=== SquishyNotHere is now known as squishy
[00:21] <uvirtbot> New bug: #690436 in openssh (main) "ssh-import-id requires wget and ca-certificates to function properly" [Undecided,New] https://launchpad.net/bugs/690436
[00:27] <boatdink> ok, i have a question to ask
[00:28] <twb> !ask > boatdink
[00:28] <ubottu> boatdink, please see my private message
[00:29] <boatdink> 10.04 server w/ubuntu-desktop. How can I make it handle my windows credentials?
[00:30] <twb> You mean you have an AD or PDC and you want to authenticate against it instead of the local flat files (passwd, shadow)?
[00:31] <boatdink> maybe. I want to store EVERYTHING on this server...user accounts, files, etc.
[00:33] <twb> You want Windows *clients* to authenticate against your Ubuntu server as if it was a Windows server?
[00:33] <boatdink> yes
[00:33] <twb> Ah, OK.
[00:33] <twb> The tool for that is "samba"
[00:34] <boatdink> yeah im familiar with samba
[00:34] <twb> If you need to be an AD, you need samba4, which is not production ready.  If you just need to be a PDC or BDC, samba3 will work.
[00:35] <boatdink> i know pdc and bdc but what is AD?
[00:37] <twb> Active Directory
[00:39] <boatdink> can you decrypt my samba.conf file because i have no idea what most of it means. I managed to use two routers on my network by messing with the dns and ip's but this is too confusing
[00:43] <twb> I'm a bit busy
[00:45] <boatdink> should i be trying this with an earlier version than 10.04?
[00:45] <twb> I don't see why
[00:48] <boatdink> what does the hosts file do?
[00:49] <twb> boatdink: you mean /etc/hosts?  It contains the host database; a mapping of IP addresses to hostnames (and back).
[00:49] <twb> It has largely been supplemented by DNS.
[00:49] <twb> *supplanted
[00:51] <boatdink> Should I have to configure the Bind9.conf file at all?
[00:54] <twb> These questions seem a bit schizoid
[00:54] <twb> Work out what your goal is, and then only make the changes necessary to achieve it.
[00:55] <twb> If you don't NEED a DNS server, don't run one.
[00:55] <boatdink> When should I use a dns server. a WAN perhaps?
[00:56] <boatdink> Im just trying to figure everything out and how everything works and connects to eachother before I give it another shot
[01:02] <twb> Fair enough, I guess
[01:03] <twb> When asking questions it helps to declare if your after pedagogy or pragmatism :-)
[01:06] <smoser> SpamapS, here now
=== jjohansen is now known as jj-afk
[04:06] <K350> Can one install ubuntu-server on an regular ubuntu without first unistalling ubuntu?
[04:07] <twb> K350: that question doesn't really make sense.
[04:07] <K350> And can one install ubuntu-server from the terminal. What package do I need ot install then?
[04:07] <twb> K350: "ubuntu desktop" and "ubuntu server" are mostly just different default package lists
[04:07] <K350> Ok, what package do I've to install on my ubuntu to have ubuntu-server?
[04:08] <K350> twb: Ah, so I can just install ubuntu-server..great
[04:08] <twb> IIRC the ubuntu-server install CD will install ubuntu-standard metapackage, not include localization packages (language-base-NN), and prompt for various server tasks.
[04:08] <twb> Please note that we discourage running servers with GUIs.
[04:10] <K350> twb: Ah, this is my situation. I've Hardy installed in text-mode only, on a machine that has no screen or keyboard connected to it. I controll it over SSH. Now I wanted ot upgrade it to the latest version of ubuntu -server. So I was wondering what I'd to install
[04:12] <twb> OK.
[04:12] <twb> K350: basically you install whatever services you want to use, e.g. if you want DNS you install bind
[04:13] <twb> K350: it would be slightly better to do the initial instal using the ubuntu-server CD, but probably not worth reinstalling.
[04:13] <K350> twb: Ah, ok I got it:-)
[04:13] <twb> I strongly recommend you read the Ubuntu Server Guide, which outlines some best practices
[04:14] <K350> twb: well, I'll go for a list of packages and see what candy there's:-)
[04:15] <K350> twb: I would actually want ot install somehting completely new. But I'm to lazy to connect screen, kehboard and everything. And It's obviously a pain to do such things rmotely
[04:15] <JanC> heh
[04:16]  * JanC has never had any problems to install/upgrade remotely  ;)
[04:20] <K350> jetole: Well, now I meant another OS. Not package.
[04:20] <K350> JanC: that one was for you
[04:20] <K350> JanC: <tab>'ed wrong.
[04:20] <twb> JanC: without an OOB console, it can be a pain
[04:21] <twb> You have to automate at least up to the sshd udeb
[04:21] <K350> JanC: What's a ODB console, never heard of?
[04:22] <K350> JanC: Have you ever installed an OS remotely?
[04:23] <JanC> I've used 2 ways that are actually similar: a PXE rescue console and debootstrap from inside an existing OS install  ;)
[04:41] <twb> K350: OOB = out of band, e.g. ILOM
[04:41] <twb> Or KVM over IP
[04:41] <twb> JanC: bypassing d-i doesn't count :-/
[05:39] <jetole> Evening guys. Does anyone know how I can view the libexec dir from an ubuntu source package?
[05:50] <twb> Source packages don't have destination directories.
[05:50] <twb> If you download a BINARY package (foo.deb), you can extract its contents with dpkg -x.
[05:52] <jetole> twb: yeah but to be honest I'm not sure exactly what I am looking for to tell me it's the directory chosen by the libexec option.
[05:52] <twb> I don't know what that means.
[05:52] <jetole> and wasn't sure if it did come with directories or not. It's piles upon piles of variables and trying to find what $libexec means from all the makefiles gets confusing
[05:53] <jetole> twb: I am trying to find the libexec directory for libvirt0 or libvirt-bin. I have downloaded the source and the compiled dpkg which I extracted and I looked right at the directory I'm pretty sure but I didn't know that it was that directory
[05:54] <jetole> I mean I saw every file that comes from the compile .deb but which one is libexec?
[05:54] <twb> Uh, libexec is a directory
[05:54] <jetole> which directory?
[05:54]  * jetole is getting the file again to have another look
[05:55] <twb> It's set at ./configure type; the default is something like <prefix>/libexec/<package name>
[05:55] <jetole> twb: right, I mean which one is the one that the compiled deb used
[05:55] <twb> --libexecdir=DIR        program executables [EPREFIX/libexec]
[05:55] <jetole> yes
[05:55] <jetole> thats right
[05:55] <twb> EPREFIX for a Debian package is usually /usr
[05:55] <twb> For a hand-compiled package it is usually /usr/local
[05:56] <jetole> there is no /usr/libexec folder
[05:56] <jetole> I thought that too
[05:56] <jetole> so I'm still pretty lost here
[05:56] <twb> Why do you need to know this?
[05:56] <jetole> a lot of progs will use something like /usr/lib/program_name/libexec but not libvirtbin
[05:56] <jetole> twb: I doubt you want to know the answer
[05:57] <jetole> I'm trying to do something I know you will tell me not to do
[05:57] <twb> No package with "libvirt" in its name provides an inode path that contains "libexec".
[05:57] <twb> No package with "virt" in its name provides an inode path that contains "libexec".
[05:57] <jetole> ok
[05:58] <jetole> but the program was compiled, didn't they have to give it a directory to use?
[05:59] <twb> Just because ./configure supports a libexecdir doesn't mean the project uses it
[05:59] <jetole> I'm bashing my head in trying to find what this seamingly simple string should be
[05:59] <jetole> oh
[06:00] <jetole> oh
[06:01]  * twb resists the urge to break out the cluebat
[06:01] <jetole> btw, on topic, do you know how I can download a deb from the term? Is there an apt-<name> command to save me from going to the packages.ubuntu.com site
[06:01] <twb> jetole: aptitude download foo
[06:01] <jetole> twb: I get it. I've been wasting my time looking for something that wasn't there
[06:02] <jetole> ah I should start getting in the habbit of using aptitude
[06:02] <twb> apt-get -d works, but you must be root and it'll put it in /var/cache/apt/archives, not $PWD
[06:03] <jetole> I didn't know that but I guess I never did an ls -l on the archive. I just assumed that was left overs from when the package was installed
[06:03] <jetole> also didn't know aptitude had non root features
[06:04] <jetole> assumptions suck but I made the mistake of assuming anything apt/dpkg/aptitude almost always needed root
[06:09] <jetole> neat. Never realized libvirt came with augeas lenses
[06:10] <twb> augeas?
[06:10] <twb> Oh, it's a configuration management system, like puppet
[06:10] <jetole> it's a config tool that helps with say mass deployments and what not
[06:10] <jetole> uh no
[06:11] <jetole> it's a tool you commanly use with puppet
[06:11] <jetole> allows you access a config file like a tree and make changes to aspects without having to whip your sed-fu and awk like skills
[06:11] <jetole> it's pretty cool
[06:11] <jetole> I use puppet a lot a work too
[06:12] <twb> So it's a gconftool-2 UI for /etc
[06:12] <jetole> uh
[06:12] <jetole> ... yeah
[06:12] <jetole> hehe. pretty much yeah
[06:12] <twb> Or like UCI in OpenWRT
[06:12] <jetole> augeas also plugs into puppet
[06:12] <jetole> don't know. never got a openwrt box
[06:13] <jetole> but what I meant about puppet is you can access augeas rules from puppet configs so you can write a puppet script that uses augeas to make changes.
[06:13] <twb> In OpenWRT they store most stuff in /etc/config in a YAML-like format, which is queried/set by "uci" both from the CLI and from the web UI.  The init scripts then turn it into either flat files in /etc or (more commonly) just pass the appropriate arguments to daemons directly.
[06:14] <twb> It sounds useful, but not useful enough that I'd actually go to the trouble of rolling it out on my own -- let Ubuntu do that heavy lifting for me for 12.04
[06:14] <twb> My sed-fu is strong :-)
[06:15] <jetole> that sounds neat but that last part of passing it to the daemon directly sounds kind of like an unreliable method
[06:15] <jetole> sounds kind of like a hack
[06:15] <jetole> yay. 18 more months to the next LTS
[06:15] <twb> jetole: it exploits the knowledge that their daemons happen to accept arguments equally from either source, e.g. dnsmasq
[06:16] <jetole> oh I think I misunderstood what you meant the first time then
[06:16] <twb> e.g. instead of dnsmasq -f /etc/dnsmasq.conf they call dnsmasq $options
[06:16] <jetole> Like I said, I don't really have any openWRT
[06:16] <jetole> I see
[06:17] <jetole> kinda like a wrapper?
[06:17] <twb> Well, in the sense that any /etc/init.d/foo script is a wrapper around foo
[06:17] <jetole> and /etc/defaults
[06:17] <jetole> hehe. I see your point
[06:17] <jetole> http://augeas.net/tour.html
[06:17] <jetole> http://docs.puppetlabs.com/guides/types/augeas.html
[06:19] <jetole> Alright. I'm gonna get back to work. Thanks for the insight @ libexec
[06:21] <jetole> I'm gonna set my prefix as /opt and compile libvirt with every option I can find a proper dir for and see what else if anything gets sent to /opt
[06:48] <twb> So I want a list of all the system accounts that Ubuntu typically creates
[06:48] <twb> A quick and dirty way to do this is:
[06:48] <twb> root@mimic:/var/tmp/delete-me# find /srv/mirror/ubuntu/pool/{main,universe} -name \*.deb -exec sh -c 'dpkg-deb -e "$0" "$(basename "$0" .deb)"' {} \;
[06:49] <twb> root@mimic:/var/tmp/delete-me# grep -r adduser.*--system .
[06:50] <twb> Plan B is just to pick a few packages I probably ACTUALLY care about, and install them into a scratch box, then getent passwd {100..999}||:
=== oubiwann-holiday is now known as oubiwann
[07:00] <shauno> strikes me as something that should probably be documented somewhere
=== oubiwann is now known as oubiwann-holiday
[07:43] <soren> twb: What do you need the list for?
[07:43] <twb> I had a clever idea of keeping the system UIDs and GIDs in sync between my LXC containers and the dom0
[07:44] <twb> That way when I did ls -l /srv/lxc/foo/etc/ssl on the host OS, it would show files being owned by ssl-cert, not some random other group
[07:45] <twb> Unfortunately, I now see this is basically impossible because many postinsts will use a simple "getent passwd foo" check to avoid OTHER non-idempotent commands, such as adding that account to additional secondary groups, or creating its $HOME.
[07:46] <ttx> zul: lots of noise around bug 458637, do you plan to have a look ?
[07:46] <twb> So what I'll do instead is just ensure that the system accounts in the LXC container template and in the dom0 match, which will cover basics like syslog, postfix, ssl-cert, ssh.  Post-template system accounts like postgres, mysql, logcheck will just have to deal.
[07:46] <uvirtbot> Launchpad bug 458637 in samba "Windows Live Sign-In assistant prevents samba from accessing Windows 7 shares" [Unknown,Fix released] https://launchpad.net/bugs/458637
[07:52] <jasonmchristos> What is the best how-to for setting up an openvpn server on ubuntu?
[07:54] <twb> https://help.ubuntu.com/10.04/serverguide/C/openvpn.html ?
[07:55] <twb> peer-to-peer openvpn is trivial because you can use symmetric cryptography, but openvpn disallow this for political reasons for hub/spoke setups.
[07:56] <twb> Personally I'll be looking at ipsec instead of openvpn in future, because that's what IPv6 blesses for ICMPv6
[07:57] <jasonmchristos> twb: thanks for the info i know what to think about in the future but for now i will go ahead with openvpn
[08:05] <jasonmchristos> can anyone tell me which ports to open on ufw to allow apt-get
[08:05] <jasonmchristos> i locked everything down but ssh
[08:06] <qman__> by default it allows outgoing connections
[08:06] <qman__> apt uses standard http
[08:21] <jasonmchristos> qman__: i have allowed 80 and 443 out but still cant use apt-get
[08:22] <twb> outbound, or inbound?
[08:22] <twb> pastebin the output of "apt-cache policy" and "iptables-save -c"
[08:32] <jasonmchristos> twb: its dns not resolving i guess i needed to enable port 53 in from my router but still isn't resolving
[08:33] <twb> DNS requires both 53/udp and 53/tcp.
[08:33] <twb> Unless you mistrust your local users, it seems pretty stupid to block OUTPUT
[08:34] <jasonmchristos> its going to be for openvpn server only
[08:47] <jasonmchristos> ok got it to work by allowing 53 out and in
[08:53] <twb> IIRC ufw implicitly allow return responses
[08:54] <shauno> 53 is dns.  that shouldn't be required in either direction unless you are your own NS
[08:55] <boneshaker> Hello All! May i ask for help? I have a little problem on my Ubuntu server
[08:55] <twb> shauno: he needs to resolve archive.ubuntu.com so he can apt-get
[08:55] <shauno> ufw doesn't drop outbound dns tho
[08:56] <twb> shauno: I think he's being a bit silly and trying to :OUTPUT DROP -
=== jj-afk is now known as jjohansen
[09:13] <raubvogel> If you do an upgrade to a package that some services being run depend on, will the upgrade also restart those services?
[09:14] <jasonmchristos> good question
[09:15] <jasonmchristos> i imagine it should
[09:15] <qman__> yes
[09:16] <qman__> and yeah, an output drop policy is overkill unless you are directly connected to the internet
[09:16] <qman__> or an otherwise untrusted network
[09:17] <twb> qman__: even if you're directly on the internet, I wouldn't bother unless the host in question was likely to be compromised
[09:17] <twb> I *might* do it for a LAMP server with a public IP
[09:17] <shauno> output log once in a while could be instructive.  output drop is overkill in every situation I could think of
=== doko__ is now known as doko
[10:40] <boneshaker> I have problem on my Ubuntu server, maybe somebody can help me with it?
[10:40] <boneshaker> when i try to send keysequence via xvkbd to client running on Xvfb - it kills Xvfb with fatal io error 11
[10:41] <boneshaker> with other X servers (not Xvfb) it works fine
[10:41] <boneshaker> it works with Xvfb only if i run x11vnc and connet/disconnect to it before sending keysequence
[10:41] <boneshaker> any ideas? ty in advance
[10:43] <qman__> I run output accept on my router
[10:43] <qman__> just keep the attack surface minimal
[10:49] <soren> boneshaker: Your question has nothing to do with Ubuntu server. Try #ubuntu or #ubuntu-x.
[10:50] <boneshaker> thx - i will try
[11:46] <leonardopires> Hi friends! Where i can get a documentation about Ubuntu's Virtualization
=== a1 is now known as al
[12:06] <[diablo]> afternoon #
[12:06] <[diablo]> guys I have replaced a NIC with a new one...
[12:06] <[diablo]> where can I can configure the new MAC -> ethX
[12:06] <[diablo]> previous was eth1
[12:07] <[diablo]> udev[454]: renamed network interface eth1 to eth1-eth2
[12:07] <[diablo]> found that
[12:09] <patdk-lap> hehe
[12:15] <Jeeves_> [diablo]: /etc/udev/rules.d/70-persistant-net
[12:16] <patdk-lap> oh heh, I thought he said he found it, but guess he meant he found that rename message
[12:16] <[diablo]> hi Jeeves_ ... sorted
[12:16] <[diablo]> cheers anyway
=== jjohansen is now known as jj-afk
[13:11] <zul> morning
[13:11] <Daviey> afternoon zul
[13:22] <zul> kirkland SpamapS Daviey: i added get-orig-source so it fetches a git snapshot based on the date for cobbler
[13:31] <Daviey> zul: when did you push that?
[13:31] <zul> Daviey: soon :)
[13:31] <Daviey> zul: I was gonna say!  I just branched, and it wasn't there
[13:32] <zul> Daviey: heh i have a whole bunch of changes in my branch ill be pushing by the end of the day
[13:32] <Daviey> zul: push incrementally!
[13:33] <Daviey> zul: code drops aren't cool :)
[13:33] <zul> Daviey: yeah ill push after this change then
[13:33] <Daviey> awesome
[13:34] <Daviey> zul: Did you get the service started ok?
[13:34] <zul> Daviey: no i have to use the web interface for now im not sure what is happening when i do cobbler check
[13:35] <Daviey> zul: I had a hacky fix for that.... :/
[13:35] <zul> patch?
[13:35] <Daviey> lemme try and re-generate it now.
[13:36] <uvirtbot> New bug: #690638 in net-snmp (main) "snmp tools fail to translate OIDs" [Undecided,New] https://launchpad.net/bugs/690638
[13:41] <soren> I'm curious... Why is cobbler suddenly a priority? It's been on our list of stuff to get done for almost three years, never managed to get resources allocated to do it. What changed?
[13:43] <TREllis> Daviey zul: I played around with one of your cobbler branches the other day, actually... I think it was kirklands', the deb package was missing a few python deps
[13:44] <Daviey> TREllis: interesting... branches welcome :)
[13:44] <zul> TREllis: ack...i have a couple of bug fixes
[13:44] <TREllis> python-{simplejson,urlgrabber} if I remember irght
[13:45] <Daviey> TREllis: Do you want to help develop?
[13:45] <Daviey> TREllis: lp:~ubuntu-virt/cobbler/ubuntu is our tip, if you want to base branches from that
[13:46] <TREllis> Daviey: cool, I'll take a look, not much of a python hacker but I'll happily test it
[13:46] <Daviey> TREllis: we'll help :)
[13:50] <Daviey> zul: Have you managed to install cheetah on Natty?
[13:50] <zul> Daviey: yeah i havent had any problems recently
[13:51] <Daviey> zul: Interesting... i'm getting python2.7 issues
[13:51] <zul> but im always trailing edge when im using a devel version
[13:51] <zul> ie when i slack off i upgrade ;)
[13:54] <Daviey> zul: lol... same here :)
[14:05] <soren> zul: Why is it you add an empty changelog entry to the nova package after every upload?
[14:05] <zul> in the bzr branch?
[14:05] <soren> Yeah.
[14:06] <toast018> Good morning everyone!
[14:06] <zul> soren: good question
[14:06] <toast018> Can someone tell me in what directory should I place the .htaccess file on my server?
[14:07] <soren> toast018: The for which you wish it to take effect.
[14:07] <soren> err...
[14:07] <soren> toast018: The one for which you wish it to take effect.
[14:07] <zul> soren: i wont in the future
[14:07] <soren> zul: Cool :)
[14:07] <toast018> I placed it in the /var/www/ folder but it didnt work... then in the /var/www/squirrelmail dir and still nothing... :( even ran chmod 0755
[14:08] <toast018> i ment directory not folder... .sorry still getting away from windows... lol
[14:08] <soren> You need to adjust AllowOverride to allow htaccess to take effect.
[14:09] <soren> It's in /etc/apache2 somewhere.
[14:10] <toast018> would i set it to none ?
[14:11] <zul> Daviey: just doing some bug fixes before i push
[14:12] <toast018> woohoo tutorial found... I just needed the allowoverride to set me in the right direction.... Thanks soren
[14:13] <soren> sure
[14:16] <Krashk> Hi. I just got a mail from my ISP that my server has tried to establish contact with known botnet controllers. Any idea how I can check it I am part of a botnet or not?
[14:34] <uba> Hi, I'm using SSMTP to send emails from my PHP scripts but even with the "FormLineOverride=YES" the from address on the emails being sent is "www-data@mydomain.com" which is the local user name for the Apache process. I have extensively searched on the web but I have not been able to find a solution to this problem. I would really appreciate any help on this.
[14:35] <patdk-wk> you have a sample email?
[14:35] <toast018> I have adjusted the properties of AllowOverride and also added the list of IPs from overseas. but how to i see if it works?
[14:36] <toast018> how can I ping my site from say Russia? or China?
[14:36] <patdk-wk> if you locate a russian/chinese web proxy service :)
[14:36] <patdk-wk> there are some out there
[14:37] <uba> patdk-wk: Yes i received them in my spam box.
[14:50] <zul> kirkland SpamapS Daviey: alot of packaging changes this morning ;)
[14:53] <toast018> can someone see if my site mail.jmchd.com is reachable from russia or china... I tried the proxies but I dont think I did it right... :(
[15:15] <doko> Daviey: does my suggested fix work for eucalyptus?
[15:16] <Daviey> doko: Not tried it yet... but will do soonish
[15:16] <Daviey> doko: thanks for looking
[15:18] <Daviey> zul: How far off are you having a cobbler-web package?
[15:18] <zul> Daviey: havent started it yet...working on koan
[15:18] <Daviey> zul: ok, np
[15:19] <robbiew> redhat and eucalyptus huh...sounds like a match made in heaven
[15:19] <robbiew> :)
[15:20] <robbiew> Daviey: zul: (and whoever else might know):  who owns http://ubuntuserver.wordpress.com/
[15:21] <robbiew> ?
[15:21] <Daviey> robbiew: we do :)
[15:21] <Daviey> robbiew: that is our "offical blog"
[15:21] <robbiew> needs updated branding then ;)
[15:21] <Daviey> (Many of us would, you know, prefer a blog hosted via ubuntu server :)
[15:23]  * robbiew adds the wiki to his list of cleanups....whoohoo!
[15:23] <Daviey> living the dream... :)
[15:28] <hggdh> Daviey: I would even say *all* of us ;-)
[15:31] <hggdh> Daviey: BTW -- kees' build works on AMD64
[15:31] <hggdh> just finished the test
[15:31] <hggdh> now... for i386
[15:32] <Daviey> hggdh: passed the test run?
[15:33] <hggdh> Daviey: sir, yes sir
[15:33] <Daviey> hggdh: you rock.
[15:34] <hggdh> now... download the i386 mav iso locally, upload the beast to the rig, install
[15:34] <hggdh> why, oh why can't we get direct access to the ISO servers?
[15:36] <Daviey> hggdh: I'm sure you can if you put in an RT
[15:37] <Daviey> i added an RT for ppa archive access, and they granted that :)_
[15:37] <hggdh> Daviey: nowadays we use akamai for trhe official ISO downloads
[15:38] <hggdh> I am not sure how IS would react if we ask for it
[15:39] <Daviey> hggdh: There are still plenty of non-akamai mirrors, tho?
[15:39] <hggdh> IDK
[15:39] <hggdh> probably it will be easier to just add them ISOs to tamarind, and leave them there
[15:40] <hggdh> only 15 minutes more to end uploading ;-)
[15:40] <Daviey> hggdh: gb.releases.ubuntu.com looks good to me :)
[15:41] <hggdh> Daviey: hum. Being local, it is probably not a bad one...
[15:41] <Daviey> :)
[15:41] <hggdh> yeah, I will open a RT on iy
[15:41] <Daviey> groovy
[15:41] <Daviey> eek, hide - it's skaet
[15:42]  * hggdh is just gone
[15:42] <skaet> lol,  no release happening for a while....   you're safe ;)
[15:42] <jpds> Daviey: Good.
[15:44] <Daviey> skaet: :)
[15:45] <Lars_G> Hey all.
[15:45]  * hggdh is back
[15:46] <Lars_G> Question, is there an offitial package that comes with all the schemas that are not included with slapd? like openssh.schema? and preferably if they're on the .ldif format used by the newer system already....
[15:48] <Delemas> I have various Ubuntu 10.04 VMs built with vmbuilder. They respond to a virsh shutdown domainname issued on the host. Self build VMs ignore all similar commands, despite having similar packages. Can anyone tell me what listens for virsh shutdown commands in Ubuntu guests?
[15:50] <hggdh> JamesPage: I am considering adding 'DEBCONF_DEBUG=developer' to the PXE boot on ubuntu-server-testing, do you mind?
[15:50] <hggdh> JamesPage: I am having some issues on d-i, and I think having it there will not hurt if we find others later
[15:51] <Delemas> Lars_G, I doubt it. I had to search for them. For example samba had some bits in the samba-doc package...
[15:52] <Lars_G> meh
[15:52] <Lars_G> it's as evil as finding MIBs then
[15:52] <Lars_G> thanks Delemas
[15:53] <hggdh> well, at least the MIBS are in snmp-mibs-downloader
[16:02] <zul> Daviey: you said you had a hack for cobbler check?
[16:02] <Daviey> zul: i had one that was in place, yeah
[16:03] <zul> Daviey: can i see it?
[16:03] <Daviey> zul: hmm... it's gonna be easy for you/me to regenerate tbh
[16:03] <Daviey> it was a patch i wouldn't commit iirc
[16:03] <zul> :(
[16:04] <raubvogel> If you are doing virtual mail domains in postfix in ubuntu, is there a specific path for where the mailbox directory goes?  I have been using /var/spool/vmail but in https://help.ubuntu.com/community/PostfixVirtualMailBoxClamSmtpHowto they use /home/vmail. Which one is the expected path for ubuntu?
[16:07] <Delemas> Apparently shutdown only works properly if acpid is installed.
[16:26] <toast018> O Nooooos Cannot initiate the connection to archive.ubuntu.com:80 (91.189.88.31). - connect (99 Cannot assign requested address) [IP: 91.189.88.31 80]
=== jj-afk is now known as jjohansen
[16:36] <a_ok2> are the settings in /etc/iscsi/iscsid.conf actually used when doing an iSCSI boot?
[17:04] <coxn> lvm question. I've got an LV that claims "2" in the Open column, but it's not in /proc/mounts, I've already deleted the virtual machine that was using it as its disk, no kvm sessions are hanging, fuser doesn't show anything.... I'm running out of ideas as to how this could be open.
[17:04] <coxn> # dmsetup info -c raid10-bootvm
[17:04] <coxn> Name             Maj Min Stat Open Targ Event  UUID
[17:04] <coxn> raid10-bootvm    251   3 L--w    2    1      0 LVM-9x3W5fj2SMJZwScutUEv7EWL3JaRfnWCwolLpVI2S8e9JAXoY9yqoszOekKSGYNH
[17:05] <coxn> I dispute this                  ^
[17:06] <coxn> I'd like to remove this LV, and I'm stuck. Several people have suggested a reboot or a vgchange -an for the whole volume group, but neither of those is palatable since there are other (running) VMs on the box.
[17:12] <coxn> example: # lvchange -an raid10/bootvm
[17:12] <coxn>   LV raid10/bootvm in use: not deactivating
[17:12] <coxn> I'd like to know what tools (eg. fuser, lsof) I should be using (and how) so that I can kill whatever it is that's hanging onto that LV
[17:13] <coxn> or at least know how it's getting hung if not fix it.
[17:35] <hggdh> please pardon my ignorance, but why is ntfs-3g included in the basic server install?
[17:37] <zul> if you want to mount ntfs partitions on your server maybe? :)
[17:37] <patdk-wk> no idea, I remove it :)
[17:43] <leonardopires> hi friends
[17:44] <leonardopires> i have 2 ubuntu + kvm running guest os
[17:44] <leonardopires> whats the tool for cluster this 2 physical ubuntu machines?
[17:44] <leonardopires> im was looking for ganetti...
[17:45] <leonardopires> but ganetti dont have full support from ubuntu...
[17:59] <hggdh> zul: how many servers have you seen that mount a NTFS partition?
[18:00] <zul> hggdh: none but i think that was pre ubuntu-server team
[18:00] <ScottK> hggdh: It's not harmful just sitting there.
[18:01] <hggdh> ScottK: I do not disagree, but are we not looking to more space in the ISO?
[18:01] <ScottK> hggdh: Also it's in the Standard seed, so to remove it from Server, it would have to be removed from that seed and then explicitly seeded in the desktop flavours that want it.
[18:01] <ScottK> It's not very big: Size: 91354
[18:07] <zul> kirkland SpamapS: http://people.canonical.com/~chucks/2010-12-15_124012_import.log
[18:08] <kirkland> zul: ooooh, getting close :-)
[18:10] <ivoks> what can one do when mysql takes ages to finish the query?
[18:10] <ivoks> is it possible to automatically kill that query after some_time
[18:15] <hggdh> ScottK: thank you
[18:28] <smoser> jdstrand, do you have a security test suite for kernel ?
[18:28] <smoser> looking primarily to test for lack of major regression.
[18:28] <smoser> (i'm asking the security team in general, mdeslaur kees )
[18:29] <hggdh> smoser: qa-regression-testing
[18:29] <kees> smoser: are you familiar with the qa-regression-testing bzr tree?
[18:29] <kees> smoser: hggdh can show you were we put our tests. :)
[18:29]  * kees goes afk again
[18:29] <smoser> thanks kees
[18:29] <smoser> hggdh, thanks.
[18:29] <smoser> so, hggdh have you by chance run the current -proposed for maverick ?
[18:30] <smoser> kernel
[18:30] <hggdh> smoser: b co lp:qa-regression-testing, then look at ./scripts/test-kernel*.py
[18:30] <hggdh> smoser: I have not, but pedro_ was doing it
[18:30] <hggdh> s/b co/bzr co/
[19:07] <RoyK> hi all. how can I report the physical ethernet speed?
[19:07] <RoyK> the nic is gigE, so is the switch, I just want to see what is being used...
[19:07] <jmedina> you can use ethtool ethX
[19:09] <RoyK> jmedina: thanks
[19:11] <jmedina> RoyK: probably this is interesting to you: http://datatag.web.cern.ch/datatag/howto/tcp.html
[19:15] <RoyK> jmedina: seems that article is rather old - most new stuff is tuned to support gigE quite well out of the box
[19:15] <RoyK> also, pci-x isn't very hot anymore either
[19:15] <jmedina> RoyK: ok :)
[19:16]  * RoyK has two 100TB boxes hooked up with 10gigE
[19:16] <RoyK> btw. 10gigE on PCI-X would't be much fun
[19:17] <patdk-wk> pci-x (66mhz) supports 8gbit (one way) :)
[19:17] <patdk-wk> so really, pci-x 133mhz by itself could do 10gbit nic, but it would be maxed out
[19:19] <RoyK> 133MHz 64bit is _theoritaclly_ 8,5Gbps, but for old PCI, add a spoonful of two of overhead
[19:19] <patdk-wk> well, I can push 980mbit over pci, 32bit 33mhz
[19:20] <patdk-wk> that is damn well close to the pci limit
[19:21] <RoyK> most pci is pci 2.3, though, which is 66MHz
[19:21] <RoyK> but then, why bother :P
[19:21] <patdk-wk> oh, my pci isn't even pci 2.0 :)
[19:21] <patdk-wk> that I did that test on
[19:21] <RoyK> patdk-wk: 1996 hardware?
[19:21] <RoyK> :)
[19:22] <patdk-wk> yep
[19:22] <i0nic> hi does this cron look right for every 5 minuts ? */5 * * *  echo 'Hello'?
[19:22] <patdk-wk> it was available, and I was bored
[19:22] <RoyK> i0nic: yes
[19:22] <i0nic> im new to cron, just trying to understand it
[19:22] <Pici> i0nic: Yes.  But where are you echoing to?
[19:22] <i0nic> RoyK: thanks
[19:22] <patdk-wk> but that was using jumbo packets :)
[19:22] <RoyK> Pici: that one'll echo to stdout, which will send an email to the owner
[19:22] <i0nic> Pici: would that not echo to my terminal if I am logged into the user that the cronjob is under?
[19:23] <Pici> RoyK: exactly.
[19:23] <Pici> i0nic: No, what RoyK just said will happen.
[19:23] <i0nic> ahh
[19:23] <i0nic> how would I echo to the terminal?
[19:23] <Pici> Usually?  You wouldn't.
[19:24] <i0nic> is there a cron log so I can confirm the cron is running as scheduled?
[19:24] <RoyK> i0nic: why would it know which terminal to echo that to?
[19:24] <patdk-wk> write or writevt :)
[19:24] <RoyK> i0nic: you could always do something like echo wtf > /dev/console
[19:24] <i0nic> ahh nice
[19:25] <Pici> i0nic: It should drop an entry into /var/log/auth.log
[19:25] <patdk-wk> my brother loves write, I ban him from it
[19:25] <i0nic> looks like cron runs as UID 0?
[19:26] <i0nic> is there anyway to make it run as the user its been scheduled under?
[19:27] <QAH> Hi everyone!
[19:28] <QAH> I have a question about Ubuntu Elastic cloud. Does it do virtualization like VMWare Server or something? What would be advantages to using it for a home server?
[19:30] <i0nic> the only reason I can think of for having a virtualized home server is if you have the power.
[19:30] <i0nic> and you wanted the multiple machines
[19:33] <QAH> So UEC can virtualize?
[19:33] <QAH> Because I always see that install option when installing Ubuntu Server, but I never realized what it really was.
[19:34] <baggar11> what program do you use to manage the virtualization cloud when using that install option?
[19:35] <SpamapS> QAH: it provides an EC2 API compatible "cloud" implementation
[19:36] <SpamapS> baggar11: euca2tools or ec2tools
[19:36] <QAH> SpamapS: Ok. So basically it allows you to create a cloud of virtual machines correct?
[19:36] <SpamapS> baggar11: or any other EC2 management utility
[19:36] <SpamapS> It also has its own web interface.
[19:36] <SpamapS> QAH: right
[19:36] <QAH> Because EC2 is MAD expensive.
[19:36] <QAH> Cool
[19:36] <SpamapS> uh
[19:36] <SpamapS> EC2 is $17/month for a t1.micro
[19:36] <SpamapS> actually
[19:36] <QAH> That includes storage and everything?
[19:36] <SpamapS> EC2 is *free* for *one* t1.micro
[19:37] <QAH> That doesn't include bandwidth.
[19:37] <SpamapS> which is reasonably priced given what you're getting
[19:37] <SpamapS> which is the equivilent of a high end colo connection to the internet
[19:38] <QAH> I guess. It's just out of my price range right now.
[19:38] <QAH> I'm not really hosting much.
[19:38] <i0nic> S3 is the file storage
[19:38] <QAH> I actually removed VMWare Server from my server because virtualization was kinda overkill for me.
[19:38] <QAH> I just wanted to know if UEC virtualized.
[19:38] <i0nic> EC2 is typically used for off loading resources onto
[19:39] <i0nic> UEC does not create virtualized servers.
[19:39] <i0nic> Xen would be a program that does that.
[19:39] <QAH> i0nic: ???
[19:39] <QAH> Oh
[19:39] <QAH> That's what I was asking.
[19:41] <QAH> So basically, UEC just allows you to share the workload among different computers?
[19:41] <QAH> I'm kinda confused as to its true purpose.
[19:44] <panfist> i have a printer shared with cups. i have connected to it both at http://localhost:631/printers/Foo and http://my.ip:631/printers/Foo and it works fine, from the localhost
[19:44] <panfist> i have tried to connect to the printer from another machine at http://my.ip:631/printers/Foo and it won't print
[19:44] <panfist> here's the error log from the last two jobs i tried to send http://dpaste.com/287088/
[19:44] <i0nic> QAH -> http://cssoss.wordpress.com/2010/06/22/pdf-version-of-eucalyptus-beginners-guide-uec-edition/
[19:45] <QAH> Thanks
=== Fookin_Prawn is now known as Prawn_QuakeLive
[19:55] <baggar11> SpamapS: are those free tools, graphical or commandline?
[19:55] <QAH> Ok. That clears up stuff. :)
[19:55] <QAH> So overkill for me. :P
=== Prawn_QuakeLive is now known as Fookin_Prawn
[20:11] <uvirtbot> New bug: #690815 in openldap (main) "db_open(/var/lib/ldap/access/id2entry.bdb) failed: No such file or directory (2)" [Undecided,New] https://launchpad.net/bugs/690815
[20:13] <smoser> hggdh, do you know how i run these 2 kernel tests ?
[20:13] <smoser> just run them ? no args ?
[20:14] <hggdh> smoser: you should not need any parms
[20:14] <smoser> i'm wanting to run ./scripts/test-kernel-root-ops.py and ./scripts/test-kernel.py
[20:14] <smoser> just run them, do i need to | output into tee or anything ?
[20:15] <hggdh> --help would point to potential options
[20:15] <hggdh> you might need to run them as root, though
[20:16] <i0nic> hmmm..  "Received disconnect from IP: 2: Too many authntication failures for tablet"
[20:16] <i0nic> what program is blocking tablet?
[20:17] <i0nic> does ubuntu 10.04 lts have some sort of firewall installed by default?
[20:17] <i0nic> besdies iptables*
[20:24] <remix_tj> by default is installed iptables and his management tool ufw i0nic
[20:24] <remix_tj> but set as ACCEPT ALL as default
[20:33] <i0nic> who is the user voice?
[20:33] <i0nic> or group i mean
[20:33] <kirkland> SpamapS: so what's the output of + [clint-fewbar] Work with Cobbler development to upstream patches and coordinate release: DONE
[20:33] <i0nic> ah pulse
[20:41] <i0nic> im at a lost
[20:42] <SpamapS> kirkland: They know we're here, 2 patches upstreamed, and some feedback on how well that went (seems like they'd prefer that we send them git formatted patches)
[20:42] <SpamapS> kirkland: Hopefully also they'll provide some thoughts on 2.1 and when we can expect a 2.1.0
[20:43] <kirkland> SpamapS: neat;  capture that in a note in the whiteboard?
[20:54] <SpamapS> kirkland: done... this is cool.. its like.. it might actually work.. and be fun.. ;)
[20:54] <jasonmchristos> morn'n folks using this howto https://help.ubuntu.com/10.04/serverguide/C/openvpn.html i am at the point of CONFIGURATION it says to specify the local ip , is it going to be a problem if the openVPN server I am using is on DHCP?
[20:56] <SpamapS> jasonmchristos: only if your IP changes
[20:57] <jasonmchristos> this is a problem
[20:58] <RoyK> !pastebin
[20:58] <ubottu> For posting multi-line texts into the channel, please use http://paste.ubuntu.com | To post !screenshots use http://tinyurl.com/imagebin | !pastebinit to paste directly from command line | Make sure you give us the URL for your paste - see also the channel topic.
[21:01] <SpamapS> jasonmchristos: you may be able to specify it as a hostname and restart the service.. but IIRC, openvpn needs to know what its IP address is to act as a server.
[21:02] <gholms> smoser: ping
[21:03] <smoser> gholms, here
[21:03] <gholms> How would you feel about cloud-init stuff shelling out to PK instead of apt wherever possible so stuff is more portable?
[21:06] <smoser> PK ?
[21:06] <gholms> PackageKit
[21:06] <gholms> I'm thinking pkcon, its CLI.
[21:07] <smoser> i've never used it.
[21:07] <smoser> the 2 thoughts i would have are a.) its not in our images right now, so we'd have to get it there
[21:08] <smoser> b.) there are some options that i pass to apt to make it really not prompt me (as thats just not going to work)
[21:08] <smoser> and i'd hae to be able to do the same through pkcon
[21:08] <smoser> also, you're aware that amazon did some work on cloud-init to make it non-ubutnu specific, right?
[21:09] <gholms> IIRC, I was a little disappointed with how they did it, but yeah, I saw that.
[21:10] <gholms> I just figured I would ask if you would have any philosophical objections or anything before I start working on a PoC.
[21:17] <smoser> gholms, no i do not have any real objections
[21:18] <gholms> Okee dokee.  Thanks.
[21:18] <smoser> i've not looked extensively at the amazon changes, and i know that they weren't 100% happy with them either.
[21:21] <gholms> It's been a while since I looked at their changes, but IIRC they basically just directly called pieces.
[21:21] <gholms> I also have to figure out how to deal with disappearing disks since nobootwait isn't portable.  :-\
[21:27] <SirDerigo> hi people
[22:03] <uvirtbot> New bug: #606373 in cloud-init (main) "cloud-init output does not get to console when booted with pv-grub and ramdisk" [High,Fix released] https://launchpad.net/bugs/606373
[22:07] <geekbri> so if you damage your /etc/passwd file there is no way to copy over /etc/passwd- back to /etc/passwd without booting into single user mode is there?
[22:07] <jmedina> I have always restores passwd- on a running system without problems
[22:08] <hggdh> duh. There I am, running a test on UEC with 5 NCs. Test is taking an awfully long time... and I noticed I had not powered on the NCs :-(
[22:08] <jmedina> even in runlevel 2
[22:08] <geekbri> jmedina: hrm?
[22:08] <geekbri> jmedina: the problem is i can't SU because the passwd file is damaged so i dont have access to copy the file over
[22:10] <jmedina> what about ssh?
[22:10] <jmedina> well only if you have root access
[22:16] <Lars_G> Question, is there any advantage to a 64 Bit kernel other than accessing over 4Gb of ram? something that I think pae in i386 mode can do anyhow.....
=== jmedina is now known as eljmedina
[22:19] <The_Tick> Lars_G: google is your friend here
[22:19] <The_Tick> lots of information on the pros and cons
[22:20] <baggar11> I'm pretty sure 32bit linux can access over 4gb of ram
[22:23] <The_Tick> I'm pretty sure 64 bit can access a ton more than 32 bit
[22:23] <The_Tick> and that there are other benefits to 64 bit
[22:25] <baggar11> for sure
[22:38] <lenios> 32 bit can access a lot of memory with a pae kernel, it's a little slower though
[22:39] <lenios> 64 bit should be the choice if hardware is capable
[22:50] <patdk-lap> lenios, I have cpu's that can do 64bit, but not pae
[22:51] <lenios> if your cpu is 64 capable, go with 64 bit
[22:51] <lenios> it's default on server, anyway
[23:38] <gallamine> hello, i'm a first time AWS user and I'm trying to get a Ubuntu image installed
[23:40] <gallamine> when i run 'ec2-run-instances', as per the instructions on the Ubuntu website I get the error, "the AMI ID does not exist"
[23:41] <gallamine> while the AMI is shown here:
[23:41] <gallamine> http://uec-images.ubuntu.com/maverick/current/
[23:46] <gallamine> ah ha! i was using a AMI from the wrong region
=== oubiwann-holiday is now known as oubiwann
[23:57] <gallamine> when i attemp to ssh into my aws instance, it asks for my passphrase
[23:57] <gallamine> there is nothing in the instructions here (https://help.ubuntu.com/community/EC2StartersGuide) that mention this
[23:57] <gallamine> any ideas whati've done wrong?
[23:57] <gallamine> I'm on step #4
[23:59] <jasonmchristos> looks likr you have to have static ip for openVPN config?