[01:36] <Guest22179> How are we supposed to get sun-java6-jre on 10.04?
[02:53] <cakeep> test
[03:22] <ftcameron> gday .. I'm sorry to ask this, but I've been searching for ages now to get networking running ... 10.04 standard kvm.  tun is 666 and I'm in libvirtd,kvm groups.  error is failed to add tap interface to brudge...
[03:23] <ftcameron> brctl addif virbr0 tap0 -> interface tap0 does not exist!
[03:26] <MTecknology> So.. I thought I was using ecruptfs- now I'm not sure. Is there any really really easy to to tell if I am or am not using it?
[03:26] <MTecknology> I looked in mount and didn't see .Private mounted which is what's making me second guess this
[04:03] <arrrghhh> ok so i'd like to visualize free hard disk space on my server - is there a PHP gui or some such thing i can use on my server?  file light is cool... i guess i could forward it over X...
[04:18] <SJr> How do I prevent a package from being upgraded in ubuntu?
[04:19] <arrrghhh> SJr, let me google that for you.... http://www.ubuntugeek.com/how-to-prevent-a-package-from-being-updated-in-ubuntu.html
[04:20] <SJr> thanks you saved me the trouble of having to google it myself
[04:20] <astm> SJr: you set in /etc/apt/apt.conf.d/50unattended-upgrades
[04:20] <astm> Unattended-Upgrade::Package-Blacklist {
[04:20] <arrrghhh> astm, that only works for automatic updates...
[04:23] <ScottK> SJr: Why do you think you want to stop a package upgrade?
[04:23] <SJr> Because the update version is the devil
[04:23] <arrrghhh> lol
[04:23] <arrrghhh> settle down there mrs. palin...
[04:23] <ScottK> SJr: If there's a broken update, we should address the problem.  What package and what update and why?
[04:23] <SJr> autofs is broken in Ubuntu 10.04, after months of trying to fix it, and live without it, I came accross the idea of simply using the one from 9.10, and that worked, except I just found out that it got upgraded.
[04:25] <SJr> I can't find a good link but there are a bunch of bug reports out there for this already
[06:43] <sandGorgon> anybody know if there is a postgresql-9 ppa for ubuntu ?
[06:44] <YankDownUnder> ...have you checked their project home page?
[08:05] <lifeless> SpamapS: hey, around?
[08:44] <Name141> What is LVM?
[08:44] <Name141> !lvm
[08:45] <Name141> oh
[08:45] <Name141> so I don't need it for a home server
[08:59] <Name141> Will I be able to select what I want during setup , or will it be like the desktop edition and just install stuff at random
[09:16] <mgolisch> Name141: i think the server setup runs tasksel during installation
[09:18] <Name141> mgolisch: yeah I (tried) to select samba server
[09:18] <Name141> and then let it go
[09:19] <Name141> hopefully it'll be more compact
[09:21] <ejat> hi .. may i know what the differ between root device : instance vs ebs ?
[09:27] <Name141> how do I force acpi again ?
[09:27] <Name141> I have to edit grub2 right?
[10:40] <Zaas> i am stuck on user permissions: can you create a user that cannot browser your config files (/etc/apache2/sites-available for example)
[10:41] <Zaas> or am i not thinking straight here? running php with fcgid and suexec and open_dir('/') just worries me
[10:46] <Zaas> anyone can help me on user permissions?
[10:54] <Zaas> does anyone see my chat? (had before that webchat from me was not visible)
[11:07] <zaas> hi, can anyone see me? (webchat failed 10 mins ago)
[11:09] <Daviey> zaas, o/
[11:10] <zaas> nice. so i have a question about user permissions. I run apache, suxexec, fcgid and php and i don't like that open_dir('/') works fine... am i missing something?
[11:15] <zaas> or more general: can you prevent users to list directories?
[11:31] <joschi> zaas: in general yes, make sure that the user/group don't have read or execute rights on the directory
[11:31] <joschi> zaas: in your special case open_basedir restrictions in PHP might do the trick
[11:41] <zaas> joschi: but there must be a reason that /etc/apache/sites-available/ has r on user, group and world? figuring out wether openbase_dir is considered safe, read something about that not being true
[11:41] <zaas> can't chmod my whole server :)
[11:42] <zaas> in sftp mode it was quite easy
[11:42] <joschi> zaas: why shouldn't /etc/apache/sites-available/ be world readable?
[11:42] <zaas> you can read its config?
[11:42] <joschi> zaas: what?
[11:43] <zaas> well, is it not bad that any user on the system sees how my virtual hosts are configured?
[11:43] <joschi> zaas: that depends on your users. you can change the permissions if you need to.
[11:44] <joschi> zaas: if you want it really secure, don't give anyone an interactive shell and remove PHP or any other dynamic scripting languages from your webserver
[11:44] <zaas> haha :)
[11:44] <zaas> the shell is not so hard
[11:45] <zaas> and exec and some other commands are easy to disable in php.ini, but the fact they can list and read stuff outside /var/www/user/public just bugs me
[11:45] <zaas> can you change those permissions on user-level?
[11:45] <joschi> zaas: I already told you to set open_basedir accordingly
[11:46] <zaas> i know, and i responded to that as well: heard some rumors of it not being safe
[11:46] <joschi> zaas: of course you could always put the php processes inside a chroot environment. but that's a lot of management overhead
[11:46] <joschi> zaas: well, if you don't like it, don't use it.
[11:47] <zaas> i would like it a lot, if it works of course. you rely on it?
[11:47] <zaas> just wondering how veteran ubuntu server maintainers deal with these kind of things
[11:47] <joschi> zaas: yes, but not exclusivly
[11:47] <zaas> semi-new to it all
[11:48] <zaas> what other measures have you taken then in your PHP environment?
[11:49] <joschi> zaas: proper permissions, SuExec/SuPHP and for "special guests" chrooted php processes
[11:49] <joschi> zaas: plus a sensible AppArmor configuration
[11:49] <joschi> zaas: or grSecurity/RBAC on other systems (!= ubuntu)
[11:50] <zaas> just ubuntu. Boy, it's no walk in the park to manage a server :) fun though. Does ubuntu come with apparmor configured sensible?
[11:51] <joschi> zaas: not for all applications
[11:51] <joschi> zaas: and it depends a lot on your setup
[11:51] <zaas> i have done a apt-get only
[11:52] <zaas> nothing preinstalled but ssh
[11:52] <zaas> just apache, ruby, php and mysql
[12:00] <zaas> but did you change persmissions on your sever config folders like apache?
[12:02] <Tomash> hey ....
[12:02] <Tomash>  i have a problem with my ubuntu server installation, i try to install 10.04 on a ibm server with hardware raid5 on a 2.5 tb volume, after a successful installation, my server don´t find any bootloader. hope for help
[12:03] <\sh> Tomash: gpt partition table?
[12:04] <Tomash> \sh : yes ...becaus >2tb
[12:04] <\sh> Tomash: imho grub can't boot from gpt tables...but there should be a new gpt partition table label, named gpt-bios
[12:05] <Tomash> \sh : yes, right ... this is already there
[12:06] <\sh> ok..then I don't know...I just have always a system partition with msdos label for the system to boot, and the storage device is mostly gpt with partitions > 2TB
[12:08] <Tomash> \sh : ok , then I ll try this ... thx
[12:47] <Tomash> \sh : how I change in the installer the label to msdos ?
[12:49] <progre55> hi guys. How can you install sun-java6-jdk on ubuntu-server from a command line, and automatically accept the licence agreement, without user interaction?
[12:50] <\sh> progre55: via preseeding and these settings: http://paste.ubuntu.com/496972/
[12:50] <\sh> Tomash: I never did that via installer, I'm deploying via FAI...
[12:50] <\sh> Tomash: eventually you need to trigger "parted" manually from the CLI
[12:51] <Tomash> \sh : i ve no parted and mklabel in the installation process :( ....
[12:52] <Tomash> \sh : i ll think, first install the system, then change the label and try a new installation
[12:52] <pmatulis> has anyone ever heard of the root account expiring?  :)
[12:52] <pmatulis> i'm seeing this on a hardy server
[12:52] <pmatulis> pam_unix(cron:account): account root has expired (account expired)
[12:53] <\sh> Tomash: oh well...what about totally recreating your partition layout? it should automatically detect the right label...sorry...I'm long gone to deploy any server manually with big storages, only doing that automatically
[12:54] <\sh> pmatulis: On hardy I don't have any root password which could expire ;)
[12:54] <Tomash> \sh : no, the server set automatically an gpt label
[12:54] <progre55> \sh: thanks. and what's preceeding?
[12:54] <pmatulis> \sh: it's not the password, it's the account
[12:55] <\sh> Tomash: yes, when you created a partition first with >2TB, yes...you need to get rid of the partition layout first...could you make 2 volumes on your raid device, one less 2TB for system, and the other one with the >2TB part?
[12:56] <\sh> progre55: man debconf-set-selections.... there you have a manual about preseeding..the license agreement is a debconf questions, which can be preseeded
[12:57] <Tomash> \sh : ok, thx, then i try this
[12:57] <\sh> pmatulis: I never heard about "account expiring" but "password expire" (man password /-e)
[12:59] <\sh> pmatulis: oh, i never tried usermod --expiredate on a root account, eventually someone tried that ? ;)
[12:59] <pmatulis> \sh: i saw that as well but i'm looking for a cause right now
[13:00] <\sh> pmatulis: "usermod --expiredate 1 root" ? I don't know if that will ever work, but that could be a cause
[13:00] <progre55> \sh: thanks, appreciate
[13:20] <progre55> \sh: another question, please. As far as I got it, you can just put those settings in a file (e.g. java_license), and before you "apt-get install" java, you say "sudo debconf-set-selections java_license", right?
[13:32] <ztripez> i'm trying to install slapd in ubuntu 10.04 server.. but i can't find slapd.conf
[13:34] <pmatulis> ztripez: there is none
[13:35] <ztripez> pmatulis, oh?
[13:35] <ztripez> i guess https://help.ubuntu.com/community/OpenLDAPServer is out of date then..
[13:36] <pmatulis> ztripez: did you read the first few paragraphs?
[13:37] <ztripez> pmatulis, uhm no.. did i miss something?
[13:38] <pmatulis> ztripez: yes.  please read
[13:39] <pmatulis> ztripez: since Oct 2008 ubuntu does not use slapd.conf.  now using so-called 'cn=config' configuration method
[13:40] <ztripez> pmatulis, oh.. i miss that part yes ;)
[13:40] <pmatulis> ztripez: so ldap configuration is in ldap itself.  changes are immediate, no need to restart, blah blah blah
[13:41] <ztripez> pmatulis, i see
[13:41] <pmatulis> ztripez: https://help.ubuntu.com/10.04/serverguide/C/index.html
[13:42] <ztripez> pmatulis, thanks
[13:45] <pmatulis> ztripez: yw
[13:49] <ehcah> Hello. Can someone point me to a tutiorial that will allow me to have vnc4server start automatically after a reboot? I'm running Ubuntu Server 10.4 without a desktop enviroment.
[13:49] <ehcah> Everything I find is old.
[14:05] <\sh> progre55: yes that's the thing to do
[14:05] <\sh> progre55: sorry...had a meeting
[14:06] <progre55> \sh: thanks man, truly appreciate )
[14:48] <zaas> do you know if with php-cgi (mod_fcgid) and suxexec you can parse a second php.ini and also use /etc/php/cgi/php.ini?
[14:48] <zaas> (not using php)
[14:48] <zaas> can you do this in a vhost?
[14:55] <duaneb> I have a *NEW* question: does the server install force you to install all the files included on the cd? Or does it install a minimal base system + optional packages?
[14:56] <peaces> are there any problems with putting a normal user in the www-data group
[14:56] <remix_tj> peaces: no there is not
[14:56] <remix_tj> *are not
[14:56] <duaneb> Right now I'm debootstrapping a bare bones system onto a hard drive and finishing the "installation" with a chroot
[14:56] <duaneb> which is less than optimal
[14:57] <remix_tj> duaneb: it does install only the needed things, the others are optional
[14:57] <duaneb> any chance there's a list somewhere of what is installed with zero extra packages?
[14:57] <duaneb> or at least how large the base system is?
[14:58] <remix_tj> duaneb: if you use the alternate cd you can install only the base system, whitout any optional
[14:59] <duaneb> hrm
[14:59] <duaneb> interesting
[14:59] <duaneb> that's the ncurses interface?
[15:00] <duaneb> I mean, I am interested in running server software, so the ubuntu server image is useful
[15:00] <duaneb> I'm just wary of installing it with my limited space
[15:05] <peaces> does/can a system-wide ssh authorized_keys file exist?
[15:08] <oracle> i want all the crap that runs on startup, like bluetooth which i dont need
[15:08] <oracle> to stop loading modules
[15:10] <hggdh> bug 5608 <- can't we fix it? Seems only a change on permissions would do the trick
[15:23] <ehcah> Hello. Can someone point me to a tutiorial that will allow me to have vnc4server start automatically after a reboot? I'm running Ubuntu Server 10.4 without a desktop enviroment.
[15:26] <arrrghhh> ehcah, without a DE...?  so what does vnc do for you?
[15:27] <ehcah> I just want to be able to get to the terminal.
[15:27] <arrrghhh> ssh :D
[15:27] <ehcah> or basic x in environment.
[15:27] <arrrghhh> much much easier & more secure.
[15:27] <ehcah> I want to do this from my LAN though.
[15:27] <arrrghhh> well if you don't have any DE, what does X do for you?  you can just forward any X apps over ssh as well.
[15:28] <arrrghhh> doesn't matter
[15:28] <ehcah> ok.
[15:28] <arrrghhh> i ssh on my lan every day.
[15:28] <arrrghhh> if you have a DE, using vnc makes sense
[15:28] <ehcah> The other option is to manage through webmin?
[15:28] <arrrghhh> without one... it really doesn't to be honest.
[15:28] <arrrghhh> i thought you wanted the terminal...
[15:28] <ehcah> I do.
[15:28] <arrrghhh> i use webmin as well tho
[15:28] <permalac_> hi, my apache 2.2.14 has exploded on ubuntu 10.04 .    this is the answer to a restart : /usr/sbin/apache2: symbol lookup error: /usr/sbin/apache2: undefined symbol: apr_atomic_xchgptr
[15:28] <arrrghhh> so you can manage thru the terminal or webmin.  i wouldn't do updates or installs thru webmin tho.
[15:29] <permalac_> i've been googling arround and looks like there is no fix yet.
[15:29] <ehcah> Webmin updates are horrible.
[15:29] <ehcah> too slow or times out.
[15:29] <arrrghhh> ehcah, yes so just do updates thru aptitude or apt-get via ssh ;)
[15:29] <permalac_> so, how I can go back on the package versión ?   by command line if possible.
[15:29] <ehcah> Ok.
[15:29] <arrrghhh> permalac_, so you compiled apache yourself?
[15:29] <ehcah> I started out with Fedora 12 and a product called Amahi.
[15:29] <arrrghhh> ehcah, amahi's cool.
[15:29] <ehcah> Yep.
[15:29] <arrrghhh> if that's what you need haha
[15:30] <ehcah> I think I can replicate it with Ubuntu
[15:30] <ehcah> ?
[15:30] <arrrghhh> i just want a few pieces of it
[15:30] <arrrghhh> oh yea
[15:30] <arrrghhh> i have
[15:30] <permalac_> arrrghhh: nope, just updated, and installed munin-node
[15:30] <arrrghhh> some parts are harder than others i would imagine
[15:30] <arrrghhh> permalac_, so you think munin-node did it...?  i'm not sure what that is.  i run apache, but am by no means an expert on it.
[15:30] <ehcah> I'm very new to linux. I got comfortable with Ubuntu and F12 started to mess me up.
[15:30] <arrrghhh> lol
[15:31] <ehcah> I knwo they're close, but...
[15:31] <arrrghhh> yea, fedora is a little odd
[15:31] <ehcah> I also have xbmc live on a few pc's and ubuntu DE + xbmc in my theatre room.
[15:31] <arrrghhh> there's a lot of differences.  granted it's all the linux kernel... but a lot of the userland stuff is different, which is to be expected.
[15:31] <ehcah> I was starting to confuse the OS's.
[15:31] <permalac_> arrrghhh: no, I don't think so, now it's not activated on the sites, and still does not work. I just though that if I want help I must give all the information. that's all
[15:31] <arrrghhh> but yea if you don't have a DE, just use ssh.
[15:31] <ehcah> k.
[15:32] <ehcah> ssh will also allow me to remote in over the web as well I beleive?
[15:32] <arrrghhh> permalac_, huh... well i'm not sure and i'm late for work :P  just copyin stuff over to my phone before i leave.
[15:32] <arrrghhh> ehcah, if you open up the ports
[15:32] <arrrghhh> i forward ssh to an odd port above 1024
[15:32] <permalac_> arrrghhh: any suggestion? fast fast. :)
[15:32] <arrrghhh> if you forward 22 over the internet, you're just asking people to brute force it.
[15:33] <arrrghhh> permalac_, i mean you could try purging & reinstalling apache...
[15:33] <arrrghhh> alrighty g2g
[15:33] <arrrghhh> have a good one guys
[15:38] <SpamapS> lifeless: pong
[16:00] <ztripez> When i use the install guide (https://help.ubuntu.com/10.04/serverguide/C/openldap-server.html) for slapd, and when i'm about to add the frist entry i get an error
[16:00] <ztripez> ldap_add: Naming violation (64)
[16:00] <ztripez> 	additional info: value of single-valued naming attribute 'dc' conflicts with value present in entry
[16:04] <mdlueck> I am not able to get our Ubuntu Server 10.04 to detect USB HDD's or USB Flash Drives currently. Last worked around two months ago. Linux seems to see the USB 2.0 and 1.1 as I see those drives load at boot time. Anyone else having similar troubles?
[16:06] <maedox> mdlueck, you mean they don't show up with fdisk -l ?
[16:07] <mdlueck> maedox: Usually I see messages in syslog for the PnP event. syslog is completely quiet currently. Verbose as ever on Ubuntu Desktop.
[16:08] <mdlueck> maedox: Also /dev/disk has only the internal RAID drives
[16:09] <mdlueck> maedox: Excuse me, /dev is where the recognized partitions show up at
[16:10] <maedox> mdlueck, ok, odd. Not sure I can help you. Are your USB-ports working with a keyboard?
[16:11] <mdlueck> maedox: I guess I could double check. Server is connected to a KVM via PS/2 connectors currently.
[16:12] <mdlueck> maedox: Good idea, will IPL the server... be back in a while...
[16:12] <maedox> mdlueck, best to be sure. I have to run now, but I'll be back later. Someone else can hopefully give some input.
[16:13] <mdlueck> maedox: Thanks for that idea at least! :-)
[16:17] <pmatulis> has anyone used the pkinit protocol extension to kerberos?
[16:21] <hallyn> ttx: anyone in particular who should be assigned the ubuntu-release-notes part of the qemu-sdl bug?
[16:22] <ttx> hallyn: no, those will get reviewed as we go closer to release
[16:22] <hallyn> ttx: ok, thanks
[16:24] <SpamapS> pmatulis: that rings a bell.. is that the stuff that helps you talk to windows?
[16:25] <pmatulis> SpamapS: it provides SSL certificate support to kerberos
[16:25] <MACscr> is there a hotfix available for ubuntu 8.04 LTS for this new kernel exploit?
[16:26] <Pici> MACscr: Yes. http://www.ubuntu.com/usn/usn-988-1
[16:27] <pmatulis> Pici: i think he means a fix that does not require a reboot
[16:27] <Pici> pmatulis: Then no, its a kernel bug.
[16:27] <mdlueck> "kernel = IPL" in my mind at least
[16:27] <pmatulis> MACscr: some hotfixes have been proposed but have not stood up to the test
[16:28] <pmatulis> MACscr: what release are you running?
[16:28] <pmatulis> MACscr: sorry, 8.04
[16:28] <MACscr> unfortunately 8.04, so i cant use ksplice =/
[16:28] <MACscr> as they dont have a xen kernel version
[16:28] <MACscr> for hardy
[16:29] <MACscr> man i love ksplice
[16:29] <Skaag> Hey
[16:29] <Skaag> I started installing the Percona binaries of MySQL Server, for Ubuntu. But in the middle of installation, a conflict was discovered with mysql-server-core-5.1, since both packages contain some man file. now I can't remove the old one, and can't install the new one.
[16:29] <MACscr> all of the rest of my servers were pretty much patched instantly
[16:29] <pmatulis> MACscr: Hardy is at least not vuln to 3301 AFAIK
[16:29] <Skaag> how to I cancel the pending percona installs
[16:29] <Skaag> so I can quietly remove the original mysql-server
[16:30] <Skaag> s/to/do/g
[16:35] <Skaag> ok never mind, I managed with aptitude
[16:37] <SpamapS> pmatulis: ahh, not the same thing then
[16:40] <MACscr> ok, im a bit confused, i just ran apt-get update/upgrade and i see that it setup: linux-headers-2.6.24-28-xen (2.6.24-28.79). It also says im running 2.6.24-28-xen right now. I do not see a kernel available in my /boot/ folder to change to the .79 version
[16:40] <MACscr> since its a minor change, do i just need to reboot and the new kernel just replaced the existing one?
[16:41] <pmatulis> MACscr: yes
[16:46] <FunnyLookinHat> Whoah - just got this error: Err http://archive.ubuntu.com/ubuntu/ lucid-updates/main libwbclient0 2:3.4.7~dfsg-1ubuntu3.1 :  404  Not Found [IP: 91.189.88.30 80]
[16:47] <FunnyLookinHat> Trying to install mencoder...
[16:47] <SpamapS> FunnyLookinHat: apt-get update
[16:48] <FunnyLookinHat> Ah of course.
[16:48] <FunnyLookinHat> Wow
[16:48] <FunnyLookinHat> Thanks SpamapS
[16:48] <SpamapS> FunnyLookinHat: its a good idea to just apt-get update before every apt-get install/upgrade/etc.
[16:49]  * SpamapS wonders if aptitude does it automatically
[16:52]  * FunnyLookinHat doubts it - given the error I just encountered.  :)
[16:53] <MACscr> FunnyLookinHat: were you using aptitude then? or apt-get
[16:53] <FunnyLookinHat> Yeah
[16:53] <FunnyLookinHat> I always use aptitude
[16:53] <FunnyLookinHat> apt-get feels too cheeky
[16:53] <MACscr> lol
[16:53] <FunnyLookinHat> SRSLY!
[16:56] <etheretic> hello! is this the place to ask network-related questions?
[16:57] <Jeeves_> That depends!
[16:57] <Jeeves_> Give it a try :)
[16:57] <mdlueck> etheretic: Try, this is the place for chat related to Ubuntu Server
[16:58] <etheretic> Jeeves_: keywords - wifi, partially work, wonky dns, heeelp. qualify? 8-)
[16:58] <etheretic> was tossed over here from #ubuntu.
[16:59] <Jeeves_> etheretic: Just ask the question :)
[16:59] <mdlueck> OK, from above, starting over... >    I am not able to get our Ubuntu Server 10.04 to detect USB HDD's or USB Flash Drives currently. Last worked around two months ago. Linux seems to see the USB 2.0 and 1.1 as I see those drives load at boot time. I attached a USB KB directly and the server boots up and is able to use the USB KB plugged into the same USB port I was trying the USB HDD in.
[17:01] <mdlueck> etheretic: And you are running Ubuntu Server? If not, then I have no idea why you would get "tossed" to the server room.
[17:03] <etheretic> Jeeves_: i'm on an open access wifi signal. it usually behaves, but lately it has bcome unreliable; irc and p2p (transmission) works, whereas ping, amule, firefox and updates don't. ried other dns servers (8.8.8.8, 8.8.4.4) but no joy.
[17:03] <Jeeves_> etheretic: Who runs the wifi network?
[17:04] <etheretic> mdlueck: no, desktop. which is why i though the #ubuntu hint a bit odd.
[17:04] <Jeeves_> Anyway, diner!
[17:04] <etheretic> Jeeves_: no idea. but they are connected to getinternet.no
[17:05] <Jeeves_> etheretic: You're not seriously asking people all over the world why your neighbous network doesnt work, right?
[17:05] <Jeeves_> Anyway, diner
[17:05] <mdlueck> etheretic: Perhaps you just fried their brain circuits (shrug)
[17:06] <etheretic> why isn't there an #ubuntu-networking channel, anyway?
[17:06] <SpamapS> etheretic: err, this is about as close as it gets. :)
[17:07] <mdlueck> etheretic: There is... Networking the desktop OS or serer OS... :-)
[17:07] <etheretic> mdlueck: #ubuntu-wifi-woes then.
[17:07] <SpamapS> etheretic: wifi networks are quite prone to external interference...
[17:08] <SpamapS> etheretic: what actual evidence do you have that transmission works?
[17:08] <mdlueck> etheretic: reminds me of the old usenet group barny.die.die.die.die
[17:09] <etheretic> SpamapS: think you're right. only sensible explanation for the mercurial behaviour of this connection.
[17:09]  * etheretic pines for alt.pave.the.earth
[17:10] <SpamapS> etheretic: a nice simple test of your wifi network is just to ping your gateway IP with 1500 byte packets
[17:11] <SpamapS> sudo ping -s 1500 x.x.x.x
[17:11] <SpamapS> etheretic: if you're getting packet loss with that, then your issues are the wifi. I'd suggest repositioning the anetenna, or changing wifi channels.
[17:12] <mdlueck> Isn't there a nice GUI signal quality indicator in Ubuntu Desktop? If so, what signal strength does it show?
[17:12] <etheretic> 31%
[17:13] <macno> hi guys, I'm having a strange issue with apache2 and ipv6 virtualhost
[17:13] <etheretic> guess canging to vicd wouldn't make a difference.
[17:13] <mdlueck> etheretic: Perhaps that is not enough signal to get a reliable connection
[17:13] <macno> is there someone who have it working?
[17:14] <etheretic> mdlueck: have had peachy connection with 20%.
[17:14] <mdlueck> The cards I have are NetGear brand, with the Athos chipset. I do not normally use wireless though.
[17:15] <mdlueck> I have used their PCI cards, and PCCard is a WAG511
[17:15] <mdlueck> I forget the PCI PN#
[17:16] <SpamapS> mdlueck: signal *strength* yes
[17:16] <SpamapS> but quality is another thing ;)
[17:16] <SpamapS> 31% should be fine
[17:16] <etheretic> SpamapS: can't for the life of me remember the relevant command to map the immediate network neighbourhood.
[17:17] <mdlueck> SpamapS: Like I said, I prefer sending my data over ether vs air! ;-)
[17:17] <SpamapS> etheretic: map? why would you want to map it?
[17:17] <SpamapS> mdlueck: convenience trumps performance for the more pragmatic. :)
[17:17] <etheretic> SpamapS: to find the address of my gw.
[17:18] <jjohansen>  
[17:18] <SpamapS> etheretic: route -n | grep 0.0.0.0
[17:18] <etheretic> route!
[17:18]  * etheretic beams
[17:19] <etheretic> paste? not much.
[17:20] <etheretic> I'd hazard 192.168.1.0 .
[17:20] <SpamapS> etheretic: take off the grep portion and you'll see that the second column is the gateway
[17:21] <etheretic> 192.168.1.1 then.
[17:23] <smoser> kirkland, http://aws.typepad.com/aws/2010/09/new-amazon-ec2-feature-bring-your-own-keypair.html
[17:24] <etheretic> SpamapS: pinged. it's in the 4-70 millisecond range.
[17:26] <etheretic> link monitor is nice and blank, suddenly. h'm.
[17:29] <etheretic> SpamapS: this smacks of wifi woodoo - just poked it, and it suddenly decided to work!
[17:32] <SpamapS> etheretic: :)
[17:32] <SpamapS> etheretic: your neighbors probably turned off their phone. ;)
[17:33] <etheretic> 8-)
[17:34] <etheretic> anyone encountered the iotop/iowait bug?
[17:34] <etheretic> CONFIG_TASK_DELAY_ACCT not enabled in kernel, cannot determine SWAPIN and IO %
[17:35] <etheretic> ...which makes iotop rather stunted.
[17:36] <SpamapS> We've heard cries for it to be re-enabled yes.
[17:37] <kirkland> smoser: it's about damn time
[17:37] <etheretic> oh.
[17:37] <etheretic> back in 10.10? :)
[17:47] <thesheff17> has anyone purchased EC2 reserved instances here?  I was wondering how long they take to become available?  Mine just keep saying payment-pending...I'm also checking with my company to see if something is wrong with the credit card.
[18:19] <peaces> if i add a user whom i want sudo privileges granted, i add the user and put them in sudo group. i put their public key in authorized_keys and they can ssh in without a password. but sudo asks them for a password and none is set. is there a solution for this that doesn't involve giving them a password? also what about 'su'ing to different users (without passwords set) once logged in as one with pub key auth?
[18:28] <\sh> peaces: sudo without a password doesn't work....you can give the NOPASSWORD: flag in your sudoers file, or set a password
[18:29] <peaces> \sh: i've read you are only supposed to edit the sudoers file with visudo as root. can this operation be scripted?
[18:30] <au> or nano /etc/sudoers as root :>
[18:32] <maswan> peaces: I set passwords, is there a particular reason why you don't want to set them? :)
[18:32] <peaces> maswan: users won't use passwords for anything else, they log in over ssh with key authentication. i was just hoping i could get away with giving them sudo power without a password as well
[18:33] <maswan> peaces: sure. hm. can you set the NOPASSWORD flag on the adm group perhaps?
[18:34] <Pici> Its the 'admin' group, 'adm' is for log file access mostly.
[18:34] <\sh> peaces: you can script it, or much better use sudo-ldap with a ldap server
[18:34] <maswan> well, yes, that one
[18:36] <peaces> why should i not add a line to /etc/sudoers with a bash script
[18:39] <t11m> got a box with logical volumes and i need to expand one.  is there any prep i need to do prior or can i just run lvresize
[19:23] <Qwert> update-manager
[19:24] <Pici> out-of-context-words
[19:24] <Qwert> Sorry
[19:26] <Pici> Okay then.
[19:27] <azaq> Is it advisable to install ubuntu-desktop package on Ubuntu server?
[19:30] <Pici> azaq: Most people don't, then again, we get alot of people here asking how to do it.
[19:31] <azaq> Pici: Yes, but is it advisable to install?
[19:32] <Pici> azaq: I'd say no.  There aren't many graphical administrative anyway, you'll be doing most of your admin work on the terminal/tty.
[19:33] <azaq> Pici: Agreed, but is there any harm to have a desktop?
[19:33] <mathiaz> ttx: hi!
[19:33] <ScottK> Part of the answer depends on if you care about long term support.
[19:33] <mathiaz> ttx: I ran into bug 641001
[19:33] <ScottK> Server is supported 5 years, desktop only 3.
[19:34] <mathiaz> ttx: I was wondering if I should push that in maverick or wait for maverick-updates to open?
[19:34] <mathiaz> ttx: the impact is that apache2 ssl configuration uses the wrong CRL
[19:34] <azaq> Scottk: Yes, but I'm still not able to understand as to why one cannot have display manager?
[19:34] <mathiaz> ttx: thus revoked puppet client won't be denied access to the puppet master by apache
[19:34] <ScottK> azaq: You can.
[19:34] <ScottK> It's just no longer what we'd call a server.
[19:35] <azaq> Pici: Well i wanted to know about using display manager and not tranforming it to ubuntu desktop
[19:37] <azaq> Scottk: using 'sudo apt-get install ubuntu-desktop' will only give it a display manager. Why it would not be called server? Will that transform it to ubuntu-desktop(As in transforming Ubuntu to Kubuntu by removing ubuntu-desktop, libroot2 and then installing kubuntu-desktop) ?
[19:37] <ScottK> It wiil.
[19:38] <azaq> But I'm not removing server..
[19:39] <ScottK> Right, but the base server is essentially desktop without the desktop.
[19:39] <Name141> how do I setup a user for the secured samba folders so that I can login to that folder?
[19:39] <azaq> ScottK: Then why it should affect?
[19:39] <ScottK> It mostly shouldn't.
[19:40] <ScottK> But use of desktop apps isn't supported in this channel.
[19:40] <Name141> do I put the normal user as 'admin users = melissa
[19:40] <Name141> er..
[19:40] <azaq> ScottK: Sure..Most likely what all can it affect? All ttyl work can be performed by terminal
[19:40] <Name141> do I put the normal user as 'admin users = loginname' , then use explorer to login like I would on the machine ?
[19:41] <Name141> Or is there another way?
[19:42] <ScottK> azaq: More packages installed, more load on the system, more things to go wrong.  Generally on a server you want to limit it to what you need to do the servers job for performance and security reasons.
[19:42] <azaq> ScottK: Pici: Could you suggest me commands manual for working on ttyl?
[19:42] <azaq> ScottK: Agreed.
[19:43] <ScottK> azaq: The Ubuntu Server Guide gives lots of examples https://help.ubuntu.com/10.04/serverguide/C/serverguide.pdf
[19:43] <azaq> ScottK: Thank you
[19:44] <azaq> ScottK: Most likely I woudn't be going for display manager.
[19:44] <azaq> ScottK: But at the same time I not confident enough to use ttyl on ubuntu-server ....
[19:45] <ScottK> My very first Linux server I thought the same.  After a week I didn't need it again.
[19:46] <azaq> ScottK: Then how did you manage on using ttyl for all the administrative chores?
[19:46] <ScottK> The server guide gives examples for pretty much everything.
[19:46] <lifeless> SpamapS: I wanted to move that java packaging discussion forward
[19:49] <azaq> Thanks
[19:55] <Name141> I think I found it, I needed to run ' smbpasswd -a user '
[19:55] <Name141> I guess
[19:55] <ejat> any testimonial running Active Directory as guest on kvm + virtIO ?
[20:00] <etheretic> ScottK: sg good for network info on a noob level as well? defining terms without presumptions of prior knowledge etc.
[20:03] <pedahzur> I'm having a problem with nssldap-update-ignore-users.  It bases it's config on a minimum user ID, so will add, say, www-priv will get added to the ignore list every time nssldap-ignore-users is run. BUT: www-priv is in a group in LDAP, so LDAP will then not be asked about this group, breaking privs.  Is there a way to tell it to exclude adding certain users to this list?
[20:13] <markatto> regarding the recent 32-bit compatability kernel vulnerability: The security bulletin seems to be telling me to update a 'linux-image' package, but I don't actually have that package installed and apt-get upgrade doesn't seem to want to give me anything that looks like a kernel
[20:16] <pedahzur> markatto: What does 'dpkg -l|grep linux-image' give you?  That's dpkg -(little L)
[20:16] <markatto> nothing
[20:17] <markatto> pedahzur: This is a vps, rackspace may have given me a different kernel package, but I don't see any extra entries in the apt sources
[20:18] <pedahzur> markatto: What about 'dpkg -l|grep linux'
[20:18] <Nafallo> ls /boot ?
[20:18] <markatto> pedahzur: no kernels, just some libs and headers
[20:19] <pedahzur> odd.
[20:19] <pedahzur> markatto: dpkg -l|grep image
[20:22] <markatto> still no kernel
[20:22] <markatto> cups, imagemagic, libgif, etc
[20:22] <Nafallo> right. ignore me then ;-)
[20:22] <pedahzur> markatto: odd.
[20:22] <markatto> maybe my host is using openvz and I don't know it?
[20:22] <pedahzur> markatto: I would assume they would update the kernel as needed.
[20:23] <pedahzur> markatto: what does the command 'uname -a' return?
[20:23] <markatto> I didn't set it up myself, but I would assume that rackspaces uses xen
[20:23] <markatto> wait, I do indeed have a rackspace kernel
[20:24] <markatto> it's a *-rscloud
[20:25] <pedahzur> markatto: Yeah, I assume since it's a custom kernel, they'll update it when they have a package ready.
[20:25] <markatto> Linux development 2.6.34.1-rscloud #1 SMP Thu Jul 22 18:04:40 UTC 2010 x86_64 GNU/Linux
[20:25] <markatto> the thing is, it doesn't look like there's actually a package for it
[20:25] <pedahzur> So Rackspace VPS's are using Ubuntu? Cool!
[20:26] <ScottK> Rackspace was well represented at the last Ubuntu Developer Summit.
[20:26] <_Techie_> alot of different server platforms use ubuntu-server
[20:27] <markatto> I dunno if they all do, i'm not actually a big ubuntu fan/user but this what I inherited when I got the job
[20:28] <shauno> I wonder how many treat it like I do; like a debian with a predictable release schedule
[20:29] <pedahzur> ScottK, _Techie_: I just wish their Managed platform offered Ubuntu. The last time I asked them about it, they said they could not yet get the same kind of vendor support they can with Redhat, so were not offering it in a managed platform yet.
[20:29] <ScottK> That's a completely different part of the company than does the cloud stuff, AIUI.
[20:30] <pedahzur> ScottK: Ah.  Still want Rackspace Managed Ubuntu. :)
[20:31] <ScottK> markatto: As I understand it, Ubuntu and Red Hat are the only ones doing a lot of work on proactive security features and so one of the two are definitely the way to go if you care about security.  https://wiki.ubuntu.com/Security/Features
[20:35] <markatto> ScottK: I don't know how you can say that
[20:36] <markatto> unless you're talking about SELinux vs AppArmor or something
[20:36] <ScottK> Apparmor versus SELinux is a reason I prefer Ubuntu, but that wasn't what I was getting at.
[20:37] <ScottK> Meh.  Left.
[20:40] <pedahzur> Anyone have any ideas about my nssldap-ignore-users issue? :)
[20:57] <etheretic> ah
[20:57] <pedahzur> etheretic: Ah?
[20:58] <etheretic> got disconnected while afk - didn't know.
[20:58] <blue-frog> hi, what is the mechanism triggered when I insert a usb key in a machine, please? I'd like to be able to eject it and then remount it without having to unplug it phisically
[20:58] <blue-frog> s/phi/phy
[20:59] <pedahzur> blue-frog: this isn't server specific, but you can just do: mount /path/to/device /mount/point
[20:59] <blue-frog> yes sure but my problem doesn't lie there
[21:00] <blue-frog> working on a usb mulitboot key. everytime I do a change in grub.cfg for the sake of it, I have to unplug the key to have /dev/sdx shows the changes
[21:01] <smokie> anyone know a proper virtulazation envirenment like HyperVM but for ubuntu?
[21:04] <pedahzur> smokie: define "proper."
[21:05] <smokie> pedahzur, for production use and something other then virtualbox
[21:05] <pedahzur> blue-frog: Not sure what' you're getting at.
[21:05] <pedahzur> smokie: Xen and KVM come to mind.  I'd read up and KVM.
[21:06] <pedahzur> smokie: read up *on* KVM...
[21:07] <blue-frog> pedahzur, I have a usb key bootable with grub2. if I do any change to grub.cfg (edit, save, close) then when boot the key using qemu the changes I made are not there. I have to unplug the key and reinsert it.
[21:08] <blue-frog> to see the changes
[21:09] <pedahzur> blue-frog: Odd...that doesn't bring anything to mind...sorry.
[21:09] <lifeless> SpamapS: whats jos' email?
[21:09] <blue-frog> ok thx for thr try
[21:15] <SpamapS> lifeless: jos.boumans@canonical.com
[21:16] <smokie> pedahzur, thanks dude will read up on that
[21:18] <lifeless> SpamapS: thanks
[21:34] <AlexMax> Question.  I have 2 gigs of memory.  Due to a leaky program, my memory usage was about 1.0 gigs of RAM but with cache and buffers it was hitting 2 and starting to swap
[21:34] <pranjal> hi all
[21:35] <AlexMax> should i care about cache/buffers or should i only worry if my real app memory usage approaches 2
[21:35] <AlexMax> in terms of adverse performance
[21:38] <RoyK> AlexMax: monitor the program's usage of memory, if that gets too high, give it a kick
[21:39] <AlexMax> RoyK: Which is what I've done. :)
[21:39] <AlexMax>  http://imgur.com/RjuGM
[21:39] <AlexMax> for this picture I restarted the program and also force cleared the cache/buffers
[21:39] <RoyK> AlexMax: if swap gets to high, do something, but a fair use of swap is always good, it just keeps the parts of the memory not used in swap, which is a gain
[21:40] <AlexMax> green usage = my actual app usage, blue = cache usage
[21:40] <RoyK> cache use is good
[21:40] <RoyK> hard memory use is bad
[21:40] <AlexMax> I guess I'm just asking if i should care about cache getting swapped since it's not 'real' program memory usage
[21:41] <AlexMax> since i still seemed to have plenty of hard memory usage headroom
[21:41] <RoyK> in your case, the cache released was a lot, and you might have invalidated a lot of cache in that
[21:42] <qman__> yeah, cache shouldn't actually be swapped
[21:42] <qman__> just cleared
[21:42] <AlexMax> heh i actually have no idea if it was cache that was being swapped
[21:42] <AlexMax> but i was using a little swap memory
[21:42] <_Techie_> my cache doesnt seem to swap, so must be something wrong with yours AlexMax
[21:43] <_Techie_> AlexMax, how much swap was being used/
[21:43] <AlexMax> just a little bit
[21:43] <qman__> you could turn swappiness down if it's causing a big effect
[21:43] <AlexMax> 1 sec
[21:43] <AlexMax> bah, its out of my scrollback
[21:43] <_Techie_> AlexMax, ill give you a link to my servers status page, its got 2gigs of RAM so it should serve as a reference
[21:44] <AlexMax> thanks
[21:44] <qman__> the only programs I have that leak memory are web browsers
[21:44] <_Techie_> AlexMax, http://phpsysinfo.technz.info/
[21:44] <qman__> unfortunately the only one that doesn't is elinks
[21:45] <AlexMax> _Techie_: Ah i see
[21:45] <AlexMax> You have 1.62 gigs of stuff in cache
[21:45] <_Techie_> AlexMax, yeah
[21:45] <AlexMax> so technically you're also using all your memory
[21:45] <_Techie_> technicaly
[21:45] <qman__> I like that script, is it custom or part of a package?
[21:45] <_Techie_> but cache is dropped to make room for processes
[21:45] <AlexMax> phpsysinfo
[21:46] <_Techie_> its phpsysinfo, its php
[21:46] <qman__> ok
[21:46] <_Techie_> links at the bottom
[21:46] <AlexMax> _Techie_: Okay that's pretty much what i needed to know
[21:46] <AlexMax> so aside from kicking my runaway process i didnt have to clear the cache/buffers
[21:46] <_Techie_> nah
[21:47] <_Techie_> i used to think like that
[21:47] <_Techie_> i used to have a cron job to wipe my cache every few hours
[21:48] <_Techie_> qman__, phpsysinfo is in the repo's but its not a very new version
[21:49] <qman__> every week or so I have to close out of all my web browsers, or else my memory will fill up
[21:49] <qman__> freshly opened they only use a hundred megs or so, but after a week it's up over 700
[21:49] <qman__> regardless of what's open in them
[21:49] <_Techie_> qman__, you should just have a weekly cron job to kill and re open them
[21:55] <AlexMax> Super Italian Plumber Bros.
[21:56] <kevinash> Hello. Newbie Question. I've got an Ubuntu 10.0.4 virtual server. I'm told to run 'aptitude update' followed by 'aptitude safe-upgrade' Do I need to restart the server afterwards?
[21:56] <AlexMax> only if it tells you to
[21:57] <kevinash> AlexMax: Thanks.
[21:57] <kevinash> Is there a difference between running an 'aptitude safe-upgrade' and 'aptitude upgrade' command?
[22:00] <qman__> probably, but I couldn't tell you what that is without reading the manual
[22:00] <qman__> see man aptitude
[22:00] <_Techie_> most of here use apt instead of aptitude
[22:00] <qman__> the only time you should ever need to reboot is for a kernel update
[22:01] <kevinash> Thanks all. Actually, I'm running aptitude in the command line, not the graphical interface. I read somewhere it was a little more robust. Probably worng aboutthat.
[22:03] <qman__> aptitude is more featureful, I use apt-get out of habit
[22:03] <qman__> they'll both get the job done
[22:04] <kevinash> Yes. I was told to use one of the other and stick to it. That's what I've done. I'm happy enough (I have no prior history with these commands anyway!)
[22:05] <_Techie_> just a heads up, 99% of the time we will use apt when helping people
[22:06] <_Techie_> as long as you know how to do each command in your package manager you will be fine
[22:06] <kevinash> _Techie_: I understand. Thanks, all, for your help.
[22:07] <_Techie_>  kevinash no problem
[22:07] <_Techie_> you should also propbably thank qman__, he contibutes alot to this channel
[22:45] <hallyn> zul: still around?
[23:17] <yeshuah> can anyone point me to a short to-the-point guide to setup dns on a vps running ubuntu?
[23:18] <pedahzur> yeshuah: Do you want a DNS server (bind) or a local caching DNS setup?
[23:24] <yeshuah> pedahzur: server I presume
[23:25] <yeshuah> pedahzur: but I just realized I can use a tool at my registrar - so I don't have to setup the server
[23:25] <yeshuah> pedahzur: but if you know a good tutorial - I would be thankfull for future reference
[23:29] <pedahzur> yeshuah: Yeah, if you have a server that will do it for you, then setting one up yourself isn't usually needed, but it's never a bad learning experience.  If you're running Ubuntu on that VPS, this should get you going: https://help.ubuntu.com/community/BIND9ServerHowto
[23:30] <pedahzur> yeshuah: BTW, that was the first result when googling: ubuntu bind howto :)
[23:31] <yeshuah> pedahzur: thanks - sorry
[23:34] <blue-frog> any users of udevadm who could explain me the use of udevadm test --force (as per the man page) because so far it is telling me that --force is not a recognised option. bug?
[23:38] <blue-frog> great as per https://bugs.launchpad.net/udev/+bug/315979 seems that udevadm do not have the option anymore