ~/.euca/eucarc does? | 18:51 |
pmatulis | federico: "sources" the specified file | 18:52 |
Alan | Hmmm, things like VirtualBox are pulling in a crapload more on Lucid than they used to on Intrepid, for the same VirtualBox repo and version | 18:53 |
Alan | Is this something to do with a change towards installing all recommended stuff instead of not? | 18:53 |
pmatulis | federico: usually used to import variables | 18:53 |
Alan | Because it's resulting in getting X for a server, which is pointless... | 18:53 |
federico | that copies to the enviroment variables of the sistem? | 18:54 |
pmatulis | Alan: isn't virtualbox a desktop application? | 18:54 |
Alan | pmatulis: it works for server too | 18:55 |
Alan | i swear it never used to pull in x11-common... | 18:55 |
pmatulis | federico: well, for your current user | 18:55 |
pmatulis | Alan: you're x forwarding it? | 18:56 |
Alan | hmm, on the other hand, i could probably use the new virtualisation stuff, since I actually have a virt-capable CPU now.... | 18:56 |
Alan | pmatulis: no | 18:56 |
federico | pmatulis: thanks | 18:56 |
Alan | i'm using the command-line VBoxManage etc. | 18:56 |
pmatulis | Alan: ok, so you can actually use vbox like that, good to know | 18:57 |
Alan | pmatulis: yup, been doing it for the last 8 months or so | 18:57 |
pmatulis | Alan: nice | 18:57 |
Alan | I might switch to using KVM stuff now though | 18:58 |
Alan | Previously i couldn't because my server hardware was too old to support hardware virt | 18:58 |
Alan | also, i think maybe having those extra deps won't be a problem | 18:59 |
Alan | prunes it a lot if i use --without-recommends | 18:59 |
ttx | mathiaz: in case there were any doubts, you should run the meeting | 19:00 |
Alan | pmatulis: my usecase is using a virtualised server so I can have a public-facing webserver that is somewhat isolated from my important data-carrying server | 19:00 |
mathiaz | ttx: ok | 19:00 |
bogeyd6- | I am getting a download request for application/x-httpd-php (in firefox) but it should be serving the php page instead. How do I go about fixing this? | 19:05 |
lenios | bogeyd6-, you should serve the page as html, not php | 19:06 |
bogeyd6- | lenios, please describe how to fix | 19:06 |
uvirtbot | New bug: #575303 in tomcat6 (main) "tomcat6 has two webapps/ directories" [Undecided,New] https://launchpad.net/bugs/575303 | 19:06 |
lenios | i don't remember where, but it's related to apache | 19:06 |
lenios | apache should serve the content as html mime type | 19:07 |
Alan | What is the suggested method for server virtualisation? | 19:08 |
jpds | Alan: KVM. | 19:08 |
Alan | jpds: are there any comprehensive guides on it? most of the stuff I find in the ubuntu wiki is patchy and for older versions | 19:11 |
bogeyd6- | lenap_, turns out it is a firefox bug | 19:11 |
Alan | and is it still necessary to screw around with bridging manually? | 19:11 |
bogeyd6- | lenios, turns out it was a firefox bug | 19:11 |
lenios | bogeyd6-, your apache is most certainly wrong too | 19:12 |
lenios | there should be no sign of php to the browser | 19:12 |
bogeyd6- | IE loads it fine | 19:12 |
bogeyd6- | clear the FF cache and it now loads fine too | 19:13 |
failover | Alan, setup kvm with ubuntu is not so difficult ! | 19:18 |
failover | but still need manually work ! | 19:18 |
Leblinux | Hello, anyone configured subversion on ubuntu-server? I have a problem with adding a group to to the svn group. | 19:19 |
failover | Alan, https://help.ubuntu.com/community/KVM is a good start ! | 19:19 |
=== luis__lopez is now known as luis_lopez | ||
oru_work | how do I login to mysql ? | 19:22 |
pmatulis | bondiblueos9: well? | 19:23 |
bondiblueos9 | pmatulis: I'm having other issues | 19:24 |
bondiblueos9 | pmatulis: that I thought I had fixed when I posed the question | 19:24 |
oru_work | ERROR 1046 (3D000): No database selected | 19:27 |
oru_work | how can I select a database ? | 19:27 |
pmatulis | oru_work: www.google.ca/search?sourceid=chrome&ie=UTF-8&q=mysql+how+can+I+select+a+database+%3F | 19:28 |
Alan | failover: yeah, i've been looking there, but I'm still not entirely sure what's going on :| | 19:32 |
Alan | trying out ubuntu-vm-builder right now | 19:32 |
oru_work | pmatulis, thanks | 19:32 |
failover | Alan, if you have doubts just ask for a explanation :) | 19:33 |
atomic__1 | ugh, anyone from the Netherlands? need to settle an argument here... | 19:36 |
=== oubiwann_ is now known as oubiwann | ||
hggdh | mathiaz: sorry, my reminder failed | 19:38 |
mathiaz | hggdh: no problem | 19:49 |
mathiaz | hggdh: it's the begining of the release cycle | 19:49 |
mathiaz | hggdh: and the meeting time has moved | 19:49 |
mathiaz | hggdh: did you have anything important to report? | 19:50 |
hggdh | mathiaz: no, nothing new | 19:56 |
hggdh | I will beef up the blueprints | 19:56 |
bdmurray | mathiaz: fixed | 19:56 |
mathiaz | bdmurray: great! -thanks | 19:57 |
failover | Hey, i'm using kvm with lucid, but i can't load the kvm-amd module, http://paste.pocoo.org/show/209864/ ! Someone know why ? | 20:18 |
smoser | failover, what does 'kvm-ok' say ? | 20:23 |
failover | smoser, kvm is disable in bios ! i'm working on this now ;) | 20:27 |
failover | but, tanks ! | 20:27 |
RoAkSoAx | kirkland, ping? | 20:33 |
smoser | kirkland is travelling to UDS RoAkSoAx | 20:34 |
RoAkSoAx | smoser, oh thought he was already there... thanks :) | 20:35 |
smoser | he told me he'd arrive Wednesday mornig | 20:35 |
halvors | Somone know a good hosting panel i can use on my server? Who manage and create new domains? | 20:36 |
RoAkSoAx | smoser, ok will have to wait for him until tomorrow then. thanks :) | 20:36 |
gregcoit | in lucid server, I'm seeing rsyslog Recommends logrotate, logrotate Depends fcron, fcron Recommends sysklogd but rsyslog and sysklogd conflict | 20:40 |
guntbert | gregcoit: are recommendations automatically installed? I think that is configurable somewhere | 20:42 |
gregcoit | guntbert: oh, that would be nice to be able to control | 20:42 |
guntbert | gregcoit: I found "Recommendations are standard installed with apt. This can be prevented using the switch --no-install-recommends" | 20:44 |
guntbert | gregcoit: it was on http://superuser.com/questions/70031/what-is-the-difference-between-recommended-and-suggested-packages-ubuntu | 20:45 |
bondiblueos9 | my boot fails after "init: plymouth-splash main process (xxx) terminated with status 1" | 20:45 |
gregcoit | guntbert: thank you! | 20:48 |
guntbert | gregcoit: you're welcome :-) | 20:49 |
=== rberger_ is now known as rberger | ||
uvirtbot | New bug: #575381 in bacula (main) "package bacula-director-mysql 5.0.1-1ubuntu1 failed to install/upgrade: le sous-processus script post-installation installé a retourné une erreur de sortie d'état 1" [Undecided,New] https://launchpad.net/bugs/575381 | 21:16 |
bondiblueos9 | pmatulis: thanks for your help; I never got that prompt again, but it was probably because the system hung on boot when the drives weren't connected, heh; I ended up putting noauto in fstab, so it works, I just have to mount manually every time | 21:17 |
uvirtbot | New bug: #575387 in chkrootkit (main) "support excludes in the sniffer test" [Undecided,New] https://launchpad.net/bugs/575387 | 21:27 |
kirkland | RoAkSoAx: here, briefly | 21:28 |
kirkland | RoAkSoAx: whats up? | 21:28 |
Pirate_Hunter | any python programmers can help me with this bug found in denyhosts - http://sourceforge.net/tracker/index.php?func=detail&aid=2898723&group_id=131204&atid=720419 looking for a fix as the edit in line 47 doesn't fix the problem and python 2.6 is intalled in ubuntu 10.04 | 21:39 |
dvheumen | hi, is there anyone who can help me with my ticket refreshing issues that winbindd has. I have this thing where, after rebooting the Windows server, winbindd loses access to the server and consequently can't check access for users accessing its samba file shares | 21:42 |
dvheumen | I have searched on the internet via google and such, but I keep getting the same settings that simply do not seem to do the job in my case. | 21:44 |
dvheumen | And I'd like to know where exactly the error occurs because 'wbinfo -t' keeps failing, and I'm wondering why | 21:45 |
dvheumen | or how to force a ticket refresh from winbind | 21:45 |
dvheumen | the server is Windows SBS 2008 | 21:48 |
storrgie | cclausen: You around? I have some questions regarding the network config we worked on on sunday | 21:49 |
cclausen | storrgie: I am sort-of here | 21:59 |
cclausen | I'm at work, so if I go afk I have actual work happening | 21:59 |
pwnguin | !webmin | 22:03 |
ubottu | webmin is no longer supported in Debian and Ubuntu. It is not compatible with the way that Ubuntu packages handle configuration files, and is likely to cause unexpected issues with your system. See !ebox instead. | 22:03 |
plavcik | hello, I had intention to upgrade my old ubuntu server LTS (8.04?) to 10.04 LTS, I did firstly apt-get update && apt-get upgrade, but during reboot, I'm can't boot again even with old kernel and getting busybox | 22:04 |
viezerd | !ebox | 22:05 |
ubottu | ebox is a web-based GUI interface for administering a server. It is designed to work with Ubuntu/Debian style configuration management. See https://help.ubuntu.com/community/eBox | 22:05 |
cclausen | plavcik: you be upgrading using do-release-upgrade, not directly using apt like that. | 22:05 |
plavcik | that's option on live CD? | 22:06 |
cclausen | plavcik: you should do the upgrade from the existing system. I'm not sure what happened nor how to recover your current system. Maybe try reinstalling grub or something? Do you get any additional information? Or do you just end up in busybox? | 22:07 |
plavcik | mounting /dev/sda2 on /root failed: No such devices (I noted udev upgrade, may be its related) | 22:08 |
plavcik | grub is ok, sda is not recognised anymore (SCSI) | 22:09 |
plavcik | /root/dev on /dev/.static/dev failed | 22:09 |
pwnguin | ok, so why exactly is webmin bad? | 22:10 |
viezerd | someone told me (onces) webmin might be insecure | 22:13 |
cclausen | viezerd: in general anything that makes administration easier for you, makes it easier for an attacker as well | 22:14 |
pwnguin | well then | 22:15 |
pwnguin | better throw out ebox! | 22:15 |
cclausen | pwnguin: wedmin doesn't follow Debian/Ubuntu policy for config file updates and doesn't use apt correctly to install packages | 22:15 |
cclausen | yeah, I'd consider that insecure as well | 22:15 |
pwnguin | cclausen: which policy does it violate? | 22:15 |
pwnguin | it wasnt dropped from debian for violation | 22:15 |
cclausen | if you want secure management, I'd setup single sign on with Kerberos and possibly use remctl | 22:15 |
cclausen | pwnguin: I think not using pat would be a policy violation in itself. | 22:16 |
cclausen | err, apt | 22:16 |
pwnguin | all i want really is for a specific user to be able to reboot apache. not concerned about package installation | 22:17 |
cclausen | remctld can do that | 22:17 |
cclausen | you could setup: remctl <host> invoke-rc.d apache2 restart | 22:18 |
pwnguin | you're assuming specific user is capable of dealing with remctl | 22:18 |
cclausen | or do the same thing with sudo and a forced SSH command | 22:18 |
pwnguin | and not say, a professor of interactive media | 22:18 |
cclausen | you can make a button that they click call the correct command from their computer | 22:18 |
cclausen | or do they need to be able to do this from anywhere in the world? | 22:18 |
pwnguin | well, the last ticket came in on friday at midnight | 22:20 |
pwnguin | campus closes at midnight | 22:20 |
pwnguin | so i assume they were not actually on campus | 22:20 |
cclausen | well, allowing login from untrsuted systems is its own problems | 22:21 |
cclausen | again, if its easy for end users, its easy for attackers | 22:21 |
pwnguin | who might what | 22:21 |
pwnguin | reboot the server | 22:21 |
pwnguin | i think im sticking with my reboot every 30 plan | 22:21 |
cclausen | buffer overflow -> root access | 22:21 |
cclausen | just run invoke-rc.d apache2 reload from cron every 30 minutes | 22:22 |
pwnguin | right | 22:22 |
cclausen | unless you actually need to stop and restart | 22:22 |
cclausen | hmm | 22:22 |
cclausen | actually | 22:22 |
pwnguin | probably restart graceful | 22:22 |
cclausen | why does apache need to be restarted in the first place? | 22:22 |
pwnguin | i dont know | 22:22 |
pwnguin | because he's breaking wordpress | 22:22 |
cclausen | invoke-rc.d reload does a apache2ctl graceful | 22:22 |
cclausen | breaking it how? | 22:22 |
cclausen | and how does restarting apache fix that? | 22:23 |
pwnguin | so lets start there: we're running wordpress. anything security related you want to address has to be more scary than that | 22:23 |
cclausen | yeah, true | 22:23 |
cclausen | I'd run wordpress under mod_Fcgid | 22:23 |
cclausen | and actually, I DO run wordpress under mod_Fcgid :-) | 22:23 |
pwnguin | he installed some wp plugin | 22:23 |
cclausen | oh, I see | 22:24 |
cclausen | you are using mod_php | 22:24 |
pwnguin | and when i came in on sat, his wp install was broken | 22:24 |
cclausen | yeah, the fcgid stuff can be restarted per app instead of per-server | 22:24 |
pwnguin | interesting | 22:24 |
cclausen | just pkill -9 php5-cgi as the wordpress user | 22:24 |
cclausen | or if wordpress the only thing running on here? | 22:24 |
cclausen | e.g. is it his server? | 22:24 |
cclausen | if its just that user's stuff, go for ebox | 22:25 |
cclausen | if its a shared system, you probably can't do that... | 22:25 |
pwnguin | it's for him and his students | 22:25 |
storrgie | cclausen: I pmed you a dmesg file | 22:25 |
storrgie | you may share it with the group if it is necessary | 22:26 |
storrgie | I am the one who had that bridged interface to eth1 | 22:26 |
storrgie | and another interface to eth0 | 22:26 |
pwnguin | im willing to take him at face value when he says he can totally handle apache and mysql | 22:26 |
storrgie | we had some issues with gateway | 22:26 |
cclausen | pwnguin: sounds like ebox could work for that. as the prefessor if he thinks the risk is ok | 22:26 |
pwnguin | cclausen: he's already asking for 'phpmyadmin or similar software' | 22:26 |
storrgie | pwnguin: use webmin? | 22:27 |
pwnguin | heh | 22:27 |
pwnguin | and the circle is complete! | 22:27 |
jpds | !webmin | 22:27 |
ubottu | webmin is no longer supported in Debian and Ubuntu. It is not compatible with the way that Ubuntu packages handle configuration files, and is likely to cause unexpected issues with your system. See !ebox instead. | 22:27 |
storrgie | yes it has issues, especially as the ubuntu distro changes over to things like upstart | 22:28 |
storrgie | jpds: is there alternatives? | 22:28 |
storrgie | sometimes it is very nice to see all the options, instead of config file madness | 22:28 |
cclausen | storrgie: did you read that message that said to see !ebox ? | 22:28 |
* clintb never liked webmin even when he was a padawan learner sysadmin .. | 22:28 | |
storrgie | ahh I didnt | 22:28 |
storrgie | sorry | 22:29 |
cclausen | :-) | 22:29 |
clintb | !ebox | 22:29 |
ubottu | ebox is a web-based GUI interface for administering a server. It is designed to work with Ubuntu/Debian style configuration management. See https://help.ubuntu.com/community/eBox | 22:29 |
storrgie | cclausen: if you have some time | 22:29 |
storrgie | cclausen: having some werid stuff with that network configuration | 22:29 |
cclausen | storrgie: I'm not sure what I'm looking at here? | 22:29 |
storrgie | well ok | 22:29 |
storrgie | eth0 is still connected | 22:29 |
storrgie | but no route to outside world | 22:29 |
storrgie | only internal network | 22:29 |
cclausen | storrgie: pastebin ipconfig -a | 22:30 |
cclausen | and netstat -r | 22:30 |
storrgie | one moment | 22:31 |
storrgie | http://pastebin.com/2tXLiFxh | 22:31 |
storrgie | http://pastebin.com/U9G5R2Py | 22:32 |
storrgie | cclausen: i am a little confused about the vnet interfaces | 22:33 |
storrgie | I think kvm is making those | 22:33 |
storrgie | I would prefer it didnt | 22:33 |
storrgie | and just left me with eth0, eth1 and br0 | 22:33 |
RickyWh1 | is hardy heron considered too old? | 22:35 |
cclausen | RickyWh1: for servers, hardy will be supported for 5 years from release, so there are still 3 years of support | 22:36 |
cclausen | RickyWh1: I still have servers running dapper | 22:36 |
RickyWh1 | is it rock solid? | 22:36 |
storrgie | RickyWh1: thats qualitative, we are dealing with deterministic machines | 22:36 |
cclausen | RickyWh1: depends what you mean by that. | 22:36 |
RickyWh1 | i'm interested in running an amazon ec2 instance that runs ubuntu server, any recommended AMIs? | 22:37 |
cclausen | storrgie: br0 and eth1 have the same IP address. that looks wrong | 22:37 |
storrgie | br0 is bridged to eth1 | 22:37 |
storrgie | lemme send my ifconfig | 22:37 |
cclausen | you did | 22:38 |
storrgie | i meant my /etc/network/interfaces | 22:38 |
storrgie | apologies | 22:38 |
storrgie | http://pastebin.com/MhpYh6V1 | 22:38 |
cclausen | try giving the br0 interface .4, if its available on the laptop | 22:39 |
storrgie | ? | 22:39 |
storrgie | on the laptop? | 22:39 |
storrgie | i'm confused | 22:39 |
cclausen | storrgie: on whatever machine you sent where br0 and eth1 are both .3 | 22:42 |
cclausen | sorry, I assume it was a laptop | 22:43 |
storrgie | ahh its my server | 22:43 |
storrgie | so wait | 22:43 |
cclausen | I am probably wrong | 22:43 |
cclausen | yeah, ok | 22:43 |
storrgie | i;m a little confused | 22:43 |
storrgie | if you look at my interfaces | 22:43 |
storrgie | eth1 is set manual | 22:43 |
storrgie | but has it all commented out | 22:43 |
cclausen | oh, I see | 22:43 |
cclausen | it is commented out | 22:43 |
storrgie | yeah so... this is the way ubuntu docs said to do a bridge | 22:43 |
cclausen | I guess I am confused why it shows up in ifconfig with the same IP then | 22:43 |
cclausen | maybe that is how it is supposed to work | 22:44 |
storrgie | but something about this config is making eth0 not route to the outside world | 22:44 |
Pirate_Hunter | anyone care to help me with this daemon message - ubuntu mdadm[1655]: DeviceDisappeared event detected on md device /dev/md1, component device Wrong-Level - checked online and got nada, this is on lucid with raid0+lvm | 22:44 |
cclausen | storrgie: did you paste netstat -r ? | 22:44 |
cclausen | yes you did | 22:45 |
cclausen | see that you have TWO default routers | 22:45 |
cclausen | that is the problem | 22:45 |
storrgie | ? | 22:45 |
storrgie | whaaa? | 22:45 |
cclausen | I'm not sure how that happened, but if you figure it out and just get one default route, I bet it will start working | 22:45 |
storrgie | hrm well | 22:45 |
cclausen | storrgie: "default" in the netstat -r output | 22:45 |
storrgie | I'm noteven sure where to start | 22:46 |
cclausen | storrgie: there shouldn't be two of them | 22:46 |
storrgie | I don't know much about networking | 22:46 |
storrgie | haha | 22:46 |
RickyWh1 | what package manager does ubuntu use? | 22:46 |
cclausen | storrgie: try downing the br0 interface and see if it starts working | 22:46 |
storrgie | aptitude | 22:46 |
RickyWh1 | ahh sweet | 22:46 |
storrgie | RickyWh1: aptitude, apt-get | 22:46 |
storrgie | RickyWh1: what distro are you from? | 22:46 |
cclausen | RickyWh1: apt and aptitude is the command line interface to it. I believe synaptic is the GUI | 22:46 |
storrgie | cclausen: sorry for being so newb, what is best way to down interface? | 22:46 |
storrgie | sudo ifdown br0? | 22:46 |
cclausen | storrgie: that should work. I use ifconfig br0 down, but I am old school | 22:47 |
Pirate_Hunter | never mind found it here http://man-wiki.net/index.php/8:mdadm apparently raid0 can't be monitored :p | 22:47 |
cclausen | Pirate_Hunter: basically if it goes down, it IS down | 22:47 |
cclausen | and you would know b/c its broken :-) | 22:47 |
storrgie | took it down | 22:47 |
storrgie | netstat is same | 22:47 |
cclausen | storrgie: hmm | 22:47 |
storrgie | cept no br0 line | 22:48 |
storrgie | maybe a gateway in the br0 config? | 22:48 |
cclausen | storrgie: can you safely run /etc/init.d/networking restart ? | 22:48 |
Pirate_Hunter | cclausen yup and its bye bye everything | 22:48 |
cclausen | storrgie: looks like you had the gateway commented out, except for eth0 ? | 22:48 |
storrgie | cclausen: yep i can | 22:48 |
storrgie | yep | 22:48 |
storrgie | cept for eth0 | 22:48 |
cclausen | storrgie: that should be the only thing adding a default route then | 22:48 |
storrgie | Pirate_Hunter: any other messages around that pirate hunter? | 22:48 |
storrgie | like ata messages? | 22:49 |
cclausen | storrgie: or dose the bridge_up rule do something funky with routing? | 22:49 |
storrgie | I have no idea on that... | 22:49 |
storrgie | I am new to bridging... | 22:49 |
storrgie | server is down hard.... | 22:50 |
storrgie | no network now | 22:50 |
storrgie | with the gateway on br0 | 22:50 |
storrgie | lemme run down to the basement and log in via tty | 22:50 |
storrgie | brb | 22:50 |
Pirate_Hunter | storrgie, nope it is as cclausen stated if it goes down I will know straight away as I will lose everything, hopefully before that happens the other machine will be ready | 22:50 |
clintb | jiboumans: belated "good afternoon" :) | 22:52 |
plavcik | cclausen: I used ubuntu server CD / selected recovery, then fdisk -l /sda and noticed, that root shall be sda3 not sda2, I don't understant, how grub-update get confused and putted sda2 to menu.lst (now I'm back, the system is 6.06.02 LTS) | 23:08 |
cclausen | plavcik: upgrading directly from dapper to lucid is not supported. is that what you did? | 23:12 |
plavcik | not, I did last apt-get update && apt-get upgrade before going to study, how to upgrade | 23:15 |
plavcik | how to dist-upgrade | 23:16 |
plavcik | what is the recommendet/supported path? | 23:16 |
cclausen | plavcik: you need to use do-release-upgrade to go hardy first | 23:20 |
cclausen | and then reboot | 23:20 |
cclausen | and then go to lucid from there | 23:20 |
plavcik | is do-release-upgrade part of upgrade-manager-core? this package is seen by apt | 23:21 |
cclausen | yes | 23:21 |
cclausen | oh, right. I don't think that dapper has that installed by default | 23:22 |
plavcik | the upgrade-manager-core package even not exist | 23:22 |
cclausen | there is a work-around | 23:23 |
cclausen | hold on... let me find the upgrade notes for dapper -> hardy | 23:23 |
cclausen | https://help.ubuntu.com/community/HardyUpgrades | 23:24 |
cclausen | 1.Enable the "dapper-updates" repository | 23:25 |
cclausen | 2.Install the new "update-manager-core" package | 23:25 |
cclausen | 3.Run "sudo do-release-upgrade" | 23:25 |
cclausen | also read the "Troubleshooting" section | 23:25 |
plavcik | cclausen: thx, will follow that | 23:25 |
plavcik | cclausen: i see, I did typo, package update-manager-core exist, I wrote upgrade-manager-core :( | 23:30 |
cclausen | ah, ok | 23:32 |
storrgie | cclausen: server wont boot..... | 23:34 |
storrgie | cclausen: I did a reboot just to make sure everything would come up alright | 23:34 |
storrgie | its been rebooted multiple times over the last 2 days | 23:34 |
storrgie | now it says something along the lines of: | 23:34 |
storrgie | lemme dredge it up | 23:35 |
storrgie | https://bugs.launchpad.net/upstart/+bug/522197 | 23:35 |
uvirtbot | Launchpad bug 522197 in upstart "init: shouldn't log a warning/error when a job fails with a status in "normal exit"" [Low,Triaged] | 23:35 |
storrgie | there I posted at the bottom | 23:36 |
storrgie | I dont know what the issue is | 23:36 |
storrgie | i dont know how to fix it | 23:36 |
storrgie | I fear I have to re-install tonight | 23:36 |
storrgie | so i can even use my system in the coming days | 23:36 |
storrgie | getthing this in terminal: | 23:38 |
storrgie | init:ureadahead-other main process (1004) terminated with status 4 | 23:38 |
storrgie | and cannot boot | 23:38 |
storrgie | wont boot beyond that point | 23:38 |
storrgie | anybody?! | 23:41 |
dominicdinada | !bcm440x | 23:51 |
dominicdinada | !bcm | 23:51 |
ubottu | Wireless documentation can be found at https://help.ubuntu.com/community/WifiDocs | 23:51 |
dominicdinada | !bcm 44 | 23:51 |
dominicdinada | Hi, Does anybody know about the Broadcom 440x NIC ? Which drivers are needed. I have my Winblows drivers but somehow I doubt they will work | 23:53 |
dominicdinada | The only documentation I can google refers to the BCM440x chipset and wireless always shows up however it is not a wireless | 23:55 |
Generated by irclog2html.py 2.7 by Marius Gedminas - find it at mg.pov.lt!