/srv/irclogs.ubuntu.com/2010/09/20/#ubuntu-server.txt

=== sailerboy is now known as zz_sailerboy
=== dendro-afk is now known as dendrobates
=== zz_sailerboy is now known as sailerboy
=== dendrobates is now known as dendro-afk
=== sailerboy is now known as zz_sailerboy
Guest22179How are we supposed to get sun-java6-jre on 10.04?01:36
=== Guest22179 is now known as AdamDV
cakeeptest02:53
=== cameron is now known as ftcameron
ftcamerongday .. I'm sorry to ask this, but I've been searching for ages now to get networking running ... 10.04 standard kvm.  tun is 666 and I'm in libvirtd,kvm groups.  error is failed to add tap interface to brudge...03:22
ftcameronbrctl addif virbr0 tap0 -> interface tap0 does not exist!03:23
MTecknologySo.. I thought I was using ecruptfs- now I'm not sure. Is there any really really easy to to tell if I am or am not using it?03:26
MTecknologyI looked in mount and didn't see .Private mounted which is what's making me second guess this03:26
=== zz_sailerboy is now known as sailerboy
=== sailerboy is now known as zz_sailerboy
arrrghhhok so i'd like to visualize free hard disk space on my server - is there a PHP gui or some such thing i can use on my server?  file light is cool... i guess i could forward it over X...04:03
SJrHow do I prevent a package from being upgraded in ubuntu?04:18
arrrghhhSJr, let me google that for you.... http://www.ubuntugeek.com/how-to-prevent-a-package-from-being-updated-in-ubuntu.html04:19
SJrthanks you saved me the trouble of having to google it myself04:20
astmSJr: you set in /etc/apt/apt.conf.d/50unattended-upgrades04:20
astmUnattended-Upgrade::Package-Blacklist {04:20
arrrghhhastm, that only works for automatic updates...04:20
ScottKSJr: Why do you think you want to stop a package upgrade?04:23
SJrBecause the update version is the devil04:23
arrrghhhlol04:23
arrrghhhsettle down there mrs. palin...04:23
ScottKSJr: If there's a broken update, we should address the problem.  What package and what update and why?04:23
SJrautofs is broken in Ubuntu 10.04, after months of trying to fix it, and live without it, I came accross the idea of simply using the one from 9.10, and that worked, except I just found out that it got upgraded.04:23
SJrI can't find a good link but there are a bunch of bug reports out there for this already04:25
=== unreal_ is now known as unreal
=== _TechAway_ is now known as _Techie_
=== _Techie_ is now known as _TechAway_
=== _TechAway_ is now known as _Techie_
sandGorgonanybody know if there is a postgresql-9 ppa for ubuntu ?06:43
YankDownUnder...have you checked their project home page?06:44
=== nxvl_ is now known as nxvl
lifelessSpamapS: hey, around?08:05
=== Qwert is now known as Aqaz
Name141What is LVM?08:44
Name141!lvm08:44
ubottuTips and tricks for RAID and LVM can be found on https://help.ubuntu.com/community/Installation/SoftwareRAID and http://www.tldp.org/HOWTO/LVM-HOWTO - For software RAID, see https://help.ubuntu.com/community/FakeRaidHowto08:44
Name141oh08:45
Name141so I don't need it for a home server08:45
Name141Will I be able to select what I want during setup , or will it be like the desktop edition and just install stuff at random08:59
mgolischName141: i think the server setup runs tasksel during installation09:16
Name141mgolisch: yeah I (tried) to select samba server09:18
Name141and then let it go09:18
Name141hopefully it'll be more compact09:19
ejathi .. may i know what the differ between root device : instance vs ebs ?09:21
Name141how do I force acpi again ?09:27
Name141I have to edit grub2 right?09:27
=== bigjools is now known as bigjools-afk
=== maedox is now known as maedox|afk
Zaasi am stuck on user permissions: can you create a user that cannot browser your config files (/etc/apache2/sites-available for example)10:40
Zaasor am i not thinking straight here? running php with fcgid and suexec and open_dir('/') just worries me10:41
Zaasanyone can help me on user permissions?10:46
Zaasdoes anyone see my chat? (had before that webchat from me was not visible)10:54
zaashi, can anyone see me? (webchat failed 10 mins ago)11:07
Davieyzaas, o/11:09
zaasnice. so i have a question about user permissions. I run apache, suxexec, fcgid and php and i don't like that open_dir('/') works fine... am i missing something?11:10
=== ivoks-afk is now known as ivoks
zaasor more general: can you prevent users to list directories?11:15
=== Qwert is now known as Aqaz
=== Aqaz is now known as Qwert
joschizaas: in general yes, make sure that the user/group don't have read or execute rights on the directory11:31
joschizaas: in your special case open_basedir restrictions in PHP might do the trick11:31
=== Qwert is now known as yuio
=== maedox|afk is now known as maedox
zaasjoschi: but there must be a reason that /etc/apache/sites-available/ has r on user, group and world? figuring out wether openbase_dir is considered safe, read something about that not being true11:41
zaascan't chmod my whole server :)11:41
zaasin sftp mode it was quite easy11:42
joschizaas: why shouldn't /etc/apache/sites-available/ be world readable?11:42
zaasyou can read its config?11:42
joschizaas: what?11:42
zaaswell, is it not bad that any user on the system sees how my virtual hosts are configured?11:43
joschizaas: that depends on your users. you can change the permissions if you need to.11:43
joschizaas: if you want it really secure, don't give anyone an interactive shell and remove PHP or any other dynamic scripting languages from your webserver11:44
zaashaha :)11:44
zaasthe shell is not so hard11:44
zaasand exec and some other commands are easy to disable in php.ini, but the fact they can list and read stuff outside /var/www/user/public just bugs me11:45
zaascan you change those permissions on user-level?11:45
joschizaas: I already told you to set open_basedir accordingly11:45
zaasi know, and i responded to that as well: heard some rumors of it not being safe11:46
joschizaas: of course you could always put the php processes inside a chroot environment. but that's a lot of management overhead11:46
joschizaas: well, if you don't like it, don't use it.11:46
zaasi would like it a lot, if it works of course. you rely on it?11:47
zaasjust wondering how veteran ubuntu server maintainers deal with these kind of things11:47
joschizaas: yes, but not exclusivly11:47
zaassemi-new to it all11:47
zaaswhat other measures have you taken then in your PHP environment?11:48
joschizaas: proper permissions, SuExec/SuPHP and for "special guests" chrooted php processes11:49
joschizaas: plus a sensible AppArmor configuration11:49
joschizaas: or grSecurity/RBAC on other systems (!= ubuntu)11:49
zaasjust ubuntu. Boy, it's no walk in the park to manage a server :) fun though. Does ubuntu come with apparmor configured sensible?11:50
joschizaas: not for all applications11:51
joschizaas: and it depends a lot on your setup11:51
zaasi have done a apt-get only11:51
zaasnothing preinstalled but ssh11:52
zaasjust apache, ruby, php and mysql11:52
zaasbut did you change persmissions on your sever config folders like apache?12:00
Tomashhey ....12:02
Tomash i have a problem with my ubuntu server installation, i try to install 10.04 on a ibm server with hardware raid5 on a 2.5 tb volume, after a successful installation, my server don´t find any bootloader. hope for help12:02
\shTomash: gpt partition table?12:03
Tomash\sh : yes ...becaus >2tb12:04
\shTomash: imho grub can't boot from gpt tables...but there should be a new gpt partition table label, named gpt-bios12:04
Tomash\sh : yes, right ... this is already there12:05
\shok..then I don't know...I just have always a system partition with msdos label for the system to boot, and the storage device is mostly gpt with partitions > 2TB12:06
Tomash\sh : ok , then I ll try this ... thx12:08
=== BlackZ_ is now known as BlackZ
Tomash\sh : how I change in the installer the label to msdos ?12:47
=== _Techie_ is now known as _TechAway_
progre55hi guys. How can you install sun-java6-jdk on ubuntu-server from a command line, and automatically accept the licence agreement, without user interaction?12:49
\shprogre55: via preseeding and these settings: http://paste.ubuntu.com/496972/12:50
=== rgreening_ is now known as rgreening
\shTomash: I never did that via installer, I'm deploying via FAI...12:50
\shTomash: eventually you need to trigger "parted" manually from the CLI12:50
Tomash\sh : i ve no parted and mklabel in the installation process :( ....12:51
Tomash\sh : i ll think, first install the system, then change the label and try a new installation12:52
pmatulishas anyone ever heard of the root account expiring?  :)12:52
pmatulisi'm seeing this on a hardy server12:52
pmatulispam_unix(cron:account): account root has expired (account expired)12:52
\shTomash: oh well...what about totally recreating your partition layout? it should automatically detect the right label...sorry...I'm long gone to deploy any server manually with big storages, only doing that automatically12:53
\shpmatulis: On hardy I don't have any root password which could expire ;)12:54
Tomash\sh : no, the server set automatically an gpt label12:54
progre55\sh: thanks. and what's preceeding?12:54
pmatulis\sh: it's not the password, it's the account12:54
\shTomash: yes, when you created a partition first with >2TB, yes...you need to get rid of the partition layout first...could you make 2 volumes on your raid device, one less 2TB for system, and the other one with the >2TB part?12:55
\shprogre55: man debconf-set-selections.... there you have a manual about preseeding..the license agreement is a debconf questions, which can be preseeded12:56
Tomash\sh : ok, thx, then i try this12:57
\shpmatulis: I never heard about "account expiring" but "password expire" (man password /-e)12:57
\shpmatulis: oh, i never tried usermod --expiredate on a root account, eventually someone tried that ? ;)12:59
pmatulis\sh: i saw that as well but i'm looking for a cause right now12:59
\shpmatulis: "usermod --expiredate 1 root" ? I don't know if that will ever work, but that could be a cause13:00
progre55\sh: thanks, appreciate13:00
progre55\sh: another question, please. As far as I got it, you can just put those settings in a file (e.g. java_license), and before you "apt-get install" java, you say "sudo debconf-set-selections java_license", right?13:20
ztripezi'm trying to install slapd in ubuntu 10.04 server.. but i can't find slapd.conf13:32
pmatulisztripez: there is none13:34
ztripezpmatulis, oh?13:35
ztripezi guess https://help.ubuntu.com/community/OpenLDAPServer is out of date then..13:35
pmatulisztripez: did you read the first few paragraphs?13:36
ztripezpmatulis, uhm no.. did i miss something?13:37
pmatulisztripez: yes.  please read13:38
pmatulisztripez: since Oct 2008 ubuntu does not use slapd.conf.  now using so-called 'cn=config' configuration method13:39
ztripezpmatulis, oh.. i miss that part yes ;)13:40
pmatulisztripez: so ldap configuration is in ldap itself.  changes are immediate, no need to restart, blah blah blah13:40
ztripezpmatulis, i see13:41
pmatulisztripez: https://help.ubuntu.com/10.04/serverguide/C/index.html13:41
ztripezpmatulis, thanks13:42
pmatulisztripez: yw13:45
uvirtbotNew bug: #643477 in nmap (main) "package nmap 5.00-3 failed to install/upgrade: Package is in a very bad inconsistent state - you should  reinstall it before attempting a removal." [Undecided,New] https://launchpad.net/bugs/64347713:46
ehcahHello. Can someone point me to a tutiorial that will allow me to have vnc4server start automatically after a reboot? I'm running Ubuntu Server 10.4 without a desktop enviroment.13:49
ehcahEverything I find is old.13:49
\shprogre55: yes that's the thing to do14:05
\shprogre55: sorry...had a meeting14:05
progre55\sh: thanks man, truly appreciate )14:06
=== dendro-afk is now known as dendrobates
=== ivoks is now known as ivoks-brb
zaasdo you know if with php-cgi (mod_fcgid) and suxexec you can parse a second php.ini and also use /etc/php/cgi/php.ini?14:48
zaas(not using php)14:48
zaascan you do this in a vhost?14:48
uvirtbotNew bug: #643531 in samba (main) "package winbind 2:3.4.0-3ubuntu5.6 failed to install/upgrade: subprocess new pre-removal script returned error exit status 137" [Undecided,New] https://launchpad.net/bugs/64353114:51
duanebI have a *NEW* question: does the server install force you to install all the files included on the cd? Or does it install a minimal base system + optional packages?14:55
peacesare there any problems with putting a normal user in the www-data group14:56
remix_tjpeaces: no there is not14:56
remix_tj*are not14:56
duanebRight now I'm debootstrapping a bare bones system onto a hard drive and finishing the "installation" with a chroot14:56
duanebwhich is less than optimal14:56
remix_tjduaneb: it does install only the needed things, the others are optional14:57
duanebany chance there's a list somewhere of what is installed with zero extra packages?14:57
duanebor at least how large the base system is?14:57
remix_tjduaneb: if you use the alternate cd you can install only the base system, whitout any optional14:58
duanebhrm14:59
duanebinteresting14:59
duanebthat's the ncurses interface?14:59
duanebI mean, I am interested in running server software, so the ubuntu server image is useful15:00
duanebI'm just wary of installing it with my limited space15:00
uvirtbotNew bug: #642932 in mysql-5.1 (main) "mysqld crashed with SIGSEGV" [Low,Incomplete] https://launchpad.net/bugs/64293215:01
peacesdoes/can a system-wide ssh authorized_keys file exist?15:05
oraclei want all the crap that runs on startup, like bluetooth which i dont need15:08
oracleto stop loading modules15:08
hggdhbug 5608 <- can't we fix it? Seems only a change on permissions would do the trick15:10
uvirtbotLaunchpad bug 5608 in samba "SWAT expects to authenticate as root" [Unknown,Confirmed] https://launchpad.net/bugs/560815:10
ehcahHello. Can someone point me to a tutiorial that will allow me to have vnc4server start automatically after a reboot? I'm running Ubuntu Server 10.4 without a desktop enviroment.15:23
arrrghhhehcah, without a DE...?  so what does vnc do for you?15:26
ehcahI just want to be able to get to the terminal.15:27
arrrghhhssh :D15:27
ehcahor basic x in environment.15:27
arrrghhhmuch much easier & more secure.15:27
ehcahI want to do this from my LAN though.15:27
arrrghhhwell if you don't have any DE, what does X do for you?  you can just forward any X apps over ssh as well.15:27
arrrghhhdoesn't matter15:28
ehcahok.15:28
arrrghhhi ssh on my lan every day.15:28
arrrghhhif you have a DE, using vnc makes sense15:28
ehcahThe other option is to manage through webmin?15:28
arrrghhhwithout one... it really doesn't to be honest.15:28
arrrghhhi thought you wanted the terminal...15:28
ehcahI do.15:28
arrrghhhi use webmin as well tho15:28
permalac_hi, my apache 2.2.14 has exploded on ubuntu 10.04 .    this is the answer to a restart : /usr/sbin/apache2: symbol lookup error: /usr/sbin/apache2: undefined symbol: apr_atomic_xchgptr15:28
arrrghhhso you can manage thru the terminal or webmin.  i wouldn't do updates or installs thru webmin tho.15:28
permalac_i've been googling arround and looks like there is no fix yet.15:29
ehcahWebmin updates are horrible.15:29
ehcahtoo slow or times out.15:29
arrrghhhehcah, yes so just do updates thru aptitude or apt-get via ssh ;)15:29
permalac_so, how I can go back on the package versión ?   by command line if possible.15:29
ehcahOk.15:29
arrrghhhpermalac_, so you compiled apache yourself?15:29
ehcahI started out with Fedora 12 and a product called Amahi.15:29
arrrghhhehcah, amahi's cool.15:29
ehcahYep.15:29
arrrghhhif that's what you need haha15:29
ehcahI think I can replicate it with Ubuntu15:30
ehcah?15:30
arrrghhhi just want a few pieces of it15:30
arrrghhhoh yea15:30
arrrghhhi have15:30
permalac_arrrghhh: nope, just updated, and installed munin-node15:30
arrrghhhsome parts are harder than others i would imagine15:30
arrrghhhpermalac_, so you think munin-node did it...?  i'm not sure what that is.  i run apache, but am by no means an expert on it.15:30
ehcahI'm very new to linux. I got comfortable with Ubuntu and F12 started to mess me up.15:30
arrrghhhlol15:30
ehcahI knwo they're close, but...15:31
arrrghhhyea, fedora is a little odd15:31
ehcahI also have xbmc live on a few pc's and ubuntu DE + xbmc in my theatre room.15:31
arrrghhhthere's a lot of differences.  granted it's all the linux kernel... but a lot of the userland stuff is different, which is to be expected.15:31
ehcahI was starting to confuse the OS's.15:31
permalac_arrrghhh: no, I don't think so, now it's not activated on the sites, and still does not work. I just though that if I want help I must give all the information. that's all15:31
arrrghhhbut yea if you don't have a DE, just use ssh.15:31
ehcahk.15:31
ehcahssh will also allow me to remote in over the web as well I beleive?15:32
arrrghhhpermalac_, huh... well i'm not sure and i'm late for work :P  just copyin stuff over to my phone before i leave.15:32
arrrghhhehcah, if you open up the ports15:32
arrrghhhi forward ssh to an odd port above 102415:32
permalac_arrrghhh: any suggestion? fast fast. :)15:32
arrrghhhif you forward 22 over the internet, you're just asking people to brute force it.15:32
arrrghhhpermalac_, i mean you could try purging & reinstalling apache...15:33
arrrghhhalrighty g2g15:33
arrrghhhhave a good one guys15:33
=== unreal_ is now known as unreal
SpamapSlifeless: pong15:38
=== 18VABJFG3 is now known as jfluhmann
ztripezWhen i use the install guide (https://help.ubuntu.com/10.04/serverguide/C/openldap-server.html) for slapd, and when i'm about to add the frist entry i get an error16:00
ztripezldap_add: Naming violation (64)16:00
ztripezadditional info: value of single-valued naming attribute 'dc' conflicts with value present in entry16:00
=== ivoks-brb is now known as ivoks
mdlueckI am not able to get our Ubuntu Server 10.04 to detect USB HDD's or USB Flash Drives currently. Last worked around two months ago. Linux seems to see the USB 2.0 and 1.1 as I see those drives load at boot time. Anyone else having similar troubles?16:04
maedoxmdlueck, you mean they don't show up with fdisk -l ?16:06
mdlueckmaedox: Usually I see messages in syslog for the PnP event. syslog is completely quiet currently. Verbose as ever on Ubuntu Desktop.16:07
mdlueckmaedox: Also /dev/disk has only the internal RAID drives16:08
mdlueckmaedox: Excuse me, /dev is where the recognized partitions show up at16:09
maedoxmdlueck, ok, odd. Not sure I can help you. Are your USB-ports working with a keyboard?16:10
mdlueckmaedox: I guess I could double check. Server is connected to a KVM via PS/2 connectors currently.16:11
mdlueckmaedox: Good idea, will IPL the server... be back in a while...16:12
maedoxmdlueck, best to be sure. I have to run now, but I'll be back later. Someone else can hopefully give some input.16:12
mdlueckmaedox: Thanks for that idea at least! :-)16:13
=== oubiwann is now known as oubiwann-away
=== oubiwann-away is now known as oubiwann
pmatulishas anyone used the pkinit protocol extension to kerberos?16:17
hallynttx: anyone in particular who should be assigned the ubuntu-release-notes part of the qemu-sdl bug?16:21
ttxhallyn: no, those will get reviewed as we go closer to release16:22
hallynttx: ok, thanks16:22
=== mathiaz_ is now known as mathiaz
SpamapSpmatulis: that rings a bell.. is that the stuff that helps you talk to windows?16:24
pmatulisSpamapS: it provides SSL certificate support to kerberos16:25
MACscris there a hotfix available for ubuntu 8.04 LTS for this new kernel exploit?16:25
=== luis__lopez is now known as luis_lopez
PiciMACscr: Yes. http://www.ubuntu.com/usn/usn-988-116:26
pmatulisPici: i think he means a fix that does not require a reboot16:27
Picipmatulis: Then no, its a kernel bug.16:27
mdlueck"kernel = IPL" in my mind at least16:27
pmatulisMACscr: some hotfixes have been proposed but have not stood up to the test16:27
pmatulisMACscr: what release are you running?16:28
pmatulisMACscr: sorry, 8.0416:28
MACscrunfortunately 8.04, so i cant use ksplice =/16:28
MACscras they dont have a xen kernel version16:28
MACscrfor hardy16:28
MACscrman i love ksplice16:29
SkaagHey16:29
SkaagI started installing the Percona binaries of MySQL Server, for Ubuntu. But in the middle of installation, a conflict was discovered with mysql-server-core-5.1, since both packages contain some man file. now I can't remove the old one, and can't install the new one.16:29
MACscrall of the rest of my servers were pretty much patched instantly16:29
pmatulisMACscr: Hardy is at least not vuln to 3301 AFAIK16:29
Skaaghow to I cancel the pending percona installs16:29
Skaagso I can quietly remove the original mysql-server16:29
Skaags/to/do/g16:30
Skaagok never mind, I managed with aptitude16:35
SpamapSpmatulis: ahh, not the same thing then16:37
MACscrok, im a bit confused, i just ran apt-get update/upgrade and i see that it setup: linux-headers-2.6.24-28-xen (2.6.24-28.79). It also says im running 2.6.24-28-xen right now. I do not see a kernel available in my /boot/ folder to change to the .79 version16:40
MACscrsince its a minor change, do i just need to reboot and the new kernel just replaced the existing one?16:40
pmatulisMACscr: yes16:41
FunnyLookinHatWhoah - just got this error: Err http://archive.ubuntu.com/ubuntu/ lucid-updates/main libwbclient0 2:3.4.7~dfsg-1ubuntu3.1 :  404  Not Found [IP: 91.189.88.30 80]16:46
FunnyLookinHatTrying to install mencoder...16:47
SpamapSFunnyLookinHat: apt-get update16:47
FunnyLookinHatAh of course.16:48
FunnyLookinHatWow16:48
FunnyLookinHatThanks SpamapS16:48
SpamapSFunnyLookinHat: its a good idea to just apt-get update before every apt-get install/upgrade/etc.16:48
* SpamapS wonders if aptitude does it automatically16:49
* FunnyLookinHat doubts it - given the error I just encountered. :)16:52
MACscrFunnyLookinHat: were you using aptitude then? or apt-get16:53
FunnyLookinHatYeah16:53
FunnyLookinHatI always use aptitude16:53
FunnyLookinHatapt-get feels too cheeky16:53
MACscrlol16:53
FunnyLookinHatSRSLY!16:53
etheretichello! is this the place to ask network-related questions?16:56
Jeeves_That depends!16:57
Jeeves_Give it a try :)16:57
mdluecketheretic: Try, this is the place for chat related to Ubuntu Server16:57
ethereticJeeves_: keywords - wifi, partially work, wonky dns, heeelp. qualify? 8-)16:58
ethereticwas tossed over here from #ubuntu.16:58
Jeeves_etheretic: Just ask the question :)16:59
mdlueckOK, from above, starting over... >    I am not able to get our Ubuntu Server 10.04 to detect USB HDD's or USB Flash Drives currently. Last worked around two months ago. Linux seems to see the USB 2.0 and 1.1 as I see those drives load at boot time. I attached a USB KB directly and the server boots up and is able to use the USB KB plugged into the same USB port I was trying the USB HDD in.16:59
mdluecketheretic: And you are running Ubuntu Server? If not, then I have no idea why you would get "tossed" to the server room.17:01
ethereticJeeves_: i'm on an open access wifi signal. it usually behaves, but lately it has bcome unreliable; irc and p2p (transmission) works, whereas ping, amule, firefox and updates don't. ried other dns servers (8.8.8.8, 8.8.4.4) but no joy.17:03
Jeeves_etheretic: Who runs the wifi network?17:03
ethereticmdlueck: no, desktop. which is why i though the #ubuntu hint a bit odd.17:04
Jeeves_Anyway, diner!17:04
ethereticJeeves_: no idea. but they are connected to getinternet.no17:04
Jeeves_etheretic: You're not seriously asking people all over the world why your neighbous network doesnt work, right?17:05
Jeeves_Anyway, diner17:05
mdluecketheretic: Perhaps you just fried their brain circuits (shrug)17:05
ethereticwhy isn't there an #ubuntu-networking channel, anyway?17:06
SpamapSetheretic: err, this is about as close as it gets. :)17:06
mdluecketheretic: There is... Networking the desktop OS or serer OS... :-)17:07
ethereticmdlueck: #ubuntu-wifi-woes then.17:07
SpamapSetheretic: wifi networks are quite prone to external interference...17:07
=== dendrobates is now known as dendro-afk
SpamapSetheretic: what actual evidence do you have that transmission works?17:08
mdluecketheretic: reminds me of the old usenet group barny.die.die.die.die17:08
ethereticSpamapS: think you're right. only sensible explanation for the mercurial behaviour of this connection.17:09
* etheretic pines for alt.pave.the.earth17:09
SpamapSetheretic: a nice simple test of your wifi network is just to ping your gateway IP with 1500 byte packets17:10
SpamapSsudo ping -s 1500 x.x.x.x17:11
SpamapSetheretic: if you're getting packet loss with that, then your issues are the wifi. I'd suggest repositioning the anetenna, or changing wifi channels.17:11
mdlueckIsn't there a nice GUI signal quality indicator in Ubuntu Desktop? If so, what signal strength does it show?17:12
etheretic31%17:12
macnohi guys, I'm having a strange issue with apache2 and ipv6 virtualhost17:13
ethereticguess canging to vicd wouldn't make a difference.17:13
=== dendro-afk is now known as dendrobates
mdluecketheretic: Perhaps that is not enough signal to get a reliable connection17:13
macnois there someone who have it working?17:13
ethereticmdlueck: have had peachy connection with 20%.17:14
mdlueckThe cards I have are NetGear brand, with the Athos chipset. I do not normally use wireless though.17:14
mdlueckI have used their PCI cards, and PCCard is a WAG51117:15
mdlueckI forget the PCI PN#17:15
SpamapSmdlueck: signal *strength* yes17:16
SpamapSbut quality is another thing ;)17:16
SpamapS31% should be fine17:16
ethereticSpamapS: can't for the life of me remember the relevant command to map the immediate network neighbourhood.17:16
mdlueckSpamapS: Like I said, I prefer sending my data over ether vs air! ;-)17:17
SpamapSetheretic: map? why would you want to map it?17:17
SpamapSmdlueck: convenience trumps performance for the more pragmatic. :)17:17
ethereticSpamapS: to find the address of my gw.17:17
jjohansen 17:18
SpamapSetheretic: route -n | grep 0.0.0.017:18
ethereticroute!17:18
* etheretic beams17:18
ethereticpaste? not much.17:19
ethereticI'd hazard 192.168.1.0 .17:20
SpamapSetheretic: take off the grep portion and you'll see that the second column is the gateway17:20
etheretic192.168.1.1 then.17:21
smoserkirkland, http://aws.typepad.com/aws/2010/09/new-amazon-ec2-feature-bring-your-own-keypair.html17:23
ethereticSpamapS: pinged. it's in the 4-70 millisecond range.17:24
ethereticlink monitor is nice and blank, suddenly. h'm.17:26
uvirtbotNew bug: #625849 in clamav (main) "Upcoming release fixes bzlib security issue" [Medium,Fix released] https://launchpad.net/bugs/62584917:27
ethereticSpamapS: this smacks of wifi woodoo - just poked it, and it suddenly decided to work!17:29
uvirtbotNew bug: #643682 in clamav (main) "DoS due to PDF parsing issues" [Undecided,New] https://launchpad.net/bugs/64368217:32
SpamapSetheretic: :)17:32
SpamapSetheretic: your neighbors probably turned off their phone. ;)17:32
etheretic8-)17:33
ethereticanyone encountered the iotop/iowait bug?17:34
ethereticCONFIG_TASK_DELAY_ACCT not enabled in kernel, cannot determine SWAPIN and IO %17:34
etheretic...which makes iotop rather stunted.17:35
SpamapSWe've heard cries for it to be re-enabled yes.17:36
kirklandsmoser: it's about damn time17:37
ethereticoh.17:37
ethereticback in 10.10? :)17:37
uvirtbotNew bug: #643698 in net-snmp (main) "Can not install snmp" [Undecided,New] https://launchpad.net/bugs/64369817:46
thesheff17has anyone purchased EC2 reserved instances here?  I was wondering how long they take to become available?  Mine just keep saying payment-pending...I'm also checking with my company to see if something is wrong with the credit card.17:47
peacesif i add a user whom i want sudo privileges granted, i add the user and put them in sudo group. i put their public key in authorized_keys and they can ssh in without a password. but sudo asks them for a password and none is set. is there a solution for this that doesn't involve giving them a password? also what about 'su'ing to different users (without passwords set) once logged in as one with pub key auth?18:19
=== Qwert is now known as linux_
=== linux_ is now known as Qwert
=== ivoks is now known as away
=== away is now known as ivoks-away
\shpeaces: sudo without a password doesn't work....you can give the NOPASSWORD: flag in your sudoers file, or set a password18:28
peaces\sh: i've read you are only supposed to edit the sudoers file with visudo as root. can this operation be scripted?18:29
auor nano /etc/sudoers as root :>18:30
maswanpeaces: I set passwords, is there a particular reason why you don't want to set them? :)18:32
peacesmaswan: users won't use passwords for anything else, they log in over ssh with key authentication. i was just hoping i could get away with giving them sudo power without a password as well18:32
maswanpeaces: sure. hm. can you set the NOPASSWORD flag on the adm group perhaps?18:33
PiciIts the 'admin' group, 'adm' is for log file access mostly.18:34
\shpeaces: you can script it, or much better use sudo-ldap with a ldap server18:34
maswanwell, yes, that one18:34
peaceswhy should i not add a line to /etc/sudoers with a bash script18:36
t11mgot a box with logical volumes and i need to expand one.  is there any prep i need to do prior or can i just run lvresize18:39
=== unreal_ is now known as unreal
=== ivoks-away is now known as ivoks
Qwertupdate-manager19:23
Piciout-of-context-words19:24
QwertSorry19:24
PiciOkay then.19:26
azaqIs it advisable to install ubuntu-desktop package on Ubuntu server?19:27
Piciazaq: Most people don't, then again, we get alot of people here asking how to do it.19:30
azaqPici: Yes, but is it advisable to install?19:31
Piciazaq: I'd say no.  There aren't many graphical administrative anyway, you'll be doing most of your admin work on the terminal/tty.19:32
azaqPici: Agreed, but is there any harm to have a desktop?19:33
mathiazttx: hi!19:33
ScottKPart of the answer depends on if you care about long term support.19:33
mathiazttx: I ran into bug 64100119:33
uvirtbotLaunchpad bug 641001 in puppet "cacrl should be use instead of hostcrl when generating apache2 passenger configuration" [Medium,Triaged] https://launchpad.net/bugs/64100119:33
ScottKServer is supported 5 years, desktop only 3.19:33
mathiazttx: I was wondering if I should push that in maverick or wait for maverick-updates to open?19:34
mathiazttx: the impact is that apache2 ssl configuration uses the wrong CRL19:34
azaqScottk: Yes, but I'm still not able to understand as to why one cannot have display manager?19:34
mathiazttx: thus revoked puppet client won't be denied access to the puppet master by apache19:34
ScottKazaq: You can.19:34
ScottKIt's just no longer what we'd call a server.19:34
azaqPici: Well i wanted to know about using display manager and not tranforming it to ubuntu desktop19:35
azaqScottk: using 'sudo apt-get install ubuntu-desktop' will only give it a display manager. Why it would not be called server? Will that transform it to ubuntu-desktop(As in transforming Ubuntu to Kubuntu by removing ubuntu-desktop, libroot2 and then installing kubuntu-desktop) ?19:37
ScottKIt wiil.19:37
azaqBut I'm not removing server..19:38
ScottKRight, but the base server is essentially desktop without the desktop.19:39
Name141how do I setup a user for the secured samba folders so that I can login to that folder?19:39
azaqScottK: Then why it should affect?19:39
ScottKIt mostly shouldn't.19:39
ScottKBut use of desktop apps isn't supported in this channel.19:40
Name141do I put the normal user as 'admin users = melissa19:40
Name141er..19:40
azaqScottK: Sure..Most likely what all can it affect? All ttyl work can be performed by terminal19:40
Name141do I put the normal user as 'admin users = loginname' , then use explorer to login like I would on the machine ?19:40
Name141Or is there another way?19:41
ScottKazaq: More packages installed, more load on the system, more things to go wrong.  Generally on a server you want to limit it to what you need to do the servers job for performance and security reasons.19:42
=== ivoks is now known as ivoks-dinner
azaqScottK: Pici: Could you suggest me commands manual for working on ttyl?19:42
azaqScottK: Agreed.19:42
ScottKazaq: The Ubuntu Server Guide gives lots of examples https://help.ubuntu.com/10.04/serverguide/C/serverguide.pdf19:43
azaqScottK: Thank you19:43
=== jsalisbury is now known as jsalisbury_brb
azaqScottK: Most likely I woudn't be going for display manager.19:44
azaqScottK: But at the same time I not confident enough to use ttyl on ubuntu-server ....19:44
ScottKMy very first Linux server I thought the same.  After a week I didn't need it again.19:45
azaqScottK: Then how did you manage on using ttyl for all the administrative chores?19:46
ScottKThe server guide gives examples for pretty much everything.19:46
lifelessSpamapS: I wanted to move that java packaging discussion forward19:46
azaqThanks19:49
Name141I think I found it, I needed to run ' smbpasswd -a user '19:55
Name141I guess19:55
ejatany testimonial running Active Directory as guest on kvm + virtIO ?19:55
ethereticScottK: sg good for network info on a noob level as well? defining terms without presumptions of prior knowledge etc.20:00
=== _TechAway_ is now known as _Techie_
pedahzurI'm having a problem with nssldap-update-ignore-users.  It bases it's config on a minimum user ID, so will add, say, www-priv will get added to the ignore list every time nssldap-ignore-users is run. BUT: www-priv is in a group in LDAP, so LDAP will then not be asked about this group, breaking privs.  Is there a way to tell it to exclude adding certain users to this list?20:03
markattoregarding the recent 32-bit compatability kernel vulnerability: The security bulletin seems to be telling me to update a 'linux-image' package, but I don't actually have that package installed and apt-get upgrade doesn't seem to want to give me anything that looks like a kernel20:13
pedahzurmarkatto: What does 'dpkg -l|grep linux-image' give you?  That's dpkg -(little L)20:16
markattonothing20:16
markattopedahzur: This is a vps, rackspace may have given me a different kernel package, but I don't see any extra entries in the apt sources20:17
pedahzurmarkatto: What about 'dpkg -l|grep linux'20:18
Nafallols /boot ?20:18
markattopedahzur: no kernels, just some libs and headers20:18
pedahzurodd.20:19
pedahzurmarkatto: dpkg -l|grep image20:19
markattostill no kernel20:22
markattocups, imagemagic, libgif, etc20:22
Nafalloright. ignore me then ;-)20:22
pedahzurmarkatto: odd.20:22
markattomaybe my host is using openvz and I don't know it?20:22
pedahzurmarkatto: I would assume they would update the kernel as needed.20:22
pedahzurmarkatto: what does the command 'uname -a' return?20:23
markattoI didn't set it up myself, but I would assume that rackspaces uses xen20:23
markattowait, I do indeed have a rackspace kernel20:23
markattoit's a *-rscloud20:24
pedahzurmarkatto: Yeah, I assume since it's a custom kernel, they'll update it when they have a package ready.20:25
markattoLinux development 2.6.34.1-rscloud #1 SMP Thu Jul 22 18:04:40 UTC 2010 x86_64 GNU/Linux20:25
markattothe thing is, it doesn't look like there's actually a package for it20:25
pedahzurSo Rackspace VPS's are using Ubuntu? Cool!20:25
ScottKRackspace was well represented at the last Ubuntu Developer Summit.20:26
_Techie_alot of different server platforms use ubuntu-server20:26
markattoI dunno if they all do, i'm not actually a big ubuntu fan/user but this what I inherited when I got the job20:27
shaunoI wonder how many treat it like I do; like a debian with a predictable release schedule20:28
pedahzurScottK, _Techie_: I just wish their Managed platform offered Ubuntu. The last time I asked them about it, they said they could not yet get the same kind of vendor support they can with Redhat, so were not offering it in a managed platform yet.20:29
ScottKThat's a completely different part of the company than does the cloud stuff, AIUI.20:29
pedahzurScottK: Ah.  Still want Rackspace Managed Ubuntu. :)20:30
=== jsalisbury_brb is now known as jsalisbury
ScottKmarkatto: As I understand it, Ubuntu and Red Hat are the only ones doing a lot of work on proactive security features and so one of the two are definitely the way to go if you care about security.  https://wiki.ubuntu.com/Security/Features20:31
=== _Techie_ is now known as _TechAway_
markattoScottK: I don't know how you can say that20:35
markattounless you're talking about SELinux vs AppArmor or something20:36
ScottKApparmor versus SELinux is a reason I prefer Ubuntu, but that wasn't what I was getting at.20:36
ScottKMeh.  Left.20:37
pedahzurAnyone have any ideas about my nssldap-ignore-users issue? :)20:40
ethereticah20:57
pedahzuretheretic: Ah?20:57
ethereticgot disconnected while afk - didn't know.20:58
blue-froghi, what is the mechanism triggered when I insert a usb key in a machine, please? I'd like to be able to eject it and then remount it without having to unplug it phisically20:58
blue-frogs/phi/phy20:58
pedahzurblue-frog: this isn't server specific, but you can just do: mount /path/to/device /mount/point20:59
blue-frogyes sure but my problem doesn't lie there20:59
blue-frogworking on a usb mulitboot key. everytime I do a change in grub.cfg for the sake of it, I have to unplug the key to have /dev/sdx shows the changes21:00
smokieanyone know a proper virtulazation envirenment like HyperVM but for ubuntu?21:01
pedahzursmokie: define "proper."21:04
smokiepedahzur, for production use and something other then virtualbox21:05
pedahzurblue-frog: Not sure what' you're getting at.21:05
pedahzursmokie: Xen and KVM come to mind.  I'd read up and KVM.21:05
pedahzursmokie: read up *on* KVM...21:06
blue-frogpedahzur, I have a usb key bootable with grub2. if I do any change to grub.cfg (edit, save, close) then when boot the key using qemu the changes I made are not there. I have to unplug the key and reinsert it.21:07
blue-frogto see the changes21:08
pedahzurblue-frog: Odd...that doesn't bring anything to mind...sorry.21:09
lifelessSpamapS: whats jos' email?21:09
blue-frogok thx for thr try21:09
SpamapSlifeless: jos.boumans@canonical.com21:15
smokiepedahzur, thanks dude will read up on that21:16
lifelessSpamapS: thanks21:18
AlexMaxQuestion.  I have 2 gigs of memory.  Due to a leaky program, my memory usage was about 1.0 gigs of RAM but with cache and buffers it was hitting 2 and starting to swap21:34
pranjalhi all21:34
AlexMaxshould i care about cache/buffers or should i only worry if my real app memory usage approaches 221:35
AlexMaxin terms of adverse performance21:35
RoyKAlexMax: monitor the program's usage of memory, if that gets too high, give it a kick21:38
AlexMaxRoyK: Which is what I've done. :)21:39
AlexMax http://imgur.com/RjuGM21:39
AlexMaxfor this picture I restarted the program and also force cleared the cache/buffers21:39
RoyKAlexMax: if swap gets to high, do something, but a fair use of swap is always good, it just keeps the parts of the memory not used in swap, which is a gain21:39
AlexMaxgreen usage = my actual app usage, blue = cache usage21:40
RoyKcache use is good21:40
RoyKhard memory use is bad21:40
AlexMaxI guess I'm just asking if i should care about cache getting swapped since it's not 'real' program memory usage21:40
AlexMaxsince i still seemed to have plenty of hard memory usage headroom21:41
RoyKin your case, the cache released was a lot, and you might have invalidated a lot of cache in that21:41
=== _TechAway_ is now known as _Techie_
qman__yeah, cache shouldn't actually be swapped21:42
qman__just cleared21:42
AlexMaxheh i actually have no idea if it was cache that was being swapped21:42
AlexMaxbut i was using a little swap memory21:42
_Techie_my cache doesnt seem to swap, so must be something wrong with yours AlexMax21:42
_Techie_AlexMax, how much swap was being used/21:43
AlexMaxjust a little bit21:43
qman__you could turn swappiness down if it's causing a big effect21:43
AlexMax1 sec21:43
AlexMaxbah, its out of my scrollback21:43
_Techie_AlexMax, ill give you a link to my servers status page, its got 2gigs of RAM so it should serve as a reference21:43
AlexMaxthanks21:44
qman__the only programs I have that leak memory are web browsers21:44
_Techie_AlexMax, http://phpsysinfo.technz.info/21:44
qman__unfortunately the only one that doesn't is elinks21:44
AlexMax_Techie_: Ah i see21:45
AlexMaxYou have 1.62 gigs of stuff in cache21:45
_Techie_AlexMax, yeah21:45
AlexMaxso technically you're also using all your memory21:45
_Techie_technicaly21:45
qman__I like that script, is it custom or part of a package?21:45
_Techie_but cache is dropped to make room for processes21:45
AlexMaxphpsysinfo21:45
_Techie_its phpsysinfo, its php21:46
qman__ok21:46
_Techie_links at the bottom21:46
AlexMax_Techie_: Okay that's pretty much what i needed to know21:46
AlexMaxso aside from kicking my runaway process i didnt have to clear the cache/buffers21:46
_Techie_nah21:46
_Techie_i used to think like that21:47
_Techie_i used to have a cron job to wipe my cache every few hours21:47
_Techie_qman__, phpsysinfo is in the repo's but its not a very new version21:48
qman__every week or so I have to close out of all my web browsers, or else my memory will fill up21:49
qman__freshly opened they only use a hundred megs or so, but after a week it's up over 70021:49
qman__regardless of what's open in them21:49
_Techie_qman__, you should just have a weekly cron job to kill and re open them21:49
AlexMaxSuper Italian Plumber Bros.21:55
kevinashHello. Newbie Question. I've got an Ubuntu 10.0.4 virtual server. I'm told to run 'aptitude update' followed by 'aptitude safe-upgrade' Do I need to restart the server afterwards?21:56
AlexMaxonly if it tells you to21:56
kevinashAlexMax: Thanks.21:57
kevinashIs there a difference between running an 'aptitude safe-upgrade' and 'aptitude upgrade' command?21:57
qman__probably, but I couldn't tell you what that is without reading the manual22:00
qman__see man aptitude22:00
_Techie_most of here use apt instead of aptitude22:00
qman__the only time you should ever need to reboot is for a kernel update22:00
kevinashThanks all. Actually, I'm running aptitude in the command line, not the graphical interface. I read somewhere it was a little more robust. Probably worng aboutthat.22:01
qman__aptitude is more featureful, I use apt-get out of habit22:03
qman__they'll both get the job done22:03
=== dendrobates is now known as dendro-afk
kevinashYes. I was told to use one of the other and stick to it. That's what I've done. I'm happy enough (I have no prior history with these commands anyway!)22:04
=== dendro-afk is now known as dendrobates
_Techie_just a heads up, 99% of the time we will use apt when helping people22:05
_Techie_as long as you know how to do each command in your package manager you will be fine22:06
kevinash_Techie_: I understand. Thanks, all, for your help.22:06
_Techie_ kevinash no problem22:07
_Techie_you should also propbably thank qman__, he contibutes alot to this channel22:07
=== ivoks-dinner is now known as ivoks
hallynzul: still around?22:45
yeshuahcan anyone point me to a short to-the-point guide to setup dns on a vps running ubuntu?23:17
pedahzuryeshuah: Do you want a DNS server (bind) or a local caching DNS setup?23:18
yeshuahpedahzur: server I presume23:24
yeshuahpedahzur: but I just realized I can use a tool at my registrar - so I don't have to setup the server23:25
yeshuahpedahzur: but if you know a good tutorial - I would be thankfull for future reference23:25
=== _Techie_ is now known as _TechAway_
pedahzuryeshuah: Yeah, if you have a server that will do it for you, then setting one up yourself isn't usually needed, but it's never a bad learning experience.  If you're running Ubuntu on that VPS, this should get you going: https://help.ubuntu.com/community/BIND9ServerHowto23:29
pedahzuryeshuah: BTW, that was the first result when googling: ubuntu bind howto :)23:30
yeshuahpedahzur: thanks - sorry23:31
blue-frogany users of udevadm who could explain me the use of udevadm test --force (as per the man page) because so far it is telling me that --force is not a recognised option. bug?23:34
blue-froggreat as per https://bugs.launchpad.net/udev/+bug/315979 seems that udevadm do not have the option anymore23:38
uvirtbotLaunchpad bug 315979 in udev "mknod for /dev/pktcdvd/control fails after update to udev 136" [Undecided,Fix released]23:38
=== _TechAway_ is now known as _Techie_
=== ivoks is now known as ivoks-afk

Generated by irclog2html.py 2.7 by Marius Gedminas - find it at mg.pov.lt!