[01:38] <ScottK> yeshuah: The ubuntu server guide (see /topic) tells how to do this.
[02:41]  * e_t_ is away: Gone away for now
[03:34] <wizardslovak> hello ppl
[03:35] <wizardslovak> whats the command if i want to install packages LAMP, i forgot it
[03:35] <wizardslovak> that which brings you same screen as on server install
[03:35] <wizardslovak> its not ap-get
[03:38] <wizardslovak> that blue screen
[04:00] <zachtib> also posted in #ubuntu: anyone know of a way w/ libvirt and kvm to have separate users that can only access their own virtual machines?
[04:01] <zachtib> trying to set up a vm server for our LUG so that new users can have a machine to learn on
[04:21] <Datz> Is there a way to see descriptions for updates using aptitude or other?
[05:03] <JasonMSP> Trying to get virtual users to work with VSFTPD.  this http://howto.gumph.org/content/setup-virtual-users-and-directories-in-vsftpd/ hasn't worked.  Error 530 Login incorrect when trying to login.
[05:04] <JasonMSP> ??
[07:56] <blue-frog> hi when inserting a usb key in a machine, it triggers some kernel uevent. Have I a way to recreate those uvent via command line. I hoped udevadm test --force --action=add would have done the trick but apparently --force is not an option anymore.
[08:07] <zaas> hi, i have question about php fast cgi (fcgid) and php.ini
[08:07] <zaas> can i use a master php.ini and extend it with a .ini per user?
[08:08] <zaas> my setup it with suexec and having a /var/www/username dir per site
[08:16] <moob> Hello.
[08:17] <moob> testing 1 2 3
[08:19] <zaas> hi moon
[08:19] <zaas> *b
[08:19] <moob> Hi
[08:19] <moob> You wouldn't happen to know any thing about Amazon EC2?
[08:20] <zaas> no, only s3, never worked with EC2
[08:20] <moob> darn
[08:27] <zaas> anyone knows how to use a 2nd php.ini?
[08:27] <zaas> (fastcgi)
[08:40] <remix_tj> zaas: i've used it
[12:06] <ttx> mathiaz: I'd fix it for maverick release. This has security implications and is realtively self-contained, I suppose
[12:45] <domas> heh
[12:45] <domas> my bug
[12:45] <domas> (http://bugs.mysql.com/bug.php?id=35477)
[12:56] <_ruben> nice
[12:56] <domas> I certainly don't understand why people use distro mysql packages
[12:57] <domas> distros should treat 5.x.* as patch-levels, not as separate versions
[12:57] <domas> only bugfixes go there usually
[12:57] <domas> now distro maintainers think they will do better job at bugfixing than hundred-people-teams
[12:57] <alvin> How do I set a default printer? Man lpadmin tells me it's # lpadmin -d [destination], but lpstat -d still reports the wrong printer as default
[13:01] <alvin> Do I have to restart cupsys for this?
[13:06] <_ruben> domas: easy of maintenance (have the distro maintainer keep track of the versions/issues/etc) .. but as always, its a double-sided knife ;)
[13:07] <alvin> ok, I tried lpadmin -d on different systems with multiple printers. It doesn't work anywhere.
[13:07] <domas> _ruben: hehe, true. but still, I think distros should be more aggressive about getting patchlevel releases
[13:07] <domas> I'm sure more people get bitten by old bugs than new ones :)
[13:08] <_ruben> domas: hard to tell, as even known-to-be-bleeding-edge distros (like ubuntu is often categorized) still lag behind quite a bit ;)
[13:09] <domas> well, ubuntu hardy never had anything else than 5.0.51
[13:09] <domas> I guess lucid is now lagging with 5.1 ones
[13:09] <_ruben> yeah, should be 6.x ;)
[13:12] <domas> there's no 6.x
[13:13] <domas> it is 5.1.41 in ll
[13:14] <alvin> setting default printer reported as 644304. Would this qualify as a server papercut?
[13:15] <alvin> bug 644304
[13:16] <_ruben> ah, 6.0 has been abandoned
[13:18] <domas> ye
[13:18] <domas> 5.5 is next
[13:29] <_ruben> hrm, needa brush up my perl/xml skills stat .. the code i've been producing lately is ugly as fuck :p
[13:30] <pmatulis> !language | _ruben
[13:38] <maedox> _ruben, isn't that a feature of perl, to create self-obfuscating code? :D
[13:41] <bobslaede> Hi. Im trying to set up some virtual hosts, using libvirt, kvm and qemu and following all guides on the ubuntu website. I used ubuntu-vm-builder to create the guest and everything seemed to work just fine. However i cannot connect to this new guest, and it seems that its not getting an IP thru the default NAT setup. Also I cannot connect to the console via virsh
[13:45] <soren> bobslaede: "virsh console" is only for text consoles. Use virt-viewer instead.
[13:47] <smoser> ttx, arond ?
[13:47] <ttx> smokie: o/
[13:50] <ttx> smoser: o/
[13:50] <ttx> (sigh)
[13:50] <smoser> sigh to you too
[13:50] <smoser> !
[13:50] <smoser> :)
[13:50] <ttx> now I have to type 4 characters to tabcomplete you
[13:50] <smoser> i was going to ask what i should need to do to get https://bugs.launchpad.net/ubuntu/+source/ec2-api-tools/+bug/644074 in
[13:52] <DigitalDeviant> Is there a way I can keep chown the same on ftp uploads using pureftpd ?
[13:52] <ttx> smoser: discussion of benefit vs. risk with the release team. Note that this is technically multiverse, so the rules are relaxed.
[13:53] <smoser> yeah.
[13:53] <ttx> I'd say... given that it's binary-only, the risk is contained
[13:54] <ttx> smoser: when were those released ?
[13:54] <smoser> yesterday.
[13:54] <ttx> ah.
[13:54] <smoser> well, at least announced yesterday.
[13:54] <ttx> so you can't really say they had field testing yet.
[13:54] <smoser> i can't say for certain that the binaries were not available without mention piror to that.
[13:56] <ttx> that's my only gripe about it. It's a young release.
[13:56] <ttx> smoser: if my vote is asked for, I'd +1.
[13:56] <ttx> benefits outweigh risks.
[13:57] <smoser> well, yes. the only thing that i have to alleviate that is a.) its multiverse b.) we've never (and they've never) released a bug fix release soon after.
[13:58] <ttx> smoser: sounds like you have a good case.
[13:58] <_ruben> pmatulis: my apologies, i actually had to reread my own text a few times in order to notice the profanities, what's this world coming to :(
[13:59] <smoser> so i should right up a justification for this and then upload ?
[14:00] <bobslaede> soren: sorry for the delay. This is a headless server
[14:07] <soren> bobslaede: So?
[14:18] <bobslaede> soren: no X
[14:19] <soren> bobslaede: Is it headless or is it X-less?
[14:22] <bobslaede> soren: both
[14:23] <soren> bobslaede: So you're not going to be at its console when you're doing this anyway.
[14:23] <soren> bobslaede: again: virt-viewer is your friend. Run it on your desktop.
[14:23] <bobslaede> soren: i dont have any access at all to the guests
[14:24] <bobslaede> soren: also, my desktop is a windows machine
[14:24] <soren> bobslaede: Then you're screwed.
[14:24] <soren> out-of-the-box at least.
[14:24] <bobslaede> I do have access to the servers console
[14:25] <soren> You can set up a serial console in the guests or whatnot.
[14:25] <soren> bobslaede: I thought you said it was headless?
[14:25] <bobslaede> soren: thru virsh console?
[14:25] <bobslaede> soren: well, i can connect a screen to it
[14:25] <bobslaede> soren: its just not at my current location
[14:26] <soren> it's really quite simple. qemu (and hence kvm) emulates a framebuffer. To look at a framebuffer, you need something that can show graphics.
[14:27] <soren> Like, say, a monitor.
[14:27] <bobslaede> soren: which should work thru ssh no?
[14:27] <soren> monitors? No, they require VGA cables.
[14:27] <soren> Or similar.
[14:28] <soren> My knowledge may be slightly outdated.
[14:28] <bobslaede> soren: does it matter if im connected to the server thru ssh, or at the console?
[14:28] <soren> All I'm saying is that the solution to your problem is virt-viewer. You can use other VNC clients, but you need to do your own connection forwarding and whatnot.
[14:30] <soren> bobslaede: Depends on what you want to do. If you want to look at the framebuffer of one of your VM's, it certainly helps to in an environment where such a thing can be easily represented. This could be a modern Linux desktop, like Ubuntu, or maybe Windows if you're happy to do your own ssh+vnc connection plumbing (and generally endure using it).
[14:30] <bobslaede> soren: so in order for me to access a guest system, i need something with direct access to the guest, X, and virt-viewer (or whichever vnc client)
[14:30] <soren> bobslaede: What do you mean "direct access to the guest"?
[14:31] <bobslaede> soren: since the guest apparently doesnt have an ip address
[14:31] <soren> bobslaede: Yes, but what does "direct access to the guest" mean?
[14:32] <bobslaede> soren: on the host system i suppose, since i wouldnt have access to any guests from outside of the host
[14:33] <soren> bobslaede: You're not really answering the question. You're asking me to verify this: "so in order for me to access a guest system, i need something with direct access to the guest, X, and virt-viewer (or whichever vnc client)". I can't do that when I don't understand what you mean by "direct access".
[14:33] <soren> bobslaede: You don't have to be logged into the host machine.
[14:34] <soren> bobslaede: You need a) a vnc client, and b) way to connect to the guest's vnc port.
[14:34] <soren> bobslaede: The guest's vnc port is on the host.
[14:34] <bobslaede> soren, but the guest doesnt have an IP, or anyway to connect to it?
[14:34] <soren> 13:34 < soren> bobslaede: The guest's vnc port is on the host.
[14:35] <soren> bobslaede: The guest doens't run a vnc server. The hypervisor does.
[14:36] <bobslaede> but shouldnt the hypervisor then be able to connect to the console? Im asking here because i cannot find any info about libvirt or any of this on google, theres only the default guides, none answer my questions
[14:36] <soren> Let's start over.
[14:37] <bobslaede> alright :)
[14:37] <soren> You want to log into the guest.
[14:37] <soren> Right?
[14:37] <bobslaede> Yes, which Ive created with ubuntu-vm-builder for libvirt
[14:37] <soren> Doesn't matter.
[14:37] <soren> Its network is screwed, so you can't use ssh.
[14:37] <soren> So you want to connect to its console.
[14:37] <bobslaede> Seems like it
[14:37] <bobslaede> Exactly
[14:37] <soren> You (wrongly) assume you should use "virsh console".
[14:38] <soren> I tell you: 12:45 < soren> bobslaede: "virsh console" is only for text consoles. Use virt-viewer instead.
[14:38] <bobslaede> but is a text console not enough?
[14:38] <bobslaede> there is no X on the guest aswell
[14:38] <soren> bobslaede: What happened when you tried?
[14:39] <bobslaede> 'error: no valid connection'
[14:39] <soren> And no, a text console is not enough, because 13:26 < soren> it's really quite simple. qemu (and hence kvm) emulates a framebuffer. To look at a framebuffer, you need something that can show graphics.
[14:40] <bobslaede> alright, sorry, wrong error before
[14:40] <bobslaede> 'Failed to connect to the hypervisor'
[14:42] <soren> That sounds like a different problem.
[14:42] <soren> But it really doesn't change the fact that you need a vnc client.
[14:42] <soren> QEmu emulates a framebuffer.
[14:43] <bobslaede> Yeah
[14:43] <soren> On real hardware, even if you decide to just show text, the monitor still shows it as pixels. Same here.
[14:44] <bobslaede> soren: so then i would still need X on the host, or a vnc viewer on my windows desktop?
[14:45] <permalac_> hi, amb looking for a landscape(canonical), spacewalk(red hat), xCat (not-debian) suitable alternative for my .deb based infrastructure. Does anyone know any server-management solution with web-based frontend which supports .deb systems? thanks
[14:46] <soren> bobslaede: You can put the VNC client whereever you want.
[14:46] <jrib> permalac_: umm isn't landscape such a thing?  Maybe ebox?
[14:47] <jrib> !away > dendrobates
[14:47] <soren> bobslaede: I can't really say putting anything on a Windows desktop is a good idea, but a vnc client on a server also doesn't sound good.
[14:49] <bobslaede> soren: i will try a viewer on windows
[14:51] <permalac_> jrib: it is the thing, but it cost like 30k a year. And there is no way to link unsupported machines. And most of my machines will have no support cause we have some libraries done by ourselfs. :(
[14:53] <jrib> permalac_: does ebox do what you want?  Don't really know much about either
[14:57] <permalac_> jrib: ebox , as I see , and if nobody else replays, it's a suite to manage services, almost like  webmin. What am I looking for is a system manager, like puppet, cfengine or chef, but with web-based frontend. Something to be able to delegate some administrative tasks to others on the corporation.
[14:57] <jrib> permalac_: I see
[15:18] <smoser> kirkland, you around ?
[15:21] <kirkland> smoser: barely
[15:21] <pmatulis> why would one use iptables "downrules" when the interfaces are going down?
[15:21] <smoser> can i call?
[15:22] <RoyK> pmatulis: erm ... to stop the firewall so that people can get into the now "down" interface? :þ
[15:22] <kirkland> smoser: sure
[15:23] <pmatulis> RoyK: how can you access an interface that is down?
[15:23] <RoyK> pmatulis: ever heard of something called irony? :)
[15:24] <pmatulis> RoyK: ok
[15:24] <shauno> I imagine if you had rules that NAT'd to that interface, you'd want to replace them when that if goes down
[15:26] <RoyK> pmatulis:  I guess it's just how ubuntu works - you want to get rid of anything not related to the current setup once you don't need it
[15:27] <pmatulis> shauno: replace them with what?
[15:33] <Raboo> Hi
[15:33] <Raboo> is this a good channel to get help with setting up a IPSEC tunnel using racoon and ipsec-tools?
[15:34] <RoyK> well, just shoot - someone might know
[15:34]  * RoyK doesn't
[15:36] <_ruben> racoon *shiver*
[15:37] <Raboo> hehe
[15:38] <_ruben> messed with it ages ago, its quite flexible, in fact, its flexibility makes it near useless for the average task
[15:39] <Raboo> should i like pastebin my error?
[15:39] <_ruben> that'd be a decent start (though i doubt i'd be of any help personally)
[15:39] <Raboo> hehe
[15:40] <Raboo> well it's like 2-3 lines of error
[15:40] <Raboo> will i get beaten for pasting that here?
[15:40] <_ruben> pastebin allows for easier referencing in case you need to restate your issue
[15:41] <Raboo> well i have problems with my phase 1 negotiation due to send error
[15:43] <Raboo> it also says IPsec-SA request for xx.xx.xx.xx queued due to no phase1 found.
[15:44] <_ruben> dont bother with debuggin ipsec-sa issues as long as your phase1 doesnt work ;)
[15:44] <Raboo> so if someone here has setup ipsec using racoon before, please let me know and i will expalin further and show my configuration file
[15:44] <Raboo> Well, the thing is, it did work.. I think..
[15:44] <_ruben> just out of curiosity, why use racoon and not strongswan/openswan/etc? they tend to be much more user/admin friendly
[15:45] <_ruben> if it stopped working without you changing anything, perhaps the remote end changed something :)
[15:46] <Raboo> ohh
[15:46] <Raboo> well i choose racoon, cause i thought it was the easier method
[15:47] <_ruben> racoon is very low-level
[15:47] <Raboo> so which is best, strongswan or openswan
[15:47] <_ruben> need to define every detail "by hand"
[15:47] <_ruben> matter of personal preference really .. i prefer openswan, but must also admit i never used strongswan ;)
[15:48] <_ruben> both are forks of the old frees/wan
[15:48] <Raboo> are they both up-to-date?
[15:48] <Raboo> ok
[15:48] <_ruben> openswan is actively maintained, dunno about strongswan, but i think it is as well
[15:48] <Raboo> ohh yea, it was freeswan that was the obsolete one
[15:49] <Raboo> ipsec gives me headache
[15:50] <_ruben> ipsec sure is a complex matter
[15:50] <Raboo> i think starcraft 2 is the solution to my headache
[15:50] <_ruben> heheh
[15:50] <Raboo> is that like cussing in here?
[15:50] <Raboo> a game, that requires windows or OS X
[15:51] <_ruben> as far as im concerned: no :)
[15:51] <_ruben> each os has its purposes
[15:51] <_ruben> we dont expect you to run ubuntu-server on your desktop ;)
[15:51] <hggdh> Daviey: another go at euca lucid?
[15:51] <Raboo> You don't? :-)
[15:51] <_ruben> correction: *i* don't ;)
[15:52] <Raboo> hehe
[15:52] <_ruben> i cant speak for others obviously
[15:52] <Raboo> well i will have a look at the *SWAN
[15:52] <Raboo> se which one has easiest documentation
[15:52] <\sh> _ruben: my laptop is running -server kernel on my laptop ;) but that's me
[15:53] <_ruben> for openswan be sure to check #openswan (not that active) and its mailinglists, the website is kinda outdated (most resources go into the code, not the web)
[15:53] <\sh> oh my...now I repeat already words ... too much server deployment today error
[15:53] <_ruben> \sh: still, running -server on a desktop isnt the same as expecting others to do so ;)
[15:54] <_ruben> desktop in the broadest sense, thus including laotops :)
[15:54] <_ruben> woah, laptops :)
[15:55] <_ruben> anyway .. time for me to head home .. bbl
[16:19] <smoser> kirkland, ami-7238cd1b
[16:19] <smoser> is ebs/ubuntu-maverick-daily-i386-server-20100921
[16:19] <smoser> us-east-1
[16:19] <smoser> use that
[16:21] <kirkland> smoser: would prefer 64 bit
[16:21] <smoser> price goes up
[16:21] <smoser> us-east-1 ami-7638cd1f canonical ebs/ubuntu-maverick-daily-amd64-server-20100921
[16:37] <SpamapS> kirkland: do you want my "maverick" script that automatically spawns the cheapest possible instance given the size (defaults to c1.medium because I find myself doing builds more often than anything else)
[16:47] <Datz>  Is there a way to see descriptions for updates using aptitude or other?
[16:48] <hggdh> Datz: aptitude changelog xyz
[16:49] <Datz> hggdh: thank you :)
[16:49] <smoser> SpamapS, i want ot see it
[16:51] <Daviey> hggdh, i386 is fail on my local :(
[16:51] <Daviey> hggdh, testing amd64 lucid -> maverick is more useful at this stage, i think
[16:51] <Datz> hggdh: I'm tring somethign like this with no result:" aptitude changlog linux-headers-2.6.32-24-server
[16:51] <hggdh> Daviey: pretty much all the failures I got are related to the apparmour bug ttx raised
[16:52] <Datz> hggdh: I realize my error, working, thanks
[16:52] <sbeattie> hggdh: which bug?
[16:53] <\sh> _ruben: that's right :)
[16:53] <hggdh> sbeattie: looking
[16:53] <hggdh> Datz: try linux-headers-generic
[16:54] <ttx> hggdh: but you got instances running ?
[16:54] <ttx> hggdh: or you had to disable apparmor to get them running ?
[16:54] <hggdh> ttx: yes, about 40%
[16:54] <hggdh> ttx: no, I did not disable apparmour. Which is weird, but ah well
[16:56] <Datz> hggdh: having a look, thanks
[16:56] <ttx> hggdh: hrm
[16:56] <ttx> hggdh: please comment on that bug, that will prove I'm not insane
[16:56] <hggdh> ttx: what is the bug#? I cannot find it
[16:57] <hggdh> ttx: I will do more, I will add a link to the logs
[16:57] <Datz> hggdh: lastest -generic and -server changelog is the same FYI ;)
[16:58] <hggdh> Datz: darn!
[16:58] <hggdh> Datz: well, if it is installed you can always look at /usr/share/doc/<packagename>
[16:59] <ttx> hggdh: Bug 628055
[16:59] <ttx> hggdh: maybe there is a eucalyptus bug in there, after all.
[16:59] <hggdh> ttx: thank you; sbeattie ^
[16:59] <Datz> hggdh: tis not, just wondering if I needed to update to latest kernel right away. :)
[17:01] <ttx> sbeattie: our latest suggestion is that it's not an apparmor bug, rather a libvirt bug that leaves a strange error message pointing to apparmor
[17:01] <ttx> and potentially a eucalyptus bug triggering a weird libvirt behavior triggering an apparmor-related error message.
[17:02] <ttx> the whole thing being a bit clouded by bug report hijacking.
[17:02]  * ttx will be back in 2 hours
[17:03] <hggdh> ttx, sbeatie: I will be uploading full logs (that is, the whole of /var/log) plus the test programme, and will add a link on the bug
[17:06] <sbeattie> hggdh: okay. It *is* possible that there's a bug in the apparmor kernel code where it might not be logging a rejection of something when it should.
[17:06] <hggdh> ttx, sbeattie: rephrasing: on Lucid, I had 63% success; on Maverick, all failed
[17:07] <hggdh> sbeattie: so it is consistently failing on maverick, after all
[17:31] <crankygeek01> When I log into my server I am getting this error message
[17:31] <crankygeek01>                       "/usr/bin/xauth:  /home/matt/.Xauthority not writable,
[17:31] <crankygeek01>                       changes will be ignored" This was not there yesterday and
[17:32] <crankygeek01>                       I am not sure what it means....any help?
[17:34] <crankygeek01> When I log into my server I am getting this error message "/usr/bin/xauth:/home/matt/.Xauthority not writable,changes will be ignored" This was not there yesterday and I am not sure what it means....any help?
[17:50] <pmatulis> with virt-manager, is it normal that i cannot remove guests image files when deleting guests?
[17:51] <pmatulis> (there is a yellow triangle with and exclamation mark)
[17:51] <pmatulis> filesystem permissions look ok
[18:02] <Daviey> ttx / hggdh: My local i386 Maverick... 2 instances ran, one went from pending -> running -> terminated... the other seemed to go from pending -> terminated
[18:02] <hggdh> Daviey: were you able to copy the console.log and .mxl from them?
[18:02] <hggdh> .xml
[18:03]  * hggdh is, meanwhile, netbooting to Maverick
[18:03] <Daviey> hggdh, didn't attempt to :(
[18:03] <Daviey> but i'm pretty sure it's the same failure
[18:03] <Daviey> hggdh, Give me some good news :)
[18:04] <hggdh> I am falling from the tenth floor, right now at the third, and all looks good so far ;-)
[18:04] <hggdh> Daviey: I should have them in about 30min
[18:14] <mathiaz> SpamapS: https://lists.ubuntu.com/mailman/listinfo/ubuntu-devel-announce
[18:39] <hggdh> mathiaz: could you adjust the flowcharts on https://wiki.ubuntu.com/ServerTeam/SRUPolicy -- where is says 'verification-succeeded' to 'verification-done'
[18:40] <hggdh> mathiaz: alternatively, if you give me the sources, I can do it
[18:45] <mathiaz> hggdh: I've attached the origianl dia files
[18:45] <hggdh> mathiaz: thank you
[18:56] <hggdh> smoser: there?
[18:56] <smoser> here
[18:56] <hggdh> what happened with --use-loader from uec-publish-tarball?
[18:57] <smoser> what do you mean ?
[18:58] <hggdh> I just tried it, from a netbooted install of Maverick -- it is not there anymore
[18:58] <smoser> hggdh,
[18:58] <hggdh> cloud-utils https://wiki.ubuntu.com/ServerTeam/SRUPolicy
[18:58] <hggdh> dammit
[18:59] <hggdh> cloud-utils 0.11-0ubuntu1
[18:59] <smoser> $ apt-cache policy cloud-utils
[18:59] <smoser> cloud-utils:
[18:59] <smoser>   Installed: 0.15ubuntu1
[18:59] <smoser>   Candidate: 0.15ubuntu1
[19:00] <hggdh> oh
[19:00] <hggdh> I know what I did :-(
[19:00] <hggdh> installed bloody lucid instead of Maverick :-(
[19:01] <hggdh> ah well. since it is there, I will test upgrading
[19:01] <hggdh> sorry smoser...
[19:08] <Four2zero> hello everyone. I'm running samba and i have installed webmin, and i am noticing multiple entry's displaying in my Network that are from the same box: http://www.upload3r.com/serve/210910/1285092388.jpg I have checked the smb.config and it does not show any other entries
[19:08] <Four2zero> how can i fix this ?
[19:11] <nakhlawi> As far as I know, webmin is not supported anymore in Ubuntu. Maybe others can verify?
[19:11] <Pici> !webmin
[19:14] <Four2zero> ah crap...lol
[19:14] <Four2zero> need to remove it then
[19:14] <Four2zero> thnx
[19:21] <_ruben> what tend ppl to use nowaydays as fs for a fileserver?
[19:23] <nakhlawi> _ruben: come again please
[19:23] <Four2zero> _ruben ext4
[19:23] <_ruben> woah, kinda cryptic indeed now i read it back :p
[19:24] <Four2zero> or reiserFS
[19:24] <_ruben> which is the recommended filesystem to use for a fileserver .. was kinda defaulting to ext4, but curious how others might think of it
[19:25] <Four2zero> _ruben http://en.wikipedia.org/wiki/Comparison_of_file_systems
[19:25] <nakhlawi> I use ext3 for Samba sharing, on a small installation though.
[19:25] <Four2zero> http://www.linux.org/lessons/advanced/x1254.html
[19:26] <Four2zero> im using ext4 on ubuntu-server
[19:26] <Four2zero> ext3 for boot
[19:26] <_ruben> for /boot i tend to use ext2 even
[19:26] <ScottK> reiser is pretty unmaintained for a long time.
[19:27] <_ruben> my previous install was using xfs, but heard quite some horror stories about that one in the mean time ;)
[19:27] <Four2zero> stick with ext4
[19:28] <Four2zero> its made for high performance
[19:28] <Four2zero> :)
[19:28] <_ruben> software raid5 over 6 1tb disks .. performance isnt the key here ;)
[19:28] <pwnguin> so i get in today and my ubuntu vm has crashed pretty badly
[19:28] <pwnguin> "task apache2:<pid> blocked for more than 120 seconds"
[19:28] <_ruben> oh well .. 686mins to go for raid volume initialization ;)
[19:29] <pwnguin> unresponsive on ssh
[19:29] <pwnguin> unresponsive on http
[19:30] <quentusrex> pwnguin, that is a kvm issue
[19:30] <quentusrex> I have had the same issue before.
[19:30] <pwnguin> its vmware =/
[19:30] <quentusrex> nvm
[19:31] <pwnguin> vmware console isn't responding to keyboard input
[19:31] <pwnguin> well not true
[19:31] <pwnguin> i can switch vts
[19:31] <pwnguin> but i cant log in
[19:31] <pwnguin> short of rebooting, is there anything else one can try?
[19:32] <pwnguin> quentusrex: indeed, a lot of googling suggests kernel bugs
[19:35] <Four2zero> should i change the default port that ebox uses for better security enhancement.
[19:35] <ScottK> How would that improve security?
[19:35] <quentusrex> pwnguin, I was able to resolve the issue with "sudo /etc/init.d/networking restart"
[19:36] <pwnguin> quentusrex: i can't log in =/
[19:36] <quentusrex> if you can get in any other way
[19:37] <quentusrex> you can't do it over standard networking
[19:37] <pwnguin> its a vm
[19:37] <Aqaz> If spamassasin can filter spam why one need to use SquirrelMail plugins?
[19:37] <quentusrex> kvm has a recovery console
[19:37] <pwnguin> ive tried ssh, ive tried the vmware virtual console interface
[19:37] <quentusrex> and I can get in over that.
[19:37] <pwnguin> i can switch vts on the virtual console, but the login prompt isn't responding
[19:38] <pwnguin> it kinda looks like reboot territory. it's not a mission critical system, and it's already as bad as it can get
[19:40] <pwnguin> i guess the only question is what logs will still be around after a reboot
[19:51] <slyboots> Hi
[19:52] <slyboots> Jsut notced some new behavior from my Ubuntu-server; its set to forward on email from root to my email account, and the last two three weeks been getting this email about.. twice a ay?
[19:52] <slyboots> "start: Job is already running: anacron"
[19:52] <axisys> how do I let another group to install pkgs ? giving them full sudo is the only option ?
[19:54] <u92> I cant find an up to date package for ClamAV
[19:55] <ScottK> u92: What release are you on?
[19:55] <slyboots> Im not even sure what Anacron is; I was under the impreeion that you just used.. cron; I checked Crontab but I have no tasks running
[19:56] <slyboots> So; Im unsure whats calling anacron; or what its supposed to be doing that its producing the error
[19:56] <u92> hardy 8.04
[19:56] <ScottK> u92: The version in hardy-backports is ~ up to date.  We're working on testing the new release now.
[19:57] <u92> the 0.96.* release,   cause i updated apt, and i keep getting 0.92.*
[19:57] <ScottK> u92: Then you don't have -updates enabled.
[19:57] <ScottK> 0.95.3 is in hardy-updates and 0.96.1 is in hardy-backports
[20:03] <kevinash> Hi, I don't want to mess this up, so could someone help me write a crontab command that runs 'apt-get update' then 'apt-get safe-upgrade'?
[20:10] <pedahzur> kevinash: Which file are you editing?  The user's crontab?
[20:10] <pedahzur> For y'all's information, I just reported: https://bugs.launchpad.net/ubuntu/+source/libnss-ldap/+bug/644632
[20:11] <kevinash> pedahzur: the admin user I've set up (a sudoer)
[20:11] <pedahzur> kevinash: So you invoked 'crontab -e' as that user?
[20:12] <kevinash> pedahzur: From the command line I do 'sudo crontab-e'
[20:12] <pedahzur> kevinash:
[20:12] <pedahzur> oops
[20:12] <pedahzur> kevinash: OK, what schedule to you want for the update commands?
[20:13] <kevinash> pedahzur: daily at about 5am (I'm actually OK with doing the timer bit, though)
[20:14] <pedahzur> kevinash: 0    5    *    *    *    apt-get update && apt-get safe-upgrade
[20:14] <pedahzur> kevinash: You can do tabs between columns, instead of spaces.
[20:15] <kevinash> pedahzur: Ah, so the && means 'wait until the first command has finished'?
[20:15] <_Techie_> just wondering, whats the flag safe-upgrade do?
[20:15] <pedahzur> kevinash: Basically, execute the next command if the previous command completed successfully (exited with an exit code of zero), but yes, 'wait' is implied.
[20:16] <kevinash> _Techie_: Truth be told, I'm using 'aptitude', but I was told that most of you folks use apt-get, so I thought I'd phrase it that way.
[20:16] <zoopster> kevinash: any reason you wouldn't just install unattended-upgrades? and use the /etc/cron.daily/apt script to manage it?
[20:16] <kevinash> pedahzur: Thank you so much. That's extremely helpful
[20:16] <pedahzur> kevinash: no problem
[20:17] <_Techie_> kevinash, if you were told that the otehr day, it was me who told you
[20:17] <kevinash> zoopster: If I knew that was possible I'd have done it that way! Thanks for the tip.
[20:17] <kevinash> _Techie_: <g>
[20:18] <kevinash> zoopster: Do you know if this is available for aptitude too (Don't answr if it's a RTFM, response...)
[20:18] <zoopster> kevinash: this==unattended-upgrades?
[20:19] <kevinash> zoopster: yes. sorry.
[20:21] <zoopster> kevinash: looks like it uses the python apt:: library? so I'd say no
[20:28] <kevinash> zoopster: thanks for looking. I guess I'll use pedahurz cron script
[20:28] <zoopster> kevinash: it's a project on launchpad.net so you can dive into the code, just a FE for what's already there for apt
[20:30] <kevinash> zoopster: I'll take a look. Thnanks for your help
[20:30] <theyranos> Anybody know a reference comparing Postfix and Exim? I'm rebuilding my mail system from scratch and not sure whether I should stick with my old MTA?
[20:32] <javatexan> howdy all
[20:32] <pwnguin> quentusrex: well, alt+sysrq+e seems to have fixed part of it
[20:32] <pedahzur> theyranos: no reference off the top of my head, but in my (somewhat limited) experience, Postfix has been easier to configure.
[20:32] <pwnguin> silly question: what log files are deleted on reboot?
[20:33] <theyranos> pedahzur: i've heard that too, which is why I'm considering the switch.
[20:33]  * theyranos will now go read the postfix manual
[20:33] <pedahzur> theyranos: How complex is your setup? You may be able to configure everything you need for Postfix just from the Debconf install questions. :)
[20:33] <javatexan> where is the ubuntu custom error page for apache2 on ubuntu server?  Is it just the apache default or...\\
[20:34] <_ruben> theyranos: a rather common response to such a question is: use whichever you are (currently) most comfortable with
[20:34] <nakhlawi> pwnguin: that depends on the logrotate configuration. Also syslog configuration.
[20:34] <pwnguin> nakhlawi: i know dmesg is gonna dissapear
[20:34] <pwnguin> cd
[20:34] <pwnguin> whoops
[20:34] <pwnguin> javatexan: check /usr/share/apache2/error/
[20:34] <_ruben> theyranos: if you're used to exim and know how to tell it to do what you want it to do, why bother switching to an alternative?
[20:34] <theyranos> pedahzur: Not very. It's the primary MX for my domain. Messages get dumped in a dovecot maildir.
[20:35] <theyranos> _ruben: While I've been using exim for several years, I still get hopelessly confused every time I try to change even the slightest thing about its configuration. So the idea behind possibly switching is hoping to find something easier to manage.
[20:36] <_ruben> theyranos: ah ok, that's a pretty valid point then ;)
[20:36] <pedahzur> theyranos: Yeah, sounds pretty easy.  I'd install postfix, answer the basic questions, and see how far that gets you.  You can always 'apt-get remove --purge' if you want to start over.
[20:36] <theyranos> pedahzur: Fair enough.
[20:36] <_ruben> if you got the resources, you could setup 2 vms, one with exim and one with postfix, try to configure them identically (the way you want), and see which works best for ya ;)
[20:37] <_ruben> postfix+dovecot integration is quite simple indeed
[20:38] <theyranos> _ruben: On one hand, cloning VMs is trivially easy on my host machine. On the other, your suggestion, while intriguing, probably doesn't get me off the backup MX today :-)
[20:38] <_ruben> theyranos: i wasnt aware of you being pressed for time :)
[20:39] <_ruben> a "decent" mail solution takes a fair bit of planning and research
[20:39] <theyranos> not so much pressed as frustrated with the limitations of the backup
[20:39] <_ruben> ic
[20:40] <_ruben> i know the feeling, i've been wanting to overhaul the corporate mail infra for years now, just cant find enough time for it
[20:40] <_ruben> by the time i get halfway making plans, so much new software and other changes have occured, that i might as well start from scratch again ;)
[20:40] <theyranos> well, i discovered recently that the boot files on our primary MX have been corrupted for so long that the "good" backups have been overwritten
[20:41] <_ruben> ouch
[20:41] <theyranos> so it's an opportunity to start from scratch, albeit an annoying one
[20:41] <theyranos> odds are nobody ever would've noticed had the building containing the primary MX's host machine not needed to be rewired.
[20:42] <_ruben> that as well, is a feeling/scenario/whatever i'm too familiar with unfortunately .. been planning and designing for weeks, am like half-way and *boom* .. the current live environment burns down in flames and you need to deploy a replacement like yesterday
[20:42] <_ruben> theyranos: nice
[20:43] <theyranos> i'm grateful the backup MX exists in the first place... it's relatively new :-)
[20:51] <javatexan> okay, that didnt work, i changed both bottom.html and top.html and restarted apache2 with no change in error message
[20:51] <javatexan> I really just want to add a picture to the page and take away the information line at bottom below the spacer
[20:52] <javatexan> for all the error pages
[20:52] <javatexan> :)
[20:55] <PiratedUnderwear> Hello :)
[20:57] <PiratedUnderwear> Does anybody know how to encrypt an Amazon EC2 ami?
[20:57] <veenenen> hey, how is sasl handled by default in postfix? I'm having an issue transferring over my old postfix configurations.
[20:58] <veenenen> I'm switching over to maverick (long story), and the ubuntu+1 chatroom doesn't seem to have anyone that knows anything about postfix.
[20:59] <veenenen> my mail relay provider is throwing an error saying I'm not passing my username and password
[20:59] <PiratedUnderwear> Did you check the documentation for it on the website?
[20:59] <veenenen> but I am, or atleast this same config file used to on my old server.
[21:00] <veenenen> I can't really find anything obvious that has changed.
[21:00] <pedahzur> veenenen: Does anything about SASL on this page help? https://help.ubuntu.com/community/Postfix
[21:01] <pedahzur> veenenen: Do you have control over the SASL provider? Or is that someone else's box?
[21:01] <veenenen> Its a third party
[21:01] <veenenen> So, nothing helpful there.
[21:02] <_ruben> veenenen: you are a sasl client right? as in sending the credentials, not the one checking 'em?
[21:02] <veenenen> That community page told me to install a totally new sasl library, but that seems silly
[21:02] <veenenen> It used to just work
[21:02] <veenenen> yeah, I'm the client
[21:02] <_ruben> sasl client config is fairly simple afaik, never hadda use it though
[21:02] <veenenen> I have the credentials in the main.cf file
[21:03] <_ruben> might wanna ask in #postfix .. quite active and a fair ammount of very knowledgable ppl, though they're also likely to tell you too rtfm though ;)
[21:03] <_ruben> postfix.org has a sasl page iirc
[21:03] <pedahzur> http://www.postfix.org/SASL_README.html
[21:04] <_ruben> grmbl .. phpsysinfo package is still broken
[21:04] <veenenen> ugh. this is going to be painful.
[21:05] <pedahzur> veenenen: All the howtos I just browsed through seem to assume your SASL provider is on the same host as your postfix install, and that you have control over said SASL provider.
[21:05] <pedahzur> veenenen: I'd also try the Postfix mailing list if #postfix doesn't work out.
[21:05] <veenenen> alright, thanks
[21:18] <_Techie_> php no longer seems to be working after a failed update
[21:26] <pedahzur> _Techie_: Oh goody...What updated?
[21:26] <_Techie_> was using webmin this morning to update
[21:26] <_Techie_> had to close the browser half way through
[21:27] <guntbert> !webmin | _Techie_
[21:27] <_Techie_> it in turn raped my apache, ive since recovered apache, but still havent got php5 working
[21:27] <_Techie_> !ebox
[21:28] <guntbert> _Techie_: I don't like ebox, to be honest, tried it twice and removed it "immediately"
[21:29] <pedahzur> guntbert: And eBox has now turned into this: http://www.zentyal.com/
[21:29] <_Techie_> ive been sticking with webmin, as it makes it really easy to manage users virtualhosts in apache
[21:30] <pedahzur> ebox has gone from being a config front end to wanting to be "the server"
[21:31] <pedahzur> Maybe that's just marketing. Maybe you can still use it just for your configuration.
[21:35] <guntbert> pedahzur: I never used it for config because it uses its own files - not the system config files as webmin does
[21:36] <_Techie_> well if ebox can manage my virtualmin GPL servers, maybe ill switch
[21:38] <guntbert> _Techie_: I never trusted it - but as webmin damaged your system...   but be warned...
[21:38] <_Techie_> yeah, i dont trust it fully either
[21:39] <_Techie_> i have mine so it only allows localhost logins, and i use apache to proxy to it and force SSL on the connection
[21:39] <_Techie_> thats how much i trust it
[21:39] <_Techie_> also, i have apache map it to a subdomain
[21:42] <_Techie_> i cant quite get php5 workign again
[21:45] <_Techie_> im about to fully purge anything php5 related
[21:48] <_ruben> _Techie_: define "doesn't work" .. as you reinstalled apache, it *could* be as simple as sudo a2enmod php5 && sudo restart apache2
[21:48] <_Techie_> _ruben, i havent re installed apache, that works, ive re installed using apt-get remove and install, php5* and libapache2-mod-php5
[21:49] <_Techie_> also enabled php5 and restarted apache
[21:51] <_Techie_> _ruben, http://pastebin.com/FZB2WaLx
[21:55] <_Techie_> _ruben, any idea on that error?
[21:56] <_ruben> do you really need libapache2-mod-php5filter ?
[21:56] <_Techie_> shouldnt
[21:56] <_ruben> then remove it
[21:56] <shauno> that looks like you just did apt-get install php5* ?   that's almost terrifying
[21:57] <_Techie_> phpfilter isnt installed
[21:57] <_Techie_> and yes atm im being lazy
[21:57] <_Techie_> once i figure out how to recover it, ill remove it and be picky
[21:57] <_ruben> ah, installing using wildcards is asking for trouble
[21:58] <_Techie_> im in the middle of class so i cant fully concentrate on selecting individual packages
[21:58] <javatexan> are webalizer and awstats the only 2 in repos?  I am sure there is a bot answer for this  ;)  Looks like that last love either of these packages got was back in 2008
[21:58] <_ruben> if you just want php5 support for your apache2, all you need to install is libapache2-mod-php5 (and its dependencies)
[21:58] <_Techie_> _ruben, done that, but ill purge and re install
[21:59] <_Techie_> php module is purged
[22:00] <pedahzur> javatexan: The last releaes for AWStats was December 2008.  The package in the repositories is up to date.
[22:00] <_Techie_> gimme a sec and ill restart apche
[22:01] <_Techie_> _ruben, okay, this is where im at
[22:01] <_Techie_> _ruben, purged both libapache2-mod-php5 and php5* and restarted apache
[22:02] <_ruben> might even wanna purge *php5* or atleast check with dpkg if you have any more php related packages hanging around
[22:03] <_Techie_> *php5* returned E: Regex compilation error - Invalid preceding regular expression
[22:03] <_Techie_>    and some other stuff, but that was the error line
[22:04] <_ruben> dpkg -l \*php\* should give some insights
[22:04] <_ruben> especially the lines starting with 'ii'
[22:05] <_Techie_> gimhttp://pastebin.com/RNEkAVM4
[22:05] <_Techie_> http://pastebin.com/RNEkAVM4 *
[22:05] <_ruben> looks clean enough
[22:06] <_ruben> install libapache2-mod-php5 again
[22:07] <_Techie_> http://pastebin.com/Bm5bkQpV
[22:08] <_ruben> your apache2 config looks quite botched
[22:08] <_Techie_> yeah
[22:08] <_ruben> "Warning: DocumentRoot [/etc/apache2/!] does not exist" sounds way wrong
[22:08] <_Techie_> its been poked and prodded alot
[22:08] <_Techie_> it was doing that before the screwup
[22:09] <_ruben> /etc/apache2 should exist, but should not be your docroot
[22:09] <_Techie_> i dont think it is
[22:09] <_ruben> oh .. the ! is part of the path
[22:09] <_Techie_> ill restart apache, a2enmod php5 and then restart again
[22:09] <_Techie_> that sound good with you
[22:09] <_ruben> search your apache2 config files for any stray exclamation marks
[22:09] <ehcah> Hello. When setting up DDNS, do zone files get created/saved in /etc/bind/ or /var/cache/bind/ ?
[22:10] <_ruben> /var/cache/bind iirc
[22:10] <_ruben> /etc/bind shouldnt be writable by bind itself
[22:10] <ehcah> cool thanks.
[22:11] <ehcah> I'm using a tutorial, but I'm not 100% it is Ubuntu 10.4.
[22:11] <ehcah> Not safe...
[22:11] <Four2zero> wtf, ebox or zentyal will not remove from the system....lol...i ran "sudo apt-get remove zyntal" and im still getting the web configuration page, how do i completely remove it ?
[22:12] <_Techie_> _ruben, i supressed that error via sudo mkdir /etc/apache2/\!
[22:12] <Four2zero> and ran command sudo autoremove
[22:12] <_ruben> _Techie_: nasty ;)
[22:12] <_Techie_> i wouldnt mind re installing and starting again, but its too much work atm
[22:12] <_ruben> _Techie_: though assuming your apache config isnt *too* botched, and you did a full restart of apache2 (not just reload), php oughta be working again
[22:13] <_Techie_> always restart
[22:13] <_Techie_> never reload
[22:13] <pedahzur> ehcah: Unless you have a need for Bind, you might look at dnsmasq.  It does DNS caching, and DHCP serving all in one.
[22:13] <_Techie_> _ruben, still not working, http://phpsysinfo.technz.info/
[22:14] <ehcah> I'm trying to setup DYNDns
[22:14] <_ruben> _Techie_: works for me
[22:14] <_Techie_> _ruben, really, green page with info?
[22:14] <shauno> _Techie_: ditto
[22:14] <_ruben> yup
[22:14] <pedahzur> ehcah: Then you shouldn't need bind at all.  Just a client that updates dyndns when your IP changes.
[22:14] <_Techie_> hrmm, doesnt work here, ill reload my web browser
[22:15] <ehcah> pedahzur: The tutorial I'm using suggests I create files rather than use a client?
[22:15] <shauno> not sure you really need 6Gb of swap, but it's not showing me php errors :)
[22:15] <_Techie_> _ruben, im stil getting prompted to save the php file
[22:15] <pedahzur> ehcah: What's the URL?
[22:16] <_ruben> _Techie_: try different browser to rule out cache?
[22:16] <_Techie_> _ruben, it asks to save the file both in firefox and IE
[22:16] <_Techie_> ill give firefox portable with socks a stab
[22:17] <pedahzur> ehcah: Yeah, that's setting up dynamic DNS and DHCP on your local box.  Is that what you want?  Or are you setting up http://www.dyndns.com/
[22:17] <_Techie_> _ruben, okay, portable firefox via socks usign ssh is workign
[22:17] <qman__> ehcah, there are two kinds of dynamic DNS -- one kind is to have an internet-based subdomain service like dyndns point to your changing IP, this kind does not require BIND at all
[22:17] <ehcah> I'm fairly sure this URL is what I need?
[22:17] <qman__> the other kind is to dynamically set local DNS to all your DHCP clients on the LAN
[22:18] <qman__> which does require BIND, and is probably what you're following a tutorial for
[22:18] <ehcah> qman: You have me thinking now.
[22:18] <_ruben> _Techie_: clear the caches of your browsers then, or do a force reload (ctrl-f5 i think)
[22:18] <qman__> if you're using dyndns, all you need to do is wget the URL they give you at regular intervals
[22:18] <ehcah> I'm trying to replicate a different service I tried.
[22:19] <ehcah> The other service was using Open DNS on Fedora.
[22:19] <ehcah> I liked it.
[22:19] <qman__> I use afraid.org
[22:20] <ehcah> Regardless, I'm 3/4 down the path I started.
[22:20] <ehcah> I just wasn't sure I was going to create files in the right directory.
[22:20] <qman__> what I'm getting at, is that these are two completely different things
[22:20] <qman__> so what are you after, exactly?
[22:20] <ehcah> Everything to this point has been mostly editing, not net new.
[22:21] <ehcah> Accessing my box through URL like ACME.homelinux.com
[22:21] <ehcah> Or something like that.
[22:21] <qman__> then you don't need BIND at all
[22:21] <ehcah> You're killing me.
[22:21] <qman__> you just need a dynamic DNS service like dyndns or afraid.org
[22:22] <qman__> and a simple wget script at regular intervals
[22:22] <ehcah> Using their client?
[22:22] <ehcah> oh.
[22:22] <qman__> the BIND tutorial is for using DNS on your LAN, instead of things like hosts files or netbios
[22:22] <qman__> yeah, or their client
[22:23] <qman__> there are a number of ways to update it
[22:23] <ehcah> host access is what I wanted my lan. Ie. router.mylan.com
[22:23] <qman__> I do the wget route with a script in /etc/dhcp3/dhclient-exit-hooks.d/
[22:23] <ehcah> or brother7440n.mylan.com
[22:23] <pedahzur> apt-cache search dyndns will give you a list of clients that come with ubuntu.
[22:23] <qman__> so you want internal DNS, or from the internet?
[22:24] <qman__> because they're separate
[22:24] <qman__> also, you shouldn't use .com
[22:24] <qman__> not unless you own that domain name
[22:24] <qman__> it'll cause problems
[22:24] <qman__> use something like .lan
[22:24] <ehcah> I know, but thought I needed both if I'm using my server for DHCP and other lan services.
[22:25] <ehcah> My telco gateway only provides internet connectivity.
[22:25] <hggdh> Daviey: bug 644733 ;-)
[22:25] <qman__> yes, but what I'm asking is, do you want to access your box by a DNS name from the internet, or from your LAN?
[22:25] <ehcah> I may not be answering you correctly, but both???
[22:26] <_Techie_> qman__, lemme try, ehcah do you want other people to be able to use the domain name?
[22:26] <ehcah> Funny.
[22:26] <_ruben> hmm .. should see if can get working temps on my sysinfo as well .. http://jupiter.ipv6.tun0.nl.ipv4.sixxs.org/phpsysinfo/index.php?disp=dynamic
[22:26] <qman__> and you want all your names to be internet accessible, such as router. and brother.?
[22:26] <ehcah> Kids/wife.
[22:26] <_ruben> then again, time for bed now
[22:26] <qman__> because that's incredibly risky
[22:26] <ehcah> only my server.
[22:26] <qman__> ok, then you need to do both things
[22:26] <_Techie_> _ruben, its not hard
[22:26] <qman__> the BIND tutorial will provide the local DNS
[22:26] <ehcah> and just for vpn or ssh.
[22:27] <qman__> and dyndns/afriad.org/etc will provide the internet name
[22:27] <_ruben> _Techie_: depends on whether the hardware is supported or not ;)
[22:27] <_Techie_> _ruben, most likely it is
[22:27] <qman__> I'd also suggest using two different names
[22:28] <_ruben> 514minutes left to init the raid volume, should be done by morning .. i hope
[22:28] <_ruben> bbl :)
[22:28] <qman__> your internet name could be yournetwork.dyndns.com, while your local DNS could be mylan.lan
[22:28] <ehcah> In my last config, everything was .com.
[22:29] <qman__> using a .com domain for local DNS can cause problems
[22:29] <ehcah> k.
[22:29] <qman__> as can any real TLD
[22:29] <qman__> don't use .local either, that can cause problems too
[22:29] <qman__> but pretty much anything else is okay
[22:30] <_Techie_> often people use .internal
[22:30] <qman__> you could call it .omgwtfbbq if you wanted
[22:30] <ehcah> If it makes any difference. I actually own the .com domain name that I'm using.
[22:30] <ehcah> LOL
[22:30] <ehcah> The .com is not published or active.
[22:30] <qman__> you just want it to be distinctly fake, because it doesn't work from the internet
[22:30] <ehcah> got it.
[22:31] <ehcah> Knowing that I control if that domain ever goes active, I thought I was safe.
[22:31] <qman__> you would be safe, but it's still a good idea not to use it
[22:31] <qman__> some applications are dumb
[22:31] <qman__> and expect .com to be on the internet
[22:31] <ehcah> so is me
[22:31] <qman__> even when it clearly isn't
[22:32] <qman__> now, if you own your own .com domain, you could have that point to you from the internet
[22:32] <qman__> but that's beyond the scope of that tutorial, it's a separate task
[22:32] <ehcah> Funny as it sounds, I feel a bit safer with ***.dyndns.com domain rather than a ***.com domain.
[22:33] <ehcah> It is also a different DYN service.
[22:34] <qman__> yeah
[22:34] <qman__> sorry for the confusion, I simply assumed you were looking for one or the other
[22:34] <ehcah> No worries. I'm the problem as I'm not able to articulate my requirements clearly.
[22:35] <ehcah> My life would be easier if I could just hire someone to do this for me.
[22:35] <qman__> indeed
[22:36] <qman__> on a related note, if you're serving SSH to the internet, make sure you take steps to protect it, such as a limiting firewall or fail2ban
[22:36] <qman__> also suggest using key based auth
[22:36] <ehcah> ok.
[22:37] <qman__> there are bots that constantly scan for and brute force them
[22:37] <ehcah> The other setup I ran for a bit was on Fedora.
[22:38] <ehcah> I have had enough trouble learning bits and pieces of Ubuntu.
[22:38] <ehcah> I also have 5 desktops running ubuntu, so to me, it only made sense to go full in.
[22:38] <ehcah> My original goal was to replicate WHS.
[22:39] <qman__> well, the debian way is quite a bit different from redhat/fedora
[22:39] <ehcah> yes.
[22:39] <qman__> as I'm sure you've figured out
[22:39] <ehcah> Big time.
[22:40] <_Techie_> bbs
[22:40] <ehcah> Every box I have is different too.
[22:40] <ehcah> hardware wise.
[22:41] <qman__> I first tried ubuntu with 5.10 and fell in love with the way it does things
[22:41] <qman__> I was never much of a redhat fan
[22:41] <qman__> but that's all personal preference
[22:41] <ehcah> Agreed.
[22:41] <ehcah> and based on one's experiences.
[22:42] <qman__> in my opinion, it's worth the effort to learn the differences, because in the end, it'll make things easier
[22:45] <_Techie_> that bad update did more than rip apart my php
[22:45] <_Techie_> =(
[22:45] <_Techie_> now i gotta re tweak lighthttpd and my sockets
[22:48] <_Techie_> along with checking all the required php stuff is installed
[23:12] <hggdh> Daviey: and... bug 644759
[23:13] <Daviey> hggdh, oh joy.
[23:13] <hggdh> Daviey: aye. So two of them so far (not counting the images being lost)
[23:18] <Daviey> :(
[23:19] <ghaleb> q
[23:23] <ghaleb> hello, I have files in range of 3 to 5 GB on two vpn sites, I would like to use rsync to keep them synchronized, moving the whole file is a heavy process over the internet, is it possible to move only the difference within the file ?
[23:35] <theyranos> What can cause "ssh main process terminated with status 255"? openssh-server works for the first five or so minutes the server is running, then kicks off any logged in user and dies with that message in /var/log/syslog. If I manually restart with /etc/init.d/ssh start it works for about the same amount of time. I already have ListenAddress 0.0.0.0 in my sshd_config.
[23:36] <pwnguin> theyranos: oom?
[23:36] <theyranos> pwnguin: eh?
[23:37] <pwnguin> out of memory
[23:37] <pwnguin> although i guess ssh shouldn't exit in that case
[23:37] <pwnguin> as the kernel will straight up kill it
[23:38] <theyranos> Got 200 of 512 MB free.
[23:42] <pwnguin> theyranos: 255 means that the ssh connection died, not the process you're trying to run
[23:42] <pwnguin> that's about all that you can glean from that message
[23:43] <pwnguin> you can turn on debugging
[23:43] <theyranos> oddly, setting LogLevel to DEBUG2 seems to have solved the problem
[23:43] <pwnguin> heh
[23:44] <theyranos> spoke too soon... just took longer to die