[00:04] <theacolyte> WhatI've found in 10.04 is if you do anything that interferes with the boot process, like in my instance, incorrectly adding an IP to a network interface, and you reboot
[00:04] <theacolyte> You can't boot anymore
[00:04] <theacolyte> Not to sound unconstructive, but that seems pretty awful to me
[00:04] <theacolyte> And now I can't get into single user mode to fix it
[00:05] <theacolyte> So I'd be more than glad ffor some suggestions.
[00:08] <theacolyte> wonderful
[00:30] <theacolyte> How do I access the drive on my ubutnu server if I can't  boot?
[00:30] <theacolyte> I need to edit /etc/network
[00:30] <theacolyte> since apparently that broke it
[01:59] <Smeh> ok, in bug reports / install guides etc for 10.04 i keep coming across people refering to choosing "advanced" at the end of the installer where you can choose / check what drive grub is going to be installed to
[02:00] <Smeh> but don't see any evidence of any advanced option myself? :|
[02:03] <Smeh> also, on a tangentially related note, say i'm aiming for a LAMP server with x-windows gui, which makes more sense
[02:03] <Smeh> starting with server and installing X, or using desktop and installing the lamp services?
[02:10] <pmatulis> Smeh: if your desktop environment will be GNOME i would choose the latter
[02:15] <Smeh> probably will be gnome
[03:12] <STF> hi
[03:13] <STF> i running my ubuntu-server on a Laptop, without x11, and now i'm looking for a way to shutdown the backlight of my screen, cause i administrat my server about ssh from another machine
[03:39] <qman__> closing the lid usually does the trick
[03:42] <RickyWh1> is it easy to switch out apache2 for cherokee ?
[03:46] <RickyWh1> is there some way I can test my apache server to find out how many requests it can handle before it gets overloaded?
[03:51] <fbc-mx> does anyone know of a condition that would make everything even your root disappear then mysteriously come back after a reboot? ex."-bash: /bin/ls: Input/output error"
[03:56] <fbc-mx> a
[03:59] <gkahla> is hald enabled by default on ubuntu server 10.4?
[04:01] <deslector> hi, what is the best way to run iFolder on Ubuntu?
[04:09] <lord_koala> Hi everyone: dmesg | grep wlan0 gives me wlan0: cannot get RID fd42 (len=6) - no PRI f/w  ... I am trying to connect with my prism 2.5 chip wi-fi card. ifconfig only shows eth0 and lo. I tried to load some firmware to /etc/network/ınterfaces for prısm 2.5 and no luck. lspci -v shows I have my network card ıs prısm 2.5. Any help is appreciated. thanks.
[04:09] <lord_koala> I am running hardy 8.04 server edition.
[04:10] <acerimmer> When running Virtual Box on ubuntu server, how do I network connect to the virtual machine?
[04:34] <f1yback> if it's in bridge mode
[04:34] <f1yback> just like any other real box on your lan acerimmer
[04:38] <acerimmer> f1yback: ah.  thank you. gottago and try it
[04:38] <f1yback> smoke me a kipper
[04:47] <RickyWh1> which file to I edit to top apache2 web server from loading up?
[04:52] <acerimmer> f1yback: whattaguy!
[04:53] <f1yback> heheh
[05:18] <chrismsnz> hey guys, i'm installing security updates on my server
[05:18] <chrismsnz> is there a command that will show me a changelog for the affected packages before i install them?
[05:19] <cleary> hi folks, I'm setting up a ppa for the first time, dput is failing with a connection refused error, and I cannot ftp directly to ppa.launchpad.net from multiple connections (none of which are firewalled)
[05:20] <cleary> I'm assuming there is a service outage, but just wanted to confirm before I spend any more time on it
[05:22] <cleary> chrismsnz: try aptitude changelog <package>
[05:25] <chrismsnz> cheers cleary _b
[05:26] <chrismsnz> it's a good start
[05:42] <enav> hello im new to this....   i want to set up a vsftpd server with multiple virtual user usin PAM authentication... i got a good guide but it use a weak password authentication i mean just password uptu 8 character... i want something stronger...  give some web site or guide pleas
[06:13] <qman__> enav, there's not much point to using strong passwords with FTP because it's a clear text protocol
[06:13] <enav> yeah yeah  im reading something like you said....   :S
[06:14] <qman__> you CAN, but you're still shouting them out for the world to see
[06:18] <enav> you are right  ftp with password is just to preven noob hackers
[07:03] <rahman> Hi, I have setup a mail server with postfix + dovecot + squirrelmail. Here is my main.cf file: http://pastebin.com/2Uw64vTh
[07:03] <rahman> I ave a problem, I can send email to aaaa@rahmanduran.net from bbbb@rahmanduran.net. But I can't send email from bbbb@rahmanduran.net to different domain like cccc@gmail.com.
[07:04] <rahman> I get a "Relay access denied" error from postfix
[07:08] <enav> virtual users and SFTP is possible???????
[07:14] <rahman> enav: can you explain more? I use virtual users, and have a table virtual_users in mysql
[07:15] <rahman> email accounts of my domain can receive email from diffrerent  domains with success, btw
[07:40] <enav> can you make a new system user that have access to SFTP but is not allowed to use SSH, and limit this SFTp to one folder????
[09:03] <qman__> enav, yes, look up sftponly and chrootdirectory in sshd configuration
[09:03] <qman__> this is a new feature as of ~9.10 IIRC
[09:21] <realV> hi to all
[09:24] <realV> I'm trying to setup an high availability system, really simple (account, ftp, file sharing, mail), with a pair of servers, one principal and one "backup", that switch on in case of failure.
[09:24] <realV> i've looked for UEC, but is really too big for my little infrastructure
[09:26] <realV> drbd for sync data is a good solution, but there are too much ways.
[09:35] <enav> my head is going to blow UP!!!!!!!!!!!!    this article say that Now alice can use SFTP to read from and write to her ~/public_html/ directory, but can't use OpenSSH to get a shell, nor even to read files outside of ~/public_html. ......... but is a lie   i can see and change all system folders.... what im doing wrong
[09:35] <enav> ups this is the article http://is.gd/c8uMy
[10:14] <juanjoA> Hello, how I can remove the configuration of raid on 2 hd. I delete all partitions but when I reinstall, partman recognises old distribution of raid ...
[10:14] <juanjoA> maybe MBR
[10:15] <realV> you can use dd on the device
[10:16] <realV> if you have /dev/sda, you can remove mbr with 'dd if=/dev/zero of=/dev/sda bs=512 count=1'
[10:17] <realV> keep in mind that all the data will be lost
[10:18] <juanjoA> realv: ok, thx, I will probe this
[10:22] <juanjoA> Is there a ubuntu 10.04 server guide on PDF?
[10:27] <sommer> jussi: I don't think there is at the moment, but there may be in the near future... I think there was an issue in generating the Lucid pdf.
[10:28] <Jeeves_> An issue creating a pdf? :)
[10:28] <jussi> hrrr
[10:28] <sommer> well automatically creating a pdf
[11:46] <RoAkSoAx> kirkland, by any chance do you have a copy of the testdrive gobby doc? Cause its gone from gobby :S :/
[11:47] <kirkland> RoAkSoAx: crap ....
[11:48] <kirkland> RoAkSoAx: i didn't copy it to the blueprint :-(
[11:49] <RoAkSoAx> kirkland, neither do I :S. Hopefully someone else saved it :/
[11:49] <kirkland> RoAkSoAx: you should /join #testdrive
[12:00] <_chris_> is it usual for apache2 to have about 10procs running ?
[12:01] <guntbert> _chris_: yes, they are running in because starting a new process takes "a lot" of time
[12:01] <guntbert> *running because ...
[12:02] <RoyK> _chris_: see StartServers/MinSpareServers/MaxSpareServers
[12:02] <RoyK> in apache.conf
[12:02] <RoyK> apache2.conf
[12:03] <_chris_> ah okay
[12:03] <_chris_> 5/5/10
[12:06] <guntbert> _chris_: if you don't expect many requests on you server you can reduce those values
[12:08] <_chris_> guntbert: ok, thanks :)
[12:38] <musimar> hello I have a problem with my email server
[12:39] <musimar> I can send emails in local but not outside
[12:39] <musimar> http://paste.debian.net/73252/
[12:40] <musimar> this is the paste of the end of my /etc/postfix.cain.conf
[12:40] <musimar> main*
[12:40] <guntbert> musimar: why do you need a public smtp server?
[12:41] <musimar> because the server is at home
[12:42] <guntbert> musimar: no, my question was: why does it have to be public? why not just (for learning ) confined to your private network?
[12:42] <musimar> hummmm
[12:42] <musimar> don't know ;-)
[12:42] <musimar> it's better to send emails outside no?
[12:43] <musimar> :-D
[12:44] <guntbert> musimar: if you don't "*really* know what you are doing" don't run an smtp server with access to/from the internet - it can get you in troubles rather quickly (google for "open mail relay")
[12:56] <dwight> Hola, I'm wondering what is the easiest way to recover the default apache ports.conf file for ubuntu 10.4... am I likely to find it on the wiki, community docs, or is there an aptitude command I can use to revert?
[12:57] <jpds> dwight: Consider using etckeeper. :)
[12:58] <dwight> etckeeper looks like a nice solution!
[12:59] <dwight> but won't help me out of the current jam.
[13:10] <_chris_> heja. having a small issue. i have an ubuntu-server in our firms network. before it was set to dhcp and i could access the webpage per servers hostname. now we gave it a fix ip adress and since then its not possible anymore to reach the website per the servers hostname, always have to enter the ip adress instead. maybe anyone has an idea ?
[13:11] <_chris_> well its not only the webpage, he isnt reachable by its hostname in any way. may it be putty, a ping or whatever
[13:27] <egsome> Is there any Application that helps making my Ubuntu-Server a Router for my Office ?
[13:29] <cloakable> egsome: ipmasq
[13:31] <egsome> cloakable, Great, Thanks
[13:31] <cloakable> egsome: no problem
[13:32] <cloakable> egsome: if you want a more powerful solution, shorewall. but ipmasq will do the basics.
[13:33] <egsome> cloakable, Shorewall is to be installed on Ubuntu or as a distro ?
[13:33] <cloakable> egsome: shorewall is a program. it's in the ubuntu repo
[13:34] <egsome> cloakable, good
[13:35] <cloakable> egsome: but it isn't a fire-and-forget solution like ipmasq... it needs configuring.
[13:36] <egsome> cloakable, What do you recommend for me ? i only need the server to act as router, i need to restrict web access to some sites, and do more like that jobs
[13:37] <cloakable> egsome: hmmm. not sure. I don't know how to restrict access
[13:38] <egsome> cloakable, no problem, but generally what do you recommend ? and access restrict and suck jobs are done by iptables, no problems
[13:39] <cloakable> egsome: sounds more of a job for shorewall, it's more configurable than ipmasq
[13:40] <egsome> cloakable, OK Thanks, will look on it
[13:49] <RoyK> hi all. I have a package list from a 9.04 server - is there an easy way to install all _existing_ packages from that list on a 10.04 box?
[13:50] <bogeyd6> RoyK, im not sure they would all be compatible
[13:50] <bogeyd6> you could just make the list into one big line of text and apt-get install <paste files>
[13:51] <RoyK> bogeyd6: that's the probem - but an upgrade works, only I don't want to install 9.04 and then upgrade
[13:51] <bogeyd6> hmm
[13:51] <bogeyd6> RoyK, did you download all of the dpkg files?
[13:51] <bogeyd6> or .debs
[13:52] <RoyK> no, I'm trying to apt-get install `cat list.txt`, but it halt if it finds an unknown package
[13:52] <RoyK> it'd be nice for those to be simply ignored
[13:54] <_chris_> heja. having a small issue. i have an ubuntu-server in our firms network. before it was set to dhcp and i could access the webpage per servers hostname. now we gave it a fix ip adress and since then its not possible anymore to reach the website per the servers hostname, always have to enter the ip adress instead. maybe anyone has an idea ?
[13:56] <cloakable> _chris_: you might want to add the server to your dns.
[13:59] <RoyK> erm... " rsyslog: Conflicts: linux-kernel-log-daemon" - wtf is this? rsyslog is installed, but I have no linux-kernel-log-daemon in my list
[13:59] <RoyK> klogd...
[13:59] <RoyK> got it
[14:05] <RoyK> http://pastebin.com/hCHtteKt
[14:11] <axisys> failing to upgrade
[14:11] <axisys> http://pastie.org/private/9vlrulhrxx9a55pvahxpya
[14:11] <axisys> how do I change my repo ?
[14:12] <axisys> may be will have better luck w/ another repo
[14:12] <bogeyd6> axisys, edit /etc/apt/sources.list
[14:12] <bogeyd6> anl.gov is the fastest for most people
[14:12] <bogeyd6> sometimes down for maintenance
[14:12] <axisys> bogeyd6: it is not down.. i can talk to port 80
[14:12] <bogeyd6> also it looks like you fudged the sources.list file
[14:13] <bogeyd6> all of these are 404 messages
[14:13] <bogeyd6> axisys, pastebin your /etc/apt/sources.list
[14:13] <axisys> bogeyd6: ok
[14:14] <bogeyd6> file guinely doenst exist
[14:15] <bogeyd6> axisys, that file does exist in another mirror
[14:15] <axisys> bogeyd6: http://pastebin.com/znsKxZih
[14:16] <bogeyd6> axisys, looks ok to me
[14:17] <bogeyd6> prob just need to go ahead and switch to the ubuntu.cs.wisc.edu
[14:28] <slipper1024> UEC CC CLC SC Walrus on 1st server
[14:28] <slipper1024> NC on 2nd and 3rd server
[14:28] <slipper1024> as per guide https://help.ubuntu.com/community/UEC/CDInstall
[14:30] <slipper1024> cant --discover-nodes
[14:30] <slipper1024>  or --synckey
[14:31] <slipper1024> any ideas guys, Lucid 32bit
[14:38] <axisys> bogeyd6: so like this?
[14:38] <axisys> bogeyd6: sed 's/mirror.anl.gov/ubuntu.cs.wisc.edu/' /etc/apt/sources.list > /tmp/list; cp /tmp/list /etc/apt/sources.list ?
[14:38] <axisys> i backed it already
[14:39] <axisys> bogeyd6: or there is an elegant ubuntu tool there, like for desktop ?
[14:40] <axisys> bogeyd6: did just that.. lets see if do-release-upgrade works now
[14:41] <axisys> bogeyd6: you were right. noticibly slower
[14:43] <bogeyd6> kk
[14:43] <bogeyd6> axisys, anl.gov is the fastest for anyone in the midwest
[14:44] <jpds> mirror.anl.gov is awesome.
[14:44] <jpds> axisys: sed -i...; would save you the cp.
[14:45] <bogeyd6> axisys, they run an oc192 out of the argonne laboratory
[14:49] <bogeyd6> jpds, sorry, i meant they now run a dual oc192 out or argonne
[14:49] <jpds> bogeyd6: I know.
[14:50] <jpds> bogeyd6: I've spoken to the admins in the past before. :)
[14:52] <bogeyd6> i dont speak to them
[14:52] <bogeyd6> :)
[14:52] <bogeyd6> probably never would or have cause to
[14:52] <bogeyd6> but they are a public entity and as such everything they do is online
[15:16] <dinda> ivoks: ping
[15:18] <ivoks> dinda: pong :)
[15:47] <wizardslovak> hello people
[15:47] <wizardslovak> why is apache showing "index of.." instead of actual website?
[15:49] <cloakable> wizardslovak: Have you put a website into /var/www?
[15:50] <aoeuhtns> wizardslovak, probably because the "Indexes" option is on and there is no index document (index.html)
[15:50] <wizardslovak> i actually made folder with website name and put everything in it
[15:50] <wizardslovak> then in sites-available/website  i changed document root to website flder
[15:51] <cloakable> wizardslovak: did you then do 'sudo a2ensite website'?
[15:51] <wizardslovak> oh no
[15:52] <wizardslovak> do i have to wrtie "a2ensite /etc/apache2/sites-available/website?
[15:52] <cloakable> No
[15:52] <wizardslovak> cause i am geting error "no site found matching
[15:53] <cloakable> wizardslovak: are you doing as root or regular user?
[15:53] <wizardslovak> root
[15:54] <wizardslovak> probably i did something wrong in sites-available/website conf
[15:55] <cloakable> Unlikely
[15:55] <wizardslovak> hmm
[15:56] <cloakable> what is the name of the file in sites-available?
[15:56] <wizardslovak> so whats the corrent command for a2ensite
[15:56] <wizardslovak> wizzy
[15:56] <cloakable> sudo a2ensite wizzy
[16:00] <wizardslovak> ok got it
[16:00] <wizardslovak> i forgot to put correct folder in "directory" ;) thank you people
[16:00] <wizardslovak> yea one more think
[16:01] <wizardslovak> can i connect usb printer and use it with CUPS in ubuntu?
[16:02] <ivoks> in ubuntu server?
[16:02] <ivoks> yes
[16:03] <Wack479> good morning!
[16:05] <wizardslovak> huh somehow when i connect usb printer i dont see it
[16:06] <Wack479> I am having issues with my 9.04 server running kernel 2.6.28-18-server. About 2-3 times a week my networking service has to be restarted. It happened again this morning and i got this in the kern.log http://pastebin.com/iHfL1DVL
[16:08] <axisys> bogeyd6: ubuntu.cs.wisc.edu is working .. no 404
[16:08] <axisys> bogeyd6: thanks for your help
[16:08] <iKb> is there a simple way to install php 5.2 on ubuntu server 10.04?
[16:09] <Wack479> ikb: apt-get?
[16:10] <iKb> apt-get install php 5.3
[16:10] <iKb> i need php 5.2
[16:10] <Wack479> oh ok sry
[16:11] <iKb> is apt-get pinning the only solution?
[16:12] <axisys> =pkg_version_number have you tried that?
[16:12] <axisys> iKb: ^
[16:12] <axisys> iKb: man apt-get will show you the syntax
[16:13] <iKb> axisys: there is no 5.2 version for 10.04
[16:14] <iKb> this is why i need pinning
[16:14] <wizardslovak> su
[16:17] <wizardslovak> thats weird
[16:18] <wizardslovak> http://pastebin.com/v08atfZ4
[16:20] <axisys> iKb: check man apt_preferences
[16:22] <iKb> axisys: this is for pinning no?
[16:22] <axisys> iKb: yes
[16:42] <stas_> hi, can somebody help me, I got an entry like this in aliases>test :include:/etc/postfix/lists/test and postfix appends @$mydomain to that entry each time a new mail is received. what Iam doing wrong?
[16:56] <Wack479> I am having issues with my 9.04 server running kernel 2.6.28-18-server. About 2-3 times a week my networking service has to be restarted. It happened again this morning and i got this in the kern.log http://pastebin.com/iHfL1DVL
[16:56] <wizardslovak> is there software in which i can connect with web browser to check status/traffic on server?
[17:08] <tannerb> Ok, I'm going slightly mad. I'm installing 10.4 on a new server using 4 750 GB drives. 2 of those I pulled out of an old server that was using some nvidia fakeraid. I fdisked the previously used discs to the partition table I want, but the ubuntu installer keeps wanting to activate the old raid configuration on those discs. Is there a place I'm not thinking of where that stuff would be hidden that fdisk wouldn't touch?
[17:12] <tannerb> My apologies if that's a silly question, but I can't think of where that configuration would be hidden after a whole new partition table had been written to the disk...MBR or some such? Have I gone entirely insane?
[17:17] <Bart_> I'm now running 2.6.32-22-generic-pae. How do I switch to the server kernel?
[17:19] <failover> Question about hardware requisites for a mail server, Lucid + Postix + MailScanner + SpamAssasim + Dovecot, 7k incoming mail , 4k outgoing mails, 800 users. Which should be the minimum hardware to run this setup ?
[17:20] <failover> a virtual machine with 1 GB of ram do the trick ?
[17:38] <ninjai> how do i set up phpmysqladmin? I downloaded it through apt-get but find no php page anywhere
[17:51] <AmokPaule> ninjai try to locate phpmyadmin then do a link to that folder
[18:28] <bkingx> Greetings! Quick question: a script that runs at startup is run under what user?
[18:31] <RoyK> root
[18:36] <bkingx> thanks RoyK
[18:37] <bkingx> Next question, trying to script some gpg decryption in that script and I am thinking it can't access the .gnupg folders/files.
[18:38] <bkingx> So how can a script at startup, running as root, can't access those files?
[18:38] <mr_daniel> I use ubuntu since 5.10; before I tried debian several times, which was a lot fun. I want to setup my first root server, both for fun but also to start building cool web apps with tools I like to use and without any limitations from web hosters; I am at a point where a simple LAMP configuration is not enough.
[18:39] <mr_daniel> but the problem is: I never owned a root server, and I don't know where to start?
[18:40] <mr_daniel> I hope you guys can give me some tips where I can start, maybe
[18:40] <mr_daniel> a good book
[18:40] <Hypnoz> mr_daniel: apt-get update && apt-get install apache2 && apt-get install mysql-server && apt-get install php5 && apt-get install phpmyadmin
[18:41] <mr_daniel> Hypnoz: :)
[18:41] <mr_daniel> wait, why not use aptitude?
[18:41] <Hypnoz> because aptitude takes longer to type than apt-get of course
[18:43] <Hypnoz> mr_daniel: after you've installed the LAMP stack, and have a more specific question, that might be good
[18:43] <Hypnoz> mr_daniel: just asking how to create a server that hosts a webpage is too broad, and something that should probably be googled for since it takes quite a few steps
[18:44] <mr_daniel> I guess you are right Hypnoz
[18:45] <Hypnoz> is "googled" a recognized verb of the english language yet?
[18:46] <Hypnoz> mr_daniel: really creating the web hosting server isn't the hard part. programming the site in php/javascript/etc is what takes skill
[18:47] <Hypnoz> mr_daniel: there are some frameworks that might be worth learning like cakephp or django
[18:47] <Hypnoz> mr_daniel: or maybe installing something like wordpress
[18:47] <Hypnoz> mr_daniel: something like wordpress would cut waaay down on the web programming aspect required
[18:48] <mr_daniel> I want to go further
[18:48] <mr_daniel> for example I want to build a web app with CoucDB, or with J2EE, and want to be prepared for high traffic, etc.
[18:51] <Hypnoz> mr_daniel: why couchdb instead of mysql?
[18:51] <mr_daniel> because I want to learn new things
[18:52] <mr_daniel> and CoudhDB is cool :) and sounds very interesting
[18:52] <Hypnoz> try django I got a friend that loves it, and its a very popular thing to put on a resume
[18:52] <Hypnoz> and you'd get to learn python too
[18:54] <mr_daniel> never used django, but I used python for a few things and I like the language
[19:02] <vkramar> I have some troubles enabling PHP in userdir on 10.04. Already tried both /etc/apache2/mods-enabled/php5.conf and /etc/apache2/conf.d/php-in-homedirs.conf ways as described on wiki, but no success. Can anybody point me right way?
[19:03] <RoyK> http://pastebin.com/hCHtteKt <-- fine, new box
[19:08] <storrgie> anyone using tomato firmware?
[19:08] <RoyK> what is that ?
[19:08] <storrgie> router firmware for wrt routers
[19:14] <vraa> storrgie, i use tomato firmware, i switched from dd-wrt becaue dd-wrt was too complicated
[19:15] <RoyK> how many cpus does linux support these days?
[19:15] <RoyK> 256 or so?
[19:15] <storrgie> vraa: it seems that all of my traffic, when QoS is on I only get 10% thoroughput
[19:15] <vraa> maybe your qos settings are not correct? did you set your inbound and outbound speeds correctly? btw i dont think this is related to ubuntu-server :)
[19:16] <storrgie> vraa: I know its not related to ubuntu-server but tomato has ZERO irc community
[19:16] <vraa> RoyK can't you use BFS for more than 1000 core support?
[19:16] <storrgie> I cant find anyone to help me
[19:16] <vraa> :) try to double check your inbound/outbound maxes, also check how you are classifying your traffic
[19:16] <RoyK> vraa: http://en.wikipedia.org/wiki/Brain_Fuck_Scheduler?
[19:17] <vraa> yah
[19:17] <vraa> i believe it's designed more NUMA or something
[19:17] <RoyK> what a nice name :)
[19:17] <therian> is it any good?
[19:22] <vraa> if it ain't broke, dont fix it
[19:22] <vraa> in regards to "is it any good"
[19:22] <vraa> if you have 500 cores and things aren't working well, i'm sure BFS would be a viable thing to try out
[19:22] <vraa> but me, on my single core pIII laptop? i'll stick with whatever is default
[19:23] <RoyK> just installed this 16-core thing - it'll be interesting to see how the load is distributed when they start the models
[19:24] <vraa> dual 8core opteron right RoyK ?
[19:24] <RoyK> yes
[19:24] <RoyK> 64 gigs of ram
[19:24] <RoyK> chewing volcanic ash transport models
[19:25] <RoyK> or simply particle transport models
[19:44] <enav> good morning
[19:45] <RoyK> good evening
[19:45] <aoeuhtns> good afternoon
[19:45] <therian> good afternoon
[19:45] <therian> fuck
[19:45] <aoeuhtns> :-)
[19:45] <therian> ;p
[19:46] <RoyK> good localtime();
[19:46] <therian> lol
[19:48] <_3ies> Good morning, and in case I don't see ya, good afternoon, good evening, and good night!
[19:49] <therian> oh night
[19:49] <therian> i forgot that one
[19:49] <_3ies> :))))))))))))))))))))))))))))))))))))))))))))))))
[19:49] <_3ies> it is from the truman show
[19:57] <RoyK> http://karlsbakk.net/top-16.png
[20:01] <guntbert> !language | therian
[20:01] <ziesemer_> I've been looking into denyhosts or fail2ban to help prevent some server attacks.  Both appear to only work by parsing log outputs from /var/log/syslog, etc.  Isn't there a more efficient method?  I.E., is there a syslog "consumer" that can be used?
[20:01] <aoeuhtns> RoyK, 48GB of swap?!
[20:01] <RoyK> no, 16
[20:01] <therian> my bad
[20:01] <RoyK> but ubuntu 10.04 comes with this compcache thing, swapping to compressed memory
[20:02] <aoeuhtns> interesting
[20:03] <RoyK> planning to use some SSDs for the swap
[20:03] <RoyK> some of the models can use way more memory than the 4GB per core that's in there now
[20:09] <lolufail> hi
[20:09] <lolufail> !
[20:10] <lolufail> what does the "virtualsiation" checkbox during installation do? just that networkbridge?
[20:37] <axisys> how do I install sun storage CAM (common array manager) in ubuntu ? i need to manage my sun storagetek 6140
[21:20] <bluethundr_> I am trying to use standard networking tools like nslookup and dig on an 8.0.4 Hardy box... but they are curiously absent. what package installs these?
[21:21] <RoyK> bind-utils
[21:21] <tannerb> I'm not sure about hardy, but probably dnsutils.
[21:21] <RoyK> or bind9-utils
[21:21] <tannerb> Or exactly what RoyK said.
[21:22] <RoyK> nslookup is old - use 'host' or 'dig'
[21:29] <bluethundr_> RoyK, thx!
[21:31]  * RoyK just got an email from the CEO congratulating a server setup - not bad
[21:45] <bluethundr_> I have updated my serial number in my dns db and restarted bind and made sure my mx was correct, but when I use dig -mx it doesn't see the mx record
[21:45] <bluethundr_> http://pastebin.com/KH3adera
[21:46] <RoyK> perhaps $ORIGIN hasn't been set before the MX line
[21:47] <RoyK> set $ORIGIN to your domain name in the start
[21:47] <enav> i need help.... i want to limit a SSH user to specific folder "/home/www".... i have 2 days trying to do this reading manuals and articles but nothing works
[21:47] <RoyK> $ORIGIN mydom.tld
[21:47] <guntbert> bluethundr_: all on the same machine?
[21:48] <RoyK> enav: you need to chroot the user - not trivial
[21:48] <RoyK> enav: use a vm instead
[21:49] <enav> i tried that several times in several ways and still not working propertly
[21:49] <bluethundr_> guntbert, yes, and this config file is an exact copy of another dns db file that works, only with the values for this machine subtituted
[21:49] <RoyK> enav: see message above
[21:50] <guntbert> bluethundr_: I asked because dns propagation can take surprising long time :-)
[21:50] <enav> RoyK use a vm instead???
[21:50] <RoyK> enav: chrooting ssh is not trivial
[21:50] <enav> RoyK what that means
[21:50] <RoyK> either use other access methods or use a virtual machine
[21:51] <bluethundr_> this one works and I can't see any substantive difference between this one and the one that doesn't
[21:51] <bluethundr_> http://pastebin.com/dVDVRyWn
[21:51] <bluethundr_> guntbert, ah ok.. yes but this is all local the machine having the issue
[21:52] <RoyK> bluethundr_: add $ORIGIN mydomain.com. around $TTL
[21:52] <guntbert> bluethundr_: ok - sorry to hear - no solution from me either
[21:52] <bluethundr_> RoyK: on it, I'll let ya know
[21:54] <enav> RoyK i though chroot limit a specific user to a specific folder... but this not works
[21:54] <RoyK> as I said, chrooting ssh sessions is not trivial
[21:54] <RoyK> use a vm for that
[21:55] <enav> RoyK  what do you mean with trivial???
[21:55]  * RoyK points enav to dictionary.com
[21:58] <enav> RoyK do you mean chroot is not easy to configure?
[21:59] <RoyK> not for ssh clients
[21:59] <RoyK> what are your needs?
[21:59] <RoyK> isolating all clients inside a jail?
[21:59] <enav> RoyK do you know a good text or website to chroot ssh users???
[21:59] <RoyK> if so, why?
[22:01] <enav> well i have an Admin account and a Webmaster account... i just whatn to jail webmaster accoutn to "/home/www" folder that is all
[22:01] <enav> i have 2 days trying to do this
[22:01] <RoyK> use ftp
[22:01] <qman__> no, use sftp-only
[22:02] <RoyK> ftp over ssl is secure
[22:02] <RoyK> and trivial to configure
[22:02] <RoyK> ftp over ssh means the user will be given access to whatever's open
[22:03] <RoyK> enav: I'd guess securing your system, home directories and so on, will be easier
[22:03] <RoyK> just give www or whatever access to the files needed
[22:03] <qman__> not if you configure ssh correctly
[22:04] <qman__> recent versions can limit it to sftp and chroot right in the sshd config
[22:04] <enav> im give up with SFTP
[22:04] <qman__> no special jailing setups required
[22:04] <RoyK> how do you chroot ssd/sftp?
[22:04] <enav> let me try that you say now
[22:04] <RoyK> qman__: url?
[22:04] <qman__> I'm looking for the doc
[22:05] <qman__> http://www.debian-administration.org/articles/590
[22:07] <RoyK> qman__: thanks
[22:07] <qman__> it's way easier than the old style jailing
[22:07] <RoyK> seems so, yes
[22:07] <RoyK> thought it was harder
[22:09] <qman__> the version of openssh in hardy is older and doesn't support that
[22:09] <qman__> but the current versions do
[22:10] <qman__> I've set up a few old style jails with jailkit, no simple task
[22:10] <enav> qman__ is a hell
[22:12] <enav> qman__ your article look great but can i use this to jail an user not a group to a specific folder not a home folder????
[22:13] <qman__> enav, yes
[22:14] <enav> qman__:   Match group sftponly  --->   Match user webmaster    really?
[22:14] <qman__> not sure if that's the syntax, but you can match per user
[22:14] <qman__> let me find more information
[22:15] <enav> wait a sec
[22:15] <enav> your article work for you? i mean did you try it before?
[22:15] <qman__> http://prefetch.net/blog/index.php/2006/09/05/limiting-access-to-openssh-directives/
[22:16] <qman__> Match User username
[22:17] <qman__> the way Match blocks work, is they include all of the directives below it until there is another Match block or the end of the file
[22:17] <qman__> so place them at the bottom
[22:17] <enav> ok  let me try again
[22:17] <enav> because i did this a lot of times
[22:18] <qman__> the one caveat I'm noticing is that the chroot directory must be owned by root
[22:18] <qman__> other than that, it's straightforward
[22:18] <enav> ok
[22:20] <tannerb> Wow, I hadn't looked at doing chrooted stuff securely for years and that's about a bah-jillion times easier.
[22:20] <qman__> you're telling me
[22:20] <qman__> the old way was a total pain
[22:21] <tannerb> Yeah, and by the time one would get close to getting it working properly, you'd have to find another goat to sacrifice.
[22:21] <enav> im feeling the pain now
[22:25] <enav> qman__  chek this http://pastebin.com/YmgedfRg
[22:25] <qman__> that's correct
[22:26] <qman__> but where's the rest of the configuration file?
[22:26] <enav> i just copy paste an little section
[22:26] <qman__> ok
[22:28] <qman__> I noticed that the default configuration has this in it
[22:28] <qman__> Subsystem sftp /usr/lib/openssh/sftp-server
[22:28] <qman__> you will want to change that over/remove it
[22:28] <enav> yes you ned to change it
[22:28] <qman__> two Subsystem sftp lines will break it for sure
[22:28] <enav> i delet the original 1 and add the new 1
[22:29] <qman__> ok
[22:30] <qman__> then, chown root:root /home/www, and service ssh restart
[22:48] <ziesemer_> What is the impact of the "owner" provided to tunctl ?
[23:12] <Jeeves_Moss> afternoon all!
[23:26] <gregcoit> is it possible that S99mysql isn't waiting for S98rc.local to finish in lucid?
[23:27] <gregcoit> and is this somehow related to upstart?