[00:00] <SpamapS> mathiaz: I'm just wondering if we can do a lot of the dashboard stuff you want to do given that there should be a proxy to api.launchpad.net on people.canonical.com soon.
[00:01] <mathiaz> SpamapS: cool - IIUC I could query LP API directly from javascript with a page hosted on people.canonical.com?
[00:02] <SpamapS> mathiaz: exactly
[00:02] <SpamapS> mathiaz: public data only tho
[00:03] <mathiaz> SpamapS: which point on the document we'd have to use? https://help.launchpad.net/API/
[00:03] <mathiaz> SpamapS: the second one?
[00:03] <mathiaz> SpamapS: Users who aren't Python programmers, or who are interested in the inner workings of the web service, ?
[00:03] <mathiaz> SpamapS: and thus https://help.launchpad.net/API/Hacking?
[00:05] <SpamapS> mathiaz: yes
[00:06] <SpamapS> mathiaz: tho I found some things in that out of date
[00:07] <SpamapS> https://api.launchpad.net/1.0/ubuntu?ws.op=searchTasks&assignee=https://api.launchpad.net/1.0/~mathiaz
[00:07] <SpamapS> mathiaz: so you'll be able to get access to that from javascript..
[00:08] <mathiaz> SpamapS: nice :)
[00:09] <mathiaz> SpamapS: now we just need to rewrite launchpadlib from python to javascript ;)
[00:09] <mathiaz> SpamapS: or rather - port it
[00:10] <SpamapS> mathiaz: should work nicely as a jquery plugin
[00:10] <mathiaz> SpamapS: :)
[00:10] <SpamapS> mathiaz: the real power will come when JSONP is available though
[00:10] <mathiaz> SpamapS: how about a YUI plugin?
[00:10] <SpamapS> then projects can put their bug list on their front page...
[00:10] <mathiaz> SpamapS: IIRC YUI is the preferred javascript framework for LP and other sites
[00:11] <SpamapS> YUI and jquery are not really mutually exclusive
[00:12] <\sh> mathiaz, use qooxdoo as frontend js lib and you have launchpad as desktop app inside the browser...json-rpc as backend...and there you go
[00:13] <\sh> no need for ugly YUI or jquery
[02:44] <Tim_R> could anybody help me move squirrelmail to a different link
[02:45] <Tim_R> because right now its set at http://mail.nwohiobb.com/squirrelmail/src/login.php and I want mail.nwohiobb.com/rc to replace it
[02:57] <oat> Hi all: I need some help with irqbalance on 10.04 server. Can anyone suggest me sth, please?
[03:00] <oat> Seem to be so quiet.
[03:03] <oat> Everybody's gone to bed?
[03:04] <lifeless> you haven't really asked a question
[04:03] <twb> Can munin (or something LIKE munin) be told to emit SVG graphs instead of PNG ones?
[04:05] <twb> Hmm, it uses rrdtool, which allegedly grew support for emitting EPS/PDF/SVG in 1.1 (Apr 2005).
[04:22] <SJr> How do I get a list of all currently installed packages
[04:22] <SJr> so that I can reinstall them
[04:26] <chrismsnz> SJr: dpkg -i will list all currently installed packages
[04:27] <chrismsnz> SJr: sorry, i meant "dpkg -l"
[04:27] <twb> dpkg --get-selections
[04:28] <twb> -l is mainly for humans; --get and --set can be used as a pipeline
[04:28] <twb> e.g. ssh fs dpkg --get-selections | ssh newfs dpkg --set-selections; ssh newfs -t aptitude install -y
[04:29] <chrismsnz> ... will show you a list of packages specifically installed (i.e. not as a dependency), right?
[04:29] <chrismsnz> probably what he was after :)
[04:30] <SJr> oh thanks
[04:30] <SJr> that is way better than I would have expected
[04:31] <twb> chrismsnz: try it :P
[04:31] <twb> chrismsnz: dpkg --get-selections lists *all* installed packages
[04:31] <SJr> will that work even if some packages aren't the same
[04:31] <chrismsnz> righto
[04:31] <twb> "auto-installedness" is something that only occurs above dpkg's level of visibility -- historically in aptitude, but also now in apt as at 0.8
[04:32] <twb> (In /var/lib/apt/extended_states)
[04:35] <twb> To list all manually-requested packages, you would want a query along these lines:
[04:35] <twb> aptitude search --disable-columns -F%p '?installed ?not(?automatic)'
[04:40] <sjr_> My system just died
[04:40] <sjr_> can you repeat those commands :)
[04:42] <twb> http://paste.debian.net/88756/
[04:47] <sjr_> dankeshen
[05:19] <twb> Guess what I just found
[05:19] <twb> apt-mark showauto
[05:29] <sjr_> it's a shame I'm already in the process of reformating, Mr. TWD
[05:29] <sjr_> TWB
[05:55] <t3cki3> hey poeple.. i need help with samba on my ubuntu machine
[05:56] <sjr_> what do you need to know?
[05:56] <t3cki3> is this the right place or do i need to go to the samba room ?? please let me know... thanks in advance
[05:56] <t3cki3> i have installed swat, and i have configured it.. i just need to share a folder
[05:57] <t3cki3> not too familliar with SWAT for SAMBA
[07:08] <WalterN> ok. I think I have dovecot and postfix mostly set up, also have reverse DNS for my domain name...
[07:08] <WalterN> now.. how do I actually add an email account?
[07:09] <WalterN> went though https://help.ubuntu.com/10.04/serverguide/C/postfix.html
[07:09] <jmarsden> WalterN: If you set it up in the default fashion, every user on your machine *is* an email account.
[07:09] <WalterN> and https://help.ubuntu.com/10.04/serverguide/C/dovecot-server.html
[07:11] <WalterN> jmarsden: what does that mean?
[07:12] <jmarsden> If you want more email users, add more Unix users... there is no difference, unless you configured postfix and dovecot for virtual domains etc etc.
[07:13] <jmarsden> Have you tried sending email to walter@yourdomain.com from some other system?  (if you log in to your Ubuntu server as walter)
[07:14] <jmarsden> WalterN: If you want, tell me your domain name and username and I'll send you a test email :)
[07:15] <WalterN> server and tiwake.com... but that failed..
[07:16] <jmarsden> tiwake.com has an MX that points to smtp.secureserver.net.
[07:16] <WalterN> do I need to add a subdomain or something called server?
[07:16] <jmarsden> So email to user@tiwake.com will go there, not to your machine
[07:17] <jmarsden> If your server is to be the email server for the tiwake.com domain, you need to edit that MX record to tell the Internet to send email for tiwake.com to your server, not to smtp.secureserver.net.
[07:17] <WalterN> oh I see, was wondering about that..
[07:19] <WalterN> ok, changed that... how long do I need to wait?
[07:20] <WalterN> like an hour or whatever like other changes made?
[07:22] <WalterN> wait
[07:25] <WalterN> jmarsden: how did you find out that MX record stuff?
[07:25] <jmarsden> I used dig.
[07:25] <jmarsden> dig tiwake.com mx
[07:28] <sjr_> How do I scann for disks without rebooting
[07:28] <jmarsden> Um.  Looks like you failed to configure your server to accept email for tiwake.com.  My mailserver log shows:
[07:28] <jmarsden> Sep  8 23:27:29 eclipse5 postfix/smtp[15113]: 5262156823C: to=<walter@tiwake.com>, relay=tiwake.com[69.145.84.198]:25, delay=2.5, delays=0.01/0/2.2/0.26, dsn=5.7.1, status=bounced (host tiwake.com[69.145.84.198] said: 554 5.7.1 <walter@tiwake.com>: Relay access denied (in reply to RCPT TO command))
[07:29] <WalterN> server@tiwake.com
[07:29] <WalterN> server is the username... heh
[07:29] <jmarsden> Makes no difference, it didn't say user unknown, it said relaying denied... read the message :)
[07:30] <jmarsden> "Relay access denied" ... it does not believe it *is* tiwake.com, so it wanted to relay the email elsewhere...
[07:31] <WalterN> postfix problem?
[07:31] <jmarsden> Postfix configuration problem, yes.
[07:31] <WalterN> what should myhostname be?
[07:32] <WalterN> in postfix/main.cf
[07:33] <jmarsden> Your host name.  somename.tiwake.com, probably.  pastebin me the output of postfix -n somewhere and I'll look through it.
[07:36] <WalterN> http://pastebin.com/yHRzbC1K
[07:44] <WalterN> jmarsden: should line 34 be tiwake.com instead of mail.tiwake.com?
[07:45] <jmarsden> Yes, either instead of or in addition to.
[07:45] <WalterN> is that the problem though?
[07:45] <jmarsden> Probably.  Fix it and reload postfix, and I'll retest for you.
[07:46] <WalterN> ok, so I added tiwake.com to that list
[07:46] <jmarsden> and reloaded postfix?
[07:46] <WalterN> done
[07:47] <jmarsden> Tested, that worked, you should have my test email now.
[07:47] <WalterN> hmm
[07:47] <WalterN> now to find out where it is
[07:48] <jmarsden> Type mail or mutt or whatever email program you run on the server!
[07:48] <WalterN> havent yet
[07:51] <jmarsden> If desperate, try    less $MAIL
[07:54] <WalterN> hmm
[07:55] <WalterN> using the default email account
[07:55] <WalterN> erm
[07:55] <WalterN> email client, evolution
[07:55] <jmarsden> There is no such thing as a "default email account".  Evolution?  On a server???  What are you doing running GUI clients on a server?
[07:56] <WalterN> heh
[07:56] <WalterN> cause I can
[07:57] <jmarsden> Wastes RAM and lowers system security.  The Ubuntu Server install does not install a GUI.  By design.
[07:59] <WalterN> so on the receiving email section in evolution, what do I put in for server?
[07:59] <WalterN> just my domain name?
[08:02] <SpamapS> jmarsden: it could raise system security. What if he wants to run an isolated "off network" server?
[08:03] <jmarsden> Given that he wants it to receive email from the Internet, which I just helped him configure, that seems... unlikely.
[08:03] <SpamapS> the biggest threat to the server is probably the network port, not a GUI. :)
[08:03] <jmarsden> Cool, you can help him with Evolution then :)
[08:03]  * SpamapS could if he weren't.. sooo.. tired... yaawwwwn
[08:03] <WalterN> heh
[08:10] <WalterN> hmm
[08:10] <WalterN> mail_location = mbox:~/mail:INBOX=/var/spool/mail/%u
[08:11] <WalterN> there is nothing in that file :/
[08:12] <jmarsden> Did you configure dovecot for Maildir inboxes?  less /var/spool/mail/server really shows an empty file?
[08:12] <WalterN> nothing in that file
[08:13] <jmarsden> And... Did you configure dovecot for Maildir inboxes?
[08:13] <WalterN> no, mbox
[08:14] <jmarsden> Seems odd.  Read your server logs.  Your server told mine that it accepted the email from me...
[08:14] <jmarsden> Sep  8 23:47:09 eclipse5 postfix/smtp[25576]: 4D01756838D: to=<server@tiwake.com>, relay=tiwake.com[69.145.84.198]:25, delay=2.1, delays=0.02/0/1.4/0.7, dsn=2.0.0, status=sent (250 2.0.0 Ok: queued as 87844C22C8)
[08:17] <WalterN> interesting... there is my email.. says it saved it
[08:20] <WalterN> http://pastebin.com/vwmqG8J8
[08:22] <jmarsden> OK, so it handed it to deliver.  So where did deliver put it?  Check (and pastebin) your dovecot.conf file.  BTW, I'm not going to stay awake/at the keyboard much longer :)
[08:27] <WalterN> http://pastebin.com/z4STKNZ0
[08:29] <jmarsden> OK.  What does    less ~server/mbox   show you?
[08:30] <WalterN> heh, no such file or directory
[08:31] <jmarsden> OK, any sign of ~server/mail
[08:34] <WalterN> there is a ~server/mail/.imap/inbox/dovecot.index.log
[08:34] <WalterN> thats it
[08:35] <WalterN> at the bottom of the dovecot config file should be where its saving the file though
[08:36] <WalterN> line 1287
[08:37] <jmarsden> OK... I'm out of time, I'm afraid.  I agree, but it doesn't seem to be there now.  So either it was put somewhere else, or something (Evolution? some other email client?) already grabbed it and did whatever it wanted to with it.
[08:37] <jmarsden> Goodnight.
[08:37] <WalterN> TTFN, thanks
[09:38] <twister004> guys please confirm.. samba is used to mount windows dirs in linux env?.. or the other way round?
[09:40] <mamac> twister004, with samba you can share data on linux server so windows clients can access to it
[09:43] <mamac> you can also share printers with samba
[09:48] <G> and you can also, as twister004 said, use the Samba client to mount Windows shares....
[09:55] <ruben23> guys i have installed linux-source but i ncat find the file of the linux source.
[09:55] <ruben23> i do this --> apt-get install linux-source
[09:57] <mamac> isn't linux-source kernel sources?
[09:57] <ruben23> mamac: but where can i find its file..?
[09:58] <G> ruben23: what are you trying to do?
[09:58] <G> i.e. what type of file are you after?
[09:59] <ruben23> im installing an asterisk application whihc require kernel source, and during install it says cant find any kernel sources on my system
[09:59] <G> ruben23: grab the linux-headers package
[10:01] <ruben23>  G: how to do that..? where i get it..?
[10:03] <ruben23> http://pastebin.com/9mrKHrQp <----------i got this error
[10:08] <ruben23> http://pastebin.com/ELNWAGnb
[10:09] <ruben23> http://pastebin.com/rL02ZyDM
[10:09] <ruben23>  G:  what could be the problem
[10:13] <mamac> ruben23, what is the output of uname -r ?
[10:16] <ruben23> 2.6.32-24-server
[10:20] <ruben23> i cant fine any files like linux source.
[10:21] <mamac> what version of linux headers is installed ?
[11:24] <timmillwood> looking for a great place to back out office nas & internal dev server to. currently use s3 and s3sync, but seems a bit unreliable and not easy to monitor.
[11:25] <jrib> timmillwood: me too :)
[11:26] <timmillwood> jrib: found anything good?
[11:27] <sherr> timmillwood: By "back out" you mean transfer to the "cloud"?
[11:27] <jrib> timmillwood: I have not.  Like you I was looking for some trusted recommendations
[11:27] <timmillwood> sherr: by "back out" I mean "backup"
[11:29] <jrib> timmillwood: I'm just looking for a place I can use rsnapshot with
[11:33] <sherr> There are many hosting providers around. I've used Fasthosts for a year (RHEL5) without problems. Also look at Linode, Rackspace etc.
[11:48] <gathraigin> Hi
[11:56] <lool> Hmm for some reason, lucid's apache2 doesn't seem to listen to v6 addresses by default for me
[11:56] <lool> I can't figure out why though
[12:03] <Patrickdk> strange, it works fine here, lucid apache2 on 6 different machines using ipv6 (4 of them are just default installs no configuration just for testing different things)
[12:06] <lool> So I created a lucid virtual machine with vm-builder on lucid
[12:06] <lool> added a virtualhost
[12:06] <lool> and wget http://ip6-localhost doens't work, while localhost works
[12:07] <lool> I don't have any public ipv6 address in this vm, but I do have ::1
[12:07] <lool> I wonder if that's the reason
[12:09] <cemc> how's vserver support in 10.04 ?
[12:10] <Patrickdk> heh, works fine on mine
[12:10] <Patrickdk> wget ip6-localhost
[12:11] <Patrickdk> did you check your /etc/hosts file and make sure ip6-localhost was defined correctly?
[12:11] <Patrickdk> or did you modify the ip's that apache binds to?
[12:19] <lool> Patrickdk: I left the default; yes, it's defined to ::1
[12:19] <lool> I didn't touch the IP apache2 binds to
[12:20] <lool> I did try to once looking into the problem, but I actually didn't manage to pass an IPv6 with Listen [::1]:80, it got rejected
[12:20] <jpds> lool: What does "netstat -ltun | grep 80" show?
[12:21] <lool> jpds: tcp        0      0 0.0.0.0:80              0.0.0.0:*               LISTEN
[12:21] <lool> (and some :8080 listeners)
[12:21] <jpds> lool: Hmm, no tcp6? :::80 ?
[12:21] <lool> jpds: Exactly, no tcp6; the :8080 java process has a tcp6 though tcp6       0      0 :::8080                 :::*                    LISTEN
[12:22] <lool> and I can connect to http://ip6-localhost:8080 fine
[12:22] <lool> so at least it's not the system, but really just apache2
[12:22] <jpds> lool: Is your VirtualHost declartion: *:80 ?
[12:23] <lool> jpds: the virtualhost itself has: <VirtualHost *:80>
[12:23] <jpds> Hmm.
[12:23] <lool> apache2 has the defaults in ports.conf:
[12:23] <lool> NameVirtualHost *:80
[12:23] <lool> Listen 80
[12:23] <lool> the default virtualhost has <VirtualHost *:80>
[12:24] <lool> aha, on the host server, w3m http://ip6-localhost works
[12:24] <lool> so either I have a small config difference, or the routing does matter
[12:26] <lool> Yes
[12:26] <lool> I added a routable ipv6 to the vm with ip addr add 2a01:e35:8a6e:xxxxxxxx/64 dev eth0
[12:26] <lool> and that worked after restarting apache2
[12:27] <lool> jpds, Patrickdk: ^
[12:27] <jpds> Ah, native v6 from Free, nice.
[12:27] <lool> well I don't actually propagate it to that vm, just having some route probably changed glibc's or apache2's behavior
[12:40] <JeffP-BR> Hello All. I'm in trouble installing Ubuntu Server from a pen drive in a machine without cdrom drive. The boot process is ok but the ubuntu installer stay asking for a CD rom drive. How to solve this issue?
[12:50] <pmatulis> JeffP-BR: which release?
[12:52] <JeffP-BR> pmatulis, I'm trying 10.10 Server.
[12:56] <pmatulis>  JeffP-BR: maybe a regression of bug 403560
[12:57] <pmatulis> JeffP-BR: maybe ask in #ubuntu-installer
[12:57] <pmatulis> or #ubuntu+1
[13:00] <JeffP-BR> Thanks pmatulis I'll look this.
[13:08] <patdk-wk> lool, heh? you attempted to connect to localhost on that vm, from a different machine? that so isn't going work :)
[13:08] <lool> patdk-wk: No, I attempted to connected to the same vm using IPv6
[13:08] <lool> in fact, I'm using the vm's own hostname
[13:09] <lool> e.g. wget http://$host/file
[13:09] <lool> and that first warns because IPv6 fails, then uses IPv4
[13:11] <patdk-wk> "aha, on the host server, w3m http://ip6-localhost works
[13:11] <patdk-wk>  so either I have a small config difference, or the routing does matter"
[13:11] <patdk-wk> I guess I totally don't understand what you where saying
[13:21] <lool> patdk-wk: The bug is in a vm
[13:21] <lool> patdk-wk: I don't have the bug outside of the vm, on the host, which also runs apache2
[13:21] <patdk-wk> what kind of vm?
[13:21] <lool> patdk-wk: The reason I don't is because the host has ipv6 connectivity, while the vm has not
[13:22] <patdk-wk> well, by definition, it shouldn't make a difference
[13:22] <patdk-wk> but it doesn't sound like your using a real vm
[13:22] <patdk-wk> psudo-vm?
[13:23] <patdk-wk> I know openvm has all kinds of ipv6 issues
[13:23] <patdk-wk> I haven't had any issues at all with vmware or xen
[13:24] <lool> patdk-wk: I'm using a kvm
[13:24] <lool> I just finished filing LP #633981 on this issue
[13:25] <patdk-wk> hmm, I don't know much about kvm
[13:25] <lool> patdk-wk: I don't think it relates to the type of vm, the problem is in userspace since adding an ipv6 address causes apache2 to listen
[13:25] <lool> and other software on the same host behaves fine
[13:25] <patdk-wk> if that was the case, I would have the same issue on 4 vm's
[13:26] <lool> patdk-wk: Indeed, you don't?
[13:26] <patdk-wk> nope, never have had an issue
[13:26] <lool> patdk-wk: this is on lucid; w3m http://ip6-localhost doesn't work in the default config
[13:27] <lool> patdk-wk: Do your vm have routable ipv6 addresses?
[13:27] <patdk-wk> yep
[13:27] <patdk-wk> I guess I could disable them all
[13:27] <patdk-wk> but as I'm using radvd on the network, that isn't so easy
[13:28] <lool> patdk-wk: Well you confirm my experience then, since you do have routable addresses in your vms, it works
[13:28] <lool> I don't which is why it doens't work
[13:29] <lool> I don't run radvd on the host; the host itself has ipv6, and the vm have link-local ipv6 to the post and node-local ipv6 (::1)
[13:37] <ssureshot> does the packaged tomcat6 installation in lucid work out of the box or does it need tweaked like in karmic
[13:39] <incorrect> what causes a system to appear in nautilus's network:// list?
[14:05] <incorrect> there doesn't seem to be a really good solution to share files between win/mac and linux,  i've found webdav to work pretty well, but i don't see a way to do user directories
[14:06] <giovani> incorrect: samba is typically the method used
[14:06] <incorrect> giovani, hence i said 'really good'
[14:06] <giovani> incorrect: webdav is definitely not better than samba
[14:06] <giovani> for file sharing
[14:06] <incorrect> samba has issues, such as i can't easily use user accounts from my ldap server
[14:06] <patdk-wk> I have never had issues with samba, works fine
[14:07] <incorrect> well my bench marks would suggest otherwise
[14:07] <giovani> incorrect: really? we do it here quite easily ...
[14:07] <patdk-wk> ya, you can use ldap directly with samba
[14:07] <patdk-wk> or use it via nsswitch
[14:07] <incorrect> do you disable encrypted passwords?
[14:07] <patdk-wk> nope
[14:08] <incorrect> then how do you auth users?
[14:08] <incorrect> you must have a split password problem
[14:08] <patdk-wk> hmm, I should check, it just worked :)
[14:09] <patdk-wk> encrypt passwords = true
[14:09] <giovani> incorrect: I don't know why you think you can't encrypt passwords over the wire and still use LDAP as a backend
[14:09] <incorrect> giovani, because of the way it stores the password,
[14:10] <giovani> the way what stores the password?
[14:10] <incorrect> you need to load on another schema to ldap to store its password
[14:10] <giovani> you're not being clear or specific
[14:11] <incorrect> ok let me dig out the info
[14:11] <incorrect> you have to load /etc/ldap/schema/samba.schema
[14:12] <incorrect> this gives you another field in which your smb password is stored
[14:12] <incorrect> so if you do passwd it changes another field leaving your smb password split
[14:13] <giovani> not if you're using pam/nsswitch to handle ldap auth
[14:13] <giovani> which is the logical method
[14:14] <incorrect> and that will change the smbpasswd field too?
[14:14] <giovani> no, you don't need a separate field
[14:14] <giovani> because the system is authing against the regular password field
[14:15] <incorrect> ok so i shouldn't need that schema
[14:37] <MagicFab> JeffP-BR, still around ?
[14:39] <MagicFab> pmatulis, this is what I mentioned earlier: http://identi.ca/notice/48740857
[14:40] <pmatulis> MagicFab: thx
[14:51] <eriksson25> Hi, need help. Want to know my options. Have a mdadm raid 5 array with 6*1TB disks and added 2*2tb disk. But only gained 1,5TB since the disks are difrent size. What are my options to solve this?
[14:51] <patdk-wk> partition the 2tb disks as two 1tb disks :)
[14:52] <eriksson25> I was thinking of that, someone told me it wouldent work.
[14:52] <patdk-wk> join one partition of each into the raid5, and make a new raid1 with the other 1tb
[14:52] <patdk-wk> someone is fouled
[14:52] <G> yeah that'd work
[14:52] <patdk-wk> remove the 1tb disks, and replace with 2tb :)
[14:52] <eriksson25> =)
[14:53] <patdk-wk> join all 4 new 1tb partitions to the raid5 (and loose 2 disks basically if one of those 2tb drives fail)
[14:53] <eriksson25> Will I have to use lvm to add the two arrays together?
[14:53] <patdk-wk> if you want to join them, yep
[14:53] <patdk-wk> I personally keep mine seperate
[14:54] <eriksson25> What do you meen with loosing both if one disk goes down?
[14:54] <patdk-wk> if you split a 2tb drive into two 1tb partitions
[14:54] <patdk-wk> then join both 1tb partitions into the raid5
[14:54] <patdk-wk> you loose two raid5 disks, if that 2tb drive fails
[14:54] <eriksson25> Would the raid survive it?
[14:54] <patdk-wk> nope
[14:55] <patdk-wk> if it was raid6, it could
[14:55] <eriksson25> Or do I need to change to raid 6 for it to survive it?
[14:55] <eriksson25> Can I change it with data in place?
[14:55] <eriksson25> upgrade...
[14:55] <patdk-wk> I'm just listing options (not how good they are) :)
[14:55] <patdk-wk> I dunno
[14:55] <eriksson25> ofc, thax for that =)
[14:55] <patdk-wk> I haven't attempted that
[14:55] <patdk-wk> someone said you could with mdadm 3.x
[14:56] <patdk-wk> but not wih 2.6, that is in lucid
[14:56] <patdk-wk> but I dunno how true that is
[14:56] <eriksson25> I see
[14:56] <patdk-wk> worst case then, get a utility bootable cd, with newer mdadm on it, convert, then use ubuntu again
[14:57] <Pici> I guess I'm raid-stupid.
[14:57] <eriksson25> a raid 1 with two 1tb partitions I would get 1TB storage right?
[14:57] <patdk-wk> yep
[14:57] <eriksson25> So total loss on my both 2tb disks is 1tb.
[14:59] <eriksson25> If I would get a third 2tb disk. And make that 3*1tb partit on my old array. And another raid 5 array with 3*1TB partitions I would still only loose 1TB. And have two raid 5 arrays right?
[15:00] <patdk-wk> http://www.sysresccd.org is my fav little utility iso cd
[15:00] <patdk-wk> it has 3.1 mdadm, so it should be able to convert no problems
[15:00] <patdk-wk> if you want to do that
[15:01] <patdk-wk> I personally would just do the 1tb partitions, make a raid1, and use them as seperate disks, and when you upgrade the others, backup the data off the 1tb, expand the raid, then restore the data
[15:01] <eriksson25> Well, I am remote administrating a friends server. So Guess its not that good idee =) 400km aside.
[15:08] <Bondi> has anybody got openldap to work with samba for windows clients to connect?
[15:22] <gathraigin> Hi all, just a quick question, I looking to setup an ubuntu server as a kvm host system, the host has a second hdd mounted as the data storage. Is it possible to access that data storage from a single or multiple kvm guests?
[15:43] <teago> hello!
[15:46] <incorrect> samba makes me cry
[15:46] <incorrect> its so rubbish
[15:46] <incorrect> there has got to be an alternative network FS that works between different systems
[15:48] <giovani> haha
[15:48] <giovani> sure, but they're not well-supported
[15:48] <giovani> NFS, AFS/Coda
[15:48] <giovani> all have pretty mediocre windows support
[15:48] <giovani> and are much harder than samba to get working properly
[15:49] <incorrect> giovani, i was right about the split password sync issue
[15:50] <giovani> if you're using direct ldap from samba, sure
[15:50] <giovani> but don't do that
[15:51] <incorrect> ldap from samba? what do you mean
[15:52] <giovani> incorrect: instead of using system auth
[15:52] <giovani> which you can have refer to ldap
[15:52] <giovani> which is what I recommended
[15:53] <incorrect> so my nsswitch looks like passwd: files ldap-samba-bridge ?
[15:53] <incorrect> so everything that auths off ldap needs to find some sort of bridge method
[15:53] <giovani> depends on your setup -- probably more like this -- passwd:     compat
[15:53] <giovani> passwd_compat: ldap
[15:53] <giovani> shadow:     compat
[15:53] <giovani> shadow_compat: ldap
[15:56] <incorrect> well that will break a lot of other stuff that goes direct
[15:56] <giovani> break what?
[15:56] <hggdh> Daviey: the rig is yours for an update (cempedak, mabolo, marula, santol)
[15:57] <incorrect> well i have a number of sites going direct
[15:57] <giovani> I don't know what you mean
[15:57] <giovani> why would allowing PAM to use LDAP auth break applications using LDAP directly?
[15:58] <incorrect> well if they change their password in ldap its going to break the samba auth having a split password
[15:58] <giovani> ... not if you point samba to use PAM
[15:58] <giovani> sigh
[15:59] <incorrect> so this is a change in smb.conf not nsswitch
[15:59] <giovani> it's both
[16:03] <pmatulis> speaking of PAM, i see that common-session is called upon logout but not shutdown & reboot.  normal?
[16:27] <incorrect> giovani, i don't see anyone doing anything similar so what you are suggesting
[16:45] <ruben23> how to tar and  zip directory on  linux server
[17:14] <patdk-wk> hmm
[17:15] <eriksson25> Hi, I added 2*2tb disks to my mdadm raid 5 array with 6*1tb disks. Now I want to remove them so I can partition them and do it corect. But dont find any information on how to shrink a array and remove disks.
[17:17] <patdk-wk> did you add the whole disk? or just a 2tb partition?
[17:18] <eriksson25> Whole disk, stupid as I was. I think atleast. Can check.
[17:18] <patdk-wk> heh, /dev/sdf vs /dev/sdf1
[17:19] <eriksson25> Checking now
[17:20] <eriksson25> whole disk, sdk/sdi
[17:20] <patdk-wk> ya, if it was a partition, would be easy
[17:20] <eriksson25> Looks like I did everything wrong =/
[17:21] <patdk-wk> well, the other way to do it
[17:22] <patdk-wk> is figure out exactly how much space the raid is using on the drive
[17:22] <patdk-wk> make a partition (unformatted)
[17:22] <patdk-wk> then do a reverse direction dd to move it
[17:23] <eriksson25> The two 2TB disks shuldent be used at all right now, but not 100% sure
[17:29] <SpamapS> eriksson25: if you added the completely to the raid5 .. then the stripes and everything were rearranged to use the two new disks..
[17:29] <SpamapS> eriksson25: shrinking is usually a lot harder than growing. :)
[17:29] <eriksson25> I know =/
[17:30] <SpamapS> eriksson25: if you can tolerate downtime, you're probably better off with a full backup/restore
[17:30] <patdk-wk> my wife thinks I shrink way too easily
[17:30] <eriksson25> lol
[17:30]  * SpamapS <barump bump CHING>
[17:30] <SpamapS> heeyyy-oohhhh
[17:30] <eriksson25> The problem is it feels stupid to waste like 2.5TB
[17:31] <SpamapS> eriksson25: its not. disk is cheap. :)
[17:31] <eriksson25> Well, sure, but not that cheap.
[17:31] <eriksson25> Wasting GB is no problem, and a few hundred GB sure. Bur....
[17:32] <SpamapS> what are 1TB vs. 2TB these days? $80 vs. $150?
[17:32] <eriksson25> Some thing like that.
[17:33] <eriksson25> Well, I will tell him to add every thing. And then next time its time to buy disk. He will have to buy disks so that he can move everything from md0 do the new md1.
[17:34] <eriksson25> Think thats the easiest way.
[17:35] <zul> hggdh: is there a machine on the uec testrig i can use?
[17:36] <hggdh> zul: I thought you were using sapodilla/soncoya...
[17:36] <eriksson25> Say buy 4 new 2*2tb. Creating a array, move everything there. Desolve the md0 and move the 2 2tb disks to the md1. And then recreate the md0 array with only 1tb disks.
[17:36] <zul> hggdh: oh...i forgot about the other machine :)
[17:37] <hggdh> zul: no probs, enjoy
[17:42] <robbiew> kirkland: http://cloudusb.net/
[17:42] <robbiew> :)
[17:53] <b0gatyr> Hi everyone, I have created a subversion repo that I  need apache to have read access to it, how can I do this in ubuntu?
[17:55] <RoyK> b0gatyr: that's quite well documented in the svnbook...
[17:55] <RoyK> b0gatyr: you might want to create an apache virtualhost for it, but that's not very different from what's explained in the svnbook
[17:56] <RoyK> also, see https://help.ubuntu.com/community/Subversion
[17:57] <b0gatyr> I created a virtualhost for websvn, but websvn is complaining about not having enough rights to access my repo
[17:57] <RoyK> can the www-user read (or write) those files?
[17:57] <RoyK> ls -ld /path/to/repo
[17:58] <RoyK> https://help.ubuntu.com/community/FilePermissions
[17:59] <b0gatyr> i have drwxr-x---
[17:59] <RoyK> but what user/group owns the file?
[17:59] <b0gatyr> and its own by a user called "rancid"
[18:00] <b0gatyr> rancid:rancid
[18:00] <RoyK> do you want apache to be able to read and write from that?
[18:00] <b0gatyr> yup
[18:00] <b0gatyr> and rancid as well
[18:00] <RoyK> chown -R www-data:www-data /path/to/repo
[18:01] <RoyK> well, user rancid should use apache to connect to the repo
[18:01] <RoyK> you really don't want to mix direct access and http access
[18:01] <resno> a friend and i intend to setup a honey pot server for us to play with. how can i best set it up, so we can monitor everything going on with it?
[18:01] <b0gatyr> RoyK: the thing is that rancid is a user that was created when I installed "rancid apt-get install rancid"
[18:02] <b0gatyr> and rancid is the owner of this directory, and when rancid runs it runs as rancid
[18:02] <b0gatyr> dunno if that makes any sense
[18:02] <RoyK> erm
[18:03] <RoyK> what does rancid do?
[18:03] <RoyK> cisco config manager something?
[18:03] <b0gatyr> it logs into each of my cisco routers copies configs and stores them in subversion for me to view with websvn (apache)
[18:03] <b0gatyr> and compare revisions etc ..
[18:04] <b0gatyr> and apache needs access to the repo which owned by rancid
[18:04] <WalterN> does somebody have a dovecot.conf they want to pastebin?
[18:04] <RoyK> then check out the svn tree, have rancid store the new revisions, svn ci, done
[18:04] <WalterN> something screwy is going on, donno what
[18:04] <RoyK> b0gatyr: as I said, mixing direct access and http access is a bad idea
[18:05] <b0gatyr> RoyK: not sure if I follow, what should I do then?
[18:05] <RoyK> b0gatyr: I guess you have a script doing this today?
[18:06] <b0gatyr> no just followed a guide
[18:06] <RoyK> just change how rancid accesses the svn repo
[18:07] <b0gatyr> sorry, but how do I do that?
[18:07] <RoyK> 1: make the svn repo available through apache
[18:07] <RoyK> cd /path/to/workdir
[18:07] <RoyK> svn co http://whatever
[18:08] <RoyK> from there, run rancid
[18:09] <b0gatyr> ok
[18:09] <b0gatyr> i'll try doing that. Thank you
[18:10] <resno> should i just use an intrusion detection system?
[18:11] <b0gatyr> RoyK: one last thing, if I do "chown -R www-data:www-data /path/to/repo" you think rancid will have any problem running ?
[18:11] <RoyK> resno: snort will probably work well
[18:11] <RoyK> b0gatyr: if it tries to access the repo directly, yes, if it tries to use http access, no
[18:12] <b0gatyr> Can I make the directory readable by both rancid and www-data?
[18:12] <RoyK> [18:58]  <RoyK> https://help.ubuntu.com/community/FilePermissions
[18:12] <b0gatyr> k
[18:19]  * incorrect bangs his head against the wall
[18:20] <incorrect> i hate samba soo much
[18:20] <incorrect> maybe not samba's fault i hate it either
[18:20] <RoyK> incorrect: something incorrect in the config? :)
[18:21] <incorrect> RoyK, no what is getting my goat, is following, if i want to auth samba against pam i have to remove the encrypted passwords, so that is a no go
[18:22] <incorrect> going to all the grief of migrating my current ldap setup is a huge pita
[18:22] <RoyK> incorrect: that's by design - encrypted passwords means it's encrypted on the client side, sent encrypted to the server, and then the server cannot check that against its locally encrypted password, since that's using another algorithm
[18:23] <incorrect> ... i know what the problem is
[18:23] <RoyK> well, the problem's not samba's
[18:23] <incorrect> like i said its not samba's fault i hate it
[18:23] <RoyK> incorrect: you could setup a DC somewhere, either a samba NT4-like DC or a windoze DC and use that
[18:24] <incorrect> and how would that help having split user/passwd's?
[18:24] <RoyK> then you can leave the authentication to the DC
[18:24] <incorrect> and migrate all my nodes over to a DC?
[18:24] <incorrect> no thanks
[18:24] <incorrect> buy windows
[18:24] <incorrect> no thanks
[18:25] <RoyK> well, you can setup samba as a DC as well
[18:26] <incorrect> see about to my thoughts on that :D
[18:26] <RoyK> how many samba servers?
[18:26] <incorrect> well just one, its the number of users
[18:26] <incorrect> and having them with two different passwords
[18:26] <RoyK> well, use ldap
[18:27] <RoyK> we still have to support NT4 in our network
[18:27] <incorrect> ... and how do you get round the original problem even in ldap you have to store two passwords
[18:27] <RoyK> now _that_ is a pain
[18:27] <RoyK> incorrect: no need for two passwords if using ldap - linux can authenticate with ldap instead of native /etc/passwd etc
[18:28] <incorrect> RoyK, yes i have that
[18:28] <incorrect> and to get the MD4 smb password to the {SHA} ?
[18:28] <patdk-wk> you have the passwords stored in ldap encrypted though
[18:28] <patdk-wk> that won't work
[18:29] <patdk-wk> if you use encryption on the wire, you have to store plaintext passwords
[18:29] <qman__> I'd do the reverse, though
[18:29] <incorrect> well i am not going to leave them unencrypted
[18:29] <patdk-wk> if you store encrypted on the server, you have to pass plaintext over the wire
[18:29] <qman__> md4 is not secure
[18:29] <patdk-wk> heh?
[18:29] <patdk-wk> there is no real insecurity in storing the passwords on your server in plaintext
[18:29] <patdk-wk> unless you don't trust your server
[18:29] <qman__> exactly
[18:30] <patdk-wk> and since the server needs the plaintext to check it
[18:30] <patdk-wk> it's still going have plaintext at some point
[18:30] <qman__> store the passwords secure, transmit plaintext, and secure the network they're transmitted over
[18:30] <incorrect> i don't trust people visiting the server
[18:30] <RoyK> qman__: and exactly how do you do that? making a switch work as a hub merely requires an arp spoof attack
[18:30] <patdk-wk> qman, heh, I wish I could get pop users to do that :)
[18:31] <incorrect> so when a user does getent shadow :)
[18:31] <patdk-wk> royk, easy solution, ipsec policys on all machines :)
[18:31] <incorrect> that should be funny
[18:31] <qman__> well, if you have rogue attackers plugging in, you've got bigger problems
[18:31] <RoyK> patdk-wk: heh
[18:31] <qman__> and md4 is not going to solve that
[18:31] <incorrect> md4 is what smb uses to encrypt iirc
[18:32] <incorrect> maybe they use something else now
[18:32] <patdk-wk> it's what microsoft uses, pre-vista?
[18:32] <patdk-wk> or is that what is new?
[18:32] <incorrect> IIRC
[18:32] <qman__> LM, NTLM, NTLM2, all easily reversed
[18:32] <patdk-wk> ah, so current is md4
[18:32] <qman__> you'd need to use kereberos or something else
[18:33] <RoyK> kerberos is fairly safe
[18:33] <RoyK> doesn't vista etc use kerberos?
[18:33] <qman__> yeah, when plugged into a domain
[18:33] <patdk-wk> yep
[18:33] <qman__> but if they're on an XP/2003 or older non-domain network, they accept NTLM2
[18:33] <RoyK> there's works in progress to make samba play AD DC
[18:34] <incorrect> why waste time, why not create a new network file system
[18:35] <qman__> because there are only about a billion of those already
[18:35] <qman__> and windows uses SMB
[18:35] <qman__> the whole point is being compatible with windows
[18:35] <patdk-wk> heh? why not just use sftp?
[18:35] <RoyK> incorrect: SMB2 is a new one
[18:35] <RoyK> incorrect: and it's quite a bit better, especially on WAN links
[18:35] <incorrect> hmm
[18:35] <qman__> higher data rates
[18:36] <incorrect> if it gets round this problem i will be happy
[18:36] <patdk-wk> it won't
[18:36] <RoyK> SMB/CIFS is _very_ chattery, which is _not_ a good idea on slow links
[18:36] <patdk-wk> you can't encrypt the password with a one way hash over the wire and on the server both, at the same time
[18:37] <RoyK> patdk-wk: you can, if they use the same hash
[18:37] <patdk-wk> unless you do it the microsft way, without a salt :)
[18:37] <patdk-wk> then it's just a password, plaintext again, basically
[18:38] <RoyK> patdk-wk: I don't get it - what does ssh do then?
[18:38] <patdk-wk> ssh do when?
[18:39] <RoyK> patdk-wk: what is so insecure about the M$ way of transmitting passwords?
[18:39] <RoyK> for instance LM2
[18:39] <patdk-wk> ntlm?
[18:39] <patdk-wk> the password never changes
[18:40] <patdk-wk> I can replay it
[18:40] <RoyK> oh
[18:40] <RoyK> ok
[18:40] <RoyK> you sure?
[18:40] <patdk-wk> who cares if the password you type is different
[18:40] <patdk-wk> yep
[18:40] <RoyK> I thought it used a challenge handshake
[18:41] <patdk-wk> mschap?
[18:41] <RoyK> as in 'hey, encrypt your password with 192867491283497693465
[18:41] <RoyK> ntlm2
[18:41] <patdk-wk> maybe for ntlm2
[18:41] <patdk-wk> I don't know ntlm2 :)
[18:41] <RoyK> ntlm1 is quite ancient
[18:41] <RoyK> it's been 10+ years since M$ stopped using that
[18:42] <patdk-wk> but that gets to the same point though
[18:42] <patdk-wk> if you encrypt password with random number
[18:42] <RoyK> not really
[18:42] <patdk-wk> you must know the plaintext password on the server
[18:42] <RoyK> no
[18:42] <RoyK> you just need to encrypt the _hash_ with a random number
[18:43] <patdk-wk> then how can you check it?
[18:43] <patdk-wk> heh?
[18:43] <patdk-wk> so your encrypting the hash with a random number
[18:43] <patdk-wk> and storing the hash
[18:43] <RoyK> have the hash stored at the server, ask the client to encrypt the hash
[18:43] <patdk-wk> so still, I only needed to know the hash
[18:43] <zorton> i'm having trouble with my qlogic fibre channel HBA.  the qla2xxx driver seems to cme up and loop is up but I don't see the scsi layer picking up on an luns
[18:43] <patdk-wk> still easy to replay, just need the hash
[18:43] <incorrect> my theory is that its easy to install a client on windows and get it to work than it is to work around this design flaw in smb
[18:43] <qman__> SMB2 is usually about 20% faster
[18:43] <incorrect> i would love to create a drbd back ended samba box that auth'd off ldap
[18:43] <incorrect> that would rock
[18:43] <qman__> I was at an event where the NSA demonstrated a box they brought there called brutus, which was able to decrypt NTLM2 hashes off the wire in real-time
[18:43] <incorrect> right now the best i can do is a webdav system with haproxy in tcp lb mode
[18:43] <qman__> while not everyone has that kind of power, it is still easy to do such a thing in a matter of hours or days
[18:43] <incorrect> right well samba will just have to be its own little island of user account
[18:43] <incorrect> wow i am lagged
[18:43] <patdk-wk> so storing the plaintext vs hash on the server is no different
[18:43] <RoyK> patdk-wk: so how does ssh solve this problem?
[18:44] <patdk-wk> I never said ssh solved it
[18:44] <patdk-wk> he asked for alternate filesharing methods, sftp
[18:44] <RoyK> sshfs
[18:44] <RoyK> perhaps
[18:44] <patdk-wk> password can be encrypted with salt on server
[18:45] <patdk-wk> ssh logs in via pam
[18:45] <jpds> You have salt on your servers?
[18:46] <patdk-wk> jpds, it keeps the humidity down :)
[18:46] <jpds> I suppose it makes the chips taste better.
[18:46] <zorton> make sure it's iodized salt that way you get all the minerals you need
[18:46] <qman__> ssh just works around it by never transmitting over an insecure link
[18:47] <qman__> it establishes a safe chennel with PKI
[18:47] <qman__> the problem with NTLM2 is that there is no infrastructure, so there's no way around the problem
[18:47] <qman__> domains, which have an infrastructure, use kerberos instead
[18:48] <RoyK> qman__: IIRC with CIFS, all authentication is encrypted the same way as with ssh
[18:48] <qman__> can't be, there's no keys
[18:49] <qman__> if they do, it's with a much weaker system
[18:49] <incorrect> CIFS is just an 'official' subset of the smb api
[18:49] <incorrect> of CIFS's encrypted the connection then i would have no issue sending a plaintext password
[18:54] <Tim_R> can somebody tell me how to remove symbolic link
[18:56] <patdk-wk> rm
[18:57] <Tim_R> thanks patdk-wk
[18:58] <Tim_R> now I have a other question how do I get this link domain.com/squirrelmail/src/login.php back to domain.com
[19:01] <mfilipe> hi! I want add an user config in my apache2, so do I add in conf.d/ or httpd.conf?
[19:02] <jcastro> zul: quick link to your daily server PPAs pls?
[19:03] <Tim_R> ?
[19:09] <zul> jcastro: hold on
[19:10] <zul> https://launchpad.net/~ubuntu-server-edgers
[19:11] <jcastro> ta
[19:12] <mfilipe> hi! I want add an user config in my apache2, so do I add in conf.d/ or httpd.conf?
[19:13] <qman__> mfilipe, httpd.conf is only included for historical reasons, custom configs should be in logically separated files in conf.d/
[19:13] <qman__> either will work, though
[19:16] <qman__> it should be noted that site configuration is separate, in sites-available/
[19:16] <qman__> and sites are enabled with a2ensite
[19:16] <mfilipe> qman__: ok, thanks! :)
[19:27] <cemc> I have an ubuntu 10.04 with squid installed. the internet is an adsl which may or may not be available at boot. squid won't start because of 'dns tests failed'. there is an option for it ( -D ), but I don't know exactly where to add it
[19:28] <cemc> (I don't want to edit the init.d/ scripts if there's a better way)
[19:28] <jrib> cemc: pretty sure there's no better way but reading the init.d script should make it obvious if there is or not
[19:29] <cemc> hmmm
[19:30] <SpamapS> cemc: /etc/default/squid may be of help
[19:32] <cemc> indeed
[19:32] <cemc> not really help, but after lookin in /etc/init/squid.conf, I figured it out
[19:32] <cemc> there really should be a comment in /etc/default/squid
[19:33] <cemc> thanks jrib and SpamapS
[19:34] <jrib> cemc: ah yeah, squid probably has some configuration file.  If -D can be achieved that way, that's probably better (as SpamapS suggested)
[19:35] <cemc> it actually has, but you have to look in the upstart squid conf file to know what to put in the default/squid conf file ;)
[19:35] <FusionX> i was banned from #ubuntu due to my bnc's server problem (join/quit spam) while i was away. CAN THE OPS PLZ UNBAN ME?
[19:35] <jrib> cemc: ah, cool
[19:35] <jrib> FusionX: #ubuntu-ops
[19:36] <FusionX> ok thanks
[19:45] <simplexi1> :), i saw that join/quit spam..
[19:45] <simplexi1> little suprised that you still use same nick
[19:47] <simplexio> FusionX: on same ime ther.mention about those floodbots
[19:48] <FusionX> oh no that wasn't a flood bot
[19:48] <FusionX> its a bnc's server problem
[19:48] <FusionX> i was away while it happened
[19:49] <FusionX> i'll have to ask manually on all the 15 channels for the unban
[20:21] <WalterN> ugh
[20:21] <WalterN> I cant figure out whats wrong with dovecot/postfix
[20:22] <WalterN> it will receive an email fine
[20:22] <WalterN> http://pastebin.com/vwmqG8J8
[20:22] <WalterN> no errors
[20:22] <WalterN> but it does not saving it to the mbox file
[20:22] <WalterN> http://pastebin.com/XJUkz61k is the configuration file
[20:24] <WalterN> weirdness
[20:27] <WalterN> what do the permissions need to be for the mbox file?
[20:27] <WalterN> root:mail?
[20:41] <WalterN> any ideas?
[20:41] <WalterN> :/
[20:44] <zoopster> WalterN: you are saying there is nothing in /var/spool/mail/server? it appears %u=server
[20:44] <WalterN> yeah
[20:44] <WalterN> nothing in that file
[20:45] <zoopster> odd.
[20:45] <WalterN> var/spool/mail just points to var/mail though
[20:46] <zoopster> true
[20:47] <zoopster> I must maildir and ownership of maildir is mail:mail
[20:48] <hggdh> Daviey: still there?
[20:49] <WalterN> so the owner should be mail:mail?
[20:50] <WalterN> right now I have it set to server:mail
[20:50] <WalterN> could it be saving the mail somewhere else?
[20:50] <WalterN> or is that the default location?
[21:06]  * RoyK just got a call from a friend trying to install xubuntu on an old pII with 128 megs of RAM.....
[21:10] <WalterN> heh
[21:18] <Daviey> hggdh, sort of
[21:18] <Daviey> o/
[21:18] <hggdh> heh
[21:19] <hggdh> Daviey: the upgrade seems to have failed... everything is correctly upgraded (and I stopped all euca* services before upgrading)
[21:19] <Daviey> hggdh, I expected it to fail TBH
[21:19] <hggdh> oh
[21:19] <hggdh> any specific reason?
[21:19] <Daviey> hggdh, I think the db schema needs a bump
[21:19] <Daviey> one moment
[21:20] <Daviey> hggdh, What topology is this?
[21:20] <hggdh> topo3, CLC+Walrus, CC+SC, NC
[21:21] <hggdh> I see a series of 16:19:53 DEBUG [AbstractClusterMessageDispatcher:New I/O client worker #2-31] com.eucalyptus.ws.EucalyptusRemoteFault: Action:ProblemAction Code:soapenv:Sender Id:RelatesTo Error: Data element of the OM Node is NULL
[21:21] <hggdh> this is a new error message for me
[21:21] <Daviey> yeah.. indication of db schema issue
[21:21] <Daviey> i scaratched my head for ages on that one! :)
[21:21] <hggdh> not good...
[21:22] <Daviey> hggdh, What machine is showing that?
[21:22] <hggdh> the CLC
[21:25] <nxvl> kirkland: hi! I have an issue with byobu on maverick, i just ssh'd into my machine, but one program has my machine's screen size and it doesn't fit my current terminal, in the past i used to detach and byobu -dr and worked, but now i detach and lose ssh connection
[21:26] <nxvl> kirkland: is there any workaround?
[21:27] <b0gatyr> can anyone point me in the right direction, trying to host two sites in apache2, but i would like the following http://ip/website1 and http://ip/website2 how can this be achieved?
[21:31] <tomsdale_> I just want to add a public key to my authorized_keys file but the format seems to be differen: It starts with ---- BEGIN SSH2 PUBLIC KEY ----  then has a Comment line and no declaration as to whether it's dsa or rsa. Will it work?
[21:33] <tomsdale_> b0gatyr: if they are just in an directory in the webroot you probably can use aliases in your /etc/apache2/sites-enabled/... files.
[21:34] <tomsdale_> b0gatyr: Alias /website1 /var/www/website1     I wouldn't do this on a production server but I had it like this on my dev server.
[21:34] <b0gatyr> tomsdale_: yes they are both inside /var/www/website1 /var/www/website2
[21:35] <tomsdale_> so yeah, basically this should work. Just put the alias under the DocumentRoot line and restart apache2
[21:36] <b0gatyr> why is this not recommended for production?
[21:36] <b0gatyr> just curious
[21:37] <tomsdale_> well, I won't consider it 'clean' :-) . I used this syntax on my development server. If you use things like url rewriting you can get into trouble if you work in a subdirectory.
[21:38] <tomsdale_> you might have different requirements and it might be just fine for you.
[21:39] <b0gatyr> ok, thank you.
[22:05] <monokrome> How can I change the default interface to send outbound data over when I have interface aliases setup for networking on multiple IPs over the same interface?
[22:06] <monokrome> IE, I have eth0 eth0:187, eth0:188, etc.
[22:06] <monokrome> and I want eth0 to be the default for outbound data
[22:07] <Patrickdk> hmm, you only have one interface :)
[22:08] <monokrome> yes
[22:08] <Patrickdk> you need to stop using ifconfig, and start using ip :)
[22:08] <monokrome> and 5 interface aliases
[22:08] <monokrome> ip?
[22:08] <Patrickdk> ip addr show
[22:08] <monokrome> well that doesn't do what I'm asking
[22:09] <monokrome> I have 2 interfaces, but that's beside the point
[22:09] <Patrickdk> ya, it can in an odd way
[22:09] <monokrome> outbound data is being registered as coming from an alias
[22:09] <Patrickdk> but what you looking for currently is probably: ip route show
[22:09] <monokrome> instead of just eth0
[22:09] <Patrickdk> and change the src address on those routes
[22:09] <monokrome> scope global secondary eth0:191
[22:09] <monokrome> the one that all outbound data is going on is secondary
[22:10] <Patrickdk> secondary means nothing (except that it is an alias)
[22:10] <monokrome> heh
[22:10] <monokrome> brb
[22:23] <monokrome> back
[22:23] <monokrome> so I SSH'd onto a server on the dedicated server's local network, and it looks like I configured it right because the SSH connection was on the "primary" address
[22:24] <monokrome> so I think RackSpace's router is just messing things up.
[22:24] <Patrickdk> heh?
[22:24] <Patrickdk> it won't matter what ip you connect to
[22:24] <monokrome> what?
[22:25] <Patrickdk> the only difference is what ip is used by default for outgoing connections from that server
[22:25] <monokrome> yea that's what I'm talking about.
[22:25] <monokrome> We have one IP that is allowed to communicate with our building from that server, but it's trying to communicate from a disallowed one.
[22:25] <Patrickdk> login to the problem server
[22:26] <monokrome> I am logged in
[22:26] <monokrome> I am SSH'd in, and if I access a remote website - I get the wrong IP.
[22:26] <monokrome> However, if I ssh to a sibling server it connects from the proper IP
[22:26] <monokrome> Hence, the gateway is translating to bad IP
[22:28] <Patrickdk> run this: wget -qO - http://cfaj.freeshell.org/ipaddr.cgi
[22:28] <monokrome> that will get the bad IP
[22:28] <Patrickdk> that is your servers issue
[22:28] <Patrickdk> you need to change the default ip :)
[22:29] <Patrickdk> or have whatever is using the bad ip, bind to the correct one
[22:29] <monokrome> You aren't listening.
[22:29] <monokrome> I just told you that
[22:29] <monokrome> but if I connect to a _sibling server)
[22:29] <monokrome> then it uses the good IP
[22:29] <monokrome> so the router at rackspace is translating the address
[22:29] <Patrickdk> heh? sibling server?
[22:29] <Patrickdk> I doubt it's translating ip's
[22:30] <monokrome> Yes. A server accessible on the same private network.
[22:30] <Patrickdk> that is so against all internet routing stuff, unless you have a private ip block
[22:30] <Patrickdk> what are your ip's for that server?
[22:31] <monokrome> If local connections report Ubuntu is outgoing on the right address, but anything past the firewall is outgoing on the wrong address then NAT is translating the IP poorly.
[22:31] <Patrickdk> actually, none of that matters :)
[22:32] <Patrickdk> as you can have completely different ip selected for local vs nonlocal ip's
[22:32] <Patrickdk> or even for just one place on the internet, vs another
[22:32] <Patrickdk> in ipv6, it's actually required
[22:52] <qman__> if it was the router messing things up, you'd see a lot of broken TCP conversations with tcpdump
[22:53] <qman__> it's far more likely that the server is not requesting from the correct address
[23:03] <monokrome> Patrickdk: I added another interface alias, and now it's using that one.
[23:10] <monokrome> http://dpaste.com/241202/
[23:10] <monokrome> route shows this
[23:11] <monokrome> I don't know why it adds 5 identical routes to eth0. One for each interface alias?
[23:26] <pittstains> does anyone know if a list exists to identify the purpose of existing user groups?
[23:26] <pittstains> for instance, a fresh install gives you adm, admin, staff, etc
[23:27] <pittstains> i'm looking for an equivalent of the Linux Filesystem Hierarchy, but for system groups :-D
[23:35] <Tim_R> can anybody tell me how I can protect a directory on my server
[23:36] <giovani> Tim_R: you're going to have to be more detailed than that -- "protect" from whom?
[23:37] <Tim_R> giovani I want to protect from outside world
[23:37] <Tim_R> protect a directory from the outside world
[23:37] <giovani> Tim_R: I don't know what that means -- does the outside world include those with accounts on your server?
[23:37] <Tim_R> like /var/www/directory
[23:38] <giovani> do you have a web server serving the files in /var/www?
[23:38] <Tim_R> yes I do giovani
[23:38] <giovani> ok, and you don't want the webserver to serve the files in /var/www/directory?
[23:38] <Tim_R> not to the outside
[23:38] <giovani> I don't know what the "outside" is
[23:38] <giovani> that's far too broad
[23:39] <Tim_R> like people like you
[23:39] <Tim_R> i want be only access internal or by ip address
[23:39] <giovani> you can do that with an ".htaccess" file
[23:40] <giovani> you can limit the IPs that can access that directory
[23:40] <Tim_R> where do I put that at
[23:40] <giovani> you put it in the directory itself
[23:40] <giovani> you can google for the syntax to do what you want
[23:40] <Tim_R> when I tried the .htaccess it dont work
[23:40] <giovani> then you probably didn't do it properly
[23:40] <giovani> or your web server is not reading the .htaccess file -- did you look in the apache/webserver logs?
[23:41] <Tim_R> no I didnt
[23:41] <giovani> well time to do that
[23:41] <vraa> http://home.golden.net/htaccess.html  -- "Restricting by IP Address"
[23:41] <vraa> http://httpd.apache.org/docs/1.3/mod/mod_access.html#allow
[23:43] <Tim_R> so I place the .htaccess into that directory I want to protect correct
[23:43] <giovani> yes
[23:43] <Tim_R> then what after that
[23:43] <giovani> ... then nothing
[23:43] <Tim_R> I tried to restart apache it dont do anything
[23:43] <giovani> if it's written properly, and everything is configured properly, then it works
[23:43] <giovani> you don't need to restart apache
[23:43] <giovani> I told you to look in the logs
[23:47] <Tim_R> i dont see anything in the logs
[23:47] <giovani> then it probably is written incorrectly
[23:47] <giovani> paste the contents of .htaccess in a pastebin
[23:48] <Tim_R> http://pastebin.com/dvvnsdaJ
[23:49] <ciccioprompt> salve a tutti
[23:49] <ciccioprompt> posso porre un quesito?
[23:50] <giovani> Tim_R: what are the permissions of the .htaccess file?
[23:50] <ciccioprompt> qualcuno sa come rilevare un periodo di inattività del pc per farlo spegnere dopo un certo periodo di inattività?
[23:50] <Tim_R> giovani 0644
[23:50] <giovani> and when you try and access this page, no authentication request comes up?  Try forcing a refresh -- sometimes it caches -- shift-f5
[23:50] <Tim_R> that is correct giovani
[23:51] <giovani> there must be something in the logs
[23:51] <giovani> or you have .htaccess files disabled in the apache config
[23:51] <Tim_R> how can i enable it then giovani
[23:51] <giovani> I don't remember -- read the apache docs
[23:51] <giovani> but they're enabled by default
[23:51] <giovani> I'm betting there's something in the logs
[23:51] <ciccioprompt> ho impostato da bio lo standby del pc dopo mezz'ora di inattività ma non funziona
[23:52] <giovani> ciccioprompt: this is an english channel
[23:52] <giovani> ciccioprompt: there are channels available for other languages
[23:52] <ciccioprompt> ok thanks
[23:53] <Tim_R> do I have to put something into the sites-available/default
[23:56] <Tim_R> ?