/srv/irclogs.ubuntu.com/2010/08/13/#ubuntu-server.txt

arrrghhh	so i've mounted a nfs share at /tmp, but not i can't umount it. says device is busy - probably because it's /tmp... i can't even umount it with -f, what else can i do?	00:02
patdk-lap	kill any programs using /tmp :)	00:06
arrrghhh	patdk-lap, none should be at present...	00:07
patdk-lap	verify with lsof?	00:08
arrrghhh	i just did...and there are some .nfs files open	00:08
arrrghhh	from .python.b	00:08
arrrghhh	how do i know what process to kill tho?	00:09
arrrghhh	patdk-lap, i can't kill all of the .python.bin processes...	00:13
patdk-lap	reboot? :)	00:23
arrrghhh	hahaha	00:24
arrrghhh	yea i guess so	00:24
arrrghhh	this is a 'production' server so i was hoping to avoid that...	00:24
patdk-lap	heh	00:25
uvirtbot	New bug: #611769 in eucalyptus "Can't create volume from snapshot with different size" [Undecided,Fix committed] https://launchpad.net/bugs/611769	02:16
rcsheets	Standard Cloud Add-On - 1 Year: $350.01	02:47
rasengan	Anyone have an issue with pptpd GRE+ppp checksum errors?	02:55
mewsic	trying to setup vsftpd. can anyone help?	03:06
mewsic	help with server	03:14
mase_wk	mewsic: sure we are in here to help, but you need to provide us with specific problems that your having	03:18
=== lifeless_ is now known as lifeless
=== dendrobates is now known as dendro-afk
=== rmk_ is now known as rmk
MikeGuo	hi,	05:02
MikeGuo	everyone. I got a UEC issue.	05:02
MikeGuo	I can't register my node.	05:02
twb	!ask	05:02
ubottu	Please don't ask to ask a question, simply ask the question (all on ONE line and in the channel, so that others can read and follow it easily). If anyone knows the answer they will most likely reply. :-)	05:02
MikeGuo	and I found people have same problem with me.	05:02
MikeGuo	there is bug:https://bugs.launchpad.net/ubuntu/+source/eucalyptus/+bug/598186	05:02
uvirtbot	Launchpad bug 598186 in eucalyptus "Unable to register nodes in eucalyptus" [Medium,Incomplete]	05:02
MikeGuo	is there other people got this issue too?	05:03
MikeGuo	thanks	05:03
=== EvilTrek is now known as EvilPhoenix
alex88	what is file /proc/user_beancounters? and where are the current values of that things?	07:13
twb	alex88: it's OpenVZ's exposure of resource limitations stats	07:16
alex88	twb: thank you, but there are the limits..where i can see the current values? i have some fails in tcprcvbuf and tcpsndbuf	07:18
twb	The limits are configured in /etc/vz/conf/N.conf	07:21
alex88	is anything i can do with those buffers? i just download from my home when i get those errors	07:25
twb	alex88: ask #openvz. I don't really feel like dealing with openvz stuff.	07:29
alex88	oh...sorry :) thank you	07:31
uvirtbot	New bug: #617237 in mysql-dfsg-5.1 (main) "package mysql-server-5.1 5.1.41-3ubuntu12.3 failed to install/upgrade: Package is in a very bad inconsistent state - you should reinstall it before attempting a removal." [Undecided,New] https://launchpad.net/bugs/617237	07:51
WalterN	for some reason apache is not saving the log files...	07:59
\sh	WalterN: hmm? elaborate? :)	08:00
WalterN	using the same configuration as with 9.10	08:00
WalterN	with virtual hosts	08:00
binBASH	moin	08:00
\sh	hey binBASH	08:00
WalterN	hmm.. lemme pastebin the config file	08:00
binBASH	Hi \sh ;)	08:00
alex88	paste somewhere :)	08:01
demon1981	hi all)) how I can determin frequency of my graphic card on my 10.04 without X server?	08:01
alex88	demon1981: look at manifacturer specs :)	08:02
demon1981	alex88: I dont know what video card I use:)	08:03
alex88	lspci?	08:03
WalterN	http://pastebin.com/gq8THFcV	08:04
WalterN	where pool is a RAID5	08:04
WalterN	it worked fine is 9.10 and on a single disk (didnt have RAID st up at the time)	08:05
alex88	WalterN: tried /var/log/apache2/error.log?	08:05
alex88	it shows startup errors	08:05
WalterN	checking	08:06
demon1981	I have that in dmesg	08:07
demon1981	[ 4.702355] [drm] nouveau 0000:02:00.0: Detected an NV50 generation card (0x0a5000a2)	08:07
demon1981	may be its nvidia	08:07
demon1981	how I can determ model of card?	08:07
alex88	demon1981: i told lspci not dmesg	08:08
demon1981	ups	08:08
WalterN	alex88: oh, it says it cant open /media/pool/website/error_jewelcreekkennels.com.log. Unable to open logs	08:08
alex88	WalterN: look why..can you access with root?	08:09
alex88	like touch /media/pool/website/error_jewelcreekkennels.com.log	08:09
alex88	look also at fstab permissions for the drive	08:09
WalterN	I chowned the drive I thought	08:11
WalterN	maybe I should have -R ?	08:11
alex88	sure	08:11
WalterN	heh, that did it	08:17
demon1981	my card is GeForce 02:00.0 VGA compatible controller: nVidia Corporation GT216 [GeForce GT 220] (rev a2) very likely driver nouveau is used. How I can determine the frequency of output signal?	08:17
WalterN	strange though, why would I need to own the directory that its saving the log to?	08:17
WalterN	not sure who the owner was before, but could save anything I wanted before	08:18
WalterN	hmm, since I'm talking about it, what is a good website log viewer/analyzer thingy program?	08:20
\sh	webalizer / awstats / analog /modlogan it depends on your needs	08:21
WalterN	hobby server	08:22
\sh	webalizer	08:22
WalterN	as in, I dont know what I need :P	08:22
alex88	demon1981: you main monitor refresh?	08:23
alex88	WalterN: no, that not important...btw try to set log to debug in apache.conf, or ask in #httpd :)	08:23
alex88	gtg now	08:23
soulstar	hi, I'm having a problem setting up a router	08:27
soulstar	can anyone help?	08:27
WalterN	soloslinger: what kind of router, and for what?	08:28
soulstar	i'm setting up my computer to serve as a linux router	08:29
soulstar	i have ubuntu 10.04 installed	08:29
WalterN	oh, donno XD	08:30
WalterN	I could help with dd-wrt though :)	08:30
WalterN	which is not what you are using or want to use, so nevermind	08:30
soulstar	I'm using openwrt on my wireless routers...	08:31
soulstar	which I don't have a problem with	08:31
eagles\|work	hey guys	08:36
eagles\|work	my question is this.	08:36
alex88	soulstar: what you want to have?gateway?	08:36
eagles\|work	i have my modem connected to a router and the router is getting dos'd is it possible to black list the ips on my server so they cant flood the server again?	08:37
alex88	eagles\|work: you have firewall? how are you'r linux skills?	08:37
qman__	eagles\|work, yes, but it's even easier/better to use iptables recent	08:37
qman__	it'll dynamically block addresses that are spamming	08:38
eagles\|work	qman__: and alex88 i have iptables setup	08:38
eagles\|work	would you like a pastebin of the iptables -L output	08:38
alex88	i use csf, and is awesome for ddos, bruteforces etc	08:38
alex88	try it	08:38
qman__	http://www.ducea.com/2006/06/28/using-iptables-to-block-brute-force-attacks/	08:39
eagles\|work	i have in the past but had mixed feelings about it	08:39
qman__	that example is for ssh, but can be used for any type of traffic	08:39
qman__	it'll significantly reduce the impact of the DoS while not cutting off service entirely	08:40
alex88	eagles\|work: i've always been fine with that..	08:40
eagles\|work	qman__: someone pointed out somethign valid though even though the server is secured the router and my incoming connection will still be getting flodded	08:41
qman__	eagles\|work, the way this works is, the server will simply drop packets being spammed in	08:42
qman__	so the DoS would have to have so many resources that only the single incoming SYN packets can max your line	08:42
qman__	and if that's the case, there's nothing you can do about it	08:42
eagles\|work	ya im in the process of setting up another server as a dedicated firewall	08:42
eagles\|work	qman__: would snort help mitigate those kinds of attacks or not really	08:43
qman__	no	08:43
qman__	snort is an IDS, it has no effect on this sort of thing	08:43
qman__	it will simply tell you what is happening	08:43
eagles\|work	ok	08:43
qman__	if the attacker can flood your line with SYN packets, there's nothing you can do on your end	08:44
qman__	contact your ISP	08:44
qman__	see if they can help	08:44
qman__	but, if they're only succeeding with the full handshake, a proper firewall will reduce the impact	08:45
WalterN	I should set up email sometime soon	08:45
eagles\|work	qman__: im getting flooded with udp packets	08:46
qman__	eagles\|work, is your server dropping them, or rejecting?	08:47
qman__	dropping is what you should be doing	08:47
alex88	reject will just generate more traffic	08:47
qman__	and if you are, that's all you can do	08:47
eagles\|work	qman__: i have a router in between the outside and server	08:47
qman__	irrelevant	08:47
alex88	if the router can handle all the packets	08:48
eagles\|work	and the router is just stopping the floods	08:48
qman__	well, it doesn't really matter where the packets are getting dropped, as long as they're getting dropped, and not rejected	08:48
qman__	that's all that can be done from your end	08:48
eagles\|work	ya	08:48
mase_wk	thats not exactly true, if you can get someone else upstream to drop them for you :)	08:49
eagles\|work	hehe	08:49
qman__	exactly my point, nothing else can be done on his end of the line	08:49
eagles\|work	well i am in the process of setting up a dedicated firewall machien with 2 nic's	08:49
qman__	call the ISP, get them to help	08:49
mase_wk	yeh	08:49
mase_wk	or get the ip address, fly to their location and punch em in the face	08:49
eagles\|work	ya i am waiting to get an email back with contact number	08:49
WalterN	meh	08:50
WalterN	just launch ICBM with IP seeker firmware installed	08:51
WalterN	make sure its not pointing to lo ;)	08:51
qman__	only two approaches there, get the ISP to drop the packets, or give you a fatter pipe	08:52
twb	IP address doesn't incidate elevation, which is critical for a targeted ICBM strike	08:52
twb	*indicate	08:52
mase_wk	qman__: i get hundreds of emails a day offering me a fatter pipe... =)	08:52
WalterN	twb: a contact fuse would work, though yeah.. elivation would make it more ideal :P	08:52
WalterN	elevation*	08:53
eagles\|work	qman__: whats funnier if you look at the internal ip which is assigned by router dhcp	08:53
eagles\|work	the ip they are attacking is the ip of my laptop	08:53
twb	So, fun fact that I learned today	08:54
twb	If localhost doesn't resolve, hardy won't enable NFSv3	08:54
twb	It'll silently fall back to NFSv2	08:55
eagles\|work	i have another question related to this if im setting up a firewall machine that will take the incoming connection on one nic route it to the 2nd nic and the internal network	08:55
eagles\|work	do i need to put the proxy on the server hosting the website or on the firewall server?	08:56
twb	"routing" isn't done by a firewall	08:56
eagles\|work	twb: i know but one of the nic cards in this other machine will be directly connected to the external connection	08:57
eagles\|work	the other to the internal network	08:57
eagles\|work	my question is more on which machine should the proxy be	08:57
eagles\|work	the one that has the firewall	08:57
eagles\|work	or the server on the internal network	08:57
twb	proxy for what?	08:57
eagles\|work	web proxy	08:58
eagles\|work	like squid	08:58
eagles\|work	as well as i want to provide some content filtering	08:58
twb	If you're masquerading and not using -j TPROXY or -j DNAT, you'll need a proxy on the masquerading device.	08:59
eagles\|work	!masquerading \| eagles\|work	08:59
twb	Er, that is, for exposing a local service to the internet.	08:59
eagles\|work	gotcha	08:59
twb	If you're just talking about providing a conventional caching HTTP proxy to browsers on the local network, squid can be deployed anywhere	09:00
eagles\|work	twb: this is going to need to be on the masquerading device as its also access by people on the outsdie	09:00
eagles\|work	would content filtering go on the masquerading device too	09:00
twb	Filtering of what content, from whom?	09:01
=== maxb_ is now known as maxb
eagles\|work	twb: like porno graphic content etc	09:01
eagles\|work	from the internal network	09:02
eagles\|work	im at a clinic and im working on providing wifi to the whole place	09:02
eagles\|work	wifi with content filtering	09:02
eagles\|work	btw qman__ if your interested this is the router security log http://pastebin.com/Yhzg3wWx	09:02
twb	Unless you're operating a "default deny" policy, you won't block pornography.	09:03
eagles\|work	not even if i use dansguardian	09:03
twb	Let me rephrase: you won't block ALL pornography.	09:04
eagles\|work	its better most then nothing	09:04
twb	Well, I can't comment on "most", but if that's your position then by all means adopt a "defalt allow" and a blacklist.	09:05
eagles\|work	arent there some web based content filter where you tell the filter certain keywords are blocked etc	09:05
qman__	yes, but they're quite terrible and only marginally effective	09:06
qman__	nothing wrong with the software itself, the idea is flawed	09:06
eagles\|work	ok	09:06
qman__	whitelisting is the only truly effective way	09:07
eagles\|work	ok but using what something like dansguardian	09:07
twb	AFAIK dansguardian is just a blacklist and a squid hook.	09:08
eagles\|work	twb: ok	09:11
eagles\|work	and i officially hate my isp	09:11
eagles\|work	they giving me the whole rubbish of they cant ddo anything	09:11
eagles\|work	and only thing i can do is on my end with a firewall	09:11
eagles\|work	and if they continue to contact the police	09:11
twb	qman__: the other one that screwed me at a prison was that they whitelisted google --- which happens to include all google's "cached page" pagse	09:13
qman__	yeah...you need to be a lot more specific than that	09:13
twb	Really the problem is the prison staff can be... not too bright	09:14
huats	morning	09:49
eagles\|work	hey guys is it possible for a multicast to flood a connection?	09:55
=== Barre_ is now known as Barre
froud	dual nic. eth0 and eth1. eth0 connects to public internet. eth1 connects to GSM router. GSM router has Port Forwarding to eth1. eth0 has a gw defined, eth1 does not. ip_forwarding is enabled. If I ping eth1 from the GSM network I get answer,.if I ping eth1 from the GSM network I get no answer. Anyone good with routing that can help?	10:06
_ruben	woah .. rereads it a couple of times	10:06
froud	lol	10:06
_ruben	how about a nice diagram? ;)	10:07
eagles\|work	froud: you have a router involved in ur setup	10:07
eagles\|work	and u want one nic directly on the internet right	10:07
froud	eagles\|work: yes eth0 is on the internet	10:07
froud	eth1 connected to a BR970 GSM router	10:08
_ruben	weit .. your message is wrong: you're saying that pinging eth1 from GSM network does both work and not work	10:08
eagles\|work	well u could connect eth0 to the router	10:08
_ruben	s/weit/wait/	10:08
eagles\|work	but then put eth0 on the dmz of the router directly exposing it to the net that way	10:08
_ruben	and also quite importantly: what are trying to achieve?	10:08
froud	okay here goes slowly	10:09
froud	eth0 <-> eth1 <-> GSM	10:09
froud	eth0 is public and available	10:09
froud	I can ping it	10:09
eagles\|work	froud: you want to route traffic from 0 to 1	10:10
froud	eth1 is connected to a switch port on the GSM router	10:10
eagles\|work	froud: man route btw might help	10:10
froud	GSM router SIM gets IP 10.0.0.1	10:10
froud	Eth1 got 192.168.1.2	10:10
eagles\|work	you are on entierly different subnets for one	10:11
froud	On GSM host at 10.0.0.3 I can ping 10.0.0.1	10:11
froud	but I cannot reach 192.168.1.2	10:11
eagles\|work	eth1 needs lets say 10.0.0.0.4 for example	10:11
eagles\|work	froud: the ip is on a differrent network segment all together	10:11
eagles\|work	brb from laptop	10:11
froud	eagles\|work: yes but the subnets are joined by router GSM	10:11
froud	eth1[192.168.1.2] - GSM ROUTER - 10.0.0.1	10:12
eagles0513875	back	10:13
* eagles0513875 shakes head froudeth1 has to be a 10.0.0. ip though		10:13
froud	eagles0513875: why the B970 does routing	10:14
froud	If I route add default gw 192.168.1.2 to the server I can ping eth1	10:15
froud	from 10.0.0.3	10:15
_ruben	does the gsm router have a router for 192.168.1. network and does your machine have a route for the 10.0.0. network ?	10:15
froud	but then I will lose the eth0	10:15
eagles0513875	humm	10:15
_ruben	have a route meant	10:15
_ruben	i meant	10:15
_ruben	geesh, must be friday	10:16
froud	_ruben: default admin interface of router is 192.168.1.1	10:16
froud	I think what I need to do is add some route that will send traffic detined for 10.0.0.0 via eth1 and not eth0	10:17
froud	but I am not sure how	10:17
froud	my route knowledge is not that good :-)	10:17
_ruben	ip route add 10.0.0.0/24 via 192.168.1.1 dev eth1	10:17
froud	invalid argument	10:19
* froud goes to pastebin		10:23
alex88	oh..is there a ip command? i've always use route directly..	10:29
=== oCean__ is now known as oCean_
oCean_	ip is from 'iproute2', you could even add additional routing tables/rules	10:30
alex88	oCean_: i've seen the help..is a more complete command including also route	10:30
alex88	if i've seen right	10:31
froud	_ruben: http://pastebin.com/gdX2tUXn	10:31
froud	eagles0513875: http://pastebin.com/gdX2tUXn	10:31
* froud needs to step away for 5 mins, nature, brb		10:31
AlexC_	morning	10:40
AlexC_	when setting up a chroot for SSH, it all seems very, very mesy. I mean - what happens when updates come in for the files you've had to copy across into your chroot?	10:40
AlexC_	I can't think of any sane way for a sysadmin to monitor which files and copy the new ones over. Surely there has to be a simpiler way, such as with SSH using SFTP - you can simply use the internal-sftp and chroot users, done.	10:41
* eagles0513875 loves sftp so easy to setup compared to ftp		10:42
* froud is back		10:42
AlexC_	indeed, FTP shouldn't be used really - such a crap protocol. However, that's a different discussion :P	10:43
eagles0513875	ya sry	10:44
eagles0513875	never worked with a chroot much AlexC_tbh so i dunno what to tell ya	10:44
eagles0513875	dealing with my own issues atm here at work	10:44
AlexC_	it's quite shocking really that such thing is so ... complicated to do, really	10:44
\sh	AlexC_: why copy? hardlinking is a good way to go	10:45
\sh	or softlinks if that works...	10:45
AlexC_	\sh: hum, all guides/references that I've seen said to copy. I didn't think it was possible to link them due to the path changes	10:46
AlexC_	to a person not in a chroot, the links will work. But how would it work for a user in the chroot if they can't access above their chroot, which is where the real files would be	10:47
a_ok	is ther a known problem with logrotate in ubuntu 8.04 or am I mistaking in my configuration?	10:48
AlexC_	a_ok: how do we know you're making a mistake, when you tell us no problem?	10:48
a_ok	the files seem to be created with different rights (at random) and it does not seem to rotate daily properly	10:49
a_ok	AlexC_: http://pastebin.com/BXVQx3Hi	10:50
a_ok	AlexC_: as you can see /var/log/mail.log.6.gz modified date is wrong (checkt the content and it has entries of 1-8)	10:51
AlexC_	a_ok: not sure, only thing I can think of - is there another logrotate script using the same file?	10:52
a_ok	checked the configuration	10:53
a_ok	no duplicates	10:53
a_ok	AlexC_: there is only one logrotate installed. is there some other package that does rotating (perhaps sysklogd???)	10:56
a_ok	and why is there an uncompressed file called /var/log/mail.log.0 ?	10:57
AlexC_	a_ok: that's normal, it'll become .1.gz upon next rotate	10:58
AlexC_	a_ok: however, one thing - why do you want your log files writable?	10:58
AlexC_	440 would do me	10:58
a_ok	but today its the 13th, and last change on mail.log.0 is the 8th...	10:59
AlexC_	ah, simple	10:59
AlexC_	your server has become aware it is 'Friday' and also the '13th'. Therefor, let it run wild and see what happens tomorrow	11:00
a_ok	lol	11:00
a_ok	AlexC_: don't need it writable actually in this case as syslog writes to it but its the default setting for all my logfiles	11:01
a_ok	be right back	11:01
\sh	AlexC_: regarding http://ulf.zeitform.de/de/dokumente/sshchroot.html you can use hardlinking without any problems (sorry is in german but I think google will help to translate ;))	11:12
AlexC_	\sh: interesting, thanks :)	11:15
uvirtbot	New bug: #617127 in eucalyptus "CacheConcurrencyStrategy should be READ_WRITE and not TRANSACTIONAL" [Undecided,Fix committed] https://launchpad.net/bugs/617127	11:36
demon1981	Hi! Where I can look for kernel boot param line in grub2?	11:49
a_ok	AlexC_: there are some default settings in logrotate.conf (the toplevel config file instead of stuff in logrotate.d) like a weekly rotate and keeping it for 4 weeks	11:49
a_ok	could that be the problem	11:50
a_ok	demon1981: /boot/grub/grub.cfg	11:50
a_ok	AlexC_: I noticed that the day's that are off are all sunday's	11:50
a_ok	its like it does not rotate those files	11:50
demon1981	a_ok: grub.cfg seems as script file. how I can compile from it result params string? is it possible?	11:51
a_ok	demon1981: erm its just a config file. if you scroll down a bit you should see the kernel line	11:53
a_ok	no compilation	11:53
demon1981	a_ok: I dont see here video params Where I can take those params? I want to decrease framebuffer frequency linux /boot/vmlinuz-2.6.32-21-generic-pae root=UUID=c8b6c463-c05f-4f76-9a17-3d6d5b282d95 ro quiet initrd /boot/initrd.img-2.6.32-21-generic-pae	12:01
demon1981	a_ok: this is line from /etc/grub/grub.cfg	12:01
a_ok	those are two lines i think	12:03
a_ok	you can edit the line starting with: linux /boot/vmlinuz-2.6.32-21-*	12:04
demon1981	a_ok:yes. it's 2 lines. if in kernel options we dont see video options then those options takes from other place. From what conf are they takes? (I use nouveau framebuffer)	12:31
hggdh	<yawn/>	12:31
Daviey	hggdh: GOOD MORNING!	12:46
Daviey	hggdh: Thanks for your email last night.	12:46
hggdh	Daviey: Good morning	12:51
Daviey	hggdh: How are you this fine day?	12:53
hggdh	Daviey: so far I am fine... and I hope I will be able to find out what gives on the test rig	12:56
Daviey	hggdh: I have a PPA package enroute, but also expecting a new code drop to resolve a potential registration issue	12:57
hggdh	Daviey: right now I will try anything ;-)	12:59
Johnnyx	hey guys package dovecot-postfix contains full mailserver ready to run ? some kind of easy pack to install? am i right?	13:11
zul	morning	13:28
=== RoAkSoAx_ is now known as RoAkSoAx
uvirtbot	New bug: #617053 in eucalyptus "on upgrade from 1.6.2, euca_upgrade should preserve DISABLE_ISCSI="Y"" [Medium,In progress] https://launchpad.net/bugs/617053	14:01
hggdh	hey Daviey, what was the URL for the wget on wrappers.conf?	14:15
hggdh	cannot find the email :-(	14:16
uvirtbot	New bug: #617380 in munin (main) "Add apt_ubuntu plugin" [Undecided,New] https://launchpad.net/bugs/617380	14:16
=== dendro-afk is now known as dendrobates
Daviey	hggdh, Ah, you are back - i just mailed you the wget line	14:25
hggdh	Daviey: sorry, weechat had a moment here	14:26
Daviey	hggdh, heh	14:27
jetole_	Does anyone know how I can implement watchdog on Linux / Ubuntu Server and also find a list of which watchdog hardware is supported	14:39
=== jetole_ is now known as jetole
jdstrand	in order of request:	14:48
jdstrand	hallyn, Daviey, soren: I uploaded libvirt 0.8.3-1ubuntu1 yesterday. this morning I uploaded 0.8.3-1ubuntu2 to fix a ftbfs on armel, but I'm not planning other uploads (excepting an emergency), so have at it	14:50
Daviey	jdstrand, Super, i just wanted to test it - soren wanted to add a patch	14:50
Daviey	Thanks jdstrand !	14:50
jdstrand	sure :)	14:50
Daviey	jdstrand, Have you documented the merge? It seemed pretty intense?	14:51
jdstrand	Daviey: in the changelog (as per standard practice)	14:51
Daviey	Good Point Well Made.	14:51
jdstrand	Daviey: most of those patches have comments at the top. I didn't write most of those, but tried to make them DEP-3 when I could find the history	14:52
Daviey	jdstrand, Ok.. thanks.. i'll read the changelog	14:52
jdstrand	Daviey: I also try to put in the changelog when I expect something to be able to be dropped, to help with future merges	14:52
Daviey	jdstrand, We'll keep you! :)	14:53
jdstrand	heh	14:53
v00lcano	guys, I have a newly installed 10.04 machine and am trying to follow this guide: https://help.ubuntu.com/community/LDAPClientAuthentication however there are looooots of inconsistencies, for example it asks to restart nscd but I have no /etc/init.d/nscd, also my /etc/libnss-ldap.conf is missing and I can't seem to find it anywhere else (updatedb && locate), I've found a libnss-ldap.conffiles in doc, but that just mentions /etc/init.d/libnss-ldap. Is	15:00
v00lcano	I know it's not a server-related issue, but someone in #ubuntu recommended I ask here since you guys might be more up to date on this matter	15:01
sherr	v00lcano: there's a libnss-ldapd package. Might be something you want. There's also a libnss-ldap package ... a bit confusing. The fisrt appears to be a fork of the second.	15:16
hggdh	Daviey: shouldn't eucalyptus-*-publication be stopped when you 'sudo stop eucalyptus'?	15:26
hggdh	Daviey: and shouldn't they be started when you (later on) 'sudo start eucalyptus'?	15:27
Daviey	hggdh, technically yes - i haven't tried that	15:30
hggdh	Daviey: before I open a bug there -- can you try it?	15:30
Daviey	hggdh, Hmm	15:30
Daviey	yes i can :)	15:30
Daviey	hggdh, I am prepairing an upload now btw	15:31
hggdh	Daviey: also, what images did you use on your tests yesterday night (rather, today very early)? Current Maverick UEC ISO?	15:31
hggdh	Daviey: cool!	15:31
* hggdh awaits happily		15:31
Daviey	hggdh, netboot, from archive.ubuntu.com	15:31
Daviey	so whatever was in the archive at that time	15:32
hggdh	Daviey: no, for the VM images	15:32
Daviey	oh..	15:32
Daviey	i used what was on uec-images.ubuntu.com	15:32
jetole	Can anyone help me out with how I configure watchdog on ubuntu server?	15:33
hggdh	Daviey: the dailies, then, correct?	15:33
Daviey	hggdh, you expect, avahi-publish -s Walrus _eucalyptus._tcp 8773 txtvers=1 protovers=1.5.0 type=walrus ipaddr=10.0.0.100 <-- to be killed?	15:33
hggdh	Daviey: yes indeed	15:33
hggdh	wy publish something that is currently dead?	15:34
hggdh	jetole: I never used whatdogs, sorry	15:34
ssureshot	any experts on load balancing here today	15:34
Daviey	hggdh, CLC avahi went - still waiting on Walrus	15:34
jetole	ssureshot: depends. Whats your question?	15:34
Daviey	hggdh, confirmed, walrus didn't go - this was on a CLC + Walrus box	15:35
Daviey	CLC did die	15:35
ssureshot	jetole: I have 2 servers setup and functioning with heartbeat / ldirectord all services set up that I need... My question is this.. When I turn on the backup load balancer first it doesn't transfer the server to the primary once it is turned on.. Is this normal?	15:36
jetole	ssureshot: what is the backup load balancer?	15:37
ssureshot	but if I turn the primary on first have the talking unplug primary services transfer accordingly and they transfer right back when I plug it back in	15:37
ssureshot	jetole: ubuntu 9.10 server	15:37
Daviey	hggdh, Hmm.. raise a bug - and i'll confirm it on a fresh box	15:38
Daviey	hggdh, Feel free to assign it to me,. and i would say Medium priority.. agree?	15:38
jetole	ssureshot: how are you load balancing though? Are you using ipvs, haproxy or something else?	15:38
ssureshot	oh ipvs	15:38
smoser	hallyn, around ?	15:38
jetole	ssureshot: I don't know. I have been meaning to switch to IPVS for a few months, I currently use HAproxy however I would ask this question in... what was that room? One sec	15:39
jetole	#linux-cluster	15:39
hggdh	Daviey: hum. Low should be fine	15:39
jetole	#linux-ha	15:40
ssureshot	jetole: awesome thank you sir	15:40
jetole	those two rooms are really good when it comes to IPVS	15:40
jetole	ssureshot: no prob	15:40
Daviey	hggdh, agreed	15:40
resno	im planning on setting up a server to play with. what is the recommended intrusion detection software? snort? munit and mungin?	15:42
zash	resno: I use sshguard i think	15:43
jetole	resno: suricata	15:43
aljosa	i can't find truecrypt in lucid althought there are gui tools for truecrypt available. any idea why truecrypt isn't available in lucid?	15:43
resno	zash: heh you think ;)	15:44
jetole	resno, used to be snort but afaik snort is... how do I put this? I guess snort isn't really being developed as actively anymore	15:44
jetole	snort 3 seems to have been on the back burner for far too long	15:44
resno	jetole: ah, darn out of date information :(	15:45
jetole	resno: suricata is a fork of snort created by The Open Information Security Foundation	15:45
jetole	resno: http://www.openinfosecfoundation.org/index.php/download-suricata	15:45
jetole	resno: actually, not a lot of people really follow snort closely enough to care so some people, in fact most people will still recommend snort	15:46
resno	i see. im curious to see how much of my playing will register on it, etc	15:46
jetole	the current snort release is 2.8.6.1 and, if I remember correctly, almost two years ago 2.8 was still being used and if I remember correctly, almost 2 years ago snort 3 was announced as the upcoming snort	15:47
resno	heh nice	15:47
jetole	resno: Well with both snort and suricata, you can always create custom rules plus some of the best rules don't come from snort. I think bleeding edge rules is the big one	15:48
jetole	I would use oinkmaster to download the snort rules and the bleeding edge rules and write a rule for anything you can find that doesn't register	15:48
resno	jetole: this mainly will detect attacks not block them right?	15:48
zash	resno: I thougt that was what it was called, and it was	15:48
jetole	resno: well that depends on you	15:49
jetole	both snort and suricata can be compiled as an IDS or IPS / detect or block	15:49
jetole	the blocking is done via NFQUEUE via netfilter and iptables	15:49
jetole	resno: but I would strongly recommend against blocking	15:49
jetole	IPS can be very dangerous	15:50
jetole	a false positive can block legitimate users	15:50
jetole	it's better to do IDS and analyze the results	15:50
resno	jetole: yes, ive read	15:50
jetole	Also, with either snort or suricata, I would recommend the unified2 format and the barnyard 2 utility	15:52
jetole	for front ends, you can look at BASE, Aanval or prelude prewikka	15:52
resno	jetole: thats quite a bit of information to get me started :)	15:53
kelt	what is wrong with IPS blocking legitimate users?	15:54
jetole	kelt: It's too much work when you can just turn the server off to block legitimate users	15:55
resno	lets just suppose i blocked myself, how would you get back in?	15:55
jetole	I find the poweroff command is quicker and easier then bothering with rules if I don't want people to access a service I am running. Plus you have the wasted time of developing and running a service that you don't want anyone to access	15:55
jetole	resno: afaik, the system works on a per match basis for example if you block fragmented packets and you send a fragmented packet then that packet is blocked however if you don't send a fragmented packet then it will go through	15:57
jetole	thats in theoreom, clearly you will have more rules then that	15:57
resno	oh ok	15:57
mathiaz	kirkland: o/	15:57
jetole	now if you wanted to have matches block all further attempts to connect then I would advise you look into the iptables/netfilter recent module	15:57
kelt	jetole: IPS only blocks "bad" things not everyone like powering off a system would do	15:58
jetole	for example, through iptables/netfilter, I can write a couple rules so that if I get 50 syn packets from a host in a minute then that host is blocked for an hour	15:58
jetole	10:54 < kelt> what is wrong with IPS blocking legitimate users?	15:58
jetole	kelt: and no. An IPS blocks based on rules. If you have a rule which mis catagorizes a packet as an attack when that packet is really from a customer placing an order then you just lost a sale	15:59
jetole	kelt: Just to be clear, legitimate users are people who should be there. If you are wondering whats wrong with blocking people who should be there then turn your server off and save yourself the time of setting it up in the first place let alone configuring an IPS system	16:00
jetole	and kelt: "IPS is bad" is the widely agreed upon frame of thinking for any IT security professional in the industry. In fast in any company of the right size, you have levels of security analysts who look at records from IDS and promote it to higher levels if it is suspicious hence why they have options like that built into both free and commercial IDS systems	16:01
uvirtbot	New bug: #617428 in samba (main) "winbind_cache.tdb corrupt" [Undecided,New] https://launchpad.net/bugs/617428	16:01
jetole	"the right size": poor choice of words on my part. I meant any company that is profitable enough that they can afford to do security analysis properly	16:02
jetole	bbiab: going for a smoke	16:02
resno	jetole: so, even with these levels of ids, fail2ban is still important?	16:02
kelt	jetole: if you have an attack that brings down your website that IPS could have prevented... then you lost 100 sales.	16:03
patdk-wk	heh, jetole, you mean like vonage, when they contacted me to stop hacking them over port 123, when vonage was using my server for ntp	16:03
jetole	kelt: if you have an attack that brings down your website that an IPS could have prevented then you have an attack that you are readily aware of that you did not patch or you are trusting 3rd party sites to supply IPS rules that you do not analyze so either you are not maintaining your servers in the first place or you are allowing for a high rate of false positives	16:09
jetole	resno: I don't use fail2ban. If you are referring to ssh I run it on a alternate port and only use ssh keys as well as iptables rules to limit syn connections within allowed times so if I receive a certain number of syn packets consistantly to my ssh port then they are blocked at the firewall as well as that host from all further communication for the time I set in the recent module	16:11
jetole	patdk-wk: that sounds like vonage	16:11
patdk-wk	atleast the guy that called was helpful	16:12
jetole	patdk-wk: why were they using your NTP server?	16:13
patdk-wk	I dunno	16:13
patdk-wk	they said they had a new admin setting up systems	16:13
jetole	ha	16:13
patdk-wk	and it sounds like they just left the default settings to use the pool.ntp.org	16:13
jetole	makes sense	16:13
jetole	you run a pool.ntp.org server?	16:14
patdk-wk	ya, several	16:14
jetole	ah that makes sense	16:14
jetole	yeah, I use a default us.pool.ntp.org as one of mine	16:14
jetole	after two nist ones	16:14
patdk-wk	I never use nist	16:14
patdk-wk	everytime I have checked it, I get horrible results from it	16:15
jetole	well I have had good luck with ntp.org but it's user run	16:15
patdk-wk	dunno if they fixed it recently	16:15
* jetole doesn't know		16:15
jetole	aside from ntp.org, who do you recommend	16:15
jetole	?	16:15
patdk-wk	heh, well, back when I checked it, 5+ years ago, it felt like it was on a t1, with t3 amount of traffic attempting to use it	16:15
jetole	dhcpd.conf: option ntp-servers time-a.nist.gov, time-b.nist.gov, us.pool.ntp.org;	16:15
patdk-wk	I run my own ntp cluster	16:16
patdk-wk	so all my servers us my own pool	16:16
jetole	I don't know if thats the case now but I monitor NTP via nagios and I don't often get alerts but I don't know off the top of my head how thats checked	16:16
patdk-wk	the cluster heads, use some static and pool servers to help round them out	16:16
jetole	I gotta get back to trying to figure out how to use watchdog with a hardware timer in linux	16:16
jetole	everywhere I have looked so far has directed me towards the software watchdog daemon	16:17
jetole	:(	16:17
patdk-wk	hmm, watchdog just worked for me, using an old scb2 motherboard :)	16:17
jetole	Well I run a virtual cluster and want to set it up on the virtual machines but I had a bad experience once with a harware timer in a super micro board	16:18
jetole	so I'm being cautious	16:18
jetole	I know the watchdog package in ubuntu has nothing to do with physical watchdog	16:18
patdk-wk	http://buttersideup.com/docs/howto/IPMI_on_Debian.html	16:19
patdk-wk	all my watchdogs are ipmi	16:19
patdk-wk	all my server motherboards are currently intel though	16:19
jetole	afaik, this watchdog is PCI	16:20
jetole	it is intel, one sec, looking for the page that desribes it again	16:20
jetole	http://libvirt.org/formatdomain.html#elementsWatchdog	16:20
jetole	If you scroll down to model	16:20
jetole	'i6300esb' — the recommended device, emulating a PCI Intel 6300ESB	16:20
patdk-wk	oh, a vm watchdog	16:20
jetole	well yes but it emulates the Intel 6300ESB	16:21
jetole	so the vm guests see the Intel device	16:21
jetole	patdk-wk: this looks promising: http://lkml.indiana.edu/hypermail/linux/kernel/0502.2/0908.html	16:22
patdk-wk	heh, dunno	16:22
patdk-wk	I haven't used kvm	16:23
patdk-wk	been using xen, but switching to vmware	16:23
patdk-wk	the whole xen -> kvm switch thing really annoyed me	16:23
jetole	I used to use ESX 3	16:24
jetole	didn't find it fast enough	16:24
jetole	and Xen has always been the bain of my existance. I still have a few Xen hosts	16:24
patdk-wk	all my stuff is esxi 4.1 now	16:24
jetole	I loathe them	16:24
jetole	CONFIG_I6300ESB_WDT=m	16:24
jetole	thats from the 10.04 kernel config so it's a module and just found this page with an explanation: http://cateee.net/lkddb/web-lkddb/I6300ESB_WDT.html	16:25
jetole	patdk-wk: I'm personally quite happy with KVM. I didn't like ESX 3 and loath Xen but I haven't tried ESX 3	16:25
patdk-wk	I have never used esx 3.5	16:26
patdk-wk	attempted to use hyperv for a windows cluster	16:26
patdk-wk	but the windows guests had tcp issues, for one 3rd party app	16:26
patdk-wk	webserver would get request headers, but response would never make it out of hyperv	16:27
jetole	never tried hyperV and I really don't want to	16:29
patdk-wk	I didn't either	16:29
patdk-wk	but the server already had win2008 on it, and I needed 4 vm's	16:29
patdk-wk	so figured, why not	16:29
patdk-wk	and the 3rd party vender said it would be fine	16:29
patdk-wk	not so much	16:30
jetole	haha	16:32
jetole	yeah all my windows2008 are VM themselves on KVM via libvirt	16:32
patdk-wk	took the hyperv image, moved to vmware, worked perfectly	16:32
jetole	yeah I remember migrating vmware esx images to kvm	16:33
jetole	oh btw, as per watchdog, I remember that Xen had a proposed watchdog spec that they chose not to accept	16:35
Kaelten	anyone know what boot option to pass in to install in textmode?	16:55
patdk-wk	it doesn't?	16:55
patdk-wk	oh, heh, I always net-install, so it's always text for me :)	16:56
Kaelten	patdk-wk: I'm net installing	16:59
Kaelten	or is the annoying blue blocks everywhere the textmode?	16:59
patdk-wk	annoying blue blocks?	16:59
patdk-wk	you mean color ascii stuff?	16:59
Kaelten	patdk-wk: http://grab.by/5Tgj	17:00
Kaelten	that thing	17:00
zash	Kaelten: that is text mode	17:00
Kaelten	ah, k	17:00
Kaelten	was wondering if there was something less than that	17:00
patdk-wk	nope :)	17:01
patdk-wk	maybe a black/white version? :)	17:01
Kaelten	I'm testing in hyperv and it's driving me nuts because the redraw rate is so slow	17:01
patdk-wk	that is hyperv issue	17:01
patdk-wk	hyperv is using graphics mode, even though the video card in the vm is in text mode	17:01
Kaelten	adding "blacklist vga16fb" to modprobe.d/blacklist-framebuffer.conf fixes it	17:02
Kaelten	but that doesn't help me in the installer	17:02
uvirtbot	New bug: #617461 in mysql-5.1 (main) "mysql-testsuite: testsuite fails due to unexpected installation layout" [Undecided,New] https://launchpad.net/bugs/617461	17:06
uvirtbot	New bug: #617463 in mysql-5.1 (main) "mysql fails to load innodb plugin due to apparmor rejection." [Undecided,New] https://launchpad.net/bugs/617463	17:06
Jhon	Hola buenos dias	17:11
Kaelten	anyone have any experiance with ubuntu and a QLogic 2560?	17:11
Jhon	Necesito sugerencias osbre servidores	17:12
Jhon	podria ayudarme	17:12
=== RoyK^ is now known as RoyK
patdk-wk	kaelten, nope, only using ubuntu with a qlogic 2200	17:13
Kaelten	did the kernel support it ok, or am I looking at something scary?	17:13
Jhon	se habla español aki o ingles?	17:13
patdk-wk	yep	17:14
Kaelten	no habla español :(	17:14
patdk-wk	perfectly	17:14
Kaelten	that's good news, we have a fabric/storageworks from hp, but the hba's look like rebranded qlogics	17:14
Kaelten	and I'm thinking they're 2560s but I'm not certain	17:14
Kaelten	going down week after next to set it up, so trying to at least have an idea	17:15
patdk-wk	qlogic has always been well supported	17:15
patdk-wk	I'm pretty sure it's direct support from qlogic	17:15
Kaelten	that's good to hear, I know hp mainly offers support for rehl and suse,	17:16
Kaelten	but I'm stuck in my ways on using ubuntu	17:16
uvirtbot	New bug: #617466 in samba (main) "package samba 2:3.3.2-1ubuntu3.5 failed to install/upgrade: el subproceso post-removal script devolvió el código de salida de error 1" [Undecided,New] https://launchpad.net/bugs/617466	17:17
Jhon	por que si hablan español	17:19
Jhon	hablan en ingles	17:19
resno	Jhon: porfavor hables en ingles aqui	17:22
resno	Jhon: hablamos ingles solamente	17:23
Jhon	hablan solo ingles aki en la charla????	17:23
resno	!es	17:23
ubottu	En la mayoría de canales de Ubuntu se habla sólo en inglés. Si busca ayuda en español o charlar entra en el canal #ubuntu-es. Escribe "/join #ubuntu-es" (sin comillas) y dale a enter.	17:23
Jhon	:( ok es que yo casi no entiendo ingles	17:24
resno	Jhon: lo siento.	17:25
* RoyK is building a "Lord Vetinari clock" to a friend of mine (like the one Vetinari has in his waiting room - it ticks unevenly, tick, ... tock .. ticktock ..... tick ... tock		17:25
Jhon	de todas maneras gracias	17:25
resno	Jhon: hasta luego	17:25
RoyK	resno, Jhon: kan ikke dere snakke engelsk? jeg forstår ikke et ord	17:25
FunnyLookinHat	Ok guys - super strange issue - I have a cron'd PHP script that runs mencoder to rotate videos... when I run the script as myself, i.e. php script.php - mencoder works fine.... but when cron runs the script as root, mencoder only converts the first second of the video - ideas???	17:34
Kaelten	now if I could only figure out why my netinstall has a messed up hostname	17:34
patdk-wk	FunnyLookinHat, bad path setting? it can't locate the audio encoder?	17:35
RoyK	Kaelten: just change it :þ	17:35
Kaelten	RoyK: I was hoping to be able to set it via the dhcp server	17:35
kirkland	mathiaz: o/	17:36
patdk-wk	I think it's storming outside	17:36
patdk-wk	my ups is going nuts	17:36
patdk-wk	nope, clear skys, how odd	17:36
Kaelten	patdk-wk: how do you handle hostnames with your netinstalls?	17:37
patdk-wk	I just type it in, during the install, when it asks for it :)	17:37
patdk-wk	really rather difficult	17:37
Kaelten	ah, so you're not doing unattended	17:38
patdk-wk	nope	17:38
FunnyLookinHat	patdk-wk: How would I fix that? I mean - ldconfig should take care of the audio encoder, etc. right?	17:38
patdk-wk	FunnyLookinHat, what does ldconfig have to do with it?	17:38
patdk-wk	that is to locate lib's	17:38
patdk-wk	I dunno how mencoder works	17:38
FunnyLookinHat	Well ok - better question - why would it ONLY happen as root and not the user account ?	17:38
RoyK	Kaelten: no, but you can with reverse dns	17:39
patdk-wk	but normally the issue is always path related, if something doesn't work right in cron	17:39
FunnyLookinHat	kk	17:39
Kaelten	RoyK: ?	17:39
RoyK	ubuntu looks up its hostname in dns	17:39
RoyK	if none is found, it defaults to ubuntu (iirc)	17:39
Kaelten	mine seems to be defaulting to kickseed	17:40
mathiaz	kirkland: mumble?	17:40
kirkland	mathiaz: k, let me grab a headset	17:41
FunnyLookinHat	patdk-wk: more confusing - if I run the script as root, all is fine... if I let cron run it, cuts off at 1 sec.	17:46
_ruben	that's usually an environment and/or tty problem	17:52
FunnyLookinHat	kk... great. that's even a bigger problem to debug :)	17:54
patdk-wk	there are hundreds of google hits for mencoder and cron	17:57
patdk-wk	all kinds of people having issues	17:57
patdk-wk	looks like strictly a env issue :)	17:58
patdk-wk	http://serverfault.com/questions/95729/difference-of-running-scripts-manually-or-with-a-cronjob	17:58
zash	PATH probably	17:59
zash	and PWD	17:59
patdk-wk	I said that hours ago :)	17:59
zash	"use absolute paths"	18:00
zash	patdk-wk: then someone didn't listen/read :P	18:00
FunnyLookinHat	Yeah I do use absolute paths, all the time, of course :)	18:03
patdk-wk	just cause you do, doesn't mean the program does also :)	18:03
FunnyLookinHat	hah true.	18:04
FunnyLookinHat	bastard of a program is erroring out with some random dependency... I fixed one (was missing a random font file, which threw an error message but allowed it to keep running) - but now it's erroring out at a different point, hah	18:05
* patdk-wk is it sad, I install japanese fonts, to find a good english font I like for ssh		18:06
=== dendrobates is now known as dendro-afk
FunnyLookinHat	lol?	18:07
FunnyLookinHat	How do I get a bash script to include/source specific include files ?	18:16
zash	FunnyLookinHat: source path/to/script.sh	18:19
FunnyLookinHat	zash: thanks	18:22
zash	FunnyLookinHat: and . path/to/script.sh is equivalent	18:23
gnoob	Hi, anyone knows about a good way of making infoscreens? Is there any preconfigured distros out there? Would like to have e.g two terminals. tty1 for administration from shell and tty2 for X where impossible to log on. tty2 shows a buch of web pages from a spesific folder.. Anything like this out there? :)	18:26
patdk-wk	gnoob, dunno of anything, but sounds like something that only takes a few min to make	18:27
gnoob	:) would take me a minimum a couple og hours I think :)	18:32
hallyn	smoser: was flyin'. wazzup?	18:46
Daviey	hggdh, Hey.. have you had a chance to try the packages from today?	18:47
Daviey	hggdh, i see you have \o/	18:47
smoser	hallyn, i have a fun bug for you	18:47
smoser	https://bugs.launchpad.net/ubuntu/+source/qemu-kvm/+bug/615529	18:47
uvirtbot	Launchpad bug 615529 in eucalyptus "eucalyptus instance reboot fails: Guest moved used index from 0 to 2639" [Medium,Fix released]	18:47
FunnyLookinHat	So tell me this - I ran set > setopts and then included . /path/to/setopts within a wrapper bash script - still no luck, does that mean it isn't an ENV variable issue ?	18:50
hggdh	Daviey: I still see some instances failing to start	18:53
Daviey	hggdh, In what topology?	18:53
hggdh	Daviey: right now all-in-one, 170 started, about 6 failed	18:54
hggdh	this run should end in ~15 minutes, and I will then test volumes, then test distributed	18:54
Daviey	hggdh, OK.. Those numbers are awful.. better than Lucid release! But i think that is a seperate bug to the one that has been fixed.	18:55
Daviey	erm, AREN'T awful. i mean;t to say	18:55
RoyK	Daviey: sorry to barge in, but what numbers are these?	18:56
Daviey	RoyK, Instances not starting when requested with UEC.	18:58
gnoob	patdk-wk: for a hommade "info screen project" What should I do to start showing html pages automaticly after the automated login? Ill be able to start firefox, but cant see how to start firefox in fullscreenmode switching between htmlpages with e.g 30 second delay. Is firefox scriptable? of is there another tool I should use maybe?	18:59
hggdh	Daviey: I agree, the signature seems different	19:00
patdk-wk	making firefox reload on 30seconds doesn't even need firefox, just use a refresh in the html page :)	19:00
hallyn	smoser: that's not an easy bug to follow, but iiuc you're saying booting from floppy is not working as a workaround in uec?	19:02
hallyn	have you chatted with Daviey about it?	19:02
smoser	yes, in the end it looks like the work around doesn't work as i thought it did.	19:03
hallyn	I've not really used uec (other than as user of ec2) so not sure how to reproduce myself	19:03
hallyn	smoser: the bug never says what happens now. does reboot fail?	19:04
smoser	i haven't actually tested on eucalyptus, (and I did test the work around there). it seems like it may not be 100% failure rate, and i got "lucky"	19:04
smoser	yes, in my local tests, reboot fails the same way.	19:04
hallyn	so the first boot works, and reboot fails?	19:04
smoser	yes.	19:04
smoser	i'm working on getting an easier recreate together.	19:05
hallyn	ok	19:05
uvirtbot	New bug: #617515 in openssh (main) "/etc/init.d/ssh stop doesn't work (sshd just won't die)" [Undecided,New] https://launchpad.net/bugs/617515	19:06
gnoob	patdk-wk: sorry the noobing, but I dont think I understood how. If I have a couple of html pages I want to be shown on info screen, and I want all pages to be shown and each one for 30 secs, before looping :) Is this easily done?	19:09
RoyK	uvirtbot: pastebin	19:11
uvirtbot	RoyK: Error: "pastebin" is not a valid command.	19:11
=== dendro-afk is now known as dendrobates
RoyK	uvirtbot: pastebin?	19:12
uvirtbot	RoyK: Error: "pastebin?" is not a valid command.	19:12
RoyK	!pastebin	19:12
ubottu	For posting multi-line texts into the channel, please use http://paste.ubuntu.com \| To post !screenshots use http://tinyurl.com/imagebin \| !pastebinit to paste directly from command line \| Make sure you give us the URL for your paste - see also the channel topic.	19:12
RoyK	shouldn't ubottu be in #ubuntu-virt as well?	19:12
kman_	Hi all. Anyone able to assist with getting a network card working in Ubuntu Server? Can see it using lspci but not talking to the network.	19:18
RoyK	kman_: doesn't ifconfig -a show it?	19:20
kman_	Royk yes it shows there as well.	19:21
RoyK	kman_: if ifconfig -a shows the nic, just edit /etc/network/interfaces	19:22
kman_	OK will try.	19:23
RoyK	kman_: https://help.ubuntu.com/8.04/serverguide/C/tcpip.html is good reading :)	19:25
caution	I've had more memory added to my server but I don't see it in `top`, what might I need to do to start using it?	19:37
caution	a mount?	19:37
giovani	caution: is it reflected in the BIOS?	19:37
caution	it's a hosted server	19:38
giovani	is it a VPS, or a physical server?	19:38
caution	vps	19:38
giovani	ask the VPS provider	19:38
giovani	who knows how they handle it	19:38
giovani	a reboot is certainly required	19:38
caution	tried that	19:38
giovani	contact your provider	19:39
kman_	Royk. Read through that. looked at interfaces. My ifconfig shows eth2 and eth4 but the interfaces refers to eth0. Could this be the problem?	19:40
RoyK	kman_: ubuntu links ethx to a mac address - to reset it, rm /etc/udev/rules.d/70-persistent-net.rules and reboot	19:42
RoyK	kman_: if you changed the NIC or something, it'll turn up as a new ethX	19:42
kman_	NOt only did I change the nic the mobo died and it's a whole new mobo. There is a PCI nic and a mobo nic. Thus eth2 and eth4.	19:44
RoyK	the new mobo will have new mac addresses	19:44
RoyK	remove that file and restart	19:44
shebaloma	i have been to #ubuntu-virt here is a past bin http://paste.ubuntu.com/477563/	19:58
shebaloma	it has to deal with virt-manager	19:59
thesheff17	shebaloma: on your virt box type virsh and see if you can get in.	20:00
shebaloma	http://paste.ubuntu.com/477577/	20:02
thesheff17	can you ping & ssh from the virt-manager machine to the virsh running machine?	20:03
shebaloma	ican manage the box from laptop using ssh <ip_addy)	20:04
cemc	I have a network interfaces question	20:05
thesheff17	shebaloma: I would restart libvirt and check the logs.	20:05
cemc	when I installed Lucid, I had eth0, eth1 autodetected, right? now I would like to reverse them, how do I do that?	20:05
thesheff17	cemc: what do you mean about reverse?	20:06
shebaloma	where do i find the log for libvirt	20:06
cemc	thesheff17: I mean, I have eth0 say a realtek card, and eth1 say a 3com, but I want them reversed, so that eth0 would be the 3com	20:07
cemc	but obviously the realtek one got detected first, so it got eth0 assigned to it	20:08
thesheff17	shebaloma: I think by default it goes to syslog...there is also /var/log/libvirt	20:09
thesheff17	shebaloma: but that looks like just logs for vm.	20:10
=== dendrobates is now known as dendro-afk
thesheff17	cemc: this isn't a typical thing to do. I would look here to starthttp://www.debianhelp.co.uk/udev.htm	20:12
cemc	thesheff17: thanks, this actually help	20:16
cemc	s	20:16
thesheff17	cemc: np	20:16
DUEDAHL	is it possible to manage your ubuntu servers (ssh) through ubuntu-landscape?	20:30
shebaloma	i looked in /var/log all is fine in all the log files<thesheff17>	20:33
thesheff17	shebaloma: and this works from the command line? and not in the GUI? virsh -c qemu+ssh://root@192.168.1.5/system	20:37
DUEDAHL	is it possible to manage your ubuntu servers (ssh) through ubuntu-landscape?	20:43
shebaloma	http://paste.ubuntu.com/477595/ the what happens on the server	20:45
shebaloma	http://paste.ubuntu.com/477596/ this is form the client	20:47
shebaloma	http://paste.ubuntu.com/477598/ virsh -c qemu+ssh://shebaloma@192.168.1.3/system what happens if i change usre from roo to shebaloma	20:52
shebaloma	http://paste.ubuntu.com/477604/ and this is run from cliant	20:55
shebaloma	dose that help you <thesheff17>	20:55
jacob_	Hello everyone. I've been using ubuntu desktop for a few years now. I work at godaddy.com and have been using godaddy shared hosting for a while, now I want to use ubuntu server and host my site myself. Is there a control panel I can install on ubuntu server to make management of DNS and email a little easier?	20:56
thesheff17	shebaloma: use root	20:59
thesheff17	shebaloma: you prob have a permissions problem	20:59
shebaloma	on the server root login is disabled	21:00
thesheff17	jacob_: I just use the godaddy web site and point it to my public IP's for the web site...as far as I know there is no control panel.	21:00
shebaloma	i could enable but i forgot how	21:00
thesheff17	shebaloma: http://www.sunmanagers.org/pipermail/summaries/2002-June/001802.html	21:02
thesheff17	shebaloma: change your /etc/ssh/sshd_config file with those two lines in that link.	21:02
thesheff17	shebaloma: and restart /etc/init.d/ssh restart	21:03
jacob_	Hello everyone. I've been using ubuntu desktop for a few years now. I work at godaddy.com and have been using godaddy shared hosting for a while, now I want to use ubuntu server and host my site myself. Is there a control panel I can install on ubuntu server to make management of DNS and email a little easier?	21:03
CharlieSu	jacob_: look at ISPConfig	21:05
IVerbNouns	CharlieSu: Thanks I'll check that out.	21:09
shebaloma	ok works on the server	21:09
shebaloma	but not from clint	21:09
cemc	when enabling unattended upgrades, how can I exclude the kernel?	21:12
cemc	can I exclude 'linux-image*' ?	21:12
jdstrand	zul: hey. I was wondering if you could look at bug #578922, comment #1, points 2 and 3 and consider them for Ubuntu and pushing to Debian. I have not tested them at all and in the bug simply stated 'it could be done'	21:22
uvirtbot	Launchpad bug 578922 in apparmor "mysql configuration should be adjusted to help prevent against chained attacks against LAMP stack" [Medium,Fix released] https://launchpad.net/bugs/578922	21:22
qman__	cemc, running "sudo apt-get upgrade" will not install kernel updates	21:24
qman__	you need to use "dist-upgrade" or equivalent for them to install	21:24
cemc	riight	21:24
cemc	of course	21:24
cemc	qman__: thanks	21:25
FunnyLookinHat	With a cron script, how can I make sure a pty is allocated for it ? I'm using a bash-script wrapper to launch a php script that requires all sorts of junk so that mencoder will run	21:25
=== unreal_ is now known as unreal
dominicdinada	what is the safe way to remove xorg, gnome desktop from someones server. And what will be lost by way of say conf for samba, network, etc	21:37
hallyn	well this is weird. I swear yesterday there were two commeetns on old qemu-kvm bzr branch proposed merges about whether they were still needed, but now i can't find them either in email or in launchpad...	21:44
kman_	Royk. I removed the file, restarted the system and still no internet. It now shows only the eth0.	21:50
tyska	hi guys im working with cups on ubuntu, i wanna put authentication on my printers but my windows machines cannot access the printers with authentication, can someone help me?	21:52
RoyK	kman_: reconfigure /etc/network/interfaces	21:52
RoyK	if the interface is visible, it should be configurable	21:52
kman_	right now it is set for autoconfig. I am a little surprised it does not see the two network cards.	21:54
kman_	Only one has a network connection so maybe that explains it.	21:54
RoyK	kman_: ifconfig -a	21:55
RoyK	pastebin that	21:56
kman_	I've never used pastebin sorry. The results do show the two cards. One is a RTL-8139 which has known problems in Ubuntu. The other is National Semiconductor DP03815.	22:01
kman_	Is there some help guide or info related to pastebin somewhere?	22:01
guntbert	!pastebin	22:02
ubottu	For posting multi-line texts into the channel, please use http://paste.ubuntu.com \| To post !screenshots use http://tinyurl.com/imagebin \| !pastebinit to paste directly from command line \| Make sure you give us the URL for your paste - see also the channel topic.	22:02
guntbert	kman_: ^	22:02
glen1	this is a bit unrealistic xD but if I happened to own one of the cray jaguar supercomputers. Could I use it as a personal computer xD	22:04
glen1	http://en.wikipedia.org/wiki/Jaguar_%28computer%29	22:04
kman_	No need to pastebin. It started working. Not sure why. I did switch the cable back and forth perhaps that triggered something.	22:06
kman_	Maybe I need to check for the cable.	22:06
Patrickdk	heh, I had issues like that with a realtek card	22:07
Patrickdk	I replaced it, no more issues :)	22:07
Patrickdk	I was planning on replacing the whole computer cause of it, but it hasn't come in yet	22:07
=== oubiwann is now known as oubiwann-away
glen1	does anyone know about subdomans?	22:43
glen1	how is images.google.com different from google.com/images/	22:43
rcsheets	well, google.com/images/ doesn't exist	22:44
rcsheets	and images.google.com does	22:44
alex_joni	images.google.com is a subdomain	22:45
alex_joni	it can live on a different server, have a different IP, whatnot	22:45
alex_joni	google.com/images/ is just a folder on google.com/	22:45
taget	glen1: what are you trying to do with your subdomain ?	22:51
glen1	I was just curious about it	22:52
glen1	alex_joni, oh I see	22:52
glen1	thanks	22:52
tyska	im trying to use a samba server in a 10.04 ubuntu but i get this error when trying to access it: samba tree connect failed: NT_STATUS_ACCESS_DENIED. Someone can help me?	23:19
tyska	guys?	23:20
tyska	someone can help me?	23:21
tyska	=(	23:22
shebaloma	hello <thesheff17> i figered it out i was using the wrong ssh-askpass	23:47
JordiGH	How do you get rid of command-not-found?	23:49
JordiGH	Removing the package left me with :	23:49
JordiGH	jgutierrez@ubuntuServer:~$ sdfdsf	23:49
JordiGH	/usr/bin/python: can't find '__main__.py' in '/usr/share/command-not-found'	23:49
JordiGH	I guess I can just nuke any mention of it in /etc/bash.bashrc	23:51
JordiGH	Ah, there we go.	23:53
JordiGH	"-bash: fasdfds: command not found"	23:53
JordiGH	Thanks!	23:53
thesheff17	shebaloma: yea it sounded like it was outside a connection issue with virt.	23:54
shebaloma	i had ssh-askpass but this was the problem them i installd gtk-led-askpass and works fine	23:57
shebaloma	so i think ssh-askpass is outdated	23:58

Generated by irclog2html.py 2.7 by Marius Gedminas - find it at mg.pov.lt!