/srv/irclogs.ubuntu.com/2010/12/15/#ubuntu-server.txt

=== SquishyNotHere is now known as squishy
uvirtbot	New bug: #690436 in openssh (main) "ssh-import-id requires wget and ca-certificates to function properly" [Undecided,New] https://launchpad.net/bugs/690436	00:21
boatdink	ok, i have a question to ask	00:27
twb	!ask > boatdink	00:28
ubottu	boatdink, please see my private message	00:28
boatdink	10.04 server w/ubuntu-desktop. How can I make it handle my windows credentials?	00:29
twb	You mean you have an AD or PDC and you want to authenticate against it instead of the local flat files (passwd, shadow)?	00:30
boatdink	maybe. I want to store EVERYTHING on this server...user accounts, files, etc.	00:31
twb	You want Windows clients to authenticate against your Ubuntu server as if it was a Windows server?	00:33
boatdink	yes	00:33
twb	Ah, OK.	00:33
twb	The tool for that is "samba"	00:33
boatdink	yeah im familiar with samba	00:34
twb	If you need to be an AD, you need samba4, which is not production ready. If you just need to be a PDC or BDC, samba3 will work.	00:34
boatdink	i know pdc and bdc but what is AD?	00:35
twb	Active Directory	00:37
boatdink	can you decrypt my samba.conf file because i have no idea what most of it means. I managed to use two routers on my network by messing with the dns and ip's but this is too confusing	00:39
twb	I'm a bit busy	00:43
boatdink	should i be trying this with an earlier version than 10.04?	00:45
twb	I don't see why	00:45
boatdink	what does the hosts file do?	00:48
twb	boatdink: you mean /etc/hosts? It contains the host database; a mapping of IP addresses to hostnames (and back).	00:49
twb	It has largely been supplemented by DNS.	00:49
twb	*supplanted	00:49
boatdink	Should I have to configure the Bind9.conf file at all?	00:51
twb	These questions seem a bit schizoid	00:54
twb	Work out what your goal is, and then only make the changes necessary to achieve it.	00:54
twb	If you don't NEED a DNS server, don't run one.	00:55
boatdink	When should I use a dns server. a WAN perhaps?	00:55
boatdink	Im just trying to figure everything out and how everything works and connects to eachother before I give it another shot	00:56
twb	Fair enough, I guess	01:02
twb	When asking questions it helps to declare if your after pedagogy or pragmatism :-)	01:03
smoser	SpamapS, here now	01:06
=== jjohansen is now known as jj-afk
K350	Can one install ubuntu-server on an regular ubuntu without first unistalling ubuntu?	04:06
twb	K350: that question doesn't really make sense.	04:07
K350	And can one install ubuntu-server from the terminal. What package do I need ot install then?	04:07
twb	K350: "ubuntu desktop" and "ubuntu server" are mostly just different default package lists	04:07
K350	Ok, what package do I've to install on my ubuntu to have ubuntu-server?	04:07
K350	twb: Ah, so I can just install ubuntu-server..great	04:08
twb	IIRC the ubuntu-server install CD will install ubuntu-standard metapackage, not include localization packages (language-base-NN), and prompt for various server tasks.	04:08
twb	Please note that we discourage running servers with GUIs.	04:08
K350	twb: Ah, this is my situation. I've Hardy installed in text-mode only, on a machine that has no screen or keyboard connected to it. I controll it over SSH. Now I wanted ot upgrade it to the latest version of ubuntu -server. So I was wondering what I'd to install	04:10
twb	OK.	04:12
twb	K350: basically you install whatever services you want to use, e.g. if you want DNS you install bind	04:12
twb	K350: it would be slightly better to do the initial instal using the ubuntu-server CD, but probably not worth reinstalling.	04:13
K350	twb: Ah, ok I got it:-)	04:13
twb	I strongly recommend you read the Ubuntu Server Guide, which outlines some best practices	04:13
K350	twb: well, I'll go for a list of packages and see what candy there's:-)	04:14
K350	twb: I would actually want ot install somehting completely new. But I'm to lazy to connect screen, kehboard and everything. And It's obviously a pain to do such things rmotely	04:15
JanC	heh	04:15
* JanC has never had any problems to install/upgrade remotely ;)		04:16
K350	jetole: Well, now I meant another OS. Not package.	04:20
K350	JanC: that one was for you	04:20
K350	JanC: <tab>'ed wrong.	04:20
twb	JanC: without an OOB console, it can be a pain	04:20
twb	You have to automate at least up to the sshd udeb	04:21
K350	JanC: What's a ODB console, never heard of?	04:21
K350	JanC: Have you ever installed an OS remotely?	04:22
JanC	I've used 2 ways that are actually similar: a PXE rescue console and debootstrap from inside an existing OS install ;)	04:23
twb	K350: OOB = out of band, e.g. ILOM	04:41
twb	Or KVM over IP	04:41
twb	JanC: bypassing d-i doesn't count :-/	04:41
jetole	Evening guys. Does anyone know how I can view the libexec dir from an ubuntu source package?	05:39
twb	Source packages don't have destination directories.	05:50
twb	If you download a BINARY package (foo.deb), you can extract its contents with dpkg -x.	05:50
jetole	twb: yeah but to be honest I'm not sure exactly what I am looking for to tell me it's the directory chosen by the libexec option.	05:52
twb	I don't know what that means.	05:52
jetole	and wasn't sure if it did come with directories or not. It's piles upon piles of variables and trying to find what $libexec means from all the makefiles gets confusing	05:52
jetole	twb: I am trying to find the libexec directory for libvirt0 or libvirt-bin. I have downloaded the source and the compiled dpkg which I extracted and I looked right at the directory I'm pretty sure but I didn't know that it was that directory	05:53
jetole	I mean I saw every file that comes from the compile .deb but which one is libexec?	05:54
twb	Uh, libexec is a directory	05:54
jetole	which directory?	05:54
* jetole is getting the file again to have another look		05:54
twb	It's set at ./configure type; the default is something like <prefix>/libexec/<package name>	05:55
jetole	twb: right, I mean which one is the one that the compiled deb used	05:55
twb	--libexecdir=DIR program executables [EPREFIX/libexec]	05:55
jetole	yes	05:55
jetole	thats right	05:55
twb	EPREFIX for a Debian package is usually /usr	05:55
twb	For a hand-compiled package it is usually /usr/local	05:55
jetole	there is no /usr/libexec folder	05:56
jetole	I thought that too	05:56
jetole	so I'm still pretty lost here	05:56
twb	Why do you need to know this?	05:56
jetole	a lot of progs will use something like /usr/lib/program_name/libexec but not libvirtbin	05:56
jetole	twb: I doubt you want to know the answer	05:56
jetole	I'm trying to do something I know you will tell me not to do	05:57
twb	No package with "libvirt" in its name provides an inode path that contains "libexec".	05:57
twb	No package with "virt" in its name provides an inode path that contains "libexec".	05:57
jetole	ok	05:57
jetole	but the program was compiled, didn't they have to give it a directory to use?	05:58
twb	Just because ./configure supports a libexecdir doesn't mean the project uses it	05:59
jetole	I'm bashing my head in trying to find what this seamingly simple string should be	05:59
jetole	oh	05:59
jetole	oh	06:00
* twb resists the urge to break out the cluebat		06:01
jetole	btw, on topic, do you know how I can download a deb from the term? Is there an apt-<name> command to save me from going to the packages.ubuntu.com site	06:01
twb	jetole: aptitude download foo	06:01
jetole	twb: I get it. I've been wasting my time looking for something that wasn't there	06:01
jetole	ah I should start getting in the habbit of using aptitude	06:02
twb	apt-get -d works, but you must be root and it'll put it in /var/cache/apt/archives, not $PWD	06:02
jetole	I didn't know that but I guess I never did an ls -l on the archive. I just assumed that was left overs from when the package was installed	06:03
jetole	also didn't know aptitude had non root features	06:03
jetole	assumptions suck but I made the mistake of assuming anything apt/dpkg/aptitude almost always needed root	06:04
jetole	neat. Never realized libvirt came with augeas lenses	06:09
twb	augeas?	06:10
twb	Oh, it's a configuration management system, like puppet	06:10
jetole	it's a config tool that helps with say mass deployments and what not	06:10
jetole	uh no	06:10
jetole	it's a tool you commanly use with puppet	06:11
jetole	allows you access a config file like a tree and make changes to aspects without having to whip your sed-fu and awk like skills	06:11
jetole	it's pretty cool	06:11
jetole	I use puppet a lot a work too	06:11
twb	So it's a gconftool-2 UI for /etc	06:12
jetole	uh	06:12
jetole	... yeah	06:12
jetole	hehe. pretty much yeah	06:12
twb	Or like UCI in OpenWRT	06:12
jetole	augeas also plugs into puppet	06:12
jetole	don't know. never got a openwrt box	06:12
jetole	but what I meant about puppet is you can access augeas rules from puppet configs so you can write a puppet script that uses augeas to make changes.	06:13
twb	In OpenWRT they store most stuff in /etc/config in a YAML-like format, which is queried/set by "uci" both from the CLI and from the web UI. The init scripts then turn it into either flat files in /etc or (more commonly) just pass the appropriate arguments to daemons directly.	06:13
twb	It sounds useful, but not useful enough that I'd actually go to the trouble of rolling it out on my own -- let Ubuntu do that heavy lifting for me for 12.04	06:14
twb	My sed-fu is strong :-)	06:14
jetole	that sounds neat but that last part of passing it to the daemon directly sounds kind of like an unreliable method	06:15
jetole	sounds kind of like a hack	06:15
jetole	yay. 18 more months to the next LTS	06:15
twb	jetole: it exploits the knowledge that their daemons happen to accept arguments equally from either source, e.g. dnsmasq	06:15
jetole	oh I think I misunderstood what you meant the first time then	06:16
twb	e.g. instead of dnsmasq -f /etc/dnsmasq.conf they call dnsmasq $options	06:16
jetole	Like I said, I don't really have any openWRT	06:16
jetole	I see	06:16
jetole	kinda like a wrapper?	06:17
twb	Well, in the sense that any /etc/init.d/foo script is a wrapper around foo	06:17
jetole	and /etc/defaults	06:17
jetole	hehe. I see your point	06:17
jetole	http://augeas.net/tour.html	06:17
jetole	http://docs.puppetlabs.com/guides/types/augeas.html	06:17
jetole	Alright. I'm gonna get back to work. Thanks for the insight @ libexec	06:19
jetole	I'm gonna set my prefix as /opt and compile libvirt with every option I can find a proper dir for and see what else if anything gets sent to /opt	06:21
twb	So I want a list of all the system accounts that Ubuntu typically creates	06:48
twb	A quick and dirty way to do this is:	06:48
twb	root@mimic:/var/tmp/delete-me# find /srv/mirror/ubuntu/pool/{main,universe} -name \*.deb -exec sh -c 'dpkg-deb -e "$0" "$(basename "$0" .deb)"' {} \;	06:48
twb	root@mimic:/var/tmp/delete-me# grep -r adduser.*--system .	06:49
twb	Plan B is just to pick a few packages I probably ACTUALLY care about, and install them into a scratch box, then getent passwd {100..999}\|\|:	06:50
=== oubiwann-holiday is now known as oubiwann
shauno	strikes me as something that should probably be documented somewhere	07:00
=== oubiwann is now known as oubiwann-holiday
soren	twb: What do you need the list for?	07:43
twb	I had a clever idea of keeping the system UIDs and GIDs in sync between my LXC containers and the dom0	07:43
twb	That way when I did ls -l /srv/lxc/foo/etc/ssl on the host OS, it would show files being owned by ssl-cert, not some random other group	07:44
twb	Unfortunately, I now see this is basically impossible because many postinsts will use a simple "getent passwd foo" check to avoid OTHER non-idempotent commands, such as adding that account to additional secondary groups, or creating its $HOME.	07:45
ttx	zul: lots of noise around bug 458637, do you plan to have a look ?	07:46
twb	So what I'll do instead is just ensure that the system accounts in the LXC container template and in the dom0 match, which will cover basics like syslog, postfix, ssl-cert, ssh. Post-template system accounts like postgres, mysql, logcheck will just have to deal.	07:46
uvirtbot	Launchpad bug 458637 in samba "Windows Live Sign-In assistant prevents samba from accessing Windows 7 shares" [Unknown,Fix released] https://launchpad.net/bugs/458637	07:46
jasonmchristos	What is the best how-to for setting up an openvpn server on ubuntu?	07:52
twb	https://help.ubuntu.com/10.04/serverguide/C/openvpn.html ?	07:54
twb	peer-to-peer openvpn is trivial because you can use symmetric cryptography, but openvpn disallow this for political reasons for hub/spoke setups.	07:55
twb	Personally I'll be looking at ipsec instead of openvpn in future, because that's what IPv6 blesses for ICMPv6	07:56
jasonmchristos	twb: thanks for the info i know what to think about in the future but for now i will go ahead with openvpn	07:57
jasonmchristos	can anyone tell me which ports to open on ufw to allow apt-get	08:05
jasonmchristos	i locked everything down but ssh	08:05
qman__	by default it allows outgoing connections	08:06
qman__	apt uses standard http	08:06
jasonmchristos	qman__: i have allowed 80 and 443 out but still cant use apt-get	08:21
twb	outbound, or inbound?	08:22
twb	pastebin the output of "apt-cache policy" and "iptables-save -c"	08:22
jasonmchristos	twb: its dns not resolving i guess i needed to enable port 53 in from my router but still isn't resolving	08:32
twb	DNS requires both 53/udp and 53/tcp.	08:33
twb	Unless you mistrust your local users, it seems pretty stupid to block OUTPUT	08:33
jasonmchristos	its going to be for openvpn server only	08:34
jasonmchristos	ok got it to work by allowing 53 out and in	08:47
twb	IIRC ufw implicitly allow return responses	08:53
shauno	53 is dns. that shouldn't be required in either direction unless you are your own NS	08:54
boneshaker	Hello All! May i ask for help? I have a little problem on my Ubuntu server	08:55
twb	shauno: he needs to resolve archive.ubuntu.com so he can apt-get	08:55
shauno	ufw doesn't drop outbound dns tho	08:55
twb	shauno: I think he's being a bit silly and trying to :OUTPUT DROP -	08:56
=== jj-afk is now known as jjohansen
raubvogel	If you do an upgrade to a package that some services being run depend on, will the upgrade also restart those services?	09:13
jasonmchristos	good question	09:14
jasonmchristos	i imagine it should	09:15
qman__	yes	09:15
qman__	and yeah, an output drop policy is overkill unless you are directly connected to the internet	09:16
qman__	or an otherwise untrusted network	09:16
twb	qman__: even if you're directly on the internet, I wouldn't bother unless the host in question was likely to be compromised	09:17
twb	I might do it for a LAMP server with a public IP	09:17
shauno	output log once in a while could be instructive. output drop is overkill in every situation I could think of	09:17
=== doko__ is now known as doko
boneshaker	I have problem on my Ubuntu server, maybe somebody can help me with it?	10:40
boneshaker	when i try to send keysequence via xvkbd to client running on Xvfb - it kills Xvfb with fatal io error 11	10:40
boneshaker	with other X servers (not Xvfb) it works fine	10:41
boneshaker	it works with Xvfb only if i run x11vnc and connet/disconnect to it before sending keysequence	10:41
boneshaker	any ideas? ty in advance	10:41
qman__	I run output accept on my router	10:43
qman__	just keep the attack surface minimal	10:43
soren	boneshaker: Your question has nothing to do with Ubuntu server. Try #ubuntu or #ubuntu-x.	10:49
boneshaker	thx - i will try	10:50
leonardopires	Hi friends! Where i can get a documentation about Ubuntu's Virtualization	11:46
=== a1 is now known as al
[diablo]	afternoon #	12:06
[diablo]	guys I have replaced a NIC with a new one...	12:06
[diablo]	where can I can configure the new MAC -> ethX	12:06
[diablo]	previous was eth1	12:06
[diablo]	udev[454]: renamed network interface eth1 to eth1-eth2	12:07
[diablo]	found that	12:07
patdk-lap	hehe	12:09
Jeeves_	[diablo]: /etc/udev/rules.d/70-persistant-net	12:15
patdk-lap	oh heh, I thought he said he found it, but guess he meant he found that rename message	12:16
[diablo]	hi Jeeves_ ... sorted	12:16
[diablo]	cheers anyway	12:16
=== jjohansen is now known as jj-afk
zul	morning	13:11
Daviey	afternoon zul	13:11
zul	kirkland SpamapS Daviey: i added get-orig-source so it fetches a git snapshot based on the date for cobbler	13:22
Daviey	zul: when did you push that?	13:31
zul	Daviey: soon :)	13:31
Daviey	zul: I was gonna say! I just branched, and it wasn't there	13:31
zul	Daviey: heh i have a whole bunch of changes in my branch ill be pushing by the end of the day	13:32
Daviey	zul: push incrementally!	13:32
Daviey	zul: code drops aren't cool :)	13:33
zul	Daviey: yeah ill push after this change then	13:33
Daviey	awesome	13:33
Daviey	zul: Did you get the service started ok?	13:34
zul	Daviey: no i have to use the web interface for now im not sure what is happening when i do cobbler check	13:34
Daviey	zul: I had a hacky fix for that.... :/	13:35
zul	patch?	13:35
Daviey	lemme try and re-generate it now.	13:35
uvirtbot	New bug: #690638 in net-snmp (main) "snmp tools fail to translate OIDs" [Undecided,New] https://launchpad.net/bugs/690638	13:36
soren	I'm curious... Why is cobbler suddenly a priority? It's been on our list of stuff to get done for almost three years, never managed to get resources allocated to do it. What changed?	13:41
TREllis	Daviey zul: I played around with one of your cobbler branches the other day, actually... I think it was kirklands', the deb package was missing a few python deps	13:43
Daviey	TREllis: interesting... branches welcome :)	13:44
zul	TREllis: ack...i have a couple of bug fixes	13:44
TREllis	python-{simplejson,urlgrabber} if I remember irght	13:44
Daviey	TREllis: Do you want to help develop?	13:45
Daviey	TREllis: lp:~ubuntu-virt/cobbler/ubuntu is our tip, if you want to base branches from that	13:45
TREllis	Daviey: cool, I'll take a look, not much of a python hacker but I'll happily test it	13:46
Daviey	TREllis: we'll help :)	13:46
Daviey	zul: Have you managed to install cheetah on Natty?	13:50
zul	Daviey: yeah i havent had any problems recently	13:50
Daviey	zul: Interesting... i'm getting python2.7 issues	13:51
zul	but im always trailing edge when im using a devel version	13:51
zul	ie when i slack off i upgrade ;)	13:51
Daviey	zul: lol... same here :)	13:54
soren	zul: Why is it you add an empty changelog entry to the nova package after every upload?	14:05
zul	in the bzr branch?	14:05
soren	Yeah.	14:05
toast018	Good morning everyone!	14:06
zul	soren: good question	14:06
toast018	Can someone tell me in what directory should I place the .htaccess file on my server?	14:06
soren	toast018: The for which you wish it to take effect.	14:07
soren	err...	14:07
soren	toast018: The one for which you wish it to take effect.	14:07
zul	soren: i wont in the future	14:07
soren	zul: Cool :)	14:07
toast018	I placed it in the /var/www/ folder but it didnt work... then in the /var/www/squirrelmail dir and still nothing... :( even ran chmod 0755	14:07
toast018	i ment directory not folder... .sorry still getting away from windows... lol	14:08
soren	You need to adjust AllowOverride to allow htaccess to take effect.	14:08
soren	It's in /etc/apache2 somewhere.	14:09
toast018	would i set it to none ?	14:10
zul	Daviey: just doing some bug fixes before i push	14:11
toast018	woohoo tutorial found... I just needed the allowoverride to set me in the right direction.... Thanks soren	14:12
soren	sure	14:13
Krashk	Hi. I just got a mail from my ISP that my server has tried to establish contact with known botnet controllers. Any idea how I can check it I am part of a botnet or not?	14:16
uba	Hi, I'm using SSMTP to send emails from my PHP scripts but even with the "FormLineOverride=YES" the from address on the emails being sent is "www-data@mydomain.com" which is the local user name for the Apache process. I have extensively searched on the web but I have not been able to find a solution to this problem. I would really appreciate any help on this.	14:34
patdk-wk	you have a sample email?	14:35
toast018	I have adjusted the properties of AllowOverride and also added the list of IPs from overseas. but how to i see if it works?	14:35
toast018	how can I ping my site from say Russia? or China?	14:36
patdk-wk	if you locate a russian/chinese web proxy service :)	14:36
patdk-wk	there are some out there	14:36
uba	patdk-wk: Yes i received them in my spam box.	14:37
zul	kirkland SpamapS Daviey: alot of packaging changes this morning ;)	14:50
toast018	can someone see if my site mail.jmchd.com is reachable from russia or china... I tried the proxies but I dont think I did it right... :(	14:53
doko	Daviey: does my suggested fix work for eucalyptus?	15:15
Daviey	doko: Not tried it yet... but will do soonish	15:16
Daviey	doko: thanks for looking	15:16
Daviey	zul: How far off are you having a cobbler-web package?	15:18
zul	Daviey: havent started it yet...working on koan	15:18
Daviey	zul: ok, np	15:18
robbiew	redhat and eucalyptus huh...sounds like a match made in heaven	15:19
robbiew	:)	15:19
robbiew	Daviey: zul: (and whoever else might know): who owns http://ubuntuserver.wordpress.com/	15:20
robbiew	?	15:21
Daviey	robbiew: we do :)	15:21
Daviey	robbiew: that is our "offical blog"	15:21
robbiew	needs updated branding then ;)	15:21
Daviey	(Many of us would, you know, prefer a blog hosted via ubuntu server :)	15:21
* robbiew adds the wiki to his list of cleanups....whoohoo!		15:23
Daviey	living the dream... :)	15:23
hggdh	Daviey: I would even say all of us ;-)	15:28
hggdh	Daviey: BTW -- kees' build works on AMD64	15:31
hggdh	just finished the test	15:31
hggdh	now... for i386	15:31
Daviey	hggdh: passed the test run?	15:32
hggdh	Daviey: sir, yes sir	15:33
Daviey	hggdh: you rock.	15:33
hggdh	now... download the i386 mav iso locally, upload the beast to the rig, install	15:34
hggdh	why, oh why can't we get direct access to the ISO servers?	15:34
Daviey	hggdh: I'm sure you can if you put in an RT	15:36
Daviey	i added an RT for ppa archive access, and they granted that :)_	15:37
hggdh	Daviey: nowadays we use akamai for trhe official ISO downloads	15:37
hggdh	I am not sure how IS would react if we ask for it	15:38
Daviey	hggdh: There are still plenty of non-akamai mirrors, tho?	15:39
hggdh	IDK	15:39
hggdh	probably it will be easier to just add them ISOs to tamarind, and leave them there	15:39
hggdh	only 15 minutes more to end uploading ;-)	15:40
Daviey	hggdh: gb.releases.ubuntu.com looks good to me :)	15:40
hggdh	Daviey: hum. Being local, it is probably not a bad one...	15:41
Daviey	:)	15:41
hggdh	yeah, I will open a RT on iy	15:41
Daviey	groovy	15:41
Daviey	eek, hide - it's skaet	15:41
* hggdh is just gone		15:42
skaet	lol, no release happening for a while.... you're safe ;)	15:42
jpds	Daviey: Good.	15:42
Daviey	skaet: :)	15:44
Lars_G	Hey all.	15:45
* hggdh is back		15:45
Lars_G	Question, is there an offitial package that comes with all the schemas that are not included with slapd? like openssh.schema? and preferably if they're on the .ldif format used by the newer system already....	15:46
Delemas	I have various Ubuntu 10.04 VMs built with vmbuilder. They respond to a virsh shutdown domainname issued on the host. Self build VMs ignore all similar commands, despite having similar packages. Can anyone tell me what listens for virsh shutdown commands in Ubuntu guests?	15:48
hggdh	JamesPage: I am considering adding 'DEBCONF_DEBUG=developer' to the PXE boot on ubuntu-server-testing, do you mind?	15:50
hggdh	JamesPage: I am having some issues on d-i, and I think having it there will not hurt if we find others later	15:50
Delemas	Lars_G, I doubt it. I had to search for them. For example samba had some bits in the samba-doc package...	15:51
Lars_G	meh	15:52
Lars_G	it's as evil as finding MIBs then	15:52
Lars_G	thanks Delemas	15:52
hggdh	well, at least the MIBS are in snmp-mibs-downloader	15:53
zul	Daviey: you said you had a hack for cobbler check?	16:02
Daviey	zul: i had one that was in place, yeah	16:02
zul	Daviey: can i see it?	16:03
Daviey	zul: hmm... it's gonna be easy for you/me to regenerate tbh	16:03
Daviey	it was a patch i wouldn't commit iirc	16:03
zul	:(	16:03
raubvogel	If you are doing virtual mail domains in postfix in ubuntu, is there a specific path for where the mailbox directory goes? I have been using /var/spool/vmail but in https://help.ubuntu.com/community/PostfixVirtualMailBoxClamSmtpHowto they use /home/vmail. Which one is the expected path for ubuntu?	16:04
Delemas	Apparently shutdown only works properly if acpid is installed.	16:07
toast018	O Nooooos Cannot initiate the connection to archive.ubuntu.com:80 (91.189.88.31). - connect (99 Cannot assign requested address) [IP: 91.189.88.31 80]	16:26
=== jj-afk is now known as jjohansen
a_ok2	are the settings in /etc/iscsi/iscsid.conf actually used when doing an iSCSI boot?	16:36
coxn	lvm question. I've got an LV that claims "2" in the Open column, but it's not in /proc/mounts, I've already deleted the virtual machine that was using it as its disk, no kvm sessions are hanging, fuser doesn't show anything.... I'm running out of ideas as to how this could be open.	17:04
coxn	# dmsetup info -c raid10-bootvm	17:04
coxn	Name Maj Min Stat Open Targ Event UUID	17:04
coxn	raid10-bootvm 251 3 L--w 2 1 0 LVM-9x3W5fj2SMJZwScutUEv7EWL3JaRfnWCwolLpVI2S8e9JAXoY9yqoszOekKSGYNH	17:04
coxn	I dispute this ^	17:05
coxn	I'd like to remove this LV, and I'm stuck. Several people have suggested a reboot or a vgchange -an for the whole volume group, but neither of those is palatable since there are other (running) VMs on the box.	17:06
coxn	example: # lvchange -an raid10/bootvm	17:12
coxn	LV raid10/bootvm in use: not deactivating	17:12
coxn	I'd like to know what tools (eg. fuser, lsof) I should be using (and how) so that I can kill whatever it is that's hanging onto that LV	17:12
coxn	or at least know how it's getting hung if not fix it.	17:13
hggdh	please pardon my ignorance, but why is ntfs-3g included in the basic server install?	17:35
zul	if you want to mount ntfs partitions on your server maybe? :)	17:37
patdk-wk	no idea, I remove it :)	17:37
leonardopires	hi friends	17:43
leonardopires	i have 2 ubuntu + kvm running guest os	17:44
leonardopires	whats the tool for cluster this 2 physical ubuntu machines?	17:44
leonardopires	im was looking for ganetti...	17:44
leonardopires	but ganetti dont have full support from ubuntu...	17:45
hggdh	zul: how many servers have you seen that mount a NTFS partition?	17:59
zul	hggdh: none but i think that was pre ubuntu-server team	18:00
ScottK	hggdh: It's not harmful just sitting there.	18:00
hggdh	ScottK: I do not disagree, but are we not looking to more space in the ISO?	18:01
ScottK	hggdh: Also it's in the Standard seed, so to remove it from Server, it would have to be removed from that seed and then explicitly seeded in the desktop flavours that want it.	18:01
ScottK	It's not very big: Size: 91354	18:01
zul	kirkland SpamapS: http://people.canonical.com/~chucks/2010-12-15_124012_import.log	18:07
kirkland	zul: ooooh, getting close :-)	18:08
ivoks	what can one do when mysql takes ages to finish the query?	18:10
ivoks	is it possible to automatically kill that query after some_time	18:10
hggdh	ScottK: thank you	18:15
smoser	jdstrand, do you have a security test suite for kernel ?	18:28
smoser	looking primarily to test for lack of major regression.	18:28
smoser	(i'm asking the security team in general, mdeslaur kees )	18:28
hggdh	smoser: qa-regression-testing	18:29
kees	smoser: are you familiar with the qa-regression-testing bzr tree?	18:29
kees	smoser: hggdh can show you were we put our tests. :)	18:29
* kees goes afk again		18:29
smoser	thanks kees	18:29
smoser	hggdh, thanks.	18:29
smoser	so, hggdh have you by chance run the current -proposed for maverick ?	18:29
smoser	kernel	18:30
hggdh	smoser: b co lp:qa-regression-testing, then look at ./scripts/test-kernel*.py	18:30
hggdh	smoser: I have not, but pedro_ was doing it	18:30
hggdh	s/b co/bzr co/	18:30
RoyK	hi all. how can I report the physical ethernet speed?	19:07
RoyK	the nic is gigE, so is the switch, I just want to see what is being used...	19:07
jmedina	you can use ethtool ethX	19:07
RoyK	jmedina: thanks	19:09
jmedina	RoyK: probably this is interesting to you: http://datatag.web.cern.ch/datatag/howto/tcp.html	19:11
RoyK	jmedina: seems that article is rather old - most new stuff is tuned to support gigE quite well out of the box	19:15
RoyK	also, pci-x isn't very hot anymore either	19:15
jmedina	RoyK: ok :)	19:15
* RoyK has two 100TB boxes hooked up with 10gigE		19:16
RoyK	btw. 10gigE on PCI-X would't be much fun	19:16
patdk-wk	pci-x (66mhz) supports 8gbit (one way) :)	19:17
patdk-wk	so really, pci-x 133mhz by itself could do 10gbit nic, but it would be maxed out	19:17
RoyK	133MHz 64bit is _theoritaclly_ 8,5Gbps, but for old PCI, add a spoonful of two of overhead	19:19
patdk-wk	well, I can push 980mbit over pci, 32bit 33mhz	19:19
patdk-wk	that is damn well close to the pci limit	19:20
RoyK	most pci is pci 2.3, though, which is 66MHz	19:21
RoyK	but then, why bother :P	19:21
patdk-wk	oh, my pci isn't even pci 2.0 :)	19:21
patdk-wk	that I did that test on	19:21
RoyK	patdk-wk: 1996 hardware?	19:21
RoyK	:)	19:21
patdk-wk	yep	19:22
i0nic	hi does this cron look right for every 5 minuts ? /5 * * echo 'Hello'?	19:22
patdk-wk	it was available, and I was bored	19:22
RoyK	i0nic: yes	19:22
i0nic	im new to cron, just trying to understand it	19:22
Pici	i0nic: Yes. But where are you echoing to?	19:22
i0nic	RoyK: thanks	19:22
patdk-wk	but that was using jumbo packets :)	19:22
RoyK	Pici: that one'll echo to stdout, which will send an email to the owner	19:22
i0nic	Pici: would that not echo to my terminal if I am logged into the user that the cronjob is under?	19:22
Pici	RoyK: exactly.	19:23
Pici	i0nic: No, what RoyK just said will happen.	19:23
i0nic	ahh	19:23
i0nic	how would I echo to the terminal?	19:23
Pici	Usually? You wouldn't.	19:23
i0nic	is there a cron log so I can confirm the cron is running as scheduled?	19:24
RoyK	i0nic: why would it know which terminal to echo that to?	19:24
patdk-wk	write or writevt :)	19:24
RoyK	i0nic: you could always do something like echo wtf > /dev/console	19:24
i0nic	ahh nice	19:24
Pici	i0nic: It should drop an entry into /var/log/auth.log	19:25
patdk-wk	my brother loves write, I ban him from it	19:25
i0nic	looks like cron runs as UID 0?	19:25
i0nic	is there anyway to make it run as the user its been scheduled under?	19:26
QAH	Hi everyone!	19:27
QAH	I have a question about Ubuntu Elastic cloud. Does it do virtualization like VMWare Server or something? What would be advantages to using it for a home server?	19:28
i0nic	the only reason I can think of for having a virtualized home server is if you have the power.	19:30
i0nic	and you wanted the multiple machines	19:30
QAH	So UEC can virtualize?	19:33
QAH	Because I always see that install option when installing Ubuntu Server, but I never realized what it really was.	19:33
baggar11	what program do you use to manage the virtualization cloud when using that install option?	19:34
SpamapS	QAH: it provides an EC2 API compatible "cloud" implementation	19:35
SpamapS	baggar11: euca2tools or ec2tools	19:36
QAH	SpamapS: Ok. So basically it allows you to create a cloud of virtual machines correct?	19:36
SpamapS	baggar11: or any other EC2 management utility	19:36
SpamapS	It also has its own web interface.	19:36
SpamapS	QAH: right	19:36
QAH	Because EC2 is MAD expensive.	19:36
QAH	Cool	19:36
SpamapS	uh	19:36
SpamapS	EC2 is $17/month for a t1.micro	19:36
SpamapS	actually	19:36
QAH	That includes storage and everything?	19:36
SpamapS	EC2 is free for one t1.micro	19:36
QAH	That doesn't include bandwidth.	19:37
SpamapS	which is reasonably priced given what you're getting	19:37
SpamapS	which is the equivilent of a high end colo connection to the internet	19:37
QAH	I guess. It's just out of my price range right now.	19:38
QAH	I'm not really hosting much.	19:38
i0nic	S3 is the file storage	19:38
QAH	I actually removed VMWare Server from my server because virtualization was kinda overkill for me.	19:38
QAH	I just wanted to know if UEC virtualized.	19:38
i0nic	EC2 is typically used for off loading resources onto	19:38
i0nic	UEC does not create virtualized servers.	19:39
i0nic	Xen would be a program that does that.	19:39
QAH	i0nic: ???	19:39
QAH	Oh	19:39
QAH	That's what I was asking.	19:39
QAH	So basically, UEC just allows you to share the workload among different computers?	19:41
QAH	I'm kinda confused as to its true purpose.	19:41
panfist	i have a printer shared with cups. i have connected to it both at http://localhost:631/printers/Foo and http://my.ip:631/printers/Foo and it works fine, from the localhost	19:44
panfist	i have tried to connect to the printer from another machine at http://my.ip:631/printers/Foo and it won't print	19:44
panfist	here's the error log from the last two jobs i tried to send http://dpaste.com/287088/	19:44
i0nic	QAH -> http://cssoss.wordpress.com/2010/06/22/pdf-version-of-eucalyptus-beginners-guide-uec-edition/	19:44
QAH	Thanks	19:45
=== Fookin_Prawn is now known as Prawn_QuakeLive
baggar11	SpamapS: are those free tools, graphical or commandline?	19:55
QAH	Ok. That clears up stuff. :)	19:55
QAH	So overkill for me. :P	19:55
=== Prawn_QuakeLive is now known as Fookin_Prawn
uvirtbot	New bug: #690815 in openldap (main) "db_open(/var/lib/ldap/access/id2entry.bdb) failed: No such file or directory (2)" [Undecided,New] https://launchpad.net/bugs/690815	20:11
smoser	hggdh, do you know how i run these 2 kernel tests ?	20:13
smoser	just run them ? no args ?	20:13
hggdh	smoser: you should not need any parms	20:14
smoser	i'm wanting to run ./scripts/test-kernel-root-ops.py and ./scripts/test-kernel.py	20:14
smoser	just run them, do i need to \| output into tee or anything ?	20:14
hggdh	--help would point to potential options	20:15
hggdh	you might need to run them as root, though	20:15
i0nic	hmmm.. "Received disconnect from IP: 2: Too many authntication failures for tablet"	20:16
i0nic	what program is blocking tablet?	20:16
i0nic	does ubuntu 10.04 lts have some sort of firewall installed by default?	20:17
i0nic	besdies iptables*	20:17
remix_tj	by default is installed iptables and his management tool ufw i0nic	20:24
remix_tj	but set as ACCEPT ALL as default	20:24
i0nic	who is the user voice?	20:33
i0nic	or group i mean	20:33
kirkland	SpamapS: so what's the output of + [clint-fewbar] Work with Cobbler development to upstream patches and coordinate release: DONE	20:33
i0nic	ah pulse	20:33
i0nic	im at a lost	20:41
SpamapS	kirkland: They know we're here, 2 patches upstreamed, and some feedback on how well that went (seems like they'd prefer that we send them git formatted patches)	20:42
SpamapS	kirkland: Hopefully also they'll provide some thoughts on 2.1 and when we can expect a 2.1.0	20:42
kirkland	SpamapS: neat; capture that in a note in the whiteboard?	20:43
SpamapS	kirkland: done... this is cool.. its like.. it might actually work.. and be fun.. ;)	20:54
jasonmchristos	morn'n folks using this howto https://help.ubuntu.com/10.04/serverguide/C/openvpn.html i am at the point of CONFIGURATION it says to specify the local ip , is it going to be a problem if the openVPN server I am using is on DHCP?	20:54
SpamapS	jasonmchristos: only if your IP changes	20:56
jasonmchristos	this is a problem	20:57
RoyK	!pastebin	20:58
ubottu	For posting multi-line texts into the channel, please use http://paste.ubuntu.com \| To post !screenshots use http://tinyurl.com/imagebin \| !pastebinit to paste directly from command line \| Make sure you give us the URL for your paste - see also the channel topic.	20:58
SpamapS	jasonmchristos: you may be able to specify it as a hostname and restart the service.. but IIRC, openvpn needs to know what its IP address is to act as a server.	21:01
gholms	smoser: ping	21:02
smoser	gholms, here	21:03
gholms	How would you feel about cloud-init stuff shelling out to PK instead of apt wherever possible so stuff is more portable?	21:03
smoser	PK ?	21:06
gholms	PackageKit	21:06
gholms	I'm thinking pkcon, its CLI.	21:06
smoser	i've never used it.	21:07
smoser	the 2 thoughts i would have are a.) its not in our images right now, so we'd have to get it there	21:07
smoser	b.) there are some options that i pass to apt to make it really not prompt me (as thats just not going to work)	21:08
smoser	and i'd hae to be able to do the same through pkcon	21:08
smoser	also, you're aware that amazon did some work on cloud-init to make it non-ubutnu specific, right?	21:08
gholms	IIRC, I was a little disappointed with how they did it, but yeah, I saw that.	21:09
gholms	I just figured I would ask if you would have any philosophical objections or anything before I start working on a PoC.	21:10
smoser	gholms, no i do not have any real objections	21:17
gholms	Okee dokee. Thanks.	21:18
smoser	i've not looked extensively at the amazon changes, and i know that they weren't 100% happy with them either.	21:18
gholms	It's been a while since I looked at their changes, but IIRC they basically just directly called pieces.	21:21
gholms	I also have to figure out how to deal with disappearing disks since nobootwait isn't portable. :-\	21:21
SirDerigo	hi people	21:27
uvirtbot	New bug: #606373 in cloud-init (main) "cloud-init output does not get to console when booted with pv-grub and ramdisk" [High,Fix released] https://launchpad.net/bugs/606373	22:03
geekbri	so if you damage your /etc/passwd file there is no way to copy over /etc/passwd- back to /etc/passwd without booting into single user mode is there?	22:07
jmedina	I have always restores passwd- on a running system without problems	22:07
hggdh	duh. There I am, running a test on UEC with 5 NCs. Test is taking an awfully long time... and I noticed I had not powered on the NCs :-(	22:08
jmedina	even in runlevel 2	22:08
geekbri	jmedina: hrm?	22:08
geekbri	jmedina: the problem is i can't SU because the passwd file is damaged so i dont have access to copy the file over	22:08
jmedina	what about ssh?	22:10
jmedina	well only if you have root access	22:10
Lars_G	Question, is there any advantage to a 64 Bit kernel other than accessing over 4Gb of ram? something that I think pae in i386 mode can do anyhow.....	22:16
=== jmedina is now known as eljmedina
The_Tick	Lars_G: google is your friend here	22:19
The_Tick	lots of information on the pros and cons	22:19
baggar11	I'm pretty sure 32bit linux can access over 4gb of ram	22:20
The_Tick	I'm pretty sure 64 bit can access a ton more than 32 bit	22:23
The_Tick	and that there are other benefits to 64 bit	22:23
baggar11	for sure	22:25
lenios	32 bit can access a lot of memory with a pae kernel, it's a little slower though	22:38
lenios	64 bit should be the choice if hardware is capable	22:39
patdk-lap	lenios, I have cpu's that can do 64bit, but not pae	22:50
lenios	if your cpu is 64 capable, go with 64 bit	22:51
lenios	it's default on server, anyway	22:51
gallamine	hello, i'm a first time AWS user and I'm trying to get a Ubuntu image installed	23:38
gallamine	when i run 'ec2-run-instances', as per the instructions on the Ubuntu website I get the error, "the AMI ID does not exist"	23:40
gallamine	while the AMI is shown here:	23:41
gallamine	http://uec-images.ubuntu.com/maverick/current/	23:41
gallamine	ah ha! i was using a AMI from the wrong region	23:46
=== oubiwann-holiday is now known as oubiwann
gallamine	when i attemp to ssh into my aws instance, it asks for my passphrase	23:57
gallamine	there is nothing in the instructions here (https://help.ubuntu.com/community/EC2StartersGuide) that mention this	23:57
gallamine	any ideas whati've done wrong?	23:57
gallamine	I'm on step #4	23:57
jasonmchristos	looks likr you have to have static ip for openVPN config?	23:59

Generated by irclog2html.py 2.7 by Marius Gedminas - find it at mg.pov.lt!