[00:00] yeah, you really should not be hosting SQL directly like that [00:00] the application and the database should be on the same machine or firewalled network [00:01] your right. the db might have been a poor example. but information protocols that are meant for internet consumption that are served on localhost I would like from mydomain.com [00:02] for example. ebox. if I want to control a server installation from www via ebox. how are these associated? [00:04] nomadgis: for something like ebox, setting up subdomain.mydomain.com (with whatever ports) as qman noted would be fine [00:06] now clear why it would be worth the extra hassle to instead actually use mydomain.com: and proxy the connections to your home [00:07] i don't fully understand you last comment nealmcb, could you explain it another way? [00:08] <^Mike> So, my "server" (desktop, headless, pretending to be a server) shuts off randomly... where should I look in logs to see why it decided to take snooze? [00:19] how to open mysql/mysql admin ports for local network traffic only as i am trying to remotely admin mysql and always get errors, using programs such as mysql workbench i am able to connect via SSH for table management but unable to run admin level functions [00:23] ok [00:24] credo di essere nel canale giusto [00:24] !es | DJClean [00:24] DJClean: En la mayoría de canales de Ubuntu se habla sólo en inglés. Si busca ayuda en español o charlar entra en el canal #ubuntu-es. Escribe "/join #ubuntu-es" (sin comillas) y dale a enter. [00:24] !es | djogenick [00:24] djogenick: En la mayoría de canales de Ubuntu se habla sólo en inglés. Si busca ayuda en español o charlar entra en el canal #ubuntu-es. Escribe "/join #ubuntu-es" (sin comillas) y dale a enter. [00:24] i speak italian :-/ and poor eng thank [00:25] !it | djogenick [00:25] djogenick: Vai su #ubuntu-it se vuoi parlare in italiano, in questo canale usiamo solo l'inglese. Grazie! (per entrare, scrivi « /join #ubuntu-it » senza virgolette) [00:25] sorry [00:25] ok /join #ubuntu-it [00:26] yes :P [00:26] how to open mysql/mysql admin ports for local network traffic only as i am trying to remotely admin mysql and always get errors, using programs such as mysql workbench i am able to connect via SSH for table management but unable to run admin level functions === _Techie_ is now known as _TechAway_ [01:04] hypothetically, if you have apache installed on a desktop that is part of a wireless LAN who's port 80 is open for inbound and outbound traffic, if you attempt to access this machine from www at xxx.xxx.xx.xx:80 how can you ensure that you are pointing at the machine your machine? (and not another machine on the same LAN also running apache) === _TechAway_ is now known as _Techie_ [02:02] biggest noob question ever [02:03] is there a command to take a server back to lts stock status. remove all modules and plugins etc [02:03] 10.04lts [02:03] modules...? plugins? [02:03] like programs you've installed? [02:03] well un apt-get the world [02:03] lol [02:03] no. [02:03] fresh install. [02:04] why do you want to do that? [02:04] booooooooooo [02:04] ...seriously? [02:04] playing with nginx. got outa control lost track of dependencies ect [02:04] just screwing with it [02:04] VM [02:04] snapshots ftw if you're "just screwing with it" [02:04] yeye this is not local [02:05] a linode [02:05] ill just blast it [02:58] Anyone alive in here ? [02:59] Nope. [03:01] Ok ScottK how to safely open my firewall to allow only local network [03:01] for mysql admin er for remote mysql admin ? [03:02] I don't so mysql admin, so no idea. [03:02] I'm guessing ssh to an account with sudo access should be sufficient, but that could be totally wrong. [03:05] well i am talking about using such programs such as mysql workbench but i already ssh into read the tables.... but it does not allow mysql admin functions such as mysql configuations [03:21] hey i installed ubuntu server, i got dhcpd3-server running great, i wanted to turn the server into a router basically to replace my current router, i have two ethernet cards, my eth0 has an external ip and the server has internet, the dhcp server runs great and handed out leases to my laptop on the inside, but for some reason i cannot get to the internet? [03:21] why wont my dhcp server forward my internet from my eth0 to my eth1 [03:21] or however that works [03:21] something to do with packet forwarding? i thought i uncommented that line [03:21] to allow ipv4 packet forwarding [03:21] DHCP has nothing to do with routing [03:22] Well, except the DHCP server can tell DHCP clients what gateway to use. [03:22] ok well, i installed the dhcp server, it works great, i just want to get internet now [03:22] :D [03:23] To turn an Ubuntu server into a router, you will want to turn on ip_forward in /etc/sysctl.conf. [03:23] Hello, I performed a network update from ubuntu server 8.04 lts to 10.04 lts, but im getting a strange error : http://pastie.org/private/oqu1alzpbisjotudloxg . The bob user was a user i removed a few months ago, I don't know how or why it's still being found [03:23] i did twb [03:23] Does anyone know what byobu is or, better yet, what this error is [03:23] You will very likely also want to set up firewalling on the FORWARD chain, and if your "downstream" network is using a private IP range, you will need to add rules to the *nat table to perform masquerading. [03:24] Flam`: sounds like you didn't remove that user properly [03:24] What's the proper way? [03:24] Flam`: try looking in /etc for references to "bob" [03:24] e.g. grep -r '\' /etc/ [03:25] The right way to remove a user depends on what authentication database you're using. For flat files (the default), it'd be something like "deluser bob". [03:26] I did it via deluser. grep returned nothing. [03:26] I think it's because that user opened a screen and possibly exited ssh without shutting it down. Then I deleted that user. [03:27] And now I don't know where it's still finding his name [03:28] hey i enabled ipv4 forwarding [03:28] but it still doesnt work [03:28] :/ [03:28] the server gets internet [03:28] but when my internal computer gets an ip from the eth1 dhcp server [03:28] i cant get to the internet [03:50] Fix: I ran "sudo find / -nouser -ls" and found "/var/run/screen/S-liran" so I did "sudo rm -rf /var/run/screen/S-liran" and it fixed my problem. [03:50] It's times like these where I wish I had a blog. [03:50] bob == liran === _TechAway_ is now known as _Techie_ [04:05] i installed dhcpd server, it works fine on eth1 and my eth0 server has internet access just fine, but when i connect another comptuer to the dhcp server, it cant get internet!!! i turned on ipv4 forwarding :? [04:06] any ideas? === unreal_ is now known as unreal [05:07] !info libc6 lucid [05:07] libc6 (source: eglibc): Embedded GNU C Library: Shared libraries. In component main, is required. Version 2.11.1-0ubuntu7.2 (lucid), package size 3690 kB, installed size 9360 kB === twb` is now known as twb [05:44] Hey guys, is there a http proxy i could use temporarily. I know that sounds kinda sketchy, but i'm just trying to figure out wtf is happening to my network. I think the ISP has dropped all http traffic [05:48] cxo: fire up an EC2 instance and bounce via ssh [05:50] What's EC2? [05:50] :) [05:50] cxo: Amazon Web Services, you can spawn a server for about $0.04 USD/ hour. [05:51] cxo: you can try it out for 1 hour for free with Maverick: https://10.cloud.ubuntu.com/ [05:51] cxo: there are others too.. Rackspace Cloud.. Go Grid, Linode .. all will rent you server instances pretty cheap. [05:52] Hmm will look into it. But right now http/https doesnt work so I cant access any of those sites [05:53] You wouldnt mind grabbing me an ip address for a proxy server somewhere in north america, would ya? :) [05:54] Or just get an account on lp or alioth or freeshell [05:54] I've been pissing about writing new NAT rules today, and it was easiest to just test them from alioth [05:55] I have an lp account actually. [05:55] You can ssh into lp ? :) [05:56] cxo: so port 80 is blocked? that doesn't make much sense. [05:56] https too [05:56] cxo: I don't remember [05:57] I used to be able to ssh into sf.net, but they removed that service during the decade or so between my connection attempts [05:57] cxo: oh, right. lp has ssh, but only for use by bzr. You don't get a shell [05:57] well i dont need a shell if i'm just going to tunnel right? [05:58] If lp has a clue, they'll have disabled -L and friends. [05:58] actually i cant even remember my lp password. I use sf.net and get lp to import the code periodically [05:58] i just need someone to go google for 'free proxy servers' or something and give me a few ips [05:58] cxo: lp's sshd is key only [05:59] cxo: depending on what you're trying to achieve, you could also use tor or a "darknet". [05:59] i am having trouble remotely admin mysql and i am wondering what the problem is. Where the setting are set to allow remote mysqladmin [06:00] dominicdinada: over 22 or 3306? [06:00] dominicdinada, by default mysql listens on a local unix socket [06:00] twb, just realised that lp is key only. I'm guessing bzr does some magic to send a key along, cos its not using my hostkeys [06:01] if you want to listen for network connections you have to configure it that way, though such a configuration is not recommended because there is no encryption [06:01] SSH is the preferred way [06:01] cxo: uh, host keys aren't user keys [06:01] yeah [06:01] cxo: it'll be inheriting your ssh-agent/seahorse environment, though. [06:02] well i am trying to use such programs as mysql workbench and it used to connect only over ssh, but now trying to iron out why i cant admin tables or anything i am open to suggestions === _TechAway_ is now known as _Techie_ [06:02] so it did connect via ssh tunnel but as i said now it wont even connect lol [06:07] how do i tell ssh i dont want a shell :) [06:08] guys dont be lazy, google a proxy for me please [06:09] cxo flaming are we i think that is off topic [06:09] i have googled [06:10] possibly, just thought it wouldnt be a big deal... looks like i was wrong [06:12] cxo: did you have an external ssh server you can access? [06:13] not at the moment. a free web proxy would be best right now [06:13] twb: well i am trying to use such programs as mysql workbench and it used to connect only over ssh, but now trying to iron out why i cant admin tables or anything i am open to suggestions [06:15] from wwww.proxyblind.org: Brazil: 201.20.18.165:3128 [06:15] Canada might be better [06:15] 174.142.104.57:3128 [06:16] supposedly working on the 11th [06:16] i wouoldn't trust them, i wouldn't use them for anything identifiable or private [06:17] nothing private, just want to view a web based log [06:18] it also pays to have an ssh server somewhere you can log into from anywhere [06:18] even some cheap web hosting accounts will give oyu ssh access you can tunnel through [06:18] yeah, i used to have a few, not anymore [06:20] ssh -N to not execute a remote command [06:20] from man ssh [06:23] thanks === _TechAway_ is now known as _Techie_ [06:28] cxo: "i don't want a shell" -- -N [06:28] Oops, nagchampa already said [06:29] i get this message from ssh, -> channel 2: open failed: unknown channel type: unknown channel [06:31] New bug: #663101 in postfix (main) "package postfix 2.7.0-1 failed to install/upgrade: subprocess installed post-installation script returned error exit status 75" [Undecided,New] https://launchpad.net/bugs/663101 [06:47] would it be generally safe to remove modules from the kernel if they aren't being used? [06:47] I guess I should probably figure out what they are... :P [06:48] next question.. how can I keep them from loading on boot [06:48] Datz: "make localmodconfig" [06:48] But you shouldn't be rolling your own kernel without a really good reason, since it increases the maintenance burden non-negligibly. [06:49] You can blacklist modules by placing "blacklist foo" or "install foo /bin/false" in /etc/modprobe.d/site.conf. [06:49] ah [06:50] IIRC the former prevents autoloading; the latter prevents manual loading (including stuff like udev). [06:50] thanks, I'll look into those options [06:50] ok, I'll take a look at the former [06:50] Or you could brute-force it by rm'ing it and adding dpkg-divert rules, which is what I do at my prisons to deny them access to USB mass storage devices. [06:50] (Just in case a user manages to escalate to root.) [06:50] humm :P [06:53] down to 55.. [06:53] Datz: what are you actually trying to achieve? [06:57] less than marginal saved cpu cycles? [06:59] So you've profiled the CPU usage and noticed a significant reduction? [07:00] no, I meant probably not noticeable. [07:00] I suspect that things like enable CPU frequency scaling would help more than removing modules. [07:00] Ah, right. [07:00] "ricing" [07:00] haha [07:01] I figure without a floppy drive, I don't need the modle loaded :) [07:01] etc [07:01] I don't know why it would be in the first place actually [07:04] It shouldn't be [07:04] Unlses you have the controller on your motherboard, I guess [07:04] It might also be loaded by the ramdisk when it's looking for the root filesystem [07:04] humm [07:04] Try changing modules=most to modules=dep in initramfs-tools.conf? [07:05] * Datz makes a note of that [07:05] where is initramfs-tools.conf? [07:09] Datz: use the "locate" command with filename as argument. If not found, try "sudo updatedb" and try again [07:10] thanks [07:12] hum, file seems empty. Anyway, I'm off to bed, bye. [07:41] how can i tell how an fqdn is being resolved? [07:41] hostname just gives the shortname for my server, and /etc/hosts has only got the short name, pointing to 127.0.1.1 [07:42] the router doesn't have an entry for the fqdn or even the short name of the machine as far as i can tell === Barre_ is now known as Barre [07:49] Hi all, I've just done an upgrade of 8.04, which has upgraded slapd 2.4.9-0ubuntu0.8.04.3 -> 2.4.9-0ubuntu0.8.04.4, and during the upgrade I hit: Unknown value for slapd/dump_database: when needed; has anybody else seen this before? [07:49] nevermind, i found it === Barre_ is now known as Barre [08:16] Nevermind, I solved my issue; I changed the option in debconf from 'when needed' to 'always' and it got better. === jjohansen is now known as jj-afk [08:20] Not so much "solve" as "work around" [08:20] Looked like a quoting issue in the preinst, but I couldn't see where. [08:22] <_ruben> bah, seems like bug #477167 is one the reasons/bugs that keeps me from installing these servers [08:22] Launchpad bug 477167 in debian-installer "can't set bootable flag when partitioning during install" [Undecided,New] https://launchpad.net/bugs/477167 [08:22] <_ruben> software raid1 over 2 2tb disks .. gpt labels .. lilo and grub2 fail to install [08:24] <_ruben> /usr/sbin/grub-setup: warn: This GPT partition label has no BIOS Boot Partition; embedding won't be possible!. [08:24] <_ruben> /usr/sbin/grub-setup: error: embedding is not possible, but this is required when the root device is on a RAID array or LVM volume. [08:58] hey guys how can i prevent my network from being tcp flooded [08:58] i have a router taking the brunt of it but its preventing me from accessing my server [09:09] I have a customer's developer telling me they can't get hardy's ffmpeg to emit MP3, and they need me to reroll a new fmpeg built against lame. [09:10] Does it seem strange to anybody else that ffmpeg would be built --without-lame? [09:10] Hmm, it's the upstream default [09:13] having a little problem with iptables on my server... to be more specific on modprobing the iptable_raw module, it just hangs at that one and well... been like that for over 8 hours already... might there be a specific reason for it to hang on that? [09:17] hey guys im having issues connecting to my server. i checked my router security logs and noticed some tcp flooding how can i prevent that [09:18] Hi all [09:19] I'm looking for help regarding configuration of the new Slapd (OpenLDAP) daemon. I could configure it fine using the old slapd.conf, but it's now all dynamic and editable via LDAP - Does anybody have a pointer to docs on the subject? [09:35] Hello all. Experimenting with Ubuntu-server. Having a minor problem. When creating new files using my FTP-editor (PSPad), they are always default not accesible. For example, if I create a new file "heythere.js" and put some Javascript in it, then my HTML can't real that JS file because "Other" group doesn't have the Read bit on. I have to manually set the Read bit everytime I create a file. [09:36] There must be somewhere I can change that? [09:36] (I'm talking Apache server and HTML / Javascript stuff) [09:36] mr_lou: google for umask [09:38] mr_lou: please be aware that chaning the umask to 0004 for example will make all your new files readable by EVERYONE [09:38] mr_lou: Better solutions are to change the group to www-data for example [09:39] Hmm [09:40] mr_lou: You could use the group sticky bit on the parent directory to inherit the group from the parent directory for new files [09:40] mr_lou: see http://www.dba-oracle.com/linux/sticky_bit.htm for example [09:40] I have a problem running ubuntu uec images locally with kvm as documented here: https://help.ubuntu.com/community/UEC/Images [09:41] I keep getting "error: no such device: uec-rootfs" from grub [09:41] Is someone here who is familiar with the UEC images? [09:42] I'm running: "kvm -fda maverick-server-uec-i386-floppy -drive if=virtio,file=disk.img,media=disk -boot a" after creating disk.img with "qemu-img create -f qcow2 -o backing_file=maverick-server-uec-i386.img disk.img" [09:44] flohack: 004 is probably a bit too generous [09:46] 047 maybe, so the group has r-x access [09:47] um... [09:47] Isn't 4 = write [09:47] twb: Ups 0002 was what I meant [09:47] mr_lou: umask is xor'd [09:47] twb: But I would not recommend that either [09:47] But I realize now by "the other group" he means non-owner non-group users [09:48] yea [09:48] Apparently the server itself belongs to the "Other" group. [09:48] mr_lou: Which server? [09:48] Since it can't read the files, unless I set the Read bit. [09:48] Apache [09:48] mr_lou: probably you want the tree to be grouped by www-data, not mr_lou [09:48] mr_lou: No, apache is usually www-data [09:48] hmm [09:49] i.e. ls -l will say something like "rw-r----- mr_lou www-data foo.js" [09:49] mr_lou: 'other' means processes running with a group which is different from the group owning the file [09:49] Well... all I know if that when I create new files using my FTP-editor, then my HTML can't read them because the "Read" bit isn't set for the "Other" group. [09:49] mr_lou: It's like a 'catch-all' [09:49] mr_lou: Did you get that? [09:50] The problem with the permissions for 'other' is that it applies to ALL other users and processes on your system, so by setting the read permission for other, you are not only granting apache access, but EVERYTHING else, which is a very bad idea. [09:51] How do I check if the www-data user is applied to Apache? [09:51] Therefore the proper (one of) approach is to change the group of the files to www-data [09:51] mr_lou: you ask us [09:51] ps aux|grep apache [09:51] mr_lou: and we say "apache uses www-data by default, so unless you messed with it, it will" [09:52] mr_lou: execute "ps aux|grep apache" on the console and the first field will say "www-data" [09:52] Yea, it's there already, several times. [09:52] already = alright [09:52] flohack: re kvm, shouldn't that be -hda, not -fda? [09:52] mr_lou: That's how you check without asking :-) [09:53] nm, it's a foo-floppy file. How weird. [09:53] First field says root though. [09:53] twb: *-floppy contains grub as it seems [09:53] Followed by 5 www-data lines. [09:53] mr_lou: if you are logging in as root, you have bigger problems. [09:53] flohack: you *can* just pass a kernel and ramdisk directly to kvm [09:53] mr_lou: That should be just for one of the apache processes [09:53] twb: I'm not. Especially not when FTP'ing. [09:54] Well, you shouldn't be using FTP either :-) [09:55] mr_lou as got a bit of linux studying ahead of him :-) [09:55] twb: Hmm -loader could be the initrd...let's try that [09:55] http://en.wikipedia.org/wiki/Discretionary_Access_Control describes the Unix permission system [09:55] This here is studying. ;-) [09:55] flohack: no, it's -kernel and -initrd [09:56] Caveat: I'm talking about qemu, of which kvm is a fork. I *assume* kvm haven't fucked up and removed those options. [09:56] I don't know everything, but it's not the first Linux server I'm playing with. Been experimenting with Debian and Arch earlier, and I had no such problem with them. [09:56] Or: you didn't *know* you have such a problem [09:57] twb: I meant the maverick*-loader image, kvm takes -kernel and -initrd btw. [09:57] I would surely know if I had. [09:57] flohack: good-o [09:57] And I hadn't. [09:57] flohack: do you have a URL for this -loader file? What format is it in? [09:58] Last time I looked, you could tack the ramdisk onto the end of the kernel, but then it'd just be -kernel. [09:58] twb: It's in the i386 tar on http://uec-images.ubuntu.com/server/maverick/current/ [09:59] Bizarre; file doesn't recognize it as anything [09:59] It has some kind of grub in it, so maybe it's just the grub stage2 [09:59] twb: The kernel boots, but does not find the root device even with "-append root=/dev/sda1 [10:00] Explain to me why it's bad that HTML files and JavaScript files can be read by everyone. Somehow it seems logical to me that they should infact be readable by everyone. [10:00] flohack: -append is only visible to -kernel AFAIK [10:00] twb: The kernel log says it cannot read the ramdisk [10:00] Surely the Read bit for group "Other" must be set? It's even set on the .bashrc file by the system itself. [10:00] mr_lou: The same issue applies to php files, and they should definitely not be readable by everyone [10:01] flohack: That makes sense. [10:01] mr_lou: there is no 'other' GROUP, it is simply 'other' which means everyone else who is not user or group [10:01] mr_lou: Debian packages by convention ship files readable by everyone, on the basis that an attacker could always just download the .deb again and unpack it by hand. [10:01] Yes I get that. [10:02] In that case I shouldn't use umask. [10:02] The proper solution is to move your files to /var/www/XXX and do "chown -R root:www-data /var/www/XXX" [10:02] Or if these are personal files, they go in ~mr_lou/public_html or whatever it is. [10:02] twb: ACK [10:03] And /var/www is hysterical, really files belong in /srv/www [10:03] Not that I realistically expect anyone to do that [10:03] They're put in the home folder for now, because that's where the FTP default points to. And I like to be able to use my FTP-client-editor for coding. [10:05] So Apache does have the www-data group. Yet I can't see my HTML or PHP page unless read-bit is set for 'other'. [10:06] And since it shouldn't be set for 'other'.....then what? :-/ [10:06] Please post the output of "ls -Al myfile" [10:06] and tell us the full path please [10:07] and the URL you are using to access it [10:08] Well currently it's /home/companyname/AppName/index.php [10:08] URL is internal IP. [10:09] Not sure how I can paste output from ls -Al here. Using Putty here in Windoze... but the permission info is 640 [10:09] -rw-r------ [10:09] mr_lou: and the full url? [10:09] flohack: Internal IP... http://192.168.1.3/index.php [10:10] Have you reconfigured apache to use /home/companyname/AppName/index.php as it's document root? [10:10] Yes [10:10] Works fine if the read-bit is set for 'other'. [10:10] Blank page if not. [10:11] the group and owner of the index.php? [10:11] flohack: company name for both [10:11] mr_lou: Then how is that supposed to work. Group has to be www-data [10:11] flohack: Meaning, the only user created (apart from root) [10:12] I use addgroup to put www-data onto the AppName folder then? [10:12] Apache run with group www-data, the file has group company, set so the 'other' permissions apply and those are null, therefore apache does not have access [10:12] mr_lou: no [10:13] mr_lou: chgrp www-data FILE [10:14] twb: I think the problem is that maverick*.img is a partition image, not a disk image [10:14] That's retarded. the ramdisk shouldn't care about that [10:15] But obviously that'd be root=/dev/sda not sda1 [10:15] flohack: And then the sticky bit to put the www-data group onto all files created in the folder? [10:16] mr_lou: the group sticky bit, yes [10:18] twb: But there is no separate initrd. It boots with "kvm -drive if=scsi,file=disk.img,media=disk -kernel maverick-server-uec-i386-vmlinuz-virtual -append root=/dev/sda", but cannot write access the root partition, because ext4 support seems to be available only using a module within the initrd [10:18] I cannot use a -initrd, because there is not separate initrd [10:20] flohack: Tried chmod +t AppName Should all new files created then belong to group www-data? They don't. [10:20] twb: Hmm, "kvm -drive if=virtio,file=disk.img,boot=on -kernel maverick-server-uec-i386-vmlinuz-virtual -append "root=/dev/vda ro init=/usr/lib/cloud-init/uncloud-init ds=nocloud ubuntu-pass=ubuntu"" worked! [10:22] mr_lou: It's chmod g+s AppName [10:22] sorry, my fault [10:22] so, it's the special bit, not the sticky bit [10:23] flohack: Do I need to remove the +t again then? With -t? [10:23] mr_lou: You should, yes [10:23] Ok [10:24] Still not. :-/ [10:24] New files belong to companyname user and group companyuser. [10:28] mr_lou: http://pastebin.com/BySbUwVu [10:29] flohack: oh, right [10:30] virtio is like xen, it gets a wacky name. Sorry, I didn't think of that [10:30] flohack: Damn.. I'm writing the same you do, I'm just getting another result. :-/ [10:31] flohack: Thanks for your help anyway though. Much appreciated. [10:31] mr_lou: are you creating the file with the ftp client? [10:31] mr_lou: maybe the ftp client explicitly sets the group? [10:31] flohack: Not this time. I used touch like you. It still belongs to the group companyname [10:31] flohack: Also tried with nano before that. [10:32] mr_lou: are you sure the special bit (rws) is present on the directory (check with ls -Al) [10:33] flohack: No, not sure. But it says this: drwxr-xr-x 2 companyname www-data [10:34] mr_lou: The special bit is not there [10:34] Hm [10:34] So chmod g+s isn't working for me? Is that it? [10:36] New bug: #663161 in clamav (main) "clamav-freshclam does not set the proxy username and password" [Undecided,New] https://launchpad.net/bugs/663161 [10:36] * mr_lou reads at http://en.wikipedia.org/wiki/Chmod [10:36] mr_lou: You need permission to change the s bit, run the command with sudo [10:36] doh [10:36] mr_lou: No idea why chmod does not warn you about that [10:37] if you change the s bit before changing the group, it works, because the group is still the group of your login user [10:37] lol [10:37] It's there now, but now I can't access the folder. [10:38] Hm [10:38] mkay [10:38] So.... [10:38] I must remove the S bit again, then set user back to companyname, then set S bit again and then set group to www-data? [10:38] :-> [10:39] What is the ls -Al output of the folder now? [10:40] There [10:40] Seems to work now. [10:40] * mr_lou needs a beer [10:40] great [10:40] hehe [10:40] Thanks a lot for your help flohack [10:41] mr_lou: you're welcome! [10:43] flohack: I actually got myself "The Linux Bible", which I'm looking in sometimes. I really like Linux, but it's a huge area to learn. [10:44] mr_lou: A lot to learn, but it's the real thing (does not hide the details like windows / mac os does) and understanding how things work make you much more effective when troubleshooting [10:45] hi! Did they remove Support for Promise FastTrak TX4000 in 10.10? and if so, how can i add it while installing?# [10:45] flohack: That's why I don't quit. ;-) [10:48] flohack: If you can recommend me any other beginner books, explaining the structure and such, then I'll put them on my Christmas wishlist. "The Linux Bible" seems to be mostly a lookup for the many various commands, which of course is also quite handy. But would like to understand more about how everything is connected and such. [10:49] mr_lou: sorry, I never read such a book [10:49] flohack: Ok === oxi_ is now known as oxi === unreal_ is now known as unreal [10:52] hi! Did they remove Support for Promise FastTrak TX4000 in 10.10? and if so, how can i add it while installing?# [10:54] flohack: Well I' [10:54] flohack: Well I'm off. Thanks again. :-) === aliverius_ is now known as aliverius === _Techie_ is now known as _TechAway_ [11:34] it cant be that fucking tricky to add fucking support for the fucking tx4000 during the fucking Installation, or would it? [11:34] Did they remove Support for Promise FastTrak TX4000 in 10.10? and if so, how can i add it while installing?# [11:45] <_ruben> anger78: such an attitude isn't likely to yield very helpful responses in here [11:46] New bug: #663192 in mysql-5.1 (main) "Query with this_.id=? buggy" [Undecided,New] https://launchpad.net/bugs/663192 [11:47] !language | anger78 [11:47] anger78: Please watch your language and topic to help keep this channel family friendly. [12:12] ok, and how would i load additional drivers during the installation? [13:54] Anyone that can help, upgraded 10.04 to 10.10 and now got ubuntu-extras-keyring error like this bug [13:54] https://bugs.launchpad.net/ubuntu/+source/ubuntu-extras-keyring/+bug/650525 [13:54] Launchpad bug 650525 in livecd-rootfs "Failed to fetch http://extras.ubuntu.com/ubuntu/dists/maverick/Release ; missing key" [High,Fix released] [13:54] But runing there fix comand sudo apt-get --reinstall install ubuntu-extras-keyring dosent do anything, same error [13:58] I need help to import a valid public key to my server. [14:06] New bug: #663252 in antlr3 (main) "antlr3 doesn't contain antlr3-runtime.jar" [Undecided,New] https://launchpad.net/bugs/663252 [14:13] If I have some gameservers running over the RAM on the server, does it use the swap partition?= [14:14] swap is dead. buy more ram ;) [14:15] I'm trying to find out how many servers I can run [14:15] * patdk-wk didn't know you could run gameservers on ram [14:16] Augustuen, the short answer is yes. if you have a swap partition, if ram usage starts maxing out, it'll start paging in and out of swap [14:16] ok [14:16] and when it pages, everyone will bitch, cause the game will lag to all hell [14:17] but if I have 2 GB RAM and You can run a 20 player server on a 1GHz CPU, 512MB RAM and an upload of 2Mbit/s (33Tick) [14:17] how many servers could I then run? [14:17] depends on the cpu, ram, and internet :) [14:18] not just ram [14:18] and what game. Aion, maybe 1 player on that. nethack-mmo, a bazillion [14:18] plus, context switching will eat your proformance a little, unless your using vm's, then it will eat proformance a lot [14:18] Counter-Strike: Source [14:19] or Half life 2 in genera [14:21] Anyone that can help, upgraded 10.04 to 10.10 and now got ubuntu-extras-keyring error like this bug [14:21] !lts [14:21] LTS means Long Term Support. LTS versions of Ubuntu will be supported for 3 years on the desktop, and 5 years on the server. The current LTS version of Ubuntu is !Lucid (Lucid Lynx 10.04) [14:27] I use ubuntu official image ami-6c06f305 launching a new micro instance on AWS, it works fine; but after I customize the instance and bundle a new image, I can not ssh to any new instance launched from my image [14:27] any ideas? [14:35] hi all, where do I find the log of ssh users logins and so on? [14:37] well, I don't think there is a difference between local and SSh logins [14:37] (exept from tath the SSH doesn't log on directly, but on teh network ;)) [14:38] Help me with folowing error "ubuntu-extras-keyring is not configured yet" on a newly updated 10.04 --> 10.10 [14:41] hi all [14:42] i'm trying to serve a single program to users over ssh. once the program terminates, it should disconnect [14:42] how do i accomplish this? [14:42] set it as their shell [14:42] where do i do that [14:43] and I think you need to disallow scp, not all sure [14:44] kirkland: can i take vsftpd off your hands? [14:45] zul: please :-) i didn't know it was on my hands :-P [14:45] SockPant1: even if you set it to their shell, they can just type 'ssh yourbox /bin/bash' and bypass that [14:46] SockPant1: you can force execution of a certain program whenever a certain public key is used, and I believe that isn't bypassable. [14:47] SockPant1: but, why ssh? ssh is "Secure shell" .. its really not for serving things non-interactively. [14:50] heh? ssh passes that as a param to your shell [14:51] is ubuntu able to manage several swap partitions ? [14:52] I have 4 swap partitions on 4 disks [14:52] lau, sure [14:53] patdk-wk: good point. hrm. [14:54] lau: swap is... not a good thing. Why do you want to have 4 swap partitions? [14:54] * patdk-wk only uses swap for hibernation [14:59] On lucid; Does anyone know how to check or set the power down delay/timing for external USB drives? [15:04] I would guess it can be tweaked at runtime in /sys somewhere [15:06] I agree SpamapS but I have a limited budget and 4 disks with the same geometry [15:06] I created the same partitions on these 4 disks [15:06] New bug: #663288 in drbd8 (main) "package drbd8-utils (not installed) failed to install/upgrade: trying to overwrite '/usr/share/cluster/drbd.sh', which is also in package rgmanager 0:3.0.2-2ubuntu3" [Undecided,New] https://launchpad.net/bugs/663288 [15:06] RAID1 for /boot and generally speaking / [15:07] then RAID 5 for filer share [15:07] I needed some space for swap for the system so I created the same swap partitions on all the 4 disks in order to keep partition characteristics to build RAIDs [15:08] does this make sense ? [15:08] now I have /boot on RAID1 /var on RAID 1 and /mnt/filer on RAID 5 [15:08] it remains 4 swap partitions and I am wondering what is the best to do with them [15:09] keep the swap partitions as is [15:09] or RAID 1 the swap partition ? [15:09] hrm, so how can I search inside all the files in a specific dir for a certain phrase? [15:09] jussi: grep ? [15:09] lau: tell me more... [15:10] /var/log/auth [15:10] man grep [15:10] jussi: grep 'string' * [15:10] maedox: that will search within the files? [15:10] grep -R 'string' /path/* [15:10] yes [15:10] ok, thanks [15:10] try it [15:10] use * as wildcard in 'string' [15:10] jussi: it will search in all files in the current dir yes. [15:16] is grub-install /dev/md0* writing GRUB on active disks __and__ spare ones too ? [15:16] how can I check ? [15:17] maedox: lau, I found what I was looking for, so thank you [15:22] good morning [15:22] I am unable to establish a successful ODBC connection using iSQL [15:23] ODBC connection works great when accessed through PHP/Apache [15:24] I am getting "Communication link failure" [15:24] however the same DSNs work from php/apache [15:32] ODBC Issue: [15:32] I have my DSNs defined in the config file and they work flawlessly from php/apache. However, the connection fails when I attempt to connect via iSQL or php CLI === Danio` is now known as Danio [15:34] anyone? [16:05] Hello, anyone good at iptables who have time to help me out with my firewall script. http://pastebin.ca/1966994 It works now forwarding port 4000 to 3389 on the local interface. I would like to add so i also can access it on the external interface. [16:15] nijaba: o/ [16:15] nijaba: at Hadoop World you mentioned that syslog wouldn't scale for distributed applications [16:15] nijaba: why? [16:16] nijaba: I'm investigating solutions for cloud-server-n-distributed-logging and looking at rsyslog [16:22] New bug: #359130 in kvm (main) "Display problem under KVM" [Undecided,Incomplete] https://launchpad.net/bugs/359130 [16:22] mathiaz: have you looked at syslog-ng we used it at the isp i was working at and it was pretty distributed [16:22] zul: yeah - apparently rsyslog scales better than syslog-ng [16:22] zul: and rsyslog is the *default* in ubuntu [16:22] mathiaz: cool [16:36] My 10.4 LTS server is extremely slow to boot, slow to login and sometimes times out on after entering a password for "su". Are there any suggestions for what I should be checking on first? [16:40] ehcah: is the turbo button pressed down? [16:40] ;) [16:42] SpamapS: I have a hard time deciphering when someone is taking a poke at me on this channel. The hardware is a DL380G4. I thought those buttons disappeared with 386's? [16:42] hello can somebody help me with this permission problem here ? [16:42] Oct 19 17:12:30 mydomain postfix/virtual[2587]: warning: maildir access problem for UID/GID=5000/5000: create maildir file /usr/local/virtual/info@mydomain.com/tmp/1287501150.P2587.mydomain.com: Permission denied [16:42] looks like the uid of the dir is different then 5000 but how can i see what uid the dir has ? [16:42] ehcah: ok, sorry... yes they did. ;) I've had a lot of DL380G4's running Linux, and they definitely always boot slow. But once they're up, they're usually blazing fast. [16:45] SpamapS: Very true, but I have 2 DL380's running one, on top of the other. The box I'm concerned about almost seems to hang it's soo slow. Easily 5 times longer than its neighbor. [16:45] mathiaz: btw, syslog doesn't scale because it requires immediate availability of the log target [16:46] SpamapS: hm - rsyslog can spool messages locally if log targets are unavailable [16:46] mathiaz: thats why facebook created Scribe. IIRC, its actually usable now (when I tried to use it it was impossible to build properly) [16:46] mathiaz: will it retry them later? [16:46] SpamapS: hm - I hope so [16:46] ehcah: I'd suspect a degraded RAID [16:47] ehcah: do you have the hpacucli utility installed? [16:47] SpamapS: what syslog is missing is acknowledgment that a message has gone through the whole chain [16:47] SpamapS: once a message as been sent over the network by syslog it doesn't care anymore [16:47] SpamapS: that's one of the feature of flume [16:48] mathiaz: I'm guessing flume is very heavy though. [16:48] SpamapS: http://github.com/cloudera/flume [16:48] mathiaz: I think it lack the ability to have interediate relays/collectors as flume has [16:48] nijaba: hm - you can setup multiple relay with rsyslog [16:49] mathiaz: ok, I did not think so [16:49] nijaba: anything else comes to your mind why syslog couldn't be used for distributed logging? [16:49] So it just depends on how bad having holes in your logging is. Spooling for more than a few minutes at high volume would also be bad in many environments. [16:49] nijaba: you're raised a good point - and I'll make sure to check that [16:49] mathiaz: actually, until flume was mentioned, rsyslog was my best bet [16:50] SpamapS: why is scribe is better than flume then? [16:50] SpamapS: why is scribe is better than *rsyslog* then? [16:51] SpamapS: No, I do not have that utility installed. I can not find it either. It's not in the normal repo's I take it? [16:52] mathiaz: I can't answer either of those, because I'm not familiar enough with either option. I was speaking entirely on the traditional unix syslog protocol. [16:53] mathiaz: which, as you suggested, has no ack. [16:53] ehcah: its part of hpasm [16:53] ehcah: which you should be able to get from HP [16:53] * SpamapS wonders if HP will let us put it in multiverse [16:54] ehcah: it allows you to query your RAID's status. You have a SmartArray 6 in that, right? [16:54] SpamapS: Ok, I'll go have a look. BTW... I haven't made any changes to my Repo's but I'm getting errors. Is something down? [16:55] Yes. I have a SmartArray 6. I know the cache battery is low, but that is the only error on boot. Both drives (mirrored) are health from the green indicators on the server chassis. [16:56] ehcah: errors on install, or errors on update? [16:57] SpamapS: Update [16:57] ehcah: the cache battery being low will just disable the write cache, which shouldn't slow your boot in any way. === jj-afk is now known as jjohansen [16:57] I just create a raid 5 [16:57] mdadm --create /dev/md2 --level=5 -n 4 /dev/sda4 /dev/sdb4 /dev/sdc4 /dev/sdd4 [16:57] ehcah: maybe the disks are getting errors. You can run some tests from the console RAID utilities. [16:57] lau: well done. :) [16:58] Spamaps: The other DL battery is dead. I didn't pay for these boxes so I'm not investing in'em!! :) [16:58] but mdadm --detail /dev/md2 reports Spare Devices : 1 [16:58] and spare rebuilding /dev/sdd4 [16:58] I thought -n option was used to define *active* raid disks [16:59] how can I add the spare into the active array ? [16:59] lau: spare rebuilding, so its laying down the data on disk sdd4 [16:59] lau: pastebin /proc/mdstat [16:59] lau: or rather, can you put up /proc/mdstat on paste.ubuntu.com ? [17:00] http://paste.ubuntu.com/516332/ [17:01] ok here it says active raid5 (4 disks) [17:02] the disks are fresh new no data inside does mdadm rebuilding the 4th disk with the parity bit ? [17:02] and once done all the 4 disks will be up and active ? [17:02] does this mean that disk 4 will be dedicated to parity bit writes ? [17:05] is it safe to pvcreate /dev/md2 or should I wait the RAID 5 rebuild ? [17:07] SpamapS: I can not update anything that comes from archive.canonical.com lucid. [17:07] archive.canonical.com?! [17:07] why would you use that? [17:08] $country.archive.ubuntu.com should be far more useful. [17:08] lau: I'd wait [17:08] lau: but only because whats the rush? ;) [17:08] lau: it is "safe" in that you should not lose data.. but you will slow down the raid build and the mkfs as they'll be fighting with eachother. [17:09] ok, is it right to say that the disk 4 will be dedicated to parity bit ? [17:09] no [17:09] thats RAID3 [17:09] raid5 puts data and parity on all disks. [17:09] why only disk 4 is rebuilding ? [17:10] probably an optimization [17:10] optimization leaded by mdadm ? [17:10] more like an optimization by the MD driver. [17:11] Most likely the fastest way to build an array is to set it up like you're recovering one disk. [17:11] after initializing all the others. === unreal_ is now known as unreal [18:07] SpamapS: what do you think about RELP - http://www.rsyslog.com/doc/imrelp.html? [18:07] SpamapS: http://www.rsyslog.com/doc/relp.html [18:07] SpamapS: it seems to address the issue of non-reliable log delivery [18:07] SpamapS: and is already included in rsyslog [18:09] mathiaz: reading [18:09] funny, its quite similar to STOMP [18:10] mathiaz: Right, so it looks like a good messaging protocol. How does it fit in with rsyslog's local spooling and with multiple targets? [18:11] mathiaz: one cool thing about Scribe is that you can give it multiple target servers which will just act as relays for your message to the eventual endpoint, and its pretty quick to fail over. [18:15] hey [18:16] anybody connected to Java EE application deployment [18:17] adamk-pl: JamesPage might know something about that [18:17] JamesPage: ping [18:18] i'm a JBoss Seam developer and I would like to contribute as packager for jee related software like JBoss AS or Seam [18:19] adamk-pl: awesome! [18:19] adamk-pl: There's a developer summit coming up in a week in Orlando... you can join us virtually for some of the sessions related to java... [18:19] adamk-pl: http://summit.ubuntu.com [18:19] repeat it when my first deb is in repo [18:19] ok [18:20] sounds nice [18:24] SpamapS: IIUC Relp is another output plugin as udp and tcp [18:24] SpamapS: so it builds on top of local spooling and multiple targets [18:25] SpamapS: rsyslog also support failover [18:25] SpamapS: i will have a look on the schedules for the summit and will try to get in touch with 'ping' [18:25] SpamapS: http://wiki.rsyslog.com/index.php/FailoverSyslogServer [18:26] adamk-pl: no, not "ping" .. JamesPage .. ping is just what I'm saying to him to wake him up. ;) [18:28] hahaha [18:28] i lol myself === JKL__ is now known as JKL_ [18:36] SpamapS: http://people.canonical.com/~mathiaz/distributed_logging.svg [18:36] SpamapS: ^^ does that seem like a good distributed logging infrastructure? [18:37] SpamapS: what kind of tests should be done on this infrastructure? [18:37] SpamapS: I'd like to figure out whether rsyslog could be used to implement such an architecture [18:38] mathiaz: test is easy.. log something on an originator, verify it appears in hdfs and sql database. ;) [18:38] SpamapS: right ;) [18:39] SpamapS: what are the failure scenario? [18:39] mathiaz: graph latency and volume together [18:39] SpamapS: relay1 goes down [18:39] SpamapS: collector1 goes down [18:39] mathiaz: so for full coverage testing, you must repeat that test, while simulating a failure of each component. [18:39] mathiaz: so, log something while 1 relay is down, while 1 collector is down, and while 1 sql/hdfs node is down. [18:40] mathiaz: probably good to also make sure it works when other originators are down [18:40] The old cool technology spread suffered from failures when peers were down sometimes. Terrible. [18:40] hmm that needs some context [18:40] there was an old protocol called spread.. [18:40] that was cool [18:40] but it would sometimes freak out if peers were down [18:41] SpamapS: right - I heard of spread [18:41] SpamapS: http://www.spread.org/index.html ? [18:41] it took down our sites a few times because we were using mod_log_spread [18:41] yeah [18:41] I hear that v4 fixed all of that [18:42] but.. it still relies on multicast messaging and stuff that is hard to get right. [18:42] SpamapS: it is available in ubuntu [18:42] SpamapS: but seems unmaintained [18:42] SpamapS: and there were some licensing issues as well IIRC [18:43] SpamapS: overall I'd like to know if rsyslog could be used to build a distributed logging infrastructure that provides the same features as scribe/flume [18:43] SpamapS: that would make things easier since rsyslog is *already* packaged, in main and the default syslog daemon in ubuntu [18:45] mathiaz: If it can, then I agree. Its also way tighter than either of those, being a small well maintained C daemon. [18:45] SpamapS: what are the main features that scribe provides according to you? [18:46] mathiaz: failover, spooling, and flexibility in targets (you can say write all locally, you can send them forward to another scribe, you can also do both) [18:47] "Rsyslog has the capability to work with failover servers to prevent message loss. A perquisite is that TCP based syslog forwarding is used to sent to the central server. The reason is that with UDP there is no reliable way to detect the remote system has gone away." [18:47] so, can it also work with RELP ? [18:48] also, this is a bit confusing: "This selector processes all messages it receives (*.*). It tries to forward every message to primary-syslog.example.com (via tcp). If it can not reach that server, it tries secondary-1-syslog.example.com" [18:48] what doe "can not reach that server" mean exactly? Does it rely on TCP timeouts? does it time things out itself? [18:52] mathiaz: these are the sorts of tests that are really, really hard to get right, and even harder to repeat. [18:57] hey folks, I can't make today's meeting [19:01] SpamapS: -> #ubuntu-meeting [19:04] mathiaz: HB! :) [19:05] ivoks: HBO? [19:05] mathiaz: happy birthday, man [19:05] ivoks: ah - thanks! [19:08] hi, my eth0 was getting an ip on dhcp but now it wont work, it keeps saying no DHCPOFFERS received..... it was working just great now it wont work :/ its plugged into my router any advice? [19:09] dhcp server is working? [19:09] ya my other comptuers get connection [19:09] from the router [19:09] it keeps saying DHCP discover on eth0 to 255.255.255.255 port 67 [19:09] and what does you router says? [19:10] i dunno, my router is just a little box [19:10] did you set up firewall on that box? [19:10] not firewall on the router but on my ubuntu with the eth0 problems i installed firestarter but firestarter wont start until eth0 gets an ip [19:11] that would be an odd behaviour [19:11] try sudo iptables -L [19:11] if you see firewall rules, disable firestarter [19:12] nah just see chain input chain forward chain output [19:12] target prot opt source destination [19:12] and no rules? [19:13] did you try set up a static ip? [19:13] no just dhcp, it was gettin an ip b4 [19:13] not sure why not now [19:14] well, if all you see is dhcprequest, then requests aren't comming trough [19:14] so, set up a static ip [19:14] and see if that works [19:15] Is it going to be a problem upgrading from 8.04 LTS to 10.4 LTS if I use LILO? [19:15] I assume the upgrade will replace my boot loader with GRUB [19:16] haven't tried, but i doubt upgrade would replace your boot loader [19:16] so if it is doing dhcp requests.... that means either my router isn't responding or the dhcp requests arent getting to my router or my ubuntu is responding to the acknowledgement from the router [19:16] it won't [19:16] I don't know how exactly it'll work, but old installs that use grub1 keep grub1 [19:16] icek: just try setting up static ip [19:22] postfix is the recommended mail server yes? [19:24] JamesPage: hi! [19:24] JamesPage: is the hudson master in EC2 still useful now? [19:24] JamesPage: or can it be shutdown for the time being? [19:25] mathiaz: as no ISO's are being produced lets shut it down until its needed (we can spin it up for UDS-N if need be) [19:25] JamesPage: should I keep the data around? [19:25] cfairles: recommended MTA, yes [19:25] mathiaz: that would be a good idea - the contents of the hudson account would be good. [19:26] anyone see Command 'euca-register' returned status code 1: [19:26] [Errno 113] No route to host on UEC on ubuntu 10.10? [19:26] cfairles: but it's not a POA, so for a full mail server, you might want to look into Dovecot [19:26] cfairles: https://help.ubuntu.com/community/MailServer [19:28] RoyK, hm. POA? my googling fails me [19:28] post office agent [19:28] the sort of software that exposes email with imap or pop [19:29] I see. I just need to send email actually. [19:29] not even receive [19:29] then postfix is good [19:29] RoyK, coolbeans, thanks [19:30] mathiaz, see my query in -devel regarding preseed, i think you might know the answer. [19:31] where is /etc/init.d/inetd? [19:31] how to restart inetd? [19:31] JKL_: iirc it's in upstart, so just type "restart inetd" [19:32] * RoyK can't remember last time he used inetd [19:33] inetd <3 [19:33] sudo restart inetd [19:33] restart: Unknown job: inetd [19:35] which version of ubuntu is this? [19:36] AFAICS only xinetd is in Lucid [19:36] 10.04 server [19:36] xinetd should be used, then [19:36] i installed samba and swat and there is file /etc/inetd.conf [19:36] openbsd-inetd [19:37] what is configuration file for xinetd? [19:37] sorry - my fault - just use inetd [19:37] /etc/init.d/openbsd-inetd restart [19:37] where does that name comes from? [19:38] probably because the old inetd comes from bsd [19:38] seems to work now [19:38] thx [19:38] xinetd is configured under /etc/xinet.d [19:39] I stopped inetd but swat is still there [19:42] hey are there any good tools to use that will automatically handle my network connections? like my eth0 and eth1 to set them up? [19:42] and manage them [19:42] icek: what do you mean? [19:43] i am having a hell of a time getting my eth0 to get a dhcp ip [19:43] JKL_: perhaps it went into xinetd or even started as a separate daemon [19:43] it just keeps doing dhcpdiscover [19:43] and never gets a response [19:43] but i know my router is good [19:43] all the other computers work fine with it [19:43] icek: that should be done quite automatically - perhaps the scope is full? [19:43] scope? [19:43] the dhcp scope [19:44] number of addresses [19:44] its just a home network [19:44] lemmie check the router log thou [19:44] well, for starters, try a static ip [19:44] RoyK: yeah it did something weird. I found inetd process running without parent. i killed it and swat is gone, luckily [19:44] JKL_: k [19:45] the pool is size 90 and i only have like 5 comps [19:45] *scope [19:45] * RoyK wonders why people use things like swat and webmin^Webox in the first place when administrating boxes from the command line is so much faster [19:46] icek: ok, try to setup a static ip [19:46] i did [19:46] icek: something may be wrong with the nic or the driver or something [19:46] and that worked? [19:46] no static didnt work but checking to make sure i did it right [19:48] icek: pastebin /etc/network/interfaces [19:48] well, might be a little hard if the NIC is down :þ [19:48] any idea can I use swat without enabling password for root? [19:49] JKL_: I'd guess asking on #samba might give a better answer - I don't know anyone in here using swat [19:50] ok, i better try my luck there [19:50] Royk my networking restart yields RTNETLINK answers: No Such process [19:50] but my RTNETLINK card was just workin a bit ago [19:51] which driver are you using? [19:51] default [19:51] rtnetlink is eth1 anyway but i set static on eth0 and it still dont work :/ [19:51] iirc there are at least two drivers for the realtek card [19:51] icek: do you have two NICs? [19:52] ya [19:52] eth0 and eth1 [19:52] and heres my eth0 snippet http://pastebin.com/8y79pK70 [19:52] im setting up a router box [19:52] i already got dhcpd runnin [19:52] on eth1 [19:52] just need eth0 to get internet so i can share it over [19:52] check the mac address from ifconfig -a and compare that with what's in /etc/udev/rules.d/70-persistent-net.rules [19:54] by mac do you mean attr address [19:54] same thing? [19:55] they are all good, match [19:55] ok [19:55] is one of the NICs online? [19:55] neither have internet, my eth1 has a static ip [19:55] well so does my eth0 now [19:56] so eth1 is online [19:56] i suppose technically [19:56] eth0 wants an IP from the router or the ISP? [19:56] have you tried swapping cables between them? [19:56] well its going to want it from the isp but for now i am testing it on my local network [19:56] what becomes eth0/1 isn't really fixed somewhere === _TechAway_ is now known as _Techie_ [20:00] maybe i should try stopping the dhcpd? [20:02] might be a good idea if you want a static ip...... [20:02] try unplugging what you beleive is eth0 [20:02] run dmesg to see the kernel log [20:02] that'll show you which one was unplugged (if the driver supports that) [20:07] when it says DHCPDISCOVER on th0 no dhcpoffers recieved no working leases in persistent database - sleeping [20:07] does that just mean it didnt get a resposne from the dhcp server? [20:08] how do i ensure that dhcpd isnt running? [20:09] hi all [20:09] I have qustion on console [20:09] can I see what type in main console from other ssh ? [20:11] New bug: #663455 in openssh (main) "Incorrect text found in openssh-client/auth-file.c:542" [Undecided,New] https://launchpad.net/bugs/663455 [20:11] What does it mean when i do ifconfig and it says eth0:avahi [20:12] icek: that is your primary adapter connected through cat5. [20:13] is that a problem? [20:13] my eth0 wont work [20:13] :? [20:13] icek: did you check the cabling? [20:13] like a bad cable? [20:13] lemmie get another one to see [20:13] icek: how is it not working? [20:13] does eth1 work? [20:13] icek: did you check what I just ask you to check? === Barre_ is now known as Barre [20:14] ya [20:15] so you know which is which? [20:15] if so - does either eth0 or eth1 work? [20:15] no [20:15] i tried both dhcp and static [20:15] :? [20:15] and when you unplugged one cable, did you see that in dmesg? [20:16] royk i unplugged eth0 and dmesg says eth0: no ipv6 routers present [20:17] dmesg -c [20:17] I... I just upgraded my entire distro and rebooted and nothing broke [20:17] then replug the cable [20:17] How is this even possible [20:17] Bilge: ubuntu :) [20:17] icek: then run dmesg again [20:17] ya royk [20:17] works [20:17] Even my crypted filesystem and associated scripts are unaffected [20:17] eth0 [20:17] down up [20:17] up down [20:17] etc [20:17] :) [20:17] ok [20:17] so now i know which is eth0 [20:18] the one i suspected [20:18] which driver are you using? [20:18] i got a brand new ethernet cable [20:18] as well [20:18] no, which driver - rtl8139? [20:18] r8169 [20:19] eth1 is the realtek card [20:19] i unplugged eth1 for now [20:19] eth0 is onboard [20:19] first hit on google for r8169 http://adam.rosi-kessel.org/weblog/2008/06/21/a-much-simpler-fix-for-the-r8169-link-down-problem === tschundeee_ is now known as tschundeee [20:23] royk is this implying that this card has aproblem with getting connection consistently? === SWAT__ is now known as SWAT [20:24] I'd say it more implies that there is a driver issue, but I may be wrong [20:25] to be frank, I don't know if autoneg happens on the card or in the driver [20:26] i install ubuntu server 10.10 and has mysql-server 5.1.49 and i want to downgrade to lucid mysql-server 10.04 that is posible ... if posible an util how too. thx [20:27] i install ubuntu server 10.10 and has mysql-server 5.1.49 and i want to downgrade to lucid 10.04 mysql-server 5.1.41 that is posible ... if posible an util how too. thx [20:27] hhlp: if the box is freshly installed, I'd recommend reinstalling it with lucid [20:27] if the hardware is supported etc [20:28] Royk .. is not a fresh install is an upgrade [20:29] out of interest - why did you upgrade? [20:30] all the system and i only want to donwgrade mysql [20:30] * RoyK reminds hhlp that 10.04 is an LTS release, meaning it's fully supported until March 2015 [20:32] when generating a public/private key with RSA, is there any good reason why one shouldn't use really high key bit sizes (like 8192 or even higher)? (taking too much CPU time doesn't count as a good reason here) [20:36] coafcv: only if you're paranoid [20:37] but then, a wee bit of paranoia is usually a good thing for a sysadmin [20:37] it takes only 2-3 seconds to log in with them, so I guess the paranoia doesn't come at a high cost. [20:39] the public/private key pair is only used for encrypting symmetrical keys, so it shouldn't matter too much [20:39] hey royk, i have ethtools downloaded to a thumbdrive extracted onto my ubuntu [20:39] do i have to compile this? [20:39] before i install it? [20:39] RoyK: okay thanks [20:39] i am not too familiar with command line install besides apt-get [20:40] if this is a server, I'd suggest you use 10.04 instead of 10.10 if it's not too much of a problem reinstalling [20:40] y? [20:40] 10.10 will be supported in 18 months, as compered to 5 years for 10.04 [20:40] erm [20:40] wrong guy [20:41] :) [20:41] I was thinking of what hhlp was saying [20:41] but then, he left [20:42] icek: iirc ethtool should be on the cd, so you should be able to apt-get install it [20:42] it's only paranoid until you need it [20:43] if you can afford the CPU time, no reason not to [20:43] qman__: indeed [20:43] qman__: agreed [20:43] it doesnt seem to auto check the media devices [20:43] icek: download the .deb file and dpkg -i it [20:45] dpkg -i somefile.deb will install it like apt-get does [20:45] yeah, compiling from source should be a last resort [20:45] building from source will mess things up a bit [20:47] that was easy [20:47] ^^ [20:47] icek: Error: "^" is not a valid command. [20:48] … [20:48] ^kick uvirtbot [20:48] RoyK: Error: You don't have the #ubuntu-server,op capability. If you think that you should have this capability, be sure that you are identified before trying again. The 'whoami' command can tell you if you're identified. [20:48] :) [20:48] not sure whose bright idea it was to make ^ a command character [20:48] just ignore it [20:59] royk that ethtool tutorial doesnt seem to do anythin [21:00] man ethtool? [21:00] i tried this http://adam.rosi-kessel.org/weblog/2008/06/21/a-much-simpler-fix-for-the-r8169-link-down-problem [21:01] ethtool -s eth0 speed 100 duplex half autoneg off [21:01] try that, then try to set an ip address manually with ifconfig [21:02] how do you want my interfaces to look? auto eth0 iface eth0 inet dhcp? [21:02] or with the thingie in the tutorial [21:02] icek: that doesn't matter if you configure the interface manually [21:02] it won't last over a reboot, but it will show you if it works [21:02] I thought init.d was replaced in 10.4; after just upgrading from 8.04 I can still use it to restart services, but is there a better way? [21:03] Bilge: some stuff has been moved to upstart, but not all, and there are still lots of scripts in init.d for backwards compatibility [21:03] ok so after i do ethtool -s eth0 speed 100 duplex half autoneg off what do you want me to do royk [21:04] ifconfig eth0 1.2.3.4/24 [21:04] for instance [21:04] But stuff still in init.d does not get started at system boot does it? [21:04] symlink it to rc2.d [21:04] what is /24? [21:04] CIDR [21:04] same as 255.255.255.0 [21:04] 24 bits [21:05] so like ifconfig eth0 192.168.2.18/24 for instance? [21:05] yes [21:05] if your netmask is 24 bits, which I guess it is [21:06] ok royk anything else? [21:06] or test it? [21:06] restart networking? [21:06] just try to ping the box [21:06] don't restart networking [21:06] that'll reset what you just did [21:07] from another computer i did: PING 192.168.2.18 (192.168.2.18): 56 data bytes Request timeout for icmp_seq 0 [21:07] what's this computer's ip address? [21:07] 192.168.2.3 [21:08] and the nic you just configured is on that network? [21:08] eth0 [21:08] ya plugged into the same router [21:08] same side of the router? a switch? [21:09] well its a router/wireless access point al in one, the ubuntu server i plugged into the router directly and i am on this laptop (192.168.2.3) wireless [21:09] try to plug the laptop in there as well using a cable, just to be sure [21:11] ttx, ping [21:11] New bug: #663481 in mysql-5.1 (main) "JDBC: statement.setBinaryStream fails iff mysql logging is disabled" [Undecided,New] https://launchpad.net/bugs/663481 [21:11] smoser: pong [21:11] i was talking with stgraber [21:12] icek: btw, what is the mac address reported by ifconfig on that card? [21:12] he'd like https://blueprints.launchpad.net/ubuntu/+spec/cloud-server-n-desktop-images scheduled sometime after tuesday's plenary [21:12] as he is going to be demoing the edubuntu, and that will likely drive interest [21:12] royk by mac you mean hwaddr? [21:12] yes [21:12] so can you plan that for wed or so ? ttx [21:12] 70:71:bc:18:2e:ed [21:13] JamesPage: hi - I'd recommend to not set bp to drafting stage [21:13] smoser: can you mention that on the blueprint itself ? [21:13] JamesPage: as they may not be scheduled for UDS [21:13] smoser: I'll place it but atht could serve as a reminder if I move it [21:13] JamesPage: I'd suggest to leave the definition to New [21:14] yeah. [21:14] in whiteboard, ttx ? [21:14] or summary ? [21:14] icek: erm - a PEGATRON card that seems to be [21:14] never heard of it [21:15] lol [21:15] weird [21:15] smoser: whiteboard [21:15] its on wed afternoon right now [21:16] ttx, thanks. stgraber ^^ [21:16] *** Please Schedule after Tuesday Plenary *** [21:16] *** On Wednesday or so so people have time to *** [21:16] *** react to the outstanding edubuntu demo *** [21:16] icek: out of curiosity - if you rmmod that driver and try to load rtl8139 - does it load? [21:16] (added that to whiteboard) [21:17] how do i do that [21:17] icek: rmmod rt8139 [21:17] and Royk, this annoys me because i just had backtrack 4 installed on here and eth0 worked perfect! [21:17] icek: modproble 8139too [21:17] or 8139cp [21:18] module rt8139 does not exist in /proc/modules [21:18] lsmod | grep 81 [21:18] or even - pastebin the whole of lsmod [21:19] smoser: cool [21:21] lsmod: http://pastebin.com/TymqBxRV [21:21] royk [21:22] r8169 [21:22] try to rmmod that and see if any of the 8139 modules work [21:23] ok [21:23] i did rmmod r8169 [21:23] what you want me to do now [21:23] insmod 8139cp [21:23] insmod 8139too [21:23] one of those [21:23] dunno if the chipsets are compatible, though [21:24] if not, let's debug the 8169 [21:25] insmod 8239cp can't read 8139cp no such file or dir [21:25] 82? [21:25] or 81? [21:25] insmod 8239cp does the same [21:25] cant read [21:25] erm - sorry - not insmod - modprobe [21:26] insmod requires the full path [21:26] ok royk [21:26] seemed to work [21:26] with modprobe [21:26] and it's 8139, not 8239 [21:26] ifconfig -a [21:26] does that show your nic? [21:27] 8139 [21:27] just says lo [21:27] ok,rmmod that again [21:27] try the other [21:27] rmmod 8139? [21:28] just 8139? [21:28] ryok [21:28] ? [21:28] it should be 8139too or 8139cp [21:28] ohhh [21:28] ok got that [21:28] what do you want me to try now [21:29] you don't want both of them loaded [21:29] or you can't [21:29] OH [21:29] :D [21:29] i did both [21:29] are cp and too different? [21:29] heh [21:29] i thought they were the same one [21:30] nope, different drivers to the same or almost same chipset [21:30] neither seem to work [21:30] ok [21:30] go back to r8169, then [21:30] rmmod the other 8xx9 drivers [21:31] modprobe r8169 [21:31] ifconfig -a [21:31] then ifconfig eth0 x.x.x.x/24; ifconfig eth0 up [21:31] try to ping it [21:32] perhaps try 'ethtool -s eth0 speed 100 duplex half autoneg off' before upping the nic [21:36] ping wont work [21:36] it can ping itself but thats it [21:36] :D [21:36] even after ethtool and so on? [21:36] ya [21:36] can you doublecheck the cables? [21:37] indeed [21:38] one sec [21:38] ∞ [21:44] do I need to set up a Samba PDC in order to make Samba user auth via ldap when reading or writing to a Samba share ? [21:44] ∞ sec seems a long time to wait..... [21:44] lau: no [21:44] lau: but for better info on samba, try #wamba [21:57] Help me with folowing error "ubuntu-extras-keyring is not configured yet" on a newly updated 10.04 --> 10.10 [21:58] etting up ubuntu-keyring (2010.+09.30) ... [21:58] gpg: [don't know]: invalid packet (ctb=2e) [21:58] gpg: keydb_get_keyblock failed: eof [21:58] Realy need help with this, the machine runs fine. But cant install anything at all. [22:01] JamesPage1: http://nexus.sonatype.org/ [22:01] JamesPage1: could ^^ this help manage maven dependencies? [22:01] SpamapS: ^^? [22:10] mathiaz: "Nexus greatly simplifies the maintenance of your own internal repositories and access to external repositories." interesting! [22:11] mathiaz: terrible name though. Calling a repository "Nexus" is like calling a car "Auto". [22:12] mathiaz: I love the idea of being able to have a limited maven repository for builds, where only supported/tested versions are made visible. [22:18] hello, I have a weird question. on my file serv I'm getting an error that specifies that files with a path that has more that 218 characters cannot be saved but other files with 235 characters have been saved to the exact same folder in the past... is there a way to fix this? Not sure why it would add some files and be an exeption to the rul and others not so much [22:20] oops... is this a question for this room or samba? I just realized there's a samba room but if someone here could help that would be awesome. I don't want to cross post unless necessary [22:47] Hey, is there anybody from the ubuntu-server LP team that can subscribe ubuntu-server to 'cheetah' for bugs? seeing as cloud-init depends on it, we should definitely add it to our triage list. [22:47] err.. anybody with admin access I mean. [23:08] Hi, I have setup syslogd on hardy i386 (older server) for remote logging from a pfSense firewall, and everything works except logging to a separate file. [23:08] I placed "pfg.* -/var/log/pfsense.log" (without quotes) in /etc/syslog.conf, created the file /var/log/pfsense.log, chown'ed to syslog:adm, chmod'ed 640, restarted sysklogd, and /var/log/pfsense.log still has 0 bytes. [23:08] /var/log/syslog is confirmed as receiving and recording the entries. What do I need to do at this point? I've tried everything I know to do and still coming up empty handed. [23:16] New bug: #663564 in ipvsadm (main) "Don't report persistentconns as activeconns" [Undecided,New] https://launchpad.net/bugs/663564 [23:21] hey anyone around? [23:34] attention_chaud: I would guess the correct way is to ask a question about something, not merely if someone's around [23:34] sorry RoyK I had asked earlier and didn't see any activity so I was just testing the waters [23:34] hello, I have a weird question. on my file serv I'm getting an error that specifies that files with a path that has more that 218 characters cannot be saved but other files with 235 characters have been saved to the exact same folder in the past... is there a way to fix this? Not sure why it would add some files and be an exeption to the rul and others not so much [23:34] there is no motivation for anyone to respond unless they have an answer to your question, so just ask away and we will try to help [23:35] first, why do you need files that have names that long [23:35] sorry I wasn't trying to be a jerk. [23:35] attention_chaud: first, is this utf8 filenames? [23:36] RoyK, you were second, stop stealing my thunder [23:36] and so, is this samba or something? [23:36] eriksson25: heh - just trying to help [23:36] demonspork: that one was for you [23:36] demonspork: it's the file structure that the department came up with not me [23:36] attention_chaud: samba? [23:37] yes it's a samba share. I'm not sure if it's utf-8 how would I find that info out? I kinda fail. [23:37] attention_chaud: if the characters in the file or directory name includes non-ASCII stuff, it'll be utf8 [23:38] if so, one character may take up several bytes, and samba may have a limit of 255 [23:38] like () in the file name and such? [23:38] not (), but non-english characters [23:39] oh hm let me check with an accent or something i know it doesn't allow for < > etc [23:39] æðøþåè [23:39] etc [23:40] http://lists.samba.org/archive/samba-technical/1999-February/003602.html [23:40] oh [23:40] that was old [23:40] Royk, what do you mean? [23:41] eriksson25: I meant to say that to attention_chaud [23:41] Ohh I see, =( got my hopes up, realy strugeling with this stipid thing. === bastidrazor is now known as bastid_raZor [23:49] RoyK: yes it must be utf 8 I was able to save it in ubuntu with a french accent [23:52] hmm so that's weird. why would it allow for files to prevously be saved with 230+ characters and now revert to 218? is there a way to correct this so it's consistent? I get the 218 character limit \error in windows [23:52] hey, i set up a router ubuntu-server i used dhcpd and firestarter but now i want to use cacti to do cool analysis and graphs to watch my network.... how do i do this? just install cacti? [23:52] oh sorry I just saw your link [23:55] royk