| LyonJT | Heyyy | 00:05 |
|---|---|---|
| LyonJT | Does anyone know how to lock a user to there home directory so they can't get access to anywhere else in the filesystem? | 00:05 |
| aegis | LyonJT: This might help: http://ubuntuforums.org/showthread.php?t=1576385 | 00:09 |
| LyonJT | aegis: thanks buddy | 00:10 |
| aegis | LyonJT: No problem... you might want to check out "chrootpath" under this as well: http://manpages.ubuntu.com/manpages/lucid/man5/rssh.conf.5.html | 00:14 |
| tarnfeld | Hey | 00:24 |
| tarnfeld | I'm running Ubuntu 10.04 Server and I wanted to lock a user to stop them reading/writing to anything outside of their user directory via SSH or FTP - Whats the best way to do this? | 00:25 |
| k5673 | tarnfield:Do you tried using chroot jais? | 00:48 |
| k5673 | http://www.cyberciti.biz/tips/rhel-centos-linux-install-configure-rssh-shell.html | 00:48 |
| === _TechAway_ is now known as _Techie_ | ||
| qman__ | suggest against following a redhat guide on ubuntu | 01:19 |
| qman__ | especially if you're not familiar with the differences between them | 01:19 |
| garymc | Hi anyone know how to add php_pdf extension in ubuntu server? | 01:24 |
| garymc | my php programmer asked me to add this extension to my server | 01:24 |
| qman__ | garymc, might you be looking for the package 'php-fpdf'? | 01:33 |
| garymc | I dont know? | 01:33 |
| garymc | he asked me to enable or install php_pdf extension | 01:34 |
| qman__ | might be a php-pear extension, too | 01:34 |
| dku | How could I restrict access to a certain IP/port combination to only a certain user? | 02:10 |
| thedoble | Hi folks - im new to linux servers and am following the ubuntu server guide - my question is, if i set up a basic server with samba file sharing and postfix/dovecot email, is there any work needed when it comes to user management | 02:25 |
| thedoble | id I set up a user account on the server does that then automatically create an email account and a samba account? | 02:26 |
| thedoble | if * | 02:26 |
| qman__ | thedoble, the default postfix+dovecot creates a mailbox for each system user | 02:27 |
| qman__ | samba uses a combination of configured share permissions and the filesystem permissions | 02:27 |
| qman__ | though you do need to run smbpasswd for each user | 02:28 |
| thedoble | I see, what if i wanted to add 20 users in bulk? is there a way of automating that process? | 02:28 |
| patdk-lap | there is a way to automate anything :) | 02:29 |
| mcarse | Can someone help me? Postgrey is seg faulting since I upgraded a server to 10.04. | 02:30 |
| mcarse | It happens as soon as I try to start postgrey | 02:30 |
| mcarse | Any help would be appriciated. | 02:31 |
| ScottK | If mcarse comes back, it's probably worth pointing out that postgrey is a Perl script so any segfaulting is probably something else and not postgrey directly. | 02:59 |
| === _Techie_ is now known as _TechAway_ | ||
| === _TechAway_ is now known as _Techie_ | ||
| git__ | how do I create a private cloud ??? | 05:54 |
| AlanMeta | Hi all, trying to start bind9, and its failing. How do I find out where its failing? | 05:54 |
| AlanMeta | this is on 9.04 server | 05:57 |
| ScottK | AlanMeta: Not specific to your question, but 9.04 is just about out of it's support window (a matter of days). You should consider upgrading soon. | 06:00 |
| * Datz wonders when the first ubuntu-server version came out. | 06:01 | |
| AlanMeta | yes I am upgrading it now, seeing if that will help | 06:01 |
| Datz | ah, 9.10 I see | 06:03 |
| Datz | er I mean 9.04 | 06:04 |
| AlanMeta | was surprised that bind9 didn't say what the issue was, just that it failed | 06:06 |
| Datz | I wonder how many people are running 9.04 | 06:09 |
| AlanMeta | when you ssh to do an upgrade, what port is the alternate ssh port it starts? | 06:10 |
| _Techie_ | Datz, actually, server dates back to 6.06 | 06:18 |
| _Techie_ | and alot of people are still running 9.04 | 06:18 |
| qman__ | yes, server started with 6.06 and has been in every release since | 06:19 |
| AlanMeta | interesting... I managed to take out the server my vps is on | 06:20 |
| Datz | _Techie_: ah, ok.. I was just reading something about an 8.04 server version which confused me | 06:21 |
| Datz | this article started my confusion http://www.ubuntu.com/news/ubuntu-9.04-server | 06:24 |
| Datz | I thought it strange to not start a realse with an LTS | 06:24 |
| * Datz started using ubuntu with 7.10 | 06:26 | |
| qman__ | I played with 5.04 a bit but didn't start using it seriously until 5.10 | 06:27 |
| AlanMeta | is there a tool I can use on Ubuntu Desktop that will help make configuring Ubuntu Server easier? | 06:28 |
| qman__ | in short, no | 06:28 |
| AlanMeta | so in long, its yes or maybe? | 06:28 |
| qman__ | you can use things like gnome-terminal and gedit instead of a TTY and vim | 06:28 |
| qman__ | but it still comes down to editing configuration files and running commands | 06:29 |
| AlanMeta | oh ok. I was thinking since Ubuntu makes the desktop version so "Windows-like" that they would have a tool to make configuring the server easy | 06:29 |
| qman__ | Ubuntu is anything but "Windows-like" | 06:30 |
| qman__ | it is easy to use | 06:30 |
| AlanMeta | the desktop installs very easily and configures itself | 06:30 |
| AlanMeta | for the most part | 06:30 |
| qman__ | with premade packages and tools like tasksel, so does ubuntu server | 06:30 |
| AlanMeta | oh ok | 06:31 |
| qman__ | they're just menus on a console instead of point and click | 06:32 |
| qman__ | saves resources and reduces the attack surface | 06:32 |
| qman__ | many tasks couldn't be easier | 06:32 |
| qman__ | installing a web server is a single checkbox during setup | 06:32 |
| qman__ | granted there's a long way to go with things like directory services | 06:33 |
| qman__ | there's a reason ubuntu is my distribution of choice, it makes my life easy | 06:33 |
| qman__ | but anybody who claims windows is "easier" than linux has never had to fix a corrupted active directory installation | 06:35 |
| AlanMeta | Yeah I was using CentOS, but even though cPanel made it easy in some ways, it kept getting in my way in other ways | 06:35 |
| osmosis | strange how the interfaces on a kvm guest disappear sometimes and dont exist in the stats counter. | 07:30 |
| extor | Is there any way I can enable aggressice write caching in linux, the same way one can now enable it in windows 7...what I want is for the kernel to only write flush once in a blue moon to minimize write lag | 07:30 |
| osmosis | for libvirt | 07:30 |
| AlanMeta | it seems my VPS doesn't like upgrading the Ubuntu :-( | 07:32 |
| qman__ | extor, linux (and ubuntu) already do this by default | 07:40 |
| qman__ | and have for years | 07:41 |
| extor | qman__, I want to increase the time the data is held then | 07:42 |
| qman__ | extor, I suggest against it, but if you must, this should help explain http://www.cyberciti.biz/faq/linux-kernel-tuning-virtual-memory-subsystem/ | 07:48 |
| MTecknology | JEBUZ! $20/mo for a static IP!!! | 07:48 |
| extor | qman__, what about this? http://www.westnet.com/~gsmith/content/linux-pdflush.htm | 07:48 |
| qman__ | that's a good explanation too | 07:49 |
| === Pilif12p is now known as Pilif12p|afk | ||
| JKL_ | Hi. I am trying to virtualize with kvmbuilder. Does this xml look correct: http://ubuntuforums.org/showpost.php?p=10018470&postcount=7 ? | 08:36 |
| AlanMeta | on Ubuntu 9.04 is it better to use webmin or eBox? | 08:57 |
| AlanMeta | anyone still here? | 09:22 |
| === AStorm is now known as AstralStorm | ||
| === _Techie_ is now known as _TechAway_ | ||
| vraa | hi has anyone used munin? | 10:09 |
| KB1JWQ | !ask | vraa | 10:10 |
| ubottu | vraa: Please don't ask to ask a question, simply ask the question (all on ONE line and in the channel, so that others can read and follow it easily). If anyone knows the answer they will most likely reply. :-) | 10:10 |
| vraa | oh i see - well i think i might've messed up somewhere, i setup munin.conf and munin-node.conf and i got the graphs and html generated, but the graphs all show nan, even after waiting 30 minutes for updates | 10:11 |
| KB1JWQ | vraa: You have a cron process or a daemon that fetches stats? :-) | 10:13 |
| vraa | i am not exactly sure - but i think it's a cron process that gets setup after "apt-get install munin munin-node" | 10:13 |
| KB1JWQ | vraa: Welp, is it there? | 10:14 |
| KB1JWQ | :-) | 10:14 |
| vraa | how do i double check? because i do see munin-node as a process running too | 10:14 |
| === _Techie_ is now known as _TechAway_ | ||
| extor | Has this atime, relatime "patch" by Linus Torvalds improved disk i/o in busy linux servers much? Is this discussion and the points it raises still valid or should an admin just leave disk i/o on busy xen servers on autopilot? http://kerneltrap.org/node/14148 | 11:31 |
| === sl[A]cker is now known as realSlacker | ||
| === realSlacker is now known as sl[A]cker | ||
| RoyK | extor: turning off atime or using relatime will probably help the best if the server handles a large amount of files | 11:44 |
| extor | atime and relatime dont affect raw pseudo block devices do they | 11:44 |
| extor | like LVM disk images for Xen VPSes | 11:45 |
| ikonia | extor: stop | 11:45 |
| RoyK | ikonia: ? | 11:46 |
| ikonia | RoyK: this guy is spamming every channel with this link | 11:47 |
| RoyK | ikonia: hehe | 11:47 |
| RoyK | ikonia: what link? I only see that pasted here | 11:48 |
| ikonia | it's in multiple channel | 11:48 |
| RoyK | k | 11:49 |
| extor | Anyone know what version of xen hypervisor and xen kernel ubuntu server comes with? | 11:50 |
| RoyK | ubuntu doesn't come with xen | 11:52 |
| ikonia | extor: the kernel version is the same as the desktop | 11:53 |
| extor | hrmm so is there any difference at all between ubuntu server and ubuntu desktop? | 11:53 |
| ikonia | yes, | 11:54 |
| ikonia | it's configuration is aimed at enterprise hardware, that sort of thing, not desktop functionality, such as nvidia kernel modules | 11:54 |
| lieuwe | hey, i'm trying to get samba to work on my server, but when i try to acces it using windows it keeps rejecting my pw, any idea whats wrong? | 11:55 |
| RoyK | ikonia: and ubuntu server doesn't come with X by default | 11:56 |
| RoyK | lieuwe: lots of things can be wrong :) | 11:56 |
| lieuwe | RoyK: :P | 11:56 |
| RoyK | lieuwe: using local users or a domain? | 11:56 |
| ikonia | RoyK: thats nothing to do with the kernel though | 11:56 |
| extor | I might want to install some X functionality to remotely run tools like virt-manager over ssh | 11:56 |
| lieuwe | RoyK: wut? following http://ubuntuforums.org/showthread.php?t=202605 | 11:56 |
| RoyK | ikonia: you tell me... | 11:56 |
| ikonia | its' not | 11:57 |
| * RoyK shrugs | 11:57 | |
| RoyK | X in kernel - that would be nice :D | 11:57 |
| RoyK | add gnome there too | 11:57 |
| RoyK | whee | 11:57 |
| RoyK | lieuwe: then no domain | 11:58 |
| lieuwe | RoyK: hm | 11:58 |
| lieuwe | RoyK: any idea what part i messed up? | 11:59 |
| RoyK | lieuwe: from the commandline, run pastebinit /etc/samba/smb.conf | 11:59 |
| lieuwe | RoyK: need to apt-get pastebinit first, hold on | 12:00 |
| lieuwe | RoyK: http://pastebin.com/gMF6pCdB | 12:01 |
| RoyK | the 'force' thing shouldn't be needed | 12:02 |
| lieuwe | RoyK: okay, lemme remove that | 12:02 |
| RoyK | also, if you just want to do peer-to-peer sharing, you possibly want to disable all of authentication | 12:03 |
| lieuwe | RoyK: yeah | 12:03 |
| lieuwe | RoyK: that would be nice :P | 12:03 |
| RoyK | security = share | 12:03 |
| lieuwe | RoyK: where? | 12:04 |
| lieuwe | RoyK: done | 12:04 |
| RoyK | you have security = user in your config | 12:04 |
| lieuwe | RoyK: yeah | 12:04 |
| RoyK | ok, restart samba | 12:04 |
| RoyK | try again | 12:04 |
| lieuwe | RoyK: how? the tut mentions some commands for that, but they fail | 12:04 |
| RoyK | /etc/init.d/smbd restart | 12:05 |
| lieuwe | RoyK: it asks for a password, leave empty? | 12:06 |
| RoyK | it shouldn't | 12:06 |
| lieuwe | RoyK: it does | 12:06 |
| RoyK | set guest ok = yes | 12:07 |
| RoyK | in the share | 12:07 |
| lieuwe | RoyK: in the [files] section? | 12:07 |
| RoyK | yes | 12:07 |
| RoyK | note - that's the name of the share | 12:07 |
| RoyK | btw, what have you stored under /media/samba? a disk mounted there or something? | 12:08 |
| lieuwe | RoyK: media/samba? wheres that? that should be /home/samba | 12:08 |
| RoyK | I'm just reading from your config :) | 12:08 |
| lieuwe | RoyK: its working! | 12:09 |
| RoyK | :) | 12:09 |
| lieuwe | RoyK: thanks :P | 12:09 |
| RoyK | np | 12:09 |
| lieuwe | RoyK: now, is it possible to have another folder shared like that? | 12:10 |
| RoyK | sure | 12:10 |
| RoyK | add [new_share] | 12:10 |
| RoyK | like [files] | 12:10 |
| lieuwe | RoyK: okay, thanks | 12:11 |
| lieuwe | oh, fck | 12:11 |
| lieuwe | RoyK: any idea where the www folder is by default? :P | 12:12 |
| RoyK | lionel: /var/www | 12:30 |
| lieuwe | is it possible to set up an automated download service on my server? e.g. for overnight downloads? | 12:33 |
| lieuwe | i'm already running lamp and samba on it | 12:33 |
| RoyK | that shouldn't be a problem | 12:34 |
| lieuwe | the problem is how? | 12:34 |
| RoyK | well, depends what you want to download, what protocol, ftp? http? torrent? | 12:35 |
| lieuwe | RoyK: at least torrent, prefferably http and ftp too | 12:35 |
| RoyK | well, it's a simple matter of scripting :) | 12:35 |
| lieuwe | "simple" | 12:35 |
| lieuwe | isn't there some prebuilt program for this? | 12:36 |
| RoyK | for torrent, there are several web-based ones you can install on the server | 12:36 |
| lieuwe | won't that have a conflict with lamp? | 12:36 |
| RoyK | it'll integrate into lamp | 12:36 |
| lieuwe | ah | 12:36 |
| lieuwe | hmm | 12:36 |
| lieuwe | but then i'd need to have a different system for http/ftp | 12:37 |
| JKL_ | is there any possibility to be invited to #ubuntu-virt? I have had tried to create virtual machine with vmbuilder now over month without success. | 12:37 |
| RoyK | lieuwe: yes, or you can simply start a download manually with wget | 12:38 |
| lieuwe | RoyK: :P i know that, but i'm not the only one which is going to use it | 12:38 |
| RoyK | JKL_: virt-manager? | 12:38 |
| lieuwe | RoyK: in total four people need to work with it, one doesnt know linux, two barely know windows :P | 12:38 |
| RoyK | I'm sure someone has created that :P | 12:39 |
| RoyK | JKL_: virt-manager simplifies things a bit | 12:39 |
| JKL_ | i would like to not install ui | 12:40 |
| JKL_ | gui | 12:40 |
| RoyK | JKL_: just use remote X | 12:40 |
| JKL_ | do i have to if i use virt-manager? | 12:41 |
| RoyK | or run virt-manager from your pc | 12:41 |
| JKL_ | i dont have to install x to the server at all? | 12:41 |
| RoyK | JKL_: it'll only install the x libs | 12:41 |
| JKL_ | ok thx | 12:41 |
| JKL_ | maybe that is what i have to do :) | 12:41 |
| RoyK | JKL_: or - if you have a pc running linux, you can run it from there | 12:42 |
| JKL_ | ssh -X should work? | 12:42 |
| JKL_ | you mean that i can install virt-manager to another machine than my server? | 12:42 |
| RoyK | yes | 12:43 |
| RoyK | but I have never set that up - I don't know how it works with authentication etc | 12:44 |
| RoyK | I just use remote X | 12:44 |
| RoyK | and -X should be on by default | 12:44 |
| RoyK | try to ssh into the box and run something like xeyes | 12:44 |
| RoyK | lieuwe: rtgui might be worth a try | 12:45 |
| lieuwe | RoyK: kay, | 12:45 |
| lieuwe | RoyK: hmeh | 12:45 |
| JKL_ | thanks RoyK for your time. i start to get familiar with virt-manager :) | 12:46 |
| === aliverius_ is now known as aliverius | ||
| RoyK | ehlo | 14:19 |
| JKL_ | cannot parse QEMU version number in '' | 14:53 |
| JKL_ | argh :) | 14:53 |
| RoyK | perhaps you have messed up the config? | 15:01 |
| RoyK | virt-manager should work well from the standard config | 15:01 |
| === SasaGloc is now known as SasaGloc_afk | ||
| * SasaGloc_afk is away: Gone away for now | 15:04 | |
| JKL_ | RoyK: but I have a strong feeling that I have not changed anything | 15:04 |
| JKL_ | I also have doubts that might it need a hardware graphic card for some reason. that is something that my server does not have | 15:05 |
| RoyK | why would you need that? | 15:06 |
| RoyK | JKL_: you do _not_ need a graphics card to run remote X | 15:08 |
| JKL_ | i just wondered if libvirt have some weird dependencies for a graphic card | 15:11 |
| RoyK | JKL_: it doesn't | 15:12 |
| RoyK | JKL_: on my primary (private) server, I have a few VMs running, and managing them with virt-manager | 15:12 |
| JKL_ | maybe i purge all packages and try again? | 15:12 |
| RoyK | yeah, try that | 15:12 |
| JKL_ | what might be the "parent" package? | 15:12 |
| RoyK | make sure to remove the config files after the purge - even --purge may leave some stuff | 15:13 |
| RoyK | parent of what? | 15:13 |
| JKL_ | all virtualization | 15:13 |
| JKL_ | i dont know exactly what packages i have to purge | 15:13 |
| RoyK | kvm, i guess | 15:13 |
| JKL_ | sounds a good guess | 15:14 |
| RoyK | unless you're trying to use xen, which is _not_ a good idea on current ubuntu | 15:14 |
| JKL_ | kvm is what i try to use | 15:14 |
| JKL_ | removing kvm didnt remove anything else | 15:14 |
| RoyK | perhaps qemu too | 15:14 |
| RoyK | kvm uses that | 15:15 |
| RoyK | or qemu uses kvm | 15:15 |
| JKL_ | no i have only removed kvm and qemu | 15:15 |
| RoyK | remove libvirt as well | 15:16 |
| RoyK | apt-get remove --purge | 15:16 |
| JKL_ | yeah libvirt0 removed loads of stuff | 15:18 |
| JKL_ | no I install virt-manager again | 15:19 |
| JKL_ | didnt help | 15:20 |
| === Pilif12p|afk is now known as Pilif12p | ||
| RoyK | JKL_: can you possibly reinstall the box? | 15:24 |
| RoyK | sometimes that saves time | 15:24 |
| RoyK | but then - if you have a truckload of other services on it, maybe not | 15:25 |
| JKL_ | installing a box is one option. it just rips my heart when i have to move my only graphic card around :) | 15:33 |
| RoyK | don't you have a null modem cable? | 15:36 |
| JKL_ | RoyK: what would I do with null modem cable? | 15:38 |
| RoyK | IIRC ubuntu can be installed using a serial console | 15:39 |
| RoyK | thus, no need for a display adapter | 15:40 |
| * SpamapS is seated in LAX next to somebody wearing a maverick t-shirt.. but I don't want to interrupt his tiny movie on his giant sprint evo phone | 15:40 | |
| JKL_ | RoyK: so i could connect with telnet to it. kewl | 15:44 |
| RoyK | minicom would be better | 15:45 |
| RoyK | telnet isn't made for serial communication | 15:45 |
| RoyK | JKL_: the serial console was used on most boxes from early seventies to recent times, but even though it's old, it's still useful | 15:46 |
| JKL_ | maybe I should get myself that cable | 15:48 |
| osmosis | everything I saw on the web about swappiness says lower value means minimal swapping. So I changed my swappiness from 60 to 10. And now I can see on the graphs that a huge swap_cache and way more swap file is in use. I was trying to turn off swapping because whenever linux starts doing random unimportant stuff with the swap file, it messes up my IO throughput. Helpful suggestions appreciated! | 15:48 |
| RoyK | JKL_: I guess you can get such a cable anywhere, or solder it yourself if you can't find it | 15:48 |
| RoyK | JKL_: just make sure you have an RS/232 port on both boxes | 15:49 |
| JKL_ | server has one | 15:49 |
| JKL_ | how about my laptop. i think i dont eaven bother to use this windows machine | 15:50 |
| JKL_ | none of my laptops have it and probably virtual machine inside windows does not work... but ofc I can use livecd ^^ | 15:52 |
| patdk-lap | osmosis, adjusting swappiness doesn't do anything about what it already did | 15:54 |
| patdk-lap | and large swap_cache is from reading in stuff from swap (I believe stuff that hasn't changed, so if needed, it can just be dropped, instead of getting swapped out again) | 15:55 |
| RoyK | osmosis: I just updated http://en.wikipedia.org/wiki/Swappiness | 15:55 |
| RoyK | osmosis: set it to 100 - it helps | 15:55 |
| * RoyK grins and looks forward to getting his 110TB boxes tomorrow ... 11x7-2TB drive RAIDz2 | 16:03 | |
| AlanMeta | Hi all, if I have another server manage the DNS for my Ubuntu server, what (if anything) would I need to configure on the server itself? | 16:54 |
| _ruben | most likely nothing | 16:55 |
| _ruben | depends on what you want to achieve tho | 16:55 |
| AlanMeta | well, basically I want the ubuntu server to handle one subdomain, which will have a web component, so I know I'll need to configure httpd.conf for that, but would bind need to know anything? | 16:56 |
| _ruben | just add the appropriate DNS records to the DNS server, nothing needed for that on the ubuntu (web)server for that | 16:57 |
| AlanMeta | ok cool, thanks | 17:00 |
| k5673 | Hello Yo! Somebody with a running strongswan server configured for roadwarriors? Like Hamachi? | 17:25 |
| AlanMeta | is gcc version 4.3.3 still acceptable? | 17:52 |
| === AStorm is now known as AstralStorm | ||
| k5673 | AlanMeta:There's anything bad about gcc 4.3.3 | 18:11 |
| * SasaGloc_afk is away: Gone away for now | 18:11 | |
| === SasaGloc_afk is now known as SasaGloc | ||
| * SasaGloc is back. | 18:12 | |
| AlanMeta | k5673 what? | 18:12 |
| k5673 | If you have a program, and needs to be compiled with gcc 4.3.3, go ahead | 18:12 |
| k5673 | You said (01:52:57 PM) AlanMeta: is gcc version 4.3.3 still acceptable? | 18:12 |
| AlanMeta | ok the reason I asked is I tried to compile git with it, and it generated errors, so I was curious if I needed to install something else first | 18:13 |
| k5673 | AlanMeta: http://www.barregren.se/blog/how-install-git-source-ubuntu | 18:16 |
| k5673 | https://help.ubuntu.com/community/Git | 18:16 |
| k5673 | Hope this helps. | 18:16 |
| AlanMeta | thanks | 18:17 |
| lennart_ | I just upgraded to 10.10 from 10.04 now I can't access my mediawiki, only get to initial setup page for the wiki, any idea of how to solve this? | 18:54 |
| lennart_ | Lot of activity in here :) | 18:58 |
| k5673 | lennart_:Do you se the initial configuration page in the url of your mediawiki? | 18:59 |
| lennart_ | k5673: yes | 19:03 |
| AlanMeta | to verify in httpd.conf is still where you put all the instructions on what URLs and file locations to host is right? | 19:09 |
| k5673 | Mmm... | 19:11 |
| k5673 | Have you done a backup of your mediawiki folder and the mysql database.... | 19:12 |
| k5673 | ? | 19:12 |
| AlanMeta | huh? | 19:14 |
| === Pilif12p is now known as Pilif|afk | ||
| lennart_ | Solved it, the problem was that LocalSettings.php had disappeared after the upgrade so I copied over my backed up copy of that file | 19:24 |
| lennart_ | fucking unstable to upgrade between versions | 19:25 |
| lennart_ | wonder what else is not working | 19:25 |
| AlanMeta | can someone give me a url to see a sample of what a site configuration should look like for apache2.conf? | 19:26 |
| lennart_ | ohh next issue, the left side page in nagios have disappeard? | 19:27 |
| lennart_ | anyone have any idea of how to fix nagios? | 19:32 |
| k5673 | lennart_: Save your configs in other place ( backup ), and do an apt-get remove --purge nagios3. Then apt-get intall nagios3 an copy your customized files. | 19:58 |
| k5673 | install | 19:58 |
| AlanMeta | for Jaunty, is there a packaged php 5.3.3? | 20:10 |
| k5673 | AlanMeta: take a look into http://packages.ubuntu.com | 20:15 |
| === RudyValencia- is now known as RudyValencia | ||
| MTecknology | How hard would it be to run nginx and php inside of a chroot? | 20:41 |
| pmatulis | AlanMeta: no, not by standard means. you will have to force something | 20:42 |
| qman__ | AlanMeta, site configurations go in /etc/apache2/sites-available/, not apache2.conf nor httpd.conf | 20:42 |
| k5673 | MTecknology: you can do a debootstrap, then chroot in and apt-get install nginx php5 | 20:43 |
| MTecknology | k5673: yup.. but then how do I make it start from inside of there when I boot up my system? | 20:44 |
| MTecknology | k5673: I'm going to have a pretty funky setup when I'm done so in effort to keep it clean, I'm trying to understand everything before going into anything | 20:45 |
| k5673 | Ah! Pretty complex thing...! | 20:45 |
| k5673 | So.. | 20:45 |
| khussein | Guys, I have a question that is gonna sound simple, but no I am not asking about chmod, groups, or any of that. How do I give another account on my system access to a specific file in my home folder? | 20:46 |
| k5673 | MTecknology: You can do a bash script like chroot /mychrootednginx && /etc/init.d/nginx start | 20:47 |
| khussein | The obvious solution is to create a group, add myself and the other user to it, then give permission to this group. | 20:47 |
| k5673 | khussein: Tried to modify the permissions of the file with chown | 20:47 |
| MTecknology | k5673: .... it would be that simple!? | 20:48 |
| k5673 | khussein: Yes. | 20:48 |
| MTecknology | I'm guessing the yes was for me :P | 20:48 |
| k5673 | MTecknology: Yes | 20:48 |
| MTecknology | That just seems way to simple | 20:48 |
| k5673 | That's your yes | 20:48 |
| khussein | This doesn't scale tho. It doesn't make sense to create lots of groups for every file that I wanna share with a different user. | 20:49 |
| k5673 | MTecknology: You will not lose anything trying it | 20:49 |
| MTecknology | k5673: I'll be ready to try in about 10 min - I need to try out this kernel | 20:50 |
| k5673 | khussein: add the user who wants to see the file to the group of the owner | 20:51 |
| k5673 | khussein: You do not have to create groups. They're already there. | 20:51 |
| qman__ | unless you want to give that user access to all your files, you do | 20:52 |
| khussein | k5673: I own files X and Y. what if I want user A to access file X only. Then user B to access file Y? | 20:52 |
| qman__ | you're right that it doesn't scale very well under those specific conditions | 20:52 |
| qman__ | but that's a pretty rare requirement | 20:52 |
| khussein | You'll need two groups for this case, right? | 20:52 |
| qman__ | there is one trick you could use | 20:53 |
| qman__ | change the group owner of file X to that user A's group | 20:53 |
| qman__ | and likewise file X's group owner to user B's group | 20:53 |
| k5673 | Apply the chown to the file to share | 20:53 |
| k5673 | khussein | 20:54 |
| qman__ | you remain the file owner, and achieve what you wanted | 20:54 |
| MTecknology | ok... I tried to live without aptitude for a while... but I can't do it | 20:54 |
| khussein | qman__: Yeah, this would work better I guess. But then again, can't user A add user B to A's group, and get easy access? | 20:55 |
| qman__ | khussein, that gives easy access to all of user A's files | 20:55 |
| khussein | qman__: I understand that it may sound like a rare requirement, but I promise you it is real :). | 20:55 |
| qman__ | if you want least permission, that's not going to work | 20:55 |
| khussein | Right. | 20:55 |
| khussein | hmm .. maybe filesystem with acls | 20:56 |
| qman__ | but by default each user has his own group | 20:56 |
| qman__ | so changing the group to the one user you want to share with works | 20:56 |
| qman__ | if you want to share with more than one though, you need to create a new one | 20:56 |
| qman__ | filesystem acls are very tedious to configure and use | 20:57 |
| khussein | It is .. which is why I started asking the question here and I was hoping that I am missing something. | 20:57 |
| qman__ | rather than manually configure just the files you want to share, you have to manually configure all your files | 20:57 |
| khussein | Oh really? I didn't think so. But maybe you are right, I haven't done a lot of work on them yet. | 20:58 |
| k5673 | MTecknology: do not resist to the unstoppable power of apt! Mwahahahaha! | 20:58 |
| qman__ | well, it may have sensible defaults | 20:58 |
| qman__ | but any time you need to change something, it's a lot more complicated | 20:58 |
| MTecknology | k5673: I love aptitude... but apt-get is just horrible | 20:58 |
| qman__ | and if you want it actually locked down, it's a lot more work | 20:58 |
| qman__ | a quote I heard and very much agree with | 20:59 |
| qman__ | if the unix permission scheme can't achieve what you want, your system is too complex and should be redesigned | 20:59 |
| khussein | qman__: :) I don't know if I buy this one. How old is it? | 20:59 |
| khussein | It used to work perfectly .. but now with resource delegation and all that kinda stuff. I can certainly see the case for it. | 21:00 |
| qman__ | about as old as the argument for acls on linux | 21:00 |
| khussein | But again, you are right acls are just too complicated and hard to get it right. | 21:00 |
| qman__ | you have to be a bit clever sometimes, but the unix permission scheme is actually very flexible | 21:01 |
| khussein | It almost sounds like something new needs to come out to solve this situation in a much simpler way. | 21:01 |
| khussein | unix permission is very simple and hence flexible, but you may end up creating a lot of groups to really achieve what you are trying to do. | 21:02 |
| khussein | And even then, it isn't secure, and allows other users to give themselves access to your file. | 21:02 |
| qman__ | that's not true | 21:03 |
| qman__ | it's very secure | 21:03 |
| khussein | Well, I didn't mean it that way :). So, I take it back. | 21:03 |
| qman__ | it's only insecure when not configured correctly | 21:03 |
| MTecknology | 139 packages instealed on my server :P | 21:04 |
| pmatulis | i wouldn't say that 'simple' implies 'flexible', i would almost say the reverse | 21:04 |
| khussein | pmatulis: It is simple on how to implement it, right? | 21:05 |
| k5673 | MTecknology: but apt is your monochrome vt100-style friend who resolves the dependencies and install software for you! | 21:05 |
| k5673 | Joke | 21:05 |
| MTecknology | k5673: aptitude does this - and does it well :) | 21:06 |
| khussein | qman__: thank you. I really appreciate your help. | 21:06 |
| MTecknology | k5673: it even yells at me when I choose to remove all of python and most of perl from my system :P | 21:06 |
| AlanMeta | if you do a apt-get upgrade, and it replies back with packages that will not be upgraded, but those are the ones I want to upgrade. How do I tell it to upgrade those? | 21:06 |
| pmatulis | the fact that in unix you can't have a group can give you a pretty broken setup in certain situations | 21:06 |
| khussein | I'll catch you guys later. thanks :) | 21:06 |
| pmatulis | "group within a group" | 21:06 |
| k5673 | MTecknology: apt have feelings too. | 21:06 |
| khussein | pmatulis: what? | 21:07 |
| pmatulis | khussein: see above | 21:07 |
| khussein | "group within a group" is this something you are suggesting? | 21:09 |
| qman__ | he's just saying that feature is absent in the unix permissions scheme | 21:09 |
| qman__ | it would be useful in some situations | 21:09 |
| khussein | Ah yes. I completely agree. | 21:10 |
| khussein | It may sound even more complicated, but I was brainstorming about using LDAP. | 21:10 |
| qman__ | I never said it was perfect, just that acls don't really improve things | 21:11 |
| qman__ | you go from the possibly too simple, to the definitely too complex | 21:11 |
| khussein | The concept of hierarchal organization of users and groups is definitely missing. | 21:11 |
| AlanMeta | if I tell apt-get to remove several packages, and then tell it to install them again, will it get the "official" build if another repo has a newer build? | 21:11 |
| MTecknology | k5673: :S... It seems I can initiate nginx from inside of the chroot but not manipulate it from there :P | 21:11 |
| khussein | qman__: You are right, which is why I was thinking maybe there needs to be something in the middle. Not that simple, but isn't too complicated to achieve a simple task. | 21:12 |
| MTecknology | k5673: I can't run top inside - but I can run top outside ... must be mount points | 21:12 |
| MTecknology | k5673: this is kinda cool... it's like the system running in the chroot will run as if it's running on the host, but be locked to that environment | 21:13 |
| MTecknology | k5673: btw.. that command you gave me doesn't work... | 21:14 |
| MTecknology | k5673: it waits until you exit the chroot | 21:14 |
| k5673 | MTecknology: Of course. And is like a sandbox. You can do anything (almost) without destroying your real environment. | 21:14 |
| AlanMeta | anyone? | 21:14 |
| qman__ | AlanMeta, that's what upgrade is for | 21:15 |
| qman__ | but yes | 21:15 |
| k5673 | AlanMeta: Always the official | 21:15 |
| AlanMeta | how can I over ride that? | 21:15 |
| k5673 | MTecknology: the command for running nginx? | 21:15 |
| qman__ | by holding/pinning a package | 21:15 |
| MTecknology | k5673: that command would work great if I could make it launch inside of the chroot | 21:16 |
| k5673 | MTecknology: Do a bash script | 21:16 |
| MTecknology | k5673: OH! | 21:16 |
| MTecknology | k5673: no && | 21:16 |
| MTecknology | k5673: chroot /opt/websites-basic /etc/init.d/nginx start | 21:17 |
| k5673 | MTecknology: chroot /opt/websites-basic /etc/init.d/nginx start & | 21:17 |
| MTecknology | k5673: except that it seems trying to stop it the same way doesn't work :P | 21:18 |
| talcite | hey guys. I'm having trouble copying files to my OCFS2 array. Can someone help me debug? It was working in the past, but possibly an update broke it? | 21:18 |
| k5673 | MTecknology: The ampersand at the end will send the command to background | 21:18 |
| k5673 | MTecknology: & | 21:18 |
| MTecknology | k5673: it doesn't need to go to the background though | 21:18 |
| MTecknology | k5673: chroot /opt/websites-basic /etc/init.d/nginx start <--- starts nginx | 21:18 |
| MTecknology | k5673: chroot /opt/websites-basic /etc/init.d/nginx stop <--- does not stop nginx | 21:19 |
| AlanMeta | http://pastebin.com/QAd7Wcxj << this is what I'm getting, the newer files are on an alternate repo. Any suggestions to tell it to install it? | 21:19 |
| MTecknology | k5673: :S... I can't kill anything inside of the chroot without killing the pid :S.... | 21:21 |
| k5673 | Mmm | 21:21 |
| k5673 | MTecknology: You can try this http://pastebin.com/KEQ7efU4 | 21:25 |
| MTecknology | k5673: GOT IT! | 21:26 |
| MTecknology | I didn't mount proc correctly | 21:26 |
| MTecknology | it couldn't figure out what the pid was | 21:26 |
| k5673 | MTecknology: some filesystems aren't available in a chrooted environment | 21:28 |
| MTecknology | k5673: mount -o bind /{dev,proc} /opt/websites-basic/{dev,proc} :D | 21:28 |
| k5673 | MTecknology: i'll save that string. | 21:29 |
| MTecknology | k5673: obviously not exactly what I ran.. it was two commands ;) | 21:29 |
| k5673 | Yeah | 21:29 |
| k5673 | Right | 21:29 |
| uvirtbot | New bug: #666028 in openldap (main) "apt-get install slapd => Can't locate object method "new" via package "Debconf::Element::Noninteractive::Booleam"" [Undecided,New] https://launchpad.net/bugs/666028 | 21:31 |
| MTecknology | I think I found a bug... | 21:32 |
| k5673 | MTecknology: What bug? | 21:33 |
| MTecknology | k5673: when installing php5-fpm.. the default config assumes /var/www exists but doesn't verify.. so before installing it you need to 'mkdir /var/www' or it will fail to install because it will fail to start because the config is broken | 21:34 |
| AlanMeta | can anyone help me? | 21:35 |
| qman__ | AlanMeta, using debian repositories on ubuntu is a bad idea | 21:35 |
| AlanMeta | qman__ ah ok, I was following the directions here: http://kevin.vanzonneveld.net/techblog/article/prepare_for_php_53/ | 21:37 |
| guntbert | AlanMeta: php 5.3 is in the repos, no need for jumping through hoops | 21:39 |
| AlanMeta | its not for jaunty which is the only thing I can run on my vps :-( | 21:39 |
| guntbert | I see, thats 5.2 | 21:41 |
| AlanMeta | yeah and running something that requires 5.3 | 21:41 |
| guntbert | AlanMeta: did you look into backports? | 21:41 |
| AlanMeta | backports? | 21:42 |
| k5673 | AlanMeta: http://packages.ubuntu.com | 21:42 |
| AlanMeta | php is not in the backports :-( | 21:44 |
| guntbert | AlanMeta: did you see http://zippykid.com/blog/2009/08/building-php-5-3-packages-on-ubuntu-9-04-jaunty-for-apache-2/ ? | 21:44 |
| AlanMeta | lol, my apt-get can't find checkinstall, I have downloaded the code already but not sure how to configure it, what came with it, doesn't have the configure section in phpinfo() | 21:46 |
| === Pilif|afk is now known as Pilif12p|afk | ||
| === _TechAway_ is now known as _Techie_ | ||
| nagchampa | the ubuntu server guide is extremely vague on postfix setup | 23:57 |
| nagchampa | sorry | 23:57 |
| nagchampa | i mean, in regards to settup up an email gateway | 23:58 |
| patdk-lap | heh? what is an email gateway? | 23:58 |
| nagchampa | https://help.ubuntu.com/10.04/serverguide/C/mail-filtering.html | 23:58 |
| nagchampa | sorry, now i'm beign vague :p | 23:58 |
| * patdk-lap wonders what mail filtering has to do with email gateway (whatever that is) at all? | 23:59 | |
| patdk-lap | setting up an incoming email server is pretty simple | 23:59 |
| patdk-lap | just have it receive email, and do whatever you want with it, but don't bounce it | 23:59 |
Generated by irclog2html.py 2.7 by Marius Gedminas - find it at mg.pov.lt!