ruben23hi guys any suggestion, im currenty  planing to purchase a  avps hosting, but thinking its hihg cost, is it equivalent like have a cloud server and setup my own email server on it, is still the same power with VPS.00:29
=== ThomasG34K is now known as ThomasG33K
=== Guest98128 is now known as kobrien
veenenenI've been trying to get kvm to work all day. Is the existing default of kvm package working?02:01
veenenenFirst the boot strap python script was broken, and now I'm getting a random error about qemu not being able to figure out what version it is.02:01
veenenenI had been running xen on 8.04 with no issue, and decided to try to make the switch to kvm on 10.04.02:02
kobrienveenenen: how's it working for ya?02:15
kobrienoh, I misread02:15
uvirtbotNew bug: #601502 in mysql-dfsg-5.1 (main) "package mysql-server-5.1 5.1.41-3ubuntu12 failed to install/upgrade: sub-processo novo script pre-installation retornou estado de saĆ­da de erro 1" [Undecided,New] https://launchpad.net/bugs/60150202:15
veenenenyeah, it's kind of sucking02:18
veenenenplus I'm running this on a macbook pro and grub2 doesn't work with rEFIt for some reason02:18
kobrieni'm not familiar with mac, can't help with that. one sec while I poke around02:20
veenenenI'm less worried about the mac part. I don't plan on restarting it that often, so that isn't really an issue.02:22
kobrienthere is #ubuntu-virt. They seem quiet today though. Might be an idea to post info in there and idle a client to wait for answers.02:23
veenenenok, thanks02:25
=== dendro-afk is now known as dendrobates
CrucibleHello all.09:03
CrucibleLooking for help on an issue, had a 10.4 desktop running and encrypted two sata drives with the integrated disk manager, the HD running the desktop gave out and now I'm trying to figure out how to mount the 2 drives in my ubuntu server 10.4. Any help is greatly appreciated!09:06
CrucibleLooking for help on an issue, had a 10.4 desktop running and encrypted two sata drives with the integrated disk manager, the HD running the desktop gave out and now I'm trying to figure out how to mount the 2 drives in my ubuntu server 10.4. Any help is greatly appreciated!10:11
Gorlisthi, slight concern with my ubuntu 8.04 (plesk) server. Today in the logs I had this appear:    "User www-data:       /var/tmp/.ICE-UNIX/update >/dev/null 2>&1: 1438 Time(s)"11:36
Gorlistyep right theirs allot of bits in tmp directory. compermised11:38
qman__yeah, looks like you've been rooted11:41
qman__best move is to back up your data and blow it away11:41
qman__build from scratch11:41
qman__you can analyze the logs if you like but they're probably also compromised11:42
Gorlistjust thinking that - im purged everything I can find. What worrys me was how did they managed to gain access11:51
Gorlistlooks like through plesk :|11:51
=== lifeless_ is now known as lifeless
Gorlistlooks like a fresh install is in order11:52
RoyK^Gorlist: check the owner of that file12:16
RoyK^also, download a fresh copy of chkrootkit12:16
RoyK^and run it12:16
RoyK^if you have allowed login for www-data with an easy password, some worm might have guessed that password and installed some stuff under that user12:17
RoyK^that's quite common12:17
RoyK^if so, remove whatever is running, and you should be clean12:18
Gorlistall passwords done using https://www.grc.com/passwords.htm12:18
RoyK^rooting a box is far harder now than what it was, say, 10 years ago12:18
RoyK^perhaps some bug in something apache related12:19
RoyK^what did chkrootkit say?12:19
RoyK^(ps: run with -q)12:19
Gorlistsorry on phone12:21
Gorlistone sec12:21
GorlistINFECTED (PORTS:  465)12:24
Gorlisteth0: PACKET SNIFFER(/sbin/dhclient3[3666])12:24
Gorlisteth0:1: PACKET SNIFFER(/sbin/dhclient3[3666])12:24
RoyK^well, reinstall the thing12:26
Gorlistyep :(12:27
RoyK^only problem is - how did they get in?12:27
RoyK^have you updated the OS on the box regularly?12:28
Gorlistyep all upto tdate12:31
Gorlistupto date12:31
Gorlistthats whats worrying me12:31
Gorlistbecause theirs been nothing in the daily logs to indicate it occurring. and only I have sudo access through ssh/different port12:32
Gorlistall ftps/web mails have 128bit passwords so... im at a loss12:32
GorlistI did have some problems with the bind server, dns spoofing which I knocked on the head a few weeks ago. perhaps related12:32
MakXCould be a 0day, but I doubt a group would use one on a random for no reason.12:34
MakXSorry to hear it happened :(12:34
Gorlistcan't be helped, thanks. Anyway I better get worrying about the reinstall. luckly I wrote a guide last time I did it :) http://ubuntuforums.org/showthread.php?t=120054212:35
RoyK^Gorlist: if you have a spare drive around, install on that, and try to find the reason it got rooted later12:42
RoyK^there are usually logs around12:43
=== RoyK is now known as Guest15330
=== RoyK^ is now known as RoyK
RoyKGorlist: since once it's happened, it can happen again12:44
GorlistI have got a spare drive in the box but im hesitant about using it as its in Raid0. I might just do a clone and look locally.12:45
RoyKGorlist: a raid0 drive? or more drives striped up?12:53
serverhorror_Gorlist: the recent ssl renegotiation bug could be something. IIRC it effectively enable man in the middle attack for anything that used the openssl lib...13:28
serverhorror_Gorlist: and ssh on a different port is totally useless. just _telnet_ to the port and look at what the first line is that comes back...13:29
cloakableserverhorror_: never noticed that!13:47
serverhorror_cloakable: IIRC that is mentioned in the FAQ from the openssh homepage :)13:50
cloakableserverhorror_: Ahh, never read it :)13:51
serverhorror_besides even if it wouldn't answer in plaintext, it's usually quite easy to find out what daemon is running on any port. Even if you don't want to take the effort of analyzing the protocol, nmap will just do fine :)13:51
=== cloakable_ is now known as cloakable
incorrecti've just installed a new server, the server is a kvm host that is remotely controlled by the build master,  so when the server is not being used it could go to sleep14:44
incorrectis there something i can apt-get to save on power?14:44
volvehey all, I'm trying to setup a samba share so that Bob and Jane can both read and write but can't delete/change each others files. My tests seem to let them both create files with -rw-r--r-- Bob:Bob & -rw-r--r-- Jane:Jane, but for some reason14:56
volveJane can still delete Bob's files! :(14:56
cloakablevolve: check the permissions of the parent folder15:05
volvewhat should they be for this scenario?15:06
volveI have the ownership as nobody:nogroup15:06
cloakableHmm, not sure15:07
cloakablevolve: /var/mail has drwxrwsr-x so that might be a good start for you?15:08
volveWill test, thanks. What does the 's' for group execute do?15:09
cloakablesticky, iirc.15:12
cloakablemeans anything in there is set to that group15:12
joschicloakable: sticky bit is 't'. 's' means setuid/setgid15:17
uvirtbotNew bug: #601624 in samba (main) "package samba-common 2:3.4.7~dfsg-1ubuntu3 failed to install/upgrade: subprocess installed post-installation script returned error exit status 1" [Undecided,New] https://launchpad.net/bugs/60162416:45
cn1109I'm currently trying to run chmod through perl, I get the following error: operation not permitted in the error.log file17:35
giovanicn1109: sounds like more a perl issue than an ubuntu issue17:38
giovanibut in order to change the permissions of a file, the perl process will need to be running as the owner of the file17:39
cn1109giovani: Just came from the perl channel. Rough individuals. They are stating that it could be the kernel which doesn't make sense since I can run chmod just fine as root. THe owner of the file as permission to make such changes.17:39
giovanicn1109: what user are you executing the perl script as?17:40
cn1109giovani: personal account.17:41
giovanicn1109: is the personal account the owner of the file you're attempting to run chmod on?17:41
Yonitghiya ubuntu server 10.04LTS17:41
cn1109giovani: Yes. Also the user is in the root groups as well17:41
Yonitgapache is installed by default I think?17:41
giovaniYonitg: I don't think it is17:41
Yonitgbut my question is.. if it installed by default why doesnt it have the A flag in i   apache2                                                           - Apache HTTP Server metapackage17:42
Yonitgi dont remember installing it :|17:42
giovanicn1109: can you paste your perl code in a pastebin, and also paste the output of an ls -la on the file you're attempting to chmod?17:43
cn1109giovani: The odd thing is that the perl script was working just fine in another linux box. We moved everything to the new ubuntu server.17:44
Yonitggiovani: there is no log in /var/log/apt/history.log about installing apache either!!! :|17:44
Yonitggiovani: $ cat /var/log/apt/history.log | grep apache17:44
Yonitggiovani: only shows UPGRADE: libapache2-mod-php5 (5.3.2-1ubuntu4, 5.3.2-1ubuntu4.2)17:44
giovaniYonitg: maybe it was installed as part of a tasksel style setup?17:45
giovaniI'm not sure if it would appear in the apt logs then17:45
Yonitgany way to find this out?17:45
giovaniI'm not sure17:46
giovaniyou can easily remove it17:46
giovaniif it's not desired17:46
giovaniI haven't done a 10.04 server install yet -- but, I'd be extremely skeptical if apache2 were installed by default -- that would be a ton of bloat17:46
Yonitgnah, its fine. i just didnt remember installing it and it didn't have the A flag17:46
Yonitgis there a neat way to find packages that have never been used, or orphaned?17:46
giovani"used" -- I don't know what you mean by that17:47
giovanibut orphaned, yes17:47
Yonitggiovani: mysql is installed by default.. isnt that worse?17:47
giovaniYonitg: maybe, maybe not -- it's possible it's a dependency of something -- I certainly wouldn't want it installed on my server17:47
Yonitgit is installed by default :o17:47
giovani'sudo apt-get autoremove' removes orphanted packages17:48
giovaniYonitg: are you sure you did a completely minimal server install? or did you select server "roles"/"tasks" during the install?17:48
Yonitgi dont remember.. this is a purchases dedicated server17:49
Yonitgmaybe the host did it17:49
Yonitgi asumed they would do a minimal install.. maybe not17:49
giovaniwhy would you assume that?17:49
Yonitgthey _should_ do that shouldnt they?17:49
giovaniask them17:49
giovaniI would never presume such a thing17:49
Yonitgwhat packages are installed on a minimal install?17:49
giovaniyou want a complete list?17:49
Yonitgof the minimal17:50
giovaniI can't provide it17:50
giovanido an install yourself17:50
giovanithere are too many dependency layers to just grab the complete list17:50
Yonitgokay :P17:50
giovanibut things like mysql and apache2 certainly weren't in it when I did a 9.10 server isntall17:50
giovaniit really is minimal17:51
giovanino user-level server applications installed by default17:51
giovanionly things required for basic administration -- ssh, etc17:51
giovaniand, from personal experience, I've never had a VPS set up with a perfectly clean install of any distribution17:52
Yonitgoh :|17:53
Yonitgthey should let the clients install things17:53
giovaniwell, first of all -- it's a cinch to remove them17:53
giovanisecond of all -- their typical client probably appreciates having those installed17:53
cn1109member:giovani: Should I give the folder permission a chmod 777?17:53
giovanicn1109: that shouldn't be requried -- if you can change the permission of the file as the user, and then can't in a perl script running as that user, then there's something else wrong -- which is why I asked for those things to be pasted somewhere, so I can take a look for you17:54
cn1109giovani: okay. But, just changed the folder to 777 and it worked. I do see some other that are set to 77717:56
giovanicn1109: then I can't imagine that you could run chmod as the user in a shell17:56
Yonitggiovani: but how do i know which ones to remove? :P17:56
giovaniYonitg: the ones you don't want ...17:56
cn1109giovani: What you do mean?17:57
giovanicn1109: I'm not sure how else I can explain it17:57
giovaniyou said that you could chmod the file, as user x in a shell, but not as user x in a perl script17:58
giovanithen you said that changing the directory permissions allows you to do so from within the perl script17:58
giovanithat doesn't line up17:58
giovaniit's the same system call, no matter where you execute it17:59
clustyi was curious if somebody could give me a hand with a iptables GRE forward17:59
cn1109giovani: The user is in the root group. I did run the chmod as the user in shell. Just to let you know, I did tar these files in the original server and copied them to the new server.17:59
clustyhow do I forward all GRE traffic from ext IF to a particular inside IP?17:59
giovanicn1109: I don't know what any of that has to do with a perl script18:00
giovanibut, I'm glad you got it worked out18:00
cn1109giovani: It has nothing to do with perl. I was something permissions that the folder was getting created with. Still trying to see if it's actually working18:10
giovanicn1109: then it must not have worked when you ran chmod on the file from the shell18:14
giovanibut you said it did18:14
cn1109giovani: okay..no I see. It's creating the folders with the user www-data as the owner and www-data as the group.18:15
cn1109giovani: I do not have such group or user.18:15
giovaniso the user running the perl script is not the owner of the files18:15
cn1109giovani: The user doesn't exist. So the next step would be to create the user and group, correct?18:18
giovanicn1109: that depends on what your goal is18:18
giovaniif you want a new user, then yes, that's fine18:18
giovaniif you want to use another user -- the next step is to chown the files with that user18:18
cn1109giovani: There are numerous of files with the same functionality. That would seem the to be the fastest way.18:18
giovanione is not faster than the other18:19
cn1109giovani: I know. At this time I do not know all the files that are using that user.18:20
giovaniyou don't need to18:21
giovanithe point here is -- you need to pick the right solution for your situation -- forget which is faster18:21
giovaniif you plan to serve these files over a web server, then the www-data user and group will be automatically created when you install the web server package18:22
wanderingii have installed lampp and put the files i want to be the website in the necessary directories. However all the files are not writeable. I will be doing a lot of editing and creating new files over the next few days, how can i manage this without needing to use sudo in a terminal window every time18:31
giovaniwanderingi: not writeable by any user except root?18:32
wanderingiyes it appears to be that way18:32
giovaniyou could make them www-data user owned, and owned by another group that your regular user is in, and then give the group write permission18:32
giovaniand then edit them as your user18:33
wanderingihow would i go about that?18:33
giovanichgrp -R GROUPNAME /base/directory && chmod -R g+w /base/directory18:33
giovanicreate the group first, obviously18:33
giovanior, you can just add your user to the group that owns the files already18:34
giovaniit's likely www-data18:34
giovaniusermod -Ga www-data USERNAME18:34
wanderingiok i created a group: usersgroup18:35
wanderingithe directorys are currently owned by rot18:36
wanderingithat apears to have worked for the one directory but not all sub files and directories18:38
giovaniwanderingi: you likely left out the "-R"18:42
mikelifeguardwanderingi: the -R option makes chmod/chown/chgrp recurse18:42
wanderingino ive got it now but when i do ls -all i get     dwrx...     18     root usersgroup 2343 date  directory18:44
wanderingiwhen i try to edit the files they are still readonly18:44
giovanidid you run the second command I wrote?18:44
giovanichmod -R g+w /base/directory18:45
wanderingichgrp -R usersgroup /opt/lampp/htdocs && chmod -R g+w /opt/lampp/htdocs18:46
giovanican you pastebin ls -la /opt/lampp/htdocs ?18:47
giovanilooks exactly as it should18:49
giovaninow any user in usersgroup has read/write access to those files18:49
wanderingiok ill double check the user group settings18:50
giovaninote that in Linux group changes are only applied after you log in again18:50
wanderingiah ok ill try that18:51
giovaniyou can check your current groups by running 'id'18:51
wanderingiif it doesnt work ill be back, if it does then ill not be here and thank you very much for your help18:51
thebwtis there a way to re-run the network configuration tool that's used during install?20:42
thebwtI imagine it's a dpkg thing20:42
giovanithebwt: you don't need the installation tool -- what changes are you trying to make?20:44
thebwtgiovani: I ran instlalatipon without a network connection, and I told it then to do network stuff later. I know when I plug a cord in later, I'll have to ifconfig eth0 up, I'd like to amke it all happen automatically20:46
thebwtthat method seemed the most simple20:46
thebwtnext to just learning to set auto eth020:46
giovanithebwt: you'll need to learn to configure networking anyway20:47
giovanirelying on the installation tool isn't a long-term solution, so I'd suggest taking this opportunity to learn20:47
thebwt*nods* /etc/interfaces20:47
thebwtI've done it before, my ideal solution is the server not use dhcp, but that's a fix for another day20:48
thebwtbut you make a great point...20:48
* thebwt will do it by hand20:48
giovanijust search the wiki for network configuration20:49
giovaniit's a comprehensive walk-through20:49
thebwtubuntu server guide has all the stuff I need.20:49
giovaniit's /etc/network/interfaces btw20:49
giovaniyes, that's the wiki20:49
thebwt*nods* I was jsut saying it off the top of my head20:49
thebwtI've done it before to do brdiging for kvm20:49
thebwtthanks for the motivation :)20:50
giovanigood luck20:50
thebwtthanks giovani that was easy21:10
uvirtbotNew bug: #601700 in libaio (main) "Merge libaio 0.3.107-7 (main) from Debian unstable (main)" [Undecided,New] https://launchpad.net/bugs/60170023:26
=== lifeless_ is now known as lifeless

Generated by irclog2html.py 2.7 by Marius Gedminas - find it at mg.pov.lt!