[00:00] julianc, ok, thanks [00:11] dnsmasq is great :) [00:19] how do I mount a freenas smb share, and keep it mounted even after reboot [00:30] gop_, hmm.. /etc/fstab ? [00:47] thanks [00:51] deslector what do you mean /etc/fstab [00:51] gop_, sorry, you should edit /etc/fstab so that the share gets mounted automatically at startup [00:52] gop_, https://help.ubuntu.com/community/Fstab [00:52] k [00:52] thaknks [00:52] smbfs === bogeyd6- is now known as bogeyd6 === bogeyd6 is now known as Guest9330 === Guest9330 is now known as bogeyd6- [02:08] hello, how can i repair a bad superblock error in a ubuntu dapper server (sorry, i know that it's a too old release, but i am new in this place :p ) [02:09] Any of you ever try to put centos on top of kvm? It mostly works but the networking part is being a massive pita... [02:10] the HD has errors and after pass a fsck -p command, do not recognize the filesystem and grub presents an error 17 :( [02:10] edwin-sv: http://docs.sun.com/app/docs/doc/805-7228/6j6q7uf0i?a=view [02:10] edwin-sv: seems to be what you're looking for [02:10] thanx MTecknology, i will try :) [02:10] if grub is complaining - You may need to reinstall grub after fixing this [02:11] also... get a new drive - drive errors are usually a bad omen [02:11] ok, i will try that too... [02:11] !grub [02:11] grub is the default boot manager for Ubuntu releases before Karmic (9.10). Lost GRUB after installing Windows? See https://help.ubuntu.com/community/RestoreGrub - GRUB how-tos: https://help.ubuntu.com/community/GrubHowto - See !grub2 for Karmic onwards. [02:11] check out the restore link [02:14] MTecknology: the command newfs isn't present in ubuntu :( (Display the superblock values with the newfs -N command) [02:14] what can i use instead of newfs? [02:15] lemme research google :P [02:17] edwin-sv: what's the exact error [02:18] http://www.cyberciti.biz/faq/recover-bad-superblock-from-corrupted-partition/ [02:21] i try to mount the /dev/sda2 where the system is but it says that i must specify the type of filesystem and when i do that says that there is a bad superblock error [02:21] a bad superblock on /dev/sda2 [02:31] MTecknology: when i run dumpe2fs /dev/sda2 says "couldnt find valid filesystem superblock" and it suposed says the number of my superblock /dev/sda2 [02:32] i didn't get the output (or similar) like in the example :s [02:33] edwin-sv: replace the drive and restore from backup would probly make the most sense.. [02:34] i'm not much of a recovery expert - best i could say is spinrite might save you long enough to recover data [02:35] the last employee that was watching linux server didn't backup of this drive, as i mentioned early i am new here and i found everything as is :S :$ [02:36] spinrite is probably your best save - but it takes a while === MTeck is now known as MTecknology [03:15] If any of you are smart with kvm - I could really really use some help [03:35] My fastcgi with php on lucid, crash after a few hours of use. [03:36] failover: did you check the logs? [03:37] i 'm not sure at what log file should i look... [03:38] Everything in /var/log [03:38] Sort by time to see what logs have been updated recently. [03:38] And try looking for keywords like "php" or "apache" or whatever. [03:41] is there a way, if i have a server running a few different services, that i can give resource priority to one service? i run a web, mail, and ivr server. when the system is busy, the ivr gets jittery. [03:42] ok, twb, i will check the logs [03:43] skrite: you probably want nice(1) for CPU and ionice(1) for I/O. [03:43] These can and should be assigned indirectly via start-stop-daemon(8) where the init script uses that layer. [03:44] twb, thanks [03:44] if nice is not declared for a service, is there a nice level that Linux assumes for it? [03:45] IIRC the default niceness is 0 or 10 [03:45] The manpage should say so [03:45] of course, thanks [03:51] Nothing relevant on logs. My fcgi crash on lucid, but when i was using karmic the same happen. [04:02] New bug: #588104 in bacula (main) "package bacula-director-mysql 5.0.1-1ubuntu1 failed to install/upgrade: ERROR 2002 (HY000): Can't connect to local MySQL server through socket '/var/run/mysqld/mysqld.sock' (2)" [Undecided,New] https://launchpad.net/bugs/588104 [05:02] is this a good line to have in your /etc/passwd: nobody:x:65534:65534:nobody:/nonexistent:/bin/s [05:03] That's normal. [05:03] Why d you ask? [05:03] tucemiux: why do you ask? [05:03] twb, because I'm looking at some tips on how to secure my ubuntu server and theyre talkinb about making sure user nobody doesnt have a shell [05:04] And why do they say to do that? [05:05] twb, because user nobody is not supposed to have a shell and I am wondering if that's true and if I should remove the shell from user nobody on my server [05:05] Why do you think nobody shouldn't have a shell? [05:05] Oh, sorry, I miread you [05:06] yeah thats ok [05:06] I think you could set it to /bin/false and nothing would break [05:06] But I wouldn't bother -- there are doubtless far more important things to lock down [05:07] twb, im thinking on setting it to /dev/null - would that break anything? [05:07] Like: don't run PHP applications, don't allow password-based SSH access, etc. [05:07] tucemiux: I believe /bin/false is the convention [05:08] twb, but what if a hacker creates a /bin/false? I would rather use /dev/null but I dont know if that'll break anything, i just installed ubuntu server and am learning along the way, my ssh and web server are up and running flawlessly [05:08] I am also very worried about this line: Successful su for www-data by root [05:13] twb, i guess Successful su for ww-data by root is nothing to worry about? [05:15] That sounds like you started apache and it relinquished its root privileges [05:18] I'm using lighthtpd by the way, lighthttpd uses www-var [05:20] twb, what's the password for root? Since it looks like there is a root user on my server: root:x:0:0:root:/root:/bin/bash [05:20] root has no password. [05:21] dawn [05:22] good thing i disabled passwordless ssh logins but unfortunate for me, I didnt disable root login unti an hour ago and restarted my ssh server [05:35] tucemiux: you should have a user capable of sudoing to root though. [05:36] SpamapS, yes i can sudo to root, im just wondering why there is a root user and what is the password, thats all [05:37] tucemiux: oh there's usually not a root password... its designed to reduce your risk and teach you not to do things as root mostly. ;) [05:37] SpamapS, basically, if an unauthorized user is able to gain access to my machine, would they be able to grant themselves root access, im new at this, if you know of any resources thatll help me explain that stuff i will greatly appreciate it [05:38] tucemiux: you'd have to really screw things up to make that possible. [05:41] SpamapS, i actually did, the good thing is that i didnt allow empty passwords for ssh but I did allow root logins :-( At least I changed the default port [05:42] pam shouldn't allow empty passwords from insecure ttys in any case [05:42] But root's password isn't the null (empty) password -- it DOESN'T HAVE a password. [05:43] twb, thanks for the clarification, i can sleep well now -- im going to research about denyhosts and keep reading a tutorial i found to secure my ubuntu server [05:43] denyhosts blows. [05:44] IMO it's better for netfilter rules to recognize and tarpit brute-force attacks, than to periodically scan log files for attackers and append to an ipset table. [05:49] twb, netfilet rules? Is it like ip tables? [05:50] iptables is the user interface to netfilter. [05:51] I like denyhosts. [05:51] I believe it can be changed to execute any command you want to update the local deny listing [05:51] hosts.deny is just its default [05:52] I do wonder if this starts to hurt performance at some point... [05:52] $ wc -l /etc/hosts.deny [05:52] 44289 /etc/hosts.deny [05:53] Well, Wietse's tcpwrappers will complete more of the handshake before hanging up [05:54] Compared to an ipset(8) IP hash, I mean. [05:54] twb, can i use netfilter through ssh? My server is headless [05:54] tucemiux: sure. [06:06] twb, im already using fail2ban, should I use netfilter as well? [06:07] They do the same job. [06:08] It's just a matter of having a hard-coded netfilter rule, vs. having an active log-scanner that edits netfilter (or ipset) rules. [06:08] twb, thanks I guess I'll stay with fail2ban then [06:09] twb, do you have any recommendations or any resources I can read or for someone who plans on using ubuntu server to have his own ssh, web, and maybe e-mail server @ home? [06:12] the ubuntu server guide [06:12] Hosting your own mail server is almost certainly not worth the effort [06:12] Unless you're doing it for pedagogical reasons, of course... [06:13] twb, hosting your own e-mail server is not worth the effort? what makes you say that? [06:13] Because it's a major pain in the arse. [06:13] and that's a big mighty word you used back there you got me lost in the middle somewhere :-( [06:14] I'm sure you can find a dictionary if you care enough [06:15] twb, so if I create my own domain as in, mineown.com, how am I supposed to get e-mail addresses in the form of someone@mineown.com and where would the e-mail server be? [06:16] You pay someone like google to do it for you. [06:17] twb, ok so what is the part that is difficult with a e-mail server ? [06:19] Hosting your MX records somewhere, setting up a secondary MX, setting up greylisting, making sure you're not an open relay, dealing with being RBLd, etc. [06:19] Oh, and don't forget dealing with ISPs that block 25 on residential plans [06:20] If you had 100 users it might be worth it; for a single-user home network it isn't. [06:22] twb, optimum online offers a service where they open port 80 and port 25 for you and it only costs about $10 a month [06:22] Shrug [06:23] A whole VPS doesn't cost much more than that, IIRC [06:23] these days I still host my vanity domains, but I do not do the MX work.. I leave that up to a barracuda anti-spam appliance that my hosting company provides [06:23] Oh yeah, another issue is of course that when your home network goes down, you lose mail (unless/until the other MTAs resend it). [06:24] yeah I don't believe having servers at home is a) fun or b) ecologically friendly [06:24] Unless they're "servers" [06:24] or you have green power at home.. :) [06:24] SpamapS: I got rid of mine when I realized it was a glorified NAS with an internet-facing httpd on it. Now I just plug the disk into the back of my OpenWRT and (ab)use busybox httpd. Nice and solid-state. [06:25] SpamapS, I have a headless pentium III dua processor machine, does that count ? [06:26] twb: nice. :) [06:26] tucemiux: no, probably chomping down 1kw of power just to spin those old fans and disks. ;) [06:27] Pentium IIIs do have a relatively good power profile, though [06:27] tucemiux: though reusing it *does* prevent waste.. so it may be a wash. [06:27] Probably not as good as a modern MIPS or ARM or Atom/Geode, though. [06:27] True I recall the P3 just died because it was too inflexible to be moved up in clock rate or down in interconnect size. [06:28] twb, i can use a router to host a web site? I''m using tomato on my router, can I use that to host a web site? [06:28] tucemiux: you can do anything with anything. [06:29] twb, i mean, what youre doing nowadays, youre using your router to host a web site? How does that work? Itll be awesome if I can do it at home with my router as well, it has the capabilities [06:30] tucemiux: er, you just run an httpd [06:31] twb, ok so i just a daemon on the server and then what? I plug a USB device into the router? Or can I point the router to use a HD in another machine? [06:33] That's something you'll have to discuss with the tomato people [06:34] twb, I was talking about what you do, I can actually flash my router with OpenWRT [06:42] I have a degraded raid array. i don't know if the disk is bad. do I risk bad things if I try to add the drive back into the array? [06:42] raid 1 btw [06:42] joebob: probably [06:43] joebob: what caused the drive to be marked as bad? [06:43] SpamapS, not sure. mdadm detail shows Spare Devices : 0 Failed Devices : 0 [06:44] joebob: look in your kernel log.. maybe just try 'dmesg' first [06:44] says the second drive was "removed" [06:44] SpamapS, what am I looking for? [06:44] joebob: anything about the drive [06:45] joebob: you can also try 'sudo less /var/log/syslog' ... possible that mdadm or smartd printed messages that won't be in dmesg [06:45] SpamapS, http://pastebin.com/3r6CUQBj [06:46] joebob: ahh, so did you forcibly turn off your machine or have a kernel panic, anything like that? [06:46] joebob: its entirely possible that things are fine given that scenario.. you just need to re-add it. [06:47] SpamapS, had some power outages recently. just noticed tonight. could have been this way for a month [06:47] SpamapS, do I need to do : sfdisk -d /dev/sda | sfdisk /dev/sdb? or can I just try to add it again? [06:48] joebob: you only need to do that sfdisk step if you are afraid that the partition tables got out of sync for some reason [06:49] SpamapS, no not. so how do I add it back in? [06:49] joebob: you should first be asking smartctl and hdparm/sdparm for info about the drive [06:50] Particularly, run a short test and maybe a long test over the dodgy drive. If they come back with any errors, get a new drive. [06:51] honestly if the data is worth any money at all, just buy a new drive. ;) [06:51] If you're physically proximal, also check that the drives have proper airflow and are separated by a gap. I see a lot of RAID1 arrays where the drives are one atop the other, and the top one dies. [06:51] SpamapS: certainly a good rule of thumb. [06:51] SpamapS twb , ok will do thx [06:52] One of my favorite WTF's of all time was when I started at [insert previous employer] and notied a yellow drive light on a very expensive disk array.. [06:53] the admin I was replacing goes "Oh yeah, they do that sometimes, just do this" and pulls it out, counts to 3, pushes it back in. "We'll make sure its green again when we leave, usually takes just a few minutes" [06:53] We do that :-( [06:54] If it comes up bad twice in a row, then you are confident that its *really* hosed, not just a stupid firmware [06:54] Best part was two weeks later when he was gone and I contacted the drive array maker to get 3 replacement drives, they informed me that the company had fallen off support, the drives had special firmware, and w/o support the drives would be $3k each. [06:54] ahaha [06:54] I informed the president of the company that we needed to spend $9k plus $1k for a tech to come out and verify the array, or the db server might die at any moment. [06:54] My customers "can't justify" the expense of support contracts [06:55] Guess what happened 4 months later, when we were still on the bad drives? [06:55] Which is why I always tell them "OK, first you should call your support number and ask them. Otherwise I'll charge time and materials and be RTFSing all week." [06:55] SpamapS: fortunately your tape backup was only two, not five years, out of date! [06:56] A new admin was in the cage, brought a new SCSI disk with him, went to replace 1 of the two failed drives (it was a 6 disk RAID5 w/ 1 hot spare)... but he accidentally pulled one of the green drives. [06:56] so the array supporting the database, but not the transaction logs, failed.... [06:56] which would have been *FINE* [06:56] ahaga [06:57] there was a snapshot from 2 days earlier... and transaction logs up to the point in time of idiocy [06:57] I love when the monkeys do that [06:57] but then he makes is REAL genius move [06:57] cf. molly-guard [06:57] "the Array won't come up, I'm rebooting the array" [06:57] meanwhile I'm at home w/ 103F fever.. I'm like "sounds like a bad idea, call the mfgr, pay the support cost and get them out there dude" [06:58] nope, he reboots the array, which he discovers is impossible, because it has battery backups.. [06:58] so he disconnects the power [06:58] wiping out the disk configuration.. [06:58] and the binlogs [06:58] 2 days of database transactions, lost [06:59] and actually, 3 more days of another database's transactions lost because it was 'less important' and only backed up once per week [06:59] Out of curiosity, what was this, db2? [06:59] Mysql [06:59] Ahahahaha [06:59] on Sun [07:00] but Sun was not the mfgr of the array [07:00] I'll never understand how mysql worms it way into enterprise environments. [07:00] anyway... the best part was how they recovered the "less important" data, which was usernames + passwords [07:01] mysql is simple [07:01] if you understand its limitations, its fine [07:01] Hmph [07:03] the way they recovered the usernames/passwords that were added / changed was genius.. they had support respond "Oh I'm sorry you can't access the account you created last week. Whats your email address? Ok, yes it seems the account data was locked, I can create a temporary password for you and have it emailed to the address on file." and then just sign them up right on the spot. [07:04] If people knew it was happening they could have gotten free accounts, but who cares? nobody knew. [07:04] 6 months there felt like 6 years [07:04] twb: oh I forgot to laugh really hard at you calling them "enterprise" ;) [07:05] It means the women wear miniskirts, and the hardware looks expensive but is actually just painted sheets of plywood [07:06] :) [07:14] hi [07:18] i have a referer to our website material, which is no longer in use. i also get some log-data regarding to this linking. any ideas on how to get te referring site to drop the link? [07:21] Unless you're talking about HTTP, it's "referrer" [07:22] can someone help me about https://lists.ubuntu.com/archives/ubuntu-server/2010-May/004246.html ? [08:00] kaushal: when you say it doesn't start, what do you mean? [08:01] SpamapS: when i run it by hand using /etc/init.d/resqueweb start it works as expected but does not comeup automatically after boot up [08:02] kaushal: does the service listen on a specific IP? [08:02] nope [08:02] kaushal: anything in the boot log? [08:03] nope [08:05] kaushal: so the service isn't even mentioned in /var/log/boot.log ? [08:05] kaushal: Ah, back again! :) [08:05] SpamapS: cat /var/log/boot [08:05] (Nothing has been logged yet.) [08:06] kaushal: /var/log/boot.log [08:06] kaushal: you probably need to use the update-rc.d command to tell the computer to start it at boot. Take a look at this - http://www.debuntu.org/how-to-manage-services-with-update-rc.d [08:06] SpamapS: The init-script gets executed, it's just the service called from the init-script that doesn't work [08:06] e_t_: That's done. [08:08] the mail formatting screwed up the scripts.. [08:09] impossible to tell where #'s are preceding a line if the next line is part of the comment or meant to be executed [08:15] kaushal: again, nothing in /var/log/boot.log ? [08:16] SpamapS: nope [08:16] SpamapS: mail formatting ? [08:16] shall i pastebin all the scripts ? [08:26] kaushal: It might help.. but I'd love to see some logs .. thats weird [08:26] sure [08:26] SpamapS: please give me a moment [08:35] Hello! I have a spare computer and I would like to install ubuntu server version on it. Does it have a gui or it is text based? [08:41] SpamapS: http://fpaste.org/L5BY/ [08:46] alktors: Ubuntu Server is text-based, though you are free to install a gui if you want. Alternately, you can add server packages to Ubuntu desktop. [08:47] e_t_, Thanks for replying, I want to make a nexuiz server out of it. For example what do you type to get gnome? [08:49] alktors: I am not familiar with nexuiz. The easiest way to get a desktop is to install one of these: ubuntu-desktop, kubuntu-desktop,xubuntu-desktop. Either ubuntu or xubuntu will give you a GNOME desktop, though xubuntu will be somewhat lighter on resources. [08:50] alktors: what is nexuiz? [08:50] e_t_, Ok, thanks so much! It's a open source shooter. [08:50] kaushal: ok, thats a normal init script sure [08:51] SpamapS, It's an open source shooter. [08:51] SpamapS, http://en.wikipedia.org/wiki/Nexuiz [08:51] kaushal: however, if rc had run it, you'd see "Starting ResqueServer: " in /var/log/boot.log [08:51] SpamapS, It's really fun :) [08:51] * SpamapS has been placating his gaming need w/ quakelive [08:51] Thanks for the help e_t_ [08:51] alktors: for running as a server, just use ssh [08:51] alktors: you don't need or want gnome. :) [08:52] SpamapS, I need to get used to the terminal...I'm not an advanced user:( [08:53] alktors: its easier than you think [08:53] alktors: and I'd be willing to bet that all you're going to be able to do with gnome is open a terminal [08:53] alktors: to help w/ nexuiz I mean [08:53] SpamapS: i dont see anything in /var/log/boot file [08:53] SpamapS, :) [08:54] alktors: whereas if you just run it w/ regular server settings, you can use putty from windows, or ssh from a mac/linux box, and you don't need to waste time connecting your server to any keyboard/mouse/video [08:54] kaushal: */var/log/boot.log* [08:54] kaushal: boot.log != boot [08:55] SpamapS, Ok, thanks. Well I will use ssh then, I migrated to linux for windows....and I have to say I'm so happy. [08:55] SpamapS, :)It's a bit hard until I get good enough to help myself but it shure deserves the effort. [08:55] alktors: I have to agree about SSH. It's amazing. Also, the best way to get practice on the command line is to use the command line. [08:56] e_t_, Hehehehe, yes I think you are right. [08:57] ws status [09:01] kaushal: ? [09:01] kaushal: I need to get some sleep.. unless you've got anymore? [09:02] SpamapS: yeah [09:02] I did replied to all your questions [09:02] Do you have something for me ? [09:10] kaushal: I need you to look in /var/log/boot.log not /var/log/boot [09:11] kaushal: that should show the messages from your init script. If it doesn't, then your init script isn't running. [09:14] kaushal: if they do show, then there's something broken in your start script that is requiring a terminal, and you should contact the resque developers. :-/ [09:14] * SpamapS passes out [09:14] SpamapS: is there a way to generate boot.log file ? [09:15] kaushal: if its not there, then I don't know what to do. :-P [09:36] I have set up a server with apt-proxy. I experience a few problems with it. (Using depricated Python modules, hangs sometimes, etc.) This made me read a bit up on the application. I got the impression that apt-proxy is a discontinued project. Is this the case? If so, what should I use instead? Apt-cacher? Or something else? [09:37] tdn: I think the latest is apt-cacher-ng [09:37] e_t_, ok. So is apt-proxy considered depricated? [09:38] I guess so. [09:38] Ok. [09:45] is there a way to generate boot.log file on 8.04 server [09:45] I see /var/log/boot [09:46] http://ubuntuforums.org/showthread.php?t=49925 [10:18] checking in again for my query [10:18] is /var/log/boot the same as /var/log/boot.log ? [10:28] kaushal: no, it isn't. [10:29] kaushal: see /etc/default/bootlogd, but read the comments in bug 328881 first [10:29] Launchpad bug 328881 in upstart "init: support logging of job output" [Medium,Invalid] https://launchpad.net/bugs/328881 [10:35] i'm trying to help someone, they are trying to use bootlogd, we have enabled it in /etc/default/bootlogd, is there anything else required? [10:36] i'm trying to find a backport of squid2.7 for hardy. anyone know where i can find it? doesn't seem to be anything for squid in http://packages.ubuntu.com/hardy-backports/web/ [10:44] dns53: I think that bug report contains a remark about /etc/default/bootlogd not being safe to enable. What's the trouble? [10:44] Since lucid, Ubuntu has a small bit of boot logging (mountall output), but it's not complete yet. [10:46] alvin it is on 8.04 [10:46] dns53: 8.04 has no boot logging at all. [10:47] ok [10:47] What's the nature of the problem you're trying to solve? [10:48] it's not my problem but a person from #ubuntu-au trying to debug his own init script [10:50] his script works correctly when run by himself but does not work as an init.d script [10:56] environment variables are different during boot. Be careful to give full paths to executables [10:57] hmm, no. I'm talking about cron, but I gues the boot environment will be somewhat restricted too [11:09] I just created, stopped, and restarted a RAID5 array of: --create /dev/md1 --level 5 -x 0 -n 3 /dev/sd[abc]2 [11:09] When I start it, I get mdadm: /dev/md1 has been started with 2 drives (out of 3) and 1 spare. [11:10] Does that seem right to you? [11:11] raid 5 should be using all 3 drives [11:12] raid5 on two drives - heh [11:12] -x 0 == no spares [11:13] Exactly! [11:13] twb: what does /proc/mdstat say? [11:13] md1 : active raid5 sda2[0] sdc2[3] sdb2[1] 1464645888 blocks level 5, 64k chunk, algorithm 2 [3/2] [UU_] [11:13] yes has it rebuilt the array? [11:13] dns53: not yet; it's a large array [11:13] where "large" is "more than 256MB" [11:14] * RoyK pats his 50TB opensolaris box [11:14] yes, so it is doing that, you need [UUU] [11:15] dns53: any idea how to do so, given that I'm already supplying -n3 -x0? [11:15] twb: looks like a bug to me - check dmesg for errors [11:15] twb wait for it to build i think, it's been a while since i used raid 5 [11:16] dns53: I really don't think it should show that [11:16] you may be right [11:16] but it does say that it has all 3 drives in the array [11:17] I suspect it's just because it won't start syncing to the third drive until the first two are in sync [11:17] erm [11:17] the three-disk RAID1 array for /boot did something similar. [11:17] that's not how raid5 works [11:18] raid5 spreads all data across all drives [11:18] http://en.wikipedia.org/wiki/Raid5#RAID_5 [11:18] But you can lose up to one drive [11:18] yes, I know, but it should start all drives at once [11:18] RoyK: even when CREATING the array? [11:19] you basically get half on one, half on the second and a checksum on the third, you can loose one of the drives and you have enough info to create the third again [11:19] yes [11:19] no it creates the two halves on all drives then goes through and creating the checksums for all the blocks [11:20] Well, since I have no way to tell it to behave differently, I'll see what happens and check on it tomorrow. [11:20] The entire server is just a hot spare for the "real" server, so I don't care too much if it's out of commission for an extra day or two [11:25] twb: did you check dmesg? [11:25] RoyK: yes, there was nothing useful there. [11:25] k [11:25] twb: doing some testing here - give me 10 minutes [11:26] twb: which ubuntu version is this? [11:26] 8.04 [11:26] k [11:26] Probably about 8.04.1 [11:27] then apt-get update && apt-get dist-upgrade before trying further [11:27] that'll take you up to 8.04.4 [11:27] I'd prefer not to do that yet, because it's 8:30PM and it's in another suburb [11:28] Just in case it becomes unbootable as a result [11:28] your choice - but I've never seen that happen on a minor upgrade with ubuntu 8.04, and I've probably been across > 100 such servers [11:29] Well, that and I *know* the bootloader and the network configuration were hosed the last time it booted, and it was set up with static config long enough for me to get in. I haven't tested my fixes for those yet, either :-) [11:30] * dns53 has upgraded his server while on the bus [11:30] twb: you don't need a reboot after such an upgrade [11:30] Not normally, but sometimes it fucks up [11:30] there'll be a new kernel, but the old one will work well until you get there [11:31] I remember vividly repeatedly getting into nis vs. screen spinlocks when libc was being upgraded [11:31] anyway - upgarde before doing more raid stuff [11:31] 8.04.1 is quite old [11:31] Not spinlocks, deadlocks [11:32] that's a bitch [11:32] Basically (IIUC) libc would try to restart nis, but the "finished restarting nis" output would be blocks while screen tried to talk to nis to find out who I was. [11:33] One more reason to drop NIS ;-P [11:33] yeah [11:34] That would've been around 2005 [11:36] we're still using nis [11:41] twb: perhaps try not to upgrade in screen next time :þ [11:42] RoyK: but then if your SSH session is killed, you could (worst case) corrupt dpkg's database [11:43] then login as a local account [11:43] then use screen with that [11:47] twb: I can test VM here if you like [11:48] RoyK: it won't hurt :-) === oubiwann is now known as oubiwann_ [12:20] twb: http://pastebin.com/UT6ne0Sm [12:20] Thanks [12:21] Apart from algo 2 vs. 4, it certainly looks the same [12:26] will test with 5 drives [12:26] see how that works === oubiwann_ is now known as oubiwann [12:28] Now I check again, it says algo 2. [12:28] I must've misremembered it as 4 [12:35] wtf can I delete an md? [12:36] http://pastebin.com/KRaLBTGg [12:39] twb: from https://raid.wiki.kernel.org/index.php/Mdstat <-- represents the status of each device, either U for up or _ for down. So examples 2 and 6 show 'degraded' arrays with some devices 'down'. [12:39] * RoyK sticks to (open)solaris for storage [13:04] morning [13:05] morning [13:08] zul: yo [13:09] zul, team, everyone: please nominate your favorite server-papercuts before the meeting today. [13:09] sure.. [13:27] New bug: #280421 in ethtool "ethtool not available in post-ifup script" [Wishlist,Triaged] https://launchpad.net/bugs/280421 [13:30] morning [13:43] what firewalls are available in ubuntu 10.04 server version? I'm looking for the most secure one that's also the easiest to figure out as I'm new to using ubuntu, especially in a no-GUI manor. [13:44] MasterZuFu: there is only one f/w and it is called iptables [13:44] MasterZuFu: but there are several utilities/frontends to configure it [13:44] hmmmmmm ok [13:44] MasterZuFu: we recommend "uncomplicated firewall" (ufw) [13:45] alright, i'll look at that up [13:45] MasterZuFu: good. it is installed in the base system [13:45] oh, really? it's already there? [13:46] MasterZuFu: yes. try 'man ufw' [13:46] root@li116-92:~# man ufw [13:46] No manual entry for ufw [13:46] root@li116-92:~# [13:46] MasterZuFu: did you install with the standard ISO? [13:47] i'm using linode.com, it's a standard VPS install. [13:47] MasterZuFu: oh [13:47] yeah, i'm having to learn slowly but surely how to set this thing up [13:47] MasterZuFu: well then, do 'sudo aptitude install ufw' [13:48] for example, my email wasn't working. couldn't send activation emails with my forum. turns out i had to install the mail functionality first, then a mail front end, and then realize the mail front end (exim4 or something like that), is set default to "local only". yeah...frustrating. lol [13:51]