/srv/irclogs.ubuntu.com/2010/05/14/#ubuntu-server.txt

theacolyte	WhatI've found in 10.04 is if you do anything that interferes with the boot process, like in my instance, incorrectly adding an IP to a network interface, and you reboot	00:04
theacolyte	You can't boot anymore	00:04
theacolyte	Not to sound unconstructive, but that seems pretty awful to me	00:04
theacolyte	And now I can't get into single user mode to fix it	00:04
theacolyte	So I'd be more than glad ffor some suggestions.	00:05
theacolyte	wonderful	00:08
theacolyte	How do I access the drive on my ubutnu server if I can't boot?	00:30
theacolyte	I need to edit /etc/network	00:30
theacolyte	since apparently that broke it	00:30
Smeh	ok, in bug reports / install guides etc for 10.04 i keep coming across people refering to choosing "advanced" at the end of the installer where you can choose / check what drive grub is going to be installed to	01:59
Smeh	but don't see any evidence of any advanced option myself? :\|	02:00
Smeh	also, on a tangentially related note, say i'm aiming for a LAMP server with x-windows gui, which makes more sense	02:03
Smeh	starting with server and installing X, or using desktop and installing the lamp services?	02:03
=== twister_ is now known as twister
=== twister_ is now known as twister
pmatulis	Smeh: if your desktop environment will be GNOME i would choose the latter	02:10
Smeh	probably will be gnome	02:15
STF	hi	03:12
STF	i running my ubuntu-server on a Laptop, without x11, and now i'm looking for a way to shutdown the backlight of my screen, cause i administrat my server about ssh from another machine	03:13
qman__	closing the lid usually does the trick	03:39
RickyWh1	is it easy to switch out apache2 for cherokee ?	03:42
RickyWh1	is there some way I can test my apache server to find out how many requests it can handle before it gets overloaded?	03:46
=== gospch_ is now known as gospch
fbc-mx	does anyone know of a condition that would make everything even your root disappear then mysteriously come back after a reboot? ex."-bash: /bin/ls: Input/output error"	03:51
fbc-mx	a	03:56
gkahla	is hald enabled by default on ubuntu server 10.4?	03:59
deslector	hi, what is the best way to run iFolder on Ubuntu?	04:01
lord_koala	Hi everyone: dmesg \| grep wlan0 gives me wlan0: cannot get RID fd42 (len=6) - no PRI f/w ... I am trying to connect with my prism 2.5 chip wi-fi card. ifconfig only shows eth0 and lo. I tried to load some firmware to /etc/network/ınterfaces for prısm 2.5 and no luck. lspci -v shows I have my network card ıs prısm 2.5. Any help is appreciated. thanks.	04:09
lord_koala	I am running hardy 8.04 server edition.	04:09
acerimmer	When running Virtual Box on ubuntu server, how do I network connect to the virtual machine?	04:10
f1yback	if it's in bridge mode	04:34
f1yback	just like any other real box on your lan acerimmer	04:34
acerimmer	f1yback: ah. thank you. gottago and try it	04:38
f1yback	smoke me a kipper	04:38
RickyWh1	which file to I edit to top apache2 web server from loading up?	04:47
acerimmer	f1yback: whattaguy!	04:52
f1yback	heheh	04:53
chrismsnz	hey guys, i'm installing security updates on my server	05:18
chrismsnz	is there a command that will show me a changelog for the affected packages before i install them?	05:18
cleary	hi folks, I'm setting up a ppa for the first time, dput is failing with a connection refused error, and I cannot ftp directly to ppa.launchpad.net from multiple connections (none of which are firewalled)	05:19
cleary	I'm assuming there is a service outage, but just wanted to confirm before I spend any more time on it	05:20
cleary	chrismsnz: try aptitude changelog <package>	05:22
chrismsnz	cheers cleary _b	05:25
chrismsnz	it's a good start	05:26
enav	hello im new to this.... i want to set up a vsftpd server with multiple virtual user usin PAM authentication... i got a good guide but it use a weak password authentication i mean just password uptu 8 character... i want something stronger... give some web site or guide pleas	05:42
=== twister__ is now known as twister
uvirtbot	New bug: #580319 in dhcp3 (main) "dhcp3-server launches before upstart brings all interface, thus failing to start" [Undecided,New] https://launchpad.net/bugs/580319	06:11
qman__	enav, there's not much point to using strong passwords with FTP because it's a clear text protocol	06:13
enav	yeah yeah im reading something like you said.... :S	06:13
qman__	you CAN, but you're still shouting them out for the world to see	06:14
enav	you are right ftp with password is just to preven noob hackers	06:18
rahman	Hi, I have setup a mail server with postfix + dovecot + squirrelmail. Here is my main.cf file: http://pastebin.com/2Uw64vTh	07:03
rahman	I ave a problem, I can send email to aaaa@rahmanduran.net from bbbb@rahmanduran.net. But I can't send email from bbbb@rahmanduran.net to different domain like cccc@gmail.com.	07:03
rahman	I get a "Relay access denied" error from postfix	07:04
enav	virtual users and SFTP is possible???????	07:08
rahman	enav: can you explain more? I use virtual users, and have a table virtual_users in mysql	07:14
rahman	email accounts of my domain can receive email from diffrerent domains with success, btw	07:15
enav	can you make a new system user that have access to SFTP but is not allowed to use SSH, and limit this SFTp to one folder????	07:40
=== Guest8612 is now known as RoyK_wrk
qman__	enav, yes, look up sftponly and chrootdirectory in sshd configuration	09:03
qman__	this is a new feature as of ~9.10 IIRC	09:03
uvirtbot	New bug: #580375 in mysql-dfsg-5.1 (main) "package mysql-server-5.1 5.1.41-3ubuntu12 failed to install/upgrade: Package is in a very bad inconsistent state - you should reinstall it before attempting a removal. cant stop mysql server to reinstall it" [Undecided,New] https://launchpad.net/bugs/580375	09:12
realV	hi to all	09:21
realV	I'm trying to setup an high availability system, really simple (account, ftp, file sharing, mail), with a pair of servers, one principal and one "backup", that switch on in case of failure.	09:24
realV	i've looked for UEC, but is really too big for my little infrastructure	09:24
realV	drbd for sync data is a good solution, but there are too much ways.	09:26
enav	my head is going to blow UP!!!!!!!!!!!! this article say that Now alice can use SFTP to read from and write to her ~/public_html/ directory, but can't use OpenSSH to get a shell, nor even to read files outside of ~/public_html. ......... but is a lie i can see and change all system folders.... what im doing wrong	09:35
enav	ups this is the article http://is.gd/c8uMy	09:35
=== lord_koala_ is now known as lord_koala
juanjoA	Hello, how I can remove the configuration of raid on 2 hd. I delete all partitions but when I reinstall, partman recognises old distribution of raid ...	10:14
juanjoA	maybe MBR	10:14
realV	you can use dd on the device	10:15
realV	if you have /dev/sda, you can remove mbr with 'dd if=/dev/zero of=/dev/sda bs=512 count=1'	10:16
realV	keep in mind that all the data will be lost	10:17
juanjoA	realv: ok, thx, I will probe this	10:18
juanjoA	Is there a ubuntu 10.04 server guide on PDF?	10:22
sommer	jussi: I don't think there is at the moment, but there may be in the near future... I think there was an issue in generating the Lucid pdf.	10:27
Jeeves_	An issue creating a pdf? :)	10:28
jussi	hrrr	10:28
sommer	well automatically creating a pdf	10:28
uvirtbot	New bug: #580424 in libpam-ldap (main) "package libpam-ldap 184-8.2ubuntu1 failed to install/upgrade: " [Undecided,New] https://launchpad.net/bugs/580424	11:01
RoAkSoAx	kirkland, by any chance do you have a copy of the testdrive gobby doc? Cause its gone from gobby :S :/	11:46
kirkland	RoAkSoAx: crap ....	11:47
kirkland	RoAkSoAx: i didn't copy it to the blueprint :-(	11:48
RoAkSoAx	kirkland, neither do I :S. Hopefully someone else saved it :/	11:49
kirkland	RoAkSoAx: you should /join #testdrive	11:49
_chris_	is it usual for apache2 to have about 10procs running ?	12:00
guntbert	_chris_: yes, they are running in because starting a new process takes "a lot" of time	12:01
guntbert	*running because ...	12:01
RoyK	_chris_: see StartServers/MinSpareServers/MaxSpareServers	12:02
RoyK	in apache.conf	12:02
RoyK	apache2.conf	12:02
_chris_	ah okay	12:03
_chris_	5/5/10	12:03
guntbert	_chris_: if you don't expect many requests on you server you can reduce those values	12:06
_chris_	guntbert: ok, thanks :)	12:08
musimar	hello I have a problem with my email server	12:38
musimar	I can send emails in local but not outside	12:39
musimar	http://paste.debian.net/73252/	12:39
musimar	this is the paste of the end of my /etc/postfix.cain.conf	12:40
musimar	main*	12:40
guntbert	musimar: why do you need a public smtp server?	12:40
musimar	because the server is at home	12:41
guntbert	musimar: no, my question was: why does it have to be public? why not just (for learning ) confined to your private network?	12:42
musimar	hummmm	12:42
musimar	don't know ;-)	12:42
musimar	it's better to send emails outside no?	12:42
musimar	:-D	12:43
guntbert	musimar: if you don't "really know what you are doing" don't run an smtp server with access to/from the internet - it can get you in troubles rather quickly (google for "open mail relay")	12:44
dwight	Hola, I'm wondering what is the easiest way to recover the default apache ports.conf file for ubuntu 10.4... am I likely to find it on the wiki, community docs, or is there an aptitude command I can use to revert?	12:56
jpds	dwight: Consider using etckeeper. :)	12:57
dwight	etckeeper looks like a nice solution!	12:58
dwight	but won't help me out of the current jam.	12:59
_chris_	heja. having a small issue. i have an ubuntu-server in our firms network. before it was set to dhcp and i could access the webpage per servers hostname. now we gave it a fix ip adress and since then its not possible anymore to reach the website per the servers hostname, always have to enter the ip adress instead. maybe anyone has an idea ?	13:10
_chris_	well its not only the webpage, he isnt reachable by its hostname in any way. may it be putty, a ping or whatever	13:11
egsome	Is there any Application that helps making my Ubuntu-Server a Router for my Office ?	13:27
cloakable	egsome: ipmasq	13:29
egsome	cloakable, Great, Thanks	13:31
cloakable	egsome: no problem	13:31
cloakable	egsome: if you want a more powerful solution, shorewall. but ipmasq will do the basics.	13:32
egsome	cloakable, Shorewall is to be installed on Ubuntu or as a distro ?	13:33
cloakable	egsome: shorewall is a program. it's in the ubuntu repo	13:33
egsome	cloakable, good	13:34
cloakable	egsome: but it isn't a fire-and-forget solution like ipmasq... it needs configuring.	13:35
egsome	cloakable, What do you recommend for me ? i only need the server to act as router, i need to restrict web access to some sites, and do more like that jobs	13:36
cloakable	egsome: hmmm. not sure. I don't know how to restrict access	13:37
egsome	cloakable, no problem, but generally what do you recommend ? and access restrict and suck jobs are done by iptables, no problems	13:38
cloakable	egsome: sounds more of a job for shorewall, it's more configurable than ipmasq	13:39
egsome	cloakable, OK Thanks, will look on it	13:40
RoyK	hi all. I have a package list from a 9.04 server - is there an easy way to install all _existing_ packages from that list on a 10.04 box?	13:49
bogeyd6	RoyK, im not sure they would all be compatible	13:50
bogeyd6	you could just make the list into one big line of text and apt-get install <paste files>	13:50
RoyK	bogeyd6: that's the probem - but an upgrade works, only I don't want to install 9.04 and then upgrade	13:51
bogeyd6	hmm	13:51
bogeyd6	RoyK, did you download all of the dpkg files?	13:51
bogeyd6	or .debs	13:51
RoyK	no, I'm trying to apt-get install `cat list.txt`, but it halt if it finds an unknown package	13:52
RoyK	it'd be nice for those to be simply ignored	13:52
_chris_	heja. having a small issue. i have an ubuntu-server in our firms network. before it was set to dhcp and i could access the webpage per servers hostname. now we gave it a fix ip adress and since then its not possible anymore to reach the website per the servers hostname, always have to enter the ip adress instead. maybe anyone has an idea ?	13:54
cloakable	_chris_: you might want to add the server to your dns.	13:56
RoyK	erm... " rsyslog: Conflicts: linux-kernel-log-daemon" - wtf is this? rsyslog is installed, but I have no linux-kernel-log-daemon in my list	13:59
RoyK	klogd...	13:59
RoyK	got it	13:59
RoyK	http://pastebin.com/hCHtteKt	14:05
uvirtbot	New bug: #579274 in postfix (main) ""unknown job" trying to restart postfix" [Undecided,Invalid] https://launchpad.net/bugs/579274	14:08
axisys	failing to upgrade	14:11
axisys	http://pastie.org/private/9vlrulhrxx9a55pvahxpya	14:11
axisys	how do I change my repo ?	14:11
axisys	may be will have better luck w/ another repo	14:12
bogeyd6	axisys, edit /etc/apt/sources.list	14:12
bogeyd6	anl.gov is the fastest for most people	14:12
bogeyd6	sometimes down for maintenance	14:12
axisys	bogeyd6: it is not down.. i can talk to port 80	14:12
bogeyd6	also it looks like you fudged the sources.list file	14:12
bogeyd6	all of these are 404 messages	14:13
bogeyd6	axisys, pastebin your /etc/apt/sources.list	14:13
axisys	bogeyd6: ok	14:13
bogeyd6	file guinely doenst exist	14:14
bogeyd6	axisys, that file does exist in another mirror	14:15
axisys	bogeyd6: http://pastebin.com/znsKxZih	14:15
bogeyd6	axisys, looks ok to me	14:16
bogeyd6	prob just need to go ahead and switch to the ubuntu.cs.wisc.edu	14:17
=== thefish_email is now known as thefish
slipper1024	UEC CC CLC SC Walrus on 1st server	14:28
slipper1024	NC on 2nd and 3rd server	14:28
slipper1024	as per guide https://help.ubuntu.com/community/UEC/CDInstall	14:28
slipper1024	cant --discover-nodes	14:30
slipper1024	or --synckey	14:30
slipper1024	any ideas guys, Lucid 32bit	14:31
axisys	bogeyd6: so like this?	14:38
axisys	bogeyd6: sed 's/mirror.anl.gov/ubuntu.cs.wisc.edu/' /etc/apt/sources.list > /tmp/list; cp /tmp/list /etc/apt/sources.list ?	14:38
axisys	i backed it already	14:38
axisys	bogeyd6: or there is an elegant ubuntu tool there, like for desktop ?	14:39
axisys	bogeyd6: did just that.. lets see if do-release-upgrade works now	14:40
axisys	bogeyd6: you were right. noticibly slower	14:41
bogeyd6	kk	14:43
bogeyd6	axisys, anl.gov is the fastest for anyone in the midwest	14:43
jpds	mirror.anl.gov is awesome.	14:44
jpds	axisys: sed -i...; would save you the cp.	14:44
bogeyd6	axisys, they run an oc192 out of the argonne laboratory	14:45
bogeyd6	jpds, sorry, i meant they now run a dual oc192 out or argonne	14:49
jpds	bogeyd6: I know.	14:49
jpds	bogeyd6: I've spoken to the admins in the past before. :)	14:50
bogeyd6	i dont speak to them	14:52
bogeyd6	:)	14:52
bogeyd6	probably never would or have cause to	14:52
bogeyd6	but they are a public entity and as such everything they do is online	14:52
dinda	ivoks: ping	15:16
ivoks	dinda: pong :)	15:18
=== Owner_ is now known as wizardslovak
wizardslovak	hello people	15:47
wizardslovak	why is apache showing "index of.." instead of actual website?	15:47
cloakable	wizardslovak: Have you put a website into /var/www?	15:49
aoeuhtns	wizardslovak, probably because the "Indexes" option is on and there is no index document (index.html)	15:50
wizardslovak	i actually made folder with website name and put everything in it	15:50
wizardslovak	then in sites-available/website i changed document root to website flder	15:50
cloakable	wizardslovak: did you then do 'sudo a2ensite website'?	15:51
wizardslovak	oh no	15:51
wizardslovak	do i have to wrtie "a2ensite /etc/apache2/sites-available/website?	15:52
cloakable	No	15:52
wizardslovak	cause i am geting error "no site found matching	15:52
cloakable	wizardslovak: are you doing as root or regular user?	15:53
wizardslovak	root	15:53
wizardslovak	probably i did something wrong in sites-available/website conf	15:54
cloakable	Unlikely	15:55
wizardslovak	hmm	15:55
cloakable	what is the name of the file in sites-available?	15:56
wizardslovak	so whats the corrent command for a2ensite	15:56
wizardslovak	wizzy	15:56
cloakable	sudo a2ensite wizzy	15:56
wizardslovak	ok got it	16:00
wizardslovak	i forgot to put correct folder in "directory" ;) thank you people	16:00
wizardslovak	yea one more think	16:00
wizardslovak	can i connect usb printer and use it with CUPS in ubuntu?	16:01
ivoks	in ubuntu server?	16:02
ivoks	yes	16:02
Wack479	good morning!	16:03
wizardslovak	huh somehow when i connect usb printer i dont see it	16:05
Wack479	I am having issues with my 9.04 server running kernel 2.6.28-18-server. About 2-3 times a week my networking service has to be restarted. It happened again this morning and i got this in the kern.log http://pastebin.com/iHfL1DVL	16:06
axisys	bogeyd6: ubuntu.cs.wisc.edu is working .. no 404	16:08
axisys	bogeyd6: thanks for your help	16:08
iKb	is there a simple way to install php 5.2 on ubuntu server 10.04?	16:08
Wack479	ikb: apt-get?	16:09
iKb	apt-get install php 5.3	16:10
iKb	i need php 5.2	16:10
Wack479	oh ok sry	16:10
iKb	is apt-get pinning the only solution?	16:11
axisys	=pkg_version_number have you tried that?	16:12
axisys	iKb: ^	16:12
axisys	iKb: man apt-get will show you the syntax	16:12
iKb	axisys: there is no 5.2 version for 10.04	16:13
iKb	this is why i need pinning	16:14
wizardslovak	su	16:14
wizardslovak	thats weird	16:17
wizardslovak	http://pastebin.com/v08atfZ4	16:18
axisys	iKb: check man apt_preferences	16:20
iKb	axisys: this is for pinning no?	16:22
axisys	iKb: yes	16:22
stas_	hi, can somebody help me, I got an entry like this in aliases>test :include:/etc/postfix/lists/test and postfix appends @$mydomain to that entry each time a new mail is received. what Iam doing wrong?	16:42
uvirtbot	New bug: #580565 in dbconfig-common (main) "package dbconfig-common 1.8.44ubuntu1 failed to install/upgrade: subprocess installed post-installation script returned error exit status 1" [Undecided,New] https://launchpad.net/bugs/580565	16:47
Wack479	I am having issues with my 9.04 server running kernel 2.6.28-18-server. About 2-3 times a week my networking service has to be restarted. It happened again this morning and i got this in the kern.log http://pastebin.com/iHfL1DVL	16:56
wizardslovak	is there software in which i can connect with web browser to check status/traffic on server?	16:56
tannerb	Ok, I'm going slightly mad. I'm installing 10.4 on a new server using 4 750 GB drives. 2 of those I pulled out of an old server that was using some nvidia fakeraid. I fdisked the previously used discs to the partition table I want, but the ubuntu installer keeps wanting to activate the old raid configuration on those discs. Is there a place I'm not thinking of where that stuff would be hidden that fdisk wouldn't touch?	17:08
tannerb	My apologies if that's a silly question, but I can't think of where that configuration would be hidden after a whole new partition table had been written to the disk...MBR or some such? Have I gone entirely insane?	17:12
Bart_	I'm now running 2.6.32-22-generic-pae. How do I switch to the server kernel?	17:17
failover	Question about hardware requisites for a mail server, Lucid + Postix + MailScanner + SpamAssasim + Dovecot, 7k incoming mail , 4k outgoing mails, 800 users. Which should be the minimum hardware to run this setup ?	17:19
failover	a virtual machine with 1 GB of ram do the trick ?	17:20
ninjai	how do i set up phpmysqladmin? I downloaded it through apt-get but find no php page anywhere	17:38
uvirtbot	New bug: #580590 in squid (main) "Squid no longer uses $SQUID_MAXFD" [Undecided,New] https://launchpad.net/bugs/580590	17:41
AmokPaule	ninjai try to locate phpmyadmin then do a link to that folder	17:51
uvirtbot	New bug: #580611 in puppet (main) "variable scope problem" [Undecided,New] https://launchpad.net/bugs/580611	18:21
bkingx	Greetings! Quick question: a script that runs at startup is run under what user?	18:28
RoyK	root	18:31
bkingx	thanks RoyK	18:36
bkingx	Next question, trying to script some gpg decryption in that script and I am thinking it can't access the .gnupg folders/files.	18:37
bkingx	So how can a script at startup, running as root, can't access those files?	18:38
mr_daniel	I use ubuntu since 5.10; before I tried debian several times, which was a lot fun. I want to setup my first root server, both for fun but also to start building cool web apps with tools I like to use and without any limitations from web hosters; I am at a point where a simple LAMP configuration is not enough.	18:38
mr_daniel	but the problem is: I never owned a root server, and I don't know where to start?	18:39
mr_daniel	I hope you guys can give me some tips where I can start, maybe	18:40
mr_daniel	a good book	18:40
Hypnoz	mr_daniel: apt-get update && apt-get install apache2 && apt-get install mysql-server && apt-get install php5 && apt-get install phpmyadmin	18:40
mr_daniel	Hypnoz: :)	18:41
mr_daniel	wait, why not use aptitude?	18:41
Hypnoz	because aptitude takes longer to type than apt-get of course	18:41
Hypnoz	mr_daniel: after you've installed the LAMP stack, and have a more specific question, that might be good	18:43
Hypnoz	mr_daniel: just asking how to create a server that hosts a webpage is too broad, and something that should probably be googled for since it takes quite a few steps	18:43
mr_daniel	I guess you are right Hypnoz	18:44
Hypnoz	is "googled" a recognized verb of the english language yet?	18:45
Hypnoz	mr_daniel: really creating the web hosting server isn't the hard part. programming the site in php/javascript/etc is what takes skill	18:46
Hypnoz	mr_daniel: there are some frameworks that might be worth learning like cakephp or django	18:47
Hypnoz	mr_daniel: or maybe installing something like wordpress	18:47
Hypnoz	mr_daniel: something like wordpress would cut waaay down on the web programming aspect required	18:47
mr_daniel	I want to go further	18:48
mr_daniel	for example I want to build a web app with CoucDB, or with J2EE, and want to be prepared for high traffic, etc.	18:48
Hypnoz	mr_daniel: why couchdb instead of mysql?	18:51
mr_daniel	because I want to learn new things	18:51
mr_daniel	and CoudhDB is cool :) and sounds very interesting	18:52
Hypnoz	try django I got a friend that loves it, and its a very popular thing to put on a resume	18:52
Hypnoz	and you'd get to learn python too	18:52
mr_daniel	never used django, but I used python for a few things and I like the language	18:54
vkramar	I have some troubles enabling PHP in userdir on 10.04. Already tried both /etc/apache2/mods-enabled/php5.conf and /etc/apache2/conf.d/php-in-homedirs.conf ways as described on wiki, but no success. Can anybody point me right way?	19:02
RoyK	http://pastebin.com/hCHtteKt <-- fine, new box	19:03
storrgie	anyone using tomato firmware?	19:08
RoyK	what is that ?	19:08
storrgie	router firmware for wrt routers	19:08
vraa	storrgie, i use tomato firmware, i switched from dd-wrt becaue dd-wrt was too complicated	19:14
RoyK	how many cpus does linux support these days?	19:15
RoyK	256 or so?	19:15
storrgie	vraa: it seems that all of my traffic, when QoS is on I only get 10% thoroughput	19:15
vraa	maybe your qos settings are not correct? did you set your inbound and outbound speeds correctly? btw i dont think this is related to ubuntu-server :)	19:15
storrgie	vraa: I know its not related to ubuntu-server but tomato has ZERO irc community	19:16
vraa	RoyK can't you use BFS for more than 1000 core support?	19:16
storrgie	I cant find anyone to help me	19:16
vraa	:) try to double check your inbound/outbound maxes, also check how you are classifying your traffic	19:16
RoyK	vraa: http://en.wikipedia.org/wiki/Brain_Fuck_Scheduler?	19:16
vraa	yah	19:17
vraa	i believe it's designed more NUMA or something	19:17
RoyK	what a nice name :)	19:17
therian	is it any good?	19:17
vraa	if it ain't broke, dont fix it	19:22
vraa	in regards to "is it any good"	19:22
vraa	if you have 500 cores and things aren't working well, i'm sure BFS would be a viable thing to try out	19:22
vraa	but me, on my single core pIII laptop? i'll stick with whatever is default	19:22
RoyK	just installed this 16-core thing - it'll be interesting to see how the load is distributed when they start the models	19:23
vraa	dual 8core opteron right RoyK ?	19:24
RoyK	yes	19:24
RoyK	64 gigs of ram	19:24
RoyK	chewing volcanic ash transport models	19:24
RoyK	or simply particle transport models	19:25
enav	good morning	19:44
RoyK	good evening	19:45
aoeuhtns	good afternoon	19:45
therian	good afternoon	19:45
therian	fuck	19:45
aoeuhtns	:-)	19:45
therian	;p	19:45
RoyK	good localtime();	19:46
therian	lol	19:46
_3ies	Good morning, and in case I don't see ya, good afternoon, good evening, and good night!	19:48
therian	oh night	19:49
therian	i forgot that one	19:49
_3ies	:))))))))))))))))))))))))))))))))))))))))))))))))	19:49
_3ies	it is from the truman show	19:49
RoyK	http://karlsbakk.net/top-16.png	19:57
guntbert	!language \| therian	20:01
ubottu	therian: Please watch your language and topic to help keep this channel family friendly.	20:01
ziesemer_	I've been looking into denyhosts or fail2ban to help prevent some server attacks. Both appear to only work by parsing log outputs from /var/log/syslog, etc. Isn't there a more efficient method? I.E., is there a syslog "consumer" that can be used?	20:01
aoeuhtns	RoyK, 48GB of swap?!	20:01
RoyK	no, 16	20:01
therian	my bad	20:01
RoyK	but ubuntu 10.04 comes with this compcache thing, swapping to compressed memory	20:01
aoeuhtns	interesting	20:02
RoyK	planning to use some SSDs for the swap	20:03
RoyK	some of the models can use way more memory than the 4GB per core that's in there now	20:03
lolufail	hi	20:09
lolufail	!	20:09
lolufail	what does the "virtualsiation" checkbox during installation do? just that networkbridge?	20:10
=== twister_ is now known as twister
uvirtbot	New bug: #580674 in irqbalance (main) "Not stoppable/restartable via initctl" [Undecided,New] https://launchpad.net/bugs/580674	20:16
=== failover is now known as failover_no_blin
=== failover_no_blin is now known as failover_noblink
axisys	how do I install sun storage CAM (common array manager) in ubuntu ? i need to manage my sun storagetek 6140	20:37
=== twister_ is now known as twister
bluethundr_	I am trying to use standard networking tools like nslookup and dig on an 8.0.4 Hardy box... but they are curiously absent. what package installs these?	21:20
RoyK	bind-utils	21:21
tannerb	I'm not sure about hardy, but probably dnsutils.	21:21
RoyK	or bind9-utils	21:21
tannerb	Or exactly what RoyK said.	21:21
RoyK	nslookup is old - use 'host' or 'dig'	21:22
=== erichammond1 is now known as erichammond
bluethundr_	RoyK, thx!	21:29
* RoyK just got an email from the CEO congratulating a server setup - not bad		21:31
uvirtbot	New bug: #580700 in cyrus-sasl2 (main) "Package is actually called "sasl2-bin"" [Undecided,New] https://launchpad.net/bugs/580700	21:41
bluethundr_	I have updated my serial number in my dns db and restarted bind and made sure my mx was correct, but when I use dig -mx it doesn't see the mx record	21:45
bluethundr_	http://pastebin.com/KH3adera	21:45
RoyK	perhaps $ORIGIN hasn't been set before the MX line	21:46
RoyK	set $ORIGIN to your domain name in the start	21:47
enav	i need help.... i want to limit a SSH user to specific folder "/home/www".... i have 2 days trying to do this reading manuals and articles but nothing works	21:47
RoyK	$ORIGIN mydom.tld	21:47
guntbert	bluethundr_: all on the same machine?	21:47
RoyK	enav: you need to chroot the user - not trivial	21:48
RoyK	enav: use a vm instead	21:48
enav	i tried that several times in several ways and still not working propertly	21:49
bluethundr_	guntbert, yes, and this config file is an exact copy of another dns db file that works, only with the values for this machine subtituted	21:49
RoyK	enav: see message above	21:49
guntbert	bluethundr_: I asked because dns propagation can take surprising long time :-)	21:50
enav	RoyK use a vm instead???	21:50
RoyK	enav: chrooting ssh is not trivial	21:50
enav	RoyK what that means	21:50
RoyK	either use other access methods or use a virtual machine	21:50
bluethundr_	this one works and I can't see any substantive difference between this one and the one that doesn't	21:51
bluethundr_	http://pastebin.com/dVDVRyWn	21:51
bluethundr_	guntbert, ah ok.. yes but this is all local the machine having the issue	21:51
uvirtbot	New bug: #580708 in cyrus-sasl2 (main) "Can't run multiple saslauthd daemons as per the documentation" [Undecided,New] https://launchpad.net/bugs/580708	21:51
RoyK	bluethundr_: add $ORIGIN mydomain.com. around $TTL	21:52
guntbert	bluethundr_: ok - sorry to hear - no solution from me either	21:52
bluethundr_	RoyK: on it, I'll let ya know	21:52
enav	RoyK i though chroot limit a specific user to a specific folder... but this not works	21:54
RoyK	as I said, chrooting ssh sessions is not trivial	21:54
RoyK	use a vm for that	21:54
enav	RoyK what do you mean with trivial???	21:55
* RoyK points enav to dictionary.com		21:55
enav	RoyK do you mean chroot is not easy to configure?	21:58
RoyK	not for ssh clients	21:59
RoyK	what are your needs?	21:59
RoyK	isolating all clients inside a jail?	21:59
enav	RoyK do you know a good text or website to chroot ssh users???	21:59
RoyK	if so, why?	21:59
enav	well i have an Admin account and a Webmaster account... i just whatn to jail webmaster accoutn to "/home/www" folder that is all	22:01
enav	i have 2 days trying to do this	22:01
RoyK	use ftp	22:01
qman__	no, use sftp-only	22:01
RoyK	ftp over ssl is secure	22:02
RoyK	and trivial to configure	22:02
RoyK	ftp over ssh means the user will be given access to whatever's open	22:02
RoyK	enav: I'd guess securing your system, home directories and so on, will be easier	22:03
RoyK	just give www or whatever access to the files needed	22:03
qman__	not if you configure ssh correctly	22:03
qman__	recent versions can limit it to sftp and chroot right in the sshd config	22:04
enav	im give up with SFTP	22:04
qman__	no special jailing setups required	22:04
RoyK	how do you chroot ssd/sftp?	22:04
enav	let me try that you say now	22:04
RoyK	qman__: url?	22:04
qman__	I'm looking for the doc	22:04
qman__	http://www.debian-administration.org/articles/590	22:05
RoyK	qman__: thanks	22:07
qman__	it's way easier than the old style jailing	22:07
RoyK	seems so, yes	22:07
RoyK	thought it was harder	22:07
qman__	the version of openssh in hardy is older and doesn't support that	22:09
qman__	but the current versions do	22:09
qman__	I've set up a few old style jails with jailkit, no simple task	22:10
enav	qman__ is a hell	22:10
enav	qman__ your article look great but can i use this to jail an user not a group to a specific folder not a home folder????	22:12
qman__	enav, yes	22:13
enav	qman__: Match group sftponly ---> Match user webmaster really?	22:14
qman__	not sure if that's the syntax, but you can match per user	22:14
qman__	let me find more information	22:14
enav	wait a sec	22:15
enav	your article work for you? i mean did you try it before?	22:15
qman__	http://prefetch.net/blog/index.php/2006/09/05/limiting-access-to-openssh-directives/	22:15
qman__	Match User username	22:16
qman__	the way Match blocks work, is they include all of the directives below it until there is another Match block or the end of the file	22:17
qman__	so place them at the bottom	22:17
enav	ok let me try again	22:17
enav	because i did this a lot of times	22:17
qman__	the one caveat I'm noticing is that the chroot directory must be owned by root	22:18
qman__	other than that, it's straightforward	22:18
enav	ok	22:18
tannerb	Wow, I hadn't looked at doing chrooted stuff securely for years and that's about a bah-jillion times easier.	22:20
qman__	you're telling me	22:20
qman__	the old way was a total pain	22:20
tannerb	Yeah, and by the time one would get close to getting it working properly, you'd have to find another goat to sacrifice.	22:21
enav	im feeling the pain now	22:21
enav	qman__ chek this http://pastebin.com/YmgedfRg	22:25
qman__	that's correct	22:25
qman__	but where's the rest of the configuration file?	22:26
enav	i just copy paste an little section	22:26
qman__	ok	22:26
qman__	I noticed that the default configuration has this in it	22:28
qman__	Subsystem sftp /usr/lib/openssh/sftp-server	22:28
qman__	you will want to change that over/remove it	22:28
enav	yes you ned to change it	22:28
qman__	two Subsystem sftp lines will break it for sure	22:28
enav	i delet the original 1 and add the new 1	22:28
qman__	ok	22:29
qman__	then, chown root:root /home/www, and service ssh restart	22:30
ziesemer_	What is the impact of the "owner" provided to tunctl ?	22:48
=== unreal_ is now known as unreal
Jeeves_Moss	afternoon all!	23:12
=== twister_ is now known as twister
gregcoit	is it possible that S99mysql isn't waiting for S98rc.local to finish in lucid?	23:26
gregcoit	and is this somehow related to upstart?	23:27
=== AntORG_ is now known as AntORG

Generated by irclog2html.py 2.7 by Marius Gedminas - find it at mg.pov.lt!