/srv/irclogs.ubuntu.com/2010/12/07/#ubuntu-server.txt

twb	hackeron_: no	00:04
twb	http://paste.debian.net/101692/ some notes I wrote on the subject	00:05
=== jjohansen is now known as jj-afk
fluvvell	I know there's hardly anyone around, but an opinion please: Am I better with IBM's SAS raid hardware onboard a new x 3100 M3 series (entry level) or linux raid ? Its just a simple mirror setup, and the controller seems to have been detected ok.	01:00
fluvvell	I've installed linux software raid so far, but I've no idea how to compare them anyway.	01:00
ivoks	do you see both disks on your controller?	01:01
ivoks	in linux	01:01
ivoks	advante of linux raid is that you can unplug your disks and plug it in anywhere	01:03
ivoks	advantage	01:03
FunkyBob	ivoks: and by "linux raid" you mean "software raid"?	01:09
FunkyBob	fluvvell: hardware raid is just that -- the hardware does it, so the OS is ignorant of the fact there's more than one disc	01:10
hansin	Question here: I once has U-server installed on an older small PII box (300Mhz, 512Mb RAM). It ran fine. Great little box I would just SSH into. It is a little loud so only ran when needed. When I shutdown the server (done via 'sudo shutdown -h now' when SSH'ed in), it shuts down but it doesn't full turn the computer off. I have to manually hold the power button to shut it off completely....	01:20
hansin	...Thing is, I went ahead and installed Debian Testing and it shuts down completely. I want to go back to U-server (10.10) but would rather it just shutdown completely. As a side note, I have never run latest U-server on this. Any thoughts? Thanks.	01:20
hansin	I would think if Debian could shut this down completely, Ubuntu should too.	01:21
fluvvell	FunkyBob, I guess the OS knows via the SAS driver modules, but my colloquial question "better off" was meaning which will perform better, or give the biggest all around benefit.	01:24
fluvvell	FunkyBob, last time I did a comparison, it was with old paradise raid controllers, and the linux community found software raid to perform better	01:25
fluvvell	ivoks, yes I see both disks on the controller, and yes to the software raid.	01:26
FunkyBob	fluvvell: hardware raid is generally much faster	01:29
FunkyBob	"hardware assisted" raid, otoh... not always so good	01:29
qman__	real hardware raid (usually) offers better performance	01:36
qman__	linux software raid offers better compatibility and more options	01:37
qman__	which is better depends on your needs and preferences	01:37
qman__	fake raid is useless	01:37
qman__	only performs as good as software raid with the feature limitations of hardware raid	01:37
qman__	hansin, use `sudo poweroff`	01:40
qman__	if that still doesn't work, it's probably an APM/ACPI driver problem	01:40
hansin	qman__: Thanks. I just wrote all that down so I can try once I install. I think I get the driver thing as well, as in if it can't communicate the the HW to power off, the OS will shut down, but the HW will still be on. I'll test it all out.	01:46
hansin	Okay, one more question: I know U-Server can be updated to new releases (say 10.4 -> 10.10 -> 11.4) with 'do-release-upgrade' found in 'update-manager-core'. What I am wondering is, are there sometimes things that just can't update and get you to where you would be with a fresh install?	01:51
hansin	I get that things like the files system (ext3 vs. ext4) are usually set, and often GRUB will stay at GRUB vs. GRUB2.	01:51
hansin	(I don't care about these since I will install as ext4 and GRUB2). But are there other things? Like the transition from 'sysvinit' to 'upstart	01:52
hansin	', where there any issues there? Anything else that might miss out on an upgrade between releases? Thanks.	01:53
qman__	not really	01:58
qman__	the way it works is, certain packages won't be changed by default	01:58
qman__	if you want to, you can still switch to the new ones	01:58
qman__	like grub and grub2	01:58
qman__	another one is the switch from sysklogd to rsyslog(?)	01:59
qman__	if you upgrade it won't change over automatically	01:59
hansin	qman__: Thanks again. I'm going to move back to U-Server and give it another go. I just wanted to clarify the upgrade part. Knowing what you just said, I can more carefully inspect the release notes for new releases.	01:59
qman__	ubuntu has actually been using upstart since 6.10	02:00
qman__	just in sysvinit compatibility mode	02:00
qman__	the major change recently was a bunch of services to upstart scripts	02:00
qman__	they're actually trying to phase out sysvinit now	02:01
fluvvell	qman__, hardware profile says I have SAS1064ET PCI-Express Fusion-MPT SAS - driver mptsas. I'm not sure where I'll have compatibility issues, if its saying the dirver is already loaded...	02:01
qman__	fluvvell, what I mean by compatibility is, with software RAID, you can hook your array up to any computer running any recent linux kernel and access it	02:02
qman__	whereas if your hardware controller fails, you must find another compatible one to access it	02:02
hansin	qman__: Okay, thanks. One example where there is an issue with Debian but not U-Server is using the Drizzle (MySQL derivative) PPA. It uses an Upstart script, yet Debian seems still stuck on Sysvinit. Anyway, I	02:02
hansin	I'm going to switch back.	02:02
hansin	Thanks.\	02:02
qman__	no problem	02:02
fluvvell	qman__ ; yes, I've needed to do that in the past, though had failure for unrelated reasons. But with mirrored raid, all the data is on both disks <shrug>	02:03
qman__	not disk failure, controller failure	02:03
qman__	with hardware raid, reading the data off the disks is impossible without a compatible controller	02:03
fluvvell	qman__, even with mirror array?	02:03
qman__	yes	02:03
qman__	well, theoretically possible with a mirror	02:04
qman__	in practice though you'd have to test	02:04
qman__	every manufacturer does it a little differently	02:04
fluvvell	they're standard SATA drives	02:04
qman__	that's not what matters	02:04
qman__	the controller still has to store RAID information on the disks	02:04
qman__	and how and where it creates the volumes	02:05
qman__	with software raid this is standard and open	02:05
qman__	but with hardware raid it isn't	02:05
qman__	a mirror should be recoverable with some analysis, even if you can't find a compatible controller, but it may not be easy	02:06
fluvvell	yes, well part of my trepidation over doing the hardware raid setup was not knowing. Its all in the bios but unfamiliar to me	02:06
Patrickdk	is it real hardware raid? or fake raid?	02:06
qman__	fake raid is another story	02:06
fluvvell	It does seem a pity though to have a nice piece of hardware sitting there unused	02:06
qman__	since it's really just software raid, dmraid can access it even without a compatible controller	02:07
Patrickdk	I like real hardware raid with bbc, makes writes really good	02:07
fluvvell	the IBM has four sata quick load trays. They all go back to the PCI card	02:07
fluvvell	bbc?	02:07
Patrickdk	battery backed cache	02:07
qman__	yeah, that's some serious hardware	02:07
qman__	where you really see the performance gains	02:07
fluvvell	OK I'm talking sub $1K, for server and hard disks!	02:08
Patrickdk	you can spend <1k on a server? without disks or raid? :)	02:08
qman__	my disks cost nearly that much	02:08
fluvvell	:-) WITH both	02:08
Patrickdk	fluvvell, ya, software raid is your best bet	02:08
qman__	but yeah	02:08
qman__	in that price range, the hardware is unlikely to have significant performance gains	02:09
Patrickdk	ya, my disks are going start at 3k, I'm hoping for 4k though	02:09
fluvvell	reliable array of inexpensive disks	02:09
qman__	to the point where the features of software raid are worth the difference	02:09
Patrickdk	mediocer array of expensive disks :)	02:09
fluvvell	there's only 5 staff in the building	02:09
Patrickdk	doesn't matter	02:09
Patrickdk	have 7 staff	02:10
qman__	my file server is consumer grade stuff	02:10
Patrickdk	but we have 96 300gig sas dual channel 6g drives	02:10
qman__	and it still cost more than $1k	02:10
Patrickdk	but we are running around 80 vm's loaded mainly with mssql :(	02:11
qman__	unfortunately it's failing on me	02:11
qman__	the motherboard is shot, keeps crashing	02:11
fluvvell	ok just a little over $1K	02:11
Patrickdk	motherboards seem to be one of the biggest failing points these days	02:11
Patrickdk	it used to be psu, but now I think motherboard is worse	02:11
qman__	well, it was built on a budget	02:11
qman__	socket 939 foxconn	02:11
fluvvell	by the time I put two WD Blue 1Tb 7200 drives in	02:12
qman__	when I get the money to replace it, it'll be an AM3 gigabyte	02:12
fluvvell	I've never had one of the IBM mbs fail. All others I've had some failures.	02:12
=== asac_ is now known as asac
fluvvell	Long term, I've had heaps of gigabyte mbs fail, caps leak, weird chipset failures.	02:13
Patrickdk	heh, I just replace the caps	02:13
qman__	they use japanese caps now	02:13
* fluvvell lacks a good extracting temp controlled solder sucker		02:14
qman__	so far, so good anyway	02:14
SpaceBass	hey folks	02:14
SpaceBass	after an upgrade, my box doesn't have a syslog file anymore... any idea how I can recreate it?	02:15
fluvvell	Patrickdk, where I have replaced caps (on a graphics card) it didn't fix the failure so I gave up. Not worth it on a $60 card :(	02:15
Patrickdk	oh?	02:16
Patrickdk	I have fixed 13 motherboards so far that way	02:16
qman__	I actually had a VRM fry on a TV tuner, a friend replaced it and it's good as new	02:16
fluvvell	I guess the caps leak might have led to failures elsewhere.	02:16
Patrickdk	but for graphics cards I probably wouldn't bother	02:16
Patrickdk	most of the motherboard had >13 dead caps	02:16
qman__	SpaceBass, which file are you referring to?	02:17
SpaceBass	/var/log/syslog.log	02:17
* fluvvell better go		02:17
qman__	that's pretty strange, do you still have the other log files, messages, dmesg, kern, auth?	02:17
SpaceBass	yep	02:18
qman__	and it's logging new data to them?	02:18
SpaceBass	just checked, yes	02:19
qman__	I haven't run into that problem, I've upgraded hardy servers directly and a jaunty server -> karmic -> lucid	02:19
qman__	and on my systems it's /var/log/syslog, no .log at the end	02:20
SpaceBass	likewise, never seen it myself	02:20
qman__	is it running sysklogd or rsyslogd?	02:20
SpaceBass	qman__, your right, it should be /var/log/syslog	02:20
SpaceBass	syslog 616 1.7 0.0 36472 1256 ? Sl Oct24 1113:04 rsyslogd -c4	02:20
qman__	well, rsyslog uses /etc/rsyslog.conf and /etc/rsyslog.d/*.conf	02:22
SpaceBass	thanks, I'll check them	02:23
qman__	my jaunty upgrade has both of them on it for some reason, rsyslogd is running but sysklogd still has cron files and init scripts	02:23
SpaceBass	qman__, can you check owner and perms on your syslog file?	02:25
qman__	-rw-r----- 1 syslog adm 1007K 2010-12-06 21:25 /var/log/syslog	02:25
SpaceBass	thanks	02:26
SpaceBass	going to try the ole sudo touch /var/log/syslog	02:26
Cygnus_Rift	Hello everyone, can someone let me know if I have everything correct to ssh to my ssh server?	02:40
Cygnus_Rift	I installed sshd on my server and forwarded my selected ports from my router to my statically addressed server	02:41
=== hansin__ is now known as hansin
lwizardl	hello	06:03
lwizardl	I was wondering how do I figure out how much of a server I need as a virtual server host? for my other servers	06:04
hansin	lwizardl: I really don't know, but I am sure you need to determine first how many guests you want to run, what resources each of there need, and then what overhead exists on the host server. My guess is that you can "overprovision" the guests based on some formula, but don't know what the rule of thumb is.	06:06
lwizardl	hmm ok	06:10
Error404NotFound	what was the latest version having python2.5 as default python?	06:22
twb	rmadison will tell you	06:41
uvirtbot	New bug: #686343 in postfix (main) "package postfix 2.6.5-3 failed to install/upgrade:" [Undecided,New] https://launchpad.net/bugs/686343	06:57
Error404NotFound	twb, found it, it was karmic, in lucid they dropped p2.5	07:18
twb	Why is /etc/init/ssh.conf "stop on runlevel S"	07:49
twb	Surely it should be "stop on runlevel [06]"	07:49
twb	Yep	07:51
=== jj-afk is now known as jjohansen
ivoks	fluvvell: so if you see both disks, then it's not hardware controller	08:25
fluvvell	ivoks, you missed the part where I said I never set up the hardware controller during the installation.	08:30
twb	ivoks: there are some amazingly shit controllers that IBM ship which present as separate disks to normal linux kernels	08:31
twb	IIRC /dev/ccmra01 or something like that	08:31
ivoks	fluvvell: could be; i was half sleeping at 2AM	08:32
ivoks	twb: whenever someone says 'hardware on board controller', i just look on the other side	08:33
lwizardl	hey	09:06
lwizardl	anyone know of a place where I can find a list of what all games have a dedicate linux server option for hosting your own lan servers	09:07
twb	update-motd provides nothing but an empty directory	09:11
twb	What invoked update-motd?	09:11
twb	pam_motd.so	09:12
twb	Silly me for thinking it was generated DAILY	09:12
jussi	Hi all, I just got a new vps with ubuntu, but it doesnt seem to have tab complete enabled, could someone direct me how to turn tab complete on?	09:41
twb	jussi: . /etc/bash_completion	09:41
twb	(Note the leading dot.)	09:41
jussi	well I guess this is why its borked...	09:42
jussi	jussi@vps323:~$ . /etc/bash_completion	09:42
jussi	-bash: /etc/bash_completion: No such file or directory	09:42
twb	Then you probably need to install it	09:42
twb	That or you are not actually looking at ubuntu	09:42
jussi	jussi@vps323:~$ lsb_release -a	09:44
jussi	Distributor ID: Ubuntu	09:44
jussi	Description: Ubuntu 10.04.1 LTS	09:44
jussi	and so, you were right, it wasnt installed. thanks"	09:45
jussi	right, so one more quick thing, Im migrating servers now, how do I pull mysql DB's out and plug them into the new server?	09:46
tonyyarusso	jussi: Google for "Wordpress database backup restore"	09:47
jussi	tonyyarusso: ok :D (its not for wordpress, but still I guess its the same)	09:47
tonyyarusso	first two links	09:47
al	why don't you just copy the datafiles, jussi?	09:47
tonyyarusso	jussi: It's just that the WordPress people have a pretty good no-nonsense writeup on the matter.	09:47
jussi	al: because I have no idea I can!	09:47
al	well, you can	09:47
jussi	where are they likely to be located?	09:48
al	/var/lib/mysql?	09:48
al	maybe /var/db	09:48
jussi	ooh!	09:48
jussi	hrrr... someone remind me of the tar command that actually makes a tar.gz file? my combinations fail...	09:51
al	tar cvzf your.tar.gz stuff/ to/ back/ up/	09:52
tonyyarusso	tar cz...bah	09:52
al	or, well, czf will do ;)	09:52
al	create, zip, file <filename>	09:52
al	but for server migrations i find rsync -az --delete much more convenient	09:53
al	(resp. without the --delete ;)	09:54
jussi	Im still having issues with it downloading the index.php not loading it - any ideas?	09:58
twb	al: the z is actually for gzip	10:00
tonyyarusso	jussi: s/it/something useful/	10:00
tonyyarusso	g	10:01
al	twb, yea, so?	10:01
twb	You said zip, is all	10:01
al	twb, which is still correct	10:01
twb	zip and gzip both use the Lempel-Ziv algorithm, but they are not interachangable.	10:01
al	i didn't mean to imply that	10:02
twb	Okey dokey.	10:02
=== ihCiFriS is now known as SirFiChi
njin	bug 588993	10:42
uvirtbot	Launchpad bug 588993 in linux "mcelog does not work due to lack of kernel support" [Undecided,New] https://launchpad.net/bugs/588993	10:42
* SpamapS curses the baby for waking him up at 2am		10:49
Jeeves_	:)	10:51
ruben23	hi guys where do i can edit the iptables rules on my ubuntu server..? any idea where is it localted like on centos its localted on---> .etc/sysconfig/iptables <-------------for ou ubuntu server where is it...?	11:00
ruben23	any idea guys..?	11:02
Jeeves_	ruben23: How did you configure your firewall untill now?	11:04
ruben23	i just put it on my /etc/rc.local/ teh ruesl i set like masquerade since this box is set to be router.	11:05
twb	SpamapS: that's what I'd call a disproportionate response	11:06
ruben23	Jeeves_:..?	11:06
Jeeves_	ruben23: So, just keep editing that?	11:16
Jeeves_	Or use ufw	11:16
twb	iptables rules should be loaded during rcS, not rc.local.	11:17
twb	Otherwise, you are in "allow all" mode for the entire init process.	11:17
twb	Note that (usually) iptables rules can be loaded before any network devices exist.	11:18
ruben23	Jeeves_: how to used ufw...? on ubuntu-server...?	11:19
Jeeves_	ruben23: https://help.ubuntu.com/community/UFW	11:19
twb	Blergh	11:20
twb	diff -u <(w3m -dump https://help.ubuntu.com/10.04/serverguide/C/kerberos-ldap.html) <(w3m -dump https://help.ubuntu.com/10.10/serverguide/C/kerberos-ldap.html)	11:20
twb	...zero changes to that section in six months.	11:20
ruben23	Jeeves_: but there is no config file that i can put rules and edit directly on ufw..?	11:22
Jeeves_	ruben23: See /etc/ufw	11:22
twb	ruben23: if you are capable of writing complex netfilter rules, you probably don't want ufw	11:32
twb	http://paste.debian.net/101737/ is such a firewall I set up, using the iptables-persistent package.	11:33
twb	Oops, the first file is http://paste.debian.net/101738/	11:33
ruben23	twb: this is the script of the iptables..? - it just im more compatible like editing the iptables config file itself- adding rules on it.	11:34
twb	ruben23: I don't understand the question.	11:35
ruben23	twb: sorry , i sued to do firewall with centos and i just edit the file iptables and add rules in there and apply whihc is more simple- its juts im not familiar how is it with debian.	11:38
ruben23	or ubuntu server..	11:38
Zumu	yo	12:05
Zumu	I just made "apt-get upgrade" on 2.6.32 server	12:06
Zumu	upgrade had grub-pc in it, but rootfs is on raid1 ..	12:06
Zumu	should I worry that it won't boot?	12:07
=== pthsWork_ is now known as pthswork
=== jjohansen is now known as jj-afk
patdk-wk	zumu nope	13:09
Zumu	patdk-wk: but it asked where to install boot loader	13:35
patdk-wk	yep, install it to the root of the raid	13:36
patdk-wk	then it will get written to both drives, and your good	13:36
Zumu	the choice was to install to sda or sdb..	13:36
Zumu	I killed that post-install trigger	13:37
patdk-wk	guess your using softraid, or it would be so complicated	13:37
patdk-wk	mine has 3 options /dev/sda, /dev/sdb, /dev/mapper/......	13:38
jdstrand	ruben23: there is a file you can edit directly with ufw. they are in /etc/ufw/*.rules. you probably want /etc/ufw/before.rules. see 'man ufw' and 'man ufw-framework' for details	13:45
jdstrand	ruben23: but you are right, there is not one firewall system for Debian. ufw is on all Ubuntu installations, but it is opt in and you still have the choice of everything that is in Debian (or writing your own)	13:46
lau	how can I handle https://bbs.archlinux.org/viewtopic.php?pid=606993 on ubuntu-server machine ?	13:48
uvirtbot	New bug: #676508 in samba (main) "Lucid won't share printers via samba" [Undecided,Incomplete] https://launchpad.net/bugs/676508	13:51
stanman246	hi, i've got a stuck mysqld, anyone know how to fix this? I can't reboot	14:15
aliverius	since i am not familiar with how ubuntu and esp lts versions deal with package updates...	14:39
aliverius	how is it decided if a pkg is updated or not?	14:40
TeTeT	aliverius: you want to read about the SRU (stable release update process) on wiki.ubuntu.com	14:49
TeTeT	aliverius: besides SRU there are also security updates	14:49
aliverius	ok	14:51
aliverius	so it seems that if an application was accepted in the repos when it was at an early stage of its development,	14:57
aliverius	and now there is a release with more features that actually makes it more useful. then i will have to wait for another ubuntu release...	14:58
aliverius	except,of course, if i build a package myself or use a package from another ubuntu release	15:00
resno	aliverius: whats your question?	15:01
aliverius	[16:38:58] <aliverius> how is it decided if a pkg is updated or not?	15:02
aliverius	i see quassel-core irc client is stuck at 0.6.1	15:03
aliverius	0.7.1 has important security additions (not a security update)	15:03
aliverius	and in the end i am wondering how i can use the latest release	15:04
awanti	I wan to configure samba server in my office. In our office their is 4 department like Sales, Marketing, Data-base, Finance. There are 25 users in our office and have to add those users in their respective departments. But here my question is i have to give different permission for particular users in department. So plz. help me to configure this!	15:07
pmatulis	aliverius: an application's major version does not change in the course of a release's lifetime	15:08
pmatulis	!info quassel-core	15:08
ubottu	quassel-core (source: quassel): distributed, KDE/Qt-based IRC client - core/server component. In component universe, is optional. Version 0.7.1-0ubuntu1 (maverick), package size 270 kB, installed size 1068 kB	15:08
pmatulis	!info quassel-core lucid	15:09
ubottu	quassel-core (source: quassel): distributed, KDE/Qt-based IRC client - core/server component. In component universe, is optional. Version 0.6.1-0ubuntu1.1 (lucid), package size 261 kB, installed size 1028 kB	15:09
pmatulis	aliverius: so use maverick	15:09
awanti	is any buddy can help regarding samba (acl)	15:10
aliverius	i will use maverick's quassel pkg. i chose lucid cause it is an LTS afterall!	15:10
aliverius	or can i use the source pkg and build it on lucid? dependency wise it should be feasible, but i am comming from the archlinux world so i dont know how packages work here!	15:13
pmatulis	aliverius: yes, you can build your own package	15:14
aliverius	can i just download a buildscript and run it?	15:14
pmatulis	aliverius: no. it's more involved. you can either build an actual .deb file or use the PPA system (send changed source and build info to launchpad)	15:15
pmatulis	aliverius: you will need to do some reading	15:16
aliverius	ok	15:16
pmatulis	aliverius: i would say that PPA is easiest	15:16
pmatulis	aliverius: as there are multiple ways/tools to build a .deb (confusing)	15:17
pmatulis	aliverius: see #launchpad for LP-related questions	15:17
aliverius	ok ty. i will do some research 1st	15:18
uvirtbot	New bug: #686607 in openssh (main) "ssh client should mention ssh-keygen on mismatched keys" [Undecided,New] https://launchpad.net/bugs/686607	15:22
JoeyJoeJo	I've just installed ubuntu-server to a dell poweredge and all it's running is samba. What else can I run?	15:30
pmatulis	JoeyJoeJo: what release did you install?	15:31
JoeyJoeJo	10.04	15:31
pmatulis	JoeyJoeJo: here: https://help.ubuntu.com/10.04/serverguide/C/index.html	15:31
JoeyJoeJo	pmatulis: Thanks, that was a great link	15:35
pmatulis	JoeyJoeJo: you're welcome	15:35
MWelchUK_work	I'm having a bit of trouble configuring the DHCP server in Ubuntu 10.04. Specifically, PXE booting.	15:54
MWelchUK_work	I have a set of host sections, each specifying a filename. The config worked in Ubuntu 8.04, but isn't working for devices using the Intel Boot Agent on 10.04	15:55
MWelchUK_work	It seems that the file and sname don't get set in the response if the DHCPDISCOVER provides a Parameter Request List.	15:56
MWelchUK_work	I've tried setting option bootfile-name in the host sections, but this doesn't work - it only seems to work as a global option. Any ideas?	15:57
MWelchUK_work	Hey jono	15:57
jono	hey MWelchUK_work	15:58
MWelchUK_work	I assume the weather is a bit warmer with you :-)	15:58
=== xfaf is now known as zul
uvirtbot	New bug: #686627 in samba (main) "Samba server crashes on file read." [Undecided,New] https://launchpad.net/bugs/686627	16:07
kirkland	JamesPage: hey, can you join us in #ubuntu-meeting?	16:12
JamesPage	kirkland: yep - just seen the time...	16:13
=== jj-afk is now known as jjohansen
mpavel	I have an old computer that I want to setup as server and play about with it while in university	16:45
mpavel	I'm using dyndns to use a free domain name and point that to my router which will point to my server	16:46
mpavel	is there a way to setup subdomains so that I can have different websites on each running on the server?	16:46
disposable	i've just installed 10.04.1 on a system with 2 disks creating software raid. I created 3 raid1 MD devices in the installer. i formatted md0(/), md1(/var) and left md2 alone so that i could play with it later. when i do fdisk -l now, i don't see just /dev/md2, i get md2p1 md2p2 and md2p3. what are they? http://pastebin.com/8seZdjWr	17:21
RoAkSoAx	kirkland: still around?	17:38
kirkland	RoAkSoAx: in a meeting	17:39
RoAkSoAx	kirkland: ok. no worries then	17:39
RoyK	hm... pbpool 514K 97.2T 66.1K /pbpool	17:40
* RoyK has room for some pr0n		17:40
Wh1teL0tus	hi all , i installed a LAMP server yesterday but i'm new into it and i was wondering where to find the folder to put your web pages in ?	17:42
=== jeremy is now known as Guest54520
=== Guest54520 is now known as jeremyA
uvirtbot	New bug: #686671 in openssh (main) "ssh-copy-id assumes $HOME" [Undecided,New] https://launchpad.net/bugs/686671	17:46
jeremyA	hello. I've recently upgraded from 8.04.01 LTS to 10.04.01 LTS. I'm experiencing hard hangs -- which is new. This is a server running 2.6.32-26-server, without X started. I do use virt-manager over ssh-tunneled X. Nothing is logged in /var/log/messages or /var/log/kern.log	17:46
jeremyA	amd64 architecture, 8gb of ram. SATA storage in softraid 1 setup.	17:47
jeremyA	dual-core athlon X2 5400+.	17:47
jeremyA	where should I start looking?	17:47
jeremyA	I can induce hard system hangs predictably by installing an OS on a virtual machine -- this affects VirtualBox and KVM both (I switched to KVM thinking VBox was the culprit)	17:50
cokegen	dmesg ?	17:51
jeremyA	nothing shown	17:51
jeremyA	just the standard iptables kernel logging bits.	17:51
cokegen	hardware could fail at all times	17:51
cokegen	I'd not discard hardware so fast	17:52
jeremyA	I ran the identical hardware quite hard with 8.04.01 LTS for several years -- running both vmware server 1.0.6 and VirtualBox. This never happened before.	17:53
jeremyA	which is not to say it can't be hardware.	17:53
jeremyA	since nothing is getting logged to dmesg, any tips for isolating the hardware?	17:58
cokegen	memtest + cpuburn	17:59
mpavel	Wh1teL0tus: /var/www/	17:59
cokegen	doesn't hurts to turn off the machine for half an hour to test it	17:59
jeremyA	roger. I'll try cpuburn now, then rebooted into memtest this afternoon	18:00
RoyK	cokegen: I somehow think the machine is hard to test while it's off :þ	18:00
* RoyK ducks		18:01
cokegen	RoyK, :D	18:02
cokegen	I have my methods ...	18:02
cokegen	jeremyA, I'm booting a system rescue cd to see if it actually has cpuburn in it	18:03
jeremyA	thx	18:03
* RoyK just booked a long weekend in Reykjavík to thaw a bit		18:04
cokegen	mprime could be another option	18:06
jeremyA	cpuburn has run for 8 minutes now, and temperature on the cpu is stable at 32C	18:10
cokegen	what is exactly what you define as a "hard hang" man ?	18:12
jeremyA	video goes blank. keyboard mouse unresponsive. system no longer responds to pings or any network traffic	18:12
cokegen	tried noacpi ?	18:13
cokegen	and that kind of parameters booting the kernel ?	18:13
jeremyA	I have not yet tried noacpi. I can give that a shot.	18:13
* jeremyA drops off channel to reboot the gateway (which is the server in question)		18:14
cokegen	jeremyA tried something already	18:23
cokegen	?	18:23
jeremyA	rebooted with noacpi in place, I thought....	18:24
jeremyA	shouldn't the "noacpi" show up in /proc/cmdline then?	18:24
cokegen	I think it should	18:24
jeremyA	must not have taken it. better go plug a monitor into this and force it from the grub command line.	18:25
jeremyA	bbiab	18:25
cokegen	k	18:25
donspaulding	ssh-keygen -t rsa -C "tekkub@gmail.com"	18:25
donspaulding	<forehead slap>	18:26
donspaulding	aka <facepalm>	18:26
cokegen	jeremyA, yes it should (confirmed)	18:26
Wh1teL0tus	thanks mpavel !	18:29
jeremyA	yep, acpi SHOULD show up in /proc/cmdline	18:29
jeremyA	it does now	18:29
cokegen	yep	18:30
cokegen	jeremyA, acpi=off could be too	18:32
jeremyA	neither were there, I must not've updated grub.	18:32
ZacLnxNewb	hello	18:32
cokegen	I'd search the kernel docs for the kernel version you have there	18:32
jeremyA	anything in particular I should be looking for, cokegen?	18:33
ZacLnxNewb	I have a server, beyond-sight.com	18:33
jeremyA	when I drop off next time, it'll be due to server crash...	18:33
ZacLnxNewb	and I have utterly no idea how to configure webpage hosting for multiple web pages on the same server, other.beyond-sight.com versus beyond-sight.com	18:34
cokegen	k	18:34
cokegen	hopefully not ...	18:34
jeremyA	Zac: name-based virtual hosting!	18:34
Pici	ZacLnxNewb: You'd need to setup virtual hosts in your apache config and on your dns records.	18:35
jeremyA	when I get back from lunch, I can help you with that ZacLnxNewb	18:35
jeremyA	but someone here will probably beat me to it	18:35
cokegen	jeremyA, I think most of the commands are there when you boot an install	18:35
ZacLnxNewb	jeremyA: Awesome. :D	18:35
cokegen	noacpi is one and there could be others of relevance	18:35
cokegen	just saying that if I were you I'd try those parameters ...	18:35
ZacLnxNewb	Pici: DNS records how? I have a DNS updater, I need to add that to update the dns network?	18:36
ZacLnxNewb	Pici: and then Apache config for name based virtual hosts?	18:36
mpavel	does anyone know of a good guide on how to do name based virtual hosts?	18:38
smoser	i dont knwo what that would mean. "name based virtual hosts"	18:39
Pici	ZacLnxNewb: You'll need to setup a new A record for the subdomain.	18:39
smoser	oh.. apache.	18:39
smoser	sorry, i was thinking the other type of "virtual" (lxc/kvm/xen)	18:40
Pici	ZacLnxNewb: And then something like the following in your apache site configruation: http://paste.ubuntu.com/540727/	18:41
jeremyA	some sample configs for you, ZacLnxNewb, at http://ccis2122.linux-classes.com/week12/	18:43
ZacLnxNewb	Thank you	18:43
Pici	ZacLnxNewb: I guess you could use a CNAME instead of an A record if your subdomain is being served off of the same IP as the main domain.	18:43
ZacLnxNewb	jeremyA: Pici I'm trying to figure out how to make a new A record...	18:43
ZacLnxNewb	Pici: Same IP, same server hosting two web sites. :p	18:43
mpavel	Pici: is there a way to do that through a free domain from dyndns?	18:44
Pici	mpavel: I'm really not sure, but I'd guess no.	18:44
mpavel	probably that's why I wasn't able to do it so far :)	18:44
mpavel	it should work with users (maybe?)	18:45
mpavel	i couldn't get php scripts to execute though like that - but it could've been a php thing	18:45
Pici	mpavel: I'm just thinking out loud here, but you might be able to setup a new virtualhost for a different dyndns domain that points to your same IP>	18:45
mpavel	hmm	18:46
mpavel	Pici: never thought of that	18:46
elnur	Hi. Is there a trend about grub and xen fuckup in latest days?	18:48
jeremyA	ZacLnxNewb: http://ccis2122.linux-classes.com/week3/	18:48
jeremyA	my lecture on Bind	18:48
jeremyA	sorry the notes aren't more explanatory	18:48
ZacLnxNewb	jeremyA: So I think I've set up the A records, subdomains with "a record" settings at the name hosting site	18:48
pmatulis	!language \| elnur	18:49
ubottu	elnur: Please watch your language and topic to help keep this channel family-friendly, polite, and professional..	18:49
ZacLnxNewb	jeremyA: my guess is I need to set the DNS updater to update those A records to point to my server's ip addrtess?	18:49
elnur	* Hi. Is there a trend about grub and xen problem in the latest days?	18:49
Pici	ZacLnxNewb: Indeed.	18:49
mpavel	what would be the best solution to have multiple websites on same server?	18:49
ZacLnxNewb	That's currently what I'm tackling	18:50
mpavel	would the easiest thing to do just be that I have a SITE_PATH variable in php and put websites in sub directories?	18:50
ZacLnxNewb	mpavel: ^	18:50
mpavel	ZacLnxNewb: I thought so :)	18:50
mpavel	ZacLnxNewb: me too ... for a few weeks now	18:50
ZacLnxNewb	mpavel: PHP does have that, but I think there's something that's cleaner and easier, and less hacky, hopefully.	18:51
mpavel	ZacLnxNewb: I have one server (old computer) to play with and would like to setup multiple websites	18:51
i0nic	Hi, I was thinking of using amazons S3 service for server backups, what do you guys think about this?	18:51
mpavel	ZacLnxNewb: what do you think that is?	18:51
ZacLnxNewb	mpavel: Same	18:51
guillaume_	hi all	18:51
Pici	Using Apache's virtualhosts is really easy as long as you can easily change your dns records.	18:51
guillaume_	i have a good question for you	18:51
i0nic	I have always used dedicated boxes and setup incremental rsync scripts to backup my data to the box.	18:51
i0nic	So this amazon cloud thing is very living on the edge for me, just wanted to get some input.	18:52
Pici	s/is/are/	18:52
guillaume_	i am using ubuntu 10.04 server for proxy with squid + dansguardian everything fine except i need ncsa auth and i am unable to make it working and i have already tried most of the how to on the net any idea ??	18:52
mpavel	Pici: I'm just thinking (i'm very unexperienced in servers stuff) that working with the dns and apache vhosts would be much easier if I'd have a full domain name	18:53
mpavel	Pici: and a static IP address :)	18:53
Pici	mpavel: It would indeed.	18:53
cokegen	i0nic, S3 just works	18:53
i0nic	what about redundancy	18:53
i0nic	?	18:54
cokegen	they handle it	18:54
cokegen	you don't have to worry about your data	18:54
i0nic	uh	18:54
cokegen	that's with S3	18:54
cokegen	EC2 could have more failures	18:54
i0nic	but im essentially on a cloud	18:54
i0nic	so would i need to encrypt my data?	18:54
cokegen	but haven't seen one myself yet	18:54
cokegen	I think S3 has something regarding that	18:55
i0nic	okay	18:55
cokegen	anyway I'd recommend to encrypt and upload and forget about any problems	18:55
i0nic	are large enterprises adopting the cloud as a backup solution?	18:55
jeremyA	ZacNwbLnx: yes	18:55
cokegen	amazon recently made available a new API to work with their services	18:56
cokegen	had a friend that was playing with it but I can't say much about that	18:56
cokegen	apparently works like a charm	18:56
elnur	http://paste.ubuntu.com/540735/ -- anyone knows how to solve this?	18:57
elnur	This 'ignoring' stuff shouldn't be there, I guess.	18:58
jeremyA	cokegen: looks like noacpi MIGHT have done it. Just installed a VM successfully	19:00
mpavel	Pici ZacLnxNewb: I will give another try to users approach	19:01
mpavel	you can basically have your.free.domain/~user/	19:01
mpavel	and I was thinking to create different users for each website and access it like that	19:01
jeremyA	ZacLnxWeb: the server at linux-classes.com actually has several names	19:02
Pici	mpavel: Setup mod_userdir: http://httpd.apache.org/docs/2.2/howto/public_html.html	19:02
jeremyA	ZacLnxWeb: I have multiple CNAMEs and A Records pointing to it's IP	19:02
mpavel	Pici: exactly :)	19:02
jeremyA	ZacLnxWeb: then I just map each name to a different dir using vhosts	19:02
ZacLnxNewb	Pici: jeremyA I'm setting up DDclient to update the A records.	19:03
ZacLnxNewb	Pici: jeremyA I appreciate your help so far. :D	19:04
cokegen	jeremyA, good thing to hear then	19:04
cokegen	I had only one or two machines in my life that required noacpi ...	19:04
mpavel	Pici: any idea if that solution would stop php scripts from running?	19:04
Pici	mpavel: It shouldn't.	19:05
mpavel	Pici: or would there be a need to alter something in php.ini ?	19:05
mpavel	if for example the user directories are in /home/~user1/ /home/~user2/ and php is not set to execute scripts from /home/*	19:05
mpavel	or something ... just thinking :-/	19:05
Pici	mpavel: But remember that www-data would need to be able to access the php files, so you'll need to make sure that is the case.	19:06
mpavel	so include each user in the www-data group	19:07
Pici	mpavel: Thats one way to do it.	19:07
mpavel	Pici: that's the only way I know. but I can search online for alternatives	19:07
Pici	mpavel: No, thats a fine way (in my opinion), but there are a whole bunch of options on how you'd want to do this depending on how restrictive you want your security policy to be.	19:08
jeremyA	cokegen: yeah, this machine didn't need noacpi under 8.04.01, but new kernels == new features, new problems. At least I'm off vmware server and virtualbox now	19:09
mpavel	Pici: cool. not really interested in security right now for this kind of setup. i'm just looking for easier ways to setup a working testing/playing-about environment for some projects	19:10
cokegen	sure ... a bit of testing is due when you switch versions	19:10
mpavel	Pici: thanks for all your help!	19:12
jeremyA	anyone using iptables with bridged traffic?	19:13
jeremyA	I'm getting a lot of logs like this:	19:13
jeremyA	Dec 7 13:13:49 localhost kernel: [ 2791.493463] IN=br0 OUT=br0 PHYSIN=vnet0 PHYSOUT=eth0 SRC=192.168.15.17 DST=224.0.0.251 LEN=115 TOS=0x00 PREC=0x00 TTL=255 ID=0 DF PROTO=UDP SPT=5353 DPT=5353 LEN=95	19:13
jeremyA	my bridge device is br0, the physical device is eth0, and I want my LAN to be able to talk to my virtual machines as if they were on the same network segment	19:14
jeremyA	(like they used to be on vmware)	19:14
cokegen	jeremyA, the other day I was here and a guy solved his problems with ebtables (which I didn't know it existed)	19:15
jeremyA	okay, cool, thanks	19:15
cokegen	to work with bridged stuff like you	19:16
* jeremyA nods		19:16
cokegen	just saying you should look into that	19:16
jeremyA	I've been meaning to learn ebtables for about 9 years now	19:16
jeremyA	googling now	19:16
cokegen	never needed to work with bridges but it's a must when working with all that virtualized stuff	19:18
jeremyA	have I mentioned I dislike virtualization in general? too much extra work ;)	19:19
jeremyA	keeps the electrical bill lower, tho, I guess	19:20
cokegen	have to buy a VT-x capable processor	19:20
jeremyA	they're sub-$100 now.	19:20
jeremyA	:)	19:20
cokegen	want to try how well it runs win	19:20
cokegen	not here (argentina)	19:21
jeremyA	oh, I bet.	19:21
ZacLnxNewb	jeremyA: Pici I'm having trouble adding servers to ddclient	19:24
jeremyA	ZacLnxNewb: I use ipupdate.pl for freedns.afraid.org, or adjust the DNS manually, I'm afraid :(	19:26
guillaume_	some of you well knoe squid+dansguardian config ?	19:33
jeremyA	sorry, guillaume, I know nothing about that	19:33
guillaume_	lol	19:33
guillaume_	thanks for answering	19:34
guillaume_	it seem to be hard to find pepole who know	19:34
jeremyA	bridging with kvm needs no ebtables, only iptables: iptables -I FORWARD -i br0 -o br0 -j ACCEPT where br0 is your bridge device	19:44
* RoyK books a trip to Reykjavík to thaw up a bit		19:45
fluvvell	I really need to get this cpu fan under control, the heatsink is stone cold, but the fan constantly speeds up and slows down. sensors is alleging that fans are at 0RPM. pwmconfig alludes to increasing the fan divisors, I have no idea what that is and I cant find the doc	20:31
fluvvell	ok found the doc.	20:32
* RoyK hands fluvvell a screwdriver		20:43
fluvvell	he he, disconnect the fan?	20:43
qman__	well, you want to make sure it's all PWM equipment, I've got some older stuff that was pre-PWM and is not compatible	20:46
fluvvell	qman__, na its brand new - four wire fan to cpu.	20:47
qman__	ok	20:47
fluvvell	ive found the fan divisor setting, I think, but pwmconfig still finds current speed of 0 for all fans	20:48
* fluvvell is wondering where to find hwmon0/device/pwm1 ?		20:48
fluvvell	weird. Now its all quiet!	20:49
* RoyK takes his screwdriver back		20:50
* fluvvell frequently leaves screwdrivers behind clients servers and finds them on later visits		20:52
RoyK	fluvvell: the leftover screws goes into the pocket, eh?	20:53
fluvvell	RoyK, I have dozens of little snap lock bags with screw selections in them :) and bitz containers on the window sill!	20:55
i0nic	I'm trying to setup key authentication for ssh	20:56
i0nic	and it keeps asking for the password	20:56
i0nic	what am I doing wrong?	20:56
RoyK	i0nic: well, I guess that depends on what you are doing.....	20:56
i0nic	RoyK: is there a program to shoot my sshd_config to a pastebin program? does ubuntu provide one of thes in the repos?	20:59
guntbert	!info pastebinit \| i0nic	21:03
ubottu	i0nic: pastebinit (source: pastebinit): command-line pastebin client. In component universe, is optional. Version 1.1-2 (maverick), package size 22 kB, installed size 404 kB	21:03
i0nic	ah thanks	21:03
i0nic	here is a copy of my sshd_config	21:03
i0nic	http://pastebin.ubuntu.com/540785/	21:04
i0nic	not sure why its still asking for a password	21:04
guntbert	i0nic: do you want to disable password based login completely?	21:05
cokegen	you need to cat the public key to the machine's ~/.ssh/authorized_keys2	21:06
cokegen	and then provide ssh with the key	21:06
cokegen	when connecting I mean	21:06
cokegen	like this	21:06
i0nic	guntbert: yes	21:07
i0nic	to roots /.ssh/authorized_keys2 ?	21:07
cokegen	ssh -p 22 -i /path-to-private-key/machine-key root@111.222.333.444	21:07
i0nic	i put the public key in the users .ssh/	21:08
cokegen	and you could generate your keys like this	21:08
i0nic	that should be all it needs?	21:08
i0nic	i put the public key in the users .ssh/	21:08
cokegen	ssh-keygen -t rsa -b 4096 -f /path-to-private-key/machine-key	21:08
cokegen	you get 2 files with that last command	21:08
cokegen	one is the private key and the other the public key (.pub)	21:09
cokegen	that .pub you need to cat to the target machine's authorized_keys2	21:09
cokegen	i0nic, hope I was clear enough ;-)	21:09
guntbert	i0nic: it is .ssh/authorized_keys by now (no 2), does key based login work at all or does it ask for password anyway?	21:09
cokegen	no, just connect	21:10
i0nic	guntbert: it asks for the password	21:10
cokegen	but you have to provide ssh with your identity (private key)	21:10
i0nic	guntbert: so apart from being in userhomedir/.ssh/ it also needs to be in /root/.ssh/authorized_keys ?	21:10
guntbert	i0nic: listen to cokegen too	21:10
i0nic	i am	21:11
i0nic	im just trying to understand whats going on before i use the steps he gave me	21:11
i0nic	cokegen: gotcha.. i am adding it now..	21:11
i0nic	cokegen: does it need to be in usershomedir/.ssh/ as well? the pub key?	21:12
cokegen	think so	21:12
cokegen	I just placed always into the /root dir	21:12
cokegen	so I can't tell, but I'd expect to be for the user I'm trying to conect to	21:13
i0nic	cokegen root doesnt have a .ssh dir	21:15
i0nic	just create it?	21:15
cokegen	create it	21:15
fluvvell	i0nic, it depends who you are going to log in as. Best practise would be to log in as your privileged user, and sudo any root commands. In that instance, you'd ssh-copyid to the user@host	21:15
i0nic	k	21:15
cokegen	yep	21:15
cokegen	ssh-copyid is the best method, but if you have ssh running in a non-standard port it fails	21:15
cokegen	and I don't know if it has a port parameter (last time I checked I think it hasn't)	21:16
fluvvell	i0nic, but on the machines where I have root login, I have removed the root password after setting up ssh keys.	21:16
cokegen	probably could work with "oPort=non-standard-port-number" but I don't know	21:16
fluvvell	cokegen, you can setup ports for each host in your .ssh/config file	21:17
cokegen	what do you mean by each host ?	21:18
fluvvell	the format is Host=hostname.org then next line port=#	21:18
cokegen	I like to connect to IP addresses, but cool to know	21:19
fluvvell	eg, I've got a dozen machines I regularly ssh into, there is a Host=hostname.org entry for each of them naming the non standard port I use.	21:19
fluvvell	cokegen, yes but your hosts have names eventually, you could add them in your hosts file. I've got dns set up for all of them, dyndns.org for the ones on dynamic ips.	21:20
i0nic	its still asking for the password, cokegen	21:20
cokegen	how are you trying to connect i0nic	21:20
i0nic	cokegen: ssh as a user.	21:21
cokegen	ssh -i /path/key root@ip	21:21
cokegen	did you cat'ed the key to authorized_keys2 ?	21:21
i0nic	i did it to authorized_keys	21:21
cokegen	cat keyfile >> ~/.ssh/authorized_keys2	21:21
i0nic	yah	21:22
i0nic	keys2?	21:22
cokegen	yep	21:22
cokegen	2	21:22
cokegen	on my machine works without the 2, but don't know why	21:22
cokegen	could be keys of SSH1 ?	21:22
cokegen	don't know really, but do the cat to the authorized_keys2	21:23
guntbert	cokegen: the '2' was necessary, they switched back since	21:23
cokegen	ok, good	21:23
i0nic	so, the owner of these files needs to be root?	21:23
cokegen	if you're trying to connect with root, I think yes	21:24
guntbert	i0nic: on the target server? yes, if you want to connect as root	21:24
fluvvell	cokegen, I've just set it up on a machine without half of the complexity you've suggested.	21:24
i0nic	still not working	21:24
cokegen	half ? share with us please	21:24
cokegen	;-)	21:25
i0nic	guntbert: no im connecting with users, I just want key authentication setup.	21:25
fluvvell	http://www.linuxconfig.org/Passwordless_ssh gives the method	21:25
guntbert	i0nic: the auth..keys file must be in .ssh of the user you want to connect as	21:25
fluvvell	the only pre-requisite is the same user exists on both machines	21:26
cokegen	fluvvell: I didn't told him more than what that webpage says	21:26
cokegen	maybe added the port parameter to some of the commands etc etc	21:26
cokegen	it's the same	21:26
guntbert	fluvvell: why is that?	21:26
fluvvell	cokegen, sorry it was guntbert	21:27
cokegen	ahhh ok ;-)	21:27
fluvvell	guntbert, for the method shown on the linuxconfig	21:27
fluvvell	not in general, but it de-confuses a bit.	21:27
fluvvell	guntbert, ssh-copy-id copies the auth keys over	21:28
guntbert	fluvvell: ok, I obviously didn't see the complete context -- ignore me please :-)	21:28
cokegen	mind that ssh-copy-id doesn't works on non-standard ports	21:29
fluvvell	cokegen, it does if you add the hostname into your .ssh/config file. I think ip address will work as well	21:29
i0nic	so what does the command ssh-copy-id do, because it works now that I've used this command?	21:30
fluvvell	sorry ~/.ssh/config	21:30
cokegen	fluvvell: now I get it	21:31
fluvvell	:-)	21:31
cokegen	anyway, still prefeer doing it manually	21:31
cokegen	do you know a good method to manage a good number of those keys ?	21:32
fluvvell	i0nic, ssh-copy-id copies the public key into the authorized_keys file in one command. It does simply, what guntbert described (I think was the old way)	21:32
fluvvell	cokegen, its my key being copied onto the server at the other end. ssh agent allows for the revocation of keys from specific servers I believe.	21:33
fluvvell	so one key to rule them all ;-)	21:34
guntbert	fluvvell: for administration of several servers I use just one key (with a very good passphrase ™ ), and I call ssh with -A for agent forwarding	21:36
=== SirFiChi is now known as ihCiFriS
cokegen	didn't investigated that, but I will	21:40
fluvvell	guntbert, yes I never could get around the having to type my passphrase into my machine first when I opened a new shell. I ended up typing it in over and over, negating the passwordless access to the servers. hints?	21:41
guntbert	fluvvell: usually ssh-agent is running, you can add a key any time you want with ssh-add <path-to-key-file>	21:42
fluvvell	I would recommend that i0nic not leave a root password on the server though	21:47
eriksson26	Hi, how do I set up remote desktop to a computer that I only have ssh acc to? I am admin.	21:51
FunkyBob	eriksson26: do you need a full remote desktop? or just access to X apps running on it?	21:57
MeltingK33board	ok so i have ssh-copy-id'ed my key to my server, and then tried to log in, and it still asks me for the password of my user on the server... why?	22:23
MeltingK33board	did somebody just try to answer me? 'cause my tab just closed when i got the notification...	22:26
RoyK	MeltingK33board: did you copy the key to ~/.ssh/authorized_keys?	22:31
RoyK	MeltingK33board: also keep in mind that the .ssh dir and its contents should not be readable by everyone, chmod -R go-rwx .ssh is a good start	22:31
MeltingK33board	yep	22:31
MeltingK33board	it is in there	22:31
MeltingK33board	I checked	22:32
MeltingK33board	ok	22:32
MeltingK33board	i will check the permissions	22:32
=== shennyg_ is now known as shennyg
MeltingK33board	RoyK: does my client machine need to be in the known_hosts file?	22:38
=== jeremy is now known as Guest93269
=== Guest93269 is now known as jeremyA
jeremyA	cokegen: so much for noacpi doing it. Is noacpi still supported, or with kernel-2.6.32-26 should I be saying "acpi=off" ?	22:40
fluvvell	MeltingK33board, this discussion happened about an hour ago, have you seen http://www.linuxconfig.org/Passwordless_ssh gives the method	22:41
MeltingK33board	yeah	22:47
MeltingK33board	fluvvel: i was watching the conversation	22:47
i0nic	anyone have a suggestion for a server monitoring program	22:54
i0nic	for 5 servers?	22:54
MeltingK33board	how about Untangle?	22:55
MeltingK33board	they are a pretty robust solution... but perhaps not the right one for your needs	22:55
SpamapS	i0nic: nagios has been hugely popular for a long time now	22:56
SpamapS	though I believe it is forked now into something else	22:57
MeltingK33board	you can also check out the monitoring section of the Server Guide... it talks about nagios and munin	22:57
SpamapS	Icinga is the name	22:58
jeremyA	I love nagios.	23:00
jeremyA	I use it all the time.	23:00
SpamapS	Yeah, its a really nice piece of software	23:02
SpamapS	Icinga's just trying to modernize it a bit	23:02
SpamapS	the Nagios devs have kind of gone "open core" lately where all the good stuff is in the enterprise version	23:02
JanC	there is also zabbix for monitoring	23:05
i0nic	SpamapS: nagios seems way intens	23:08
i0nic	e	23:08
dragoon123	I am currently having problems resolving the ca.archive.ubuntu.com repo for apt-get	23:09
dragoon123	i can ping it, but it will not connect any ideas?	23:09
MeltingK33board	is it in your sources.list?	23:09
dragoon123	Temporary failure resolving 'ca.archive.ubuntu.com'	23:09
MeltingK33board	ah so it is a dns issue perhaps...	23:10
MeltingK33board	in the ping can you see the IP?	23:10
dragoon123	hmm	23:11
dragoon123	wont ping acutally	23:11
baggar11	dragoon123: try hard setting some DNS servers in your /etc/resolv.conf file	23:11
MeltingK33board	ah	23:11
dragoon123	baggar11: I did that recently and restarted the networkmgr	23:11
dragoon123	same result :/	23:12
MeltingK33board	so you did try setting dns servers recently?	23:12
dragoon123	no	23:12
MeltingK33board	ok, try that	23:12
dragoon123	?	23:12
dragoon123	do you mean the /etc/resolve.conf?	23:12
MeltingK33board	it sounds like there is no dns for your system... yes resolve.conf	23:12
dragoon123	yes, like I just said I already inputted that	23:13
dragoon123	confused me for a sec heh	23:13
MeltingK33board	gotcha	23:13
FunkyBob	when did it grow the extra 'e'? :P	23:13
baggar11	no, it's resolv.conf	23:13
baggar11	it's in /etc	23:13
dragoon123	i know	23:13
MeltingK33board	hehe...	23:13
baggar11	can you ping IP's outside your subnet?	23:13
dragoon123	yea	23:13
dragoon123	It just wont resolve hosts	23:13
baggar11	try pinging your DNS servers that you manually set in resolv.conf	23:14
dragoon123	works	23:14
dragoon123	64 bytes from 192.168.1.1: icmp_req=6 ttl=64 time=0.303 ms	23:14
dragoon123	hmm	23:14
baggar11	192.168.1.1 is your DNS server?	23:14
baggar11	is it broke?	23:15
dragoon123	nope lol, its my router	23:15
dragoon123	Its working fine as i am currently using my laptop with ssh conc to my server	23:15
baggar11	using dhcp or static?	23:16
dragoon123	static	23:16
baggar11	does dhcp work?	23:16
MeltingK33board	why not try useing openDNS in resolv.conf: 208.67.222.22 and 208.67.220.220	23:16
dragoon123	on router yes	23:16
dragoon123	acutally	23:16
dragoon123	lemme try inputting my isp dns	23:17
dragoon123	sec	23:17
baggar11	MeltingK33board: that's kind of what I'm getting at :) if 192.168.1.1 isn't giving out good DNS info...	23:17
MeltingK33board	nope...	23:18
guntbert	MeltingK33board: opendns creates weird results sometimes (for non existing domains and for "inappropriate" ones)	23:18
dragoon123	is there a single cmd for restarting networkmanager w/o using ifdown & ifup?	23:18
MeltingK33board	yes	23:18
MeltingK33board	guntbert: only if you configure your network in their system	23:18
baggar11	dragoon123: service networking stop/start	23:18
MeltingK33board	otherwise it is only a dns server	23:18
guntbert	MeltingK33board: no, I believed that too, but then I got results for nonexisting domains, and...	23:19
dragoon123	yey	23:19
dragoon123	that did it lol	23:19
MeltingK33board	great	23:20
MeltingK33board	guntbert: interesting... good to know	23:20
i0nic	guntbert: does each server need a key generated to talk to each other? there is 5 servers on the network	23:20
i0nic	guntbert: i have key authentication working for users, but they cannot scp files between servers w/o passwords	23:20
baggar11	dragoon123: was it your ISP DNS or using DHCP?	23:22
guntbert	i0nic: ssh? you can either use the same key on all of them or generate different ones - scp works like ssh (including keys)	23:22
dragoon123	baggar11: I just appended my isp dns to resolv.conf	23:23
MeltingK33board	nice... glad it worked	23:23
i0nic	guntbert: so i need to generate the cert on one server and use it on all?	23:23
i0nic	guntbert sorry i mean key	23:24
guntbert	i0nic: ssh keys are for users, so you generate it at one place (your workstation), copy the public key into all .ssh/atuhorized_keys, add that key to ssh-agent on your workstation (using ssh-add) and call ssh -A .... (to forward agent authenification)	23:25
uvirtbot	New bug: #686805 in mysql-dfsg-5.1 (main) "package mysql-server-5.1 5.1.37-1ubuntu5.5 failed to install/upgrade: subprocess installed post-installation script returned error exit status 1" [Undecided,New] https://launchpad.net/bugs/686805	23:56

Generated by irclog2html.py 2.7 by Marius Gedminas - find it at mg.pov.lt!