[00:06] <SpamapS> malchias: there is a wealth of information out there for how to setup a web dir.. not sure if one specific to ubuntu exists.
[00:07] <SpamapS> malchias: my personal preference is for services to never be able to write to scripts... so thats why I frown on having things group-owned by www-data.
[00:07] <SpamapS> But at the same time, if you're careful about never using g+w .. then its ok.
[00:10] <malchias> SpamapS: can you recommend a "standard" or "best practices" document on apache security for permissions & group ownership on debian/ubuntu (or anything really)
[00:12] <guntbert> malchias: try to ask in #httpd too
[00:13] <SpamapS> malchias: I'm sorry but I don't know of any such document... most of it is in my head from experience.
[00:13] <SpamapS> I try not to think of it in such detailed terms either
[00:13] <SpamapS> "secure by default" is the thing I chant to myself. ;)
[00:14] <qman__> yeah
[00:14] <qman__> there's a couple of settings I change
[00:14] <qman__> but all in all, the default setup is very well done
[00:15] <SpamapS> agreed... but..
[00:15] <SpamapS> the first thing you do when you setup a web server, is start dumping stuff in the docroot
[00:15] <SpamapS> and, to malchias point, whats the best way to do that and not shoot yourself in the foot. :)
[00:16] <qman__> I take away all the permissions, then give them back as necessary to make it work
[00:17] <qman__> and yeah, www-data doesn't have write access to the scripts
[00:18] <malchias> so soemthing like 740 for files and 700 for directories?  then for the specific scripts that need it increase permissions and keep all files at someuser.www-data ?
[00:18] <qman__> I usually make them root:root, world readable
[00:18] <qman__> unless they have config data
[00:19] <qman__> scripts would be root:root 644
[00:19] <qman__> directories root:root 755
[00:19] <qman__> excepting where you need to tighten it further
[00:19] <qman__> such as config.php or what have you
[00:20] <qman__> or an includes directory
[00:20] <qman__> that would be root:root 644
[00:21] <SpamapS> qman__: why should scripts be root:root ?
[00:21] <qman__> so no one without root can change them
[00:21] <SpamapS> qman__: I usually make them owned by some user that is responsible for publishing
[00:21] <SpamapS> giving root to publishing scripts is a bad idea IMO. ;)
[00:21] <qman__> including the web server
[00:22] <SpamapS> I set the publisher and the web server on the same level. One feeds the other. Root is above them.
[00:22] <qman__> a good plan
[00:22] <SpamapS> Also if you're using something like tarballs to disribute source code, you don't want it to have UID==0 anywhere in there.. as thats very suspicious. ;)
[00:23] <SpamapS> There's this weird thing that is knocking around in my head right now though..
[00:24] <SpamapS> Ever since I heard the term "devops" .. I've been thinking that its really not dev vs. ops vs. devops ... but a third category of thing ...
[00:31] <linxeh> SpamapS: I'm in the UK, I'm in a highly populated area but 2.5 miles from my exchange. my ADSL typically gets just under 2mbit
[00:31] <linxeh> SpamapS: I'm also in a highly affluent town
[00:36] <malchias> if I script is 644, how does it execute?
[00:42] <SpamapS> linxeh: I'm in metro-Los Angeles.. they dumped fiber on the street 2 blocks away and I have about a 50m run of copper I think.
[00:43] <SpamapS> malchias: its not being exec()'d .. its being run by the scripting engine
[00:45] <linxeh> SpamapS: :(
[00:45] <linxeh> SpamapS: there is cable fibre in the street. I cant get it though, even though the fibre is less than 100 yards from me
[00:50] <SpamapS> linxeh: yeah thats what they used to have in the US too.. but Verizon and AT&T laid so much dark fiber they realized they had a huge opportunity to overcharge people. ;)
[00:50] <SpamapS> Still... its the only system that can record 2 HD channels at once that I know of. :)
[00:50]  * SpamapS disappears
[02:29] <bastid_raZor> i'm having some fail2ban errors/warning in /var/log/fail2ban.log   ail2ban.server : ERROR  Unexpected communication error
[02:30] <bastid_raZor> using the stock jail.conf and fail2ban.conf .. the only thing i have changed was ban time and ignoreip
[03:38] <mopi> question: is there a way to use windows group policies with a samba server?
[03:39] <webPragmatist> no
[03:40] <mopi> ubottu: /msg
[03:41] <mopi> !ubottu >mopi
[03:48] <nginxx> wutup ubottu
[03:56] <hlx> Question: Would like to set up a Ubuntu Server and use it as a Domain Controller for a Windows (Perhaps Linux?) Environment. Would like to be pointed in the right direction so I can set up a test network and educate myself
[04:07] <mopi> hlx: I would start by using virtual machines (I use virtualbox) so that way you can take snapshots in case you mess up. document all of your steps
[04:07] <nginxx> your not going to be able to have a linux server act as a windows domain controller
[04:07] <mopi> nginxx: why not, I'm doing it?
[04:07] <hlx> Why not? I don't require group policy.
[04:08] <hlx> mopi: I have a dedicated machine running xenserver for playing with random servers at the moment :P
[04:08] <mopi> hlx: that works :)
[04:09] <mopi> hlx: I would say to start out with ebox and see how that works for you.
[04:09] <hlx> I do like how Ebox looks, I think I will.
[04:10] <mopi> hlx: if you do need any group polices you can configure that on the local workstation and make yourself an image
[04:10] <hlx> how does
[04:10] <hlx> er.
[04:10] <mopi> configure group polices by going start - run - gpedit.msc
[04:10] <hlx> How does Ebox/Samba do authentication? if I configure one machine and image them over, do I need to change the SID? or the DID? As long as I image them before I join the domain I should be fine?
[04:11] <mopi> hlx: correct
[04:11] <mopi> hlx: also FOG will auto add windows to the domain if configured that way
[04:12] <hlx> so this fog is somewhat of an Acronis or norton ghost program, just open source
[04:13] <mopi> hlx: correct, but I would say better. It is administered through a web browser. You can even deploy snapin software that you make yourself. It is very powerful
[04:13] <mopi> hlx: I use it on a network with 700 workstations
[04:13] <mopi> hlx: it runs as your dhcp server too
[04:14] <hlx> interesting. Are there any sort of incremental backup servers? Or does this do something akin? I'm more or less looking for something like a WHS (Windows Home Server) equivalent. I have dabbled with Rsync and don't mind that, but am wondering what else is out there
[04:15] <mopi> hlx: I'm sorry, I can't help you there. I don't work with backups much.
[04:16] <hlx> mopi mind if i pm?
[04:16] <mopi> hlx: go ahead
[04:32] <nginxx> btw, ebox bends the space/time fabric ... it is pretty awesome
[04:32] <hlx> it does look pretty robust
[04:33] <nginxx> sorry about the comment earlier, my definition of a DC is that it can hold the global catalog, etc
[04:34] <nginxx> yea, authentication services is a synch
[04:34] <hlx>     excellent
[04:36] <hlx> yeah the last win server 2k8 solution i sold was a 70 workstation solution, server os, 1u harware and licensing = ~$30,000 , plus the workstations and labor = probably another $80,000, not too many businesses in a small town have that muc hto spend
[04:37] <nginxx> any virtualization on that bare metal?
[04:38] <hlx> thats just straight server 2k8 domain controller, 12GB system running DC, and SQL
[04:39] <hlx> so DNS, DHCP, all that fun
[04:39] <hlx> no WSUS or anything
[04:39] <nginxx> ah
[04:43] <elnur> There is no /etc/hostname files. How should I change the hostname?
[04:44] <elnur> *file
[04:44] <nginxx> you might want to touch it and put a hostname in it
[04:44] <nginxx> and change /etc/hosts
[04:45] <elnur> isn't changing hosts only enough? why would my system not have hostname file?
[04:46] <nginxx> what release are you using, is it a new install?
[04:47] <elnur> yea, new minimal install of ubuntu 10.04 server
[04:47] <elnur> on Xen VPS
[04:48] <MTecknology> elnur: linode by change?
[04:48] <MTecknology> chance*
[04:49] <elnur> no, it's a russian hosting company
[04:49] <elnur> is default hostname "ubuntu"?
[04:49] <MTecknology> just curious..
[04:50] <MTecknology> I think so
[04:50] <MTecknology> elnur: /etc/hostname should be the fqdn
[04:51] <MTecknology> elnur: http://pastebin.ubuntu.com/448545/
[04:51] <elnur> MTecknology, the interesting thing is that there is no /etc/hostname file. Yea, I can create it, but I wonder, why it's not there by default. Maybe something has changes I the system uses another way of storing hostname, not /etc/hostname
[04:52] <MTecknology> elnur: lsb_release -a && uname -a
[04:52] <MTecknology> see if it's been tweaked
[04:53] <elnur> MTecknology, http://pastebin.ubuntu.com/448548/
[04:53] <MTecknology> you running on an amazon cloud??
[04:53] <elnur> I doubt that.
[04:54] <elnur> How can I check it?
[04:54] <MTecknology> I have no idea - but the kernel you're running is for Amazon EC2
[04:54] <MTecknology> and the latest 10.04 kernel for a server is 2.6.31-16-server
[04:55] <elnur> whoa :)
[04:55] <elnur> my kernel is for Xen server
[04:55] <MTecknology> ah.. nevermind - there is linux-image-2.6.32-306-ec2
[04:55] <MTecknology> xen must be injecting that
[04:55] <elnur> injecting what?
[04:56] <MTecknology> the kernel version - or they configured it to run that which would be odd
[04:56] <MTecknology> I just haven't encountered that ever - kind of a wtf moment
[04:57] <elnur> there are special linux presets for Xen servers and those presets ship with special kernel optimized for xen
[04:57] <nginxx> you could try changing the hostname with the hostname command
[04:58] <MTecknology> Linux panther 2.6.35-rc1 #52 SMP PREEMPT Sun May 30 19:21:30 CDT 2010 x86_64 GNU/Linux
[04:58] <MTecknology> ^^ my kernel version
[04:58] <MTecknology> heh.. seems I stumbled into uvirtbot's prefix character
[04:58] <elnur> aha. after issuing hostname command /etc/hostname was created
[04:58] <elnur> MTecknology, are you on edge? :)
[04:59] <nginxx> ah
[04:59] <MTecknology> elnur: git source and compiled - I tried to package it but it really really doesn't want to be pacakged.
[05:00] <MTecknology> nginxx: so.. I'ma guessin' you runnin' nginx
[05:00] <elnur> MTecknology, heh
[05:00] <nginxx> i have some moodle servers running on nginx
[05:00] <MTecknology> I don't use apache anymore :P
[05:01] <nginxx> heh, i was sold on the memory footprint on nginx
[05:01] <elnur> nginxx, MTecknology, since /etc/hostname is in its place now, i've edited it and the hostname is changes. thanks for the help :)
[05:01] <MTecknology> elnur: yay
[05:01] <nginxx> good to hear elnur
[05:01] <elnur> now to setup bind...
[05:01] <MTecknology> nginxx: same here, nailed by head on a ceiling with apache and now I have room
[05:02] <elnur> what hostname is used for, anyway?
[05:03] <elnur> the only change i see in the shell prefix, like elnur@hostname
[05:05] <MTecknology> local name resolution
[05:05] <nginxx> http://en.wikipedia.org/wiki/Hostname
[05:06] <elnur> so, is it recommended to assign my hostname to my main domain name ?
[05:06] <nginxx> yes
[05:06] <nginxx> and put your other names in /etc/hosts
[05:07] <elnur> okay. thanks
[05:11] <MTecknology> nginxx: you should join #nginx
[05:27] <robinyahu> askum
[05:28] <elnur> why select-editor doesn't work?
[05:28] <elnur> must I install debconf and run dpkg-reconfigure to select the default editor?
[05:30] <elnur> ah, it's already installed
[05:30] <elnur> heh
[05:30] <elnur> it couldn't be otherwise. i just misspelled it and wrote dkpg...
[05:31] <elnur> ah. wrong command
[05:31] <elnur> i need update-alternatives
[05:31] <elnur> i thought i had enough sleep this night :P
[05:32] <MTecknology> elnur: heh- I knew I got too (WAY TOO) little sleep. I had to deal with a disk getting <1 MB/s read time...
[05:34] <elnur> MTecknology, i don't get about disk :) what's the problem?
[05:34] <MTecknology> elnur: hm?
[05:35] <elnur> MTecknology, I don't get this: I had to deal with a disk getting <1 MB/s read time... My English is not really good. I don't get it. :)
[05:35] <MTecknology> elnur: hdparm -t /dev/sda was reporting read times of less than 1 megabyte per second - that should easily be up over 100 megabytes and realistically capable of more than 250
[05:36] <elnur> MTecknology, and how does that relate to your sleep? :D
[05:36] <MTecknology> elnur: ~2.5 hours sleep makes that very hard to deal with
[05:36] <elnur> MTecknology, omg, 2.5 hours is really bad. I can't concentrate properly even if I sleep 5-6 hours
[05:37] <MTecknology> elnur: websites had more than 1 minute load time per page - people were angry - I was angry
[05:37] <MTecknology> elnur: indeed - it's hard
[05:37] <elnur> MTecknology, and how you solved that?
[05:38] <MTecknology> elnur: adjust memory allocated to virtual systems - remove swap from virtual systems - drop_cache's - couple little tweaks
[05:38] <elnur> MTecknology, i see
[05:39] <elnur> Now I'm striving to sleep 7-8 hours every day :)
[05:39] <MTecknology> sounds amazing
[05:39] <MTecknology> 5 hours per night is about my best
[05:39] <elnur> sleeping less doesn't win in the long run
[05:39] <MTecknology> I've been starting a company with a couple guys and it's really really really hard to keep up on school and the company
[05:40] <elnur> MTecknology, heh. having a company is really cool. i'm starting to do my own little my little :)
[05:42] <elnur> what is the thing your company does? hosting?
[05:42] <MTecknology> website development and hosting
[05:43] <MTecknology> right now we're drupal exclusively
[05:44] <elnur> MTecknology, heh. i have some xp with drupal — like a year
[05:44] <MTecknology> it's fun stuff
[05:45] <elnur> i hated it because drupal doesn't allow a programmer to have fun :)
[05:45] <MTecknology> how so?
[05:45] <elnur> maybe it's subjective
[05:45] <elnur> but i like developing on Zend Framework much more
[05:46] <MTecknology> from developing a theme - it sucked - it's much better now
[05:46] <elnur> drupal is a ready CMS and it restricts what you can or should do
[05:46] <MTecknology> building modules is great
[05:46] <elnur> i'd been building modules and it was rly boring for me :
[05:46] <elnur> * :P
[05:47] <MTecknology> but that's good :P
[05:47] <MTecknology> I like it
[05:47] <MTecknology> I got to doing some really fun stuff
[05:47] <elnur> drupal is good for small sites. not for things like social networks
[05:47] <MTecknology> umm... gotta disagree
[05:47] <elnur> it's your right :)
[05:48] <MTecknology> My company is contracted to build a VERY massive website for networking - in drupal
[05:48] <elnur> Any success?
[05:48] <MTecknology> ya, we're doing great
[05:49] <elnur> That's good. :)
[05:49] <MTecknology> full interactive api, bidding system, 70% of the functionality is there
[05:50] <elnur> MTecknology, i'm not saying that it's not possible to do that with Drupal. I'm saying that it's not the best tool for the task.
[05:50] <elnur> you can develop website on C, but that's not optimal
[05:51] <MTecknology> what makes drupal bad for it?
[05:52] <elnur> because it imposes a particular structure on your system, and that structure sucks
[05:52] <elnur> sucks for serious things
[05:52] <MTecknology> how so?
[05:52] <elnur> You can't, for instance, have a nice database schema with FKs all over the place.
[05:53] <elnur> Because Drupal already gave to you its shitty DB schema.
[05:53] <MTecknology> I like it's schema :P
[05:53] <MTecknology> to me it makes pretty good sense - especially when you hook multiple modules into each other
[05:54] <elnur> Drupal follow that lame approach which uses DB as a brainless data storage
[05:55] <elnur> s/follow/follows
[05:56] <elnur> In serious projects serious programmers use DB as a single point of truth, and data is forces to be correct on the DB level, not on app level.
[05:56] <elnur> s/forces/forced
[05:57] <MTecknology> that can be subject to flaw too
[05:58] <elnur> even if can, it's much much better than brainless-data-storage approach :P
[05:58] <MTecknology> maybe :P - I guess it depends on what you learn
[05:59] <MTecknology> db should always have most serious tasks such as joins, views, w/e offloaded to it
[05:59] <MTecknology> no reason the programmer can't verify things
[05:59] <elnur> yea, views and whatsnot
[05:59] <MTecknology> I have views in my drupal schema :P
[06:00] <holmser_> just tried to install 10.04 on my server.  installed correctly, and now I'm getting a "Geom error" on boot.  what the hell is that?
[06:00] <elnur> anyways, if drupal works for, that's good :)
[06:00] <elnur> holmser_, yea, wtf is that? :P
[06:00] <elnur> *works for YOU
[06:00] <MTecknology> elnur: you should watch the language some ;)
[06:01] <elnur> MTecknology, is wtf bad? :)
[06:01] <MTecknology> elnur: ya
[06:01] <nginxx> geometry error
[06:01] <MTecknology> "obfuscated swearing"
[06:01] <holmser_> Its gotta be a grub error
[06:02] <elnur> MTecknology, then don't use it too :P
[06:03] <nginxx> holmser_: try reseting your bios to default settings
[06:13] <nginxx> *yawn*  getting tired
[06:14] <holmser_> any idea why when I have my disks set as a raid 0 ubuntu installer can't write to them?
[06:15] <nginxx> what brand/model controller is it?
[06:20] <holmser_> nm... adaptec hostraid
[06:21] <holmser_> I guess ubuntu doesn't like fakeraid?
[06:22] <nginxx> it sees the HDs individually
[06:23] <nginxx> and needs a windows driver to funcion
[06:23] <jmarsden> See https://help.ubuntu.com/community/FakeRaidHowto for some info that might be relevant.
[06:28] <holmser_> Its fine... I don't need raid.  I just wish I hadn't wasted 8 hours.  lesson learned
[08:12] <eagles0513875> jpds: did i catch ya at a bad time
[09:15] <red2kic> Hello, I'm trying to set up postfix to use my Gmail account. Now, I'm attempting to test it. I'm stuck at Subject: Whatever You Desire. How do I go to body or next part?
[09:49] <red2kic> !mail
[09:49] <red2kic> !postfix
[12:44] <MasterZuFu> is there any way to tell what time my server is running at? for some reason my tasks aren't running at the right time on my mybb forum even though mysql is set to my current actual time.
[16:33] <GNUtoo|laptop> hi,
[16:34] <GNUtoo|laptop> I'd like to use bind as a caching + local Master server(for the local network)
[16:34] <GNUtoo|laptop> but I don't want bind to use the ISP's cache server
[16:34] <GNUtoo|laptop> I want to be like the ISP cache server
[16:34] <GNUtoo|laptop> so that it doesn't use the ISP's cache
[16:34] <GNUtoo|laptop> I got old config from FreeBSD achieving that
[16:34] <GNUtoo|laptop> but many things don't work anymore
[16:35] <GNUtoo|laptop> even simple directives like listen-on
[16:38] <GNUtoo|laptop> should I try to import the "." root.slave files?
[17:15] <JackTO> Hey All
[17:17] <JackTO> I'm setting up a LAMP server, I selected that when i installed ubuntu server... but now ehn i type php, it says that its not installed.. is that normal?   there is a php5 folder inside of /etc, but not much in iy
[17:17] <JackTO> is there an easy way to check if its there or not?
[17:20] <bc> JackTO: does /usr/bin/php exist?
[17:21] <JackTO> npe
[17:21] <JackTO> just check
[17:21] <JackTO> just checked
[17:21] <bc> JackTO: dpkg -l php5-cli
[17:22] <JackTO> what si the difference between doing a apt-get install php5-cli and the dpkg?
[17:23] <bc> JackTO: dpkg -l is just quering the database to see if you have it installed.
[17:23] <JackTO> oh, ok, one sec, let me try
[17:23] <bc> JackTO: apt-get actually uses dpkg though.
[17:23] <JackTO> says no matching packages
[17:24] <bc> JackTO: if you want the command line binaries, then install php5-cli. You probably already have libapache2-mod-php5
[17:24] <JackTO> guess i don't have it, odd... i slected LAMP durring install and I have apache and mysql
[17:24] <bc> JackTO: you probably just have the Apache module. php5-cli isn't required unless you plan on using, I think, CGIs and scripting outside of Apache.
[17:25] <JackTO> ahh, interesting...so i may be able to run php, but not be able to manually do anything with it
[17:25] <bc> JackTO: you may want php-pear also, if you don't already have it.
[17:25] <bc> JackTO: from the command line, no, but Apache yes
[17:26] <bc> JackTO: you might double check this too: dpkg -l php5-mysql
[17:26] <JackTO> looks like i have that
[17:27] <JackTO> | Status=Not/Inst/Cfg-files/Unpacked/Failed-cfg/Half-inst/trig-aWait/Trig-pend
[17:27] <JackTO> |/ Err?=(none)/Reinst-required (Status,Err: uppercase=bad)
[17:27] <JackTO> ||/ Name           Version        Description
[17:27] <JackTO> +++-[17:27] <JackTO> ii  php5-mysql     5.3.2-1ubuntu4 MySQL module for php5
[17:27] <JackTO> sorry
[17:27] <JackTO> thats what I got wheni issued the last dpkg command
[17:27] <bc> JackTO: I can't believe a bot didn't kick you :P
[17:27] <JackTO> LOL
[17:28] <JackTO> i guess that means thats installed...
[17:28] <bc> JackTO: ii = installed
[17:28] <JackTO> thanks
[17:28] <JackTO> new to linux suff
[17:28] <bc> JackTO: well you picked an easy one
[17:28] <JackTO> so I guess technically LAMP is installed....
[17:29] <JackTO> but i guess to controll php, i need to have php5-cli?
[17:29] <bc> JackTO: probably so. L, check. A, dpkg -l apache*. M, dpkg -l mysql*, P, check.
[17:29] <bc> JackTO: if you only plan on using PHP through a web site, you're probably good to go (in most cases).
[17:30] <JackTO> what about configuring php features....?
[17:31] <bc> JackTO: apt-cache search php, or edit the files in /etc/php5/apache2
[17:32] <JackTO> ahh yes, there are only a few files in that di, i guess there isn't that much to configure
[17:33] <bc> JackTO: you generally want to install extensions via apt, e.g. php5-memcache
[17:33] <bc> JackTO: they should be enabled for you when you do that, and settings placed somewhere in /etc/php5/apache2, for the apache module version of PHP.
[17:33] <JackTO> mmmmm... i guess there are all sorts of stuff like that to help with performance etcc...
[17:34] <JackTO> is there one package ex. php5-cli that insclude all those other modules or are they all seperate packages
[17:34] <bc> JackTO: just search for something using `apt-get update && apt-cache search <foo>`
[17:35] <JackTO> thanks, i will try...
[17:36] <JackTO> is there a webmin moducle for php? I can control apache and mysqwl that way very nicely....   I know its not offically support, but is there one?
[17:36] <bc> JackTO: the most popular / most used extensions are included. When you get a site up, use phpinfo() in a file to display what it already has.
[17:37] <bc> JackTO: probably so. search for with apt-cache. I have no experience with webmin.
[17:37] <JackTO> hpw is apt-cache diff from apt-get (remeber newbie here, sorry)
[17:38] <bc> JackTO: apt-cache works on the database of packages it already knows about. `apt-get update` updates that database. `apt-get install` installs packages. https://help.ubuntu.com/8.04/serverguide/C/package-management.html
[17:39] <JackTO> ahh, that makes sense....and all thei stuff it gets from the database on the repositories, right?
[17:39] <bc> JackTO: in a round about way
[17:40] <JackTO> dpkg -i, is used when i manually get .deb files and want to install them, right?
[17:41] <JackTO> aside from being easier to use apt-get, is there any advantage over manually dpkg... do they automatically update etc...?
[17:41] <bc> JackTO: I'd use another method, like apt-get or aptitude
[17:41] <bc> JackTO: I'd follow the suggestions on that link
[17:42] <JackTO> fair enough, i will read that stuff
[17:42] <bc> JackTO: help.ubuntu.com has tons of good information -- you'll like it.
[17:43] <JackTO> in tutorial videos they always talk about RPM and YUM, but I have a feeling that stuff is for RHEL or CentOS, right, not Ubuntu?
[17:43] <JackTO> thanks, i will read that stuff
[17:43] <bc> JackTO: right, Debian based distributions use .deb and dpkg. rpms are used in Red Hat based systems.
[17:44] <JackTO> yeah the rpm stuff, looks more complicated... all sorts of dependecy stuff etc..
[17:44] <bc> JackTO: rpms = SuSE, Fedora, Red Hat, CentOS to name, probably, a few
[17:45] <JackTO> is there more software available for RHEL, Cet etc... than ubuntu, since its newer?
[17:45] <bc> JackTO: yum is similar to apt-get, not so complicated.
[17:45] <JackTO> cent*
[17:46] <bc> JackTO: I think Debian based systems probably have more software available. Its rare that I haven't been able to find a package I looked for.
[17:46] <bc> JackTO: back later, happy configuring :)
[17:46] <JackTO> thanks again
[17:47] <wisecrypt> hi.. is anyone know where i can find ebox-trafficshaping module for lucid server
[17:47] <wisecrypt> ?
[17:56] <JackTO> wise, how does ebox compare to wbmin, just curious?
[18:00] <wisecrypt> its better
[18:00] <wisecrypt> !webmin
[18:01] <wisecrypt> !ebox
[18:03] <JackTO> i will try it on my tests system... when i looked at the manual before, it didnt seem to have support for much Apache, mysql stuff
[18:04] <wisecrypt> ye it does if you using the stable one
[18:04] <wisecrypt> its 1.4
[18:05] <wisecrypt> the module name ebox-webserver
[18:05] <bc> JackTO: I'd get your hands dirty on the command line. You'll gain some useful experience probably.
[18:06] <JackTO> fair enough
[18:08] <bc> JackTO: since you said you don't have much experience, for editing files you'll find nano really easy to use.
[18:08] <JackTO> yes, i've been using nano
[18:08] <wisecrypt> bc what do you suggest for traffic shaping ? ufw ?
[18:08] <JackTO> i like it better than the vi thing
[18:08] <bc> wisecrypt: I have no experience with traffic shaping
[18:08] <wisecrypt> hmm ...
[18:08] <bc> JackTO: vim is great if you ever decide to go down that road
[18:09] <JackTO> is there a module or software u can get for traffic shapping, in the windows works, as a former it admin, i would use hardware boxes..
[18:09] <JackTO> world*
[18:10] <JackTO> http://www.bluecoat.com/products/packetshaper
[18:10] <wisecrypt> i prefer ubuntu to do that thank
[18:10] <bc> http://lartc.org/howto/
[18:11] <wisecrypt> bc http://webhtb.nethd.ro/
[18:11] <wisecrypt> http://webhtb.nethd.ro/ << i dont like it ask a root shell login in ssh
[18:12] <JackTO> .ro?  I wouldn't trust it
[18:12] <JackTO> lol
[18:12] <SuperLag> vim++
[18:12] <wisecrypt> but i powerful app
[18:12] <wisecrypt> *a
[18:12] <bc> SuperLag: <3
[18:13] <SuperLag> Didn't know about the webmin thing.
[18:13] <SuperLag> that's good info
[18:13] <bc> JackTO: I think there are some romanian ubuntu mirrors. Not everyone outside the US is evil :)
[18:13] <JackTO> haha
[18:13] <JackTO> fair enough
[18:14] <wisecrypt> JackTO, would you trust http://sourceforge.net/projects/webhtb/
[18:14] <JackTO> my dad is romanian, i don't trust him... (just jking, but he is romanian)
[18:14] <SuperLag> at work, I have better luck with pointing to non-US mirrors... for download speed
[18:14] <SuperLag> and I'm in the US :)
[18:15]  * wisecrypt will patiently wait for the release instead
[18:15] <JackTO> just curious, now that we are talking about traffic shapping, would using a computer toshape the traffic cause a fair bit of latency as opposed to a ASIC designed for that?
[18:15] <JackTO> like a hardware based solution
[18:16] <wisecrypt> nvr use a hardware to do that
[18:16] <wisecrypt> they all pain
[18:16] <JackTO> i never had a problem with packeteer and we had 55,000 people on it...
[18:16] <bc> probably completely closed too, but I have no idea
[18:17] <JackTO> the idea is to achieve close to wire speed, and that hard to do with out an asic..
[18:17] <wisecrypt> tell your isp about it
[18:17] <JackTO> we were the ISP
[18:18] <wisecrypt> that nothing to do with ingression
[18:18] <JackTO> anyhow, i'm sure there are many linux solutions for that...  just dont know any..
[18:18] <JackTO> new to linux
[18:18] <JackTO> :)
[18:19] <JackTO> checkpoint software may have something?  have u checked
[18:20] <JackTO> or do u want a free solution
[18:23] <bc> !xen
[18:26] <JackTO> on my test server, i tried, apt-get install ebox-webserver, but it said no matching packages
[18:37] <bc> uvirtbot: version
[18:37] <bc> uvirtbot: source
[18:39] <bc> soren: I'm assuming you wrote a plugin for the bug tracking. Is the source in a repo?
[18:51] <JackTO> i just tried EBOX, what a piece of crap... not exen close to webmin...  its like a toy
[18:52] <J_5> how do i give myself permission to view apache log files? I get access denied. I can only access them when logged in as root
[18:52] <JackTO> why do ppl recommend it as a replacement owebmin, its not even 1/10 of webmin..
[18:53] <cfelectro> maybe some people dont need all that webmin has to offer
[19:04] <tyler_d|werkin> I have set up 2 nic's on one server, and hard-coded the ip's for some reason they are non-functioning with 2 statics.. even the one static is not getting on the interweb on boot
[19:04] <tyler_d|werkin> the configuration is http://pastebin.com/pUKnLvga
[19:11] <nginxx> why are there 2 auto eth0 statements in that
[19:11] <nginxx> and move auto eth1 to line 10 on the pastebin
[19:19] <JackTO> hi
[19:30] <cipher421> I'm having major boot problems with 10.04 fresh install
[19:30] <cipher421> it freezes after "ureadahead exists with status 4"
[19:30] <deslector> hi, what is the preferred method to create a firewall on Ubuntu Server for a machine that is going to be a gateway?
[19:30] <cipher421> which i now know has nothing to do with it
[19:31] <deslector> the doc talks about ufw, but it says is better used as a host firewall
[19:31] <cipher421> that nat is a firewall by itself
[19:31] <cipher421> you don't really need ufw
[19:34] <bc> deslector: under IP Masquerading: https://help.ubuntu.com/8.04/serverguide/C/firewall.html
[19:35] <deslector> bc, but then, is still considered a good practice to use ufw ?
[19:35] <deslector> even on  a gateway machine?
[19:35] <bc> deslector: sure, why not. it's just a translator for netfilter rules, I believe. You could write rules from scratch, too. Another alternative is shorewall.
[19:36] <deslector> bc, the thing is... I'm replacing an old debian etch machine
[19:37] <deslector> and it uses an old init.d script created manually to input the rules to netfilter
[19:37] <cipher421> no one can help me with booting problems?
[19:37] <bc> deslector: if it was already configured, you could also just bring the iptables rules with you to the new machine.
[19:38] <deslector> bc, how could I do that? IIRC, ubuntu uses upstart now
[19:39] <bc> deslector: I just put mine in a file called pf and added it to /etc/init.d, then ran update-rc.d. It can be as simple as that really.
[19:39] <deslector> bc, wow... I'll give it a try, thanks!
[19:40] <bc> deslector: also check out iptables-save
[19:40] <bc> deslector: .. and iptables-restore
[19:42] <bc> cipher421: there are a couple of open bugs filed under ureadahead, but I can't help with any solution.
[19:43] <deslector> bc, ok, I'll look for them... thanks again!
[19:43] <cipher421> i know the unreadahead is not actually a problem
[19:43] <cipher421> just the last message i see before freeze
[19:44] <nginxx> how do you figure that
[19:45] <cipher421> because i researched what status 4 is
[19:45] <cipher421> and it just means that it didn't find anything on the hard drive that needed to be loaded into memory
[19:51] <bc> deslector: update-rc.d can be a tad cryptic, though just check the man page
[19:55] <deslector> bc, yep, I've used it before... thanks! :-)
[21:27] <JackTO> if ubuntu is sittingidle for hours, is there any drive activity?  any reading or writing?
[21:27] <JackTO> in windows theere seems to be contatnt bit of drive activity
[21:42] <peturi> How can i access the grub menu in server 10.04 ?
[21:43] <guntbert> peturi: during boot press <shift>
[21:43] <peturi> ahh thanks guntbert
[21:44] <guntbert> peturi: you're welcome :-) (sometimes I had to use <right shift>)
[21:44] <peturi> shift worked, i thougt it was the tab key and got fustrated
[21:45] <guntbert> nice :)
[21:46] <peturi> Damn, i forgot my passwd, so i rebooted with init=/bin/bash
[21:46] <peturi> And then i did "passwd myUser"
[21:46] <peturi> it asks for the new pass etc. but fails
[21:46] <peturi> Authendication token manipulation error
[21:46] <peturi> wtf is this?
[21:48] <peturi> https://help.ubuntu.com/community/LostPassword
[21:48] <peturi> seams its the right way with ubuntu.. but does not work
[21:49] <peturi> ahh read only fs
[21:53] <guntbert> peturi: you missed on change ro -> rw
[21:53] <guntbert> *one
[21:53] <peturi> yea i got it, thanks all works now
[22:18] <diago> Hello, is it possible to attach a disk to a running guest without a power off?
[22:18] <diago> sorry, wrong channel
[22:42] <Rafael_>  hi...i need some help on how to upload a website..i have installed php, apache, etc...have no clue how to upload the website ?
[22:46] <diago> Rafael_: it's on your local machine?
[22:52] <Rafael_> diego: no
[22:53] <Rafael_> diego: i finishid with a software called webplusx2..and i know that for publishing it you use the ftp..but do i need to do anyhting with apache?
[23:45] <ruben23>  hi great ubuntu-server guys, how are you all:-D