[00:02] <SpamapS> webPragmatist: /etc/ssl/certs ?
[00:02] <webPragmatist> SpamapS: okay :)
[00:02] <webPragmatist> next question… is it necessary to keep the csr and key/
[00:02] <webPragmatist> after you have it signed
[00:02] <SpamapS> webPragmatist: the private key, absolutely, the thing won't work without it.
[00:02] <webPragmatist> private key is the csr or key part?
[00:03] <webPragmatist> the first thing you generate?
[00:03] <webPragmatist> why does deb call them .pem
[00:04] <webPragmatist> or rather symlink to a .crt using .pem
[00:04] <SpamapS> the key is what you generate, and then the CSR is a cryptographically verified request to the CA to sign the public portion.
[00:04] <SpamapS> webPragmatist: thats just old confusing stuff that I've never understood either. ;)
[00:04] <SpamapS> webPragmatist: the important thing is that you make sure you protect that key file
[00:05] <SpamapS> webPragmatist: it must have secure file permissions, and preferrably will be encrypted, requiring you to enter a passphrase to start the webserver.
[00:05] <webPragmatist> so you would put the .key (password protected) and .crt (signed) in /etc/ssl/certs
[00:05] <webPragmatist> or would you keep the .key somewhere else
[00:08] <giovani> webPragmatist: it doesn't matter where on the filesystem you keep them, just permission them so that only the apache user can read them
[00:09] <webPragmatist> i know this i just don't want to look like an ass an put them in /home/poop
[00:09] <webPragmatist> and*
[00:09] <giovani> uh
[00:10] <webPragmatist> :)
[00:10] <giovani> if you knew it, then you'd know it doesn't matter where you put them
[00:10] <webPragmatist> giovani: … i'm just trying to put it somewhere logical that someone else might be able to find it
[00:10] <webPragmatist> just like /etc/ssl/cert makes sense… but where to put the key may not
[00:11] <giovani> someone else who's smart would look at the webserver configs
[00:11] <giovani> as there's no universal storage location
[00:11] <giovani> but /etc/ssl is as good a place as any for all of the ssl components
[00:12] <webPragmatist> oh doi
[00:12] <webPragmatist> theres a private dir
[00:12] <webPragmatist> although there might not be a universal storage location… there's some pretty damn logical places to put things for most things
[00:13] <giovani> and /etc/ssl has been suggested and discussed over and over
[00:13] <giovani> so I don't know why we're still talking about it
[00:32] <lau> stgraber: I am trying to create an lxc lucid i386 image like http://www.stgraber.org/download/lxc-ubuntu-8.04-amd64.tar.gz
[00:33] <lau> I tried to find some info in the UDS logs but was not able to find any :s
[00:33] <lau> would you please point me the process you use to build such .tgz file ?
[00:34] <lau> did you use debootstraping ? which particular switches ?
[02:27] <b0gatyr> When you feed a file containing a hash to john the ripper you must also have a username with it correct?
[02:27] <clusty> hey
[02:28] <clusty> i am trying to host my own dns for a domain and godaddy is telling me my server is not "registered"
[02:28] <clusty> any clue what that could mean?
[02:53] <Italian_Plumber1> I'm looking for a guilde for optimizing ubuntu server ... I run a very simple setup and I want to see if there are unneeded services/processes etc. that I can turn off that might improve performance.  The main functions of my server are vmware, bind, and rtorrent.
[02:53] <Italian_Plumber1> I am the only user.
[02:59] <qman__> Italian_Plumber1, there is really no need to do such a thing, since ubuntu server is bare by default
[02:59] <Italian_Plumber1> oic
[02:59] <qman__> you might want to apply some kernel tweaks to better suit a specific application, but aside from the basic services like syslog, there's nothing else running
[03:00] <Italian_Plumber1> well it's vmware that I'd really like to tweak for, I guess.  I just feel that my virtual machines could be faster...
[03:00] <Italian_Plumber1> and other vmware functions, like suspending and unsuspending a machine, should be faster.
[03:00] <qman__> that's mostly tied to disk performance
[03:01] <qman__> unless your CPU is anemic
[03:01] <Italian_Plumber1> well, is there a way to improve disk performance?
[03:01] <qman__> get faster disks
[03:01] <qman__> or change filesystems, if you're using a particularly slow one
[03:01] <Italian_Plumber1> ext3
[03:02] <qman__> well, ext3 is a particularly slow one, on a relative scale
[03:02] <qman__> it forgoes modern performance tweaks for simplicity and reliability
[03:02] <Italian_Plumber1> ok well have to go.  bedtime.  thanks for the pointers
[03:11] <Roxyhart0> hi there i am getting this error: init: network-interface (eth0) pre-start process (535) terminated with status 1
[03:11] <Roxyhart0> somebody know why this error, i cant even start the server, it start when i add a network card
[03:16] <webPragmatist> should i use ssl-cert-snakeoil.key for anything?
[03:17] <webPragmatist> or should i always gen my own key file when creating a ssl cert
[03:19] <Roxyhart0> why when i add a new network card i got the error  init: network-interface (ethX) pre-start process (535) terminated with status 1 ?
[03:23] <twb> Hum.  Apparently I don't have such a file.
[03:24] <twb> Nor is "snakeoil" in any path in Debian Sid, which is puzzling, because I've seen it before.
[03:24] <qman__> the snakeoil file is a key you should never use in the real world
[03:24] <qman__> it is known by everyone and therefore renders your encryption vulnerable
[03:25] <qman__> it's there and packages use it to 'just work' without throwing errors
[03:25] <qman__> but you should always replace it
[03:25] <qman__> I just soft linked that filename to my real key, to avoid changing all the config files
[07:56] <CaptainTrek> whats the command to locate where something was installed?
[07:57] <CaptainTrek> in terminal
[07:57] <lifeless> what do you mean by 'where something was installed' ?
[07:57] <CaptainTrek> lifeless:  to locate where a package installed the core program files to.
[07:58] <lifeless> dpkg -L packagename will tell you all the files a package contains
[07:59] <CaptainTrek> got it thanks
[08:38] <xampart> i'm sharing a directory, which contains user/Maildir -directories. they show up properly on remote host, but everything under user/Maildir is not showing. any resolutions?
[08:38] <xampart> with nfs
[08:43] <binBASH> Grüezi Aison
[08:53] <Aison> hallo
[09:52] <xoen> hi all, I'm going crazy with a problem about .ICEauthorithy
[09:52] <xoen> sorry, .ICEauthority
[09:57] <Jordan_U> xoen: Have you been using sudo with graphical applications?
[10:00] <xoen> Jordan_U: don't know the account where there is the problem are not mine
[10:00] <xoen> The machine where there is the problem has different users
[10:00] <xoen> I've set up a xrdp server and some user can access some not
[10:01] <Jordan_U> !gksudo | xoen
[10:01] <xoen> I've noticed the users can access has the .ICEauthority file, the other not
[10:01] <xoen> ubottu: I know gksudo
[10:01] <xoen> Jordan_U: I know gksudo
[10:02] <Jordan_U> xoen: It's likely that which ever user is having this problem has been using sudo with GUI applications, educate your users or don't allow them to use sudo.
[10:02] <xoen> Jornan_U: Have to be fair, the problem is not on an ubuntu server but on an RHEL server, but it should be distribution indipendent...
[10:02] <Jordan_U> xoen: You can fix the problem by chowning .ICEauthority back to them instead of root, but the problem will come back if they keep using sudo with GUI apps.
[10:03] <xoen> Jordan_U: I think it's a problem of permissions...but not so trivial
[10:04] <xoen> I mean, from root I can't run #chown -R username:username /home/username
[10:04] <xoen> !
[10:05] <alex88> hi guys..i've ubuntu server 10.04, is possible to install a light desktop manager and connect via vnc or something else?
[10:09] <xoen> Jornan_U: maybe I've found a solution for my problem, the .ICEauthority file is created the first time the user login by the X server, so I will try to log in every user phisically and see if this fix the problem. BTW thank you very much ;)
[10:11] <Jordan_U> xoen: Please don't ask RHEL questions in #ubuntu-server again, it can often waste people's time when instructions that should work for Ubuntu fail to work for you (one person in #ubuntu wasted 2 hours with 3 people helping him because he was using backtrack but wouldn't admit it).
[10:12] <xoen> Jordan_U: but I've just asked information about ~/.ICEauthority, a file present in every distribution
[10:12] <alex88> Jordan_U: hhahaha.. :)
[10:12] <Jordan_U> xoen: If you feel that Ubuntu has better community support that is a reason to use Ubuntu, not a reason to ask RHEL questions in Ubuntu channels.
[10:13] <xoen> Jordan_U: is not Ubuntu GNU/Linux too?
[10:13] <Jordan_U> xoen: You can't easily know that a question is not distribution specific unless you understand the problem. If you had understood the problem you wouldn't have needed to ask the question in the first place :)
[10:15] <xoen> Jordan_U: But I've not asked about the .ICEauthority because it can't be created easily and I didn't found nothing in internet, BTW I'm sorry if my question created some problem to someone, I'm sorry
[10:15] <xoen> *I've just asked...
[10:15] <alex88> and also this is not #GNU/linux so if you have that problem not on ubuntu we are not here to help you
[10:16] <Jordan_U> !mint | xoen
[10:16] <alex88> btw i think there is no problem
[10:16] <xoen> :(
[10:17] <Jordan_U> xoen: And that message is only related to Ubuntu based distros, you can see that RHEL is a much more different beast :)
[10:18] <Jordan_U> xoen: #linux is often good for general linux support.
[10:18] <xoen> OK, sorry if I disturbed here
[10:19] <alex88> so..no help about my ubuntu question? :P
[10:19] <alex88> j/k
[10:25] <christopher22> hello I aksed this question on the Python channel.. but they redirected me to this channed..
[10:25] <christopher22> i'm having some problems with the locale settings of Python
[10:25] <christopher22> I keep getting: unsupported locale setting
[10:26] <christopher22> so I was wondering how I could see which locales are supported by my Ubuntu server
[10:27] <alex88> christopher22: try sudo dpkg-reconfigure locales
[11:15] <gdowle> Hi, I cannot use my Metakeys, which are defined in /etc/inputrc, under X. On a console everything works fine. On a SLES machine with the same /etc/inputrc, the Metakeys are also working under X.
[11:24] <amagee> hey i'm following https://help.ubuntu.com/community/EC2StartersGuide to try and get ubuntu 10.04 setup on ec2
[11:24] <amagee> i'm up to step 2 in "Installing the API tools", where it says to use the path $HOME/<where your private key is>/pk-XXXXXXXXXXXXXXXXXXXXXXXXXXXX.pem in .bashrc
[11:25] <amagee> but i don't know what this file is supposed to be.  is it the same .pem file i created and used to connect to the server?
[11:31] <alex88> amagee: just try
[11:31] <alex88> :)
[11:32] <amagee> ah.. is that the x.509 certificate?
[11:32] <amagee> ok it's starting to make a bit more sense
[11:38] <amagee> i think the problem is that the instructions to get the x.509 are wrong, so i thought that the key that i generated with "key pairs" was what they were talking about in the later step
[11:52] <amagee> another question:  i've just tried to install xfs by "sudo apt-get install xfs", which seemed to be successful, but i then type "sudo modprobe xfs" it says "FATAL: Module xfs not found."
[12:17] <soren> amagee: Two problems:
[12:17] <soren> amagee: xfs is the X font server. It's got nothing to do with the XFS filesystem.
[12:17] <soren> amagee: You want xfsprogs
[12:18] <amagee> sorry, yeah, that's what i meant.  i installed that.
[12:18] <soren> amagee: and, the module is in the kernel package, not the xfsprogs package.
[12:18] <soren> amagee: So availability of the xfs kernel module depends on the kernel package installed.
[12:18] <soren> amagee: which kernel are you using?
[12:18] <amagee> i'm not sure.. how do i find out?
[12:19] <soren> uname -r"
[12:19] <soren> gives a hint.
[12:19] <soren> Without the ".
[12:19] <amagee> 2.6.32-305-ec2
[12:19] <soren> Ah.
[12:19] <soren> Don't know about those.
[12:20] <amagee> what would you suggest i do?
[12:26] <soren> Wait for someone who cares about EC2 :)
[12:26] <amagee> heh
[12:26] <amagee> i might just use ext4 for the time being
[13:14] <a_ok> can someone please for the love of ubuntu tell me WHERE I can configure this: https://help.ubuntu.com/community/DisklessUbuntuHowto#Static IP
[13:15] <a_ok> I have seen this notation in about 7 different locations but never ever is mentioned where you are supposed to put it
[13:15] <benedikt_> Where does KVM/libvirt like to store the virtual disks?
[13:15] <benedikt_> I'm wondering how to map the filesystems over different disks
[13:15] <pmatulis> benedikt_: /var/lib/libvirt/images
[13:16] <benedikt_> thanks!
[13:16] <a_ok> benedikt_: you can specify the location of your image any time
[13:16] <benedikt_> is "virtualization" in tasksel kvm and libvirt?
[13:16] <benedikt_> a_ok: i know, i just like to keep default settings, otherwise it always end up in a big mess
[13:16] <pmatulis> benedikt_: yes
[13:17] <a_ok> benedikt_: we are using luns on a San so not much of a choise or a mess here
[13:22] <Pici> a_ok: It looks like you can specify those options as kernel parameters. See #2 here: http://fscked.org/writings/clusters/nfsroot.txt
[13:24] <pmatulis> a_ok: also, bug #175324 is marked as fixed
[13:24] <a_ok> Pici: thanks that actually makes sence. now I only need to know how to configure it with grub2
[13:26] <a_ok> pmatulis: Actually I am booting from iSCSI. That is something that seems to be untested (had to modify the initrd init script so the drivers where loaded). Besides I am using a seperate network to the San that has no dhcp
[13:27] <a_ok> Do i need to add the parameter to the linux line or start a new line starting with ip?
[13:27] <pmatulis> a_ok: the kernel line
[13:28] <a_ok> pmatulis: thanks
[13:46] <pascalou> hi here, anyone around using  clonezilla or some similar tool?
[13:48] <guntbert> !anyone | pascalou
[13:50] <pascalou> well, i d like to know if i can make/edit a dvd/usb stick of typically clonezilla which would allways get me a french menu with french keyboard, mounting always the same samba share and giving 2 options with the images there,  clone from a chosen images from repository , make a ghost and upload it to the repository
[14:03] <zul> if something is running from inetd say like a dovecot server it should show up when you do a netstat -atuvpn?
[14:05] <Brumle> zul: only inetd would show up there listening on the ports configured for dovecot. Be it imap or pop ports
[14:25] <alvin> Is there an smb.conf option to give certain hosts read-only access? (like 'hosts deny', but with read access)
[14:58] <Daffy_> Has anyone got any experience with tinyproxy?
[15:03] <zul> jcastro: ping
[15:04] <jcastro> pong
[15:05] <zul> jcastro: have you seen this for daily builds? http://launchpadlibrarian.net/51625554/buildlog.txt.gz
[15:06] <jcastro> the aptitude thing
[15:06] <jcastro> yeah, iirc I saw someone with a branch working on it? maybe lamont?
[15:32] <katsa> hello
[15:32] <katsa> anyone encountered a "Could not open the requested SVN filesystem" error with subversion before?
[15:35] <katsa> nvm, found the problem
[16:35] <hallyn> kirkland: gr, lh clean --binary && lh build  is rebuilding my chroot.  FAQ said it would leave my chroot!
[16:37] <kirkland> hallyn: grr, yeah, i just start clean every time
[16:37] <kirkland> hallyn: it only takes me 8 minutes to build from scratch here
[16:40] <hallyn> kirkland: yes but i hand-built an initrd.img that i wanted tostick in there
[16:49] <kirkland> hallyn: ah
[16:49] <kirkland> hallyn: talk to Cody, if you hit lh troubles
[16:49] <kirkland> hallyn: he knows it well
[16:49] <kirkland> hallyn: maybe find him in #ubuntu-devel or somewhere
[16:50] <SpamapS> lh?
[16:50] <kirkland> hallyn: sorry, cody-somerville on IRC
[16:50] <kirkland> SpamapS: live-helper
[16:50] <SpamapS> cool
[16:51] <SpamapS> kirkland: did you use that to build the USB key image?
[16:51] <webPragmatist> if my rsync is stuck at sending incremental file list how can i troubleshoot this
[16:54] <SpamapS> webPragmatist: did you give it '--progress' or '-P' ? that usually shows how fast its going/how long it has to go
[16:54] <webPragmatist> ya
[16:54] <webPragmatist> i'm try running it too
[16:54] <webPragmatist> dry*
[16:55] <SpamapS> webPragmatist: ahh is it a giant list of files?
[16:55] <webPragmatist> ya probably
[16:55] <webPragmatist> can i get disk usage like iftop
[16:55] <SpamapS> iostat works for that
[16:55] <webPragmatist> rather disk write/reads
[16:56] <SpamapS> oh per process? not sure, maybe 'atop' but that one requires kernel patches I think.
[16:56] <webPragmatist> iostat doesn't exist/
[16:57] <SpamapS> webPragmatist: vmstat 5 5
[16:57] <webPragmatist> uh hrm
[16:57] <webPragmatist> atop no clue how to read this
[16:58] <SpamapS> webPragmatist: RDDSK/WRDSK
[16:58] <SpamapS> thats the stats on IO for that process
[16:58] <webPragmatist> this vmstat stuff i guess bi and bo
[16:58] <webPragmatist> are the important
[16:59] <SpamapS> webPragmatist: yeah. "in" can also be interesting, interrupts.
[16:59] <webPragmatist> well it's like nothing like 200
[16:59] <webPragmatist> my guess is its not really creating this list
[17:00] <webPragmatist> its just stuck
[17:00] <SpamapS> webPragmatist: probably waiting for the other side
[17:00] <SpamapS> webPragmatist: you can try running it with 'strace rsynx blah blah'
[17:00] <SpamapS> webPragmatist: but that may overwhelm you with information. ;)
[17:01] <webPragmatist> better than nothing
[17:02] <webPragmatist> its stuck trying to "select()" a dir
[17:04] <SpamapS> webPragmatist: no, select() doesn't really work on dirs AFAIK
[17:04] <SpamapS> webPragmatist: select() would be on a socket/file waiting for activity
[17:05] <SpamapS> webPragmatist: probably the remote connection
[17:05] <webPragmatist> well what it says is select(6, [5], [], NULL, {60, 0}) = 0 (Timeout)
[17:05] <webPragmatist> 6 i guess is the dir name
[17:05] <SpamapS> no
[17:06] <SpamapS> webPragmatist: 'man select'
[17:06] <SpamapS> webPragmatist: 6 is the number of files to "select"
[17:06] <SpamapS> webPragmatist: [5] is the array of file descriptors .. so just 5
[17:06] <webPragmatist> oh i thought it was just a function in rsync
[17:06] <SpamapS> webPragmatist: you'd need to see where open() or socket() returned = 5
[17:06] <SpamapS> webPragmatist: no, strace only shows syscalls
[17:06] <webPragmatist> i see
[17:07] <SpamapS> webPragmatist: its one of those things that I've decided *I CANT LIVE WITHOUT* ;)
[17:07] <webPragmatist> so whats your guess on whats happening?
[17:07] <webPragmatist> local io error or remote?
[17:18] <SpamapS> webPragmatist: I'd check the remote box out in the same way you're checking the local one
[17:21] <webPragmatist> would you just run the rsync in revers?
[17:22] <SpamapS> webPragmatist: no
[17:22] <SpamapS> webPragmatist: go to the other box, and run things like 'top' and 'vmstat' and see what that box is doing
[17:25] <webPragmatist> eventually i got something like write failed broken pipe blah blah one sec i'll psatie
[17:25] <webPragmatist> pastie*
[17:26] <webPragmatist> SpamapS: poo eventually i got http://pastie.org/1037672
[17:27] <webPragmatist> after a bunch ot timeouts
[17:30] <SpamapS> webPragmatist: what version of rsync is this?
[17:31] <webPragmatist> 3.0.7
[17:31] <SpamapS> webPragmatist: ok.. hm.. maybe try a smaller directory tree?
[17:31] <webPragmatist> :(
[17:41] <SpamapS> webPragmatist: did you run with '-v' ?
[17:42] <webPragmatist> yes
[18:54] <cybrocop> Hello. On UEC, what is the relationship between   eucalyptus.conf and eucalyptus.local.conf? For instance, if I want to change the VNET_SUBNET variable, which file do I edit.
[18:58] <cybrocop> smoser: Any idea on this? I change the variable in both files across my CC and all my nodes, then whenever I try to launch an instance, I get this error: "Not enough resources available: addresses (try --addressing private)"
[18:58] <smoser> well, a couple things.
[18:58] <smoser> i think the files say which one to update
[18:59] <smoser> they say to edit /etc/eucalyptus/eucalyptus.conf
[19:00] <smoser> hand as far as VNET_SUBNET i would think you need to set that on the CC.
[19:00] <smoser> then, as suggested in eucalyptus.conf file, do 'sudo restart eucalyptus-cc CLEAN=1'
[19:00] <cybrocop> Initially, I only modified eucalyptus.conf, but when I restart the service, the changes aren't sync'd to eucalyptus.local.conf  and I get the errror above.
[19:01] <cybrocop> smoser: I have restarted eucalyptus-cc with CLEAN=1 option.
[19:01] <smoser> they're not synced to .local.conf.
[19:01] <smoser> they wont be.
[19:01] <smoser> and make sure you dont have it in both places.
[19:01] <smoser> as that is undeinfed behavior i think.
[19:01] <smoser> but i would think this would take...
[19:02] <smoser> i aplogize for not knowing more. maybe kirkland` does
[19:02] <cybrocop> smoser: the VNET_SUBNET was already present in local.conf
[19:02] <cybrocop> only it was the wrong setting: VNET_SUBNET="172.19.0.0"
[19:02] <cybrocop> in my eucalyptus.conf, I changed  this to be VNET_SUBNET="192.168.0.0" and did a "restart eucalyptus-cc CLEAN=1"
[19:04] <cybrocop> now, I had 2 files, each with a different VNET_SUBNET setting. I changed eucalyptus.conf's VNET_SUBNET to "172.19.0.0" (initially it was null).. restarted cleanly again, and I'm still having problems launching instances.
[19:06] <smoser> cybrocop, i'm sorry, i can't be much more help there. I can't say that i've played with that all that much.  you might try in #eucalyptus.
[19:07] <cybrocop> smoser: thanks. I'm coming here from #eucalyptus, they can't help me because the problem seems to be the discrepancy between eucalyptus.conf and eucalyptus.local.conf (which is a Ubuntu addition)
[19:08] <smoser> well, make sure it only occurs in one of them
[19:08] <smoser> and that its right
[19:08] <smoser> and restart.
[19:08] <smoser> then, i am not certain how that setting propogates to nodes
[19:09] <smoser> or if it needs to
[19:09] <cybrocop> smoser: all the settings in my local.conf already have been set in the original.
[19:09] <cybrocop> smoser: can I just delete all the settings in local.conf i.e. make it an empty file.
[19:20] <kaushal> hi
[19:20] <kaushal> as per the link http://webapps.ubuntu.com/certification/list/?release=8.04%20LTS&category=Server
[19:20] <kaushal> what does Ready mean ?
[19:21] <kaushal> and how is it different from certified
[19:23] <jpds> kaushal: It was certified by the manufacturer, not by Canonical.
[19:26] <kaushal> so certified means by canonical ?
[19:26] <jpds> Yes.
[19:26] <kaushal> Ready means by manufacturer ?
[19:26] <smoser> cybrocop, i'm really sorry i couldn't help you.
[19:27] <cybrocop> smoser: np, thanks for trying.
[19:27] <smoser> actually.. i'd at least try restart eucalyptus CLEAN=1
[19:27] <smoser> (not eucalyptus-cc, but eucalyptus)
[19:28] <jpds> kaushal: Yes.
[19:28] <kaushal> jpds, so i should emphasize on certified and not on ready ?
[19:29] <jpds> kaushal: Either one, depends who you want support from.
[19:30] <kaushal> oh ok
[19:30] <kaushal> jpds, Thanks
[20:06] <prodcutnews> hi
[20:09] <maek> anyone good at pxe? I have /var/lib/tftpboot and when I copy the contents of the netboot.tgz it works with symlinks and stuff in sub dirs for the kernel, but when I move the default config or the location of the kernel subdirs no longer work
[20:11] <smoser> maek, tftp often runs chrooted
[20:11] <smoser> which changes paths and such
[20:12] <prodcutnews> i had problem with gnome-terminal, its getting close immediately  , what might be the reason, ALT+F2 followed with xterm command is working ? whatz wrong with gnome-termianl ?
[20:13] <maek> smoser: im using relative paths from my tftp entry point of /var/lib/tftpboot - just very confusing. when I use the stock ubuntu files it works fine with symlinks and kernels in sub dirs. once I move things and reconfig sub dirs dont work. thanks ill look more
[20:18] <prodcutnews> i did mount command on xterm, i couldnot understand anything there, i have problem gnome-terminal, yesterday laptop shutdown twice, with cpu sounded heavily when i visited site  www.lazydesis.com, now im reading about the topic "instrusion into linux", once i was windows freak later came into linux, but now i feel "AM i SafE"
[20:32] <osmosis> im getting serious disk write lag in guests on kvm ubuntu 10.04. And Im using virtio.  Easy to duplicate, i just rync a large folder locally, and it brings the server to a temporary halt...eventually recovers.
[20:33] <osmosis> I see one of the cpu cores in the guest get stuck at 100% use for a while when this happens.
[20:36] <EtienneG> hey guys
[20:36] <EtienneG> in eucalyptus, are we still using vtun for inter-cluster communication?  are there another option?  hggdh, kirkland ?
[20:40] <lifeless> EtienneG: inter or intra?
[20:41] <EtienneG> lifeless, inter
[20:41] <EtienneG> lifeless, as in, you have two cluster
[20:41] <lifeless> ah, I haven't played with that yes.
[20:41] <lifeless> s/yes/yet/
[20:41] <EtienneG> lifeless, indeed.  eucalyptus built it using vtun
[20:42] <EtienneG> vtun is in universe, because it is insecure
[21:04] <EtienneG> does anyone knows where to declare static routes (other than the default one, that is)?  Google says I have to drop a script in /etc/network/if-up.d/, but there *has* to be a better way
[21:05] <giovani> EtienneG: "better" how?
[21:05] <EtienneG> giovani, huh?
[21:05] <EtienneG> giovani, better than writing a script from scratchm duh.
[21:06] <giovani> EtienneG: I don't know why you think that's a bad solution, so I'm unclear on how we can offer you a better solution
[21:06] <giovani> oh, well that's how you do it
[21:06] <giovani> sorry
[21:06] <EtienneG> too bad
[21:06] <giovani> that's how linux works, it's a bunch of scripts
[21:06] <EtienneG> giovani, just FYI, Red Hat has a config file where you declare static route.  That's what I would call "better".
[21:07] <giovani> but the "script" you'd be writing is a single, very simple line per route
[21:07] <giovani> it's no effort at all
[21:07] <EtienneG> giovani, indeed.  It'd still a hack.
[21:07] <giovani> a hack? no -- all redhat is doing is running a script that reads that file and executes the same commands
[21:07] <giovani> it's just partially hidden
[21:08] <giovani> so in debian based oses
[21:08] <giovani> there's a file called interfaces which prevents you from having to write your "own script" -- but really, it's the same amount of work
[21:08] <giovani> man interfaces if you'd like to do it that way
[21:08] <soren> EtienneG: Just put it in /etc/network/interfaces.
[21:09] <EtienneG> soren, as a pre-up directive?
[21:09] <soren> EtienneG: No, up.
[21:09] <EtienneG> soren, ah, ok
[21:09] <soren> EtienneG: At pre-up time, it probably won't work (depending on the type of route).
[21:09] <EtienneG> soren, right
[21:10] <EtienneG> still, I am baffled that there is no standard mechanism to add static route in Debian-derived OS.
[21:10] <giovani> that is a standard mechanism
[21:10] <EtienneG> yeah, yeah
[21:10] <giovani> you're clearly used to being blinded from how things are done under the hood
[21:11] <soren> EtienneG: That really is the standard mechanism.
[21:11] <giovani> 'route' is the user-friendly way
[21:11] <EtienneG> giovani, I usually prefer ip, but that's just me
[21:11]  * soren too
[21:12] <giovani> use whatever you like, it's all still /proc/net/route
[21:12] <EtienneG> soren, hard-coding a command in interfaces?  really seems wrong to me (still better than to add a script to if-up.d/, though)
[21:12] <giovani> EtienneG: what benefit do you think there is to abstracting the addition of a route beyond the route command?
[21:13] <giovani> it's the same amount of typing, it's executing an identical task
[21:13] <soren> giovani: For the same reason that you don't run ifconfig or dhclient manually,but use /etc/network/interfaces.
[21:14] <soren> I'll leave it as an exercise to the reader to work out that reason.
[21:14] <soren> Or those reasons, rather.
[21:14] <giovani> soren: I don't see any benefit to it for settings like IPs, etc -- the framework of if-up, etc makes sense -- execute things in a specific sequence, at the same time, etc
[21:15] <giovani> but executing a script that uses a file to set some variables when the command itself is simple doesn't offer any value
[21:16] <soren> giovani: Please don't tell you you don't specify address in your interfaces file, but instead have a "up ifconfig $IFACE 10.10.10.10" line?
[21:16] <giovani> don't get me wrong, I'm not saying it shouldn't exist -- just that there's no reason to complain when such a method for a particular task doesn't exist
[21:16] <giovani> soren: I'm telling you the two are equally usable, that's all
[21:16] <soren> Making such things come into existence starts with someone complaining (possibly to oneself) about it.
[21:18] <giovani> complaining about such things is a waste -- there's a long list of stuff that needs automation before it
[21:23] <soren> bah
[21:24] <coxn> so, I'm trying to do this: ubuntu-vm-builder kvm --dest /virtual-machines/testhost --ip 10.0.1.62 -c /etc/vmbuilder/confs/lucid-default.cfg
[21:24] <coxn> and here's the .cfg file: http://paste.ubuntu.com/461277/
[21:25] <coxn> but the firstboot isn't getting called
[21:25] <coxn> any help troubleshooting would be appreciated
[21:28] <soren> coxn: Can you run vmbuilder with --debug and paste the output somewhere?
[21:29] <coxn> soren: yes. I will come back when I have done so.
[21:31] <soren> coxn: Cool beans.
[21:33] <coxn> that is a great nick
[21:39] <coxn> soren: fascinating. looks like it was failing a perl dependency silently. I'll chase this a bit and paste you some debug output if I get stuck. Thanks!
[21:41] <soren> coxn: No problem.
[21:43] <chewbranca> hi, I'm using the Lucid 64 bit ec2 AMI that uses EBS for its root partition, and I'm trying to figure out the best approach to move /var/lib/mysql to a separate EBS volume, any ideas?
[22:13] <TMX> is it possible to install ubuntu-server via ssh using the standard server iso?
[22:26] <coxn> 2010-07-09 17:23:33,777 DEBUG   : Calling deploy method in VMBuilder.plugins.network plugin.
[22:26] <coxn> 2010-07-09 17:23:33,777 DEBUG   : No such method
[22:27] <coxn> 2010-07-09 17:23:33,796 DEBUG   : Calling deploy method in VMBuilder.plugins.ubuntu.distro plugin.
[22:27] <coxn> 2010-07-09 17:23:33,796 DEBUG   : No such method
[22:27] <coxn> hurm.
[22:29] <CppIsWeird> i have a process that i started via ssh. this process is still running and may run for a very long time. However, I would like to terminate the ssh session. is there any way to transfer this process to another use or something so that when i terminate the ssh session the process does not terminate?
[22:30] <coxn> CppIsWeird: can you kill it and restart without losing what has already been done?
[22:31] <CppIsWeird> no, not that im aware of.
[22:31] <coxn> CppIsWeird: because the way to do that is to stick it inside gnu screen from the beginning
[22:36] <soren> coxn: Those are not errors.
[22:37] <soren> coxn: They're debugging information. It even says DEBUG in all caps :)
[22:37] <webPragmatist> I know there's no particular place but where would you guys store .htpasswd files
[22:37] <soren> /etc
[22:37] <soren> They're config files.
[22:38] <webPragmatist>  /etc/apache2/conf.d ?
[22:38] <soren> No.
[22:38] <soren> Stuff in /etc/apache2/conf.d gets treated as apache config files.
[22:38] <webPragmatist> oh right
[22:39] <webPragmatist> so maybe make a dir /etc/htpasswd ?
[22:39] <soren> webPragmatist: /etc/apache2/htpasswd, perhaps.
[22:39] <soren> (as a directory)
[22:39] <webPragmatist> okay
[22:40] <webPragmatist> when httpd runs does it read those files as root or do i need to make them owned by www-data
[22:40] <soren> Apache runs as www-data.
[22:41] <soren> So www-data (or a group of which www-data is a member) must have read privileges.
[22:41] <webPragmatist> okay
[22:41] <webPragmatist> would you protect it other than just root +r
[22:41] <webPragmatist> like would you prevent others from reading it
[22:42] <soren> Probably.
[22:46] <peeps[work]> when do cron.daily scripts run?  midnight?
[22:54] <webPragmatist> it's random if i recall
[22:56] <webPragmatist> For daily, it checks if the current time is greater than (or exactly) 24 hours past the timestamp of the /var/spool/cron/lastrun/cron.hourly file.
[22:56] <webPragmatist> cron.daily*
[22:56] <webPragmatist> something like that
[22:57] <webPragmatist> if you need to have it run at a certain time use crontab
[22:57] <coxn> okay so, soren ... I don't see any reference to firstboot here: http://paste.ubuntu.com/461306/
[22:58] <webPragmatist> peeps[work]: ^
[22:59] <coxn> I got that by tacking a "2>&1 | tee /root/testbuild.txt" to the end of my ubuntu-vm-builder line and looking in the file... I suppose I could upload that file somewhere....
[23:02] <peeps[work]> webPragmatist, ok, thanks
[23:05] <panfist> how does one control which services are started automatically on system start?
[23:07] <upbeatlinux> http://www.tin.org/bin/man.cgi?section=8&topic=update-rc.d
[23:10] <webpragmatist1> out of curiousity... is it a stupid idea to use the snakeoil private key that is generated by ubuntu instead of a new key for each ssl?
[23:10] <giovani> webpragmatist1: phenomenally stupid
[23:11] <webpragmatist1> whats the snakeoil used for
[23:11] <giovani> as a test
[23:11] <giovani> if you want an ssl cert that's accepted by most browsers/ssl clients for free, try startssl
[23:12] <webpragmatist1> oh it's okay my host provides them for freebies
[23:12] <giovani> excellent, use those
[23:20] <coxn> hmmmm
[23:20] <coxn> # grep -ic login /usr/share/pyshared/VMBuilder/contrib/cli.py
[23:20] <coxn> 0
[23:22] <panfist> upneatlinux i don't know why i was under the impression this wasn't the right way to do things in lucid...that there was another layer on top that was preferred or something
[23:22] <panfist> upbeatlinux *
[23:23] <coxn> soren: should I be using something newer than the VMBuilder that ships with lucid if I want to have a firstboot script?
[23:27] <soren> coxn: Yeah, there's a PPA.
[23:27] <T3CHKOMMIE> hey guys, trying to reconfigure my netgear switches from the ground up, anyone familiar with Vlans?
[23:27] <soren> coxn: What's with the grep thing?
[23:31] <coxn> soren: that file has the options that it will parse, so there should be a match if '--firstlogin' is an option.
[23:31] <soren> coxn: No.
[23:32] <coxn> no which? no it should not match?
[23:32] <soren> coxn: Settings are defined all over the place. Specifically, the firstlogin option is defined in the firstscripts plugin.
[23:32] <coxn> ahh
[23:32] <coxn> I will look there
[23:32] <soren> coxn: Still, it won't work with the version in Lucid.
[23:33] <soren> coxn: You need the version in the PPA.
[23:36] <millerd> Hey #ubuntu-server I have a question
[23:37] <SpamapS> Hey millerd, we have .. enthusiasm.. and hopefully answers! :)
[23:37] <millerd> How easy is it if I want to have all the computers in the domain to run apt-get update and then upgrade? Haha thanks for the enthusiasm :)
[23:38] <panfist> i had bind9 server installed, then i removed it with APT. now, when the server boots it still tries to start bind9 and complains that a named binary is gone
[23:38] <millerd> I'm trying to delve into Ubuntu Server as an alternative to Windows Server
[23:43] <ScottK> panfist: That shouldn't happen, but the simple solution is reinstall it and then instead of removing it, purge it.
[23:45] <osmosis> i got some strange error about   echo 0 > /proc/sys/kernel/hung_task_timeout_secs
[23:50] <millerd> From the server, how do I tell computers in the domain update themselves?
[23:59] <osmosis> BUG: soft lockup - CPU#0 stuck for 61s! [kdmflush:275]
[23:59] <cybrocop> Hi All. In UEC, is it possible to download some of the images from the image store manually?
[23:59] <cybrocop> so that I can give it a custom (more user-friendly) bucket name?