/srv/irclogs.ubuntu.com/2010/10/09/#ubuntu-server.txt

ScottKThat's going to make it a bug tough.00:00
ewook_yeah. darn router had switched me over to my failover connection without me noticing...00:01
ZerI will say, Postfix-*Dovecot* from 9.10 -> 10.04 was a horror00:33
demonsporkfffuuuuu00:45
demonsporkhow do I prevent a certain user from using anything but a certain IP address?00:45
uvirtbotNew bug: #657127 in mysql-dfsg-5.1 (main) "package mysql-server-5.1 5.1.41-3ubuntu12.3 failed to install/upgrade: Package is in a very bad inconsistent state - you should  reinstall it before attempting a removal." [Undecided,New] https://launchpad.net/bugs/65712700:51
=== jjohansen is now known as jj-afk
pmatulisdemonspork: what do you mean?01:32
RoyKdemonspork: you can do that with iptables if you work hard on it01:34
qman__seems like an overcomplicated way to accomplish whatever it is you're really after01:35
RoyKdemonspork: google for iptables owner01:36
demonsporkwell, RoyK and qman__, what I am trying to accomplish is to keep users from binding what they are running to any IP address but the one I want for them to have access to02:03
RoyKdemonspork: I think you should give them a VM if you want to isolate them from the system in that way02:05
Zerdemonspork, you could perhaps use iptables with -m owner02:06
ZerAt the very least that'd prevent them from getting anywhere if they tried02:06
demonsporkit isn't a security thing, it is a monitoring thing02:07
demonsporkI would be just as happy with a solution to monitor bandwidth usage per user02:07
RoyKdemonspork: as I (and Zer) said, try to use the owner module in iptables02:07
demonsporkyeah, I am looking into that right now02:08
Zerdemonspork, Google:02:11
Zeriptables bandwidth accounting02:11
ZerIt comes up with quite a bit02:11
Zer...oh... I didn't scroll up. Sorry RoyK :)02:11
ZerA server split made it quite a ways away02:12
RoyK:)02:12
RoyKalways a splatter02:12
uvirtbotNew bug: #657149 in squid (main) "package squid 2.7.STABLE9-2ubuntu5 failed to install/upgrade: subprocess installed post-installation script returned error exit status 1" [Undecided,New] https://launchpad.net/bugs/65714902:32
fluvvellI want to remount a directory that is on a drive with heaps of space onto a directory under the root, what do i need in the fstype part of fstab ?02:36
RoyKmount it somewhere else02:40
RoyKand umount -l the old dir02:40
RoyKman umount02:40
RudyValenciaOn http://drakespizzapalace.com/ why do the navigation li backgrounds overlap the02:55
RudyValencia+overlap the regular background?02:55
RudyValenciaOops sorry meant to type that in #web02:56
fluvvellRoyK, I think what I'm looking for relates to mount -R /olddir /newdir   but I need a none option in fstab, was just checking if anyone new of any other requirements03:08
RoyKfluvvell: the fstab is only used under boot03:09
RoyKfluvvell: never mind that during runtime03:09
fluvvellRoyK, yep but its to be permanent will need it to survive reboot.03:11
fluvvellAnother question, know how to change time zones by command line?03:12
gravity1187any of you have much experience with bastille?03:13
shaunoI didn't know that was still alive03:18
gravity1187still in the repos, but appears to have a lot of issues03:19
gravity1187I've found at least 2 bugs in the last day03:20
gravity1187really pisses me off because they are critical bugs and this package is always a great starting point for hardening a system03:23
keesgravity1187: I'd have to disagree. bastille doesn't have much general utility in a modern system.03:33
keesgravity1187: see https://wiki.ubuntu.com/SecurityTeam/Roadmap under "Not Interested"03:34
keesgravity1187: though I'm open to further thoughts on it. we just didn't see anything useful in it any more.03:34
shaunomost of what it contained would probably be better off as 'sensible defaults' rather than optional fiddling.  but their site says the next release is due jan 14th 2008, which is never a good sign03:36
gravity1187I'll have to take a look at the roadmap, but IMO ufw and app-armour have a long way to go especially with programs such as pasd that are designed to work with iptables03:37
gravity1187correct me if I am wrong03:37
LucidGuyUbuntu phpmyadmin question... everything is working fine but I can't find where in my apache2 confs it declares mysite.com/phpmyadmin    No include line stating php .. anyone?03:50
LucidGuycancel that .. found it.03:51
pwnguini think its in apache2/conf03:52
pwnguinfor some odd reason03:52
pwnguindebian webapp packaging is inconsistant03:52
LucidGuyapache2/conf.d/  yes03:52
pwnguinit should probably be in sites-available03:52
RoyKpwnguin: it's not really inconsistent, it just bases all on that everything is on the same box03:54
RoyKpwnguin: you can easily separate it all to new virtualhosts03:54
RoyKpwnguin: it would be worse if you had to create a virtualhost to gain access in the first place03:55
pwnguinRoyK: have you read the debian guidelines for webapps?03:56
RoyKno03:57
RoyKbut then - sites-available holds virtualhosts03:58
RoyKby definition03:58
RoyKmods-available holds modules03:58
pwnguinhttp://webapps-common.alioth.debian.org/draft/html/03:59
RoyKwhich part are you referring to?04:00
pwnguinperhaps im mistaken04:01
pwnguinlooks like the official policy is to register with apache via conf.d04:01
pwnguinerr the unoficial04:02
RoyKI think that is the bin into which they throw all the leftovers04:02
RoyKthe ones not in by standard04:02
pwnguini thought i had seen a few in sites-available, but i dont have any04:02
pwnguinthat i didnt make04:03
RoyKsites-available is for Apache VirtualHost entries04:03
RoyKobviously, it can be used for all sorts of stuff, but to keep it clean, just put vhosts in there04:03
rsouthardI have several luns presented to my workstation via qlogic HBA's. They are setup in /etc/multipath.conf with an alias. I can see all the luns with the multipath -ll command. How would i go about renaming the luns with device mapper? I do not want to use /dev/dm-7 in fstab since the dm-7 is not necessarily persistant at reboot. Any thoughts?04:21
RudyValenciaOK I have usbmount setup on my server, when I'm finished with a volume do I unmount it manually first?04:32
=== erichammond1 is now known as erichammond
=== erichammond1 is now known as erichammond
=== erichammond1 is now known as erichammond
=== erichammond1 is now known as erichammond
=== erichammond1 is now known as erichammond
uvirtbotNew bug: #657180 in samba (main) "package samba-common-bin 2:3.4.7~dfsg-1ubuntu3.2 failed to install/upgrade: subprocess dpkg-deb --fsys-tarfile returned error exit status 2" [Undecided,New] https://launchpad.net/bugs/65718004:57
chrislabeardWhat is the best php accelerator ?05:27
Patrickdkthe one you use :)05:28
chrislabeardthat would be none so sceratch05:29
chrislabeardI tried to install apc but didn't seem to work05:30
PatrickdkI'm personally using xcache, but also sometimes use apc when needed05:53
uvirtbotNew bug: #657200 in bacula (main) "package bacula-director-pgsql 5.0.1-1ubuntu1 failed to install/upgrade: el subproceso script post-installation instalado devolvió el código de salida de error 10" [Undecided,New] https://launchpad.net/bugs/65720006:56
sorenScottK: Excellent, thank you.08:43
uvirtbotNew bug: #657229 in samba (main) "samba shares are no longer shown on host" [Undecided,New] https://launchpad.net/bugs/65722909:42
uvirtbotNew bug: #657245 in clamav (main) "package clamav-base 0.96.1 dfsg-0ubuntu0.10.04.2 failed to install/upgrade: subprocess installed post-installation script returned error exit status 1" [Undecided,New] https://launchpad.net/bugs/65724510:11
jayveeAny IPsec users here?10:14
jayveeI would like to know if IPsec is still broken in linux-image-virtual like it was in Karmic.10:14
=== aliverius_ is now known as aliverius
spiekeyHello!10:41
spiekeyi have a md-raid with 8 disks and my box crashed. Can i simply boot up with a live-system and "activate" that md-raid again?10:42
spiekeyof course it should not destroy my existing data10:42
jayveespiekey: define 'crashed'10:47
spiekeywell, my root-disk was not a raid and it crashed10:48
spiekeyso i am left with my "data" which was on my md-raid10:48
jayveeso by 'crashed' you mean the disk has died, not 'kernel panic' or 'power outage'10:49
jayveeI have never used md-raid, but I would say it is very likely possible to mount the raid setup from a live system.10:50
jayveeexactly how, I could not tell you.10:50
spiekeyjayvee, yeah. That my problem. it "should" work :)10:51
spiekeybut i dont want to acidentally rebuild the raid :)10:51
=== Barre_ is now known as Barre
jayveeah good, ipsec works with linux-image-virtual on Lucid :)12:40
spiekeyjayvee, just for your notes... the disks have some sort of uuid. So mdadm automatically knows which disks belongs together12:41
spiekeyit was just like plug+play12:41
jayveenice one12:41
jayveegreat to hear12:42
uvirtbotNew bug: #657302 in openssh (main) "X11 forwarding does not work" [Undecided,New] https://launchpad.net/bugs/65730213:12
ivnnvihi13:58
ivnnviqualche italiano???13:58
Jeeves_No, this is an english channel14:02
=== ewook_ is now known as ewook
Doonzhey guys, i rebooted my server and when it came back up its doing a fsck scan on one of my drives. how can i see a progress meter of this scan14:45
RoyKAFAIK fsck doesn't have one14:46
Doonzthats sux14:46
RoyKwhat fs are you using?14:46
Doonzext314:47
RoyKwhen you create an ext3 fs it tells you to tune2fs -c0 -i0 to inhibit periodic checking14:47
RoyKif it wasn't a periodic checking, well, then it was probably needed14:48
Doonzi dont remeber seeing that14:48
Doonzbut its been a year since i built this array14:48
RoyKmke2fs -j will print that by default14:48
RoyKwas it a periodic check?14:48
Doonzyeah14:49
RoyKk14:49
Doonzbut its like 3.7Tb the array14:49
RoyKwell, disable it when it's done, then14:49
Doonzso i wanted to see how much time was left14:49
RoyKheh - that'll take some time :)14:49
Doonz:/14:49
Doonzyeah14:49
Doonzat least its saturday14:49
RoyKme sticks to zfs for volume data14:49
Doonzi was just learning when i did this14:49
RoyKwell, just wait14:50
RoyKnothing more to do14:50
Doonzi have two raid 5 arrays with 1tb populating them14:50
Doonz10tb raw14:50
RoyKk14:50
Doonzso my next moe will be to grabe 6x 3tb drives and go to zfs14:50
Doonzmove*14:50
* RoyK is setting up a couple of 110TB boxes soon and is feeling like a child on his way to the circus14:51
Doonznice14:51
Doonzin 9u cases?14:51
RoyK11 7-drive raidz2 LVOLs14:51
Doonzah ok14:51
Doonzbrb14:51
RoyK4U supermicro server with 34 2TB drives and a JBOD with 45 drives14:52
Doonzah ok15:00
Doonzyeah i have a norco 20 sas/sata bay case at home15:02
RoyKDoonz: moving to zfs?15:47
qman__you can actually break out of it by pressing ctrl+alt+del15:49
qman__but if it's been a year, it's probably a good idea to let it run anyway15:49
qman__3.7TB should take probably a couple hours15:50
qman__and fsck used to have a nice progress bar up until lucid15:50
qman__when plymouth broke it15:50
DoonzRoyK: i will once i get my new drives15:56
Doonzim only cli15:56
Doonzwoot its done15:57
Doonznow how do i disable it from doing that again?15:57
RoyKDoonz: tune2fs -c0 -i0 /dev/something16:04
frankstervilleOhhh can Lucid do ZFS?16:04
RoyKfranksterville: with fuse, yes, but I wouldn't use that on critical data16:05
frankstervilleRoyK:  I'll leave the ext3 alone :)16:06
* RoyK stiicks to nexenta for critical data16:06
frankstervillereg ole raid 5 here16:06
RoyKole?16:07
frankstervilleold*16:07
RoyKk16:07
frankstervillesigh*16:07
RoyKfranksterville: with this new setup, we can't really afford 'silent data', which gets quite common with 80 2TB drives installed....16:08
frankstervilleRoyK:  80!  holy platter surface16:09
RoyKhehe16:09
EvilPhoenixholy hell thats a lot of drives16:09
RoyKwell, actually it's only 7916:09
EvilPhoenixthey in RAID?16:09
RoyKwith two spare drives16:09
RoyKthey will be organized in 11 7-drive raidz2 LVOLs16:10
RoyKtwo boxes - one for the private net, one for the dmz16:10
RoyK4+4U each :D16:10
* RoyK will need to take some pictures of this setup - 17U worth of backup with the 1U pizzabox for the Bacula Director16:11
RoyKhttp://www.funofun.com/hillbilljobapp.shtml16:20
DoonzRoyK: is there anychance of me damaging the drive with running that command16:41
RoyKno16:42
RoyKafaik it's virtually impossible to do much damage with tune2fs unless you force something with -f16:43
Doonzthanx16:44
RoyKthose options (-c and -i) should be safe, anyway16:44
Doonzso did you take a picture yet?16:44
RoyKI haven't got the boxes yet16:44
RoyKarriving in a week or so16:44
Doonzah16:44
Doonznothing like cristmeas16:44
Doonz:)16:44
RoyK:)16:44
Doonzwe got 40 2u servers coming in cant wait to get all them up and running16:45
RoyKfor what sort of service?16:45
Doonzdcs system upgrade16:45
RoyKdcs?16:46
Doonzdigital/distributed control system16:46
RoyKbtw, have you automated installs on those, or do you plan to install them all by hand?16:46
RoyKok16:46
Doonzwill be auto imaged but then manual setup after the base image is applied16:46
RoyKjust curious - what do they control?16:46
DoonzOil plant16:46
RoyKah16:46
RoyKSAP or something?16:47
DoonzNo the actual control of the plant16:47
Doonzvalves pumps boilers and so forth16:47
RoyKlast I checked, SAP can do that stuff too16:47
Doonzive never heard of SAP16:48
RoyKbut then, I guess hireing 100 developers to make something new will cost less16:48
Doonzthere is honeywell emerson yokogaw and siemens for dcs world wide16:48
RoyKk16:49
RoyKbeware of Stuxnet, then16:49
DoonzSAP here at site is used to deal with wo n1 breaks ins and so forth16:49
Doonzwe dont have siemens plc here16:49
RoyKk16:50
Doonzbut were immune to that type of exploit anyhow16:50
RoyKbut 2U? lots of local drives?16:50
Doonzdual ati r220 video cards16:50
RoyKah16:51
RoyKic16:51
Doonzi think its r220 id have to look at the box16:51
Doonzits kvm over ip16:51
RoyKbut ... supermicro has some dual GPU machines in only 1U16:51
Doonznot certified16:51
RoyKby whom?16:51
DoonzEmerson/Honeywell16:52
RoyKk16:52
RoyKseems like a lot of horsepower in those boxes, though :)16:52
Doonzthey are made by dell but only for those two companies16:52
RoyKheh - sounds expensive16:53
Doonzjust your basic dual core with 4gb ram dual ssd with quad nics and the dual cards16:53
Doonzquad nic*16:53
RoyKbut with that many GPUs, I guess there'll be a lot of modelling16:53
Doonzno16:53
Doonzquad monitor support16:53
RoyKfor 2U boxes??16:53
Doonzyep16:53
Doonzoperator and engineering stations16:54
RoyKso, 4 monitors on 40 servers, that's 160 monitors16:54
Doonzyeah16:54
RoyKI don't get it...16:54
Doonzyou have 4 screens per operator station with 3 operator stations per area16:54
RoyKwhy not local machines?16:55
Doonzso areas are 4 operator stations16:55
Doonzsome*16:55
Doonzdont want them to be availible to anyone16:55
RoyKor are you just running video over long high-speed transport?16:55
Doonzeasier to maintain the euipment in a controlled environment16:56
Doonz1 sec16:56
RoyKwhat about remote X or something?16:56
RoyKtransporting VGAish video over a link seems to be a bad idea imho16:57
Doonzits fine16:57
Doonzhttp://www.amd.com/us/products/workstation/graphics/ati-firepro-3d/rg220/Pages/rg220-features-benefits.aspx16:59
Doonzthe run is over fiber roughly 3miles16:59
Doonzpretty neat stuff that works as advertised17:10
RoyKfancy17:20
RoyKwhat - just gigE?17:21
RoyKor 10g?17:21
Doonzptp fiber17:25
frankstervillePOLL:  Linode or Ec2 MIcro instance?17:25
Doonzit can be ran 10g but it will be copper to fiber -> long run -> fiber to copper17:26
Doonz100mbit siwtches17:26
martin-how can I change the device of an md device?17:45
martin-currently mdadm --examine --scan gives me two md0 devices17:45
martin-which causes problems when booting (since system is on md0)17:45
martin-device number*17:47
uvirtbotNew bug: #657385 in mysql-dfsg-5.1 (main) "mysql failed to configure while upgrading to 10.04" [Undecided,New] https://launchpad.net/bugs/65738517:51
ChrisbuchholzHey guys. Where do i find my auth-log on ubuntu server 10.04? I have looked it /var/log, but it only contains the rotated logs auth.log and auth.log.118:05
ScottKChrisbuchholz: What are you looking for that isn't in those logs?18:06
ChrisbuchholzscottK, nothing. I just thought that the rotated logs would be archived, while a 'auth' would be the most current18:06
ChrisbuchholzScottK: maybe i'm wrong?18:06
ScottKauth.log is the current one18:07
ChrisbuchholzScottK: Okay, thanks ;)18:07
uvirtbotNew bug: #657392 in dovecot (main) "package dovecot-common 1:1.2.9-1ubuntu6.1 failed to install/upgrade: subprocess installed post-installation script returned error exit status 1" [Undecided,New] https://launchpad.net/bugs/65739218:17
=== zz_sailerboy is now known as sailerboy
uvirtbotNew bug: #656973 in samba (main) "Samba configuration window is disabled and cannot enable it" [Undecided,New] https://launchpad.net/bugs/65697319:44
=== colonel is now known as Guest2879
frankstervilleSilly question....   start x to start gui...   to stop gui???20:22
qman__startx is an extremely basic method20:24
qman__use the 'log out' or 'exit' function within X, or switch to the TTY which you invoked startx and press control+C20:25
uvirtbotNew bug: #656253 in samba (main) "Winbind doesn't automatically start when recovering from hibernation." [Undecided,New] https://launchpad.net/bugs/65625320:40
frankstervilleqman: when you say startx is basic,  what do you mean?  It starts gnome.  How could one start gnome in a non basic form...??20:46
qman__startx only starts x20:47
qman__it's the most simple way20:47
qman__most setups use what's called a desktop manager or a login manager20:47
qman__ubuntu desktop uses gdm, kubuntu uses kdm20:47
qman__and there are many others20:47
qman__startx is only really useful for testing and single user systems20:48
qman__startx has to run after the user logs on20:48
frankstervilleqman:  the reason I asked is I rarely run in gui and sometimes for whatever reason I need to use it.  When I am done I usually log out witch kills it.  I for get to log out it just locks the screen so I want to be able to kill it remotly20:51
qman__then kill the process20:51
frankstervilleyeye service gdm stop20:51
frankstervillegot it20:51
qman__gdm and startx are very different20:52
qman__if you use gdm, that's the right way to do it20:52
qman__and service gdm start to bring it back up20:52
qman__but startx works completely differenly20:52
frankstervilleroger that thanks for the distiction...  still learning20:52
frankstervillelearning best practices20:52
frankstervillejust ditched webmin,  beefing up my console skillz20:53
* RoyK hands out win98 CDs21:28
chrislabeardHow can you check to see if APC is working and configured correctly?22:46
ikoniaAPC is a power cell isn't it ?22:47
chrislabeardIts for php22:47
chrislabeardphp caching22:47
ikoniaask the guys in ##php for a test case22:47
vsd20c_I'm planning on building a web server for personal purposes and I'm going to go with a Lamp build. But, I want to be able to support users and make an accessible domain for easy remote desktop situations. what should i use as an base os? i have ubuntu 10.0.4, will that support a domain?23:42
MartyMcFlyvsd20c_: "webserver" and "easy remote desktop" are a bad match. Better look out for cheap webspace.23:55

Generated by irclog2html.py 2.7 by Marius Gedminas - find it at mg.pov.lt!