[00:00] <ScottK> That's going to make it a bug tough.
[00:01] <ewook_> yeah. darn router had switched me over to my failover connection without me noticing...
[00:33] <Zer> I will say, Postfix-*Dovecot* from 9.10 -> 10.04 was a horror
[00:45] <demonspork> fffuuuuu
[00:45] <demonspork> how do I prevent a certain user from using anything but a certain IP address?
[01:32] <pmatulis> demonspork: what do you mean?
[01:34] <RoyK> demonspork: you can do that with iptables if you work hard on it
[01:35] <qman__> seems like an overcomplicated way to accomplish whatever it is you're really after
[01:36] <RoyK> demonspork: google for iptables owner
[02:03] <demonspork> well, RoyK and qman__, what I am trying to accomplish is to keep users from binding what they are running to any IP address but the one I want for them to have access to
[02:05] <RoyK> demonspork: I think you should give them a VM if you want to isolate them from the system in that way
[02:06] <Zer> demonspork, you could perhaps use iptables with -m owner
[02:06] <Zer> At the very least that'd prevent them from getting anywhere if they tried
[02:07] <demonspork> it isn't a security thing, it is a monitoring thing
[02:07] <demonspork> I would be just as happy with a solution to monitor bandwidth usage per user
[02:07] <RoyK> demonspork: as I (and Zer) said, try to use the owner module in iptables
[02:08] <demonspork> yeah, I am looking into that right now
[02:11] <Zer> demonspork, Google:
[02:11] <Zer> iptables bandwidth accounting
[02:11] <Zer> It comes up with quite a bit
[02:11] <Zer> ...oh... I didn't scroll up. Sorry RoyK :)
[02:12] <Zer> A server split made it quite a ways away
[02:12] <RoyK> :)
[02:12] <RoyK> always a splatter
[02:36] <fluvvell> I want to remount a directory that is on a drive with heaps of space onto a directory under the root, what do i need in the fstype part of fstab ?
[02:40] <RoyK> mount it somewhere else
[02:40] <RoyK> and umount -l the old dir
[02:40] <RoyK> man umount
[02:55] <RudyValencia> On http://drakespizzapalace.com/ why do the navigation li backgrounds overlap the
[02:55] <RudyValencia> +overlap the regular background?
[02:56] <RudyValencia> Oops sorry meant to type that in #web
[03:08] <fluvvell> RoyK, I think what I'm looking for relates to mount -R /olddir /newdir   but I need a none option in fstab, was just checking if anyone new of any other requirements
[03:09] <RoyK> fluvvell: the fstab is only used under boot
[03:09] <RoyK> fluvvell: never mind that during runtime
[03:11] <fluvvell> RoyK, yep but its to be permanent will need it to survive reboot.
[03:12] <fluvvell> Another question, know how to change time zones by command line?
[03:13] <gravity1187> any of you have much experience with bastille?
[03:18] <shauno> I didn't know that was still alive
[03:19] <gravity1187> still in the repos, but appears to have a lot of issues
[03:20] <gravity1187> I've found at least 2 bugs in the last day
[03:23] <gravity1187> really pisses me off because they are critical bugs and this package is always a great starting point for hardening a system
[03:33] <kees> gravity1187: I'd have to disagree. bastille doesn't have much general utility in a modern system.
[03:34] <kees> gravity1187: see https://wiki.ubuntu.com/SecurityTeam/Roadmap under "Not Interested"
[03:34] <kees> gravity1187: though I'm open to further thoughts on it. we just didn't see anything useful in it any more.
[03:36] <shauno> most of what it contained would probably be better off as 'sensible defaults' rather than optional fiddling.  but their site says the next release is due jan 14th 2008, which is never a good sign
[03:37] <gravity1187> I'll have to take a look at the roadmap, but IMO ufw and app-armour have a long way to go especially with programs such as pasd that are designed to work with iptables
[03:37] <gravity1187> correct me if I am wrong
[03:50] <LucidGuy> Ubuntu phpmyadmin question... everything is working fine but I can't find where in my apache2 confs it declares mysite.com/phpmyadmin    No include line stating php .. anyone?
[03:51] <LucidGuy> cancel that .. found it.
[03:52] <pwnguin> i think its in apache2/conf
[03:52] <pwnguin> for some odd reason
[03:52] <pwnguin> debian webapp packaging is inconsistant
[03:52] <LucidGuy> apache2/conf.d/  yes
[03:52] <pwnguin> it should probably be in sites-available
[03:54] <RoyK> pwnguin: it's not really inconsistent, it just bases all on that everything is on the same box
[03:54] <RoyK> pwnguin: you can easily separate it all to new virtualhosts
[03:55] <RoyK> pwnguin: it would be worse if you had to create a virtualhost to gain access in the first place
[03:56] <pwnguin> RoyK: have you read the debian guidelines for webapps?
[03:57] <RoyK> no
[03:58] <RoyK> but then - sites-available holds virtualhosts
[03:58] <RoyK> by definition
[03:58] <RoyK> mods-available holds modules
[03:59] <pwnguin> http://webapps-common.alioth.debian.org/draft/html/
[04:00] <RoyK> which part are you referring to?
[04:01] <pwnguin> perhaps im mistaken
[04:01] <pwnguin> looks like the official policy is to register with apache via conf.d
[04:02] <pwnguin> err the unoficial
[04:02] <RoyK> I think that is the bin into which they throw all the leftovers
[04:02] <RoyK> the ones not in by standard
[04:02] <pwnguin> i thought i had seen a few in sites-available, but i dont have any
[04:03] <pwnguin> that i didnt make
[04:03] <RoyK> sites-available is for Apache VirtualHost entries
[04:03] <RoyK> obviously, it can be used for all sorts of stuff, but to keep it clean, just put vhosts in there
[04:21] <rsouthard> I have several luns presented to my workstation via qlogic HBA's. They are setup in /etc/multipath.conf with an alias. I can see all the luns with the multipath -ll command. How would i go about renaming the luns with device mapper? I do not want to use /dev/dm-7 in fstab since the dm-7 is not necessarily persistant at reboot. Any thoughts?
[04:32] <RudyValencia> OK I have usbmount setup on my server, when I'm finished with a volume do I unmount it manually first?
[05:27] <chrislabeard> What is the best php accelerator ?
[05:28] <Patrickdk> the one you use :)
[05:29] <chrislabeard> that would be none so sceratch
[05:30] <chrislabeard> I tried to install apc but didn't seem to work
[05:53] <Patrickdk> I'm personally using xcache, but also sometimes use apc when needed
[08:43] <soren> ScottK: Excellent, thank you.
[10:14] <jayvee> Any IPsec users here?
[10:14] <jayvee> I would like to know if IPsec is still broken in linux-image-virtual like it was in Karmic.
[10:41] <spiekey> Hello!
[10:42] <spiekey> i have a md-raid with 8 disks and my box crashed. Can i simply boot up with a live-system and "activate" that md-raid again?
[10:42] <spiekey> of course it should not destroy my existing data
[10:47] <jayvee> spiekey: define 'crashed'
[10:48] <spiekey> well, my root-disk was not a raid and it crashed
[10:48] <spiekey> so i am left with my "data" which was on my md-raid
[10:49] <jayvee> so by 'crashed' you mean the disk has died, not 'kernel panic' or 'power outage'
[10:50] <jayvee> I have never used md-raid, but I would say it is very likely possible to mount the raid setup from a live system.
[10:50] <jayvee> exactly how, I could not tell you.
[10:51] <spiekey> jayvee, yeah. That my problem. it "should" work :)
[10:51] <spiekey> but i dont want to acidentally rebuild the raid :)
[12:40] <jayvee> ah good, ipsec works with linux-image-virtual on Lucid :)
[12:41] <spiekey> jayvee, just for your notes... the disks have some sort of uuid. So mdadm automatically knows which disks belongs together
[12:41] <spiekey> it was just like plug+play
[12:41] <jayvee> nice one
[12:42] <jayvee> great to hear
[13:58] <ivnnvi> hi
[13:58] <ivnnvi> qualche italiano???
[14:02] <Jeeves_> No, this is an english channel
[14:45] <Doonz> hey guys, i rebooted my server and when it came back up its doing a fsck scan on one of my drives. how can i see a progress meter of this scan
[14:46] <RoyK> AFAIK fsck doesn't have one
[14:46] <Doonz> thats sux
[14:46] <RoyK> what fs are you using?
[14:47] <Doonz> ext3
[14:47] <RoyK> when you create an ext3 fs it tells you to tune2fs -c0 -i0 to inhibit periodic checking
[14:48] <RoyK> if it wasn't a periodic checking, well, then it was probably needed
[14:48] <Doonz> i dont remeber seeing that
[14:48] <Doonz> but its been a year since i built this array
[14:48] <RoyK> mke2fs -j will print that by default
[14:48] <RoyK> was it a periodic check?
[14:49] <Doonz> yeah
[14:49] <RoyK> k
[14:49] <Doonz> but its like 3.7Tb the array
[14:49] <RoyK> well, disable it when it's done, then
[14:49] <Doonz> so i wanted to see how much time was left
[14:49] <RoyK> heh - that'll take some time :)
[14:49] <Doonz> :/
[14:49] <Doonz> yeah
[14:49] <Doonz> at least its saturday
[14:49] <RoyK> me sticks to zfs for volume data
[14:49] <Doonz> i was just learning when i did this
[14:50] <RoyK> well, just wait
[14:50] <RoyK> nothing more to do
[14:50] <Doonz> i have two raid 5 arrays with 1tb populating them
[14:50] <Doonz> 10tb raw
[14:50] <RoyK> k
[14:50] <Doonz> so my next moe will be to grabe 6x 3tb drives and go to zfs
[14:50] <Doonz> move*
[14:51]  * RoyK is setting up a couple of 110TB boxes soon and is feeling like a child on his way to the circus
[14:51] <Doonz> nice
[14:51] <Doonz> in 9u cases?
[14:51] <RoyK> 11 7-drive raidz2 LVOLs
[14:51] <Doonz> ah ok
[14:51] <Doonz> brb
[14:52] <RoyK> 4U supermicro server with 34 2TB drives and a JBOD with 45 drives
[15:00] <Doonz> ah ok
[15:02] <Doonz> yeah i have a norco 20 sas/sata bay case at home
[15:47] <RoyK> Doonz: moving to zfs?
[15:49] <qman__> you can actually break out of it by pressing ctrl+alt+del
[15:49] <qman__> but if it's been a year, it's probably a good idea to let it run anyway
[15:50] <qman__> 3.7TB should take probably a couple hours
[15:50] <qman__> and fsck used to have a nice progress bar up until lucid
[15:50] <qman__> when plymouth broke it
[15:56] <Doonz> RoyK: i will once i get my new drives
[15:56] <Doonz> im only cli
[15:57] <Doonz> woot its done
[15:57] <Doonz> now how do i disable it from doing that again?
[16:04] <RoyK> Doonz: tune2fs -c0 -i0 /dev/something
[16:04] <franksterville> Ohhh can Lucid do ZFS?
[16:05] <RoyK> franksterville: with fuse, yes, but I wouldn't use that on critical data
[16:06] <franksterville> RoyK:  I'll leave the ext3 alone :)
[16:06]  * RoyK stiicks to nexenta for critical data
[16:06] <franksterville> reg ole raid 5 here
[16:07] <RoyK> ole?
[16:07] <franksterville> old*
[16:07] <RoyK> k
[16:07] <franksterville> sigh*
[16:08] <RoyK> franksterville: with this new setup, we can't really afford 'silent data', which gets quite common with 80 2TB drives installed....
[16:09] <franksterville> RoyK:  80!  holy platter surface
[16:09] <RoyK> hehe
[16:09] <EvilPhoenix> holy hell thats a lot of drives
[16:09] <RoyK> well, actually it's only 79
[16:09] <EvilPhoenix> they in RAID?
[16:09] <RoyK> with two spare drives
[16:10] <RoyK> they will be organized in 11 7-drive raidz2 LVOLs
[16:10] <RoyK> two boxes - one for the private net, one for the dmz
[16:10] <RoyK> 4+4U each :D
[16:11]  * RoyK will need to take some pictures of this setup - 17U worth of backup with the 1U pizzabox for the Bacula Director
[16:20] <RoyK> http://www.funofun.com/hillbilljobapp.shtml
[16:41] <Doonz> RoyK: is there anychance of me damaging the drive with running that command
[16:42] <RoyK> no
[16:43] <RoyK> afaik it's virtually impossible to do much damage with tune2fs unless you force something with -f
[16:44] <Doonz> thanx
[16:44] <RoyK> those options (-c and -i) should be safe, anyway
[16:44] <Doonz> so did you take a picture yet?
[16:44] <RoyK> I haven't got the boxes yet
[16:44] <RoyK> arriving in a week or so
[16:44] <Doonz> ah
[16:44] <Doonz> nothing like cristmeas
[16:44] <Doonz> :)
[16:44] <RoyK> :)
[16:45] <Doonz> we got 40 2u servers coming in cant wait to get all them up and running
[16:45] <RoyK> for what sort of service?
[16:45] <Doonz> dcs system upgrade
[16:46] <RoyK> dcs?
[16:46] <Doonz> digital/distributed control system
[16:46] <RoyK> btw, have you automated installs on those, or do you plan to install them all by hand?
[16:46] <RoyK> ok
[16:46] <Doonz> will be auto imaged but then manual setup after the base image is applied
[16:46] <RoyK> just curious - what do they control?
[16:46] <Doonz> Oil plant
[16:46] <RoyK> ah
[16:47] <RoyK> SAP or something?
[16:47] <Doonz> No the actual control of the plant
[16:47] <Doonz> valves pumps boilers and so forth
[16:47] <RoyK> last I checked, SAP can do that stuff too
[16:48] <Doonz> ive never heard of SAP
[16:48] <RoyK> but then, I guess hireing 100 developers to make something new will cost less
[16:48] <Doonz> there is honeywell emerson yokogaw and siemens for dcs world wide
[16:49] <RoyK> k
[16:49] <RoyK> beware of Stuxnet, then
[16:49] <Doonz> SAP here at site is used to deal with wo n1 breaks ins and so forth
[16:49] <Doonz> we dont have siemens plc here
[16:50] <RoyK> k
[16:50] <Doonz> but were immune to that type of exploit anyhow
[16:50] <RoyK> but 2U? lots of local drives?
[16:50] <Doonz> dual ati r220 video cards
[16:51] <RoyK> ah
[16:51] <RoyK> ic
[16:51] <Doonz> i think its r220 id have to look at the box
[16:51] <Doonz> its kvm over ip
[16:51] <RoyK> but ... supermicro has some dual GPU machines in only 1U
[16:51] <Doonz> not certified
[16:51] <RoyK> by whom?
[16:52] <Doonz> Emerson/Honeywell
[16:52] <RoyK> k
[16:52] <RoyK> seems like a lot of horsepower in those boxes, though :)
[16:52] <Doonz> they are made by dell but only for those two companies
[16:53] <RoyK> heh - sounds expensive
[16:53] <Doonz> just your basic dual core with 4gb ram dual ssd with quad nics and the dual cards
[16:53] <Doonz> quad nic*
[16:53] <RoyK> but with that many GPUs, I guess there'll be a lot of modelling
[16:53] <Doonz> no
[16:53] <Doonz> quad monitor support
[16:53] <RoyK> for 2U boxes??
[16:53] <Doonz> yep
[16:54] <Doonz> operator and engineering stations
[16:54] <RoyK> so, 4 monitors on 40 servers, that's 160 monitors
[16:54] <Doonz> yeah
[16:54] <RoyK> I don't get it...
[16:54] <Doonz> you have 4 screens per operator station with 3 operator stations per area
[16:55] <RoyK> why not local machines?
[16:55] <Doonz> so areas are 4 operator stations
[16:55] <Doonz> some*
[16:55] <Doonz> dont want them to be availible to anyone
[16:55] <RoyK> or are you just running video over long high-speed transport?
[16:56] <Doonz> easier to maintain the euipment in a controlled environment
[16:56] <Doonz> 1 sec
[16:56] <RoyK> what about remote X or something?
[16:57] <RoyK> transporting VGAish video over a link seems to be a bad idea imho
[16:57] <Doonz> its fine
[16:59] <Doonz> http://www.amd.com/us/products/workstation/graphics/ati-firepro-3d/rg220/Pages/rg220-features-benefits.aspx
[16:59] <Doonz> the run is over fiber roughly 3miles
[17:10] <Doonz> pretty neat stuff that works as advertised
[17:20] <RoyK> fancy
[17:21] <RoyK> what - just gigE?
[17:21] <RoyK> or 10g?
[17:25] <Doonz> ptp fiber
[17:25] <franksterville> POLL:  Linode or Ec2 MIcro instance?
[17:26] <Doonz> it can be ran 10g but it will be copper to fiber -> long run -> fiber to copper
[17:26] <Doonz> 100mbit siwtches
[17:45] <martin-> how can I change the device of an md device?
[17:45] <martin-> currently mdadm --examine --scan gives me two md0 devices
[17:45] <martin-> which causes problems when booting (since system is on md0)
[17:47] <martin-> device number*
[18:05] <Chrisbuchholz> Hey guys. Where do i find my auth-log on ubuntu server 10.04? I have looked it /var/log, but it only contains the rotated logs auth.log and auth.log.1
[18:06] <ScottK> Chrisbuchholz: What are you looking for that isn't in those logs?
[18:06] <Chrisbuchholz> scottK, nothing. I just thought that the rotated logs would be archived, while a 'auth' would be the most current
[18:06] <Chrisbuchholz> ScottK: maybe i'm wrong?
[18:07] <ScottK> auth.log is the current one
[18:07] <Chrisbuchholz> ScottK: Okay, thanks ;)
[20:22] <franksterville> Silly question....   start x to start gui...   to stop gui???
[20:24] <qman__> startx is an extremely basic method
[20:25] <qman__> use the 'log out' or 'exit' function within X, or switch to the TTY which you invoked startx and press control+C
[20:46] <franksterville> qman: when you say startx is basic,  what do you mean?  It starts gnome.  How could one start gnome in a non basic form...??
[20:47] <qman__> startx only starts x
[20:47] <qman__> it's the most simple way
[20:47] <qman__> most setups use what's called a desktop manager or a login manager
[20:47] <qman__> ubuntu desktop uses gdm, kubuntu uses kdm
[20:47] <qman__> and there are many others
[20:48] <qman__> startx is only really useful for testing and single user systems
[20:48] <qman__> startx has to run after the user logs on
[20:51] <franksterville> qman:  the reason I asked is I rarely run in gui and sometimes for whatever reason I need to use it.  When I am done I usually log out witch kills it.  I for get to log out it just locks the screen so I want to be able to kill it remotly
[20:51] <qman__> then kill the process
[20:51] <franksterville> yeye service gdm stop
[20:51] <franksterville> got it
[20:52] <qman__> gdm and startx are very different
[20:52] <qman__> if you use gdm, that's the right way to do it
[20:52] <qman__> and service gdm start to bring it back up
[20:52] <qman__> but startx works completely differenly
[20:52] <franksterville> roger that thanks for the distiction...  still learning
[20:52] <franksterville> learning best practices
[20:53] <franksterville> just ditched webmin,  beefing up my console skillz
[21:28]  * RoyK hands out win98 CDs
[22:46] <chrislabeard> How can you check to see if APC is working and configured correctly?
[22:47] <ikonia> APC is a power cell isn't it ?
[22:47] <chrislabeard> Its for php
[22:47] <chrislabeard> php caching
[22:47] <ikonia> ask the guys in ##php for a test case
[23:42] <vsd20c_> I'm planning on building a web server for personal purposes and I'm going to go with a Lamp build. But, I want to be able to support users and make an accessible domain for easy remote desktop situations. what should i use as an base os? i have ubuntu 10.0.4, will that support a domain?
[23:55] <MartyMcFly> vsd20c_: "webserver" and "easy remote desktop" are a bad match. Better look out for cheap webspace.