[03:00] <owh> I have a hardy server with 2 x 500Gb HDD configured as a software raid1 set. The drives are almost full. I need to replace them with 2 x 2Tb drives. I have 2 sata connectors. What is the smartest way to migrate?
[03:00] <owh> Is there an RTFM someone might point me at?
[03:00] <twb> Put all four disks in the machine, configure a four-way RAID1, then remove the old pair and grow the array
[03:01] <owh> Not enough sata connectors.
[03:01] <twb> Then one way is to degrade the array first, then do the merge one-half of old and one-half of new
[03:02] <owh> Can I remove 1 x 500Gb, add 1 x 2Tb, boot from CD, then dd the data from small to large, rinse and repeat with the other two, then bring it up, then grow it?
[03:03] <twb> I suppose so, but that means your machine will be offline for the entire resync
[03:03] <twb> (You wouldn't use dd from one of the 2TBs to the other; you'd just assemble the array.)
[03:04] <owh> Yeah, I was thinking dd from each of the 500Gb to each of the 2Tb.
[03:04] <twb> It's a mirror
[03:04] <twb> there's no point doing that
[03:05] <owh> You're suggesting, degrade the array, shutdown, remove 1 drive, add a new drive, add the new drive to the array, resync, degrade the array again, add the other new drive - right?
[03:06] <twb> shut down, replace one 500Gb with one 2TB; bootdegraded from the remaining 500GB, add the 2TB to the array, let it resync.
[03:06] <owh> Right, and then rinse and repeat.
[03:06] <twb> Then, shut down, replace the remaining 500GB with the second 2TB, bootdegraded from the first 2TB, add the second to the array
[03:06] <twb> Finally, call mdadm with the appropriate command to say "notice that there's more space now"
[03:07] <qman__> that's not enough though, you still need to expand the filesystem afterward
[03:07] <twb> --grow, I think.  I haven't done it for a while
[03:07] <qman__> whcih is an offline operation
[03:07] <twb> qman__: not on ext3
[03:07] <qman__> in any case, it's quite time consuming
[03:07] <twb> A resize2fs *grow* takes negligible time
[03:08] <twb> It's probably O(n), but the k is quite small
[03:08] <qman__> I meant the process as a whole
[03:08] <twb> Granted
[03:08] <owh> And I'm partitioning the 2Tb the same as the 500Gb?
[03:09] <qman__> taking more space, of course
[03:09] <owh> Or am I partitioning it in the way that I want it to become?
[03:09] <qman__> if your 500GB is one full-size raid partition, your 2TB would be one full size raid partition
[03:09] <owh> No, two partitions, swap and /
[03:10] <qman__> I guess that's a bad way to explain it
[03:10] <qman__> you want the new raid partition to be the size of the new raid
[03:10] <owh> And mdadm won't choke that the partitions are not the same size?
[03:11] <qman__> of course not
[03:11] <qman__> it uses the full capacity of the smallest device in the raid
[03:11] <twb> owh: the partitions on the new disks should be full size
[03:11] <qman__> the extra space is simply wasted until you eliminate the small disk and grow the array
[03:12] <twb> Yep
[03:12] <owh> Excellent, seems we have a plan. Any gotchas?
[03:12] <twb> owh: the case edges are probably sharp
[03:12] <qman__> you will not be redundant while it's resyncing
[03:12] <owh> ROTFL
[03:12] <owh> qman__: Yeah
[03:12] <qman__> so don't do something silly like wiping your 500GB drive before everything is said and done
[03:13] <owh> I wasn't intending to wipe it at all - nice offline backup :)
[03:14] <qman__> you'd think that would go without saying, but I've seen people do it
[03:14] <owh> Any merit in making home a new partition on the new large drive.
[03:14] <qman__> that's why I mention it
[03:14] <owh> qman__: fair enough
[03:14] <qman__> not really
[03:14] <qman__> the only reason you might do that is convenience if you wipe / frequently
[03:14] <qman__> or if you use encrypted filesystems
[03:15] <owh> No, more from a perspective that silly users cannot fill the server / and bring it down :)
[03:15] <qman__> that's what quotas are for
[03:15] <qman__> filling home will prevent users from logging on
[03:15] <owh> :)
[03:16] <twb> On any multi-user system, I always make user data separate from the OS
[03:16] <qman__> there's certainly good reasons to do it
[03:17] <owh> Yeah, this is a *historic* server and I'm trying to regain some composure while attempting to avoid shooting my foot off with a large cannon.
[03:17] <qman__> but it's not a necessity, and it will involve more downtime
[03:17] <qman__> up to you
[03:17] <twb> Of course, I'd also be using LVM
[03:17] <owh> This will be over the weekend, so I'm expecting to at least have the server up and syncing in 48 hours, down-time over the weekend not so much an issue.
[03:17] <qman__> resyncing 2TB can take considerably longer than 48 hours
[03:18] <owh> twb: I've been shy to use LVM, last time I used it, it ate my data.
[03:18] <owh> qman__: Only 500Gb, not 2Tb.
[03:18] <katronixserf> Hi all, can someone tell me which Firewall Jaunty came with?
[03:18] <twb> katronixserf: linux only has one firewall: netfilter
[03:18] <katronixserf> oh ok, not iptables?
[03:18] <twb> iptables is the UI for netfilter
[03:19] <qman__> and UFW is a frontend for iptables
[03:19] <twb> Right
[03:19] <qman__> owh, I see three resync operations, 500GB to the first 2TB, 500GB to the second 2TB, and then the expansion operation
[03:20] <twb> qman__: the third isn't a resync
[03:20] <owh> qman__: Right, but I only need to be on-site for the first one, since I'll need to reboot before 1, between 1 and 2, the rest shouldn't affect connectivity.
[03:20] <katronixserf> does: http://pastebin.com/vKRMSptr mean nothing is blocked?
[03:21] <qman__> that's true, I'm forgetting this is raid 1, not raid 5/6
[03:21] <twb> katronixserf: in the filter table, yes.
[03:21] <qman__> I added two drives to a raid 5 and it took over three days to finish expanding
[03:21] <twb> katronixserf: you could be doing something silly in the nat, mangle, raw tables, etc.
[03:21] <owh> How much should I budget for the first 500Gb sync?
[03:22] <katronixserf> haven't touched it, tried running an app that connects using port 9000, and wanted to see if it was being blocked or not
[03:23] <qman__> katronixserf, ubuntu has, by default, an accept all policy with no rules
[03:23] <qman__> in essence no firewall, just the kernel modules
[03:23] <katronixserf> k
[03:24] <qman__> owh, that depends a lot on how fast your disks are
[03:24] <qman__> I'm going to take a fairly safe guess at 80MB/s
[03:24] <qman__> if you tweak the kernel to allow full speed syncing, that would theoretically be the same as a flat dd
[03:25] <qman__> quick calculator suggests about 2 hours
[03:26] <owh> So, double it, add 1 for good measure, 5 - that's doable :-)
[03:27] <qman__> but yeah, make sure you tweak the kernel during the resync
[03:27] <owh> How?
[03:27] <qman__> it has settings that slow it down to prevent excessive iowait during operations on an active server
[03:27] <owh> Which RTFM should I consult?
[03:27] <qman__> http://www.cyberciti.biz/tips/linux-raid-increase-resync-rebuild-speed.html
[03:28] <owh> Niice
[03:29] <qman__> if you just set them absurdly high it'll go full speed
[03:29] <qman__> no need to change any configuration, just echo to proc
[03:29] <owh> It won't lock the console?
[03:29] <qman__> no
[03:29] <owh> Excellent.
[03:29] <qman__> the system's actually quite responsive
[03:29]  * owh guesses that booting in single mode would be a GOOD IDEA.
[03:30] <qman__> I did on mine
[03:30] <owh> Yeah, as I said, no users to worry about :)
[03:30] <qman__> you don't have to, but I wasn't taking any risks
[03:32] <owh> I've heard suggestions, in addition to those uttered by twb to use LVM, but as I said, last time it ate my data - very, very unhappy, since it didn't eat it when I did it, just later when the users were actually using the system. As luck would have it, right before the regular backup :(
[03:32] <owh> Any comments about why I should consider LVM?
[03:33] <twb> Because it allows you to resize partitions on the fly, and to move them between disks -- without an outage
[03:33] <twb> In particular, it allows you to allocate only (say) 2GB to / and 10GB to /home, and increase this later when the users whinge
[03:34] <owh> So this would be useful in a high-availability environment, not so much in a - we can fix it on the weekend environment?
[03:35] <owh> In essence, I'd be adding another layer of abstraction between the os and the drive - right?
[03:38] <qman__> you use LVM basically instead of partitioning, though with a RAID the order is different
[03:38] <qman__> in non-raid, it goes full-disk partition, LVM, filesystems
[03:39] <qman__> in raid, it goes full disk partition, mdadm, LVM, filesystems
[03:41] <owh> I understand. I cannot do a full disk partition software raid with 2 sata connectors and only two drives - or did I miss something?
[03:41] <qman__> you could
[03:41] <qman__> but it would be very difficult to convert what you have to that
[03:42] <qman__> or at least a lot more difficult than if you could hook all the drives up
[03:42] <qman__> also of note, I normally put /boot outside any LVM or raid to avoid any hassles with grub
[03:43] <qman__> but 255MB off the size of the raid is insignificant with today's disk sizes
[03:43] <owh> Well, theoretically I could connect the sata drives via two sata/usb adapters, but I'm not sure what that gains me, other than a slower resync.
[03:44] <owh> s/slower/much much slower/
[03:44] <qman__> yeah, looking at about 40MB/s if each disk is on a separate controller
[03:45] <owh> In return for time, do I get some other benefits that don't appear obvious to me?
[03:47] <qman__> well, you don't have to open your server as many times
[03:47] <qman__> and normally, it would be a time saving operation
[03:48] <owh> Other than that the first resync would take much longer and I'd still need to be there to do the final swap.
[03:50] <owh> Well, this has been enlightening, thanks qman__ and twb, much appreciated.
[04:48] <katronixserf> which package provides cmp?
[04:54] <owh> katronixserf: diff
[04:55] <twb> katronixserf: dpkg -S or apt-file will tell you
[04:55] <owh> twb: dpkg will only tell if you have it already installed.
[04:59] <twb> owh: hence apt-file
[05:01] <owh> twb: Fair enough :)
[05:10] <twb> If I have a hardy NFS server and a bunch of harder workstations, and I want user quotas, do I need to install "quota" on the client machines?
[05:10] <twb> IIRC I only need to install it on the server itself, and that's only to modify/inspect quotas -- the actual quota enforcement is entirely done in the kernel.
[06:46] <yuri_sevatz> hello
[06:46] <yuri_sevatz> I'm having an issue with the installer cd getting stuck at "Configuring linux-image-2.6.35"
[06:46] <yuri_sevatz> did a verification and the cd integrity said perfect
[06:47] <yuri_sevatz> this is the 10.10 edition
[06:49]  * RoyK += 0xc0ffee
[07:02] <Error404NotFound> i am trying to generate a multidomain ssl, but when i visit second domain firefox reports that cert is only valid for domain1, http://pastebin.com/1ANmNUKY
[07:08] <Error404NotFound> even tried with: http://pastebin.com/pXV5krTk (new conf at bottom)
[07:11] <Error404NotFound> updated pastebin: http://pastebin.com/Cwq89rRX
[07:21] <Error404NotFound> further updated: http://pastebin.com/7gz03Mrt seems like method 1 doesn't work at all
[07:43] <git__> anyone here work with sheepdog ?
[08:32] <a_ok> what is the best place to add a location to path for all users?
[08:43] <\sh> a_ok: /etc/login.defs ?
[08:45] <a_ok> \sh: well accourding to the documentation I just found /etc/envirionment. never knew of login.defs
[08:46] <\sh> a_ok: yes that's also possible...depending on when and where you want to use the paths
[08:47] <Error404NotFound> a_ok, environment is the recommended place, there are other places as well, but conventionally /etc/environment has been used to define global settings such as PATH, HTTP_PROXY, JAVA_HOME, etc
[08:48] <a_ok> \sh: when do I want to use login.defs?
[09:36] <theblueone> can anyone point me to the location upstart logs process output to by default?
[09:36] <theblueone> I can't seem to find this anywhere
[09:47] <ghaleb> hello, I have ubuntu-server 8.10 installed and configured on server, and I moved the os disk to another server and it's not working, when the kernel starts it ends up with errors in modprob and starts initramfs, any help what to do ?
[10:18] <drcode> hi all
[10:18] <drcode> I can't make samba with printer to work
[10:18] <drcode> I am running on ubuntu 10.04
[10:19] <drcode> I have strange this error:
[10:19] <drcode> [2010/10/27 11:17:06,  0] smbd/server.c:1115(main)
[10:19] <drcode>   standard input is not a socket, assuming -D option
[10:19] <drcode>  any idea?
[10:22] <twister004> hi guys.. during ubuntu 10.04 server installation, i selected 'do not update'and now, when i do an 'apt-get install <pkg>', it gives the following errors: "Couldn't find the package".. please advise if there is anything i can do to prevent this
[10:23] <twister004> i have uncommented entries in the sources.list file
[10:25] <mike9055> is there anyway i can see how much data my server has transfered to a certain ip
[10:27] <_bt> twister004: suso apt-get update
[10:27] <_bt> sorry   "sudo"
[10:29] <twister004> i did that
[10:31] <twister004> i get errors... Failed to fetch http://us.archive.ubuntu.com.......... Hash Sum mismatch
[10:35] <jpds> twister004: Are you behind a proxy?
[10:35] <twister004> no
[10:35] <twister004> i did a apt-get clean
[10:36] <twister004> and ... apt-get update && apt-get upgrade
[10:36] <twister004> seems to be downloading something
[10:39] <jpds> twister004: Try: sudo apt-get -o Acquire::http::No-Cache=true update
[10:40] <twister004> yes.. i did that
[10:40] <jpds> With the No-cache flag/
[10:42] <twister004> yes
[10:42] <jpds> Righto.
[10:42] <twister004> it's downloading some stuff now...
[10:42] <twister004> ill try downloading the app and check
[10:42] <twister004> thanks a lot!!!
[11:32] <binBASH> http://lackrack.org/
[11:32] <binBASH> haha, this is nice idea ;)
[12:21] <cemc> I have a 10.04 with snmpd on it. every time there's a request from another machine, the snmpd daemon writes a log entry "Connection from UDP etc etc". how can I disable that?
[12:41] <joschi> cemc: http://raetsel.wordpress.com/2008/02/15/snmpd-filling-up-varlogmessages/
[12:41] <joschi> cemc: alternatively filter these messages in your syslog daemon
[12:43] <cemc> joschi: mhm, thanks. found it in the meantime
[12:44] <MrWise> running cap deploy, it asks for my git user pass twice, then just goes "Password:" and no matter what I type in I get permission denied
[12:44] <MrWise> any ideas as of what I'm doing wrong? :|
[13:42] <AndyGraybeal> hi, i'm having a problem destroying a machine; it says it times out.
[13:42] <AndyGraybeal> what do i do to kill it?
[13:43] <AndyGraybeal> i'm using libvirt's virsh with kvm
[13:43] <k5673> AndyGrayBeal: A virtual one?
[13:43] <k5673> Ah
[13:43] <AndyGraybeal> yes, no power button on this guy
[13:44] <k5673> AndyGrayBeal: I'm having issues shuting down the machine, not destroying it
[13:44] <AndyGraybeal> yea, i can't connect, shutdown or destroy :(
[13:44] <AndyGraybeal> if there was a virtual knife .....
[13:44] <k5673> AndyGrayBeal: No idea. Are you controlling a remote kvm or local one?
[13:44] <AndyGraybeal> local
[13:45] <AndyGraybeal> the other virtual machines are running just fine
[13:45] <binBASH> AndyGraybeal: ps -ef|grep kvm
[13:45] <binBASH> :D
[13:46] <binBASH> and how you kill processes?
[13:46] <k5673> AndyGrayBeal: You can destroy them using virt-manager
[13:47] <AndyGraybeal> k5673: i've tried tht too.. it acts the same as virsh
[13:47] <binBASH> and yup with virt-manager you can see their console as well
[13:47] <AndyGraybeal> binBASH: i can't connect to it
[13:47] <binBASH> you can't connect to it with virt-manager?
[13:47] <binBASH> weird ;)
[13:48] <AndyGraybeal> yea, virt-viewer doesn't work either
[13:48] <binBASH> or do you mean, virt-manager is unable to connect to your libvirt daemon?
[13:48] <k5673> So, there's your problem
[13:49] <AndyGraybeal> virt-manager connects to libvirt fine, i can connect to my other machines just fine.  they are all running just fine.
[13:49] <k5673> AndyGraybeal: can you see anything running virsh --connect qemu:///system list
[13:49] <k5673> AndyGraybeal: ?
[13:49] <AndyGraybeal> yes, that works stupendously.
[13:49] <binBASH> ok
[13:49] <k5673> AndyGraybeal: OK
[13:49] <AndyGraybeal> it's specifically one machine that times out
[13:49] <AndyGraybeal> binBASH: i will try to destroy the process now
[13:49] <binBASH> yup
[13:50] <binBASH> try it
[13:50] <binBASH> then restart the machine in virt-manager and open the console
[13:50] <binBASH> maybe you can see what's the issue
[13:51] <AndyGraybeal> that appears to have worked.
[13:51] <mrpeters-isl> hey all anyone here use virt-manager and know the trick to getting a virt-manager graphical console to the dom0 is?  just simply instaling a vnc server on dom0?  something else?  Ubuntu 10.04 for virt-manager but Debian Lenny dom0's
[13:51] <k5673> AndyGraybeal: Maybe is an issue with the ACPI support for your guests
[13:51] <AndyGraybeal> k5673: i'm not sure, it's ubuntu 10.04 on ubuntu 10.04
[13:51] <sommer> morning
[13:52] <k5673> morning
[13:52] <k5673> AndyGraybeal: It can be possible
[13:52] <k5673> AndyGraybeal: May be.
[13:53] <k5673> AndyGraybeal: Remember. The destroy feature lis like unplugging the power cord from the wall. Or pressing the power button for 4 seconds. That behavior is controlled by ACPI
[13:53] <AndyGraybeal> well it has worked fine until today
[13:53] <AndyGraybeal> this morning
[13:54] <k5673> AndyGraybeal: Can you see ACPI errors in dmesg | more, inside your guest?
[13:54] <AndyGraybeal> lemme look
[13:54] <k5673> AndyGraybeal: Ah
[13:54] <k5673> AndyGraybeal: It's just an idea...
[13:54] <AndyGraybeal> nope no errros in dmesg
[13:55] <k5673> AndyGraybeal: Mmmmmmm
[13:57] <AndyGraybeal> it's working now, killing the process allievated whatever issue was happening.
[13:57] <AndyGraybeal> :)
[14:05] <k5673> AndyGraybeal: What process? KVM?
[14:22] <garymc> Anyone ever bought a SSL certificate? I bought one yesterday from Godadddy but its PENDING. Anyone know how long it takes till i can use this SSL certificate on my server?
[14:36] <AndyGraybeal> garymc: i want to buy some from startssl
[14:37] <patdk-wk> pending? what kind of cert did you get? normally it's like a few min
[14:37] <patdk-wk> unless you get one that needs some kind of background check
[14:39] <garymc> I got the best one they did
[14:39] <garymc> they say they are doing checks
[14:39] <garymc> taking ages pissing me right off
[15:57] <MrWise> I accidentally chmod -R 777 /
[15:57] <MrWise> am I fucked? :|
[15:57] <patdk-wk> use the undo command :)
[15:57] <MrWise> sorry, what?
[15:58] <MrWise> I have nothing that runns from 'undo'
[15:58] <patdk-wk> I'm joking
[15:58] <MrWise> :|
[15:58] <patdk-wk> pretty much, going be annoying as hell to fix
[15:59] <MrWise> chmod SHOULD have an undo command :P
[15:59] <patdk-wk> that would be your filesystem :)
[16:05] <alvin> (I did the same some 9 years ago on a live production system.) Did the command complete, or did you interrupt?
[16:07] <MrWise> it completed
[16:24] <patdk-wk> how can I get a user to have access to raw disks?
[16:25] <patdk-wk> I added the user to the disk group, but it's just not going
[16:36] <pmatulis> MrWise: i recommend a re-install
[16:37] <patdk-wk> ah fixed it, had to reloging to notice the new group
[16:57] <Reyuken> does anybody know if the pure-ftpd package is still in a repository?
[16:57] <lau> I got smbd INTERNAL ERROR: Signal 11 I tried to get a gdb backtrace of the smbd process
[16:57] <Reyuken> i clearly installed universe, but it gives me a cant find package error
[16:57] <lau> http://dpaste.com/265175/ but i am not familiar with those symbols
[16:57] <Reyuken> http://paste-it.net/public/p84f849/
[16:57] <lau> Reyuken: did you try packages.ubuntu.com ?
[16:58] <Reyuken> hmm
[16:58] <Reyuken> ill try adding that one
[16:58] <lau> no check the http://packages.ubuntu.com
[16:58] <etcetera> how intensive is it for rsync to sync a directory of thousands of files to an ftp every 5 seconds or so?
[17:00] <rbnicknej> Reyuken, I found pure-ftpd package in lucid/universe
[17:01] <Reyuken> i Think i added that one
[17:01] <Reyuken> as shown in the paste-it above
[17:02] <etcetera> anyone? we are doing something similar on windows with a 3rd party utility, and we know the rsync algo is pretty fast.
[17:02] <etcetera> just not sure how well it handles large batches of < 1KB files.
[17:03] <patdk-wk> etcetera, depends
[17:04] <patdk-wk> it syncs millions of files for me pretty damned quick
[17:04] <patdk-wk> it's harddrive intensive though, if all those files metadata doesn't fit in ram
[17:05] <etcetera> patdk-wk: yea, not near millions of files.
[17:05] <etcetera> we clear out stuff older than a day every day.
[17:05] <etcetera> maybe thousands, < 100K / day.
[17:05] <rbnicknej> Reyuken, you try 'sudo apt-get update && sudo apt-get upgrade' after adding them?
[17:05] <patdk-wk> what I don't know is exactly how much bandwidth that will use up
[17:06] <patdk-wk> using unison instead, will keep bandwidth down to basically nothing, if files don't change
[17:15] <etcetera> patdk-wk: right we are only syncing new files.
[17:16] <patdk-wk> doesn't matter if you sync only new or not
[17:16] <patdk-wk> it still has to check the metadata to know what is new or not
[17:17] <etcetera> right, obviouly you're IO bound.
[17:20] <patdk-wk> na, I'm not io bound, my metadata fits in ram nicely, and stays there :)
[17:21] <etcetera> patdk-wk: how does it get disposed?
[17:21] <patdk-wk> disposed?
[17:21] <patdk-wk> it's cache data, if the system needs the ram for something else, out it goes
[17:28] <LowValueTarget> WTH.... i just had a db consultant tell one of my clients that Ubuntu is not good for a MySQL environment
[17:29] <etcetera> most people are stupid, let the benchmarks speak for your specific use case.
[17:29] <LowValueTarget> etcetera: this was Percona.... the "MySQL Experts"
[17:36] <ChmEarl> LowValueTarget, BestPractical uses latest Ubuntu to host their site (rt3 authors)
[17:38] <zul__> everyone has their own agenda
 Reyuken, you try 'sudo apt-get update && sudo apt-get upgrade' after adding them?
[17:43] <Reyuken> hah that, works, thanks alot!
[17:44] <Reyuken> im such a newbie when it comes to linux
[17:48] <ciastek> where should i write about wrong information in ubuntu server guide?
[17:48] <etcetera> LowValueTarget: who cares?
[17:48] <etcetera> I plan on using postgres + ubuntu on the server.
[17:49] <etcetera> and Windows on the web server.
[17:49] <jcastro> ciastek: is it on the wiki?
[17:49] <LowValueTarget> etcetera: just bothers me
[17:49] <etcetera> it's appropriate for my use case and by budget.
[17:49] <jcastro> you can just fix it
[17:49] <etcetera> let them show you why.
[17:49] <LowValueTarget> we deploy hundreds of ubuntu servers
[17:49] <LowValueTarget> i just called them asking for benchmarks... none
[17:49] <LowValueTarget> must be the consultants personal pref
[17:49] <jcastro> ciastek: asommer can help you but we're at UDS this week so not on irc so much. If it's on the wiki and wrong dive in and fix it. :)
[17:50] <ninja1> When i try to do /oper on my ircd-hybrid server i always get wrong password even if i wrote right password, someone had this problem before?
[17:50] <ciastek> jcastro: it's not wiki, but i've found launchpad page for ubuntu-docs, so i fill a bug here
[17:50] <ciastek> jcastro: thank you
[17:50] <etcetera> LowValueTarget: what do they prefer?
[18:02] <Error404NotFound> can i ask an openssl related question here?
[18:27] <tax> I would like to install a mailserver (pop3, smtp), what is the best way to do it?
[18:29] <cfairles> tax, https://help.ubuntu.com/10.04/serverguide/C/email-services.html
[18:30] <tax> k5673: thnak you for your help yesterday, i succeeded in my firewall made of squid firestarter and dansguardia
[18:30] <cfairles> tax, i think dovecot is the most popular for an MDA, i dont really know though, i use postfix for an MTA
[18:33] <etcetera> is anyone using zimbra on ubuntu?
[18:33] <etcetera> the server component.
[18:39] <lieuwe> hey, i'm looking for a torrent client for on my server, so it needs an webinterface. but google isn't really helping, any ideas?
[18:39] <jeiworth> lieuwe: mldonkey
[18:40] <tax> cfairles: can you have the same users on the both of them?
[18:41] <Pici> lieuwe: transmission-daemon provides a web interface.
[18:44] <tax> does anyone know how to use exim?
[18:46] <k5673> tax:OK
[18:52] <progre55> hi people. I upgraded libc6 from backports, but now I want to downgrade. when I say "apt-get remove libc6" ubuntu wants to remove half of my server. any suggestions, please?
[18:56] <Error404NotFound> progre55, disable backports and may be try apt-get install --reinstall, not sure if that will work or not
[18:57] <Error404NotFound> progre55, using backports/proposed on production environments is really a good idea btw
[18:59] <progre55> thanks, I'll try that
[19:02] <progre55> Error404NotFound: now when I open the link, it's offering me the php file to download.. I think I've broken some config files..
[19:03] <progre55> it's actually a phtml file
[19:03] <Error404NotFound> progre55, which link?
[19:04] <Error404NotFound> progre55, webserver? make sure you have php module loaded, try apache2ctl -l, that small "L"
[19:05] <progre55> Error404NotFound: actually, I have the php mod enabled, just forgot to add .phtml to AddType in the apache conf file =)
[19:05] <Error404NotFound> progre55, that was "apache2ctl -t -D DUMP_MODULES" to list all modules
[19:05] <Error404NotFound> progre55, aah, great
[19:06] <Error404NotFound> so it works now?
[19:06] <progre55> sec, let me try restarting it now
[19:10] <progre55> Error404NotFound: well, still now working
[19:10] <progre55> and there is php5_module loaded
[19:16] <Error404NotFound> progre55, are you using userdir?
[19:16] <progre55> in apache?
[19:16] <Error404NotFound> progre55, yes
[19:17] <progre55> Error404NotFound: no
[19:17] <Error404NotFound> progre55, what if you try with a .php instead of .phtml?
[19:19] <progre55> Error404NotFound: oh, it's working.. I guess it was my browser cache =)
[19:19] <progre55> when I opened it with a different browser, it works fine
[19:19] <Error404NotFound> progre55, good..
[19:19] <progre55> Error404NotFound: pardon my ignorance =)
[19:19] <progre55> Error404NotFound: thanks a lot for the support
[19:19] <Error404NotFound> progre55, at these times using Incognito/private browsing mode, thats good for testing
[19:20] <progre55> I'll consider that, thanks
[19:52] <ivoks> is ubuntu one really running on IIS?
[19:53] <ivoks> i got IIS's error at one point
[19:53] <ivoks> it's powered by 7digital, so i guess it's their server
[20:04] <Reyuken> when i do usermod -d it strangely tells me the user is currently logged in
[20:05] <Reyuken> but the who command only shows root as logged in ?
[20:06] <lieuwe> is it possible to set up an samba share so that it's password protected?
[20:08] <patdk-wk> heh? you can password protect stuff?
[20:08] <patdk-wk> normally you just limit users to shares, then the user is required to enter their password, therefor protected
[20:10] <lieuwe> patdk-wk: indeed, but there are three shares. two of which should only be accessible to the lan, one of which should be public and have a pw
[20:10] <patdk-wk> so?
[20:10] <lieuwe> patdk-wk: i don't want the two lan shares to have a password
[20:11] <RoyK> lieuwe: still running with security = share?
[20:11] <lieuwe> RoyK: yes, my parents need to acces it and they forget passwords like shit
[20:11] <RoyK> lieuwe: you can't combine share security with authentication
[20:11] <lieuwe> RoyK: sure? no way to do something like this?
[20:11] <patdk-wk> but you can easily make a guest user :)
[20:11] <RoyK> not that I know about
[20:11] <lieuwe> FFFUUU
[20:12] <lieuwe> RoyK: thanks :-3
[20:12] <RoyK> lieuwe: create a user guest passwd guest
[20:12] <RoyK> allow that user access to the 'public' areas
[20:12] <RoyK> set security = user
[20:12] <RoyK> case closed
[20:12] <patdk-wk> this is where I don't know about samba that much
[20:12] <lieuwe> RoyK: too difficult for my peeps :-/
[20:12] <patdk-wk> but can you limit a user login to source ip's? or share access based on ip?
[20:12] <patdk-wk> that would fix it up fine
[20:12] <ivoks> bad user = guest
[20:12] <RoyK> lieuwe: just save the password on their boxes while mapping the shares
[20:13] <ivoks> allways use security = user
[20:13] <lieuwe> hmehhhmmmmmpfffffffffffff
[20:13] <RoyK> patdk-wk: you can only allow/disallow from IPs
[20:13] <lieuwe> RoyK: ip ranges?
[20:13] <patdk-wk> I know, but he wants to allow/disallow shares
[20:13] <patdk-wk> the shares that have guest
[20:14] <patdk-wk> so that would work
[20:14] <_Techie_> does samba allow for authentication on a per IP basis?
[20:14] <RoyK> ivoks: he was on some time back and wanted to know how to share to everyone in the household, so I told him security = share will _turn_off_ auth, which was what he wanted at that time
[20:14] <patdk-wk> unless the allow/disallow is samba global
[20:14] <RoyK> _Techie_: not that I know
[20:14] <ivoks> RoyK: even that's bad
[20:14] <ivoks> RoyK: vista and 7 probably won't work with that setup
[20:14] <RoyK> ivoks: it's a choice
[20:15] <RoyK> ivoks: it does
[20:15] <ivoks> map to guest = Bad User
[20:15] <ivoks> if you have a share that need auth
[20:15] <ivoks> and a share that doesn't need it
[20:15] <ivoks> then set up security = user
[20:15] <ivoks> and for public shares add
[20:15] <ivoks> map to guest = Bad User
[20:15] <ivoks> that's it
[20:15] <patdk-wk> hmm
[20:15] <RoyK> ivoks: samba will still ask for auth for those connections
[20:15] <ivoks> it won't
[20:16] <patdk-wk> maybe I am reading this wrong
[20:16] <ivoks> so:
[20:16] <patdk-wk> "but there are three shares. two of which should only be accessible to the lan, one of which should be public and have a pw"
[20:16] <ivoks> [global]
[20:16] <ivoks>     security = user
[20:16] <patdk-wk> that mean two for local network with guest access, and one world accesable?
[20:16] <ivoks> [private_share]
[20:16] <ivoks>   guest ok = no
[20:16] <ivoks> [public_share]
[20:16] <ivoks>   guest ok = yes
[20:17] <ivoks>   map to guest = Bad User
[20:17] <RoyK> ivoks: that will still ask for authentication
[20:17] <lieuwe> patdk-wk: no, the two lans should be without pass, and the global one with
[20:17] <qman__> depends on your client
[20:17] <RoyK> ivoks: also, please use a pastebin for that sort of multiline output
[20:17] <patdk-wk> lieuwe, yes, but what is the definition of GLOBAL?
[20:17] <patdk-wk> world wide over the internet?
[20:17] <qman__> depending on the policy set, many versions of windows will simply auth as guest
[20:17] <patdk-wk> cause that doesn't work
[20:17] <lieuwe> patdk-wk: world wide
[20:17] <patdk-wk> won't work
[20:17] <qman__> which has caused me all sorts of trouble in the past
[20:17] <patdk-wk> use a vpn
[20:17] <lieuwe> patdk-wk: why wont it work?
[20:17] <qman__> yeah, you can't use samba over the net directly
[20:18]  * RoyK wonders what some people in here are smoking
[20:18] <qman__> it's not a routable protocol
[20:18] <lieuwe> wtf
[20:18] <patdk-wk> hehe
[20:18] <lieuwe> why not? seems awfully limited
[20:18] <patdk-wk> most isp's block the ports samba uses, for good purpose
[20:18] <qman__> well, it is routable, but yeah
[20:18] <_Techie_> qman__, i could prolly get samba working on the net, but have no needd for it
[20:18] <qman__> the name service isn't
[20:18] <_Techie_> quite easily
[20:18] <qman__> and most places block it
[20:19] <_Techie_> port 445
[20:19] <RoyK> qman__: netbeui is not routable, but samba uses this protocol called IP, see, so it's routable
[20:19]  * patdk-wk doesn't use winserv
[20:19] <ivoks> http://pastebin.com/3A3gv5sk
[20:19] <ivoks> this works
[20:19] <ivoks> those that don't belive, read smb.conf or try
[20:19] <ivoks> of course, add other variables
[20:19] <patdk-wk> ivoks, yes, but that doesn't answer his question :)
[20:20] <patdk-wk> getting that public share to work with user auth, over the internet :)
[20:20] <ivoks> over the internet?
[20:20] <patdk-wk> yep
[20:20] <ivoks> smb over the internet?
[20:20] <ivoks> do not do that
[20:20] <qman__> even if you could, it's still a bad idea
[20:20] <ivoks> period.
[20:20] <qman__> use sftp
[20:20] <lieuwe> okay, i get the point, never mind :P
[20:20] <ivoks> if you need something like that, setup webdav
[20:20] <lieuwe> i better just host some files using apache then...
[20:21]  * patdk-wk just uses ipsec/openvpn/....
[20:24] <sobersabre> hi guys.
[20:24] <sobersabre> what's the "right" way to install an init script ?
[20:24] <RoyK> SMB/CIFS over the internet is a PITA - the protocol is so chatty it'll slow down your multimegabit connection down to a single B-channel ISDN link for random access
[20:24] <sobersabre> I'm reading insserv manual, and I don't see examples of usage.
[20:25] <sobersabre> is insserv "the" way ? or update-rc.d ?
[20:25] <sobersabre> (I'm on 10.04)
[20:25] <qman__> well, 10.04 is most of the way changed over to upstart
[20:25] <sobersabre> qman__: so ... what do I do ?
[20:25] <qman__> so only a few straggling init scripts left
[20:25] <ivoks> sobersabre: copy it in /etc/init.d/ and then update-rc.d
[20:26] <sobersabre> ivoks: but I looked in /etc/rc2.d and it has SO few scripts in there.
[20:26] <sobersabre> so, I assume more scripts have been invoked, because of some changes.
[20:26] <sobersabre> and I haven't been in sync with this.
[20:26] <ivoks> sobersabre: ubuntu is moving to upstart
[20:26] <ivoks> sobersabre: those are in /etc/init/
[20:27] <sobersabre> ivoks:  so what do I do, how do I use upstart ?
[20:27] <sobersabre> I ran insserv, and got many warnings, loops, etc.
[20:27] <qman__> the entire sysvinit in 10.04 is just compatibility
[20:27] <Reyuken> does anybody know how to create a user with ftp access to / ?
[20:27] <ivoks> i administred debian/ubuntu systems for more than a decade
[20:28] <ivoks> i've never used insserv :)
[20:28] <Reyuken> i know i shouldnt change a users home directory to /
[20:28] <qman__> you shouldn't be using ftp
[20:28] <patdk-wk> never used insserv also
[20:28] <sobersabre> ivoks: I am running the script as S99 and it's supposed to be the last.
[20:28] <sobersabre> but it IS NOT running the last.
[20:28] <ivoks> sobersabre: it's not the last
[20:28] <soren> sobersabre: Why does it need to be last?
[20:28] <qman__> especially if you're not locked down to a chroot
[20:28] <ivoks> sobersabre: i told you, ubuntu is moving to upstart
[20:28] <Reyuken> i just want something to move files over easily to my server
[20:28] <ivoks> upstart works differently
[20:29] <sobersabre> ivoks: I'm at its homepage.
[20:29] <Reyuken> ftp would be a good option imo
[20:29] <qman__> Reyuken, use sftp
[20:29] <qman__> it's part of SSH, which you probably have anyway
[20:29] <ivoks> sobersabre: look at some examples in /etc/init/
[20:29] <sobersabre> how do I upstart myself ? :)
[20:29] <qman__> and, FTP is never a good option
[20:29] <sobersabre> init!
[20:29] <sobersabre> ok.
[20:29] <sobersabre> moment.
[20:29] <ivoks> sobersabre: figure out what your program requires to start
[20:29] <soren> sobersabre: Again, why does it need to be last?
[20:30] <sobersabre> soren: I don't have time to investigate who it depends upon.
[20:30] <soren> sobersabre: What is it?
[20:31] <sobersabre> if it runs manually after the system has been up
[20:31] <ivoks> soren: it's a secret :)
[20:31] <sobersabre> it brings up a bridge and nas interface
[20:31] <soren> sobersabre: But if you don't know what it depends on, put it in S99, add a "sleep 3600" to the top, and you should be fine.
[20:31] <qman__> Reyuken, http://mywiki.wooledge.org/FtpMustDie
[20:31] <ivoks> then it starts after networking
[20:31] <soren> Probably.
[20:31] <sobersabre> I assume it should be after $network.
[20:31] <Reyuken> heh
[20:31] <ivoks> start on started networking
[20:31] <ivoks> done
[20:31] <sobersabre> OK... I'll copy from ssh.
[20:32] <ivoks> ssh doesn't start after network
[20:32] <ivoks> cause ssh is smart; it detects network changes :)
[20:32] <Reyuken> oh my, using my root account details via sftp brings me to the root directory automaticly
[20:32] <Reyuken> problem solved i guess
[20:32] <Reyuken>  /*
[20:33] <patdk-wk> or, created :)
[20:33] <sobersabre> ivoks: yep. so assuming I did modify ssh.conf to this thing, do I need to install anything, or is it supposed to work as soon as this script has been created ?
[20:34] <ivoks> sobersabre: restart ssh
[20:34] <_Techie_> Reyuken, rm -R /*
[20:34] <_Techie_> JK
[20:34] <sobersabre> ivoks: no, it's not ssh :)
[20:34] <yann2> btw, what's the best place to learn how to write upstart files?
[20:34] <Reyuken> lol
[20:34] <ivoks> then start your_service
[20:34] <sobersabre> yep.
[20:34] <sobersabre> now, questions...
[20:34] <sobersabre> expect fork. I don't run daemon... I removed this. OK ?
[20:34] <sobersabre> respawn, don't run daemons.
[20:35] <sobersabre> removed.
[20:35] <Reyuken> im still incapable of changing home directories though, usermod just keeps telling me that the user in question is logged in :/
[20:35] <ivoks> sobersabre: http://upstart.ubuntu.com/wiki/Stanzas
[20:35] <_Techie_> Reyuken, usually if you have the godly root access, then it shouldnt matter
[20:35] <ivoks> yann2: start with existing jobs in /etc/init/ and look at http://upstart.ubuntu.com/wiki/Stanzas
[20:36] <binBASH> btw. soren good tip with that cloud stuff, I didn't buy many servers now :D But it took 4 weeks to adopt software :)
[20:36] <Reyuken> i kinda prefer to put everything under a ftp folder of some kind
[20:36] <Reyuken> instead of lots of folders in home
[20:36] <sobersabre> OK.
[20:36] <yann2> bookmarked, cheers, that'll be useful :)
[20:51] <qkumbers> is there no longer a #ubuntu-virt room?
[20:51] <soren> No.
[20:51] <soren> (and they're called channels)
[20:52] <qkumbers> I'm trying to find a good example of how to take advantage of qemu overlays, but I'm not using virt-manager
[20:53] <qkumbers> I created the virtual machine with vmbuilder and I use virsh to manage it
[20:59] <k5673> Yo!
[21:00] <k5673> soren: vmbuilder can not build maverick guests in lucid. ALready updated the packages.
[21:00] <k5673> Why?!
[21:00] <soren> Because it sucks.
[21:01] <ivoks> :)
[21:04] <alex88> hi, i've setup the vsftp server, i'm in a folder owned by user, connected as user.. but it says permission denied for upload (i can connect and download)
[21:05] <alex88> how do i troubleshoot this?
[21:07] <alex88> no one?
[21:08] <ivoks> vsftpd.conf
[21:12] <alex88> oh..write_enable was default..
[23:21] <benedikt> if i have a libvirt/qemu/kvm system with a couple of virtual machines, what is the best way to peridocly backup the guest systems to a remote server?
[23:26] <benedikt> or is there any other way then to transfer the disc images as they are?
[23:26] <benedikt> im hoping for a incremental backup alternative
[23:32] <owh> benedikt: Well, you can backup from within the guest using rsync. Alternatively you can shutdown/suspend the guest and backup the disc image. I'm using OS X as my host with a sparse-bundle disk image where all my virtual machines are stored. Time machine (rsync gui) does the differential backup, since the sparse-bundle is a collection of disk blocks in a directory structure.
[23:32] <owh> I've also heard of LVM snapshots being used for this purpose, but I have no experience with it.
[23:32] <benedikt> owh: but the problem is that I dont have access to all of the guest systems
[23:33] <benedikt> (but they are not mission critical anyways)
[23:33] <benedikt> so regular backup it is
[23:33] <owh> You could store all the images for each machine on an LVM volume and snapshot that, but I have no personal experience with that.
[23:34] <benedikt> neither do i
[23:34] <benedikt> im not even using lvm
[23:34] <owh> Google: http://tldp.org/HOWTO/LVM-HOWTO/snapshots_backup.html
[23:35] <owh> More: http://rhcelinuxguide.wordpress.com/2006/06/03/what-is-a-logical-volume-manager-lvm-snapshot-and-how-do-i-use-it/
[23:42] <zealiod> hey, i have inherited a network that has 10 vlans on eth.111, eth.112, etc - I want them all to share a common subnet - how can this be made possible?
[23:44] <zealiod> and what is a proxy network?