[00:40] <abstrakt> if I want to have users on the system already be the users who have email accounts, then I use postfix with dovecot sasl and mechanisms = plain login... if I want to have virtual users, then I'll need to setup up dovecot as per http://wiki.dovecot.org/HowTo/SimpleVirtualInstall instead
[00:40] <abstrakt> is this correct?
[01:21] <abstrakt> can someone help me with setting up dovecot virtual users for postfix?
[01:22] <abstrakt> I tried the instructions here http://wiki.dovecot.org/HowTo/SimpleVirtualInstall but that doesn't work
[01:22] <abstrakt> my postfix + dovecot + sasl implementation works fine
[01:22] <abstrakt> but that's only good for users that already exist on the system
[03:18] <arrrghhh> i added a job to my user's crontab, and it doesn't seem to be running... where does cron log to
[03:19] <tonyyarusso> arrrghhh: Normally it sends mail to the running user.
[03:19] <arrrghhh> hrm
[03:19] <arrrghhh> in /var/mail...?
[03:22] <tonyyarusso> arrrghhh: yeah
[03:22] <AndyGraybeal> arrrghhh, tonyyarusso, would that show up in syslog at all?
[03:22] <tonyyarusso> well, assuming delivery to the local system.
[03:23] <AndyGraybeal> also?
[03:23] <arrrghhh> i don't use any mail system on here
[03:23] <arrrghhh> /var/mail is empty
[03:23] <arrrghhh> let me check syslog
[03:23] <tonyyarusso> AndyGraybeal: It *might* show up in mail log, but I don't think so for local accounts.  Don't remember offhand.
[03:24] <tonyyarusso> arrrghhh: could also be $HOME/Mail or $HOME/Maildir - lots of ways to configure this I'm afraid :S  (or disable entirely)
[03:27] <arrrghhh> well i never did anything in respect to mail
[03:28] <arrrghhh> i don't have a $HOME/mail anything
[03:28] <arrrghhh> .mail
[03:28] <arrrghhh> Mail
[03:28] <arrrghhh> nothin
[03:28] <arrrghhh> nothing in syslog either.
[03:28] <arrrghhh> oh wait
[03:28] <arrrghhh> there may be 1 sec haha
[03:29] <arrrghhh>  MAIL (mailed 56 bytes of output but got status 0x004b#012)
[03:29] <arrrghhh> from cron
[03:29] <arrrghhh> hrm
[03:29] <arrrghhh> i know i've gotten mail from roots crontab
[03:29] <arrrghhh> i'll put the command in there, see what happens..
[04:26] <arrrghhh> so it looks like i do have a postfix/sendmail issue
[04:27] <arrrghhh>  nas postfix/sendmail[8510]: fatal: open /etc/postfix/main.cf: No such file or directory
[04:27] <arrrghhh> but i don't really need anything emailed outside of the local server... i mean i guess it would be nice to get email alerts, but i don't really want to set that up right now haha
[04:41] <ehnde> how do i convert a desktop install to a server install?
[04:42] <ehnde> i just want to get rid of x and all the bloat that comes with it
[04:42] <ehnde> tried apt-get remove ubuntu-desktop and it just removed the metapackage
[04:43] <twb> ehnde: apt-get autoremove?
[04:44] <ehnde> didn't work either :(
[04:44] <twb> What about "aptitude install" without arguments?
[04:44] <arrrghhh> might have to remove the packages manually.
[04:45] <arrrghhh> probably easier to backup your configs and install -server fresh...
[04:45] <twb> Yeah.  If you installed the metapackage at install time, or from a stupid broken tool, your auto database won't be populated and apt will think ALL packages were manually installed.
[04:46] <ehnde> i thought i was installing off of a server cd, didn't realize it was desktop
[04:46] <ehnde> i'll just download a fresh iso
[04:46] <arrrghhh> you installed desktop?
[04:46] <arrrghhh> oh
[04:46] <arrrghhh> yea dude if it's a fresh install, install server.
[04:46] <arrrghhh> i think the kernel is different.
[04:46] <arrrghhh> probably just compiled with some different options.
[04:47] <ehnde> thanks
[04:47] <arrrghhh> np
[04:47] <twb> Have a look at /var/lib/apt/extended_states; see if the packages in question have Auto-Installed: 1
[04:47] <twb> If not, reinstall is easiest
[04:48] <twb> arrrghhh: you *can* install from the alternate CD and then just change the installed packages -- both installers back onto the same archive.
[04:48] <arrrghhh> ...so the kernel isn't different?
[04:48] <twb> The kernel that's installed by default is different
[04:48] <arrrghhh> like i don't think desktop 32-bit is compiled with PAE support
[04:48] <twb> But you can simple say "apt-get install linux-image-amd64-server" or so
[04:49] <twb> Obviously doing the install from the right medium is still preferable.
[04:49] <arrrghhh> haha fair enough
[04:50] <ehnde> it was a virtual machine on esxi with 1gb of ram
[04:50] <ehnde> heh
[04:51] <ehnde> the website has changed drastically :o
[04:52] <twb> What website?
[04:52] <ehnde> ubuntu.com
[04:57] <twb> I wouldn't know.  I just go to archive.ubuntu.com/dists/<release>/main/installer-<arch>/ or so
[04:58] <twb> http://archive.ubuntu.com/ubuntu/dists/{hardy,lucid,maverick}/main/installer-amd64/current/images/netboot/ubuntu-installer/amd64/{linux,initrd.gz}
[05:00] <zetheroo> how easy is it to install a GUI for ubuntu server?
[05:00] <solidrock> hi guys, need some little help
[05:00] <ehnde> lol we were just talking about the reverse of that
[05:00] <solidrock> ahaha
[05:01] <zetheroo> about removing the GUI/
[05:01] <zetheroo> ?
[05:01] <ehnde> zetheroo: do you mean remote management or a desktop, like gnome or kde?
[05:01] <solidrock> removing GUI ?
[05:01] <ehnde> yes...i was trying to remove ubuntu-desktop
[05:01] <zetheroo> ehnde: desktop
[05:01] <solidrock> ubuntu server comes on default cli
[05:01] <zetheroo> yep
[05:01] <ehnde> sudo apt-get install ubuntu-desktop
[05:01] <blackshirt> zetheroo: you can remove ubuntu gui
[05:01] <zetheroo> that easy eh ...
[05:01] <solidrock> to remove it apt-get remove ubuntu-desktop
[05:02] <solidrock> ei guys,
[05:02] <zetheroo> won't apt-get remove ubuntu-desktop tear out a lot of stuff with it!?
[05:02] <solidrock> yea
[05:02] <solidrock> btw, i'm looking for ubuntu 8.10 backport address any idea on it?
[05:03] <twb> solidrock: 8.10 is EOLd
[05:03] <solidrock> yea, that's why backports comes on it
[05:04] <twb> Er, no, that's why you should schedule an upgrade ASAP
[05:04] <twb> EOLd software receives no security patches
[05:04] <solidrock> i'm planning to switch on debian lenny but for the meantime i'm trying to install puppet on one of my ubuntu box
[05:05] <twb> IIRC the repos are still available somewhere; they get moved to a secondary area at EOL
[05:05] <solidrock> i'll be checking on it. This lately i've noticed while fetching for security updates it is no longer available and err comes on it.
[05:06] <twb> RIght; that's because it's EOLd
[05:06] <solidrock> what jaunty?
[05:06] <arrrghhh> 9.04
[05:06] <twb> jaunty is the codename for (IIRC) 9.04
[05:07] <solidrock> i think jaunty is also EOLd
[05:07] <twb> https://help.ubuntu.com/community/EOLUpgrades
[05:07] <twb> solidrock: that covers the details you need; particularly it's s/archive/old-releases/ in sources.list
[05:08] <solidrock> ei, can i upgrade from 8.10 to new release?
[05:08] <twb> solidrock: yes
[05:08] <solidrock> even on live
[05:08] <twb> solidrock: you should follow the instructions on the page I linked to (and https://help.ubuntu.com/community/Upgrades)
[05:08] <twb> solidrock: I don't know what "on live" means.
[05:09] <solidrock> meaning even on live production network
[05:09] <solidrock> do the upgrade require reboot ?
[05:09] <twb> Upgrades to the kernel require a reboot
[05:09] <twb> A new release usually involves a new kernel
[05:10] <solidrock> so it's just a kernel what about the packages?
[05:10] <twb> Most packages do not require a reboot.
[05:10] <solidrock> would there be an upgrade for the packages?
[05:10] <twb> Some low-level packages like udev and upstart might
[05:10] <solidrock> ic..
[05:12] <ehnde> 8.04 is supported until 2013 according to this https://wiki.ubuntu.com/LTS
[05:12] <ehnde> am i reading that wrong?
[05:13] <arrrghhh> it is
[05:13] <arrrghhh> but 9.04 isn't an lts release
[05:13] <ehnde> nvm you guys were talking about 8.10
[05:14] <solidrock> yes we're talking on LTS release
[05:15] <solidrock> 8.10 LTS ubuntu server
[05:15] <arrrghhh> 8.10 isn't LTS
[05:15] <arrrghhh> 8.04 is
[05:15] <arrrghhh> 10.04 is
[05:15] <arrrghhh> 6.06 is as well... but i think that just recently fell out of support.
[05:16] <twb> arrrghhh: it did
[05:16] <arrrghhh> yea
[05:16] <ehnde> oh well...don't much care about my labserver. latest and greatest version works fine for me.
[05:17] <solidrock> i'm running squid box on ubuntu 8.10
[05:17] <solidrock> do you think guys do i need to go for an uograde
[05:18] <twb> solidrock: if it exposed to untrusted networks (e.g. internet), definitely.
[05:18] <solidrock> just using it on a private network
[05:18] <arrrghhh> 8.10 will be difficult to upgrade if you let it sit tho.
[05:18] <solidrock> aw
[05:18] <arrrghhh> EOL upgrades suck
[05:19] <arrrghhh> i think you're already in that situation tho
[05:19] <arrrghhh> so i'd upgrade ASAP
[05:19] <arrrghhh> or y'know just leave it
[05:19] <arrrghhh> if you really don't care, there's nothing saying you _have_ to upgrade.
[05:19] <solidrock> does anyone of you encounter problem while upgrading to lower to newer one?
[05:19] <arrrghhh> you mean downgrade to 8.04?  not possible.
[05:21] <blackshirt> it will break your system
[05:24] <solidrock> upon checking the link i need to go for 2 upgrades
[05:24] <solidrock> one for jaunty 9.04 and the other one is 9.10
[05:25] <solidrock> way to ridiculous to do that if system lost its connection
[05:33] <arrrghhh> solidrock, screen is your friend
[07:46] <Maleko> is anyone familiar with ulimit config.
[07:47] <Maleko> i have a process that keeps on crashing with "CMDLCache:: Out of memoryCMDLCache:: Out of memory" message
[07:48] <Maleko> there was still plenty of memory when the app crashed
[07:51] <twb> Maleko: it should be trivial to check that by running ulimit -a in the parent environment
[07:51] <twb> There is no memory ulimit by default.
[07:53] <Maleko> twb: http://pastebin.com/3na9jsCD
[07:58] <solidrock> ei guys, I've installed squid on my ubuntu jaunty after i rebooted the computer the squid did'nt start,  i still to manually start the squid
[08:00] <SpamapS> solidrock: 1) jaunty has reached the end of its life, and is no longer maintained w/ security fixes/updates. 2) does /var/log/syslog give any clues?
[08:00] <SpamapS> solidrock: also try 'ls -l /etc/rc2.d/*squid' .. so you see a symlink there with an 'S' in front of it?
[08:01] <Maleko> twb: if theres no mem limit, why i still get that out of memory message then?
[08:02] <SpamapS> Maleko: you can get an OOM error if you ask for *a lot* of RAM at once.
[08:02] <Error404NotFound> I just setup a vsftpd server and getting http://pastebin.com/cZw5U2rX
[08:03] <SpamapS> Maleko: also if you asked for shared memory, that has limits separate from regular memory limits
[08:03] <Maleko> any workaround?
[08:03] <solidrock> can i install chkconfig on ubuntu?
[08:04] <SpamapS> solidrock: you can.. not sure if it works exactly right tho
[08:06] <Maleko> also what does max locked memory refer to?
[08:08] <SpamapS> Maleko: locked memory never swaps out to disk
[11:04] <zealiod> how can i broute with ebtables so that traffic coming in with a 802.1Q tag goes to eth1?
[11:10] <twb> zealiod: ask #netfilter
[11:17] <Willem65> hi everyone
[11:17] <blackshirt> hi Willem65
[11:18] <Willem65> am I still on?
[11:19] <Willem65> forgive me if i'm clumsy, it's been a long time since I used irc
[11:19] <twb> Willem65: you are.
[11:19] <Willem65> I dropped in because I'm a little confused with all these firtualisation techniques in Linux
[11:20] <Willem65> I'll be back in a little while. I need a graphical client :-)
[11:21] <twb> Pussy
[11:21] <Willem65> No :-)
[11:21] <Willem65> Ok... I'll stick with this.
[11:22] <Willem65> Regarding Ubuntu Hardy (8.04LTS)... Will it cause trouble using Xen, KVM and others together?
[11:23] <twb> I use vmware-server 1.x and openvz on the same 8.04 server.
[11:23] <twb> I don't know about xen and kvm together, specificall
[11:23] <Willem65> I want to move away from VMWare.
[11:24] <Willem65> It's a nice tool, but not open source
[11:24] <twb> I hate vmware
[11:25] <yann2> Willem65, upgrade to lucid if you plan on using KVM
[11:25] <Willem65> at the moment, I have one VM running in Xen, works nicely. Next I wanted to migrate an existing VM (Fedora) from VMWare to Xen...
[11:26] <Willem65> That is where the confusion started
[11:26] <Willem65> Yann2, thanks for the hint. Lucid = 9.something, right?
[11:27] <twb> I think the party line is: just use kvm for everything
[11:27] <twb> Willem65: lucid is 10.04LTS
[11:27] <Willem65> @twb, but in Lucid the Xen-tools package is missing, right?
[11:28] <twb> I don't know.
[11:28] <twb> Oh yeah, I remember.  Xen dom0 isn't supported in 10.04
[11:28] <twb> Why do you want Xen?
[11:28] <Willem65> Errr... Because it is the first OpenSource vm that I found :-)
[11:29] <twb> So: ignorance.
[11:29] <twb> 22:27 <twb> I think the party line is: just use kvm for everything
[11:29] <Willem65> [blush]
[11:29] <twb> I suggest you start with 10.04 and kvm and see how that goes
[11:29] <twb> Assuming you have hardware VM support, that is.
[11:30] <Willem65> @twb: I'll give it a go. Does it matter that it is a headless machine? I do everything from commandline.
[11:30] <twb> It does not.
[11:30] <Willem65> Sounds good.
[11:30] <twb> kvm actually has better support than most; it can connect the guest's 80x25 vga console or serial console to a curses UI, a pty, or stdio
[11:31] <twb> vbox can't do ANY of that unless you get the proprietary version
[11:32] <zion_11> hi
[11:32] <Willem65> Hmm :-) Thanks for all the hints. Let me have a go at kvm then!
[11:32] <Willem65> Hi Zion
[11:33] <zion_11> my boss wants the following kind of scenario.  2 webservers,  1 local and one at another site, if one server goes down for whatever reason. the offsite server kicks into gear and the "user" sees no or virtually no down time for the website...anyone familliar with that soft of thing?
[11:33] <zion_11> sort^
[11:34] <yann2> twb, virtualbox is oracle now anyway, and will probably go the same way as other projects, so I wouldnt invest a dime in it
[11:35] <the_archit3ct> zion_11: what for ? website ?
[11:35] <zion_11> yes, website
[11:35] <Willem65> One more question about kvm before diving in all the way: Can a VM be migrated to another kvm enabled machine without too much fuss?
[11:37] <the_archit3ct> zion_11: server 1 -> cron + send website tarball to the other server
[11:37] <the_archit3ct> server 2 -> receive tarball, extract
[11:38] <the_archit3ct> server 2 always accessible via ip
[11:39] <Willem65> zion_11: Is the content of the website static or dynamic (e.g. database driven?)
[11:39] <zion_11> dynamic
[11:39] <the_archit3ct> and if server 1 is down, domain name => server 2 ip
[11:39] <zion_11> how do i set that "IF" ?
[11:40] <zion_11> i do a good bit of work with webservers/VM's and linux but im not really super-qualified in those areas...
[11:40] <s093294> Hello. I have two server-boxes, one working as firewall(192.168.0.1) and another that have an pptp connection open(ppp0, 79.142.229.95). What iptables commands would i need for forwarding all trafic on the pptp box to the firewall. I just use the pptp box to create the pptp connection. (so i can provide all my forwarding rules on my firewall instead of to boxes)?
[11:41] <Willem65> zion_11: Then you may want to use some kind of 'hot' replication between the main server and your backup.
[11:41] <zion_11> i think im looking for something that can test connectivity and then somehow authorize a switchover of service
[11:42] <zion_11> hmm
[11:42] <the_archit3ct> zion_11: server 2 -> cron : ping server 1
[11:42] <Willem65> I need to get going... Wife has sandwiches for me :-)
[11:42] <the_archit3ct> if ping = 999 then change ip
[11:43] <Willem65> Thanks for letting me pick your minds.
[11:43] <the_archit3ct> just code a php or python thing
[11:43] <Willem65> quit
[11:45] <zion_11> ok, ive been talking with my boss (he just got in)
[11:45] <zion_11> what we are looking at is, a 'front'
[11:45] <zion_11> sorry
[11:46] <zion_11> 'front facing' server
[11:47] <zion_11> that has the task of detecting if server1 is up and would also direct web requests
[11:47] <zion_11> if it detects that server1 is down it would then start forwarding the requests to server2
[11:48] <the_archit3ct> yup
[11:48] <zion_11> this "front-facing server" would  have to be in the same space as the "offsite" location to ensure availability
[11:48] <the_archit3ct> this front facing server could be the server2
[11:49] <the_archit3ct> no special need to have 3 servers
[11:49] <the_archit3ct> server2 is a backup, so it will not have a lot of requests
[11:49] <the_archit3ct> so you can do it check all time if server 1 is up
[11:50] <zion_11> but how does that work with dns?
[11:50] <zion_11> if client types ww.foobar.com and foobar is set to such and such IP...?
[11:50] <palt> Im having a problem with home folder over NFS with gtk. When I log in to KDE everything works fine. But the moment I try to start a GTK app, the app just freezes. Same happens when I try to login to GNOME, the whole desktop freezes. However, on the command line or KDE the home folder is there with all my files and everything i accessible.
[11:51] <zion_11> please go ahead i have to brb
[11:58] <zion_11> back
[12:02] <zion_11> ok so while talking to my boss it seems that perhaps 2 servers only would serve
[12:03] <zion_11> you say that with cron (sadly i lack any cron experience) it has a feature to compress the whole website in a tarball and send it to another wbserver?
[12:03] <mgolisch> palt: does the xsession-errors file contain any usefull information?
[12:05] <mgolisch> probably related to creation of the gvfs mount points
[12:19] <the_archit3ct> zion_11: cron just launch a command any second/minute/hour/day/year/century
[12:19] <the_archit3ct> just make it launch a bash script
[12:20] <the_archit3ct> wich make a tarball of your website and SQL bases
[12:20] <the_archit3ct> but I've never done that
[12:20] <the_archit3ct> it's just what I would have done :-)
[12:38] <palt> mgolisch: I get some complaints about "Locale not supported by C-library." And it has some trouble parsing some of my config files. But I don't find anything about gvfs
[13:03] <zul> morning
[13:05] <blackshirt> zul: where do you come from zul..on my place, still night..
[14:41] <jcastro> SpamapS: around?
[14:45] <hggdh> Daviey: do you have an idea of when we will get euca-add-user working on natty?
[14:45] <hggdh> Daviey: and good morning :-)
[14:47] <Daviey> hggdh: hey!
[14:47] <Daviey> hggdh: Hopefully, very, very soon
[14:47] <hggdh> Daviey: thank you
[15:12] <jdstrand> kees: hey. does your mouse work in libvirt/kvm guests on a natty host?
[15:12] <jdstrand> kees: I upgraded and the mouse doesn't work :(
[15:13] <abstrakt> any of you guys know much about postfix and dovecot (POP3/SMTP)... I tried both the setuid root trick and the sudo trick as detailed here http://wiki.dovecot.org/LDA but the instructions are a bit vague "Then start deliver as a user that belongs to secmail group." <- what does this mean exactly? how do I accomplish this? or this "Then configure your MTA to invoke deliver as user 'dovelda' and via sudo" <- what does that mean? I don't have a
[15:13] <abstrakt> dovelda user only a dovecot user, am I supposed to make a new user called dovelda and if so, as before, how do I invoke the script "as" the dovelda user?
[15:14] <DasEi> abstrakt: one by one, so ..
[15:15] <DasEi> abstrakt: deliver as a user that belongs to secmail group ;; have a user peter, there is the group secmail  : sudo adduser peter secmail
[15:15] <DasEi> abstrakt: I assume your app created that group, check yourself
[15:16] <abstrakt> DasEi: my app?
[15:16] <abstrakt> DasEi: what app would that be? and no, "my app" didn't create that group, I created that group manually
[15:16] <DasEi> abstrakt: aka postfix,dovecot
[15:16] <abstrakt> DasEi: no neither postfix nor dovecot created that group
[15:16] <abstrakt> DasEi: I created it myself
[15:17] <DasEi> abstrakt: so add the desired user to it as shown above
[15:17] <abstrakt> DasEi: ahh, I see... so since dovecot delivers mail as the relevant system user, I should add my system user to that group
[15:17] <abstrakt> DasEi: I was adding the dovecot user itself to that group
[15:18] <abstrakt> DasEi: ok what about option number two? using sudo?
[15:19] <DasEi> abstrakt: ŷour next question, be logged in as peter or dovelda or whatever, then start pulling mail from that account. If not in , a login peter (or whatever) brings you there
[15:20] <DasEi> abstrakt: or use sudo to pull with superuserprivilegs (less secure)
[15:22] <abstrakt> DasEi: no it's not about pulling the mail, it's about delivering the mail
[15:22] <abstrakt> DasEi: checking the mail isn't as much of an issue (so far)
[15:25] <DasEi> abstrakt: same approach
[15:26] <abstrakt> DasEi: I still don't understand how to invoke sudo "as that user"... so you're saying that if I have a user such as johnsmith on my system, that when dovecot delivers mail it will deliver as johnsmith, so then I will need to add johnsmith to the sudoers file for the deliver command only?
[15:27] <abstrakt> and I will need to add any and every other user on the system, who needs to receive mail, to the sudoers file as well, correct?
[15:27] <DasEi> abstrakt: no, either have johnsmith in the secmail and deliver from that account or prefix delivering with sudo, so won't get a permission problem
[15:31] <Alex90> hi, I'm trying to set up a server and it can resolve an address to an ip but then can't ping it. I've tried adding the default gateway with route add and it still can't get out.
[15:37] <DasEi> Alex90: you can't ping the the server or the server can't ping ?
[15:39] <abstrakt> DasEi: but the document says to prefix with sudo and run the command "as the dovelda" user
[15:39] <abstrakt> DasEi: I don't have a dovelda user
[15:39] <abstrakt> DasEi: only a dovecot user
[15:39] <abstrakt> DasEi: in regards to sudo that is
[15:40] <Alex90> DasEi: the server can't ping hosts on the internet
[15:41] <DasEi> abstrakt: http://wiki.dovecot.org/LDA
[15:42] <abstrakt> DasEi: yes I read that
[15:42] <DasEi> Alex90: so sudo ping google.com doesn't work ? be aware many hosts drop pings for security reasons
[15:42] <abstrakt> DasEi: I don't have a dovecotlda user
[15:45] <DasEi> abstrakt: again dovelda is a user as johnsmith, with the ability of sudo for delivering mail, and it's an insecure approach
[15:45] <Alex90> DasEi: no it doesn't but we can ping it form an external host. And I don't think it's being block as we had windows on that box before and it wored fine then.
[15:45] <zul> SpamapS: ping
[15:46] <abstrakt> DasEi: ok, got it
[15:46] <eriksson25> anyone, need help with the comands for runing fsck on a ext4, its not mounted so just need the right comand
[15:46] <DasEi> Alex90: any firewall installed ? what is terminal-response if you enter sudo ping google.com, just timeout ?
[15:46] <abstrakt> DasEi: so I would need to give every user who receives mail access to sudo for that one deliver command
[15:47] <DasEi> abstrakt? receives mail access ?
[15:47] <DasEi> eriksson25: mount (check again its NOT mounted)
[15:48] <DasEi> eriksson25: sudo fdisk -l (determine right partition)
[15:48] <DasEi> eriksson25: sudo e2fsck /dev/whatever    ,with whatever your sdXX
[15:48] <Alex90> DasEi: yes there's a firewall but that didn't stop windows on the same box pinging so I don't see it would stop it now. When we ping it resolves the ip address then timesouts
[15:49] <DasEi> Alex90: try with fw down, that'll be the trick
[15:50] <Alex90> DasEi: how do I take it down? /etc/init.d/fw down??
[15:50] <DasEi> Alex90: which fw is installed ?
[15:50] <DasEi> just ufw ?
[15:51] <Alex90> alex90: no theres an ipcop box (just using iptables I believe)
[15:51] <abstrakt> DasEi: yeah, deliver delivers mail as the user account of the user in question doesn't it? so if mail is going to johnsmith then deliver delivers as the user "johnsmith" and if it's going to "sallyjane" then it delivers as "sallyjane", so therefor both johnsmith and sallyjane (shell users with home dirs of /home/johnsmith and /home/sallyjane) would both need to be in the sudoers file with permission to run the dovecot deliver command as sud
[15:51] <abstrakt> correct?
[15:53] <Alex90> DasEi: I can't take down the firewall: coropate environment. But I don't understand why it would start blocking ping packets now when it didn't before and the only thing that's chagned is the OS.
[15:53] <DasEi> Alex90: I speak of the serverbox, and if ping through that ipcop worked before as you said, it has to be the server
[15:54] <DasEi> abstrakt: y/n.. yes:  deliver delivers mail as (or better from) the user account of the user in question
[15:55] <Alex90> DasEi: right, I've tried adding the default gateway, which casued this problem on other servers I've set up here but it hasn't made any difference in this case. Any ideas?
[15:56] <DasEi> abstrakt: no : if mail is going to johnsmith then deliver delivers as the user "johnsmith" , if mail is going to johnsmith by deliver, it depends who invoked deliver
[15:57] <abstrakt> DasEi, "if mail is going to johnsmith" vs "if mail is going to johnsmith by deliver" I don't see the difference between these two
[15:57] <DasEi> Alex90: I guess it's a fireall, try sudo ufw disable, and again , anything special like firestarter or such on the server ? basic freeing of iptables in following link, second task :
[15:57] <qman__> Alex90, check the output of `sudo iptables -L`
[15:57] <DasEi> http://www.cyberciti.biz/tips/linux-iptables-9-allow-icmp-ping.html
[15:57] <qman__> regardless of the higher-level firewall installed, that will tell the whole story
[15:58] <qman__> ubuntu, by default, has no firewall set up, so if you didn't set one up, it won't have one
[15:58] <qman__> it should have no rules and say ACCEPT policy on all three
[16:00] <DasEi> abstrakt: the problem your chewing on is the permission of the user invoking deliver, as deliver has to access the MTA, and, whereas mail going to another account than the invoking one, needs writeacces in that particular user home dir, too
[16:07] <Alex90> qman__: even with ufw off it still can't ping and all the iptables policies said accept
[16:08] <qman__> Alex90, then, either your networking is incorrectly configured, or your corporate firewall is blocking you
[16:08] <eriksson25> DasEi, thx, worked =)
[16:09] <DasEi> so just pull the plug again :)
[16:09] <eriksson25> me?
[16:09] <DasEi> eriksson25: just joking
[16:09] <DasEi> as in how to corrupt filesystems
[16:10] <eriksson25> =) Got a failed system disk. But managed to back it up, thanks to fsck.
[16:11] <qman__> interesting
[16:11] <qman__> ip a s is showing my interface state as unknown, despite me clearly being online
[16:29] <nhck> How is it that for traceroute messenger.live.com on a ubuntu machine I get "unknown host messenger.live.com" I don't get this error on a windows machine?
[16:30] <nhck> I can do any other e.g. traceroute www.tu-harburg.de which works on ubuntu&windows
[16:38] <qman__> nhck, messenger.live.com is either not resolving to an IP, or is resolving to the wrong IP
[16:38] <qman__> possibly DNS caching or pointing to a server with an outdated record
[16:39] <jpds> Looking at all those CNAMEs, I'm surprised it's not slow as sin.
[16:40] <jpds> nsatc.net has address 127.0.0.1 - well done.
[16:40] <nhck> haha
[16:40] <nhck> hmm, okay, I was already thinking that it shouldn't be possible to tell the os by traceroute
[16:41] <jpds> nhck: traceroute doesn't work for me either; however host does.
[16:44] <nhck> jpds: well the msn-empathy-thingy isn't working for one of the guys here so i was checking what was wrong with messenger.hotmail.com/messenger.live.com and this behavior was strange  I thought.
[16:47] <jpds> nhck: There's a series of bugs about that, for instance: bug #255307.
[16:48] <zul> SpamapS: no idea...check the php mailing list?
[16:49] <SpamapS> zul: ack
[16:50] <JanC> IIRC MSN moved to a new hostname or something
[17:06] <eriksson25> Anyone, what is the comand for making a user without any home folder. Just username and passwd.
[17:08] <nhck> eriksson25: useradd -M LOGIN
[17:12] <eriksson25> thx
[17:18] <jdstrand> hallyn: hey, so I upgraded to natty this morning and can't seem to get vnc to work
[17:19] <jdstrand> hallyn: well, that isn't quite true-- it all works except for the mouse (ie, display, keyboard work, mouse no)
[17:19] <jdstrand> hallyn: is this a known issue?
[17:19] <jmgalloway> I have an ssh question
[17:20] <bluefrog> jdstrand, #ubuntu+1 might be a better place for an anwser
[17:26] <hallyn> jdstrand: haven't heard of it
[17:26] <hallyn> jdstrand: vnc at all, or vnc to libvirt/kvm?
[17:27] <jdstrand> hallyn: I am using libvirt. it does the whole '-vnc 127.0.0.1:0' thing
[17:27] <hallyn> i've not heard of anything...
[17:27] <jmgalloway> anyone here good with ssh?
[17:27] <jdstrand> hallyn: I can connect with virt-viewer and virt-manager (gtk-vnc) and vncviewer: all work except the mouse
[17:27] <jdstrand> hallyn: ie, I click in the vnc window and I can't move it around
[17:28] <jdstrand> hmmm
[17:28] <jmgalloway> I have an error on one of my machines that will not let me connect with ssh to it
[17:28] <hallyn> jdstrand: btw, to upgrade to natty, you just tweaked /etc/apt/sources.list?
[17:28] <hallyn> (tried that in a vm and it failed)
[17:28] <jdstrand> hallyn: on servers: 'do-release-upgrade -d', on desktops 'update-manager -d'
[17:29] <jmgalloway> I keep getting this at the command line when I try to connect with ssh:  Recieved disconnect from 192.168.1.122:  2:  Too many authentication failures for clcuser
[17:29] <hallyn> hm, i told me nothing ws avail last week
[17:29] <jmgalloway> anyone know how to fix this?
[17:29] <hallyn> jmgalloway: hm, do you have too many keys loaded in your agent?
[17:29] <hggdh> Daviey: be prepared... bounced the test rig last Friday, let it idling... today I found an OOM on the Walrus
[17:29] <jdstrand> hallyn: did you add '-d'? that is the trick
[17:29] <hallyn> i'll re-try, thx.
[17:29] <hallyn> as for libvirt,
[17:30] <hallyn> i've seen nothing on m-l
[17:30] <hallyn> lemme check changelog
[17:30] <jmgalloway> should I remove the keys on the remote computer?
[17:30] <jdstrand> hallyn: I think it is a host problem tbh
[17:30] <jdstrand> hallyn: but I guess it could be libvirt, Idk
[17:30] <hallyn> jdstrand: can you fire up a regular vncserver and connect to that?
[17:31] <hallyn> jmgalloway: no, just ssh into your localhost, and try from there
[17:31] <jdstrand> hallyn: in the guest?
[17:31] <hallyn> jdstrand: on the host
[17:31] <hallyn> well, sure, and on the guest )
[17:31] <hallyn> :)
[17:32] <jmgalloway> ssh from where?
[17:33] <nhck> jpds, qman__: I fixed it my manually installing papyon-0.5.2. There is no upstream release for that (yet)
[17:33] <jmgalloway> run ssh to localhost on the remote box?
[17:34] <hallyn> jmgalloway: ssh from localhost to localhost - just to give you an enviroment where you haven't laoded any ssh keys into your keyring
[17:34] <hallyn> then from there try to ssh to remove host
[17:34] <hallyn> jmgalloway: hm, or maybe just 'ssh -i .ssh/<thereightkey> remotehost' will work
[17:35] <jmgalloway> ok i'll try that
[17:36] <jmgalloway> didnt work
[17:36] <jmgalloway> got the same error
[17:37] <jmgalloway> I know it has something to do with the maxauthentries variable
[17:38] <jmgalloway> on the remote machine's ssh_config script
[18:00] <SpamapS> zul: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=603174
[18:00] <SpamapS> zul: looks like they stripped out php5-fpm for the squeeze release because it "didn't receive enough testing"
[18:00] <SpamapS> :-(
[18:00] <SpamapS> zul: so we'll probably need to maintain a delta until squeeze release, as we have already released php5-fpm packages
[18:01] <zul> SpamapS: oh thats fine then...theyll probably add it back after
[18:01] <s093294> Hello, i just set up iptables to reroute incoming trafic on port X to internal ip. It works for the eth1 interfaces global ip, but not the ppp0 interface(pptp ip). I can see that packages are recieved on the tcpdump of the ppp0 interface. Any ideas?
[18:01] <zul> SpamapS: no big deal right now
[18:08] <jmgalloway> I am still having the ssh problem
[18:09] <jmgalloway> it seems that my ip address has been blocked
[18:10] <patdk-wk> well, then you are just going have to wait for it to be unblocked
[18:24] <jmgalloway> how long does that take?
[18:24] <jmgalloway> it's an ubuntu 10.10 server
[18:32] <s093294> is it possible to if request for a service is incoming on ppp0 interface to reply over the eth1 interface with a iptable rule? My issue is that my ISP make me pptp to get inetaccess and global ip. I can access my pc with the global ip, but the their firewall bloks the local subnet so it cant reply over the same interface
[18:40] <jmgalloway> if I cannot ssh into a machine, and can from another, where would it block my IP address of the first machine?
[18:47] <patdk-wk> jmgalloway, depends on how it's blocked
[18:47] <patdk-wk> using fail2ban?
[18:50] <RoyK> or denyhosts?
[18:59] <aljosa> where can i set LANG env setting for apache user www-data?
[19:18] <zul> Daviey: ping
[19:18] <Daviey> zul: o/
[19:19] <zul> Daviey: are we still moving to mysql?
[19:19] <Daviey> zul: probably not :/
[19:19] <zul> Daviey: k
[19:20] <Daviey> zul: I think it's something we can re-look at in a few weeks
[19:20] <zul> Daviey: ack
[19:22] <SpamapS> Daviey: o/
[19:22] <Daviey> Hey SpamapS o/
[19:22] <Daviey> SpamapS: keeping well?
[19:23] <SpamapS> Daviey: deleting email almost as fast as it comes in now
[19:23] <Daviey> SpamapS: Use procmail to pipe it to /dev/null.... it's really fast! :)
[19:24] <SpamapS> Daviey: as far as personal well being.. I'm recovering from the absolute fun of Hawaiian style steak plate lunch, complete with mac salad, rice, and mild food poisoning.
[19:24] <Daviey> SpamapS:  Well the first part made me jealous, the second part equalised it :)
[19:24] <Daviey> SpamapS: Hope you feel better soon.
[19:25] <SpamapS> Daviey: I'm one cheezeburger away from feeling loads better.
[19:25] <Daviey> \o/
[19:26] <SpamapS> feeling very lonely all alone in the mumble server team room though. ;)
[19:26] <Daviey> ;(
[19:27]  * Daviey gets back to home life :)
[19:27] <SpamapS> Daviey: cheers then!
[19:27]  * SpamapS just remembered he needs to complete his duties as last week's meeting scribe
[19:29] <RoyK> http://pic.phyrefile.com/b/bl/blayde/2010/11/15/0p25Y.gif
[19:31] <SpamapS> RoyK: its nice to see the columbians having fun with their "product"
[19:46] <zul> Daviey: the nova-manage stuff should be in a debconf question i think
[20:09] <njin> hello to all, can someone take a look at this bug 661294 thanks
[20:11] <SpamapS> njin: looking now
[20:14] <SpamapS> njin: you are "David" I presume?
[20:14] <SpamapS> darn it
[20:47] <hggdh> fire & forget...
[20:47] <jcastro> hi SpamapS
[20:48] <jdstrand> hallyn: so, I get very distracted for a bit. I can run a vnc server on my host and connect with gtkvncviewer and it works fine
[20:48] <jcastro> SpamapS: I hear you're looking for easy things to SRU to practice
[20:49] <jdstrand> hallyn: but if a crank up a vm, I cannot
[20:53] <hallyn> jdstrand: and if you fire up a vnc server in the guest?
[20:53] <jdstrand> I am trying that
[20:54] <jdstrand> I am a vnc wimp and trying to get vino going without a mouse ;)
[20:55] <jdstrand> well, that wasn't so bad
[20:56] <jdstrand> hallyn: it works if I start vino in the guest and connect with the vino client
[20:57] <jdstrand> I guess I can try with qemu alone
[21:00] <jdstrand> hallyn: seems to be a qemu issue
[21:00] <jdstrand> hallyn: if I do:
[21:01] <SpamapS> zul: are we wanting to MIR libonig? This is in the php5 merge changelog:       * Dropped libonig-dev and libqgdbm since its in universe. (will be re-added in lucid+1)
[21:01] <zul> SpamapS: it needs to be done
[21:02] <hallyn> jdstrand: in that case it would be very interestig to see if it happens with the daily-build at https://launchpad.net/~ubuntu-server-edgers/+archive/server-edgers-qemu-kvm
[21:02] <SpamapS> jcastro: Haha I am? ;) no, I'm looking for things to SRU to make sure lucid has a good reputation. ;)
[21:02] <SpamapS> jcastro: easy is boooring. ;)
[21:02] <jcastro> https://bugs.launchpad.net/ubuntu/+source/squid-deb-proxy/+bug/666014
[21:02] <jcastro> easy peasy
[21:02] <jdstrand> hallyn: eg /usr/bin/kvm -M pc -drive file=./foo.qcow2 -vnc :2
[21:02] <SpamapS> zul: Ok, I'll file a MIR now.
[21:02] <zul> SpamapS: thanks
[21:03] <jdstrand> hallyn: vncviewer :2
[21:03] <hallyn> jdstrand: well that had better work :)
[21:04] <jdstrand> hallyn: that is what I am saying, it doesn't ;)
[21:04] <jdstrand> hallyn: keyboard and display are fine, just no mouse
[21:04] <jdstrand> hmm
[21:04] <jdstrand> maybe I need to specify the mouse to kvm
[21:04] <hallyn> what is the guest?
[21:04] <jdstrand> hallyn: lucid/amd64
[21:06] <jdstrand> huh
[21:08] <jdstrand> hallyn: do I normally need to specify the mouse? I just noticed if I start a vm with libvirt, I don't see it in the kvm output...
[21:08] <jdstrand> it is in the xml though...
[21:08] <jdstrand> <input type='mouse' bus='ps2'/>
[21:09] <hallyn> jdstrand: no, i always do kvm by hand and never specify mouse
[21:09] <hallyn> default in qemu or vncclient may have changed, of course, which woudl suck
[21:10] <jdstrand> hallyn: well, I'll file a bug
[21:11] <SpamapS> jcastro: looking now
[21:11] <SpamapS> zul: that line mentions libgdbm being in universe, but its not...
[21:12] <zul> SpamapS: doh
[21:19] <jdstrand> hallyn: fyi bug #675749
[21:20] <zul> Daviey: can you review the natty-ubuntu-packaging branch when you get a chance
[21:33] <Daviey> zul: gonna have to wait until tomorrow... won't do a good job at the moment, too tired
[21:49] <eriksson25> Anyone know why this comand dosent work--Z useradd -r /bin/false -m /opt/chrooted/ventrilo ventrilo
[21:49] <eriksson25> Anyone know why this comand dosent work--> "useradd -r /bin/false -m /opt/chrooted/ventrilo ventrilo"
[22:01] <segv`> hmm, does the /etc/apt/preferences file have the ability to maintain source packages as well?
[22:07] <SpamapS> segv`: how would you expect it to affect the 'apt-get source' command?
[22:08] <segv`> figured the version of the package it's restricted/pinned would effect it
[22:25] <SpamapS> zul: FYI, libqdbm, not libgdbm, was the culprit, and indeed, should stay in universe... as tokyocabinet is the replacement for it.
[23:53] <cvance> I have an ubuntu server setup and I installed drupal via apt-get. It installed fine, but to www.domain.com/drupal6. I would like it installed to the root of www.domain.com, how can I change the configuration?