=== twister004_ is now known as twister004
zulmathiaz: fyi i got an updated version of openldap with ufw profile and apport ready to go00:58
=== dendrobates is now known as dendro-afk
=== dendro-afk is now known as dendrobates
brando753hello everyone I have set up my server I have installed ISPConfig but now I would like to know how to get it live so my three diffrent domains point to my diffrent sights how would i do this? How would i get a domain to point to my ip?01:01
=== ian_brasil___ is now known as ian_brasil
mathiazzul: great!01:59
=== dendrobates is now known as dendro-afk
=== dendro-afk is now known as dendrobates
uvirtbotNew bug: #611526 in openldap (main) "package slapd 2.4.21-0ubuntu5.1 failed to install/upgrade: subprocess installed post-installation script returned error exit status 143" [Undecided,New] https://launchpad.net/bugs/61152602:37
=== rmk_ is now known as rmk
=== metcalfc_ is now known as metcalfc
chewbrancawhat applications do you guys use for server monitoring? looking for something much simpler than nagios and that has an android app or rest api to allow for mobile monitoring and notifications03:21
ballping? :-)03:22
chewbrancaping doesn't help you get notifications about load average or service availability03:22
ballI know, I was just being facetious.  I'll be interested to see what other people suggest though.03:23
chewbrancahahahha yeah wasn't sure, legitimate point though03:24
chewbrancaI've been playing with zenoss and its still rather complicated, I would also need to build custom solutions for monitoring my applications and an android app, plus I would need to run it on a dedicated box03:25
=== hggdh is now known as hggdh|away
kimi_Good Night04:49
kimi_Does anybody has experience setting up a Radius server in Ubuntu?04:50
ShapeshiftrHey, what's the package for Mono again?04:52
ShapeshiftrI installed it on my other Ubuntu server, just forgot how.04:52
=== rmk_ is now known as rmk
processroutecan someone help me with my ubuntu-server issue: http://ubuntuforums.org/showthread.php?p=9655540 ?05:34
processroutecan someone help me with my ubuntu-server issue: http://ubuntuforums.org/showthread.php?p=9655540 ?05:51
processroutecan someone help me with my ubuntu-server issue: http://ubuntuforums.org/showthread.php?p=9655540 ?06:06
ubottuDon't feel ignored and repeat your question quickly; if nobody knows your answer, nobody will answer you. You can search https://help.ubuntu.com or http://ubuntuforums.org while you wait.06:10
processroutetwb': i should wait more than 15 min?06:10
twb`More like an hour or three.06:10
processrouteIRC is live chat?06:10
processrouteemail/forums are 1 - 3 hrs06:10
twb`Kids these days06:11
processrouteyep, we want everything faster06:11
twb`If an email arrives the same day it's sent, you should consider yourself lucky06:11
processroutewhen i email people, i expect to hear back within hours06:11
processroutei almost always do too06:12
sweetpithats because they want to talk to you06:12
processroutesweet3.1418: that could well be it06:13
processrouteguampa's writing a semi-solution to it on ubuntuforums, and i've posted ideas to fix it on brainstorm.ubuntu.com06:14
twb`Is this your question? "Is there a way to bind specific programs to specific network devices (not IPs, since I have dynamic IPs)?"06:15
processroutetwb`: affirmative06:16
twb`You should have just posted that, rather than linking to a page that contains it.06:16
twb`To answer your question: no, there's no generic way to achieve that.06:16
processroutetwb`: i couldn't find it on the internet, so i thought others might have the same question and want it on the internet06:16
processroutetwb`: its in the kernel?06:16
processroutethe restriction to do that06:17
twb`Best practice is to bind to all addresses, and set up a firewall.06:17
processroutetwb`: like change the route and use iptables to route programs (though iptables will not route PIDs)06:18
processroutetwb`: also having dynamic ips makes it difficult to bind to addresses instead of network interfaces06:18
twb`Are you making a statement, or asking a question?06:19
processroutetwb`: making a statement, re-affirming its not possible to do that06:20
=== twb` is now known as twb
processroutetwb: what are users supposed to do that have two vpn services with their vpn services having different ip addresses, or users with two isps?06:27
twbprocessroute: er, assign different ports?06:36
twbI have two OpenVPNs and one vpnc terminating on my laptop, and it Just Works06:36
processroutetwb: you never have the urge to run one program through the vpnc device tun0 and others through the VPN apps?06:46
twbEr, no.06:47
twbEven if I did, it's still just be a matter of writing firewall rules.06:48
jefimenkoi'm in the middle of an ubuntu install at a point where it's asking me which partition to install grub on. no matter what i select, the following page tells me that i haven't chosen any partitions to install grub to and asks me to confirm. is there any way that i can manually install grub from here to ensure that my system reboots properly?07:39
kim0jefimenko: dont really know .. but u can try installing on /dev/sda itself .. not on a partition07:43
PlainFlavoredwhat is ubuntu enterprise cloud?07:44
jefimenkokim0: i tried selecting that too07:44
jefimenkois there a way to escape into a shell and manually do it?07:44
jefimenkoit's very important that this server reboots properly since i am doing the install remotely07:45
jefimenkoit will be 10x as much work if it doesn't :(07:45
kim0jefimenko: r u in text installer ?07:45
jefimenkoi think it's freaking out because i chose manual package selection during the install process07:45
jefimenkokim0: yes07:46
kim0jefimenko: wouldn't ALT+F2 or other Function numbers, get u on a shell07:46
jefimenkobecause i've done other remote installs just like this one07:46
jefimenkonever had this problem... but i was stupid to try selecting extra packages to install now07:46
jefimenkokim0: yes, i can get instal a shell that way07:49
jefimenkokim0: but i'm not familiar with the install environment07:49
jefimenkoi'm a little disoriented in this sehll07:49
kim0jefimenko: check this out https://help.ubuntu.com/community/RecoveringUbuntuAfterInstallingWindows07:50
kim0relevant commands07:50
jefimenkothe shell environment only has the grub-installer command07:52
jefimenkoi wonder if the installation is mounted somewhere else07:52
jefimenkoi don't have the grub or grub-install commands07:54
RudyValenciaWhy does the onboard Ethernet on my server perform worse than a PCI card?08:34
RudyValencia(internal Ethernet is an Intel e100-series Ethernet card, and the PCI card is a tulip-compatible Network Everywhere NE100.08:35
RudyValenciaoops, NC10008:35
RudyValenciaWhy would an onboard Intel Ethernet port be slower than a PCI tulip-compatible NIC in my server?08:40
lauhi, do you know how to blacklist nf_nat_sip module ?08:44
lauI tried through /etc/modprobe.d/blacklist.conf in lucid but it is not blacklisted08:44
lauI though I could rename the .ko but does not look like a clean soluce08:45
lauany idea ?08:45
_Techie_i have postfix and dovecot installed and working, but postfix doesnt seem to be accepting smtp from other IP's09:10
RoyKhappy sysadmin day everyone :)09:43
a_okI'm working on a dell server with an idrac, when I use the virtualcd drive on the idrac it gets /dev/sda and the other disks are shifted accordingly so root is /dev/sdb all the sudden etc. Where (and how) should I confiugre udev so the virtual drive is always /dev/sdz?09:43
twba_ok: if you are referring to drives by letter, you have already lost09:44
twbdynamic drive letter assignment is something that is only going to increase in the next decade09:44
RoyKa_ok: use the UUID09:44
=== lau is now known as Guest32798
a_okdoes kvm support UUID?09:44
RoyKare you using raw disks with kvm?09:45
a_oki'm going to anyway09:45
RoyKgoogle says it should work ...09:46
RoyKI don't have kvm with raw disks, so I can't test from here...09:46
RoyKman kvm09:46
a_okand its bloody annoying anyway. one time when using fd i need to look at /dev/sda and the other time I have to look at /dev/sdc09:46
a_okRoyK: I only see you can assign an uuid to a image not boot from it by uuid09:50
diogo_79how can i import gpg key to ubuntu server?09:50
a_oktwb: It seems that I really need to be referring to drives by letter. perhaps in the future I will resolve the uuid to device file but for now I don't have a choice. so where do I put them rules?09:53
RoyKa_ok: ok09:53
RoyKI'm not sure, but perhaps it's possible to use udev to assign device names for sdx, like with network cards09:54
skydromeHappy Sysadmin Day #ubuntu :)09:59
a_okI don't get why drive letter asignment should dissapear in the future10:01
=== Guest32798 is now known as lau
NightDragonhello all, is there a good place to head for apache info?11:34
binBASHNightDragon: #httpd11:46
NightDragonhttpd == apache2?11:46
NightDragoni can never get them straight... httpd, apache, apache 2.. prefork, postfork, @__@11:47
binBASHall the same ;)11:47
binBASHI dunno postfork though11:47
binBASHjust prefork, peruser, worker, event11:47
a_okhow can I get info by devicefile?11:51
a_oklike bus type etc11:51
a_okRoyK: this is rediculous. I can change the device file name of that disk with udev rules. Problem is that the kernel makes sr0 out of it but also makes sda... so the blody thing has two device files12:07
RoyKa_ok2: is it a drive or a cdrom?12:39
a_ok2RoyK: it's a virtual cdrom drive12:40
RoyKthen forget about sda12:41
a_ok2RoyK if it was that easy I would. problem is that it is active one time and not active the other time. so we have stuff moving around12:41
kaushalis there a way to backport php5.3 to Hardy 8.04 server ?12:50
pmatuliskaushal: probably, but it wouldn't be an easy task.  try https://launchpad.net/~bd808/+archive/php5.312:54
pmatuliskaushal: otherwise, https://launchpad.net/ubuntu/+ppas?name_filter=php512:54
RoyKkaushal: it'll be quite easy, really. just apt-get source php5, extract the php5.3 source somewhere, copy the debian/ directory from the ubuntu php5.2.4 source, cd into the 5.3 source and dpkg-buildpackage13:04
RoyKthat should probably do it13:04
kaushalis that a recommended method ?13:05
kaushalRoyK: let me check13:06
floownto have Json, should I just install php5-json on a Jaunty server ?13:09
NightDragonhello all13:10
NightDragonwould apreciate some help, i can not seem to connect to my ubuntu server from a mac13:11
NightDragonPC works just fine... and so does netatalk13:11
NightDragonbut when i try to do CMD+K, and do SMB://server, it does not work13:11
NightDragonconnection failed13:12
NightDragonany suggestions?13:12
sommermorning all13:14
=== TeTeT_ is now known as TeTeT
* NightDragon swears he hears crickets13:14
Davieyhey sommer !13:20
Davieysommer: How are the doc's today? :)13:20
sommercruisin, cruisin ;-)13:21
Davieysommer: \o/13:24
* NightDragon pokes someone13:26
PiciNightDragon: Do you have a samba server running?13:27
silentwhisperi was able to run13:29
silentwhisperhttp server and mail server13:29
silentwhisperwhich server should i learn to setup13:29
silentwhisperi want to learn all13:30
silentwhisperserver setup13:30
PiciI don't understand the question.13:30
silentwhisperi mean what are the things i need to learn in ubuntu server?13:31
cloakableThat's... quite a task13:31
ubottuThe Ubuntu server guide may be found at http://help.ubuntu.com/10.04/serverguide/C/13:31
silentwhisperlike http server13:31
silentwhisperor mail server13:31
silentwhisperthats a long long list to learn13:31
silentwhisperin do you apply all of those in your company?13:31
Picisilentwhisper: I only use what I need to use.13:32
silentwhisperi want to learn what i need to learn and get a job13:32
ttxmathiaz, smoser, spamaps, zul: ping me when you are around13:36
Picisilentwhisper: I can't give you a list of what companies need you to learn. Start with httpd and some mail server, look at job listings to see what skills they require and learn those.13:37
ttxsmoser: yo, pm ?13:38
NightDragonsilentwhisper: what you need is a book13:39
NightDragonpreferably from oreily13:39
NightDragonthat gets into server administration13:39
NightDragonthe best advice that i can give13:39
NightDragonis to install a linux distro (like Ubuntu ^_^), get _very_ comfortable with it, and then try to teach yourself server administration13:40
NightDragonsilentwhisper: if your bash kung foo is not at least moderately strong, you wont be able to pass yourself off as a good sysadmin at interview, and even if you do... you wont be a good one and thats just not cool.13:41
NightDragonunix is something you need to gain expereince with, you cant just "read a webpage" and know it, like it was skype or something13:41
NightDragoni mean i cant say "you cant read the book"... because you kinda can, but if there was a singular book about *everything* you needed to know about unix administration, well it would be freaking huge. Like comically huge.13:42
NightDragoni've been using ubuntu/debian linux for 4+ years, and have done server administration for 1+ years, and i'm still learning a lot13:43
TheJ3ckyl20+ with Solaris, Irix, BSD, SCO, Redhat, etc.. etc.. etc.. and still don't know everything13:45
TheJ3ckylohh how could I leave out HPUX still have systems out there running on it13:46
* NightDragon shudders at the thought of redhat13:46
NightDragonseriously, i've been playing in debian land too long13:46
NightDragoni do need to learn redhat13:46
thesheff17NightDragon: why RHEL ...stick with debian/ubuntu :)13:47
TheJ3ckylWell, for small business use it's good that you can put customers on their support license13:47
TheJ3ckylOf course Solaris IMHO is still the most stable with the best support.13:49
NightDragonthesheff17: well aptitude is my homeboy, but it seems like a lot of jobs out there pretty much use RHEL/Solaris/Centos/Fedora13:49
TheJ3ckyland hardware is nice.13:49
qman__solaris is great if you're into self-torture13:49
qman__personally I just stay away13:49
TheJ3ckylFedora-Core is nice13:49
thesheff17NightDragon: true...though get the job and then switch to all ubuntu/debian...that is what I did :)13:50
TheJ3ckylI like ubuntu for personal use13:50
TheJ3ckylMy home network is 100% ubuntu13:50
thesheff17if you use the terminal most of the time RHEL and ubuntu are really not all the different.  I also feel like the support RHEL provides just a database of fixes....basically ubuntu and google accomplish the same thing.13:52
TheJ3ckylWell, but they also have phone support for $$$. I have a day job already, but do consulting on the side so I don't have time to do support13:53
thesheff17true have you used Canonical support?13:54
TheJ3ckylNo, I haven't any good?13:54
thesheff17hehe I haven't either.....I'm guessing they are pretty good13:55
thesheff17also I hate how RHEL has ES, AS, and all these different version and support contracts....13:55
TheJ3ckylYeah, but the more corporate you get, the more your going to have to have that type of stuff13:56
TheJ3ckylHell, my primary vendor is Cisco.13:56
TheJ3ckyland Sun13:56
TheJ3ckylTalk about your different levels of support13:56
TheJ3ckylJuniper is going the way of Cisco now13:56
TheJ3ckylThey are really getting some more market share13:57
thesheff17yea most of the data centers my company looked at used juniper over cisco13:57
TheJ3ckylWho knows is Juniper can compete with Cisco (Not talking technical mind you)13:57
TheJ3ckylMaybe someone someday will topple Microsoft :)13:57
thesheff17functionality & price are def on Juniper side13:57
TheJ3ckylYeah, their IOS IMO has always been more mature along with their hardware13:58
TheJ3ckylThey just didn't offer the same support Cisco did which turns off the big enterprises13:58
TheJ3ckylFor a long time Juniper didn't even have a proper lab for good regression testing and support testing13:59
TheJ3ckylThey have definately overcome that now13:59
thesheff17yea I work for a startup so paychecks come first technology comes second so I have to deal with what my budget is...basically 0 dollars :)13:59
TheJ3ckylbut they need to show the larger enterprises they are ready to play on the same level Cisco can13:59
TheJ3ckylheh yeah14:00
TheJ3ckylI got it nice, I work for AT&T Labs14:00
TheJ3ckylWe get a couple buck here and there :)14:00
thesheff17hehe yea I'm sure ATT is huge14:01
thesheff17hehe need a linux admin ? :)14:01
TheJ3ckylNot in labs, but I think corporate is hiring, but they are primary of HPUX and Sun shop14:02
TheJ3ckylWe have a lot of Linux, but Labs doesn't hire without a network engineer background14:02
TheJ3ckylMobility does a lot of Linux as well14:03
thesheff17well I'm not looking now but I will have a masters in March for information system security....so I'm sure I will be looking then.14:03
TheJ3ckylheh, my degree was in Civil Engineering14:04
thesheff17You guys runs lots of virtual machines?14:04
TheJ3ckylthat was back in 89 though when CS degrees were IPX, SCO, and pretty much worthless14:05
TheJ3ckylby 199514:05
thesheff17yea my old company has sco boxes14:05
TheJ3ckylWhen I came to LABs in 97 we had a lot of SCO and HPUX14:06
thesheff17haha yea14:06
TheJ3ckylWe still have a lot of UX, I can't stand it14:06
thesheff17we had a sco box with an NTFS share mounted on a novel box...or the other way around...either way it broke and basically brought the business to a halt....spent 3 straight days fixing it.14:07
thesheff17and had to try to deal with sco getting a new version and it was a nightmware14:07
TheJ3ckylI requested screen for a hopoff box that I use so when my VPN dies I can regain my session14:07
TheJ3ckylThe admin told me it would be too much of a pain in the arse to install screen???14:07
TheJ3ckylreally ???14:08
TheJ3ckylThat's UX for ya14:08
PiciHey guys, I know this channel isn't getting a lot of questions right now, but its really not a discussion channel. Feel free to join #ubuntu-offtopic if you want to chat.14:08
TheJ3ckylhe ok14:08
TheJ3ckylsorry got carried away14:08
PiciIts okay :)14:08
kimi_Good morning. Does anybody know how to setup a radius server in Ubuntu?14:14
NightDragon"Good morning all, i want to build a space shuttle today. Can anyone help?"14:15
ssureshot might want to /join #nasa lol14:15
TheJ3ckylkimi_,  in terms of??  Configuring the flat file or integrating it with PAM or something?14:16
kimi_I want to receive the authentication of WPA clientes (wireless devices)14:17
TheJ3ckylkimi_ it's been awhile, but essentially after you download radiusd, you will have a flatfile where you can point it to /etc/passwd or you can create the account with the flat file14:19
kimi_the idea is that every client that connects to my wifi routers, do the authentication (using RADIUS) to a server in internet14:19
NightDragonkimi: what kind of network are you trying to set up?14:19
TheJ3ckylDo you WIFI router support radius?14:19
kimi_the network layout will be like this14:19
NightDragonthe likely scenerio here is a dedicated RADIUS Server is _VERY_ overkill for anything less then enterprise setup14:19
kimi_I will have 4 routers, all configures with wireless security WPA Enterprise (where you MUST specify a Radius)14:20
NightDragonnot nessicarily14:20
kimi_all the routers will connect to this Radius, and the radius will receive and handle autenthication14:20
NightDragonbut yes with WPA2, you can use Radius14:20
NightDragonhow many users are you planning on having connect to this net?14:21
kimi_with WPA and WPA2 Enterprise (not Personal) y can use radius14:21
NightDragonyes, i know you can. How many users will be using this net?14:21
kimi_I don't have now that number of users14:21
NightDragonballpark it for me14:21
kimi_but up to now I'm have if it works for 5 or 10 users14:21
NightDragonis this for a buissness? around 50 users or so?14:21
TheJ3ckylkimi_ Best thing to do is go google some radius confiration example, there are a lot of ways to setup a radius configuration, as you can include access lists, times of access, type of auth etc..14:21
NightDragon5 or 10 users? man, for only 5 or 10 users you probably _REALLY_ dont need radius unless you really want it... i guess14:22
kimi_I have downloaded using apt "xtradius" but it doesn't not handle WPA authentication and the wireless clients can not login14:22
kimi_I want a prototype of 10 users, but it will have (I hope) thounsands14:22
TheJ3ckylother then that just download and install radiusd and point your routers to it14:22
NightDragonthats because theres a lot more to it then that, kimi if you really want to go for it i can help you with it14:23
NightDragonyour best way is probably router--> radius --> kerberos --> /etc/passwd (or mySQL DB, whatever)14:23
TheJ3ckylkimi_ your router will not pass WPA to the radius server14:23
kimi_thanks, It will be grate if you can help me14:23
NightDragonbut first, what is this network going to be used for/14:23
TheJ3ckylLDAP, it good with radius as well14:23
qman__yeah, for thousands of users, LDAP would probably be best14:24
NightDragonwell hold on guys14:24
NightDragonwe have literally no idea what he's trying to do14:24
=== lau is now known as Guest17167
kimi_In the end, my idea is not only to obtain authentication using MySQL. I would like that the radius server calls  a process passing information about the client that is connected. I want to know MAC address os the router, and mac address of the client . And I know that information gets into the server14:24
NightDragonLDAP could be a _really_ bad idea if he's trying to set up like a home or small buissness setup14:24
qman__NightDragon, he said thousands of users14:25
kimi_what I know up to now14:25
TheJ3ckylkimi_ you can pass that information is radius options14:25
NightDragonradius will handle that14:25
kimi_yes, I know. what I could successfully do is setup XTRadius14:25
kimi_to call a process when a Wifi clients wants to connect14:26
uvirtbotNew bug: #611695 in mysql-dfsg-5.1 (main) "mysqlhotcopy produces error about log tables" [Undecided,New] https://launchpad.net/bugs/61169514:26
kimi_but then I said "login incorrect"14:26
kimi_and I think that is because xtradius cannot handle WPA authentication14:26
TheJ3ckylOk, so you want radius to hit up a shell script?14:26
qman__kimi_, radius simply handles the authenticating process and such, you still need a backend database of users and passwords to authenticate against, and radius supports tons of them14:27
TheJ3ckylyeah, wait a second14:27
TheJ3ckylNot sure what WPA has to do with Radius.....14:27
kimi_ok, I will ahve a backend, but not directly to MySQL, it will call a process first14:27
TheJ3ckylhere me out14:27
qman__anything from flat file and PAM to LDAP and mysql14:27
TheJ3ckylYour router is either going to support radius for WPA or it's not14:27
TheJ3ckylradius is radius14:28
smoserDaviey, ping14:28
TheJ3ckylYour router is either going to send out a radius request for WPA auth or it's not14:28
kimi_my router has a wireless authentication feature that is WPA Enterprise, where I must configure a RADIUS server14:28
TheJ3ckylThe router might just perform radius for console, aux, term, auth14:28
kimi_what I found is that when I setup that, every client that wants to authenticate makes a call to the radius server14:29
TheJ3ckylok, yeah that make sense14:29
kimi_but my actual radius server cannot authenticate wireless clients, only wired ones14:29
TheJ3ckylradius, should not care14:29
TheJ3ckylunless it's passing something that is not compliant to the server?14:30
kimi_I have tested radtest from machines connected to LAN14:30
kimi_and radius worked perfect14:30
kimi_but from a wireless network it wont14:30
kimi_it says "login incorrect"14:30
qman__yeah, the radius server won't care about that, so it must be an issue with the configuration/implementation of the clients requesting authentication14:30
TheJ3ckylWhat radius server does your router vendor recommend?14:30
kimi_and the same information (user, pass) from a lan machine works great.14:30
Davieysmoser: o/14:30
TheJ3ckylnot all radius servers are ==14:30
qman__plenty of vendors use broken implementations14:31
kimi_linksys (I have one with dd-wrt, another with the original firmware, and another with CoovaAP( and Apple Airport14:31
kimi_all of them the same problem14:31
TheJ3ckylI have had vendors that are compliant only with x radius server14:31
kimi_I would be happy if it only works with linksys and cisco.14:31
cloakableWhat are you encrypting the passwords with?14:31
TheJ3ckylYeah, could be a cleartext thing14:31
TheJ3ckylor perhaps it on;y will do PAP/CHAP14:32
qman__with that much variation in hardware, you're going to want to set your radius server to accept pretty much any handshake method14:32
cloakableWhich needs cleartext backend14:33
TheJ3ckylYeah, but some router clients will only send pap/chap14:33
kimi_I closed the wrong chat room14:33
thesheff17anyone really good with vmbuilder here? I have some weird things going on with it?14:33
TheJ3ckyland depending on your radius server, some radius servers will only do cleartext or encryption14:34
kimi_I think that's the problem14:34
kimi_xtradius is doing only cleartext and not handling the encryptation14:34
kimi_that may be why I cannot connect wirelessclients correcly but yes using radtest14:35
TheJ3ckylDid the router vendor recommend a particular radius server?14:35
kimi_I didn't found any recommend vendor. In the setup I only have the IP and port14:35
kimi_and If I want WPA Enterprise or WP2 Enterprise14:35
qman__dd-wrt should support most anything14:35
qman__but a stock linksys is going to be much more limited14:36
qman__I don't know what they use14:36
kimi_I could connect to radius with a stock linksys14:36
kimi_I have tested 4 routers with different firmwares, all of them do the same14:36
TheJ3ckylcleartext auth?14:36
TheJ3ckylwith the linksys?14:36
qman__in this case, a packet capture might be in order, to figure out exactly what's going on14:37
TheJ3ckylYeah, that would at least tell you if the radius request is sent in using cleartext or not14:37
kimi_I have tested linksys with dd-wrt, coovaap, and stock firmware. all of them with WPA2 Enterprise to the same radius14:37
kimi_neither of them could authenticate14:37
TheJ3ckylJust because it's WPA doesn't mean radius is sending it encrypted14:37
qman__WPA is only encrypting the over-the-air communication14:38
kimi_mm using wireshark and capturing what arrives to the radius port?14:38
qman__the radius authentication could be in cleartext or any number of handshake/encryption methods14:38
kimi_oh I see14:38
qman__the first step is figuring out what method the router is attempting to use14:39
qman__and a packet capture might tell you, or would at least tell you cleartext versus encrypted14:39
kimi_I will do that with wireless and wired clients in order to compare14:39
TheJ3ckylSometime on the router, you can specify the method in the radius config as well14:41
TheJ3ckylI know Cisco and Juniper you can14:41
TheJ3ckylnot sur eon Linksys14:41
kimi_in the router when  I select WPA2 Enterprise I can configure these parameters: radius ip, radius port, secret key, passfrhase and key 114:42
TheJ3ckylyeah, sounds like it doesn't have the cleartext, or encryption option then14:42
TheJ3ckylSo you will need to sniff it as found out what it defaults to14:43
TheJ3ckylLike we mentioned earlier at least you will know whether or not your dealing with cleartext or not14:43
ttxmathiaz_: yo14:43
kimi_yes.and I will have to change the radius server in order to handle the encriptation or not14:44
kimi_how can I change that in radius?14:44
ttxmathiaz_: I'd need updated status on server-maverick-hadoop-pig and server-maverick-uds-seed-review for the release meeting14:44
ttxmathiaz_: looks like they are in bad shape14:44
kimi_thanks to all of you. I will do the testing when energy come back to my office14:46
romanoffHello, I am using EC2 service and have installed Ubuntu Server 10.04 as described on https://help.ubuntu.com/community/EC2StartersGuide page. I have allowed users to go to port 80 outside in EC2 panel. But I just can't start web app on port 80. I get this - http://pastie.org/1067075. Seems like some process is running on port 80. But I couldn't see any using 'sudo netstat -anp | grep 80' command. Any ideas?14:46
kimi_now I'm connected to a 3G modem with the laptop14:46
mathiaz_ttx: updating the BP now14:46
TheJ3ckylWell, there are a couple places14:47
TheJ3ckylfor auth, lemme, see14:47
TheJ3ckylIf your doing for example14:47
TheJ3ckylauthenticate {14:47
TheJ3ckyl         14:47
TheJ3ckyl         #14:47
TheJ3ckyl         #  MSCHAP authentication.14:47
TheJ3ckyl         Auth-Type MS-CHAP {14:47
TheJ3ckyl               mschap14:47
TheJ3ckyl          }14:47
TheJ3ckylor Auth-Type cleartext {14:47
smoserttx, do you know what kernel is used on the isos ?14:51
smoserie, what does netboot/ubuntu-installer/amd64/{kernel,initrd.gz} on an iso come from "?14:52
rasenganIs it safe to upgrade Ubuntu 9.10 to 10.* whilest ISPConfig is installed?14:52
ChmEarlsmoser,  2.6.32-21-generic14:52
ttxsmoser: I think it's linux-server14:52
mathiaz_ttx: both specs updated14:53
ttxmathiaz_: looking14:53
kimi_oh look at that14:53
=== mathiaz_ is now known as mathiaz
ttxmathiaz: about hadoop, you think you are still on track ?14:54
smoserso any idea how i would get a initrd.gz given a linux-server package from the archive ?14:54
mathiazttx: yes - the WI defined for alpha3 are not impacted by any Freeze14:54
smoseri'm guessing its not the same as i'd get if i plucked it from /boot/ after installing package14:54
ttxmathiaz: same for seed-review ?14:54
mathiazttx: the seed-review discussion will probably spill over in the beta cycle14:54
mathiazttx: I'm going to update the BP14:55
ttxmathiaz: ok POSTPONED / copy to beta as TODO14:55
ttxfor the last two, I think14:55
ChmEarlsmoser, what are you trying to do?15:00
smosernetboot a maverick install.15:00
smoserusing kernel/ramdisk from iso is too old, as that package is no longer in archive.15:00
ChmEarlsmoser, sorry - maverick is older than hardy?15:01
smosermaverick is 10.1015:02
kimi_thanks to everybody, I will come back later15:05
kimi_and let you know how I'm doing15:05
kimi_thanks TheJ3ckyl15:05
ChmEarlsmoser, now I know ;)  - here is the netboot pair for maverick http://archive.ubuntu.com/ubuntu/dists/maverick/main/installer-amd64/current/images/netboot/ubuntu-installer/amd64/15:06
ChmEarlsmoser, also there is xen aware boot set15:06
smoseryeah, thats too old15:07
smoserdo you know how that is created ?15:07
ChmEarlsmoser, whats missing or wrong with it?15:07
smoserthe kernel that is there is not in the archive. so if you boot off of it, the installer says "i can't find modules for this kernel"15:08
smoserwhich goes badly15:08
ChmEarlsmoser, version is 2.6.35-10-generic15:10
smoserwhich is not available in archive.15:11
* Daviey screams15:12
pmatulis"in (cyber)space, no one can hear you scream"15:20
ChmEarlsmoser, yes same thing happens with the xen boot files15:21
ChmEarlsmoser, I tried it a second ago15:21
RoyKpmatulis: - In space, loud sounds, like explosions, are even louder because there is no air to get in the way15:23
jpdspmatulis: You'd hear Daviey.15:23
pmatulisjpds: but i didn't15:23
a_ok2RoyK so you need to scream explosive?15:23
a_ok2RoyK: I solved my problem by the way, based on Lun number I made udev rules that make some nice symlinks(very descriptive names this time)15:26
uvirtbotNew bug: #611721 in tomcat6 (main) "postinst fails if group exists" [Undecided,New] https://launchpad.net/bugs/61172115:26
uvirtbotNew bug: #611722 in apache2 (main) "package apache2.2-common 2.2.14-5ubuntu8 failed to install/upgrade: subprocess installed post-installation script returned error exit status 1" [Undecided,New] https://launchpad.net/bugs/61172215:26
ccheneymathiaz, did you see my email from a few days ago? i've been out sick but didn't see a response15:29
mathiazccheney: yes - I should get to it today15:30
ccheneymathiaz, ok15:31
mathiazttx: how is usually JAVA_HOME handled?15:43
mathiazttx: do you always have to set it manually?15:43
mathiazttx: or is there a central place where this is set automatically15:43
mathiazttx: ?15:43
ttxmathiaz: hm15:44
ttxmathiaz: in tomcat6 there is a bit of code to pick the right JVM15:44
ttxsee http://bazaar.launchpad.net/~ubuntu-branches/ubuntu/lucid/tomcat6/lucid/annotate/head%3A/debian/tomcat6.init15:45
ttxlines 54-6515:45
ttxand then an /etc/default.tomcat6 settings lets you overwrite that15:45
ttxthat's what I reproduced in terracotta's packaging15:46
DavieyAhh.. i was wondering that myself yesterday15:46
ttxif you strongly depend on default-jre-headless you can hardcode /usr/lib/jvm/default-java15:47
ttxthe tomcat6 technique lets you specify a default preference order, basically15:47
raubvogelWhen you use ubumirror with reprepro, how do you make the later check in the directory created by the former for new/removed packages?15:49
mathiazttx: it seems like JAVA_HOME should be centralized15:53
mathiazttx: isn't there an alternative system already in place?15:53
mathiazttx: for managing which version of java is the default one?15:53
mathiazttx: if tomcat6, hadoop, terracotta are all doing the same...15:53
ttxmathiaz: the problem is you need to set JAVA_HOME, not just the path to the java executable15:54
ttxbut maybe that can be done15:54
=== ian_brasil__ is now known as ian_brasil
thesheff17I run tomcat, jboss and terracotta at my company and I use the java service wrapper. http://wrapper.tanukisoftware.com/doc/english/download.jsp15:59
thesheff17it has a bunch of advanced features for java16:00
SpamapSttx: seems like the solution there is to make the alternative point at a shell script that sets JAVA_HOME and then runs the real jvm16:05
SpamapSthesheff17: I've heard good things about that too.16:05
thesheff17yea I do like it allot...it is a little hard to setup but once is working correctly it is very easy to adjust ram, configuration, and when always shutdowns tomcat correctly16:07
SpamapSI think my buddies who maintain a large SOLR cluster use it too16:10
MisterioIn ubuntu server, what is necessary to do to make a process to autostart? For example, ssh, apache, samba...16:13
thesheff17Misterio: update-rc.d apache2 defaults is what I used to use.16:15
cloakableinstall it from apt and it will start on boot16:15
thesheff17I believe it is still valid with 10.0416:16
cloakableapache2 has always started automatically for me16:17
MisterioIt says that file already exists, and nothing happens16:17
a_ok2it seems that kvm does not work without etherboot yet it is not dependency???16:17
thesheff17if it already exists then it should be starting16:17
thesheff17if it isn't there is something wrong with your setup16:17
thesheff17a_ok2: I use kvm without etherboot without any problems16:19
thesheff17a_ok2: are you trying to create a bridge for KVM?16:19
a_ok2thesheff17: I wonder why it insists on loading optrom than16:19
a_ok2thesheff17: I already have16:20
a_ok2will check out the bloody scripts16:20
a_ok2thesheff17: I have created a bridge and a tap. however non of the parameters I gave sugests it should use pxe. (I let it boot from cdrom to be exact)16:22
smoserkirkland, intended behavior ?16:25
smoserssh system where 1 session is open. i don't get a prompt for selection ?16:25
a_ok2thesheff17: sorry it was just a warning kind of error, the reason it broke of was that it apparently can not when ommiting host in -vnc16:29
thesheff17ah ok16:30
papertigersDoes anyone know if you can directly connect two VM's in kvm16:34
thesheff17papertigers: what do you mean directly connect?16:34
papertigersthesheff17: link a crossover cable trunk linking to physical boxes16:35
papertigersthesheff17: say I had two VM's , vm1 and vm2 they each have one nic bridged to the physical network, can I somehow also give them another nic directly connecting them16:36
lolufailI'm having the weirdest problem: ubuntu lucid server 64 on a debian host.16:36
lolufailthe VM stops booting after "Begin: Running /scripts/init-bottom ... Done.", verbose says he hangs at mountall.16:36
lolufailwhen I append "init=/bin/bash" to the kernel line, remount the filesystem rw, remount it ro again, and reboot, the VM boots!16:36
lolufailif I shut it down again, mount it on the host, unmount it again and boot it again, it hangs -.- wtf?16:36
lolufaildoesnt make any sense to me.16:37
lolufailxen btw16:37
thesheff17papertigers: that is a good question...is it possible to bridge two adapters and then just have the second adapter with a cross over cable.16:38
qman__papertigers, I would think you could create a new bridge between the two virtual adapters and not include a physical one16:38
qman__to get the same effect16:38
papertigersqman__: interesting, can you create a bridge not linked to a physical nic?16:38
papertigersthesheff17 and qman__ the reason I question is sometimes at school we use VMware and we have the ability to give x nics and connect them wherever for example a virtual vyatta router, I dont see why kvm wouldnt be able to do this because vmware can also be based on linux16:40
qman__I don't see why not16:40
qman__of course, the last time I messed with any of that extensively was with vmware 1.x16:40
lolufailaany clues?16:42
qman__lolufail, sorry, I don't know anything about xen16:44
papertigersqman__: I can create a bridge using brctl addbr testbridge16:44
papertigershowever virt-manger wont let me select it because it is not bridged to any actual devices16:44
qman__papertigers, ah16:45
a_ok2papertigers: can't you just add a tap?16:46
a_ok2i mean qman16:46
papertigersa_ok2: ive never worked with taps directly how do you do that16:46
=== Guest17167 is now known as lau
a_ok2papertigers: first install uml-utilities16:48
papertigersdoing that as we speak already haha16:48
papertigersa_ok2: okay got it16:48
a_ok2than create a tap with tunctl -b -u <username that needs access (can be ommited)>16:49
a_ok2it should say what tab it made16:49
a_ok2than do brctl addif <bridgename> tap016:50
a_ok2papertigers: nothing to it really16:50
papertigersahh okay so basically i can create a bridge called trunklink16:50
papertigersand add say tap1 and tap2 and assign tap1 to vm1 and tap2 to vm2?16:51
a_ok2brctl addbr trunklink16:51
a_ok2yes exactly16:51
a_ok2that is what I do16:51
papertigersa_ok2: okay thanks a lot I will have to play with this, I recntly saw that openswitch project too16:52
a_ok2do note that you need to assign MAC adresses, by default it pics the same for every VM in this setup you will have conflitcs16:52
a_ok2papertigers: bridges work fine with me. can even use iptables on them16:53
a_ok2papertigers: I was really amazed with that (never had a firewall on a switch before)16:53
papertigersa_ok2: yea I need to get some iptables going on my kvm machine16:54
papertigersdid it get complex?16:54
thesheff17yea another question is say I have a box running two VM.  if one is communicating with the other does the traffic actually flow out of the cat5 to the switch and back in?  Or is KVM smart enough to know to route traffic internally?16:54
a_ok2no, you just need to know that you have to put the rules in the forwarding table instead of input16:54
papertigersthesheff17: should hit the bridge device which is actually a switch16:55
papertigersand it should not go out16:55
thesheff17ah ok16:55
papertigersbrctl showmac vr016:56
papertigersbrctl showmac br016:56
papertigersits showmacs16:56
mathiazttx: how about having a standard directory for JAVA_HOME16:57
mathiazttx: and then manage the standard directory as a symlink to the actual jvm used16:57
a_ok2papertigers: the nice thing of putting firewall rules on the bridge is that you only have to define them onces and firewall all the machines on it (one of my bridges is connected directly to the internet)16:57
ttxmathiaz: whatever solution would need to be discussed on debian-java16:57
papertigersthesheff17: that work? it should show a local field too16:57
mathiazttx: agreed16:57
ttxmathiaz: since most of the action happens there16:57
mathiazttx: it just seems that could be improved16:58
ttx(even I do my commits in debian first)16:58
papertigersa_ok2: are you doing the bridge device or the interfaces on it like vnet016:58
ttxmathiaz: definitely, but there may have been prior art16:58
* ttx eows16:58
mathiazttx: any examples of JAVA_HOME in debian/rules?16:58
papertigersa_ok2: would you mind sending me your iptables script and striping out anything you dont want me to see?16:59
ttxin debian/rules you set it to whatever you build-dep points to16:59
ttxmathiaz: JAVA_HOME=/usr/lib/jvm/default-java16:59
ttxmathiaz: since you bd on default-jdk16:59
a_ok2papertigers: no you set the rules on the bridge, and use the Ip adresses or mac adresses that are used in the VM host if you need to need to filter based on that16:59
ttxmathiaz: gtg16:59
mathiazttx: ok - thanks16:59
papertigersa_ok2: ahh okay16:59
mathiazttx: have a nice weekend!17:00
papertigersa_ok2: what kind of hardware is your KVM box17:00
a_ok2papertigers: dell poweredge something, has two Xeon E5520, and 8GB ram17:01
a_ok2disks are in a san (also a poweredge, running on openfiler)17:02
papertigersa_ok2: jealous haha, I have a box I built with a phenom quad core and 8gig of ram17:03
papertigersa_ok2: my disks are on my 5.4tb raid6 shared via nfs17:03
thesheff17hehe I have a dell desktop running KVM :)17:03
a_ok2thesheff17: well I have a laptop running kvm (on a 1.2 Ghz low voltage C2D) runs just fine17:04
papertigersthesheff17: all my money goes into my computers :( why do i even work17:05
papertigersa_ok2: how do you like openfiler17:05
thesheff17I feel the same way17:05
thesheff17I just bought a new i7 laptop17:05
thesheff17is it possible to bridge a wlan0 to br0?17:06
a_ok2thesheff17: we only have 900GB effectively (also raid 6) but they are those new SAS 6GB/s17:06
papertigersa_ok2: I would love to have sas based storage, but for now I will stick with sata for cost reasons17:07
a_ok2papertigers: it works greath if you have 2.3, unfortuanatly I have a bit to new hardware to run the stable version (perc h700 is not supported yet)17:07
a_ok2papertigers: actually they are not that expensive anymore17:07
papertigersmy 1tb black WD drives never do me wrong17:08
papertigersa_ok2: how much is a typical drive17:08
a_ok2300Gb 230 euro's17:10
a_ok2ours where much cheaper though17:11
a_ok2let me see if I can find what we paid17:11
papertigersokay thanks17:13
a_ok2papertigers: its not specified, unfortunatly. we have 5 300GB 6gb/s 15k Hot swappable disks. for about 1000 euros I think17:16
papertigersa_ok2: great thanks for showing me tap haha now I am going to set up a bridge with a bunch of taps and vyatta and play with its routing17:16
a_ok2papertigers: you can actually use iptable rulles on the interface i forgot (you just have to specify it diferently) check this out: http://www.sjdjweis.com/linux/bridging/17:19
a_ok2gtg later17:19
papertigersthesheff17: ahh kvm is so nice17:20
thesheff17yea I really do like it...it works very well.  I have been fighting a little with vmbuilder.17:21
thesheff17but I have been running kvm since 9.04 and never looked back at vmware17:22
papertigersthesheff17: I am going to try vmbuilder today17:29
papertigershey do you know if there are any rules of thumb based on number of vms to processors17:29
thesheff17papertigers I have a small python wrapper for vmbuilder if you want it. Nothing special and it is a work in progress but works well.17:30
thesheff17vms per proc is tough...if most of the time the vm sits there and does nothing you can create a bunch....I try to limit 2-3 per CPU17:31
papertigersthesheff17: per cpu core?17:32
thesheff17papertigers: yes17:32
papertigersthesheff17: I love python, sure id love to have a look at it17:32
papertigersare you doing cpu pinning or just letting kvm controll that17:33
thesheff17I'm letting kvm control that.  most linux machines just sit idle all day and then spike during a specific event cronjob usually....so I just make sure that I stagger cronjobs17:34
papertigersthesheff17: hmm I am gonna set up a mini network in kvm maybe ill give them all like 128mb of ram and 1cpu17:35
papertigersthesheff17: thanks I downloaded it.  What do you have your VMs doing, currently I have dns, web, and ubuntu mirror as my always up running vms17:36
thesheff17basically I have been prepping moving my production env to KVM and want to be able to build VM on the fly for load balancing.  We are a big Java shop so we run tomcat, jboss, terracotta.17:37
thesheff17so in the script I just basically concatenate a string to build the packages I want per machine17:38
papertigersthesheff17: ahh nice, I need to find a company that will let me do their network and run ubuntu and VM's17:38
papertigersthesheff17: how do you plan on doing load balancing?17:38
thesheff17well I eventually want to get VM's running squid17:39
thesheff17but for now we use an hardware F5 that is super expensive17:39
thesheff17also you may have to adjust the script a little...it accounts for a local ubuntu repository17:40
papertigersI have a local ubuntu repository, one of my VMs :P17:40
thesheff17hehe nice17:41
papertigersthesheff17: how do you plan on spawning vms based on load?17:41
thesheff17that is a good question...I haven't gotten that far yet but plan on monitoring the load on the current VM's and put some zabbix threshhold on CPU & time and if that trigger happens spawn more17:42
papertigersthesheff17: ive never used zabbix17:43
papertigerswhat kind of vms do you want to spawn? webservers?17:43
thesheff17basically just a monitoring tool..I'm sure most can do it17:43
thesheff17yea web servers17:43
thesheff17and jboss17:44
smoserDaviey, ping17:44
smoserinstances go from pending to terminated.  /var/log/libvirt/qemu/i-37430731.log shows:17:44
smoserlibvir: Security Labeling error : internal error error calling aa_change_profile()17:44
thesheff17there is also a bug right now for tmpfs param which builds it in RAM for testing and is very quick.  You have to get the latest package from here https://launchpad.net/~vmbuilder/+archive/daily/+packages17:44
papertigersthesheff17: so basically you would need to set up a load balancer and dynamically add the ip's of the newly added vm's to the list of servers17:45
thesheff17yes or just have a range already in there17:45
thesheff17like will be my web server range17:46
papertigersthesheff17: but if you had the range in there and a vm was off, wouldnt it still try to send the connection to it17:46
thesheff17and they do active checks on apache17:46
thesheff17they won't serve boxes not running apache17:46
papertigersthesheff17: ahh okay, what load balancer is that?17:46
thesheff17I'm using pound for our dev env and an F5 for production17:47
thesheff17papertigers: hehe I even run the pound server on the KVM server17:48
papertigersthesheff17: I am looking into doing this too now haha17:48
smoserabove, i found bug 599450, trying hally's work around. to disable.17:50
uvirtbotLaunchpad bug 599450 in linux "[apparmor] getattr handled incorrectly in 2.6.35-6.7" [High,Fix committed] https://launchpad.net/bugs/59945017:50
papertigersthesheff17: I was playing around with migrate, I had it working perfectly, distributing load would be awesome too17:50
thesheff17papertigers that is such a good idea to migrate them around too :) Here is my config file for pound: http://ubuntu.pastebin.com/dyTjeV9Y17:51
thesheff17papertigers: it is setup to just load balance two machines but can easily have more17:52
papertigersthesheff17: thanks I have so much to play with now haha17:52
thesheff17papertigers: you can also do SSL with pound which I really like...not all load balancers have support for SSL.17:53
papertigersyeah moving them accross kvm servers is cool.  I could write a python script to monitor load and then migrate to the other kvm based upon load17:53
thesheff17papertigers: np I have been working on KVM and vmbuilder for a while now and would love to see more people use it and bounce ideas off each other. vmbuilder is so promising I can really build a lucid apache server in about 5 min.17:53
papertigersthesheff17: yeah i need to use vmbuilder, going through virt-manager and doing a full install sucks17:54
papertigersthesheff17: do you plan on building vms or having them built and turning them on when needed17:55
thesheff17papertigers: for production I would have them built and off.  Chances are I will spin up manually until I get all this working.  Eventually though I want my entire env build from vmbuilder.  Auditors are climbing up my back all the time telling me my servers are not the same17:56
thesheff17papertiger: I would love to just send the auditors my python script and say this is what our servers is running and nothing else.17:57
papertigersthesheff17: haha nice, yeah I am doing this all in my home lab for now.  What company do you work for17:58
thesheff17papertigers: ticketreserve.com17:59
thesheff17papertigers: hopefully no one gets offended...it has had some problems in the past :)17:59
papertigersthesheff17: what has?18:00
thesheff17papertigers: the company18:00
thesheff17papertigers: I do allot of consulting work though also18:00
papertigersthesheff17: ahh okay18:01
papertigerstell them you yourself are opensource haha18:01
thesheff17papertigers: I wish it was that easy :)18:01
papertigersthesheff17: I hate that on most of my vm's shutdown doesnt work :(18:03
thesheff17papertigers: are you running them from virt-manager or are you running shutdown -h now within the vm?18:07
papertigersvirt-manager or virsh shutdown vm18:08
papertigersin the vm i can do a halt just fine18:08
thesheff17papertigers: ok yea I can't say I have had a vm not work with shutdown -h now inside the vm18:08
RoyKpapertigers: I've seen that - I can't shutdown my VMs from virt-manager either18:10
RoyK'halt' or similar from inside the VM works, though18:10
papertigersRoyK: yeah same18:12
papertigersthesheff17: interesting, I am looking at that tap stuff, looks like i cant assign it directly to a device, needs to be a part of a vm18:12
thesheff17papertigers: yea I'm having some weird results from vmbuilder...I'm emailing back and fourth with the developer for that project.18:14
* RoyK reads up on Fortran18:38
=== dendrobates is now known as dendro-afk
=== dendro-afk is now known as dendrobates
Davieysmoser: Yeah.. i think that is apparmour playing it's magic - i think a fix is landing soon!18:46
Davieythat isn't our bug to solve, sadly.18:46
SpamapSDaviey: http://ceph.newdream.net/wiki/RADOS_Gateway18:49
SpamapSDaviey: ever seen that?18:49
SpamapSDaviey: its an S3 store.18:50
mullerk i have a hp server, proliant dl120. I'm trying to install ubuntu 8.04, but the sata hard drive is not being detected in the installation. how can I discover the correct driver for that?19:12
remix_tjmullerk: maybe depends on the contoller19:15
remix_tjlspci maybe can help19:15
mullerkthe problem is that I don't have the driver for that19:16
mullerkaccordgin to hp website, it's a "HP Proliant Smart Array Controller". Anyway, I'm not using RAID19:16
auhello, I followed https://help.ubuntu.com/10.04/serverguide/C/postfix.html but when I do ehlo mail.mydomain.com, it has everything else but 250-AUTH LOGIN PLAIN19:20
auhow can I get it to show 250-AUTH LOGIN PLAIN19:20
aubrr, missing those question marks :)19:20
DavieySpamapS: I hadn't.. looks interesting19:23
sorenSpamapS, Daviey: S3 really isn't rocket science. It took me a day or so to implement in OpenStack.19:24
sorenI'm surprised there isn't of them out there :)19:24
auhmm so any postfix gurus around?19:25
RoyKau: I'm not a guru, but I've used it for some years...19:26
auhmm would you be able to tell me what I am doing wrong? please19:27
RoyKau: what are you trying to achive?19:30
RoyKsimple smtp?19:30
RoyKor authenticated smtp?19:30
ausetup a simple smtp server19:31
auwhere yes I have to authenticate to send emails19:31
RoyKau: isn't that 250 ok, then, if you want auth?19:31
auhmm found a smtpd_tls_auth_only = yes in main.cf, one moment19:32
RoyKsounds reasonable :)19:32
RoyKTLS is a wee bit more secure than plaintext19:32
auI would like it to have both options19:33
RoyKau: if it's on a private LAN, just define the IPs from whom you want to allow relay19:33
aunope, not private lan19:35
auRoyK: thanks for help :)19:36
thesheff17au: yes I just checked mine and I have relayhost = ip  I also don't have to authentication.  I know this doesn't help but know it works...have you checked that you make sure you can get to port 25 on that smtp server?19:38
SpamapSsoren: backed by CEPH, this RADOS should be really damn scalable.19:39
authesheff17: yep it works fine :) now just to see why it's giving me a wrong ssl certificate :)19:40
cablopi need some help to setup a https apache server19:54
PiciWhat part of the setup is causing issues?19:55
cablopin one step i'll need to create certificates and other things and i don't know how to setup the server name... i mean the domain name that i need to create the certificates for, how can i?19:55
cablopan old guide says i need to go to "System->Administration->Networking:General" butr that menu does not exist here19:55
mullerkhey guys, i'm still looking for how to install the ubuntu server in a hp server with sata driver.. the hd is not being reconized... somebody help me!19:55
cablopor maybe i can sklip that hostname part and go ahead?19:56
ubottuUse hostname <somehostname> to set the hostname, or to do it permanently: edit /etc/hostname and /etc/hosts . WARNING! Make sure that your current hostname and /etc/hosts match, otherwise sudo may not work properly.19:56
cablopwait a second can i set up a domain.name as a hostname?19:58
RoyKmullerk: what sort of SATA controller do you have on that one?20:00
sorenSpamapS: I guess I didn't look too closely. Is it actually bound to ceph in any way, or is it just a frontend to an arbitrary filesystem?20:05
thesheff17cablop: I think the new 10.04 has an certificate built in if you install openssl20:05
thesheff17cablop: look under /etc/apache2/sites-available/ dir20:06
thesheff17cablop: that will be the location for config stuff.20:06
cablopthanks thesheff1720:08
papertigersthesheff17: this setup took me a bit to think about, going through with the vyatta install haha i stress my kvm box so much20:11
thesheff17cablop: check this out http://ubuntu.pastebin.com/mrjDZw2y20:14
thesheff17cablop: it is a little outdated that first link but still works.  If you are going to get your cert signed you have to run it through that process as well and put the right files in the right place.  /etc/apache2/auth/ is an directory I just created.20:15
SpamapSsoren: as I understand it, RADOS is CEPH's lower level20:16
sorenSpamapS: Oh, I see.20:16
SpamapSsoren: so CEPH is really just an interface to RADOS, as is the RADOS Gateway which speaks S320:17
thesheff17papertigers: nice...have you used virt-clone?20:17
papertigersthesheff17: yeah ive used it like once20:19
thesheff17papertigers: I haven't used it in a long time but there was a problem that you had to edit /etc/udev/rules.d/70-persitent-net.rules and adjust the network.  which was a pain.  I think I have started cloning a vm that had the script on the box and when you logged in as root it did a reboot and then the network was fixed.20:19
papertigersbut then you have to set the hostname again and change the nic20:19
RoyKanyone that knows where I can get an affordable SSL certificate?20:22
thesheff173 years 24 dollars20:24
cablopthanks thesheff1720:25
cablopRoyK try comodo too, they have certificates too20:25
RoyKseems godaddy is a good place to start - thanks :)20:29
thesheff17papertigers: what are you trying to do with vyatta?20:29
thesheff17RoyK: I sound a like a godaddy rep but they have cheap ssl certs and there turn around time on them are quick.  Others take time to review bs thinking there is some type of extra security built into delaying you your cert.  If it is isn't production self signed certs are always a good way to go.20:32
thesheff17Royk: hell have the govt certs are self signed.20:32
RoyKthesheff17: what would you recommend?20:33
cablopthanks for the help20:33
cablopi have to go for a while20:33
RoyKI don't want self-signed certs20:33
cablopsee ya20:33
thesheff17RoyK: just the cheapest one for as long a you want...the crap that makes it green in the title bar is over kill :)20:34
mullerkRoy: it's a HP Proliant Smart Array COntroller20:36
smoserkirkland, Daviey one of you able to anwer20:40
smoserfor VIRTIO, i put that on the CC or the NC20:40
smoseri tried CC and restart with CLEAN=1, but no affect it seems.20:41
smosernode controller. verified (i think).20:41
raubvogelwhich user does ngnix run as?20:42
Davieysmoser: I think we are carrying the force virtio patch, which might be causing that.20:42
Davieysmoser: Is the problem that, you can't get virtio, or you can't disable it?20:43
smoserwithout that stuff, it does virtio root20:43
smosers/virtio root/scsi root/20:43
smoseradding it to eucalyptus.conf on the node changes it to virtio root20:43
smoserit seems broken to me that that setting would be on the node20:43
Davieywhere would you expect it to be?20:44
Davieysurely it's the node that does the magic20:44
smoseryes, but surely it has to be configured on a per-cloud basis20:44
Davieyper *node* basis20:44
smoserit would be bonkers to have an image get one set of hardware on one node, and one set on another node.20:44
smoserbecause 2 nodes /etc/eucalpytus.conf settings differed.20:45
Davieysmoser: whilst i agree, it does seem to be logical to have the setting on the nc20:45
DavieyIt reasonable to assume that if an end user changes the defaults, they need to have a plan to make it migrate themselves20:46
Davieysmoser: patches welcome if you disagree enough :)20:46
SpamapSDaviey: so , do we have any idea if eucalyptus will be able to display any graphs we produce?20:47
* Daviey makes a call.20:47
DavieySpamapS: Yes... just clarifying how now..20:47
smoserof course it will.20:47
* smoser is feeling a bit snarky after dealing with instability all day20:48
SpamapSBTW does anybody know who moderates ubuntu-devel@lists ?20:48
DavieySpamapS: check mailman]20:50
benediktshouldnt libivirt store the virtual disk images somewhere in /var?20:53
benediktit has been placing my images in my ~ for some reason20:53
smoserSpamapS, i've pinged cjwatson in your position before, and it got fixed.20:58
smoserhe's probably overkill for that, but i'm fairly certain he has acl20:58
benediktmore specificly, how do i control where libvirt will store teh image for a guest i create21:04
tyskahi guys, im having problems with CUPS + WIN, cant print on authentication required printers, can someone help me?21:25
tyskaim stucked very much time on this =/21:26
thesheff17ping benedikt22:24
thesheff17benedikt: ping22:24
musteloI've got a lab running lucid (desktop) connecting via kerberos to a server. authentication works great, and I can login via the console on the desktop machines, but graphical login hangs. has anyone seen this issue?22:25
benediktthesheff17: pong22:26
thesheff17benedikt: how are you building your vm?22:26
thesheff17haha funny...ok I was creating multiple vm with a script22:27
thesheff17and they where overwriting each other22:27
thesheff17I talked to the developer and he just said what ever directory you are in they will build in there.22:27
benediktah, cool.22:28
benediktthen its pretty easy to decide where they go22:28
thesheff17At least here on lucid, the vm gets placed inside $CWD/ubuntu.kvm.22:28
thesheff17it used to be /var/ something...I was also very confused22:28
thesheff17I haven't tested it yet but I bet that is it.22:28
benediktim gonna try later22:34
benediktill let you know22:34
thesheff17k sound good ttyl22:35
=== unreal_ is now known as unreal
=== erichammond1 is now known as erichammond
papertigersthesheff17: I messaged you if you are still around23:41
kimi_HEllo to everybody. Does anybody ever configured a freeradius in Ubuntu?23:57

Generated by irclog2html.py 2.7 by Marius Gedminas - find it at mg.pov.lt!