[00:17] <twb> e_t_: why?
[00:18] <e_t_> I've got a multi-homed server. I'd like to set up Active Directory integration on one interface while leaving the configuration alone on the other interfaces.
[00:23] <twb> Hum, OK.
[00:24] <twb> Surely you can just have two upstart jobs, each calling smbd -C /etc/samba/smb-foo.conf?
[00:24] <twb> Not that I know much about samba specifically...
[00:26] <e_t_> I was looking at upstart-job, but I didn't see where I could introduce options. That's why I asked earlier about the pre-Upstart init script.
[00:57] <twb> e_t_: you add them to the exec line
[00:57] <twb> It's just passed to /bin/sh -c
[01:04] <fluvvell> I need to reallocate a bad sector of this 640G drive so I can clone the data off.  What ubuntu programs do the job
[01:05] <e_t_> twb: I'm looking at /lib/init/upstart-job, but I don't see any exec. To what are you referring?
[01:08] <twb> e_t_: uh?
[01:09] <twb> e_t_: you should be looking at /etc/init/samba.conf
[01:09] <twb> Oh, apparently as at lucid, samba is not using upstart.
[01:09] <e_t_> Oh. I was looking at /etc/init.d/smbd, which is a link to upstart-job.
[01:09] <twb> Nooo, it is.  /etc/init/{smbd,nmbd}.conf
[01:10] <twb> The file /etc/init.d/smbd is a backwards-compatibility thing so that "/etc/init.d/foo restart" does the same as "restart foo"
[01:10] <twb> And the scripts /etc/init.d/samba{,4} are there in case you want/need to do it the old way, I guess...
[01:11] <twb> So yeah: you need /etc/init/[sn]mbd.conf
[01:12] <e_t_> OK. I did not know about /etc/init. I never read anything that referenced that.
[01:13] <twb> e_t_: that's upstart
[01:15] <e_t_> twb: Will any script I put in /etc/init be run by upstart, or do I need update-rc.d?
[01:16] <twb> If you read the upstart manpages, they cover the format of /etc/init/foo.conf entries
[01:16] <twb> And no, update-rc.d only applies to sysvinit jobs
[01:17] <twb> Basically any job in /etc/init/foo.conf will be started/stopped in response to the events it's declared to care about, e.g. "stop on runlevel [06]"
[01:18] <e_t_> OK. This will be easier than I thought.
[01:23] <twb> HOORAY
[01:25] <arrrghhh> hey all.  i have access to  my server via ssh, but only on my windows box.  how can i add access if i've already disabled password auth?  seems there's no 'good' way to update the key, but i guess that's the price i pay for security?  haha
[01:26] <twb> arrrghhh: unless you use OTP instead of an asymmetric key.
[01:27] <arrrghhh> well i have access to the box from windows
[01:27] <arrrghhh> can i just add it to the known_hosts?
[01:29] <twb> OK, I no longer have any clue what you're talking about.
[01:29] <twb> known_hosts is a client-side MITM defense -- what does it have to do with anything?
[01:58] <fluvvell> twb, you don't need any gumboots sent over?
[01:59] <twb> I do not.
[02:00] <fluvvell> good to hear
[02:27] <arrrghhh> twb, sorry, got a little sidetracked there.  obviously i don't know much about ssh or more specifically how keys work with ssh.  i understand there's a public and a private key, and that i need to put my private key from the client onto the server so i can authenticate.  i'm just wondering how i can do that manually if you will.
[02:28] <twb> arrrghhh: ssh-copy-id?
[02:28] <twb> Or just add it to ~/.ssh/authorized_keys on the server
[02:28] <twb> And it's the *public* key you upload, *not* the private key
[02:29] <arrrghhh> ah, figures i'd get that backwards.
[02:29] <arrrghhh> that's what i'm looking for
[02:30] <twb> The private key must be kept secret -- if somone gets it, it is GAME OVER
[02:30] <arrrghhh> twb, understood.
[02:30] <twb> i.e. it is the weakest link of the asymmetric crypto mode
[02:30] <twb> *model
[02:30] <arrrghhh> yea
[02:31] <arrrghhh> twb, i don't seem to have an authorized_keys in my .ssh folder.
[02:31] <arrrghhh> on the server
[02:33] <twb> arrrghhh: you must create one
[02:33] <twb> arrrghhh: if you can ssh in with a password, the ssh-copy-id program does all this for you
[02:35] <arrrghhh> i have password logins disabled
[02:35] <arrrghhh> i thought that was part of the point of using keys
[02:35] <arrrghhh> i guess i need to get all clients configured before i disable password logins?
[02:36] <arrrghhh> hrm.  i thought it just appended to the authorized_keys file
[02:37] <twb> It *is* part of the pint
[02:37] <twb> *point
[02:37] <twb> Often they're still turned on during migration, though
[02:38] <arrrghhh> yea
[02:38] <arrrghhh> so what's the "best practices" method of adding clients after the fact?
[02:38] <arrrghhh> tacacs?  lol
[02:38] <twb> You *can* do it by hand, but newbies tend to forget to chown or chmod or whatever
[02:41] <arrrghhh> alright.  i guess i'll just re-enable password logins and get this client up
[02:41] <arrrghhh> i just know that i'll have more
[02:51] <jmarsden> arrrghhh: You can create a group called say hasnosshkey and then use a Match block in sshd_config so folks in that group can use password login.  Then remove people from that group once they have a public key pair in place and tested.
[02:52] <arrrghhh> jmarsden, i'm the only one that logs into it, but that is a good solution for multi-user setups.
[02:53] <jmarsden> I though you said "I just know I'll have more"?  I thought that meant "more users"?
[02:53] <twb> I think he means more hosts
[02:54] <arrrghhh> sorry.  different devices that i want to connect into the box.
[03:32] <CppIsWeird> im having some strange issues with a mdadm raid5. i have two raid 5's. every time i reboot my computer, mdadm seems to have some device called md_d1 that is associated with one of the drives from the first array. the second weird issue is that it has started to rebuild the second raid every time i boot up.
[03:34] <ignarps> CppIsWeird, you need to setup proper entries in mdadm.conf
[03:36] <CppIsWeird> just to clear up my understanding. i recently reinstalled from scratch ubuntu. one of the raids ive had for a while (prior to the new install), the other has been made since. when i installed ubuntu the old one poped right up and worked without any issues so i assumed no further configuration was required. is this an incorrect assumption?
[03:37] <ignarps> yes,  always have an up to date mdadm.conf whenever the raid changes
[03:38] <CppIsWeird> ok. further, for some strange reason my device associations keep changing (/dev/sda, /dev/sdb) etc. is this also reason for the trouble?
[03:39] <ignarps> I don't understand.  you can verify the settings in mdadm.conf with
[03:39] <ignarps> mdadm --examine --scan --config=mdadm.conf
[03:39] <CppIsWeird> ok, i will work with that, thank you.
[04:23] <s2s2d2> hello I have installed ubuntu server on ec2 via official ami image
[04:25] <s2s2d2> but I am not able login into ssh with importing my ssh  certificate
[04:25] <s2s2d2> is possible
[04:26] <s2s2d2> lo login without that darned ssh certificate ...with username and password only
[04:27] <s2s2d2> pl tell me asap
[04:28] <s2s2d2> anybody there
[04:28] <s2s2d2> yoooooooo hooooooooooooooooooooooooooooooooooo
[04:33] <s2s2d2> dead channel
[04:33] <s2s2d2> ??
[04:34] <e_t_> Oh no. This channel is quite lively. Please be patient. If someone knows the answer to your question, they will answer.
[04:56] <jmarsden> s2s2d2: Doesn't https://help.ubuntu.com/community/EC2StartersGuide have enough info to get you started?  Are you talking about an SSH login to ec2, or to your resulting Ubuntu server image once it is started?
[06:28] <Datz> !seen suihkulokki
[06:28] <Datz> darn
[07:50] <Flam> Hey, I've almost got rsnapshot but I'm a little confused with backing up my MySQL DB.  I've googled around and come up with this command: "backup_script   /usr/bin/ssh -i /home/rsnapshot/.ssh/id_rsa -p 12341 rsnapshot@host.com 'mysqldump -u root -pXXXXXXXXXXX --all-databases | gzip > ~/all.sql.gz'         relative/path/here" to be put in my /etc/rsnapshot.conf, but what is the point of
[07:50] <Flam> the "relative/path/here" part at the end?
[07:57] <e_t_> It looks to me like it would be the local directory to which backup_script transfers the all.sql.gz once it is created on the remote machine.
[08:02] <Flam> It isn't in /home/rsnapshot dir on the remote machine, and my mysqldump specifies gzip > ~/all.sql.gz'
[08:03] <Flam> and on the destination machine /home/rsnapshot/hourly.0/mysqldump    (mysqldump being what i put for relative/path/here) is empty
[08:03] <Flam> but it created that folder itself
[08:04] <Flam> I think it's just a required argument to be passed into a rsnapshot function perhaps?  Even if it isn't needed by the function
[08:06] <twb> Huh, look at that.
[08:06] <twb> sadms appears to be a turnkey packaging for being a client in an AD network
[08:16] <gobbe> yes
[08:49] <Zeu5> hi there, i have installed a ubuntu server on amazon web services ec2 successfully
[08:50] <Zeu5> i need to create another user called deploy
[08:50] <Zeu5> i did sudo useradd -d /home/deploy -m deploy
[08:50] <Zeu5> and i copied the .ssh folder over from the initial user to deploy home folder
[08:51] <Zeu5> however, when i logged in via ssh i do not see deploy@ip-123-123-12-12
[08:51] <Zeu5> please advise
[08:54] <e_t_> Zeu5: So you were able to log in, you just didn't see deploy@... ?
[09:30] <Thorn> hello
[09:31] <Thorn> I have a tested and working exim.conf which I need to move to an ubuntu server
[09:32] <Thorn> is it possible to use it with the ubuntu exim package or will I have to install exim from sources?
[09:37] <gobbe> if the versions are not too far away it should be
[09:37] <gobbe> usually configs are usable thru versions
[09:38] <Thorn> but there's no /etc/exim/exim.conf or similar in ubuntu, is it?
[09:39] <StrangeCharm> how can i make a symlink in . to each file in /some/dir ?
[09:40] <Thorn> StrangeCharm: ln -s /some/dir/* .
[09:40] <Thorn> there's some kind of autoconfiguration system instead which generates the actual config
[09:40] <StrangeCharm> thanks Thorn
[09:41] <Thorn> and I can't find a way to plug my exim.conf into it
[09:41] <gobbe> Thorn: well, configuration is somewhere
[09:41] <gobbe> Thorn: i don't use exim so cannot answer where the file is located
[09:41] <Thorn> it's in /var and is rewritten on every startup
[09:41] <gobbe> https://help.ubuntu.com/community/Exim4
[09:41] <gobbe> ok, so you need to do it otherway
[09:41] <gobbe> or compile your own exim
[09:42] <Thorn> I've read that already, and several forum threads too
[09:43] <Thorn> all they advise is to run dpkg-reconfigure exim4-config and answer some questions
[09:44] <Thorn> unfortunately my config is somewhat more complicated than that
[09:49] <Thorn> that's right, exim -bP configure_file says /var/lib/exim4/config.autogenerated
[09:52] <Thorn> looks like I'll have to hack /etc/init.d/exim to add -C /etc/exim4/exim.conf
[10:08] <lau> Thorn: may be look at /etc/default/exim4 first ?
[10:11] <Thorn> lau: I'm installing exim from source now
[10:32] <a7ndrew> This is a bit of a long shot, but would anyone know if there is a way to rate-limit the network bandwidth used by a process while keeping it running?
[10:42] <twister004> hi guys.. i have ipsec tunnels setup on my Ubuntu server 10.04
[10:43] <twister004> I am implementing destination NAT for the first time.. i.e. .. I am creating a new tunnel (other VPN endpoint is a sonicwall) where the destination subnet is NATed.. i activated the tunnel , key exchange takes place, but Im not able to communicate with the destination subnet.. any idea if IPsec is capable of NAT?
[10:45] <a7ndrew> I think it is but I haven't done that on linux, only cisco gear, sorry :(
[10:45] <a7ndrew> Is there a route in your gateweay that points to the destination subnet?
[10:46] <twister004> a7ndrew... what route?.. could you elaborate pl;ease?
[10:49] <a7ndrew> twister004: if you type the route command on your machine, is the subnet you want to connect to listed? Also is it a private ip address ie 192.168.X.X or 172.3X.X.X or 10.X.X.X ?
[10:50] <a7ndrew> also are you trying to pass all your traffic through this tunnel, or only traffic to particular subnet(s)?
[10:51] <twister004> a7ndrew.. the remote subnet is(192.168.1.0/24).. im NATin it to (192.168.25.0/24).... on my gateway, the route is such that any traffic to 192.168.25.0/24 goes through my gateway
[10:51] <twister004> all traffic is not going through the tunnel
[10:56] <a7ndrew> So you should have an entry in your routing table that says 192.168.1.0   <end point of IPSEC tunnel>  <255.255.255.0>
[10:57] <Rno> Hello, sorry to ask my question about apparmor here, it's not related to ubuntu server but ubuntu. I'm using the guest login of ubuntu, and so the guest aparmor profile and I'm not able to use google chrome within a guest session. I would like to know if it's possible to add a sub profile to the guest apparmor profile which has no security rule for google chrome?
[11:10] <twister004> a7ndrew... i didnt get you.. what's the point of NATing... 192.168.1.0 is getting NATed to 192.168.25.0/24 at the other end.. so my endpoint should see it as 192.168.25.0/24
[11:15] <a7ndrew> ok as I understand it you have one network, 192.168.25.0 which you are trying to connect to 192.168.1.0. Each of these networks has a gateway, which would have a public interface. NAT translates all traffic from the inside to that on the outside. When you set up your IPSEC tunnel you need to define the interesting traffic to go through the tunnel, and it needs to know where to go.
[11:16] <a7ndrew> You can't send your traffic to 192.168.1.0 out your default gateway because 192.168.25.0 won't be in any internet routing tables.
[11:16] <a7ndrew> You need to specify that it needs to use the tunnel.
[11:58] <freddy__> Hi - I have a probelm with my ubuntu server - suddenly the filesystem is mounted ro without my doing anything ...
[12:00] <freddy__> is it possible to see when it was mounted ro, mabe why, and how to get back in rw ?
[12:19] <patdk-lap> freddy, that would be the, erros=remount-ro option
[12:19] <patdk-lap> use dmesg
[12:19] <patdk-lap> and it means something is probably really screwed up
[12:20] <patdk-lap> I've only ever had that issue so far, due to a wifi driver gone wrong, and corrupting the ext3 driver
[12:24] <s2s2d2> hello I have installed ubuntu server on ec2 via official ami image
[12:24] <s2s2d2> is possible
[12:24] <s2s2d2> lo login without that darned ssh certificate ...with username and password only
[12:24] <a7ndrew> I've had a crappy power supply cause that issue. At least I'm pretty sure it was the power supply.
[12:25] <s2s2d2> ??
[12:26] <a7ndrew> s2s2d2: try looking up the man page for sshd_config I think its in there
[12:27] <a7ndrew> /etc/ssh/sshd_config is probably a good place to start
[12:35] <s2s2d2> a7ndrew: what to change in that
[12:49] <freddy__> patdk-lap: ok
[12:50] <freddy__> patdk-lap: dmesg says EXT3-fs error (device md0) in ext3_new_inode: IO failure
[12:54] <freddy__> patdk-lap: and: EXT3-fs error (device md0): read_inode_bitmap: Cannot read inode bitmap - block_gr                                                                                                           oup = 532, inode_bitmap = 17432577
[13:06] <a7ndrew> s2s2d2: I've got a line in mine that says: PasswordAuthentication no
[13:07] <a7ndrew> perhaps try changing that to yes and restarting sshd ;)
[13:07] <binBASH> passwords are overrated :)
[13:07] <binBASH> lo patdk-lap btw.
[13:08] <a7ndrew> why not use certificates though? It is a little harder to set up but once that's done its much nicer
[13:08] <a7ndrew> not to mention safer!
[13:08] <binBASH> here I'm using OpenVPN and ssh is only possible when OpenVPN is connected ;)
[13:31] <tsarles> Anyone here able to help with an IET / ISCSITarget problem?
[13:31] <pmatulis> !ask | tsarles
[13:33] <tsarles> I had been running the ubuntu repo version 1.4.19 for a while, but kept getting reservation conflicts, so I decided to update to the current 1.4.20.2...... and now when i start the service it says it can't find the target
[13:34] <tsarles> fortunately I was able to failover to my backup DRBD node, which is still running the old version
[13:34] <tsarles> but, I would like to get this thing figured out
[13:34] <pmatulis> tsarles: how did you update to the new version?
[13:35] <tsarles> apt-get build-dep iscsitarget. make. make install
[13:36] <pmatulis> tsarles: not supposed to do that
[13:36] <HackeMate> hello, I have installed the webdav server, and using cadaver i can access it but from windows i cant using the connect to a shared folder
[13:36] <tsarles> oh...
[13:36] <HackeMate> i can access it from an iphone tough
[13:36] <HackeMate> do i need enable something i missed in somewhere?
[13:37] <tsarles> is there an updated .deb or something like that?
[13:37] <HackeMate> talking to me?
[13:37] <pmatulis> tsarles: what release are you using?
[13:38] <tsarles> 10.04 64 server
[13:38] <tsarles> nope, sorry, never used webdav
[13:38] <HackeMate> k
[13:39] <pmatulis> tsarles: no, unless you want to run 10.10
[13:40] <tsarles> hmm
[13:40] <tsarles> guess i'm not completely opposed
[13:40] <pmatulis> tsarles: did you check the changelogs of the upstream source to see if that version would help you?  is there a known bug related to your initial problem?
[13:43] <zul> Daviey: do how did you extract the java stuff?
[13:43] <tsarles> I did look at the release notes, and it did seem to make me think it would help
[13:44] <pmatulis> tsarles: are you able to reproduce the problem in a test environment?
[13:44] <tsarles> well... unfortunately I don't have a deticated test environment, but yes, I can reproduce it
[13:46] <tsarles> I have two VMWare nodes accessing this iscsitarget, and ocassionally, the iscsi service will come to a complete lock, and my switch LEDs go nuts. I wiresharked the thing, and it was giving reservation conflict errors. temporary fix is to restart the iscsitarget service when this happens
[13:48] <tsarles> it is semi-random, but the one thing I have found that will reproduce this condition fast is trying to load Solaris inside VMWare to a disk on the iscsi service
[13:48] <pmatulis> tsarles: and a bug?
[13:49] <tsarles> i believe it is a bug with the iscsi service, which is why i was trying to update...... and of course, you never know until you try it
[13:50] <pmatulis> tsarles: what i mean is, did you search for an existing bug?  and if there isn't one, it should be reported
[13:53] <tsarles> i have been searching google for related information, but i havn't reported it to canonical
[13:53] <tsarles> I was going to check ubuntu forums, but it seems my login is broken - unrelated
[13:54] <tsarles> where should i report this?
[14:02] <zoopster> tsarles: report the bug on launchpad.net!
[14:03] <tsarles> Will do
[14:03] <tsarles> until then, i guess the only solution i'm going to get here is to upgrade to 10.10?
[14:07] <patdk-wk> tsarles, why bother with iscsi for that?
[14:08] <patdk-wk> nfs will make your life simpler, and probably even make backups easier
[14:09] <tsarles> I guess I'm not opposed to that line of thinking
[14:10] <tsarles> NFS will multi-access? I can still V-Motion between boxes without one machine locking the file?
[14:13] <tsarles> Well, got a service call to run to. Thanks for the advice
[14:14] <henkjan__> with 2.6.35 in repo for lucid, is it easy to install that kernel from the installer?
[14:19] <pmatulis> henkjan__: i don't see a 2.6.35 kernel available for lucid unless you're talking about the lts backports kernel
[14:20] <henkjan__> % apt-cache policy linux-image-server-lts-backport-maverick
[14:20] <henkjan__> linux-image-server-lts-backport-maverick:
[14:20] <henkjan__>   Installed: (none)
[14:20] <henkjan__>   Candidate: 2.6.35.22.34
[14:20] <henkjan__>   Version table:
[14:21] <pmatulis> henkjan__: 'xactly, so what's the problem?
[14:21] <henkjan__>      2.6.35.22.34 0
[14:21] <henkjan__>         500 http://nl.archive.ubuntu.com/ubuntu/ lucid-updates/main Packages
[14:21] <henkjan__> pmatulis: its in lucid-updates
[14:21] <pmatulis> henkjan__: what's the problem?
[14:21] <henkjan__> new fujitsu servers have unsupported (in 2.6.32) sascontrollers
[14:21] <henkjan__> currently i'm booting maverick, and debootstrapping lucid
[14:21] <pmatulis> henkjan__: what's the problem?
[14:22] <pmatulis> henkjan__: install it if you want it
[14:22] <pmatulis> henkjan__: oh, from the installer
[14:22] <henkjan__> i would like to do that from the installer yes :)
[14:23] <pmatulis> henkjan__: not 'till 10.04.2 i'm afraid.  pretty sure there will be a special question whether you want this kernel
[14:24] <pmatulis> henkjan__: that's in a couple of weeks
[14:24] <henkjan__> ah
[14:24] <henkjan__> i'll wait a couple of weeks and whine again if its not in the installer ;)
[14:25] <pmatulis> henkjan__: i'm sure you can hack something up if you really need it that badly
[14:27] <zul> Daviey: i re-added debmirror in cobbler just now
[15:03] <skorv> i wonder how to share usb printer for both windows and linux clients using nothing but the shell
[15:03] <skorv> (so far i resisted installing ubuntu-desktop in my servers
[15:19] <evdvelde>  Hi all, does anybody have experience with zoneedit or another free DNS service? I would like to start using one, but dont know how to choose...
[15:20] <hallyn> evdvelde: i use zoneedit.  no complaints.  works well
[15:21] <evdvelde> thx hallyn, i found there site too, but did not want to start using it without a bit of info and such
[15:21] <zul> JamesPage: hi can you rebase your cobbler-4j branch please?
[15:21] <JamesPage> zul: already on it
[15:22] <zul> JamesPage: thanks
[15:22] <evdvelde> hallyn: do they have e-mail forwarding? i have mail with google at the moment and would like to keep it there
[15:23] <JamesPage> zul: done
[15:23] <zul> JamesPage: thanks
[15:24] <JamesPage> zul: just spotted some cruft in the diff - don't review yet...
[15:24] <andreserl> kirkland_: howdy!! The InputMonitor works amazingly!!
[15:25] <freddy__> exit
[15:25] <freddy__> exit
[15:25] <freddy__> exit
[15:25] <kirkland_> andreserl: that's great to hear :-)
[15:25] <zul> JamesPage: ack
[15:25] <andreserl> kirkland_: btw.. I don't yet have acces to the powernap branch right?
[15:26] <hallyn> evdvelde: yes, they do
[15:27] <JamesPage> zul: OK - it looks a bit odd because I used wrap-and-sort to order the Depends but should be OK for review now.
[15:28] <zul> JamesPage: merci
[15:28] <JamesPage> zul: np ping me if anything needs a change
[15:35] <kirkland_> andreserl: huh?  i thought you did
[15:35] <Daviey> zul, is git needed as a build dep?
[15:36] <andreserl> kirkland_: nope, couldn't upload :/
[15:37] <kirkland_> andreserl: i'll fix that
[15:37] <kirkland_> andreserl: gimme a minute, i'm working on somehting for zul at the moment
[15:43] <andreserl> kirkland_: sure, It is not urgent :)
[16:02] <Thirtysixway> ignore -channels #ubuntu-server * JOINS PARTS QUITS NICKS
[16:02] <Thirtysixway> oops
[16:21] <kirkland> andreserl: okay, lp:powernap now points to lp:~powernap/powernap/trunk which you have access to
[16:22] <andreserl> kirkland: awesome, thanks!
[16:32] <zul> JamesPage: *cough* http://pastebin.ubuntu.com/555452/ *cough*
[16:33] <JamesPage> zul: ta
[16:33] <kpettit> how to do a search like "apt-cache search apache" but be able to tell which of those packages is installed?
[16:34] <kpettit> I know how to tell if a individual one is there, but not how to do a wildcard type of search to see what's installed
[16:35] <baggar11> kpettit: dpkg -l | grep apache
[16:36] <kpettit> ah, thanks.  exactly what I was looking for
[16:39] <JamesPage> zul: just sorting the one in debian/control as well
[16:40] <zul> JamesPage: k i would like to finish this today
[16:40] <zul> kirkland: i put the debmirroring back in cobbler last night as well
[16:51] <JamesPage> zul: all good - let me test that the binary package was OK as well so good to go
[16:51] <zul> JamesPage: cool ill hunt you down after lunch if anything goes wrong
[16:53] <JamesPage> zul: sorry but build time is going to go up as java pulls in a load of extra deps....
[16:54] <zul> JamesPage: grrrrrrr...;)
[17:02] <JamesPage> zul: I just spotted a mistake - arch for libcobbler4j-java is incorrect
[17:06] <JamesPage> zul: fixed in proposed merge
[17:47] <zul> JamesPage: thanks
[17:57] <zul> die java die!
[17:58] <andreserl> zul: +1 lol
[17:58] <oCean> :)
[17:59] <andreserl> zul: hold up the cluster-agents bug fix  couple more days I wanna see if upstream commits few patches for the RA's I'm patching
[17:59] <zul> andreserl: consider it done
[18:00] <andreserl> zul: but you can take a look at bug #525287 though :)
[18:01] <zul> andreserl: i rather have someone on foundations look at that
[18:03] <andreserl> zul: ok :)
[18:03] <zul> JamesPage: looks good
[18:05] <zul> SpamapS: ping
[18:07] <SpamapS> zul: pong, wazzzzzahhhhhh
[18:07] <zul> SpamapS: hi, the jar file in cobbler is gone now does have to be renamed dfsg?
[18:09] <SpamapS> zul: good question. Given that we are building the orig tarball from the git repository, I think we should say no, and just report it as a bug upstream (or get a license clarification for the jar file, at which point we don't have to strip it out)
[18:09] <zul> SpamapS: okies
[18:09] <SpamapS> actually.. hmm
[18:10] <SpamapS> If its built from entirely GPL software, then it has a license and doesn't have to be removed (though we still have to build it for the binary packages)
[18:14] <zul> meh...well see what jdstrand says
[18:15] <zul> SpamapS: just uploaded it
[18:20] <SpamapS> zul: ok.. cool :)
[18:26] <jdstrand> zul, SpamapS: so, does cobbler have an 'official' release tarball or is it just git?
[18:26] <jdstrand> zul, SpamapS: I realize you are just using git, but in general
[18:26] <zul> jdstrand: its just git for now SpamapS is talking to them about cutting a 2.1 tarball in the futre
[18:27] <jdstrand> zul: those files are all DFSG compatible?
[18:27] <zul> jdstrand: i believe so
[18:27] <zul> SpamapS: ^^^
[18:28] <jdstrand> zul: well, this isn't like stripping out swf files, per se, it is that the jar should be buildable from source
[18:28] <zul> jdstrand: it is...
[18:28] <jdstrand> zul: as such, I don't think it needs dfsg
[18:28] <zul> jdstrand: k cool
[18:29] <jdstrand> zul: if you are using a 'get-orig' type thing in the Makefile, then perhaps you can exclude the jar file
[18:29] <jdstrand> zul: s/Makefile/rules file/
[18:29] <zul> jdstrand: ok i think we can do that in the futre
[18:29] <jdstrand> zul: just a suggestion
[18:29] <zul> jdstrand: sure
[18:31] <SpamapS> jdstrand: the jar file will be in the release tarballs when they arrive.
[18:31] <SpamapS> so stripping in get-orig means altering the release tarballs, which I'm hoping we can avoid.
[18:32] <SpamapS> zul: I think there are some files that don't have a license that were supposed to be manually removed from .orig.tar.gz .. but I don't recall actually telling you which files.
[18:32] <SpamapS> zul: like the pres/ directory
[18:33] <SpamapS> zul: is get-orig-source from git working again? Like.. can I modify that bit to remove those files?
[18:34] <zul> SpamapS; no it got removed
[18:36]  * jdstrand wonders why the jar can't just be built during the build
[18:36] <SpamapS> jdstrand: it is!
[18:36] <jdstrand> so why are they shipping it?
[18:37] <SpamapS> jdstrand: because jdk's are hated in the sysadmin community. ;)
[18:43] <SpamapS> so yeah already I can see a few files that need stripping .. guess we got unsynced on that one
[18:46] <SpamapS> zul: how do you want to do this? I have some files that needs tripping out of that orig tarball? should I just bzr rm them from the build branch and tag the rev as a new upstream-XX ?
[18:47] <zul> SpamapS: yes please and document them in the commit so we know going forward
[18:52] <SpamapS> zul: should I start working in a side branch and do MP's like James and Dave did?
[18:53] <zul> SpamapS: sounds like a plan
[19:02] <SpamapS> zul: actually I think all we need to do is use setup.py dist
[19:03] <SpamapS> sdist rather
[19:06] <SpamapS> zul: that is the method they use to produce the source rpms upstream, and so is likely all we'll need.
[19:06] <zul> SpamapS: really sweet..
[19:06] <SpamapS> wish I'd thought of that sooner the copyright file would have been a lot smaller and easier to generate. ;)
[19:07] <andreserl> kirkland: ok, integration with the monitors is pretty much done. Just need to figure out some things out first.
[19:08] <andreserl> kirkland: if I use a RemoteMonitor in port7, and we are the selected action is PowerSave. then the WoL Monitor won't work given that it listens to Port7. What do you think should be done here? I was thinking something like "If action is powersave, then don't use RemoteMonitor in port 7"
[19:10] <kirkland> andreserl: hmm, i don't think i understand yet ...
[19:10] <kirkland> andreserl: can you clarify
[19:11] <andreserl> kirkland: ok, so at the Rally, you saw that when entering to Powersave method, PowerNap started a WoL Monitor to be able to "wakeup" and un-do what pm-powersave did. This WoL monitor listens at port udp 7.
[19:11] <kirkland> andreserl: right
[19:11] <kirkland> andreserl: and why did you choose port 7?
[19:12] <andreserl> kirkland: WoL, it is either 7 or 9
[19:12] <kirkland> andreserl: okay
[19:12] <andreserl> kirkland: and powerwake by default sends to port 7
[19:13] <andreserl> kirkland: ok so anyways, I have integrated Adams RemoteMonitor. What this monitor does is listen for *any* traffic in a given port (Can be 7, 9, 80, or all at once)
[19:13] <kirkland> andreserl: awesome,
[19:13] <kirkland> andreserl: that's very cool
[19:15] <patdk-wk> hmm, wol doesn't use ports, the port is just to make it easier to send the packet
[19:15] <andreserl> kirkland: indeed... it is limited to UDP only though. But anyway, if we select action method as powersave (which will start a WoL monitor in udp7 when entering to powersave), and if we have a RemoteMonitor listening in port7, the WoL monitor will fail to bind the port
[19:16] <patdk-wk> wouldn't the wol monitor be useless? as that udp that did the wol would be lost anyways
[19:16] <andreserl> patdk-wk: a WoL datagram is a UDP datagram sent to either port 7 or 9
[19:16] <patdk-wk> actually, no :)
[19:17] <patdk-wk> it's a packet that contains a specially crafted stream of bytes
[19:17] <andreserl> kirkland: so the solution I was thinking is "If ACTION_METHOD is PowerSave, then ignore a RemoteMonitor in port 7 to be able to launch the WoL Monitor"
[19:17] <patdk-wk> nothing to do with what port
[19:17] <patdk-wk> it doesn't even need to be IP :)
[19:19] <andreserl> patdk-wk: yes but they are still sent to an specific port, which is usually 7 or 9, but can be any port
[19:20] <kirkland> andreserl: sounds reasonable, i think
[19:21] <andreserl> patdk-wk: and in what we are doing, we need to know the port and having a RemoteMonitor and a "WoLMonitor" are two different things used for two different purposes
[19:21] <andreserl> kirkland: alright, other than the The InputMonitor (tracks usb/mouse input), ProcessMonitor, and IOMonitor also work. Will be uploading it in a while for your testing ;)
[19:21] <kirkland> andreserl: saaaaweeeeet
[19:22] <kirkland> andreserl: looking forward to it
[19:46] <zul> jdstrand: did you reject the upload?
[19:50] <jdstrand> zul: I haven't done anything with the upload. is it there now?
[19:50] <zul> jdstrand: not yet gimme a few can you reject the upload that is the queue now please?
[20:00] <jdstrand> zul: rejected
[20:00] <larsemil> hey! anyone here used amazon s3 in any way?
[20:00] <zul> jdstrand: thanks
[20:01] <larsemil> and by using s3 i mean amazon s3
[20:01] <b0gatyr> larsemil: i host some images for a website
[20:12] <zul> SpamapS: *cough*
[20:12] <SpamapS> wha?
[20:13] <SpamapS> jdstrand: so there are a few python files in the upstream tarball that were copied direct from python 2.4 .. but we don't install them in binary packages..
[20:14] <SpamapS> jdstrand: should we strip them out of the tarball, or document their license in the debian/copyright file, or just ignore them?
[20:19] <jdstrand> SpamapS: just document their license
[20:22] <SpamapS> jdstrand: ok cool
[20:42] <hallyn> zul: hey, do you have strong feelings on ntp package?
[20:43] <zul> hallyn: not really
[20:43] <hallyn> zul, i'm trying to decide what to do with bug #697676
[20:44] <hallyn> debian ntp maintainers want someone to work a real fix upstream, which seems sensible to me
[20:44] <hallyn> but with kirkland feeling all save-the-world-like with powernap, i wasn't sure whether we'd want to have a patch to reduce power usage in our package :)
[20:45] <zul> hallyn: did you file a bug with debian?
[20:45] <kirkland> hallyn: :-)  +1 for sensible defaults
[20:45] <hallyn> zul: i emailed the package maintainers
[20:46] <hallyn> kirkland: yeah, but this isn't just defaults, it hacks the code
[20:46] <andreserl> lol
[20:46] <kirkland> hallyn: looking at the patch ...
[20:46] <hallyn> patch is used in fedora, but i didn't feel qualified to ack it by eye
[20:47]  * kirkland reading
[20:47] <zul> hallyn: i rather have it in debian if it changes the functionaily then i would say nack
[20:47] <kirkland> hallyn: yikes
[20:47] <kirkland> hallyn: that's um, invasive
[20:47] <kirkland> hallyn: yeah, zul is right ... we'll follow or work with debian on this one
[20:47] <hallyn> kirkland: :)  yeah, i don't *usually* admit to being unqualified to judge a patch, but in my email to ntp maintainers i did
[20:48] <hallyn> thanks, guys
[20:48] <kirkland> hallyn: are you joining us at Opal D's?
[20:48] <kirkland> hallyn: -> pm
[20:49] <zul> hallyn: besides fedora isnt always right even though they may think that
[20:51] <hallyn> zul: i wasn't saying that :)
[20:52] <hallyn> zul: just that they apparently think it's at least safe
[20:53] <patdk-wk> I vote, kill the polar bears
[20:53] <patdk-wk> :) not that I can vote :)
[20:59] <zul> hallyn: i know i was joking :0
[21:02] <hallyn> kirkland: d'oh, i shoulda left teh reply to you :)
[21:03] <kirkland> hallyn: ?
[21:03] <kirkland> hallyn: oh, to that bug?
[21:03] <kirkland> hallyn: i was just "supporting" you
[21:03] <hallyn> yeah
[21:03] <kirkland> hallyn: i haven't seen yours yet
[21:03] <hallyn> much more diplomatically :)
[21:07] <kirkland> hallyn: my experience is a) thank them profusely for their bug report/patch, etc, b) explain why we are advising against it, c) leave room for changing that opinion if $SOMETHING happens in the future to change that, d) thank them over again :-)
[21:10] <SpamapS> kirkland: reading cobbler devel? They just accepted a patch to query APC power switches for On/Off status.
[21:10] <SpamapS> adds a "power_status" api call. kind of cool
[21:10] <kirkland> SpamapS: rock!
[21:10] <kirkland> SpamapS: that is cool
[21:17] <andreserl> kirkland: if for example, for whatever reason, the WoL monitor is unable to start but the "powersave" action is taken, should the powersave be reverted?
[21:19] <SpamapS> andreserl: no more RoAkSoAx ? ;)
[21:21] <andreserl> SpamapS: hehe RoAkSoAx is still there though I've been trying to figure out if I use this nick instead for quite a while now lol :P
[21:21] <kirkland> andreserl: yeah, we don't want to enter a situation that we can't get out of
[21:21] <kirkland> SpamapS: heh, yeah, we have to type a lot more letters to tab complete :-)
[21:22]  * SpamapS tried to shake off SpamapS a couple years ago. It felt like shaking off a piece of my soul.
[21:22] <andreserl> kirkland: yeah, though we could fallback to a different port though. Btw.. does powerwake support using a different port?
[21:24] <kirkland> andreserl: it does not currently
[21:24] <kirkland> andreserl: i suppose it could though ....
[21:24] <andreserl> kirkland: I guess it will make more sense to use a fallback port when powerwaked exists, so it can keep track of that info
[21:25] <andreserl> kirkland: so that powerwake knows what port to use when sending the magic packet
[21:25] <andreserl> SpamapS: I know what you mean!! I'
[21:26] <andreserl> been using RoAkSoAx for quite a while now
[21:27] <kirkland> andreserl: right
[21:36] <fluvvell> 24th of June, world IPv6 day.  How ready are people for IPv6 testing?
[21:37] <bittin> fluvvell: that sounds awesome, maybe i should switch to IPv6 at home by then :p
[21:37] <fluvvell> bittin, I'm not even sure if my home router is configured for it!
[21:38] <bittin> i have a FON with OpenWRT so i think i can do it
[21:39] <nkv> Hello all.  I need to replace an outbound mailserver for the service provider I work for.  Back, 5 or so years ago I used Postfix to fill this role.  Is that still a fairly sane choice, or has something new and shiny come up and replaced it?  This has no local delivery, just queuing mail from authorized subnets and relaying it to external mail servers.
[21:40] <fluvvell> bittin, yeah mines more of just a gateway, the main routing is done by ubuntu server. Allocating addresses? Won't we need addresses allocated?
[21:44] <SpamapS> nkv: postfix is the preferred choice in ubuntu server as it is the one MTA in main
[21:44] <SpamapS> oops
[21:44] <SpamapS> I lied
[21:44] <SpamapS> nkv: rather, its the better one in main
[21:44]  * SpamapS didn't realize exim4 was in main
[21:46]  * nkv shudders... Exim.... :)
[21:48] <nkv> Ok... Well I figured a fairly solved problem like SMTP servers wouldn't have shifted much in the last 5 years.
[21:51] <patdk-lap> heh, when ever I install a package that needs mail
[21:51] <patdk-lap> ubuntu always recommends exim
[22:09] <kirkland> zul: yo
[22:10] <zul> kirkland: whats up?
[22:10] <kirkland> zul: just checking on the cobbler upload
[22:10] <zul> kirkland: im waiting for SpamapS
[22:10] <kirkland> zul: coolio
[22:17] <andreserl> kirkland: done! Monitors integrated. Though, need to update the packaging! but it is still testable without having to really install it
[22:18] <hallyn> all right, time to try an online ext4fs resize.  wish me luck
[22:19] <kirkland> andreserl: cool
[22:19] <kirkland> hallyn: hmm, check with kees
[22:20] <kees> hallyn: wait wait
[22:20]  * hallyn waits
[22:20] <kees> hallyn: make *sure* you're running .37-12 or later
[22:20] <kees> otherwise it will _destroy_ your filesystem
[22:20] <hallyn> kees: 2.6.37-12-generic
[22:20] <hallyn> define destroy :)
[22:21] <kees> -12 you'll be fine. destroy, as in, fills the extended area with arbitrary bitmap entries and the fs starts writing all over the place
[22:21] <kees> as in, fsck CANNOT fix it in some cases.
[22:21] <hallyn> jinkeys
[22:22] <kees> I was extremely lucky in that I only destroy my apt mirror. easy to find the wrecked directories and files since there's a separate db of hashes to compare against :)
[22:22] <kees> *destroyed
[22:22] <hallyn> kees: funny thing is, i was doing this to make room for a btrfs partition to test a fast lxc-based schroot alternative to show you :)
[22:22] <kees> but -12 has ted's fixes
[22:22] <kees> haha
[22:22] <hallyn> kees: rockin', i'll do an extra rsync and then give it a shot then, thanks
[22:22] <kees> well, i'm certainly excited about that, but yeah, the online resize regress was scary :)
[22:22] <kees> cool
[22:22]  * hallyn goes to rsync
[22:27] <hallyn> drat: Filesystem at /dev/sda1 is mounted on /; on-line resizing required
[22:27] <hallyn> resize2fs: On-line shrinking not supported
[22:27]  * hallyn scratches his head and goes to look at the source
[22:28] <Grubulous> I have an ubuntu 10.04 server running on vmware and I notice that after 48 days of uptime the server appears to become unresponsive. I can ping it, but I cannot ssh in or access any other services (apache on 80, couchdb on 5984, etc). nothing seems amiss in the logs
[22:47] <ideaman> I have a basic networking question. How can I get from subnet to subnet?
[22:48] <nkv> That is the canonical job of a router.
[22:50] <nkv> ideaman: I was replying to you, in case it wasn't clear :)
[23:13] <AdamDV> I'm running Ubuntu 10.10. php5-gd is listed as installed. I'm getting "The function imageantialias() is not available in your PHP installation. Use the GD version that comes with PHP and not the standalone version." when using jpgraph. Any one wanna lend a hand?
[23:41] <Devo-Kun> AdamDV: did you just install php5-gd?
[23:41] <AdamDV> Yes.
[23:41] <Devo-Kun> AdamDV: did you restart Apache after install PHP-gd?
[23:42] <AdamDV> Yes. I'm not a noob. I think its because the maintainers dont want to use the gd version bundled with PHP and insist on using the ainstream one?
[23:45] <Devo-Kun> AdamDV: can you create a quick PHP script with the phpinfo function in it: <?php phpinfo(); ?>
[23:45] <Devo-Kun> Then paste the results of the GD section here
[23:48] <AdamDV> Yea one sec
[23:48] <AdamDV> http://pastebin.com/kSApU6VA
[23:50] <AdamDV> Devo-Kun: See above
[23:54] <Devo-Kun> Are you able to run the Examples?
[23:55] <AdamDV> hmm?
[23:55] <Devo-Kun> When I run the jpgraph examples I get font errors
[23:56] <skorv> can a usb printer be shared on ubuntu server for windows & linux clients using nothing but the console (using gui is easy, same as desktop)
[23:59] <Devo-Kun> AdamDV: http://paste.ubuntu.com/555596/