/srv/irclogs.ubuntu.com/2010/05/23/#ubuntu-server.txt

OddfellowsI have apache all set up happy, but one of my virtual hosts says that, no matter what existing file I put in, it just throws a 404.00:15
Oddfellowsplease help100:16
Oddfellows!00:16
penguin42just one of them? The others are fine?00:20
OddfellowsYeah00:20
penguin42anything odd about it compared to the others?00:21
OddfellowsNo.00:21
penguin42hmm, not typo'd the path for it?00:21
Oddfellowsoff to check00:23
Oddfellowsnope00:24
penguin42what does apache have to say in its logs?00:24
Oddfellows[Sun May 23 03:13:31 2010] [error] [client 24.113.225.222] File does not exist: /htdocs00:26
penguin42does the host have unusual letters/characters/etc in its name? or some reason that its idea of the path isn't right?00:28
OddfellowsNo, no00:28
=== flyback is now known as phlyback
penguin42curious00:29
OddfellowsCurious"00:29
Oddfellows"Curious" is not a word you want to hear, like "unspecified infection".00:30
penguin42well it's got to be something that's different about that one00:31
penguin42most likely a typo in the config00:32
=== phlyback is now known as flyback
penguin42it could be a permission screw up I guess, but les slikely I'd say00:33
OddfellowsQuoth the perl one liner, there is no (non-expected) differences.00:36
penguin42well temporarily change the path to point at one of the other ones - does it work then?00:38
Oddfellowsok00:38
OddfellowsIt works perfectly with the other dir.00:39
penguin42so it's the dir not the config - change it back making sure it really does point to that dir00:41
OddfellowsIt works now, I think there was a typo in the dir.00:42
yosi1234Setting up my first Ubuntu LAMP Server - is it fairly secure from the default install, or ar there some recommended steps to secure the box, worried about DoS attacked and brute force attacks over SSH and others?01:05
penguin42yosi1234: brute force over ssh happens01:05
yosi1234is there anyway to limit that01:06
PiciInstall fail2ban.01:06
yosi1234like after 5 attempts it blocks their IP01:06
penguin42yosi1234: so move the ssh port to something that isn't the default, set up firewalls to ensure you block all ports you don't want exposed externally; if you always ssh from the same place then firewall it to just those ports01:06
Piciyosi1234: It does exactly that01:06
penguin42and yeh use something like that01:06
yosi1234thanks guys01:07
yosi1234is fail2ban better than ip tables, just getin use to that01:07
yosi1234also has anyone used Ubuntu server on ESXi?   I like the simple snapshot backup options of esxi, but don't want a performance hit...01:09
penguin42it should work on ESXi, but you always get some hit01:09
yosi1234does ESXi support backing up with snapshots, do do u have to pay for that?01:23
dasunsrule32I am having some trouble with likewise-open5 after a do-release-upgrade from 9.10 to 10.04, the services dcerp*, eventlogd, and lsassd do not start. I can start them after I log in with a local account, and then log in with AD accounts. Anyone have some ideas.01:23
yosi1234also i guess ubuntu server doesn't have to understand the RAID card, lsi 9260 if its sitting on a virtual enviroment, vmwars just has to understand the storage device01:24
dasunsrule32I have completely removed and purged likewise-open and completely reinstalled with the same results.01:25
=== unreal_ is now known as unreal
cabreyDoes ubuntu server automatically mount usb devices or do I have to manually mount them?02:28
cabreynevermind, had to do it manually02:34
* bintut waves03:11
bintutanyone here uses aws particularly the ec2?03:12
bintutany idea if there if amazon provides a test instance for people to play with it to be familiarize how it works?03:13
=== tommy_ is now known as KenjiPops
=== dendrobates is now known as dendro-afk
=== dendro-afk is now known as dendrobates
linux_is_my_heroalright how do install "hwinfo" on my ubuntu server just using another computer that has internet, or the ubuntu server 10.4 live cd?05:42
linux_is_my_heromy server has a wifi card that needs drivers so i can get to the internet and actually make it a server for when im away from home.05:43
Franch ldapadd -D cn=admin,cn=config -w password -x -f /usr/share/kyapanel/ldap/ldifs/phpgwaccount.ldif06:48
Franchldap_bind: Invalid credentials (49)06:48
Franchneed help06:48
Franch ldapadd -D cn=admin,cn=config -w password -x -f /usr/ldifs/phpgwaccount.ldif helpme ldap_bind: Invalid credentials (49)06:50
linux_is_my_heromy network interface doesnt support scanning...what does that mean?07:01
linux_is_my_hero:-(07:01
tonyyarussoSo, I'm half-considering using eBox on something.  The problem is, it appears that very few of the modules are in the official repositories even for Lucid.  So the question is, how safe is the ebox PPA, for a production server?  (It makes we wince to think about, but it may be the best bet for the situation.)07:43
SpamapSclear07:47
SpamapShaha doh07:47
yosi1234anyone know the performance hit running Apache (LAMP) on ESXi vs On a dedicated server?   I'm concerned about network latency and hard drive latency08:23
yosi1234anyone know the performance hit running Apache (LAMP) on ESXi vs On a dedicated server?   I'm concerned about network latency and hard drive latency09:15
_ruben yosi1234: its not that easy .. a VM on a beefy ESXi will perform much better than on a low-end dedi server09:27
simplexiodidnt latest vanilla kernel got some imprvements on that network latency side09:43
uvirtbotNew bug: #584484 in chkrootkit (main) "chkrootkit incorrectly identifies bindshell if mailserver runs tls" [Undecided,New] https://launchpad.net/bugs/58448409:51
Tweedamy concern w/ ESXi (like any virt implementation) is resource contention from other VMs.09:51
uvirtbotNew bug: #584497 in landscape "The EC2 endpoint should be HTTPS by default" [High,Confirmed] https://launchpad.net/bugs/58449710:51
ne7workhello all please someone help me with IDJC12:42
freewillieHello, I was wondering how to start apps on boot as deamon16:01
freewillieI hope someone can help me a litle16:02
freewillieI want to start my own java app and call of duty 4 server16:03
penguin42freewillie: Look up docs on 'upstart' - you can put scripts in /etc/init that it will call16:03
freewilliepenguin42 I was that far, but then my apache server wouldn't start anymore16:04
* penguin42 hasn't really got to grip with upstart yet, I'm still a bit old school16:05
freewilliepenguin42, Coul it have something to do with paths?16:05
freewilliepenguin42, Oh ok16:05
penguin42well paths are always good at breaking things :-)   Can you pastebin your script somewhere?16:05
freewilliepenguin42, ok16:06
freewillie#!/bin/bash16:07
freewilliejava Main16:07
freewilliethats all16:07
penguin42I think there needs to be some headers to say when to start it and what has to happen if it crashes etc16:08
penguin42freewillie: http://upstart.ubuntu.com/getting-started.html16:09
freewilliethanks16:10
freewilliepenguin42, I think i can solve my problem i think16:10
ne7workhello all please someone help me i have a problem with IDJC16:16
ne7worki need to start IDJC ;(16:16
freewilliene7work, sorry, I can't help you16:18
ne7workwhy?16:18
freewillieI have no idea what IDJC is16:19
freewillieWhat is it?16:22
ne7workfreewillie, Internet DJ Console16:24
freewillieah, i had problems to to run it16:25
freewilliewhat is the problem excactly then?16:26
=== dendrobates is now known as dendro-afk
* penguin42 has ubuntu-server in a KVM guest booting off another KVM guest via iscsi17:35
RoyK^lol17:37
RoyK^why do you do that to yourself?17:37
penguin42masochism?17:40
RoyK^add a win2008 guest than, and then a few guests running on that17:43
* RoyK^ is off17:43
penguin42so what's the right way to report a bug from a text mode ubuntu-server? will ubuntu-bug do something sane?17:43
elnurCan I give create a user and give him SSH access to my server so that he can't access anything that is not in her home dir?17:46
elnurer17:46
penguin42:-)17:46
elnurCan I create a user and give her SSH access to my server so that she can't access anything that is not in her home dir?17:46
elnurFixed :)17:46
penguin42do you really want ssh or just sftp ?17:46
elnurWhat is the diff between ssh and sftp?17:46
penguin42sftp can just do file transfer17:47
penguin42(I'm not sure if it's actually the same underlying protocol as scp or not?)17:47
elnurIt'll be better to give her ssh.17:47
elnurSo that she can edit files in her home dir.17:47
penguin42ok, so I think the best you can do there is probably give her a restricted shell17:48
elnurpenguin42, I heard something about chroot. Is that what you are talking about?17:49
penguin42no, I don't think chroot would work for a full ssh login, it can be done for sftp17:49
elnurpenguin42, then what?17:52
freewillieSpaceGhostC2C: I am logging out, I will try the rubby stuff tomorow17:54
penguin42a restricted shell (e.g. rbash) will restrict where they can cd to, but it's not really that protective17:54
* freewillie is leaving...17:55
elnurpenguin42, so, will it be much easier to just give her (s)ftp access?17:55
penguin42yes, there is a chroot setup (somewhere) for sftp that should be pretty secure17:55
xperiahello to all. i need some start up help with setting up ubuntu on a hp proliant ml 53017:56
elnurpenguin42, ok. thanks. i'll investigate it further.17:57
xperiais anybody here who can advice me a little what is needed. it is enoght just to put the ubuntu server cd in te cdrom17:57
xperiaand connect over ssh to the server ?17:58
xperiamaybe a netwrok setup is better ?17:58
yosi1234anyone here using ubuntu server on ESXi?18:42
yosi1234i'm trying to figure out how much latency it adds to network and storage18:43
yosi1234i have a very busy lamp server i want to virtualize18:43
ikoniayou asked this the other day18:43
ikoniaI told you the answer18:44
yosi1234ikonia: you said that there was a performance hit, but I need to quantify how much..  tried to find something online, but no luck18:45
yosi1234trying to figure out how many ms/ns on the network lag18:45
yosi1234and any IOPS performance18:46
yosi1234for storage18:46
ikoniayosi1234: it's nothing to do with ubuntu, it's how you setup and manage your esx host18:46
ikoniaas I told you18:46
ikoniaso ask the vmware support people, if you have an esx host, you have access to their support resources18:46
yosi1234no i have free esxi18:46
yosi1234but you are right18:47
yosi1234it maybe more of a question for them18:47
ikoniaesx works different than the free version, so you need to quantify which version you want to use with the vmware support groups18:47
yosi1234fair enough18:47
yosi1234i will try to see if they have a support channel for that stuff.. what do do like about it is the ease of backing up virtual disks, but no at the expense of performance18:48
yosi1234I searched all over for a good ubuntu/linux baremetal backup solution but can't find any, but acronis, but it doesn';t support ext418:48
penguin42yosi1234: You could run lucid with ext3 I think18:50
yosi1234any ext4? support?18:51
yosi1234oh, u mean the OS, there is also backup software called Lucid18:53
yosi1234LOL18:53
yosi1234prefer ext4, on the raid adpter the performance is much better on ext418:53
RoyK^just got a nagios message - data is running low, only 3,5TiB left18:53
RoyK^ext3 is safe18:54
RoyK^rock stable18:54
RoyK^well-proven18:54
RoyK^ext4 is newer18:54
yosi1234true...18:54
yosi1234good point..18:54
RoyK^the latter is better for large volumes, BIG files etc18:54
RoyK^but I'd stick with ext3 for now18:54
yosi1234maybe acronis on ext3 is a good solution then18:54
RoyK^for storage?18:55
* RoyK^ uses opensolaris + zfs for storage18:55
yosi1234yes18:55
yosi1234for a LAMP server18:55
RoyK^zfs beats the whole gang18:55
yosi1234hi volume, high traffic18:55
RoyK^how much do you need?18:55
ikoniaext3 will be fine18:55
yosi1234need bare metal backup option18:56
RoyK^a terabyte? 10? 100?18:56
yosi1234fair enough18:56
ikoniayosi1234: just take regular dd images of the disk18:56
yosi12342 TB, but 15 concurrent users18:56
yosi123415,00018:56
ikoniayosi1234: or make a kickstart profile of the machine and just backup the application data18:56
RoyK^that's access, not users18:56
yosi1234its a realtime collaboration site18:56
RoyK^yosi1234: 2TB will work fine with any FS, except perhaps UFS18:57
ikoniaRoyK^: you'd probably get away with it even on ufs, although at the upper end of the limit18:57
yosi1234fair enough...  one sec, pgone call, shit...18:57
yosi1234phone call18:57
yosi1234brb18:57
RoyK^ikonia: yes, it'll work with ufs as well, but I wouldn't recommend it18:57
RoyK^zfs ftw!18:57
ikoniagod no18:58
RoyK^god? which one? anyone seen him?18:58
RoyK^or her?18:58
RoyK^it18:58
=== RoAk is now known as andreserl
=== SkyHAPPY is now known as Sky[x]
Tonny_Bennetïðèâåò âñåì20:48
cloakableo.o20:49
Theravadanthat worked Tonny_Bennet20:49
TheravadanI've upgraded from 8.04.1 to 9.10 so far, now doing 10.0420:49
Tonny_BennetÓ ìåíÿ åñòü ïðîáëåìêà ñ ssh ñåðâåðîì ïîìîæåòå?20:50
jpdsTheravadan: You know that you can do 8.04.* to 10.04 ?20:54
Theravadanjpds, well from 8.04 you can but right now it's not possible from 8.04.1+ until a few months from now20:55
jpdsTheravadan: Try: do-release-upgrade -p20:55
Theravadanjpds, what does the -p do?20:56
jpdsUpgrades to a proposed release.20:56
Theravadanjpds, read that from the docs, how is that different from running w/o -p?20:56
jpdsIt will actually upgrade a hardy box to lucid.20:57
Theravadanjpds, whoa that would have saved me a lot of time.20:57
jpdsTime is money. o/20:57
Theravadanjpds, got that right!20:58
uvirtbotNew bug: #578064 in php5 (main) "php5 crashed with SIGSEGV in start_thread()" [Undecided,New] https://launchpad.net/bugs/57806421:06
* RoyK^ encrypts all his data with rot-13 - TWICE21:58
guntbertRoyK^: well done for double measure :-)22:00
RoyK^security is my profession22:01
bondiblueos9is there any way to know how much data has been written to a tape drive?22:02
RoyK^not really22:03
bondiblueos9thanks guntbert22:03
RoyK^whatever process that writes it needs to keep track on it22:03
bondiblueos9just realized it was more relevant here22:03
bondiblueos9RoyK^, do you know if there is a way to make tar output the size of what it has written?22:04
RoyK^I think -v says that22:04
RoyK^testing.....22:04
bondiblueos9RoyK^, -v says the file names when writing, and when viewing with -t it says the file sizes22:05
bondiblueos9RoyK^, but when its done I need it to tell me the total size, taking compression into account22:05
RoyK^question is, why are you using tar for backup?22:06
RoyK^it's 2010, not 198022:06
RoyK^open backup solutions like bacaula are far better22:07
bondiblueos9RoyK^, I'm using it to write to a tape drive; I looked into using dump, but the files are on an ntfs drive22:07
bondiblueos9I happen to have a tape drive, and I figured I'd clear some old backups and files off a couple harddrives onto a few tapes I have22:07
bondiblueos9and tar is very simple and straight forward22:09
ne7workhello all22:15
RoyK^bondiblueos9: it's very simple, yes, but that's it22:15
ne7worki have problem with my creative audio driver22:15
ne7workhttp://pastebin.com/sFt9iazc22:15
ne7workplease someone help me22:15
chrismsnzHey guys, do you know of a PPA that can provide a version of innodb plugin for mysql compiled against the lucid version? we're having no end of trouble here22:16
RoyK^bondiblueos9: using a proper backup system will make life easier22:16
RoyK^chrismsnz: mysql in lucid should support innodb quite well22:16
chrismsnzRoyK^: well, we wish to use some of the new features like fast index creation on innodb22:18
chrismsnzstuff that isn't supported until mysql 5.5, or whatever they decide to name the next release22:18
sherrne7work: Did you read through the Ubuntu Forums thread about Creative Labs XFI driver compilation on Linux? Whatever, I would say that compiling an audio driver in this channel is off-topic really.22:19
sherrne7work: http://ubuntuforums.org/showthread.php?t=87000122:19
RoyK^chrismsnz: I'd say install mysql from source into another directory22:20
chrismsnzRoyK^: I'm doing that now :( Was hoping to avoid it, oh well :|22:20
RoyK^or pay someone to backport it22:21
RoyK^seems to me it's an engine rewrite22:21
chrismsnzthat someone very well may be me22:21
RoyK^not merely a module22:21
chrismsnzit's a storage engine plugin22:22
ne7worksherr, and again i have error22:22
ne7worki make all of these thread step by step22:22
ne7workand i have errors?22:22
RoyK^isn't mysql 5.5 still in beta?22:23
chrismsnzRoyK^: yes, thats why we're not running it22:23
chrismsnzhowever, mysql 5.5 has merged in the new innodb changes from the innodb project22:23
chrismsnzbut they also release the new work as a plugin for earlier versions22:24
RoyK^chrismsnz: what do these changes do to performance?22:28
chrismsnzit's improved, but there's other good features in there too22:29
chrismsnzfast index creation is killer - no longer requires a temp table when adding an index to a table22:29
RoyK^anything you can't do better with postgresql?22:29
chrismsnzRoyK^: been barking up that tree as well :P22:30
chrismsnzmysql has a lot to answer for to us... we've got a lot of coupled code22:31
chrismsnzi.e. working around its broken optimiser22:31
RoyK^so rewriting it to psql will cost a little22:31
chrismsnzyeah, we are using an abstraction layer, but some work will be required22:32
chrismsnzconsidering waiting until drizzle is released, psql 9 and whatever mysql brings out by then and doing a shootout between them22:33
chrismsnzseeing if it's worth a move22:33
RoyK^imho psql beats the shit out of mysql at most work22:33
chrismsnzya, replication tho is a pita until 9 tho, right?22:33
RoyK^I don't think it's really well integrated until 922:34
RoyK^some parts exist in 8, but not in the main tree22:34
RoyK^seems postgres is in opensolaris still22:37
RoyK^nice22:37
RoyK^I guess Oracle will kick that out soon22:37
chrismsnzheh22:39
chrismsnzoracle are strange22:39
RoyK^not strange22:40
RoyK^jut money-eating parasites22:40
chrismsnzthey own innobase, which is the main/best storage engine for mysql22:40
chrismsnzbut they still seem to be chugging along22:40
chrismsnzi notice all the drizzle guys who used to work at sun got out of dodge when oracle bought them22:40
chrismsnzwork for rackspace now22:40
RoyK^I just work for an air research institute in norway22:41
RoyK^we have tons of data and we need zfs to handle it22:41
chrismsnzah true22:41
RoyK^Eyjafjallajökull has been filling up our drives with ash for some time22:42
JanCsoon you'll have btrfs  ;)22:42
RoyK^in one, perhaps two years, yes22:42
RoyK^currently btrfs is quite useless compared to zfs22:42
chrismsnzzfs is awesome, that's for sure22:44
chrismsnzyou can FUSE it if you're really desperate22:44
chrismsnzbut opensolaris isn't bad22:44
chrismsnzRoyK^: have you used nexenta?22:44
chrismsnzhttp://www.nexenta.org/ a very interesting project22:45
RoyK^only tried it22:45
RoyK^went back to osol quite quickly22:45
chrismsnznot so good?22:45
RoyK^larger userbase on osol, thus better support22:45
RoyK^from the community22:46
chrismsnzya22:46
chrismsnzI work for an ecommerce company in NZ, so no massive storage requirements22:46
chrismsnzbut our database is becomming a problem22:46
RoyK^what is "massive storage"?22:47
RoyK^10TB?22:47
chrismsnzguess so22:47
chrismsnzwe use MogileFS to manage stuff like product images and other stuff22:48
RoyK^we're extending our zpool to 50TB these days22:48
JanCheh, I know people who have a multiple of that at home  ;-)22:48
JanC(I don't want to ask them why they need that)22:48
chrismsnzheh22:49
RoyK^this is a nice box http://pastebin.com/hCHtteKt22:49
RoyK^this is also a rahter nice box http://pastebin.com/9kDJw9Gw22:49
chrismsnznice :D22:50
RoyK^the 16-core baby has been chewing ash for a week or so now22:51
RoyK^did't really cost a lot - NOK 43k22:51
chrismsnzdoh22:51
* RoyK^ hands chrismsnz a doh-nut22:52
chrismsnz:)22:52
RoyK^what was that doh about?22:53
=== Thell is now known as Thell|Away
TheravadanI added "postgres         hard    nofile          300000" to limits.conf but I can't raise the no files via ulimit, anyone know why?23:03
jeeves_Mosscan anyone reccomend a good brute force SSH password cracker?  I want to test how secure my router's SSH is23:07
bondiblueos9lol of course you do23:07
bondiblueos9but seriously, would that even work?23:07
jeeves_Mosswhat do you mean?23:07
bondiblueos9i mean, wouldn't the ssh server decide to stop responding and block after several failed attempts?23:07
jeeves_Mosslol,  I want to test it!23:08
jeeves_Mossthat was the point of my request23:08
bondiblueos9and even if it didn't, wouldn't brute forcing take forever, like more than a few seconds for each attempt?23:08
jeeves_Moss'meh, I've got time, and it's internal to the network23:08
bondiblueos9I don't mean to shut you down; I'm curious like that too23:09
jeeves_Mossohhh23:09
jeeves_Mosswell, as I said, I want to test just how "hard" DD-WRT has their SSH attack blocking.  Personally, I don't belive that it's as strong as tehy claim23:09
bondiblueos9but even if there is no ssh brute force cracker, you could just think of how many possibilities you'd have to brute force for a password of your length, average case (half of worst case I think, ie half of all of them)23:10
bondiblueos9and then think about how long each attempt would take23:10
bondiblueos9and then you shoudl know how long it would take on average to brute force your password23:10
jeeves_Mosslol,  it's 12 car long, capitals, numbers, and specials.23:11
JanCjeeves_Moss: you use passwords with ssh ?23:12
jeeves_MossJanC, ???23:12
JanCplease read the ssh manual about ssh keys and disable all password logins  ;)23:13
bondiblueos9I use passwords with ssh because i'm too lazy to set up keys and everything I use isn't really a security concern to me; then again I could set up keys and claim I did it because I'm too lazy to remember passwords23:13
jeeves_Mosslol23:13
jeeves_Mossyea, well, I ~could~ do that, but....23:13
bondiblueos9although, at least you can use passwords from anywhere23:13
jeeves_Mossthis is VERRY true!23:13
bondiblueos9I mean, I guess you could use a key from anywhere too23:14
jeeves_Mossanyways, scratch that.  Next project for this afternoon.  Getting TLS working.  <ugh>23:14
bondiblueos9if you happen to have the keyfile on you23:14
jeeves_MossI hate e-mail servers.  it's offical!23:15
JanCseriously, if you don't care about login into your router from some random other computer, why do you care about password strength  ;)23:16
JanCand password login throtling etc.23:17
JanChow do you know that random PC has no trojan or whatever?23:18
JanCanyway, there are lots of brute force cracking programs that you could use with any tool you want (they generate a password and supply it to whatever program you want)23:20
killowndo anyone know the location of dialog scripts from Ubuntu-Server CD INSTALL who are responsible by manage system install?23:31
RoyK^Jeeves_: install fail2ban23:41
=== RoyK is now known as Guest45690
=== RoyK^ is now known as RoyK

Generated by irclog2html.py 2.7 by Marius Gedminas - find it at mg.pov.lt!