[00:42] <bmxer> i'm trying to setup a jetty server. i've set NO_START=0, but server does not start . Do i forget anything else?
[00:42] <DevoKun> ruben23: You could use a FUSE equivalent on windows like Dokan: http://dokan-dev.net/en/. But I think h3sp4wn is correct and you will be served well by Samba with OpenVPN or stunnel.
[00:44] <dravekx> crap. permission problems! :(
[00:52] <h3sp4wn> ruben23: You could try Alfresco or ifolder (They are pretty heavy on resources though)
[01:00] <buuo> Anyone running a priv or public cloud?
[01:03] <twb> !anyone > buuo
[01:03] <njbair> I tried changing my dns in /etc/resolv.conf and it was overwritten. How can I change it permanently?
[01:04] <buuo> well sorry...
[01:05] <twb> njbair: lots of stuff writes resolv.conf -- particularly pppd and dhclient by default.
[01:05] <twb> njbair: either tell them not to, or use a wrapper (the resolvconf package?) to instrument it.
[01:05] <njbair> twb, so I probably have to edit config for dhclient
[01:06] <twb> Last time I had to do that, it was a pain in the arse to do so
[01:06] <twb> I advise resolvconf instead
[01:06] <njbair> Thanks. I'll take a look.
[01:07] <buuo> i like to know if the ubuntu priv cloud cost anything to use as i meantion i am cloud noob what i am trying to do is setup a cluster/cloud for web hosting but i also would like to run MPI tools
[01:10] <patdk-lap> ya, it costs you hours of your life spend downloading the iso :)
[01:10] <patdk-lap> after that, just well, time playing with it
[01:12] <buuo> patdk-lap i got 200mbit i can dedicat to download the iso from a close ftp so thats not the problem do u mind if i pm u i am in lots of channels and its hard to keep track on all chat
[01:13] <patdk-lap> heh?
[01:14] <buuo> bitchx
[01:21] <twb> buuo: you have a 200mbps line?  Nice.
[01:29] <h3sp4wn> njbair: You can use as a quick hack - chattr +i
[01:29] <h3sp4wn> chattr +i /etc/resolv.conf
[01:30] <njbair> well I was hoping for something permanent.
[01:30] <h3sp4wn> It is
[01:30] <twb> h3sp4wn: cool
[01:31] <njbair> I am able to add them in the appropriate stanza in /etc/network/interfaces, but it puts the DHCP ones first
[01:31] <h3sp4wn> (better to do it properly but immutable is immutable)
[01:31] <njbair> h3sp4wn, until my lease expires and the internet breaks
[01:32] <h3sp4wn> ? why would it break it would fail gracefully
[01:32] <njbair> h3sp4wn, if my ISP issues a new IP and resolv.conf is immutable, I can't connect.
[01:33] <h3sp4wn> ? No you can maybe you get a warning that it cannot be edited but dhclient still works
[01:33] <h3sp4wn> or use prepend domain-name-servers in dhclient.conf
[01:34] <patdk-lap> njbair, don't use your isp's dns server?
[01:34] <h3sp4wn> Or get a static ip
[01:34] <patdk-lap> I just normally edit dhclient to not push out dns servers at all to resolv.conf
[01:34] <patdk-lap> just comment it out
[01:34] <njbair> patdk-lap, Earthlink defaults to these annoying nameservers that pull up a yahoo search if the domain name doesn't resolve. I am replacing them with Earthlink's "opt out" nameservers
[01:35]  * Psi-Jack looks in.
[01:35] <Psi-Jack> Hmm, I'm trying to see how this is a "server." :p
[01:36] <patdk-lap> servers use dhcp3-server :)
[01:36] <Psi-Jack> Yeah. not dhclient. :p
[01:36] <njbair> Psi-Jack, I'm running ubuntu server on my home gateway
[01:36] <h3sp4wn> Or use pump
[01:37] <h3sp4wn> nodns \n noresolvconf
[01:37] <patdk-lap> psi-jack, a cluster of dynamic load pacemaker machines?
[01:37] <patdk-lap> pacemaker installs and configures new machine and it joins the pool via dhcp? :)
[01:38] <Psi-Jack> Yeah, that's my servers. Two servers with conntrackd, shorewall firewall, pacemaker management, so if one goes down the other switches to primary role without any connectivity loss.
[01:38] <Psi-Jack> Except for that DHCP garbage. :p
[01:38] <patdk-lap> no no
[01:39] <patdk-lap> I mean, say you are running 2 webservers
[01:39] <patdk-lap> but pacemaker detects it can't handle the load
[01:39] <patdk-lap> so it build and starts 6 more :)
[01:39] <Psi-Jack> LOL
[01:39] <patdk-lap> it can do that
[01:39] <Psi-Jack> Oh, it "builds" 6 more, eh?
[01:39] <patdk-lap> yep
[01:39] <patdk-lap> if your using uec or someting
[01:40] <patdk-lap> dynamic load scaling
[01:40] <patdk-lap> don't you want to be like amazon too? :)
[01:40] <Psi-Jack> heh
[01:41] <patdk-lap> that is going be my next project
[01:41] <patdk-lap> building that kind of stuff into my esx cluster
[01:41] <Psi-Jack> So pacemaker is the current skynet, is it? ;)
[01:41] <h3sp4wn> Alot of sites are inefficient, just waste money for no reason
[01:41] <patdk-lap> na
[01:41] <patdk-lap> it only reacts
[01:42] <patdk-lap> it doesn't predict, yet :)
[01:42] <Psi-Jack> lol
[01:42] <patdk-lap> nothing like turning your servers off on low load
[01:43] <patdk-lap> if only I could find a way to turn off the drive arrays too
[01:44] <Psi-Jack> heh
[01:48] <Psi-Jack> Heck, I'm still trying to get Virtualmin stuff to cluster right, but so far I'm verrrry close.
[01:49] <Psi-Jack> The idea of using lvs-dr is actually helping because then I can configure virtualmin to use the VIP that both will have without arping it, so the apache configurations match out right.
[01:51] <twb> Can one have CNAMEs such that (say) ldap.example.net resolves two hosts, lulu and lala?
[01:52] <Psi-Jack> twb: You can do that with A records.
[01:52] <Psi-Jack> And CNAMES too.
[01:53] <twb> Cool, I wasn't sure if doing it with CNAMEs was valid
[01:53] <patdk-lap> not with cnames
[01:53] <patdk-lap> cnames have to be a 1 to 1 match
[01:53] <twb> That's what I thought
[01:53] <patdk-lap> and only a cname is valid to exist, you can't have a cname and a A or osmething
[01:55] <twb> SRV records seem like a nicer way to advertise the existence of services, but of course that requires the client to believe in them
[01:56] <patdk-lap> ya, I love srv when they work
[01:58] <twb> Or where I can listen to SMTP on both my internet links, and just have two MXs
[01:59] <twb> But for web browsing if I just had two A records for www, and one link went down, the clients would pick the down one half the time :-/
[01:59] <patdk-lap> hehe :)
[01:59] <patdk-lap> this is why you go the better route
[01:59] <patdk-lap> instead of mirroring the site over ip's
[01:59] <twb> patdk-lap: get an AS and talk BGP?
[01:59] <patdk-lap> mirror it over bgp :)
[01:59] <patdk-lap> yep
[02:00] <twb> Too much effort for the company website of a ten-man company
[02:00] <patdk-lap> scary, I'm doing it for a 3 person company now
[02:00] <patdk-lap> well, maybe 3.5 people
[02:01] <Psi-Jack> Scarey, I'm doing a 1-man company. ;)
[02:01] <Psi-Jack> Well, will be anyway. heh
[02:01] <twb> Maybe it's easier in the us or something
[02:01] <patdk-lap> easier?
[02:02] <Psi-Jack> My whole 11-server setup at home's being setup to provide highly-available, highly scalable web hosting solutions. ;)
[02:02] <twb> In .au internet connectivity is pretty retarded
[02:02] <patdk-lap> oh heh
[02:02] <patdk-lap> I just love reading about the latest inventions against the internet coming out of the au and uk
[02:02] <patdk-lap> not that we aren't closely following now
[02:03] <twb> patdk-lap: and at the same time they say they're gonna roll out FTTH to like 85% of the population
[02:03] <twb> Not that it will help, because everything is hosted offshore and we'll still be limited by the bandwidth and latency of the undersea and satellite links.
[02:04] <Psi-Jack> Heh, I just wish I could get virtualmin to work with DNS in dual-view operations. *chuckles*
[02:04] <twb> Bleh, webmin can FOAD
[02:05] <Psi-Jack> twb: I have yet to see anything better that's worth a crap.
[02:05] <twb> That's a comparatively minor issue :P
[02:06] <Psi-Jack> Heck, with the right setup and customization, you can even use mpm-itk for virtual hosting with it.
[02:07] <Psi-Jack> Which is a crapload better than fastcgi+suexec
[02:07] <sacul> any nfs gurus in here want can help me out?  I can download files from the internet faster than I can write them to my local server an that just doesn't seem right
[02:07] <Psi-Jack> sacul: Guru's do not call themselves gurus, nor admit to being one ever,
[02:07] <patdk-lap> guru's are jerks
[02:08]  * patdk-lap points at his jerky self
[02:08] <sacul> geeks?
[02:08] <patdk-lap> I get 180MB/s over nfs here, on dual gigabit
[02:08] <patdk-lap> that is almost maxing out the network
[02:09] <sacul> patdk-lap: I'm not nearly that fancy.. but over n-wireless I should see better than I am
[02:09] <patdk-lap> heh?
[02:09] <Psi-Jack> Wireless?
[02:09] <patdk-lap> what kind of n?
[02:09] <Psi-Jack> Are you f'ing kidding me?
[02:09] <qman__> there's your problem
[02:09] <patdk-lap> 150? 300? 450? 600?
[02:09] <qman__> plug a cord in
[02:09] <patdk-lap> with 150, your looking at a max of 7MB/s
[02:10] <qman__> wireless is a joke
[02:10] <sacul> it shouldn't lock at 250MB for 15 minutes.. then resume and do 100MB at a time and repeat... even on wireless
[02:10] <patdk-lap> sure it should
[02:10] <patdk-lap> it's called buffering
[02:10] <qman__> that's exactly the type of problem wireless would cause
[02:11] <qman__> have you had a look at your link with wireshark?
[02:11] <qman__> high error rates and retransmissions are what to look for
[02:11] <sacul> negative
[02:12] <sacul> installing now though
[02:12] <qman__> even if you get good signal bars, you can still have bad interference, bad radios, etc
[02:12] <sacul> SAMBA doesn't lock on me like that though.. is just unbarably slow throughout
[02:13] <qman__> that's just the difference in the nature of the protocols
[02:13] <sacul> not to mention my internet downloads cruise along at 2-3MB/sec
[02:13] <Psi-Jack> patdk-lap: Hey, I got an interesting one for ya, involving shorewall and an LVS director. ;)
[02:13] <qman__> NFS is designed to be used as a remote filesystem, while samba is more like FTP in purpose
[02:14] <qman__> file transfers are about the worst thing you can use wireless for
[02:14] <sacul> so am I going about this wrong if all I want is an efficient way to get this 2gig .avi file from my laptop to my HTPC?
[02:14] <sacul> both running maverick?
[02:14] <twb> qman__: time-sensitive data would be worse
[02:14] <qman__> yes
[02:14] <Psi-Jack> patdk-lap: Without proxyarping, I'm trying to setup my firewalls to DNAT local LAN traffic to a specific public IP:PORT to my LVS director for my load balanced webservers.
[02:14] <qman__> a flash drive would be better than wireless
[02:14] <qman__> I know it's a lot of work, but just plug it in
[02:15] <qman__> the result will be much, much better
[02:15] <sacul> qman__: shouldn't need that... X(
[02:15] <twb> Using nc instead of scp/nfs/cifs would also increase payload throughput
[02:16] <qman__> wireless is only good for one thing--internet in a jam
[02:17] <qman__> everything else, it's absolute garbage
[02:17] <sacul> only on jack behind the tv and its for my XBox XP
[02:17] <qman__> already got a jack there, just get a switch
[02:17] <qman__> you can get a 10/100 switch for like $20
[02:17] <qman__> cheaper than a wireless card
[02:18] <qman__> and faster, and more reliable
[02:18] <sacul> mayhaps after christmas D:
[02:19] <patdk-lap> Psi-Jack, that is easy
[02:19] <sacul> wifey will love it
[02:19] <qman__> I know wireless n can theoretically connect at speeds six times higher
[02:19] <qman__> but throughput never is
[02:19] <Psi-Jack> patdk-lap: I setup a rule for HTTP(DNAT) lan lan:172.17.100.0 - - - externalIP
[02:19] <patdk-lap> Psi-Jack, but it's not called dnat then, it's snat :)
[02:19] <Psi-Jack> Oh?
[02:19] <patdk-lap> you are hiding the source ip, the lan right? where it's coming from?
[02:20] <Psi-Jack> patdk-lap: Heh, the 172.17.100.0/1/2
[02:20] <Psi-Jack> 0 being the lb IP, 1 and 2 being the realservers.
[02:20] <patdk-lap> I dunno your network, so
[02:20] <patdk-lap> heh?
[02:20] <twb> pastebin iptables-save -t nat, rather than trying to translate it into feeble english words
[02:21] <Psi-Jack> patdk-lap: Basically I want any LAN originating connection hitting externalIP:80 to be forwarded to the LVS director and routed back successfully to the requester.
[02:22] <patdk-lap> yes, but you are throwing terms around
[02:22] <Psi-Jack> patdk-lap: I'm in a 172.17.0.0/16 network, and 172.17.100.0 is the LVS director IP.
[02:22] <patdk-lap> like,I dunno what lan is
[02:22] <patdk-lap> :)
[02:22] <Psi-Jack> lan is 172.17.0.0/16
[02:22] <patdk-lap> heh?
[02:23] <Psi-Jack> I have two zones. lan and net.
[02:24] <twb> In apt-cache show, there is a field "Supported: 5y".
[02:24] <twb> Where does it come from?
[02:25] <twb> Never mind, it's actually defined in Packages
[02:26] <digital_chaos> whats that off topic channel i can not find it
[02:27] <qman__> !ot
[02:27] <qman__> digital_chaos, ^
[02:28] <digital_chaos> ^
[02:28] <digital_chaos> carrots
[02:28] <digital_chaos> not a good topic
[02:29] <digital_chaos> i see it
[02:33] <twb> digital_chaos: caret ≠ carrot
[02:34] <sacul> i can't claim i understand why.. but I plugged the htpc into the wall and all problems are solved.. qman__ you're the man...  still locked up but the sending laptop is still wireless though so I'm blaming it at the moment... and it didn't slow until 1.7GB of 2GB were xfered.. much better
[02:35] <qman__> yeah, you'll probably have to remount your NFS
[02:35] <sacul> qman__: i thing nautilus may have done that for me because it took about a minute to open it up at first...
[02:36] <sacul> s/thing/think
[02:36] <qman__> ah
[02:48] <twb> This works: grep-aptavail -ns Package,Supported -F Provides x-display-manager | fmt | tr -s '\n'
[02:48] <twb> But this doesn't: grep-status -ns Package -F Supported 5y
[02:49] <twb> How can I generate a list of all packages that are installed and do not receive five years of support?
[03:04] <fluvvell> twb, best to start with a list from the bare bones server?
[03:13] <patdk-lap> twb, odd, my apt-cache show, doesn't have any supported line for any packages
[03:15] <patdk-lap> ah, it does for lucid, but not hardy
[03:17] <twb> fluvvell: the information is encoded in the apt database
[03:17] <twb> But it's not copied to the dpkg database
[03:31] <fluvvell> twb, thats quite interesting.  The general impression I had was that if it was included in ubuntu-server, it would be covered for 5 years.
[03:31] <fluvvell> I love hanging out here, there is always so much to learn
[03:31] <twb> fluvvell: basically, no
[03:32] <twb> Ultimately I want to write a vrms-like cron job that will remind me when *individual installed packages* are EOLd by Canonical
[03:32] <twb> Because while LTS is supported for five years, if you have e.g. gdm installed on your LTS server, that is EOLed after three years.
[03:33] <ilovegrolsc> my vps hosting provider won't reply to my support ticket about broken iptables
[03:33] <ilovegrolsc> been a week
[03:34] <ilovegrolsc> keep sending emails
[03:34] <ilovegrolsc> could they be ignoring me?
[03:36] <fluvvell> twb, and the 5 years status cat be shown up by querying -eg apt-cache search ? I'd note that gdm is not part of the server install, - not stating I know what I'm talking about - just observation.
[03:37] <fluvvell> no, not search
[03:38] <fluvvell> hmm, not showpkg either
[03:38] <Pici> fluvvell: If you're interested in writing a script to do it, the python-debian package/module can parse the feilds of Packages files.  I don't know if theres a way to do it with apt-cache itself.
[03:41] <twb> fluvvell: that depends how you define "the" server install.
[03:41] <fluvvell> Pici, I'm dreaming to think I'd even have the time :)  I was interested to find out that the EOL info was available, I never know that.
[03:41] <twb> I suspect the rough-and-ready definition as it related to EOL windows is "the packages in the pool of the server install CD"
[03:41] <twb> ...even though *I* don't use CDs :-/
[03:41] <fluvvell> twb, quite. There are a number of choices that mean a 10.04 server could look different
[03:42] <fluvvell> twb, that was my line of thinking yes.
[04:32] <tonyyarusso> twb: Shouldn't be too hard, since that info is already in the package descriptions.
[04:33] <twb> tonyyarusso: 14:17 <twb> But it's not copied to the dpkg database
[04:34] <tonyyarusso> twb: Presumably you'd have to do a dpkg -l to get a list, ad then for each item do like apt-cache show gdm | grep Supported | head -1 | sed 's/Supported:\ \([0-9]\)y/\1/'
[04:35] <tonyyarusso> Bonus:  Doesn't require non-standard packages like dctrl-tools.
[04:35] <twb> tonyyarusso: yes, except using dctrl-tool instead of NIHing it
[04:36] <tonyyarusso> twb: Well, you already learned that doesn't work, so *neenerneener* :)
[04:39] <twb> tonyyarusso: you'd also need to narrow it to match the correct version
[04:39] <tonyyarusso> true
[04:39] <twb> e.g. if you're running postfix from maverick on a lucid host, it's not correct to report that it has 5y support.
[04:39] <tonyyarusso> well, wait, would you?
[04:39] <tonyyarusso> ...
[04:40] <tonyyarusso> If you're running postfix from maverick on a lucid host you're ALREADY NOT SUPPORTED, making this a moot point.
[04:40] <twb> Or to put it differently, it should warn you that the version YOU HAVE is EOLd
[04:40] <tonyyarusso> For that all you need to do is grep the sources for anything non-lucid, and if results are non-zero tell you you're screwed :P
[04:40] <twb> *EOLd or unsupported
[04:41] <twb> tonyyarusso: it shouldn't just say "you're screwed"
[04:41] <twb> http://paste.debian.net/102021/
[04:41] <twb> I want a report like that, except s/non-free/EOLd or unsupported/
[04:41] <twb> Then you put it in cron.monthly
[04:47] <twb> grep-status -ns Package,Version -P . | while read package && read version && read _; do grep-aptavail -s Package,Supported -XP $package -and -XF Version $version -and -F Supported --lt 5y ; done
[04:48] <twb> ...except that of course if the package is installed out-of-band, it won't be in the apt Packages list at all
[04:48] <twb> I guess you could || the grep-aptavail, since it returns non-zero if there are no matches
[04:50] <twb> You can't use --lt, though, because "dpkg --compare-versions 6mo lt 5y" is false.
[04:50] <twb> Pity Canonical didn't use an ISO 8601 period profile
[04:51] <twb> Even better would've been just putting the RFC 3339 or epoch time at which the package will be EOLd.
[05:02] <MeltingK33board> I have a question
[05:03] <MeltingK33board> where is the poppler package
[05:04] <MeltingK33board> i see the source on launchpad
[05:04] <MeltingK33board> but not the package
[05:06] <MeltingK33board> I am trying to use pdf2xml
[05:06] <MeltingK33board> and it says...
[05:08] <MeltingK33board> just a sec
[05:08] <MeltingK33board> No package 'poppler' found
[05:08] <tonyyarusso> twb: Hacky, but behaves as I expected: http://paste.debian.net/102022/
[05:08] <MeltingK33board> sudo apt-get install poppler
[05:08] <MeltingK33board> [sudo] password for isaac:
[05:08] <MeltingK33board> Reading package lists... Done
[05:09] <MeltingK33board> Building dependency tree
[05:09] <MeltingK33board> Reading state information... Done
[05:09] <MeltingK33board> E: Couldn't find package poppler
[05:09] <tonyyarusso> twb: But yes, putting useful data in the dpkg database would certainly be nicer in the long run.
[05:09] <MeltingK33board> so "poppler" isn't in the repos... is there another package name?
[05:10]  * tonyyarusso proceeds to be amazed how much stuff he has installed from universe
[05:10] <tonyyarusso> MeltingK33board: what is it again?
[05:10] <MeltingK33board> poppler
[05:10] <tonyyarusso> What's it *do*
[05:10] <MeltingK33board> i am trying to install pdf2xml
[05:10] <MeltingK33board> and it requires poppler, which is a pdf library
[05:11] <tonyyarusso> I'm guessing libpoppler5
[05:11] <MeltingK33board> i found it... libpoppler-dev
[05:11] <tonyyarusso> err, it requires a -dev package?
[05:12] <MeltingK33board> that is the first package name i found that was actually in the repos
[05:12] <MeltingK33board> it would be nice if it wasn't dev
[05:12] <MeltingK33board> but libpoppler doesn't work
[05:12] <MeltingK33board> i am still looking
[05:13] <tonyyarusso> MeltingK33board: Did you try libpoppler5?
[05:13] <MeltingK33board> ok your libpoppler5 works... now let me try to build the pdf2xml
[05:13] <twb> tonyyarusso: Supported can contain "6mo" as well, I think
[05:13] <twb> tonyyarusso: I can't remember where I saw it though
[05:13] <MeltingK33board> ahh
[05:13] <MeltingK33board> ok
[05:14] <tonyyarusso> twb: Yeah, I hadn't begun to address the non-LTS cases.
[05:15] <twb> tonyyarusso: packages can also have no Supported field at all (e.g. all of universe).  Your script seems to only be looking at gdm.
[05:15] <tonyyarusso> twb: also, 6mo, or 18mo?  Why would anything be 6mo?
[05:15] <tonyyarusso> bah, that line still
[05:15] <twb> tonyyarusso: I think I saw it for something like kubuntu desktop packages
[05:15] <tonyyarusso> twb: Just delete the gdm part - it's right around that.
[05:15] <tonyyarusso> twb: My script handles unsupported (universe) packages.
[05:16] <tonyyarusso> See the grep count line.
[05:16] <twb> Oh, yeah.
[05:16] <twb> You could just use grep -q
[05:16] <tonyyarusso> -q?  Never used that.
[05:16] <twb> It's a GNUism
[05:17] <tonyyarusso> ah
[05:17] <MeltingK33board> ok libpoppler5 didn't work
[05:17] <twb> So it -c, I think
[05:17] <tonyyarusso> err, man page says -q is "quiet", ie no output.  Looking at exit code or something I take it?
[05:17] <twb> Right.
[05:17] <tonyyarusso> gotcha
[05:17] <tonyyarusso> meh, this way is marginally more readable.  Maybe.
[05:17] <twb> stream | if grep -q pattern ; then echo found; else echo not found; fi
[05:19] <twb> tonyyarusso: you also ignore partially-installed packages :-)
[05:22] <tonyyarusso> twb: Nobody said it was done ;)
[05:22] <tonyyarusso> Proof of concept man, c'mo!
[05:22] <tonyyarusso> err, c'mon
[05:22] <twb> Granted
[05:23]  * tonyyarusso puts that away for tonight, but may well actually use it on a server or two
[05:24] <twb> dpkg --get-selections would work for you, since you're ignoring the version
[05:27] <twb> dpkg-query -W -f '${Package} ${Version}\n'
[05:31] <ScottK> twb: There's nothing that's just supported for 6 months.
[05:31] <twb> ScottK: was there, once?
[05:31] <twb> If not maybe I just misremember
[05:31] <ScottK> Not since at least Dapper (when I arrived)
[05:31] <ScottK> You may be misremembering that Hardy was LTS for Ubuntu, but not for Kubuntu (regular 18 months though)
[05:34] <twb> So it would've said "18mo" in the support field (if there was one)?
[05:36] <twb> http://paste.debian.net/102023/ <-- my latest effort
[05:38] <ScottK> twb: Yes.
[05:41] <twb> OK.  The important datum being that my script must anticipate "mo" as well as "y" in fields.
[05:41] <Psi-Jack> Anyone here do proxy arping? I'm trying to figure out how to determine /if/ a proxy arp is active or not for a pacemaker ra, and best I got so far is to check /proc/net/arp, but just looking at that I can't determine for absolute certainty that it's a proxyarp.
[05:43] <Psi-Jack> arp -an doesn't always show it until the second attempt, which makes things even more annoying. heh
[05:46] <twb> Oh wow, that's a class A cock-up
[05:46] <twb> lsb_release -r >&-
[06:04] <twb> What are all possible values for the Supported field?
[06:04] <twb> 5y, 3y, 18mo, and not present -- anything else?
[06:26] <twb> tonyyarusso: http://paste.debian.net/102024/
[06:26] <twb> You'll need to remove release_date=2008-04-01         # testing
[06:27] <twb> If you can get it to match on $version without using grep-dctrl, I'm willing to consider it
[06:54] <ruben23> hi guys.
[09:52] <cnus8n> Hi, I have an i7 980x (hexacore) installed with ubuntu 10.04, with the 2.6.28-15-server #52-Ubuntu SMP  kernel. When I check my /proc/cpuinfo, I can see only 8 CPUs. Was expecting to see 12. Anybody got any clue about it?
[09:58] <twb> cnus8n: sounds you were misinformed
[09:59] <cnus8n> twb, meaning?
[09:59] <twb> Hmm, Wikipedia corroborates you.
[10:00] <cnus8n> twb, misinformed about what?
[10:00] <twb> About how many cores it had
[10:01] <twb> cnus8n: pastebin /proc/cpuinfo
[10:03] <cnus8n> twb, http://pastebin.com/TgvbDa6g
[10:03] <cnus8n> also check out http://ark.intel.com/Product.aspx?id=47932
[10:04] <cnus8n> it is 6 cores, 12 threads
[10:04] <twb> Yeah, I can't explain that
[10:04] <twb> I assume you're running an amd64 kernel?
[10:05] <cnus8n> does the stock kernel with Ubuntu have some restrictions on the number of CPUs ?
[10:05] <twb> Not that I know of, but 8-way is the most I've ever had
[10:06] <cnus8n> is there a way to increase that number? or some repository having kernel which supports?
[10:06] <twb> Given an SSL key or certificate in PEM format, how does on decode it (e.g. to extract the cn)?
[10:06] <twb> cnus8n: I mean: 8-way is the most I've ever had PHYSICALLYU
[10:09] <twb> Hm, this works for the cert: openssl x509 -in foo.pem -text -noout
[10:53] <twb> !do-release-upgrade
[10:53] <twb> Grmph
[10:59] <twb> Grr!  do-release-UPGRADE decided to install grub-pc.
[11:00] <twb> "The following Linux command line was extracted from /etc/default/grub or the `kopt' parameter in GRUB Legacy's menu.lst."
[11:00] <twb> ...no, no it wasn't.  grub wasn't installed -- this is an LXC container, you silly grub
[11:11] <Jeeves_> kees: You are one of the Ubuntu security gurus, right?
[11:12] <twb> Jeeves_: he is.
[11:12] <twb> Jeeves_: try -hardened
[11:13] <Jeeves_> Exim is suffering a remote-root-exploit
[11:14] <patdk-lap> evil
[11:14] <Jeeves_> http://www.exim.org/lurker/message/20101207.215955.bb32d4f2.en.html
[11:15] <twb> FWIW, default-mta is postfix on Ubuntu
[11:15] <twb> I heard it also only affects exim4's that don't chuid, and Debian's exim4 does by default
[11:18] <Jeeves_> Doesn't any mailer that does local delivery chuid?
[11:18] <Jeeves_> uh, that's not very clear
[11:18] <Jeeves_> let's lunch first
[11:27] <twb> I'm just relaying what a LUG denizen told me
[11:28] <twb> Oh crazy, do-release-upgrade runs itself in a :zombie'd screen in maverick
[11:35] <twb> Interesting error after maverick->natty: http://paste.debian.net/102037/
[11:36] <patdk-lap> hehe :)
[11:36] <patdk-lap> I don't have that error, but I haven't upgraded my natty python yet
[11:36] <twb> (I just created a 10.04 container and tried to lucid->maverick, maverick->natty using d-r-u)
[11:36] <twb> Just to see what would happen
[11:37] <twb> procps failed in the former d-r-u because I had dpkg-divert'd its upstart job, but the postinst ASSUMED 'restart procps' would succeed
[11:39] <twb> Is it just me, or does "aptitude safe-upgrade" actually behave like "aptitude full-upgrade" on Ubuntu?
[11:39] <twb> http://paste.debian.net/102038/
[11:39] <twb> apt-get upgrade appears to be a safe-upgrade
[11:40] <lucascastro> I have problem when install ubuntu server x86_64bits using raid level=0 on machine.
[11:41] <twb> lucascastro: do you really want RAID0?  That makes your system LESS reliable.
[11:41] <lucascastro> isn't raid0 is mirroring ?
[11:42] <jpds> lucascastro: No, that's 1.
[11:42] <lucascastro> yeah... raid level=1, I'm sorry.
[11:42] <twb> lucascastro: continue.
[11:43] <lucascastro> and so, when the system is going to boot the grub don't find the disks with them uuid's and gets in initframe.
[11:44] <lucascastro> that on lucid.
[11:47] <twb> lucascastro: does /proc/partitions refer to a /dev/mdNp1 ?
[11:49] <lucascastro> I've install the grub, /dev/sda /dev/sdb
[11:52] <twb> lucascastro: please answer the damn question
[11:53] <twb> lucascastro: actually, never mind -- just read this: http://paste.debian.net/102040/
[12:03] <Jeeves_> twb: I don't understand your remark about chuid
[12:04] <twb> Jeeves_: never mind, it was probably spurious
[12:04] <Jeeves_> If i understand it correctly, all exim's are able to chuid, because they need to deliver email as ...
[12:05] <twb> That is a convincing argument
[12:15] <lucascastro> I put  "/boot" on a raid.
[12:17] <lucascastro> I already made that much times and never had no problem,  does someone think it could be that the problem?
[12:32] <twb> lucascastro: plonk.
[12:33] <lucascastro> twb: what does it mean?
[12:34] <twb> lucascastro: it means I'm ignoring you because you can't take orders.
[12:35] <cocoa117> anyone here use scheduleworld.com sync their PIM data? Are they/he/she shutting down for good?
[12:36] <lucascastro> that's a bug, https://bugs.launchpad.net/ubuntu/+source/grub2/+bug/525425!
[12:36] <twb> cocoa117: that doesn't resolve.
[12:37] <cocoa117> twb, u talking about DNS server doesn't give IP address right?
[12:37] <cocoa117> twb, r u suggesting this is DNS provider issue not the issue for scheduleworld.com?
[12:38] <twb> cocoa117: correct; there is no A record for that domain name.
[12:38] <twb> Actually, based on the behaviour I'm seeing, it would seem the NS server(s) for that domain are offline, or blocking my domain queries.
[12:39] <cocoa117> twb, i guess it's not just our domain, my home and work dns can't resolve it
[12:40] <twb> cocoa117: on that basis, I wouldn't go with that vendor
[12:41] <cocoa117> twb, enn, well already paid one year subscription fee, and was fine for 5 months till now, :(
[12:41] <cocoa117> twb, by the way, what command did u use to get A record info? dig -t mx schedulworld.com
[12:41] <twb> cocoa117: maybe you should call the vendor and ask WTF happened
[12:41] <twb> cocoa117: getent hosts, and dig.
[12:42] <lucascastro> twb: I didn't take that orders 'cause the computers was turned off.
[12:42] <twb> cocoa117: obviously -t mx returns the MX, not the A.
[12:42] <cocoa117> twb, got it, thanx
[13:11] <Danawar2> Heyaa ubuntu server how can i stop a user writing 1gb files to the tmp folder?
[13:12] <twb> Danawar2: mount -t tmpfs none /tmp -o size=8m
[13:12] <Danawar2> What does that do?
[13:12] <twb> Makes /tmp an slice of pagable memory, capped at eight megabytes.
[13:13] <Danawar2> okk
[13:13] <Danawar2> ill rephrase is there any way i can limit the amount of data a user has on my server?
[13:13] <twb> Yes, user quotas.
[13:13] <Danawar2> okk thanks
[13:14] <twb> install the quota package, mount the filesystems in question with -oquota, and reboot to trigger the initial quota state generation (which will take O(n) time - hours for a 1TB filesystem).
[13:14] <twb> Finally, use edquota or so to assign a soft or hard limit to the user in question.
[15:05] <pmatulis> geez, when is vmbuilder going to support raw devices?
[15:07] <jpds> pmatulis: [Freenode] [!] There is no such nick geez
[15:08] <pmatulis> jpds: oh boy, you're on your game this friday
[15:10] <twb> Obviously Jesus has too many nicks
[15:10] <pmatulis> nicks and scratches?
[15:11] <JFo> booo hiss :)
[15:11] <zul> pmatulis: patches accepted ;)
[15:11] <pmatulis> oh boy!
[15:12] <pmatulis> doesn't he have some branches?  crown of thorns?
[15:17] <consumerism> is there any way to add authorized ssh keys for root other than to put them in /root/.ssh/authorized_keys?
[15:18] <consumerism> like an include of some arbitrary path?
[15:18] <consumerism> or a global authorized_keys file?
[15:18] <pmatulis> consumerism: edit root's config file i would say but why don't you like the default?
[15:19] <consumerism> pmatulis: this is a cloud machine from a static image and rather than write a script to throw all the keys i need into that file i'd like to keep them elsewhere and just include or link them somehow
[15:23] <pmatulis> consumerism: i don't understand.  read AuthorizedKeysFile in sshd_config man page
[15:26] <consumerism> pmatulis: so i can only define where the authorized_keys file lives for all users, i can't specify a unique one for root for example?
[15:29] <consumerism> pmatulis: the server i'm working on boots in amazon's cloud from a pre-built image, in other words i need to script all configuration that's not part of the image. rather than writing the public keys i need directly to /root/.ssh/authorized_keys via script, i'd like to just include them so when i add a key i don't have to edit the script. i could keep them in a separate file and just cat that
[15:29] <consumerism> >> authorized_keys but i was wondering if there's another way
[15:30] <twb> User root
[15:30] <twb>   ThingyFile %h/.ssh/authorized_keys.gotcha
[15:30] <twb> ...in sshd_config?
[15:30] <twb> Match User root, rather
[15:31] <twb> The sshd_config and ssh_config manpages should make it fairly obvious how to massage that to correctness
[15:34] <consumerism> ah
[15:34] <consumerism> twb: thanks
[15:34] <twb> np
[15:34] <twb> Note that ssh-copy-id won't realize
[15:35] <consumerism> i don't use that
[15:37] <consumerism> another question, although ps aux | grep ssh shows me that ssh-agent is running, when i run ssh-add it says it can't connect to my authentication agent. how can i troubleshoot this?
[15:37] <twb> Turn off agent forwarding and use -oProxyCommand instead
[15:38] <twb> e.g. Host foo.example.net \n\t ProxyCommand ssh example.net -W %h:%p
[15:38] <twb> Er, s/foo/*/, so it's a wildcard
[15:40] <robbiew> Daviey: what's the current situation of bug 600174?
[15:40] <consumerism> twb, not sure i follow, i'm trying to add my identity file to my current session so i don't have to keep entering the passphrase when i use my key
[15:41] <twb> consumerism: oh, right.
[15:41] <Daviey> robbiew: still exists, i spent a few hours trying to look at it.  doko is aware of it, and i think he may get to it eventually... is that right doko?
[15:41] <Daviey> robbiew: FWIW, it's quite a PITA that one.
[15:42] <twb> consumerism: are you using Screen?
[15:42] <robbiew> Daviey: sure...I'm not pushing...just need status for weekly release meeting ;)
[15:42] <twb> Your environment needs entries like this:
[15:42] <twb> SSH_AUTH_SOCK=/tmp/ssh-HYfvfR1489/agent.1489; export SSH_AUTH_SOCK;
[15:42] <twb> SSH_AGENT_PID=1496; export SSH_AGENT_PID;
[15:42] <doko> Daviey: somehow
[15:42] <doko>     - S6638712: Inference with wildcard types causes selection of
[15:42] <doko>       inapplicable method.
[15:42] <doko>     - S6650759: Inference of formal type parameter (unused in formal
[15:42] <doko>       parameters) is not performed.
[15:43] <Daviey> doko: Yeah.. i was looking at them two patches
[15:43] <consumerism> twb: i'm using tmux, but the problem is still present outside of tmux or screen
[15:43] <doko> please could you ping upstream about this too? I'm preparing a build without these
[15:43] <twb> consumerism: if your tmux session persists across X invocations, you'll lose conection to the agent
[15:43] <Daviey> doko: Would it be better if your build without those is tested first?
[15:44] <twb> consumerism: because the X teardown code stops the one you know about, and then next X setup creates a new one.
[15:44] <consumerism> twb: not using X, it's a headless server
[15:44] <consumerism> printenv doesn't show me those env vars, how are they supposed to be set?
[15:45] <twb> OK, then you need to start the agent by hand, in a sufficiently magic way that detaching, logging out, logging in, and retaching doesn't give you a new one
[15:45] <twb> For that, I use twb-agents(1twb) in my .bash_profile: http://code.haskell.org/~twb/Preferences/.bin/twb-agents http://code.haskell.org/~twb/Preferences/.bash_profile
[15:46] <twb> As that code says, it's based on Gentoo keychain(1), which is also available in Ubuntu.
[15:46] <ttx> Daviey: task force governance model drafted at https://wiki.ubuntu.com/ServerTeam/TaskForces -- not sure we need more, feel free to edit it
[15:47] <doko> Daviey: ohh, the axis2c one? no, currently not looking at it
[15:48] <zul> kim0: ping i uploaded your bacula fix i just modified the changelog a bit thanks for the patch though
[15:52] <kim0> zul: cool :)
[15:52] <kim0> zul: can I see what was needed to be modified
[15:52] <Daviey> ttx: Awesome!  I'll have a good read and digest it this evening... Currently swapping between tasks \o/
[15:52] <zul> kim0: sure check launchpad :)
[15:52] <Daviey> doko: Are you able to look at the axis2c one this cycle?
[15:53] <ttx> Daviey: sure no hurry. Mostly a rehash of the spec.
[15:53] <Daviey> doko: RE, Java - confirming it fails in maverick with natty openjvm
[15:55] <doko> Daviey: I should have test packages ready in about 30min
[16:01] <Daviey> doko: Great... if they arrive ~30 mins from now, i'll test them straight away... otherwise i need to go afk.
[16:01] <Daviey> doko: Is it a PPA ?
[16:01] <doko> Daviey: no, local build
[16:02] <doko> Daviey: I'll leave these at http://people.canonical.com/~doko/tmp/
[16:03] <Daviey> doko: be good if you run apt-ftparchive or similar on them :)
[16:04] <doko> wget 1 2 3 4 should work too =)
[16:04]  * Daviey pah's
[16:04] <Daviey> :)
[16:17] <l3dx> when I run "crontab -e" as a user, where is it stored?
[16:21] <DevoKun> l3dx: usually /var/spool/cron/crontabs
[16:23] <l3dx> ok. thanks
[16:23] <doko> Daviey: files are there
[16:28] <Daviey> doko: great
[16:28] <RichardRaseley> Hello all, I have an urgent issue that I would really appreciate someone helping me with. I had to move a Ubuntu VM that was running under VMWare Player to a Hyper-V server (not my choice, long story). When booting into the VM I am greeted by a "BusyBox" command line.
[16:28] <Daviey> doko: Ahhh! my chroot is amd64 :)
[16:29] <RichardRaseley> I think it is because VMWare uses SCSI emulation by default whereas Hyper-V requires IDE emulation.
[16:29] <RichardRaseley> Any suggestions as to what I might be able to do to resolve this?
[16:29] <doko> Daviey: build eu here locally
[16:29] <RichardRaseley> It would be greatly appreciated!
[16:29] <Daviey> doko: creating an i386 chroot now
[16:31] <h3sp4wn> RichardRaseley: Have you converted the disk
[16:31] <h3sp4wn> RichardRaseley: (VMDK to VHD)
[16:32] <RichardRaseley> h3sp4wn: Yes, I have.
[16:32] <RichardRaseley> Converted and associated with the VM.
[16:32] <h3sp4wn> RichardRaseley: Updated the initrd ?
[16:32] <RichardRaseley> I can hit grub, change the boot to use "vga=771", but then I just get the BusyBox
[16:32] <RichardRaseley> I am not sure how I would do that.
[16:33] <RichardRaseley> Could you help me a bit on that item?
[16:33] <h3sp4wn> Trying to think about how to do it
[16:33] <RichardRaseley> Thank you, I appreciate your help. I am in a bit of a bind here. This would make my day. =D
[16:33] <doko> Daviey: build for me
[16:34] <h3sp4wn> (Its easy from a running system problem is likely the right modules for the disk are not in the initramfs (initrd)
[16:34] <Daviey> doko: Oh, great!
[16:34] <Daviey> doko: Are those two patches crucial?
[16:35] <Danawar2> Hey ubuntu server if some one makes a copy of /etc/passwd is it possible for them to decrypt the passwords?
[16:35] <Daviey> Danawar2: not on ubuntu, they would need /etc/shadow :)
[16:35] <remix_tj> no
[16:35] <RichardRaseley> That makes sense. I think the VMWare uses SCSI virtualization whereas Hyper-V uses IDE - I think that is the root cause of my issue.
[16:35] <remix_tj> because in /etc/passwd there are not :-D
[16:35] <h3sp4wn> Danawar2: They need /etc/shadow  depends how much they want them
[16:35] <Danawar2> if they got /etc/shadow
[16:36] <remix_tj> Danawar2: take a look to the crypt() function
[16:36] <h3sp4wn> If the NSA wants them I guess they can get them
[16:37] <remix_tj> Danawar2: on /etc/shadow there is not password crypted, there is a string crypted using your password
[16:37] <Danawar2> its just my friend thats got shadow
[16:37] <Danawar2> and passwd
[16:38] <remix_tj> so your password is secure because if they break DES encryption they get not crypt key but only decrypted text
[16:38] <Danawar2> ook
[16:38] <Danawar2> phew ;D
[16:38] <doko> Daviey: looking ... http://bugs.sun.com/view_bug.do?bug_id=6638712 http://bugs.sun.com/view_bug.do?bug_id=6650759
[16:39] <remix_tj> Danawar2: if your friend got your shadow it means that he were root, and this is more preoccupant than the things he theft
[16:40] <Danawar2> ohh deer
[16:40] <Danawar2> lol ;D
[16:40] <Danawar2> im sure he wont do any thing melicious ;D
[16:40] <Danawar2> well i hope not any way hehe
[16:42] <Danawar2> is there any way for him to wipe his .bash_history?
[16:48] <h3sp4wn> yeah - rm
[16:48] <Danawar2> without route?
[16:48] <Danawar2> root*ha
[16:49] <h3sp4wn> he can edit it with whatever - vi
[16:49] <Danawar2> ookiess is this information saved any were else where he wouldnt be able to edit it?
[16:50] <h3sp4wn> Not by default afaik
[16:50] <Danawar2> Are there any good programs that will log user activity?
[16:51] <h3sp4wn> selinux
[16:52] <jpds> Danawar2: auditd.
[16:53] <Danawar2> Is that already in stalled on all versions of ubuntu or just server or none atall?
[16:53] <jpds> None at all.
[16:53] <Danawar2> okies
[16:54] <Danawar2> Thanks for all your help guys I got a lot of research to do :D
[16:55] <h3sp4wn> Danawar2: You could checksum all your binaries and libs to see if any have changed
[16:55] <jpds> aide works well for that.
[16:56] <Danawar2> Thanks#
[16:57] <kirkland> SpamapS: around yet?
[16:59] <h3sp4wn> Has anyone seen any blueprints for a smaller Jeos (For me Jeos is far too much OS - vps far too much wastage even with just ubuntu-minimal)
[16:59] <SpamapS> kirkland: just sat down. g'morning.
[16:59] <kirkland> SpamapS: 'mornin'
[16:59] <SpamapS> h3sp4wn: uh, why?
[17:00] <kirkland> SpamapS: you said you had to make some changes to cobbler to get the web interface up and running ... have you pushed those changes anywhere?
[17:01] <SpamapS> kirkland: lp:~clint-fewbar/+junk/cobbler-packaging-enhancements
[17:01] <SpamapS> kirkland: with that one, you still have to edit /etc/cobbler/modules.conf and change the authentication module.. but once you do that, you can start cobblerd and login.
[17:02] <SpamapS> kirkland: you know, it would be cool to add openid auth. I bet it would be easy too.
[17:02] <SpamapS> kirkland: though I imagine cobblers won't be on the public internet, so its probably moot. ;)
[17:02] <kirkland> SpamapS: sweet;  would you link that branch to the blueprint?
[17:03] <kirkland> SpamapS: that would be kinda neat, actually
[17:03] <SpamapS> kirkland: and agreed on it being FYI.. since we're basically just doing what we decided to do at UDS. :)
[17:03] <h3sp4wn> SpamapS: No point in wasting memory (I need as much as I can for the db and my application)
[17:04] <kirkland> SpamapS: yessir -- it's more of a "followup" since UDS
[17:04] <SpamapS> h3sp4wn: having files on the disk does not waste "memory"
[17:05] <patdk-wk> it does if you keep indexing your filesystem, and using up inode cache :)
[17:05]  * patdk-wk spanks himself
[17:05] <h3sp4wn> SpamapS: True alot of those things you cannot replace easily without removing ubuntu-minimal
[17:05]  * SpamapS wishes there were an easy way to pretend his 22" monitor was 2 monitors so windows would automatically split down the middle.
[17:06] <SpamapS> patdk-wk: agreed.. what were we thinking with slocate? ;)
[17:06] <h3sp4wn> SpamapS: Braindead to have 2 of everything installed just for the sake of it as well (App runs less well with double the RAM than it ran on Netbsd)
[17:07] <SpamapS> h3sp4wn: two of everything?? not sure I follow you there.
[17:07] <patdk-wk> is there a point of needing ubuntu-minimal? I uninstall it from most of my systems
[17:07] <SpamapS> h3sp4wn: and have you profiled it to see what is running poorly?
[17:08] <h3sp4wn> SpamapS: To a point profiling adds even more overhead
[17:08] <patdk-wk> what is it your doing that us using up all your ram?
[17:08] <SpamapS> patdk-wk: it uses up 30k.. why would you bother?
[17:08] <patdk-wk> I know when I install ubuntu-server it used 24megs of ram, after boot
[17:08] <SpamapS> h3sp4wn: to a point, without measurement, we have nothing.
[17:09] <patdk-wk> SpamapS, no, I don't, it's the other stuff I uninstall, removed the ubuntu-minimal dependence
[17:09] <patdk-wk> and I only remove them for alittle bit more comfort :) not cause of wasted disk space
[17:09]  * SpamapS boots his lucid minimal to see how much RAM it is using..
[17:10] <SpamapS> hah I love that it boots to getty in 2s .. :-P
[17:10] <patdk-wk> my lucid minimal lvs-dr is using 89megs
[17:10]  * patdk-wk blames pacemaker :)
[17:10] <patdk-wk> and ldirector
[17:11] <SpamapS> 31M on my lucid amd64 minimal
[17:11] <kirkland> Daviey: yo
[17:11] <kirkland> Daviey: where are your cobbler fixes?
[17:11] <SpamapS> but 3.5M of that is bash
[17:11] <kirkland> Daviey: pushed anywhere yet?
[17:11] <patdk-wk> SpamapS, console or ssh login?
[17:11] <SpamapS> and 1M is ps auxw O r running
[17:11] <SpamapS> patdk-wk: console
[17:11] <patdk-wk> I think I removed useless consoles to lower mine some
[17:12] <patdk-wk> but it was at 24megs, a few kernels ago, might of went up
[17:12] <SpamapS> patdk-wk: that seems a bit excessive.. ;)
[17:12] <patdk-wk> hard to tell with bgp using 400megs
[17:12] <SpamapS> nice
[17:13] <RoAkSoAx> kirkland: btw I still don';t have permission to submit a branch to lp:~powernap :(
[17:13] <RoAkSoAx> (or I'm not a member)
[17:14] <kirkland> RoAkSoAx: adding you now ...
[17:14] <RoAkSoAx> kirkland: awesome, thanks!! ;)
[17:15] <kirkland> RoAkSoAx: done
[17:15] <RoAkSoAx> kirkland: thank you!
[17:24] <SpamapS> kirkland: so, I have to think that one thing that will help with the upstreaming is if we start working directly on Cobbler's git repository rather than do everything in LP
[17:24] <kirkland> SpamapS: um, Daviey set up an auto import
[17:24] <kirkland> SpamapS: i guess i don't understand what you mean ...
[17:24] <kirkland> SpamapS: bzr branch lp:cobbler
[17:25] <SpamapS> kirkland: yeah.. I don't know how useful that will be for pushing changes back.
[17:25] <kirkland> SpamapS: that's the latest git within a few minutes
[17:25] <kirkland> SpamapS: in bzr format :-)
[17:25] <zul> SpamapS: bzr-git plugin
[17:25] <kirkland> SpamapS: note that i packaged it directly from a git snapshot
[17:25] <SpamapS> I'm saying, we're going to be off in our little lp+bzr bubble until we decide to drop a bunch of patches on them...
[17:25] <kirkland> SpamapS: and we'd probably continue that for the next few months while we're actively developing it
[17:26] <kirkland> SpamapS: right;  so i've been collecting those in debian/patches for now
[17:26] <kirkland> SpamapS: i think we trickle those over to them as they logically make sense
[17:26] <orion__> hello
[17:26] <kirkland> SpamapS: ie, once we have a batch that works well for us, and solve some particular problem(s)
[17:27] <kirkland> SpamapS: i mean, i agree we'll need to work straight from source repository for the next few weeks/months
[17:27] <kirkland> SpamapS: and we'll clearly need to make changes to the code
[17:27] <kirkland> SpamapS: and we'll clearly need to send those back upstream
[17:27] <kirkland> SpamapS: and we'll need to keep track of those changes
[17:28] <kirkland> SpamapS: do you think we can do this better than tracking them in debian/patches/* ?
[17:29] <SpamapS> kirkland: I suppose the exchange format of git is more or less patches, so it probably doesn't matter too much.
[17:29] <kirkland> SpamapS: right;  so we *could* hack them directly into a branch (be it bzr or git)
[17:29] <kirkland> SpamapS: which is what I did with eucalyptus for >1 year
[17:30] <kirkland> SpamapS: but as soon as Daviey took over eucalyptus from me, he moved all of our changes out of the branch and into a quilt set of debian/patches/* to make it easier for him to send upstream
[17:30] <SpamapS> kirkland: I'm just mindful of making sure we make it as pleasant and easy for cobbler to take our patches as possible.
[17:31] <kirkland> SpamapS: shall we ask cobbler-devel how they'd like to see the changes?
[17:31] <SpamapS> kirkland: I was thinking thats the next step actually.
[17:31] <kirkland> SpamapS: okay, i'm in #cobbler-devel talking to them now
[17:31] <SpamapS> I'd also be interested in hearing when their next release is coming.
[17:32] <kirkland> SpamapS: they had a request from a user back in June about supporting Ubuntu better
[17:32] <kirkland> SpamapS: https://fedorahosted.org/pipermail/cobbler/2010-June/005717.html
[17:32] <kirkland> SpamapS: and said that they'd love to, but would need someone to package/maintain it
[17:40] <SpamapS> kirkland: btw, remember our conversation about lsb-release?
[17:40] <kirkland> SpamapS: yes, my memory does in fact go back >1 day :-)
[17:40] <SpamapS> kirkland: /etc/lsb-release ... easier to parse that than wait on execing python to parse it. ;)
[17:40] <kirkland> SpamapS: heh, yeah, that's the file I was looking for!
[19:09] <ffr76> hi
[19:11] <Daviey> kirkland: the fixes i have aren't pushed anywhere as yet..
[19:12] <Daviey> it's a job for Monday, methinks. :)
[19:16] <kirkland> Daviey: okey
[20:14] <Slyboots> Hmm..
[20:14] <Slyboots> Does anyone know if something like "Adblock" exists in proxy form for Ubutnu?
[20:16] <h3sp4wn> Slyboots: prixoxy ?
[20:20] <Slyboots> Hmm
[20:24] <Slyboots> not sure; the thing that really hacks me off is those videso embedded in Flash videos
[20:24] <Slyboots> I dont give a feck about hotmail and "Glee!" Stop advertising them at me! lol
[20:37] <dschuett> anyone ever have a problem with ubuntu server recognizing when your isp changes your dynamic ip address?
[20:48] <kpettit> is there any good repositories or howto's for asterisk and ubuntu?  I'd love to get freepbx going but it seems to have issues.
[20:48] <kpettit> I'd like to find a repo that had a newer version of asterisk and maybe freepbx or 2600hz web interface.
[20:52] <tonyyarusso> dschuett: "recognizing" for what purpose?
[21:01] <Slyboots> Still cant find a good solution to addfiltering..
[21:01] <Slyboots> Most seem to use blacklists to just leave huge gaping blocks of "PAge cant be displayed" where the ads used to be :P
[21:03] <RoyK> Slyboots: using a proxy to do adblocking?
[21:04] <Slyboots> RoyK: Trying to; Rigth now Im using Adblock but moving to Chrome
[21:04] <Slyboots> Was was thinking why not get the linux server to do thsi for me.. Doesnt seem to be quite as simple as that though
[21:04] <RoyK> it should be quite easy
[21:05] <RoyK> add a redirect to a 1x1 pixel transparent image for what you block
[21:05] <Slyboots> .. how the heck do I do that lol
[21:05] <Slyboots> I just installed Squid and overwhelmed by the multi-thousant line config file
[21:06] <RoyK> Slyboots: most of it is comments/documentation
[21:07] <Slyboots> Idealy I want to block those freaking annoying "video" adds tehy place at teh start of flash videos
[21:07] <Slyboots> Like in YouTube; or that guy with the glasses
[21:07] <Slyboots> Christ are they annoying
[21:11] <Slyboots> So I should use something like.. SquidGuard?
[21:14] <Danawar2> (21:13:21) Danawar2: Hey guys how do i make selinux log all a users commands?
[21:17] <osmosis> is there anymore info on why qcow2 files fail with 10.04 LTS ?
[21:29] <genii-around> Danawar2: You could try something like make their default shell something like: script -a /var/log/theirlogifile -c /bin/bash                           or so
[21:32] <Danawar2> how would i go about doing that? :O
[21:32] <Messanger> world leaders setting you all up right now to get microchipped by RFID microchips with identity/healthcare/credit information into their new world order why they are folding the economy , their solution to the problem they are causing is the RFID microchip  http://www.scribd.com/doc/44997148/The-Mark-of-the-Beast    Romans 10:13 all who call upon the name of the Lord shall be saved.
[21:33] <h3sp4wn> Anyone know where I can get an upto date (or at least with working syncml) version of opensync for lucid
[21:34] <genii-around> Danawar2: The manpage for chsh (CHange SHell) might help you there. You'd still have to manually make the logfiles and have them owned by whatever user is supposed to be able to write there , etc
[21:36] <Doonz> anyone recommend a good vps host in the usa
[21:40] <osmosis> how do I setup qcow2: Make cache=writethrough default ?  Im suppose to "pass" it somehow?
[21:41] <h3sp4wn> Doonz: http://www.xenvz.co.uk/ (they are pretty good they have usa servers also) get xen not openvz
[21:55] <LinuxAdmin> hi guys, I'm getting troubles configuring vsftpd
[21:55] <LinuxAdmin> I can start it without ssl, but when I start it with ssl it doesn't run
[21:56] <h3sp4wn> Have you generated / installed a cert
[21:56] <LinuxAdmin> no
[21:56] <LinuxAdmin> I using /etc/ssl/certs/ssl-cert-snakeoil.pem
[21:56] <kim0> zul: I fixed https://bugs.launchpad.net/ubuntu/+source/ibmasm-utils/+bug/687977 .. are you the one to contact as well?
[21:57] <LinuxAdmin> shouldn't be enough?
[21:57] <h3sp4wn> Don't know I use sftp
[21:58] <h3sp4wn> I would just read the docs and try generating another key
[21:58] <LinuxAdmin> ok thanks anyway, anyone else can help?
[21:59] <LinuxAdmin> I'll try generate another key
[22:02] <DevoKun> LinuxAdmin: did you generate that SSL cert yourself?
[22:03] <Slyboots> Right; I've got Squid going with some adblocking rules
[22:03] <Slyboots> But it still makes where the ad *used* to be render and appear as a "Forbidden" which looks like shit
[22:03] <Slyboots> Anyone know any way to do some clever html rewriting to hide the ad totally
[22:04] <the_eye_> IBM eServer xSeries 346 reboots with 10.04 in random times, any idea why ?
[22:06] <DevoKun> LinuxAdmin: are you using the default Ubuntu vsftpd package and config file?
[22:07] <LinuxAdmin> DevoKun, yes
[22:09] <osmosis> this bug says the patch has been commited, but how can I tell when it is actually in the package from the repos?  https://bugs.launchpad.net/ubuntu/lucid/+source/libvirt/+bug/668042
[22:11] <DevoKun> LinuxAdmin: Does vsftpd start if you use the default certificate?: rsa_cert_file=/etc/ssl/private/vsftpd.pem
[22:12] <soren> zul: How close are you to fixing openvswitch
[22:12] <soren> ?
[22:12] <LinuxAdmin> DevoKun, if I start it with ssl enabled, I can't
[22:13] <LinuxAdmin> DevoKun, if I try to start it manually (/usr/sbin/vsftpd /etc/vsftpd.conf) I get this error: "500 OOPS: SSL: cannot load RSA private key"
[22:15] <zul> soren: it should be fied
[22:15] <the_eye_> IBM eServer xSeries 346 reboots with 10.04 in random times, any idea why ? On reboots log says overheat but server is in airconditioned reoom at 16 C
[22:15] <zul> fixed even
[22:16] <LinuxAdmin> DevoKun, I think I have to build a new private key, or define a private key with  rsa_private_key_file parameter
[22:16] <soren> zul: Since when?
[22:16] <soren> Like today?
[22:17] <zul> 3 days ago
[22:17] <soren> zul: It's not.
[22:17] <soren> openvswitch-datapath-dkms_1.1.0~pre2-5ubuntu6_all.deb (7.8 MiB)
[22:17] <zul> fuck...ill look at it when i get back
[22:17] <soren> I have patch that fixes that and at least one other problem.
[22:17] <soren> I just didn't want to step on your toes.
[22:18] <zul> soren: can you send me the patch and ill look at it this weekend
[22:18] <soren> ...or I could just upload it?
[22:18] <soren> It's not like I'd break it more :)
[22:18] <zul> that works too
[22:22] <soren> zul: Done.
[22:28] <genii-around> Interesting. sudo telinit 0   doesn't work. But sudo su      then telinit 0 .. does
[22:30] <guntbert> genii-around: generally use sudo -i instead of sudo su (not that it matters in *this* case :-))
[22:32] <genii-around> guntbert: I actually did try that first, which also did not work
[22:33] <guntbert> genii-around: starnge, what happened?
[22:33] <guntbert> *strange
[22:33] <genii-around> guntbert: Just returned back to prompt, etc
[22:34] <genii-around> guntbert: I'm running natty for a cctv box. I think init is choking on shutting zoneminder down ( or something with bttv driver or so)
[22:35] <guntbert> genii-around: ah, that might be the case, so its no use my trying it on a default maverick :-)
[22:36] <compufreak> Anyway to internally redirect requests like exmaple.org:80 to port 8080. It would only redirect a specific host name
[23:14] <penguin42> is anyone using iscsi targets and if so happen to know which ones are regarded as intended to be stable on ubuntu-server; iscsitarget seems to have stopped working on Natty and while I've filed a bug I wonder if the intention is to move to something else
[23:25] <h3sp4wn> penguin42: Is there anything else ? (I know of nics with built in iscsi but no other free software impliementation)
[23:26] <penguin42> h3sp4wn: Oh Ubuntu has a free iscsi client that works well, and a number of iscsi targets that work to varying degrees at varying time
[23:27] <h3sp4wn> penguin42: What as an not part of openiscsi ?
[23:27] <penguin42> h3sp4wn: Well there is openiscsi, iscsitarget and tgt at least
[23:30] <h3sp4wn> penguin42: interesting (I see the problem) are they all in main as well
[23:30] <h3sp4wn> (I have only used iscsi under and solaris so far)
[23:30] <penguin42> hmm good question, I'd have to check
[23:31] <h3sp4wn> *windows* and solaris
[23:31] <penguin42> h3sp4wn: I've had lucid and maverick setup with a little test pair of VMs, one iscsi booting off the other
[23:36] <nertil> hello friends im writing from ubuntu server 10.04
[23:36] <nertil> i think i have some problems with my hard disk hdd
[23:36] <nertil> how can i check it?
[23:36] <nertil> or clean it and fix it?
[23:36] <penguin42> nertil: What type of problems?
[23:37] <nertil> well when my ubuntu server says 2 hours or more
[23:37] <nertil> and i try to type command
[23:37] <nertil> dont take commands
[23:37] <nertil> i cant shutdown or restart  neither
[23:37] <nertil> just with force shutdown
[23:37] <nertil> right now its ok
[23:37] <penguin42> any errors on dmesg?
[23:37] <nertil> what is dmesg
[23:37] <nertil> ?
[23:38] <penguin42> dmesg prints out the current set of kernel messages (since bootish)
[23:38] <nertil> nope
[23:38] <penguin42> things like hard drive errors normally end up in there
[23:38] <nertil> well i didnt check it
[23:38] <nertil> because i control it oer remote
[23:38] <nertil> with putty
[23:38] <nertil> bcz i dont have monitor or keyboard for my server
[23:38] <penguin42> so run dmesg from putty
[23:39] <nertil> just that?
[23:39] <nertil> dmesg
[23:39] <penguin42> yep
[23:39] <nertil> any other idea how to scan my hardisk for errors
[23:39] <nertil> ?
[23:39] <penguin42> I'd use smartctl -a
[23:39] <nertil> thx
[23:40] <Yompa> Question: I know Windows got file name character restrictions, more than Linux, but what characters would make a Samba server reject a file copy from a Windows? I remember I have seen a rejection myself once, I had to rename the file on windows first.
[23:43] <h3sp4wn> Yompa: remember by default windows is not case sensitive
[23:45] <fluvvell> Yompa, windows allows ? in a filename, *nux has issues with ? as its a wildcard
[23:45] <fluvvell> IIRC, & is a problem too
[23:46] <penguin42> Unix is perfectly happy to have & and ? in filename
[23:46] <penguin42> as long as you are careful with the way you write the command
[23:46] <fluvvell> penguin42, yeah its using a shell to work with it that it gives grief
[23:47] <h3sp4wn> touch \&
[23:47] <penguin42> the / and NIL characters are the only things you can't have and things called . and ..
[23:51] <Fidelix> Hey guys. I'm in the need of a tool that list files and directories with sizes in KBs, MBs and GBs. I already tried various combinations of "du" with no success...
[23:52] <Yompa> h3sp4wn, fluvvell, thanks. Will experiment some and examine. I set up a samba for a friend and he ran into this day one. I'm sure it's not permissions since he managed to copy 1/2 of his files to it. I will have to visit him and examine the file names.
[23:53] <h3sp4wn> Yompa: There might be a way with mount options to make it better but you would need to be using a seperate partition for samba stuff
[23:53] <JanC> Fidelix: ls -lh
[23:54] <Fidelix> JanC, this only list files, not folder sizes.
[23:54] <h3sp4wn> try tree
[23:54] <JanC> it lists folder sizes too
[23:54] <h3sp4wn> read the manpage
[23:54] <JanC> of course not the combined size of files in the folder
[23:55] <Fidelix> h3sp4wn, all folders are 4k of size. I have some gbs of photos in these folders. How does it list folder sizes?
[23:55] <h3sp4wn> or find (tree will probably be easiest)
[23:56] <h3sp4wn> find directories and exec du -sh etc
[23:57] <Fidelix> Well, i used du -h * --summarize and all went fine. Thanks and good bye!