| SpamapS | webPragmatist: /etc/ssl/certs ? | 00:02 |
|---|---|---|
| webPragmatist | SpamapS: okay :) | 00:02 |
| webPragmatist | next question… is it necessary to keep the csr and key/ | 00:02 |
| webPragmatist | after you have it signed | 00:02 |
| SpamapS | webPragmatist: the private key, absolutely, the thing won't work without it. | 00:02 |
| webPragmatist | private key is the csr or key part? | 00:02 |
| webPragmatist | the first thing you generate? | 00:03 |
| webPragmatist | why does deb call them .pem | 00:03 |
| webPragmatist | or rather symlink to a .crt using .pem | 00:04 |
| SpamapS | the key is what you generate, and then the CSR is a cryptographically verified request to the CA to sign the public portion. | 00:04 |
| SpamapS | webPragmatist: thats just old confusing stuff that I've never understood either. ;) | 00:04 |
| SpamapS | webPragmatist: the important thing is that you make sure you protect that key file | 00:04 |
| SpamapS | webPragmatist: it must have secure file permissions, and preferrably will be encrypted, requiring you to enter a passphrase to start the webserver. | 00:05 |
| webPragmatist | so you would put the .key (password protected) and .crt (signed) in /etc/ssl/certs | 00:05 |
| === dendro-afk is now known as dendrobates | ||
| webPragmatist | or would you keep the .key somewhere else | 00:05 |
| giovani | webPragmatist: it doesn't matter where on the filesystem you keep them, just permission them so that only the apache user can read them | 00:08 |
| webPragmatist | i know this i just don't want to look like an ass an put them in /home/poop | 00:09 |
| webPragmatist | and* | 00:09 |
| giovani | uh | 00:09 |
| webPragmatist | :) | 00:10 |
| giovani | if you knew it, then you'd know it doesn't matter where you put them | 00:10 |
| webPragmatist | giovani: … i'm just trying to put it somewhere logical that someone else might be able to find it | 00:10 |
| webPragmatist | just like /etc/ssl/cert makes sense… but where to put the key may not | 00:10 |
| giovani | someone else who's smart would look at the webserver configs | 00:11 |
| giovani | as there's no universal storage location | 00:11 |
| giovani | but /etc/ssl is as good a place as any for all of the ssl components | 00:11 |
| webPragmatist | oh doi | 00:12 |
| webPragmatist | theres a private dir | 00:12 |
| webPragmatist | although there might not be a universal storage location… there's some pretty damn logical places to put things for most things | 00:12 |
| giovani | and /etc/ssl has been suggested and discussed over and over | 00:13 |
| giovani | so I don't know why we're still talking about it | 00:13 |
| lau | stgraber: I am trying to create an lxc lucid i386 image like http://www.stgraber.org/download/lxc-ubuntu-8.04-amd64.tar.gz | 00:32 |
| lau | I tried to find some info in the UDS logs but was not able to find any :s | 00:33 |
| lau | would you please point me the process you use to build such .tgz file ? | 00:33 |
| lau | did you use debootstraping ? which particular switches ? | 00:34 |
| === unreal_ is now known as unreal | ||
| b0gatyr | When you feed a file containing a hash to john the ripper you must also have a username with it correct? | 02:27 |
| clusty | hey | 02:27 |
| clusty | i am trying to host my own dns for a domain and godaddy is telling me my server is not "registered" | 02:28 |
| clusty | any clue what that could mean? | 02:28 |
| Italian_Plumber1 | I'm looking for a guilde for optimizing ubuntu server ... I run a very simple setup and I want to see if there are unneeded services/processes etc. that I can turn off that might improve performance. The main functions of my server are vmware, bind, and rtorrent. | 02:53 |
| Italian_Plumber1 | I am the only user. | 02:53 |
| === unreal_ is now known as unreal | ||
| qman__ | Italian_Plumber1, there is really no need to do such a thing, since ubuntu server is bare by default | 02:59 |
| Italian_Plumber1 | oic | 02:59 |
| qman__ | you might want to apply some kernel tweaks to better suit a specific application, but aside from the basic services like syslog, there's nothing else running | 02:59 |
| Italian_Plumber1 | well it's vmware that I'd really like to tweak for, I guess. I just feel that my virtual machines could be faster... | 03:00 |
| Italian_Plumber1 | and other vmware functions, like suspending and unsuspending a machine, should be faster. | 03:00 |
| qman__ | that's mostly tied to disk performance | 03:00 |
| qman__ | unless your CPU is anemic | 03:01 |
| Italian_Plumber1 | well, is there a way to improve disk performance? | 03:01 |
| qman__ | get faster disks | 03:01 |
| qman__ | or change filesystems, if you're using a particularly slow one | 03:01 |
| Italian_Plumber1 | ext3 | 03:01 |
| qman__ | well, ext3 is a particularly slow one, on a relative scale | 03:02 |
| qman__ | it forgoes modern performance tweaks for simplicity and reliability | 03:02 |
| Italian_Plumber1 | ok well have to go. bedtime. thanks for the pointers | 03:02 |
| Roxyhart0 | hi there i am getting this error: init: network-interface (eth0) pre-start process (535) terminated with status 1 | 03:11 |
| Roxyhart0 | somebody know why this error, i cant even start the server, it start when i add a network card | 03:11 |
| webPragmatist | should i use ssl-cert-snakeoil.key for anything? | 03:16 |
| webPragmatist | or should i always gen my own key file when creating a ssl cert | 03:17 |
| Roxyhart0 | why when i add a new network card i got the error init: network-interface (ethX) pre-start process (535) terminated with status 1 ? | 03:19 |
| twb | Hum. Apparently I don't have such a file. | 03:23 |
| twb | Nor is "snakeoil" in any path in Debian Sid, which is puzzling, because I've seen it before. | 03:24 |
| qman__ | the snakeoil file is a key you should never use in the real world | 03:24 |
| qman__ | it is known by everyone and therefore renders your encryption vulnerable | 03:24 |
| qman__ | it's there and packages use it to 'just work' without throwing errors | 03:25 |
| qman__ | but you should always replace it | 03:25 |
| qman__ | I just soft linked that filename to my real key, to avoid changing all the config files | 03:25 |
| === deslector is now known as scarper | ||
| CaptainTrek | whats the command to locate where something was installed? | 07:56 |
| CaptainTrek | in terminal | 07:57 |
| lifeless | what do you mean by 'where something was installed' ? | 07:57 |
| CaptainTrek | lifeless: to locate where a package installed the core program files to. | 07:57 |
| lifeless | dpkg -L packagename will tell you all the files a package contains | 07:58 |
| CaptainTrek | got it thanks | 07:59 |
| uvirtbot | New bug: #603466 in nagios3 (main) "Please merge nagios3 3.2.1-2(main) from debian unstable(main)" [Undecided,Confirmed] https://launchpad.net/bugs/603466 | 08:11 |
| xampart | i'm sharing a directory, which contains user/Maildir -directories. they show up properly on remote host, but everything under user/Maildir is not showing. any resolutions? | 08:38 |
| xampart | with nfs | 08:38 |
| binBASH | Grüezi Aison | 08:43 |
| Aison | hallo | 08:53 |
| xoen | hi all, I'm going crazy with a problem about .ICEauthorithy | 09:52 |
| xoen | sorry, .ICEauthority | 09:52 |
| Jordan_U | xoen: Have you been using sudo with graphical applications? | 09:57 |
| xoen | Jordan_U: don't know the account where there is the problem are not mine | 10:00 |
| xoen | The machine where there is the problem has different users | 10:00 |
| xoen | I've set up a xrdp server and some user can access some not | 10:00 |
| Jordan_U | !gksudo | xoen | 10:01 |
| ubottu | xoen: If you need to run graphical applications as root, use « gksudo », as it will set up the environment more appropriately. Never just use "sudo"! (See http://psychocats.net/ubuntu/graphicalsudo to know why) | 10:01 |
| xoen | I've noticed the users can access has the .ICEauthority file, the other not | 10:01 |
| xoen | ubottu: I know gksudo | 10:01 |
| ubottu | Error: I am only a bot, please don't think I'm intelligent :) | 10:01 |
| xoen | Jordan_U: I know gksudo | 10:01 |
| Jordan_U | xoen: It's likely that which ever user is having this problem has been using sudo with GUI applications, educate your users or don't allow them to use sudo. | 10:02 |
| xoen | Jornan_U: Have to be fair, the problem is not on an ubuntu server but on an RHEL server, but it should be distribution indipendent... | 10:02 |
| Jordan_U | xoen: You can fix the problem by chowning .ICEauthority back to them instead of root, but the problem will come back if they keep using sudo with GUI apps. | 10:02 |
| xoen | Jordan_U: I think it's a problem of permissions...but not so trivial | 10:03 |
| xoen | I mean, from root I can't run #chown -R username:username /home/username | 10:04 |
| xoen | ! | 10:04 |
| alex88 | hi guys..i've ubuntu server 10.04, is possible to install a light desktop manager and connect via vnc or something else? | 10:05 |
| xoen | Jornan_U: maybe I've found a solution for my problem, the .ICEauthority file is created the first time the user login by the X server, so I will try to log in every user phisically and see if this fix the problem. BTW thank you very much ;) | 10:09 |
| Jordan_U | xoen: Please don't ask RHEL questions in #ubuntu-server again, it can often waste people's time when instructions that should work for Ubuntu fail to work for you (one person in #ubuntu wasted 2 hours with 3 people helping him because he was using backtrack but wouldn't admit it). | 10:11 |
| xoen | Jordan_U: but I've just asked information about ~/.ICEauthority, a file present in every distribution | 10:12 |
| alex88 | Jordan_U: hhahaha.. :) | 10:12 |
| Jordan_U | xoen: If you feel that Ubuntu has better community support that is a reason to use Ubuntu, not a reason to ask RHEL questions in Ubuntu channels. | 10:12 |
| xoen | Jordan_U: is not Ubuntu GNU/Linux too? | 10:13 |
| Jordan_U | xoen: You can't easily know that a question is not distribution specific unless you understand the problem. If you had understood the problem you wouldn't have needed to ask the question in the first place :) | 10:13 |
| xoen | Jordan_U: But I've not asked about the .ICEauthority because it can't be created easily and I didn't found nothing in internet, BTW I'm sorry if my question created some problem to someone, I'm sorry | 10:15 |
| xoen | *I've just asked... | 10:15 |
| alex88 | and also this is not #GNU/linux so if you have that problem not on ubuntu we are not here to help you | 10:15 |
| Jordan_U | !mint | xoen | 10:16 |
| ubottu | xoen: There are some Ubuntu derivatives that we cannot provide support for due to repository and software changes. Please consult their websites for more information. Examples: gNewSense (support in #gnewsense), Linux Mint (see !mintsupport), LinuxMCE (support in #linuxmce), CrunchBang (support in #crunchbang), BackTrack (support in #backtrack-linux) | 10:16 |
| alex88 | btw i think there is no problem | 10:16 |
| xoen | :( | 10:16 |
| Jordan_U | xoen: And that message is only related to Ubuntu based distros, you can see that RHEL is a much more different beast :) | 10:17 |
| Jordan_U | xoen: #linux is often good for general linux support. | 10:18 |
| xoen | OK, sorry if I disturbed here | 10:18 |
| alex88 | so..no help about my ubuntu question? :P | 10:19 |
| alex88 | j/k | 10:19 |
| christopher22 | hello I aksed this question on the Python channel.. but they redirected me to this channed.. | 10:25 |
| christopher22 | i'm having some problems with the locale settings of Python | 10:25 |
| christopher22 | I keep getting: unsupported locale setting | 10:25 |
| christopher22 | so I was wondering how I could see which locales are supported by my Ubuntu server | 10:26 |
| alex88 | christopher22: try sudo dpkg-reconfigure locales | 10:27 |
| === [1]Kaffien is now known as Kaffien | ||
| gdowle | Hi, I cannot use my Metakeys, which are defined in /etc/inputrc, under X. On a console everything works fine. On a SLES machine with the same /etc/inputrc, the Metakeys are also working under X. | 11:15 |
| amagee | hey i'm following https://help.ubuntu.com/community/EC2StartersGuide to try and get ubuntu 10.04 setup on ec2 | 11:24 |
| amagee | i'm up to step 2 in "Installing the API tools", where it says to use the path $HOME/<where your private key is>/pk-XXXXXXXXXXXXXXXXXXXXXXXXXXXX.pem in .bashrc | 11:24 |
| amagee | but i don't know what this file is supposed to be. is it the same .pem file i created and used to connect to the server? | 11:25 |
| alex88 | amagee: just try | 11:31 |
| alex88 | :) | 11:31 |
| amagee | ah.. is that the x.509 certificate? | 11:32 |
| amagee | ok it's starting to make a bit more sense | 11:32 |
| amagee | i think the problem is that the instructions to get the x.509 are wrong, so i thought that the key that i generated with "key pairs" was what they were talking about in the later step | 11:38 |
| amagee | another question: i've just tried to install xfs by "sudo apt-get install xfs", which seemed to be successful, but i then type "sudo modprobe xfs" it says "FATAL: Module xfs not found." | 11:52 |
| soren | amagee: Two problems: | 12:17 |
| soren | amagee: xfs is the X font server. It's got nothing to do with the XFS filesystem. | 12:17 |
| soren | amagee: You want xfsprogs | 12:17 |
| amagee | sorry, yeah, that's what i meant. i installed that. | 12:18 |
| soren | amagee: and, the module is in the kernel package, not the xfsprogs package. | 12:18 |
| soren | amagee: So availability of the xfs kernel module depends on the kernel package installed. | 12:18 |
| soren | amagee: which kernel are you using? | 12:18 |
| amagee | i'm not sure.. how do i find out? | 12:18 |
| soren | uname -r" | 12:19 |
| soren | gives a hint. | 12:19 |
| soren | Without the ". | 12:19 |
| amagee | 2.6.32-305-ec2 | 12:19 |
| soren | Ah. | 12:19 |
| soren | Don't know about those. | 12:19 |
| amagee | what would you suggest i do? | 12:20 |
| soren | Wait for someone who cares about EC2 :) | 12:26 |
| amagee | heh | 12:26 |
| amagee | i might just use ext4 for the time being | 12:26 |
| === wildcard|ger is now known as wildcard|ger- | ||
| a_ok | can someone please for the love of ubuntu tell me WHERE I can configure this: https://help.ubuntu.com/community/DisklessUbuntuHowto#Static IP | 13:14 |
| a_ok | I have seen this notation in about 7 different locations but never ever is mentioned where you are supposed to put it | 13:15 |
| benedikt_ | Where does KVM/libvirt like to store the virtual disks? | 13:15 |
| benedikt_ | I'm wondering how to map the filesystems over different disks | 13:15 |
| pmatulis | benedikt_: /var/lib/libvirt/images | 13:15 |
| benedikt_ | thanks! | 13:16 |
| a_ok | benedikt_: you can specify the location of your image any time | 13:16 |
| benedikt_ | is "virtualization" in tasksel kvm and libvirt? | 13:16 |
| benedikt_ | a_ok: i know, i just like to keep default settings, otherwise it always end up in a big mess | 13:16 |
| pmatulis | benedikt_: yes | 13:16 |
| a_ok | benedikt_: we are using luns on a San so not much of a choise or a mess here | 13:17 |
| Pici | a_ok: It looks like you can specify those options as kernel parameters. See #2 here: http://fscked.org/writings/clusters/nfsroot.txt | 13:22 |
| pmatulis | a_ok: also, bug #175324 is marked as fixed | 13:24 |
| uvirtbot | Launchpad bug 175324 in klibc "Klibc: ipconfig fails on network with DHCP relays" [Medium,Fix released] https://launchpad.net/bugs/175324 | 13:24 |
| === dendrobates is now known as dendro-afk | ||
| a_ok | Pici: thanks that actually makes sence. now I only need to know how to configure it with grub2 | 13:24 |
| a_ok | pmatulis: Actually I am booting from iSCSI. That is something that seems to be untested (had to modify the initrd init script so the drivers where loaded). Besides I am using a seperate network to the San that has no dhcp | 13:26 |
| a_ok | Do i need to add the parameter to the linux line or start a new line starting with ip? | 13:27 |
| pmatulis | a_ok: the kernel line | 13:27 |
| a_ok | pmatulis: thanks | 13:28 |
| pascalou | hi here, anyone around using clonezilla or some similar tool? | 13:46 |
| guntbert | !anyone | pascalou | 13:48 |
| ubottu | pascalou: A large amount of the first questions asked in this channel start with "Does anyone/anybody..." Why not ask your next question (the real one) and find out? | 13:48 |
| pascalou | well, i d like to know if i can make/edit a dvd/usb stick of typically clonezilla which would allways get me a french menu with french keyboard, mounting always the same samba share and giving 2 options with the images there, clone from a chosen images from repository , make a ghost and upload it to the repository | 13:50 |
| === dendro-afk is now known as dendrobates | ||
| zul | if something is running from inetd say like a dovecot server it should show up when you do a netstat -atuvpn? | 14:03 |
| Brumle | zul: only inetd would show up there listening on the ports configured for dovecot. Be it imap or pop ports | 14:05 |
| alvin | Is there an smb.conf option to give certain hosts read-only access? (like 'hosts deny', but with read access) | 14:25 |
| === lau is now known as Guest42590 | ||
| Daffy_ | Has anyone got any experience with tinyproxy? | 14:58 |
| zul | jcastro: ping | 15:03 |
| jcastro | pong | 15:04 |
| zul | jcastro: have you seen this for daily builds? http://launchpadlibrarian.net/51625554/buildlog.txt.gz | 15:05 |
| === dendrobates is now known as dendro-afk | ||
| jcastro | the aptitude thing | 15:06 |
| jcastro | yeah, iirc I saw someone with a branch working on it? maybe lamont? | 15:06 |
| === dendro-afk is now known as dendrobates | ||
| === permalac is now known as permalac_ | ||
| === dendrobates is now known as dendro-afk | ||
| katsa | hello | 15:32 |
| katsa | anyone encountered a "Could not open the requested SVN filesystem" error with subversion before? | 15:32 |
| katsa | nvm, found the problem | 15:35 |
| === Guest42590 is now known as lau | ||
| === dendro-afk is now known as dendrobates | ||
| hallyn | kirkland: gr, lh clean --binary && lh build is rebuilding my chroot. FAQ said it would leave my chroot! | 16:35 |
| kirkland | hallyn: grr, yeah, i just start clean every time | 16:37 |
| kirkland | hallyn: it only takes me 8 minutes to build from scratch here | 16:37 |
| hallyn | kirkland: yes but i hand-built an initrd.img that i wanted tostick in there | 16:40 |
| kirkland | hallyn: ah | 16:49 |
| kirkland | hallyn: talk to Cody, if you hit lh troubles | 16:49 |
| kirkland | hallyn: he knows it well | 16:49 |
| kirkland | hallyn: maybe find him in #ubuntu-devel or somewhere | 16:49 |
| SpamapS | lh? | 16:50 |
| kirkland | hallyn: sorry, cody-somerville on IRC | 16:50 |
| kirkland | SpamapS: live-helper | 16:50 |
| SpamapS | cool | 16:50 |
| SpamapS | kirkland: did you use that to build the USB key image? | 16:51 |
| webPragmatist | if my rsync is stuck at sending incremental file list how can i troubleshoot this | 16:51 |
| SpamapS | webPragmatist: did you give it '--progress' or '-P' ? that usually shows how fast its going/how long it has to go | 16:54 |
| webPragmatist | ya | 16:54 |
| webPragmatist | i'm try running it too | 16:54 |
| webPragmatist | dry* | 16:54 |
| SpamapS | webPragmatist: ahh is it a giant list of files? | 16:55 |
| webPragmatist | ya probably | 16:55 |
| webPragmatist | can i get disk usage like iftop | 16:55 |
| SpamapS | iostat works for that | 16:55 |
| webPragmatist | rather disk write/reads | 16:55 |
| SpamapS | oh per process? not sure, maybe 'atop' but that one requires kernel patches I think. | 16:56 |
| webPragmatist | iostat doesn't exist/ | 16:56 |
| SpamapS | webPragmatist: vmstat 5 5 | 16:57 |
| webPragmatist | uh hrm | 16:57 |
| webPragmatist | atop no clue how to read this | 16:57 |
| SpamapS | webPragmatist: RDDSK/WRDSK | 16:58 |
| SpamapS | thats the stats on IO for that process | 16:58 |
| webPragmatist | this vmstat stuff i guess bi and bo | 16:58 |
| webPragmatist | are the important | 16:58 |
| SpamapS | webPragmatist: yeah. "in" can also be interesting, interrupts. | 16:59 |
| webPragmatist | well it's like nothing like 200 | 16:59 |
| webPragmatist | my guess is its not really creating this list | 16:59 |
| webPragmatist | its just stuck | 17:00 |
| SpamapS | webPragmatist: probably waiting for the other side | 17:00 |
| SpamapS | webPragmatist: you can try running it with 'strace rsynx blah blah' | 17:00 |
| SpamapS | webPragmatist: but that may overwhelm you with information. ;) | 17:00 |
| webPragmatist | better than nothing | 17:01 |
| webPragmatist | its stuck trying to "select()" a dir | 17:02 |
| SpamapS | webPragmatist: no, select() doesn't really work on dirs AFAIK | 17:04 |
| SpamapS | webPragmatist: select() would be on a socket/file waiting for activity | 17:04 |
| SpamapS | webPragmatist: probably the remote connection | 17:05 |
| webPragmatist | well what it says is select(6, [5], [], NULL, {60, 0}) = 0 (Timeout) | 17:05 |
| webPragmatist | 6 i guess is the dir name | 17:05 |
| SpamapS | no | 17:05 |
| SpamapS | webPragmatist: 'man select' | 17:06 |
| SpamapS | webPragmatist: 6 is the number of files to "select" | 17:06 |
| SpamapS | webPragmatist: [5] is the array of file descriptors .. so just 5 | 17:06 |
| webPragmatist | oh i thought it was just a function in rsync | 17:06 |
| SpamapS | webPragmatist: you'd need to see where open() or socket() returned = 5 | 17:06 |
| SpamapS | webPragmatist: no, strace only shows syscalls | 17:06 |
| webPragmatist | i see | 17:06 |
| SpamapS | webPragmatist: its one of those things that I've decided *I CANT LIVE WITHOUT* ;) | 17:07 |
| webPragmatist | so whats your guess on whats happening? | 17:07 |
| webPragmatist | local io error or remote? | 17:07 |
| === dendrobates is now known as dendro-afk | ||
| SpamapS | webPragmatist: I'd check the remote box out in the same way you're checking the local one | 17:18 |
| webPragmatist | would you just run the rsync in revers? | 17:21 |
| SpamapS | webPragmatist: no | 17:22 |
| SpamapS | webPragmatist: go to the other box, and run things like 'top' and 'vmstat' and see what that box is doing | 17:22 |
| webPragmatist | eventually i got something like write failed broken pipe blah blah one sec i'll psatie | 17:25 |
| webPragmatist | pastie* | 17:25 |
| webPragmatist | SpamapS: poo eventually i got http://pastie.org/1037672 | 17:26 |
| webPragmatist | after a bunch ot timeouts | 17:27 |
| SpamapS | webPragmatist: what version of rsync is this? | 17:30 |
| webPragmatist | 3.0.7 | 17:31 |
| SpamapS | webPragmatist: ok.. hm.. maybe try a smaller directory tree? | 17:31 |
| webPragmatist | :( | 17:31 |
| SpamapS | webPragmatist: did you run with '-v' ? | 17:41 |
| webPragmatist | yes | 17:42 |
| cybrocop | Hello. On UEC, what is the relationship between eucalyptus.conf and eucalyptus.local.conf? For instance, if I want to change the VNET_SUBNET variable, which file do I edit. | 18:54 |
| cybrocop | smoser: Any idea on this? I change the variable in both files across my CC and all my nodes, then whenever I try to launch an instance, I get this error: "Not enough resources available: addresses (try --addressing private)" | 18:58 |
| smoser | well, a couple things. | 18:58 |
| smoser | i think the files say which one to update | 18:58 |
| smoser | they say to edit /etc/eucalyptus/eucalyptus.conf | 18:59 |
| smoser | hand as far as VNET_SUBNET i would think you need to set that on the CC. | 19:00 |
| smoser | then, as suggested in eucalyptus.conf file, do 'sudo restart eucalyptus-cc CLEAN=1' | 19:00 |
| cybrocop | Initially, I only modified eucalyptus.conf, but when I restart the service, the changes aren't sync'd to eucalyptus.local.conf and I get the errror above. | 19:00 |
| cybrocop | smoser: I have restarted eucalyptus-cc with CLEAN=1 option. | 19:01 |
| smoser | they're not synced to .local.conf. | 19:01 |
| smoser | they wont be. | 19:01 |
| smoser | and make sure you dont have it in both places. | 19:01 |
| smoser | as that is undeinfed behavior i think. | 19:01 |
| smoser | but i would think this would take... | 19:01 |
| smoser | i aplogize for not knowing more. maybe kirkland` does | 19:02 |
| cybrocop | smoser: the VNET_SUBNET was already present in local.conf | 19:02 |
| cybrocop | only it was the wrong setting: VNET_SUBNET="172.19.0.0" | 19:02 |
| cybrocop | in my eucalyptus.conf, I changed this to be VNET_SUBNET="192.168.0.0" and did a "restart eucalyptus-cc CLEAN=1" | 19:02 |
| cybrocop | now, I had 2 files, each with a different VNET_SUBNET setting. I changed eucalyptus.conf's VNET_SUBNET to "172.19.0.0" (initially it was null).. restarted cleanly again, and I'm still having problems launching instances. | 19:04 |
| smoser | cybrocop, i'm sorry, i can't be much more help there. I can't say that i've played with that all that much. you might try in #eucalyptus. | 19:06 |
| cybrocop | smoser: thanks. I'm coming here from #eucalyptus, they can't help me because the problem seems to be the discrepancy between eucalyptus.conf and eucalyptus.local.conf (which is a Ubuntu addition) | 19:07 |
| smoser | well, make sure it only occurs in one of them | 19:08 |
| smoser | and that its right | 19:08 |
| smoser | and restart. | 19:08 |
| smoser | then, i am not certain how that setting propogates to nodes | 19:08 |
| smoser | or if it needs to | 19:09 |
| cybrocop | smoser: all the settings in my local.conf already have been set in the original. | 19:09 |
| cybrocop | smoser: can I just delete all the settings in local.conf i.e. make it an empty file. | 19:09 |
| kaushal | hi | 19:20 |
| kaushal | as per the link http://webapps.ubuntu.com/certification/list/?release=8.04%20LTS&category=Server | 19:20 |
| kaushal | what does Ready mean ? | 19:20 |
| kaushal | and how is it different from certified | 19:21 |
| jpds | kaushal: It was certified by the manufacturer, not by Canonical. | 19:23 |
| kaushal | so certified means by canonical ? | 19:26 |
| jpds | Yes. | 19:26 |
| kaushal | Ready means by manufacturer ? | 19:26 |
| smoser | cybrocop, i'm really sorry i couldn't help you. | 19:26 |
| cybrocop | smoser: np, thanks for trying. | 19:27 |
| smoser | actually.. i'd at least try restart eucalyptus CLEAN=1 | 19:27 |
| smoser | (not eucalyptus-cc, but eucalyptus) | 19:27 |
| jpds | kaushal: Yes. | 19:28 |
| kaushal | jpds, so i should emphasize on certified and not on ready ? | 19:28 |
| jpds | kaushal: Either one, depends who you want support from. | 19:29 |
| kaushal | oh ok | 19:30 |
| kaushal | jpds, Thanks | 19:30 |
| prodcutnews | hi | 20:06 |
| maek | anyone good at pxe? I have /var/lib/tftpboot and when I copy the contents of the netboot.tgz it works with symlinks and stuff in sub dirs for the kernel, but when I move the default config or the location of the kernel subdirs no longer work | 20:09 |
| smoser | maek, tftp often runs chrooted | 20:11 |
| smoser | which changes paths and such | 20:11 |
| prodcutnews | i had problem with gnome-terminal, its getting close immediately , what might be the reason, ALT+F2 followed with xterm command is working ? whatz wrong with gnome-termianl ? | 20:12 |
| maek | smoser: im using relative paths from my tftp entry point of /var/lib/tftpboot - just very confusing. when I use the stock ubuntu files it works fine with symlinks and kernels in sub dirs. once I move things and reconfig sub dirs dont work. thanks ill look more | 20:13 |
| prodcutnews | i did mount command on xterm, i couldnot understand anything there, i have problem gnome-terminal, yesterday laptop shutdown twice, with cpu sounded heavily when i visited site www.lazydesis.com, now im reading about the topic "instrusion into linux", once i was windows freak later came into linux, but now i feel "AM i SafE" | 20:18 |
| osmosis | im getting serious disk write lag in guests on kvm ubuntu 10.04. And Im using virtio. Easy to duplicate, i just rync a large folder locally, and it brings the server to a temporary halt...eventually recovers. | 20:32 |
| osmosis | I see one of the cpu cores in the guest get stuck at 100% use for a while when this happens. | 20:33 |
| EtienneG | hey guys | 20:36 |
| EtienneG | in eucalyptus, are we still using vtun for inter-cluster communication? are there another option? hggdh, kirkland ? | 20:36 |
| lifeless | EtienneG: inter or intra? | 20:40 |
| EtienneG | lifeless, inter | 20:41 |
| EtienneG | lifeless, as in, you have two cluster | 20:41 |
| lifeless | ah, I haven't played with that yes. | 20:41 |
| lifeless | s/yes/yet/ | 20:41 |
| EtienneG | lifeless, indeed. eucalyptus built it using vtun | 20:41 |
| EtienneG | vtun is in universe, because it is insecure | 20:42 |
| EtienneG | does anyone knows where to declare static routes (other than the default one, that is)? Google says I have to drop a script in /etc/network/if-up.d/, but there *has* to be a better way | 21:04 |
| giovani | EtienneG: "better" how? | 21:05 |
| EtienneG | giovani, huh? | 21:05 |
| EtienneG | giovani, better than writing a script from scratchm duh. | 21:05 |
| giovani | EtienneG: I don't know why you think that's a bad solution, so I'm unclear on how we can offer you a better solution | 21:06 |
| giovani | oh, well that's how you do it | 21:06 |
| giovani | sorry | 21:06 |
| EtienneG | too bad | 21:06 |
| giovani | that's how linux works, it's a bunch of scripts | 21:06 |
| EtienneG | giovani, just FYI, Red Hat has a config file where you declare static route. That's what I would call "better". | 21:06 |
| giovani | but the "script" you'd be writing is a single, very simple line per route | 21:07 |
| giovani | it's no effort at all | 21:07 |
| EtienneG | giovani, indeed. It'd still a hack. | 21:07 |
| giovani | a hack? no -- all redhat is doing is running a script that reads that file and executes the same commands | 21:07 |
| giovani | it's just partially hidden | 21:07 |
| giovani | so in debian based oses | 21:08 |
| giovani | there's a file called interfaces which prevents you from having to write your "own script" -- but really, it's the same amount of work | 21:08 |
| giovani | man interfaces if you'd like to do it that way | 21:08 |
| soren | EtienneG: Just put it in /etc/network/interfaces. | 21:08 |
| EtienneG | soren, as a pre-up directive? | 21:09 |
| soren | EtienneG: No, up. | 21:09 |
| EtienneG | soren, ah, ok | 21:09 |
| soren | EtienneG: At pre-up time, it probably won't work (depending on the type of route). | 21:09 |
| EtienneG | soren, right | 21:09 |
| EtienneG | still, I am baffled that there is no standard mechanism to add static route in Debian-derived OS. | 21:10 |
| giovani | that is a standard mechanism | 21:10 |
| EtienneG | yeah, yeah | 21:10 |
| giovani | you're clearly used to being blinded from how things are done under the hood | 21:10 |
| soren | EtienneG: That really is the standard mechanism. | 21:11 |
| giovani | 'route' is the user-friendly way | 21:11 |
| EtienneG | giovani, I usually prefer ip, but that's just me | 21:11 |
| * soren too | 21:11 | |
| giovani | use whatever you like, it's all still /proc/net/route | 21:12 |
| EtienneG | soren, hard-coding a command in interfaces? really seems wrong to me (still better than to add a script to if-up.d/, though) | 21:12 |
| giovani | EtienneG: what benefit do you think there is to abstracting the addition of a route beyond the route command? | 21:12 |
| giovani | it's the same amount of typing, it's executing an identical task | 21:13 |
| soren | giovani: For the same reason that you don't run ifconfig or dhclient manually,but use /etc/network/interfaces. | 21:13 |
| soren | I'll leave it as an exercise to the reader to work out that reason. | 21:14 |
| soren | Or those reasons, rather. | 21:14 |
| giovani | soren: I don't see any benefit to it for settings like IPs, etc -- the framework of if-up, etc makes sense -- execute things in a specific sequence, at the same time, etc | 21:14 |
| giovani | but executing a script that uses a file to set some variables when the command itself is simple doesn't offer any value | 21:15 |
| soren | giovani: Please don't tell you you don't specify address in your interfaces file, but instead have a "up ifconfig $IFACE 10.10.10.10" line? | 21:16 |
| giovani | don't get me wrong, I'm not saying it shouldn't exist -- just that there's no reason to complain when such a method for a particular task doesn't exist | 21:16 |
| giovani | soren: I'm telling you the two are equally usable, that's all | 21:16 |
| soren | Making such things come into existence starts with someone complaining (possibly to oneself) about it. | 21:16 |
| giovani | complaining about such things is a waste -- there's a long list of stuff that needs automation before it | 21:18 |
| soren | bah | 21:23 |
| coxn | so, I'm trying to do this: ubuntu-vm-builder kvm --dest /virtual-machines/testhost --ip 10.0.1.62 -c /etc/vmbuilder/confs/lucid-default.cfg | 21:24 |
| coxn | and here's the .cfg file: http://paste.ubuntu.com/461277/ | 21:24 |
| coxn | but the firstboot isn't getting called | 21:25 |
| coxn | any help troubleshooting would be appreciated | 21:25 |
| soren | coxn: Can you run vmbuilder with --debug and paste the output somewhere? | 21:28 |
| coxn | soren: yes. I will come back when I have done so. | 21:29 |
| soren | coxn: Cool beans. | 21:31 |
| coxn | that is a great nick | 21:33 |
| coxn | soren: fascinating. looks like it was failing a perl dependency silently. I'll chase this a bit and paste you some debug output if I get stuck. Thanks! | 21:39 |
| soren | coxn: No problem. | 21:41 |
| chewbranca | hi, I'm using the Lucid 64 bit ec2 AMI that uses EBS for its root partition, and I'm trying to figure out the best approach to move /var/lib/mysql to a separate EBS volume, any ideas? | 21:43 |
| TMX | is it possible to install ubuntu-server via ssh using the standard server iso? | 22:13 |
| coxn | 2010-07-09 17:23:33,777 DEBUG : Calling deploy method in VMBuilder.plugins.network plugin. | 22:26 |
| coxn | 2010-07-09 17:23:33,777 DEBUG : No such method | 22:26 |
| coxn | 2010-07-09 17:23:33,796 DEBUG : Calling deploy method in VMBuilder.plugins.ubuntu.distro plugin. | 22:27 |
| coxn | 2010-07-09 17:23:33,796 DEBUG : No such method | 22:27 |
| coxn | hurm. | 22:27 |
| CppIsWeird | i have a process that i started via ssh. this process is still running and may run for a very long time. However, I would like to terminate the ssh session. is there any way to transfer this process to another use or something so that when i terminate the ssh session the process does not terminate? | 22:29 |
| coxn | CppIsWeird: can you kill it and restart without losing what has already been done? | 22:30 |
| CppIsWeird | no, not that im aware of. | 22:31 |
| coxn | CppIsWeird: because the way to do that is to stick it inside gnu screen from the beginning | 22:31 |
| soren | coxn: Those are not errors. | 22:36 |
| soren | coxn: They're debugging information. It even says DEBUG in all caps :) | 22:37 |
| webPragmatist | I know there's no particular place but where would you guys store .htpasswd files | 22:37 |
| soren | /etc | 22:37 |
| soren | They're config files. | 22:37 |
| webPragmatist | /etc/apache2/conf.d ? | 22:38 |
| soren | No. | 22:38 |
| soren | Stuff in /etc/apache2/conf.d gets treated as apache config files. | 22:38 |
| webPragmatist | oh right | 22:38 |
| webPragmatist | so maybe make a dir /etc/htpasswd ? | 22:39 |
| soren | webPragmatist: /etc/apache2/htpasswd, perhaps. | 22:39 |
| soren | (as a directory) | 22:39 |
| webPragmatist | okay | 22:39 |
| webPragmatist | when httpd runs does it read those files as root or do i need to make them owned by www-data | 22:40 |
| soren | Apache runs as www-data. | 22:40 |
| soren | So www-data (or a group of which www-data is a member) must have read privileges. | 22:41 |
| webPragmatist | okay | 22:41 |
| webPragmatist | would you protect it other than just root +r | 22:41 |
| webPragmatist | like would you prevent others from reading it | 22:41 |
| soren | Probably. | 22:42 |
| peeps[work] | when do cron.daily scripts run? midnight? | 22:46 |
| webPragmatist | it's random if i recall | 22:54 |
| webPragmatist | For daily, it checks if the current time is greater than (or exactly) 24 hours past the timestamp of the /var/spool/cron/lastrun/cron.hourly file. | 22:56 |
| webPragmatist | cron.daily* | 22:56 |
| webPragmatist | something like that | 22:56 |
| webPragmatist | if you need to have it run at a certain time use crontab | 22:57 |
| coxn | okay so, soren ... I don't see any reference to firstboot here: http://paste.ubuntu.com/461306/ | 22:57 |
| webPragmatist | peeps[work]: ^ | 22:58 |
| coxn | I got that by tacking a "2>&1 | tee /root/testbuild.txt" to the end of my ubuntu-vm-builder line and looking in the file... I suppose I could upload that file somewhere.... | 22:59 |
| peeps[work] | webPragmatist, ok, thanks | 23:02 |
| === kim0 is now known as Guest16947 | ||
| panfist | how does one control which services are started automatically on system start? | 23:05 |
| upbeatlinux | http://www.tin.org/bin/man.cgi?section=8&topic=update-rc.d | 23:07 |
| === shade_ is now known as shade\ | ||
| webpragmatist1 | out of curiousity... is it a stupid idea to use the snakeoil private key that is generated by ubuntu instead of a new key for each ssl? | 23:10 |
| giovani | webpragmatist1: phenomenally stupid | 23:10 |
| webpragmatist1 | whats the snakeoil used for | 23:11 |
| giovani | as a test | 23:11 |
| giovani | if you want an ssl cert that's accepted by most browsers/ssl clients for free, try startssl | 23:11 |
| webpragmatist1 | oh it's okay my host provides them for freebies | 23:12 |
| giovani | excellent, use those | 23:12 |
| coxn | hmmmm | 23:20 |
| coxn | # grep -ic login /usr/share/pyshared/VMBuilder/contrib/cli.py | 23:20 |
| coxn | 0 | 23:20 |
| panfist | upneatlinux i don't know why i was under the impression this wasn't the right way to do things in lucid...that there was another layer on top that was preferred or something | 23:22 |
| panfist | upbeatlinux * | 23:22 |
| coxn | soren: should I be using something newer than the VMBuilder that ships with lucid if I want to have a firstboot script? | 23:23 |
| soren | coxn: Yeah, there's a PPA. | 23:27 |
| T3CHKOMMIE | hey guys, trying to reconfigure my netgear switches from the ground up, anyone familiar with Vlans? | 23:27 |
| soren | coxn: What's with the grep thing? | 23:27 |
| coxn | soren: that file has the options that it will parse, so there should be a match if '--firstlogin' is an option. | 23:31 |
| soren | coxn: No. | 23:31 |
| coxn | no which? no it should not match? | 23:32 |
| soren | coxn: Settings are defined all over the place. Specifically, the firstlogin option is defined in the firstscripts plugin. | 23:32 |
| coxn | ahh | 23:32 |
| coxn | I will look there | 23:32 |
| soren | coxn: Still, it won't work with the version in Lucid. | 23:32 |
| soren | coxn: You need the version in the PPA. | 23:33 |
| millerd | Hey #ubuntu-server I have a question | 23:36 |
| SpamapS | Hey millerd, we have .. enthusiasm.. and hopefully answers! :) | 23:37 |
| millerd | How easy is it if I want to have all the computers in the domain to run apt-get update and then upgrade? Haha thanks for the enthusiasm :) | 23:37 |
| panfist | i had bind9 server installed, then i removed it with APT. now, when the server boots it still tries to start bind9 and complains that a named binary is gone | 23:38 |
| millerd | I'm trying to delve into Ubuntu Server as an alternative to Windows Server | 23:38 |
| ScottK | panfist: That shouldn't happen, but the simple solution is reinstall it and then instead of removing it, purge it. | 23:43 |
| osmosis | i got some strange error about echo 0 > /proc/sys/kernel/hung_task_timeout_secs | 23:45 |
| millerd | From the server, how do I tell computers in the domain update themselves? | 23:50 |
| osmosis | BUG: soft lockup - CPU#0 stuck for 61s! [kdmflush:275] | 23:59 |
| cybrocop | Hi All. In UEC, is it possible to download some of the images from the image store manually? | 23:59 |
| cybrocop | so that I can give it a custom (more user-friendly) bucket name? | 23:59 |
Generated by irclog2html.py 2.7 by Marius Gedminas - find it at mg.pov.lt!