/srv/irclogs.ubuntu.com/2010/12/13/#ubuntu-server.txt

=== erichammond1 is now known as erichammond
eriksson25	How do I sett up a cron command, to run chmod -R 777 /path/	00:20
The_Tick	eriksson25: why do you need to do that continually?	00:30
eriksson25	have a folder that that my admin user creates folders in, and need to have 777 permissons on those folders to be able to change them with a other user over samba.	00:32
eriksson25	in the crontab, shuld the actual comand be, or shuld it link to a other .cron that contains the comand?	00:34
Cygnus_Rift	Hey guys, can anyone help me with a problem?	01:06
Cygnus_Rift	If theres anybody paying attention	01:06
Cygnus_Rift	Wow, the ubuntu channel is sprawling with people and yet nobody says a word on here	01:07
Patrickdk	cygnus, as per the rules of irc, only solve questions, not questions about questions	01:13
Patrickdk	but he is gone anyways	01:13
uvirtbot	New bug: #689472 in quagga (main) "package quagga 0.99.15-1ubuntu0.1 failed to install/upgrade: subprocess new pre-removal script returned error exit status 1" [Undecided,New] https://launchpad.net/bugs/689472	01:16
fluvvell	Patrickdk, they never seem to stick around long	01:58
stiv2k	wtf	02:08
patdk-lap	ya, 2min is defently not long enough on irc	02:09
stiv2k	I installed the ntp package and setup so my local network can sync off my ntp daemon but its not working	02:09
patdk-lap	exactly how did you setup?	02:09
stiv2k	trying to telnet on port 123 gives connection refused	02:09
patdk-lap	ntp doesn't use tcp, won't work :)	02:09
stiv2k	oops	02:09
stiv2k	yeah, forgot udp	02:09
patdk-lap	ntp.conf needs many changes also	02:10
stiv2k	i used this parameter in ntp.conf	02:10
stiv2k	restrict 192.168.1.0 mask 255.255.255.0 nomodify notrap	02:10
patdk-lap	that should work fine	02:10
stiv2k	and broadcast 192.168.1.255	02:10
patdk-lap	use ntpdate on another machine to check it	02:10
patdk-lap	forgot broadcast nothing really uses it at all	02:10
patdk-lap	windows machines?	02:10
stiv2k	i try and it says no suitable server found	02:10
stiv2k	12 Dec 21:06:35 ntpdate[8788]: no server suitable for synchronization found	02:10
patdk-lap	well, ntp has too be running for awhile, (5-15min atleast) before it stabilizes, and will serve time	02:11
patdk-lap	otherwise it will reject requests	02:11
stiv2k	oh	02:11
stiv2k	wow	02:11
twb	I didn't know that, thanks.	02:11
patdk-lap	unless it knows it has good time, it won't give out time :)	02:11
stiv2k	patdk-lap: just when you said that, it worked	02:11
patdk-lap	hehe	02:11
stiv2k	patdk-lap: can I have ntpd serve time to people outside my lan too?	02:12
stiv2k	or is that a bad idea	02:12
patdk-lap	yep	02:12
patdk-lap	I do it	02:12
stiv2k	what do I need to change for that	02:12
patdk-lap	ntp.patrickdk.com I think	02:12
patdk-lap	I chane the defaults to:	02:12
patdk-lap	restrict -4 default notrap nomodify nopeer	02:12
patdk-lap	restrict -6 default notrap nomodify nopeer	02:12
twb	Not NN.pool.ntp.org	02:13
twb	?	02:13
patdk-lap	twb, it's in pool also	02:13
patdk-lap	but using my own domain, I have my own servers setup to use it, besides just the pool	02:13
patdk-lap	my ntp servers are in the pool, but the clusters of servers behind and with them, just use mine	02:13
twb	My DHCP server tells DHCP clients to use my local NTP server, but AFAICT Ubuntu ignores them (except d-i).	02:13
stiv2k	patdk-lap: can you test if getting time from stiv2k.info works	02:13
patdk-lap	server 72.188.7.219, stratum 2, offset 0.039795, delay 0.06297	02:14
patdk-lap	12 Dec 21:14:22 ntpdate[6344]: adjust time server 72.188.7.219 offset 0.039795 sec	02:14
stiv2k	hmm so it already works then	02:14
patdk-lap	you have a firewall on that machine?	02:15
stiv2k	yes	02:15
stiv2k	i already had the port forwarded	02:15
stiv2k	from before	02:15
patdk-lap	if you put it in the ntp pool. be careful	02:15
patdk-lap	it will easily overflow conntrack	02:15
stiv2k	why	02:15
stiv2k	oh	02:15
stiv2k	i'll get thousands of requests?	02:15
patdk-lap	yep	02:15
stiv2k	even with a large pool?	02:15
patdk-lap	if you use some of the slower connection speeds, you won't often get a flood	02:16
patdk-lap	but I normally only use the highest speed setting	02:16
patdk-lap	actually, since that guy started redirecting all turkey dns traffic to a dummy server, it's been a lot better	02:17
stiv2k	what do you mean speed setting	02:17
patdk-lap	on the ntp pool website	02:17
stiv2k	another issue i'm having is that my cups keeps pausing the printer with a backend error after every print job	02:24
stiv2k	http://paste.neoturbine.net/98229	02:25
stiv2k	that is the cups error log	02:25
stiv2k	any ideas?	02:28
wtse	how to fix the following security vulnerablity	02:58
wtse	http://marc.info/?l=full-disclosure&m=129175358621826&w=2	02:59
wtse	about econet issue?	02:59
_Techie_	is there any way to install windows inside a ext partition?	03:03
=== Psi-Jack_ is now known as Psi-Jack
Psi-Jack	_Techie_: ##windows	03:05
Psi-Jack	There is a way, but only under virtualization where Windows itself thinks it's a primary partition, or rather, a full raw hard drive, but I'm sure that's not what you were thinking.	03:05
_Techie_	if it just emulated the HDD then im happy	03:06
_Techie_	i just dont want it to emulate the CPU and everything else	03:06
twb	AFAIK neither Windows' bootloader nor kernel contains drivers for ext, thus AT BEST you will only be able to store data (i.e. D:) on ext.	03:06
twb	I'm not aware of any virtualization technology that can present a virtual HDD to Windows without emulating an entire system.	03:07
twb	Obviously LXC/OpenVZ can approximate that for Linux clients, but that's because both host and guest share a kernel.	03:08
_Techie_	okay, is there any way to safely resize the ubuntu-server partition and install windows side by side without screwing up everything	03:08
twb	_Techie_: I don't know; I haven't used Windows for about ten years.	03:08
twb	_Techie_: normal procedure is to install Windows first, because Ubuntu understands Windows partitions, but not vice-versa.	03:09
_Techie_	yeah	03:09
_Techie_	i would have done that, but only recently has the idea of doing windows stuff on this machine arised	03:10
twb	I suspect you can simply shrink your ext partition, install windows, then boot a live medium and reinstall the bootloader.	03:10
_Techie_	i can do that, but i dont trust gparrted that much	03:10
=== squishy is now known as SquishyNotHere
=== Belgrano_29_H is now known as mterron
fluvvell	HELP~ one of my linux servers has been overcome with about 50 processes running a command called dtmss!	04:36
fluvvell	they are connecting from various random ip addresses, I can killall the processes, but I don't know where they came from!	04:37
fluvvell	they are running under the www-data user	04:39
The_Tick	ok, stop killing them all	04:43
The_Tick	the www-data user, what does it look like in /etc/passwd?	04:43
The_Tick	cat /etc/passwd \| grep -i www-data	04:43
The_Tick	and lsof \| grep dtmss	04:43
The_Tick	don't paste a huge thing from lsof in here, find a pastebot	04:43
The_Tick	fluvvell: all of this is pointed at you	04:44
fluvvell	The_Tick, Hi, ok just looking up www-data now	04:49
fluvvell	The_Tick, just one entry www-data:x:33:33:www-data:/var/www:/bin/sh	04:50
fluvvell	Wait, why should www-data have a shell?	04:50
The_Tick	set that to not have a shell	04:50
The_Tick	starting off	04:50
The_Tick	you're getting hacked	04:50
The_Tick	you need to figure out where that dtmss lives on the box	04:51
The_Tick	or	04:51
The_Tick	it's a torrenting app	04:51
fluvvell	a find command ?	04:51
twb	fluvvell: sounds like you're running a PHP app	04:51
The_Tick	find / -name 'dtmss'	04:51
The_Tick	twb: sounds like torrents to me	04:51
twb	The_Tick: yes, but the reason he got owned was he ran a PHP ap	04:52
fluvvell	twb, my web server has php	04:52
fluvvell	I have a locally written content manager in php	04:52
The_Tick	twb: hehe	04:53
The_Tick	fluvvell: you have a poorly written one most likely	04:53
fluvvell	The_Tick, twb, I have found the dtmss in /tmp	04:53
fluvvell	yeah,	04:53
The_Tick	fluvvell: don't rm it yet	04:53
The_Tick	investigate that fil	04:53
* fluvvell flogging my programmer		04:53
The_Tick	file	04:53
The_Tick	see who owns it	04:53
fluvvell	www-data	04:54
fluvvell	its binary	04:54
The_Tick	well there you go	04:54
The_Tick	ya, heh	04:54
The_Tick	anything else in /tmp?	04:54
The_Tick	see if www-data has a history of commands	04:54
fluvvell	barbut	04:54
The_Tick	if it were me	04:55
The_Tick	I'd reimage the box	04:55
fluvvell	uh, but they don't have a home directory?	04:55
The_Tick	and restore from backup	04:55
fluvvell	I think re-imaging might be a good idea	04:55
The_Tick	and then harden the box	04:55
The_Tick	then put it back on the net	04:56
The_Tick	in other words	04:56
fluvvell	Owch, re-writing the website under a new content manager??	04:56
twb	Reimaging the box won't help if he doesn't also fix the shitty code	04:56
fluvvell	twb, lol	04:56
The_Tick	fix your shitty code	04:56
The_Tick	why do you have a custom built local thing when there's 30 oss packages which are maintained normally?	04:56
fluvvell	but you're right. Its written by shitty@code.com. I'll just send him an email.	04:57
The_Tick	rewrite it in python ;)	04:57
twb	The_Tick: because the 30 oss packages are also full of security holes :P	04:57
fluvvell	The_Tick, I might have to get an off the shelf cms, got any recommendations?	04:58
The_Tick	twb: hehe	04:58
twb	cough wordpress cough phpbb	04:58
fluvvell	doh, asked the stupid question.	04:58
The_Tick	fluvvell: depends on what you need	04:58
fluvvell	Isn't w**dpress written in php twb ??? LOL	04:58
twb	fluvvell: yes, which is a contributing factor in its poor security history	04:58
fluvvell	twb, from what I've read, they've made a bit of progress in that area	04:59
twb	IME CMSs are designed for stupid people, by stupid people. I don't think I've seen one that I'd recommend, except maybe to an enemy.	04:59
The_Tick	fluvvell: what exactly do you need to do?	04:59
fluvvell	do either of you want a copy of the hackers code to look at?	04:59
The_Tick	don't say "cms"	04:59
The_Tick	nope	04:59
fluvvell	he he	04:59
twb	http://en.wikipedia.org/wiki/Functional_requirements	05:00
fluvvell	Just a clients website, it wasn't too complicated. I think I could implement it in wordpress.	05:00
The_Tick	no no	05:00
The_Tick	what does the website need?	05:00
fluvvell	before I answer, should I kill off the shells that my hacker still has open?	05:01
The_Tick	umm yes	05:01
The_Tick	rm the binary	05:01
The_Tick	then kill them all	05:01
The_Tick	change the shell	05:02
The_Tick	check for anything in /etc/rc*	05:02
The_Tick	for restarting their shittiness	05:02
twb	fluvvell: http://www.porcupine.org/forensics/	05:02
fluvvell	have heard about the coroners toolkit before	05:03
twb	I was mainly pointing to the textbook (first link)	05:03
fluvvell	Interesting	05:04
fluvvell	Well I've shut down the web server, but of course that puts their website offline :( So being 3 days from my summer holiday of 3 weeks, anybody got a quick suggestion that will keep my mental health intact?	05:06
The_Tick	reimage, restore from backup, lock down	05:06
* fluvvell kicks self, hunts for instant magic solution, fully aware it does not exist		05:06
fluvvell	yes, reimage	05:06
twb	Reinstall the machine, but leave the website turned off	05:06
fluvvell	only a nights work I guess	05:07
The_Tick	figure out how they got in	05:07
The_Tick	then force the user to fix it	05:07
The_Tick	before it goes online	05:07
The_Tick	use virtual machines	05:07
twb	The_Tick: since it was owned by www-data, it's a safe assumption is was something within the www-data group that was exposed	05:07
twb	Using a VM won't stop the abitrary-execution-with-user-privileges hole in his CMS	05:08
fluvvell	Users are all samba users, plus my programmer who has left to run kids camps, and only programs part time now.	05:08
The_Tick	twb: agreed	05:08
fluvvell	Yes, I'd say most definately it was a php vulnerability	05:08
The_Tick	twb: it'll make it easier to revert the vm since I have a feeling he'll run into this again	05:08
twb	The_Tick: true	05:08
fluvvell	I'd probably best get someone to convert the4 website to wordpress	05:12
The_Tick	fluvvell: again	05:12
The_Tick	what does the user actually need	05:12
The_Tick	you may not need a cms	05:12
fluvvell	The_Tick, okay, I see your point. They havn't done a lot of content update themselves.	05:13
fluvvell	The_Tick, checking it out, they have changed details here and there, contact names etc, added some text to their product line descriptions. It used to be about 5 pages with links etc, not much changed there.	05:19
fluvvell	nope, all the /etc/rc* directories look standard, and rc.local is untouched from standard	05:31
fluvvell	so twb, you'd be more keen on Django ? Being a python based content manager?	05:32
twb	Look, the bottom line is that anyone can write an insecure web app	05:36
fluvvell	twb, its true	05:37
twb	PHP targets newbies, and newbies make more mistakes	05:37
twb	So as a rule of thumb, I'd prefer python over php -- but that doesn't mean it won't be full of holes	05:37
twb	And hey, python is targeted at newbies, too	05:37
fluvvell	twb, yes	05:38
fluvvell	twb, The_Tick, many thanks for the help. I've got to go collecting for the food bank, but I'll schedule in a reimage on the server for tomorrow night. warm regards to you both.	05:39
twb	Whatever	05:39
The_Tick	shut the box down now	05:40
The_Tick	until you can work on it	05:40
twb	Hear hear	05:45
Frenk	Hey, for years I was a Windows-Admin now switching to Linux. I used Exchange behind a VPN. User can`t use IMAP and SMTP without VPN connection. Is it reasonable to do the same with my Ubuntu-Postfix-Cyrus installation?	08:01
Frenk	I have OpenVPN. If it is reasonable how do I configure Cyrus and Postfix to accept connections only from local networks.	08:03
twb	Frenk: don't run them on the bastion?	08:11
Frenk	twb, sorry but i dont know what you mean =/ my english isnt as good	08:13
twb	Frenk: the "bastion" is the host that sits between your network and other networks, and routes traffic between them	08:13
twb	If cyrus runs on any other host, and the bastion firewalls it, then it will inherently be inaccessible from other networks	08:14
Frenk	oh ok i got it	08:14
twb	http://de.wikipedia.org/wiki/Bastion_Host	08:15
Frenk	thx for german version hehe	08:16
Frenk	is my idea right? = i set up a bastion host for vpn, the cyrus is on another host and is blocking all connections except from the bastions ip	08:19
Frenk	because both hosts are servers pointed directly to the internet (root hosting)	08:19
twb	If both hosts are directly on the internet, you do not HAVE a network	08:20
twb	If it's just a VPS on the internet somewhere, you would put everything on one box, and configure the firewall to only allow connections to postfix/cyrus from the VPN's subnet.	08:22
Frenk	oh ok	08:22
twb	You could ALSO tell postfix and cyrus to only bind to that interface, but that requires you to use static IPs, and to bring up the network before starting postfix/cyrus.	08:23
twb	If the VPN is only there to control access to IMAP and SMTP, I would instead just use SSL.	08:23
twb	I'd also use dovecot instead of cyrus.	08:23
Frenk	I use imapS only. but i thought that double authentification (vpn + cyrus) is good	08:24
twb	I don't see why	08:24
Frenk	Because people will need keys to access the network and then their passwords to access the mailbox	08:25
Frenk	To prevent hacking of the mailboxes	08:25
Frenk	or is it useless?	08:25
twb	So you want it for multi-factor authentication?	08:26
twb	i.e. so you need both a key and a password?	08:26
Frenk	yes	08:26
Frenk	right	08:26
twb	I think you can do that with SSL, by configuring two-way SSL handshaking	08:26
Frenk	ok ill google it	08:26
Frenk	and why dovecot over cyrus?	08:26
twb	i.e. each client machine also has an SSL keypair and an SSL cert	08:26
Frenk	its all in all for 15 people so i think individual ssl key isnt a problem	08:27
twb	Mainly because dovecot seems to be more active, and (I think) it's Ubuntu's preferred implementation	08:28
twb	Yeah, cyrus is in universe, dovecot is in main.	08:29
twb	https://help.ubuntu.com/10.04/serverguide/C/dovecot-server.html	08:30
Frenk	Since i am new to *nix i use artica (postfix-cyrus-webinterface-amavid and many more features) for email with snort with snorby as ids	08:30
twb	Do not trust just any article you find	08:30
twb	In particular, check when it was written, and for which version of Ubuntu	08:31
Frenk	ok	08:31
twb	One of my coworkers keeps using really old articles and I have to hit him with a stick... :-/	08:31
Frenk	hehe	08:31
Frenk	aand artica is using cyrus as default - thats why im using cyrus =D	08:32
Frenk	okay ill search for ssl handshake, thx a lot!	08:32
=== doko_ is now known as doko
=== Psi-Jack_ is now known as Psi-Jack
udens	hi guys	10:08
udens	i have i question, how do i create such system if server is down, i give user a static styled html msg with temp down info	10:09
udens	i know its possible i just dont know how	10:10
_ruben	udens: you'll need to put a reverse proxy in front of that server which would give you that functionality	10:11
udens	so this reverse proxy would chek if site is down and then display static html?	10:12
_ruben	basically,l yes	10:12
udens	is it possible to show different html for different domain?	10:12
_ruben	most reverse proxies offer that as a feature, yes	10:12
udens	thanks _ruben	10:12
twb	Of course, then your reverse proxy would be a SPOF	10:12
udens	thanks guys im just new to this :)	10:13
udens	google didnt help this time	10:13
_ruben	twb: that probably isn't an issue, as without it, it already is an spof on its own ;)	10:13
_ruben	just add one more spof ;)	10:14
twb	two spofs is worse than one	10:14
_ruben	twb: true, but if one wouldn't matter, why would two ? ;)	10:15
twb	Bah	10:15
twb	Enough of your "logic"	10:15
_ruben	if one cares about spofs, the "backend" would be HA as well ;)	10:15
_ruben	heh	10:17
=== Fookin_Prawn is now known as fookin
=== fookin is now known as Fookin_Prawn
=== hackeron_ is now known as hackeron
=== Psi-Jack_ is now known as Psi-Jack
eagles0513875	hey guys i need some help with smtp. i have it setup to use startttls on my smtp server yet now its having problems sending out going emails :(	13:38
eagles0513875	any one able to help me	13:38
_ruben	eagles0513875: you'll need to be much more specific & elaborate .. good starting point would be to pastebin the config and relevant logs	13:43
eagles0513875	_ruben: what port does starttls use	13:44
eagles0513875	!postfix \| eagles0513875	13:46
ubottu	eagles0513875, please see my private message	13:46
eagles0513875	basically _ruben starttls isnt able to establish a connection to my server :(	13:48
eagles0513875	_ruben: this is the error message im getting as im trying to send this email	13:51
eagles0513875	Sending of message failed.	13:51
eagles0513875	An error occurred sending mail: Unable to establish a secure link with SMTP server eagleeyet.net using STARTTLS since it doesn't advertise that feature. Switch off STARTTLS for that server or contact your service provider.	13:51
patdk-wk	starttls isn't a what or an it	13:54
eagles0513875	thats odd	13:54
eagles0513875	O_o	13:54
ubax	Hi, I can use some advice as i'm setting up my first dedicated server and i'm not sure as to do i need to install a mail server like Postfix for PHP scripts to be able to send email using the mail() function or is there a better and more efficient method?	13:54
eagles0513875	patdk-wk: i think i have isolated this issue to thunder bird	13:54
patdk-wk	so you selected the, require encryption option, and didn't turn on encryption support on your server?	13:55
eagles0513875	its been working up until this afternoon patdk-wk	13:55
eagles0513875	what doesnt make sense	13:55
eagles0513875	is that i can send an outgoign email from squirrelmail but not thunderbird mail client	13:56
patdk-wk	well, when it installs, it installs a dummy certificate, did that dummy cert expire?	13:56
eagles0513875	fixed it	13:57
patdk-wk	hmm, dummy cert made for 10years here	13:57
eagles0513875	patdk-wk: O_o it might have but i think its a port issue	14:01
eagles0513875	patdk-wk: what file do i need to look at for the port smtp is using	14:01
patdk-wk	master.cf	14:03
patdk-wk	and maybe /etc/services	14:04
eagles0513875	patdk-wk: where exactly would it tell me what port im using	14:07
=== ubax is now known as uba
patdk-wk	netstat -atnp	14:08
eagles0513875	tcp 0 0 0.0.0.0:25 0.0.0.0:* LISTEN <-- that good like that	14:09
eagles0513875	instead of that smiley its supposed to be :*	14:09
eagles0513875	: *	14:09
patdk-wk	heh? what smiley?	14:09
patdk-wk	you need a proper irc client	14:09
eagles0513875	im using kvirc	14:10
eagles0513875	does that look right to u though	14:10
patdk-wk	it's ok, but you shouldn't be using that for thunderbird or stuff	14:11
eagles0513875	im not	14:11
eagles0513875	im accessing my mail server with it as my client	14:11
patdk-wk	heh	14:12
patdk-wk	you should never talk to a mail server using port 25 :)	14:12
patdk-wk	it's unreliable	14:12
eagles0513875	O_o	14:13
eagles0513875	what other port can i use starttls with	14:13
patdk-wk	587?	14:13
eagles0513875	firefox is defaulting to 587 should i use that instead	14:13
eagles0513875	thunderbird i mean	14:14
eagles0513875	patdk-wk: when it searches for the settings automatically it keeps setting the port to 587 for out going	14:14
eagles0513875	for some reason	14:14
eagles0513875	patdk-wk: i really need to get this back up :(	14:16
mterron	Hi, any ubuntu server dev here?	14:24
eagles0513875	:(	14:29
eagles0513875	:(	14:39
eagles0513875	patdk-wk: what i find odd is i can use squirrelmail to send emails just fine	14:42
soren	Is squirrelmail running on mail server?	14:42
Jeeves_	15:12 < patdk-wk> you should never talk to a mail server using port 25 :)	14:42
Jeeves_	Uh? :)	14:42
patdk-wk	jeeves, way too many isp's, hotels, wifi hotspots, ... blocking or redirecting it	14:43
patdk-wk	port 587 was always made for user access	14:44
soren	Jeeves_: I think what patdk-wk is trying to say is that if you can, you should provide yourself with port other than 25 where you can connect to your smtp server, as port 25 is often blocked by ISP's.	14:44
soren	It was simply rather poorly phrased.	14:44
patdk-wk	I love how the iphone uses port 25 by default, and at&t blocks it in most places	14:44
soren	You're supposed to use AT&T's SMTP server, aren't you?	14:45
Jeeves_	soren: Indeed, you are.	14:45
eagles0513875	interesting how can i reconfigure postfix to use 587 instead patdk-wk	14:46
Jeeves_	patdk-wk: 587 never made it for normal use	14:46
patdk-wk	oh ya, like at&t's smtp server is safe for sfp or dkim	14:46
patdk-wk	eagles0513875, postfix uses port 587 by default :)	14:46
soren	Did I say it was?	14:46
Jeeves_	as if spf or dkim help :)	14:46
* soren scrolls up		14:46
soren	Nope.	14:46
eagles0513875	O_O patdk-lap then what is port 25 used for	14:46
patdk-wk	server to server	14:46
Jeeves_	patdk-wk: Stop talking nonsense	14:46
Jeeves_	You're talking RFC's, not use.	14:47
Jeeves_	port 25 is used for delivering email from server to server, as well as from client to server.	14:47
patdk-wk	heh? it's been that way on my servers for >10years	14:47
patdk-wk	no user can use port 25	14:47
eagles0513875	Jeeves_: well im having an issue though	14:47
Jeeves_	patdk-wk: Than you're quite special :)	14:47
patdk-wk	I don't allow use logins to port 25 and reject relay	14:47
eagles0513875	its probably a thunderbird bug	14:47
patdk-wk	user	14:47
eagles0513875	thing is with squirrelmail things work fine with port 25	14:48
soren	That's just silly.	14:48
patdk-wk	squirrelmail is on the postfix box though isn't it? and thunderbird isn't?	14:49
eagles0513875	patdk-wk: ya thats right	14:49
eagles0513875	thign is im on the same network as the postfix box	14:49
patdk-wk	ya, so completely unrelated	14:49
Jeeves_	eagles0513875: If i see the message above, thunderbird is not going to use tls because the server isn't saying it supports is	14:49
eagles0513875	same subnet and everything	14:49
eagles0513875	Jeeves_: ?	14:49
eagles0513875	Jeeves_: whats funny is it was working just fine earlier this afternoon	14:49
eagles0513875	let me try again on my mac	14:49
Jeeves_	14:51 < eagles0513875> An error occurred sending mail: Unable to establish a secure link with SMTP server eagleeyet.net using STARTTLS since it doesn't advertise that feature. Switch off STARTTLS for that server or contact your service provider.	14:49
Jeeves_	That's where you client is connecting to port 25 (or 587 for that matter) and checking if postfix responds to EHLO with STARTTLS	14:50
Jeeves_	It seems like postfix isn't doing that	14:50
Jeeves_	so try and pastebin this:	14:51
eagles0513875	Jeeves_: mac laptop is working fine :(	14:51
Jeeves_	open a terminal	14:51
eagles0513875	bah i swear this desktop is starting to frustrate me	14:51
eagles0513875	let me test one other thing	14:51
Jeeves_	type 'telnet <ip of your server> 25'	14:51
Jeeves_	type EHLO .	14:51
Jeeves_	type quit	14:51
Jeeves_	and pastebin the output	14:52
eagles0513875	Jeeves_: i have isolated the problem to this pc	14:52
Jeeves_	eagles0513875: Ok, nevermind than. Have fun	14:52
eagles0513875	Jeeves_: ha thats what i get for trying to run windows lol	14:53
eagles0513875	i thought it was a problem with the email server at first	14:53
patdk-wk	anti-virus doing a smtp redirect? killing ssl support :)	14:54
eagles0513875	patdk-wk: nope	14:54
mterron	Hi everyone, I'd like to report a problem with either ubuntu-server 10.04 installer or documentation regarding option "Minimal virtual system".	14:54
mterron	someone from the dev team is around?	14:55
eagles0513875	mterron: just post your problem and someone will answer if they know the answer	14:58
mterron	I know eagles051387, I've already fixed it, but i'd like to report it to someone on the dev team	14:59
eagles0513875	mterron: report any bugs on http://launchpad.net	15:02
mterron	ok, thanks a lot eagles0513875	15:02
eagles0513875	no problemo m8 :)	15:03
=== SquishyNotHere is now known as squishy
hallyn_	soren: looking at lp:vmbuilder - do i understand right that you just take the bzr tree, drop in the debian/ dir, and call that the package? Or is there some other process to it?	15:21
soren	hallyn_: Honestly, I don't remember. There may be a packaging branch somewhere.	15:23
soren	hallyn_: Let me look real quick.	15:23
hallyn_	soren: I do see lp:ubuntu/natty/vm-builder as well	15:25
soren	hallyn_: That happens automatically.	15:28
soren	hallyn_: All packages have that.	15:28
hallyn_	i see	15:28
soren	Except the few that fail to get imported, but generally they are there for all packages.	15:28
soren	hallyn_: mvo has been working a bit on vmbuilder recently.	15:28
soren	hallyn_: He also did an upload. You could ask him?	15:28
hallyn_	soren: will do, thanks	15:29
soren	Sure.	15:29
toast018	Hello all	15:33
toast018	What happens when u create a new key if one is already in place? Will it replace the current key?	15:34
toast018	Anyone? Lol...	15:37
uvirtbot	New bug: #689715 in dhcp3 (universe) "package dhcp3-server 3.1.3-2ubuntu3 failed to install/upgrade:" [Undecided,New] https://launchpad.net/bugs/689715	15:47
toast018	:(	15:48
toast018	Goooood morning all	15:57
hggdh	Daviey: ping	16:04
=== Mr_mist is now known as mrmist
zul	SpamapS: ping lemme know when you are around	16:22
=== Mr_mist is now known as mrmist
SpamapS	zul: pingalingadingdong	16:26
zul	SpamapS: i started to look at the cobbler packaging stuff where is your cobbler packaging branch so I dont duplicate effort	16:26
SpamapS	zul: all of our branches are linked to https://blueprints.launchpad.net/ubuntu/+spec/cloud-server-n-install-service	16:31
SpamapS	https://code.launchpad.net/~clint-fewbar/+junk/cobbler-packaging-enhancements	16:31
SpamapS	there's mine	16:31
zul	SpamapS: whoops yeah	16:31
SpamapS	actually I think I need to push some to that	16:31
toast018	What could cause a mail server to flood my network... I have to restart it in order to regain internet...	16:47
cdubya	Any recommendations on a CRM/ERP that would support trouble ticketing and possibly something like accounting/fixed asset management (or know of anything close)....?	16:51
zul	request tracker	16:51
toast018	Cdubya try spicworks 5.0 it has an awesome helpdesk for tickets and inventory and purchases	16:54
=== squishy is now known as SquishyNotHere
Frenk	Hey, I have torubles with Postix =( mail postfix/smtp[9438]: fatal: specify a password table via the `smtp_sasl_password_maps' configuration parameter but I have smtp_sasl_password_maps = hash:/etc/postfix/smtp_sasl_password in my conf	16:58
chandru_in	Does anyone here use pen for load balancing between servers in production? I'd like to know your experiences with it.	16:59
uvirtbot	New bug: #689747 in clamav (main) "package clamav-base 0.96.3+dfsg-2ubuntu1.0.10.04.2 failed to install/upgrade: Unterprozess installiertes post-installation-Skript gab den Fehlerwert 1 zurück" [Undecided,New] https://launchpad.net/bugs/689747	17:07
Daviey	hggdh: o/	17:10
hggdh	Daviey: do we still need a test on the Maverick for Euca?	17:10
toast018	Can anyone help with an issue with my mail server? I have to keep restarting because the internet keeps going down...	17:12
axisys	i have sun fire x4150.. before I install ubuntu i like to find out if it will recognize all the devices.. can alternate iso do that without installing ? in otherwords can I use alternate iso as live cd ?	17:12
toast018	And inorder to get internet connection I have to rebooot	17:13
toast018	As soon as the server is down my internet connection returns...	17:13
axisys	i am planning to install ubuntu 10.04.1 LTS	17:14
coxn	I'd like to install VMs directly to an LVM logical volume, but I see this: https://help.ubuntu.com/community/KVM/CreateGuests#Install%20on%20a%20raw%20block%20device	17:17
coxn	I'm hoping there's a way that doesn't involve doing a dumpxml, sed, etc.	17:18
coxn	maybe somebody has already written a script to migrate VMs from a file to an LV?	17:18
Daviey	hggdh: Ideally.... i have some i386 packages here if that is suitable?	17:18
hggdh	Daviey: suitable... IDK ;-) but yes, I will run them	17:19
Frenk	Hey, I have torubles with Postix =( mail postfix/smtp[9438]: fatal: specify a password table via the `smtp_sasl_password_maps' configuration parameter but I have smtp_sasl_password_maps = hash:/etc/postfix/smtp_sasl_password in my conf	17:20
Daviey	hggdh: hold fire...	17:26
hggdh	Daviey: weapons safe	17:26
* SpamapS chooses now to ATTACK		17:27
=== Psi-Jack_ is now known as Psi-Jack
coxn	what do others use to install VMs such that their disk is a logical volume?	17:33
patdk-wk	coxn, for that I used to use debootstrap	17:36
patdk-wk	still do for xen	17:36
patdk-wk	but not so useful for building vmware, I just use the iso	17:36
Daviey	hggdh: Just trying to get packages built elsewhere...	17:37
Daviey	waiting on another team for them.	17:37
coxn	patdk-wk: xen. noted. Thanks. :)	17:37
hggdh	Daviey: no prob	17:37
coxn	anybody doing something with kvm?	17:37
patdk-wk	hmm, debootstrap does kvm also, I'm pretty sure :)	17:38
=== marrusl is now known as marrusl_afk
hggdh	zul: bug 684304 has been updated with the lcpci, boot log, and lsmod.	18:00
uvirtbot	Launchpad bug 684304 in linux "cciss module does not identify resources" [High,New] https://launchpad.net/bugs/684304	18:00
zul	hggdh: cool...thanks i saw :)	18:00
zul	kirkland: i been doing some cobbler packaging my work is at lp:~zulcss/+junk/cobbler	18:06
=== gnoob is now known as lapsusbrutus
=== marrusl is now known as marrusl_afk
uvirtbot	New bug: #689783 in bind9 (main) "package bind9 1:9.7.1.dfsg.P2-2ubuntu0.1 failed to install/upgrade: ErrorMessage: el subproceso script post-installation instalado devolvió el código de salida de error 1" [Undecided,New] https://launchpad.net/bugs/689783	18:12
kirkland	zul: oh cool	18:26
kirkland	zul: let's get your work and SpamapS' work merged ...	18:26
zul	kirkland: sure im still working on some things though	18:26
kirkland	zul: cool, on the front end, or the actual deployment?	18:28
zul	kirkland: packaging for now	18:28
kirkland	zul: ah	18:29
kirkland	zul: oh, cool, you have SpamapS changes in there already	18:30
zul	kirkland: yep	18:30
kirkland	zul: could you push to lp:~ubuntu-virt/+junk/cobbler ?	18:30
kirkland	zul: so that we're all basically working off of the same branch?	18:31
zul	right	18:31
Juanito2	Hi, i need redirect 2 IP's public to private	19:02
Juanito2	iptables -t nat -A PREROUTING -p tcp -i eth2 -d IP_Public --dport 3389 -j DNAT --to-destination IP_Private ... is correct this?	19:02
ZacLnxNewb	hi	19:08
ZacLnxNewb	for some reason I can't connect to deluge...	19:09
ZacLnxNewb	you know? Nevermind, I'll just uninstall and reinstall	19:09
genii-around	Is there some known issue which would cause disk designations to keep rotating every boot? eg: boot1- sda=80G, sdb=160G#1,sdc=160G#2 then boot2- sda=160G#2,sdb=80G,sdc=160G#1 boot3- sda=160G#1,sdb=160G#2,sdc=80G ..and so on	19:15
genii-around	( because this makes the raid1 of the 160G drives to be screwed 2 out of 3 boots for me, etc)	19:18
axisys	should I use the Adaptec SAS Host Bus Adapter on X4150 or just use the disk and create software raid ?	19:32
eriksson25	Need help. Have a lvm spanning over two Raids. I just extanded one of the raids with two more disk and the array grew. But how do I expand the lvm to use this space.	19:34
ZacLnxNewb	Need help: Deluge is being a bitch	19:36
papertigers	eriksson25: I think this explains it http://www.randombugs.com/linux/howto-extend-lvm-partition-online.html	19:37
eriksson25	Thx, also found it on https://raid.wiki.kernel.org/index.php/Growing	19:38
hggdh	JamesPage: I have a LTP-lite running under KVM on Hudson	19:42
Frenk	Hey, I have a question. I have a mail server and many (10 people) are using it from different countries	19:43
Frenk	and one person in Monaco always gets Client host rejected: Access denied	19:43
Frenk	I searched everywhere, added the ip to all whitelists i could think off	19:44
Frenk	but no success	19:44
Frenk	Any ideas anyone? Russia, Germany, Hungary are fine - Monaco = Troubles	19:46
pmatulis	Frenk: maybe pastebin the exact error message	19:46
Frenk	An error occurred sending mail: The mail server sent an incorrect greeting: 5.7.1 <87.91.209.88.dynamic.monaco.mc[88.209.91.87]>: Client host rejected: Access denied.	19:53
Frenk	I tested it with portable version of thunderbird - outlook shows same error	19:53
* genii-around ponders EHLO vs HELO signalling		19:55
Frenk	postfix says: mail postfix/smtpd[19149]: NOQUEUE: reject: CONNECT from 87.91.209.88.dynamic.monaco.mc[88.209.91.87]: 554 5.7.1 <87.91.209.88.dynamic.monaco.mc[88.209.91.87]>: Client host rejected: Access denied; proto=SMTP	19:55
axisys	is this valid? GRUB_TERMINAL="--timeout=5 serial console"	19:56
Frenk	axisys - do you ask me? sorry my english is pretty bad	19:58
axisys	Frenk: to all really.. but i will anyone's answer..	19:59
Frenk	pmatulis any idea?	20:04
Frenk	or anyone else ... damn i just do not get it	20:05
pmatulis	Frenk: the client hostname is no good	20:05
Frenk	why is the hostname no good? and how do i disable hostname check?	20:05
pmatulis	Frenk: it should be 'CONNECT from some_name[some_ip]'	20:05
pmatulis	Frenk: there's an ip address in the name and postfix doesn't like it	20:06
uvirtbot	New bug: #595877 in mysql-dfsg-5.1 (main) "impossible to use Ports on mySQL - Upstart/Config Problem" [Undecided,Incomplete] https://launchpad.net/bugs/595877	20:06
Frenk	Pmatulis: okay, I got the problem. But how can I fix it? I cant change the clients hostname. But what can I do about it on the server?	20:07
pmatulis	Frenk: in main.cf tell postfix to be more lenient	20:09
Frenk	Pmatulis: since i am new to postfix and unix in general, can you tell me how to manage that?	20:10
pmatulis	Frenk: maybe pastebin (really pastebin this time, do not paste in this channel) the output to 'postconf -n'	20:11
coxn	hurm. Anyone in here use ubuntu-vm-builder regularly? https://gist.github.com/739529	20:16
Frenk	http://pastebin.com/pX83LRtB	20:16
Frenk	Pmatulis: thats the output: http://pastebin.com/pX83LRtB of postconf -n	20:20
pmatulis	Frenk: pastebin the contents of file /etc/postfix/postfix_allowed_connections	20:20
=== AndyGraybeal_ is now known as andygraybeal
Frenk	Pmatulis: http://pastebin.com/Tp881HGu	20:22
=== andygraybeal is now known as AndyGraybeal
Frenk	but he has a dynamic ip - so i need a solution which works for dynamic ips =/	20:23
genii-around	Hm. Whitespace starts second line of that paste	20:23
Frenk	already changed it	20:25
Frenk	but any other suggestions?	20:27
hackeron	hey, is there anyway to get apt-get to just dump the list of URLs it wants to download, so I can download them on a faster connection on a different server, then copy across?	20:28
pmatulis	Frenk: did you set up postfix like this?	20:31
Frenk	yes	20:31
Frenk	this is my postfix config	20:31
Frenk	pmatulis: is working with everyone - but not with monaco and bad hosts	20:32
Frenk	pmatulis: or is this config that bad?	20:32
hackeron	ahh --print-uris :)	20:35
pmatulis	Frenk: did you update the map since editing that file?	20:37
Frenk	Pmatulis: you mean postmap /etc/postfix/virtual?	20:38
pmatulis	Frenk: no	20:39
pmatulis	Frenk: 'postmap /etc/postfix/access'	20:39
pmatulis	Frenk: sorry	20:39
pmatulis	Frenk: 'postmap /etc/postfix/postfix_allowed_connections'	20:39
Frenk	just did	20:40
Frenk	pmatulis: no effect	20:40
pmatulis	Frenk: how are you testing the monaco address so quickly? is that where you are?	20:40
Frenk	teamviewer	20:41
pmatulis	Frenk: fair enough	20:41
Frenk	sending the message and waiting for error	20:41
pmatulis	Frenk: maybe try a complete restart, not just reloading	20:41
Frenk	restart of the server?	20:41
pmatulis	Frenk: no, of postfix	20:42
pmatulis	Frenk: 'sudo service postfix restart'?	20:42
Frenk	pmatulis: nothing	20:44
pmatulis	Frenk: is the postfix server the final destination of the email?	20:45
Frenk	yes	20:45
Frenk	its a server with postfix and cyrus	20:45
Frenk	pmatulis: and the only client this server is rejecting is the monaco client	20:46
kirkland	SpamapS: yo	20:46
kirkland	SpamapS: are you around today?	20:46
pmatulis	Frenk: you have 'my_domain'=$myhostname	20:47
Frenk	where can i check that?	20:47
SpamapS	kirkland: yeah wassup?	20:48
* SpamapS has buried himself in Upstart stuff today		20:48
pmatulis	Frenk: your destination email is blah@bp-legal.com ?	20:49
Frenk	yes	20:49
kirkland	SpamapS: two things ... i added you to ~ubuntu-virt	20:49
pmatulis	Frenk: so edit main.cf so that mydomain=bp-legal.com	20:49
kirkland	SpamapS: and i pushed your my changes + yours + zul's + mine to lp:~ubuntu-virt/cobbler/ubuntu	20:49
SpamapS	kirkland: can never have enough team badges on LP ;)	20:49
kirkland	SpamapS: and sent a build to ~ubuntu-virt ppa	20:49
SpamapS	kirkland: cool	20:49
kirkland	SpamapS: hopefully you + me + zul can get cobbler installing and deploying natty this week (?)	20:50
pmatulis	Frenk: this is not why the check_client_access is not working but it's probably why the client is being rejected by the reject_unknown_sender_domain restriction	20:50
pmatulis	Frenk: (you can also remove that restriction to test)	20:50
zul	kirkland: it still needs a lot of work	20:51
kirkland	zul: no doubt	20:51
SpamapS	kirkland: yeah we need to divide up the work a bit	20:51
kirkland	SpamapS: yeah; will you be working on it this week?	20:51
kirkland	zul: what about you?	20:51
zul	kirkland: off and on	20:52
SpamapS	kirkland: indeed, I was hoping we could chat about what needs to get done tomorrow post-meeting	20:52
kirkland	SpamapS: k	20:52
Frenk	pmatulis: deleted that rule - restarted postfix -	20:56
Frenk	no	20:56
Frenk	doenst work =(	20:57
Frenk	but i didnt change domain name yet	20:57
Balli	Hi I am running JeOS. How do I find if DMA is enabled or not in jeos?	20:57
Balli	I used hdparm command, but no such command exists in jeos	20:59
pmatulis	Balli: install away	21:02
CyVan	Greetings. I have a Dell R310 server, Quad Core , 4GB of memory BUT the PERC H200A RAID controller. An application we need ONLY runs on UBUNTU 9.10 but that version is not recognising the RAID card :( 10.04 LTS sees it fine but not 9.10. I've checked the dell site. I see drivers for redhat and suse but not Ubuntu? Are they compatible? any other ways to get 9.10 to see the raid card?	21:03
Balli	pmatulis: Yes I was dumb, I installed it and its working. Thanks!!!	21:04
Noobster	hi all	21:04
CyVan	is there a way to copy the 10.04 LTS drivers to be used by 9.10?	21:05
Noobster	is there anyone here that can help me? I am trying to get the backport ver of bind9 installed but can not fig it out	21:05
Noobster	I need bind9.7.2	21:05
guntbert	Noobster: this channel is much quieter, so pose your question and prepare for patience please	21:05
Noobster	ok thanx	21:05
Frenk	pmatulis: doenst work =(	21:05
Noobster	:)	21:05
guntbert	Noobster: on what ubuntu version are you? (I was not aware that there are backports already for 10.10)	21:08
Noobster	10.04	21:08
Noobster	x64	21:09
guntbert	Noobster: have a look at https://launchpad.net/~hauke/+archive/bind9?field.series_filter=lucid	21:13
guntbert	Noobster: but be warned: ppa are not "official"	21:14
zul	SpamapS: im double booked for the meeting tomorrow and i think it is my turn to run the meeting can you run the meeting for me?	21:15
david506	I installed ifenslave, the document in /usr/share/doc/ifenslave-2.6 is different from the examples, and I don't know how to setup ethernet bonding. Right now it's load balancing between the two connections, I want it to keep the second connection has a hot spare. Using ubuntu 10.04	21:16
pmatulis	Frenk: remove 'check_client_access hash:/etc/postfix/postfix_allowed_connections,'	21:16
zul	or it might be smosers turn	21:17
zul	SpamapS: nm	21:18
david506	http://pastebin.com/L0qN42cs	21:18
Frenk	pmatulis: deleted that entry - restarted postfix	21:19
Frenk	and nothing	21:19
Frenk	argh =((((((((	21:20
patdk-wk	david506: http://pastebin.com/23g3tjCL	21:21
pmatulis	Frenk: pastebin 'postconf -n' again	21:21
genii-around	CyVan: That controller apparently uses the driver called mpt2sas , which http://packages.ubuntu.com/search?searchon=contents&keywords=mpt2sas&mode=filename&suite=karmic&arch=any shows is available in the kernel images of 9.10 . You may need to build it into your initramfs	21:23
Frenk	http://pastebin.com/hsHafxqa	21:23
Frenk	pmatulis: http://pastebin.com/hsHafxqa heres the update. i havent changed mydomain	21:23
david506	That's almost good, but I believe it is missing two lines, I am posting to pastebin.com now	21:24
CyVan	genii-around: Thanks! Are there any instructions on how to do that?	21:24
pmatulis	Frenk: please change domain, restart postfix, and pastebin	21:24
CyVan	genii-around: doing a google search now	21:24
david506	This seems to work for me, thanks patdk-wk for the corrections : http://pastebin.com/41h7ia5D	21:25
genii-around	CyVan: Basically, edit the file: /etc/initramfs-tools/modules adding the module name then do: sudo update-initramfs -u	21:25
david506	I added auto eth3, iface eth3 inet manual, this prevents "Ignoring unknown interface eth3=eth3"	21:25
patdk-wk	david, heh? I don't have eth2/eth3 at all in my config	21:25
patdk-wk	I don't see the slaves line, you removed it?	21:26
patdk-wk	where do you see, ignoring unknown interface, I don't get that	21:26
eriksson25	How do I calculate how many blocks (lvm) 16TB is?	21:27
Noobster	guntbert, that got 9.7.2p3 installed easy!! you saved me hours of work doing it by source!! Thank You	21:28
guntbert	Noobster: glad it worked - have fun :-)	21:28
CyVan	genii-around: ahh but that sounds like u would have to have it installed on the box already. It refuses to install and the box has no other HD's. Can this be done on another box to prepare a new install CD?	21:31
pmatulis	eriksson25: block size is a filesystem parameter	21:32
axisys	will this create a raid10 of 6 disks ?	21:32
axisys	mdadm --create /dev/md10 --level=10 --raid-devices=6 /dev/sdc /dev/sdd /dev/sde /dev/sdf /dev/sdg /dev/sdh	21:32
Balli	Hi could some one please, let me know when exactly a DMA write happens.	21:33
Balli	I found my hardisk is dma enabled	21:33
highvoltage	Balli: dma is enabled by default if your disk supports it	21:34
Balli	I believe when I download a package using apt-get, DMA write should happen. Am I correct?	21:34
patdk-wk	balli heh, not really	21:34
genii-around	CyVan: Conceivably with remastersys or so, although i have not done this in a long time, myself	21:35
patdk-wk	when ever you read or write ANYTHING to the drive, DMA will happen	21:35
Balli	highvoltage: Yes its enabled. I just checked it since I use a virtual hardisk	21:35
eriksson25	pmatulis: I added 4TB to my 14TB lvm. And then ofc I couldent extand the file system since resize2fs dont suport >16TB system. I havent extended my ext4 but want to do it to 16TB manualy setting the perimiter. But dont know how to find the right one.	21:35
echoprinter	Anyone know if this would be a good way to get the python-profiler on my Ubuntu 10.04 server? http://www.peterbe.com/plog/upgrading-ubuntu-lucid-lynx-downgrading-python2.4-python2.5	21:35
Balli	patdk-wk: oh could you please gimme a test case where DMA write would take place	21:36
patdk-wk	balli, turning on your computer? syslog logging anything, EVERYTHING to the harddrive uses dma	21:36
patdk-wk	why doesn dma matter so much to you?	21:36
Balli	Patdk-wk - I am debugging a qemu code running jeos for my work	21:37
patdk-wk	well, as your doing a virtual disk, and a virtual machine, nothing about it is going be real dma	21:38
patdk-wk	so who knows :)	21:38
patdk-wk	probably the qemu people	21:38
Balli	patdk-wk: Yes when I turn on the computer DMA write takes place.	21:38
Balli	patdk-wk: But the function which writes to the memory is invoked only once, I xpected it to be called many times.	21:39
patdk-wk	heh?	21:39
patdk-wk	what function that writes to what memory?	21:39
patdk-wk	the memory location will change, every time	21:39
Balli	patdk-wk: Its a c function is qemu code named 'cpu_physical_memory_rw'.	21:40
patdk-wk	well, I dunno qemu, only dma	21:41
toast018	I am using wireshark to monitor my traffic to my mail server and I noticed there is a nearly constant DNS quesry to our DNS server asking for ircserver.jmchd.com	21:41
Balli	patdk-wk: Ya I wanted to know only about dma not qemu. I will figure out what qemu does :)	21:41
toast018	it comes back no such name but then the mail server asks again...	21:42
Balli	patdk-wk: Could you please enlighten me why a network packet doesnt use DMA write?	21:42
david506	The doc was wrong, so I am opening a ticket priority minor	21:42
patdk-wk	balli, too slow :)	21:42
Balli	small packets?	21:43
patdk-wk	well, interrupts tend to slow down network interfaces, so generally it's switched to polling mode	21:44
pmatulis	eriksson25: ouch, sorry to hear about not being able to resize to the maximum	21:44
patdk-wk	I think the network card also has it's memory mapped right into memory space, so it can be accessed directly, no dma needed to copy stuff over	21:44
Balli	when memory is mapped, I think dma would take place internally.	21:45
patdk-wk	why?	21:45
patdk-wk	the cpu can physically see the memory on the card	21:46
patdk-wk	dma is the other way around, having the card directly see the memory in the computer	21:46
Balli	But cpu seeing the memory on card, happens because DMA writes a network card info into the physical memory	21:48
Balli	patdk-wk: One basic question.	21:49
Balli	DMA write means, a device writes its data into physical memory and DMA read is vice versa right?	21:50
Noobster	guntbert, I am having a homebrew to selabrate how awesome you are! I will make a tutorial when I have SAmba4 PDC for WIN7. You will find a thanx in there from me. http://www.bryanpopham.com/tutorials	21:52
Noobster	*celebrate	21:52
toast018	I am using wireshark to monitor my traffic to my mail server and I noticed there is a nearly constant DNS quesry to our DNS server asking for ircserver.jmchd.com	21:52
guntbert	Noobster: :-)	21:53
david506	patdk-wk, I removed the extra lines I added, rebooted and it works well.	21:53
patdk-wk	heh	21:53
patdk-wk	balli, no idea, I haven't done dma programming since the 90's	21:54
david506	I am opening a ticket now.	21:54
Balli	patdk-wk: Its okay :) Im jus starting now.	21:55
kirkland	SpamapS: hey	21:56
Balli	patdk-wk: One question related to a test case. Could you please give me an example of when a DMA write takes place, so I could debug my code.	21:56
kirkland	SpamapS: did you get auth working with cobbler?	21:57
kirkland	SpamapS: if so, what module did you use?	21:57
Balli	patdk-wk: I tried "cat <filename>" and I found that no DMA write takes place :(	21:57
kirkland	SpamapS: i'm trying: # authn_testing -- username/password is always testing/testing (debug)	21:57
kirkland	SpamapS: not work for me though	21:57
Balli	patdk-wk: No DMA write, because of small file size?	21:58
patdk-wk	ballie did you wait for linux kernel to actually write it?	21:58
toast018	is it normal for a mail server to join an IGMP group?	21:58
Balli	patdk-wk: Yes I have set a breakpoint to debug the kernel code using gdb	21:58
Balli	patdk-wk: I basically wanted to do some modifications to the content before a DMA write takes place	21:59
Balli	patdk-wk: But its wierd for me since DMA write happens only once during system bootup afterwards there is no DMA write at all.	22:00
toast018	Total newb here any help would be awesome... :)	22:04
toast018	my mail server is constantly asking my dns server where ircserver.jmchd.com is	22:05
toast018	its streaming across my screen in wireshark	22:05
patdk-wk	toast018, it's been hacked?	22:06
toast018	I dont know...	22:06
toast018	I have no idea how to find out.	22:06
patdk-wk	well, something on it is requesting it	22:06
patdk-wk	see if there is anything running that you don't know what it does	22:06
toast018	I have had to restart the server multiple times because it continually brings my internet connection down	22:07
patdk-wk	I guess if your using apache mod_* (php/perl/...) you can't really see what they are running though :(	22:07
CyVan	genii-around: Thanks.. I'll look at remastersys. So there's no chance that the redhat or suse drivers could work? hmm maybe no t.. might be diff kernel versions :(	22:07
toast018	apache will also give me an out of memory error every few days	22:07
patdk-wk	toast018, one of your websites was hacked	22:09
toast018	its a mail server only	22:09
patdk-wk	then why is apache running?	22:09
CyVan	genii-around: The thing is the 9.10 installer gave me a list of drivers to try and I saw mpt2sas but when I tried to load it it didn't work. Is it possible the ones that come with 9.10 aren't worknig properly but were fixed in 10.04? Is there a way to copy the 10.04 drivers instead?	22:09
toast018	only apache related item is the webmail	22:09
toast018	squirrelmail	22:09
patdk-wk	webmail == website == hacked :)	22:09
toast018	what are my options?	22:10
patdk-wk	I don't know, I know nothing about squirrelmail	22:10
patdk-wk	but I should shutdown apache	22:10
patdk-wk	and see if all goes back to normal :)	22:10
patdk-wk	if it does, they probably didn't get root, and just squieerelmail was hacked	22:11
patdk-wk	but not sure if I would count on that	22:11
toast018	whats the fastest way to change any passwords that would keep them out? or is there any?	22:12
patdk-wk	heh?	22:13
patdk-wk	they probably didn't use any passwords to get in	22:13
toast018	:(	22:13
patdk-wk	what version of squerrilmail?	22:13
patdk-wk	I so can't type that word	22:13
toast018	I noticed a gam_server running I killed it	22:13
toast018	"/usr/lib/gamin/gam_server"	22:14
toast018	trivial-rewrite -n rewrite -t unix -u -c	22:15
patdk-wk	that is postfix	22:16
patdk-wk	guess you really dunno what normally runs on your server	22:16
toast018	gam_server is postfix?	22:16
toast018	I didnt set it up a former employee did.,,,	22:16
patdk-wk	it's a service that is normally used to check for file modifications	22:17
toast018	they fired him and now Im over it.	22:17
patdk-wk	what version of ubuntu?	22:18
toast018	I wished they would get someone else... I honestly have no idea whats going on...	22:18
toast018	8.04	22:18
patdk-wk	is it currently up to date?	22:18
toast018	I just seen this come across wireshark. v2 membership report / join group 239.255.255.253	22:19
toast018	yes it is up to date	22:19
patdk-wk	heh, I would probably just do a: chmod a-x /etc/init.d/apache*	22:19
patdk-wk	and reboot	22:20
patdk-wk	then start looking for odd stuff in wireshark	22:20
toast018	what would that do?	22:20
patdk-wk	disable apache/webmail/squirrelmail	22:20
patdk-wk	and reboot, to clean out all odd running programs	22:20
patdk-wk	unless they added stuff into cron/at/...	22:20
toast018	is that IGMP join group something that I should not see?	22:21
patdk-wk	dunno, if it's only email, probably not	22:21
patdk-wk	but if it's doing something else, pacemaker, heartbeat, ...., it would be fine	22:21
toast018	chmod is to change ownership how will that disable apache?	22:22
patdk-wk	chmod DOES NOT change ownership	22:23
zamarax	hello, I have this script http://pastebin.ca/2018851 in my rc.local file, and unfortunately the second script hylafax doesn't launch, any idea?	22:23
zamarax	if I remove the sleep function it will launch, but it doesn't give enough time for the first script	22:23
toast018	command ran...	22:25
i0nic	so to make something run on run level 2 , runlevel2 can run things as root?	22:26
i0nic	basically im trying to make a script that runs ntpdate as root	22:26
i0nic	are 755 permissions fine on this?	22:27
MBR89	hi guys	22:29
MBR89	need help with xrdp / kde on ubuntu server	22:30
zamarax	hello, I have this script http://pastebin.ca/2018851 in my rc.local file, and unfortunately the second script hylafax doesn't launch, any idea?	22:30
zamarax	if I remove the sleep function it will launch, but it doesn't give enough time for the first script	22:30
MBR89	KCMinit ... Segmentation fault	22:30
patdk-wk	zamarax, sleep (10) == invalid syntax	22:31
zamarax	should be sleep 10 right? that's what I thought but when I use that it doesn't sleep for 10 seconds	22:31
zamarax	they execute back to back	22:32
MBR89	no idea	22:39
Fookin_Prawn	maybe string them together like etc/asdf/asdf start && sleep 10 && /etc/qwerty start	22:39
Fookin_Prawn	that way they don't execute without prior executing	22:40
zamarax	thank you I will try that	22:40
Fookin_Prawn	caveat you may need parentheses	22:41
econnell	On 10.10, i'm trying to do a PXE boot for a virtual machine install (kvm) using virt-install... i've specified --pxe on the virt-install command line, but i'm not seeing any DHCP requests on the network and there is no output on the virtual console	22:41
econnell	anyone have a clue on how to even start debugging that? :)	22:41
zamarax	Fookin_Prawn - thanks that worked perfectly	22:43
zamarax	appreciated :D	22:43
Fookin_Prawn	zamarax: good to hear :-) if you're interested in more things like that, check out bash scripting	22:44
zamarax	thanks	22:45
Fookin_Prawn	econnell: do you have dhcp declared in your rc.conf?	22:46
econnell	rc.conf?	22:47
econnell	Fookin_Prawn: on the host system you mean?	22:48
Fookin_Prawn	econnell: sorry, I haven't used ubuntu in a while. in one of ubuntu's startup scripts it should specify things like modules to load, interfaces, daemons, etc. can't remember which script has it, but dhcpd must be declared in it. it's probably named rc.* something	22:48
econnell	this is a virtual machine install....	22:48
econnell	PXE boot on the host machine works fine	22:48
Fookin_Prawn	econnell: ah I see. so you're trying to start a virtualization with a -pxe command?	22:49
econnell	yes	22:49
Fookin_Prawn	and this virtualization is an installation?	22:50
econnell	i'm trying to run this: virt-install -n web1 -m 54:52:00:00:00:01 -r 256 -f /virtualdisk/web1.img --nographics -s 30 --pxe --accelerate --connect=qemu:///system	22:51
econnell	the VM starts and i can connect to the console, but nothing ever happens on the console and there's no network I/O from the VM	22:51
Noobster	I am having an issue that might be caused by apparmor. I chown /var/run/bind to root:bind, but when I reboot it is changed back to root:root?	22:56
Amgine	Maybe I should ask this here... trying (failing) to compile pcntl.so for php5. dpkg-buildpackage: error: debian/rules build gave error exit status 2	22:56
Noobster	of course I get an error on reboot in /var/lod/daemon.log	22:56
Fookin_Prawn	econnell: i'm stumped, but virt-tools has an irc channel http://virt-tools.org/contact/	22:59
econnell	Fookin_Prawn: thanks	22:59
econnell	in the meantime, if anyone else can figure it out, let me know	22:59
econnell	or at least where to start debugging	23:00
patdk-wk	heh?	23:00
jdstrand	Noobster: apparmor would not change the permissions on the directory	23:26
jdstrand	Noobster: /var/run is a tmpfs and /var/run/bind is recreated on each boot	23:27
Frenk_	Hey, people told me to do the following on ubuntu:	23:52
Frenk_	$(postconf -n \| awk -F= '{ print $1 }'); do echo -n 'default: '; postconf -d ${parameter} ; echo -n 'current: '; postconf ${parameter} ; echo '--'; done \| less	23:52
Frenk_	but i dont know how to start - if i put it in console i got an error	23:52
Frenk_	i mean for parameter in $(postconf -n \| awk -F= '{ print $1 }'); do echo -n 'default: '; postconf -d ${parameter} ; echo -n 'current: '; postconf ${parameter} ; echo '--'; done \| less	23:54
econnell	oh i give up... pxe boot in a xen vm worked fine on centos5... no clue why it's not working on ubuntu... i'm just going to on-demand nfs mount the ISO on the hosts... talk about a hack :)	23:55
twb	What that is supposed to do is iterate over each postfix option, and print both its default and current values (side by side).	23:55
twb	Frenk_: it works for me in 10.04.	23:55
Frenk_	i left for parameter in out -.- stupid me	23:55
twb	for x in $(postconf -n\|cut -d= -f1); do printf 'default: %s\ncurrent: %s\n\n' "$(postconf -d "$x")" "$(postconf "$x")"; done	23:57
Frenk_	twb and what does: modified_parameters=$(postconf -n \| awk -F\= '{ print $1 }'); for parameter in ${modified_parameters}; do default_value=$(postconf -dh ${parameter} ); current_value=$(postconf -h ${parameter} ); test ${default_value} '=' ${current_value} && echo ${parameter} ; done	23:59
Frenk_	?	23:59

Generated by irclog2html.py 2.7 by Marius Gedminas - find it at mg.pov.lt!