[00:00] <pittstains> not sure how else i'd unmount it because it's a remote server and the OS (/, /boot, everything) lives there
[00:02] <Jordan_U> pittstains: You should *never* run fsck on a mounted extn filesystem.
[00:02] <pittstains> i thought it was safe with the -ns flags
[00:02] <pittstains> read-only mode
[00:02] <pittstains> am i wrong about that?
[00:03] <Jordan_U> No, that's correct.
[00:04] <pittstains> Jordan_U: whew! so any idea about the proper way to repair it, given my circumstances?
[00:06] <Jordan_U> pittstains: I think that even though it's safe, running fsck on a mounted system isn't meaningfull as a mounted FS looks like a broken one (the journal looks like it needs to be replayed, parts of the FS read earlier are inconsistent with parts read later if something changed)
[00:07] <Jordan_U> pittstains: So you can "sudo touch /forcefsck" to cause an fsck to be run at next boot, but don't be too worried about errors from fsck on a mounted fs.
[00:08] <pittstains> Jordan_U: thanks for that info.  i generally don't work too close to the filesystem, so that's helpful info.  however, i think i actually do have a problem: i deleted a large file and dh gives me the same output.
[00:08] <pittstains> also, the file deleted instantly.... usually there's a little lag for big files
[00:09] <pittstains> Jordan_U: will the forcefsck file be deleted after the next boot?  also, which log should I check to see the results of the check?
[00:09] <Jordan_U> pittstains: Do any applications still have the file open?
[00:10] <pittstains> good question... it was a log file being written to by Apache (it had grown to 10GB)
[00:10] <Jordan_U> (you can check that by running "sudo fuser /path/where/the/file/was".
[00:10] <pittstains> doesn't show up under ls any more.... running fuser now...
[00:11] <Jordan_U> pittstains: In unix files aren't truly deleted untill no references to them exist, that includes hard links and open file handles.
[00:12] <pittstains> fuser says no such file or directory... if i restart apache that should close any handles though
[00:13] <Jordan_U> pittstains: Try "sudo lsof | grep /path/to/file" instead.
[00:14] <pittstains> lsof not found?
[00:14] <Jordan_U> That's surprising, are you sure you spelled it correctly?
[00:16] <pittstains> LSOF, right?
[00:16] <fallous> should be in /usr/bin/
[00:17] <pittstains> oh, i forgot this is a debian box and not ubuntu -- should be the same though, right?
[00:18] <Jordan_U> pittstains: sudo apt-get install lsof, and let's continue this in #debian since it's off topic here.
[00:19] <pittstains> thanks, jordan
[00:24] <yabbo> looks like ubuntu doesnt support this system
[00:24] <yabbo> that sucks
[00:25] <yabbo> too old of a dell
[00:27] <yabbo> exit
[00:30] <pittstains> for anyone who was following my convo with Jordan_U, the reason the file didn't delete is that Apache was still using it.  restarting Apache freed up the file to be deleted, and df now reports as expected.
[00:33] <DukeOfMilan> I'm trying to Kickstart a server but getting "bad archive mirror" w/ us.ubuntu.com/ubuntu, any ideas?
[00:35] <jpds> DukeOfMilan: It's us.archive.ubuntu.com
[00:36] <jpds> DukeOfMilan: Which are part of the US is the server physical based?
[00:37] <DukeOfMilan> Right, sorry--typed it wrong.  This is what I'm using: http://us.archive.ubuntu.com/ubuntu
[00:37] <DukeOfMilan> SF Bay area
[00:37] <jpds> That should work.
[00:38] <DukeOfMilan> Here's the line from ks.cfg:
[00:38] <DukeOfMilan> url --url http://us.archive.ubuntu.com/ubuntu
[00:38] <jpds> DukeOfMilan: You might want to use http://mirrors.us.kernel.org/ubuntu/ instead however - as that's based in California.
[00:39] <DukeOfMilan> Hmm, I'll try that, thanks.
[00:39] <DukeOfMilan> Can I just use it like that in the ks.cfg, or do I need to add: dists/lucid or anything more specific?
[00:41] <jpds> I'm looking for Kickstart documentation on it just to be sure.
[00:42] <DukeOfMilan> It didn't like the url I was using, and it takes like 15min to get to the part of the install where it fails.
[00:44] <DukeOfMilan> I'm using "The Official ubuntu Server Book" as a guide, btw.
[00:48] <jpds> DukeOfMilan: As far as I can see, that line should be fine.
[00:49] <DukeOfMilan> I'm trying: url --url http://mirrors.us.kernel.org/ubuntu
[00:49] <DukeOfMilan> I'll know in about 15min if it worked. :)
[00:50] <jpds> DukeOfMilan: http://ubuntuforums.org/showthread.php?t=880829 describes what it's trying to do internally.
[00:52] <DukeOfMilan> jpds: same error message I'm getting, maybe same issue.
[00:57] <ruben23> hi guys when i install ubuntu-server using a sas HDD do i need to laod drivers during the install or no need..?
[00:57] <qman__> ruben23, if it works, then no
[00:58] <qman__> "installing drivers" is basically a thing of the past
[00:58] <ruben23> ok
[00:58] <qman__> either it's in the kernel or it isn't, as long as you run the latest updates
[00:59] <qman__> and if it isn't in the kernel, but does exist, you'd have to compile it yourself anyway, quite the task
[01:00] <silentwhisper> sir jeeves
[01:01] <ruben23> hi si rt-kernel used by ubuntu-server studio..?
[01:01] <silentwhisper> my server is access denied
[01:01] <silentwhisper> pls help how to troubleshoot
[01:02] <silentwhisper> anyone pls help
[01:03] <qman__> !details | silentwhisper
[01:05] <silentwhisper> when i try to browse http://bits.ath.cx
[01:05] <silentwhisper> access denied appears on the screen
[01:05] <silentwhisper> within the network ok
[01:05] <silentwhisper> but outside the network access denied appear
[01:06] <ruben23> any used rt kernel on ubutu-server..?
[01:07] <silentwhisper> it been a week i keep receiving this error
[01:07] <silentwhisper> i was able to make right less than a week
[01:08] <silentwhisper> untill access denied appears
[01:09] <qman__> silentwhisper, what software are you using? what do you expect to see? what authentication mechanism is in use?
[01:10] <silentwhisper> im using ubuntu 10.04 deskstop and installed apache2
[01:10] <silentwhisper> at local host is says "it works"
[01:10] <silentwhisper> but in the internet error
[01:11] <qman__> silentwhisper, that access denied page is not an apache access denide page
[01:11] <qman__> first make sure that URL is pointing to your server, and that ports are forwarded
[01:11] <silentwhisper> http://paste.ubuntu.com/466724/
[01:12] <silentwhisper> yes sir im using dyndns
[01:12] <silentwhisper> and my port 80 is forwarded
[01:12] <silentwhisper> im using ddclient to update my ip regularly
[01:12] <silentwhisper> this http service is intermittent
[01:13] <qman__> silentwhisper, it is a DNS issue
[01:13] <qman__> accessing your IP works
[01:13] <qman__> http://120.28.128.42/
[01:13] <qman__> it isn't pointing to your IP
[01:13] <qman__> ;; ANSWER SECTION:
[01:13] <qman__> bits.ath.cx.		60	IN	A	222.127.223.69
[01:15] <silentwhisper> what seems to be the problem sir?
[01:15] <qman__> bits.ath.cx does not point to you
[01:16] <silentwhisper> how can i fix it?
[01:16] <qman__> so it's either the wrong URL, or your dyndns is configured wrong, or you have a dynamic IP and it's not updating
[01:16] <qman__> any number of reasons
[01:16] <silentwhisper> for sure i have dynamic ip
[01:17] <qman__> you need to have a script or service to update the IP information with dyndns
[01:17] <silentwhisper> because my service provide is for home user only
[01:17] <silentwhisper> how can i do that?
[01:17] <qman__> I don't know how to do it with dyndns.org, I use afraid.org myself
[01:18] <qman__> but there should be instructions at dyndns.org
[01:18] <silentwhisper> i'll check on it also
[01:22] <silentwhisper> thanks qman
[01:22] <silentwhisper> i'll try it
[01:23] <silentwhisper> how did you found out my hosts is not redirected correctly to my ip
[01:24] <qman__> the error page that was showing is not an apache error page, it's some other software
[01:25] <qman__> so then I compared the results of `dig bits.ath.cx` to the IP you are chatting from
[01:25] <qman__> and they are different
[01:25] <qman__> I then tested browsing to your IP, which worked
[01:26] <silentwhisper> wow
[01:26] <silentwhisper> thanks
[01:26] <silentwhisper> you can get my ip while were chatting?
[01:26] <qman__> yes
[01:27] <qman__> freenode does not obfuscate them
[01:27] <qman__>  /whois me, and you'll se mine
[01:27] <cjs> How do I detach a logical volume (i.e., make it disappear from /dev/mapper)?
[01:29] <cjs> Ah, vgchange -a n <name>.
[01:30] <silentwhisper> i type /whois qman but no output
[01:30] <qman__>  /whois qman__
[01:30] <silentwhisper> "/whois qman"
[01:30] <qman__> and it may not show up on this screen depending on your chat client
[01:31] <qman__> xchat shows it in the 'server' tab
[01:31] <silentwhisper> it does not show up
[01:31] <qman__> ah, you are using xchat
[01:31] <qman__> in that case, you can also right click on my name, and hover it
[01:32] <qman__> and it will show you
[01:33] <silentwhisper> real name,user,country
[01:33] <qman__> yes
[01:33] <qman__> under user, it shows you my IP, though my ISP has reverse DNS so it shows you the name
[01:34] <silentwhisper> reverse dns
[01:34] <silentwhisper> ah
[01:35] <Moltar> Hi.  I'm having a problem with a GPT formatted boot volume, my server gets a 'boot failure' after the installer has completed installing into the GPT partitions.  I'm using 10.04 server.  Could anyone suggest a fix or a way to troubleshoot this?
[02:37] <tcw> Does the latest ubuntu server edition do some kind of automatic NIC teaming in a default installation?
[03:22] <silentwhisper> help pls
[03:22] <silentwhisper> i have dynamic ip
[03:23] <silentwhisper> which is the best dns to use and easy to configure
[03:26] <twb> Any of the ones your PPP/PPPoE/PPPoA client can auto-update
[03:27] <twb> Since you're probably doing PPPoA on an appliance modem/router with its default proprietary firmware, that set may well be the empty set.
[03:32] <silentwhisper> which is easier to use dydns,no ip,afraid etc
[03:32] <silentwhisper> and which client is easier to configure
[03:32] <silentwhisper> i have a dynamic ip
[03:35] <twb> Most clients support a large number of providers.
[03:42] <silentwhisper> which client is easier to configure for different dns
[03:43] <twb> I can't comment on that.
[03:47] <silentwhisper> when you are setting a server using dynamic ip what client you usually use?
[03:50] <twb> I don't.  I have a class C.
[03:51] <tcw> years ago no-ip was pretty easy to use
[03:51] <tcw> havnt used it in 5+ years though
[03:51] <tcw> assume its only gotten easier
[03:54] <twb> What they all boil down to is a post-ACK hook that issues an HTTP POST with the appropriate username, password and IP fields.
[04:06] <tcw> how can i get a list of network interfaces in a machine (interfaces that currently are not brought up) i.e: i have added a secondary PCI NIC but I am unsure if it is classified by the system as eth1 or something else
[04:23] <twb> tcw: ip link show
[05:29] <Hilikus> hey guys
[05:30] <Hilikus> i have a backup system set up using passwordless ssh login. for some reason, if the user disconnect unexpectedly (their internet died) my system only realises the user disconnected after like 2-3 hours
[05:30] <Hilikus> any idea why is that?
[05:30] <Hilikus> is it rsyncd or is it sshd or what?
[05:33] <twb> Because you aren't using -oBatchMode=yes ?
[05:33] <Hilikus> where??
[05:34] <twb> In your .ssh/config or on the command line.
[05:34] <Hilikus> in the client's ssh client??
[05:34] <twb> In whatever is invoking SSH
[05:35] <Hilikus> and this is a switch in ssh? i'll look it up
[05:37] <Hilikus> sounds about right, but i still don't understand what it does
[05:37] <Hilikus> whats password querying??
[05:37] <Hilikus> i just want to make sure i'm not making my system more vulnerable my setting this to yes
[06:00] <silentwhisper> hi to all
[06:02] <silentwhisper> i learned setting webserver using apache
[06:03] <silentwhisper> what service i must learn next
[06:03] <silentwhisper> im studying on my own please guide mo
[06:03] <silentwhisper> guide me
[06:04] <silentwhisper> pls
[06:59] <Hilikus> silentwhisper: ssh? it depends what you're interested in?
[06:59] <Hilikus> samba?
[07:08] <larsemil> silentwhisper: what do you want to do?
[07:08] <larsemil> silentwhisper: you have php support? mysql? that would be something
[07:13] <kblin> hi folks
[07:14] <kblin> it looks like myu ipv6-only system only tries to look up A records for hostnames instead of AAAA records. is there a setting I need to pass to the resolver to make it look for IPv6 records as well?
[07:20] <kblin> ah, nvm, pebkac. I keep forgetting to use ping6
[07:28] <twb> Does lucid's slapd have that weird thing I heard about, where the config is stored *in* the database?
[07:37] <joschi> twb: yes
[07:37] <joschi> twb: but it's not specific to lucid
[07:37] <twb> Where can I read about that?
[07:37] <joschi> twb: it's the new, "better" way of configuration propagated by the openldap people
[07:37] <twb> "sudo -ux getent passwd x" fails, but "getent passwd x" works, which indicates there's a missing access parameter -- but on my 8.04 system BOTH work, and it has an identical slapd.conf
[07:38] <joschi> twb: unfortunately, it's still incomplete, e.g. it's not possible to configure the meta-backend through the cn=config interface
[07:38] <twb> joschi: well, I remember the #openldap people griping about Ubuntu adopting it before it was really ready
[07:38] <joschi> twb: http://www.openldap.org/doc/admin24/slapdconf2.html
[07:38] <joschi> twb: "Unlike previous OpenLDAP releases, the slapd(8) runtime configuration in 2.3 (and later) is fully LDAP-enabled and can be managed using the standard LDAP operations with data in LDIF."
[07:39] <twb> Does that mean that slapd.conf is not changed at all -- it's simply EXPOSED via the LDAP API?
[07:39] <joschi> twb: no. either you use the traditional slapd.conf, then it's just a read-only version in cn-config
[07:40] <joschi> twb: or you exclusively use cn=config and have no slapd.conf at all
[07:40] <joschi> twb: the data is then stored in /etc/ldap/slapd.d/...
[07:40] <joschi> twb: on the plus side, you can change slapd's configuration on the fly without a restart/reload using cn=config
[07:40] <twb> Hm.  I have a new lucid install (i.e. not upgraded), and it has a slapd.conf.  How did it get there, if Ubuntu doesn't use it by default?
[07:41] <joschi> twb: see /etc/default/slapd
[07:41]  * twb looks
[07:42] <twb> SLAPD_CONF= (i.e. the empty string) in there, which means "use slapd.conf" according to the comments.
[07:44] <joschi> twb: do you have a different ubuntu lucid than me? mine says: "If empty, use the compiled-in default (/etc/ldap/slapd.d)."
[07:45] <twb> Oh oh oh oh oh
[07:45] <twb> I'm very very very very stupid
[07:45] <twb> I forgot that the DESKTOPS are migrating 10.04, but the server is still hardy
[07:47] <twb> Sorry for wasting your time
[07:47] <silentwhisper> next i want to try i mail server
[07:47] <silentwhisper> can you guide me
[07:47] <twb> The problem must be elsewhere
[07:48] <silentwhisper> pls
[07:48] <Jeeves_> silentwhisper: Try the Ubuntu Server Guide
[07:48] <Jeeves_> Morning, all
[07:55] <silentwhisper> hi good am to you too
[07:56] <silentwhisper> here in our country, its 2 in the afternoon
[09:42] <ader10> My question is here: http://ubuntuforums.org/showthread.php?t=1535426 Please help if you can
[09:55] <zul> ivoks: around?
[10:02] <ader10> somebody answered my question
[10:47] <silentwhisper> need guide how to set up a typical mailserver
[10:47] <silentwhisper>            help
[10:49] <larsemil> silentwhisper: have you looked at the server guide?
[10:50] <larsemil> http://doc.ubuntu.com/ubuntu/serverguide/C/email-services.html
[11:07] <TeTeT> smoser: do you maintain the euca2ools for Karmic? there is a question in the answer tracker that looks like a bug to me: https://answers.launchpad.net/ubuntu/+source/eucalyptus/+question/118429
[11:35] <smoser> TeTeT, i will look later
[11:50] <andol> joschi: Just curious, you don't happen to be the same joschi the one on serverfault?
[11:50] <joschi> andol: I am
[11:51] <andol> joschi: Ok, was mostly curious, having seen the same nick both there and here.
[13:06] <kaushal> hi
[13:07] <kaushal> is there a way to know the controller card details on ubuntu server 8.04 ?
[13:07] <pmatulis> kaushal: start with 'lspci -vvnn'
[13:20] <kirkland> SpamapS: https://blueprints.edge.launchpad.net/ubuntu/+spec/server-maverick-uec-monitoring
[13:23] <_chris_> can i somehow tail the activity of a port ?
[13:34] <SpamapS> _chris_: sure, you can use tcpdump to sniff the traffic, or you could log using iptables
[13:47] <pmatulis> shouldn't 'mount -a' mount nfs shares?
[13:48] <SpamapS> pmatulis: unless it has a 'noauto' option
[13:49] <kirkland> ccheney: please push to lp:~uec-provisioning/uec-provisioning/trunk
[13:49] <pmatulis> SpamapS: thanks
[14:02] <_chris_> SpamapS, thx thats what i was looking for :)
[14:33] <andreserl> ttx, howdy!! Can you take care of bug #607835 when you have the time please?
[14:41] <ttx> andreserl: please subscribe me to it, will do in my next sponsoring spree if nobody beats me to it
[14:42] <andreserl> ttx, ok thanks :)
[14:49] <benedikt> where does libvirt/kvm store its disc images by default?
[14:56] <edwin_> i want to set up a mail server
[14:56] <edwin_> please guide me
[14:58] <kim0> edwin_: check this out https://help.ubuntu.com/community/Postfix
[15:05] <edwin_> thanks kim8
[15:05] <edwin_> but how can we retrieve the mail
[15:06] <edwin_> typically what i see is user can retrieve mail through website am i right?
[15:06] <\sh> edwin_: http://workaround.org/ispmail/lenny <- this is for debian, but works on ubuntu...follow the steps...
[15:07] <edwin_> postfix is commandline type
[15:07] <edwin_> not gui type
[15:07] <edwin_> for user
[15:10] <kim0> edwin_: you'd need a webmail (which is a separate thing) .. try http://openwebmail.lagmonster.org/  or atmail.com
[15:10] <kim0> edwin_: or search for zimbra.com .. it's an all in one monster solution .. probably close to what you're looking for
[15:12] <edwin_> thanks guys for the links
[15:14] <edwin_> nowadays how is an emailserver setup for user
[15:14] <edwin_> is it gui type / still shell type/commdline type?
[15:18] <Wampyre> Hi
[15:18] <Wampyre> I have a service that is set to start with runlevel 2, but it's not doing so.  Once the computer starts up, I can start the service manually using the same script.  What do I need to check?
[15:44] <sommer> morning all
[15:45] <Jeeves_> Hi
[15:45] <Wampyre> Ola!
[15:45] <Jeeves_> Wampyre: Is it upstart or plain-old init?
[15:46] <Wampyre> How can I find out?
[15:46] <rapha> Hi all, does Ubuntu Server not have PEM installed anymore?
[15:47] <qbitza> Wampyre, update-rc.d
[15:47] <Wampyre> The script exists in /etc/rc2.d
[15:47] <Jeeves_> Wampyre: So it's plain-old init :)
[15:48] <rapha> (Also there don't seem to be any PEM packages - I'm trying to get vsftpd virtual users working as per ftp://vsftpd.beasts.org/users/cevans/untar/vsftpd-2.2.2/EXAMPLE/VIRTUAL_USERS/README - can somebody help me?)
[15:48] <Jeeves_> Wampyre: Convert it to upstart
[15:48] <qbitza> Wampyre, as in sudo update-rc.d <service> defaults
[15:48] <Jeeves_> that's easy
[15:48] <qbitza> update-rc.d shouldn't be bothered
[15:48] <qbitza> It can do either, afaik
[15:49] <jjohansen> Daviey: Bug #599450
[15:49] <Wampyre> qbitza, I've done that, while installing the application.  It has created the necessary scripts, but the service is still not starting.
[15:50] <Wampyre> Jeeves_, how do I convert it to upstart?
[15:50] <ScottK> Good morning sommer.
[15:50] <sommer> :-)
[15:50] <Jeeves_> Wampyre: Read the files in /etc/init
[15:50] <Jeeves_> There pretty logical
[15:51] <Jeeves_> upstart is the way to go anyways, so.
[15:51] <qbitza> Wympyre, I agree with Jeeves, upstart is the way of the future
[15:51] <qbitza> Wampyre, is this your own script?
[15:52] <Wampyre> Nope, comes with the software
[15:53] <Wampyre> I just needed to update the paths in it.
[15:59] <Jeeves_> Wampyre: Which software
[15:59] <Wampyre> zabbix
[16:00] <Wampyre> Apparently it depends on mysql starting before it does.
[16:07] <phretor> I had several LocalForward entries in my .ssh/config and I would like to open an ssh connection to the machines in a sort of "background mode" - is this possible?
[16:07] <Jeeves_> phretor: What do you mean?
[16:08] <Jeeves_> phretor: You mean that a script can open connections without usernames and passwords?
[16:08] <phretor> Jeeves_: well, I'd like to put the ssh client in the background so I don't have to open another shell to, say, connect to locally forwarded ports.
[16:08] <Wampyre> In an upstart script, the start on parameter tells the script what to depend on?
[16:09] <Jeeves_> Wampyre: Yes
[16:09] <Jeeves_> You can configure your own events (i believe) and runlevels
[16:09] <Wampyre> How would I create a dependency upon mysql?
[16:10] <Jeeves_> That's a good one :)
[16:11] <Wampyre> so just; start on (mysql) ?
[16:11] <Jeeves_> that might work, yes
[16:13] <Jeeves_> Wampyre: I'm trying to find some documentation on that
[16:14] <Jeeves_> Wampyre: http://upstart.ubuntu.com/getting-started.html
[16:14] <Jeeves_> In the bottom, it talks about initctl -emit
[16:14] <Jeeves_> initctl emit
[16:15] <Jeeves_> Wampyre: Have a look at /etc/init/mountall.conf
[16:15] <Jeeves_> 'emits' is the configuration keyword
[16:15] <Jeeves_> So if you change mysql.conf to 'emits mysql', than zabbix will start when mysql is started
[16:16] <Jeeves_> Upstart is pretty cool, actually.
[16:16] <Wampyre> Ah! So if I add "emits mysql" to mysql.conf, then I can use "start on (mysql)"
[16:16] <Jeeves_> Too bad that so many programs aren't fixed to use it yet
[16:16] <Jeeves_> Wampyre: That's how I read it, yes :)
[16:17] <Jeeves_> Anyways, I'm afk for a while
[16:17] <Wampyre> Thanks ffor the assistance :)
[16:21] <Jeeves_> np
[16:30] <remix_tj> anyone has experience with postfix and postfixadmin's vacation?
[16:30] <remix_tj> i got this vacation working only for an email.
[16:30] <remix_tj> there is no way to get it working for other emails...
[16:34] <lamont> remix_tj: postfixadmin's vacation?  do you mean the vacation package, or some other thing?
[16:34] <remix_tj> some other thing
[16:35] <remix_tj> a postfix vacation with a sql backend
[16:35] <lamont> it's specific to postfix?
[16:35] <remix_tj> what do you mean?
[16:36] <lamont> when you say "a postfix vacation", do you mean that it's specific to postfix, or that it's "just another vacation binary" that happens to have an sql backend?
[16:41] <remix_tj> uh, seems to be a postfix problem, because the vacation script gets not called
[16:42] <remix_tj> i've an email (a@b.it) which is (when vacation is active for that user) an alias for a@b.it,a@b.it@autoreply.b.it
[16:42] <remix_tj> the mail gets delivered to a@b.it but not to the autoreply one, which is the address that generates the automatic email
[16:43] <Hilikus> can i create a user in my system that will be login in through ssh that i can keep in its own home dir? i.e. so that he doesn't see or can move to the rest of my system?
[16:43] <lamont> that'd be because postfix explicitly blocks routing via multiple @s
[16:43] <pmatulis> Hilikus: yes
[16:44] <lamont> --> broken vacation package if it's depending on source routed email to work
[16:44] <pmatulis> Hilikus: "chrooted ssh"
[16:44] <Hilikus> pmatulis: is that a chroot jail?
[16:44] <Hilikus> ok, thats what i thought
[16:44] <Hilikus> thanks pmatulis
[16:44] <lamont> sadly, chroots are frequently trivial to escape
[16:44] <Hilikus> yes, i've heard
[16:45] <Hilikus> any other idea lamont
[16:45] <Hilikus> ?
[16:45] <pmatulis> lamont: oh, how so?
[16:45] <pmatulis> lamont: ssh ones specifically
[16:45] <lamont> pmatulis: dunno about ssh in specific, but various approaches exist, depending on the environment handed to the user in the chroot
[16:46] <lamont> if you can get root inside the chroot, then the most trivial is to mount the real root disk somewhere, and chroot into that.
[16:46] <hallyn> (use pivot_root to prevent the usual chdir-based chroot escapes)
[16:46] <Hilikus> i want to give access to a user to come in and see their backups and their backups only. maybe i can restrict the also the commands allowed in the console?? to just do ls and get or whatever download command is needed?
[16:47] <lamont> Hilikus: sounds like you want sftp-only
[16:47] <Hilikus> i thought sftp still needed ssh access and a system account
[16:47] <Hilikus> but yes,i was thinking of using sftp
[16:48] <lamont> yeah.  ISTR sftp-only users were possible with modern ssh
[16:48] <remix_tj> lamont: but the strange thing is that works for assistenza@b.c.it@autoreply.b.c.it but not for lorenzettoluca@b.c.it@autoreply.b.c.it
[16:48] <lamont> interesting
[16:48] <pmatulis> Hilikus: yes, sftp chroots are built-in
[16:48] <Hilikus> i don't have any ftp or sftp daemons running and i can connect to my server using sftp currently
[16:49] <pmatulis> Hilikus: it'a a hidden/internal subsystem to ssh
[16:49] <Hilikus> so, since i there's no daemon, where do i tell it it is a sftp-only access??
[16:49] <remix_tj> lamont: that's why i'm asking for help, this is driving me crazy :-)
[16:49] <pmatulis> Hilikus: ask the great oracle
[16:50] <Hilikus> i'm not sure what to search for
[16:50] <pmatulis> Hilikus: "sftp chroot"
[16:50] <Hilikus> thanks pmatulis
[16:50] <pmatulis> Hilikus: you're welcome
[16:59] <MTecknology> How should I go about adding a module to ejabberd?
[17:11] <oru_work> how to compress a directory with tar ?
[17:12] <FunnyLookinHat> tar -czvf file directory
[17:48] <kalkin-> hi guys
[17:48] <kalkin-> i'm trying to rebuild php with --with-curlwrappers
[17:49] <kalkin-> i followed this guid http://panthar.org/2006/06/15/php-with-mssql-on-ubuntu-606/
[17:49] <kalkin-> with php 5.2 it works flawless
[17:49] <kalkin-> but with 10.4 and php 5.3 it fails
[17:49] <kalkin-> this are the errors i get
[17:49] <kalkin-> dpkg-source: info: use the '3.0 (quilt)' format to have separate and documented changes to upstream files, see dpkg-source(1)
[17:49] <kalkin-> dpkg-source: unrepresentable changes to source
[17:49] <kalkin-> dpkg-buildpackage: error: dpkg-source -b php5-5.3.2 gave error exit status 1
[17:49] <kalkin-> any idea whats wrong?
[17:51] <SuperLag> Can you pass a regex to apt-get? How would you say, apt-get install all-of-the-tomcat6-packages
[17:53] <pmatulis> SuperLag: apt-get install tomcat*
[17:53] <pmatulis> or tomcat6*
[17:53] <SuperLag> excellent, thank you
[17:53] <pmatulis> SuperLag: test with simulate switch (-s)
[18:04] <SandGorgon> hi guys.. i have gotten a hosted ubuntu 8.04 and am deploying my web app for the first time. my question is about security - what is a reasonably good, reasonably out-of-the-box intrusion detection system - I have heard about OSSEC and Snort
[18:06] <hazmat> regarding using cloud-config on ec2 w/ lucid, are packages supposed to be installed before the runcmd are executed?
[18:11] <hazmat> hmm.. it looks like cloud-init is parallelized via upstart so the command execution portion (runcmd) can't depend on packages installed by cloud-init..
[18:16] <ejat> any respond / update on bug 337976
[18:37] <pmatulis> ejat: read the bug to find out
[19:21] <dupondje> Hi guys, I would like to know if its possible get get new debian php package getting sru'ed
[19:21] <dupondje> fixes quite some amount of dirty bugs
[19:26] <io> I have a dedicated server from a host that refuses to use a clean image from the Ubuntu website without installing a ton of packages before handing it over to their customer. Is there a straight forward way of comparing what packages a clean image usually gives, against their image, so that I can remove the additional packages they install?
[19:27] <Jeeves_> dpkg --get-selections
[19:31] <io> Jeeves_: manpage has little information. What does that do?
[19:34] <Jeeves_> io: it shows which packages are installed on your system
[19:34] <bjorr> anyone help out with a strange nagios error?
[19:34] <Jeeves_> So if you do it on both machines, you can create a diff on both configurations
[19:34] <Jeeves_> bjorr: Maybe
[19:34] <bjorr> fuck already broke rule 1
[19:35] <bjorr> ill pastebin
[19:35] <Jeeves_> bjorr: And there's the second! :) No swearing :)
[19:36] <bjorr> http://pastebin.com/0B494S4Y
[19:36] <io> Jeeves_: That shows both packages from a clean image, and packages that somebody has installed?
[19:36] <bjorr> from /var/log/nagios/nagios.log
[19:36] <Jeeves_> io: All installed packages
[19:36] <bjorr> already been to #nagios, we couldnt solve it there
[19:36] <Jeeves_> bjorr: It segfaults
[19:36] <bjorr> ive crawled forums all day for this
[19:37] <Jeeves_> bjorr: Try to start it witouth daemonizing
[19:37] <io> Jeeves_: Is there a list of packages installed on a clean image?
[19:37] <bjorr> how do I do that?
[19:38] <Jeeves_> io: Yes, just after you installed a machine and typed 'dpkg --get-selections'
[19:38] <Jeeves_> bjorr: /usr/sbin/nagios3 /etc/nagios3/nagios.cfg
[19:38] <Jeeves_> bjorr: Without the -d switch, Nagios won't daemonize to the background
[19:38] <Jeeves_> O
[19:39] <Jeeves_> I'd love to help further, but I promised my wife I'd watch a movie with her. :)
[19:39] <io> Jeeves_: What extra packages does -server install?
[19:39] <Jeeves_> So I gotta go.
[19:39] <Jeeves_> io: No clue.
[19:39] <pmatulis> Jeeves_: enjoy
[19:39] <Jeeves_> Thanks!
[19:39] <bjorr> No dice jeeves
[19:43] <bjorr> damn you jeeves wife! i needed him more!
[19:51] <Lichte> I just installed 10.04 and nothing comes up on the screen when I start it up........is there some kind of framebuffer turned on during install ???
[19:51] <Lichte> I can't ssh in either since it's turned off by default
[19:57] <NightDragon> (13:54.25) •          [ NightDragon ]: hey guys
[19:57] <NightDragon> (13:54.28) •          [ NightDragon ]: question
[19:57] <NightDragon> (13:54.48) •          [ NightDragon ]: ...my department wants to digitize all of their paper files. Does anyone have a good suggestion for a document management solution?
[19:57] <NightDragon> (13:55.19) •          [ NightDragon ]: i was going to suggest Acrobat for the software they use to ditgitize, but i'm guessing theres got to be a better way to manage the files then to just store them in folders
[19:57] <NightDragon> err yeah
[19:57] <NightDragon> that sucked
[19:57] <NightDragon> ...but does anyone have some good advice?
[19:59] <qman__> NightDragon, if you can convince them to change, a wiki-style setup is much better to work with
[19:59] <qman__> but if not, there are still version control/management solutions for more traditional documents
[19:59] <NightDragon> well these are student records that they are trying to digitize
[20:00] <NightDragon> so we are trying to find a structured solution for records storage
[20:00] <NightDragon> more then like a doku/wiki type setup, you know?
[20:00] <NightDragon> unless wiki's apply to this sort of thing in some really nice way
[20:01] <qman__> not especially
[20:01] <qman__> it's just a great way to work with other people as opposed to word documents or PDFs
[20:01] <qman__> but if they're basically read-only, PDFs are a fine way to do it
[20:02] <qman__> however, it should be noted that plain text/markup is much easier to search than binary document formats
[20:03] <NightDragon> well i was planning on suggesting PDF's as a format, as Acrobat is a _really_ good solution for digitizing records
[20:03] <NightDragon> but i'm trying to find something that works well for storing/accessing them
[20:04] <io> !info doxfs
[20:06] <pmatulis> !search doxfs
[20:25] <bleything> I just had a weird experience with groups... I added my user to a group by hand-editing /etc/group, logged out and in, no dice.  used usermod, same deal.  then rebooted and it had taken effect
[20:26] <bleything> are groups cached or something?
[20:40] <pmatulis> bleything: next time use 'adduser'
[20:44] <Lichte> I just installed 10.04 and nothing comes up on the screen when I start it up........is there some kind of framebuffer turned on during install ???
[20:46] <jord> Hi, how do I turn off any splash stuff on boot? I'm trying to figure out why the machine won't boot.
[20:46] <pmatulis> jord: configure GRUB
[20:47] <pmatulis> jord: how depends on GRUB1 or GRUB2
[20:48] <jord> pmatulis: I've got 10.04, so grub 2?
[20:48] <Lichte> I have the same problem
[20:48] <pmatulis> jord: /etc/default/grub for the latter
[20:49] <pmatulis> jord: GRUB_CMDLINE_LINUX_DEFAULT="debug" for the most verbose boot
[20:49] <jord> pmatulis: Cool, thanks. Will probably be back with more info :)
[20:49] <jord> pmatulis: Ahh, I see
[20:49] <pmatulis> jord: make sure you run 'update-grub' as the file says
[20:49] <jord> pmatulis: Ok, will do
[20:49] <bleything> pmatulis: will do, thanks.
[21:07] <Lichte> where do I go to allow ssh login on boot ?
[21:14] <ScottK> Lichte: Install ssh is all you need to do.
[21:31] <coxn> I want a script that, when run, has a session like this: http://sillyidea.pastebin.ca/1905532
[21:31] <coxn> Does such a thing exist in some corner? If not, if I were going to do that in python, what module(s) should I be looking at?
[21:38] <Lichte> ScottK: can't do that, the screen goes blank during boot
[21:38] <ScottK> If you don't have ssh installed, there's not much you can do then.
[21:39] <Lichte> I guess I'll have to go back to 9.10
[21:43] <Jordan_U> Lichte: Did the LiveCD work correctly?
[21:47] <jeremyn> i'm having a problem with amavisd-new, for some reason i get a "Virus scanning skipped: Exceeded storage quota" whenever it tries to process an email with a tar file attached. it doesn't have this problem with gz or zip files. it may have been like this since i set it up. any ideas?
[21:47] <jeremyn> it has the problem with tar.gz files too
[21:48] <jeremyn> the tar files i'm testing with only contain one very small text file
[21:50] <Jordan_U> Lichte: Or, since we're in #ubuntu-server and you probably used the server CD, try holding shift during boot and adding "gfxpayload=text" (on its own line) to the first menu entry by pressing 'e' (press ctrl+X to boot the edited entry).
[21:53] <Lichte> Jordan_U: yeah, no livecd for the server
[21:55] <Lichte> Jordan_U: that goes at the end of the kernel line, no ?
[21:55] <Jordan_U> Lichte: No, on its own line.
[21:55] <Lichte> ok, I'm off to try again
[21:56] <blackstar256> are are some advantages of ubuntu server over other distrobutions
[21:58] <Lichte> Jordan_U: that didn't work either
[21:59] <Jordan_U> Lichte: Any output at all when you try to boot?
[21:59] <Lichte> Jordan_U: when I erased the "quiet" at the end of the kernel line, I got some kernel output until the screen went blank again
[22:00] <Lichte> Jordan_U: I can tell it's booting up by the HD activity
[22:00] <Lichte> I just can't get any text output
[22:01] <FunnyLookinHat> Is there a way to force my DNS to refresh?  I'm fairly certain there isn't... but here's hoping :)
[22:01] <Jordan_U> Lichte: You can use the server install CD to chroot in and install ssh.
[22:02] <Lichte> Jordan_U: then what?  How do I fix the screen output ?
[22:02] <Jordan_U> Lichte: I think there's even an option to setup the chroot automagically, "repair broken system" or similar.
[22:02] <Lichte> Jordan_U: I've done that too
[22:03] <Jordan_U> Lichte: Check dmesg for anything that looks relevant.
[22:03] <Lichte> I have 3 servers to upgrade, ,my boss isn't going to allow no screen output, I don't care personally, I'd rather have headless servers
[22:04] <Jordan_U> Lichte: Try adding "nomodeset" to the kernel parameters.
[22:04] <Lichte> Jordan_U: OK
[22:05] <cloakable> FunnyLookinHat: more detail please :) how are you getting dns, and how do you want it to refresh?
[22:05] <Jordan_U> Lichte: Or maybe hook a DVD player up to the monitor with a loop of random boot messages to make your boss happy :)
[22:08] <Lichte> Jordan_U: :))
[22:08] <Lichte> Jordan_U: that worked!  I now have sshd installed
[22:08] <Lichte> nomodeset did the job
[22:09] <Lichte> who's the genius that decided a graphical boot on a server was a good idea ??
[22:10] <sysdoc> Since webmin is no longer in the repos, is there a replacement for it??
[22:10] <cloakable> ebox :)
[22:10] <FunnyLookinHat> cloakable: well - does my machine cache a host lookup after a single attempt for a while?  Because I setup a cname over an hour ago and it still isn't showing up with host
[22:11] <sysdoc> cloakable, thanks
[22:11] <cloakable> FunnyLookinHat: I wouldn't know. so you have a caching nameserver installed?
[22:12] <cloakable> FunnyLookinHat: *do
[22:12] <FunnyLookinHat> cloakable: oh no I don't - I'm just fetching my DNS lookups from the DNS server provided by my ISP
[22:12] <FunnyLookinHat> You can ignore me :)
[22:12] <FunnyLookinHat> I've realized I'm just impatient
[22:12] <cloakable> FunnyLookinHat: heh :)
[22:13] <FunnyLookinHat> Ok - better question - I'm having trouble finding the syntax to upload just a single file with rsync over ssh
[22:13] <cloakable> upload, or sync?
[22:13] <FunnyLookinHat> upload.
[22:13] <Hilikus> i'm having a problem with sshd. i created a group and added a user to that group
[22:13] <Hilikus> then in my ssd_config i have
[22:13] <FunnyLookinHat> cloakable: only want to use rsync because it compresses a bit
[22:13] <Hilikus> AllowGroups backup_reader
[22:13] <FunnyLookinHat> cloakable: otherwise scp would probably be fine
[22:14] <Hilikus> but when the user tries to log in auth.log reports
[22:14] <Hilikus> not allowed because not listed in AllowUsers
[22:14] <Hilikus> am i missing something? my logic is that it should be allowed because even though it is not in AllowUsers, it is in AllowGroups
[22:15] <cloakable> FunnyLookinHat: rsync -t <filename> server:/path/to/directory/
[22:15] <cloakable> FunnyLookinHat: I'd think, reading the manpage
[22:15] <FunnyLookinHat> cloakable: Yeah that's what I thoguht - I was just checking if my interprettation of the manpage was right :)
[22:16] <cloakable> FunnyLookinHat: :)
[22:20] <Moltar> I'm having a problem with 10.04 server, it will not boot after the install when installing on a GPT formatted partition.  The BIOS just says 'boot fail hard disk 0'.  This is on an IBM x series server with a 3TB RAID volume.  Can anyone suggest a way to troubleshoot this or maybe a pointer to some documentation?
[22:21] <Jordan_U> Moltar: Software RAID or Fake RAID?
[22:21] <Lichte> thanks for the help Jordan_U
[22:22] <Jordan_U> Lichte: You're welcome.
[22:22] <Lichte> laters
[22:25] <Jordan_U> Moltar: Can you run this script: http://sourceforge.net/projects/bootinfoscript/ and pastebin the RESULTS.txt?
[22:41] <Hilikus> can i have allowUsers and allowGroups in sshd at the same time??
[22:42] <Moltar> Jordan_U: Hardware RAID, an IBM RAID controller
[22:42] <pmatulis> Hilikus: the sshd_config man page will tell you
[22:43] <Jordan_U> Moltar: Ok, then the fact that it's RAID should be irrelevant for this purpose.
[22:43] <Hilikus> then i'm reading at the wrong place
[22:43] <Hilikus> it doesn't say anything about itr
[22:43] <Jordan_U> Moltar: The output from the boot info script would still be usefull.
[22:44] <pmatulis> Hilikus: read the section explaining the AllowUsers parameter
[22:44] <Moltar> Jordan_U: I tried that script yesterday and it complained that the 'core.img' file was not recognized in that small bios_grub flagged partition.  But if I dump the first block with dd it looks the same as the core.img file to me.
[22:45] <Jordan_U> Moltar: Did you do any repartitioning after installing grub? Does the script show grub as being installed to the mbr? (the full output would be usefull)
[22:45] <Moltar> Jordan_U: OK, I'll have to reboot from the DVD in rescue mode and run that again.  I've also tried using the efi boot option, with that I at least get what looks like the start of the kernel and initrd loading but nothing after the initrd message.
[22:48] <Hilikus> pmatulis: i did, and still nothing specific about combining it with allowGroups
[22:49] <Hilikus> for some reason the behaviour i'm seeing is that allowGroups is ignored, but that's not what the man says
[22:50] <Hilikus> so i'm probably doing something wrong
[22:50] <Hilikus> i want to allow certain users AND certain groups
[22:54] <pmatulis> Hilikus: "The allow/deny directives are processed in the following order: DenyUsers, AllowUsers, DenyGroups, and finally AllowGroups."  if you have restarted sshd and this statement proves to be wrong then open a bug
[22:56] <Hilikus> that doesn't say anything about my questions. that's when there are conflicting permissions. it doesn't say that each directive overwrites everything below it
[22:57] <Hilikus> eMBee August 2, 2006:    i did a few quick tests on the interaction of AllowUsers and AllowGroups and it seems that they can’t really be used together
[22:57] <Hilikus> hmmm
[22:58] <Moltar> Jordan_U: I've screwed around with this system so much that I'm starting from scratch, I'll paste that RESULTS.txt from the bootinfo script after I reinstall to avoid totally confusing the issue
[23:02] <silentwhisper> great day to everyone
[23:05] <Hilikus> whats the diff between a user group and a system group?
[23:53] <pmatulis> silentwhisper: thank you.  to you as well