[00:01] <Shapeshiftr> Hey.
[00:01] <_Techie_> !hi
[00:02] <_Techie_> now that thats out of the way, how can we help ya Shapeshiftr
[00:02] <Shapeshiftr> Hey, actually, I think I may have found out my problem.
[00:02] <Shapeshiftr> One second, while I try this out.
[00:07] <Four2zero> _Techie_ okay i have mounted the extdisk, now do i need to add samba to get windows to recognize the directory ?
[00:07] <Daviey> hggdh, ok... i'm NOT seeing the libvirt issue you saw
[00:07] <Daviey> but i am seeing a meta data issue :(
[00:08] <Four2zero> And doing sudo apt-get install samba will install SAMBA on the ubuntu-server correct ?
[00:09] <_Techie_> Four2zero, sudo apt-get install smbd
[00:09] <Four2zero> okay, thanks
[00:11] <Four2zero> Reading package lists... Done
[00:11] <Four2zero> Building dependency tree
[00:11] <Four2zero> Reading state information... Done
[00:11] <Four2zero> E: Couldn't find package smbd
[00:11] <Four2zero> was that a typo you made ?
[00:11] <qman__> the package is samba, not smbd
[00:11] <Four2zero> i figured.
[00:12] <Four2zero> thanks qman__
[00:12] <qman__> it's easy to configure a simple share, too
[00:12] <_Techie_> hrmm
[00:12] <qman__> there are some examples at the bottom of the config file
[00:16] <_Neytiri_> how do i instyall a gui from command line?
[00:16] <_Neytiri_> onto a server instalation
[00:17] <_Techie_> _Neytiri_, which GUI would you like?
[00:17] <Four2zero> sudo apt-get install ubuntu-desktop
[00:36] <Shapeshiftr> Hey, I'm failing at using grep.
[00:37] <_Techie_> Shapeshiftr, what do ya wanna grep?
[00:37] <Shapeshiftr> I, erm, don't know where my Listen directive is?
[00:37] <Shapeshiftr> That's what the guy over at #httpd said...
[00:38] <_Techie_> errmm
[00:38] <_Techie_> i dont quite follow
[00:44] <Shapeshiftr> One second, haha.
[00:48] <hggdh> smoser: there?
[00:51]  * Daviey launches a sigh
[00:57] <northstar> aufs au_xino_do_write:372:mount[21265]: I/O Error, write failed (-27)
[00:58] <northstar> in my syslog. pertains to the samba client trying to mount a share
[00:58] <northstar> could use a clue on directions
[00:58] <randomOfAmber> how can I get a .deb and all it's dependencies into a folder? I don't know what it's dependencies are
[00:58] <northstar> a direction anyway
[01:08] <Shapeshiftr> Okay, okay, back.
[01:09] <Shapeshiftr> So, basically, I'm trying to set up a website/apache webserver, but I can't connect to it outside of my local intranet
[01:09] <Shapeshiftr> I CAN connect to the domain inside my local intranet.
[01:09] <Shapeshiftr> What do?
[01:09] <SpamapS> Shapeshiftr: you need to modify the Accept/Deny permissions...
[01:10] <Shapeshiftr> Hm?
[01:10] <Shapeshiftr> Where?
[01:10] <Shapeshiftr> I'm a total newbie to this, so please do bear with my total ignorance >_<
[01:10] <SpamapS> Shapeshiftr: basically you need to create a file in /etc/apache2/sites-available that defines what you do want to allow access to
[01:11] <Shapeshiftr> Listen directive?
[01:11] <SpamapS> Shapeshiftr: no not Listen
[01:12] <_Techie_> Shapeshiftr, now i think i understand what you mean by listen directive
[01:12] <Shapeshiftr> SpamapS, what would this file be named, and what would I put in it?
[01:12] <SpamapS> Shapeshiftr: if you just want to run one single site on the server, you can modify /etc/apache2/sites-available/default
[01:13] <SpamapS> Shapeshiftr: if you'd like to have multiple sites (virtual hosting) then you can create a file per site in that directory... then enable them with a2ensite
[01:13] <Shapeshiftr> Modify it with what info?
[01:13] <Shapeshiftr> Ah, ninja'd
[01:13] <Shapeshiftr> Oh.
[01:13] <Shapeshiftr> Wait, no.
[01:13] <Shapeshiftr> Just one site.
[01:13] <Shapeshiftr> So, what do I put in it?
[01:14] <SpamapS> Shapeshiftr: Well if you look at it now, you'll see Order allow, deny, allow from all. That should allow anybody to access the "it worked" page in /var/www
[01:14] <Shapeshiftr> I already have an index.htm set up, but yeah.
[01:14] <Shapeshiftr> Ah!
[01:14] <Shapeshiftr> This is this.
[01:15] <Shapeshiftr> I was looking for this...
[01:15] <Shapeshiftr> Oh, wait, I've been in here before.
[01:16] <Shapeshiftr> Is this right:
[01:16] <Shapeshiftr> http://pastebin.com/LRq67FYZ
[01:17] <SpamapS> Shapeshiftr: yeah, but that has to appear in a Directory section
[01:17]  * SpamapS must be going
[01:17] <Shapeshiftr> D;
[01:17] <SpamapS> Shapeshiftr: good luck
[01:17] <Shapeshiftr> Thanks?
[01:17] <Shapeshiftr> THanks.
[01:17] <Shapeshiftr> **Thanks.
[01:18] <Shapeshiftr> That's in the directory /var/www Directory tab section.
[01:25] <Shapeshiftr> So, _Techie_ , my sites-available default file seems to be set up properly.
[01:25] <Shapeshiftr> What's the next thing that could go wrong?
[01:25] <_Techie_> Shapeshiftr, can you pastebin your /etc/apache/sites-enabled/default
[01:28] <Shapeshiftr> http://pastebin.com/By6dnbGY
[01:28] <Shapeshiftr> There.
[01:30] <_Techie_> hrmm, i cant seem to see anything wrong, just to recap... what was the problem?
[01:30] <Shapeshiftr> Website.
[01:31] <Shapeshiftr> I can connect in my local intranet
[01:31] <Shapeshiftr> Other people outside of my local intranet cannot.
[01:31] <_Techie_> hrmm
[01:31] <Shapeshiftr> Ports are forwarded.
[01:31] <Shapeshiftr> UFW exception allowed.
[01:31] <Shapeshiftr> What wrong?
[01:31] <_Techie_> no clue
[01:31] <Shapeshiftr> Httpd said something about the Listen directive
[01:32] <_Techie_> im just presuming that when you say that ports are forwarded and you have a UFW exception, taht it was done correctly
[01:32] <Shapeshiftr> Yes.
[01:32] <Shapeshiftr> People can connect to a different port on the same server.
[01:32] <Shapeshiftr> So yes.
[01:33] <Shapeshiftr> So, Listen directive: what is/where can I find/what do I do with it?
[01:34] <_Techie_> well if im not mistaken, its the ip that its listenign on
[01:34] <_Techie_> but your usign a wildcard directive, so you should be fine
[01:34] <Shapeshiftr> Okay, that's a start.
[01:34] <Shapeshiftr> Hm, you mean the *.mydomainnamehere.com?
[01:34] <wickedSA> Shapeshiftr: what in /etc/apache2/ports.conf
[01:35] <wickedSA> *whats
[01:35] <Shapeshiftr> Oh!
[01:35] <Shapeshiftr> Okay, new lead.
[01:35] <_Techie_> Shapeshiftr, i can provide you with soem of my configs as references
[01:35] <_Techie_> but keep in mind i have alot of vhosts
[01:36] <Shapeshiftr> http://pastebin.com/7U1C8D5b
[01:36] <Shapeshiftr> Yeah, it's cool.
[01:36] <Shapeshiftr> wickedSA, that link was @ you.
[01:37] <wickedSA> Shapeshiftr: pretty much default, what I expected
[01:37] <Shapeshiftr> Bad or good?
[01:37] <wickedSA> Good
[01:37] <_Techie_> Shapeshiftr, heres my vhost for some of my non SSL sites  http://sprunge.us/GTaP
[01:40] <Shapeshiftr> I notice this line:
[01:40] <Shapeshiftr> <VirtualHost 219.88.71.17:80>
[01:40] <Shapeshiftr> My line looks like <VirtualHost *:80>
[01:40] <Shapeshiftr> Does that matter?
[01:41] <wickedSA> Shapeshiftr: I'm starting to think the port forwarding / firewall is not setup right. if you can get to your web server locally, and outside clients cannot
[01:42] <_Techie_> Shapeshiftr, should, i have mine like that as its for a subdomain so its gotta be on my external IP
[01:42] <_Techie_> Shapeshiftr, shouldnt*
[01:42] <Shapeshiftr> Ahm.
[01:43] <Shapeshiftr> wickedSA, unless I have to do something other than how I normally forward ports in my router and something other than allow port 80 in UFW, I really don't think so.
[01:43] <_Techie_> wait a sec
[01:44] <_Techie_> does your ISP allow webhosting?
[01:44] <_Techie_> some ISP's block port 80
[01:44] <_Techie_> try it on a different port
[01:44] <Shapeshiftr> Oh, hm.
[01:44] <Shapeshiftr> Okay.
[01:44] <Shapeshiftr> How would I go about changing that?
[01:44] <wickedSA> Shapeshiftr: can you get a shell outside, and telnet your_host 80 (or whatever port)
[01:45] <Shapeshiftr> How would I do that, wickedSA
[01:45] <Shapeshiftr> (get a shell outside)
[01:45] <wickedSA> Shapeshiftr: well, start by getting a shell on some machine someplace else. or trust one of us with your external IP for a minute.
[01:46] <Shapeshiftr> Oh, well, does it have to be Telnet?
[01:46] <Shapeshiftr> Would trying to connect to my external IP do the same thing?
[01:46] <wickedSA> Shapeshiftr: what I'm proposing is to try to talk to your web server directly, over telnet
[01:46] <Shapeshiftr> Okay, I'm unfamiliar with telnet, but I'll get someone who does.
[01:46] <_Techie_> Shapeshiftr, theres an easier way of doing this, your ISP's website should say if they block ports
[01:46] <Shapeshiftr> Okay.
[01:47] <wickedSA> Shapeshiftr: yeah maybe thats too complicated.
[01:47] <Shapeshiftr> >_<
[01:48] <_Techie_> usign telnet to check a port is like using a diffraction pattern generated from the outer rim of a coin to find out which coin it is, when you could just look at it
[01:48] <Shapeshiftr> Because Port 80 is often used by malicious software, including viruses and worms, Optimum Online, like many ISPs, blocks this port for all standard Optimum Online customers.
[01:48] <Shapeshiftr> Fuuu--
[01:49] <Shapeshiftr> *sigh*
[01:49] <_Techie_> hold up
[01:49] <_Techie_> lemme ook into it
[01:49] <_Techie_> look*
[01:49] <Shapeshiftr> Curses.
[01:49] <_Techie_> Shapeshiftr, dotn give up yet
[01:50] <Shapeshiftr> You have to buy a $30/m. business plan to use 80, it seems.
[01:50] <wickedSA> _Techie_: using telnet to check a port and query a web server? I do it all the time.
[01:50] <Shapeshiftr> Same with SMTP!
[01:50] <Shapeshiftr> No wonder it wasn't wonder.
[01:50] <_Techie_> Shapeshiftr, port 25 is international standard
[01:51] <Shapeshiftr> Ah, okay, lol.
[01:51] <_Techie_> Shapeshiftr, do you know anyone that has their own web server?
[01:51] <Shapeshiftr> Well, 80 is what matters.
[01:51] <Shapeshiftr> Yeah, I can get really cheap hosting from a friend.
[01:51] <Shapeshiftr> But, why?
[01:51] <_Techie_> you could up the port by 10 or so, and get him to host a proxy directive
[01:52] <Shapeshiftr> Hm?
[01:52] <Shapeshiftr> **or?
[01:52] <_Techie_> i do it all the time to secure non secure services on my server
[01:52] <Shapeshiftr> Do explain.
[01:53] <_Techie_> Shapeshiftr, the first virtualhost in http://sprunge.us/GTaP
[01:53] <Shapeshiftr> Copypasta?
[01:53] <_Techie_> it listens for queries to shoutcast.technz.info and proxies them transparantly to http://192.168.10.1:8000/
[01:54] <_Techie_> its also a safe way to host webservers on other servers in your network without allowing non http traffic to them
[01:54] <Shapeshiftr> Erm, that's an internal IP.
[01:54] <Shapeshiftr> What?
[01:54] <_Techie_> its a transparant proxy
[01:55] <_Techie_> check it out for yourself
[01:55] <Shapeshiftr> Okay.
[01:55] <_Techie_> http://shoutcast.technz.info/
[01:56] <Shapeshiftr> transparant proxy
[01:56] <Shapeshiftr> Hm?
[01:57] <_Techie_> Shapeshiftr, transparant in the fact that you dont even realise that youve been proxied
[01:57] <Shapeshiftr> Ah, erm, uh...
[01:57] <Shapeshiftr> I'm still...
[01:57] <_Techie_> confused..
[01:57] <Shapeshiftr> Okay, so, you have the server hosted on another computer?
[01:58] <_Techie_> no
[01:58] <Shapeshiftr> And that computer redirects the traffic from x.x.com to 192.168.10.1
[01:58] <Shapeshiftr> ?
[01:58] <Shapeshiftr> No.
[01:58] <Shapeshiftr> Okay.
[01:58] <_Techie_> wait yes
[01:58] <Shapeshiftr> Yes?
[01:58] <Shapeshiftr> Correct?
[01:58] <_Techie_> welll sorta
[01:58] <_Techie_> your understandign is correct
[01:59] <_Techie_> but its nto a seperate server
[01:59] <Shapeshiftr> ...
[01:59] <Shapeshiftr> Go on?
[01:59] <_Techie_> the shoutcast web panel is hosted by a different process, that cant map to a subdomain by itself
[01:59] <_Techie_> so i use apache to map it to its own subdomain
[02:01] <_Techie_> Shapeshiftr, and here you can see examples of mapping a non SSL server to an SSL connection      http://sprunge.us/bjPN
[02:04] <Shapeshiftr> Hm.
[02:04] <_Techie_> Shapeshiftr, so if you can find someone to provide you with bandwidth equal to what you estimate your site will use, and almost no storage space, then you can use it as a transparant proxy
[02:04] <a1fa> does anyone know whats realistic line speed on 10Gbe interface?
[02:04] <a1fa> single connection, TCP->FTP
[02:04] <Shapeshiftr> depends on your ISP
[02:05] <Shapeshiftr> You could have the best network card in the world, and have a really shitty ISP, and still have a horrible connection.
[02:05] <Shapeshiftr> AFAIK, the network card sets a maximum connection.,
[02:06] <Shapeshiftr> If you only have a 10mbps card, you can only have a 10mbps speed, max.
[02:06] <Shapeshiftr> Okay, so, _Techie_, what should I tell them to do?
[02:08] <_Techie_> Shapeshiftr, are you going through a friend or a company
[02:08] <Shapeshiftr> Friend.
[02:08] <Shapeshiftr> I already use his webhosting.
[02:08] <_Techie_> get them in here
[02:08] <_Techie_> thatl make things easier
[02:09] <Shapeshiftr> Hm, he's not around right now.
[02:11] <a1fa> Shapeshiftr: that's not true
[02:11] <_Techie_> well, you have some of my vhosts as a reference
[02:11] <Shapeshiftr> Okay, much thanks.
[02:12] <a1fa> you can never achieve theoretical maximum on a network card
[02:12] <_Techie_> get him to enable the proxy and rewrite modules
[02:12] <a1fa> so with a 10mbps, you are looking at realistic 5mbps
[02:12] <Shapeshiftr> So, tell him I want to forward all incoming connections to my domain to my server from his server...
[02:12] <Shapeshiftr> ?
[02:12] <Shapeshiftr> I'm still not exactly sure what the plan is.
[02:13] <Shapeshiftr> Yeah, of course, alfa
[02:13] <Shapeshiftr> I was talking theoretically.
[02:13] <_Techie_> from his sever to yours on a different port using apache2's proxy and rewrite modules
[02:13] <a1fa> Shapeshiftr: i am trying to find real world figures for 10Gbe interface
[02:13] <Shapeshiftr> There are no figures, per say.
[02:13] <Shapeshiftr> It depends on your ISP.
[02:14] <Shapeshiftr> Okay, thanks, Techie.
[02:15] <Shapeshiftr> Wait.
[02:15] <Shapeshiftr> Couldn't I just run Apache off another port?
[02:15] <_Techie_> yes, thats what you will be doing
[02:16] <Shapeshiftr> But, surely I can just change Apache's port, and then forward that and go?
[02:16] <a1fa> Shapeshiftr: but I am the ISP :P
[02:16] <Shapeshiftr> Without proxy redirection and such.
[02:16] <_Techie_> the whole proxy is so that clients can go to http://mydomain.com/ rather than  http://mydomain.com:90/
[02:16] <Shapeshiftr> Alfa, you provide your own internet?
[02:16] <Shapeshiftr> Ah, ah, okay.
[02:16] <a1fa> sort of ;)
[02:16] <Shapeshiftr> That actually makes sense.
[02:16] <a1fa> i am a cross-over cable away from my "internet"
[02:16] <a1fa> haha
[02:16] <Shapeshiftr> You must go through Optimum Online or Comcast or something of the like.
[02:17] <_Techie_> Shapeshiftr, thanks for understanding... very few people can understand the idea of such a proxy without thinking it over alot
[02:18] <Shapeshiftr> Well, I mean, in order to go to webadmin, lets say, you have to type in IP:10000
[02:18] <_Techie_> yep
[02:18] <Shapeshiftr> You don't want people to have to type in domainname.com:90 all the time.
[02:19] <_Techie_> exactly
[02:19] <Shapeshiftr> So, you make people connect to port 80 on another server, then forward the connection on port 90 to my server.
[02:19] <_Techie_> bingo
[02:19] <Shapeshiftr> Right?
[02:19] <Shapeshiftr> :D
[02:20] <_Techie_> thats why you dont actually need any storage on their server
[02:21] <Shapeshiftr> That actually makes sense.
[02:21] <Shapeshiftr> Awesome, thanks :D
[02:21] <_Techie_> Shapeshiftr, and you can setup services on your domain name so only port 80 is pointed to his ip
[02:21] <_Techie_> so that you can retain use of the domain name
[02:21] <Shapeshiftr> Yeah.
[02:22] <Shapeshiftr> Should I just go to GoDaddy and point my domain to his external IP?
[02:22] <_Techie_> yep to start with
[02:22] <Shapeshiftr> Okay.
[02:22] <_Techie_> and once you get your head around services
[02:22] <_Techie_> then you can set that up and point the domain back to your ip
[02:23] <a1fa> ah
[02:40] <aetaric> I want to boot the Ubuntu Server ISO via PXE, is that possible? I'd rather not use the netboot ISO
[02:41] <ScottK> aetaric: Why not?
[02:43] <aetaric> ScottK: i've PXE booted that before and i kept getting download errors
[02:44] <ScottK> OK.  I don't think you can, but I'm reasonably certain that if you could it would work the same.
[02:45] <computerwiz_222_> hello everyone - i'm having some issues troubleshooting ubuntu 10.04 and I would really appreciate someone's help. I was running Ubuntu 9.04 since last September with no issues. The previous installation was RAID1 on a PCI SATA Card. I've since changed the motherboard and CPU and reinstalled to 10.04. The operating system is installed on a RAID1 array on the onboard sata (no problems) and there is a RAID1 1.5TB array on the
[02:45] <computerwiz_222_> original PCI SATA card (problems...).
[02:45] <Four2zero> i have ISPConfig3 installed on my computer with pure-ftpd and the problem im having is access other directory to upload to, how do i configure that from ispconfig3
[02:45] <aetaric> ScottK: for netboot, you only have to tell the client the kernel file and it grabs the initrd on its own and nothing else... i want to boot it like RHEL/CentOS... you know give it an NFS server to grab the cd files from
[02:46] <computerwiz_222> it seems that if i mount each drive (/dev/sdc or /dev/sdd) independently i can write to them no problems (verified by checksumming some known files generated from /dev/urandom)
[02:47] <computerwiz_222> but as soon as i put them into a raid1 array i get MANY errors on the monitor attached to the server. some say failed command: write dma ext
[02:48] <aetaric> computerwiz_222: you are trying to software raid1 two raid1 drives?
[02:48] <computerwiz_222> aetaric:  correct
[02:48] <aetaric> now THAT is redundancy
[02:48] <amstan> aetaric: incorrect
[02:48] <amstan> aetaric: he has 2 raid1's working in parallel
[02:49] <computerwiz_222> aetaric: sory, i misread
[02:49] <computerwiz_222> aetaric: i am actually raid1'ing two drives - two independent arrays
[02:49] <amstan> computerwiz_222: you're giving too much info, forget the onboard raid
[02:50] <aetaric> yeah i got confused...
[02:50] <computerwiz_222> aetaric: what i want to end up with is two raid 1 arrays, one is 1TB, one is 1.5TB - each array has two drives
[02:50] <aetaric> ok...
[02:51] <aetaric> you are making the arrays BEFORE install, right?
[02:51] <computerwiz_222> the 1TB one, yes - the 1.5TB one, no because it had data on it - but now it doesn't
[02:53] <aetaric> ok... the 1.5TB isn't working?
[02:54] <computerwiz_222> aetaric: right now i have a raid1 array that holds the OS and the data - this array functions perfectly. I am attempting to add a 1.5TB array to the system - the 1.5 drives function properly independently, but when i raid them together i get errors flying by on the monitor attached to the server
[02:54] <aetaric> computerwiz_222: is this hardware raid or software raid?
[02:55] <computerwiz_222> software
[02:56] <aetaric> oh....
[02:56] <pting> how do i have apt only upgrade php5 related projects if i have maverick builds added to my source.list?
[02:56] <amstan> pting: synaptic or aptitute could probably do that
[02:56] <aetaric> i've no idea then.. i've never used software raid. only hardware
[02:57] <computerwiz_222> aetaric: thanks anyways, this is an unusual problem
[03:01] <pting> amstan, hum, i want to have apt-get upgrade only show upgrade from maverick for php5.. all else should not show up... i'm thinking of doing some sort of apt pinning... would this be the appropriate approach?
[03:02] <amstan> pting: hold on.. why are you doing this? trying to install maverick php on lucid?
[03:03] <amstan> pting: i tried that once.. to do with xorg, i found myself with a nonworking x server that refused to go back to normal(previous release)
[03:06] <ScottK> pting: What you are trying to do is distinctly unsupported in Ubuntu.
[03:15] <pting> ScottK: i want try try out the php-fpm which is only available in 5.3.3
[03:17] <ScottK> pting: If it's a test box, then you could try changing /etc/apt/sources.list to maverick, do apt-get update, do apt-get dist-upgrade, cancel it and then pick out the list of packages you want to upgrade.
[03:17] <ScottK> I'd never do that for anything other than a test.
[03:17] <ScottK> For a test box though, you might as well just run Maverick.
[03:17] <pting> ScottK, heh, it's off my laptop... i don't want to fubar it
[03:18] <ScottK> There's no risk free way to do it.
[03:20] <pting> screw it, here i go, wish my laptop luck
[03:20] <ScottK> pting: What kind of video does your laptop have?
[03:21] <pting> video? videocard? nvidia 140M
[03:23] <ScottK> OK.  I have all Intel stuff, so no advice on that.
[03:23] <pting> i've been waiting for like 2 years for fpm to finally get pushed into php's codebase
[03:24] <aetaric> pting....uh
[03:24] <aetaric> i'd just build from source...
[03:24] <pting> ... i no longer have to maintain a separate deb for myself
[03:24] <aetaric> but that is just what i'd do
[03:25] <matthewl> Anyone know if it's possible to drop to a shell during boot? I need to fix fstab, and it's stuck trying to mount a drive that doesn't currently exist on the machine. I'm trying do this without using a CD...
[03:27] <aetaric> matthewl: when grub pops up, edit the initrd entry. remove quiet and splash and add single
[03:27] <aetaric> then boot
[03:28] <matthewl> Thanks, getting stuck in the same place though.
[03:29] <aetaric> oh... matthewl no clue then. i guess a live cd is the only option
[03:29] <ScottK> I have a vague recollection that hitting "S" or something during boot will skip the thing it's waiting on.
[03:29] <ScottK> I can't remember the details, but I think there's a bug that the text for how to skip is hidden.
[03:29] <ScottK> Google may know the details.
[03:35] <matthewl> https://bugs.launchpad.net/ubuntu/+source/mountall/+bug/571444
[03:35] <matthewl> That seems to be pretty close to what I'm seeing.
[03:45] <a1fa> [  3]  0.0-10.0 sec    973 MBytes    816 Mbits/sec
[04:42] <Four2zero> how can i enable write permission to /www directory so i can upload to the apache2 server ?
[04:49] <Four2zero> im trying to upload files to an apache2 server /www directory but i dont have write permissions how do i set this correctly ?
[04:56] <au> Four2zero: I would upload it to your home directory, then use sudo mv FILE/FOLDER /var/www
[04:57] <Four2zero> au, i will test that out...one sec
[04:58] <au> Four2zero: make sure your user is in /etc/sudoers :)
[04:58] <Four2zero> 20:57:33	Error:	/home/ReadMe.txt: open for write: permission denied
[04:58] <Four2zero> 20:57:33	Error:	File transfer failed
[04:58] <au> try to /home/user/ReadMe.txt
[04:58] <au> as /home just contains the users folders :)
[04:59] <au> Four2zero: alternatively, as root: adduser -G www-data username
[04:59] <au> Four2zero: username being the username that you log into FTP with (on the system, non-root of course)
[04:59] <Four2zero> au, i had to upload to /home/four2zero
[05:00] <Four2zero> thansk
[05:00] <au> yep :)
[05:00] <au> if you do 'adduser -G www-data four2zero' you could upload files directly to /var/www :)
[05:01] <Four2zero> i rather do that....thanks for the tip
[05:05] <au> np!
[05:49] <Four2zero> i want to copy a file to a /www/directory but i keep getting this error: cp: omitting directory "media..."
[05:51] <Four2zero> should i do this command: cp -r orginal_file new_file
[05:51] <Four2zero> to overcome that error ?
[06:00] <_Techie_> Four2zero, yep
[06:00] <Four2zero> :)
[06:17] <Datz> hi, I just switched my ubuntu server vm to a different install, and now eth0 can't be brought up
[06:17] <Datz> I had a static address set..
[06:18] <Datz> I loaded a different vm and networking works, so it must be with ubuntu server
[06:18] <RudyValencia> Datz: I had this happen to me... check udev rules for network configuration?
[06:18] <RudyValencia> I can't recall exactly what I did
[06:18] <RudyValencia> but I got it to work
[06:19] <Datz> RudyValencia: hehe
[06:19] <Datz> ok..
[06:20] <Datz> I don't really know how to check udev rules
[06:20] <Datz> when I try ifup eth0, I get device not found..
[06:23] <Datz> SIOCSIFNETMASK: No such device
[06:25]  * Datz goes to sleep
[07:50] <Four2zero> okay, when i try to access the shared directory, and be prompted for password and username which i did not specify in my smb.config http://www.upload3r.com/serve/130910/1284446022.jpg
[07:50] <Four2zero> why do i keep getting the prompted to enter the username and password ?
[07:58] <twb> Four2zero: you're accessing it using smbclient(1), or what?
[07:59] <Four2zero> accessing via win7
[08:00] <Four2zero> basically sharing the the the directory from ubuntu-server to windows home network.
[08:00] <Four2zero> lol. three "the"
[08:00] <Four2zero> i will paste bin my smb.config
[08:01] <Four2zero> im only sharing one directory for all family member to access read only
[08:01] <twb> Four2zero: produce the problem with smbclient first
[08:01] <twb> That way 1) we know it's not Windows' fault; and 2) someone here probably knows how to deal with it.
[08:02] <Four2zero> so that means i have to install a smbclient for win7
[08:02] <twb> Er, no.  You install smbclient on the host that's running samba
[08:02] <twb> Otherwise, you don't even know if its a network issue
[08:03] <ruben23> hi guys i tried crontab -e but i cant get out on it any ideas hwo do i do it..?
[08:04] <twb> ruben23: that depends what editor you're using
[08:04] <twb> ruben23: the default should be nano, which IIRC is ^X (control+x).
[08:05] <twb> ruben23: another likely candidate is vi(m), which you can exit using :q! (to discard changes) or :wq (to save changes)
[08:05] <ruben23>  twb: i tried both actually but still it wont work..?
[08:05] <ruben23> i mean it wont work.
[08:06] <twb> ruben23: pastebin or imagebin what you see on the screen.
[08:07] <ruben23> http://pastebin.com/fbME5vjS
[08:08] <twb> ruben23: I can't tell from that what editor you're in.
[08:08] <twb> Remember that if you're in vi, you need to type ^[ (ESC) to leave edit mode.
[08:09] <Four2zero> google brings no good results fo samba client for windows 7 x64
[08:09] <twb> Four2zero: if you want help with Windows clients, you should ask ##windows.
[08:09] <twb> Four2zero: if you can produce the problem using the server and client on the same Ubuntu server, we can probably help.
[08:10] <Four2zero> im using putty
[08:11] <_Techie_> Four2zero, windows has a built in samba client
[08:11] <Four2zero> okay, i will figure it out.
[08:11] <_Techie_> Four2zero, what you need to do is enable guest access to the share and lock it to guest only
[08:12] <twb> More precisely: Samba is a CIFS server; Windows includes a CIFS library and client (explorer)
[08:12] <twb> _Techie_: ah, thanks, I didn't grok that was his goal
[08:13] <ruben23> twb: _ someone told me its joe editor.
[08:13] <Four2zero> _Techie_ i do have the "guest ok = yes" switch enabled.
[08:13] <twb> ruben23: oh gods
[08:13] <twb> ruben23: yes, the joe package Fucked Up and makes itself the default editor for everyone if it's installed
[08:13] <twb> ruben23: IIRC it has some instructions at the top of the screen about how to bring up the menu
[08:14] <_Techie_> Four2zero, heres my smb.conf modified  http://paste.ubuntu.com/493488/
[08:14] <Four2zero> http://pastebin.com/EhtMMumR
[08:15] <_Techie_> if you take my smb.conf enry and modify it to fit your needs it should work
[08:15] <_Techie_> the main parts you want are guest only, and guest account
[08:16] <Four2zero> I will test your config out and report back.
[08:27] <Four2zero> _Techie_ okay i also tried your code with no luck. Hmm could it be possible that i might be running two processes that is conflicting each other ?
[08:27] <Four2zero> however, i should n't be running two processes of smb.conf
[08:28] <_Techie_> Four2zero, did you sudo /etc/init.d/samba restart    ?
[08:28] <Four2zero> that command is not found
[08:29] <Four2zero> i keep getting that for some odd reason
[08:29] <_Techie_> sudo /etc/init.d/samba restart
[08:29] <_Techie_> unless they renamed it to something else in 10.04
[08:30] <Four2zero> four2zero@media-server:~$ four2zero@media-server:~$ sudo /etc/init.d/samba restart
[08:30] <Four2zero> four2zero@media-server:~$: command not found
[08:30] <Four2zero> sudo service smbd restart
[08:31] <Four2zero> from what twb says: sudo service smbd restart
[08:31] <_Techie_> then that
[08:32] <_Techie_> maybe it was renamed from samba to smbd in 10.04
[08:33] <Four2zero> i did try did not resolve
[08:33] <_Techie_> =(
[08:35] <Four2zero> i will uninstall samba and restart
[08:35] <Four2zero> thanks for replys
[08:53] <Four2zero> is there any other place other than /etc/directary samba resides ?
[08:53] <Four2zero> and after i remove samba do i need to reboot ?
[08:55] <Four2zero> i find it odd, that after i uninstalled samba, windows still shows it in my network after the refreshh
[08:59] <ikonia> I'm trying to use the lib-virt (Virtual Machine Manager) gui, rather than make changes within the config files
[08:59] <ikonia> I can't see how using the gui you can create pass through networking connectivity from the host, to the guest OS
[08:59] <ikonia> the guest OS appears to be able to route or "proxy" out of the host, but the host can't reach the guest
[09:34] <daxroc> Morning
[09:35] <daxroc> I reinstalled mysql after a problem with passwords etc and it has stoped starting on boot any one know why that would happen ?
[09:36] <daxroc> starts fine from init.d / start mysql
[09:38] <au> daxroc: sudo update-rc.d mysql defaults
[09:40] <daxroc> au that added a few scripts but also gave an error update-rc.d: warning: /etc/init.d/mysql missing LSB information
[09:45] <tdn> I have created a user during installation and said Yes to "Encrypt home dirs?". How do I get back to non-encrypted home dirs?
[09:51] <TBult> hi
[09:51] <TBult> i will set up a central user management
[09:52] <TBult> for our sys amins
[09:52] <TBult> *admins
[09:53] <TBult> which way can you recommend?
[09:57] <aliverius> i want to use my box as both a server and a router. would it be ok to use ubuntu to do both or should i preffer running a router in kvm?
[09:57] <joschi> TBult: that depends on your requirements
[09:58] <joschi> TBult: but usually you would use some LDAP server and maybe kerberos for that
[09:59] <TBult> every admin should have his own account and a own "shell log"
[10:04] <blackmatter> ?
[11:23] <d3vic3> wmii filesystem mount corrupted http://paste.ubuntu.com/493558/
[11:51] <jo-erlend> I recently install updates for a lucid mail server. I can't receive mail anymore. Is this a known bug, or any ideas what might have happened?
[11:54] <twb> jo-erlend: that is not a bug *I* know about.  Investigate further (e.g. read logs).
[11:56] <progre55> hi guys. I'm trying to install ubuntu server from a usb startup disk, but it's not detecting my hard drives to partition.. any suggestions, please?
[12:10] <rahman> Hi, I am trying to find a file upload date to my apache server. I know the file name but what should I search for in apache access logs? If I search for the file name I get lots of logs about downloads of the file.
[12:28] <ttx> SpamapS: looks like your recent changes broke the burnup graph?
[12:38] <joschi> rahman: the contents of POST requests are not logged usually
[12:41] <Daviey> rahman, Try adding "POST" to your grep
[12:42] <joschi> Daviey: since the POST parameters are not logged by default, this won't get him far
[12:42] <Daviey> or head :)
[12:44] <Daviey> joschi, Are you sure?
[12:44] <joschi> Daviey: yes
[12:44] <rahman> Thanks dudes, but you are right, POST method contents are not logged. So I see when a file is uploaded but cant see the file name. So can I configure apache to log the complete contents of the post methods?
[12:51] <joschi> rahman: you could use mod_dumpio. but that will produce *huge* log files
[12:51] <joschi> rahman: a better alternative is to let your application log the file names and dates
[13:01] <rahman> joschi: how huge  should they get? I am rotating apache logs daily and one day log file is ~50 mb uncompressed. and I am keeping up to 6 month old log files. Do the mod_dumpio also dump the complete binary file data to the log file? If so you are right it is useless for me
[13:01] <joschi> rahman: yes, it dumps *all* I/O  to the logs
[13:39] <zul> morning
[13:47] <sommer> yo, morning :-)
[13:48] <binBASH> Oops...
[13:55] <zul> ttx: where is the list of rc bugs again?
[13:55] <ttx> https://wiki.ubuntu.com/ServerTeam/MaverickReleaseStatus
[13:55] <ttx> or search for the server-mrs tag for something more current
[13:56] <ttx> zul: You have bug 582963 on your plate
[13:56] <ttx> if anything can be done at this stage
[13:56] <zul> ttx: i dont think anything can
[13:57] <ttx> Then two others seem promised to you:
[13:57] <ttx> Bug 596064
[13:57] <ttx> Bug 561750
[14:09] <MTecknology> I've been getting a few thousand messages per day looking like this - http://dpaste.com/243234/ - Any ideas why I'm getting them and how I can stop them from happening?
[14:12] <jpds> MTecknology: That's coming from apparmor.
[14:13] <ttx> JamesPage: ping
[14:14] <jdstrand> MTecknology: you need to add 'k' for that path in your smbd profile
[14:17] <MTecknology> jdstrand: What's in there now is "@{HOMEDIRS}/** lrw," I also get a message in the logs about profile="/usr/sbin/smbd" requested_mask="r::" denied_mask="r::" - shouldn't the r in there make those messages not come up?
[14:19] <jdstrand> MTecknology: for sure you need to add 'k' to the 'lrw'. as for the 'r', I need the complete line
[14:19] <MTecknology> jdstrand: ok- is there anything I need to do to reload that profile?
[14:20] <MTecknology> I see why you need that line... It wants r on /var/log/samba/
[14:20] <jdstrand> MTecknology: sudo apparmor_parser -r -T -W /etc/apparmor.d/usr.sbin.smbd
[14:21] <reggi_au> hey folks, does anyone here know which channel I should connect to ask about PXE related questions? I'm trying to set up network boot because I want to install Windows XP and other operating systems over the network.
[14:21] <MTecknology> jdstrand: thanks :D
[14:21] <jdstrand> MTecknology: sure
[14:23] <JamesPage> ttx: ping
[14:23] <ttx> JamesPage: wanted to bring your attention to two bugs in the Java libraries that were recently pushed in our direction
[14:24] <ttx> First one is bug 552613
[14:24] <ttx> Both issues are about our main/universe split, that makes us different from Debian
[14:25] <MTecknology> jdstrand: In AppArmor, is there any way to tell it a process can start working in this directory, but then it can't go above that level?   Like... It starts /path/to/some/foo/bar.py it can't read anything above /path/to/ ?
[14:25] <ttx> we sync from debian new "feature support" (here the E4X)
[14:25] <ttx> JamesPage: that adds a build-depends
[14:25] <MTecknology> jdstrand: That would be the most awesomest thing in the world if it can..
[14:25] <ttx> JamesPage: problem is, the package is in main, and the build-depend is in universe
[14:26] <ttx> JamesPage: so the package fails to build until you do Main Inclusion Requests for the offender in universe
[14:26] <JamesPage> ttx: the offender being xmlbeans?
[14:26] <ttx> however, this can result in a lot of dependencies of dependencies
[14:26] <ttx> yes
[14:26] <ttx> which, in turn, depends on saxonb
[14:26] <ttx> the problem is that we discover those late in the cycle
[14:27] <wbit> How can I check if a user has reached it's open file/socket limit?
[14:27] <ttx> when we look at FTBFS (fails to build from source) reports
[14:27] <ttx> and sometimes it's a bit late to fix those. For that first bug, we'd need FFE (feature freeze exception) for the E4X support
[14:27] <ttx> + 2 MIRs
[14:27] <hggdh> morning Daviey
[14:28] <Daviey> afternoon hggdh :)
[14:28] <ttx> JamesPage: so for that one I consider disabling the E4X support and the new build-dep
[14:28] <ttx> *but*
[14:28] <ttx> we should not forget about this one, otherwise it will bite us again next cycle
[14:28] <ttx> we need to fix that when it's the right moment in the cycle to fix them
[14:29] <ttx> the second bug is...
[14:29] <ttx> bug 635895
[14:29] <ttx> for that one, it's portlet API support that was added to commons-fileupload
[14:29] <ttx> JamesPage: here it's even more MIRs that are needed, since we pull all the maven stack to main
[14:30] <hggdh> Daviey: I see we already have a patch for the 500 error
[14:30] <ttx> that's something we need to do at one point... but at the start of a cycle is a better time :)
[14:31] <JamesPage> ttx: OK - to summarise both these issues need to be resolved by removing the dependencies now
[14:31] <MTecknology> jdstrand: I'm also curious if there's somewhere that explains the denied masks. Sometimes it's ::k and sometimes it's k:: - Now I'm getting pretty interest in what's going on. :P
[14:31] <JamesPage> but ensuring that we don't lose them for the next cycle (i,e. I need to remember :-)
[14:31] <ttx> JamesPage: exactly.
[14:32] <ttx> i'll comment on both bugs. You might be interested in proposing a fix for them
[14:32] <jdstrand> MTecknology: man apparmor.d
[14:32] <ttx> JamesPage: do you think you have time for that ?
[14:32] <jdstrand> MTecknology: though tbh I've not thought about when the kernel reports ::k vs k::
[14:32] <ttx> JamesPage: those are RC bugs that we'd better fix before Thursday, so that means your fix proposal should come in ~ wednesday noon so that I can sponsor it
[14:33] <blackxored> hi guys, i'm setting up openvpn client on a new machine, it doesn't redirect my traffic neither pushes the default gw, the logs says error 7 around adding some route, any clues?
[14:33] <ttx> JamesPage: if you already have other things on your plate, I can do them.
[14:33] <JamesPage> ttx: I think so; I've been looking at Hudson integration with mathiaz but I can put that down
[14:33] <JamesPage> ttx: want to get to know the process; I'll take a look now.
[14:34] <ttx> OK, I'll assign those to you... and I'll pick them up on wednesday afternoon if you don't make it
[14:35] <MTecknology> jdstrand: No significant difference probably?
[14:36] <jdstrand> MTecknology: certianly not when profiling an application. you could ask jjohansen when he comes online if you are curious
[14:36] <jdstrand> s/certianly/certainly/
[14:39] <noname> hi guys , can someone guid me to backup a folder to a folder in my home directory colled backupfolder
[14:40] <noname> etc/tmp/mydat : mydata is the name of the folder that i want to backup
[14:41] <JamesPage> ttx: OK
[14:42] <MTecknology> jdstrand: ok, thanks again :)
[14:42] <ttx> jamespage: your LP userid is jamespage ?
[14:43] <JamesPage> ttx: james-page
[14:44] <ttx> JamesPage: done -- ping me anytime for advice or other
[14:45] <JamesPage> ttx: thanks -- I'll shout if I need any help
[14:50] <Daviey> hggdh, that is purely my patch.. wanted to see what upstream thought of it
[14:50] <Daviey> (it does fix it, fwict) \o/
[14:50] <hggdh> great!
[14:51] <Daviey> hggdh, disappointing that eucalyptus didn't get back to us like they said they would... also following 2 emails!
[14:54] <hggdh> yes indeed. Weird
[14:55] <hggdh> Daviey: and I understood this was tested
[14:57] <ttx> Daviey: did you push this to a new upload ?
[15:07] <Daviey> hggdh, everything that lands there has passed their QA.. is what they tell us.
[15:08] <Daviey> ttx, I have a branch waiting.. but was really hoping to nab one of upstream for comment before pushing it.  Perhaps just push it regardless?
[15:11] <hggdh> Daviey: I wonder why they added the context.clear line there also. What about while we wait for comments we push & test it?
[15:12] <Daviey> hggdh, yeah - i'm trying to get the login screen better.. seems like a good idea to make uploads somewhat more useful
[15:12] <Daviey> but this is a critical issue.. so i guess just push
[15:12] <hggdh> Daviey: go for it -- login screen is good but we can deal with it later
[15:14] <Daviey> hggdh, well 2 instances start really fast!  With the patch.. so it looks good
[15:14] <ttx> Daviey: Ideally we'd have an ISO tomorrow with that fix
[15:14] <Daviey> ttx, Oh.. that is my intention
[15:14] <hggdh> ttx: I can netboot and check it as soon as it is published
[15:14] <ttx> so you can give it a couple more hours
[15:14] <ttx> to give upstream a chance to answer
[15:14] <Daviey> (which explains why i've been working on this past midnight, twice this week - trying to ensure the following days iso is good) :)
[15:19] <Daviey> hggdh, I'll push it to a PPA right now... and leave it a few more hours for upstream to comment.. That way you can get some testing in :)
[15:19] <Daviey> ttx, ^ ?
[15:19] <mathiaz> Daviey: you should ask access to the system where you can trigger iso builds
[15:19] <ttx> Daviey: ack
[15:20] <mathiaz> Daviey: I don't see why you should be blocked on the next day iso and work late to make it in time
[15:20] <Daviey> mathiaz, I can see that point.. but i'm happy with ttx being the gatekeeper i think
[15:20] <mathiaz> Daviey: rather - ask the ability to spin isos
[15:20] <Daviey> ttx, What are your thoughts?
[15:20] <ttx> mathiaz: the current spin time lets me get a fresh ISO when I wake up, so it's perfectly fine by me
[15:21] <ttx> no need for an earlier spinnage, unless Dave needs it
[15:21] <mathiaz> ttx: agreed
[15:21] <mathiaz> ttx: it seems that Daviey needs it as outlined above
[15:21] <ttx> when I say "have an ISO tomorrow with that fix" I really mean, you should upload before EOB today
[15:21] <Daviey> i *prefer* working from netboot TBH... The main reason for trying to ensure it lands late at night, is for other people to test the ISO.
[15:22] <mathiaz> jdstrand: hey!
[15:23] <mathiaz> jdstrand: have you already seen this libvirt issue http://paste.ubuntu.com/493661/?
[15:23] <jdstrand> mathiaz: no
[15:23] <Daviey> eeek
[15:24] <jdstrand> mathiaz: are you redefining the default network?
[15:24] <Daviey> hggdh, pushing to PPA now
[15:24] <hggdh> Daviey: ack, thanks
[15:24] <jdstrand> mathiaz: hi btw :)
[15:24] <edge> is it possible to download the documentation that is web based, in a complete PDF format ?
[15:24] <mathiaz> jdstrand: this is the network definition: http://paste.ubuntu.com/493663/
[15:24] <mathiaz> jdstrand: it used to work on lucid
[15:25] <mathiaz> jdstrand: fails on maverick
[15:25] <jdstrand> mathiaz: what are you doing exactly? the default network should come up automatically
[15:25] <SpamapS> ttx: broken? The graph looks fine to me...
[15:26] <mathiaz> jdstrand: I've slightly change the default network definition
[15:26] <mathiaz> jdstrand: there isn't any dnsmasq started
[15:26] <mathiaz> jdstrand: as I start my own dnsmasq with it's own configuration
[15:26] <ttx> SpamapS: if "fine" means that the line is in the middle of nowhere, then I'd agree with you
[15:26] <jdstrand> mathiaz: ok I see that now
[15:26] <SpamapS> ttx: which one?
[15:26] <jdstrand> mathiaz: so, maverick seems a bit more finicky on redefining the network
[15:27] <ttx> SpamapS: let me upload a picture showing how it should be
[15:27] <jdstrand> mathiaz: I do:
[15:27] <jdstrand> virsh net-dumpxml default > /tmp/xml
[15:27] <jdstrand> virsh net-destroy default
[15:27] <mathiaz> jdstrand: hm - port 69 is tftp
[15:27] <jdstrand> virsh net-undefine default
[15:27] <jdstrand> edit /tmp/xml
[15:27] <SpamapS> ttx: this one isn't right? - http://people.canonical.com/~pitti/workitems/maverick/canonical-server-ubuntu-10.10.html
[15:27] <jdstrand> virsh net-define /tmp/xml
[15:27] <jdstrand> /etc/init.d/libvirt-bin stop
[15:27] <jdstrand> killall dnsmasq
[15:28] <jdstrand> /etc/init.d/libvirt-bin start
[15:28] <jdstrand> virsh net-dumpxml default    # should show the network is changed
[15:28] <ttx> SpamapS: no it isn't
[15:28] <jdstrand> virsh net-list               # should show the default network
[15:28] <ttx> SpamapS: should be http://people.canonical.com/~ttx/meuh.svg
[15:28] <ttx> i.e. the line should draw to the DONE point on D-1
[15:28] <jdstrand> mathiaz: I haven't perfected the algorithm yet, but basically, you need to destroy it, undefine, then define it
[15:28] <ttx> not somewhere random at the bottom of the graph
[15:28]  * mathiaz ndos
[15:29] <ttx> SpamapS: mine is generated with rev219, same DB.
[15:29] <jdstrand> mathiaz: I think doing something like the above will get libvirt into a state where it will do what you want
[15:30] <ttx> SpamapS: looks like your "inprogress" status lost it.
[15:31] <ttx> SpamapS: do I make sense ?
[15:31] <SpamapS> ttx: ok I see the difference. yes.
[15:31] <SpamapS> ttx: the way those plot objects are created/managed is really, really weird
[15:32] <SpamapS> ttx: it would have been blocked that messed it up, not inprogress
[15:32] <ttx> SpamapS: right, "blocked"
[15:32] <ttx> SpamapS: looks like the line is drawn to the amount of "in progress" items rathe than to the amount of DONE ones
[15:33] <ttx> SpamapS: I can look into it tomorrow if you're too busy to fix it
[15:35] <SpamapS> ttx: no, I will fix it today
[15:36] <SpamapS> ttx: pitti gave me commit access so I can actually fix it. :)
[15:36] <ttx> SpamapS: nice strategy :)
[15:36] <ttx> break it to the point that you get commit access to fix it
[15:38] <SpamapS> :)
[15:38] <robgault> good morning; is there an upgrade path from 10.04 to 10.04.1 TLS?
[15:39] <Daviey> robgault, sudo apt-get dist-upgrade
[15:39] <joschi> robgault: aptitude update && aptitude full-upgrade
[15:40] <jcastro> you don't even need the dist-upgrade Daviey
[15:40] <jcastro> if you're just doing updates normally you'll be fine
[15:41] <robgault> Daviey: thanks I was using "do-release-upgrade"
[15:42] <robgault> jcastro: it wasn't doing the upgrade w/ just a normal apt-get upgrade
[15:42] <jcastro> robgault: that's for release-to-release, point releases are basically just a roll up of all the existing updates
[15:42] <jcastro> O_O
[15:43] <robgault> is there an advantage to using aptitude over apt-get?
[15:44] <joschi> robgault: better dependency resolution in some cases. if apt-get works for you, stay with it
[15:46] <robgault> thanks everyone for the help!
[15:48] <robgault> majordomo isn't packaged for ubuntu?
[15:49] <zul> umm...probably not but mailman is
[15:50] <mathiaz> jdstrand: would there be a reason why libvirt couldn't open qcow2 files stored in ecryptfs on maverick?
[15:50] <robgault> I've never used mailman, how does it compare to majordomo?
[15:51] <mathiaz> jdstrand: my qcow2 files backing my vms are stored in my home directory which is managed by ecryptfs
[15:51] <mathiaz> jdstrand: libvirt fails to start my vms in maverick
[15:51] <mathiaz> jdstrand: if I move my vms to /srv libvirt is able to start them
[15:51] <jdstrand> mathiaz: yes, but it has nothing to do eith ecryptfs
[15:51] <jdstrand> mathiaz: oh, well, hmm, maybe then
[15:52] <mathiaz> jdstrand: well - and when I start from /srv it seems that the guest isn't brought up
[15:52] <Daviey> hggdh, https://edge.launchpad.net/~davewalker/+archive/uec-devel/+build/1959401
[15:52] <jdstrand> mathiaz: do you have any apparmor denied messages in kern.log?
[15:52] <hggdh> Daviey: thank you
[15:53] <jdstrand> mathiaz: check your xml for the disk: does it say '<driver name='qemu' type='raw'.../>' or '<driver name='qemu' type='qcow2'.../>'?
[15:53] <mathiaz> jdstrand: I only see apparmor profile reload/replace messages
[15:53] <mathiaz> jdstrand: http://paste.ubuntu.com/493686/
[15:54] <jdstrand>       <driver name='qemu' type='raw'/>
[15:54] <jdstrand>       <source file='/home/mathiaz/reference/vms/m-base/disk.qcow2'/>
[15:54] <mathiaz> jdstrand: hm right
[15:54] <mathiaz> jdstrand: let me fix that
[15:54] <jdstrand> mathiaz: libvirt 0.8.3 requires the type to match the image
[15:54] <mathiaz> jdstrand: well - how do I fix that?
[15:54] <mathiaz> jdstrand: <disk type='file' device='disk'> -> ?
[15:55] <jdstrand> mathiaz: I wrote libvirt-migrate-qemu-disks for this
[15:55] <jdstrand> mathiaz: it should have been called on upgrade. are these new images or existing?
[15:56] <mathiaz> jdstrand: this is a new image
[15:56] <mathiaz> jdstrand: I've checked existing images and they're indeed upgraded
[15:56] <jdstrand> ok, then that is why libvirt-migrate-qemu-disks wasn't used
[15:56] <jdstrand> mathiaz: how did you create the image?
[15:56] <mathiaz> jdstrand: copied a libvirt.xml from a lucid host
[15:57] <mathiaz> jdstrand: and then edited by hand
[15:57] <jdstrand> mathiaz: ok-- part of your process will need to include adding '<driver name='qemu' type='qcow2'/>' to the xml before you define it. then you should be fine
[15:57] <mathiaz> jdstrand: great - thansk
[15:59] <jdstrand> mathiaz: look at your paste to see where to put it (ie, libvirt added the 'raw' line since it wasn't in the xml when you defined it)
[16:04] <mathiaz> jdstrand: ok - it worked
[16:05] <mathiaz> jdstrand: however libvirt can't access files stored in ecryptfs
[16:06] <jdstrand> mathiaz: what are the permissions of your $HOME?
[16:07] <mathiaz> jdstrand: drwx------
[16:07] <EvilPhoenix> o.o
[16:08] <jdstrand> mathiaz: that is probably why. libvirt in maverick now runs qemu guest as libvirt-qemu:kvm
[16:08] <mathiaz> jdstrand: indeed - I noticed that the backend files had changed ownership
[16:09] <jdstrand> mathiaz: you have two choices-- adjust your permissions to by 0750 mathiaz:kvm (I think that should work, if not, you get the idea) or adjust /etc/libvirt/qemu.conf to have:
[16:09] <jdstrand> user = "root"
[16:09] <jdstrand> group = "root"
[16:09] <jdstrand> heh, actually, you could try to adjust the user and group to be yourself
[16:10] <jdstrand> anyway, you get the idea
[16:10]  * mathiaz nods
[16:11] <jdstrand> mathiaz: fyi, in lucid we run as root:root, which is generally fine if you leave the apparmor security driver enabled
[16:11] <mathiaz> jdstrand: right
[16:11] <mathiaz> jdstrand: this is for system instances
[16:11] <mathiaz> jdstrand: though.
[16:11] <jdstrand> oh yes
[16:12] <jdstrand> qemu:///system
[16:12] <jdstrand> qemu:///session always runs as you
[16:12] <mathiaz> jdstrand: right - I could try to use session instead :)
[16:13] <jdstrand> mathiaz: that is a third option, but you lose a lot. it starts a libvirtd as you, so you don't get the fancy networking or apparmor protection (among other things)
[16:15] <SpamapS> domo
[16:15] <SpamapS> domo
[16:16]  * SpamapS is caught red handed rocking out to stynx
[16:17] <mathiaz> jdstrand: it works now - I've set 750 mathiaz:kvm on /home/mathiaz/
[16:17] <jdstrand> \o/
[16:17] <mathiaz> jdstrand: thanks for helping out!
[16:17] <jdstrand> mathiaz: sure thing. 0.8.3 brought a number of changes
[16:18] <mathiaz> jdstrand: I'm not sure I understand why changing /home/mathiaz fixed it?
[16:18] <jdstrand> mathiaz: look at the qemu process with ps auxww
[16:18] <jdstrand> mathiaz: it is running as an unprivileged user, so it could read the inside of your directory when it was 0700
[16:19] <jdstrand> err
[16:19] <jdstrand> couldn't
[16:20]  * mathiaz nods
[16:31] <thafreak> I had 2 identically configured ubuntu lucid servers, both with a bridge device configured identically in the /etc/network/interfaces file. One server, it would be up automatically on boot, the other it wouldn't...
[16:32] <thafreak> Any ideas what could cause that?
[16:32] <ttx> SpamapS: should i target bug 625882 to Maverick ? i.e. do you intend to fix all of it ?
[16:32] <thafreak> The only difference, is I may have installed one box with 10.04 and the other with 10.04.1
[16:33] <SpamapS> ttx: I think it would be a shame not to fix it.
[16:33] <thafreak> but both were completely up to date with updates, and both at 10.04.1
[16:33] <ttx> SpamapS: I'll add it to the ttx nagging list then
[16:33] <SpamapS> ttx: I've already done all the rebuilds / tests .. I was just dragging my feet because I wasn't sure who to contact next.
[16:40] <EvilPhoenix> is it possible to remove "sudo"
[16:40] <EvilPhoenix> as in the actual command
[16:40] <EvilPhoenix> so that root on a server is the only one that can do root stuff
[16:41] <Laverne> you can set a password for root and then remove the users from the admin group
[16:43] <pmatulis> why not just leave one person in the admin group?
[16:50] <SpamapS> EvilPhoenix: its actually more secure to simply remove access to sudo from all but one admin user
[16:50] <EvilPhoenix> such as root
[16:50] <EvilPhoenix> right
[16:50] <SpamapS> EvilPhoenix: now an attacker must compromise *two* passwords.
[16:50] <EvilPhoenix> i already did that
[16:50] <EvilPhoenix> well
[16:50] <EvilPhoenix> they also have to break through ssh-key-only auth
[16:50] <EvilPhoenix> just to get to ssh
[16:51] <SpamapS> right, so they have to compromise the ssh key of the admin user..
[16:51] <SpamapS> then get his password..
[16:51] <SpamapS> unless you go NOPASSWD for all.. which is.. not recommended on production servers. ;)
[16:51] <SpamapS> ssh'ing as root is not recommended either.
[16:53] <SpamapS> EvilPhoenix: what risk do you see in sudo vs. direct root access?
[16:54] <trashguy>  have a server that sends mail out for a zenoss instalattion but there was a bad address and now mail is stuck in  my
[16:54] <trashguy>                   relay que on my mail server
[16:54] <trashguy> does ubuntu by default deny all incoming mail?
[16:54] <EvilPhoenix> doesnt matter the reasoning atm
[16:54] <EvilPhoenix> *yawn*
[16:55] <SpamapS> trashguy: Ubuntu's default MTA, postfix, will not relay mail to domains it doesn't know about by default.
[16:56] <SpamapS> EvilPhoenix: the answer to your question was yes, of course you can. We're just trying to steer you away from adding risk to your system.
[16:56] <trashguy> where is the conf file
[16:56] <trashguy> i dont see teh obvious mail dir under etc
[16:56] <SpamapS> trashguy: /etc/postfix
[16:56] <trashguy> is it not installed in base?
[16:57] <SpamapS> trashguy: no, it only gets installed when you install something that needs an MTA
[16:57] <trashguy> interesting
[16:57] <bhauff> So I have a VM provided to me from my admin of 10.04 and I noticed it has 5 postgres processes running.  I don't particularly need postgres, or apache for that matter which is also running.  Are these things that I can cleanly remove now, or should we reinstall making sure they aren't there?  I am trying to prepare a gold image that we will use.
[16:57] <trashguy> to stuck on with fbsd this linux stff has a different practice :D
[16:57] <EvilPhoenix> SpamapS, yeah i realize
[16:58] <EvilPhoenix> i'm in the middle of fixing what someone broke
[16:58] <EvilPhoenix> so...
[16:58]  * EvilPhoenix is very annoyed and busy
[16:59] <bhauff> Also, free -m is showing ~250MB of memory used, which seems high for a just installed VM doesn't it?  The VM has 1GB of memory.  I saw that the slicehost article for setting up a VM had only 25MB of memory used, although his VM had only 256MB of available memory.
[17:00] <SpamapS> trashguy: turns out most systems don't need an MTA.. beside.. there is too much email in the world already.. we don't need to encourage more people to send more email. :)
[17:01] <SpamapS> bhauff: apt-get remove postgresql apache2
[17:02] <SpamapS> bhauff: to make it 100% clean, you can purge the data/config files too..  dpkg --purge postgresql ; dpkg --purge apache2
[17:03] <SpamapS> bhauff: you may also want to run 'apt-get autoremove' to get rid of all the dependencies that are no longer needed.
[17:03] <bhauff> SpamapS: Thanks, that is a big help, is that just as good as doing a new install?
[17:04] <SpamapS> bhauff: purge should leave *no* trace of a package. If it does, file a bug. ;)
[17:05] <SpamapS> bhauff: its one of the big goals of Debian and Ubuntu to be able to remove and manage software cleanly so there's no feeling that a system needs a reinstall. :)
[17:05] <bhauff> SpamapS: I appreciate that, my admin setup this VM, and I am trying to get the memory down, did you see my message about the memory from above?
[17:06] <bhauff> SpamapS: Does the dpkg --purge also remove the install package, or do I need to do the apt-get remove and the dpkg?
[17:09] <SpamapS> bhauff: dpkg won't remove anything that depends on those packages, so you may "break" your system by doing the --purge first.
[17:09] <SpamapS> bhauff: apt-get remove will say "oh, drupal6 depends on apache2, which you're removing, so I'll remove it too"
[17:09] <bhauff> SpamapS: ok, so aptitude remove first, then the dpkg purge for cleanliness:)
[17:10] <SpamapS> bhauff: --purge is just a nice final step to get rid of config files and data
[17:10] <bhauff> SpamapS: Ok cool, do you know if ubuntu will use more memory if it has more available to it?
[17:11] <SpamapS> bhauff: of course it will. :)
[17:12] <SpamapS> bhauff: any RAM not in use by programs will be used to cache and buffer disk access.
[17:13] <bhauff> SpamapS: ok, that makes sense, I was wondering why free -m is showing 250MB of usage with a just brought up server
[17:13] <SpamapS> bhauff: yeah, thats a good thing. :)
[17:14] <bhauff> SpamapS: ok, apt-get is telling me that postgre is not installed, but I see 5 processes of it with ps aux
[17:14] <bhauff> postgresql
[17:15] <bhauff> SpamapS: http://gist.github.com/579288
[17:16] <sjm> bhauff, SpamapS can't you do both in one step with "aptitude purge apache2 postgresql"  ?
[17:17] <SpamapS> sjm: I dunno, I've had some bad luck with 'apt-get purge' and I don't really know aptitude
[17:17] <SpamapS> bhauff: dpkg -S /usr/lib/postgresql/8.4/bin/postgres will tell you what package owns that file
[17:18] <sjm> bhauff, I don't think it will stop any already running processes.  You need to stop them and then they should be gone.
[17:18] <bhauff> SpamapS: postgresql-8.4
[17:18] <trashguy> interesting
[17:19] <trashguy> wth is eaitng up 48GB of ram
[17:19] <trashguy> :/
[17:19] <SpamapS> trashguy: got mysql? ;)
[17:20] <trashguy> not that big
[17:20] <trashguy> its a Zenoss box
[17:21] <SpamapS> mysql can eat RAM like crazy
[17:21] <trashguy> yea
[17:21] <trashguy> although
[17:21] <trashguy> i am runnign zoneminder too
[17:22] <bhauff> SpamapS: Thanks a bunch, everything is good to go now, and I learned alot about packages!
[17:23] <SpamapS> trashguy: ps auxw O r   <-- sorts all processes by their memory size, ascending, so the last thing you see is the biggest eater of RAM.
[17:23] <SpamapS> bhauff: any time
[17:24] <bhauff> ok, general question what is the difference between dkpg apt-get and aptitude?
[17:24] <trashguy> Spunk and zenoss :/
[17:25] <trashguy> odd
[17:25] <sjm> bhauff, As I understand it, dpkg is the underlying package manager, but doesn't do any dependancy resolution.  apt-get and aptitude are basically the same, but some say aptitude is "more powerful".
[17:26] <SpamapS> trashguy: how happy are you with Splunk? Last time I tried it, it was actually pretty awesome.. but way too pricey.
[17:26] <sjm> bhauff, aptitude and apt-get both do dependancy resolution.
[17:27] <SpamapS> sjm: btw, the prerm scripts of the packages should stop all running daemons before removing the package
[17:27] <sjm> bhauff, aptitude run without any options does give you a more graphical interface that apt-get doesn't have
[17:27] <bhauff> sjm: was aptitude an iteration of development on top of apt-get or just a whole new tool?
[17:28] <sjm> bhauff, no idea.  Also not sure which was first.
[17:28] <bhauff> sjm: thanks
[17:31] <trashguy> hrm
[17:31] <trashguy> cant seem to find this memory hog
[17:33] <SpamapS> sjm: apt-get was first.. aptitude came later as an attempt to replace apt.
[17:33] <SpamapS> bhauff: ^^
[17:33] <SpamapS> trashguy: is it really "using" the RAM, or is it all just used in buffers/cache ?
[17:34] <trashguy> i founc it
[17:34] <trashguy> found
[17:34] <trashguy> zoneminder had a file stuck
[17:35] <trashguy> a vidoe stream form a security cam
[17:38] <trashguy> Man
[17:38] <trashguy> spunk is so awesome
[17:38] <trashguy> splunk even
[17:40] <RyanP> I have a machine that's running a number of openvpn client processes. I want to use monit to monitor them, but trying to define more than one service returns the error " Error: service name conflict, openvpn already defined."
[17:40] <pmatulis> spunk?
[17:41] <trashguy> Splunk
[17:42] <aetaric> anyone know where the kernel and initrd.gz live on ubuntu server iso?
[17:44] <SpamapS> RyanP: just name each one something different?
[17:45] <pmatulis> aetaric: can you not mount the ISO and use find?
[17:48] <RyanP> SpamapS, the config file looks like this: http://pastebin.com/bLrpUtsb the process has to be 'openvpn', or else it doesn't recognize that it's been restarted properly after a failure. It only lets me define one 'openvpn' service, even if there are different pid files.
[17:52] <SpamapS> RyanP: ah, maybe monit can specify a different "name" for each one that isn't the actual process name?
[17:53] <RyanP> SpamapS, I hope so, but didn't find anything in the documentation. An 'alias' command or something would be useful here. Was hoping that someone would know.
[17:54] <SpamapS> RyanP: you could always just write upstart jobs to do the same thing. :)
[17:55] <RyanP> SpamapS, Sure. I'm just trying to make sure that a bunch of openvpn connections stay open. I haven't looked at upstart much. Is there something you can point me at that would be useful?
[17:58] <SpamapS> RyanP: Ugh, I wish there were. I'm actually working on a set of best practices right now.... basically you just need to create a simple file in /etc/init
[17:59] <SpamapS> RyanP: something like this would work  http://pastebin.com/fHxG7uXn
[17:59] <SpamapS> RyanP: you'd want to add some other things, like start on net-device-up
[17:59] <SpamapS> and I'm not entirely sure how the instance stuff works to be honest
[18:00] <RyanP> SpamapS, Thanks. I just found something in the monit docs that might be what I want. If that doesn't work out I'll approach it from that direction.
[18:05] <SpamapS> RyanP: cool. I think OpenVPN is on the list of things we're convirting to upstart.
[18:27] <elb0w> Are there any ubuntu server images for AWS?
[18:30] <cwryuu> elb0w: I don't know if there are any available, but you can try building your own http://alestic.com/2010/01/vmbuilder-ebs-boot-ami
[18:34] <RyanP> SpamapS, Just so you know, setting the config file like: http://pastebin.com/0uL0D2Ec seems to do the trick. I'm curious about doing it in upstart though, so I'll take a look there too.
[18:35] <zoopster> elb0w: you mean EC2? or something different?
[18:36] <zoopster> elb0w: if you want EC2 AMIs...the 10.04 ones are listed at http://uec-images.ubuntu.com/releases/10.04/release/
[18:39] <elb0w> yea ec2
[18:45] <SpamapS> RyanP: I like monit a lot.. it has some key advantages over upstart for some things. But upstart is sort of.. "the future" for background process management.
[18:48] <elb0w> zoopster, who do I login as?
[18:48] <elb0w> amazon wants root
[18:48] <zoopster> elb0w: ubuntu
[19:14] <Skaag> is there a utility in ubuntu which re-runs a service if it failed?
[19:16] <wickedSA> I'm a fan of runit
[19:18] <RoyK> OpenIndiana seems like a promising project :)
[19:20] <Skaag> cool
[19:20] <RoyK> http://openin.org/announcement/
[19:20] <RoyK> press conference is at its end, though
[19:24] <panfist> i'm ssh'd into an ubuntu server from an ubuntu desktop. i'm trying to execute a graphical app over ssh on the ubuntu server, but it says: Error: Can't open display: sshclient:0.0
[19:26] <RoyK> panfist: enable ssh X forwarding
[19:26] <Skaag> wickedSA: how do you setup apache in ubuntu to be supervised by runit?
[19:26] <Skaag> I understand I need to create a directory
[19:26] <panfist> RoyK it is enabled, and i connected with ssh -X
[19:26] <RoyK> wierd
[19:26] <RoyK> works for me (tm)
[19:26] <Skaag> actually, /etc/sv/apache already exists
[19:27] <wickedSA> Skaag: I wouldnt do that with apache. do you find that apache dies on you?
[19:27] <Skaag> yes it does because of a RAM problem
[19:28] <Skaag> until I replace the RAM, I want it to be reloaded
[19:28] <wickedSA> Skaag: I would just whip up a shell script and run that out of cron
[19:29] <wickedSA> and hopefully cron doesnt die too
[19:29] <wickedSA> heh
[19:29] <mathiaz> sommer: hey!
[19:29] <mathiaz> sommer: looking at the puppet page
[19:29] <sommer> mathiaz: cool
[19:30] <mathiaz> sommer: I think there needs to be a ; at the end of each ressource definition (ie apache2 package and service)
[19:30] <sommer> mathiaz: mmmm... it worked without it
[19:30] <sommer> mathiaz: I can add that though
[19:30] <mathiaz> sommer: ok - I may be misguided here then
[19:30] <mathiaz> sommer: I'd recommend to use puppetmaster-passenger instead of puppetmaster
[19:31] <mathiaz> sommer: however -passenger is in universe
[19:31] <Skaag> you're right, I whipped it up with cron
[19:31] <Skaag> simpler
[19:31] <sommer> mathiaz: ya, I was going for a very simple example... since puppet can get very complicated very quick, heh
[19:31] <sommer> mathiaz: I can add puppetmaster-passenger for natty though
[19:32] <mathiaz> sommer:  puppetmaster-passenger is already in maverick
[19:32] <mathiaz> sommer: it's just a matter of apt-get install puppetmaster-passenger
[19:32] <sommer> mathiaz: right, but it's way past string freeze
[19:32] <mathiaz> sommer: and it's up-n-running
[19:32] <mathiaz> sommer: fair enough
[19:32] <mathiaz> sommer: the rest looks good to me
[19:33] <sommer> mathiaz: sweet, thanks for taking a look, I appreciate the feedback
[19:46] <bjaanes> I use backuppc for backup. I just installed my NFS server and was wondering if backuppc backups up hard drives that are connected but NOT mounted. I have a hard drive connected with like 1TB with data and would very much not like to see pool full tomorrow morning (tomorrow night, the day after - whenever it finishes)
[19:51] <Skaag> any of you know a solution that synchronizes files quickly between servers?
[19:52] <Skaag> not drbd based
[19:52] <Skaag> and not rsync based
[19:52] <oryxtec> hello world
[19:52] <giovani> Skaag: what do you want, exactly?
[19:52] <giovani> i.e. why is rsync not an option
[19:53] <RoyK> Skaag: those are the ones - unison works too, but is dead slow
[19:53] <Skaag> I am using csync2 for a while
[19:54]  * RoyK can't wait to install openindiana 
[19:54] <oryxtec> i m trying to load a php base agi but i m unable to.
[19:54] <giovani> Skaag: is there a reason you're not using a distributed/network file system?
[19:54] <Skaag> such as?
[19:54] <giovani> AFS/Coda
[19:54] <RoyK> oryxtec: agi?
[19:55] <Skaag> OpenAFS?
[19:55] <Skaag> I need multi-master
[19:55] <Skaag> and I need it to not be read-only
[19:55] <RoyK> glusterfs?
[19:55] <Skaag> that is, I want to be able to delete a file
[19:55] <Skaag> I tried glusterfs
[19:55] <Skaag> I'm actually using it, for machines that are on the same switch
[19:55] <Skaag> but they are not yet done with their WAN support
[19:55] <Skaag> so if you try glusterfs over WAN, it kills your machines
[19:56] <Skaag> I actually tried it
[19:56] <RoyK> you mean slow links?
[19:56] <Skaag> yes
[19:56] <oryxtec> Roynk: i m running asterisk on ubuntu and in asterisk i m tyring to load one php based agi but i does not work.. i had some issues on php and apache yesterday qman__: help me to fix those errors
[19:56] <RoyK> imho glusterfs isn't meant for slow links
[19:56] <Skaag> well, they are not really that slow... just between several data centers
[19:56] <oryxtec> today every thing is working fine.. but now
[19:56] <Skaag> but with 50ms ~ 60ms latency between them
[19:56] <oryxtec> php based agi is not working
[19:56] <RoyK> oryxtec: php-cgi?
[19:56] <oryxtec> yes
[19:56] <RoyK> oryxtec: perhaps the guys at #asterisk can help
[19:56] <Skaag> RoyK: That's right, it's not, but I discussed with them, they have one guy working on it
[19:56] <RoyK> better ask there
[19:57] <RoyK> Skaag: ok
[19:57] <oryxtec> let me try ther
[19:57] <qman__> oryxtec, I know LAMP very well, but I know nothing about asterisk
[19:57] <RoyK> oryxtec: does the script run as a normal user or the asterisk user?
[19:57] <RoyK> you might have to feed it with some info to test it, though
[19:58] <oryxtec> normal user
[19:58] <oryxtec> when i run this command
[19:58] <oryxtec> php /var/lib/asterisk/agi-bin/a2billing.php -v
[19:58] <RoyK> well, I don't know (and currently, I'm still banned from #asterisk after blaming them for being rather less professional than what I thought possible)
[19:58] <oryxtec> i get this error
[19:58] <oryxtec> PHP Parse error:  syntax error, unexpected T_GOTO, expecting T_STRING in /usr/src/a2b/common/lib/phpagi/phpagi.php on line 1227
[19:59] <RoyK> seems like a bug in the script to me
[19:59] <oryxtec> this is not an asterisk issue
[19:59] <RoyK> nope
[19:59] <RoyK> it's a script issue
[19:59] <oryxtec> yes
[19:59] <oryxtec> but on my other sever same script is working fine
[19:59] <RoyK> different php version?
[20:00] <oryxtec> same
[20:00] <axisys> is there a way to save some work and just clone a user account ?
[20:00] <oryxtec> i read from on form regarding this issue .. and they said
[20:00] <axisys> otherwise.. i will just make sure new account has same group and sudo privs
[20:00] <oryxtec> i had't installed php-pear package
[20:00] <Skaag> ok coda looks interesting
[20:00] <qman__> oryxtec, php-pear is installed
[20:00] <oryxtec> how can i check if this packge is installed on my server
[20:00] <Skaag> I need to remember if I failed it and on what basis, when I did my research 6 month ago
[20:01] <oryxtec> humm
[20:01] <RoyK> axisys: just set sudo to use a group and add that user to the group
[20:01] <oryxtec> rite
[20:01] <qman__> you can verify with `dpkg -l | grep php-pear`
[20:01] <axisys> RoyK: yep.. that is what I have.. so sudo part is not an issue.. but how about adding the user to same set of groups ?
[20:02] <oryxtec> qman__: yup its installed
[20:02] <axisys> i dont have a problem doing the manual way.. but dont want to miss out if there is some tool to do that quicker
[20:02] <RoyK> dunno if useradd can do that
[20:03] <RoyK> perhaps scripting up usermod will help
[20:03] <oryxtec> qman: any idea
[20:03] <oryxtec> on this?
[20:03] <qman__> sounds like a broken script to me
[20:03] <RoyK> axisys: perhaps scripting up usermod will help
[20:03] <qman__> that or it's not compatible with your PHP version
[20:03] <axisys> RoyK: sure.. i could just use puppet or chef solo i guess
[20:04] <RoyK> iirc something changed in gotos around php5.3
[20:04] <oryxtec> how can i check my php ver?
[20:04] <RoyK> php --version
[20:06] <qman__> I know there were a lot of scripts that broke with 5.3
[20:06] <oryxtec> hum
[20:07] <RoyK> backwards compatibility isn't really a high priority in php
[20:07] <RoyK> sadly, but true
[20:07] <RoyK> php has even broken backwards compatibilty in minor versions
[20:07] <oryxtec> qman__: please can you check this comments on ths form
[20:07] <oryxtec> http://forum.asterisk2billing.org/viewtopic.php?f=33&t=7799
[20:08] <RoyK> oryxtec: I really think this is an asterisk case, not an ubuntu server case
[20:10] <qman__> oryxtec, the software isn't compatible with 5.3 yet, according to those posts
[20:10] <oryxtec> Roynk: this is not an asterisk issue :( according to to this form php 5.3.2 is not compatilbe with
[20:10] <oryxtec> yes
[20:10] <oryxtec> php 5.2 is compatible. :(
[20:10] <oryxtec> can we install php 5.2 on it?
[20:11] <qman__> not cleanly or easily
[20:11] <oryxtec> can we try?
[20:11] <qman__> you'd have to grab packages from karmic, pin them to the old versions, and hope nothing breaks
[20:11] <qman__> or, find a PPA or compile from source
[20:11] <qman__> in any case, not something I'd run in production
[20:12] <RoyK> oryxtec: just uninstall the current php version, apt-get source the php package, copy the debian/ directory into the old php source tree and make a new package
[20:12] <oryxtec> server is not in production..
[20:13] <RoyK> using the current source and grabbing the debian/ dir for making a new package is far cleaner than using an old package
[20:14] <oryxtec> from last 1 week i have messing up with this server.. and finally qman__: help me to fix it up.. but now the issue is with php ver... i would love to try to uninstall and install all packages again but i don't wana mess up with this server again... i have to put this server in production in 1 day. :( other wise i will be in a really big troble
[20:14] <oryxtec> job risk :'(
[20:14] <_Techie_> oryxtec, what php script is stuffing up?
[20:15] <oryxtec> php ver 5.3.2 compatibilty issue
[20:15] <RoyK> oryxtec: it probably isn't too hard to fix the script
[20:15] <_Techie_> oryxtec, i dont wanna know the problem, i wanna know the script... we might be able to find an alternative
[20:16] <RoyK> _Techie_: hardly - it's some asstrix-thing
[20:16] <oryxtec> sorry for asking again but can u ssh into my server?
[20:16] <RoyK> there aren't too many of them around
[20:16] <RoyK> oryxtec: just upload the script somewhere or give me a link to the download site
[20:16] <oryxtec> ok
[20:16] <RoyK> oryxtec: you really don't want to ask people on an open channel to login to your box - beleive me
[20:17] <_Techie_> unless you trust them
[20:18] <RoyK> sure
[20:18] <oryxtec> http://pastebin.com/sNx22Fs6
[20:18] <RoyK> oryxtec: do you have an url for the original download? this was rather large.....
[20:18] <oryxtec> thanks for advice.. yes u r right
[20:19] <qman__> I see what's going on, it's defining a function called "goto()"
[20:19] <qman__> which was probably okay before, but isn't now
[20:19] <oryxtec> yes
[20:19] <oryxtec> i have the URL
[20:19] <oryxtec> do u want me to give it to u
[20:19] <oryxtec> ?
[20:19] <RoyK> perhaps rename that to ast_goto
[20:19] <RoyK> and its references
[20:20] <RoyK> oryxtec: otherwise, why would I ask?
[20:20] <oryxtec> ook
[20:20] <oryxtec> wget http://www.asterisk2billing.org/downloads/A2Billing_1.5.1.tar.gz
[20:21] <oryxtec> dman__:  ast_goto where is that syntax?
[20:25] <oryxtec> any findings?
[20:25] <RoyK> how should I test it?
[20:26] <oryxtec> php /var/lib/asterisk/agi-bin/a2billing.php -v
[20:26] <RoyK> give me a few minutes
[20:27] <oryxtec> sure
[20:27] <RoyK> I used to work with asterisk for about five years
[20:28] <RoyK> I hate that code
[20:28] <RoyK> but then - helping out somehow isn't bad
[20:29] <oryxtec> thanks :)
[20:31] <RoyK> just need to do a little svn magic - I hate diffing by hand
[20:32] <kirkland> SpamapS: sweet
[20:32] <kirkland> SpamapS: ajaxterm = awesome
[20:32] <oryxtec> Royk: in all forms it says that AGI is compatible with php 5.2 not with 5.3.2
[20:33] <RoyK> I guess the changes required are rather small
[20:33] <oryxtec> oooh ok
[20:35] <hggdh> Daviey: 0ubuntu3.1 works :-)
[20:35] <hggdh> so far...
[20:35] <axisys> what is the solaris `passwd -f uid ' equivalent in ubuntu? i want to force the user to change his password during first ssh login
[20:36] <RoyK> axisys: iirc you need to do some shadow magick for that
[20:38] <guntbert> axisys: does http://www.linux-noob.com/forums/index.php?/topic/2228-force-password-change/ help?
[20:39] <RoyK> oryxtec: the problem is, as mentioned earlier, is that they create a system call 'goto', which exists on newer versions of php. I can't figure out any references for that
[20:40] <oryxtec> soo wht should we do now?
[20:40] <RoyK> asterisk has that in its dial plan, which is ok, but I don't know anything about the relation between phpagi and this - it's not documented and not readable in the code
[20:41] <RoyK> for a start, try this one
[20:41] <RoyK> http://pastebin.com/P57r4Wg0
[20:41] <RoyK> download, cd into the dir with phpagi and patch -p0 < nameofdownloaded.patch
[20:42] <RoyK> or just apply the patch manually - it should be trivial
[20:43] <oryxtec> this is only 22 lines code which u sent me rite
[20:43] <RoyK> no, see - or +
[20:43] <RoyK> - means 'take away', + means add
[20:44] <RoyK> _two_ lines of code
[20:45] <RoyK> I find no references of the goto call anywhere in that code
[20:45] <RoyK> so changing the function name may be enough
[20:46] <oryxtec> let me do that
[20:48] <SpamapS> kirkland: how does it handle byobu?
[20:49] <kirkland> SpamapS: really well
[20:49] <kirkland> SpamapS: i have it going in my ec2 instance
[20:49] <kirkland> SpamapS: F-key shortcuts don't work
[20:49] <kirkland> SpamapS: but ctrl-a-<whatever> screen style does
[20:49] <kirkland> SpamapS: it's repainting the screen perfectly every time
[20:50] <kirkland> SpamapS: i can easily create a new binary package, byobu-webui, that depends on and configures ajaxterm
[20:52] <oryxtec> Royk : i have to admit you guys are really professinal and helpful.. you guys are really kind from last 2 days you have help me alot... thanks alot to you and qman__: finally this issue has been fixed as well
[20:52] <RoyK> works?
[20:52] <oryxtec> i m raelly greatful for you guys
[20:52] <oryxtec> yes
[20:53] <RoyK> nice
[20:53] <oryxtec> thanks alot once again
[20:53] <oryxtec> :)
[20:53] <RoyK> post my name and email on the patch :)
[20:53] <oryxtec> hehehhe sure
[20:53] <SpamapS> kirkland: yeah, marry that with ssl+mod_auth_pam and you have an ssh-free secure admin experience that works through most web proxies.
[20:54] <oryxtec> well i didn't patch i simply replace those syntax
[20:54] <RoyK> oryxtec: Roy Sigurd Karlsbakk <roy@karlsbakk.net> that is - they won't like it, though, the asstrix guys aren't very friendly with me, even if I did pay for the development of the jitterbuffer and PLC code......
[20:54] <kirkland> SpamapS: we can team up on the next fedex day if you like ;-)
[20:54] <SpamapS> kirkland: can EC2 key pairs be downloaded as SSL certs?
[20:54] <kirkland> SpamapS: don't know;  that's a question for smoser
[20:54] <SpamapS> would be pretty cool to be able to install it as an accepted client cert
[20:55] <smoser> i guess i dont understand what you're after.
[20:55]  * RoyK installs indianaOS
[20:55] <smoser> you get the private key when you create it
[20:55] <SpamapS> I mean, I'm still going to use SSH.. but I can see the occasional ruby dev turned sysadmin really appreciating it.
[20:56] <smoser> the public key is generatable from the private key, or obtainalbe from inside an instance
[20:56] <SpamapS> smoser: RSA key pairs are just that.. so if you could turn it into an x.509 cert, you could install it in your browser and use it to gain access to any SSL daemons that accept client certs
[20:57] <oryxtec> Roynk: you won't belive me.. once i paid some one in asterisk chanl that guy took my money and never finish my work
[20:57] <smoser> well, you have access to both private and public, so whatever you can do with that, you can do with that :)
[20:57] <RoyK> oryxtec: I do beleive you :)
[20:58] <SpamapS> kirkland: I'm down for doing that on the next fedex day for sure. Hopefully its before March. ;)
[21:00] <mathiaz> SpamapS: looking at http://people.canonical.com/~pitti/workitems/maverick/u/mathiaz-ubuntu-10.10.html
[21:00] <mathiaz> SpamapS: how often is the trend line calculated?
[21:02] <axisys> guntbert: thanks a lot
[21:03] <ttx> mathiaz: the trend line is based on day - 1
[21:03] <ttx> mathiaz: so it changes every day.
[21:03] <SpamapS> mathiaz: I believe the trend is turned up once a day has been superceded.
[21:03] <mathiaz> SpamapS: ok
[21:03] <guntbert> axisys: you're welcome :-)
[21:03] <SpamapS> so tomorrow yours may be closer to straight. ;)
[21:03] <mathiaz> SpamapS: I'd like to have it dynamic
[21:04] <mathiaz> SpamapS: it'd be better for my satisfaction ;)
[21:04] <ttx> mathiaz: like, using the current day value ?
[21:04] <mathiaz> ttx: well - when I update my WI - I'd like to see the progress I made
[21:04] <mathiaz> ttx: not something that is stale ;)
[21:04] <SpamapS> mathiaz: Agreed.. feedback is king. :)
[21:04] <ttx> mathiaz: but but but
[21:05] <mathiaz> SpamapS: o^5
[21:05] <ttx> mathiaz: you see that the green is above the line, that means "good"
[21:05] <mathiaz> ttx: right. I should also learn to read the burn-up chart
[21:06] <mathiaz> ttx: The only thing I'm looking at for now is the angle of the trend line
[21:06] <SpamapS> I've always ignored all the trend lines because they tend to be very distracting IMO.
[21:06] <ttx> the problem with using day 0 data is that the trends line ends up being pessimistic
[21:07] <mathiaz> SpamapS: could add a hide/show trendline button on the webpage?
[21:07] <mathiaz> SpamapS: ;) - I'm joking
[21:08] <ttx> mathiaz: or a mouseover so that the trends line shows if you hover on day 0 data
[21:08] <ttx> mathiaz: want to discuss your hadoop thing now ? Or else i'm reviewing jamesPage proposed branches.
[21:08] <mathiaz> ttx: re hadoop packages in maverick - WDYT about an email to ubuntu-devel@?
[21:09] <mathiaz> ttx: outlining the proposal and asking for feedback?
[21:09] <ttx> mathiaz: hmm
[21:10]  * SpamapS is about 1 for 4 on getting feedback when emailing ubuntu-devel
[21:14] <kirkland> SpamapS: agreed!
[21:14] <kirkland> SpamapS: maybe we'll have one right after RC
[21:16] <SpamapS> kirkland: I was thinking it should be right before the rally/sprint, where we can present it there.
[21:17] <SpamapS> If we can squeeze one in the week before UDS that would be cool too.. but I'm sure we'll all be busy preparing for sessions. :)
[21:26] <kirkland> SpamapS: i can make a little time, maybe :-)
[21:29] <SpamapS> kirkland: what would be awesome would be if ajaxterm's backend could be enhanced to say "if they used a client cert, cool drop them to the configured user's home dir, otherwise, pop up a getty"
[21:34] <Lichte> what's the command to find where a package has installed it's files ???
[21:35] <soren> Lichte: dpkg -L package_name
[21:36] <Lichte> thanks soren
[21:36] <soren> Sure.
[21:37] <Lichte> jeez, I can't believe how hard it is to get Trac installed
[21:38] <SpamapS> Lichte: A lot of web apps are never really packaged right for distribution.. they're just homegrown things that somebody tars up and throws out to the world. ;)
[21:43] <hallyn> jdstrand: how are you generating './configure' for the libvirt bzr tree?
[21:43] <jdstrand> hallyn: I'm not touching it
[21:44] <hallyn> it doesn't ship with git,
[21:44] <jdstrand> hallyn: at least, not intentionally
[21:44] <hallyn> oh, you start from the debian package?
[21:44] <jdstrand> hallyn: oh, for a new version?
[21:44] <jdstrand> hallyn: yes
[21:44] <hallyn> right
[21:44] <jdstrand> hallyn: do you want to know the full steps to compile from git?
[21:45] <hallyn> to most closely reproduce the ubuntu setup, yes
[21:45] <hallyn> well, i'll just do autogen with no options and see how that compares :)
[21:46] <jdstrand> hallyn: this is what I have in my notes to compile from git: http://paste.ubuntu.com/493835/
[21:47] <jdstrand> hallyn: you can do 'make dist-gzip' which should get you a release tarball. then you can untar it and toss the debian/ directory in there and go
[21:48] <jdstrand> hallyn: you may want to disable all the patches in debian/patches/series when doing that though, since they almost always have to be redone
[21:55] <Daviey> hggdh, yeah.. odd eh :)
[21:57] <hallyn> jdstrand: yes, i've pulled out the already-applied patches, and i just took debian/ from libvirt-0.8.3...
[21:57] <hallyn> jdstrand: but configure doesn't come with debian/, so not sure of my best approach
[21:58] <hallyn> i could just copy it in from maverick
[21:58] <jdstrand> hallyn: there is no configure with 'make dist-gzip'?
[21:59] <hallyn> serge@sergelap:~/delme/libvirt/libvirt-0.8.3$ make dist-gzip
[21:59] <hallyn> There seems to be no Makefile in this directory.
[21:59] <hallyn> You must run ./configure before running `make'.
[22:00] <hallyn> jdstrand: well, i'll look at the plain debian package and figure something out, thx
[22:01] <jdstrand> hallyn: I think I'd run autogen.sh without args and then use the debian/ directory
[22:01] <hallyn> jdstrand: that's where i'm at - which dies when trying to do make install-docs (in sbuild)
[22:01] <hallyn> jdstrand: i wasn't sure whether that would give me the right setup, but i'll see
[22:03] <jdstrand> hallyn: I had started a daily builder script
[22:04] <jdstrand> hallyn: it doesn't work, but I would apt-get the stuff I mentioned, do a git checkout, run autgen without args and then make dist-gzip
[22:05] <hallyn> (yeah, daily builder script is what i'm after)
[22:05] <jdstrand> hallyn: I can say that on any given day trunk may not build
[22:06] <hallyn> hm, maybe that's all it is then.  should'a tried that first
[22:14] <lifeless> SpamapS: whose our java dude now?
[22:15] <SpamapS> lifeless: that would be James Page :) not sure his IRC name
[22:15] <lifeless> SpamapS: I just remembered that I needed to raise the abi-in-package-name thing so that we don't have these massive-pileups when have a dep set is changed.
[22:17] <SpamapS> lifeless: right, I don't know how java manages ABI compatibility. From everything I've seen, there's a lot of embedding of specific revisions because there's no strong binding like native libraries have w/ soname
[22:18] <SpamapS> lifeless: James is in the UK, so we'll have to wait until tomorrow to ask him. ;)
[22:18] <lifeless> so a preponderance of java packages build via maven
[22:18] <lifeless> and use that to define the needed jars to compile
[22:18]  * SpamapS is somewhat amused by the confusion a word like tomorrow has when talking over the international date line
[22:19] <SpamapS> right, and the debian maven helper seems to do a good job of corralling that
[22:19] <lifeless> its a kludge
[22:19] <lifeless> several reasons
[22:20] <lifeless> firstly, its legitimate with the (noun forgotten) plugin method to have multiple versions of the same dependency loaded live into an appserver
[22:20] <lifeless> e.g. you load eucalpytus and hudson and they have different dependencies, the appserver can partition the loaded versions
[22:21] <lifeless> secondly,  because we can't represent the full richness of a maven repo, the helper is essentially lying :)
[22:26] <SpamapS> lifeless: I believe yes the debian maven helper defaults to creating a symlink that creates a special maven "debian" version if your maven spec doesn't ask for a specific revision
[22:27] <SpamapS> lifeless: but the actual versioned jar and spec should be there, and so, loadable.
[22:27] <SpamapS> lifeless: that said, I see what you're getting at, that we really need to package *all versions* if that is to work.
[22:30] <lifeless> SpamapS: the closure of referenced versions, yes. (Like we do with C library ABIs)
[22:32] <SpamapS> lifeless: the difference there is, the convention with C libs is to build depend on 'lib-dev' and then only diverge from that when the library changes in a huge fundamental way. The convention in java is to depend on the version you've tested with, and never really revisit that.
[22:33] <SpamapS> java programs tend to say "revision X works with lib version Y" and not update that version until a new version comes out.
[22:33] <SpamapS> So we'd end up with a lot more versions in the repository.
[22:35] <hggdh> Daviey: revno 1240...
[22:35] <lifeless> SpamapS: OTOH that gives a certain stability
[22:35] <Daviey> hggdh, I am aware :)
[22:35] <lifeless> SpamapS: it tends to mean that you can take a latest-release X and run it on ooold servers
[22:35] <Daviey> hggdh, Looks like an odd fix tbh
[22:36] <hggdh> Daviey: looking it up
[22:36] <Daviey> hggdh, Going to try it, but it looks like it attempts to - then logs a failure
[22:37] <Daviey> can't quite see how it resolves the real issue
[22:38] <hggdh> Daviey: what is the URL... I am confused by the many different versions of eucalyptus on bzr
[22:38] <SpamapS> lifeless: it also means you're supporting a lot more versions of libraries for the lifetime of the release though.
[22:39] <lifeless> SpamapS: policy vs implementation
[22:39] <lifeless> SpamapS: currently our implementation gives just one policy choice : one-version, and a downside - heinous transitions and inability to reliably rebuild/rebootstrap the java package chain.
[22:41] <SpamapS> Indeed, its not good. Thats why ttx had to fight so hard to get tomcat6 working just right.. and its a mature java stack.. something new like Cassandra has so much changing already, to throw in java library versions is a little scary.
[22:42] <SpamapS> lifeless: I'd hope, too, that it would only be a few versions each release that ended up being retained.. probably not as bad as it sounds when you actually do it.
[22:42] <Daviey> hggdh, http://bazaar.launchpad.net/~eucalyptus-maintainers/eucalyptus/2.0.0-lp/revision/1240
[22:43] <hggdh> Daviey: thank you. This is getting out of control :-(
[22:43] <Daviey> hggdh, awesome eh?
[22:43] <hggdh> Daviey: quite so, if I may say...
[22:44] <SpamapS> lifeless: one thought I had was to simply add a field to the packages that basically says "this package embeds this version of java library X" and then you just let them all embed their own jars.
[22:44] <lifeless> SpamapS: hell no.
[22:44] <SpamapS> lifeless: which would still let you repeat the build, as you could get the same verisons of said libs
[22:45] <Daviey> SpamapS, and if you need to fix a security issue in libjava-foo ?
[22:45] <SpamapS> Daviey: java doesn't have security issues ;)
[22:45] <Daviey> heh
[22:46] <Daviey> SpamapS, everything in java works perfectly :)
[22:46] <SpamapS> You would fix it in said version, and then look for packages that embed that version, and update them all.
[22:47] <hggdh> Daviey: is this is correct, the only thing I can think of is the groovy change (we usually get a lot of syntax errors on the groovy scripts)
[22:48] <Daviey> hggdh, nah.. looking at the merge history - looks to be unrelated
[22:48] <elb0w> How do I specify a different data directory for mysql
[22:48] <elb0w> in ubuntu
[22:49] <elb0w> We made the change in app aromor
[22:49] <elb0w> armor
[22:49] <elb0w> and now I just killed it
[22:49] <hggdh> Daviey: then I wonder how putting it in a try{} & reporting an exception is magic (unless the exception goes on to create the context)
[22:49] <SpamapS> elb0w: the apparmor profile should be loaded when you start it the next time.
[22:49] <SpamapS> elb0w: are you still getting a permission denied?
[22:50] <zul> elb0w: you will have to modify the apparmor profile as well
[22:50] <hggdh> Daviey: hum. That might well be it -- the exception in not percolating up the code now
[22:51] <Daviey> hggdh, So... currently it's going bang - and therefore throwing a 500
[22:51] <Daviey> now that is nicely handled, so continues to process the rest of the request
[22:51] <Daviey> is current theory
[22:52] <hggdh> sounds plausible. But there is only way to find out...
[22:53] <hggdh> but I still hate when fixes get mixed together with no explanations
[22:57] <Daviey> hggdh, totally
[23:00] <hggdh> Daviey: and I am not sure why we need to log an error *every* time an instance starts... but oh well.
[23:05] <Daviey> hggdh, agreed
[23:05] <Daviey> hggdh, if i push this patch to a PPA... are you around to test it?
[23:05] <Daviey> I need to go to bed :(
[23:05] <hggdh> Daviey: like if we had other things to do ;-)
[23:05] <hggdh> Daviey: yes, of course
[23:06] <hggdh> Daviey: push it off and get to bed, I will test it
[23:07] <Daviey> hggdh, splendid
[23:21] <Daviey> hggdh, Uploading now..
[23:21] <Daviey> hggdh, please out your feedback on either the ml, bug report or pm me here, and i'll see it in the morning
[23:21] <Daviey> hggdh, you rockin'
[23:21] <Daviey> hggdh, *ubuntu3.2 fwiw
[23:22] <Daviey> (although really r1240)
[23:22] <hggdh> Daviey: will do
[23:22] <Daviey> hggdh, :)
[23:22]  * Daviey grabs some much needed Zzzzzz's
[23:23] <Daviey> o/
[23:23] <hggdh> :-)