SpamapSwebPragmatist: /etc/ssl/certs ?00:02
webPragmatistSpamapS: okay :)00:02
webPragmatistnext question… is it necessary to keep the csr and key/00:02
webPragmatistafter you have it signed00:02
SpamapSwebPragmatist: the private key, absolutely, the thing won't work without it.00:02
webPragmatistprivate key is the csr or key part?00:02
webPragmatistthe first thing you generate?00:03
webPragmatistwhy does deb call them .pem00:03
webPragmatistor rather symlink to a .crt using .pem00:04
SpamapSthe key is what you generate, and then the CSR is a cryptographically verified request to the CA to sign the public portion.00:04
SpamapSwebPragmatist: thats just old confusing stuff that I've never understood either. ;)00:04
SpamapSwebPragmatist: the important thing is that you make sure you protect that key file00:04
SpamapSwebPragmatist: it must have secure file permissions, and preferrably will be encrypted, requiring you to enter a passphrase to start the webserver.00:05
webPragmatistso you would put the .key (password protected) and .crt (signed) in /etc/ssl/certs00:05
=== dendro-afk is now known as dendrobates
webPragmatistor would you keep the .key somewhere else00:05
giovaniwebPragmatist: it doesn't matter where on the filesystem you keep them, just permission them so that only the apache user can read them00:08
webPragmatisti know this i just don't want to look like an ass an put them in /home/poop00:09
giovaniif you knew it, then you'd know it doesn't matter where you put them00:10
webPragmatistgiovani: … i'm just trying to put it somewhere logical that someone else might be able to find it00:10
webPragmatistjust like /etc/ssl/cert makes sense… but where to put the key may not00:10
giovanisomeone else who's smart would look at the webserver configs00:11
giovanias there's no universal storage location00:11
giovanibut /etc/ssl is as good a place as any for all of the ssl components00:11
webPragmatistoh doi00:12
webPragmatisttheres a private dir00:12
webPragmatistalthough there might not be a universal storage location… there's some pretty damn logical places to put things for most things00:12
giovaniand /etc/ssl has been suggested and discussed over and over00:13
giovaniso I don't know why we're still talking about it00:13
laustgraber: I am trying to create an lxc lucid i386 image like http://www.stgraber.org/download/lxc-ubuntu-8.04-amd64.tar.gz00:32
lauI tried to find some info in the UDS logs but was not able to find any :s00:33
lauwould you please point me the process you use to build such .tgz file ?00:33
laudid you use debootstraping ? which particular switches ?00:34
=== unreal_ is now known as unreal
b0gatyrWhen you feed a file containing a hash to john the ripper you must also have a username with it correct?02:27
clustyi am trying to host my own dns for a domain and godaddy is telling me my server is not "registered"02:28
clustyany clue what that could mean?02:28
Italian_Plumber1I'm looking for a guilde for optimizing ubuntu server ... I run a very simple setup and I want to see if there are unneeded services/processes etc. that I can turn off that might improve performance.  The main functions of my server are vmware, bind, and rtorrent.02:53
Italian_Plumber1I am the only user.02:53
=== unreal_ is now known as unreal
qman__Italian_Plumber1, there is really no need to do such a thing, since ubuntu server is bare by default02:59
qman__you might want to apply some kernel tweaks to better suit a specific application, but aside from the basic services like syslog, there's nothing else running02:59
Italian_Plumber1well it's vmware that I'd really like to tweak for, I guess.  I just feel that my virtual machines could be faster...03:00
Italian_Plumber1and other vmware functions, like suspending and unsuspending a machine, should be faster.03:00
qman__that's mostly tied to disk performance03:00
qman__unless your CPU is anemic03:01
Italian_Plumber1well, is there a way to improve disk performance?03:01
qman__get faster disks03:01
qman__or change filesystems, if you're using a particularly slow one03:01
qman__well, ext3 is a particularly slow one, on a relative scale03:02
qman__it forgoes modern performance tweaks for simplicity and reliability03:02
Italian_Plumber1ok well have to go.  bedtime.  thanks for the pointers03:02
Roxyhart0hi there i am getting this error: init: network-interface (eth0) pre-start process (535) terminated with status 103:11
Roxyhart0somebody know why this error, i cant even start the server, it start when i add a network card03:11
webPragmatistshould i use ssl-cert-snakeoil.key for anything?03:16
webPragmatistor should i always gen my own key file when creating a ssl cert03:17
Roxyhart0why when i add a new network card i got the error  init: network-interface (ethX) pre-start process (535) terminated with status 1 ?03:19
twbHum.  Apparently I don't have such a file.03:23
twbNor is "snakeoil" in any path in Debian Sid, which is puzzling, because I've seen it before.03:24
qman__the snakeoil file is a key you should never use in the real world03:24
qman__it is known by everyone and therefore renders your encryption vulnerable03:24
qman__it's there and packages use it to 'just work' without throwing errors03:25
qman__but you should always replace it03:25
qman__I just soft linked that filename to my real key, to avoid changing all the config files03:25
=== deslector is now known as scarper
CaptainTrekwhats the command to locate where something was installed?07:56
CaptainTrekin terminal07:57
lifelesswhat do you mean by 'where something was installed' ?07:57
CaptainTreklifeless:  to locate where a package installed the core program files to.07:57
lifelessdpkg -L packagename will tell you all the files a package contains07:58
CaptainTrekgot it thanks07:59
uvirtbotNew bug: #603466 in nagios3 (main) "Please merge nagios3 3.2.1-2(main) from debian unstable(main)" [Undecided,Confirmed] https://launchpad.net/bugs/60346608:11
xamparti'm sharing a directory, which contains user/Maildir -directories. they show up properly on remote host, but everything under user/Maildir is not showing. any resolutions?08:38
xampartwith nfs08:38
binBASHGrüezi Aison08:43
xoenhi all, I'm going crazy with a problem about .ICEauthorithy09:52
xoensorry, .ICEauthority09:52
Jordan_Uxoen: Have you been using sudo with graphical applications?09:57
xoenJordan_U: don't know the account where there is the problem are not mine10:00
xoenThe machine where there is the problem has different users10:00
xoenI've set up a xrdp server and some user can access some not10:00
Jordan_U!gksudo | xoen10:01
ubottuxoen: If you need to run graphical applications as root, use « gksudo », as it will set up the environment more appropriately. Never just use "sudo"! (See http://psychocats.net/ubuntu/graphicalsudo to know why)10:01
xoenI've noticed the users can access has the .ICEauthority file, the other not10:01
xoenubottu: I know gksudo10:01
ubottuError: I am only a bot, please don't think I'm intelligent :)10:01
xoenJordan_U: I know gksudo10:01
Jordan_Uxoen: It's likely that which ever user is having this problem has been using sudo with GUI applications, educate your users or don't allow them to use sudo.10:02
xoenJornan_U: Have to be fair, the problem is not on an ubuntu server but on an RHEL server, but it should be distribution indipendent...10:02
Jordan_Uxoen: You can fix the problem by chowning .ICEauthority back to them instead of root, but the problem will come back if they keep using sudo with GUI apps.10:02
xoenJordan_U: I think it's a problem of permissions...but not so trivial10:03
xoenI mean, from root I can't run #chown -R username:username /home/username10:04
alex88hi guys..i've ubuntu server 10.04, is possible to install a light desktop manager and connect via vnc or something else?10:05
xoenJornan_U: maybe I've found a solution for my problem, the .ICEauthority file is created the first time the user login by the X server, so I will try to log in every user phisically and see if this fix the problem. BTW thank you very much ;)10:09
Jordan_Uxoen: Please don't ask RHEL questions in #ubuntu-server again, it can often waste people's time when instructions that should work for Ubuntu fail to work for you (one person in #ubuntu wasted 2 hours with 3 people helping him because he was using backtrack but wouldn't admit it).10:11
xoenJordan_U: but I've just asked information about ~/.ICEauthority, a file present in every distribution10:12
alex88Jordan_U: hhahaha.. :)10:12
Jordan_Uxoen: If you feel that Ubuntu has better community support that is a reason to use Ubuntu, not a reason to ask RHEL questions in Ubuntu channels.10:12
xoenJordan_U: is not Ubuntu GNU/Linux too?10:13
Jordan_Uxoen: You can't easily know that a question is not distribution specific unless you understand the problem. If you had understood the problem you wouldn't have needed to ask the question in the first place :)10:13
xoenJordan_U: But I've not asked about the .ICEauthority because it can't be created easily and I didn't found nothing in internet, BTW I'm sorry if my question created some problem to someone, I'm sorry10:15
xoen*I've just asked...10:15
alex88and also this is not #GNU/linux so if you have that problem not on ubuntu we are not here to help you10:15
Jordan_U!mint | xoen10:16
ubottuxoen: There are some Ubuntu derivatives that we cannot provide support for due to repository and software changes. Please consult their websites for more information. Examples: gNewSense (support in #gnewsense), Linux Mint (see !mintsupport), LinuxMCE (support in #linuxmce), CrunchBang (support in #crunchbang), BackTrack (support in #backtrack-linux)10:16
alex88btw i think there is no problem10:16
Jordan_Uxoen: And that message is only related to Ubuntu based distros, you can see that RHEL is a much more different beast :)10:17
Jordan_Uxoen: #linux is often good for general linux support.10:18
xoenOK, sorry if I disturbed here10:18
alex88so..no help about my ubuntu question? :P10:19
christopher22hello I aksed this question on the Python channel.. but they redirected me to this channed..10:25
christopher22i'm having some problems with the locale settings of Python10:25
christopher22I keep getting: unsupported locale setting10:25
christopher22so I was wondering how I could see which locales are supported by my Ubuntu server10:26
alex88christopher22: try sudo dpkg-reconfigure locales10:27
=== [1]Kaffien is now known as Kaffien
gdowleHi, I cannot use my Metakeys, which are defined in /etc/inputrc, under X. On a console everything works fine. On a SLES machine with the same /etc/inputrc, the Metakeys are also working under X.11:15
amageehey i'm following https://help.ubuntu.com/community/EC2StartersGuide to try and get ubuntu 10.04 setup on ec211:24
amageei'm up to step 2 in "Installing the API tools", where it says to use the path $HOME/<where your private key is>/pk-XXXXXXXXXXXXXXXXXXXXXXXXXXXX.pem in .bashrc11:24
amageebut i don't know what this file is supposed to be.  is it the same .pem file i created and used to connect to the server?11:25
alex88amagee: just try11:31
amageeah.. is that the x.509 certificate?11:32
amageeok it's starting to make a bit more sense11:32
amageei think the problem is that the instructions to get the x.509 are wrong, so i thought that the key that i generated with "key pairs" was what they were talking about in the later step11:38
amageeanother question:  i've just tried to install xfs by "sudo apt-get install xfs", which seemed to be successful, but i then type "sudo modprobe xfs" it says "FATAL: Module xfs not found."11:52
sorenamagee: Two problems:12:17
sorenamagee: xfs is the X font server. It's got nothing to do with the XFS filesystem.12:17
sorenamagee: You want xfsprogs12:17
amageesorry, yeah, that's what i meant.  i installed that.12:18
sorenamagee: and, the module is in the kernel package, not the xfsprogs package.12:18
sorenamagee: So availability of the xfs kernel module depends on the kernel package installed.12:18
sorenamagee: which kernel are you using?12:18
amageei'm not sure.. how do i find out?12:18
sorenuname -r"12:19
sorengives a hint.12:19
sorenWithout the ".12:19
sorenDon't know about those.12:19
amageewhat would you suggest i do?12:20
sorenWait for someone who cares about EC2 :)12:26
amageei might just use ext4 for the time being12:26
=== wildcard|ger is now known as wildcard|ger-
a_okcan someone please for the love of ubuntu tell me WHERE I can configure this: https://help.ubuntu.com/community/DisklessUbuntuHowto#Static IP13:14
a_okI have seen this notation in about 7 different locations but never ever is mentioned where you are supposed to put it13:15
benedikt_Where does KVM/libvirt like to store the virtual disks?13:15
benedikt_I'm wondering how to map the filesystems over different disks13:15
pmatulisbenedikt_: /var/lib/libvirt/images13:15
a_okbenedikt_: you can specify the location of your image any time13:16
benedikt_is "virtualization" in tasksel kvm and libvirt?13:16
benedikt_a_ok: i know, i just like to keep default settings, otherwise it always end up in a big mess13:16
pmatulisbenedikt_: yes13:16
a_okbenedikt_: we are using luns on a San so not much of a choise or a mess here13:17
Picia_ok: It looks like you can specify those options as kernel parameters. See #2 here: http://fscked.org/writings/clusters/nfsroot.txt13:22
pmatulisa_ok: also, bug #175324 is marked as fixed13:24
uvirtbotLaunchpad bug 175324 in klibc "Klibc: ipconfig fails on network with DHCP relays" [Medium,Fix released] https://launchpad.net/bugs/17532413:24
=== dendrobates is now known as dendro-afk
a_okPici: thanks that actually makes sence. now I only need to know how to configure it with grub213:24
a_okpmatulis: Actually I am booting from iSCSI. That is something that seems to be untested (had to modify the initrd init script so the drivers where loaded). Besides I am using a seperate network to the San that has no dhcp13:26
a_okDo i need to add the parameter to the linux line or start a new line starting with ip?13:27
pmatulisa_ok: the kernel line13:27
a_okpmatulis: thanks13:28
pascalouhi here, anyone around using  clonezilla or some similar tool?13:46
guntbert!anyone | pascalou13:48
ubottupascalou: A large amount of the first questions asked in this channel start with "Does anyone/anybody..."  Why not ask your next question (the real one) and find out?13:48
pascalouwell, i d like to know if i can make/edit a dvd/usb stick of typically clonezilla which would allways get me a french menu with french keyboard, mounting always the same samba share and giving 2 options with the images there,  clone from a chosen images from repository , make a ghost and upload it to the repository13:50
=== dendro-afk is now known as dendrobates
zulif something is running from inetd say like a dovecot server it should show up when you do a netstat -atuvpn?14:03
Brumlezul: only inetd would show up there listening on the ports configured for dovecot. Be it imap or pop ports14:05
alvinIs there an smb.conf option to give certain hosts read-only access? (like 'hosts deny', but with read access)14:25
=== lau is now known as Guest42590
Daffy_Has anyone got any experience with tinyproxy?14:58
zuljcastro: ping15:03
zuljcastro: have you seen this for daily builds? http://launchpadlibrarian.net/51625554/buildlog.txt.gz15:05
=== dendrobates is now known as dendro-afk
jcastrothe aptitude thing15:06
jcastroyeah, iirc I saw someone with a branch working on it? maybe lamont?15:06
=== dendro-afk is now known as dendrobates
=== permalac is now known as permalac_
=== dendrobates is now known as dendro-afk
katsaanyone encountered a "Could not open the requested SVN filesystem" error with subversion before?15:32
katsanvm, found the problem15:35
=== Guest42590 is now known as lau
=== dendro-afk is now known as dendrobates
hallynkirkland: gr, lh clean --binary && lh build  is rebuilding my chroot.  FAQ said it would leave my chroot!16:35
kirklandhallyn: grr, yeah, i just start clean every time16:37
kirklandhallyn: it only takes me 8 minutes to build from scratch here16:37
hallynkirkland: yes but i hand-built an initrd.img that i wanted tostick in there16:40
kirklandhallyn: ah16:49
kirklandhallyn: talk to Cody, if you hit lh troubles16:49
kirklandhallyn: he knows it well16:49
kirklandhallyn: maybe find him in #ubuntu-devel or somewhere16:49
kirklandhallyn: sorry, cody-somerville on IRC16:50
kirklandSpamapS: live-helper16:50
SpamapSkirkland: did you use that to build the USB key image?16:51
webPragmatistif my rsync is stuck at sending incremental file list how can i troubleshoot this16:51
SpamapSwebPragmatist: did you give it '--progress' or '-P' ? that usually shows how fast its going/how long it has to go16:54
webPragmatisti'm try running it too16:54
SpamapSwebPragmatist: ahh is it a giant list of files?16:55
webPragmatistya probably16:55
webPragmatistcan i get disk usage like iftop16:55
SpamapSiostat works for that16:55
webPragmatistrather disk write/reads16:55
SpamapSoh per process? not sure, maybe 'atop' but that one requires kernel patches I think.16:56
webPragmatistiostat doesn't exist/16:56
SpamapSwebPragmatist: vmstat 5 516:57
webPragmatistuh hrm16:57
webPragmatistatop no clue how to read this16:57
SpamapSwebPragmatist: RDDSK/WRDSK16:58
SpamapSthats the stats on IO for that process16:58
webPragmatistthis vmstat stuff i guess bi and bo16:58
webPragmatistare the important16:58
SpamapSwebPragmatist: yeah. "in" can also be interesting, interrupts.16:59
webPragmatistwell it's like nothing like 20016:59
webPragmatistmy guess is its not really creating this list16:59
webPragmatistits just stuck17:00
SpamapSwebPragmatist: probably waiting for the other side17:00
SpamapSwebPragmatist: you can try running it with 'strace rsynx blah blah'17:00
SpamapSwebPragmatist: but that may overwhelm you with information. ;)17:00
webPragmatistbetter than nothing17:01
webPragmatistits stuck trying to "select()" a dir17:02
SpamapSwebPragmatist: no, select() doesn't really work on dirs AFAIK17:04
SpamapSwebPragmatist: select() would be on a socket/file waiting for activity17:04
SpamapSwebPragmatist: probably the remote connection17:05
webPragmatistwell what it says is select(6, [5], [], NULL, {60, 0}) = 0 (Timeout)17:05
webPragmatist6 i guess is the dir name17:05
SpamapSwebPragmatist: 'man select'17:06
SpamapSwebPragmatist: 6 is the number of files to "select"17:06
SpamapSwebPragmatist: [5] is the array of file descriptors .. so just 517:06
webPragmatistoh i thought it was just a function in rsync17:06
SpamapSwebPragmatist: you'd need to see where open() or socket() returned = 517:06
SpamapSwebPragmatist: no, strace only shows syscalls17:06
webPragmatisti see17:06
SpamapSwebPragmatist: its one of those things that I've decided *I CANT LIVE WITHOUT* ;)17:07
webPragmatistso whats your guess on whats happening?17:07
webPragmatistlocal io error or remote?17:07
=== dendrobates is now known as dendro-afk
SpamapSwebPragmatist: I'd check the remote box out in the same way you're checking the local one17:18
webPragmatistwould you just run the rsync in revers?17:21
SpamapSwebPragmatist: no17:22
SpamapSwebPragmatist: go to the other box, and run things like 'top' and 'vmstat' and see what that box is doing17:22
webPragmatisteventually i got something like write failed broken pipe blah blah one sec i'll psatie17:25
webPragmatistSpamapS: poo eventually i got http://pastie.org/103767217:26
webPragmatistafter a bunch ot timeouts17:27
SpamapSwebPragmatist: what version of rsync is this?17:30
SpamapSwebPragmatist: ok.. hm.. maybe try a smaller directory tree?17:31
SpamapSwebPragmatist: did you run with '-v' ?17:41
cybrocopHello. On UEC, what is the relationship between   eucalyptus.conf and eucalyptus.local.conf? For instance, if I want to change the VNET_SUBNET variable, which file do I edit.18:54
cybrocopsmoser: Any idea on this? I change the variable in both files across my CC and all my nodes, then whenever I try to launch an instance, I get this error: "Not enough resources available: addresses (try --addressing private)"18:58
smoserwell, a couple things.18:58
smoseri think the files say which one to update18:58
smoserthey say to edit /etc/eucalyptus/eucalyptus.conf18:59
smoserhand as far as VNET_SUBNET i would think you need to set that on the CC.19:00
smoserthen, as suggested in eucalyptus.conf file, do 'sudo restart eucalyptus-cc CLEAN=1'19:00
cybrocopInitially, I only modified eucalyptus.conf, but when I restart the service, the changes aren't sync'd to eucalyptus.local.conf  and I get the errror above.19:00
cybrocopsmoser: I have restarted eucalyptus-cc with CLEAN=1 option.19:01
smoserthey're not synced to .local.conf.19:01
smoserthey wont be.19:01
smoserand make sure you dont have it in both places.19:01
smoseras that is undeinfed behavior i think.19:01
smoserbut i would think this would take...19:01
smoseri aplogize for not knowing more. maybe kirkland` does19:02
cybrocopsmoser: the VNET_SUBNET was already present in local.conf19:02
cybrocoponly it was the wrong setting: VNET_SUBNET=""19:02
cybrocopin my eucalyptus.conf, I changed  this to be VNET_SUBNET="" and did a "restart eucalyptus-cc CLEAN=1"19:02
cybrocopnow, I had 2 files, each with a different VNET_SUBNET setting. I changed eucalyptus.conf's VNET_SUBNET to "" (initially it was null).. restarted cleanly again, and I'm still having problems launching instances.19:04
smosercybrocop, i'm sorry, i can't be much more help there. I can't say that i've played with that all that much.  you might try in #eucalyptus.19:06
cybrocopsmoser: thanks. I'm coming here from #eucalyptus, they can't help me because the problem seems to be the discrepancy between eucalyptus.conf and eucalyptus.local.conf (which is a Ubuntu addition)19:07
smoserwell, make sure it only occurs in one of them19:08
smoserand that its right19:08
smoserand restart.19:08
smoserthen, i am not certain how that setting propogates to nodes19:08
smoseror if it needs to19:09
cybrocopsmoser: all the settings in my local.conf already have been set in the original.19:09
cybrocopsmoser: can I just delete all the settings in local.conf i.e. make it an empty file.19:09
kaushalas per the link http://webapps.ubuntu.com/certification/list/?release=8.04%20LTS&category=Server19:20
kaushalwhat does Ready mean ?19:20
kaushaland how is it different from certified19:21
jpdskaushal: It was certified by the manufacturer, not by Canonical.19:23
kaushalso certified means by canonical ?19:26
kaushalReady means by manufacturer ?19:26
smosercybrocop, i'm really sorry i couldn't help you.19:26
cybrocopsmoser: np, thanks for trying.19:27
smoseractually.. i'd at least try restart eucalyptus CLEAN=119:27
smoser(not eucalyptus-cc, but eucalyptus)19:27
jpdskaushal: Yes.19:28
kaushaljpds, so i should emphasize on certified and not on ready ?19:28
jpdskaushal: Either one, depends who you want support from.19:29
kaushaloh ok19:30
kaushaljpds, Thanks19:30
maekanyone good at pxe? I have /var/lib/tftpboot and when I copy the contents of the netboot.tgz it works with symlinks and stuff in sub dirs for the kernel, but when I move the default config or the location of the kernel subdirs no longer work20:09
smosermaek, tftp often runs chrooted20:11
smoserwhich changes paths and such20:11
prodcutnewsi had problem with gnome-terminal, its getting close immediately  , what might be the reason, ALT+F2 followed with xterm command is working ? whatz wrong with gnome-termianl ?20:12
maeksmoser: im using relative paths from my tftp entry point of /var/lib/tftpboot - just very confusing. when I use the stock ubuntu files it works fine with symlinks and kernels in sub dirs. once I move things and reconfig sub dirs dont work. thanks ill look more20:13
prodcutnewsi did mount command on xterm, i couldnot understand anything there, i have problem gnome-terminal, yesterday laptop shutdown twice, with cpu sounded heavily when i visited site  www.lazydesis.com, now im reading about the topic "instrusion into linux", once i was windows freak later came into linux, but now i feel "AM i SafE"20:18
osmosisim getting serious disk write lag in guests on kvm ubuntu 10.04. And Im using virtio.  Easy to duplicate, i just rync a large folder locally, and it brings the server to a temporary halt...eventually recovers.20:32
osmosisI see one of the cpu cores in the guest get stuck at 100% use for a while when this happens.20:33
EtienneGhey guys20:36
EtienneGin eucalyptus, are we still using vtun for inter-cluster communication?  are there another option?  hggdh, kirkland ?20:36
lifelessEtienneG: inter or intra?20:40
EtienneGlifeless, inter20:41
EtienneGlifeless, as in, you have two cluster20:41
lifelessah, I haven't played with that yes.20:41
EtienneGlifeless, indeed.  eucalyptus built it using vtun20:41
EtienneGvtun is in universe, because it is insecure20:42
EtienneGdoes anyone knows where to declare static routes (other than the default one, that is)?  Google says I have to drop a script in /etc/network/if-up.d/, but there *has* to be a better way21:04
giovaniEtienneG: "better" how?21:05
EtienneGgiovani, huh?21:05
EtienneGgiovani, better than writing a script from scratchm duh.21:05
giovaniEtienneG: I don't know why you think that's a bad solution, so I'm unclear on how we can offer you a better solution21:06
giovanioh, well that's how you do it21:06
EtienneGtoo bad21:06
giovanithat's how linux works, it's a bunch of scripts21:06
EtienneGgiovani, just FYI, Red Hat has a config file where you declare static route.  That's what I would call "better".21:06
giovanibut the "script" you'd be writing is a single, very simple line per route21:07
giovaniit's no effort at all21:07
EtienneGgiovani, indeed.  It'd still a hack.21:07
giovania hack? no -- all redhat is doing is running a script that reads that file and executes the same commands21:07
giovaniit's just partially hidden21:07
giovaniso in debian based oses21:08
giovanithere's a file called interfaces which prevents you from having to write your "own script" -- but really, it's the same amount of work21:08
giovaniman interfaces if you'd like to do it that way21:08
sorenEtienneG: Just put it in /etc/network/interfaces.21:08
EtienneGsoren, as a pre-up directive?21:09
sorenEtienneG: No, up.21:09
EtienneGsoren, ah, ok21:09
sorenEtienneG: At pre-up time, it probably won't work (depending on the type of route).21:09
EtienneGsoren, right21:09
EtienneGstill, I am baffled that there is no standard mechanism to add static route in Debian-derived OS.21:10
giovanithat is a standard mechanism21:10
EtienneGyeah, yeah21:10
giovaniyou're clearly used to being blinded from how things are done under the hood21:10
sorenEtienneG: That really is the standard mechanism.21:11
giovani'route' is the user-friendly way21:11
EtienneGgiovani, I usually prefer ip, but that's just me21:11
* soren too21:11
giovaniuse whatever you like, it's all still /proc/net/route21:12
EtienneGsoren, hard-coding a command in interfaces?  really seems wrong to me (still better than to add a script to if-up.d/, though)21:12
giovaniEtienneG: what benefit do you think there is to abstracting the addition of a route beyond the route command?21:12
giovaniit's the same amount of typing, it's executing an identical task21:13
sorengiovani: For the same reason that you don't run ifconfig or dhclient manually,but use /etc/network/interfaces.21:13
sorenI'll leave it as an exercise to the reader to work out that reason.21:14
sorenOr those reasons, rather.21:14
giovanisoren: I don't see any benefit to it for settings like IPs, etc -- the framework of if-up, etc makes sense -- execute things in a specific sequence, at the same time, etc21:14
giovanibut executing a script that uses a file to set some variables when the command itself is simple doesn't offer any value21:15
sorengiovani: Please don't tell you you don't specify address in your interfaces file, but instead have a "up ifconfig $IFACE" line?21:16
giovanidon't get me wrong, I'm not saying it shouldn't exist -- just that there's no reason to complain when such a method for a particular task doesn't exist21:16
giovanisoren: I'm telling you the two are equally usable, that's all21:16
sorenMaking such things come into existence starts with someone complaining (possibly to oneself) about it.21:16
giovanicomplaining about such things is a waste -- there's a long list of stuff that needs automation before it21:18
coxnso, I'm trying to do this: ubuntu-vm-builder kvm --dest /virtual-machines/testhost --ip -c /etc/vmbuilder/confs/lucid-default.cfg21:24
coxnand here's the .cfg file: http://paste.ubuntu.com/461277/21:24
coxnbut the firstboot isn't getting called21:25
coxnany help troubleshooting would be appreciated21:25
sorencoxn: Can you run vmbuilder with --debug and paste the output somewhere?21:28
coxnsoren: yes. I will come back when I have done so.21:29
sorencoxn: Cool beans.21:31
coxnthat is a great nick21:33
coxnsoren: fascinating. looks like it was failing a perl dependency silently. I'll chase this a bit and paste you some debug output if I get stuck. Thanks!21:39
sorencoxn: No problem.21:41
chewbrancahi, I'm using the Lucid 64 bit ec2 AMI that uses EBS for its root partition, and I'm trying to figure out the best approach to move /var/lib/mysql to a separate EBS volume, any ideas?21:43
TMXis it possible to install ubuntu-server via ssh using the standard server iso?22:13
coxn2010-07-09 17:23:33,777 DEBUG   : Calling deploy method in VMBuilder.plugins.network plugin.22:26
coxn2010-07-09 17:23:33,777 DEBUG   : No such method22:26
coxn2010-07-09 17:23:33,796 DEBUG   : Calling deploy method in VMBuilder.plugins.ubuntu.distro plugin.22:27
coxn2010-07-09 17:23:33,796 DEBUG   : No such method22:27
CppIsWeirdi have a process that i started via ssh. this process is still running and may run for a very long time. However, I would like to terminate the ssh session. is there any way to transfer this process to another use or something so that when i terminate the ssh session the process does not terminate?22:29
coxnCppIsWeird: can you kill it and restart without losing what has already been done?22:30
CppIsWeirdno, not that im aware of.22:31
coxnCppIsWeird: because the way to do that is to stick it inside gnu screen from the beginning22:31
sorencoxn: Those are not errors.22:36
sorencoxn: They're debugging information. It even says DEBUG in all caps :)22:37
webPragmatistI know there's no particular place but where would you guys store .htpasswd files22:37
sorenThey're config files.22:37
webPragmatist /etc/apache2/conf.d ?22:38
sorenStuff in /etc/apache2/conf.d gets treated as apache config files.22:38
webPragmatistoh right22:38
webPragmatistso maybe make a dir /etc/htpasswd ?22:39
sorenwebPragmatist: /etc/apache2/htpasswd, perhaps.22:39
soren(as a directory)22:39
webPragmatistwhen httpd runs does it read those files as root or do i need to make them owned by www-data22:40
sorenApache runs as www-data.22:40
sorenSo www-data (or a group of which www-data is a member) must have read privileges.22:41
webPragmatistwould you protect it other than just root +r22:41
webPragmatistlike would you prevent others from reading it22:41
peeps[work]when do cron.daily scripts run?  midnight?22:46
webPragmatistit's random if i recall22:54
webPragmatistFor daily, it checks if the current time is greater than (or exactly) 24 hours past the timestamp of the /var/spool/cron/lastrun/cron.hourly file.22:56
webPragmatistsomething like that22:56
webPragmatistif you need to have it run at a certain time use crontab22:57
coxnokay so, soren ... I don't see any reference to firstboot here: http://paste.ubuntu.com/461306/22:57
webPragmatistpeeps[work]: ^22:58
coxnI got that by tacking a "2>&1 | tee /root/testbuild.txt" to the end of my ubuntu-vm-builder line and looking in the file... I suppose I could upload that file somewhere....22:59
peeps[work]webPragmatist, ok, thanks23:02
=== kim0 is now known as Guest16947
panfisthow does one control which services are started automatically on system start?23:05
=== shade_ is now known as shade\
webpragmatist1out of curiousity... is it a stupid idea to use the snakeoil private key that is generated by ubuntu instead of a new key for each ssl?23:10
giovaniwebpragmatist1: phenomenally stupid23:10
webpragmatist1whats the snakeoil used for23:11
giovanias a test23:11
giovaniif you want an ssl cert that's accepted by most browsers/ssl clients for free, try startssl23:11
webpragmatist1oh it's okay my host provides them for freebies23:12
giovaniexcellent, use those23:12
coxn# grep -ic login /usr/share/pyshared/VMBuilder/contrib/cli.py23:20
panfistupneatlinux i don't know why i was under the impression this wasn't the right way to do things in lucid...that there was another layer on top that was preferred or something23:22
panfistupbeatlinux *23:22
coxnsoren: should I be using something newer than the VMBuilder that ships with lucid if I want to have a firstboot script?23:23
sorencoxn: Yeah, there's a PPA.23:27
T3CHKOMMIEhey guys, trying to reconfigure my netgear switches from the ground up, anyone familiar with Vlans?23:27
sorencoxn: What's with the grep thing?23:27
coxnsoren: that file has the options that it will parse, so there should be a match if '--firstlogin' is an option.23:31
sorencoxn: No.23:31
coxnno which? no it should not match?23:32
sorencoxn: Settings are defined all over the place. Specifically, the firstlogin option is defined in the firstscripts plugin.23:32
coxnI will look there23:32
sorencoxn: Still, it won't work with the version in Lucid.23:32
sorencoxn: You need the version in the PPA.23:33
millerdHey #ubuntu-server I have a question23:36
SpamapSHey millerd, we have .. enthusiasm.. and hopefully answers! :)23:37
millerdHow easy is it if I want to have all the computers in the domain to run apt-get update and then upgrade? Haha thanks for the enthusiasm :)23:37
panfisti had bind9 server installed, then i removed it with APT. now, when the server boots it still tries to start bind9 and complains that a named binary is gone23:38
millerdI'm trying to delve into Ubuntu Server as an alternative to Windows Server23:38
ScottKpanfist: That shouldn't happen, but the simple solution is reinstall it and then instead of removing it, purge it.23:43
osmosisi got some strange error about   echo 0 > /proc/sys/kernel/hung_task_timeout_secs23:45
millerdFrom the server, how do I tell computers in the domain update themselves?23:50
osmosisBUG: soft lockup - CPU#0 stuck for 61s! [kdmflush:275]23:59
cybrocopHi All. In UEC, is it possible to download some of the images from the image store manually?23:59
cybrocopso that I can give it a custom (more user-friendly) bucket name?23:59

Generated by irclog2html.py 2.7 by Marius Gedminas - find it at mg.pov.lt!