[00:14] <ignarps> quizme, newer versions of applications.  that is one
[00:32] <thesheff17> quizme: unless you need a specific feature in 10.10 I wouldn't upgrade because 10.04 is the long term support version and to me longer support is needed.  I don't want to be upgrading my servers to the next version in 6 months time unless I need something specific from that newer version.
[00:36] <twb> You shouldn't *ever* upgrade unless the new version provides something you need
[00:36] <twb> Admittedly, that might be upstream security support, because the current version is EOLd :-)
[03:51] <a|3x> hi
[03:52] <a|3x> my ubuntu server was hacked with some "floodsend" rootkit, it connected to some irc server
[03:52] <a|3x> what can i do to hit back?
[03:54] <Datz> buy a copy of justin beibers new album
[03:56] <a|3x> how is that going to help?
[03:57] <Datz> he'll serenade you to sleep, where you can dream about irc?
[03:57] <Datz> it's always worked for me..
[03:58] <Datz> but sorry, I know you're serious, and I'm clearly drunk. :(
[03:58] <Datz> (almost)
[03:58] <a|3x> anybody want to poke around, here is the irc server: 80.68.95.83
[04:03] <twb> a|3x: in many countries it is a civil or criminal offense to "hit back"
[04:04] <twb> You may, however, wish to secure your system better in future, and to help educate others about doing so.
[04:04] <a|3x> i meant to take them down
[04:04] <twb> 15:03 <twb> a|3x: in many countries it is a civil or criminal offense to "hit back"
[04:06] <a|3x> if their security sucks in this kit i could issue a command to remove the kit from all the infected servers connected to the server, right?
[04:07] <a|3x> could be illegal but it would help a lot of people
[04:07] <twb> I will not help you in such an activity.
[04:08] <a|3x> never did ask
[05:54] <Orfeous> trying to get postfix work with TLS encryption but it seems that there are some problems anywhere :D
[05:54] <Orfeous> using dovecot-pop3 as pop-server and postfix as smtpd..
[05:57] <gobbe> Orfeous: what kind of problems?
[05:58] <Orfeous> my client computer seems not to allow me to send or recieve mail now.
[05:59] <Orfeous> relay access denied...
[05:59] <Orfeous> im trying to debug the problem with increasing tls debuglevel
[06:02] <twb> Orfeous: that's for your protection!
[06:03] <Orfeous> if i try to send a mail i got a mail back telling me that its not relying the domain i sent to
[06:04] <gobbe> Orfeous: did you follow the guide from ubuntu.com?
[06:04] <Orfeous> is it helping a little if i show the postfix main.cf?
[06:04] <gobbe> Orfeous: there is really good howto
[06:04] <Orfeous> yes, i have read many guides and tutorials..
[06:04] <Orfeous> the mailserver works if i disable all tls stuff
[06:05] <Orfeous> and not use tls encryption on my client
[06:19] <Dragonshadow> is the ubuntu pureftpd package compiled with --virtualchroot ?
[06:28] <twb> http://mywiki.wooledge.org/FtpMustDie
[06:31] <Dragonshadow> Because that /really/ helps
[06:46] <mattalexx> I'm trying to globally deny all requests to my server from any IP except for 192.168.0.3. Which file in /etc/apache should be changed to make this happen?
[06:48] <jmarsden> mattalexx: Since some requests might not be for web services but for other things, you might do better to use iptables to add packet filtering?
[06:48] <mattalexx> jmarsden, There are exception (public requests allowed)  for some of my virtualhosts
[06:49] <mattalexx> So that's a no-can-do.
[06:53] <jmarsden> mattalexx: Then your request should probably have said "web requests" :)  Anyway, maybe /etc/apache2/conf.d/security is a sane place to add a global security restriction.
[07:17] <palhmbs> hi - anybody familiar with setting up a cronjob that will use X to display what it's doing in the terminal whilst it runs?
[07:17] <palhmbs> ubuntu 10.10
[07:50] <qman__> palhmbs, not really server territory, but you could simply prefix the job with gnome-terminal
[07:51] <palhmbs> thanks
[07:55] <palhmbs> does this look right? -- 54 20 * * * gnome-terminal /home/palhmbs/myscript.sh
[07:56] <qman__> if it's in a user's crontab, yes
[07:56] <qman__> if it's a job in /etc/cron.d, you also need the user to run as
[07:59] <palhmbs> so cron.d runs system level stuffs?
[07:59] <palhmbs> as root....
[08:00] <qman__> no, cron.d takes an additional argument
[08:00] <qman__> * * * * * username job
[08:03] <qman__> it can run jobs as root if you specify that
[08:10] <palhmbs> ok - so if I create my own file /etc/cron.d/myscript
[08:12] <palhmbs> where do the crontab -e file go? - is that embedded into a binary somewhere like visudo does?
[08:12] <palhmbs> I've been using crontab -e mainly
[08:12] <jpds> palhmbs: /var/spool/cron/crontabs/
[08:13] <greppy> crontab -e calls your $EDITOR environment variable, which defaults to nano I think.
[08:13] <greppy> visudo edits /etc/sudoers
[08:13] <greppy> it also does some sanity checking to help keep you from breaking your sudo config.
[08:13] <palhmbs> jpds, thank you - I was looking for those :D
[08:15] <palhmbs> and using env variables in my script like DISPLAY=:0.0 will run a GUI from cron?
[08:15] <palhmbs> basically I want to be able to show the user what crontab is doing...
[08:16] <palhmbs> s/crontab/cron/
[08:17] <jpds> palhmbs: apt-cache show beep ?
[08:23] <palhmbs> jpds, lol - I think my PC-speaker must be unplugged :D
[08:28] <palhmbs> I can use quotes in cron can't I? -- root "/usr/local/sbin/myscript.sh"  ??
[08:33] <qman__> yep
[09:33] <Roxyhart08> hi there i got the bad idea to install kde4 in my server, somebody know how to unistall in a safe way it?
[09:37] <TeTeT> Roxyhart08: take a look at /var/log/dpkg.log and try to extract all the package names that came with kde4 and purge them
[09:40] <Roxyhart08> thanks i couldnt find any things with kde in this file
[09:44] <iclebyte-work> anyone good with mod_perl?
[10:05] <adpaolucci> anyone here?
[10:05] <adpaolucci> I am looking for help with setting up a private cloud
[10:06] <kerozene> is this a job ad?
[10:11] <TeTeT> adpaolucci: best you start with https://help.ubuntu.com/community/UEC
[10:11] <adpaolucci> Already did
[10:11] <adpaolucci> still reading over it
[10:11] <TeTeT> adpaolucci: and probably you want to join #ubuntu-cloud
[10:11] <adpaolucci> Thank you TeTeT
[10:12] <TeTeT> adpaolucci: if you need a training, Canonical offers one: http://www.ubuntu.com/sites/default/files/active/Training%20-%20Deploying%20Ubuntu%20Enterprise%20Cloud%20overview.pdf
[10:12] <TeTeT> adpaolucci: np
[10:13] <adpaolucci> I would do the training course but its not offered anywhere in the Toronto area up in Canada
[10:14] <adpaolucci> Actually it looks like there is
[10:14] <adpaolucci> Thanks TeTeT
[10:15] <TeTeT> adpaolucci: it's held virtually over spreed in April again, last class was last week
[10:57] <iclebyte-work> no matter what I do I cannot seem to get cgi scripts to execute
[10:57] <iclebyte-work> the browser just says 'the connection was reset' and there is nothing in the logs!
[12:18] <nimrod10> iclebyte-work, which webserver are you using ?
[12:21] <iclebyte-work> Apache2
[12:22] <iclebyte-work> I've got it partially working but only via placing the cgi-scripts into /usr/lib/cgi-bin
[12:22] <iclebyte-work> which is an okay work around for the moment.
[12:22] <iclebyte-work> i'm struggling to install the DBI perl module now
[12:33] <nimrod10> iclebyte-work, it works in that dir because somewhere in the apache config , most likely in sites-available you have a line that says
[12:33] <nimrod10> ScriptAlias /cgi-bin/ /usr/lib/cgi-bin/
[12:33] <nimrod10>  17         <Directory "/usr/lib/cgi-bin">
[12:33] <nimrod10>  18                 AllowOverride None
[12:33] <nimrod10>  19                 Options +ExecCGI -MultiViews +SymLinksIfOwnerMatch
[12:33] <nimrod10>  20                 Order allow,deny
[12:33] <nimrod10>  21                 Allow from all
[12:33] <nimrod10>  22         </Directory>
[12:33] <nimrod10> the Options +ExecCGI is what you where looking for
[12:33] <iclebyte-work> i've spotted that it's in the default vhost file
[12:34] <iclebyte-work> i am however desperatley struggling to install the perl DBI module via cpan
[12:34] <nimrod10> where did the certified hardware link go ?   This doesn't work anymore : http://webapps.ubuntu.com/certification/list/?category=Server
[12:34] <nimrod10> it should work with cpan easily , not that I 'm a huge perl fan
[12:59] <iclebyte-work> nimrod10, could you take a look at this vhost entry for me? http://scsys.co.uk:8002/85950
[13:01] <nimrod10> is the  /   path mirrored to a path in your filesystem ?
[13:02] <iclebyte-work> i don't understand you?
[13:02] <iclebyte-work> i assumed it would mean the / of the DocumentRoot ?
[13:03] <nimrod10> is / supposed to map to a location on your harddrive ?  like maybe  /var/www ?
[13:04] <nimrod10> if so try to use the Directory directive instead of Location
[14:17] <RoAkSoAx> morning all
[14:18] <SnApO> Hi all, i want to build a very easy own cloud with 3 vservers
[14:18] <SnApO> is this possible
[14:19] <SnApO> 1 load balancer, 2 servers with apache/php and mysql
[14:19] <SnApO> i have seen that ubuntu-server is offering private cloud
[14:19] <SnApO> but i didnt found some prices
[14:20] <patdk-wk> prices for what?
[14:20] <patdk-wk> ubuntu doesn't sell anything, other than support
[14:21] <\sh> ubuntu doesn't sell even support...canonical does that
[14:21] <\sh> SnApO: what you mean is "Ubuntu UEC" which is on the server cd...
[14:21] <\sh> that's meant with "private cloud" you can setup your own eucalyptus cluster for your private cloud
[14:24] <ogra> \sh, i think he means the ubuntu one offers
[14:25] <ogra> which has not much to do with running a OS in a cloud, its just personal cloud space for your data
[14:25] <\sh> could be....anyways my hp tech arrived *grmpf*
[14:25] <SnApO> i mean the landscape thing
[14:26] <SnApO> to manage my private cloud
[14:26] <ogra> ah
[14:26] <SnApO> also if ubuntu enterprise cloud is free (its just for myself to test some things in the cloud)
[14:27] <ogra> UEC is free
[14:27] <soren> SnApO: The software is free, yes. You run it on your own servers.
[14:27] <soren> SnApO: so it's not like you're getting free resources or anything.
[14:27] <SnApO> does it mater if its already a virtual machine?
[14:28] <SnApO> because i have 3 vservers for testing
[14:28] <SnApO> the vservers are running ubuntu server
[14:28] <SnApO> (openvz)
[14:28] <ogra> http://www.canonical.com/enterprise-services/ubuntu-advantage/landscape/cloud-management
[14:29] <ogra> at the bottom you have some contact links
[14:29] <ogra> it shouldnt matter where or how you run your UEC instance as long as it is network connected
[14:29] <_UsUrPeR_> gooood morning everyone
[14:31] <_UsUrPeR_> I have a question pertaining to "screen". I am using the following to start a half-life server in ubuntu 10.04 -- "screen -A -m -d -S tf2 /~/orangebox/srcds_run -game tf -autoupdate -ip <IP> -port <port> + map <map>, and I cannot seem to get my screens back by default.
[14:33] <SnApO> ogra, i just want to setup a small private cloud, with a management interface (all should be free because its only for testing and i need it more then 30 days). do i need landscape?
[14:33] <ogra> you can indeed manage everything by hand
[14:33] <ogra> using puppet or some such
[14:33] <_UsUrPeR_> When I attempt to run "screen -r tf2", I am getting the following error: "Cannot open your terminal '/dev/pts0' - please check. This is because the screen session opened /dev/pts/0 as another user, even though I started screen with the user I am trying to retrieve the screen with
[14:43] <elb0w> How do I resolve this? I dont care about installing the JDK. http://pastie.org/1514818
[14:54] <Roasted_> Has anybody ever utilized Zentyal on Ubuntu to configure a FreeRadius server?
[15:28] <iclebyte-work> i have an interface connected to a replicated port from a cisco switch, the interface has no IP however I can see the traffic coming in on eth1 (currently 25gb) - I'm trying to monitor it with softflowd so we can generate netflow data, this worked using a bridge but doesnt seem to work using 1 interface in promiscuous mode, any ideas?
[15:29] <iclebyte-work> previously i used 2 interfaces bridged and place the monitoring box 'inline'
[15:29] <iclebyte-work> and that worked
[15:40] <patdk-wk> well, what is it mirroring?
[15:41] <gobbe> sounds like mirror-port
[15:41] <gobbe> :)
[15:42] <Roasted_> Has anybody ever utilized Zentyal on Ubuntu to configure a FreeRadius server?
[15:42] <iclebyte-work> yes it's a mirror port
[15:43] <patdk-wk> I'm just wondering if it's mirroring both tx and rx on the source port
[15:43] <patdk-wk> if it doesn't mirror both, then you are only monitoring half the traffic
[15:44] <iclebyte-work> it's mirroring both, i can see the TX and RX levels rising on my interface stats
[15:44] <patdk-wk> heh?
[15:44] <patdk-wk> the tx on the mirror port should be equal to tx+rx on the source port, then
[15:45] <patdk-wk> or maybe your talking of interface statis in software, dunno about that
[15:46] <Dragonshadow> anyone here an ace with SQL and regex?
[15:49] <patdk-wk> must everyone ask a question before asking a question?
[15:50] <Fidelix> Please help, my server is taking 18 seconds to start the download with wget, it keeps "Resolving server..."
[15:51] <patdk-wk> fix your dns :)
[15:51] <patdk-wk> or their dns server
[15:52] <Fidelix> patdk-wk, what could be wrong with my dns?
[15:52] <patdk-wk> I dunno, but why else would wget talk so long to do a dns lookup?
[15:52] <patdk-wk> what is in your /etc/resolv.conf file?
[15:52] <patdk-wk> and what are you attempting to resolve?
[15:53] <Fidelix> nameserver 127.0.0.1
[15:53] <Fidelix> nameserver 213.186.33.99
[15:53] <Fidelix> nameserver 208.67.222.222
[15:53] <Fidelix> nameserver 208.67.220.220
[15:53] <Fidelix> search ovh.net
[15:53] <gobbe> do you have caching nameserver running?
[15:53] <Fidelix> patdk-wk, wget http://google.com or ANY server takes really long to resolve.
[15:53] <Fidelix> gobbe, I use bind9
[15:53] <patdk-wk> nslookup google.com 127.0.0.1
[15:54] <Fidelix> ;; connection timed out; no servers could be reached
[15:54] <patdk-wk> then you don't use bind9 for recursive on your box
[15:54] <Fidelix> Yeah. my bind is wrong....
[15:54] <patdk-wk> and should fix bind, or remove that line
[15:54] <Fidelix> patdk-wk, how can i change that?
[15:54] <patdk-wk> change what?
[15:54] <Fidelix> "use bind9 for recursive"
[15:54] <patdk-wk> man bind? :)
[15:54] <patdk-wk> I dunno
[15:55]  * patdk-wk wouldn't touch bind with a 10' pole
[15:55] <Fidelix> patdk-wk, what do you use?
[15:55] <patdk-wk> it's not about what I use
[15:56] <patdk-wk> it's about what you understand, and what works best for the job you put it in
[15:56] <gobbe> Fidelix: where do you use bind?
[15:56] <jpds> Fidelix: http://zytrax.com/books/dns/ch7/queries.html#recursion
[15:56] <Fidelix> gobbe, what do you mean with "where" ?
[15:57] <gobbe> Fidelix: well, what is purpose of your bind?
[15:57] <Fidelix> gobbe, to serve my nameservers (ns1.mysite.com, ns2.mysite.com, etc...)
[15:57] <gobbe> Fidelix: ok
[15:58] <patdk-wk> so you might not want to even use localhost as recursive then
[15:58] <patdk-wk> unless you don't trust your other dns servers
[15:58] <patdk-wk> or you really need to use memory on your box for caching dns badly
[15:58] <Fidelix> patdk-wk, these servers are opendns
[15:58] <Fidelix> patdk-wk, isn't dns caching good?
[15:59] <patdk-wk> like all things, caching is good and bad
[15:59] <patdk-wk> yes, caching is normally good
[15:59] <patdk-wk> every single server having it's own cache, bad
[15:59] <patdk-wk> expecially when they don't use forwarders
[16:00] <patdk-wk> and the second ns entry is ovh, not opendns
[16:00] <iclebyte-work> is there any way to convert PPP to IP ?
[16:01] <patdk-wk> iclebyte-work, that is like saying, can  I convert a freezer into an oven
[16:01] <patdk-wk> well, I guess, mor like, convert a box into an oven
[16:01] <patdk-wk> since ppp wraps other things
[16:01] <jpds> A box oven sounds like it would be most effective.
[16:02]  * patdk-wk was thinking cardboard box :)
[16:04] <iclebyte-work> well.. i just want to decapsulate the PPP
[16:04] <iclebyte-work> IP is inside it
[16:04] <jpds> patdk-wk: Quite.
[16:05] <patdk-wk> iclebyte-work, wireshark should do it nicely
[16:05] <iclebyte-work> I'm trying to monitor a PPP network (adsl clients) using softflowd
[16:06] <patdk-wk> no clue
[16:28] <axisys> how do I mount a file system with ownership to a user.. ?
[16:28] <axisys> mount /path/to/mount ; ls -ld /path/to/mount shows owend by root
[16:28] <axisys> i like it to be owened by a user
[16:29] <axisys> i added uid=1001 in fstab and that did not help
[16:30] <axisys> I get this
[16:30] <axisys> Unrecognized mount option "uid=1001" or missing value
[16:31] <compdoc> cant you just change ownership of the /path/to/mount?
[16:31] <compdoc> its an existing directory, no?
[16:33] <baggar11> axisys: "uid=axisys,gid=axisys" works for me
[16:36] <axisys> compdoc: yes
[16:36] <axisys> compdoc: i changed the ownership to myself and then mounted and root took over
[16:36] <axisys> baggar11: let me try with name
[16:37] <Dragonshadow> '!\[color=(#[0-9a-f]{3}|#[0-9a-f]{6}|[a-z\-]+):$uid\](.*?)\[/color:$uid\]!is' matches [color=#FF8000][/color] , how can I make it *also* match [color="#FF8000"][/color] ?
[16:38] <axisys> baggar11: this one did not work for me
[16:38] <axisys> UUID=63333fb5-8457-45dc-9007-90638b8b4ca1 /opt/splunk  ext4    uid=splunk 0       1
[16:41] <axisys> http://pastebin.com/MAQ0pB5J
[16:41] <axisys> so the dir ownership changes after the mount
[16:41] <axisys> baggar11: is your one ext4 fs ?
[16:43] <hallyn> does anyone have a box, not in production, on which they could test lucid kvm with 1.5Tb virtio drive?
[16:44] <Dragonshadow> I tried using a ("?) but that didn't work
[16:44] <Dragonshadow> neither did (\"?)
[16:48] <baggar11> axisys: yeah
[16:49] <axisys> baggar11: mount -o uid=splunk /dev/sdc1 /opt/splunk did not work
[16:50] <axisys> baggar11: can you try unmount it and try it mount like this?
[16:51] <axisys> mount -v -t ext4 -o uid=splunk /dev/sdc1 /opt/splunk
[16:51] <axisys> ^ did not work
[16:53] <baggar11> axisys: actually, mine is on a remote cifs share. so I'm throwing username and password along with it
[16:53] <baggar11> but gid/uid are standard mount options
[16:53] <baggar11> did you try it with gid too?
[16:53] <axisys> mount -v -t ext4 -o uid=splunk,gid=splunk /dev/sdc1 /opt/splunk
[16:53] <axisys> no go ^
[16:54] <axisys> mount -v -t ext4 -o gid=splunk /dev/sdc1 /opt/splunk
[16:54] <axisys> no go either ^
[16:55] <compdoc> whats the error?
[16:55] <axisys> EXT4-fs (sdc1): Unrecognized mount option "uid=1001" or missing value
[16:55] <axisys> EXT4-fs (sdc1): Unrecognized mount option "gid=1002" or missing value
[16:57] <baggar11> axisys: running with sudo?
[16:58] <axisys> baggar11: running as root
[17:00] <RoAkSoAx> SpamapS: ping?
[17:02] <SpamapS> RoAkSoAx: pong, just logged in.. wassup
[17:02]  * SpamapS is seeing wobbly windows whenever he alt-tabs ... gah
[17:03] <axisys> baggar11: I tried with my own account and still failing
[17:03] <SpamapS> RoAkSoAx: the baby finallly let me sleep
[17:04] <RoAkSoAx> SpamapS: hehe yeah i was wondering why u weren't online early this time lol!!
[17:04] <RoAkSoAx> SpamapS: anyuways, where's the cobbler branch with the ubuntu packaging?
[17:05] <SpamapS> lp:~ubuntu-virt/cobbler/ubuntu
[17:06] <RoAkSoAx> SpamapS: thanks!
[17:06] <RoAkSoAx> SpamapS: is that were you guys do active development or is it lp:cobbler?
[17:07] <SpamapS> RoAkSoAx: thats us. lp:cobbler is an auto import of cobbler's git tree
[17:07] <RoAkSoAx> SpamapS: k cool  thanks!
[17:08] <SpamapS> hrm.. you know.. I think its time to figure out how to get irrsi to stop telling me which windows have had joins/quits ... w/ 50 windows.. its not actually useful
[17:09] <RoAkSoAx> lol
[17:09] <RoAkSoAx> SpamapS: -> /ignore -channels #chan1,#chan2,#chan3 * JOINS PARTS QUITS NICKS
[17:10] <RoAkSoAx> SpamapS: or something like /ignore -channels #chan1,#chan2,#chan3 -regexp -pattern (away|gone|back|playin|weg|wech|returned) * ACTIONS
[17:11] <SpamapS> I don't want to not see them in the window
[17:11] <SpamapS> I like seeing them in the window, I don't want to see them in the status bar
[17:20] <hallyn> SpamapS: you mean the channel number changing color?  or do you see actual notifications?
[17:24] <SpamapS> the channel number
[17:25] <SpamapS> hallyn: ^^
[17:28] <hallyn> SpamapS: yeah then lemme know when you figure it out :)
[17:42] <tdn> How do I make a cron-job that runs every 20 minutes, but only between 10 am and 23 pm?
[17:42] <patdk-wk> easily :)
[17:42] <patdk-wk> did you do a man crontab
[17:42] <gobbe> yep, crontab has really good man-page and tons of websites
[17:43] <SpamapS> tdn: */20 10-23 * * *
[17:44] <SpamapS> I think thats the right # of stars
[17:44] <patdk-wk> yep
[17:44] <patdk-wk> unless you shove it into a /etc/cron.* folder
[17:44]  * SpamapS knows that he just ruined the fishing lesson patdk as giving ;)
[17:52] <tdn> SpamapS, thanks.
[18:02] <sockPants> hi
[18:03] <sockPants> i'm trying to set up dnsmasq as a dhcp server
[18:03] <sockPants> what do i need to put in /etc/networks/interfaces?
[18:03] <patdk-wk> nothing?
[18:05] <sockPants> well then it's not working
[18:05] <patdk-wk> well what are you attempting to do?
[18:05] <sockPants> serve an ip address to another system
[18:05] <pmatulis> patdk-wk: "set up dnsmasq as a dhcp server"
[18:05] <sockPants> but the system itself doesnt even have an ip address on that interface
[18:06] <patdk-wk> cause /etc/network/interfaces normally should have a static ip, if your running dnsmasq on it
[18:06] <sockPants> i see. i figured, but none of the tutorials mention it
[18:06] <patdk-wk> pmatulis, ya, confused what computers he was talking about, or only talking about one
[18:07] <Lichte> I've setup pptp on server 10.04 and I'm able to connect from home just fine, but I can't access any of the windows shared drives...any ideas ???
[18:07] <AdamDV> Where can I find the .ttf or .otf of the font used in the terminal window?
[18:09] <consumerism> i need functions in php gd that are not in php5-gd on lucid. does anyone know of a compiled standalone gd library with all (or most) functions built-in, so i don't have to recompile php with gd support on my server?
[18:20] <bjaanes> Hi, Im trying to use tar for my backup right now, but the performance seems to be quite bad. Im trying to tar a quite huge directory (my entire file server), but after a while, things are really slowing down, takes like an hour for 4 gig files. Any ideas?
[18:20] <bjaanes> disk to disk, not over network btw
[18:26] <thesheff17> bjaanes: are you using compression?
[18:34] <Angryfurby> hey guys i have ubuntu 10.10 trying to use postfix to send email's anyone delt with the address verification issue
[18:42] <consumerism> i'm trying to install a .deb from http://security.ubuntu.com/ubuntu/pool/main/p/php5/ - the latest php5-gd. i want to install it regardless of the fact that it depends on a later version of php5. but dpkg -i downloaded.deb --ignore-depends=php5-common doesn't work
[18:42] <consumerism> dpkg: error processing --ignore-depends=php5-common (--install):
[18:42] <consumerism>  cannot access archive: No such file or directory
[18:42] <consumerism> dpkg: dependency problems prevent configuration of php5-gd:
[18:42] <consumerism>  php5-gd depends on php5-common (= 5.3.3-7ubuntu1); however:
[18:43] <consumerism>   Version of php5-common on system is 5.3.2-1ubuntu4.7.
[18:43] <consumerism> what can i do about this?
[18:44] <consumerism> same thing if i --ignore-depends=php5-gd
[18:45] <consumerism> got it, i have to pass the --ignore-depends option BEFORE the package. dug.
[18:48] <consumerism> sigh, still no ImageAntiAlias() in the latest php5-gd. anybody know how i can get that function without compiling my own php?
[19:23] <sockPants> hi
[19:24] <sockPants> i have dnsmasq running as dhcp server on eth0 using 192.168.0.1/24 and the same machine is connected to a network where it gets an ip address in 192.168.2.x/24 which has an internet connection. how do i allow clients to connect to the internet throught eth0
[19:26] <smoser> bug 486128
[19:32] <RoyK> sockPants: out of interest, why don't you just use ISC DHCP? it's very well tested and used by thousands or  perhaps millions
[19:33] <sockPants> RoyK: well it's only a temporary setup for booting and installing xubuntu to an old machine through pxe, so nothing matters as long as it works. the netboot installer wants to download the installation files from the internet
[19:34] <RoyK> sockPants: still, setting up ISC DHCP daemon is done in something like 2-10 minutes
[19:34] <RoyK> and it works
[19:34] <sockPants> i've never heard of ic
[19:34] <sockPants> *it
[19:34] <RoyK> apt-get install dhcp3-server
[19:34] <sockPants> that
[19:35] <sockPants> how does that help me get internet on the client on eth0 through the internet connection on eth1
[19:35] <sockPants> right now i'm just using the built in dhcp server in dnsmasq because it's there
[19:35] <sockPants> the two interfaces are on different subnets
[19:35] <RoyK> something like '-A POSTROUTING -s 10.0.0.0/22 -o eth0 -j MASQUERADE
[19:35] <RoyK> something like 'iptables -A POSTROUTING -s 10.0.0.0/22 -o eth0 -j MASQUERADE'
[19:35] <RoyK> -o being the output interface
[19:36] <RoyK> and add net.ipv4.ip_forward = 1
[19:36] <RoyK> to /etc/sysctl.conf and run sysctl -p
[19:36] <RoyK> done
[19:37] <RoyK> perhaps install bind9 if you need a local (caching) dns server - if not, use one on the internet
[19:46] <Roasted_> Has anybody ever utilized Zentyal on Ubuntu to configure a FreeRadius server?
[19:46] <RoyK> !zentyal
[19:46] <Roasted_> zentyal was formerly known as ebox...
[19:46] <Roasted_> they changed the name 2 months ago
[19:46] <RoyK> ah
[19:46] <RoyK> ok
[19:46] <RoyK> no, I just use the commandline
[19:47] <Roasted_> you've set up freeradius?
[19:47] <RoyK> yeah
[19:47] <Roasted_> Is it painful to set up, or am I just over complicating it?
[19:47] <Roasted_> I am finding that all freeradius guides... suck. I've seen so little documentation that is relevant. Every guide I find is so different to the next, it just confuses me more on what to do.
[19:48] <RoyK> any integration with ldap? or just static users/passwords?
[19:48] <Roasted_> LDAP integration eventually. Right now I'm trying to keep it simple in a small test environment with using local users/passwords.
[19:49] <Roasted_> I'm using a netgear access point that has radius support, along with Ubuntu 10.04.1 in a VM on VMWare.
[19:49] <RoyK> Roasted_: ok
[19:49] <Roasted_> I have Zentyal (ebox) installed with the RADIUS module. It attempts to validate, but it just loops with validating identity and eventually times out at disconnected.
[19:51] <Roasted_> RoyK, is there a guide you used that you've had success with, or perhaps some sort of documentation you could point me to? While Zentyal looks promising, I feel lost otherwise.
[19:51] <RoyK> Roasted_: to be honest, I didn't setup the system myself, only migrate it to ubuntu, which was rather easy. AFAICS it mostly comes down to the files clients.conf and users
[19:51] <Roasted_> well, Zentyal directly edits those files when I add users and whatnot.
[19:51] <Roasted_> I know that because it prompts me, saying these following files will be changed if you submit these changes, etc.
[19:53] <RoyK> Roasted_: no offence, but mostly, asking for GUI-based tools in here is rarely much help. Also, radius isn't very much used these days, except those of us with equipment needing it... If you can pastebin some configs, that will help a lot, even though I can't promise I can help
[19:54] <Roasted_> RoyK, radius isn't used much anymore????
[19:54] <Roasted_> I thought radius was the authenticated future of secure wireless?
[19:54] <Roasted_> for businesses at least.
[19:55] <RoyK> Roasted_: for current and past and possibly the near future, but I doubt radius will survive very long
[19:55] <Roasted_> RoyK, what do you think will be the standard? Regular WPA2-Personal passkeys?
[19:56] <RoyK> possibly AD
[19:56] <Roasted_> active directory?
[19:56] <RoyK> seems AD is taking over a lot
[19:56] <RoyK> yeah
[19:56] <Roasted_> as in, microsoft active directory?
[19:56] <RoyK> yes
[19:56] <Roasted_> why am I suddenly in disbelief
[19:57] <RoyK> well, I'm not a microsoft fan, just saying what I think
[19:57] <RoyK> still, LDAP/kerberos might be better
[19:57] <RoyK> that'll be compatible (or at least somewhat) to both unices and AD
[19:58] <Roasted_> well it's nothing against microsoft in particular, I just find that to be a stretch.
[19:58] <RoyK> to rephrase that comment a little, I think perhaps ldap/kerberos might be better than radius
[19:58] <Roasted_> well
[19:59] <Roasted_> for right now, this is the project on the table I need to figure out. If it changes in the future, I'm certainly open to adapt accordingly.
[19:59] <RoyK> radius is 20 years old, and lacks a few things
[19:59] <Roasted_> to me radius doesn't seem antiquated, when I consider the type of authentication and hardware authentication it handles.
[19:59] <Roasted_> If anything it seems very advanced, compared to WPA2 Personal alone.
[19:59] <RoyK> especially X.500 compliance
[20:00] <RoyK> well, it's way better than WPA personal
[20:00] <RoyK> indeed
[20:01] <Roasted_> if it's way better than WPA Personal, then what's the harm in using it? I'm getting the vibe that I'm trying to implement amish technology into our network, but if radius (despite being old) is still the "best" I'm failing to see the issue with integrating it.
[20:01] <RoyK> and I personally try to setup an openwrt-based WIFI network at work based on radius, but it seems a PITA, since the RAIUS servers are win2k8r2-based, and the win2k8r2-implementation of radius is behaving rather badly
[20:01] <Roasted_> yeah
[20:02] <Roasted_> that's why I'm setting it up on linux, becasue of windows issues with it.
[20:02] <sparc> good afternoon, i'm mirroring dists/lucid, but the installer seems to pull only Packages files from it
[20:02] <sparc> and not the debs from pool/mail ..
[20:02] <sparc> after i preseeded the mirror'd archive
[20:02] <sparc> is this a common problem?
[20:03] <RoyK> sparc: pastebin /etc/apt/sources.list or relevant files (/etc/apt/sources.list.d/*)
[20:04] <sparc> hmm ok
[20:04] <RoyK> !pastebin
[20:04] <sparc> thank you, don't let me interrupt the discussion though :)
[20:04] <RoyK> np :)
[20:05] <RoyK> sparc: can you pastebin your RADIUS config and potential error messages?
[20:05] <Roasted_> RoyK, nonetheless, can you offer any insight on what I should look for is my test environment is failing at validating identity?
[20:05] <RoyK> Roasted_: that last one was for you, not sparc - sorry
[20:05] <Roasted_> do you know the path of where that file resides RoyK ?
[20:06] <RoyK> which file?
[20:06] <Roasted_> the RADIUS config
[20:06] <RoyK> //etc/radius
[20:06] <RoyK> s/\///
[20:06] <RoyK> erm
[20:06] <RoyK> no
[20:06] <RoyK> /etc/freeradius
[20:07] <Roasted_> which file within freeradius would you like to see? freeradius is a directory and I don't see a "config"
[20:08] <RoyK> radiusd.conf is the main config file
[20:09] <Roasted_> gotcha. working on it now.
[20:10] <Roasted_> our outbound connectin is slow today, pastebin is taking its dear old time
[20:10] <RoyK> that one has includes to other files
[20:10] <RoyK> Roasted_: oh - where are you located, btw?
[20:10] <Roasted_> pennsylvania
[20:10] <RoyK> ok
[20:10]  * RoyK is in Oslo
[20:10] <Roasted_> we're just working on our filter server at the moment, so all connections are kind of bottlenecked right now.
[20:10] <Roasted_> externally at least.
[20:11] <Roasted_> my gosh I feel like I'm on dial up all over again
[20:11] <Roasted_> "AOL 4.0 Optimized!"
[20:12] <RoyK> dialup?
[20:12] <RoyK> like we did in the ninetees?
[20:12] <Roasted_> yep. back in "the day"
[20:13] <RoyK> IRC is nice for slow links - no bothering graphics etc :P
[20:13] <Roasted_> yep. love it!
[20:13] <Roasted_> this is ridiculous...
[20:13] <Roasted_> really. it's just one web site.
[20:14] <Spice-boy> somebody can help me?
[20:14] <Roasted_> the students are gone, there should be anything throttling us back this badly
[20:14]  * RoyK was about to complain about his 3,5Mbps link only sustains 2Mbps on a good day, but will rest his case
[20:14] <RoyK> !ask
[20:16] <Roasted_> wow
[20:16] <Roasted_> just wow.
[20:17] <RoyK> ?
[20:17] <Roasted_> I'm still waiting for pastebin to show up.
[20:17] <RoyK> :)
[20:17] <gobbe> :)
[20:17] <Roasted_> no :). stab me.
[20:17] <Roasted_> quick.
[20:17] <RoyK> good link
[20:17] <Spice-boy> i have a usb wirreles adapter... Belkin f7d2101 ... and i don`t have driver for ubuntu 8.10. how i cand install ther usb wirreles adapter on unbuntu 8.10?
[20:17] <Roasted_> why are you on 8.10?
[20:17] <Roasted_> their support is long gone for 8.10.
[20:17] <Spice-boy> pfuu
[20:18] <Roasted_> official support anyway
[20:18] <Spice-boy> i need to instal another version for ubuntu?
[20:18] <RoyK> that's > 2 years old - try a newer version
[20:18] <Roasted_> Spice-boy, well there's bee several releases since then
[20:18] <RoyK> sparc: no idea - google it
[20:18] <Roasted_> 9.04, 9.10, 10.04 LTS, and 10.10 is the latest
[20:18] <Roasted_> I'd go for 10.04 LTS. LTS's are always <3
[20:19] <Spice-boy> aha i understand....
[20:19] <RoyK> and 11.04 if you're eager/brave
[20:19] <Roasted_> Spice-boy, with newer kernels often comes more support for hardware. Newer kernels would be what you would see with newer versions of Ubuntu. In particular, 10.04 because it's an LTS, and 10.10 because it's the most current.
[20:19] <Roasted_> Spice-boy, so you might fire up 10.04 and find your Belkin works perfectly fine with zero configuration needed.
[20:20] <Roasted_> I'm not saying you WILL. But you'd have better chances than tinkering with an unsupported version of Ubuntu, such as 8.10.
[20:20] <RoyK> I'd recommend using 10.10 for a desktop system
[20:20] <RoyK> mostly no reason for LTS for those
[20:20] <Roasted_> I agree, depending on the application.
[20:20] <gobbe> yep
[20:20] <Roasted_> I have 10.04 on my "desktop" here, but it also acts as a server.
[20:20] <gobbe> i run 10.04 on servers
[20:20] <gobbe> and 11.04 on desktop ;)
[20:20] <Spice-boy> RoyK thx... i`m gonna download de newer version...
[20:21] <Roasted_> Spice-boy, good luck!
[20:21] <Spice-boy> the*
[20:21] <Spice-boy> thanks
[20:21] <RoyK> Spice-boy: just try 10.10 - 11.04 isn't ready yet
[20:21] <Roasted_> RoyK, pastebin is still trying to show up. This might be a losing battle.
[20:21] <Roasted_> RoyK, is there something in particular I can look for that you're curious about?
[20:21] <Roasted_> in the radiusd config file at least.
[20:22] <Spice-boy> yes 10.10 thx RoyK
[20:41] <jpiche> anyone here know of a ppa for mysql 5.5? I prefer debs over manual tar installs
[20:44] <pmatulis> jpiche: first step is to search launchpad
[20:45] <pmatulis> https://launchpad.net/ubuntu/+ppas?name_filter=mysql
[20:46] <jpiche> pmatulis, oh thanks. I didn't know you could search by ppa... i feel dumb now
[20:48] <JanC> jpiche: not knowing something is not the same as being dumb...  ;)
[20:49] <jpiche> JanC,  hence the word "feel", and also why I asked here. I figured I'd get an answer pointing me in the right direction. I love IRC ;-)
[20:49] <JanC> it's not like there is a link to that search page on every PPA
[20:51] <jpiche> unfortunately I'm not finding anything though
[20:54] <RoyK> jpiche: just apt-get source the mysql package, copy the debian/ directory into the mysql 5.5 directoroy, cd into the source directory and dpkg-buildpackage
[20:54] <JanC> and hope it works well  ;)
[20:54] <RoyK> yeah :)
[20:55] <jpiche> well, that's what VMs are for
[20:55] <JanC> I mean, hope the build works well (I'm not sure if MySQL changed much in the way it gets built)
[20:55] <jpiche> RoyK, do you know if there are changes to 5.5 directory structure though?
[20:56] <RoyK> no ifrs
[20:56] <RoyK> no idea
[21:02] <Roasted_> RoyK, well I got a slew of the same error in my radius error log.
[21:02] <Roasted_> Error: Ignoring request to authentication address * port 1812 from unknown client.
[21:03] <Roasted_> with the listed IP that I gave my access point following after unknown client.
[21:04] <RoyK> sorry - no idea
[21:04]  * RoyK pats his two 100TB boxes and hope Bacula will learn to behave soon
[21:11] <geekbri> is there a testing repository for 10.04 LTS ?
[21:28] <RoAkSoAx> win 10
[21:29] <highvoltage> esc 0 :)
[21:30] <RoAkSoAx> it finally had to happen >P
[21:34] <RoyK> RoAkSoAx: s/^\//
[21:39] <sockPants> hi all, maybe something you can help me with
[21:39] <sockPants> i'm trying to boot over pxe but now i have the error 'No init found. Try passing init= bootarg.
[21:39] <sockPants> what would I put? right now this is what i'm booting: http://pastie.org/1516202
[21:42] <geekbri> if i want a kernel module to be loaded at boot time so i don't have to modprobe, where would that go?
[21:44] <RoyK> http://www.gnu.org/fun/jokes/helloworld.html
[21:45] <RoyK> geekbri: it should be in the initrd/initramfs - all modules should be there
[21:45] <geekbri> RoyK: thank you very much
[21:46] <RoyK> and initrd/initramfs should autodetect those loadable
[21:46] <geekbri> i wanted to add fuse, so i actually adedd it to /etc/modules
[22:00] <slicslak> i'm on a RS Cloud ubuntu server, ls -l doesn't show the groups.  anyone know if/how i can change that?  sudo ls -l does, but I would rather not have to sudo to run ls  :)
[22:42] <MikeChelen> is there a log of system load over time?
[22:43] <patdk-lap> uptime
[22:55] <RoyK> patdk-lap:  23:54:57 up 1 day, 23:43,  1 user,  load average: 20.86, 21.46, 21.73
[22:55] <patdk-lap> :)
[22:58] <MikeChelen> over longer periods such as days and weeks
[22:58] <MikeChelen> to monitor for spikes in load
[22:58] <MikeChelen> and see when they occurred
[22:59] <thesheff17> MikeChelen: there are number of monitoring tools...I really like zabbix.org but people have used nagios which is a well known monitoring tool.
[23:01] <thesheff17> MikeChelen: if you want something really simple just schedule uptime on cron
[23:01] <thesheff17> to a text file
[23:08] <MikeChelen> thesheff17: something simple would be good because this is the only measurement needed for now
[23:09] <MikeChelen> logging system load with cron would be ok, it would be nice to have a basic chart display though
[23:13] <thesheff17> MikeChelen: you could easily dump that text file into excel or another charting tool and do a graph...I'm sure there are even graphing tools in python if you really wanted something automated.
[23:52] <MikeChelen> thesheff17: yeah there are, just have a pick a library, and format the data