| === shennyg__ is now known as shennyg | ||
| === MakX is now known as maknz | ||
| === jjohansen is now known as jj-afk | ||
| === shennyg__ is now known as shennyg | ||
| uvirtbot | New bug: #686832 in multipath-tools (main) "multipath-tools-boot, root mount failed - Device or resource busy" [Undecided,New] https://launchpad.net/bugs/686832 | 01:37 |
|---|---|---|
| uvirtbot | New bug: #686835 in bind9 (main) "package bind9 1:9.7.0.dfsg.P1-1ubuntu0.1 failed to install/upgrade: subprocess installed post-installation script returned error exit status 1" [Undecided,New] https://launchpad.net/bugs/686835 | 01:41 |
| === asac_ is now known as asac | ||
| [DarkSun] | hello all, i was wondering (i searched, couldnt find much info) if the kernel package with 10.04lts server comes with "CONFIG_HIGHMEM64G" set, or am i going to need to build a new kernel? | 03:14 |
| tonyyarusso | [DarkSun]: There's somewhere in /proc that holds that info I'm pretty sure... | 03:28 |
| [DarkSun] | tonyyarusso, i havent installed yet, that starts tomorrow, was just trying to get a check list of things to do | 03:30 |
| twb | [DarkSun]: which arch? | 03:30 |
| twb | There is no such config option in 10.04 amd64's 2.6.32-26-server | 03:31 |
| [DarkSun] | twb: i386 | 03:31 |
| twb | [DarkSun]: you can check in /boot/config-`uname -r` | 03:31 |
| [DarkSun] | twb: thats cuz 64bit dont need it :P | 03:31 |
| tonyyarusso | [DarkSun]: It's disabled on my box here. | 03:32 |
| tonyyarusso | 4G=y though | 03:32 |
| [DarkSun] | tonyyarusso, kk, ty! | 03:32 |
| twb | tonyyarusso: -pae or -generic? | 03:32 |
| tonyyarusso | -generic | 03:32 |
| twb | That's not the server kernel | 03:33 |
| tonyyarusso | true, hrm | 03:33 |
| [DarkSun] | guess i could try tossing it on a spare box 2night | 03:34 |
| [DarkSun] | eh.. or just findout 2morrow lol | 03:35 |
| tsbo | If I'm going to put my netatalk afpd databases somewhere "central", is /var/db/netatalk/ a good place? | 03:45 |
| qman__ | I don't actually have a machine running the 32-bit server kernel | 03:57 |
| qman__ | one runs the -386, the rest are 64-bit | 03:57 |
| qman__ | because ubuntu "i386" isn't actually i386, it's i686 | 03:58 |
| qman__ | and as such won't run on my K6 | 03:58 |
| ScottK | IIRC that's only true for maverick. | 03:59 |
| qman__ | it's been true since at least hardy | 03:59 |
| ScottK | Lucid should run it. | 03:59 |
| ScottK | No. | 03:59 |
| qman__ | hardy -server would not run on it | 03:59 |
| ScottK | It was i486 or 586 until recently | 03:59 |
| qman__ | and the chip is i586 | 03:59 |
| ScottK | OK. Maybe I'm getting my amd processors mixed up. | 04:00 |
| qman__ | but interestingly enough, whichever kernel the install disc uses worked fine | 04:02 |
| === shennyg___ is now known as shennyg | ||
| === shennyg__ is now known as shennyg | ||
| twb | In https://help.ubuntu.com/10.04/serverguide/C/kerberos-ldap.html | 07:23 |
| twb | ...why is it modifying {1}hdb instead of the existing {-1}frontend database? | 07:24 |
| twb | I *think* it's because the doc is stale and the latter was the former in 9.10 or so | 07:24 |
| uvirtbot | New bug: #344400 in libvirt (main) "libvirtError: internal error unable to start guest" [High,Confirmed] https://launchpad.net/bugs/344400 | 08:12 |
| === erichammond1 is now known as erichammond | ||
| uvirtbot | New bug: #687265 in tomcat6 (main) "Sync tomcat6 6.0.28-8 (main) from Debian unstable (main)" [Wishlist,Confirmed] https://launchpad.net/bugs/687265 | 10:56 |
| disposable | i'm reaching a tipping point(sanitywise). on ubuntu-server-10.04.1 i created md0, md1 and md2 in the installer. i formatted md0 and md1 and left md2 alone for now. after installation i have md0, md1, md2p1, md2p2 and md2p3. if i view md0 or md1 in cfdisk, they appear as free space. md2p1 appears to be what md0 should be, same for md2p2 and md1, etc.. what the hell? | 11:02 |
| patdk-lap | are you sure md0, md1, and md2 wheren't done correctly, but instead, just got mixed up between the install and boot, so like md2 is now called md0, and md0 is md2? | 11:04 |
| twb | patdk-lap: didn't I already tell you about that in #debian? | 11:07 |
| twb | 20:28 <twb> I had that problem on 10.04, and I just gave up and installed 8.04 (both Ubuntu) | 11:07 |
| patdk-lap | heh? | 11:07 |
| twb | Sorry, I meant disposable | 11:08 |
| disposable | twb: you mentioned you had this problem on ubuntu, and i've just tried 10.04.1 and same thing happened | 11:10 |
| twb | disposable: 10.04 *is* ubuntu | 11:10 |
| disposable | twb: i know. the previous attempt was with sid and my own kernel. | 11:11 |
| twb | OK | 11:11 |
| disposable | twb, i simply want to use md2 as physical volume for lvm. | 11:12 |
| twb | I can dig it | 11:12 |
| disposable | twb: is md2p1 an alias for md0? | 11:13 |
| twb | No | 11:13 |
| twb | It's a fuckup | 11:13 |
| twb | mdadm --scan has misdiagnosed your setup as a single array containing multiple partitions | 11:14 |
| disposable | twb: http://pastebin.com/GC3vH3NC | 11:14 |
| twb | (As opposed to a series of arrays, one per partition.) | 11:14 |
| twb | disposable: don't use fdisk unless it's GNU fdisk. | 11:15 |
| disposable | twb: it's from util-linux-ng | 11:15 |
| twb | Yes, that's the obsolete version | 11:15 |
| twb | disposable: anyway, /proc/partitions and /proc/mdstat are more interesting at this juncture. | 11:15 |
| twb | I wonder if changing "DEVICES partitions" to "DEVICES /dev/sda1 /dev/sda2 /dev/sda3 /dev/sdb1 /dev/sdb2 /dev/sdb3" in /etc/mdadm/mdadm.conf, issuing a "sudo update-initramfs -u -k all", and a reboot, will fix the problem | 11:16 |
| disposable | twb: you will soon find out | 11:17 |
| twb | Good man | 11:17 |
| twb | Scratch monkeys FTW | 11:17 |
| disposable | twb: btw, it seems set up correctly in mdadm.conf http://pastebin.com/DAYudGjm | 11:19 |
| twb | disposable: that's expected | 11:19 |
| uvirtbot | New bug: #687275 in apache2 (main) "Fix "graceful" action in init script when mod_chroot is enabled" [Undecided,New] https://launchpad.net/bugs/687275 | 11:21 |
| disposable | twb: mdstat is quite weird. http://pastebin.com/UP1j6Sfa | 11:25 |
| twb | Yep, exactly what I thought | 11:25 |
| twb | 20:21 <twb> I've had problems where partitioning disks and md RAID1'ing them, will cause the kernel (or mdadm?) to autodetect a single, whole-disk RAID1 array, containing several partitions. | 11:26 |
| twb | 20:23 <twb> And it fails to assemble the second and third arrays, because it can only find one node for each (md0p2 instead of /dev/sd[ab]2, etc.) | 11:26 |
| twb | ...in your case it has succeded to assemble the degraded array, because apparently that's the Ubuntu default now. | 11:26 |
| disposable | you're just adding ot my confusion. is it broken or not? | 11:27 |
| twb | It's doing SOMETHING right, but it isn't doing the something you want | 11:27 |
| alket | Hi, I cannot connect Ubuntu Server to internet, usually when there was Ubuntu with GNOME it worked perfetcly withou configurin anything, now it doesn't work ? | 11:28 |
| alket | in Ubuntu Server 10.10 | 11:28 |
| twb | alket: maybe it's because you're so impatient. | 11:31 |
| jpds | GNOME on a server, nice. | 11:33 |
| patdk-lap | jpds, not everyone can read black and white :) | 11:34 |
| jpds | patdk-lap: I fear for their lives at the next zebra crossing they encounter. | 11:34 |
| disposable | twb: i wanted to try LTS, because debian testing is still getting too many package upgrades and lenny is too old for my hardware. i'm getting fed up with ubuntu though; it's so far been one hall of a ride. mysql-cluster-server broken, megaraid_sas.ko broken, mdraid/lvm setup in installer broken, who knows what else.. | 11:43 |
| twb | Don't look at me, man, I'm sick of it, too | 11:43 |
| disposable | twb: i'm just having a rant | 11:43 |
| twb | You want a rant, how about circular dependencies in the flipping init setup | 11:44 |
| soren | twb: Degraded mode is the default now?!? | 11:44 |
| twb | Or moving where the loopback interface is brought up in a NMU to lucid-updates | 11:44 |
| soren | I look away for 10 seconds and... ARRRR! | 11:44 |
| twb | soren: AFAIK he didn't ask for it, and he got it | 11:44 |
| twb | soren: *I* only did installs using priority=low; dunno what it defaults to | 11:45 |
| soren | - Change mdadm/boot_degraded default in templates file to match the | 11:45 |
| soren | apparently-intended behaviour (i.e. false), and stop overriding | 11:45 |
| soren | debconf preseeding if BOOT_DEGRADED is not already set in the | 11:45 |
| soren | initramfs configuration file. | 11:45 |
| soren | So default should be false. | 11:45 |
| soren | Good. | 11:45 |
| soren | Phew. | 11:45 |
| jpds | soren: Don't you use hardware RAID? | 11:45 |
| soren | Gawd, no. | 11:46 |
| twb | soren: sorry for the freakout | 11:46 |
| soren | I spend all this time working on free software, and then I'm supposed to leave the integrity of my data to a bit of firmware that I don't control? | 11:46 |
| soren | I don't think so. | 11:47 |
| twb | soren: you don't control the firmware on the HDDs themselves :P | 11:47 |
| soren | And that's bad enough! | 11:47 |
| twb | Or are you still using MFMs? | 11:47 |
| jpds | soren: I trust the HP devs. | 11:47 |
| soren | I manually carve my data into rocks. | 11:47 |
| twb | jpds: you're crazy | 11:47 |
| twb | I don't even trust past-twb | 11:48 |
| soren | The absolute worst part of trusting such things is if it breaks. | 11:48 |
| soren | To have any chance at all of getting your data back, you have to buy /another/ unit. | 11:49 |
| soren | A unit, whose predecessor broke. | 11:49 |
| twb | You buy another one when you buy the first one | 11:49 |
| twb | Otherwise when it breaks, they no longer make those | 11:49 |
| soren | Yeah. | 11:49 |
| soren | You end up in a loop where you're forced to buy stuff that you /know/ has a history of failing. | 11:50 |
| soren | What could possibly be worse than that? | 11:50 |
| soren | No, give me software raid any day. If I'm concerned about performance, get a couple of good controllers and split the load across those. | 11:51 |
| soren | ..but leave the RAIDing business to stuff that I control. | 11:51 |
| soren | On the other hand, with hardware raid, booting in degraded mode might actually make sense. "might" being the operative word. | 11:54 |
| Nafallo | soren: just keep a cold spare at all times. or if you're talking about home use, get a drobo or readynas or something. | 11:54 |
| twb | IMO if you're concerned about performance, go beat the DBA with a tire iron until he stops writing unnecessarily exponential-order queries | 11:54 |
| twb | Θ(nⁿ) | 11:55 |
| Nafallo | (both of these have data centre business rackmountable options as well, but I believe it when I see it with my own eyes) | 11:55 |
| soren | Nafallo: The only thing I'd use the cold spare for is getting my data off of the disks ASAP. | 11:56 |
| patdk-lap | heh, I have never seen a business drobo solution | 11:56 |
| Nafallo | soren: wait what... the definition of cold spare is to replace your failed part surely :-P | 11:56 |
| patdk-lap | unless your talking a smb | 11:56 |
| Nafallo | patdk-lap: http://www.drobo.com/products/business-solutions.php | 11:57 |
| patdk-lap | cold spare == beer :) | 11:57 |
| soren | Nafallo: Why would I rely more on the second one than the first. | 11:57 |
| soren | Nafallo: My needing the second one is clear evidence that the product has a history of failure. Not something I want to trust my data with. | 11:58 |
| patdk-lap | nafallo, ya, I have seen that, it so doesn't look like a rack mountable solution I would use, normally talking 14 to 24 drive sas | 11:58 |
| jpds | soren: Everything fails eventually. | 11:58 |
| disposable | twb: i don't think my installation is fixable. md0 and md1 are empty and md2 has been subpartitioned. i could try copying files from md2p1 to formatted md0 and then rewrite mdadm.conf, update initramfs, fix grub and keep an eye on it every time the kernel gets an upgrade, but i wouldn't sleep well. | 11:58 |
| soren | jpds: Certainly. | 11:59 |
| Nafallo | patdk-lap: sure. | 11:59 |
| soren | jpds: The difference is how screwed you are when it happens. | 11:59 |
| twb | disposable: did you try forcing DEVICES not to scan whole disks? | 11:59 |
| Nafallo | soren: I think you missed my point actually. you should trust it more because it never been used, and it leaves you a window while you get the RMA back on the failed drive. | 12:00 |
| disposable | twb: it doesn't matter how it scans them, what matters is that filesystems were put where i didn't want them. md2p1 instead of md0, md2p2 instead of md1 and no LVM on md2 | 12:00 |
| Nafallo | soren: now, if you don't trust anything that has ever failed, good luck finding ANY media to use ;-) | 12:00 |
| soren | Nafallo: Assuming it fails within its RMA period. | 12:00 |
| Nafallo | soren: sure. but these are extendable if you feel like paying for the service. | 12:00 |
| twb | disposable: wrong | 12:01 |
| twb | See this: md2 : active raid1 sdb[1] sda[0] | 12:01 |
| twb | That is because it scanned /dev/sda before /dev/sda1 | 12:01 |
| soren | Nafallo: I don't. | 12:01 |
| twb | If you change it from "DEVICSE partitions" (which, counterintuitively, means disks and partitions), that should not happen | 12:01 |
| soren | Nafallo: I have a perfectly good RAID implementation in my kernel. | 12:01 |
| Nafallo | anyway. I need to travel. bbl. | 12:01 |
| soren | Nafallo: Have fun. | 12:02 |
| Nafallo | soren: I'm going to have pizza. that's better than fun! :-) | 12:02 |
| soren | Pizza Express? | 12:03 |
| twb | Fat Pizza! | 12:04 |
| twb | http://en.wikipedia.org/wiki/Pizza_(TV_series) | 12:05 |
| disposable | twb: ok, i'm giving this a go - "DEVICE /dev/sda /dev/sdb /dev/sda1 /dev/sda2 /dev/sda3 /dev/sdb1 /dev/sdb2 /dev/sdb3" | 12:06 |
| Patrickdk | why would you do that? | 12:06 |
| twb | Excellent. Fly, my minion! | 12:06 |
| Patrickdk | remove sda and sdb, if you partitioned the drives | 12:06 |
| twb | Patrickdk: remove them how? | 12:06 |
| Patrickdk | hmm, can't edit it? | 12:07 |
| Patrickdk | been awhile since I used mdadm | 12:07 |
| twb | It defaults to "DEVICE partitions" | 12:07 |
| twb | Which means "everything in /proc/partitions" | 12:07 |
| twb | He could probably do it instead by adding devices=/dev/sda1,/dev/sdb1 to ARRAY lines, but I forget the syntax | 12:08 |
| disposable | twb: well, it's certainly much nicer now. http://pastebin.com/J16zZNBy | 12:13 |
| twb | disposable: ace. Now just readd the stale nodes into the degraded arrays | 12:14 |
| twb | I'm glad I know that's the solution now | 12:14 |
| disposable | twb: i'm glad my 16 servers could be used as a testing ground for your hunches. (cssh is great) | 12:21 |
| disposable | twb: thanks for your help | 12:28 |
| uvirtbot | New bug: #687299 in bacula (main) "package bacula-director-mysql 5.0.1-1ubuntu1 failed to install/upgrade: subprocess installed post-installation script returned error exit status 1" [Undecided,New] https://launchpad.net/bugs/687299 | 12:51 |
| zul | morning | 13:22 |
| twb | Good god, is it | 13:23 |
| axisys | i am stuck here (10.04 server) | 14:25 |
| axisys | fsck from util-linux-ng 2.17.2 | 14:25 |
| axisys | /dev/mapper/nvidia_eeffhbef1 contains a file system with errors, check forced. | 14:25 |
| axisys | it is doing tons of fsck.. (recovery mode) | 14:25 |
| axisys | now it stops here | 14:26 |
| axisys | /dev/mapper/nvidia_eeffhbef1: UNEXPECTED INCONSISTENCY; RUN fsck MANUALLY. (i.e., without -a or -p options) | 14:26 |
| axisys | mountall: fsck / [472] terminated with status 4 | 14:26 |
| axisys | mountall: Filesystem has errors: / | 14:26 |
| axisys | any idea how to move forward ? | 14:26 |
| lau | when are the files in /sys/class/net generated ? at boot time ? when installing a new kernel ... ? | 14:27 |
| Wh1teL0tus | I installed a LAMP server but i want to have tomcat apache instead of the apache2.2, the best way to do is is to first remove apache2.2 or ? | 14:28 |
| axisys | how do I run fsck manually ? I am not getting a prompt | 14:29 |
| lau | I think my question is related to how are the objects added in the driver model tree ? | 14:31 |
| axisys | lau: are you asking me ? | 14:32 |
| === zul_ is now known as zul | ||
| uvirtbot | New bug: #687347 in bind9 (main) "package bind9 1:9.7.0.dfsg.P1-1ubuntu0.1 failed to install/upgrade: subprocess installed post-installation script returned error exit status 1" [Undecided,New] https://launchpad.net/bugs/687347 | 14:42 |
| axisys | anyone knows how to run fsck manually.. i am stuck here http://pastebin.com/w4tEj1Qq and getting no prompt | 14:53 |
| axisys | may be there is some grub trick that can let me run fsck manually ? | 14:54 |
| twb | axisys: mountall 4 means you need a live CD | 14:54 |
| axisys | twb: so there is no way to boot using memory and then run fsck on root / ? | 14:55 |
| twb | When mountall exit(4)'s, I know of *no* way to get upstart to continue booting. | 14:55 |
| axisys | twb: how about i powercycle and then modify grub ? | 14:56 |
| twb | I don't think grub will help you; IIRC I tried single-user mode, and that's about the only control you have over upstart from grub | 14:56 |
| twb | http://paste.debian.net/101871/ <-- written in anger | 14:56 |
| twb | Actually... | 14:58 |
| twb | From grub you can get into busybox before upstart starts -- so you should be able to pass "break" from grub to get a recovery shell. | 14:58 |
| twb | A crippled one compared to Debian's, but nowhere near as bad as RHEL's ramdisk. | 15:00 |
| twb | axisys: a live CD would be easier, but ... | 15:00 |
| twb | 1. boot with "break"; 2. at busybox shell, mount rootfs read-only on /root; 3. copy enough of it into /target to run e2fsck; 4. umount /root; 5. run e2fsck out of target. | 15:00 |
| twb | You might be able to skip 3-5 if you can run e2fsck on a read-only mounted filesystem. | 15:01 |
| axisys | twb: that paste was real angry.. hehe | 15:01 |
| SpamapS | mountall definitely seems to have been thrown together and then shunned to a corner | 15:01 |
| twb | SpamapS: AFAICT mountall was written because the upstart guys went "oh, hey, it's release time, and we haven't worked out how to deal with filesystems properly yet" | 15:02 |
| axisys | twb: i dont have a cd drive.. lol... working to make a usb drive | 15:02 |
| axisys | usb image that is | 15:02 |
| twb | axisys: http://cdimage.debian.org/cdimage/squeeze_live_beta1/amd64/iso-hybrid | 15:02 |
| twb | axisys: grab "rescue" from there, or so. | 15:03 |
| twb | "isohybrid" means it works as both a CD and a USB key | 15:03 |
| axisys | twb: so I can take one of this iso and place it on usb and it will work ? | 15:04 |
| twb | axisys: you just dd the iso onto the key | 15:04 |
| axisys | twb: gotcha.. thanks | 15:04 |
| twb | curl -o/dev/uba http://.../debian-squeeze-live-beta1-amd64-rescue.iso | 15:04 |
| twb | Or dd if=debian-squeeze-live-beta1-amd64-rescue.iso of=/dev/uba | 15:05 |
| axisys | twb: thanks | 15:05 |
| SpamapS | twb: there are upstart "guys" ? ;) | 15:05 |
| twb | Well, I didn't want to blame sjr specifically | 15:06 |
| twb | Er, sjr = keybuk | 15:06 |
| twb | I hear mbiebl is working on systemd instead now | 15:07 |
| twb | (Which has a compelling sales pitch, but I'm... not enthusiastic about letting the pulseaudio guy near pid 1.) | 15:07 |
| SpamapS | twb: there's a huge void right now created mostly by systemd's appearance, but also by keybuk's move from Canonical to Google. | 15:12 |
| twb | Didn't know he'd moved | 15:13 |
| SpamapS | he's announced he's moving | 15:13 |
| SpamapS | The date isn't entirely set yet. | 15:13 |
| twb | Being an ass: this is why having a distro run by a single organization is a Bad Thing :P | 15:13 |
| SpamapS | He won't say whether he's planning to work on Upstart at Google.. | 15:13 |
| SpamapS | but we're all pretty sure he will. ;) | 15:13 |
| twb | SpamapS: he gets a whole 20% "free play" time | 15:14 |
| SpamapS | twb: so there's only one good distro that isn't run by a single organization.. and it has serious problems. | 15:14 |
| SpamapS | oi.. baby is up.. time to go | 15:15 |
| twb | They all have serious problems | 15:16 |
| Lars_G | Greetings all. I hope to have more luck here :D | 15:22 |
| Lars_G | My first, simple question, are the -server kernels deprecated? I see the package now pulls in a -generic-pae kernel. | 15:23 |
| twb | That's by design on i386 | 15:24 |
| Lars_G | ok | 15:24 |
| twb | In general they aren't deprecated, but currently the only difference on that arch is the PAEness | 15:25 |
| Lars_G | ok | 15:25 |
| Lars_G | The second question is, I've found a LOT of problems upgrading my 8.04 LTS to 10.04 LTS and I wonder if there's a thread or wiki somewhere where people pile up solutions found to troubles... I already have fixed almost everything but one recurring error with postfix and one problem with apache and memory. | 15:26 |
| Lars_G | I've been trying on #postfix but if someone already found the upgrade related errors, it'd help a lot | 15:26 |
| lamont | what's the specific error? | 15:26 |
| twb | Lars_G: have you read the generic migration documentation? | 15:27 |
| twb | !8.04->10.04 | 15:27 |
| twb | Grmph, stupid bot | 15:27 |
| Lars_G | lamont: In this specific case: http://pastebin.com/vwuj0n6V | 15:28 |
| Lars_G | twb: I saw them before the upgrade, but didn't see a troubleshooting area or didn't notice it :( sorry | 15:28 |
| twb | I don't remember what's there | 15:28 |
| twb | I'm just triaging | 15:28 |
| lamont | Lars_G: interesting. I have not seen that one before | 15:28 |
| twb | https://help.ubuntu.com/community/LucidUpgrades | 15:29 |
| Lars_G | thanks twb | 15:30 |
| Lars_G | This has been a traumatic upgrade so far :( | 15:30 |
| twb | I put it like this: Debian has a policy of releasing "when it's ready". So by elimination, Ubuntu's release policy can only be "when it's NOT ready" :-) | 15:31 |
| Lars_G | hahahaha | 15:31 |
| Lars_G | Well yeah, time defined release cycles can tend to produce that | 15:31 |
| cap_00 | can i use multiple discs for backuppc?? i've already got one backup disc, do i just clone the original /var/lib/backuppc dir over and fill another drive? | 15:31 |
| === xfaf is now known as zul | ||
| mianosm | full disclosure has a big root escalation issue on it today | 15:34 |
| cap_00 | i just don't want to try and screw up the backups on the eixsting drive or throw them out of synch | 15:34 |
| zul | hggdh: ping two things | 15:42 |
| hggdh | zul: yes? | 15:43 |
| zul | hggdh: (1) where are the log files for the uec-testing kept and (2) when do you want to discuss sru stuff (preferably tomorrow) | 15:43 |
| hggdh | zul: I upload them to... | 15:44 |
| hggdh | zul: https://code.edge.launchpad.net/~hggdh2/+junk/uec-qa | 15:45 |
| hggdh | zul: and tomorrow it is :-) | 15:45 |
| zul | thanks | 15:45 |
| zul | ill hunt you down | 15:45 |
| guillaume_ | hi all | 15:48 |
| guillaume_ | i am seeking for a proxy easy to install with auth by username and password with high level filtering and time sensitive filtering | 15:48 |
| guillaume_ | any suggestion should help allot | 15:48 |
| guillaume_ | i have already tried dansguardian + squid but unable to make the auth work so we decide to let that out | 15:49 |
| guillaume_ | and seek another solution | 15:49 |
| guillaume_ | google did'n't answer me so here i am | 15:49 |
| Deathvalley122 | is there a torrent download of lucid 32 and 64bit? | 15:56 |
| jpds | Deathvalley122: Yes, it's on http://us.releases.ubuntu.com/10.04/ | 16:00 |
| Lars_G | Ok I'm back from running all around like a headless chicken | 16:07 |
| Lars_G | Two more questions. | 16:07 |
| Deathvalley122 | thanks jpds | 16:07 |
| Lars_G | First any reason you know why 8.04->10.04 upgrade would turn apache2+php+mysql into insatiable memory hogs who starve the whole system? | 16:07 |
| Lars_G | And second, is only the upgrade process on 8.04.10.04 borked? if I get a new server I'm waiting for, and install 10.04 from scratch, should it behave better? | 16:08 |
| guillaume_ | i was never able to make smb apache and any 10.04 server app working on 10.04 | 16:09 |
| guillaume_ | 10.04 seem to got lot of bug | 16:09 |
| Lars_G | Ok tell me something. | 16:09 |
| Lars_G | if I move this 10.04 LTS to 10.10, will it work better? | 16:09 |
| guillaume_ | no | 16:10 |
| * Lars_G hits his head on a wall | 16:10 | |
| Lars_G | is there a way to 10.04->8.04 ? | 16:10 |
| guillaume_ | i have done that las week too | 16:10 |
| guillaume_ | lol | 16:10 |
| guillaume_ | been a month seeking answer for 10.04 | 16:10 |
| guillaume_ | if there a way to downgrade i don't know how | 16:10 |
| guillaume_ | backup your config file then fresh install... | 16:11 |
| Lars_G | Ok I give up, while my new server machine arrives I'm setting up another vmware instance on my web server, throwing in 8.04 and migrating all stuff there. | 16:11 |
| al | up- and downgrading to random distribution releases still fits the headless chicken metaphor imho | 16:12 |
| guillaume_ | lmao | 16:13 |
| guillaume_ | try debian | 16:13 |
| guillaume_ | a naked debian | 16:13 |
| Lars_G | yeah | 16:13 |
| al | the time you're wasting on that up/downgrading trips would be better spent analyzing and solving the actual problem root cause | 16:15 |
| al | im-h-o | 16:15 |
| al | and i reckon if done right it's quicker too | 16:16 |
| jeremyA | Lars_G: I've just upgrade from 8.04.01 to 10.04.01 and am experiencing stability issues | 16:16 |
| Lars_G | al: like guillaume_ who has been at it for a month? | 16:16 |
| jeremyA | it's possible that there is an issue with upgrade, but I rather doubt it. | 16:16 |
| Lars_G | jeremyA: Me too | 16:16 |
| jeremyA | my apache+php is not using much memory at all | 16:17 |
| elb0w | If I want to install PHP for my apache2 webserver is the proper package php5-mysql? | 16:17 |
| al | php5-mysql has nothing to do with apache | 16:17 |
| elb0w | or libapache2-mod-php5 rather | 16:17 |
| elb0w | yeah my bad | 16:17 |
| jeremyA | elb0w: I have that. | 16:17 |
| Lars_G | elb0w: the mod-php5 | 16:17 |
| jeremyA | yep, libapache2-mod-php5 | 16:17 |
| elb0w | kk | 16:17 |
| elb0w | :) | 16:17 |
| al | i stay away from all mod_<language> modules | 16:18 |
| al | and i recommend everyone to do the same unless they have a very good reason not to | 16:18 |
| jeremyA | Lars_G: so, is it just memory issues on your 10.04 box, or are you experiencing random crashes/hangs | 16:18 |
| Lars_G | jeremyA: I'm experiencing hangs, response delays, and many processes shoot up to a high cpu ussage and then go down | 16:18 |
| jeremyA | interesting | 16:18 |
| Lars_G | I wonder if I can use an older kernel. | 16:18 |
| jeremyA | I've got the first one, but not the other 2 | 16:19 |
| jeremyA | there are new kernels available, too | 16:19 |
| jeremyA | some people report that the 2.6.35 kernels fix issues | 16:19 |
| jeremyA | is your server physical or virtual? | 16:19 |
| Lars_G | physical | 16:19 |
| jeremyA | have you tried booting w/o ACPI? | 16:19 |
| Lars_G | and i'm running 2.6.32 | 16:19 |
| jeremyA | that is, setting "noacpi" as a kernel option in grub.cfg ? | 16:19 |
| Lars_G | Is .35 a ppa or a backport? | 16:19 |
| jeremyA | (I'm running 2.6.32-26-server myself) | 16:20 |
| Lars_G | Nope not yetr | 16:20 |
| jeremyA | ppa | 16:20 |
| jeremyA | try disabling acpi -- some people report that helps | 16:20 |
| jeremyA | it did not help me, but we have different hardware, so... | 16:20 |
| Pici | 2.6.35 is the standard kernel in 10.10 | 16:20 |
| jeremyA | also, have you run memtest86+ against your hardware, Lars_G ? | 16:20 |
| jeremyA | Pici: yep. but at the mainline kernel repos, you can get a testing 2.6.35 for lucid :) | 16:21 |
| Lars_G | Still I have no dmesg errors from the kernel, shouldn't acpi problems cause kernel to error? | 16:23 |
| jeremyA | hard to say | 16:23 |
| jeremyA | nothing logs to dmesg, /var/log/messages, /var/log/syslog or /var/log/kern.log for me | 16:23 |
| jeremyA | I've set up remote syslogging so maybe the next time it goes, it'll send something to my other ubuntu box here | 16:24 |
| consumerism | is there a way to specify an identity file for rsync? i need to run it with sudo but i want to use my own key. | 16:24 |
| Pici | consumerism: rsync -e "ssh -i '$KEY'" | 16:25 |
| Lars_G | jeremyA: Could you share this ppa with me? I'm willing to try a .35 kernel | 16:25 |
| consumerism | Pici: thanks | 16:25 |
| Lars_G | I'd even try a .37 but I'd have to compile, and on an unstable machine..... | 16:25 |
| Pici | consumerism: np | 16:25 |
| raubvogel | Odd question: apache2 identifies itself as httpd in the log files, right? | 16:27 |
| jozef | Hello can i ask a ubuntu server question here? | 16:28 |
| jeremyA | sure, jozef | 16:28 |
| twb | !ask | 16:28 |
| ubottu | Please don't ask to ask a question, simply ask the question (all on ONE line and in the channel, so that others can read and follow it easily). If anyone knows the answer they will most likely reply. :-) | 16:28 |
| jeremyA | Lars_G sure, one sec | 16:29 |
| jeremyA | http://kernel.ubuntu.com/~kernel-ppa/mainline/ | 16:29 |
| jozef | I've manual installed a new kernel. im testing a virtual server it had the 2.6.35-22-virtual kernel and i installed the 2.6.35-22-server kernel | 16:29 |
| jeremyA | sorry, it's 2.6.34-lucid | 16:29 |
| jeremyA | I'm an idiot :/ | 16:29 |
| jozef | but now if i apt-get dist-upgrade i get an upgrade for 2.6.35-23-virtual | 16:29 |
| jozef | but my uname -r is 2.6.35-22-server | 16:30 |
| Lars_G | jeremyA: .36 is ok too, thanks | 16:30 |
| jozef | i've installed the server kernel like this: apt-get -y install linux-headers-2.6.35-22-server linux-image-2.6.35-22-server | 16:31 |
| patdk-wk | that will install an old one | 16:32 |
| patdk-wk | virutal is just a meta package, it gives you the -server kernel | 16:32 |
| patdk-wk | atleast for x64bit systems | 16:33 |
| patdk-wk | for 32bit, it gives you -generic-pae | 16:33 |
| patdk-wk | and probably for ec2 (I haven't tested) it will give you the ec2 kernel | 16:33 |
| Lars_G | jeremyA: Meh I see, .34 | 16:33 |
| Lars_G | thanks | 16:33 |
| jozef | the virtual package doesnt have quota | 16:37 |
| jozef | so i dont think its the same | 16:39 |
| patdk-wk | dunno, let me look | 16:39 |
| patdk-wk | oh, it is different, it's just the uname id that is the same | 16:40 |
| patdk-wk | I guess you mean local fs quota support | 16:41 |
| patdk-wk | cause I'm using nfs quota support in -virtual just fine | 16:41 |
| jozef | it might :) | 16:41 |
| jozef | do does the apt-get dist-upgrade doesnt see any priority differnce? | 16:42 |
| jozef | *so does the apt-get dist-upgrade doesnt see any priority difference? | 16:43 |
| Lars_G | I give up | 16:44 |
| Lars_G | I'm moving my most precious realtime service (based on apache + php +mysql) to another server... by hand | 16:45 |
| patdk-wk | hmm, I have many apache2 + php setup in lucid, no issues | 16:48 |
| patdk-wk | I haven't moved my mysql to lucid yet though | 16:48 |
| Lars_G | patdk-wk: My whole system is kinda mad, postfix fails too | 16:57 |
| Bizzeh | hi, im currently trying to set up a generic use internal server with ubuntu, is there anything i can use as a dns demon, that is 1. VERY easy to configure. 2. allows me to configure different reponses for different mac addresses (ie. if i request a domain, i get 1 answer, if the sales team request it, they get 0.0.0.0). 3. lookup request logging against mac address/ip address | 16:59 |
| patdk-wk | haven't had issues with postfix, but I just setup postfix, and haven't stressed it yet | 16:59 |
| patdk-wk | Lars_G, what kind of vm are using? I'm using esx and vmware workstation without any issues, and on real hardware | 17:00 |
| patdk-wk | 12 real servers, and dozens of esx vm's | 17:00 |
| jeremyA | Bizzeh: I know BIND will let you hand back views based on NIC...dunno if it can do based on MAC | 17:01 |
| jeremyA | what are you trying to accomplish with the differential DNS results? | 17:02 |
| jeremyA | are you trying to block access to certain machines? because iptables will work better for that. | 17:02 |
| Bizzeh | jeremyA: my boss has asked me to look into a filtering software to block access to certain sites for certain machines | 17:02 |
| jeremyA | block it at the firewall | 17:03 |
| jeremyA | because if you just block DNS lookups, they can use a different DNS server | 17:03 |
| jeremyA | are these internal or external sites you're trying to block? | 17:04 |
| Bizzeh | they arnt that bright... | 17:04 |
| Bizzeh | yeah... what were doing is, we are using a nat router to connect to the internet, but we want to pipe through this server to filter certain traffic | 17:05 |
| jeremyA | my nat router is an ubuntu box. | 17:06 |
| jeremyA | I do all my filtering there. | 17:06 |
| Bizzeh | our nat router will be a cheapo thing given to us by our ISP | 17:07 |
| jeremyA | ah. | 17:07 |
| jeremyA | I'd set up an internal DNS that doesn't know about any zones you don't want sales to know about . | 17:07 |
| jeremyA | then assign that DNS to them via DHCP and no other nameservers | 17:07 |
| jeremyA | for people who can go anywhere, use DHCP to give them a nameserver that knows about the world | 17:07 |
| jeremyA | or use squid to have all allowed websites and filter traffic for sales through squid | 17:08 |
| patdk-wk | it would be easy enough to block dns requests, or to redirect them to your dns server | 17:08 |
| patdk-wk | so they can only use your server | 17:08 |
| Bizzeh | its not that side im bothered about, its the.. configuring of the dns software its self | 17:09 |
| patdk-wk | I use pdns-recursor, so I just add the hosts I don't want people to use to the hosts fine, and tell it to use that to serve, it sends them to a, this site is denied page | 17:09 |
| patdk-wk | pdns-recursor, dnsmasq can both do it | 17:09 |
| patdk-wk | I haven't used bind for so long, dunno | 17:10 |
| Bizzeh | thanks | 17:10 |
| === jj-afk is now known as jjohansen | ||
| Bizzeh | ill have a look at all 3 and take a look at squid | 17:10 |
| patdk-wk | squid is a more insane way of doing it | 17:11 |
| patdk-wk | and if they use https, it won't be blocked | 17:11 |
| jeremyA | if you're only going to let them look at 4-5 sites, go squid :) | 17:11 |
| jeremyA | you could block all outgoing traffic from sales, tho | 17:11 |
| patdk-wk | ya, the block all except, would be more squid usage :) | 17:11 |
| jeremyA | so if it doesn't go through squid, it doesn't go at all | 17:11 |
| Bizzeh | i want them to be able to view everything, apart from a few sites. ie. facebook, myspace, tesco, asda, jobsites | 17:11 |
| Bizzeh | general crap.. my boss gave me a list of about 15 or so of sites like that | 17:12 |
| patdk-wk | heh, jobsites | 17:13 |
| patdk-wk | looking for new jobs while working? | 17:13 |
| jeremyA | they'll find an anonymizer. | 17:14 |
| jeremyA | or they'll find a friend with an ssh tunnel :) | 17:14 |
| jeremyA | I'd just tell them they'll be fired if they use those sites, then log traffic | 17:14 |
| jeremyA | fire a few of them | 17:14 |
| jeremyA | they'll get the point | 17:14 |
| Bizzeh | none of them are that bright, all it is, ive been asked to do this, i just need to make it look like its done | 17:15 |
| Bizzeh | as long as, by default, they cant view these sites, hes happy | 17:15 |
| Bizzeh | and im happy, because he leaves me alone to continue doing nothing | 17:16 |
| jeremyA | thing with sales guys is: pay 'em on commission. | 17:17 |
| Bizzeh | we do | 17:17 |
| jeremyA | if they're making big money and lots of sales, who CARES what they do? | 17:17 |
| jeremyA | and never, ever put a cap on commissions | 17:17 |
| cap_00 | i'm getting the following error after i try and create a new partition after i run mkfs.ext3 to format | 17:18 |
| cap_00 | Calling ioctl() to re-read partition table. | 17:18 |
| cap_00 | WARNING: Re-reading the partition table failed with error 22: Invalid argument. | 17:18 |
| cap_00 | The kernel still uses the old table. The new table will be used at | 17:18 |
| cap_00 | the next reboot or after you run partprobe(8) or kpartx(8) | 17:18 |
| cap_00 | Syncing disks. | 17:18 |
| Bizzeh | they do, but, my boss, always wanting more... doesnt get that they do sales because every so often, they have a little break to calm down | 17:18 |
| jeremyA | cap_00: did you run partprobe after changing partition table? | 17:18 |
| * jeremyA nods | 17:18 | |
| jeremyA | sounds like a fun guy to work for | 17:18 |
| Bizzeh | he thinks, they are wasting time, and can get more sales in, in those odd 5 minutes they use facebook for | 17:18 |
| cap_00 | didn't want to before i knew what i was doing | 17:18 |
| jeremyA | partprobe should be safe, cap_00 | 17:19 |
| Bizzeh | so, i block it, sales drop... i unblock it, sales come back.. he shuts up and goes away | 17:19 |
| jeremyA | hahahaha | 17:19 |
| cap_00 | i still get ID 7 HPFS/NTFS on the disk in fdisk -l | 17:19 |
| jeremyA | oh, you're repurposing an old ntfs partition as ext3 ? | 17:22 |
| cap_00 | is it possible that i screwed this up? fdisk -l /dev/sdg1 shows ID 7 HPFS/NTFS, but then fdisk /dev/sdg1 p says ID 83 Linux | 17:23 |
| cap_00 | yes, i got a backup drive that i'm trying to wipe and use for linux server backup | 17:23 |
| jeremyA | I don't think you've screwed anything up :) | 17:23 |
| jeremyA | try running partprobe /dev/sdg | 17:23 |
| cap_00 | ok | 17:24 |
| jeremyA | then do your fdisk -l /dev/sdg | 17:24 |
| cap_00 | still ntfs | 17:25 |
| jeremyA | can you /msg me all the output from fdsik -l /dev/sdg | 17:26 |
| patdk-wk | it's suppost to do that :) | 17:26 |
| jeremyA | and then /msg me a copy-n-paste of what you see when you do a p "fdisk /dev/sdg " | 17:26 |
| patdk-wk | ntfs makes a partition table basically so you fooled fdisk by pointing it at the wrong place :) | 17:26 |
| jeremyA | patdk-wk: am I missing something? | 17:26 |
| cap_00 | if i fdisk /dev/sdg if get /dev/sdg1 ID 7 HPFS/NTFS but if i fdisk /dev/sdg1 i get /dev/sdg1p1 IT83 linux | 17:26 |
| jeremyA | don't fdisk /dev/sdg1 | 17:27 |
| jeremyA | fdisk /dev/sdg | 17:27 |
| patdk-wk | na, he did sdg1 :) | 17:27 |
| jeremyA | I'd delete the old partition, make a new one, and then run partprobe, then format it. | 17:27 |
| cap_00 | ok, start over | 17:27 |
| KaosMcRage | I just upgraded from 8.04 to 10.10 and now I am unable to send mail from the shell prompt using the mail or mailx commands. It shows up as bounced in the mail log on the sending system, but it worked before and the exact same sending procedure works on my other systems on the same network. The only thing I see of interest in the undeliverable message is "Action: failed Status: 5.0.0 Diagnostic-Code: X-Postfix; mydomain.com" but nothing after t | 17:27 |
| patdk-wk | but the way ntfs makes it's fs layout, fdisk didn't realise what you did is invalid | 17:27 |
| patdk-wk | cap, never use sdg1 to fdisk, ONLY sdg | 17:27 |
| cap_00 | ok | 17:27 |
| patdk-wk | fdisk /dev/sdg, fdisk -l /dev/sdg | 17:27 |
| cap_00 | woops.... i did mkfs.ext2 /dev/sdg1 lol...... no wonder it's all wonky | 17:28 |
| patdk-wk | that is right | 17:29 |
| cap_00 | should i just do mkfs.ext3 /dev/sdg? | 17:29 |
| patdk-wk | you make fs's on sdg1 | 17:29 |
| patdk-wk | you make partitions on sdg | 17:29 |
| cap_00 | ahhhh | 17:29 |
| cap_00 | still confused | 17:29 |
| patdk-wk | heh | 17:29 |
| patdk-wk | sdg is just the partition table, where you put crap on your drive | 17:29 |
| patdk-wk | sdg1 is the first place to put crap at (ntfs/ext3/...) | 17:30 |
| jeremyA | the drive is your kitchen, the partition is a table in your kitchen, the filesystem is a tablecloth | 17:30 |
| cap_00 | ya, i'm just getting all confused trying to do this on the command line that's all | 17:30 |
| jeremyA | /dev/sdg == the drive, /dev/sdg1 == a partition on the drive, mkfs.ext3 /dev/sdg1 puts a filesystem on that partition | 17:30 |
| patdk-wk | now if we can add the layers of drbd, raid, lvs, ... :) | 17:31 |
| cap_00 | i did that for the initial setup, server is on raid 1, fileserver is mounted from raid 10.... lol i just can't remember how to format one little disk | 17:32 |
| tarvid | Is there any reason to prefer openssl_0.9.8o-3ubuntu1 over openssl_0.9.8k-7ubuntu8.5 | 17:32 |
| tarvid | I admit to goping a bit batty reading the changelogs and chasing references | 17:33 |
| cap_00 | so how do i fix this? | 17:34 |
| cap_00 | i want to be able to mount sdg1 to a mount point like i do with my other backup disc, not sdg1p1 | 17:35 |
| patdk-wk | heh? | 17:40 |
| patdk-wk | there is no sdg1p1 | 17:40 |
| patdk-wk | it will be sdg1 | 17:40 |
| patdk-wk | the only time it would sdg1p1 is if you did something else, like added lvm or raid on sdg1 | 17:41 |
| patdk-wk | but then, you can name it anything you want also, so who cares :) | 17:41 |
| eagles0513875 | hey guys | 17:48 |
| eagles0513875 | whats the default compiler for lucid? | 17:49 |
| eagles0513875 | thta comes wiht a clean install | 17:49 |
| patdk-wk | gcc 4.4 | 17:51 |
| patdk-wk | gcc 4.4.3 :) | 17:51 |
| fluvvell | eagles0513875, gcc base, I don't think is the full item | 17:52 |
| KaosMcRage | Anyone here a mail expert? :P | 17:52 |
| KaosMcRage | I'm stumped. | 17:52 |
| eagles0513875 | what im finding odd a clean install of server installs a generic kernel | 17:52 |
| eagles0513875 | this is a clean install on virtualbox | 17:52 |
| eagles0513875 | latest version | 17:52 |
| eagles0513875 | and gcc isnt even installed | 17:52 |
| patdk-wk | gcc shouldn't be installed by default | 17:52 |
| fluvvell | eagles0513875, I'd normally install build-essential | 17:52 |
| eagles0513875 | patdk-wk: ok but the server kernel should | 17:53 |
| eagles0513875 | which its not | 17:53 |
| patdk-wk | no | 17:53 |
| patdk-wk | apt-get build-dep kernel-source, would :) | 17:53 |
| patdk-wk | but the source is just the source | 17:53 |
| eagles0513875 | patdk-wk: on my server not on vbox i have the kernel version of the kernel installed | 17:54 |
| eagles0513875 | why is this installing a generic version of the kernel on lucid though | 17:54 |
| patdk-wk | kernel version of the kernel? | 17:55 |
| cap_00 | sorry phone call..... ya i have a sdg1p1.... i don't know what i've done | 17:55 |
| eagles0513875 | the version that got installed in vbox is the generic kernel patdk-wk | 17:55 |
| patdk-wk | -generic is default kernel for 32bit | 17:55 |
| eagles0513875 | O_o even for ubuntu server | 17:55 |
| Deathvalley122 | by default for vbox it installs the generic kernel patdk-wk | 17:55 |
| patdk-wk | yep | 17:55 |
| eagles0513875 | Deathvalley122: seems like that is the norm | 17:55 |
| patdk-wk | well, dunno about vbox specific, I don't use vbox :) | 17:55 |
| eagles0513875 | ok | 17:55 |
| eagles0513875 | is it the norm when using 32bit to use the generic kernel | 17:56 |
| Deathvalley122 | patdk-wk: is it possible to recompile the kernel it shows the server kernel | 17:56 |
| patdk-wk | ya, when I install server, -generic-pae for 32bit, and -server for 64bit | 17:56 |
| eagles0513875 | interesting | 17:56 |
| eagles0513875 | im so used to using 64biti never noticed that | 17:56 |
| eagles0513875 | thanks patdk-wk | 17:57 |
| patdk-wk | Deathvalley122, probably, dunno, I really haven't looked or cared | 17:57 |
| eagles0513875 | Deathvalley122: only other solution is to ask about 64bit ubuntu server in vbox channel | 17:57 |
| patdk-wk | you can have 64bit -generic also :) | 17:57 |
| patdk-wk | that is what I'm running here on my workstation | 17:57 |
| Deathvalley122 | some reason it won't run the 64bit ubuntu on vbox it says something like it's not supported and yet I am running a 64bit os | 17:57 |
| patdk-wk | oh, vbox thing | 17:58 |
| patdk-wk | Deathvalley122, I though that was only supported from the download site, not from the ubuntu packaged version of vbox | 17:58 |
| patdk-wk | to get 64bit guest support | 17:58 |
| Deathvalley122 | I really don't know eagles0513875 got it working on his before O.o why shouldn't mine work? | 17:59 |
| eagles0513875 | patdk-wk: his desktop is windows | 18:00 |
| eagles0513875 | Deathvalley122: lets take it to vbox channel | 18:00 |
| patdk-wk | dunno :) | 18:00 |
| === WinstonSmith_ is now known as WinstonSmith | ||
| aileronite | hi, I'm having trouble getting maverick server installed via usb card. I tried copying vmlinuz and initrd from a working source, and also mounting the usb as a loop device. but it doesn't work | 18:12 |
| RoyK | aileronite: installing from or to usb? | 18:13 |
| aileronite | from usb. I also want my destination to be a usb key, but that's irrelevant | 18:13 |
| RoyK | perhaps the installer places grub on your installer usb? | 18:15 |
| RoyK | what is the device name of the new root? | 18:15 |
| aileronite | I used unetbootin to install the iso, so I doubt there's a grub on there | 18:16 |
| RoyK | try swapping the usb devices | 18:16 |
| RoyK | then try to install again | 18:17 |
| cap_00 | ok i'm still lost on this partition table thing with fdisk | 18:17 |
| aileronite | how about this: can I install ubuntu server on a usb device on a different computer and expect it to work as well on the intended computer? | 18:18 |
| RoyK | cap_00: whatup? | 18:18 |
| RoyK | aileronite: that should work | 18:18 |
| aileronite | ok I'm going to do that instead | 18:19 |
| cap_00 | how do i get a disk ready to mount it without getting sdg1p1? | 18:22 |
| cap_00 | just sdg1 | 18:22 |
| RoyK | p1? | 18:22 |
| RoyK | that's solaris naming | 18:22 |
| RoyK | sdg is the device, sdg1 is the first partition | 18:22 |
| cap_00 | i keep messing something up | 18:23 |
| RoyK | c0t0d0[sp]0 is solaris naming | 18:24 |
| RoyK | cap_00: cat /proc/partitions, and you'll see what devices/partitions linux sees | 18:24 |
| cap_00 | just showing sdg now | 18:25 |
| RoyK | does fdisk see any partitions on that device? | 18:26 |
| === RudyValencia- is now known as RudyValencia | ||
| cap_00 | ok | 18:29 |
| cap_00 | my existing sdh1 is a ID 83 linux partition | 18:31 |
| cap_00 | how do i setup the same thing on the sdg? | 18:31 |
| RoyK | cap_00: fdisk /dev/sdg | 18:31 |
| cap_00 | yup | 18:31 |
| cap_00 | ignore he deprecated dos msg? | 18:31 |
| RoyK | pastebin that, please | 18:31 |
| cap_00 | k | 18:34 |
| RoyK | !pastebin | 18:34 |
| ubottu | For posting multi-line texts into the channel, please use http://paste.ubuntu.com | To post !screenshots use http://tinyurl.com/imagebin | !pastebinit to paste directly from command line | Make sure you give us the URL for your paste - see also the channel topic. | 18:34 |
| cap_00 | how do i use that? | 18:35 |
| RoyK | !pastebinit | 18:35 |
| ubottu | pastebinit is the command-line equivalent of !pastebin - Command output, or other text can be redirected to pastebinit, which then reports an URL containing the output - To use pastebinit, install the « pastebinit » package from a package manager - Simple usage: command | pastebinit -b http://paste.ubuntu.com | 18:35 |
| cap_00 | !pastebin sudo fdisk /dev/sdg | 18:36 |
| ubottu | Error: I am only a bot, please don't think I'm intelligent :) | 18:36 |
| cap_00 | WARNING: DOS-compatible mode is deprecated. It's strongly recommended to | 18:36 |
| cap_00 | switch off the mode (command 'c') and change display units to | 18:36 |
| RoyK | or just copy/paste whatever text you have onto a pastebin, submit, give us the url | 18:36 |
| cap_00 | sectors (command 'u'). | 18:36 |
| cap_00 | nope :( | 18:36 |
| RoyK | type c | 18:36 |
| cap_00 | !pastebin c | 18:37 |
| RoyK | omg | 18:37 |
| cap_00 | lol i didn't sleep much yesterday | 18:37 |
| cap_00 | i mean last night | 18:37 |
| RoyK | cap_00: the menu tells you to switch it off | 18:37 |
| RoyK | the fdisk menu | 18:37 |
| RoyK | follow the recommendation there | 18:37 |
| RoyK | that is, unless you have valuable data on that drive | 18:37 |
| RoyK | if so, well, that's another problem | 18:38 |
| cap_00 | lol oh | 18:38 |
| cap_00 | k | 18:38 |
| cap_00 | there's an extended partition there now | 18:39 |
| RoyK | do you have any data on this drive? | 18:40 |
| RoyK | if not, just reset the partition table the hard way and start over | 18:40 |
| cap_00 | nope | 18:40 |
| RoyK | dd if=/dev/zero of=/dev/nameofdevice bs=1M count=10 | 18:40 |
| RoyK | that zeros the start of that device | 18:40 |
| RoyK | use with caution | 18:41 |
| RoyK | it won't ask you if you know what you're doing in case you type in the wrong device name | 18:41 |
| cap_00 | permission denied | 18:42 |
| RoyK | sudo | 18:42 |
| cap_00 | omg.... sorry i'm dead tired | 18:42 |
| cap_00 | k | 18:42 |
| RoyK | running fdisk on that one should work better | 18:43 |
| cap_00 | c again? | 18:43 |
| RoyK | fdisk /dev/sdg | 18:43 |
| cap_00 | i get the same msg | 18:44 |
| RoyK | perhaps linux cached it - try to reboot first | 18:44 |
| RoyK | that is, linux should only have cached it if there was a mounted fs on the drive | 18:44 |
| cap_00 | bah.... can't take the server down right now... | 18:44 |
| RoyK | you sure you didn't have data on that drive? | 18:44 |
| cap_00 | sure hope not | 18:45 |
| cap_00 | there was probably some default partitions on the drive when i got it, it's a new external drive | 18:45 |
| RoyK | if so, it may be available until a reboot :þ | 18:45 |
| RoyK | if it's an external drive, unplug it and re-plug it | 18:45 |
| cap_00 | ok | 18:46 |
| cap_00 | so sdi now... | 18:48 |
| RoyK | I once tried to make a boot floppy for old redhat 7 on a laptop after 36 hours of straight work - dd if=boot.img of=/dev/hda <cr> ... that hurt! | 18:48 |
| RoyK | what does fdisk have to say about it? | 18:48 |
| cap_00 | do i have to sign up for pastebin? | 18:48 |
| RoyK | no | 18:49 |
| cap_00 | http://pastebin.com/tMAAzJ2K | 18:49 |
| cap_00 | firing on 0.1 cylinders.... | 18:49 |
| RoyK | looking good | 18:49 |
| RoyK | you zeroed out the drive, so it doesn't have a partition table | 18:50 |
| cap_00 | :) | 18:50 |
| cap_00 | no c or u? | 18:50 |
| RoyK | both | 18:51 |
| RoyK | then just create a new partition 'n' | 18:51 |
| RoyK | as large as you like | 18:51 |
| cap_00 | extended? | 18:51 |
| cap_00 | or primary? | 18:51 |
| RoyK | there can be four primary partitions | 18:52 |
| RoyK | so if you don't need any more than that, just create primaries | 18:52 |
| cap_00 | p | 18:52 |
| RoyK | return -EWRONGWINDOW | 18:52 |
| cap_00 | lol | 18:52 |
| cap_00 | ok..... ah.. got it this time | 18:53 |
| cap_00 | w? | 18:53 |
| cap_00 | i have no idea how i screwed that up over and over | 18:54 |
| cap_00 | i have to specify a filesystem type before i can mount? | 18:56 |
| RoyK | you have to make a filesystem on the partition | 18:57 |
| RoyK | mkfs | 18:57 |
| MTecknology | I just realized something.... If you encrypt the home directory of a use.. you can no longer ssh into the system as that user with a shared key | 18:58 |
| RoyK | mkfs.ext4 would be the one to use for most | 18:58 |
| RoyK | MTecknology: not the first time, noe | 18:58 |
| RoyK | s/.$// | 18:58 |
| cap_00 | mkfs.ext4 /dev/sdi1? | 18:58 |
| RoyK | yes | 18:59 |
| MTecknology | RoyK: or second if you close the connection first | 18:59 |
| RoyK | mhm | 18:59 |
| RoyK | makes sense, though | 18:59 |
| RoyK | you don't want $HOME/.ssh to be readable if the homedir is encrypted | 19:00 |
| MTecknology | ya- it does make sense- I just never thought about it until I couldn't figure out why I couldn't log in with the shared key even though ssh-copy-id worked fine | 19:01 |
| RoyK | it's fucking -18˚C here | 19:03 |
| cap_00 | away the numbers go.... thank for your help | 19:03 |
| IdleOne | !language | RoyK | 19:03 |
| ubottu | RoyK: Please watch your language and topic to help keep this channel family-friendly, polite, and professional.. | 19:03 |
| cap_00 | 2 here | 19:03 |
| RoyK | This is possibly the only non-religious IRC channel on the planet that bitches people for using common language | 19:04 |
| cap_00 | :S | 19:04 |
| RoyK | cap_00: in .ca? | 19:05 |
| cap_00 | yup | 19:05 |
| cap_00 | east coast | 19:05 |
| * RoyK is going to Reykjavík tomorrow to thaw up a bit, shop for the holiday, and have a beer or two | 19:06 | |
| qman__ | 26F here, which is... -3C | 19:06 |
| RoyK | we've been having down to -22˚C this week | 19:07 |
| RoyK | I just don't hope it'll be like last winter - tropospheric winds blocked and most of Europe freezing | 19:08 |
| cap_00 | there we go...... backup running... | 19:09 |
| === PascalFR is now known as NemoFR | ||
| === NemoFR is now known as PascalFR | ||
| cap_00 | thanks alot, i need to get some sleep now before i fdisk /dev/sda d w | 19:11 |
| l3dx | I'm reinstalling ubuntu to my home server, but I'm unsure if I should use server or desktop edition...any reason to use ubuntu-server when I'm planning to use Gnome anyway? | 19:16 |
| l3dx | RoyK: skipping OI for now :P | 19:17 |
| jeremyA | l3dx: not really. | 19:20 |
| jeremyA | why use gnome on your server? | 19:20 |
| l3dx | spotify + boxee | 19:22 |
| l3dx | it's connected to my tv | 19:22 |
| RoyK | l3dx: really? | 19:22 |
| RoyK | l3dx: no reason to use ubuntu server if you need X | 19:23 |
| l3dx | disappointed? :) | 19:23 |
| RoyK | not really, it's your data :) | 19:25 |
| l3dx | it's kind of a temporary solution | 19:26 |
| l3dx | will play around a bit with OI and perhaps change my mind later on | 19:26 |
| * RoyK is making coasters with old disk platters :D | 19:26 | |
| l3dx | nice! | 19:27 |
| qman__ | the generic kernel is actually better for responsiveness of GUI applications | 19:28 |
| qman__ | so if that's your plan, just go desktop | 19:29 |
| stgraber | kirkland, smoser: Thought you guys might be interested by: http://www.stgraber.org/2010/12/08/want-your-own-edubuntu-weblive/ | 19:29 |
| RoyK | qman__: you can always switch to the server kernel if that is a problem | 19:30 |
| billybigrigger | how can i keep an ssh session alive? | 19:30 |
| RoyK | billybigrigger: add to .ssh_config: | 19:31 |
| RoyK | ServerAliveCountMax 100 | 19:31 |
| RoyK | ServerAliveInterval 10 | 19:31 |
| billybigrigger | i have btlaunchmanycurses running in an ssh session...and i just add my .torrents to my /torrent directory...but i can't keep the session alive...eventually it dies and stops my downloads/seeds | 19:31 |
| RoyK | or /etc/ssh/ssh_config | 19:31 |
| billybigrigger | RoyK, anyway to just keep btlaunchmanycurses alive? instead of keeping ALL my ssh sessions alive? | 19:31 |
| qman__ | billybigrigger, use screen | 19:32 |
| qman__ | if you start all your processes in screen sessions, it won't matter if you get disconnected | 19:32 |
| billybigrigger | and screen is able to reconnect to a disconnected session? | 19:33 |
| qman__ | yes, it wouldn't be very useful otherwise | 19:33 |
| === Maletor_ is now known as Maletor | ||
| === lau is now known as Guest47058 | ||
| qman__ | though, for torrents, you should really look into other setups like torrentflux or the web frontend on transmission | 19:37 |
| qman__ | much easier to manage | 19:37 |
| i0nic | how do i list installed packages via aptitude? | 19:43 |
| patdk-wk | dunno | 19:43 |
| patdk-wk | dpkg --get-selections :) | 19:44 |
| i0nic | thanks =) | 19:44 |
| qman__ | dpkg -l | grep ^ii | 19:44 |
| patdk-wk | evil | 19:44 |
| axisys_ | i am getting mountall status 4 .. so i am trying to boot the server using ubuntu server amd64 iso and i get to pick the usb drive at bios .. but then it goes to blank screen on both console tty0 and ttyS0 .. any idea why? | 19:52 |
| axisys_ | i tried different usb drive .. and tried alternate iso.. same issue | 19:53 |
| axisys_ | i gave up on usb.. | 20:01 |
| axisys_ | how do I boot the box using netboot image ? | 20:02 |
| zul | SpamapS: where is the git tree for edison as well? | 20:04 |
| zul | SpamapS: hold on brb | 20:04 |
| intick | h all i'm looking for an ftp server under ubuntu | 20:45 |
| intick | please | 20:45 |
| elb0w | vsftp | 20:45 |
| elb0w | d | 20:45 |
| consumerism | i can't connect to ssh-agent to use ssh-add | 20:46 |
| consumerism | i have ssh'ed in to an ubuntu server | 20:46 |
| intick | tested but not easy to set up, tried also GADMIN (poftp) errors does not let me start the server | 20:46 |
| consumerism | ps aux | grep ssh shows me that ssh-agent is running | 20:46 |
| consumerism | but ssh-add says it can't connect | 20:46 |
| consumerism | what could i try? | 20:47 |
| intick | i'm suprised that it's not that simple to set up an ftp server under ubuntu | 20:47 |
| SpamapS | intick: why are you bothering with ftp? | 20:48 |
| intick | elb0w: how can i create users and their main folder on vsftpd ? | 20:48 |
| intick | SpamapS: want a local FTP server to allow some friend uploading/downloading files | 20:48 |
| elb0w | oh look at that | 20:49 |
| elb0w | http://www.shanghaiwebhosting.com/ssh-hosting/installing-ftp-vsftpd-service-on-ubuntu-server | 20:49 |
| elb0w | one google | 20:49 |
| SpamapS | intick: you can give people scp only access with scponly.. might want to check it out. ;) | 20:49 |
| intick | SpamapS: very interesting, it works whatever the OS your runing ? | 20:51 |
| SpamapS | intick: indeed, it works well with WinSCP | 20:52 |
| SpamapS | intick: all it does is limit the commands a user can run to scp | 20:52 |
| SpamapS | intick: it also can chroot the user into their home dir so they can't see other users' files. | 20:52 |
| intick | elb0w: does not answer to my question, how are the users created and their folders ? | 20:52 |
| intick | SpamapS: ok i'm still need a client under windows ? | 20:53 |
| elb0w | http://linux-hacks.blogspot.com/2008/09/adding-new-users-to-vsftpd.html | 20:53 |
| elb0w | two googles | 20:53 |
| intick | ok thx i'll try this, but aint there any GTX interface ? | 20:54 |
| intick | *GTK | 20:54 |
| SpamapS | intick: for scp? nautilus supports SSH as a file transport. | 20:54 |
| intick | from windows system i mean | 20:55 |
| SpamapS | Not sure what you're asking at all. | 20:55 |
| intick | Can i make people downloading/uploading files from my scponly server ? | 20:56 |
| intick | even if they use microsoft OS ? | 20:57 |
| patdk-wk | I don't think scp is secure enough for that, sftp is | 20:57 |
| resno | intick: you *can* do whatever you want. your question seems have asked though | 20:57 |
| resno | patdk-wk: i thought scp was plenty secure | 20:58 |
| patdk-wk | I thought scp was just a straight command line interface | 20:58 |
| patdk-wk | if user account security is ok, then yes, it should be | 20:58 |
| resno | scp is encrypted | 20:58 |
| patdk-wk | no, I mean to still keep users from executing things on the server, still | 20:59 |
| patdk-wk | so like, no ssh, but only scp file transfers | 20:59 |
| patdk-wk | I don't think yo ucan with scp, but you can with sftp | 20:59 |
| resno | scp and sftp are both secure file transfer methods. | 20:59 |
| resno | you cant issue commands to the server with either of them | 20:59 |
| patdk-wk | yes, but we are talking about two totally different *securities* | 20:59 |
| intick | i'll try them | 20:59 |
| Pici | !info scponly | 20:59 |
| ubottu | scponly (source: scponly): Restricts the commands available to scp- and sftp-users. In component universe, is optional. Version 4.8-4.1 (maverick), package size 35 kB, installed size 176 kB | 20:59 |
| intick | thx for your help guys ! | 21:00 |
| * resno looks at Pici | 21:00 | |
| * Pici stares at resno | 21:01 | |
| * resno plays the staring game with Pici | 21:01 | |
| * resno gets creeped out and walks away | 21:01 | |
| axisys_ | i were able to get the dhcp working.. but i am getting this message from client | 21:03 |
| axisys_ | PXE-T02: Only absolute filenames allowed | 21:03 |
| axisys_ | what is that mean? | 21:03 |
| axisys_ | i have this in the correct stanza in the dhcpd.conf file | 21:03 |
| axisys_ | filename "pxelinux.0"; | 21:03 |
| axisys_ | which is under /var/lib/tftpboot | 21:03 |
| axisys_ | path was wrong in default.. | 21:10 |
| intick | not that cool if i need to create a system user with vsftp | 21:11 |
| intick | to use ftp service :/ | 21:11 |
| intick | realy sad the FileZIlla does not exist under linux .... | 21:12 |
| intick | SSH solution seems good but wont help me in my case, i realy dont ant to make clients installing any FTP client | 21:13 |
| axisys_ | i am getting this after i get the IP throught dhcp | 21:13 |
| axisys_ | http://pastebin.com/N1T4TGA0 | 21:13 |
| intick | axisys_: cant help much but seems to be a rights problem | 21:15 |
| intick | check rights of the folder that contain your image | 21:16 |
| intick | axisys_: are you using DRBL ? | 21:16 |
| axisys_ | intick: i did .. all dirs and 755 and all files are atleast 644 | 21:18 |
| axisys_ | intick: no i have not used it.. | 21:19 |
| milligan | Does anyone here use geany? Is it possible to load an API documentation so that I can get suggestions for classes etc ? | 21:19 |
| intick | axisys_: sry then no idea :/ | 21:19 |
| intick | milligan: i have tried geany it has autocompletion | 21:20 |
| uvirtbot | New bug: #687535 in openssh (main) "upstart loses track of ssh daemon after reload ssh" [Undecided,New] https://launchpad.net/bugs/687535 | 21:21 |
| milligan | intick, yeah .. but do you know how I can feed it an API, so it autocompletes to the language Im writing, and not build in languages? :) | 21:22 |
| tarvid | any wisdom on upgrading lucid openssl to maverick 0.9.8o-1ubuntu4.3 | 21:23 |
| intick | milligan: didnt use it enaugh ^^ i dnt realy know. i prefere old method Npp++, Scite ect .. | 21:25 |
| intick | milligan: take a look at the manual http://www.geany.org/manual/current/index.html#editor-completions-preferences | 21:25 |
| axisys_ | ok filename "pxelinux.0" is changed with absolute pathname .. that worked | 21:26 |
| axisys_ | how do I avoid install.. i just want to boot from network and run fsck | 21:26 |
| hallyn_ | SpamapS: i'd say bug 687535 is up your alley | 21:29 |
| uvirtbot | Launchpad bug 687535 in openssh "upstart loses track of ssh daemon after reload ssh" [Low,Confirmed] https://launchpad.net/bugs/687535 | 21:29 |
| tarvid | what considerations should one make when attempting a upgrade of selected packages in lucid to maverick? | 21:34 |
| guntbert | tarvid: in my humble opinion just one: don't do it :-) | 21:34 |
| tarvid | openssl has a number of unpatched CVE vulnerabilities | 21:35 |
| guntbert | tarvid: in that case: backports? or a ppa? | 21:36 |
| tarvid | backports and proposed are enabled and you still get a version with known vulnerabilities which have been patched in later Ubuntu versions | 21:37 |
| sbeattie | tarvid: um, what? which particular CVEs? | 21:37 |
| tarvid | CVE-2009-1377 CVE-2009-1378 CVE-2009-1379 CVE-2009-3245 CVE-2009-3555 CVE-2010-0433 CVE-2010-0740 CVE-2010-0742 | 21:37 |
| uvirtbot | tarvid: The dtls1_buffer_record function in ssl/d1_pkt.c in OpenSSL 0.9.8k and earlier 0.9.8 versions allows remote attackers to cause a denial of service (memory consumption) via a large series of "future epoch" DTLS records that are buffered in a queue, aka "DTLS record buffer limitation bug." (http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1377) | 21:38 |
| uvirtbot | tarvid: Multiple memory leaks in the dtls1_process_out_of_seq_message function in ssl/d1_both.c in OpenSSL 0.9.8k and earlier 0.9.8 versions allow remote attackers to cause a denial of service (memory consumption) via DTLS records that (1) are duplicates or (2) have sequence numbers much greater than current sequence numbers, aka "DTLS fragment handling memory leak." (http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1378) | 21:38 |
| uvirtbot | tarvid: Use-after-free vulnerability in the dtls1_retrieve_buffered_fragment function in ssl/d1_both.c in OpenSSL 1.0.0 Beta 2 allows remote attackers to cause a denial of service (openssl s_client crash) and possibly have unspecified other impact via a DTLS packet, as demonstrated by a packet from a server that uses a crafted server certificate. (http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1379) | 21:38 |
| uvirtbot | tarvid: OpenSSL before 0.9.8m does not check for a NULL return value from bn_wexpand function calls in (1) crypto/bn/bn_div.c, (2) crypto/bn/bn_gf2m.c, (3) crypto/ec/ec2_smpl.c, and (4) engines/e_ubsec.c, which has unspecified impact and context-dependent attack vectors. (http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3245) | 21:38 |
| uvirtbot | tarvid: The TLS protocol, and the SSL protocol 3.0 and possibly earlier, as used in Microsoft Internet Information Services (IIS) 7.0, mod_ssl in the Apache HTTP Server 2.2.14 and earlier, OpenSSL before 0.9.8l, GnuTLS 2.8.5 and earlier, Mozilla Network Security Services (NSS) 3.12.4 and earlier, multiple Cisco products, and other products, does not properly associate renegotiation handshakes with an existing connection, which allows man-in-the-m | 21:38 |
| uvirtbot | tarvid: The kssl_keytab_is_available function in ssl/kssl.c in OpenSSL before 0.9.8n, when Kerberos is enabled but Kerberos configuration files cannot be opened, does not check a certain return value, which allows remote attackers to cause a denial of service (NULL pointer dereference and daemon crash) via SSL cipher negotiation, as demonstrated by a chroot installation of Dovecot or stunnel without Kerberos configuration files inside the chroot. | 21:38 |
| uvirtbot | tarvid: The ssl3_get_record function in ssl/s3_pkt.c in OpenSSL 0.9.8f through 0.9.8m allows remote attackers to cause a denial of service (crash) via a malformed record in a TLS connection that triggers a NULL pointer dereference, related to the minor version number. NOTE: some of these details are obtained from third party information. (http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0740) | 21:38 |
| uvirtbot | tarvid: The Cryptographic Message Syntax (CMS) implementation in crypto/cms/cms_asn1.c in OpenSSL before 0.9.8o and 1.x before 1.0.0a does not properly handle structures that contain OriginatorInfo, which allows context-dependent attackers to modify invalid memory locations or conduct double-free attacks, and possibly execute arbitrary code, via unspecified vectors. (http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0742) | 21:38 |
| * RoyK kicks uvirtbot | 21:39 | |
| tarvid | Apache too | 21:39 |
| tarvid | CVE-2010-0425 CVE-2010-1452 CVE-2010-2068 | 21:39 |
| uvirtbot | tarvid: modules/arch/win32/mod_isapi.c in mod_isapi in the Apache HTTP Server 2.0.37 through 2.0.63, 2.2.0 through 2.2.14, and 2.3.x before 2.3.7, when running on Windows, does not ensure that request processing is complete before calling isapi_unload for an ISAPI .dll module, which allows remote attackers to execute arbitrary code via unspecified vectors related to a crafted request, a reset packet, and "orphaned callback pointers." (http://cve. | 21:39 |
| uvirtbot | tarvid: The (1) mod_cache and (2) mod_dav modules in the Apache HTTP Server 2.2.x before 2.2.16 allow remote attackers to cause a denial of service (process crash) via a request that lacks a path. (http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1452) | 21:39 |
| uvirtbot | tarvid: mod_proxy_http.c in mod_proxy_http in the Apache HTTP Server 2.2.9 through 2.2.15, 2.3.4-alpha, and 2.3.5-alpha on Windows, NetWare, and OS/2, in certain configurations involving proxy worker pools, does not properly detect timeouts, which allows remote attackers to obtain a potentially sensitive response intended for a different client in opportunistic circumstances via a normal HTTP request. (http://cve.mitre.org/cgi-bin/cvename.cgi?nam | 21:39 |
| RoyK | someone should rewrite that bot | 21:40 |
| tarvid | of course CVE-2010-0425 is irrelevant | 21:40 |
| uvirtbot | tarvid: modules/arch/win32/mod_isapi.c in mod_isapi in the Apache HTTP Server 2.0.37 through 2.0.63, 2.2.0 through 2.2.14, and 2.3.x before 2.3.7, when running on Windows, does not ensure that request processing is complete before calling isapi_unload for an ISAPI .dll module, which allows remote attackers to execute arbitrary code via unspecified vectors related to a crafted request, a reset packet, and "orphaned callback pointers." (http://cve. | 21:40 |
| tarvid | I didn't know it existed | 21:40 |
| sbeattie | tarvid: 2009-1377, 2009-1378, 2009-1379 were fixed in the karmic cycle (pre-lucid); 2009-3245 was fixed in 0.9.8k-7ubuntu8 for lucid, 2009-3555: 0.9.8k-7ubuntu8.1, 2010-0433 doesn't apply as we don't build with kerberos support. | 21:48 |
| sbeattie | 2010-0740 and 2010-0742 are marked as not for us, but I'm not sure why. | 21:48 |
| tarvid | sbeattie, thanks. securitymetrics is nagging me about openssl and apache2 | 21:51 |
| sbeattie | tarvid: for apache2, 2010-1452 was fixed in 2.2.14-5ubuntu8.4; 2010-2068 and 2010-0425 affect non-linux only. | 21:52 |
| hallyn_ | zul: hey, do you know the root cause of bacula '_description' install problems, like in bug 637889 ? | 21:53 |
| uvirtbot | Launchpad bug 637889 in bacula "bacula-director-mysql : debconf: Unknown template field '_description'" [Low,New] https://launchpad.net/bugs/637889 | 21:53 |
| sbeattie | tarvid: FYI, this is a web interface to the tracker that the ubuntu security team uses to track cves: http://people.canonical.com/~ubuntu-security/cve/ | 21:55 |
| tarvid | sbeattie, I'll go through the change logs and email securitymetrics | 21:55 |
| tarvid | http://changelogs.ubuntu.com/changelogs/pool/main/o/openssl/openssl_0.9.8k-7ubuntu8.5/changelog | 21:55 |
| tarvid | excellent, that will save time | 21:56 |
| tarvid | sbeattie, then 0.9.8k-1 is to be interpreted as newer than 0.9.8k? | 22:01 |
| l3dx | do I need a swap partition with 4gb ram? | 22:02 |
| sbeattie | tarvid: kind of, yes, it's the first version of 0.9.8k packaged in debian. | 22:02 |
| sbeattie | tarvid: ah, the reason we're not affected by 2010-0740 and 2010-0742 is explained in the detailed page for them: for 2010-0742, we don't enable the affected code, and for 2010-0740, it only affected openssl 0.9.8m if shorts are 16bits, which they are on all ubuntu supported platforms. | 22:07 |
| * sbeattie just released usn 1029-1 for openssl yesterday, so is, uh, somewhat sensitive to reports of unfixed cves in openssl. | 22:07 | |
| === shennyg_ is now known as shennyg | ||
| incognito | can anyone tell me if mysqli is enabled by default in php5 and mysql installation on ubuntu 8.04 server? | 22:36 |
| air^ | your phpinfo can tell you. :) | 22:37 |
| tarvid | sbeattie, thanks for the help. I have reviewed every CVE cited by securitymetrics.com and I am satisfied they have all been addressed. I'll wager both of us would like to be rid of the false positives. | 22:53 |
| Spiritus | North VS South. Same people from the beginning and still genetically brothers and sisters. Why argue, boggles my mind. | 23:31 |
| Spiritus | Does the US have low cash now and thats why some of its companies are not nice and the politichians even worse ? | 23:34 |
| Spiritus | you know all the lawsuits etc | 23:34 |
| Spiritus | Recently Sweden and US competed in what we assumed was fair trade on selling and buying fighter jets. Norway seems to have gone behind our backs and so did USA. So instead of or neighbour country Norway (That was once Swedish) bought fighter jets from the US after the US had denied the Swedes to buy more of the radar-systems for said airplanes. This looks really bad ideed. | 23:38 |
| Spiritus | So billions of dollars where shipped to Norway instead of Sweden. Norway has all the oil you know. | 23:42 |
| === ahs3 is now known as dannf2 | ||
| Yompa | Spiritus, typing in the right window? ;-) | 23:47 |
| === dannf2 is now known as ansh3 | ||
| === ansh3 is now known as ahs3 | ||
| Spiritus | So thats why the south? has been angry againt certain members of certain countries all this time (since 2003) i think thats when the new president got elected. So by that i read that amongst the southern people many people have passed away and theres a sorrow time | 23:48 |
| Spiritus | Yompa: Trying to sort this thing out... very odd because i like both sides as they are the same peoples. | 23:48 |
| Spiritus | Yompa: So the O's and the T's are at it right ? | 23:49 |
| Spiritus | Otherwise we may have to fix it. | 23:50 |
| Spiritus | Yompa: You remeber the US company gateway that Hakan Lanz lost against and then won a bit, but got nothing for his inventions. | 23:52 |
| Spiritus | I think gateway is gone now and theres a new company that has taken its place and stance | 23:53 |
| Spiritus | So Swedes invent things and get nothing for it basically. | 23:54 |
| sbeattie | Spiritus: we're still wondering what any of this has to do with #ubuntu-server. | 23:54 |
| Spiritus | We made windows, but didnt get to invent it further, overtaken because infrastructurally important and or critical. from Sandvik AB. | 23:55 |
| Spiritus | sbeattie: Do you feel its information you know and or dont want to hear about instead of noone chatting at all ? | 23:56 |
| Spiritus | y/n/ssh ? | 23:57 |
| Spiritus | :) | 23:57 |
Generated by irclog2html.py 2.7 by Marius Gedminas - find it at mg.pov.lt!