[01:10] <dev001> Anybody here successfully launched Ubuntu 10.04.1 LTS Server in a Xen DomU, on a non-pvops Xen 4 host (e.g., OpenSUSE 11.3).  Initial/Stage1 install is fine, but a reboot & attempted launch of LTS Guest via pygrub, I get: ""Boot loader didn't return any data!".  Not any problems for non-Ubuntu guests.  Suspect pvops-related _sumthin_ ...
[01:29] <jMyles> I need some help with port forwarding.  I'm just trying to forward a port to another computer.
[01:30] <jMyles> Here are my rules: http://pastebin.com/mbVGzZbN
[01:58] <tt33l3r>  Having a problem with "Keep Aligned" setting on gnome changing back to set on every reboot. Anyone know how to fix this?
[02:57] <dominicdinada> Question..... I just flushed my firewall ruleset. And it is set to allow local traffic only. But for some reason Samba is not allowing local connections so what do I do ? Sudo -A -s 192.168.1.0/24 ACCEPT
[05:10] <tf2ftw> I have a svn folder with perms drwxr-sr-x . My user is in the group that owns the folder yet SVN commit fails with permission error. any clues?
[05:12] <chrismsnz> did you try logging in/out with that user or restarting apache?
[05:12] <chrismsnz> sometimes takes a refresh/relogin for the groups to update
[05:12] <tf2ftw> hmm well im sshing into the server. do i need to disconnect and reconnect?
[05:13] <chrismsnz> yep
[05:13] <tf2ftw> ok lemme try. thanks
[05:13] <chrismsnz> hth
[05:14] <tf2ftw> nope. that did not work
[05:14] <tf2ftw> wait, not its unknown command
[05:15] <tf2ftw> oh, no thats xchat telling me Uknown command
[05:15] <chrismsnz> heh
[05:15] <tf2ftw> I have a user "svn" in a group "svn"
[05:16] <tf2ftw> I have changed the own of the svn folder to user svn o.O
[05:16] <chrismsnz> that will work
[05:16] <chrismsnz> drwxr-sr-x
[05:16] <chrismsnz> = owner read/write, group read only, world read only
[05:16] <chrismsnz> also, did you mean make that setguid?
[05:17] <tf2ftw> ah, actuayeah
[05:17] <tf2ftw> sticky bit
[05:17] <tf2ftw> i can successuflly comit while on the server but not from my client
[05:17] <chrismsnz> i always thought sticky was +t for some reason
[05:18] <chrismsnz> ok, how are you commiting, over DAV right?
[05:18] <chrismsnz> using apache?
[05:18] <tf2ftw> Right
[05:18] <chrismsnz> you might need to add the www-data user to that group
[05:18] <chrismsnz> cause apache's going to try and write to that dir on your behalf when you connect via it
[05:18] <tf2ftw> ah, so i need to add apache to the svn group?
[05:19] <chrismsnz> yes
[05:19] <tf2ftw> thats usermod -a -G user group right?
[05:20] <chrismsnz> usermod -a -G group user
[05:20] <tf2ftw> right thanks
[05:21] <chrismsnz> also, I'm not 100% but i think you may need to "chmod g+w <svndir>" on your repository dir to allow apache to write
[05:21] <tf2ftw> oh wait a minute, user apache does not exist.. did they change the username to apache2  ?
[05:21] <chrismsnz> i'm not 100% on the way that the sticky bit works
[05:21] <chrismsnz> if it's ubuntu, it's www-data iirc
[05:21] <tf2ftw> yeah ubuntu server
[05:21] <chrismsnz> yeah, the user is www-data
[05:22] <tf2ftw> same error. maybe an apache restart?
[05:23] <chrismsnz> yes apache restart
[05:23] <chrismsnz> can you also show me the permissions of your svn dir
[05:24] <tf2ftw> drwxrwsr-x
[05:24] <chrismsnz> should work ;)
[05:25] <tf2ftw> still same perm error. im going to restart my client and recreate the svn folder
[05:26] <tf2ftw> ok the new svn has perm r
[05:26] <ChmEarl> www-data is right
[05:26] <tf2ftw> drwxr-sr-x
[05:27] <chrismsnz> right
[05:27] <chrismsnz> so if apache is part of the SVN group, and your SVN user is part of the SVN group
[05:27] <chrismsnz> then you should:
[05:28] <chrismsnz> chgrp -R svn <svn directory>
[05:28] <chrismsnz> chmod -R g+w <svn directory>
[05:28] <chrismsnz> which will recursively set the files to be owned by group SVN, then recursively allow the group to make changes
[05:30] <chrismsnz> your next problem will probably be that files are being created in the svn directory with permissions based on whoever does the saving, which is a new kettle of fish
[05:30] <tf2ftw> ok let me try that. the weird thing is i can check out the repo but i cannot commit to it (via dav)
[05:30] <chrismsnz> I think I solved that with a DAV parameter somwhere
[05:31] <tf2ftw> i added www-data to the svn group but still cannot commit  via dav
[05:31] <tf2ftw> let me try your chgrp options\
[05:33] <tf2ftw> ok  so i tried what you just suggested, but still no joy. i logged in and out, and apache restart.
[05:34] <tf2ftw> i can view the repo via http (with credentials)
[05:34] <chrismsnz> right
[05:35] <chrismsnz> is it your DAV configuration?
[05:35] <tf2ftw> let me pull that up
[05:35] <chrismsnz> chuck it in a pastebin and i'll take a look
[05:35] <tf2ftw> ok tahkns
[05:37] <tf2ftw> http://pastebin.com/RrC4UvDY
[05:38] <tf2ftw> everything else is commented out or not needed
[05:38] <tf2ftw> such as <location /svn> etcc
[05:39] <chrismsnz> seems fine, do you have any dav-related errors in /var/log/apache2/error_log?
[05:39] <chrismsnz> error.log*
[05:40] <tf2ftw> all permission denied errors XD
[05:40] <chrismsnz> paste :D
[05:41] <tf2ftw> http://pastebin.com/1zA09FB0
[05:42] <chrismsnz> ok
[05:42] <tf2ftw> i can rm the log to clear it right?
[05:42] <chrismsnz> who is the owner/group of /var/svn/testfolder/db/ ?
[05:42] <chrismsnz> just leave it, should be timestamped
[05:43] <tf2ftw> ok db looks like this
[05:43] <tf2ftw> drwxrwsr-x
[05:43] <tf2ftw> which is 2775
[05:43] <tf2ftw> wait, no its not
[05:43] <chrismsnz> if you do "ls -ltr" it should show the user and group
[05:43] <chrismsnz> both are SVN?
[05:43] <chrismsnz> svn*
[05:44] <tf2ftw> drwxrwsr-x root svn
[05:45] <tf2ftw> everything from /var/svn down is root svn
[05:46] <chrismsnz> can you paste me "cat /etc/group | grep svn"
[05:46] <tf2ftw> http://pastebin.com/W0x3ch6n
[05:47] <tf2ftw> wait a min, looks like www-data is not in the svn group
[05:47] <tf2ftw> wtf
[05:47] <chrismsnz> yep
[05:48] <chrismsnz> the svn user is in the www-data grou
[05:48] <chrismsnz> p
[05:48] <tf2ftw> hahaha
[05:48] <tf2ftw> thats what happened, i had the backwords when i did the usermod
[05:48] <tf2ftw> sorry bout that
[05:48] <chrismsnz> np
[05:48] <chrismsnz> usermod -a -G svn www-data
[05:48] <chrismsnz> i think is what you need
[05:49] <tf2ftw> yeah tahts the one. lemme try a log out/in and apache restart
[05:49] <chrismsnz> sorry, back
[05:50] <tf2ftw> excellent! thanks a lot! im up and going now
[05:50] <tf2ftw> man, its rare you dont get noob killers when you ask a question
[05:51] <chrismsnz> haha
[05:51] <tf2ftw> anyways, thanks again.
[05:51] <chrismsnz> you caught me in procrastination mode :)
[05:51] <chrismsnz> sweet - good luck, i hope you don't run into any more probs
[05:51] <tf2ftw> thanks
[05:52] <chrismsnz> getting two users part of a secondary group to write nicely to the same dir was a major pita for me
[05:52] <tf2ftw> hmm.. im trying to break my partner of using FTP all the time.
[05:52] <tf2ftw> so this should be interesting
[09:40] <xampart> i did an usb-installation of 10.04 server, using usb-create. why does uname -a show 2.6.32-24-generic?
[09:45] <ewook> darnit. what apache mod is it that runs not only cgi's as another user, but the "whole" (ie, different domain, different pidowner)
[09:46] <ewook> I thought it was mpm
[09:49] <ewook> but I cannot locate it with a2enmod.
[09:49] <ewook> perhaps a question for #apache
[10:04] <joschi> ewook: mpm_itk or mpm_peruser
[10:12] <ewook> joschi: yeah, mpm_itk I thought I just got. but guess not.
[12:35] <kaushal> hi
[12:36] <kaushal> can someone please guide me about https://bugs.launchpad.net/ubuntu/+source/xen-meta/+bug/540110 ?
[12:57] <kaushal> checking in again for my query ?
[13:01] <soren> kaushal: I'm not sure what your question is?
[13:02] <kaushal> soren: is there a fix for it ?
[13:02] <soren> kaushal: Are you asking if it has been fixed or if it can be fixed?
[13:03] <kaushal> soren: yeah
[13:04] <pmatulis> :)
[13:04] <soren> :(
[13:04] <soren> kaushal: Well, then yes.
[13:05] <kaushal> soren: ok
[13:05]  * soren questions the usefulness of this conversation
[13:05] <kaushal> so i need to wait for it ?
[13:06] <kaushal> soren: apologies
[13:08] <kaushal> soren: is there a irc channel for LP ?
[13:08] <soren> Sure.
[13:08] <soren> I'll let you guess what it's called :)
[13:08] <kaushal> LaunchPad :)
[13:08] <pmatulis> bzzzt
[13:09] <kaushal> pmatulis: any thing wrong from my end ?
[13:09] <pmatulis> kaushal: no
[13:09] <kaushal> oh ok
[13:09] <soren> Like other IRC channels, the launchpad channel features a # prefix.
[13:10] <kaushal> soren: i needed ubuntu specific
[13:10] <kaushal> soren: so any related to LP bugs should be discussed in which irc channel ?
[13:12] <soren> kaushal: Are you talking about bugs /about/ Launchpad or bugs /on/ Launchpad /about/ Ubuntu?
[13:12] <kaushal> bugs /on/ Launchpad /about/ Ubuntu
[13:12] <soren> It depends on the nature of the bug.
[13:12] <soren> In some cases, it's this channel.
[13:13] <soren> Other times, it'll be #ubuntu-desktop, #ubuntu, #ubuntu-devel, #kubuntu-devel, #ubuntu-motu..
[13:13] <Pici> #ubuntu-bugs ...
[13:13] <soren> And this is not an invitation to post some question in all of those at the same time.
[13:13] <xfaf> morning
[13:13] <soren> Pici: Occasionally, I suppose.
[13:14] <kaushal> soren: ok
[13:15] <soren> kaushal: You seriously need to learn to ask more specific questions.
[13:15] <kaushal> soren: sure
[13:15] <kaushal> soren: specific questions ?
[13:15] <soren> epic
[13:16] <kaushal> i did not understand that
[13:16] <kaushal> I wanted to discuss about that LP Bug
[13:16] <kaushal> hence the question
[13:16] <kaushal> was there something wrong ?
[13:16] <soren> When you ask a question... Try to be specific.
[13:16] <soren> Explain what you want, what you're talking about, why you ask, etc.
[13:16] <kaushal> ah ok
[13:17] <kaushal> soren: thanks
[13:17] <soren> np
[13:41] <cemc> is there a nice logwatcher style something, that will watch auth.log for me and send me an email the moment somebody logs in through ssh ?
[13:43] <zash> cemc: tail -f /var/log/auth.log | grep something about successful auth | while read line; echo "$line" | mail -s "someone logged in" you@example.com; done
[13:43] <zash> or something
[13:44] <cemc> zash: I know I can write my own, but I thought maybe there is one already, something nicer ;)
[13:45] <cemc> hm, maybe I can add it to fail2ban
[13:46] <cemc> instead of iptables filtering, it just sends an email
[14:23] <Crankygeek02> Good morning
[14:25] <Crankygeek02> Anyone familiar with eGroupware?
[14:26] <ivoks> soren: ping
[14:27] <ivoks> soren: when --dns is used with vmbuilder, vmbuilder sets up dns in /etc/network/interfaces as dns-nameserver
[14:27] <ivoks> soren: and that's great, but there's on problem
[14:27] <ivoks> soren: to populate /etc/resolv.conf, that requires resolvconf
[14:28] <ivoks> soren: so, vmbuilder should really write to /etc/resolv.conf or install resolvconf by default
[14:28] <ivoks> soren: (if you are still maintaining that code :)
[14:35] <kpettit> Crankygeek02: I've used it a bit
[14:41] <Crankygeek02> Kpettit: I am having a issue with the setup. I an passing all the config checks. But when I try and load the site, I am getting an error stating that I have npt created the database tables. Click here for setup.
[14:42] <kpettit> Ah sorry, couldn't help ya there.  You might want to check #egroupware
[14:52] <Crankygeek02> You can see the error here:  http://www.intellitechgroup.com/egroupware
[14:52] <Crankygeek02> Nobody answers in that channel  lol
[15:09] <jMyles> I'm trying to forward a port to a specific computer on my network.  If I run iptables -t nat -vnL, it shows some packets (16 of them, seemingly about one for every time I try) but it doesn't seem to do anything.
[15:20] <jMyles> My IPtables rules are here (not forwarding properly): http://pastebin.com/Kb9yCDcD
[15:25] <patdk-wk> heh?
[15:25] <jMyles> patdk-wk: Is that directed at me?
[15:25] <patdk-wk> yep
[15:25]  * patdk-wk wonders where the other half of the problem is
[15:25] <patdk-wk> like what are you forwarding? from where? to where?
[15:26] <jMyles> All external requests at port 8000 to a single computer on my network
[15:26] <patdk-wk> well, I don't see any dnat rules, so ya, it shouldn't work
[15:27] <patdk-wk> your nate table is also empty, dunno how nat works
[15:27] <patdk-wk> nat
[15:29] <jMyles> patdk-wk: This can be a learning moment for me - I'm so lost.  I don't know what dnat is.  My nat table has a rule under prerouting: 16   776 DNAT       tcp  --  *      *       0.0.0.0/0            24.39.111.23        tcp dpt:8000 to:10.0.0.88:8000
[15:30] <raubvogel> For those of you using rsyslog, how does the /etc/rsyslog.d dir works? I mean, do you start with the 50-default.conf and then add a, say, 55-mine.conf which adds the changes from the default you want to use?
[15:30] <patdk-wk> jMyles, your pastbin is missing that
[15:30] <patdk-wk> and I cant being to help with inproper info
[15:31] <kpettit> Any recommendations for desktop search?  Need to index or be able to search for 500k files.  So I imagine I'll need something that keeps a database index
[15:31] <jMyles> patdk-wk: It is on line 18 of my pastebin
[15:31] <jMyles> http://pastebin.com/657BazSt
[15:32] <jMyles> patdk-wk: Oh dear, I posted the wrong pastebin before, sorry.
[15:36] <patdk-wk> I don't get the forward rule you have
[15:37] <jMyles> patdk-wk: I'm not sure I do either - I cloned and modified it.  It it supposed to say "forward all traffic on port 8000 to 10.0.0.88"
[15:37] <patdk-wk> actually, it's needed if you don't have a default policy of accept
[15:38] <jMyles> So, since I have a default policy of accept, no forward rule is required?  Only the prerouting?
[15:38] <patdk-wk> yep
[15:39] <patdk-wk> I dunno why you would run default policy accept on a firewall though
[15:39] <patdk-wk> with internet access
[15:41] <jMyles> patdk-wk: Well we're not really terribly in need of a firewall anyway.  All I really want is to be able to easily forward traffic.
[15:41] <jMyles> patdk-wk: I notice that the number of packets for the prerouting and forward rules are > 0 - does this mean they are working-ish?  Also, they are different from each other.  Is this a problem?
[15:42] <patdk-wk> they mean two totally different things
[15:43] <patdk-wk> it looks fine to me though
[15:44] <jMyles> patdk-wk: OK.  So the traffic is supposedly making it through?
[15:44] <patdk-wk> ya, as far as I can tell
[15:44] <patdk-wk> use tcpdump
[15:44] <jMyles> patdk-wk: What can I do, apart from netstat -ta, which doesn't show me any such traffic, to see what it happening on the computer?
[15:44] <jMyles> ok, tcpdump
[15:44] <jMyles> on the gateway or the endpoint?
[15:44] <patdk-wk> heh, everything :)
[15:44] <patdk-wk> first on your external interface
[15:45] <patdk-wk> then internal interface
[15:45] <patdk-wk> then on 10.0.0.88
[15:46] <binBASH> Moin patdk-wk
[15:47] <jMyles> patdk-wk: holy heck - it's a jungle!! :-)  Can I grep 8000 and get what I want?
[15:48] <patdk-wk> sure
[15:50] <ssureshot> Does ubuntu update packages during releases? Ieee... will lucid server ever have a newer version of samba than 3.4.7 ?
[15:50] <ssureshot> in it's repositories of course
[15:50] <jMyles> patdk-wk: So grepping shows me nothing that I can identify as interesting.  :-\
[15:54] <smoser> ssureshot, it is not likely
[15:55] <patdk-wk> tcpdump -ni eth0 port 8000
[15:55] <smoser> in general, updates for stable releases are governed by the SRU process (https://wiki.ubuntu.com/StableReleaseUpdates)
[15:55] <patdk-wk> did you test it, while you had tcpdump going?
[15:55] <smoser> if you want newer packages for a stable release, you the right places i backports https://help.ubuntu.com/community/UbuntuBackports
[15:55] <ssureshot> so packages are basically as is then.. I was curious just because I've had such an issue with 9.10 and samba 3.4.0..
[15:56]  * patdk-wk is using samba on karmic and lucid, no issues
[15:57] <ssureshot> samba worked good but the whole point and print issue was horrible
[15:57] <ssureshot> thanks for the replies good info
[15:57] <patdk-wk> hmm, I use it for printing at home
[15:58] <patdk-wk> dunno about point
[15:59] <ssureshot> the whole rpc service was broken in 3.4.0 with point and print ... wasn't fixed untill 3.4.5.. I researched that for a few weeks looking for a resolution ..
[16:00] <smoser> ssureshot, the other option, if you need something newer or older is to do a rebuild of the source for yourself. you can do this locally, or use PPAs.
[16:00] <smoser> ie, that would allow you to grab maverick's version and build for lucid, or some other combination
[16:00] <patdk-wk> oh heh, strange
[16:01] <patdk-wk> running lucid, pointnprint works for my wifes win7 laptop
[16:01] <patdk-wk> I don't use samba for printing at work, so wouldn't know about more than just that one
[16:01] <ssureshot> yup lucid works great :) was fixed
[16:01] <ssureshot> I actually pulled samba from the lucid repository
[16:02] <ssureshot> to make it work lol
[16:02] <patdk-wk> karmic is almost dead now anyways
[16:02] <jMyles> patdk-wk: OK!  So, on 10.0.0.88, I see this stuff whenever I try to hit it on 8000: 11:01:10.731058 IP 10.0.0.197.44208 > 10.0.0.88.8000: Flags [S], seq 4136560425, win 5840, options [mss 1460,sackOK,TS val 30137570 ecr 0,nop,wscale 5], length 0
[16:03] <G> zul: yeah, just managed to work out bug 619302
[16:03] <ssureshot> yeah sure is... I just talked my boss into finally making the jump to 10.4 for Support reasons
[16:03] <patdk-wk> jMyles, that sure isn't a firewall or even dnat issue, your accessing it direct
[16:03] <patdk-wk> sounds like whatever is suppost to be on port 8000 doesn't exist
[16:04] <jMyles> patdk-wk: OK, great.  Thank you for your help!! :-)
[16:32] <jca1981> Need Help :  my upgrade to lucid failed, getting this error when i do a dpkg --configure -a http://pastebin.ubuntu.com/485784/
[16:34] <Jimboo> hi ppl need little help, i've installed apache2 with php5 via cgi, but from some reason i have when i try phpinfo() i have virtual directory support disabled... could anyone gimme advice where to enable it?....
[16:43] <G> jca1981: by any chance are yuo still in a chroot of some sort?
[16:47] <soren> jca1981: I asked you about this hours ago in #ubuntu-dk :) Are you running in metal?
[16:47] <soren> s/in/on/
[16:57] <patdk-wk> hmm, the minimalcd's for vmware are nice
[17:04] <kpettit> I'm noticing alot of newer versions of stuff I want is in the maverick but not lucid repositories.
[17:05] <kpettit> Is there a way I can add packages from that repository without having to upgrade Ubuntu version or downloading packages manually?
[17:05] <patdk-wk> uprade to maverick :)
[17:05] <guntbert> !latest | kpettit
[17:05] <patdk-wk> issues normal come into the dependencies
[17:05] <guntbert> patdk-wk: thats not really good advice
[17:05] <kpettit> yeah I got that.  There is just a couple apps that I needed.
[17:06] <patdk-wk> gnuyoga, dunno, I have been running maverick since the repository was created
[17:06] <patdk-wk> it's been ok for me
[17:06] <kpettit> usually I can find ppa repositories, but sometimes not.  Usually end up doing alot of googling
[17:07] <kpettit> patdk-wk, is your system lucid or maverick?
[17:07] <patdk-wk> both
[17:08] <patdk-wk> I have like 10 hoardy systems, probably 15 lucid, and 2 maverick
[17:08] <kpettit> ah ok, cool thanks.
[17:08] <Pici> hoary or hardy?
[17:09] <patdk-wk> hardy? 8.04
[17:09] <patdk-wk> the last of my xen systems
[17:16] <jMyles> So, it appears pretty clear that packets are getting into my network to the forwarded computer, but they don't seem to be getting back out?  The computer in question sees the packets, but doesn't seem to issue a response.
[17:17] <SpamapS> jMyles: would you mind restating your question, I don't see it in the backscroll...
[17:18] <jMyles> SpamapS: I am trying to set up a (temporary) web server on a computer inside my network.  I'm trying to forward some port (any port, really, but 8000 for now) to that computer.  With a lot of awesome help from patdk-wk, I have determined that packets are now making it into that computer.  However, the connection is timing out.  http://pastebin.com/657BazSt
[17:19] <SpamapS> jMyles: does the web server have a firewall configured?
[17:21] <jMyles> SpamapS: Well, I ran tcpdump and verified that packets were incoming.  I even installed firestarter (which I think we're all lukewarm about) and watched as the packets came in and were blocked, and then enabled service for port 8000.
[17:22] <jMyles> SpamapS: I still get messages like this (both input and output, input shown here): Input Dropped: IN=eth1 OUT= MAC=00:40:f4:58:73:8b:00:16:cb:9d:8b:da:08:00 SRC=10.0.0.88 DST=10.0.0.46 LEN=52 TOS=0x10 PREC=0x00 TTL=64 ID=16170 DF PROTO=TCP SPT=36693 DPT=22 WINDOW=1879 RES=0x00 ACK URGP=0
[17:22] <jMyles> SpamapS: That's on the server.
[17:24] <patdk-wk> that message is so unrelated, it's about port 22, not port 8000
[17:25] <ChmEarl> maverick daily build CD is now i386 only. No amd64 for 2 days
[17:25] <jMyles> Ahh, DPT.  I just learned something.
[17:25] <SpamapS> jMyles: DPT=22 means ssh
[17:25]  * SpamapS expresses his lag shame
[17:32] <jMyles> patdk-wk and I determined that the packets were getting here, on time and in good shape, but it just doesn't work the same as it does if I access it from another computer on the network.  It's stone dead.
[17:36] <patdk-wk> as far as I know, he has no service on port 8000
[17:36] <patdk-wk> or, some firewall on it is blocking the replies
[17:36] <ScottK> ChmEarl: We're in beta freeze so rebuilds are done as needed, not daily.
[17:37] <ChmEarl> ty- i386 worked well
[17:38] <jMyles> patdk-wk: Well I am watching the console on port 8000 (a django server / debugger - again super temporary) and it is doing nothing.
[17:49] <SpamapS> jMyles: you may be running into "the NAT problem" if you're trying to access the external IP from a machine inside the same LAN as the web server.
[17:50] <patdk-wk> na, his tests where internal on local lan
[17:50] <patdk-wk> and his nat rules are good
[17:50] <SpamapS> is there a SNAT rule for  -s $SOURCE_NETWORK -d $EXTERNAL_IP -j SNAT --from $EXTERNAL_IP ?
[17:57] <smoser> hallyn, where do you do development of qemu-kvm ?
[17:57] <smoser> ie, if i want to propose a change, where should i grab source from ?
[18:07] <cemc> hey guys. in ubuntu 10.04 is there some framework to manage a bunch of servers at once? for example I want to run a certain command or sequence of commands on say 30 servers, not necessarily with cssh. something like: put scripts somewhere, upload script with rsync, run script on servers, get result in mail or something
[18:09] <zul> cemc: puppet
[18:13] <cemc> zul: thanks, I'll take a look
[18:17] <hallyn> smoser: you mean upstream?  git://git.kernel.org/pub/scm/virt/kvm/qemu-kvm.git
[18:17] <hallyn> smoser: our tree is at lp:ubuntu/qemu-kvm
[18:18] <smoser> hallyn, thats what i wanted, i guess. I was wondering if you had a middle resting place for development of the packaged versions.
[18:19] <smoser> ie, like the eucalyptus branch at https://code.launchpad.net/~ubuntu-virt
[18:19] <smoser> anyway.
[18:20] <smoser> next question:  are you expecting a new version of qemu-kvm for maverick ? hallyn
[18:21] <smoser> i'm asking because if you are, then likely bug 619302 will be fixed magically. but if not, we should get a fix for it (and someone has attached patch to bug).
[18:27] <cemc> zul: how well is this puppet integrated in ubuntu? like... does it work? :)
[18:27] <zul> cemc: yes it does afaik
[18:32] <SpamapS> cemc: puppet is awesome, and works great on ubuntu.
[18:33] <cemc> SpamapS: the one in lucid too? 0.25.4 ?
[18:36] <yann2> cemc, works, but client daemon leaks a lot.
[18:36] <yann2> better run puppet-run than puppetd
[18:38] <yann2> not sure about lucid though, am mostly using 8.4 - 9.4
[18:39] <hallyn> smoser: hm, i wasn't planning on a new version, but it's not out of the question
[18:39] <smoser> by new version i meant new upstream qemu-kvm version
[18:39] <smoser> ie, 0.13
[18:39] <hallyn> right, but that's not out yet?
[18:39] <hallyn> (or is it?)
[18:39] <smoser> ok. just seeinf if we were meaning the same thing.
[18:40] <smoser> you're much more aware of when it is due and such.
[18:40] <hallyn> 0.12.5 is still the lastest unfort
[18:40] <hallyn> (just pulled and checked tags)
[18:40] <smoser> ok. then you should probably pull that patch.
[18:40] <smoser> if you'd like I can push a branch and request a merge.
[18:40] <smoser> (the patch is both trivial and upstream)
[18:41] <hallyn> smoser: looks fine to me
[18:42] <smoser> so nothing required from me ?
[18:42] <hallyn> smoser: since i don't have upload rights yet anyway, i'd say just subscribe whatever team does the FFEs to the bug...
[18:42] <smoser> well, thats not a FFE
[18:43] <hallyn> oh, true
[18:43] <smoser> just normal sponsorship
[18:44] <hallyn> that's the part i still have the hardest time with.  (gotta find how to do a sru for lxc for lucid too)
[18:44] <hallyn> smoser: all right i'll create a bzr branch and propose it for merging, thx
[18:45] <smoser> is Daviey around ?
[18:45] <smoser> hallyn, well, really, you need to get PPU for qemu-kvm and lxc.
[18:46] <smoser> hallyn, i might suggest you put a "staging" branch in the ~ubuntu-virt team
[18:46] <smoser> for qemu-kvm
[18:46] <smoser> then you (and I and others) can push things there, and then when you request kirkland or someone to pull, they just build that.
[18:47] <smoser> that is what Daviey is doing foe ucalyptus and it seems to work well
[18:47] <hallyn> do i have write access to ~ubuntu-virt?
[18:49] <smoser> i think so, i thought i'd seen you push to the ppa
[18:51] <hallyn> smoser: i might do that then i guess
[19:12] <tynot> help! can't get ubuntu 10.04.1 to save dns settings. just trying to use google's public dns server 8.8.8.8, but it keeps defaulting to the local router which is not running dns.
[19:12] <delimiter> try removing the resolvconf package
[19:13] <tynot> delimiter, where does it resolve to after resolvconf's been removed?
[19:14] <delimiter> you'll need to fix /etc/resolv.conf one more time after removing it
[19:14] <delimiter> to point at 8.8.8.8
[19:14] <tynot> so, save 8.8.8.8 and then remove the package?
[19:15] <Pici> err. A better way would be to modify your /etc/dhcp3/dhclient.conf file
[19:16] <delimiter> other way around
[19:16] <tynot> d'oh!
[19:17] <tynot> pici, does modifying dhclient.conf hold settings better?
[19:17] <delimiter> to each his own, I personally think having resolvconf running on a server a dumb idea
[19:17] <Pici> delimiter: Its a dependency of postfix
[19:17] <tynot> I just need a working dns to download packages.
[19:18] <delimiter> no, it's only suggested by postfix
[19:18] <tynot> at the moment, we're pulling from isp's.
[19:18] <Pici> oh, rdepends didn't specify :(
[19:18] <Pici> tynot: Modify/edit the prepend domain-name-servers line in that file so whenever you get a new dhcp address it'll use the thing you specified there instead.
[19:19] <tynot> i have a static local ip
[19:19] <tynot> c class
[19:19] <Pici> oh. Then delimiter's suggestion is probably better.
[19:19] <Pici> Odd.
[19:19] <tynot> not so for our purposes
[19:21] <tynot> so.... change the nameserver line from 192.168.1.1 to 8.8.8.8, for instance... remove resolvconf then we're good to go?
[19:22] <delimiter> tynot: yes
[19:22] <tynot> would you mind giving me the syntax to remove resolvconf package?
[19:24] <ScottK> ttx: http://launchpadlibrarian.net/54104562/buildlog_ubuntu-maverick-i386.cobertura-maven-plugin_2.3%2Bdfsg-1_FAILEDTOBUILD.txt.gz looks like it needs someone who understands a bit about maven to resolve, but would be a good FTBFS for someone to fix (would also solve some depwait too)
[19:25] <tynot> would you mind providing the syntax to remove resolvconf package?
[19:27] <tynot> #delimiter the command to remove resolvconf?
[19:27] <RoyK> apt-get remove --purge resolvconf
[19:27] <RoyK> --purge is optional, though
[19:28] <tynot> will try, RoyK, thx.
[19:33] <tynot> delimiter, Got "Package resolvconf is not installed, so not removed" Hmm.
[19:34] <delimiter> tynot: strange
[19:34] <tynot> very.
[19:34] <lamont> delimiter: I agree with you that resolvconf makes no sense on a server... that's why postfix only suggests it
[19:35] <delimiter> what else would overwrite /etc/resolv.conf ?
[19:35] <tynot> but, it defaults back to the local router, 192.168.1.1, when we reboot.
[19:35] <delimiter> is dhclient running?
[19:36] <tynot> shouldn't be. how do I check? The local IP was set to static 192.168.1.111.
[19:36] <RoyK> delimiter: you _are_ running ubuntu server, not desktop?
[19:37] <delimiter> ps -ax | grep dhclient
[19:38] <RoyK> delimiter: is there a dns server set in /etc/network/interfaces?
[19:38] <delimiter> RoyK: fyi It's tynot who is in need of help not me :)
[19:39]  * RoyK slaps RoyK 
[19:39] <RoyK> tynot: see question above :)
[19:41] <tynot> ok, delimiter, what are we looking for in the output to the screen? it says eth4.leases eth4. not sure what to make of that. no ip addresses. OK, RoyK, I'll check.
[19:42] <tynot> RoyK, no apparent DNS in etc/network/interfaces.
[19:44] <tynot> royK?
[19:44] <delimiter> tynot: sounds like you still have a dhclient process around, which could be a problem as it might be overwriting your resolv.conf. Suggest to kill it or reboot to start fresh
[19:45] <RoyK> tynot: killall dhclient
[19:45] <RoyK> and dpkg -l | grep dhcl
[19:45] <tynot> k
[19:46] <tynot> no dhclient found
[19:46] <tynot> no dhclient process found
[19:46] <RoyK> ok, after killing dhclient, try rebooting if convenient
[19:46] <tynot> sure
[19:47] <tynot> h/o
[19:49] <tynot> rebooted. now what?
[19:49] <RoyK> check /etc/resolv.conf
[19:50] <tynot> back to local router ip 192.168.1.1
[19:50] <tynot> I did write out 8.8.8.8 in nano. went back to check b4 rebooted. hmm.
[19:52] <tynot> it's been years since I admin'd a linux box. is there an ipconfig equivalent in linux?
[19:54] <tynot> anyone?
[19:54] <tynot> buehler?
[19:54] <smoser> (it may be the case that no one knows what 'ipconfig' is)
[19:54] <tynot> no prob
[19:55] <tynot> it's been a while for me, so this seems foreign again.
[19:55] <kees> zul: hey, just wanted to point out nagios-plugins 1.4.14-5ubuntu3; looks like hardening-wrapper got missed in the latest merge. I've fixed it, though.
[19:56] <tynot> cannot figure why the /etc/resolv.conf file is being overwitten.
[19:56] <zul> kees: oh...odd thanks
[19:58] <tynot> delimiter? RoyK? still around? sounds like dhcp is running, but is not showing in processes.
[20:03] <RoyK> tynot: grep -r resolv.conf /etc
[20:03] <RoyK> perhaps you can find something from that
[20:03] <tynot> k
[20:03] <tynot> brb
[20:04] <MTecknology> !lts
[20:06] <tynot> ok. I get: Restart nscd becasue resolv.conf has changed, although I'm not sure what we're looking for specifically. sorry.
[20:08] <tynot> one line reads: in an old resolv.conf file exists, restore it
[20:08] <tynot> oops, that's "IF and old resolv.conf file exists, restore it"
[20:12] <tynot> bye
[20:37] <smoser> jjohansen, ping
[20:44] <dominicdinada> Need some advice I accidentally knocked the server offline by doing a port scan. if the server is set to rate limit drop if a threshold is reached usually after XXX amount of time it will resume connectivity  ?
[20:44] <dominicdinada> !ratelimit
[20:46] <patdk-wk> no idea, depends on how you configure it
[20:47] <dominicdinada> well i guess where would i look. in the logs it says syn flood detected. DROP packets... and the rules are set to drop packets if xxxx /min is reached but no where does it say to ban the computer from network
[20:57] <tacomaster> i was wondering will ubuntu server support being an update server for other os's?
[21:10] <dominicdinada> still blocking me and i dont see any rules blocking me
[21:10] <dominicdinada> just a standard rate limit to drop flood packets but doesnt it lift
[21:14] <tynot> have dns resloved now, but can't seem to pull down packages. advice?
[21:15] <tynot> brb
[21:16] <smoser> what errors do you get  when you try to "pull down packages"
[21:26] <tynot> back
[21:27] <bdmurray> zul: could you be a bit more verbose in stuff like bug 626416?
[21:27] <tynot> smoser, for instance, getting "Couldn't find package <whatever>"
[21:28] <smoser> tynot, hm.. you may need to 'sudo apt-get update' first
[21:29] <tynot> think I've tried that, smoser, but what the hell. give it another shot.
[21:29] <smoser> well, what does it say when you try it ?
[21:32] <tynot> smoser, THAT worked. however, I've been trying to pull down an Xwindow client, ala kubuntu-desktop, for days and get the previously-mentioned error.
[21:33] <smoser> tynot, so you're doin gtha thow ? 'apt-get install kubuntu-desktop' ?
[21:34] <tynot> Wow! the update worked! Woo and hoo!
[21:35] <tynot> yeah, smoser, it's pulling down and installing? kubuntu desktop. how does one run it when it's through? startx?
[21:36] <smoser> if you get kubuntu-desktop (this is obviously not '#ubuntu-server' related)  then you i think a reboot will get you a kdm login prompt.
[21:36] <smoser> not certain, but i think
[21:37] <tynot> smoser, as no one's on it yet, it's worth a try.
[21:38] <tynot> to anyone, really. Is there an easy-to-use x-window or mac desktop shell for a remote MacBook Pro?
[21:41] <aetaric> tynot: you can use ssh... but OS X doesn't use X11 unless you install it. and even then...MOST apps don't use it
[21:43] <tynot> aetaric, so other than, like, vnc, ssh would give a MacBook Pro user an X11 view of the server?
[21:45] <aljosa> i'm trying to use eucalyptus on my workstation, having problems with running an instance - http://dpaste.com/236432/ - any ideas why?
[21:45] <aetaric> no. you can use ssh to view VNC securely
[21:46] <aetaric> VNC is the only way to see the actual desktop
[21:46] <smoser> aljosa, well, you have no nodes registered.
[21:46] <smoser> $ sudo euca_conf --list-nodes
[21:47] <tynot> aetaric, thanks, man. so, once kubuntu-desktop is done installing, it should boot to a gui login, correct? from there, I think I can handle setting up vnc myself.
[21:48] <aljosa> smoser: "euca_conf --discover-nodes" doesn't find anything although i have eucalyptus-nc running. any idea what can i do?
[21:48] <aetaric> tynot: yeah... are you installing kubuntu on you macbook pro?
[21:49] <smoser> aljosa, you can register it by hand
[21:49] <tynot> aetaric, ha!! GOD, NO!!! xD we're installing it on an Ubuntu server 10.04.1.
[21:49] <Lichte> I just installed mysql-server and I can't get logged in as root on either localhost or from another computer
[21:50] <Lichte> what do I have to do to get logged in
[21:50] <aetaric> tynot: oh...i was about to say.... that seems a bit daft.
[21:50] <Lichte> ?
[21:50] <smoser> aljosa, sudo euca_conf --register-nodes
[21:51] <tynot> aetaric, just to confirm, it looks like the get/install of kubuntu desktop worked. Once rebooted, it should now come up in a gui, correct?
[21:51] <Krenari> hello guys
[21:51] <aetaric> tynot: yeah
[21:52] <tynot> aetaric, coolness. thx, man. cheers!
[21:52] <aetaric> tynot: and OS Xhas both a built in VNC server and client
[21:52] <tynot> it does?
[21:52] <tynot> how? where?
[21:52] <Krenari> i need a tutorial have to configure and secure ubuntu server like a web server
[21:53] <tynot> how does one launch it?
[21:53] <aljosa> smoser: http://dpaste.com/236438/ - i've tried but nothing changed, any ideas?
[21:53] <Krenari> can anyone help me pls, i really need very good security configuration!
[21:53] <DrNick_> hi.  have just upgraded a server to 10.4, since then it refuses to recognise the printer attached to the parallel port.  /dev/lp0 isn't created upon boot.  the lp module is loading, with the message "lp: driver loaded but not devices found".  have tried switching parallel port modes in the bios with no luck.  worked ok before the upgrade
[21:53] <DrNick_> reloading the lp module presents the same message btw.  any ideas anyone?
[21:53] <smoser> aljosa, this is lucid ?
[21:54] <aljosa> smoser: yes
[21:54] <aetaric> tynot: System prefs > sharing > screen sharing
[21:55] <Krenari> can anyone help me pls
[21:55] <smoser> aljosa, unfortunately at this point all i can suggest is restarting things.
[21:55] <DrNick_> Krenari: try refering to the documentation on the website as a starting point
[21:55] <smoser> sudo restart eucalyptus CLEAN=1
[21:55] <aljosa> smoser: ok, thanks
[21:55] <smoser> and on the node: sudo restart eucalyptus-nc CLEAN=1
[21:55] <smoser> not that that is the right solution, or you couldn't figure it out, but that is what i would try at the moment.
[21:56] <Krenari> DrNick_, i am very my with opensource platform can u guide me a little bit more ?
[21:56] <tynot> aetaric, oh, I don't want to share MY MacBook's screen, I want to view the server's screen from my MacBook Pro. Still work the same, different IP addresses?
[21:57] <Lichte> Why am I getting: ERROR 1045 (28000): Access denied for user 'root'@'localhost' (using password: YES), even after I set a password during the installation of mysql-server ???
[21:57] <aetaric> tynot: yeah... there is a client, just not sure where it is
[21:57] <tynot> aetaric, "Remote Management"?
[21:58] <aetaric> tynot: pretty sure you see it when you click on the computer in the "Shared" area on the left of the finder window
[21:59] <tynot> aetaric, thx. I'll look into it. appreciate the help. cheers!
[22:00] <DrNick_> at the moment i'm considering looking out for a 2nd hand parallel port print server to just network the printer, although if i could get it working connected to the lp port again that would be great
[22:04] <Lichte> Why am I getting: ERROR 1045 (28000): Access denied for user 'root'@'localhost' (using password: YES), even after I set a password during the installation of mysql-server ???
[22:18] <Lichte> Why am I getting: ERROR 1045 (28000): Access denied for user 'root'@'localhost' (using password: YES), even after I set a password during the installation of mysql-server ???
[22:27] <dominicdinada> !cron
[22:37] <thesheff17> I'm trying to run virt-migrate with virsh migrate --live vm029 qemu+ssh://192.168.1.5/system...I see this on the debug mode on the source virtual machine msg=operation failed: migration to 'tcp:vmserver05:49155' failed: migration failed.  Any ideas?
[22:39] <ChmEarl> thesheff17, you have ssh keys/passwordless setup for root?
[22:39] <thesheff17> ChmEarl: yes
[22:40] <thesheff17> ChmEarl: from source to dest...do I need dest -> source?
[22:40] <ChmEarl> thesheff17, another sanity check is remote use of VirtManager
[22:43] <thesheff17> ChmEarl: I think I got it to work...I think it was complaining about DNS stuff. I hard coded vmserver05 in the host file of the source virtual machine server
[22:45] <Lichte> Why am I getting: ERROR 1045 (28000): Access denied for user 'root'@'localhost' (using password: YES), even after I set a password during the installation of mysql-server ???
[22:46] <thesheff17> !ask
[22:47] <thesheff17> Lichte: try sudo /etc/init.d/mysql reset-password and make sure you are using the right password and using mysql -u root -p to connect.
[22:47] <Lichte> thesheff17: that didn't work
[22:48] <thesheff17> Lichte: http://ubuntu.flowconsult.at/en/mysql-set-change-reset-root-password/
[22:49] <thesheff17> Lichte: it used to in ubuntu 9.10 and before
[22:53] <delimiter> Does anyone think ondemand (cpu frequency scaling) is good for a server? I'm wondering if it could sap performance in any way
[22:54] <cloakable> I don't think so, but there may be use cases where it would affect things.
[23:00] <qman__> if you are using virtualization, CPU scaling can affect the RTC of the VMs
[23:00] <qman__> that's the only real issue I've ever noticed with them, powernowd specifically
[23:01] <qman__> performance in general is not a problem, just sometimes side effects like that show through
[23:29] <yann2> is there any other way where to put known hosts than $HOME/.ssh/known_hosts ? I'd like to deploy it automatically and prevent a user from modifying it
[23:30] <yann2> oh found it /etc/ssh_known_hosts2 , sorry
[23:34] <yann2> mmh doesnt seem to work :(
[23:43] <Tim_R> as anybody installed any server versions onto a flash drive before?