/srv/irclogs.ubuntu.com/2010/10/26/#ubuntu-server.txt

T0aD	hi guys :)	00:26
T0aD	hi guys, im trying to upgrade a real old ubuntu server dist (6.10) and I encounter this error while trying to install libdevmapper: mkdir: cannot create directory `/dev/.static/dev/mapper': Read-only file system. Any suggestion welcome :)	00:26
owh	T0aD: How are you doing this upgrade?	00:43
T0aD	like explained on https://help.ubuntu.com/community/EOLUpgrades/Edgy	00:43
owh	Where in that process are you?	00:45
T0aD	at : sudo ./feisty --frontend DistUpgradeViewText --mode=server	00:45
T0aD	it downloaded all packages, it was to suppose to remove 1 package, upgrade some, install a lot	00:45
T0aD	it blocked at removing this single package libdevmapper	00:46
T0aD	yeah not installing my bad	00:46
T0aD	Setting up libdevmapper1.02 (1.02.08-1ubuntu10) ...	00:46
T0aD	mkdir: cannot create directory `/dev/.static/dev/mapper': Read-only file system	00:46
T0aD	damn that sucks	00:47
owh	Are you running this off the machine itself, or did you boot from something like a live-cd?	00:49
T0aD	of the machine itself	00:50
T0aD	its in production	00:50
owh	That sucks.	00:50
T0aD	definitely	00:51
owh	Is this an LVM volume, or a crypt one?	00:52
T0aD	nope and nope	00:52
T0aD	a dummy software raid 1 on 1 single and unique partition	00:52
T0aD	i know nothing about this devmapper stuff	00:53
owh	Is the software raid Linux software raid, or a funky motherboard software fake raid?	00:53
T0aD	its mdadm	00:54
owh	Is the raid module loaded?	00:54
T0aD	its a monolithic kernel and the raid support is running fine it seems	00:54
owh	Your own kernel or a ubuntu one?	00:55
T0aD	my own	00:55
owh	Hmm.	00:55
owh	I think you might be missing a module that ubuntu expects.	00:55
owh	FYI, this is a WAG	00:55
T0aD	hmpf	00:56
T0aD	wag ?	00:56
owh	Wild Ass Guess	00:56
T0aD	yeah I understand this is no easy issue	00:56
T0aD	I thank you for your trial though	00:56
T0aD	Im wondering if I shouldnt just buy a new box and migrate services but thats gonna be a pain in the ass	00:56
owh	How much data is on this?	00:57
T0aD	200 gB	00:57
T0aD	but it has a lot of stuff	00:57
=== _TechAway_ is now known as _Techie_
owh	Ouch	00:57
owh	Got a spare drive?	00:57
T0aD	a mysql server, a mysql proxy, a qmail install, a vpopmail dir, 10,000 websites of users, a hacked apache install, several CGIs binaries	00:58
owh	This was never going to be easy was it :)	00:58
T0aD	an imap server, a ftp server, tons of crons, a dns server, Im probably forgetting stuff :)	00:58
T0aD	well it would be easier if I had more specialized servers separated in farms :)	00:59
T0aD	but im at the starting point so...	00:59
T0aD	what about the spare drive ?	00:59
T0aD	to copy the data ?	00:59
owh	You could do a fresh install on a spare drive.	01:00
T0aD	on the same box you mean ?	01:00
owh	Yup	01:00
T0aD	while the server is running ?	01:01
owh	No.	01:01
owh	Hold up.	01:01
T0aD	like how ? using virtualization or something ? i dont get you	01:01
owh	When you built your kernel, did you start with the ubuntu .config file in /boot?	01:01
T0aD	yep	01:01
T0aD	ah you want me to spot the differences	01:02
T0aD	?	01:02
T0aD	# diff -u /boot/config-2.6.24.2lescigales /boot/config-2.6.35.2-rsbac-lescigales \| wc -l	01:02
T0aD	3590	01:02
T0aD	hmpf :)	01:02
owh	That would be helpful. But I'm wondering if you didn't fsk around too much, it may have also compiled the appropriate modules, just not loaded them.	01:02
T0aD	there are no more modules	01:03
T0aD	modules are for the weak !	01:03
owh	Is lvm installed?	01:05
T0aD	not sure, but it isnt used	01:06
owh	dpkg -l \| grep lvm	01:06
T0aD	nothing	01:06
owh	Does this help: http://ubuntuforums.org/showthread.php?t=620842	01:07
owh	Better still: http://ubuntuforums.org/showthread.php?t=704273	01:09
T0aD	well the first topic is very cryptic	01:10
owh	I suppose the thing to take from it is, do you have any pinning set?	01:10
owh	FYI: I'm going to have to run in 5 minutes.	01:10
T0aD	"I've got lot work, and I've put lots of effort in this server. Reinstall and re-setup everything could take me longer than a month. For me it's not really a problem, however my boss don't share this opinion."	01:10
T0aD	lol, sounds like me :)	01:10
T0aD	pinning set ?	01:11
T0aD	sorry english ain't my native language	01:11
owh	Have a look in /etc/apt/preferences	01:12
T0aD	nice it seems the release process is always overwriting logs in /var/log/dist-upgrade	01:13
T0aD	ls: /etc/apt/preferences: No such file or directory	01:13
owh	What about the second link I showed you?	01:13
T0aD	unfortunately not useful	01:14
T0aD	I still dont understand why its written post-installation in this log while it was telling me (I think now.. not so sure) it was about to remove it	01:14
T0aD	anyway, maybe I should unpack deb file and read this post-installation script	01:15
owh	I still think there is an issue with your kernel, with modules missing. Can you boot into a standard ubuntu kernel and do the upgrade from there?	01:15
T0aD	any reboot / downtime is risky	01:15
owh	Yeah	01:15
owh	Reading the post-install script is a good idea.	01:15
T0aD	yeah I might just hack it and blow this stuff	01:15
T0aD	now i just need to find how to do that	01:16
T0aD	dpkg -x it seems	01:16
owh	I should be back in a couple of hours, there are others here who might be better able to help.	01:16
T0aD	owh, I doubt it, but thanks for your time anyway :)	01:17
owh	kirkland: nijaba, have you got anything to add for T0aD's problem? Gotta run.	01:17
T0aD	well dpkg -x doesnt help but it seems scripts are in /var/lib/dpkg	01:19
T0aD	lol all the postinst script does is that mkdir	01:20
=== _Techie_ is now known as _TechAway_
T0aD	alright hack successful	01:30
=== _TechAway_ is now known as _Techie_
=== _TechAway_ is now known as _Techie_
=== MTeck is now known as MTecknology
erichammond1	What was that fix released recently that helps protect Apache2 servers from clients that connect but don't send a request (perhaps with a timeout)? I have a custom Apache config that I think needs to have this applied quickly.	03:24
T0aD	well apart from a firewall rule	03:24
T0aD	I dont see what 'fix' would be realsed	03:24
T0aD	released	03:24
T0aD	iptables -I INPUT -p tcp --syn --dport 80 -m connlimit --connlimit-above 12 -j REJECT	03:25
T0aD	try that one	03:25
erichammond1	Ah, looks like mod_reqtimeout	03:26
T0aD	oh there is a module for that	03:26
erichammond1	though I can't find it in Karmic	03:27
T0aD	thats nice, and whats about other services ?	03:27
T0aD	this module wont help you I think	03:27
T0aD	well suit yourself	03:27
erichammond1	T0aD: Thanks, but I'm not sure that the connections are coming from the same IP address and the number of available server connections can easily be overwhelmed by not that many parallel connections that take a long time to send the request.	03:28
T0aD	well there is nothing you can do then	03:28
T0aD	except configuring Timeout	03:28
erichammond1	If they don't send a request, I just want to time out on them and move on to the next request.	03:28
T0aD	its in the basic apache configuration	03:29
T0aD	http://httpd.apache.org/docs/2.2/mod/core.html#timeout	03:29
T0aD	im personaly using Timeout 3 and KeepAliveTimeout 3	03:30
erichammond1	I'll give that a try. I thought that perhaps Timeout did not kick in until the request started getting sent which was why the mod_reqtimeout patch was released.	03:33
T0aD	you should read this module page and experiment	03:34
T0aD	Timeout 3 rocks anyway	03:34
T0aD	except for 14.400 bauds modems of course	03:35
erichammond1	:)	03:35
erichammond1	T0aD: Yep, "Timeout 3" does not start the countdown until the first "GET" line is sent by the client.	03:38
erichammond1	T0aD: A client that connects and sends nothing, uses up an Apache child.	03:38
erichammond1	mod_reqtimeout looks like it solves that.	03:39
erichammond1	"Available in Apache 2.2.15 and later" so not in Karmic.	03:39
erichammond1	I wanted to upgrade that server anyway.	03:40
T0aD	<erichammond1> T0aD: Yep, "Timeout 3" does not start the countdown until the first "GET" line is sent by the client.	03:40
T0aD	hm yes it does	03:40
erichammond1	T0aD: I just tested it on my Apache 2.2.12 server and I can take much longer than 3 seconds to type in "GET /" and it's still listening. If I type "GET / HTTP/1.0" it hangs up 3 seconds later.	03:41
erichammond1	What Apache are you using?	03:41
T0aD	hm maybe KeepAliveTimeout then ?	03:42
erichammond1	I have that low, too.	03:42
T0aD	2.2.10	03:42
T0aD	well I tried and its working fine here funny	03:42
T0aD	but I have this setting for years	03:42
T0aD	did you correctly restart your server ?	03:43
erichammond1	Since the 3 second timeout is now working after the "GET" (it had been set to the default of 300) I believe I did, yes.	03:43
erichammond1	This also appears to be how it is documented.	03:43
T0aD	hm maybe Im confused with another directive..	03:44
T0aD	no that should be it	03:44
T0aD	proceed to a full restart (not graceful) to experiment anyway	03:45
T0aD	root@ns1:/tmp/tmpRktNYU# time nc 217.73.17.12 80	03:45
T0aD	real0m6.020s	03:45
T0aD	interesting, maybe its adding timeout+keepalivetimeout	03:46
erichammond1	T0aD: I'm off. Thanks for your help.	03:49
T0aD	np	03:49
=== Pilif12p is now known as Pilif12p\|afk
uvirtbot	New bug: #666614 in samba (main) "package samba-common (not installed) failed to install/upgrade: subprocess installed post-installation script returned error exit status 10" [Undecided,New] https://launchpad.net/bugs/666614	05:46
n8whnp	hey, I have a really dumb question about openldap in ubuntu server 10.10	05:58
n8whnp	I know that the transition has been made to the cn=config style configuration	05:59
n8whnp	is there any way to set the default password to connect and configure things. dpkg-reconfigure is not doing that	05:59
=== erichammond1 is now known as erichammond
osmosis	patdk-lap, why 100 for swappiness? other guides are telling me lower is better, like 10 or 0.	06:28
z3cka	Hello, I'm having a strange issue with my server, when logon through the terminal at tty1 the "Welcome to Ubuntu!" message is there twice, once for 10.10 and once for 10.4 … any ideas what would cause this?	06:47
T0aD	cat /etc/motd	06:48
T0aD	or issue or issue.net	06:48
z3cka	yep, that give me the welcome message	06:49
T0aD	holy crap	06:49
T0aD	upgrade to 8.04 breaks my klogd	06:49
z3cka	well, the real issue is it says one use is logged into 10.4 and 0 users are logged into 10.10	06:51
z3cka	yet, eth0 has 10.10's ipaddress	06:51
z3cka	so my network is confused	06:51
T0aD	i really start to think do-release-upgrade is a bad idea	06:53
z3cka	agree	06:53
T0aD	im currently upgrading a big production server from 6.10 to at least 8.04	06:53
T0aD	and this is hell	06:53
z3cka	ifconfig says eth0 is 192.168.1.118 but my /etc/motd says eth0 is 192.168.15.4	06:54
T0aD	well who cares about motd anyway	06:55
T0aD	> /etc/motd	06:55
T0aD	and maybe motd is speaking of your old address	06:55
z3cka	i don't i'm just trouble shooting my network issue	06:55
T0aD	well dont you worry	06:56
T0aD	motd aint involved with networking	06:56
z3cka	ping 127.0.01 doesn't even resolve	06:56
z3cka	true, i think it gives me a clue as to what's going on	06:56
T0aD	try w or who in that case	06:56
z3cka	right, that tells me i'm logged in, but logged into what?	06:58
z3cka	10.10 or 10.4?	06:58
z3cka	is it possible that they are both running?	06:58
z3cka	motd says i'm logged into 10.4	06:59
T0aD	<z3cka> is it possible that they are both running?	07:01
T0aD	lol	07:01
z3cka	so now that	07:01
z3cka	so now that's funny to you?	07:01
T0aD	I havent laugh like that for a long time, thank you	07:01
T0aD	check out your logs	07:02
T0aD	Im not sure what your problem is exactly	07:02
z3cka	problem is, i'm getting an IP address network seems to not be functioning properly	07:04
z3cka	*but	07:04
T0aD	seems seems pretty clear	07:05
z3cka	which logs should i look at?	07:06
z3cka	basically i get 100% packet loss no matter what ip i ping	07:07
z3cka	even 127.0.01	07:08
z3cka	*127.0.0.1	07:08
T0aD	hmm	07:09
T0aD	ifconfig should tell you which interfaces are up	07:09
T0aD	check that	07:09
z3cka	yep, all seems well there	07:09
T0aD	check sysctl icmp_echo to see if you re not ignoring pings	07:10
T0aD	it could be so many things, firewall, kernel	07:10
z3cka	error: "icmp_echo" is an unknown key	07:11
T0aD	sysctl -a \| grep icmp_echo	07:11
z3cka	thanks	07:12
z3cka	…icmp_echo_ignore_all = 0	07:13
z3cka	…icmp_echo_ignore_broadcasts =	07:13
z3cka	1	07:13
=== BlackZ is now known as Guest34369
z3cka	what is eth0:metedata from ifconfig?	07:20
eagles0513875\|2	hey guys any dovecot squirrelmail post fix experts in here	07:22
=== twister004_ is now known as twister004
eagles0513875\|2	i followed the guidelines on the wiki for each of those and im having issues connecting to the imap server	07:22
eagles0513875\|2	i have dovecot configured for imaps	07:22
eagles0513875\|2	only	07:22
eagles0513875\|2	could that be the issue	07:22
RoyK	morning	07:34
RoyK	eagles0513875\|2: with a self-signed certificate?	07:35
eagles0513875\|2	RoyK: think i have isolated my issue to squirrelmail	07:35
RoyK	k	07:35
eagles0513875\|2	i have dovecot setup tp use imaps only how can i config squirrelmail to do the same thing	07:35
eagles0513875\|2	RoyK: ^	07:36
uvirtbot	New bug: #666625 in openldap (main) "slapd no longer installs default database since 10.04" [Undecided,New] https://launchpad.net/bugs/666625	07:42
RoyK	eagles0513875\|2: don't remember - I haven't use squirrelmail for years - but then, if you run squirrelmail on the same host as dovecot, the only thing you'll need is a redirect from the sqm running http, right?	07:47
RoyK	as in <?php location('https://host.tld'); ?>	07:47
eagles0513875\|2	ya i have it mostly setup i needed to do some configuration of squirrel mail a bit	07:48
RoyK	erm	07:48
eagles0513875\|2	using sudo squirrelmail-configure	07:48
eagles0513875\|2	to allow tls connection as well as use the imaps port	07:48
RoyK	as in <?php header("Location: https://host.tld'); ?>	07:48
dubphil	Hello ! I have switched from Debian to Ubuntu and I would say that I'm quite happy, good work !	07:50
dubphil	When I put service squid stop on a script I have this error : exec: 129: stop: not found, how can I stop and start squid in a script ?	07:52
dubphil	where are the squid init scripts ?	07:53
eagles0513875\|2	dubphil: it would have to be somethign like this	07:53
eagles0513875\|2	sudo /etc/init.d/squid stop	07:53
eagles0513875\|2	all startup shutdown and restart scripts are in /etc/init.s	07:53
eagles0513875\|2	init.d	07:53
dubphil	eagles0513875\|2: thats was the debian way, but there no more squid scripts in /etc/init.d	07:53
eagles0513875\|2	dubphil: try sudo squid stop	07:54
eagles0513875\|2	hey dubphil im gonna need your expertise with getting squid setup	07:54
dubphil	eagles0513875\|2: it is a script launched by root in a crontab	07:54
dubphil	yes tell me	07:55
eagles0513875\|2	dubphil: where to begin lol	07:55
eagles0513875\|2	dubphil: mind if i pm you	07:56
RoyK	dubphil: you won't notice much difference :)	07:56
eagles0513875\|2	dubphil: basically is squid easy to setup	07:57
eagles0513875\|2	im going to need it as im hosting a few sites and my server connectivity wise is quite fast, but sometimes it gets bogged down	07:57
z3cka	T0aD: eucaluptus-cloud was causing the trouble	08:02
dubphil	eagles0513875\|2: yes it is quite easy but more complex scheme you need the more it will be difficult to setup ;)	08:03
z3cka	sudo apt-get remove eucaluptus-cloud did the trick	08:03
z3cka	strange	08:03
z3cka	eth0:metadata went away	08:04
z3cka	from my ifconfig	08:04
dubphil	RoyK: yes for sure, the lonely difference for now is the localisation of the squid init scripts	08:04
dubphil	where damn are they ?	08:04
RoyK	squid-langpack - Localized error pages for Squid	08:05
dubphil	RoyK: squid is working well, my problem is just to stop or start it in a root cronjob	08:07
dubphil	eh I understand Iwould have not use "localisation" I ment "the place they stand"	08:08
T0aD	<z3cka> sudo apt-get remove eucaluptus-cloud did the trick	08:12
T0aD	lol	08:12
RoyK	apt-get remove --purge \* # :D	08:14
* RoyK does not recommend that		08:14
* T0aD wonders if RoyK thinks rm -fr / is funny too ?		08:15
RoyK	T0aD: that's far worse	08:15
RoyK	that apt-get gives you a pretty good warning	08:16
T0aD	its still as funny as eddie murphy	08:16
RoyK	that rm of yours doesn't	08:16
* z3cka wonders if T0aD is really a troll		08:16
* T0aD hides his hair		08:16
T0aD	z3cka, I just dont see why that is 'funny' :)	08:17
z3cka	T0aD: i just don't see why you have to quote me and lol	08:17
T0aD	well that was funny	08:18
T0aD	installing a cloud and having networking issues	08:18
T0aD	and removing it being called 'a fix'	08:18
z3cka	you got me	08:18
z3cka	that's true	08:18
z3cka	well… i wasn't using it	08:18
T0aD	yeah, that was truly funny :)	08:18
z3cka	i'm sure is i installed it again it would probably work	08:19
z3cka	*if	08:19
T0aD	no idea, im still a cloud virgin	08:19
* T0aD is the innocent little flower		08:20
z3cka	played with it a bit on the local lan but didn't get far	08:20
z3cka	and then the update seemed to break the rest of the network	08:21
z3cka	more specifically added eth0:metatdata entry to ifconfig	08:21
=== _Techie_ is now known as _TechAway_
z3cka	so i searched eth0:metadat and all i got was entries about problems with eucalyptus	08:22
z3cka	so i removed it	08:22
z3cka	hense, fixed :-)	08:23
T0aD	you cant trust software written by koalas	08:23
z3cka	errr *hence	08:23
z3cka	that's true	08:23
z3cka	or just Australians in general...	08:24
=== _TechAway_ is now known as _Techie_
T0aD	adios	08:33
Zeu5	hi there, i am at my devt machine. I ssh into my server. From my server, i am trying to do a git pull from a public repo like projectlocker. I am always prompted for my ssh passphrase. i followed this but i am still prompted. please advise.http://help.github.com/working-with-key-passphrases/	08:40
twb	IMO agent forwarding is evil and wrong	08:42
twb	I prefer -oProxyCommand	08:42
twb	Admittedly it wouldn't help in your case...	08:42
twb	Zeu5: that article doesn't seem to mention agent forwarding. Do you have it on, or off?	08:43
twb	Zeu5: btw, if you're in an Ubuntu desktop environment, ssh-agent is started automatically when you log in, so you can skip that step.	08:44
Zeu5	twb: this is my config file	08:49
Zeu5	this is my config file in ~/.ssh http://gist.github.com/646426	08:49
Zeu5	twb: does that indicate whether i have agent-forwrading on?	08:49
twb	And you're running "ssh staging"?	08:50
Zeu5	twb: i am actually trying to get capistrano working. but somebody told me to do this. so i did so. if it s wrong i will gladly remove it	08:50
twb	capistrano is a hostname?	08:50
Zeu5	capistrano is a deployment tool	08:51
Zeu5	twb: let me go remove the config file first	08:51
twb	Bleh, more ruby gank	08:51
Zeu5	twb: i am a ruby noob. more so than being a ubuntu noob. ha	08:51
twb	Unfortunately I have no idea what that tool does	08:52
Zeu5	its okie twb	08:52
Zeu5	right now i just want this ssh forwarding to work.	08:52
twb	Rather than sshing into a server and doing a "git pull" there, I guess what I would do is "git push" to the server directly	08:52
twb	You can try "ssh-add -l" to see what keys are enabled in your agent on each host	08:53
twb	Note that you need to run ssh-add [~/.ssh/id_rsa] to add a key to your agent.	08:53
Zeu5	is it safe for me to paste my output when i run ssh-add -ls	08:54
Zeu5	is it safe for me to paste my output when i run ssh-add -l ?	08:54
twb	A line like this is safe to publish: 2048 4d:cd:2c:5b:9f:a5:d1:cd:f6:f1:2f:30:f8:74:8b:47 /home/twb/.ssh/id_cyber (RSA)	08:55
twb	It's basically the same as your public key	08:55
twb	(In terms of information disclosure.)	08:55
Zeu5	username@server:/var/www/abc.biz$ ssh-add -l	08:56
Zeu5	2048 bf:8a:cf:e1:97:24:86:6d:8f:8a:f0:7b:86:17:5c:7f /home/ubuntu/.ssh/id_rsa (RSA)	08:56
Zeu5	so am i doing everything correctly so far?	08:56
=== _Techie_ is now known as _TechAway_
twb	That means "server" has your key usable in it	08:57
twb	So it should work without prompting for a passphrase	08:57
Zeu5	twb: i am still prompted when i do a git pull from server	08:58
twb	What is the command you're running?	08:58
Zeu5	twb: http://gist.github.com/646508	09:00
twb	OK, for some reason it is ignoring /home/ubuntu/.ssh/id_rsa and trying to use /home/username/.ssh/id_rsa instead (or first).	09:03
twb	You could try moving that key out of the way, but other than that you're going to have to ask #openssh, since this is where my experience with agent forwarding runs out.	09:03
twb	(You can also try just hitting ^D which will make it try the next key.)	09:03
Zeu5	twb: i apologise beforehand. i wanted to keep my username secret. its all ubuntu	09:04
Zeu5	twb: sorry for the misunderstanding	09:04
Zeu5	twb: i have to go off. will be back in an hour's time to try my luck again. thank you for your assistance. appreciate it. sorry for misleading you about my username. will definitely try #openssh as well	09:07
twb	Which, kids, is why we you don't try to elide useful, non-compromising information from your tech support staff.	09:08
MACscr	any recommendation for resolving the following apt-get upgrade errors? http://pastebin.com/WByrVRjp	09:13
=== _TechAway_ is now known as _Techie_
twb	MACscr: turn -security back on?	09:19
MACscr	huh?	09:19
twb	libssl-dev: Depends: libssl0.9.8 (= 0.9.8k-7ubuntu8.1) but 0.9.8k-7ubuntu8.3 is installed	09:20
twb	0.9.8k-7ubuntu8.3 comes from lucid-security and lucid-updates.	09:21
twb	The fact that it's trying to install an older version suggests that either those components are disabled, or you haven't run "apt-get update" lately.	09:21
twb	I suppose it could also happen if you're using a binary package that needs a binNMU (i.e. it links against the obsolete version). lucid-security should fix that, too.	09:22
MACscr	its enabled	09:27
MACscr	all the defaults are	09:27
MACscr	and i ran apt-get update right before i attempted the upgrade	09:27
MACscr	nvm, its working now. Weird	09:29
MACscr	simple reboot seemed to fix it	09:29
Zeu5	hi there, i am at my devt machine. I ssh into my server. From my server, i am trying to do a git pull from a public repo like projectlocker. I am always prompted for my ssh passphrase. i followed this but i am still prompted. please advise.http://help.github.com/working-with-key-passphrases/	09:49
mgolisch	Zeu5: do you start ssh-agent ?	10:18
Zeu5	mgolisch: how do i do that?	10:18
Zeu5	i did notice that when i run "ps", there is no ssh-agent	10:18
twb	It may be called "gpg-agent" (it can do both jobs).	10:19
Zeu5	twb: when i run ps all i see is ps and bash	10:21
mgolisch	is ssh-agent installed at all?	10:21
uvirtbot	New bug: #666682 in mysql-dfsg-5.1 (main) "package mysql-server-5.1 5.1.37-1ubuntu5.1 failed to install/upgrade: subprocess new pre-removal script returned error exit status 1" [Undecided,New] https://launchpad.net/bugs/666682	10:22
mgolisch	this page you linked seems to add stuff to your shellconfig to start ssh-agent automaticaly	10:22
twb	that's keychain's job, yeah	10:22
twb	Except that if you do a GUI login to an ubuntu desktop, ssh-agent is already started automatically, and (I assume) agent forwarding means THAT agent is the one used on the remote server.	10:23
Zeu5	twb: i apologise. i am really not very good with this whole agent forwarding business. so are you saying tat i made a mistake in the first place?	10:23
twb	Damned if I know.	10:24
twb	I'm just saying that (AFAIK) if you login with gdm, you don't need keychain	10:24
Zeu5	twb: since i am sshing into server, i guess tat means i am not login using gdm yes?	10:30
twb	You're using agent forwarding, so your local agent (started by gdm) will talk over the ssh link to something	10:32
twb	Whether that something is ssh (directly) or a remote ssh-agent (indirectly), I don't know.	10:32
twb	As I said, I'm not a fan of agent/x11 forwarding.	10:32
Zeu5	twb: i see. thank you.	10:34
=== _Techie_ is now known as _TechAway_
SAngeli	I have ubuntu server 10.10 64 bit installed and have to install Conexant HSF softmodem driver for making hylafax work with my softmodem PCI card. It is a Conexant System modem. I am following this article http://www.linuxant.com/drivers/hsf/downloads-installer.php but when I run the script I get this error: Package not compatible with your system. Kernet module can't be compiled	11:04
SAngeli	what do I have to do, please?	11:04
RoyK	check what distros are supported	11:05
RoyK	10.10 obviosly isn't	11:05
RoyK	or at least 10.10/64	11:05
RoyK	http://www.linuxant.com/drivers/hsf/full/downloads.php	11:05
RoyK	not a very promising list	11:06
RoyK	no x64 at all	11:06
RoyK	I guess perhaps an x86 install of 10.04 or even 10.10 might work with the bottom one	11:07
RoyK	x64 will not work	11:07
SAngeli	RoyK, I have to find out if I can make hylafax work with my modem. I am not able to find any distro or a Hylafax IRC Chanel to ask. How can I make this work?	11:11
SAngeli	Any advice?	11:12
SAngeli	even by reinstalling ubuntu or another distro	11:12
SAngeli	RoyK, what if I install the 32 bit version of ubuntu 10.10? If not can I install a earlier verion of ubuntu server that wil be compatile with ?	11:14
SAngeli	anyone can reply, pleaze	11:22
patdk-lap	reply	11:23
adamk-pl	SAngeli: i would go for 32bit	11:24
adamk-pl	of 10.4	11:26
twb	Apart from legacy / proprietary programs and specialist compilers, I see no reason to install i386 on an amd64 system.	11:27
twb	("specialist" meaning that it has one developer, and he's too overworked to port it to x86-64)	11:28
SAngeli	adamk-pl, can you please tell me where to download the 32 ver or ubuntu server 10.4, please	11:37
SAngeli	and thank you for your reply	11:37
SAngeli	adamk-pl, is it this one? Ubuntu 10.04.1 LTS (Lucid Lynx)	11:38
SAngeli	adamk-pl, found it: http://mylayn.blogspot.com/2010/05/download-ubuntu-104.html	11:39
twb	SAngeli: uh, maybe you should try ubuntu.com; it probably has a download link on the front page	11:39
twb	http://www.ubuntu.com/server/get-ubuntu/download	11:40
adamk-pl	twb: exactly !	11:41
adamk-pl	mylayn links point to torrent files, so if you prefer torrent go for torrent, i think i still seed LTS	11:42
adamk-pl	:D	11:42
evident	Hi everybody! On my server I get dependency problems when calling apt-get upgrade: http://hpaste.org/40892/upgrade ... can anybody tell me how I can fix these?	11:43
twb	adamk-pl: I would trust any link I found on <random blog post>	11:44
twb	evident: please run "export LC_ALL=C" and re-run the command	11:45
adamk-pl	twb: sure	11:45
twb	evident: that will give it in English :-)	11:45
twb	evident: also, paste the whole output. You can do this by running "script", which will make a copy into the file "typescript"	11:46
evident	http://hpaste.org/paste/40892/upgrade_2#p40893	11:46
evident	i annotated the paste with the full output (in english)	11:46
twb	OK, thanks.	11:47
evident	(other question: Will my outputs be in english forever now? If so: Great... been trying to do that for a while)	11:47
twb	The procps issue shouldn't be happening; have you got bad entries in /etc/sysctl.conf?	11:47
twb	evident: only while you stay in the shell that you ran export LC_ALL=C in	11:47
evident	aha ok	11:48
twb	"LC_ALL=C" means "use the C (none/us english) locale for all locale settings"	11:48
twb	See "man 7 locale"	11:48
evident	http://hpaste.org/paste/40892/sysctl#p40894	11:49
evident	this is my sysctl	11:49
twb	OK, that's strange. You'll have to debug /etc/init/procps.conf	11:49
evident	http://hpaste.org/paste/40892/etcinitprocpsconf#p40895	11:51
garymc	is there a room for help with setting up an SSL web serveR?	11:53
evident	how would I debug this? Do you see anything strange in there?	11:53
garymc	or converting my current one to SSL	11:53
twb	garymc: did you check the ubuntu server guide?	11:55
twb	garymc: also, your existing httpd probably has documentation on the subject.	11:55
dubphil	twb I don't think so :)	11:55
dubphil	it always afraid people to deal with ssl	11:56
twb	evident: sorry, I don't really want to deal with upstart. It's fucking annoying.	11:56
evident	:D	11:56
evident	ok thank you anyways	11:56
twb	evident: however, it does look like that's the only error there -- everything else is just complaining because it wants procps to finish first.	11:57
evident	hmm ok... I'll try and see if I can find a way to fix it... thanks	11:58
twb	You can bug #upstart about it, too	11:58
megaTarzan	hello. I have iptables error while starting virt-manager local connexion's default network	12:22
garymc	Do I have to purchase an SSL certificate?	12:30
twb	garymc: no.	12:31
garymc	Im told by the bank i need an intermediate SSL certificate	12:31
twb	SSL is an hierarchical, asynchronous crypto/auth infrastructure.	12:31
twb	It allows anyone who has your public key to know that you're "you".	12:31
twb	In the context of web browsing, however, your end users will only have your public key in advance if you get your keypair signed by someone they already trust -- i.e. a signatory in the browser's default trust list.	12:32
twb	That basically means that you can either pay someone like instantssl or verisign, or inconvenience your end users.	12:33
twb	The latter is usually referred to as a "self-signed certificate"	12:33
garymc	so if I get a verisign. That cost money? and would they set it up for me?	12:34
twb	You pay for them to say "I trust garymc."	12:37
twb	Which really means "I trust that garymc has a credit card and can afford to pay me $10/year"	12:38
garymc	lol	12:38
twb	Don't mind me, I'm just pissed off about the hierarchical nature being hijacked as a license for verisign et al to print money.	12:40
garymc	yeah, Verisign seen as trusted now though :(	12:42
garymc	Anyone heard of 3D secure?	12:59
garymc	Ok I dont want 3D secure	13:01
twb	In practice nobody cares who signs your key, just as long as there's a hierarchy of trust that ends in something that's in the default list for firefox and ie	13:02
twb	I've heard the name instantssl(.com) being bandied about the office; I've never bothered to buy a cert myself, so I can't vouch for them personally.	13:03
garymc	How can I tell if I have OpenSSL installed on my server?	13:06
patdk-wk	hmm	13:08
patdk-wk	openssl	13:08
twb	garymc: dpkg -l, or some variation thereof.	13:08
twb	garymc: in Ubuntu (and unix in general) there are two competing implementations: OpenSSL and GNUTLS. Within Ubuntu each program is basically pre-compiled against one of the two; you don't get to pick which, but usually it should Just Work.	13:10
yann2	with likewise-open, how can I do an alias to allow user to authenticate using login instead of domain\\login ?	13:16
twb	IIRC that's proprietary software which isn't supported here	13:19
twb	The native LDAP solution is OpenLDAP (server) and PADL libpam-ldap/libnss-ldap (client).	13:19
twb	Oh, it appears to be GPL.	13:20
mgolisch	yann2: did you read its documentation?	13:30
yann2	mgolisch, went through the 100 pages yes	13:32
yann2	scrolled through and didnt find anything in that direction :(	13:32
twb	Searching for Ubuntu 10.04 "Likewise Open" yields https://help.ubuntu.com/10.04/serverguide/C/likewise-open.html	13:39
twb	So it's covered in the norma Ubuntu server guide.	13:39
=== Guest34369 is now known as BlackZ
=== BlackZ is now known as Guest50856
mgolisch	yann2: so maybe read the link twb posted	13:40
mgolisch	it covers that	13:40
mgolisch	iam sure their documentation does too	13:41
yann2	thanks	13:41
mgolisch	atleast i remember seeing that in there	13:41
yann2	ouch so that's what it meant	13:41
yann2	sorry I actually also read that page :(	13:41
mgolisch	you set the default domain	13:43
=== Guest50856 is now known as BlackZ
=== oubiwann is now known as oubiwann-away
=== oubiwann-away is now known as oubiwann
Egonis	I want to use proxyarp in ufw, and can't seem to find a howto -- I have been using shorewall all this time for basic firewall, forwarding and arp proxying.	14:51
tax	hi there	14:55
tax	anyone overhere?	14:55
pmatulis	tax: there are 297 people in this channel	14:55
tax	is there anyone that can help me configuring squid and dansguardian?	14:57
tax	sorry for my bad english	14:57
pmatulis	!ask \| tax	14:57
ubottu	tax: Please don't ask to ask a question, simply ask the question (all on ONE line and in the channel, so that others can read and follow it easily). If anyone knows the answer they will most likely reply. :-)	14:57
tax	i'm having trouble installing squid and dansguardian	15:00
garymc	Hi, ive just setup my server to use SSL but when i load up the https://www.mysite.com version. Firefox says this is an untrusted site. How do i get it to be a trusted site?	15:14
patdk-wk	get a real ssl certificate	15:17
iceflatline	garymc: you have to get a cert signed by a trusted authority. GoDaddy sells them pretty cheap.	15:20
garymc	god damn	15:20
iceflatline	If this is more or less a private server, then I wouldn't worry about it. Just add the cert to FF list of trusted authorities and be done with it.	15:22
uvirtbot	New bug: #666795 in samba (main) "package samba-common 2:3.4.0-3ubuntu5.6 failed to install/upgrade: no hi ha cap seqüència en la versió nova del paquet - s'està abandonant" [Undecided,New] https://launchpad.net/bugs/666795	15:31
uvirtbot	New bug: #666796 in samba (main) "package samba-common 2:3.4.0-3ubuntu5.6 failed to install/upgrade: no hi ha cap seqüència en la versió nova del paquet - s'està abandonant" [Undecided,New] https://launchpad.net/bugs/666796	15:31
SAngeli	sorry but I need help installing a driver for the modem	15:47
SAngeli	http://www.linuxant.com/drivers/hsf/install.php this is what I am following	15:47
SAngeli	i had ubuntu server 10.10 64 bit installed and now have 10.04 32 bit	15:48
SAngeli	I get the same error saying that I cannot install because the kernel module cannot be compiled	15:48
SAngeli	I need to install a No Pre-Compile package.	15:49
SAngeli	Could please anyone advice me what to do so that I can solve this issue and resume my work on this server?	15:49
SAngeli	I have a Conexant System softmodem (made by US Robbotics) and need the hsfmodem driver to be installed	15:50
SAngeli	Please lelp	15:50
cfairles	On an 8-cpu machine, vmstat is reporting 30k context switches a second. So thats on avg 3.75k per cpu per second... sound a little high?	15:51
SAngeli	This is whay I currently have: Distribution: Ubuntu 10.04.1	15:51
SAngeli	Kernel version: 2.6.32-24-generic-pae	15:51
SAngeli	Kernel architecture: x86	15:51
SAngeli	and this is the error I get: ERROR: The generic package is not compatible with this system since kernel modules can't be compiled. There is also no pre-compiled package available for your kernel.	15:52
SAngeli	./precompiled-vs-generic: 29: let: not found	15:52
uvirtbot	New bug: #658023 in eucalyptus "registration token computed incorrectly" [Undecided,Fix committed] https://launchpad.net/bugs/658023	15:53
MTecknology	How do I forcefully remove a broken package?	15:55
SAngeli	it seems this chanel is for the moment paused MTecknology cfairles	15:55
MTecknology	I tried aptitude purge package.. but the package is broken so it won't uninstall	15:55
cfairles	MTecknology, have you tried dpkg -P ?	15:57
MTecknology	cfairles: nope, thanks :)	15:59
SAngeli	how can I solve my issue? Anyone has an advice?	15:59
SAngeli	solve the problem, myself.	16:05
pmatulis	SAngeli: what did you do?	16:09
SAngeli	pmatulis, I start reading carefully as linux "always" writes you what is wrong and what you miss. not having so much experience with linux and being used to Microsoft GUI sometimes when I get errors I frick out rather than read. I had to install gcc	16:11
pmatulis	SAngeli: ok	16:11
blackxored	hello everybody	16:14
blackxored	I woke up this morning	16:14
blackxored	and I though It is possible to bond a ethernet interface with a wireless one	16:14
SAngeli	I am reading and trying to check if I comunicate with my modem following this first part http://www.hylafax.org/content/Handbook:Basic_Server_Configuration:Checking_your_Modem but it hangs at Connected. Is this ok to try on ubuntu? I type cu -l ttyS0 (ttyS0 being my PCI Internal modem) Or should I add sudo or ?	16:14
blackxored	if possible, how do you do it? and I'd get the same benefits as normal eth bonding: increased bandwith, HA, etc?	16:15
alcy	Anyone got a clue why I am getting "FATAL: could not load /lib/modules/2.6.35-22-server/modules.dep No such file or directory" ? This is in Virtualbox with 10.10 64-bit. Although I am able to login fine and everything else is working, but still, anyone faced this before ?	16:19
\sh	blackxored: where do you have a "increased bandwidth" with	16:23
ChmEarl	alcy, only in chroot have I ever got that msg, usually when trying to initramfs	16:23
\sh	bonding? (aka bond-mode 2)	16:23
alcy	Chm this is on a i7 cpu, so just to check I increased the no. of cpus to 8, and it works. not sure how bad a setting that is though.	16:24
ChmEarl	alcy, using $(uname -r) in chroot	16:24
alcy	uh ChmEarl	16:24
alcy	ChmEarl: might also just be vbox specific issue. will see if I run into problems.	16:26
SAngeli	Is setserial a good tool to test the internal modem? Anyone knows? When I use cu it hangs	16:28
patdk-wk	cu?	16:28
SAngeli	<patdk-wk> this is wehre I got it: http://www.hylafax.org/content/Handbook:Basic_Server_Configuration:Checking_your_Modem	16:30
patdk-wk	oh, that cu	16:30
patdk-wk	ya, cu is like telnet for modems	16:30
SAngeli	but it hangs after I run it	16:30
SAngeli	it stops at Connected	16:31
patdk-wk	it should	16:31
patdk-wk	modems only talk back	16:31
patdk-wk	did you type at and hit enter?	16:31
patdk-wk	and are you sure your talking to the modem's serial port?	16:31
SAngeli	and how shuld I get the output of what the link displays?	16:31
SAngeli	I only typed: cu -l ttyS0	16:31
SAngeli	it is wrong?	16:32
SAngeli	after I hit enter I get Connected. then I am unable to see or type anything	16:32
SAngeli	<patdk-wk> I need to make sure it works and verify its class to make sure it is for fax modem and not data	16:33
patdk-wk	hmm	16:34
patdk-wk	are you sure ttyS0 is your modem? normally it isn't	16:36
patdk-wk	setserial -a /dev/ttyS0 might give you some info	16:36
patdk-wk	but if I remember right, you where using a softmodem	16:36
SAngeli	it is not a serial modem. It is a PCI modem patdk-wk	16:38
SAngeli	yes, it is a softmodem and ttyS0 is for PCI modmes as I read.	16:38
SAngeli	I also have another modem, much older still PCI made by 3Com. Who knows if it is a softmodem or not.	16:39
SAngeli	yes, it is another winmodem	16:40
patdk-wk	you don't have pci modems :) you might have a modem with a pci interface	16:40
patdk-wk	but all modems are serial based (well a few are parallel but not many)	16:40
SAngeli	<patdk-wk> sure. This is what i was intending to say	16:40
patdk-wk	now softmodems are just soundcards, and require a program to convert	16:40
patdk-wk	but I would find it very very unlikely it's using ttyS0	16:41
patdk-wk	what does setserial -a /dev/ttyS0 say?	16:41
patdk-wk	for the first line?	16:41
SAngeli	I have to install it first	16:41
SAngeli	<patdk-wk> here is the outpup: /dev/ttyS0, Line 0, UART: 16550A, Port: 0x03f8, IRQ: 4	16:42
SAngeli	Baud_base: 115200, close_delay: 50, divisor: 0	16:42
SAngeli	closing_wait: 3000	16:42
SAngeli	Flags: spd_normal skip_test	16:42
patdk-wk	ya, that so can't be your modem	16:44
patdk-wk	what /dev/tty* devices do you have, that don't start with numbers?	16:44
SAngeli	<patdk-wk> here is the answer (if I did right):	16:46
SAngeli	/dev/ttySHSF3	16:46
SAngeli	/dev/ttySHSF4	16:46
SAngeli	/dev/ttySHSF5	16:46
SAngeli	/dev/ttySHSF6	16:46
SAngeli	/dev/ttySHSF7	16:46
SAngeli	/dev/ttySHSF0	16:46
SAngeli	/dev/ttySHSF1	16:46
SAngeli	/dev/ttySHSF2	16:46
patdk-wk	those sound much more promising :)	16:46
SAngeli	I can use scanModem as this article https://help.ubuntu.com/community/DialupModemHowto/ScanModem says	16:46
patdk-wk	looks like that connects to all nd looks for modems	16:47
patdk-wk	should work	16:47
SAngeli	so what do I have to do to check the modem status and if it is working and its specs?	16:48
sommer	ivoks: heh, I don't deny :-)	16:49
sommer	ivoks: passion motivates is my point	16:49
patdk-wk	well, I can't test that scanmodem thing, as I have no computers with modem in them at the moment	16:49
ivoks	sommer: i know	16:49
patdk-wk	(and I refuse to load that bastard softmodem for intel hda) for my laptop	16:50
patdk-wk	but once you know what device your modem is on	16:50
SAngeli	patdk-wk I am sure it is ttyS0 because if I test all other ttyS* I get unknown. Same as for ttySHSF*	16:50
patdk-wk	it's easy to send it the correct at commands to find it's abilities	16:50
SAngeli	the only one that repors properly is ttyS0	16:50
SAngeli	patdk-wk OK. What command should I send to inquiry it?	16:51
patdk-wk	that is the onboard serial port in your computer	16:51
patdk-wk	beside that +fclass thing, there is the ati0 to ati9 commands	16:51
patdk-wk	but just typing at <enter> should give you an OK or 0 reply	16:51
SAngeli	can you please give me line by line from the start? I type at but what should I start with?	16:52
patdk-wk	at	16:52
SAngeli	with at I get: Garbled time	16:52
SAngeli	patdk-wk, what should I start with? I do not have experience with it	16:55
SAngeli	is it so hard to help me? I was almost there and suddently I am alone again	17:01
=== andrewsinclair is now known as andrewsinclair-l
SAngeli	<patdk-wk> I tried cu with the correct modem (as you said) being ttySHSF0 and got this message: Connected.	17:11
SAngeli	cu: Got hangup signal	17:11
SAngeli	Disconnected.	17:11
SAngeli	<patdk-wk> any suggestion to complete my work or I have to sto hylafax as being installed and most likely running?	17:12
uvirtbot	New bug: #666862 in samba (main) "shared folders doesn't think samba is installed" [Undecided,New] https://launchpad.net/bugs/666862	17:17
uvirtbot	New bug: #663990 in vsftpd (main) "package vsftpd 2.2.2-3ubuntu6 failed to install/upgrade: 子进程已安装的 post-installation 脚本返回了错误号 1" [Undecided,New] https://launchpad.net/bugs/663990	17:33
uvirtbot	New bug: #663336 in mysql-dfsg-5.1 (main) "package mysql-server-5.1 (not installed) failed to install/upgrade: 子进程新的 pre-installation 脚本返回了错误号 1" [Undecided,New] https://launchpad.net/bugs/663336	17:37
uvirtbot	New bug: #661371 in apache2 (main) "package apache2.2-common 2.2.14-5ubuntu8.2 failed to install/upgrade: subprocess installed post-installation script returned error exit status 1" [Undecided,New] https://launchpad.net/bugs/661371	17:38
uvirtbot	New bug: #656813 in apache2 (main) "package apache2.2-common 2.2.14-5ubuntu8.2 failed to install/upgrade: subprocess installed post-installation script returned error exit status 1" [Undecided,New] https://launchpad.net/bugs/656813	17:52
=== zz_ng_ is now known as ng_
=== _TechAway_ is now known as _Techie_
uvirtbot	New bug: #579736 in samba (main) "upgrade from hardy to lucid uninstalls samba" [Undecided,New] https://launchpad.net/bugs/579736	19:11
=== _Techie_ is now known as _TechAway_
=== oubiwann is now known as oubiwann-away
=== oubiwann-away is now known as oubiwann
=== _TechAway_ is now known as _Techie_
patdk-wk	man I wish there was a version of zerofree for btrfs	20:23
yann2	sorry about going back to this : https://help.ubuntu.com/10.04/serverguide/C/likewise-open.html - after installing likewise-open on 10.4 I dont have a /etc/samba directory - though the documentation suggest I change a file there to use a default domain. Any hints?	21:08
yann2	http://ubuntuforums.org/showthread.php?t=1430347 sigh :(	21:18
=== ng_ is now known as zz_ng_
=== k56731 is now known as k5673
k5673	Yo! 'Sup!	21:39
k5673	I'm having an issue with samba/ubuntu_9.04_server. I'm getting random files/folder's names truncated. But the contents of the files are allright. Any ideas?	21:41
k5673	I'm having an issue with samba/ubuntu_9.04_server. I'm getting random files/folder's names truncated. Like FTHH9O~L, but the contents of the files are allright. Any ideas?	21:41
tax	does anyone know how is the syntax of ACL in squid3?	21:43
k5673	tax: what do you want to do?	21:46
k5673	tax: http://wiki.squid-cache.org/SquidFaq/SquidAcl	21:47
* RoyK hands k5673 a beer		21:49
RoyK	k5673: what filesystem are you using?	21:50
tax	i try to make a squid and dansguardian	21:50
tax	firewall	21:50
tax	and i'm stuck to the configuration of squid	21:51
tax	when i try to put the ip range of my localnetwork into squid.conf and allow it,	21:52
tax	i get this message and squid doesn'nt work	21:52
tax	2010/10/26 23:54:19\| WARNING: Netmasks are deprecated. Please use CIDR masks instead.	21:54
tax	2010/10/26 23:54:19\| WARNING: IPv4 netmasks are particularly nasty when used to compare IPv6 to IPv4 ranges.	21:54
tax	2010/10/26 23:54:19\| WARNING: For now we will assume you meant to write /0	21:54
k5673	ext3	21:55
k5673	RoyK: ext3	21:56
guntbert	tax: use /24 instead of /255.255.255.0	21:57
RoyK	k5673: reboot into single, or just init s, and fsck that	21:57
k5673	RoyK: I'll try it. It's my 1TB fileserver, in a highschool.	21:58
k5673	RoyK: the fail wrecked havoc among the teachers.	21:58
RoyK	k5673: if filenames are truncated, first check for data errors in dmesg	21:59
RoyK	if you have data errors, well, it's not your fault	21:59
RoyK	if it's ext3 fucking up, not your fault either	21:59
tax	can you tell me what does 24 mean?	21:59
k5673	RoyK:I know, i know.	21:59
* RoyK uses zfs for storage these days		21:59
k5673	tax: the network mask	22:00
k5673	tax: 24 stands for 255.255.255.0	22:00
RoyK	tax: 255.255.255.0 => 8.8.8.0 bits	22:00
RoyK	simple addition	22:00
tax	ok, try it at once	22:01
guntbert	tax: If you're speaking to someone in particular, please put their nickname in what you say (use !tab), or else messages get lost and it becomes confusing :)	22:02
tax	guntbert: soory, i'm new to irc	22:04
guntbert	tax: no problem :) it just makes it easier to see your responses	22:04
RoyK	!tab guntbert test	22:04
ubottu	Error: I am only a bot, please don't think I'm intelligent :)	22:04
RoyK	hm... didn't work too well	22:05
RoyK	/me uses the old commands	22:05
tax	k5673: it works	22:05
Pici	tab is a key on your keyboard...	22:05
tax	thanx to RoyK too	22:06
k5673	tax: OK	22:06
tax	k5673: so the proxy is working, but my goal is to make it work with dansguardian	22:07
tax	and to make it transparent	22:07
k5673	k5673: in order to make squid transparent, use http_port 8080 transparent, where 8080 is the port which squid is listening	22:08
=== zz_ng_ is now known as ng_
tax	k5673: I try to find how it works and i will post back here if i have some trouble	22:09
k5673	k5673: and you have to add the rules.	22:09
k5673	k5673: i have a running squid setup, but with iptables. I've never user dansguardian.	22:09
k5673	k5673: i can share my squid.conf with you.	22:10
k5673	k5673: want to see?	22:10
guntbert	k5673: don't talk to yourself :-)	22:10
k5673	Oh	22:10
RoyK	the port isn't important, but you'll need to configure squid to allow transparent connections where squid plays the webserver	22:10
k5673	Sorry	22:11
tax	k5673: ok	22:11
k5673	tax: Just redirect all the web traffic from/to your firewall to the squid	22:12
=== SasaGloc is now known as SasaGloc_afk
* SasaGloc_afk is away: Gone away for now		22:12
tax	k5673: the aadvantage of dansguardian is that it can blacklist some sites	22:13
tax	k5673: i tried to make it with firestarter, but it doesn't work fine	22:15
tax	k5673: but i have to keep it working because it was the only way to share internet connexion that was working for me	22:15
k5673	tax: http://pastebin.com/bRxzjmSF	22:16
tax	k5673: thank you	22:17
=== SasaGloc_afk is now known as SasaGloc
* SasaGloc is back.		22:18
* RoyK runs		22:18
k5673	tax: and my iptables script http://pastebin.com/6XSrLZzH	22:19
k5673	This one is important...	22:20
k5673	tax: i thing you can do a lot just using iptables.	22:20
k5673	tax: i'm managing 200 users and 8 servers with squid and iptables	22:21
k5673	In a common PC	22:21
tax	k5673: wow!	22:24
RoyK	what did I miss_	22:24
RoyK	?	22:24
tax	k5673: can you have a traffic monitoring?	22:24
k5673	tax: Evil, isn't.	22:25
k5673	tax: AND, if you wank to see what your peers are looking, just tail -f /var/log /squid/access.log	22:25
k5673	Nope. No more pizza for RoyK. Sorry.	22:26
tax	k5673: what do you mean by 'tail'?	22:26
k5673	tax: Sorry.	22:26
k5673	tax: tail -f /var/log /squid/access.log	22:26
k5673	tax: tail is a command	22:26
tax	ok	22:27
tax	k5673: ok	22:27
k5673	tax: to see the end of a file, and the -f switch makes tail follow the file in progress.	22:27
tax	k5673: i get an error	22:28
k5673	tax: let's see.	22:28
tax	==> /var/log <==	22:28
tax	tail: Erreur lors de la lecture `/var/log': est un dossier	22:28
tax	tail: /var/log: ne peut déterminer la fin de ce type de fichier; abandon sur ce nom	22:28
tax	tail: Ne peut ouvrir `/squid/access.log' en lecture: Aucun fichier ou dossier de ce type	22:28
tax	k5673	22:28
tax	k5673: sorry	22:28
k5673	tax: the file doesn't exist	22:29
Pici	get rid of the space between /var/log and /squid/access.log	22:29
tax	k5673: do i have to create it?	22:29
k5673	tax: do not worry	22:29
k5673	tax: no, the file is created by squid	22:30
tax	k5673:it was the space	22:30
tax	Pici:Thank you	22:30
Pici	tax: no problem	22:30
guntbert	!pastebin \| tax (lesson 2 :-))	22:31
ubottu	tax (lesson 2 :-)): For posting multi-line texts into the channel, please use http://paste.ubuntu.com \| To post !screenshots use http://tinyurl.com/imagebin \| !pastebinit to paste directly from command line \| Make sure you give us the URL for your paste - see also the channel topic.	22:31
tax	guntbert: sorry, didn't know	22:32
guntbert	tax: don't worry - this channel is rather quiet :-)	22:33
=== _Techie_ is now known as _TechAway_
=== _TechAway_ is now known as _Techie_
tax	back here after a few hours squid is not transparent	23:28
tax	Pici: do you know how to configure dansguardian?	23:29
Pici	tax: Sorry, no. :/	23:30
tax	Pici: and what about to make squid transparent?	23:30
=== ng_ is now known as NG_
=== Pilif12p\|afk is now known as Pilif12p

Generated by irclog2html.py 2.7 by Marius Gedminas - find it at mg.pov.lt!