/srv/irclogs.ubuntu.com/2010/07/05/#ubuntu-server.txt

=== andrewdell is now known as andrewl
=== andrewl_ is now known as andrewl
billybigrigger	anyone here use nfs shares?	01:42
giovani	billybigrigger: sure	01:49
billybigrigger	giovani, what do you use for mount options in your fstab?	01:52
Doonz_	hey guys im having a weird issue. I just had a power outtage that lasted longer than my UPS could handle. Anyhow the system came back up nicely but i have 2 raid arrays that arent mounted but when i try to mount the manually by running sudo mount -a it tells me that its either mounted or the mount point is busy. when i type mount it doesnt show up that its mounted and when i umount it it says its not mounted any advice?	02:03
giovani	billybigrigger: uhm, hard,nosuid,udp off the top of my head	02:10
giovani	billybigrigger: why do you ask?	02:10
giovani	oh and sec=krb5i	02:12
clusty	just finished setting up my pptp vpn server. how can I get access to smb and afp shares from outside once i connected through the vpn server?	02:14
billybigrigger	giovani, because the wiki page for nfs looks outdated	02:21
T3CHKOMMIE	hey guys, trying to make my own google docs thing with my own server any ideas?	02:23
giovani	billybigrigger: outdated how?	02:25
=== dendrobates is now known as dendro-afk
Doonz_	hey guys im having a weird issue. I just had a power outtage that lasted longer than my UPS could handle. Anyhow the system came back up nicely but i have 2 raid arrays that arent mounted but when i try to debfx	02:26
Doonz_	mount the manually by running sudo mount -a ittells me that its either mounted or the mount point is busy. when i type mount it doesnt show up that its mounted and when i umount it itn says its not mounted deegee any advice?	02:26
giovani	T3CHKOMMIE: I think a few of the general colaboration suites share some of Google Doc's features	02:26
giovani	i.e. Zimbra	02:26
giovani	not that I've used them	02:26
T3CHKOMMIE	giovani, thanks!	02:27
giovani	but search "open source collaboration"	02:27
giovani	fengoffice.com too	02:27
T3CHKOMMIE	giovani, you know of anything kinda free? like does oppen office suport any web/cloud stuff?	02:31
giovani	Zimbra is free	02:31
giovani	as is fengoffice	02:31
T3CHKOMMIE	hm,	02:31
giovani	openoffice is just a desktop application	02:31
T3CHKOMMIE	got it.	02:31
giovani	so no web/"cloud" stuff	02:31
T3CHKOMMIE	doesnt look like zimbra is in the repos.	02:36
T3CHKOMMIE	im a bit worried about having zimbra crash my dovecot email server :S	02:36
T3CHKOMMIE	thanks for the headstart giovani, gota jam!	02:37
=== Doonz_ is now known as Doonz
X-warrior	hello! I'm thinking to put some virtual machines in my server. But I was thinking, how it works to install a new OS in a Virtual HardDisk if i'm at console?	02:59
clusty	X-warrior: you can create HDDs from CLI	03:10
clusty	and enable VNC in the VM	03:10
clusty	mount the iso image form cLI again	03:10
clusty	fire up the VM	03:10
clusty	and connection from a PC to the VNC	03:10
clusty	that is how i am doing it with virtual Box	03:11
X-warrior	clusty, so I need to create the virtualmachine in my desktop (for an example) and them configure a remote access system... shutdown it put in ubuntu server and start running. Right?	03:11
=== dendro-afk is now known as dendrobates
clusty	X-warrior: look at VBoxHeadless	03:13
clusty	VBoxManage	03:13
clusty	...	03:13
clusty	read the doc	03:13
clusty	it's nicely written	03:13
X-warrior	clusty, ok, thanks I will take a look!	03:13
X-warrior	clusty, that is nice! i didn`t know it! thanks alot!	03:16
clusty	X-warrior: i have done the whole shabam only a few times myself	03:17
clusty	i prefer usually to config the VM graphically	03:17
clusty	and upload tot he server	03:17
clusty	X-warrior: just beware that the FOSS Vbox does not support VNC	03:18
clusty	you want the PUEL version	03:18
clusty	you gotta add another repo from oracle (ex Sun) :D	03:18
X-warrior	clusty, I don`t have sure if I understand. Are u saying that the normal repo version don`t support this feature? So I need to add another repo from oracle?	03:23
clusty	yes. last time i chacked (about 1 year ago) the ose version did not support	03:23
clusty	http://www.virtualbox.org/wiki/Linux_Downloads	03:24
clusty	pick the linux version you are running	03:24
X-warrior	clusty, yes i'm already at this page	03:25
X-warrior	;)	03:25
clusty	the PUEL is free only for personal use	03:25
Smooch	Hi	03:52
Smooch	mm	04:03
Smooch	Talk?	04:03
cjs	I have a virtual server that, due to some network misconfiguration, gives me a bunch of messages on boot such as "init: network-interface (eth2) pre-start process (491) terminated with status 1" and then just a blinking cursor: I can't seem to get a shell or login or anything else prompt. How can I recover from this?	04:03
Smooch	!network	04:04
ubottu	Wireless documentation, including how-to guides and troubleshooting information, can be found at https://help.ubuntu.com/community/WifiDocs	04:04
Smooch	Hmm	04:04
Smooch	Ok sorry	04:04
Smooch	Have you tried restarting network?	04:05
cjs	What, on the working host, or on the broken VM?	04:05
cjs	Perhaps I wasn't clear: I have a VM that will no longer boot, and I can't figure out how to recover it. (This is a 10.04 minimal VM install.)	04:06
Smooch	Is it openvz?	04:06
cjs	Holding down shift or pressing ESC doesn't bring up a grub boot menu.	04:06
Smooch	openVZ? or Xen?	04:06
Smooch	VirtualBox even?	04:06
cjs	It's standard ubuntu KVM.	04:07
Smooch	Oh, sorry i have no experience with KVM	04:07
Smooch	Do you have access to the node?	04:07
Jordan_U	cjs: What happens when you try to boot? Have you tried booting with Super GRUB2 Disk?	04:08
Smooch	cfs: Is this a node or just a computer/server running ubuntu and kvm?, do you have root access to the host?	04:09
cjs	I boot the node, it gives me: "fsck from util-linjux-ng 2.17.2", "/dev/sda1: clean ..." and then messages similar to the one I posted above. Then a blinking cursor on the next empty line. The only keypress that seems to do anything is ESC, which repeats all that from the "fsck from ..." part.	04:09
cjs	Yes, I've got full access to everything.	04:09
Smooch	Ok well	04:09
Smooch	I don't know much about KVM but, if you can some how mount the image?	04:10
Smooch	That way you can edit the vms files	04:10
cjs	Hm. I suppose I could try that. It seems a bit...frustrating that a linux boot could get into a state where the kernel loads and userland starts, but you can't recover the system.	04:11
Smooch	Well if you can get into the vms files	04:12
cjs	"VMS files"?	04:12
Smooch	The vm itself, from the host	04:12
Smooch	You can backup some files too	04:12
cjs	Ah, you mean the filesystem the virtual machine is booting from. Yes.	04:12
Smooch	Yes	04:12
Smooch	Like i said, don't know much about KVM	04:13
Smooch	But if you have access to the file system :)	04:13
cjs	Well, this doesn't really appear to be a KVM problem; it appears to be an Ubuntu server userland problem.	04:13
Smooch	More than likely yes	04:13
Smooch	fsck from util-linjux-member:ng 2.17.2, isn't that the boot image?	04:14
cjs	As in, "WTF won't it go single user if something is wrong, rather than effectively wedging?"	04:15
cjs	I would presume that the startup scripts run fsck fairly early on.	04:16
Smooch	mhm	04:16
Smooch	probably	04:16
Smooch	Sorry, i can't personally help you	04:16
Smooch	Someone else might be able to :)	04:16
Smooch	and remove personally from that message	04:17
Smooch	:)	04:17
Smooch	well what i mean is	04:17
Smooch	i don't know how to fix this certain problem	04:17
cjs	Ha, looks like it's a udev/rules.d/70-persistent-net.rules that's on crack.	04:20
Smooch	ah	04:21
cjs	Nope, that didn't fix it. Sigh.	04:21
Smooch	Hi kokozedman :)	04:25
Smooch	Lol	04:25
Smooch	What was your question?	04:25
kokozedman	heheh	04:25
kokozedman	the NTP does not seem to work: all servers have their own time	04:25
kokozedman	which is causing a lot of problems	04:25
kokozedman	i thought Ubuntu already came with NTP already working	04:25
Smooch	https://help.ubuntu.com/10.04/server/C/NTP.html	04:26
kokozedman	Smooch: page not found 404	04:26
Smooch	whoops	04:26
cjs	Ok, simple enough. When I edited /etc/network/interfaces, I had "auto eth1" followed by config lines, but forgot the "iface eth1 inet static" between them.	04:26
Smooch	This one https://help.ubuntu.com/7.04/server/C/NTP.html	04:26
Smooch	try running ntpdate ntp.ubuntu.com does it work?	04:27
monsterb	https://help.ubuntu.com/10.04/serverguide/C/NTP.html	04:27
Smooch	:P	04:27
cjs	kokozedman: Was your local time very, very close to the servers when you started ntpd? If it's too far out, and especially if your hardware clock has a large skew, ntpd will not sync.	04:27
cjs	BTW, "ntpdate -d <server>" will give you debug output indicating what time the remote server thinks it is.	04:28
kokozedman	Smooch: yes the ntpdate works all the time, but after some days, it will be weird again...	04:28
kokozedman	isn't it running automatically?	04:28
kokozedman	i mean, isn't it supposed to be so?	04:28
Smooch	kokozedman: If doing ntpupdate works.. why not set a cron job?	04:28
Smooch	maybe set the timezone again?	04:29
kokozedman	Smooch: i thought so, but isn't that supposed to be the case in Ubuntu Server… listening to you talk makes me think that it's not the default behavior	04:29
kokozedman	timezone is already set… but i have another problem with that also	04:29
Smooch	I'm not sure if its the default behaviour actually	04:29
Smooch	Something must be resetting the time zone	04:30
Smooch	Are you connecting to another dns server? or through proxy?	04:30
kokozedman	these are new servers, so i don't know what is that "something" that is causing the reset	04:30
Smooch	How many servers are there?	04:31
kokozedman	i am connecting to the server through a HTTP proxy (thru corkscrew) but it's the server itself which is the proxy	04:31
kokozedman	4 servers	04:31
Smooch	and the server that its connecting thru a proxy has the right time zone?	04:31
kokozedman	yes, all of them have the right time zone… but it's not about the right timezone which is troubling, but the timezones that the applications actually see	04:32
kokozedman	i have several CGI and Django applications on each servers	04:32
kokozedman	and they all have a very weird time issues	04:32
kokozedman	sometimes the TZ environment variable is set to "America/Chicago"	04:32
kokozedman	and sometimes they are "Asia/Karachi"	04:33
kokozedman	the latter one is the one that is correct	04:33
kokozedman	the former one is totally incorrect	04:33
kokozedman	and related to this timezone issue is the time that the applications receive	04:33
kokozedman	rarely do the application get the right time, but most of the time, it's using the time in America (Chicago i suppose)	04:34
Smooch	https://help.ubuntu.com/community/UbuntuTime ?	04:34
Smooch	whoops	04:34
Smooch	thats desktop one :P	04:35
kokozedman	i've followed that many times already	04:35
kokozedman	lol	04:35
Smooch	try opening /etc/cron.daily/ntpdate ?	04:35
Smooch	whats in there?	04:35
kokozedman	it's a bash script	04:35
Smooch	shouldn't be	04:35
kokozedman	wait	04:35
kokozedman	i don't have that	04:36
Smooch	whats in /etc/ntp.conf ?	04:36
kokozedman	i only have ntp	04:36
kokozedman	i only have /etc/cron.daily/ntp	04:36
kokozedman	not ntpdate	04:36
Smooch	try ntupdate	04:36
kokozedman	i guess that has something to do with the 10.04	04:36
kokozedman	command not found	04:36
Smooch	apt-get install	04:37
kokozedman	you mean ntpdate?	04:37
kokozedman	apt-get install ntpdate?	04:37
Smooch	mhm	04:37
Smooch	sudo first of course	04:37
kokozedman	i'm already root	04:37
Smooch	thats fine then	04:37
kokozedman	man! ntpdate is already the newest version.	04:38
Smooch	enter man ntupdate does anything come up?	04:38
kokozedman	but i don't have /etc/cron.daily/ntpdate with that	04:38
cjs	kokozedman: For these applications, is the time zone supposed to be the correct one for the location of the server, or always the same regardless of where the server is located?	04:39
kokozedman	an entry is found for man ntpdate, but not for man ntupdate	04:39
cjs	(Although a better question is: why would you application care about what time zone you're using? Log stuff in UTC if you work across multiple time zones; it will make life much happier.)	04:39
cjs	kokozedman: ntpdate is normally run just once at boot, and perhaps once in a while when you bork your system. Otherwise ntpd should be taking care of keeping things in sync on a continuous basis.	04:40
kokozedman	cjs: it's supposed to be always "Asia/Karachi", no matter where the servers are located… the server are serving applications to Pakistan and it has to be honoring the time there… but at this time they are having time pointed to Chicago	04:40
cjs	kokozedman: In that case, set the TZ variable in your startup script.	04:41
Smooch	where does the server ip look up to?	04:41
Smooch	e.g what country/place do they say in whoius	04:41
Smooch	*whois	04:41
kokozedman	cjs: do you mind telling where is that startup script?	04:41
cjs	You're the guys starting the application, not me! :-)	04:43
cjs	Is this an app you developed, or is it something someone else wrote that you installed?	04:43
cjs	Keep in mind, I'm talking about the application startup script. The idea is that the application overrides whatever it's given when it starts.	04:44
kokozedman	cjs: i've already set the correct timezone (TZ) inside /etc/apache2/envvars … when i do, it has the correct timezone for about 2 or 3 requests, and then it goes back to the weird Chicago one after	04:45
kokozedman	i have developped it, i intended to receive the local computer's time and not care about what timezone is the script in, or is the time correct … i just assume that it will get whatever time the system is in	04:46
kokozedman	it has worked flawlessly in Gentoo Linux for about 4 years now	04:46
kokozedman	and since i'm leaving control of the server to a less proficient person, i decided to change the system to Ubuntu Server to make things easier for the person	04:46
cjs	Hm. Sounds like something is going wrong with apache or its startup scripts, then. I can't really help with that; I've not used apache in years, and never under Ubuntu.	04:47
kokozedman	but now, Ubuntu's time is getting us crazy	04:47
cjs	But you might consider reconfiguring things so that your application deals with the timezone, and doesn't depend on the environment, which is harder to control (as we've seen).	04:47
cjs	Maybe changing back to gentoo would make things easier. :-)	04:48
Smooch	Yeah	04:48
kokozedman	cjs: lol hahahaha… we paid $75 for each servers to be switched to Ubuntu… no way we're paying that again to switch back to Gentoo!!!	04:48
kokozedman	i just assumed that Ubuntu is stable enough to have weird problems like that	04:49
kokozedman	but i was wrong then! :-/	04:49
Smooch	Ubuntu is great actually	04:49
Smooch	But sometimes, you have to compile things from source.. if you know what i mean ;)	04:49
kokozedman	yes i know… but i don't know why it's doing this kind of weirdness in the servers	04:49
Smooch	Did you transfer it all to ubuntu?	04:50
Smooch	Perhaps you should back it up and re install ubuntu	04:50
kokozedman	i'm actually using a lot of Ubuntus in my VMware Fusion	04:50
cjs	If you want stability, don't change stuff. :-/	04:50
kokozedman	cjs: actually, i was sick and tired of Gentoo's package system… and Ubuntu's update and security is super	04:50
Smooch	Actually	04:50
cjs	I'm not a big fan of Ubuntu, but it doesn't seem much less stable than anything else out there that gets updated regularly.	04:51
Smooch	Maybe its the resolv.conf?	04:51
cjs	kokozedman: Yes, that's one of the main reasons I use it.	04:51
kokozedman	Smooch: what's about it?	04:51
cjs	And why I live with stuff like installing 10.04 LTS may go and trash disks on your KVM virtual hosts.	04:51
Smooch	Well, there the nameservers right.	04:52
Smooch	If your ntp'ing to the server	04:52
Smooch	perhaps ubuntus ntp server is getting the wrong ip	04:52
Smooch	well the wrong location	04:52
kokozedman	i don't think so	04:52
kokozedman	it's using the OpenDNS	04:52
kokozedman	all of them	04:52
Smooch	Oh	04:55
Smooch	Umm	04:55
Smooch	I'v read tons of things saying that openDNS is not good	04:55
kokozedman	oh?	05:00
kokozedman	then, i'll use Google DNS then	05:00
Smooch	try it :)	05:03
Smooch	erm	05:05
Smooch	I have a question of my own :)	05:05
Smooch	er	05:06
amstan_	kokozedman: openDNS lies actually, instead of giving you an error when a domain doesn't exist and letting your browser decide it lies and tells you that it exists, and points you at a server with advertisment on it	05:06
Smooch	how come apt-mirror takes so much cpu?	05:06
kokozedman	amstan_: i don't really consider that a harm ;) … it's just business, they need to advertise to run the servers right?	05:07
amstan_	kokozedman: except it's their business at our expense, it sometimes breaks things	05:08
Smooch	true	05:08
amstan_	when you're trying to do dns stuff for example, and you want to ping to check if a dns works, you'll always get a response	05:08
kokozedman	yeah	05:08
kokozedman	i didn't think that far :P	05:09
Smooch	might make my own dns servers	05:09
Smooch	would anyone be interested :P	05:10
kokozedman	heheheh	05:11
amstan_	Smooch: not really. i would probably get crappy pings	05:11
Smooch	hehe	05:11
amstan_	google dns is pretty decent these days, except that my ISPs DNS servers are faster(TekSavvy)	05:12
kokozedman	is there a way to check that crontab syntax is correct?	05:12
Smooch	send your crontab via pastebin	05:12
Smooch	and ask if its correct?	05:12
amstan_	kokozedman: put it on pastebin?	05:12
kokozedman	hehehe	05:12
kokozedman	lol	05:12
Smooch	lol	05:12
kokozedman	http://paste2.org/p/903943	05:14
kokozedman	it is the last 3 lines which is causing things to not work	05:15
Smooch	*; ?	05:15
kokozedman	oh, i guess i see	05:16
kokozedman	lol	05:16
kokozedman	for the username	05:16
kokozedman	hehe	05:16
Smooch	hehe	05:17
=== Smooch is now known as Smooch_away
=== Smooch_away is now known as Smooch
cjs	kokozedman: Why not just run your own DNS servers? It's as easy as "aptitude install bind9".	05:20
kokozedman	cjs: what's wrong with Google's? i'm using that now	05:21
cjs	It's yet one more external dependency to go wrong.	05:21
GhostFreeman	How do I generate the UUID for a hard drive?	05:21
cjs	Not to mention that it lies from time to time, as mentioned above.	05:21
amstan_	cjs: to go wrong? DNS would be the last thing to go wrong	05:21
cjs	GhostFreeman: hard drives don't have UUIDs. Perhaps you're thinking of a partition or something like that?	05:22
amstan_	cjs: there's usually 3 DNS servers	05:22
GhostFreeman	ok, a partition	05:22
cjs	amstan_: DNS is one of the first things to go wrong. See above about Google's DNS lying to you.	05:22
GhostFreeman	what is the weapon of choice.	05:22
amstan_	GhostFreeman: you don't generate it, you just read it	05:22
cjs	GhostFreeman: What kind of partition?	05:22
GhostFreeman	I need to read it so I can add it to fstab	05:22
amstan_	GhostFreeman: ls /dev/disk/by-uuid	05:22
GhostFreeman	a Linux LLVM part	05:23
cjs	GhostFreeman: Ah! You want to know the UUID of an existing partition! "blkid" is your very, very best friend, here.	05:23
GhostFreeman	what is an example command for blkid	05:23
GhostFreeman	the comments in fstab are very vague	05:23
cjs	"blkid". (As root, though.)	05:23
GhostFreeman	got it	05:24
amstan_	cjs: meh.. my way doesn't need root	05:24
cjs	amstan_: yes, but your way doesn't give the partition types as well.	05:24
amstan_	cjs: so.. what about google lying?	05:25
cjs	Oh, that was OpenDNS. Oops.	05:25
amstan_	google doesn't do the advertisment on nonexisting domains	05:25
Smooch	got disconnected :P	05:25
GhostFreeman	once I edit fstab, how can I reload it?	05:25
amstan_	GhostFreeman: mount -a	05:25
cjs	GhostFreeman: It's not continuously "loaded" by anything. The mount command (and various others, such as fsck) look up data in it when they start.	05:26
kokozedman	cjs: so, i'm good with Google's DNS then ;)	05:26
GhostFreeman	thanks everyone	05:26
amstan_	kokozedman: yes	05:26
cjs	GhostFreeman: If you want to mount the filesystem you just added, just type "mount /foo" or whatever its mount location is.	05:26
kokozedman	:D cool	05:26
cjs	kokozedman: I guess. I just reckon, why rely on yet another external service when it's trivial to do yourself.	05:26
amstan_	kokozedman: mount -a just reads the fstab and tries to mount anything not already mounted	05:26
Smooch	cfs great point	05:26
GhostFreeman	One last question: What's a good disk partition editor that's not complicated like parted?	05:27
Smooch	js sorry	05:27
Smooch	Gparted	05:27
cjs	Heck, I even run separate resolving servers on my virtual hosts, even though they could use the one on the host host.	05:27
amstan_	cjs: hosting dns will induce extra delays on dns lookups	05:27
cjs	amstan_: ?	05:27
GhostFreeman	...that works in a shell	05:27
GhostFreeman	(so no gparted)	05:27
Smooch	fdisk	05:27
amstan_	cjs: well.. the local dns server will have to check the database, and if not there already check with the upper servers, why not just skip the local dns and make all comps use those external servers?	05:28
cjs	amstan_: you mean, resolving stuff yourself is slower than having someone else do it for you? Only if it's cached in theirs and not yours. If you both have it cached, using the local copy will be slightly faster.	05:28
cjs	It's also a security issue, of course. You have to trust Google quite a lot to use their DNS.	05:29
amstan_	but you have to trust someone either way	05:29
amstan_	local dns doesn't magically make you not need to ever trust another dns server	05:29
cjs	amstan_: Your characterization of a DNS lookup is not correct; walk through it slowly.	05:29
cjs	amstan_: And the issue is not that you have to trust someone, it's that you have to trust Google as well as anybody else you'd also have to trust.	05:30
amstan_	isn't a local dns server just a cache? so you have to tell that server to use another server to lookup the unknown domains?	05:30
cjs	It's a decision you have to make, of course. If typing "aptitude install bind9" is really that much work, or the result uses up too much disk space, or whatever, sure, go ahead. But you are certainly (if possibly only in a very tiny way) increasing your changes of DNS resolution failing and security problems.	05:31
cjs	Any resolving DNS server is just a cache. Google's is no different from yours (though they might be using something other than bind9).	05:31
amstan_	ok.. so knowing that, what dns resolver do you give to your local dns server?	05:32
cjs	But when you query their server on a.b.c.d rather than your own on 127.0.0.1, either way the server will go through the exact same process to resolve the name.	05:32
cjs	amstan_: There is no DNS resolver for your local server. That's the point. Your local server is the resolver.	05:32
cjs	It only ever asks for non-recursive answers, and follows the chain itself.	05:33
amstan_	cjs: but where does it get its info from?	05:33
kokozedman	cjs: how do i make the ntp (which is starting ntpd) service started on start-up?	05:33
kokozedman	sorry, i didn't mean to highlight cjs	05:33
kokozedman	:P	05:33
cjs	amstan_: how does it know the root servers? /etc/bind/db.root. It's a set of "well known" data.	05:33
cjs	kokozedman: If you just did standard apt-get of it, it should start itself. Check first for /etc/init.d/ntp, and then /etc/rc?.d/ntp	05:34
amstan_	kokozedman: according to http://www.howtoforge.org/perfect-server-ubuntu8.04-lts-p7 it's enough just to install it	05:34
kokozedman	amstan_: well, i think 10.0	05:34
amstan_	kokozedman: same thing for this particular thing	05:34
kokozedman	10.04 have it installed by default	05:34
kokozedman	right?	05:34
amstan_	i don't think so	05:34
kokozedman	no way man! i have not installed that service on my own… but it's there	05:35
kokozedman	in all servers	05:35
kokozedman	i mean: /etc/init.d/ntp exists in all servers	05:35
amstan_	idk then, i did not say i'm certain	05:35
kokozedman	but here is what i noticed: when i start that service, i will not be able to run ntpdate	05:36
kokozedman	and thing is: i can run ntpdate freely on ALL servers	05:36
cjs	It depends on which flavour of server install, too. There's, e.g. "minimal" vs. regular, and minimal has that extra "Basic Ubuntu server" option in the package install screen in the installer which I don't know just what it does.	05:36
kokozedman	which means, they have not been run at start-up	05:37
cjs	kokozedman: Yes. You can run ntpdate with -d, to see the difference, but if you try to run it without that it tries to use the port that ntpd is already listening on.	05:37
kokozedman	cjs: it's the normal	05:37
cjs	And anyway, you always want to stop ntpd before running ntpdate, and start it again afterwards.	05:37
amstan_	yeah, i just tought to check an existing install @hypertriangle.com and i get 5 Jul 00:41:51 ntpdate[7191]: no servers can be used, exiting	05:37
Smooch	erm	05:38
kokozedman	cjs: exactly!! i did not have to stop ntpd and ntpdate worked well	05:38
cjs	Yes, but is ntpd still happy?	05:38
kokozedman	if ntpd is running, then i'll get something like: 5 Jul 09:38:50 ntpdate[12209]: the NTP socket is in use, exiting	05:38
kokozedman	what you mean?	05:39
cjs	And by how much did ntpdate adjust the time?	05:39
cjs	kokozedman: That message means that ntpdate didn't do anything.	05:39
kokozedman	the point i'm trying to proove is that ntpd is NOT start at boot time	05:39
cjs	Well, to prove that, reboot and then type "ntpdc -p".	05:39
kokozedman	otherwise the first time i tried ntpdate, i would get that error because ntpd is already running	05:40
cjs	Though I have six Ubuntu 10.04 servers here that say otherwise. :-)	05:40
kokozedman	i'll have to wait for tonight to reboot, because people are using the services :P	05:41
qman__	ntpdate does not work correctly, use ntpdate-debian	05:41
cjs	kokozedman: Oh, BTW, do you use etckeeper? If not, you really want to. You really, really want to if you might have to come back to the installation after someone else has been administering it for a while.	05:41
qman__	it's because of how the package is configured	05:41
cjs	kokozedman: Pffft. Users. Don't let such unimportant things get in the way of your work.	05:41
kokozedman	lol	05:42
qman__	kokozedman, ^	05:42
qman__	that problem stumped me at first as well	05:43
kokozedman	qman__: i'll try that… but please confirm: does ntpdate-debian run ON STARTUP?	05:43
qman__	ntpdate is present but will not work correctly, at all	05:43
qman__	ntpdate-debian runs periodically	05:43
qman__	it's in cron	05:43
kokozedman	qman__: thanks for confirming this problem	05:43
Smooch	:)	05:44
kokozedman	cool	05:44
qman__	I'm also fairly certain it runs post if-up	05:44
Smooch	you may see that i'm randomly doing emotions	05:44
Smooch	its so i don't get disconnected	05:44
qman__	so it would effectively run on startup	05:44
kokozedman	Smooch: lol… why the disconnection?	05:44
Smooch	kokozedman: irc servers auto disconnect idle connections some times	05:45
qman__	not this one	05:45
kokozedman	??? not on mine	05:45
Smooch	ok	05:45
Smooch	also	05:45
kokozedman	to the errors i see, it is actually your connection which is closing	05:45
Smooch	does anyone know how to successfully setup a irc server with nickserv on ubuntu 10.04?	05:45
qman__	I have not done it myself	05:46
kokozedman	neither did i	05:46
Smooch	not sure if i should reinstall a vps with centos of ubuntu for this	05:46
kokozedman	why would you want to anyway?	05:46
qman__	I've heard that unrealircd is best, but I can neither confirm nor deny	05:46
Smooch	i need to create an irc channel for a commercial project	05:46
kokozedman	oh… i see	05:46
Smooch	gtg	05:47
qman__	about your disconnection issues	05:47
qman__	make sure your client is sane	05:47
qman__	mIRC has a habit of doing that, but I can see you're not using it	05:47
Smooch	collyquy mac	05:47
Smooch	colloquy	05:47
kokozedman	Smooch: running on ADSL?	05:48
kokozedman	i mean ADSL router?	05:48
Smooch	not right now	05:48
qman__	yeah, some ADSL routers like to disconnect you when idle	05:48
qman__	it's rather annoying, but usually configurable	05:48
kokozedman	disconnection also happens at the ISP side, they reset your IP at times	05:48
Smooch	normally cable router	05:48
kokozedman	when that happens, you get disconnected	05:48
kokozedman	i use an almost undisconnectible technique ;) :D	05:49
kokozedman	i run my own kind of TCP implementation… so i don't get disconnected ever, even if the ISP will do their stupid resets	05:50
kokozedman	qman__: what is the name of the packet again? i can't find ntpdate-debing	05:51
kokozedman	ntpdate-debian*	05:51
qman__	should be in your path, one moment	05:51
qman__	/usr/sbin/ntpdate-debian	05:51
kokozedman	??? who am i supposed to use that?	05:51
KurtKraut	Smooch, you won't face any diference in seting up a IRC server with Ubuntu or CentOS.	05:52
qman__	you just run it	05:52
qman__	and it updates your local time	05:52
chrismsnz	hey guys - anybody have any experience with running ipvs/keepalived on a recent version of ubuntu? I have reason to suspect that UFW is interfering with the operation of the load balancer	05:52
qman__	based on the settings you have configured	05:52
kokozedman	qman__: what about the cron? do i have to set that up manually?	05:52
qman__	no, it is configured out of the box	05:52
qman__	/etc/cron.daily/ntp	05:53
kokozedman	qman__: here is my concerns: will it run again at startup? will it continue to run in the background or just one shoot?	05:55
qman__	it runs daily	05:55
qman__	whenever all your other daily tasks run	05:55
kokozedman	ok	05:55
qman__	it also runs whenever your interface goes up	05:56
qman__	/etc/network/if-up.d/ntpdate	05:56
Smooch	Hi	06:00
kokozedman	lol	06:01
kokozedman	Smooch: there is a ptunnel program which you can use to avoid being disconnected too much	06:01
KurtKraut	Smooch, you won't face any diference in seting up a IRC server with Ubuntu or CentOS.	06:02
kokozedman	it is sending ICMP packets rather than TCP packets	06:02
Smooch	well	06:02
Smooch	rebuilding vps with ubuntu 9.04	06:02
kokozedman	and it doesn't care which IP or route or … you're sending the packets, as long as it arrives you're connected	06:02
Smooch	10.04 = corrupted template	06:03
GhostFreeman	I forgot the command to generate the UUID for a partition	06:03
Smooch	going to use http://news.softpedia.com/news/Building-Your-Own-IRC-Server-With-Services-40772.shtml to setup the irc	06:03
Smooch	server.	06:07
Smooch	hi?	06:11
Smooch	?	06:17
GhostFreeman	Should a newly-created linux partition have a lost+found directory in it?	06:37
lifeless	yes	06:38
GhostFreeman	oh	06:39
GhostFreeman	ok thanks	06:42
=== amstan_ is now known as amstan
kaushal	Hi	07:52
kaushal	I am using pxe image to install ubuntu server on all the servers	07:52
ljungk	I'm trying to set up a mail server using postfix. my isp blocks port 25. will i still be able to make it recieve mail?	07:54
kaushal	the issue is that it installs a generic kernel	07:54
kaushal	I have both server kernel and generic kernel	07:55
kaushal	basically i need to install server kernel	07:55
kaushal	what changes i need to do on the pxe image to install server kernel ?	07:55
Snadder	Anyone know if its possible to add a machine with a diffrent processor to a UEC setup?	07:59
qman__	Snadder, UEC will run on pretty much any computer which has hardware virtualization	08:02
Snadder	qman__, but in normal virtualization.. you can't have one cluster with diffrent processor types..	08:03
qman__	Snadder, if by processor types, you mean x86 vs sparc vs mips vs alpha, then yes	08:05
qman__	but if by processor types you mean intel core 2 vs intel i7 vs AMD phenom, then no	08:05
Snadder	qman__, I mean.. if you upgrade to a faster x86 processor.. then you need to create a new cluster.	08:05
qman__	not with UEC	08:05
Snadder	qman__, NICE :-)	08:06
qman__	UEC is more similar to VMWare than it is to traditional clustering	08:06
qman__	the cloud bits are all handled in higher level software	08:06
qman__	as long as the hardware is fast enough and supports the right features, it will work	08:06
Snadder	qman__, how come really.. won't it be very ineffective to not run in instance directly on the hardware.. with a layer in between?	08:07
Snadder	an*	08:07
qman__	it does, using hardware virtualization features	08:07
qman__	it uses a common set of processor extensions	08:07
qman__	however, memory and addon device features are handled in software	08:08
qman__	so that, regardless of the actual hardware, your virtual environment is the same	08:08
Snadder	qman__, But if UEC runs on 2 diffrent x86 processors, how is it then possible to move an instance from one type to another?	08:08
qman__	the instances do not make use of features that are not common across all supported hardware	08:09
Snadder	qman__, so it will be transparant to which type of processor it runs on?	08:09
Snadder	Cool.	08:09
qman__	yes	08:09
Snadder	qman__, is it any other large benefits of using UEC compeard to virtual private server setups?	08:10
qman__	UEC scales better	08:10
Snadder	explain.. in what way?	08:11
qman__	if you have lots of instances and lots of hardware, UEC can better manage what goes where	08:11
qman__	where with regular VPS, you must decide ahead of time how to divide your resources	08:11
Snadder	Ahh.	08:12
qman__	which is fine for a few servers, but gets very cumbersome with a large load	08:12
Snadder	How many servers do we need to get the benefits of UEC?	08:12
qman__	well, it's not really a strict number, but UEC also requires a controller machine	08:13
qman__	so you must evaluate for yourself	08:13
qman__	but if you've got more than ten servers and more than 100 regular instances, UEC is definitely worth trying	08:13
Snadder	We have app. 500 physical servers..	08:14
qman__	then it is definitely worth looking into	08:14
kaushal	qman__, hi	08:14
qman__	try setting up a lab environment	08:14
Snadder	But don't know how many of those we will virtualizing.	08:14
qman__	see if it performs to your needs	08:15
Snadder	qman__, is it possible to run UEC on hyper-v?	08:15
qman__	UEC itself must be run on physical hardware	08:15
qman__	because it makes use of the virtualization feature	08:15
lifeless	not true	08:15
lifeless	you can run it with qemu	08:15
lifeless	its obviously slower	08:15
qman__	really?	08:16
lifeless	see kirkland's demo image as an example of doing this	08:16
qman__	still, qemu is not anywhere near as fast as hardware virtualization	08:16
qman__	and won't give you a good idea of how it will perform	08:16
lifeless	of course	08:16
lifeless	it performs like kvm :)	08:16
lifeless	there really isn't any need to use UEC to assess that :P	08:16
Snadder	We have some old vmware clusters we can run it on also.. if thats better.	08:17
Snadder	Linux on hyper-v sucks..	08:17
qman__	vmware is a bit faster than qemu, but it's still not going to give you an accurate picture of the performance	08:17
qman__	however, it will give you an experience of how it behaves and how to use it	08:18
Snadder	Yeah.	08:18
lifeless	I believe there is a vmware backend, but we explicitly don't support it.	08:18
qman__	running virtual machines inside virtual machines is naturally inefficient and complex	08:19
Snadder	Ok.. I will try to get some hardware for it. :-)	08:20
Snadder	qman__, lifeless how much memory is required to run UEC?	08:23
lifeless	Snadder: a couple GB is best for the cloud controller	08:23
qman__	I wouldn't attempt with less than 1GB, but more is always better	08:24
lifeless	a hundred MB or so for the node controller on each node	08:24
Snadder	Is 4GB enouch to run all 3 machines to get UEC up?	08:24
rahman	Hi, I have a squid proxy running. When I do a "whatismyip.com" it says "Possible Proxy Detected: 1.1 apache:8888 (squid/2.7.STABLE6)". How can I prevent this? I want to make the proxy users to connect to internet with the proxy servers ip address. I don't want the squid to modify anything else in the http headers.	08:29
Snadder	I can alternative use two physical machines with 4gb memory each.. or is one machine enough?	08:29
lifeless	2 is easiest	08:31
lifeless	I documented how to do it on one on the help.ubuntu.com wiki though	08:31
kim0_	rahman, google for X-Forwarded-for	08:31
kaushal	hi	08:35
kaushal	I am using ks.cfg http/tftpd/pxe server install Ubuntu 8.04 server over the network method	08:36
kaushal	the issue is that it installs generic-kernel instead of server kernel	08:36
kaushal	is there a way to fix it on the pxe image ?	08:36
kaushal	Please suggest	08:37
Snadder	lifeless, one psysical machine with Cloud controller.. another one with cluster controller and node controllers?	08:40
lifeless	one with cloud/cluster, one with node controller (== one node)	08:40
Snadder	Ah, ok.	08:40
kim0_	lifeless, I had tried the one node installation coz that's only what I have and it was failing at registration (on 10.10)	08:43
kim0_	lifeless, was there some known problem	08:43
lifeless	kim0_: did you see the docs on help.ubuntu.com ?	08:43
kim0_	I was following an extermal article	08:44
kim0_	don't think it was on the wiki	08:44
Snadder	lifeless, any docs you recommend to read before setting UEC up?	08:45
lifeless	https://help.ubuntu.com/community/UEC	08:46
Snadder	I got 2 psysical Opteron machines with 4gb memory each.	08:46
lifeless	kim0_: https://help.ubuntu.com/community/UEC/Topologies	08:46
kim0_	lifeless, thanks .. will give it another shot	08:47
lifeless	Snadder: https://help.ubuntu.com/community/UEC/PackageInstall also for you	08:47
Snadder	lifeless, I have debian already installed on theese machines.. can I fire up UEC without reinstalling?	08:49
Snadder	I guess not.	08:50
qman__	while I suppose it's theoretically possible, installing ubuntu will make things much, much simpler	08:51
Snadder	Yeah.. I'll do that.	08:52
rahman	kim0_: I am new to squid so I can be wrong but isn't "X-Forwarded-for" is to keep and use users real ip in the header instead of proxy servers ip?	08:56
kaushal	can someone please guide me about my post on https://lists.ubuntu.com/archives/ubuntu-server/2010-July/004402.html	08:58
kim0_	rahman, I'm no squid expert either .. you might wanna ask in #squid	08:59
rahman	kim0_: Ok, thanks	08:59
kim0_	rahman, in general .. I think you want to hide "Via, Forwarded, X-Forwarded-For and Client-ip headers" from your headers so the 2nd party doesn't know there's a proxy	08:59
Snadder	lifeless, qman__ I only have 2x40gb scsi disks in each machine.. do you think its possible to run it in two partitions with those?	09:03
lifeless	easy as	09:04
lifeless	you can get by with a 2GB flash drive if you have too :)	09:04
lifeless	(Don't try though - use the 40GB :)	09:04
Snadder	lifeless, here it says 40gb is minimum.. but 200gb is sugested: https://help.ubuntu.com/community/UEC/PackageInstall	09:04
lifeless	'meh'	09:05
lifeless	for a test environment - you will be fine	09:05
lifeless	theres lots of caching can happen	09:05
Snadder	Ok.	09:05
Snadder	lifeless, so there is no point puttin in two 40gb in both machiines?	09:06
huats	morning	09:07
uvirtbot	New bug: #601803 in whois (main) "when whois and mkpasswd are build locally they have .mo file conflicts" [Undecided,New] https://launchpad.net/bugs/601803	09:21
=== MenZa is now known as lhavelund
=== kim0_ is now known as kim0
=== kaushal_ is now known as kaushal
kaushal	checking in again for my query ?	09:41
kaushal	can someone please guide me about my post on https://lists.ubuntu.com/archives/ubuntu-server/2010-July/004402.html	09:44
DizzyDoo	Quick question from a Ubuntu Server newbie, how do I change my networking settings from using eth0 to eth1?	09:55
kim0	DizzyDoo, /etc/network/interfaces ?!	09:56
qman__	DizzyDoo, change in /etc/network/interfaces	09:56
DizzyDoo	Right, I did that, apparently that's not the problem I have. I'll go troubleshoot some more as to why I'm not getting a connection	09:56
qman__	if your question is how to change eth1 to eth0, it's in /etc/udev/rules.d/70-persistent-net.rules	09:56
Gorlist	hi, quick question. I want to secure my tmp and var/tmp directorys. Is using a loopback just as good as making a new partition?	10:07
Snadder	qman__, lifeless : do you know if iscsi is supported with UEC?	10:10
lifeless	should be	10:10
naftilos76	hi guys, i just need to confirm with you whether the cookies or the server-side sessions way is the most secure way to maintain on a website. I have read in the net but i am a little bit confused. Can you advise?	10:46
RoyK	Gorlist: should work well	10:47
Gorlist	;) okay	10:47
RoyK	Gorlist: you can use the same filesystem for both	10:47
Gorlist	would that cause problems with plesk control panel?	10:48
Gorlist	also ive made is 1 gig, big enough?	10:48
RoyK	that depends on how much writing there is to /tmp	10:49
RoyK	plesk?	10:49
RoyK	ubottu: plesk?	10:49
ubottu	Error: I am only a bot, please don't think I'm intelligent :)	10:49
Gorlist	plesk control panel	10:50
Gorlist	I might make two file systems	10:50
Gorlist	just on the safe side	10:50
RoyK	Gorlist: 1 gig might be on the low side - anyway, use something like nagios to monitor the filesystems	10:53
Gorlist	if I increase the size, what should i have for the count e.g. "bs=1024 count=1000000"	10:53
Gorlist	so say for 2 gig, do I just double the count?	10:54
Gorlist	i understand	10:57
Gorlist	confusing my self, bs is byte size and the count is the total size	10:57
cjs	Damn I am just having the worst week ever. Another system falling to pieces.	11:06
cjs	How do I fsck a filesystem that starts 2048*512 bytes into the block device on which it resides?	11:06
lifeless	loopback	11:07
Smooch	Hey	11:07
Smooch	i'm having a problem setting up unrealircd and anope services on ubuntu 9.04	11:08
cjs	losetup -v -o $((2048*512)) /dev/mapper/prod	11:08
cjs	loop: can't get info on device /dev/mapper/prod: Inappropriate ioctl for device	11:08
cjs	It's a block device that was created by cryptsetup.	11:08
Smooch	lost connection	11:08
Smooch	sorry if someone said something before	11:08
cjs	lifeless: any thoughts? I have no idea why it's refusing to "mount" it.	11:10
RoyK	Gorlist: to make 2GB files, bs=1M count=1k	11:11
RoyK	erm	11:11
RoyK	Gorlist: to make 2GB files, bs=1M count=2k	11:11
cjs	Or I'm open to ways of convincing the VM using it to give me a command line of any sort, rather than refusing all input after telling me that fsck failed on boot.	11:11
tola	Hi, I started up my Ubuntu Enterprise Cloud environment this morning which was working OK last week. Now every time I start an instance they stay "pending" for a long time and then immediately terminate. The only errors I can see in the eucalyptus logs are "shawn(): network state maintainance failed" and "vnetAttachTunnels(): bad input params". Can anyone suggest where I should start to diagnose this problem?	11:11
RoyK	cjs: cryptsetup? you mean it's encrypted?	11:12
lifeless	cjs: break=top	11:12
lifeless	cjs: or whatever - see the debugging boot wiki pages	11:12
tola	cancel that, I fixed it by restarting the cluster controller with clean=1	11:12
Gorlist	ive made it 20GB	11:13
cjs	RoyK: the partition underlying /dev/mapper/prod is encrypted. /dev/mapper/prod is the decrypted version.	11:13
Gorlist	might seem excessive but never know on backups etc	11:13
cjs	lifeless: Oh, sorry, you didn't see about my earlier issue. How do I get a grub menu? Holding down shift doesn't seem to work.	11:13
lifeless	its a vm	11:13
lifeless	set the parameters in the config file	11:14
cjs	lifeless: Ah! Where is this config file? Under /etc/libvirt?	11:15
cjs	Or are you talking about the grub menu file in the VM's partition?	11:15
Snadder	Does UEC support IBM svc san controll?	11:15
lifeless	cjs: somewhere	11:16
lifeless	Snadder: if kvm does	11:16
cjs	lifeless: Is it a grub config option or a kvm config option?	11:16
lifeless	kvm, the kernel is booted outside the vm	11:16
lifeless	kindof	11:16
cjs	Well, that would explain my issues!	11:17
RoyK	cjs: ah	11:18
RoyK	cjs: do you have space somewhere to take a dump of /dev/mapper/prod ?	11:18
cjs	lifeless: Hm. Are you sure it's booted outside of kvm? I don't see anything in the libvirt config that looks like anything diskwise, except the one raw partition it uses as the HDD.	11:19
RoyK	if /dev/mapper doesn't support that ioctl call, moving the data out might be a way to go	11:19
lifeless	pretty sure. IMBW	11:19
Snadder	lifeless, is it possible to run UEC instances over nfs from another machine?	11:19
cjs	RoyK: I think so, and I've already started a dump of that. If it doesn't fill up my entire disk, it should be done in a couple of hours. Then an fsck, then a couple of hours to copy back....	11:19
lifeless	Snadder: ?! no idea.	11:20
Snadder	lifeless, since I might not be able to get the ibm san working.. then I will be abit short with disk.	11:21
lifeless	Snadder: you have 80g to work with, thats _tonnes_	11:21
lifeless	to play with	11:21
Snadder	ok	11:21
lifeless	its really really important to plahy with it	11:21
lifeless	get a feel for it.	11:21
lifeless	then do planning.	11:21
lifeless	you can't reason about how to deploy it until you feel how it works.	11:22
Snadder	OK :-D	11:22
Snadder	lifeless, reading a pdf named "ubuntu enteprise cloud architecture" from august 2009.. about how it all works.. should I maybe be reading the ubuntu.com links you gave me earlier instead.?	11:23
lifeless	I think you should install it	11:23
lifeless	and play :)	11:23
Snadder	Ok.. I will do reading today.. installing tomorrow.	11:24
Snadder	have booked 3 hours at the datacenter tomorrow..	11:24
tola	Why does a eucalyptus instance set to 5GB capacity in the Ubuntu Enterprise Cloud web UI only have a 1.4GB root partition and then 3GB mounted to /mnt?	11:29
=== freeflyi1g is now known as freeflying
RoyK	tola: perhaps asking on #ubuntu-virt may give you better answers	11:37
tola	RoyK: thanks	11:40
cjs	Boy, that was silly. It just wasn't clear from the help text that losetup must be provided with either a -f option or a loop device.	11:47
cjs	Well, the error message didn't exactly help, there.	11:48
=== 30BAAS7FZ is now known as cyber_Rock
=== cyber_Rock is now known as Cyber_Rock
blackthor	greetings. is there anyone that could confirm that 10.04 LTS is running fine HP ML 150 G6 ? on the HP partner page of canonical there is only info about 9.04 LTS and the 150G6 isn't on it :(	12:04
kaushal	Hi	12:27
kaushal	is there a way to create Netboot images ?	12:27
kaushal	I got a reply from https://lists.ubuntu.com/archives/ubuntu-server/2010-July/004402.html	12:39
kaushal	How can i integrate the server kernel into the PXE Netboot image	12:40
kaushal	can some one please guide me	12:40
TREllis	kaushal: here's a good guide, http://www.ubuntu.com/system/files/u1/AutomatedDeploymentsWP-20090126.pdf	12:40
kaushal	TREllis, Thanks	12:41
kaushal	I have a working setup already in place	12:42
kaushal	the issue is that it by defaults installs generic kernel and not server kernel	12:43
=== baffle_ is now known as baffle
TREllis	kaushal: are you using a kickstart file or preseed file?	12:47
kaushal	ks.cfg	12:47
kaushal	yeah kickstart file	12:48
TREllis	kaushal: right, not sure for the solution if using kickstart. I would myself use preseed as it's the native way provide answers to the debian installer	12:48
TREllis	and the second mail on that thread gave you the answer, "d-i base-installer/kernel/override-image string linux-server", if using preseed you need to include that line in the file	12:49
kaushal	TREllis, i totally agree	12:50
kaushal	but i dont use preseed method	12:50
kaushal	can i customize the Netboot image ?	12:51
TREllis	it sounds like you do not really want to "customize the netboot image"	12:52
TREllis	it sounds like you are doing network installs and just want the correct kernel installed?	12:52
kaushal	ok	12:53
kaushal	yes	12:53
kaushal	TREllis, is that possible ?	12:55
TREllis	kaushal: not sure sorry, I would go straight for a preseed file and not a kickstart, then you can use the d-i option above	12:55
kaushal	TREllis, ok. where can i seek help for my use case ?	12:57
zul	morning	13:03
skaag	I upgraded an ubuntu 10.04 server which has a really small /boot/ partition (only 46mb :-( ), and it has failed to boot	13:22
skaag	now support have booted a microknoppix and I have mounted the original drive	13:22
skaag	and I'm trying to find out why it failed the boot process	13:22
skaag	I just upgraded from 2.6.32-22 to 2.6.32-23	13:23
skaag	2.6.32-22 worked fine	13:23
pmatulis	skaag: try removing the old kernel to make space after booting with a ubuntu rescue cd (live or alternate)	13:24
skaag	I removed and now all I have are those files:	13:24
skaag	actually I don't want to list them here, too long, don't want to spam the channel	13:25
pmatulis	skaag: how did you remove?	13:25
skaag	I erased the files in /boot/ and updated menu.lst	13:25
pmatulis	skaag: bad boy	13:25
skaag	:-)	13:25
pmatulis	skaag: you should always use apt to manage packages	13:26
pmatulis	skaag: pastebin the contents of /boot	13:27
pmatulis	!pastebin	13:27
ubottu	For posting multi-line texts into the channel, please use http://paste.ubuntu.com \| To post !screenshots use http://tinyurl.com/imagebin \| !pastebinit to paste directly from command line \| Make sure you give us the URL for your paste - see also the channel topic.	13:27
skaag	http://paste.ubuntu.com/459447/	13:28
skaag	pmatulis: I did upgrade the kernel with apt	13:28
skaag	the thing is that because the /boot/ partition is so limited in size, for historical reasons, I mount --bind /boot to /boot.tmp	13:29
skaag	I then do the upgrade	13:29
skaag	and I then move files manually back to the real /boot/	13:29
skaag	quite unfortunate, that I have to do this for every kernel upgrade	13:29
pmatulis	skaag: geez, and why /boot so small?	13:29
skaag	that's how that hosting company set it up for me :-(	13:29
skaag	they claim they usually make it 100mb	13:29
pmatulis	skaag: i would re-install if possible	13:29
skaag	I'm going to abandon that server by end of this month	13:30
skaag	but until then I must regain access to it for a little while	13:30
skaag	just want to make sure it can boot again	13:30
pmatulis	skaag: i now never use /boot less that 512 MB, got tripped up when using 256	13:30
skaag	yes I know, I actually allot 1gb for my /boot/ partitions, just to be safe, and space is so ample... why not... :)	13:31
pmatulis	skaag: 'xactly	13:31
skaag	kernels are just growing in size..	13:31
skaag	I've also just updated grub:	13:32
skaag	http://paste.ubuntu.com/459448/	13:32
skaag	I've mapped /dev and /proc properly, mapped /dev/sda1 to /media/sda3/boot/ and chrooted to /media/sda3 (root), so it's like i'm in my real ubuntu install	13:32
skaag	so apt, grub, and all the utilities work like before	13:32
pmatulis	skaag: great	13:33
skaag	grub is installed on /dev/sda1, still, so I believe I don't need to reinstall grub itself to the boot sector...	13:33
skaag	/dev/sda1 = /boot and /dev/sda3 = /	13:33
pmatulis	skaag: how much room in /boot now?	13:33
skaag	what would you recommend I verify now, before I reboot? :)	13:33
skaag	/dev/sda1 46M 32M 12M 74% /media/sda3/boot	13:34
skaag	12mb free	13:34
skaag	because there's just 2 kernels in there	13:34
pmatulis	skaag: i guess reboot and see	13:36
skaag	is there some magic I can do in grub to allow me to automatically regain access to the machine?	13:37
pmatulis	skaag: how can you access a machine remotely that is not booted?	13:38
skaag	I ask the support over there, and afer a very long time, they boot microknoppix for me ;-)	13:38
skaag	I just wondered if there's something I can do such that if grub fails booting, it will enter some special mode where I can telnet into it	13:39
pmatulis	skaag: no	13:39
skaag	ok then	13:40
pmatulis	skaag: this is where IPMI/DRAC/KVM comes in	13:40
skaag	I'll just reboot and pray	13:40
skaag	yah, I need to find a good US hoster with IPMI/KVM such as I have in europe	13:40
skaag	with that, I don't need support at all, I just fix everything myself...	13:40
pmatulis	skaag: yeah	13:40
pmatulis	skaag: you can always reinstall a specific kernel	13:41
skaag	maybe I should do that	13:41
skaag	before I reboot	13:41
skaag	just to be sure	13:41
pmatulis	skaag: (meaning the latest one)	13:41
skaag	how do I do this for 10.04	13:42
skaag	latest kernel	13:42
skaag	apt-get install --reinstall linux-image-2.6.32-23-generic-pae?	13:42
bogeyd6	How can I find who built a particular package?	13:43
pmatulis	skaag: linux-image should be enough but your command should hurt	13:43
pmatulis	should not hurt	13:43
skaag	bogeyd6: apt-cache show joe	13:43
skaag	ok	13:43
bogeyd6	hmm just says ubuntu developers as the maintainer	13:45
skaag	bogeyd6: hich package?	13:46
skaag	which	13:46
bogeyd6	zoneminder	13:46
bogeyd6	someone built it with a static control script	13:46
skaag	this is what I get:	13:46
skaag	Maintainer: Ubuntu MOTU Developers <ubuntu-motu@lists.ubuntu.com>	13:46
skaag	Original-Maintainer: Peter Howard <pjh@northern-ridge.com.au>	13:46
skaag	when I do apt-cache show zoneminder	13:47
skaag	at the top	13:47
skaag	you must be seeing this as well?	13:47
skaag	ok rebooting...	13:47
* skaag prays to the universe		13:48
pmatulis	skaag: did the re-install do anything at all?	13:49
skaag	it reinstalled, ran update-initramfs, depmod, etc. all the usuall stuff.	13:49
skaag	and grub-update	13:49
skaag	it looked good, and produced no errors or warnings.	13:49
skaag	so I'm hopeful...	13:49
pmatulis	skaag: yes, sounds good	13:49
skaag	waiting for machine to become available again	13:49
pmatulis	skaag: 32-bit right?	13:50
skaag	yes.	13:50
skaag	old machine...	13:50
skaag	ok still won't boot into the OS	13:53
pmatulis	bogeyd6: check the changelog on packages.ubuntu.com or download the source package	13:53
skaag	I don't know why, can't see the screen	13:53
pmatulis	skaag: could be another problem then, access again and *remove that kernel	13:55
bogeyd6	pmatulis, unfortunately that wont fix the bugs for everyone else. im ironing them out right now	13:55
pmatulis	bogeyd6: your question was how to determine the packager	13:55
bogeyd6	pmatulis, yeah, that didnt change, and i havent asked another question since.	13:56
pmatulis	bogeyd6: so your question is therefore answered	13:57
bogeyd6	<pmatulis> bogeyd6: check the changelog on packages.ubuntu.com or download the source package << assumed the download source package comment was meant to help fix my problem, not the developer	13:58
uvirtbot	New bug: #601895 in bind9 (main) "Sync bind9 1:9.7.1.dfsg-2 (main) from Debian unstable (main)" [Wishlist,Confirmed] https://launchpad.net/bugs/601895	14:01
trapmax	root-account login not working from direct console access.	14:06
pmatulis	ok	14:08
skaag	pmatulis: yah, and just go back to -22 yah?	14:08
skaag	from -23	14:08
pmatulis	skaag: if that's what was working before, yes	14:09
pmatulis	skaag: were any other packages recently updated?	14:09
skaag	nope	14:10
skaag	not that I know of	14:10
Mateo_	Hi everyone !!	14:47
Mateo_	i have a problem with my vhosts ... i have added a conf file in site-available, i've made a a2ensite myconf , but the domain direct me to another directory (fromanother site conf)	14:47
reisi	any ideas on how to pam_unix.so actual log something with the debug option?	14:48
reisi	we have a "small problem" of not getting su or logging as root in login working; it always results as Authentication failure. (as we really rarely need this it might had been broken during 8.04 -> 10.04 upgrade)	14:49
Mateo_	reisi: i don't think you can use su with the last version of ubuntu	14:50
Mateo_	i don't know if i'm right but you have to use sudo	14:50
reisi	Mateo_: at least the documentation only specifies that only disabling action is not to set the passwd, and we have set the password	14:51
reisi	sudo is not an option as we have to refactor the system file structure	14:51
Mateo_	ok	14:51
bogeyd6	you can use su	14:53
bogeyd6	you just simple "sudo su" and it will su the root user	14:54
bogeyd6	however	14:54
bogeyd6	!noroot reisi	14:54
reisi	bogeyd6: but the user will still be logged as we transfer his/her home dir	14:54
bogeyd6	!noroot \| reisi	14:54
ubottu	reisi: We do not support having a root password set. See !root and !wfm for more information.	14:54
reisi	!wfm'	14:54
reisi	!wfm	14:54
ubottu	Common Sense: Just because you can, does not mean you should (and especially recommend to others). Think before you do. "Works for me" does not mean it is ok. The latest version of everything is not always useful if you aim for stability. Please see http://geekosophical.net/random/worksforme/	14:54
reisi	!root	14:54
ubottu	Do not try to guess the root password, that is impossible. Instead, realise the truth... there is no root password. Then you will see that it is 'sudo' that grants you access and not the root password. Look at https://help.ubuntu.com/community/RootSudo	14:54
bogeyd6	reisi, you just "sudo su" and type in your password	14:55
reisi	bogeyd6: wont it be a problem that i'm going to mount my home dir from another disk while running the root shell?	14:56
bogeyd6	only in that all the files you create are owned by root	14:56
bogeyd6	you can chown -R user /home/folder	14:56
reisi	hmm i'm not sure you are getting my point; we are going to MOVE /home from the current filesystem of / (root) to a new LV and mount the new LV as the /home	14:57
bogeyd6	i think you are right	14:57
bogeyd6	cuz to me i thought "i wanna copy everything from one directory to another"	14:58
Mateo_	rhaaaa i really don't understand why it keep on direccting me to another directory ...	14:58
reisi	not to cause any problems with, well anything i'm not aware i'd like to login as root (whose home is at /root, not under /home which we are moving)	14:59
bogeyd6	reisi, see and i would say you just copy /home/ and not worry about using the ~	14:59
bogeyd6	ala cp -R /home/ to /some/device/	15:00
bogeyd6	then mount /some/device /home	15:01
reisi	never do that with -R; always use -a; otherwise you'll lose all timestamps, owners, groups and rights	15:01
bogeyd6	right right, sorry	15:01
reisi	strange, now that i changed "auth required pam_unix.so debug use_first_pass" to "auth requisite ..." with a pam_deny.so as the last entry it works	15:02
p1l0t	Why does changing /etc/network/interfaces have no effect on my network settings? I do not have NM installed	15:04
p1l0t	Lucid 10.04 LTS server	15:04
pmatulis	p1l0t: restart networking?	15:05
p1l0t	It says failed to bring up eth0	15:06
RoyK	p1l0t: pastebin it	15:06
RoyK	!pastebin	15:07
ubottu	For posting multi-line texts into the channel, please use http://paste.ubuntu.com \| To post !screenshots use http://tinyurl.com/imagebin \| !pastebinit to paste directly from command line \| Make sure you give us the URL for your paste - see also the channel topic.	15:07
p1l0t	Wish I could, but the server is not online	15:07
giovani	serial console / ipmi	15:07
RoyK	what is the exact error message?	15:07
RoyK	giovani++	15:07
p1l0t	Failed to bring up eth0	15:07
RoyK	are you logged in?	15:08
RoyK	if so, type 'ifconfig -a' to see what it says	15:08
p1l0t	It shows eth0 being up with settings that are different from /etc/network/interfaces	15:09
p1l0t	this is whats strange it seems editing interfaces has no effect	15:09
giovani	p1l0t: ok, so, set the interface manually for now	15:09
giovani	to get the machine online	15:09
giovani	then we'll troubleshoot further	15:09
pmatulis	p1l0t: using the old init script should work	15:09
giovani	'sudo ifconfig eth0 1.1.1.1 netmask 255.255.255.0'	15:09
giovani	'sudo route add default gw 2.2.2.2'	15:10
giovani	replace 1.1.1.1 with your server's IP, 2.2.2.2 with the router/gateway, and change the netmask if required	15:10
p1l0t	I have done that and now I can see my web page online, lol - but I can't access the internet from it...	15:12
p1l0t	ping says network unreachable but yet derek.doesntexist.org:1013 will probably show you a picture of me departing from Block Island	15:12
giovani	I'm betting you can, but you haven't set DNS	15:12
giovani	so you can't resolve anything	15:13
giovani	'sudo nano /etc/resolv.conf' and add your nameservers if you want -- but we'll get this fixed anyway -- it's just temporary	15:13
p1l0t	resolv.conf seems to be set properly	15:14
giovani	and no -- your server isn't available to the internet	15:14
p1l0t	Oh maybe I only see it on the local network	15:15
giovani	so if you do a 'ping 8.8.8.8'	15:15
giovani	does that work?	15:15
p1l0t	try http://derek.selfip.net it works for me but maybe because I am on the local network with my netbook	15:16
p1l0t	ping -c 1 8.8.8.8 says network unreachable	15:16
giovani	you added the gateway?	15:16
p1l0t	ummm lol maybe not	15:17
p1l0t	ifconfig doesn't show anyway gateway info	15:17
giovani	I can't help you if you're not following directions	15:17
giovani	10:10 < giovani> 'sudo route add default gw 2.2.2.2'	15:17
p1l0t	ok I can ping google public dns now	15:18
giovani	ok, so now your server is accessible	15:19
giovani	so ssh into it	15:19
giovani	and pastebin /etc/network/interfaces	15:19
p1l0t	ok	15:19
p1l0t	installing openssh-server give me one sec	15:21
p1l0t	http://pastebin.com/W2YXuxRZ	15:23
=== kaushal_ is now known as kaushal
giovani	p1l0t: invalid syntax	15:25
giovani	who gave you this format?	15:25
kaushal	hi again	15:26
p1l0t	where did my syntax go wrong?	15:26
giovani	hwaddress	15:26
giovani	requires "ether" after it	15:26
p1l0t	hwaddr?	15:26
p1l0t	oh	15:26
giovani	but it's unecessary if you only have one interface	15:27
giovani	it's only used to differentiate multiple nics	15:27
p1l0t	I do have two physical cards	15:27
giovani	so the line should read "hwaddress ether 00:0e:e8:e3:a9:fe"	15:27
giovani	ok	15:27
p1l0t	ok	15:27
p1l0t	perfect	15:29
p1l0t	giovani = you are WIN	15:29
p1l0t	Thank You	15:29
RoyK	p1l0t: why do you want to override the mac address?	15:42
p1l0t	I just wanted to make sure it doesn't read the wrong network card	15:44
RoyK	p1l0t: overriding the mac address won't help you there	15:46
RoyK	see /etc/udev/rules.d/70-persistent-net.rules for the device mappings	15:47
p1l0t	:) oh thanks wilco	15:47
RoyK	basically, you never want to override the mac address unless you're doing something special	15:50
RoyK	setting the mac address in /etc/network/interfaces, will only override the mac address of the given interface defined in udev	15:50
p1l0t	I'm not doing anything that special just yet ;)	15:52
RoyK	overriding the mac address is nice if you want to spoof a switch into hub mode :)	15:54
RoyK	but then, you rarely want to do that	15:54
p1l0t	Right now I am failing at trying to use my server as a proxy. (Most FBO's at local airports have free wifi but filter anything worth looking at.) I tried ssh -C -D 9999 me@mydomain but then when I set firefox to 127.0.0.1:9999 it says its refusing the connection	15:57
p1l0t	oh maybe my router needs the port forwarded...	16:01
p1l0t	nopes	16:03
p1l0t	must be something I need to allow from the server side...	16:15
RoyK	p1l0t: try -L	16:21
RoyK	p1l0t: no, your router won't need anything	16:21
RoyK	ssh -C -L 9999:localhost:9999 you@yourbox	16:22
RoyK	or	16:22
RoyK	ssh -C -f -n -N -L 9999:localhost:9999 you@yourbox	16:23
RoyK	that implies taht yourbox listens to port 9999	16:23
p1l0t	Makes more sense let me try that	16:24
Daviey	hmm	16:25
Daviey	p1l0t, Sounds like what you really want is a socks proxy.. ssh -D9999 user@domain.com	16:26
Daviey	p1l0t, then you can set the proxy type as socks in firefox, as "localhost" and port 9999	16:26
p1l0t	oh no space after -D	16:28
p1l0t	Thats odd, now it stopped saying conection refused but all I get is a blank white page no matter what address I type in	16:31
p1l0t	I am connected via SSH	16:31
RoyK	I don't think spaces will matter	16:35
p1l0t	No its not the spaces, but now it stopped saying connection refused but I just get a blank white page no matter what address I put in	16:36
p1l0t	and firefox says done at the bottom too	16:37
RoyK	is it squid running on that server or what is it?	16:37
p1l0t	I don't even know what squid is	16:37
RoyK	oh :)	16:38
RoyK	what sort of proxy is it?	16:38
p1l0t	ssh	16:38
RoyK	erm - what do you proxy on the server?	16:40
p1l0t	I'm trying to access the internet with firefox on my netbook via a ssh connection to my home server	16:41
p1l0t	or I should say surf web pages via my home server	16:42
RoyK	and what software are you using on your home server to do the proxying?	16:42
p1l0t	I was trying to use ssh as a SOCKS proxy	16:42
p1l0t	openssh-server	16:42
RoyK	it's easier with squid	16:42
RoyK	apt-get install squid	16:42
RoyK	on the home server	16:42
Daviey	p1l0t, Hmm.. Are dns lookups working for you?	16:42
RoyK	ssh -C -f -n -N -L 9999:localhost:3128 you@yourbox	16:43
Daviey	RoyK, Please don't confused the matter atm.. i really don't think he needs squid for this.	16:43
RoyK	ok	16:43
=== cemc1 is now known as cemc
RoyK	Daviey: are you p1l0t ?	16:43
Daviey	RoyK, huh?	16:44
RoyK	Daviey: does he have a socks proxy on that host?	16:44
Daviey	RoyK, Sorry.. you are confusing? I'm not sure what you mean	16:45
RoyK	Daviey: p1l0t asked about using an ssh tunnel to another box for proxying - afaik you need a proxy server on the destination box to do this	16:46
Daviey	RoyK, no.. this is one of the magical freebies you get with sshd	16:46
Daviey	RoyK, ssh on it's own can act as a socks5 proxy	16:47
* RoyK checks		16:47
RoyK	tried with firefox, and no data	16:53
RoyK	just empty page	16:53
RoyK	Daviey: the ssh docs are clear, that yes, it should work as a socks proxy, but it doesn't work	16:56
Daviey	RoyK: I use it daily.. with a default install of ubuntu server, it does.	17:01
RoyK	I tried with firefox, and it didn't work too well	17:02
p1l0t	I lost my wireless for a bit	17:02
p1l0t	Today is full of fail for me	17:03
RoyK	p1l0t: try with -D - if it works, use it, if not, install squid and use -L	17:03
Daviey	RoyK: Okay, i've just tried it on a fresh install of ubuntu desktop with firefox, and a lucid and maverick server.. it works.	17:03
Daviey	RoyK: If it's not working, then someone has changed a setting on the server, or you are doing it wrong.	17:04
RoyK	Daviey: the server is unchanged - basic ssh install - my current client is OS X with openssh5.2p1	17:04
RoyK	server is lucid	17:04
p1l0t	-D stops it from saying connection refused but any web page loads up as blank and says done - I will have to try squid	17:05
Gorlist	I found out how my server was comperised, it was via the tmp directorys. Ive done a reinstall and they've just dumped aload of files back in their, however tmp is set to nonexcute etc	17:05
Daviey	RoyK: i recently used it in safari on osx.. that worked	17:05
Daviey	p1l0t: what did you put as proxy settings?	17:05
Gorlist	how could I back track to find whos doing this, and block their ips - and on top of that make sure that these scripts arin't being run?	17:05
p1l0t	Daviey: 127.0.0.1:9999	17:06
Daviey	Gorlist: Finding out who is doing it, is not a good way.. you really need to find out how they are getting in.. Is it a webserver?	17:06
Gorlist	yes	17:07
Gorlist	fresh install this morning	17:07
Gorlist	and somehow their accessing the tmp /var/tmp and possible dev/shm (which ive yet to secure	17:07
Daviey	Gorlist: check your auth.log to see if it is ssh	17:08
Gorlist	rgr	17:08
Daviey	p1l0t, What boxes in the firefox proxy settings are you putthing them in?	17:11
p1l0t	all of them	17:11
RoyK	Daviey: worked with safari, and firefox too, after some fiddling	17:11
Daviey	p1l0t, erm.. not quite what you want	17:12
Daviey	p1l0t, Only fill the SOCKS box	17:12
p1l0t	ok I checked the use this for all box I'll fix that	17:12
p1l0t	Daviey: WIN	17:13
p1l0t	Thank you	17:13
Daviey	p1l0t, super!	17:15
Daviey	p1l0t, Keep in mind that you'll be doing DNS lookups locally, rather than over the proxy	17:15
Gorlist	nothing in the auth.log apart from someone hammering the ftp	17:15
Gorlist	better check my fail2ban qucikly	17:16
Daviey	p1l0t, firefox can be configured to do DNS lookups over the SOCKS5 proxy, if that is what you want.	17:16
Daviey	Gorlist, last <-- will give you a list the last few shell logins.. should be an indicator.	17:17
=== IdleOne is now known as NickSpam
Daviey	Gorlist, What services are you running.. I now know you are running an ftp service.	17:17
Gorlist	plesk, so that includes apache, mysql, qmail etc	17:18
Daviey	Gorlist, Hmm.. i assume that is plesk shipped binaries of services, not ones from the ubuntu repo?	17:19
Gorlist	test ftpd5148 79.172.195.193 Mon Jul 5 10:14 - 10:14 (00:00)	17:19
Gorlist	yes,	17:19
p1l0t	Daviey: I do want	17:19
Gorlist	right thats in "last"	17:19
Gorlist	that is unknown	17:19
Daviey	Gorlist, In that case.. i can't really help.. firstly you need to make sure the services that are being ran are up to date on security issues	17:19
Daviey	<--- not a fan of plesk	17:20
Gorlist	np, thanks. Well im doing the best I can but I cannot figure out how their doing it....	17:20
Daviey	Gorlist, Hmm.. My first thought is possibly weak ssh password or a php based webservice.	17:21
Daviey	Gorlist, Actually rule out ssh, as i doubt they'd be using /tmp	17:22
* Daviey goes back to thinking http		17:22
Daviey	Gorlist, the files in /tmp, who are they owned by... $ ls -l /tmp	17:22
Daviey	Gorlist, you should see: -rw------- 1 www-data www-data 343 2010-07-05 11:12 somefile... for example	17:23
Gorlist	good idea	17:24
Gorlist	Daviey, -rw-r--r-- 1 www-data www-data 95493 2010-07-02 15:59 scan.txt	17:27
Daviey	Gorlist, Yep.. that confirms it's an attack through one of your webservices	17:27
Daviey	Gorlist, http...	17:27
p1l0t	ok so now firefox wants to know what program I want to use to open a .php file....	17:27
Gorlist	right	17:28
Daviey	p1l0t, use vim.. everyone seems to love that :)	17:28
Daviey	p1l0t, clear your browser cache and restart it.	17:28
Daviey	p1l0t, Is this for every php based site, or one of your own servers?	17:28
Daviey	Gorlist, Are you just running plesk.. or any websites?	17:29
Gorlist	plesk + hosted domains	17:29
Gorlist	compermised domain do you think?	17:29
Gorlist	because just looking through the ftp logs one of the clients had a breached subdomain login after many attempts	17:29
p1l0t	Daviey: sites that I have been using recently haven't tried any others	17:30
Daviey	Gorlist, Almost certainly either a rouge php script, a vulnerability in the scripting (ie, injection) or a generic webservice with a major vulnerbility	17:30
Daviey	Gorlist, If the FTP service has been compromised, it's easy enough for someone to then upload a php file with bad stuff in it - then execute it.	17:31
p1l0t	Daviey: it only does it when I am using SSH as a proxy	17:32
Gorlist	yep	17:32
Daviey	p1l0t, did you clear your cache and restart your browser?	17:32
Gorlist	Daviey, do think the server is already compromised, should I reinstall now?	17:32
Gorlist	then reset all of the ftps and step through it over night	17:33
p1l0t	Daviey: I'lll try it now	17:33
Daviey	Gorlist, TBH.. i never trust a compromised server.. Once someone has got it, you never really know what they've done.. If it was me, it'd reinstall	17:33
Gorlist	okay will do that over night	17:33
Gorlist	bummer	17:33
Daviey	Gorlist, But even so.. something is insecure.. so simply reinstalling and restoring from backup will put the vulnerability back	17:34
Gorlist	well thank you for the help.	17:34
Daviey	Gorlist, no problem.. Sorry it happend :(	17:34
p1l0t	clearing cache didn't help php is definitely fail using ssh as a proxy	17:34
Gorlist	yes I agree, I was going to restore, go through and reset every domain ftp passwordand check the php	17:34
Daviey	p1l0t, Using a proxy and php sites is unrelated.. The php is executed server side and presented to you as html..	17:35
Daviey	p1l0t, Is this doing it on every site?	17:35
p1l0t	Daviey: yesand only while using the proxy	17:35
Daviey	p1l0t, can you visit http://erk.daviey.com/test.php ?	17:36
Daviey	with proxy on	17:36
p1l0t	It wants to know what program I should use to open test.php	17:38
Daviey	p1l0t, Okay.. I'm not convinced your browser settings are correct	17:39
p1l0t	proxy off says test complete	17:40
p1l0t	They should be 127.0.0.1:9999 for only SOCKSthen maybe I had http proxy set to that as well	17:42
Daviey	p1l0t, p1l0t it should look like: http://socks.daviey.com/	17:42
Daviey	where 4000 == the value you put for -D4000	17:42
p1l0t	Yeah I had http proxy set to localhost:9999 as well	17:43
Daviey	you don;t want that :)	17:43
Daviey	p1l0t, Have you made it look like mine?	17:43
p1l0t	Yes and it is working now 100%	17:44
p1l0t	:) Thanks again	17:44
Daviey	p1l0t, can you visit http://erk.daviey.com/test.php WITH the proxy enabled	17:44
Daviey	and without it please	17:44
Daviey	p1l0t, I just want to check something..	17:44
p1l0t	test complete	17:45
p1l0t	test complete off as well	17:46
Daviey	p1l0t, erm... Something isn't right	17:46
p1l0t	what's not right?	17:47
Daviey	p1l0t, Your request came from the same IP address twice... which means it isn't going via the proxy	17:47
p1l0t	:(	17:47
p1l0t	Oh well I am at home right now	17:47
p1l0t	I would probably have to go somewhere else and try it	17:47
Daviey	p1l0t, ah yes.. you are ssh'ing to a server @ home?	17:48
Daviey	and are @ home at the moment?	17:48
p1l0t	yes and yes	17:48
Daviey	p1l0t, Okay, that explains it.. Well it looks like it's all set then!	17:48
p1l0t	but I will be going to the airport around 4ish (EST) I can try it there	17:49
Daviey	p1l0t, Keep in mind this can probably not be used to get "free" internet.. if that is your intention.	17:50
Daviey	(and i'm not purely speaking ethically)	17:50
p1l0t	No, I just prefer to be more secure. (and not be filtered either)	17:51
Daviey	ahh.. ok.. good	17:51
Daviey	p1l0t, Ok, in the address bar put about:config	17:52
Daviey	p1l0t, pressed "ok", in the filter type "socks"	17:52
p1l0t	It says I might void my warranty lol	17:53
Daviey	change the option for "network.proxy.socks_remote_dns" to true	17:53
Daviey	p1l0t, Yeah.. that option means you do your dns lookups over socks when available.	17:53
p1l0t	wilco	17:54
p1l0t	network.proxy.socks_remote_dns = true	17:55
Daviey	yup.	17:56
p1l0t	I can't wait to try it, only three hours to go, lol	17:58
=== NickSpam is now known as IdleOne
zul	Daviey: ping can you have a look at bug #601087	18:27
uvirtbot	Launchpad bug 601087 in eucalyptus "wsdl_generator downloads wrong file for eucalyptus-src-deps.tar.gz" [Undecided,New] https://launchpad.net/bugs/601087	18:27
Mo__	hey guys trying to install samba on ubuntu and then bind it to active directory for a single sign-on. I have been messing around with likewise open source. i was wandering if any of you awesome people had any experience doing the same thing and can point me in the right direction. I am very new at this. Any help would be much appreciated	18:37
drew-buntu	hey all, im having an issue with postfix binding to the wrong port	18:41
drew-buntu	my config is correct	18:41
drew-buntu	but postfix keeps wanting to bind to port 25 and thats the port the spam filter binds to	18:42
drew-buntu	postfix is supposed to be binding to port 25125	18:43
pmatulis	drew-buntu: is this for a private network?	18:43
drew-buntu	public/production server	18:43
drew-buntu	ive had no emails on this box since 3am	18:43
Daviey	zul: i thought i already did an update for it	18:44
Daviey	zul: oh, seems i didn't	18:44
pmatulis	drew-buntu: the spam filter cannot bind to port 25, how would the mail come in?	18:44
drew-buntu	its not	18:44
drew-buntu	thasts the problem	18:44
drew-buntu	postfix keeps wanting to bind to 25, and thats not the port in my cf	18:45
drew-buntu	let me post my master.cf real quick	18:45
drew-buntu	http://pastebin.com/JY4N4Rs6	18:46
drew-buntu	tcp 0 0 0.0.0.0:25 0.0.0.0:* LISTEN 30334/master	18:49
drew-buntu	and as you can clearly see, its binding to the wrong port	18:49
drew-buntu	anyone?	18:51
pmatulis	drew-buntu: where do you get 25125 from?	18:51
drew-buntu	thats an abritary port i have postfix listening on to pass email from the spam filter to postfix	18:52
pmatulis	drew-buntu: i don't see it	18:54
umarmuha	guys i have a mixed environment windows+linux+mac. Trying to look for a single sign on solution so i can bind all my users to linux server or active directory. If anyone has any experience with this please send some helpful links. Thanks	18:56
drew-buntu	umarmuha: likewise	18:57
drew-buntu	macs already work with AD	18:57
umarmuha	drew-buntu: excellent thats exactly the solution i was going to try out but wasnt sure if its legit. Thanks for the info bud	18:58
drew-buntu	sure	18:59
drew-buntu	i dont mean to be impatient	19:38
drew-buntu	but i could use some help with this please	19:38
X-warrior	hello! is it possible to disable some commands to a user? Disable who, ps, top, and others to some specific users?	19:49
drew-buntu	if you chroot them, then they will not have access to most of those until you set up symlinks inside the jail	19:50
giovani	drew-buntu: your question sounds very postfix-specific	19:56
giovani	drew-buntu: I'd suggest #postfix -- but if you pastebin your main.cf I'll take a look for you	19:56
giovani	also pastebin 'postconf'	19:57
=== dendrobates is now known as dendro-afk
Krazyderek	having trouble getting a usb printer working, i've got something shared and installed on a windows client but nothing prints	20:20
Krazyderek	someone want to help me make sure i have it installed right?	20:20
giovani	Krazyderek: printing from a server? or you're trying to set up a print server?	20:22
Krazyderek	@giovani print server, i installed cups, and the printer shows up after i create it in webmin but i'm not sure it's right	20:23
guhcampos	I'm trying to setup apache to authenticate against an active directory domain through Kerberos, but I keep getting an "Unsupported key table format version number" error	20:27
guhcampos	any help would be appreciated =)	20:27
Krazyderek	gtg i'll try back tomorow	21:08
Krazyderek	exit	21:08
=== dendro-afk is now known as dendrobates
Yuein	hi is php, python, and perl installed by default on ubuntu?	21:32
=== dendrobates is now known as dendro-afk
cloakable	no	21:37
cloakable	Yuein: no	21:38
cloakable	well, perl and python is, iirc.	21:38
cloakable	php isn't	21:38
Gorlist	evening, quick question - im trying to secure /dev/shm by setting it to "nosuid,noexec" etc, but it doesn't appear in my fstab like the online guides suggest?	21:38
Gorlist	can I use a loopback file like ive done with tmp and var/tmp	21:38
=== X-warrior is now known as X-warrior`
io	Hi I am getting the message 'No PAM profiles have been selected.'. I just purged a handful of packages that were not being utilized	21:41
mikelifeguard	In my crontab, I have a MAILTO= line so I get emails in my actual inbox. But I have one job that should send email elsewhere. Anyone know how I can do that?	21:50
dolittle	Guten Abend	23:01
dolittle	Does anybody know if dhcp3-server supports secure dynamic updates to an windows dns-server?	23:04
chrismsnz	Hey guys - has anybody had any experience running keepalived/ipvs on a recent version of Ubuntu with UFW?	23:07
chrismsnz	UFW seems to be interfering with the load balancer and I'm just looking for some advice	23:07
spartan07_	hey guys any recommendations on a small business server solution that runs on ubuntu? need something where I can gather all emails from co and have a centralized place for files and info sharing <running server 8.04>	23:16
wurc	spartan07 checkout http://www.turnkeylinux.org/ Zimbra	23:19
spartan07_	wurc, very nice thank you!! exactly what I was looking for	23:35
wurc	Glad it helped	23:38
giovani	wurc: interesting project	23:40

Generated by irclog2html.py 2.7 by Marius Gedminas - find it at mg.pov.lt!