/srv/irclogs.ubuntu.com/2010/10/18/#ubuntu-server.txt

=== unreal_ is now known as unreal
uvirtbot	New bug: #662435 in nut (main) "megatec_usb driver stopped working after upgrade from 8.04 to 10.04" [Undecided,New] https://launchpad.net/bugs/662435	00:46
fluvvell	when I tcpdump on eth0, I get " listening on eth0, link-type EN10MB (Ethernet)" is this telling me my port is only running on 10Mb/s ? and not 100Mb/s ?	00:49
qman__	fluvvell, no, I have a gigabit adapter, confirmed running at gigabit, which reports the same thing	00:59
=== adamdv is now known as AdamDV
fluvvell	qman__, thanks. Yeah a quick check on my local adapters confirmed the same earlier. I think i'm looking for some network analysis tools to find a bottleneck. Samba share, and a virtual guest on my server, cpu usage not telling the whole story.	01:40
Hint	HI+	02:15
Hint	nobody online?	02:18
twb	Hint: what is your REAL question?	02:18
Hint	I'm just a noobie and I'm probably going to use this channel	02:19
=== adamdv is now known as AdamDV
Alex_21	Hi All,	04:36
Alex_21	I'm looking for comppetition software that will aloow me to set up a website that will allow people to post their entries in pain text and then have the opportunity to vote for only one entry per user.	04:37
Alex_21	A Wordpress plugin that can do this is also an option.	04:38
Alex_21	.	04:38
Alex_21	Any iddeas?	04:38
Alex_21	I would appreciate any help.	04:38
tacosnstuff	hve you tried a content manger like drupal?	04:39
Alex_21	No.	04:39
Alex_21	I have not.	04:39
tacosnstuff	see if drupal.org helps	04:39
Alex_21	Okay.	04:39
Alex_21	Hmm.	04:39
Alex_21	I'm going to go look.	04:40
Alex_21	Is there a good single sign on product that works with Wordpress and Drupal?	04:40
tacosnstuff	im going to use it for some stuff myself tho I dunno if itll help you in your specific sitution	04:40
tacosnstuff	mibbie this? http://drupal.org/node/43178	04:42
Alex_21	Thanks.	04:44
Alex_21	I'm not trying to migrate to Droopal though.	04:44
tacosnstuff	hey peeps im new to hosting wondering how i can get strted. i just installed my lamp solution stack but being an overall noob not sure how to get the right ip, dns, gateway set up etc can someone help?	04:44
Alex_21	What I have is an existing.	04:45
tacosnstuff	sorry Alex_21 not sure. I'm not into wordpress	04:45
Alex_21	I would say that you should only allow ports through your gateway that are absolutely necessay and change ssh to be on another port.	04:45
tacosnstuff	er... k lost me Im very new to hosting my own site so Im wondering if there are good screenshot how tos	04:46
tacosnstuff	:)	04:46
Alex_21	Welll, continuing on, my blog will have users, but I want to set up a way for them to vote on their favourite post without needing to have a seperate user name and password. I also need a platform for voting on.	04:47
tacosnstuff	once i get over this static ip hump Im doing the drupal thing nd Im off to the races	04:47
Alex_21	There are many good ones on http://www.howtofordge.com/	04:48
Alex_21	Sorry, http://www.howtoforge.com/	04:48
Alex_21	.	04:48
tacosnstuff	tnx Alex_21!	04:49
tacosnstuff	sorry i wasnt able to help	04:49
Alex_21	I don't know about hte quality of the pictures though.	04:49
tacosnstuff	drupal is awesome but im not familliar with the wordpress thing	04:49
Alex_21	No problem.	04:49
Alex_21	I'm sure I'll find a solution though.	04:50
=== MenZa is now known as lhavelund
Alex_21	Thanks all.	05:17
Alex_21	God night.	05:17
Evet	how to upgrade to Enterprise Cloud without reinstalling?	05:22
Evet	solved: https://help.ubuntu.com/community/UEC/PackageInstall	05:26
Hint	Alex_21: maybe a good php script, search for that ;D	05:26
nagchampa	i'm trying to set up a mail gateway, which hsa two jobs, receive incoming mail, scan and forward it to the mailserver, and relay outgoing mail after scanning it	07:08
nagchampa	I was reading https://help.ubuntu.com/10.04/serverguide/C/mail-filtering.html which points to the postfix install guide, but that seems to set up postfix as a primary mail server	07:09
nagchampa	the gateway has no need for mailboxes, and i'm wondering if there's a simple way to set up postfix to act only as a relay	07:09
joschi	nagchampa: postfix is a full-featured mta. it can be configured to only work as a relay server	07:13
nagchampa	joschi: it seems the mail filtering guide for ubuntu is designed for what will be a primary mail server, not just a gateway	07:14
nagchampa	i'm trying to find the needle in the haystack that shows how to use the ocntents of that guide with postfix purely as a relay	07:15
=== _TechAway_ is now known as _Techie_
nagchampa	hrm, i've found something i might be able to work with http://www.postfix.org/STANDARD_CONFIGURATION_README.html#firewall	07:20
_Techie_	would having an invalid xorg.conf prevent a TTY screen from showing?	07:23
=== _TechAway_ is now known as _Techie_
=== baffle_ is now known as baffle
Tribaal	Hi all	08:19
Tribaal	I'm having trouble installing Ubunut Entreprise Cloud on 10.04 - Does anybody have any experience using that?	08:19
Tribaal	Specifically, the controller doesn't seem to be serving the preseed file on port 8774 - so the node autoinstall fails...	08:20
jscinoz	Hi... I recently upgraded my server to 10.10, and it no longer boots correctly... the network connection comes up, but sshd and other services do not... When i use the out-of-band console (this is a virtual server) I see: mountall: Disconnected from plymouth, along with a message stating plymouth was killed by SIGABRT... I tried to uninstall plymouth, but it seems to be required... Why can't I remove it? A headless server has no ne	08:24
=== Guest34991 is now known as lau
jscinoz	ok, awesome... I can see why people dissuaded me from using ubuntu as a server OS... too much desktop-oriented crap making the boot process over-complex... I'll probabaly just stick with gentoo and good, RELIABLE openrc	08:31
\sh	jscinoz: hmm?	08:32
jscinoz	why does mountall depend on plymouth	08:33
jscinoz	plymouth seems to be preventing my server from booting properly... and it' cant be removed because some idiot decided that every server wants some shiny bootsplash	08:33
jpds	jscinoz: https://bugs.launchpad.net/ubuntu/+source/mountall/+bug/556372/comments/2	08:34
uvirtbot	Launchpad bug 556372 in mountall "Please remove the plymouth dependency from mountall / cryptsetup" [Undecided,Won't fix]	08:34
\sh	jscinoz: tbh...I don't know what's up with your server, but I do really have some strange server setups, and all are working after fixing some network settings, which were changed WRT upstart..but I don't have problems...	08:35
jscinoz	Well network starts, i can ping the box fine	08:35
jscinoz	but sshd and other daemons don't appear to start	08:36
jpds	jscinoz: All the latest updates applied?	08:36
jscinoz	jpds, yes	08:36
\sh	jscinoz: add --debug to the kernel commandline and check the logfiles for upstart output..having a working network after boot, doesn't have to say that during boot you have a working network...and sshd relies on it AFAIK	08:37
binBASH	moin \sh	08:38
binBASH	:)	08:38
jscinoz	one moment sh	08:38
jscinoz	where does upstart log to?	08:38
\sh	hey binBASH	08:38
\sh	jscinoz: to the console and eventually to kernel.log or syslog whatever...you'll find the output very easily	08:39
jscinoz	hang on...	08:39
Tribaal	So folks, would anybody have an idea why apache would stop listening on port 8774 of a UEC controller after installing upgrades? :) Everything works fine if the system is not upgraded from a fresh 10.04 install...	08:42
Tribaal	but if I upgrade my UEC master node (with walrus, eucalyptus etc...), adding more nodes from the install CD fails (the node can't find the preseed file on port 8774 of the master)	08:43
_Techie_	does anyone in here know where i can get an HP 610N jet direct module from cheaply?	09:24
uvirtbot	New bug: #662576 in samba "winbind deletes the offline cache on every startup" [High,Triaged] https://launchpad.net/bugs/662576	11:01
=== jjohansen is now known as jj-afk
uvirtbot	New bug: #662578 in net-snmp (main) "SNMP not able to poll basic mibs" [Undecided,New] https://launchpad.net/bugs/662578	11:11
uvirtbot	New bug: #256802 in tomcat5.5 (universe) "tomcat <6.0.18: Directory Traversal (CVE-2008-2938)" [Low,Fix released] https://launchpad.net/bugs/256802	11:17
=== _Techie_ is now known as _TechAway_
uvirtbot	New bug: #662588 in tomcat6 (main) "tomcat6 6.0.28-7 FTBFS due to missing ant-trax.jar" [High,In progress] https://launchpad.net/bugs/662588	11:31
=== doko__ is now known as doko
Tribaal	Are there known issues when installing Ubuntu Server 10.10 on a mac mini?	12:12
Tribaal	I know it's not the best scenario anyway but I don't really have a choice right now	12:13
jo-erlend	if you can install ubuntu desktop on it, then you should be able to install ubuntu server on it.	12:13
Tribaal	Alright	12:14
jo-erlend	also remember that anything you can do with ubuntu server can also be done with ubuntu desktop.	12:15
Tribaal	well I'm planning to use it at an UEC controller, so there is no real point in having a full desktop system	12:17
Tribaal	CLI is fine	12:17
jo-erlend	oh, ok.	12:17
=== Barre_ is now known as Barre
uvirtbot	New bug: #662638 in tomcat6 (main) "Postinst fails if webapps/ROOT is a symlink" [Undecided,New] https://launchpad.net/bugs/662638	13:31
MTecknology	!info php5-fpm	13:33
ubottu	php5-fpm (source: php5): server-side, HTML-embedded scripting language (FPM-CGI binary). In component universe, is optional. Version 5.3.3-1ubuntu9 (maverick), package size 2875 kB, installed size 7624 kB	13:33
phretor	hello, what shold I prefer between start-stop-daemon and upstart? Since I need to keep my process running all the time I would go for upstart.	13:42
zul	&yawn*	13:50
zul	phretor: then go for upstart	13:50
phretor	zul: does it have something like start-stop-daemon's --user/--group?	13:50
zul	phretor: no but you can specify it when do the exec	13:52
phretor	zul: exec is part of bash right?	13:53
zul	phretor; yes	13:53
phretor	zul: looks like I have to use sudo/su to lower privileges; not a very good idea.	14:04
hallyn	kirkland: so i want to update lxc, kvm, seabios for natty - were you by chance planning on doing those?	14:16
hallyn	if not i'll give them a shot sometime this week	14:17
phretor	zul: http://paste.pocoo.org/show/276963/ - my first attempt.	14:45
zul	phretor: i would move the env after the stop/start chunk	14:45
jcastro	ttx: https://blueprints.edge.launchpad.net/sprints/uds-n/+settopics	14:46
jcastro	you need to start accepting/declining the cloud sessions asap please	14:46
jcastro	or they won't get scheduled	14:46
phretor	zul: I am getting a very idiotic error. Looks like exec doesn't allow root (or any other user) to launch that sudo -u ... -g ...	14:47
zul	phretor: you might want to try on #upstart	14:47
ttx	jcastro: on my way	14:49
smoser	ttx, ping	15:05
=== ivoks-afk is now known as ivoks
uvirtbot	New bug: #662687 in apache2 (main) "package apache2.2-common 2.2.14-5ubuntu8.2 failed to install/upgrade: subprocess installed post-installation script returned error exit status 1" [Undecided,New] https://launchpad.net/bugs/662687	15:26
_ruben	bah! .. software raid over 2 2TB disks .. both grub2 and lilo fail to install into the mbr	15:28
jforman	anyone rsyslog-inclined folks around? trying to debug an issue where a ubuntu log server is writing out duplicate log messages from a remote syslog client	15:28
ttx	smoser: pong	15:29
smoser	tts, wanted to chat sometime today about natty specs	15:30
smoser	s/tts/ttx/	15:32
ttx	ok, joining mumble	15:32
_ruben	guess gpt is messing with me, guess i'll go have to see if we have some of those flash drives around to put (part of) the os on	15:35
jo-erlend	I'd like to allow only users from spesific machines to connect to the sshd on my machine and they should use passwords. How do I configure that?	15:35
zul	Daviey: mumble?	15:39
cemc	a have a 10.04 in a directory on a centos server. is there a way to to apt-get installs after chroot'ing to that directory?	15:40
Daviey	zul: Can do.. but that means i have to reach for my headset	15:40
zul	Daviey: yeah dont want to put you off ;)	15:41
ivoks	:(	15:41
ivoks	building, in which is my office, is on fire	15:41
zul	oh...crap...thats bad	15:42
ivoks	yep	15:42
Daviey	ivoks: I trust you aren't still in it?	15:42
ivoks	Daviey: i'm not, no :)	15:42
Daviey	ivoks: I hope you don't lose anything	15:43
ivoks	Daviey: me too; fire's not on my part of the building	15:44
ivoks	but still, smoke...	15:44
Daviey	ivoks: insured?	15:45
ivoks	of course	15:45
ivoks	Daviey: you have to be, by law	15:45
ivoks	as with cars	15:45
Daviey	ivoks: but for equipment... or just the building?	15:45
ivoks	i don't have much of equipment there, so i don't expect problems with that	15:47
ivoks	i just can't work there :/	15:48
Daviey	:(	15:51
ttx	SpamapS: ping	15:52
Daviey	hggdh: Are you around?	15:52
hggdh	Daviey: yes, at least physically (mentally, I am not sure)	15:53
Daviey	hggdh: heh	15:53
hggdh	Daviey: what can I do for you?	15:56
Daviey	hggdh: Great! Fancy filing a UEC Testing / QA blueprint?	15:56
Daviey	hggdh: you know the naming convention, right?	15:58
hggdh	which one of them? They seem to change continuously...	15:59
Daviey	heh	15:59
hggdh	np	15:59
Daviey	hggdh: "cloud-XXXXXXXXXXXXXXX" is the part that really matters.... but we have been doing cloud-server-n-XXXXXXXXX	15:59
Daviey	i can't see a problem if you wanted to do cloud-qa-n-XXXXXXX that is technically viable... but best check with ttx	16:00
hggdh	I will keep on what has been done, at least for the sake of consistency	16:00
ttx	cloud-qa is fine by me	16:00
ttx	JamesPage: about the java-housekeeping spec, you changed it to from other to appselection ?	16:02
ttx	Daviey: what happens if you rename an accepted and scheduled spec from one track to another ?	16:03
phretor	sorry for repeatedly asking the same thing over and over but I really see no explaination to this. Why does "# exec sudo -u worker -g worker /usr/bin/Xvfb :99" says "Sorry, user root is not allowed to execute '/usr/bin/Xvfb :99' as worker:worker"?	16:03
JamesPage	ttx: not sure I ever raised it under 'other' - its called packageselection-server-n-java-library-housekeeping now	16:04
ttx	ok	16:04
JamesPage	ttx: want me to rename?	16:04
ttx	Daviey: same track is autoscheduled in the same room in a row, is it a feature ?	16:04
Daviey	ttx: Registered participants clash?	16:06
ttx	JamesPage: no...	16:07
Daviey	(people need to use that feature lots more)	16:07
ttx	Daviey: Registered participants clash???	16:07
lau	is there any AUTHPRIV SyslogFacility with the openssh-server ubuntu package ?	16:08
lau	default comes with AUTH but I don't see the difference with AUTHRPIV	16:08
eagles0513875	hey ikonia are you around? i tried what you said re db i cant gain access still :( even tried reparing the user table	16:19
eagles0513875	dunno what else i coudl try	16:19
hggdh	Daviey, ttx: https://blueprints.edge.launchpad.net/ubuntu/+spec/cloud-server-n-qa	16:21
Daviey	hggdh: hmm... Do you want this to be a general server/cloud QA session, or targeted towards EC2?	16:21
ttx	hggdh: acked for uds-n	16:21
Daviey	/ UEC	16:21
ttx	mathiaz_: o/	16:22
hggdh	Daviey: I figure it should be targeted to UEC	16:22
mathiaz_	ttx: o////	16:22
Daviey	hggdh: agreed, sounds good	16:22
=== mathiaz_ is now known as mathiaz
ttx	mathiaz_: I was wondering if I shouldn't move the "hadoop" session to the "cloud" track. I think it's still cloud-relevant	16:23
hggdh	Daviey: it's in the description (OK, one single 'UEC', but still ;-)	16:23
ttx	and also a better link with the other install-service specs	16:23
mathiaz	ttx: sure - seems ilke a good plan	16:23
ttx	mathiaz: ok, will do	16:23
ttx	mathiaz: also there is a possibility to book a two-hour session	16:23
mathiaz	ttx: great!	16:23
ttx	mathiaz: so maybe we should lump architecture and implementation into one	16:24
mathiaz	ttx: so a two hour session on monday for the installation service would be usefull	16:24
ttx	ok, I'll supersede one with the other and make it 2-hour	16:24
ttx	kim0: ping	16:33
kim0	ttx: pong	16:34
ttx	kim0: looks like your ubuntutheproject-community-n-buildingservercontributors duplicates ubuntutheproject-server-n-community	16:34
eagles0513875	hey guys any mysql db users here	16:34
kim0	ttx: ok I guess I can remove it	16:35
ttx	kim0: that last one is already approved and prioritized	16:35
kim0	sure	16:35
ttx	so we should lump one into the other :)	16:35
ttx	We can make it a community spec if you want	16:35
ttx	(I can name it ubuntutheproject-community-n-server )	16:35
kim0	ttx: that makes sense	16:35
ttx	ok, will fix it	16:36
kim0	ttx: do I delete the dup ?	16:36
ttx	I'll mark it superseded	16:36
cemc	does ubuntu server have the possibility to remote connect with vnc for installation?	16:36
kim0	ttx: great	16:36
cemc	like 'linux vnc' on centos ?	16:37
mathiaz	JamesPage: hi!	16:39
mathiaz	JamesPage: thanks for testing bug 658227	16:39
uvirtbot	Launchpad bug 658227 in openldap "upgrade process does not upgrade underlying BDB format from 4.7 to 4.8 (so slapd aborts with "Program version 4.8 doesn't match environment version 4.7" error message)" [High,Fix committed] https://launchpad.net/bugs/658227	16:39
mathiaz	JamesPage: and the good work you put in preparing the fix	16:39
JamesPage	ttx: no problem - think I covered all the bases!	16:39
JamesPage	mathiaz: sorry mean't you!	16:39
JamesPage	mathiaz: thats what you get for a context switch from java dependency analysis	16:40
mathiaz	JamesPage: how is that going?	16:40
JamesPage	mathiaz: OK - to hard by hand so putting something together that does a high level 'hits/misses' score for a given application stack	16:41
JamesPage	mathiaz: fairly rudimentary but gives an idea of scale of packaging.	16:41
mathiaz	JamesPage: yeah	16:41
mathiaz	JamesPage: being able to automate would be great	16:41
mathiaz	JamesPage: even if it's just to get an idea	16:41
JamesPage	mathiaz: looking at alot of 'not found' messages at the moment!	16:42
JamesPage	mathiaz: can we grab some time to discuss the application packaging and distribution spec for UDS-N?	16:44
mathiaz	JamesPage: sure - what are the name of the BP you've filed?	16:45
JamesPage	mathiaz: all linked against me from https://wiki.ubuntu.com/ServerTeam/NattyIdeaPool	16:46
mathiaz	JamesPage: great!	16:46
ttx	SpamapS: around ?	16:46
SpamapS	ttx: I am now sorry	17:05
uvirtbot	New bug: #662768 in whois (main) "Please merge whois 5.0.8 (main) from Debian unstable (main)" [Wishlist,New] https://launchpad.net/bugs/662768	17:06
ScottK	JamesPage: I do have a couple of thoughts for you on that spec when you have a moment ...	17:14
SpamapS	ScottK: which one? The server app delivery spec?	17:21
ScottK	SpamapS: Yes.	17:21
SpamapS	ScottK: I just yesterday discovered your (fairly old now) spec to fix backports to not install all backports.	17:22
ScottK	SpamapS: Yep. Still trying to get that one done.	17:22
ScottK	It's on the agenda (again).	17:22
SpamapS	ScottK: which would, in effect, do the same thing we're wanting to do with PPA's.. but with less isolation.	17:22
ScottK	And without messing with trust boundaries.	17:22
SpamapS	yeah, its the exact same thing as the post release apps.	17:23
ScottK	Post-release apps is a bit of a different problem.	17:23
SpamapS	The web-dev world can do this now with their own PPA's.. its not like end-user apps where they need software center to hold hteir hand.	17:23
ScottK	Yes, but there is a tension between people who just want stable in a release and crackheads who must have the latest at all times.	17:24
SpamapS	The real focus of this is to make it easier to build a little wart of instability on top of the incredibly stable core of Ubuntu.	17:24
ScottK	Right, but I don't think that's an alternative to having those packages in the release.	17:25
ScottK	I think it's a layer on top.	17:25
ScottK	You can get a stable/consistent version of X from $RELEASE or enable (whatever it ends up being) and have the latest at all times.	17:26
SpamapS	stable no, consistent yes. The versions of libmemcached and mongodb that we have in lucid, for instance, are extremely broken compared to the ones available now.	17:26
ScottK	Broken or incomplete?	17:27
SpamapS	I think one problem is we rush a bit to get stuff into the release when its not done. ;)	17:27
ScottK	If they are broken, they should get fixed via SRU.	17:27
ScottK	Sure.	17:27
SpamapS	they are somewhat broken at their cores.. SRU's would be pointless as the entire community that is built around them does not use the version we have, they use the newest one.	17:28
SpamapS	The SRU process is far too long for a web shop to wait.	17:29
ScottK	I agree with that.	17:29
ScottK	But I also think "It's broken" is an SRU reason.	17:29
SpamapS	Agreed	17:29
SpamapS	the reason you don't see it getting fixed is nobody is using those versions to report the bugs. Occasionally somebody does.. and we fix it.	17:30
ScottK	Also not all web developments are based on crack of the day.	17:30
SpamapS	Only crazy people using mongodb right now. ;)	17:30
SpamapS	Agreed, a good web shop will only accept the risk of one of these crazy web scale type techs if they have to.. most of the time they want that LTS level of stasis where they can focus on their issues for 3 years before even thinking about upgrading.	17:31
ScottK	I think this spec could be interesting as an "In addition to" including packages in the distro and not "instead of" and it would be really cool if we could deliver via backports.	17:31
ScottK	We'd need tech board permission to push stuff straight to backports and not through the development release when the development release is late cycle and ~frozen, but that's doable.	17:32
SpamapS	I want them in backports too. I think the only reason we're thinking PPA's is the isolation, but if backports can achieve that then we don't have to care so much.	17:32
ScottK	Also if it's in backports, it can be described as "in" Ubuntu, not "on" Ubuntu.	17:33
SpamapS	The ony nice thing about PPA's is that we can delegate trust to upstreams similar to the single package uploader rights. When they have single package uploader rights, does that extend to backports?	17:33
ScottK	No, but getting a backport approved is relatively trivial.	17:33
ScottK	Ideally it's a no change backport, they file a bug that says the new version builds, installs, and runs on $RELEASE, a backports acks it, and an archive admin runs a script.	17:34
ScottK	We don't require the bug filing/testing be done by developers.	17:34
ScottK	And if someone says that they've tested it, we don't go around looking for reasons not to believe them.	17:34
uvirtbot	New bug: #662782 in unixodbc (main) "Please sync unixodbc 2.2.14p2-2 (main) from Debian unstable (main)" [Wishlist,New] https://launchpad.net/bugs/662782	17:36
ScottK	Also any MOTU can join ubuntu-backporters, so getting a server team person to be able to deal with these directly is not a problem.	17:39
corecode	hey	17:52
corecode	somehow my dovecot doesn't use ~/.dbox after an upgrade	17:53
corecode	any idea why that could be?	17:53
JamesPage	ScottK: sorry I missed you earlier; want to catchup now? - have 10 before a meeting	17:53
ScottK	JamesPage: See my discussion in the backscroll with SpamapS. Then we can discuss further if you want.	17:54
ttx	Daviey: http://summit.ubuntu.com/uds-n/track/cloud/ is done	17:56
ttx	down	17:56
mathiaz	SpamapS: https://subtrac.sara.nl/oss/sali	17:56
=== metcalfc_ is now known as metcalfc
=== jdstrand_ is now known as jdstrand
chiapagringo	Has anyone ran into this error message why attempting to mount exported NFS shares? ¨mount.nfs: access denied by server while mounting¨	18:10
chiapagringo	and if so, any ideas on what is causing the issue?	18:11
=== metcalfc_ is now known as metcalfc
=== jj-afk is now known as jjohansen
latenite	Hi folks, Is there a way to give a user rootrights BY DEFAULT? I have script with commands like fdisk and dont want to change it wirh PREFIXING sudo all over the place.	18:42
cwillu_at_work	latenite, run the script with sudo	18:43
latenite	cant do that it more complex with many ssh calls and stuff	18:44
Byron	hello all. I just upgraded from 10.04 to 10.10 and do not have access to the Internet. I have an IP address, but no access to the web.	18:44
latenite	it s like : ssh user@box "fdisk /dev/sdc"	18:44
cwillu_at_work	ssh root@box?	18:45
EvilPhoenix	cwillu_at_work: i think he's asking how he can give any user the power of root user	18:45
EvilPhoenix	which i don't think is possible at all	18:45
EvilPhoenix	without using sudo	18:46
EvilPhoenix	and adding everyone to sudoers	18:46
cwillu_at_work	EvilPhoenix, and I'm deliberately not saying how to do it, because it's insane	18:46
cwillu_at_work	yes, it can be done, no, I won't tell you how.	18:46
EvilPhoenix	indeed	18:46
EvilPhoenix	i think it falls into the "Not Supported Procedures" rules	18:46
latenite	thats what I am asking for. the ubunutsystem that will be "currupted" is just a pendrive used to install anoterh system. Imagine my "main.sh" http://pastie.org/1230431 .	18:48
EvilPhoenix	latenite: we cant help you with giving root to everyone	18:48
EvilPhoenix	afaik, its against chat policies	18:48
latenite	If I call that script with "sudo main.sh" I am STILL in trouble	18:48
latenite	since there is a variable $user...who ssh into the ubunut bos..but here will not be albe to to all the commands..since he has no roights	18:49
latenite	and I dint want to change the script.	18:49
latenite	cwillu_at_work, EvilPhoenix see my problem? I could use ANY distribution on the pendrive and make $user='root'	18:50
EvilPhoenix	i wonder if ubottu is here	18:51
latenite	But I d realy like to use ubuntu....but therefor I need a user with root powers	18:51
EvilPhoenix	i belive...	18:52
EvilPhoenix	believe*	18:52
EvilPhoenix	that it is against the chat policies to help you with this	18:52
EvilPhoenix	cwillu_at_work: amirite?	18:52
latenite	EvilPhoenix, what poilitcs?	18:52
* EvilPhoenix checks the access list		18:52
latenite	EvilPhoenix, I just want to tune my system...to my needs	18:53
cwillu_at_work	latenite, this has nothing to do with ubuntu, it's how the kernel handles permissions	18:53
cwillu_at_work	if you need to do things that only root can do, you need to become root, one way or another	18:54
EvilPhoenix	either with sudo or logging in as the root user	18:54
EvilPhoenix	depending on the setup	18:54
cwillu_at_work	or some other setuid executable, or hacking up the kernel, or whatever	18:54
latenite	thats the problem in the first place. the script was written with the assumption that "root" ssh's into the box	18:54
cwillu_at_work	latenite, eh?	18:55
latenite	since that can t be done with ubunut	18:55
EvilPhoenix	cwillu_at_work: can I PM you?	18:55
latenite	I changed root to $user	18:55
cwillu_at_work	the assumption is that that you ssh into the box as root, it has nothing to do with the user you come from	18:55
cwillu_at_work	EvilPhoenix, sure	18:55
cwillu_at_work	latenite, you can ssh into ubuntu as root, just not with a password unless you enable that	18:55
cwillu_at_work	(typically you would use an ssh key instead)	18:56
latenite	cwillu_at_work, but when I do ssh root@box it fails.	18:57
latenite	how would I set root passwd?	18:57
cwillu_at_work	latenite, you don't.	18:57
cwillu_at_work	you use an ssh key	18:57
pmatulis	latenite: you need to allow root to log in via SSH and use a key with a blank passphrase	18:57
cwillu_at_work	I mean, you can, but it's just dumb	18:57
EvilPhoenix	IN ANY CASE. we arent allowed to help with getting someone to use root	18:58
EvilPhoenix	or enabling it	18:58
cwillu_at_work	EvilPhoenix, um?	18:58
EvilPhoenix	i just checked with the ubuntu ops channel	18:58
EvilPhoenix	cwillu_at_work: enabling root to ssh	18:58
EvilPhoenix	would also require enabling that account	18:58
cwillu_at_work	EvilPhoenix, hardly	18:58
EvilPhoenix	no?	18:58
cwillu_at_work	EvilPhoenix, you just dump a key in /root/.ssh/authorized_keys	18:58
cwillu_at_work	er, a pubkey	18:58
EvilPhoenix	with sudo	18:58
cwillu_at_work	of course,	18:58
EvilPhoenix	which assumes you have sudo	18:58
EvilPhoenix	in which case if you don't you're stuck at square one again where you dont have permissions	18:59
latenite	cwillu_at_work, i dont want to use keys...since thats an installscript.....there will be no keys in that env	18:59
cwillu_at_work	latenite, then you'll have to use passwords and sudo	18:59
* Pici is confused.		18:59
cwillu_at_work	there's no other way to do it	18:59
EvilPhoenix	Pici: i am too :/ :\	18:59
EvilPhoenix	Pici: but isnt everyone at some point in time? x]	18:59
latenite	ok. so can I do "ssh root@box"? on ubuntu anyhow?	19:00
=== ivoks_ is now known as ivoks
EvilPhoenix	latenite: if you have the sshd configured to let root login yes	19:00
cwillu_at_work	latenite, not without doing configuration on the ubuntu box, and if you're going to do that, then you should use an ssh key rather than enabling root's password	19:01
EvilPhoenix	^^^ what he said	19:01
cwillu_at_work	EvilPhoenix, key-based logins are allowed by default for root	19:01
uvirtbot	EvilPhoenix: Error: "^^" is not a valid command.	19:01
EvilPhoenix	cwillu_at_work: shrugs i'm assuming the sshd is configured to not allow Root to login even with ssh keys	19:01
EvilPhoenix	then again	19:01
cwillu_at_work	EvilPhoenix, it's not	19:01
EvilPhoenix	i havent had coffee yet today so i'm tired x]	19:02
EvilPhoenix	away for said coffee	19:02
cwillu_at_work	EvilPhoenix, such a restriction is unnecessary anyway, as there's no default keys in authorized_keys	19:02
cwillu_at_work	i.e., it's still secure by default	19:02
=== _TechAway_ is now known as _Techie_
latenite	cwillu_at_work, it sias yes on permit root login http://pastie.org/1230475 but http://pastie.org/1230482 root hast no password set here	19:05
latenite	how would I set root pwd?	19:05
cwillu_at_work	latenite, you don't	19:05
_Techie_	ffs	19:05
_Techie_	!root	19:05
ubottu	Do not try to guess the root password, that is impossible. Instead, realise the truth... there is no root password. Then you will see that it is 'sudo' that grants you access and not the root password. Look at https://help.ubuntu.com/community/RootSudo	19:05
latenite	cwillu_at_work, just did http://pastie.org/1230487	19:06
latenite	whats so bad about that?	19:06
_Techie_	latenite, read that link from ubottu, it shows you how to enable a root password in there	19:06
_Techie_	now stop beating around the bloody bush	19:07
latenite	ok thanks :)	19:09
_Techie_	and cwillu_at_work, dont rage at me for pointing him in the right direction to give the potential for screw ups, its his server so its his choice	19:09
cwillu_at_work	_Techie_, you can stop raging now	19:10
cwillu_at_work	latenite, do you understand what I mean by using an ssh key to log in?	19:12
_Techie_	cwillu_at_work, also, when did the ubuntu gods stop people knowing how to access root when they want to	19:12
_Techie_	people used to do it all the time	19:13
cwillu_at_work	_Techie_, why are you talking to me?	19:13
latenite	cwillu_at_work, sure but the installscript I deal with can be used on any bos....I dont want to create keys....	19:13
_Techie_	cwillu_at_work, oh, sorry mistook evil for you	19:14
cwillu_at_work	latenite, the installscript is pretty much irrelevant though	19:14
latenite	_Techie_, thats how I feel to. I know that a regual user can have all the rights to do waht he want...I root grants them the right..........What I dont know is: why thsi is NOT allowd to be told on chat???	19:15
cwillu_at_work	I would like a cookie for not losing it on you _Techie_ :p	19:15
cwillu_at_work	latenite, your terminology is... wrong	19:15
latenite	cwillu_at_work, in what way?	19:15
_Techie_	latenite, im gonna ask around	19:16
latenite	_Techie_, cool :)	19:16
cwillu_at_work	latenite, "regular user" typically refers to the account, not the actual person	19:16
_Techie_	and cwillu_at_work, i really am sorry i should have gone off with you as my target, you didnt deserve it and probably never will	19:16
_Techie_	sholdnt*	19:16
cwillu_at_work	that said, there are very good reasons to not enable to root account	19:16
cwillu_at_work	for one, you don't need to enable the password to get a root prompt	19:17
_Techie_	i just get extremely frustrated when i see people enforcing their own rules upon other people so abusively	19:17
cwillu_at_work	_Techie_, well, point of interest, it _is_ policy :p	19:17
latenite	_Techie_, :)	19:17
_Techie_	anyway, gonna start asking around as to when it became so bad	19:17
cwillu_at_work	if you have to ask, you almost certainly don't know enough to keep from severely breaking things	19:17
latenite	who makes these rules? its a free world! and my box!...If I was to burn it...I could just do it!	19:18
cwillu_at_work	latenite, the two other biggies is that root passwords on internet accessible machines need to be monitored _very_ carefully for intrusions	19:18
Pici	You can do whatever you want, but don't expect us to support it here.	19:18
cwillu_at_work	and finally, logging on to a graphical session as root gives _far_ too much power to any application running in the session. Any trivial security flaw in firefox now becomes a remote root exploit. Many applications don't even work correctly with elevated privileges	19:19
latenite	cwillu_at_work, it a "freakin' pendrive used to boot a box so I can ssh into it...while insalling....teh user that loging in MUST have root rights BUT MAY NOT have to prepend sudo all th etime	19:19
latenite	what is so bad about all that?	19:20
cwillu_at_work	latenite, it's a free world, and my mouth! You don't have the right to demand information from me :p	19:20
latenite	cwillu_at_work, :) no wars :) Just asked some stuff.	19:20
cwillu_at_work	latenite, (a) you don't need a password on root to get a root prompt. (b) say you browse some documentation from that pendrive, with firefox running as root...	19:21
latenite	so ?	19:21
cwillu_at_work	latenite, any minor vulnerability in firefox (or plugins) now becomes a remote exploit	19:22
cwillu_at_work	there's a sizeable percentage of rootkit'd unix boxes on the web	19:22
latenite	I know...	19:22
latenite	this box and the pendirve are not on the net....	19:23
pmatulis	latenite: not enabling root is a ubuntu thing; so naturally ubuntu folk support that policy. i've used many other linux distros as well as freebsd and openbsd so i'm less vehement about it. so it depends who you talk to	19:24
latenite	pmatulis, thanks ... that feel that way to. To me it s just a specific ubunut feature...that I must be allowed to change	19:25
latenite	...so I still dont get why there are policie not to tell	19:25
latenite	that sound s so "non GNU"	19:26
Pici	The policy is to educate.	19:26
cwillu_at_work	latenite, because if you have to _ask_, you have more to learn first	19:26
cwillu_at_work	it's a trivial operation	19:27
latenite	cwillu_at_work, that s why I am asking......to learn! so what? you re telling me to learn more?	19:27
latenite	in other words you would HINT me into the right direction?	19:27
latenite	...i d be fine with that.	19:27
_Techie_	cwillu_at_work, a user may not necessarily know exactly how root is locked, for all they know ubuntu re wipes the password at each boot	19:27
cwillu_at_work	latenite, you managed to ignore every approach I gave you before :p	19:27
latenite	cwillu_at_work, anyone of them required me to change my script....which I will not do.	19:28
latenite	so I just made root acount aktive	19:28
cwillu_at_work	so you're not interested in learning. Gotcha :p	19:28
latenite	that works for now but is not what I wanted in the first palce	19:28
latenite	sure I am...I want to learn how to grant a user all rights to the box	19:29
cwillu_at_work	latenite, you can't	19:29
latenite	I d be happy to learn the steps	19:29
cwillu_at_work	that operation is basically meaningless	19:29
cwillu_at_work	there are ways to make it kinda look like you did that, but they're pretty much useless	19:29
cwillu_at_work	latenite, you know, I bet you're thinking there's an administrator group :p	19:30
cwillu_at_work	linux has no such concept	19:30
latenite	I told you what I want to achieve.....so!	19:30
latenite	is there a way?	19:30
* cwillu_at_work repeats himself		19:31
cwillu_at_work	<cwillu_at_work> that operation is basically meaningless	19:31
cwillu_at_work	<cwillu_at_work> there are ways to make it kinda look like you did that, but they're pretty much useless	19:31
cwillu_at_work	* ivoks has quit (Ping timeout: 252 seconds)	19:31
cwillu_at_work	<cwillu_at_work> latenite, you know, I bet you're thinking there's an administrator group :p	19:31
cwillu_at_work	<cwillu_at_work> linux has no such concept	19:31
cwillu_at_work	ivoks, sorry for the ping :p	19:31
uvirtbot	New bug: #662847 in openvpn (main) "multiple DNS search domains not supported by update-resolv-conf" [Low,Triaged] https://launchpad.net/bugs/662847	19:31
_Techie_	cwillu_at_work, hehe, there is no administrator group, however there is an admin group =P	19:31
cwillu_at_work	_Techie_, ... which only has meaning because sudo looks for a group by that name before determining whether to switch to the root user :p	19:32
cwillu_at_work	it has no power in itself	19:32
_Techie_	which is also very odd	19:32
cwillu_at_work	_Techie_, it's the only way it could possibly work	19:32
_Techie_	because by default sudo looks for the sudo group in other distro's	19:32
cwillu_at_work	_Techie_, generally, but not universally	19:33
_Techie_	and only in ubuntu is it set to %admin	19:33
_Techie_	well, the only one ive come across	19:33
cwillu_at_work	admin tends to have more meaning to a non-technical user than "sudo"	19:33
_Techie_	anyway, i have to go or ill be late for class, ill try get back on later	19:34
cemc	how do I update an ltsp chroot without (re)starting any services which might be activated ?	19:34
latenite	I my user was in group admin...could he just do "fdisk /dev/sda/ without the use of sudo?	19:34
_Techie_	latenite, no he would have to sudo	19:34
cwillu_at_work	latenite, you'll learn a lot more if you read what people say	19:34
latenite	damn that :) laughs....	19:34
latenite	_Techie_, have fun at class :) thanks so far	19:34
cwillu_at_work	given that I just explained what the admin group did 8 lines up :p	19:34
latenite	cwillu_at_work, I m ut...thanks anyway :)	19:35
cwillu_at_work	ut?	19:35
latenite	*out	19:35
=== _Techie_ is now known as _TechAway_
cemc	or better yet, can I apt-get without automatically restarting any services ?	19:38
pmatulis	cemc: you don't have any services running in the chroot	19:51
pmatulis	cemc: are you saying how to prevent any from starting?	19:52
cemc	pmatulis: right. but I have them running outside of the chroot. what if I have a cupsd running outside, and cupsd gets updated inside the chroot?	19:52
pmatulis	cemc: the point is that you need to prevent any services from starting in the first place	19:53
pmatulis	cemc: this is documented	19:53
pmatulis	https://help.ubuntu.com/community/UbuntuLTSP	19:54
cemc	pmatulis: right, I saw that after I asked the first question. actually I thought it would be similar to a normal chroot (no LTSP), but I guess that's LTSP-specific then?	19:55
pmatulis	cemc: i think so, yes	19:55
cemc	mhm	19:56
pmatulis	cemc: anyway, you're looking for variable LTSP_HANDLE_DAEMONS=false	19:56
pmatulis	cemc: also, see IRC channel #ltsp	19:56
cemc	pmatulis: thanks	19:57
pmatulis	cemc: i happen to be upgrading my ltsp server to lucid right now	19:57
cemc	;)	19:59
=== _TechAway_ is now known as _Techie_
attention_chaud	hello, ok... I'm not sure if I am on crack or not but I can't remember how to list folders with owners and groups from root.... and I can't seem to find it on the web except for ls which only lists the files. Anybody able to help me? I feel mentally challenged at the moment.	20:39
Pici	ls -l	20:40
Pici	Or are you looking for something else?	20:40
Pici	like lsattr	20:40
Pici	!enter > Pici	20:40
ubottu	Pici, please see my private message	20:40
attention_chaud	no no ls -l!!! thanks Pici. I'm having a brain fart day	20:43
icek	Could the fact that I am running ubuntu desktop, rather than ubuntu server cause problems with dhcpd failing?	20:44
guntbert	icek: nothing speaks against the default dhcpd - I suspect its webmin...	20:44
icek	oh	20:45
guntbert	icek: what was the error?	20:45
icek	but when i vim into the dhcpd conf file it looks the same as the webmin one	20:45
icek	no subnet declaration for eth1 not configured to listen on any interfaces	20:45
icek	which implies that the dhcpd conf file is confgiured right	20:45
guntbert	icek: if it is not configured to listen on any interface - why should it start anyway?	20:47
icek	but i configured it!	20:47
guntbert	icek: my point: webmin did something wrong - so use vi (and your brain :-)) to configure it correctly	20:48
_Techie_	or nano =)	20:49
guntbert	_Techie_: only experts here - experts use vi ;-))	20:50
_Techie_	guntbert, i find that very insulting, i love my nano	20:52
guntbert	_Techie_: keep it - use it - be good with it :-) (and don't be easily insulted :-))	20:54
latenite	Hi folks, I am new to raid1 and want to know what to do fist: mdadm --create on both entire discs and THEN partioen my md device? OR create (say 5) same partitions on each disk and THEN do mdadm --create .. /dev/sda1 /dev/sdb1 and mdadm --create .. /dev/sda2 /dev/sdb2	21:29
fluvvell	latenite, need to partition first. Assuming your drive is blank	21:35
fluvvell	drives * are	21:36
dominicdinada	ugh if I was running pentesting on my web application and obviousally it found a hole and broke the phpmyadmin setup, it is forced an error and says check the logs. Would removing and reinstalling phpmyadmin correct the problem?	21:43
dominicdinada	I mean i also use mysql workbench on my Doze machines and that is able to connect, and all the tables i checked seem to be fine it is just the phpmyadmin tables that are causing problems	21:44
latenite	fluvvell, why not make md0p1, md0p2 , md0p3 ? what makes the difference between partionin fist or last?	21:49
fluvvell	latenite, you need the partitions before you can assemble a mirrored raid array.	21:55
qman__	latenite, you have to create partitions of type linux raid autodetect on all the disks you want to use, then you create the md device	22:03
qman__	md devices don't have partitions on them, if you want to divy them up, you need to use LVM	22:03
qman__	on my file server, I simply have disks with only one, full-size partition on them, which form md0, and an ext3 filesystem directly on md0	22:06
dominicdinada	how do i delete all my archived logs obviously rm -r *.gz deletes them in each folder i run it in but from /var/log/ how do i recursively delete all the archives without going to each folder	22:31
KillMeNow	domincdinada: you can use the find command with +mtime=X and pipe it to use the rm command	22:38
KillMeNow	something like: find *.gz +mtime +20 \| rm -rf	22:40
KillMeNow	the mtime command will look at how old the last modification was to that file	22:40
draik	I upgraded my Ubuntu server from 10.04 to 10.10, but now I don't have Internet access. I have an IP from my router, but no outside access. Has anyone come across this issue and found a resolution?	22:40
dominicdinada	KillMeNow: ok thank you	22:41
KillMeNow	make sure you test it out and DON"T do it from root	22:41
KillMeNow	you can bork lots of things up if you're not careful	22:41
KillMeNow	draik: sounds like you're getting an IP dynamically	22:42
KillMeNow	have you tried setting it statically to something outside the DHCP range?	22:43
KillMeNow	i'm done for the day folks, see you tomorrow	22:43
draik	KillMeNow: I have the IP set and is not shared.	22:43
KillMeNow	can you ping?	22:44
draik	I tried "google.com", but it gives "Unknown host"	22:44
KillMeNow	try pinging your gateway	22:44
KillMeNow	via IP	22:44
KillMeNow	if you can ping your gateway, it's not the network	22:44
KillMeNow	you'll likely need to set your resolver in /etc/resolv.conf	22:45
draik	Yup, I can ping the gateway.	22:45
KillMeNow	type this in: cat /etc/resolv.conf	22:45
KillMeNow	is there a nameserver listed?	22:45
draik	No. It is the domain that I gave it.	22:46
KillMeNow	ok, there should be two lines in resolv.conf	22:46
KillMeNow	nameserver xxx.xxx.xxx.xxx	22:46
KillMeNow	and if it's on a domain: search somedomain.com	22:46
draik	Yes, I have the "search domain.com" entry.	22:47
KillMeNow	the nameserver line should have the IP address of your DNS server	22:47
draik	I'll update the necessary fields with that of my desktop.	22:47
draik	Thank you, KillMeNow. BTW, is a reboot required, or just restart the networking service?	22:47
KillMeNow	you might need to restart the networking service, i don't think you need to reboot	22:47
KillMeNow	rarely do you need to reboot a service on linux	22:47
KillMeNow	yea you probably will need to restart the network service	22:48
draik	WOOHOO. I'm online again. Thank you, KillMeNow.	22:48
KillMeNow	welcome	22:49
=== jo-erlend is now known as StAlphonzo
bluefrog	in 10.10 how do I restart the network, pls? I added eth1 in /etc/network/interfaces and I would like to bring it up with tha parmeters I inserted.	22:58
bluefrog	ok got it. needed to use the old /etc/init.d/networking restart as service networking restart dos not work properly apparently	23:00
nomadgis	Is there anyone here that could answer questions about Bind9 configuration?	23:05
SpamapS	nomadgis: you should just ask your question, and somebody will pipe up if they have an answer	23:26
nomadgis	I am the owner of a hosted domain, but when browsers are pointed to my domain I want them to be directed to a directory on my local machine. Does this mean that I what I want is to host my domain myself? Or, do I need to configure BIND to direct traffic from the host to my IP?	23:32
SpamapS	nomadgis: that has almost nothing to do with bind 9 configuration.	23:33
SpamapS	nomadgis: IMO, you should let your DNS registrar host your DNS unless you have a very good reason to host it yourself (which may be as simple as "I want to learn how to do that."	23:34
SpamapS	)	23:34
nomadgis	If I allow them to continue hosting the domain, how do you then integrate a LAMP system with it?	23:42
qman__	nomadgis, the only way would be to configure a subdomain that points to your IP	23:42
qman__	and whether or not/how you do that depends on who hosts your domain	23:42
nomadgis	how so?	23:43
qman__	whoever is hosting your domain name for you, the person answering DNS queries for your name	23:43
qman__	how to configure that depends on how their system works	23:43
qman__	whether they have a web interface, email requests, trouble tickets, or whether they support doing that at all	23:44
nomadgis	the domain is at GoDaddy and I believe they have a fairly robust system for doing this kind of thing. I just don't know where to start looking. Forwarding addresses, subdomains, and TCP/IP traffic in general are all fresh topics for me...	23:45
qman__	you can host it yourself, but that requires significant work and configuration at your registrar	23:45
qman__	well, what you want is a subdomain pointing to your IP	23:45
qman__	you could do a redirect but the content hosted on your local server would still be referred to by IP once forwarded	23:46
qman__	to have full name functionality, a subdomain is the way	23:46
nomadgis	sounds likely. and how does this work?	23:47
qman__	you set it up with your DNS provider	23:47
qman__	then, the main domain points to your hosted site, and the subdomain points to your local server	23:47
qman__	there is no technical reason you can't do this, but your provider might have limitations	23:48
nealmcb	nomadgis: it might help to review why you want to serve from your local machine (which will probably be less available etc). Would it work to mirror that local directory to the machine at your hosting provider?	23:48
=== jjcm_ is now known as jjcm
nomadgis	I think that would also work. basically I have some fairly sophisticated things happening on my machine related to web mapping. tons of geographic layer being served and accessible to my via localhost...but I want this same access via mydomain.com	23:51
=== jjcm is now known as jjcm_
=== jjcm_ is now known as jjcm
nomadgis	for example a postgresql db runs by default on localhost:5432, but I want to access the same data stored locally on my machine from mydomain.com:5432	23:53
nomadgis	from www	23:53
nealmcb	nomadgis: hmmm - could be risky to expose your home machine to the internet like that - and is postgresql really set up to be securely used over the internet?	23:55

Generated by irclog2html.py 2.7 by Marius Gedminas - find it at mg.pov.lt!