[00:00] <clusty> is it safe to upgrade a headless machine over ssh ?
[00:01] <jpds> clusty: Always good to have a backup plan.
[00:02] <jpds> clusty: But most of the time it should be safe.
[00:03] <clusty> jpds: i remember it used to start it's own ssh server on some strange port
[00:03] <clusty> in case one needed to update ssh itself
[00:03] <jpds> I'm never seen/heard of that.
[00:21] <clusty> jpds: http://pastebin.com/BLBWhaTz
[00:39] <qman__> it usually works, but have a contingency plan
[00:39] <qman__> don't go upgrading the production server in a datacenter hundreds of miles away when you need it going tomorrow ;)
[00:51] <robert_light> any Eucalyptus folks out there?  I'm having UEC woes
[01:02] <robert_light> mmm....not much chatter going on here...any Eucalyptus folks here?
[01:32] <qman__> robert_light, there rarely is
[01:32] <qman__> !ask
[01:33] <qman__> !anyone
[01:33] <qman__> this channel moves slowly, you have a much better chance of getting an answer if you just ask about your problem and wait
[02:00] <databits> what is the best ircd to use ?
[02:10] <qman__> databits, best is a matter of opinion, though unreal is very popular
[02:10] <qman__> it's one of the more featureful
[02:16] <databits> thanks that is the one that I just downloaded
[02:17] <databits> had another questions... what is the usual directory to install daemons/applications ?
[02:17] <databits> what is good practice ?
[02:21] <twb> databits: that is not the correct way to install software in Ubuntu.
[02:22] <twb> databits: you should *always* install stuff via apt-get, until you know enough to know when it's OK not to.
[02:26] <databits> ok well how would I go about doing the sudo apt-get install command with unreal then ?
[02:27] <twb> You would say something like "apt-cache search unreal", to find out the package name, then "sudo apt-get install <package name>"
[02:28] <qman__> actually, looks like it's not in the repositories
[02:28] <twb> (Unfortunately I can't see an unreal ircd there, so I suggest you pick a different one that IS there.)
[02:28] <databits> I think I can manage compiling it myself
[02:28] <twb> databits: I advise you not to do that.
[02:28] <databits> what is standard practice for a directory
[02:28] <qman__> well, you wanted to know best practice
[02:29] <databits> twb: why ?
[02:29] <qman__> best practice is not to compile software yourself
[02:29] <toddnine> Hey guys.  I'm using Chef to manage my cluster and I'm having problems with iptables.  I'm adding this to the file "/etc/iptables.d/zookeeper" -A INPUT -p TCP --dst 10.0.1.179 --dport 2888 -s 10.0.1.177 -j ACCEPT
[02:29] <twb> Because while you can compile the package and walk away, you probably aren't capable of properly integrating it into the existing package management framework, nor for monitoring upstream vulnerability notifications and backporting security patches to the version you compiled.
[02:29] <qman__> especially with something like an ircd, you open yourself up to security holes by doing so
[02:29] <toddnine> accept tcp on ip 10.0.1.179 from 10.0.1.177 right?
[02:29] <toddnine> on port 2888
[02:30] <twb> ...which is basically why you have a distro instead of compiling everything yourself
[02:30] <databits> I can handle compiling the software myself... that is simple.  I just never picked up on which directory to use
[02:30] <qman__> it's not about compiling it once
[02:30] <qman__> it's about keeping up to date and fixing problems as they arise
[02:30] <twb> toddnine: -d, not --dst
[02:30] <qman__> and managing problems with other related packages in the package management
[02:31] <twb> databits: if you want to do that, I'm not going to come around and break your arms in order to stop you.  But I do advise against it.
[02:31] <qman__> there is no "directory to use" for self-compiled software, because self-compiled software is against best practice
[02:31] <databits> well I see it as a good learning experience
[02:31] <twb> As well as apt-cache, you can search by tags: http://paste.debian.net/99277/
[02:32] <databits> ok if that is the truth then why am I reading that unreal is one of the better ircd's ? the only way you can use it is by compiling it yourself
[02:32] <jmarsden> databits: Best practice would perhaps be to learn about packaging and then package the ircd and get it accepted into Debian and Ubuntu :)
[02:32] <twb> jmarsden: +1.  Or file a Request For Package (RFP) bug.
[02:34] <toddnine> twb: awesome thanks
[02:34] <databits> in general say a peice of software uses apt-get where would it be stored ?
[02:35] <jmarsden> In a repository
[02:35] <databits> on my hd
[02:35] <toddnine> one more question.  These are all nodes that use DHCP (just testing vmware nodes).  After they get an IP address, the ssh daemon isn't binding to the ip.  I'm using 10.04.  Is there something I'm missing in my config?
[02:36] <jmarsden> Whereever the packager packaged it to install to.  Read the FHS (File Hierarchy Standard) and Debian Policy for details of what kinds of files go where.
[02:36] <twb> toddnine: ssh doesn't bind to an IP/interface by default.  It listens to :* and ::*.
[02:37] <twb> toddnine: if you've changed sshd_config to bind to specific intefaces, you'll probably have race problems due to the high level of asynchronicity in Ubuntu's init.
[02:37] <jmarsden> databits: http://www.pathname.com/fhs/ and http://www.debian.org/doc/debian-policy/ch-opersys.html#s9.1
[02:37] <twb> databits: you can use "dpkg -L <package name>" to find out where files are.
[02:38] <twb> databits: for packages that aren't installed yet, you can use apt-file(1) or packages.ubuntu.com.
[02:39] <toddnine> twb: haven't touched anything.  It's weird, if I leave it after boot I can't ssh in.  If I log in via the console and /etc/init.d/networking restart, everything is fine
[02:40] <databits> thank you
[02:41] <twb> toddnine: "after boot I can't ssh in" is different from "ssh isn't binding to the IP"
[02:42] <twb> toddnine: "/etc/init.d/networking restart" probably (re)starts ssh as a kludgy side-effect
[02:42] <twb> toddnine: what you ought to do is get out-of-band access to the VM's local console, and work out what's really going on in there.
[02:47] <toddnine> twb: True, I also have a really strange issue where bash won't recall commands with the up key
[02:48] <jmarsden> toddnine: Does it work with ctrl-p -- if so, you probably have a keyboard mapping issue or some kind
[02:49] <twb> toddnine: hit ^P
[02:49] <twb> As jmarsden says, it's probably because your TERM is wrong, or maybe because the other admin set root's default to bloody set -o vi.
[02:50] <toddnine> jmarsden: ctrl+p does work
[02:50] <twb> IMO you should just learn to use ^P :-P
[02:51] <jmarsden> toddnine: Try    set -o emacs       and see if that fixes it?
[02:51] <k-rad> is lighttpd a secure web server ?
[02:52] <twb> k-rad: there's no such thing as a "secure" web server.
[02:52] <toddnine> unfortunately now
[02:52] <toddnine> not*
[02:52] <toddnine> it works correctly over ssh
[02:52] <k-rad> could i get an enlightened recommendation for a light http web server that isn't too insecure
[02:52] <jmarsden> toddnine: in the session where it does not work, do     echo $TERM    and compare with the result in the ssh session
[02:54] <k-rad> any opinions on boa web server ?
[02:54] <k-rad> also is sqlite3 an acceptable SQL solution for web servers ?
[02:55] <k-rad> the aim of what i'd like to accomplish is to easily setup a web server, secure, and provide all features that wordpress requires
[02:56] <jmarsden> k-rad:    sudo apt-get install wordpress
[02:57] <k-rad> wow.  thank you.  that includes web server ?
[02:57] <jmarsden> k-rad: It pulls in the dependencies it needs.  Try it!
[02:58] <k-rad> thank you
[02:59] <jmarsden> k-rad: You're welcome.
[03:00] <qman__> I noticed an error in the serverguide, here: https://help.ubuntu.com/10.04/serverguide/C/samba-fileserver.html
[03:00] <qman__> it references /etc/init.d/samba, which no longer exists
[03:00] <qman__> what should I do to resolve it?
[03:01] <jmarsden> File a bug against ubuntu-serverguide and ideally then attach a patch correcting the issue :)
[03:01] <qman__> ok, will do
[03:09] <qman__> ah, already been reported
[03:09] <qman__> bug 665763
[03:10] <jmarsden> qman__: Cool, so just hot the "this bug affects me" button so it gets a bit more attention :)
[03:10] <qman__> yep :)
[03:14] <JasonMSP> Im using putty to login to my server.  I have a client that has uploaded some file names in Russian.  When I go into their home directory the names are all ???? as if the langhuage isn't installed.  How do I add the language/font for russian?  if I FTP i can read the russian, but in the shell its only '????'  Im running 10.04
[03:19] <qman__> JasonMSP, it's probably on your client machine
[03:19] <qman__> I have files with Kanji names that work fine on all my ubuntu machines with no special configuration
[03:19] <qman__> for windows XP, it's in control panel, regional and language settings
[03:20] <JasonMSP> On my windows machine im fine.  Its in the shell (im using putty) that the files come up as "????????"
[03:20] <yann2> so the problem is it is not displaying unicode fonts on windows right
[03:21] <yann2> maybe your FTP client and putty dont use the same font
[03:21] <yann2> and you use a font in putty that doesnt have unicode
[03:21] <qman__> yes, also possible
[03:21] <qman__> I don't have any files to verify but I would bet money that the ubuntu server is not at fault here
[03:21] <yann2> anyway this is not an ubuntu issue, but a windows one, I m afraid
[03:22] <JasonMSP> if its windows I can figure it out
[03:22] <qman__> ubuntu has always been great about other languages and special characters
[03:22] <yann2> JasonMSP, there might be updates for you to install on windows update.
[03:22] <JasonMSP> главная
[03:22] <yann2> that displayed fine here ;)
[03:23] <qman__> and here as well
[03:23] <JasonMSP> thats one of the folders it displays fine except inside the shell
[03:23] <JasonMSP> I guess putty more to be more acurate
[03:25] <qman__> JasonMSP, http://oi53.tinypic.com/js2741.jpg
[03:26] <JasonMSP> hmmm...
[03:30] <yann2> I cant paste it in putty under linux though
[03:32] <yann2> ok figured it out
[03:32] <yann2> you need to select UTF 8 in translation
[03:32] <yann2> in the options
[03:32] <yann2> and then select a font where you have utf8 installed, in my case monospace instead of fixed
[03:33] <JanC> why do you use PuTTY in linux?
[03:34] <yann2> http://waste.mandragor.org/putty-utf8.png
[03:34] <yann2> JanC, I don't, but it got me intrigued :)
[03:34] <JasonMSP> im on a windows machine logged into my server
[03:35] <yann2> JasonMSP, the screenshot is actually a putty window :) just need to select appropriate font
[03:35] <yann2> and utf8 too
[03:36] <JanC> somebody needs to fix PuTTY to use utf-8 by default, this is 2010 after all, not 1990 or so...  :P
[03:36] <yann2> off to bed now, good night and good luck JasonMSP
[03:36] <qman__> yeah, but windows doesn't always play nice with utf8
[03:36] <JasonMSP> thanks
[03:37] <JanC> qman__: it's a terminal emulator to connect to unix/linux systems, so it shouldn't care about Windows
[03:37] <JanC> and especially not when run on linux  ☺
[03:49] <JasonMSP> didn't get it working.  I tried UTF-8 my font right now is console and none of the others I tried worked
[05:39] <andres_> alguien en español?
[05:44] <qman__> !es | andres_
[05:44] <andres_> gracias por el comentario, ya esoty en ubuntu-es y ubuntu-server
[05:44] <andres_> solo que estoy pidiendo ayuda por estos tres canales
[05:45] <andres_> para configurar el ldap se debe tener creado un dominio?
[05:56] <andres_> somebody can help me whit ldap?
[05:57] <andres_> i am following the guide from ubuntu oficial page
[05:57] <andres_> but i have a problem when
[05:58] <andres_> i add the entries
[05:58] <andres_> somebody?
[05:58] <twb> andres_: is there an error message?
[05:58] <andres_> yes, this one
[05:59] <andres_> ldap_bind: Server is unwilling to perform (53)
[05:59] <andres_>         additional info: unauthenticated bind (DN with no password) disallowed
[05:59] <andres_> do i have to configure the DNS?
[05:59] <twb> That's saying you're trying to make changes anonymously.
[05:59] <twb> You probably need to connect using the rootbinddn
[06:00] <andres_> what do you mean?
[06:00] <andres_> what is rootbinddn?
[06:00] <twb> The rootbinddn is the name of the LDAP superuser
[06:01] <andres_> mmmm
[06:01] <andres_> i will try
[06:01] <andres_> that user dont exist in my sistem
[06:01] <twb> e.g. cn=admin,dc=example,dc=net
[06:01] <andres_> and as root?
[06:02] <twb> What command are you running?
[06:03] <andres_> this :   ldapsearch -xLLL -b "dc=example,dc=com" uid=john sn givenName cn
[06:03] <andres_> sorry
[06:03] <andres_> is this
[06:03] <andres_> sudo ldapadd -x -D cn=admin,dc=example,dc=com -W -f frontend.example.com.ldif
[06:04] <twb> So you're logging in as cn=admin,dc=example,dc=com.
[06:04] <andres_> yes
[06:04] <twb> Either you aren't providing a password, or you're providing the wrong password, or that account doesn't exist in ldap.
[06:05] <andres_> i am following this guide
[06:05] <andres_> https://help.ubuntu.com/10.04/serverguide/C/openldap-server.html
[06:06] <andres_> when i put that comamd line
[06:06] <andres_> ldap ask me a pass
[06:06] <andres_> but it dont have a pass, so i just press enter
[06:07] <andres_> when i put a pass, it say me that is a wrong pass
[06:07] <twb> Why don't you have a password?
[06:08] <twb> That page sets the password to "secret"
[06:10] <andres_> yes, but i write it, and it say that is wrongç
[06:11] <MTecknology> !info sphinxsearch
[06:11] <MTecknology> !info sphinxsearch lucid
[06:12] <twb> andres_: then I don't know.  Sorry.
[06:12] <MTecknology> heh... 0.9.9 is kinda old..
[06:12] <andres_> dont worry
[06:12] <andres_> thank for your help
[06:26] <andres_> a question
[06:26] <andres_> i have to configure dns for ldap?
[06:27] <twb> Not necessarily.
[06:27] <twb> Indeed, is it technically possible for LDAP to replace DNS
[06:30] <andres_> thank
[06:35] <andres_> problem resolved
[06:35] <andres_> i was wrong
[06:36] <twb> What did you do wrong?
[06:56] <eagles0513875> hey guys is it possible to install ubuntu cloud features on kubuntu
[07:00]  * Datz wonders if system information on login is disabled even for multi core systems if load is above 1.
[07:04] <twb> Should be easy enough to test
[07:08] <eagles0513875> hey twb is it possible to install the cloud computing features that server has on kubuntu
[07:10]  * Datz has ubu-server on only a single core
[07:11] <twb> Datz: my multi-core boxes are 8.04, so I can't check for you without pissing about with a VM
[07:11] <twb> If you have qemu/kvm lying around, you can tell it to emulate multiple cores
[07:19] <Datz> twb: ah, that's ok. Just curious. ;)
[07:23] <Ganymede> Hello, I have a server here with tons of RAM but no hard drive. I'd like to run Ubuntu on it so I was wondering if there was some way I could start up Ubuntu from the LiveCD but then run it entirely out of RAM. I do not, at this time, have the capability to use a SAN or set up a DHCP server for network boot.
[07:23] <Ganymede> As far as I know, if using the LiveCD, the LiveCD must remain in the tray and it gets accessed every now and then, which is slow. I'd like it to have the root filesystem in RAM so the CD never needs to be accessed.
[07:24] <Ganymede> And I'm ready and willing to accept that if the power gets cut to this machine, I'll lose all my data on it.
[07:25] <databits> anyone in here know of some good sick trance/\/bass track's ?
[07:25] <databits> I need some sick tech to listen too
[07:26] <twb> !offtopic
[07:26] <twb> Ganymede: casper and/or live-initramfs supports that
[07:26] <databits> woops wrong window
[07:27] <twb> Ganymede: at least some versions take "toram" as a boot option.
[07:29]  * Datz remembers slax gives the option to run from ram at boot.
[07:30] <Ganymede> twb: So if I'm understanding you correctly, all I need to do it supply BOOT=live as a kernel parameter at the boot prompt from a standard (desktop) LiveCD ISO and the additional options listed at http://manpages.ubuntu.com/manpages/lucid/man7/live-initramfs.7.html are also available to me?
[07:31] <twb> Ganymede: last time I looked Ubuntu used casper, not live-initramfs/live-boot (the Debian fork).
[07:32] <twb> The live CD will already be using boot=live or boot=casper, IIRC you hit F6 to edit the boot prompt from gfxboot.
[07:38] <Ganymede> There's something very satisfying about being able to download ISOs from a non-local site in 63 seconds.
[07:38] <twb> Pfft
[07:38] <twb> optical media are obsolete
[07:38] <twb> What's satisfying is BOOTING from a remote site in 60 seconds
[07:42] <Eventyret> Morn RoyK
[07:43] <RoyK> morn
[08:03] <Ganymede> twb: Thanks...I may have gotten it working with adding toram after boot=casper...I can't really tell if it actually doesn't need the CD anymore.
[08:03] <twb> You should be able to eject the CD if it worked
[08:03] <Ganymede> I will try that now...I am currently testing on a VM so I don't know if VMWare player will eject the CD anyway regardless of whether the guest has it mounted.
[08:05] <Ganymede> My guess is that it worked since I ejected the CD and Ubuntu didn't complain.
[08:07] <Ganymede> Here is unrelated question. Suppose I'm on a Ubuntu machine will hard drive and swap with 24G physical memory. If I run a VMWare or VirtualBox guest with 16G physical memory, does all that memory need to be in physical RAM at once? Or can the 16G of pages for guest memory be selectively swapped based on usage?
[08:08] <Ganymede> Or is this more a question for #vmware/#vbox? From what I can tell, VirtualBox grabs all the memory all at once but VMware grabs it as needed (grows dynamically) but I haven't done any futrher testing.
[08:08] <twb> That's a question for #vmware
[08:08] <Ganymede> Okay, thanks.
[08:08] <RoyK> Ganymede: IIRC vmware doesn't allocate anything before it's used
[08:08] <twb> The blessed VM tech for #ubuntu-server is kvm
[08:09] <twb> IIRC vmware-server allows you to either allocate memory up-front or on-demand (ballooning)
[08:09] <RoyK> it'd be nice to one day see KVM with the same possibilities as vsphere ESXi
[08:09] <twb> RoyK: HTFS
[08:10] <RoyK> ?
[08:10] <twb> Hack The Fucking Source
[08:10] <RoyK> twb: not my cup of tea - it'll take a little more than a few hacks to make that a reality
[08:11] <twb> That's "hack" as in "work on", not "hack" as in "kludge"
[08:11] <twb> Or employee someone to work on it, or whatever
[08:12] <Ganymede> That sounds like a $10,000+ job.
[08:12] <twb> Probably :-)
[08:12] <Ganymede> Not that I know what the i in ESXi means...only ever used ESX without the i.
[08:12] <twb> ESXi is ESX without the local GUI
[08:22] <derknecht> i have a ubuntu 8.04 server, it crashes after some weeks, and then needs multiple startups to get it up and running again. I think that this is a hardware problem (maybe graphics card) but found nothing in the log files. is there a way to test hardware, or how should i trace this problem? Thanks for any advice.
[08:23] <twb> derknecht: first of all, run memtest86+ for a day or two
[08:24] <twb> derknecht: then, it's probably simplest to swap in new components
[08:24] <twb> Or you could just remove the GPU -- you shouldn't be running a GUI on a server anyway
[08:25] <derknecht> twb:  i know, but the customer want it. Thanks, i should try this
[08:26] <twb> I hate customers
[08:26] <twb> I know better than they do, dammit :-/
[08:29] <derknecht> twb: me too :D  but they are pay me . . .
[08:29] <derknecht> :D
[08:55] <twb> I want a package like vrms, that will send me a monthly warning about server packages that don't receive five-year support.
[09:29] <eagles0513875> hey guys anyone an expert with postfix?
[09:32] <RoyK> eagles0513875: for general postfix   questions, just ask, but if you need "export help", try #postfix
[09:32] <eagles0513875> RoyK: my issue is i configur eit according to the ubuntu wiki
[09:33] <eagles0513875> the problem is outgoing email
[09:33] <eagles0513875> i think it might be the version of squirrelmail that comes with ubuntu
[09:34] <matti> :)
[09:36] <eagles0513875> matti: ?
[09:36] <matti> eagles0513875: ?
[09:36] <matti> eagles0513875: I am just smiling :P
[09:37] <eagles0513875> lol
[09:39] <eagles0513875> ikonia: check your connection plz
[09:55]  * EvilPhoenix pokes eagles0513875
[09:55] <EvilPhoenix> :P
[09:56]  * eagles0513875 waves to EvilPhoenix
[10:25] <eagles0513875> hey guys anyone know able ot help me setup dovecot to work with sasl
[10:41] <joschi> eagles0513875: what exactly doesn't work for you?
[10:42] <eagles0513875> to configure sasl do i need to go through this https://help.ubuntu.com/community/PostfixDovecotSASL
[10:42] <eagles0513875> cuz im having some issues following it
[10:43] <joschi> eagles0513875: https://help.ubuntu.com/10.04/serverguide/C/postfix.html
[10:43] <eagles0513875> im on that joschi
[10:43] <eagles0513875> at the bottom of it it has this url https://help.ubuntu.com/community/PostfixDovecotSASL
[11:25] <cjwatson> kirkland: dunno, it's certainly supposed to be installed by default.  tasksel tasksel/force-tasks     string server
[11:25] <cjwatson> kirkland: logs?
[11:26] <raubvogel> Am I the only one still having issues with ureadahead and /var on its own partition?
[11:41] <cjwatson> raubvogel: bug 523484
[11:44] <raubvogel> I have been following that bug and 542334. In fact, I am going to add some stuff to 523484 if what I am about to try does not work out.
[11:45] <raubvogel> What scares me is that I have 4 10.04LTS servers I installed /var on a diff partition during install and they work fine. Only this one I forgot to do that is causing me headaches
[11:49] <raubvogel> If I need to, can I remove ureadahead without any harm to the system besides, well, slower boot?
[12:06] <k-rad> has anyone successfully integrated some type of beowulf cluster with ubuntu or can tell me what that might involve ?
[12:15] <cjwatson> raubvogel: ureadahead just speeds things up, it shouldn't be mandatory
[12:15] <cjwatson> you could just turn off its upstart jobs if they're causing problems
[12:15] <cjwatson> which is probably easier than removing the package => removing ubuntu-minimal
[12:34] <k-rad> morning eagles0513875
[12:34] <eagles0513875> hey k-rad
[12:34] <k-rad> nice to see you :)
[12:34] <k-rad> i lost that beowulf mailing list
[12:35] <k-rad> ya think it'd be hard to do ?  with ubuntu a desktop and another computer assisting in its allocation of cpu/memory resources ?
[12:35] <k-rad> there doesn't seem to exist a #beowulf channel on freenode that is functional
[12:36] <k-rad> how are you this morning ?
[12:45] <raubvogel> cjwatson, I honestly do not know if ureadahead is the guilty party. It might as well be it just happens to be the last thing shown on the screen before machine takes a dump
[12:46] <raubvogel> But, I do not know where else to begin; it seems the people in those two bugs are in the same boat
[12:46] <cjwatson> raubvogel: easy to experiment, right?
[12:46] <raubvogel> if I can duplicate that in a VM, sure!
[12:47] <raubvogel> For now I will have to leave that server alone. In about an hour it will start being used again
[12:47] <cjwatson> I figured that if it wasn't booting properly it couldn't be in production ...
[12:48] <raubvogel> Well, if i leave /var in /, as it was before, it works.
[12:54] <raubvogel> cjwatson, Honestly I am concerned about the other servers. At first I thought this was just a careless move from my part. You know, edit fstab and be done with. I did not expect something like this be a bug
[12:55] <qman__> I ran into a problem a while back when I used JFS on /var for a myth box
[12:55] <qman__> it wouldn't mount /var because it couldn't mount JFS, because something was preventing it from loading
[12:55] <qman__> didn't have time to investigate and just formatted without separate /var
[13:14] <kirkland> cjwatson: http://people.canonical.com/~kirkland/installer.tar.bz2
[13:18] <cjwatson> hmm.  it all *looks* ok.  guess I'll have to try it
[13:19] <cjwatson> there was quite a big tasksel merge between lucid and maverick, so I suppose I might have broken something there
[13:20] <user666> what setting file should i look into to allow password-less ssh connections
[13:20] <user666> server is 9.10
[13:20] <raubvogel> qman__, that is why I am leaving the system as is for now
[13:21] <user666> i did generate ssh keys, i did cat the pub key to server, ect, no go
[13:21] <raubvogel> user666, how about /etc/ssh/sshd_config?
[13:21] <cjwatson> user666: see what /var/log/auth.log says when you attempt to log in
[13:21] <raubvogel> Also ssh -vvv should tell you what happened
[13:22] <cjwatson> raubvogel: ssh -vvv doesn't tend to tell you why authentication failed
[13:22] <cjwatson> raubvogel: generally, if the server told the client the reason, it would be an information-leak vulnerability
[13:22] <cjwatson> so you need to look in /var/log/auth.log on the server
[13:23] <raubvogel> Agreed, but it would at least say if it even tried to do key authentication
[13:24] <user666> ok, looking into sshd_config
[13:24] <cjwatson> no, look at the logs first
[13:24] <cjwatson> don't waste time guessing configuration before looking at the logs
[13:25] <cjwatson> it might be something as simple as a permissions error
[13:25] <user666> both auth files are chmoded to 640
[13:25] <cjwatson> look at what the log tells you
[13:26] <user666> logs dont show any attempts to find key pairs
[13:26] <cjwatson> I usually 'tail -f /var/log/auth.log', hit Enter a few times so there's blank space, and then try to log in
[13:26] <user666> ups, actually i found: Authentication refused: bad ownership or modes for file /home/playserver/.ssh/authorized_keys
[13:26] <cjwatson> there you go
[13:27] <cjwatson> 'man sshd' lists the required permissions
[13:27] <cjwatson> note that it is not just the file itself you need to check
[13:32] <user666> permissions for authorized_keys or what ?
[13:32] <cjwatson> see the manual page
[13:59] <Kudos> slightly off-topic, anyone know how to tell scp to use a specific device?
[13:59] <Kudos> trying to pull from a VPN without sending all traffic through it
[14:03] <Lord_Rahl> can anyone point me to a how on have one nic point to a separate network and one nic pointing to another
[14:03] <cjwatson> Kudos: I doubt you can, wrong layer really.  it's probably easier to set up policy routing
[14:04] <cjwatson> Kudos: ('man ip', I think)
[14:05] <Kudos> cjwatson: damn, that looks complicated :P
[14:06] <cjwatson> hopefully there's a simpler howto around somewhere.  I'm not an expert
[14:07] <Kudos> ip neighbour add looks like it might be what i want?
[14:27] <Kudos> cjwatson: you sent me down the right route, thanks
[14:27] <Kudos> lololo, route
[14:27] <raubvogel> Lord_Rahl, both static or dhcp?
[14:27] <Kudos> geddit?
[14:27] <Lord_Rahl> the nic are static one will be run a dhcp server. It is for asterisk server
[14:28] <raubvogel> Lord_Rahl, so, you have 2 nics?
[14:28] <raubvogel> Like eth0 and eth1
[14:28] <raubvogel> As opposite to eth0 and eth0:1
[14:29] <Lord_Rahl> I have two nics.
[14:29] <raubvogel> Define them in /etc/network/interfaces
[14:31] <Lord_Rahl> here is what I have in my interface http://pastebin.com/PdCQ9ZJP
[14:31] <raubvogel> Shouldn't you use another gateway on line 19?
[14:32] <cjwatson> Kudos: you're welcome
[14:33] <Lord_Rahl> I guess so that is the phone network side it does not need to go to net. I guess I can point it back to itself
[14:34] <Lord_Rahl> raubvogel, here is what I receive when I restart networking : root@Asterisk:~# sudo /etc/init.d/networking restart
[14:34] <Lord_Rahl>  * Reconfiguring network interfaces...                                                                                                                                ssh stop/waiting
[14:34] <Lord_Rahl> ssh start/running, process 29522
[14:34] <Lord_Rahl> SIOCADDRT: No such process
[14:34] <Lord_Rahl> Failed to bring up eth0.
[14:36] <Lord_Rahl> raubvogel, Do I need to place them on a different subnet?
[14:38] <raubvogel> Which is the gateway for each of them?
[14:43] <Lord_Rahl> eth1 is use the real gateway. eth0 does not have a gateway on that network
[14:44] <Lord_Rahl> or no way to get to it
[14:47] <Eventyret> Anyone able to explain how to setup dns for a IRC Cloak i got a Rdns setup for my server.
[14:57] <_ruben> Lord_Rahl: dont specify a gateway for eth0 then
[14:58] <raubvogel> exactly, so it will use the default one
[15:01] <Lord_Rahl> _ruben, OK i will try that
[15:02] <Lord_Rahl> _ruben, that work you the man!
[15:02] <Eventyret> any help on setting up a vhost ?
[15:03] <therobot> I'm trying to backport wkhtmltopdf from lucid to hardy with prevu (in a hardy box), I'm just running prevu wkhtmltopdf/lucid but I get "Unable to find a source package" error, what I am doing wrong?
[15:35] <alfonx> Hi. I have been using Gentoo and now want to switch to ubuntu server. I wonder, how webapps (gallery, phpstuff, phpmyadmin etc tec) is managed for multiple "sites/domains/vhosts" on ubuntu. is there anything like "webapp-config" on gentoo. Can Ubuntu-server share one installation of a webapplication for multiple domains? Or do the webapplications have to provide this functionality?
[15:35] <zealiod> How do I use ebtables to log which mac addresses are using certain vlans?
[15:43] <hggdh> JamesPage: Qs for you re. Hudson deployment
[15:44] <JamesPage> hggdh: fire away
[15:44] <hggdh> JamesPage: (1) I have a server hat could be used; care to have a look?
[15:44] <JamesPage> hggdh: yes please
[15:52] <simplexio> alfonx: buntu is linux like gentoo.. so yeas. easily ? i dont know, but here is is vhost conf for apache
[15:56] <mathiaz> Ng: hi - have you heard of Graphite - Enterprise Scalable Realtime Graphing - http://graphite.wikidot.com/?
[15:56] <mathiaz> SpamapS: ^^?
[15:58] <Ng> mathiaz: I've not personally tried it, but I've heard of it and like that it's Python. The DB isn't RRD, but is fixed-size though, which is a downside for us
[15:59] <mathiaz> Ng: right - because you'd like to measure everything for ever ;)
[15:59] <Ng> ye
[15:59] <Ng> +s
[16:02] <alfonx> simplexio: probably my question was not clear. when i do "apt-get install drupal6", can i then configure it independently for two "sites-enabled"? will one "apt-get upgrade drupal6" work for both sites? In gentoo the webapp-config tool is doing hardlink- and symlink-magic to share the application with thousands of vhosts, but it is only installed once.
[16:04] <kirkland> cjwatson: shall I open a bug about this?  if so, against what?
[16:05] <robbiew> kirkland: Daviey: and who ever else in San Antonio...leaving in about 20min, so should be there closer to 11:30/noon...I'll cover lunch ;)
[16:06] <cjwatson> kirkland: a bug on tasksel would be good, I think
[16:06] <cjwatson> for starters
[16:07] <cjwatson> kirkland: can you poke Daviey about my query about a test case for bug 633015, from Friday or so?
[16:08] <light_> Anyone know why my node instance is stuck in BeaBIOS and doesn't boot up when started on a node-controller....yet when I bring up the same image in kvm...it works just fine?
[16:14] <Daviey> o/
[16:14] <Daviey> cjwatson: Will do that!
[16:14] <Daviey> cjwatson: Can i use my heavy weight package, or can i use a sample foo package?
[16:14] <Daviey> robbiew: Groovy
[16:15] <zul> \\\\\\\\\\\\\\\\\\\\\\\\\
[16:15] <cjwatson> Daviey: I just want something I can test reasonably easily for SRU verification
[16:15] <cjwatson> since I want this SRU out of the way for something else :)
[16:15] <cjwatson> (enabling xz support, which needs a backport to lucid-cat, and I'd rather do that on top of current -proposed)
[16:19] <Mez> Suggestions for what to use to proxy SMTP for a bastion host?
[16:21] <Daviey> cjwatson: I understand... will try and do that today, or otherwise tomorrow.
[16:21] <Daviey> (currently sprinting)
[16:35] <k-rad> can anyone give me some tips on how to link my fully qualified domain to a service such as dyndns.org (free) using CNAME so that i can make my wordpress/lamp installation functional here ?  or another dyndns.org type service which is free, that is supported by dd-wrt
[16:41] <flohack> Hi! I'm trying to use selinux on maverick on Amazon EC2 and it seems to crash the machine. Is anyone using selinux on amazon ec2 here?
[16:45] <simplexio> alfonx: you no idea. but symlink & hardlink magic is easy to by hand or by script
[16:48] <zealiod> how can i just log traffic from certain vlan with ebtables?
[17:04] <alfonx> simplexio: thanks
[17:12] <ScottK> alfonx: I believe that the Ubuntu Server Guide (see /topic) covers some of this.  At least enough to give you an idea of how it works.
[17:23] <ruben23> hi guys how do i check packages that are installed
[17:23] <ruben23> on my ubuntu server
[17:24] <alfonx> ruben23: start aptitude and slecet "installed packages" .. if you like to use some kind of text gui
[17:24] <bluefrog> ruben23, dpkg -l
[17:29] <ivoks> or, ls -d /usr/share/doc/* | cut -d\/ -f5
[17:29] <ivoks> :)
[17:31] <XeNoT> Is it possible to add a authorized_keys as a paramater with the vmbuilder command?
[17:41] <SpamapS> mathiaz: I evaluated graphite for the UEC monitoring / monitoring framework stuff but rejected it for inflexibility I think.
[17:45] <bluefrog> ivoks, except that you may be missing stuff
[17:45] <ivoks> bluefrog: which one?
[17:46] <bluefrog> ivoks, not talking specially of a server. taking example on my desktop. your line wll give 1370 hits, dpkg -l 1386
[17:47] <ivoks> dpkg -l prints more than just installed packages
[17:48] <ivoks> but my command doesn't provide exact output too ;)
[17:48] <bluefrog> ivoks. got some rc with dpkg -l
[17:48] <bluefrog> not only ii
[17:48] <ivoks> exactly
[17:48] <bluefrog> ok
[17:55] <hggdh> zul: working today?
[17:55] <zul> hggdh: yep in san antonio
[17:56] <zul> hggdh: whats up?
[17:56] <hggdh> zul: we need, later on, to discuss the SRU process for server, and what I can do there
[17:56] <zul> hggdh: sure
[18:22] <makomi> anybody see the error in samba? If I do a "dpkg-reconfigure samba" I get a "sed: -e expression #1, char 143: unknown option to `s'"
[19:25] <AivarasKivilius> Hello, I need to create new user and give for him premissions to lounch only irssi ir screen, How to do that?
[19:26] <AivarasKivilius> User won't be able to do anything except that.
[19:42] <jdstrand> hallyn: hey. I haven't had a chance to look at your next merge request yet, but came across this: https://www.redhat.com/archives/libvir-list/2010-November/msg00281.html
[19:42] <jdstrand> hallyn: fyi only
[19:52] <claude2> can anyone help with a xen question?
[19:53] <claude2> i cant tell if you need any special modifications to make ubuntu 10.04 run as a domU
[19:53] <claude2> im using the desktop ubuntu install presently
[19:58] <claude2> im having some instability and io errors
[19:59] <RoAkSoAx> claude2: afaik Xen is not supported in Ubuntu. sorry :(
[19:59] <k-rad> how does one link a domain name with a LAMP installation.  i'm guessing there are better ways than forwarding with masking with dyndns.org
[20:00] <SpamapS> k-rad: you just need to set a DNS name to the IP of the server. If its a dynamic IP, then that gets unreliable and difficult to manage.
[20:00] <k-rad> SpamapS, how do i create my own dns name and link it to my server ?
[20:00] <k-rad> i use godaddy would that do it ?
[20:01] <raubvogel> AivarasKivilius, I think what you want is something similar to a restricted shell
[20:02] <RoAkSoAx> k-rad: yes, just use  godaddy's dns's and add an entry pointing to the IP address of your server for your domian name
[20:02] <k-rad> RoAkSoAx, thank you sir
[20:02] <RoAkSoAx> welcom :)
[20:08] <k-rad> RoAkSoAx, sir, do you know a easy guide for someone who installs wordpress, and then, LAMP with it.  since its all installed with wordpress package, it skips any configurations any tutorial might be able to walk you through
[20:09] <k-rad> i found a how-to.  i'm good.  thank you all
[20:09] <Guest21908> hello, i just installed the server dist. what is the best way to communicate with it remotly? some kind of shell connection with ssh? please, kick me in the right direction, like a google search string
[20:09] <RoAkSoAx> k-rad: there's lots of how-to's in google :). I personally installed it from source instead of using the ubuntu package
[20:10] <Guest21908> openSSH? :)
[20:10] <RoAkSoAx> Guest21908: yes, just ssh! sudo apt-get install openssh-server (if you haven't done so already) and you are pretty much set
[20:10] <RoAkSoAx> Guest21908: of course you'll have to tune it up, (such as change ports and stuff)
[20:11] <Guest21908> RoAkSoAx: thanks! i think its there from the installer. ill fire it up and google thru laptop then
[20:11] <Guest21908> thanks for answering on a thousand-asked-question
[20:12] <RoAkSoAx> lol no problem :)
[20:14] <k-rad> the irc dns command is very useful in finding a ip address that is linked to dyndns.org for /etc/mysql/my.cnf / bind-address = xx.xx.xx.xx
[20:15] <k-rad> which is /dns
[20:17] <k-rad> i will set it to my hostname.dyndns.org, the bind-address, since that will change anyway, hopefully, it will accept alphabetical characters
[20:18] <k-rad> my dyndns.org is setup in my router.  i had to give up optware the right way, but with 4bit upstream, can save me $10 a month :)
[20:21] <k-rad> by default bind-address = 127.0.0.1.  thats what i use for my dns server cache (dnsmasq) perhaps i can set dnsmasq to use a different listening ip, and reflect those changes anywhere, those who are familiar with dns caching, what could i set my dnsmasq listening interface to other than default ?
[20:24] <k-rad> this will not work for me not even with a sudo   mysql -u root   ERROR 1045 (28000): Access denied for user 'root'@'localhost' (using password: NO)
[20:30] <k-rad> got it done, thanks all
[20:37] <k-rad> any thoughts on lighthttp ?
[20:39] <k-rad> is it possible that when i got to the bind-interface = 127.0.0.1 and it said to change it to your own ip, would that be a WAN ip or static ip ?  thats /etc/mysql/my.cnf
[20:44] <SpamapS> lighttpd seems to be pretty solid and fast.. its not as fast as nginx, but certainly has easier code to work on when you don't speak russian. ;)
[20:44] <fluvvell> A linux client on my network is making dns request for a server no longer in existence on the local net. How can I find which process is making the request?
[20:45] <SpamapS> fluvvell: is resolve.conf updated with the newe DNS server info?
[20:45] <SpamapS> err
[20:45] <SpamapS> resolv.conf
[20:46] <fluvvell> SpamapS, the request to my dns-server is about the A record for a media server I used to have 6 months ago.
[20:47] <fluvvell> so the request is valid, the dns server is answering, but I dont know why the client is asking for it still.
[20:48] <fluvvell> my approach is therefore, "Whos asking?"  Looking into processes on the client, I can't work out which one might want the old media server
[20:48] <SpamapS> fluvvell: ah
[20:48] <SpamapS> fluvvell: thats a tough one
[20:48] <SpamapS> fluvvell: because DNS is UDP, the window for a socket will be relatively tiny.
[20:48] <fluvvell> so  open files? or netstat with some options
[20:49] <fluvvell> Oh
[20:49] <fluvvell> right
[20:49] <SpamapS> fluvvell: sudo fgrep -r badhostname /etc /home /usr
[20:49] <fluvvell> Its asking about 3 times per second
[20:49] <fluvvell> ok
[20:49] <SpamapS> fluvvell: thats pretty fast
[20:49] <fluvvell> yes!
[20:50] <SpamapS> fluvvell: maybe you can catch it.. I think you can log who owns a packet with iptables
[20:50]  * SpamapS hasn't done this tho
[20:51]  * fluvvell wonders why he chose media as the name for a server!
[20:53] <fluvvell> at least 8 times per second in the logs on the dns server
[20:54] <guntbert> fluvvell: and the logs on the client reveal nothing?
[20:54] <k-rad> http://pastebin.com/Vyh5ymTZ  in /etc/hosts i'm supposed to define an ip address against a domain in that pastebin that domain had a subdomain.  do i need a subdomain for my registered domain ?  or should there be a way to fill in both of my godaddy name servers here ?
[20:55] <k-rad> also, i don't know what number to prefix before the domain  they are asking for linode address
[20:56] <fluvvell> guntbert, no mention of media in any log files.
[20:57] <guntbert> fluvvell: I was thinking about errors like "unable to find/contact..."
[20:57] <fluvvell> given that cifsd is at the top of the process usage, I'm guessing something on the desktop is trying to find a share
[21:04] <fluvvell> guntbert, tcpdump is giving me  SMB PACKET: SMBreadX (REQUEST)
[21:07] <guntbert> fluvvell: seems plausible - you could use wireshark too (easier to see details of the protocol) - OR look into /etc/fstab ....
[21:21]  * RoAkSoAx wonders who was the one that wanted to look into openvswitch?
[21:22] <bogeyd6> Anyone can point me to a guide on setting up mysql load balancing cluster on 10.04.1 ?
[21:25] <RoAkSoAx> bogeyd6: this is not ubuntu specific but almost everything should be the same: http://www.howtoforge.com/loadbalanced_mysql_cluster_debian
[21:27] <bogeyd6> RoAkSoAx file is too old
[21:27] <bogeyd6> prob more like http://barkingiguana.com/2008/07/07/high-availability-mysql-on-ubuntu-804/
[21:28] <RoAkSoAx> bogeyd6: it uses mysql 5.0.19 the only that will differ is heartbeat related stuff
[21:28] <RoAkSoAx> bogeyd6: give it a try and see what happens
[21:28] <bogeyd6> k
[21:29] <bogeyd6> RoAkSoAx lookie here https://help.ubuntu.com/community/HighlyAvailableLAMP
[21:29] <bogeyd6> jackpot
[21:29] <bogeyd6> spent an hour on google looking for aht
[21:30] <bogeyd6> !search googleit
[21:31] <RoAkSoAx> bogeyd6: the drbd config seems ok, the heartbeat related config is really old and pretty much useless nowadays. And that is just a failover cluster, not a loadbalancing cluster :)
[21:31] <RoAkSoAx> bogeyd6: for more updated stuff refer to https://wiki.ubuntu.com/ClusterStack/LucidTesting
[21:32] <RoAkSoAx> bogeyd6: we hope to include cluster related stuff in the Ubuntu Server Guide soon
[21:43] <fluvvell> guntbert, yes, fstab seems to offer no clues. What could be attempting to mount otherwise?
[21:44] <guntbert> fluvvell: some media player (VLC,...) ?
[21:44] <fluvvell> Its as if some desktop application has remembered a connection or something..
[21:45] <fluvvell> guntbert, yes was wondering something like that. VLC not running,
[21:46] <guntbert> fluvvell: was only an idea - but I'm off -- Good luck :-)
[21:47] <fluvvell> cheers
[21:50] <fluvvell> FOUND IT!!
[21:51] <fluvvell> firefox had an add-on called minion  which was set up to the old media server
[22:00] <kinygos> hi....my /var/log/auth.log is full of pam_unix(cron:session) entries...i've found a forum suggestion to comment out the line @include common-session in /etc/pam.d/cron...but my file doesn't have such a line (it has @include common-session-noninteractive)...what does commenting that line actually do?
[22:02] <remix_tj> kinygos: i think this line is useful
[22:03] <kinygos> remix_tj: that's what i was afraid of
[22:04] <remix_tj> useful for knowing which cron users runs
[22:06] <kinygos> ah...the ones filling up my log are for user root, but as you say, there are also those for when i sudo something with my username, so probably best to live with it
[22:46] <databits> what is it called when you run two different websites off of one server ?
[22:47] <KnightHacker> databits: Virtual Hosts?
[23:27] <hallyn> zul: around?
[23:27] <zul> hallyn: kind of...whats up/
[23:28] <hallyn> zul: on blueprints for natty,
[23:28] <hallyn> you marked containers-in-uec 'pending approval'
[23:28] <hallyn> does that come before review?
[23:28] <hallyn> before 'review' state, that is
[23:28] <hallyn> just wondering what i shoudl do with mine...
[23:28] <zul> hallyn: good question im not sure..
[23:28] <hallyn> SpamapS: you marked yours 'review' right?
[23:29] <hallyn> mathiaz: oh, you're prolly the one i should ask :)
[23:30] <mathiaz> hallyn: once i've finished writting my spec and put them in a review state
[23:30] <mathiaz> hallyn: so that other team members can start to look at them
[23:30] <mathiaz> hallyn: pending aproval is the last step
[23:30] <mathiaz> hallyn: before the specs is actually accepted for this release cycle
[23:31] <SpamapS> hallyn: the ones I'm ready for peopel to review, yes
[23:32] <SpamapS> and people too
[23:32] <SpamapS> IMO, review means "everybody take a look" pending approval means "discussion over, give me a yes or no approver"
[23:33] <SpamapS> I set one of mine to Pending Approval because its basically just a TODO list of stuff for me..
[23:46] <hallyn> mathiaz: thanks!