[00:06] <psywiped> how do i add /home/user/checkipaddress to crone and run it every 5 mins?
[00:11] <shauno> psywiped: crontab -e will make a crontab for user.  the entry will be something like "*/5 * * * * /home/user/checkipaddress", but you'll probably want to man crontab instead of flying too blind there
[00:14] <psywiped> shauno: man crontab?
[00:14] <psywiped> and that would run it as ./checkipaddress
[00:14] <shauno> that'll show you the manual that describes the file's format fully
[00:29] <psywiped> shauno: thanks its working had to add a trick to the end of the webaddress to get it to work but chron and the update is now functioning. heres what the code ended up looking like
[00:29] <psywiped> http://pastebin.ubuntu.com/565625/
[00:30] <shauno> heh, I haven't seen that before.  suspect the android client doesn't use OAuth yet, so they've added a workaround for it
[00:31] <shauno> glad you figured out how to glue it all together tho :)
[00:32] <psywiped> well i think its more for people that havent updated it
[00:32] <psywiped> its going to suck when it stops working
[00:34] <shauno> there's a decent handful of python twitter clients.  I'm sure you'll be able to glue it back together when they break it
[00:36] <psywiped> yep going to have to try and get twidge up and running
[00:36] <psywiped> dont know where its config file goes tho
[01:04] <nfearnley> I'm trying to get an Amazon EC2 instance of Ubuntu Server running. I can't seem to ssh into it. Is ssh enabled on the server by default, or do I have to connect by some other method to set it up?
[01:22] <edubuntu> sup bro
[01:22] <nfearnley> I figured it out. I just had to open the firewall. The default Amazon EC2 firewall looks open, but it's not :P
[01:41] <jkg> hi hi. I suspect this is a dovecot specific issue, but... my imapd is spewing http://paste.ubuntu.com/565639/ in logs. the machine isn't overly short of RAM, and I've increased login_process_size in dovecot.conf -- anyone got any ideas?
[01:43] <KB1JWQ> strace?
[01:44] <KB1JWQ> And is this actua;;y under vmware?
[01:45] <jkg> unfortunately, it is under vmware.
[01:46] <jkg> (can I easily attach strace to a service? I've no idea how to do that)
[01:52] <jkg> ahah! perversely, setting login_process_size = 0 has fixed it. given I was allowing 128MB I dread to think how large this means my login processes are...!
[03:07] <RoAkSoAx> kirkland: ping?
[03:16] <psywiped> pong
[06:10] <NDROfTheLine> Hello all
[06:11] <NDROfTheLine> I finally got samba up and running on my server and I'm not sure why I'm having such poor performance.
[06:11] <NDROfTheLine> Once I'm connected to the share it seems to do file transfers just fine, but initially opening it takes a good 20 seconds
[06:12] <NDROfTheLine> What can I change to reduce this lag?
[06:12] <twb> NDROfTheLine: sounds like a nss cockup
[06:13] <NDROfTheLine> !info nss
[06:13] <twb> NDROfTheLine: pastebin /etc/nsswitch.conf
[06:14] <ranger03> i like swat..it makes samba configs of like 10 lines long..easier to config than 200 line samba config file
[06:14] <NDROfTheLine> how the eff do you configure a user with the proper permissions to use swat?
[06:14] <NDROfTheLine> i've been playing with that for a while now
[06:14] <NDROfTheLine> twb, please excuse my ignorance, but how do i get that information to pastebin
[06:15] <NDROfTheLine> i mean, i'm ssh'ed into my server
[06:15] <NDROfTheLine> i know how to display a file on vi
[06:16] <NDROfTheLine> oh nvm
[06:16] <NDROfTheLine> duh, just highlight in terminal and mid-click in pastebin
[06:16] <NDROfTheLine> sorry
[06:16] <NDROfTheLine> http://pastebin.com/fZdMMhfa
[06:27] <NDROfTheLine> how do i change apache2's DocumentRoot
[06:28] <jmarsden> NDROfTheLine: You can also   sudo apt-get install pastebinit and then use that from the command line to send things (files, command output, etc) to a pastebin site.
[06:28] <NDROfTheLine> so then i just run the command and port it to pastebin it?
[06:28] <NDROfTheLine> like cat <file> | pastebinit
[06:28] <NDROfTheLine> ?
[06:29] <jmarsden> NDROfTheLine: DocumentRoot is a per-site thing, so you edit the file for the site concerned, under /etc/apache2/sites-enabled/ and then reload the apache config.
[06:29] <jmarsden> Well, yes, but   pastebinit /path/to/filename   works for the case where you already have a file
[06:29] <NDROfTheLine> oh cool thanks
[06:30] <NDROfTheLine> good to see you again jmarsden
[06:30] <NDROfTheLine> i was under Ender yesterday
[06:30] <NDROfTheLine> just fyi
[06:30] <NDROfTheLine> and you too twb
[06:30] <NDROfTheLine> does my nss config look strange?
[06:30]  * jmarsden was going... "I don't remember that nick..." :)
[06:32] <jmarsden> NDROfTheLine: Not to me, but I'm not expert on that.  Do you have working DNS for the servername that you use ?
[06:32] <twb> NDROfTheLine: I dunno man
[06:33] <NDROfTheLine> I don't think I have a DNS
[06:33] <jmarsden> NDROfTheLine:  from the client PC, does    dig SEVERNAME    return a sensible result with the correct IP for your serber
[06:33] <jmarsden> NDROfTheLine: OK, so how are you expecting the client to find out where the server is?
[06:33] <NDROfTheLine> But it does find the server
[06:34] <NDROfTheLine> it just takes too long, like 20 seconds
[06:34] <jmarsden> WHat command line are you using for that connection?  smbclient ... what?
[06:34] <NDROfTheLine> nautilus
[06:34] <twb> Try again with smbclient
[06:35] <jmarsden> Um.  I am fairly sure that yesterday, it was suggested that you use smbclient first, and only switch to a GUI client when smbclient worked fine...
[06:35] <twb> jmarsden: that was me suggesting it
[06:35] <jmarsden> OK, good :)
[06:35] <twb> Damn users...
[06:35] <NDROfTheLine> it did work
[06:35] <NDROfTheLine> i followed your adviceeeeee
[06:35] <NDROfTheLine> and it worked
[06:35] <jmarsden> With a 20 sec delay?  or not?
[06:36] <NDROfTheLine> no delay with smbclient
[06:36] <twb> and test on lo first
[06:36] <NDROfTheLine> but now i've forgotten how i connected
[06:36] <NDROfTheLine> smbclient <ip address> doesn't work
[06:37] <jmarsden> Was it an IP address that you gave nautilus, or a machine name?
[06:37] <NDROfTheLine> i just clicked "network" then "windows network" then my workgroup, computer, and share.
[06:38] <NDROfTheLine> hrm. the delay seems to have gone away...could it be due to a windows computer being logged onto the network?
[06:38] <NDROfTheLine> my wife's computer was connected a moment ago when i was experiencing the delay.
[06:38] <jmarsden> Unlikely... you can reconnect it and retest, to find out.
[06:41] <NDROfTheLine> ok. the smbclient man page appears to say that the command "smbclient -I <ipaddress>" will connect to the share on the given ip address
[06:41] <NDROfTheLine> OR, "smbclient --ip-address <ipaddress>"
[06:41] <NDROfTheLine> but
[06:41] <NDROfTheLine> neither does.
[06:41] <NDROfTheLine> what am i doing wrong here?
[06:43] <DiagonalArg> Hi all, RAID Question// Created RAID1 using liveCD/mdadm, named md2. On another machine installed ubuntu to installer-created RAID1 (md0/1/2). Trying to see all RAIDs from liveCD, but mdadm always names the first RAID1 "md2" (as seen in mdadm.conf), conflicting with the second. How can I make it automatically assign md*'s?
[06:50] <MTecknology> hm.. this is interesting... http://paste.ubuntu.com/565721/
[06:51] <MTecknology> this makes it more odd... http://paste.ubuntu.com/565722/
[06:51] <MTecknology> two files of the exact same name
[06:51] <MTecknology> nope- nevermind... d and q looked too close to the same thing
[06:51] <MTecknology> that other email is apparently a failed email to email me that the email failed to send
[06:52] <NDROfTheLine> lol
[06:52] <NDROfTheLine> mailfail
[06:54] <NDROfTheLine> so i guess i had to use the full name of the server AND the share to connect with smbclient
[06:54] <NDROfTheLine> but i am able to connect with zero delay
[06:55] <NDROfTheLine> well in fact, there's zero delay with nautilus too
[06:55] <NDROfTheLine> the problem yesterday is that on my smb.conf i had "browseable = yes" instead of "browsable = yes"
[06:55] <MTecknology> ouch
[06:56] <NDROfTheLine> seriously. othe rplaces in smb.conf it's spelled browseable. i checked.
[06:56] <NDROfTheLine> now how do i set up security for my share? a required password ?
[06:58] <MTecknology> I jsut purged sendmail and it's dependencies and reinstalled and get the same thing....
[07:00] <MTecknology> I kinda doubt this is just because I'm using +1
[07:02] <jmarsden> NDROfTheLine: You should be able to detect such spelling issues in smb.conf by running testparm /etc/samba/smb.conf
[07:02] <MTecknology> oh... this is gonna be fun; I get to reboot... yay... :(
[07:02] <MTecknology> 1|(status)     '2|#ubunt~drupal'3|#ubuntu-us-sd'4|#nginx-master'5|#nginx       '6|#freenode-gab'7|#ubun~ardened'8|#ubunt~kernel'9|#ubuntu-motu '0|#ubun~ckaging'q|#ubuntu-news 'w|#ubun~website
[07:02] <MTecknology> e|#ubun~assroom'r|#ubun~-server't|#launchpad   'y|#laun~pad-dev'u|#ubuntu-irc  'i|#freenode-gms'o|#sluglinux   'p|#l3ib        'a|#ubuntu-us   'd|#can~sysadmin'f|#ubuntu      'g|#freenode
[07:02] <MTecknology> j|#drupal      'k|#bash        'l|#linode      ';|#pressflow   'z|#terminator  'x|#drupal-docs 'c|#crunchbang  'v|#pantheon    'n|#debi~mentors',|#bzr         '.|#ubuntu+1    'Q|#drup~ultants
[07:02] <MTecknology> Sorry!
[07:03] <NDROfTheLine> heh
[07:03] <MTecknology> I didn't mean to do that.... :(
[07:03]  * jmarsden thinks... that's not what my machine does when it reboots :)
[07:06] <NDROfTheLine> jmarsden, you know, i did run testparm and it didn't actually report any errors
[07:06] <NDROfTheLine> jmarsden, it did NOT however list the browseable = yes line
[07:07] <NDROfTheLine> which gave me pause. i thought i had it misspelled, so i checked in other parts of the example smb.conf that samba comes installed with
[07:07] <jmarsden> Strange.  You may even have found a bug in there somewhere.
[07:07] <NDROfTheLine> everywhere else i found it was "browseable"
[07:07] <NDROfTheLine> so i assumed i had it spelled right and was doing somethying wrong, but today i was configuring a different server and started from scratch using the Ubutnu Server Guide itself and boom. "browsable".
[07:10] <NDROfTheLine> http://pastebin.com/ZQABREsZ
[07:10] <jmarsden> NDROfTheLine: The man page for smb.conf says the two spelling are synonymns, and a quesck test hers shows that to be true.
[07:11] <NDROfTheLine> there's the output of testparm with "browseable" misspelled
[07:11] <jmarsden> s/quesck/quick/ :)
[07:11] <jmarsden> brows(e)able = yes is the default, so you only see it in testparm output if you set it to no, I think.
[07:12] <NDROfTheLine> well...now i've changed the spelling from "browsable" to "browseable", restarted smbd, and viola! I can't access my share with nautilus.
[07:13] <jmarsden> And don't do "cat /etc/samba/smb.conf | tail", just do   tail /etc/samba/smb.conf    :)
[07:13] <NDROfTheLine> oh ok that's helpful
[07:13] <NDROfTheLine> see, and i just changed te spelling back to browsable and now i can access it from nautilus
[07:14] <jmarsden> Wow, you have a USA-spelling only version of samba :) :)
[07:14] <NDROfTheLine> so there's some difference in the way MY machine, at least, is treating browseable/browsable
[07:14] <NDROfTheLine> lol seriously
[07:14] <NDROfTheLine> anyway whatever
[07:14] <NDROfTheLine> good to know, i guess
[07:17] <jmarsden> BTW, doing   egrep -v '^#|^;|^$' /etc/samba/smb.conf    gets you a compact, commentless version of your smb.conf  :)
[07:17] <NDROfTheLine> wtf is all that goobldegook
[07:17]  * NDROfTheLine searches for google
[07:18]  * NDROfTheLine finds google and uses it to search for gobbledegook
[07:18] <jmarsden> A regular expression.   man 7 regex for a long detailed explanation of regexes :)
[07:18] <jmarsden> Use the docs on your machine before resorting to Google :)
[07:18] <NDROfTheLine> well fair enough but without your input i wouldn't have known to look for regex
[07:19] <NDROfTheLine> what does the 7 parameter do to man?
[07:19] <jmarsden> NDROfTheLine: man egrep    would have got you the idea that it uses regular expressions...
[07:19] <jmarsden> It's SEE ALSO section lists regex(7).
[07:20] <jmarsden> 7 is section 7 of the manuals.
[07:20] <jmarsden> man man   for info on that :)
[07:20] <NDROfTheLine> do you just remember that regex(7) is what to look for or di dyou reference that somewhere
[07:21] <jmarsden> Some of us learned Unix before Google existed :)  I did man regex and got the man page for the library call, then did man 7 regex
[07:22] <jmarsden> But as I said, man egrep and reading it, including its SEE ALSO section, would have got you to regex in section 7, which man pages write as regex(7) and which you can read by typing in   man 7 regex  :)
[07:23] <NDROfTheLine> very cool. thanks.
[07:24] <jmarsden> You're welcome.
[07:25] <NDROfTheLine> last night right before i signed off you said i needed to read about workgroups
[07:25] <NDROfTheLine> oh in fact its probably still in the script here...
[07:26] <NDROfTheLine> yep
[07:28] <NDROfTheLine> you know, it's a lot of fun learning things this haphazard way, by tumbling into a problem and then clawing out of it, but if i wanted a more top-down learning experience, what would i need to do?
[07:30] <jmarsden> well, one place to start might be http://tldp.org/LDP/intro-linux/html/intro-linux.html
[07:31] <jmarsden> For a more concentrated more admin-oriented one, try http://rute.2038bug.com/index.html.gz
[07:32] <jmarsden> For a whole bunch of free online books, try: http://www.linuxlinks.com/article/20090405061458383/20oftheBestFreeLinuxBooks-Part1.html :)
[07:33] <NDROfTheLine> jmarsden, do you work all day and then come here to help lost souls like me just because you enjoy it? what's your motivation?
[07:34] <jmarsden> More or less, yes :)  I believe enough in Linux to want to help others use it and not run away from it frustrated.  And I do learn by helping others, sometimes, too :)
[07:35] <jmarsden> On occasion someone will ask something, and I'll think "That's an interesting question!" and find the answer out for myself, as well as for them :)
[07:36] <NDROfTheLine> incredible.
[07:36] <NDROfTheLine> i mean, i believe it, obviously, but still, hard to believe.
[07:37] <NDROfTheLine> if i told somebody else how this worked they wouldn't believe me.
[07:37] <jmarsden> Try it :)  Spread the word :)
[07:37] <NDROfTheLine> I do, I spread it.
[07:38] <NDROfTheLine> now that libreoffice has more solid support for .docx files i actually might be able to get a few people here and there to really switch
[07:39] <jmarsden> There are entire books and articles written on motivating people to make that transition... and yes, for many people the file format "lock in" issue can be a big obstacle.
[07:39] <NDROfTheLine> seriously. i had a golden opportunity a few weeks ago, a nonprofit in my area asked me to come in and install an office program for them.
[07:40] <NDROfTheLine> i mentioned openoffice but the lady shook her head like she had experience with it, and said that she gets stuff from her marketing departmentshe has to edit and return
[07:40] <NDROfTheLine> so it was a no-go
[07:44] <twb> You should just teach them TeX
[07:44] <NDROfTheLine> maybe once i *learn* TeX
[07:44] <twb> NDROfTheLine: get on with it then
[07:44] <NDROfTheLine> ha! indeed.
[07:44] <NDROfTheLine> it's going on my list
[07:44] <twb> I haven't used a word processor for year
[07:44] <twb> *years
[07:46] <NDROfTheLine> aren't you a teacher yourself
[07:46] <NDROfTheLine> i mean irl
[07:47] <twb> That's one way of putting it...
[07:47] <NDROfTheLine> no, like as your profession
[07:48] <NDROfTheLine> aren't you a cs professor
[07:48] <twb> No.
[07:48] <NDROfTheLine> oh ok, i thought i encountered you a while back. nvm.
[07:48] <twb> I'd kill myself if I *had* to deal with students
[07:48] <NDROfTheLine> lol
[07:48] <NDROfTheLine> and yet, here you are, subjecting yourself nonetheless
[07:49] <twb> I'm the cs equivalent of the muso who prefers to flip burgers rather than sell out to sony
[07:49] <twb> NDROfTheLine: yes but *I* choose when to stop.  If I was paid to be here, I'd be honour-bound to be here even when I didn't want to be
[07:50] <jmarsden> It's very different here.  You can take breaks any time, you can stay away for weeks or months (I have done that)... you can ignore annoying people completely if you choose... :)
[07:51] <twb> Volunteers Can Say No™
[07:52] <NDROfTheLine> (tm)
[07:52] <NDROfTheLine> heh
[07:53] <twb> Ιτ'σ αλλ θνιψοδε ηερε, δθδε!
[07:54] <twb> Pft, crappy input method can't even autodetect final sigma
[07:56] <NDROfTheLine> why don't LUGs offer free open-source consulting for nonprofits
[07:58] <jmarsden> NDROfTheLine: LUGs are whatever their members make them.  I'm giving a talk at my local one on Saturday :)  So if yours has an interest in helping non-profits, cool, set something up there.
[07:59] <NDROfTheLine> have you ever heard of something like that?
[08:00] <jmarsden> I don't think so... you'd perhaps need more local non-profits than many LUGs have access to, to make such a thing practical as more than a one-off?
[08:01] <NDROfTheLine> in the peace corps, people serve for 27 consecutive months in a country of the program's choosing doing all kinds of things for the local community. the pay is sufficient to cover your bare living costs, but that's about it.
[08:02] <NDROfTheLine> how likely do you think it might be that a just-graduated programmer would be willing to do a similar thing, but instead of build houses, build open code?
[08:02] <jmarsden> Sure.  I think there was a proposal for "geekcorps" at some point, try googling for that perhaps?
[08:02] <NDROfTheLine> ah, yes.
[08:03] <NDROfTheLine> geekcorps is a little differnt, they focus on getting IT adopted in the developing world
[08:04] <greppy> that level of income probably won't pay the student loans that people have now though.
[08:04] <NDROfTheLine> the peace corps has programs that forgive portions of loans
[08:05] <NDROfTheLine> assuming something coul dbe worked out to defer loan payments, and that the pay would be sufficient for basic living,
[08:05] <NDROfTheLine> what do you think the likelihood is that there would be a strong response?
[08:05] <greppy> people might go for it.
[08:05] <NDROfTheLine> would you go for it?
[08:06] <greppy> now? no.
[08:06] <greppy> I have a mortgage to pay :)
[08:06] <NDROfTheLine> well, i meant when you graduated
[08:06] <NDROfTheLine> would you have
[08:08] <greppy> I never graduated from college.
[08:08] <greppy> :)
[08:08] <NDROfTheLine> bah! you catch my drift though, sir.
[08:09] <NDROfTheLine> with sufficient skills you don't need a degree for the peace corps either
[08:09] <greppy> yes, but I could say "Sure, I'd go for it!" now, but when I was in my early 20's... I honestly don't know.

[08:10] <NDROfTheLine> i just think that a CodeCorps that worked like the peace corps or americorps or whatever would be really cool
[08:10] <NDROfTheLine> and could accomplish a lot
[08:10] <greppy> it could.
[08:11] <greppy> but I would probably aim for more just becoming part of an existing corp.
[08:11] <NDROfTheLine> there's no way in hell i could even begin contemplating *starting* a thing like this, not now anyway
[08:11] <NDROfTheLine> but a boy can dream, you know
[08:12] <NDROfTheLine> i'm joining the peace corps, actually, departing in may.
[08:12] <NDROfTheLine> anyway
[08:13] <NDROfTheLine> i volunteer at the red cross and a local nonprofit clinic
[08:13] <EvilPhoenix> uh...
[08:13] <twb> We have ALWAYS been at war with oceania
[08:13] <EvilPhoenix> we DO have an -offtopic channel you know
[08:13] <NDROfTheLine> oh right
[08:13] <NDROfTheLine> sorry
[08:13] <NDROfTheLine> "/rant"
[08:13] <EvilPhoenix> no problem :P
[08:14] <NDROfTheLine> #ubuntu-offtopic?
[08:14] <EvilPhoenix> mhm
[08:14]  * NDROfTheLine wanders off....
[08:31] <doorntje> Hello, I've got a question. Someone here tries to install Ubuntu Server on a server. But after selecting the language and selecting to install he gets a message with server timeout etc.
[08:32] <jmarsden> doorntje: Can you post the exact message he gets?
[08:32] <doorntje> http://imgur.com/4T1Yf << Here it is
[08:32] <EvilPhoenix> not loading
[08:32] <EvilPhoenix> that image
[08:33] <doorntje> http://i.imgur.com/4T1Yf.jpg
[08:33] <EvilPhoenix> kernel panics
[08:33] <EvilPhoenix> but at that zoom it doesnt help at lal
[08:33] <EvilPhoenix> all*
[08:34] <jmarsden> doorntje: we need to see the whole width of the screen, not just part of it.
[08:34] <EvilPhoenix> mhm
[08:34] <doorntje> Sorry, he doesn't have another photo. He'll try to get another one later...
[08:34] <EvilPhoenix> we need ALL the data
[08:34] <EvilPhoenix> before we can help you.
[08:35] <doorntje> Ah, ok.
[08:35] <EvilPhoenix> so "He'll try to get another one later..." means we'll help you later :P
[08:35] <doorntje> Well he'll try to get one of the full width of the screen...
[08:35] <doorntje> EvilPhoenix: i'll understand.
[08:36]  * EvilPhoenix believes this "friend" is actually doorntje himself
[08:37] <doorntje> EvilPhoenix: I'm at school now, you understand? But he doens't speak english very well..
[08:37] <doorntje> Maybe you have seen someone called JamLaMin on the forums?
[08:38]  * EvilPhoenix understands this perfectly.  EvilPhoenix also understands that digital photos of installation errors arent very useful at any zoom level.
[08:38]  * EvilPhoenix hasnt been to the forums in several months
[08:38] <EvilPhoenix> :/
[08:38] <doorntje> I'll tell him...
[08:38] <EvilPhoenix> dont tell him my speculations :P
[08:38] <EvilPhoenix> my speculations are my own :P
[08:38] <doorntje> Oh, ok...
[08:39] <EvilPhoenix> i'm just stating a general dissatisfaction with digital images of issues from a screen
[09:09] <NDROfTheLine> goodnight
[09:18] <iclebyte-work> how can I find out the current IO throughput of one of my servers? (this is for requirement gathering of our new vm solution)
[09:29] <JamesPage> iclebyte-work: try bonnie++
[09:29] <iclebyte-work> i want to see what my current system is using, rather than what it's capibal of
[09:29] <iclebyte-work> will bonnie do this?
[09:32] <JamesPage> bonnie++ will give you benchmarks; if you want to look at what IO your system is currently doing then try sar
[09:32] <JamesPage> its part of the sysstat package
[09:33] <soren> iclebyte-work: If it's for VM's, you can get this information from the hypervisor.
[09:34] <soren> iclebyte-work: Well... Any hypervisor worth its salt anyway.
[09:34] <iclebyte-work> well currently they are physical machines, i'm trying to work out what kind of throughput our storage backend is going to need to be able to keep up with
[09:34] <soren> iclebyte-work: kvm for instance will happily tell you how much I/O traffic it generates.
[09:34] <soren> iclebyte-work: Ah.
[09:35] <soren> vmstat gives you some of that info.
[09:36] <soren> "vmstat 5" will tell you how much block I/O has been done across the entire system every 5 seconds.
[09:36] <iclebyte-work> and which values should i be looking at?
[09:36] <iclebyte-work> bi and bo?
[09:38] <soren> Yes.
[09:38] <soren> Those are blocks tranferred in and blocks transferred out, respectively.
[09:39] <iclebyte-work> how does this relate to the read/write speeds of my storage backend?
[09:40] <soren> speed is <some general unit of measurement>/<some unit of time>. You have a reading for every 5 seconds...
[09:42] <soren> So, if bi is 3000 and bo is 250, that's 3000 blocks * 512 bytes/sector / 5 seconds = 307200 bytes/second.
[09:43] <soren> + 250 blocks * 512 bytes/block / 5 seconds = 25600 bytes/second.
[09:43] <soren> Sorry, I meant "block" where I said "sector".
[09:43] <soren> For a total of 332800 bytes/second.
[09:45] <soren> Hm.... That doesn't add up.
[09:46] <iclebyte-work> ?
[09:47] <soren> I just tried it, and the numbers are off.
[09:47] <iclebyte-work> thats 325kb/sec
[09:47] <soren> kB, not kb, but yes.
[09:47] <soren> It should be.
[09:47] <soren> But it's not.
[09:47] <soren> Perhaps those blocks are larger than I think.
[09:48] <soren> I think they're actually 4k.
[09:48]  * soren glances at blockdev --getss
[09:48] <soren> Ah.
[09:49] <soren> Yup.
[09:49] <soren> Should have used blockdev --getbsz. My bad.
[09:49] <soren> They're 4k.
[09:49] <iclebyte-work>  tune2fs -l /dev/sda5 | grep -i 'block size'
[09:49] <soren> So it'd be 3000 blocks * 4096 bytes/block / 5 seconds = something entirely different.
[09:49] <iclebyte-work> this is for ext3?
[09:49] <janimo> hello server people! What is the recommended way in a headless setup for a package to notify the user that some action could be taken - optionally.
[09:50] <soren> I think this is separate from the filesystem's idea of block size.
[09:50] <iclebyte-work> janimo, email?
[09:50] <janimo> A bootloader package gets updtaed so it want to tell the user that they can flash the new bootfiles if they wish
[09:50] <janimo> iclebyte, not a server, just headless, so no email guaranteed
[09:50] <janimo> it is for arm headless images
[09:50] <soren> Morse code?
[09:51] <iclebyte-work> string and 2 cups?
[09:51] <soren> We're helping!
[09:51] <iclebyte-work> soren, let me try some numbers from some of my production systems
[09:51] <janimo> no really is there no equivalent of the GUI, 'restarte required' or similar notifications at the console?
[09:51] <soren> janimo: I'm not sure I understand... How would you do it on a regular system?
[09:51] <janimo> but a fallback to morse will be considreed all else failing :)
[09:52] <iclebyte-work> janimo, or do you have any IO methods? a light or something maybe?
[09:52] <janimo> soren, on a GUI system some packages set up some hooks in post-install, which are show in the notif area - like firefox restart required or system reboot required
[09:52] <janimo> iclebyte-work, no this is supposed to be realtively hw indep
[09:53] <janimo> a sort of notification area for text mode :)
[09:53] <soren> janimo: Is there any reason you can't just use a debconf notice?
[09:53] <janimo> like on next login the user gets told, hey there's a new U-Boot you may want to flash it
[09:53] <iclebyte-work> what about remote syslog?
[09:53] <soren> janimo: Well, you could hook into update-motd.
[09:53] <janimo> soren, debonf notice is fine, except I don't know what that is, so any solution that does it is fine by me. I just knew the server team know more about headless so I came here
[09:53] <soren> janimo: Ok, let's try it this way: How do you expect people to upgrade the package?
[09:54] <soren> janimo: Using apt-get over ssh?
[09:54] <janimo> soren, they will use an existing tool that is installed. But this does not need to happen automatically as it is risky
[09:54] <soren> janimo: Something other than apt/dpkg?
[09:54] <janimo> soren, a new package get updated which has fgirmware/bootlaoder blobb
[09:54] <janimo> soren, yes, it goes to a hidden vfat partition
[09:55] <janimo> so special tool like the onel flashing kernel and initramfs on arm
[09:55] <janimo> potentionall to NAND later, etc
[09:55] <soren> janimo: I think we're talking about different things.
[09:55] <janimo> so not part of /
[09:55] <janimo> soren, ok, let me link to the spec
[09:55] <janimo> https://blueprints.launchpad.net/ubuntu/+spec/other-arm-n-handle-core-boot-files-update
[09:55] <soren> janimo: I think(!) you're talking about the kernel itself. I'm talking about the package that contains the kernel.
[09:55] <soren> janimo: You started out saying "A bootloader package gets updtaed...".
[09:56] <soren> janimo: Is that a .deb at any point in time or is all of this completely separate from the packaging system?
[09:56] <janimo> soren, yes for ex the uboot package gets updated via dist-upgrade
[09:56] <soren> Excellent.
[09:56] <soren> Then it's simple enough.
[09:56] <iclebyte-work> soren, the bi and bo values are they *1000 ?
[09:56] <soren> Well, as simple as debconf :)
[09:56] <soren> iclebyte-work: No.
[09:56] <soren> iclebyte-work: Raw numbers.
[09:56] <janimo> so we need to tell the user, hey new blobs for uboot ara available, you can flash them into the boot area if you wish
[09:56] <soren> janimo: Right.
[09:56] <janimo> soren,  it comes in a deb
[09:57] <soren> janimo: Excellent.
[09:57] <janimo> and the tool uses the fiels from the deb
[09:57] <soren> janimo: Then it's straight forward.
[09:57] <janimo> so that is the only use for the deb
[09:57] <soren> "man 7 debconf" is the canonical guide, but I recommend finding a package that uses it and copy magic from there.
[09:58] <soren> If you ask some of your team mates for help showing a debconf notice some of them should be able to guide you.
[09:58] <janimo> soren, I have used debconf for pkg configuration, are notices something less used?
[09:58] <soren> debconf abstracts such pesky things as UI for you.
[09:58] <janimo> soren, ok, so regular debconf question while installing?
[09:58] <soren> You just tell it that you want to ask a question or show a notice or whatever, and it does the right thing depending on the available UI and configuration.
[09:59] <janimo> ok
[09:59] <soren> janimo: If you've used questions, this is almost identical.
[09:59]  * janimo start looking for debconf notices
[09:59] <janimo> soren, thanks
[09:59] <soren> man 7 debconf-devel
[09:59] <soren> is your friend.
[10:00]  * janimo is just confused as this requirement was said to be satisfiable by any of jockey, update-manager, debconf,update-motd
[10:00] <soren> Look for THE TEMPLATES FILE->Type->Note.
[10:00] <soren> janimo: update-motd is an option, too.
[10:01] <iclebyte-work> soren, would it be fair to run vmstat 5 for 1 minute (i.e. 12 outputs) then take the median?
[10:01] <iclebyte-work> i.e. the middle of the highest and lowest number?
[10:01] <soren> janimo: update-motd lets you put scripts in a directory that get executed on login and can put stuff in motd. You can check for updates and notify people logging in that there's stuff to do.
[10:01] <soren> iclebyte-work: I can't say.
[10:01] <soren> iclebyte-work: Depends on what you need the numbers for.
[10:01] <soren> iclebyte-work: I would have thought you need the max.
[10:02] <iclebyte-work> i'm trying to work out how much throughput i need from a SAN
[10:02] <soren> "need" means you want to find the max, doesn't it?
[10:02] <iclebyte-work> yea i suppose that makes sense, better to have too much than not enough
[10:02] <iclebyte-work> yes =)
[10:02] <iclebyte-work> soren, have you any experience with gluster?
[10:02] <soren> iclebyte-work: Some.
[10:02] <iclebyte-work> have you used it for virtulization ?
[10:02] <soren> iclebyte-work: Not in any sort of production setting, though.
[10:03] <soren> iclebyte-work: Yes.
[10:03] <iclebyte-work> what kind of hardware did you use for the bricks?
[10:04] <iclebyte-work> i'm thinking of using some old G4 DL380's with ultra320 disks in RAID0 then using replication and installing bricks in pairs for redundancy
[10:04] <soren> iclebyte-work: Whatever I had lying around. A laptop and a spare desktop box.
[10:04] <iclebyte-work> then adding pairs as and when needed for the VM's
[10:04] <iclebyte-work> ah =)
[10:04] <soren> glusterfs is cool. I'm sad I haven't gotten to play more with it.
[10:05] <iclebyte-work> soren, do you work on ubuntu-server full time?
[10:05] <soren> iclebyte-work: I used to.
[10:05] <iclebyte-work> you've answered some of my questions on the mailing list
[10:05] <soren> What's your name?
[10:06] <iclebyte-work> Jamie McDonald - I had problems with my KVM's not hitting the outside world - turned out to be fasthost locking the switches down to mac
[10:06] <soren> That's pretty common.
[10:06] <soren> The problem, not the name. I think.
[10:06] <iclebyte-work> it's pretty frustrating =)
[10:07] <soren> It's not that hard to work around, though.
[10:07] <iclebyte-work> they added the mac's for me no questions
[10:07] <soren> Ah, great.
[10:07] <soren> Instead of bridging VM's onto the LAN directly, you can just route through them.
[10:08] <iclebyte-work> but then how do you allow incomming packets to a public facing ip?
[10:08] <soren> That's how routing works, really.
[10:09] <soren> Packates destined for your box travels through a bunch of routers already. All of them just know that somewhere behind them, there is your box. They just send the packets to the next hop.
[10:09] <soren> Your box can do the same thing.
[10:09] <iclebyte-work> yes but where would the routes get pushed too if you don't have control of the internet routers
[10:09] <janimo> soren, only a handful of packages seem to use Type:note on my installed system. I'll have to think if this use case warrants it, as the manpage says it should be there for serious messages only.
[10:09] <soren> Typically, what a hosting provider does is just add a routing table entry for the extra subnet, sending the packets to your primary host.
[10:09] <iclebyte-work> ah yes, but you'd still need the host's cooperation
[10:10]  * janimo goes to discuss this in the arm channel
[10:10] <soren> iclebyte-work: Well, sure.
[10:10] <soren> iclebyte-work: ...but you need the hosts's cooperation for running the VM's, too :)
[10:10] <soren> It's quite simple.
[10:11] <iclebyte-work> dedicated servers
[10:11] <soren> Instead of creating a bridge and connecting your eth0 to and as well as all your VM's, you just leave your eth0 connected to the physical network.
[10:11] <soren> ...and assign an IP from the extra subnet you've been assigned to the bridge.
[10:11] <soren> ...and that's pretty much it.
[10:12] <iclebyte-work> right so.. just to double check.. this box is probably my most heavily loaded it's not doing much reading but the BO value is 3746 - i calculate that to 2.92mbps ?
[10:12] <soren> iclebyte-work: You said "I had problems with my KVM's not hitting the outside world".
[10:12] <soren> iclebyte-work: I thought we were talking about VM's?
[10:12] <iclebyte-work> yes - they run on the dedicated server.
[10:12] <soren> iclebyte-work: Right.
[10:12] <iclebyte-work> you don't need fasthosts cooperation to run virtual machines i was saying.
[10:12] <soren> iclebyte-work: As for your 3746 reading. Is that from vmstat 5?
[10:12] <iclebyte-work> yes vmstat 5
[10:13] <soren> iclebyte-work: Yeah, that makes about 3 MBps.
[10:13] <soren> (Those are megabytes. Not millibits.)
[10:13] <soren> mb vs. MB.
[10:14] <soren> iclebyte-work: Oh, I see what you mean now. When you said "host", I though you meant your host box.
[10:14] <soren> iclebyte-work: Uh, no, then you don't need their cooperation.
[10:14] <soren> iclebyte-work: If they've assined an extra subnet to you, they've already set this route up.
[10:15] <soren> iclebyte-work: Really, this is the simple way to do it.
[10:16] <soren> iclebyte-work: You need the hosting provider's cooperation to do it the way you did it (as you've just said yourself).
[10:23] <iclebyte-work> soren, sorry - manager pulled me away
[10:24] <iclebyte-work> excellent. thanks for checking my values
[10:24] <soren> iclebyte-work: No problem. I can keep myself busy :)
[10:24] <iclebyte-work> yes i'm sure you can! =)
[13:10] <patdk-wk> man, the quality of bug reports this morning
[13:16] <SpamapS> patdk-wk: reading the bug in "openssh" on "ubuntu" noted above by uvirtbot was rather amusing. :)
[13:17] <SpamapS> actually these almost look like trolling or a broken apport or something
[13:19] <patdk-wk> :)
[13:20] <soren> smoser: around yet?
[13:20]  * patdk-wk will have to submit a new bug report
[13:21] <patdk-wk> my job hasn't been fully assimilated by ubuntu yet, when can I expect to loose my job?
[13:21] <soren> smoser: I'm seeing intermittent boot failure of the UEC images on OpenStack, and ttx suggested you knew the cause: https://jenkins.linux2go.dk/job/Nova-user-test/2039/IMAGEVERSION=natty,distro=maverick,userdata=no/console (search on that page for "CONTROL-D")
[13:23] <ttx> smoser: ISTR we have/had the same errors booting UEC images on Eucalyptus, and you have a bug open about it
[13:23] <soren> ttx: What would that be reported against?
[13:24] <soren> ttx: Go on. Amaze me with you Launchpad-bug-searching-fu.
[13:24] <soren> s/you/your/
[13:24] <ttx> soren: that's the tricky part. I think that was a mountall... lemme check
[13:30] <ttx> soren: my lp-bug-searching-fu is failing me
[13:30] <soren> Mine too.
[13:31] <ttx> hggdh: maybe the error rings a bell to you ?
[13:31] <ttx> soren: you have it on Lucid hosts only ?
[13:31] <Daviey> it's not one i've seen :/
[13:31] <soren> No, it's everywhere.
[13:32] <ttx> I used to see it all the time on my previous laptop. Would prevent me from testing even starting a single instance.
[13:32] <soren> My current hypothesis is mountall exiting prematurely due to plymouth having disappeared. Mountall doesn't seem to handle SIGPIPE, so if Plymouth is gone things go boom.
[13:32] <ttx> My new laptop is so fast he jokes about it.
[13:33] <soren> ...and it's exactly an unclean exit of mountall that gives this prompt.
[13:33]  * soren tries patching mountall and takes it for a spin.
[13:35] <Daviey> Does seem to be known http://open.eucalyptus.com/forum/problems-running-instances
[13:35] <Daviey> but i don't remember an LP bug regarding it
[13:35] <jpds> Worst forum URL maker, ever.
[13:37] <Daviey> jpds, slug > />threadid=2354&post=78773
[13:37] <Daviey> damn keyboard layout... s/>/?/
[13:37] <jpds> Daviey: Until you have two forum threads with the same name.
[13:38] <Daviey> jpds, ack.. i would hope it would check that first before melting all over you.
[13:38] <Daviey> appending 2 :)
[13:39] <zul> i find the url strangely ironic
[13:39] <zul> or misleading
[13:46] <soren> zul: How is it misleading? BEcause it suggests that it sometimes works? :)
[13:46] <zul> soren: the open part
[13:46]  * soren registers problems-running-instances.com and points it to Eucalyptus :)
[13:59] <RoAkSoAx> morning all
[14:01] <hggdh> Daviey: I do not remember a LP bug about this
[14:02] <Daviey> yeah, i'm kinda suprised with the amount of instances you have started with eucalyptus you hadn't witnessed it yourself either
[14:02] <Daviey> I suspect it only happens on slow hardware..
[14:03] <Daviey> soren / ttx ^^
[14:03] <soren> Daviey: You're implying that I ran many instances on Eucalyptus.
[14:03] <soren> Daviey: I *tried* a lot.
[14:03] <smoser> hm.. i'll come here
[14:04] <smoser> so... is that log you see all one instance boot ?
[14:04] <Daviey> hallyn, Were you looking to do a multipath-tools merge?
[14:04] <hggdh> I remember we having plymouth integration issues
[14:05] <hggdh> on lucid, IIRC
[14:05] <Daviey> soren, know, i was talking about hggdh running bazillions of instances.
[14:05] <Daviey> s/know/no/
[14:05] <soren> Daviey: Ah.
[14:06] <Daviey> soren, but hggdh uses hardware that is overspec... which would explain why it's only visible on slow hardware.
[14:07] <thesuliban1980> Hi! is there an openldap pro here who could answer me some questions regarding openldap + sasl and why openldap with sasl is more secure, even if the user passwords have to be stored in cleartext, then without sasl and encrypted passwords?
[14:08] <patdk-wk> well, you ALWAYS have to have plain text passwords somewhere
[14:08] <patdk-wk> either stored in your backend
[14:08] <patdk-wk> or transmitted to the server for each login
[14:08] <Daviey> patdk-lap, not sure i agree with that..
[14:08] <Daviey> err patdk-wk
[14:09] <patdk-wk> what method doesn't? besides going pure pki
[14:09] <Daviey> patdk-wk, The client can transmit a hash :)
[14:09] <patdk-wk> then you need plaintext on the server to verify the hash
[14:09] <zul> RoAkSoAx: what about ocf?
[14:09] <Daviey> patdk-wk, i disagree.
[14:10] <patdk-wk> then how is it secure?
[14:10] <patdk-wk> I could just *replay* the has
[14:10] <patdk-wk> hash
[14:10] <patdk-wk> unless you salt it, then you need the password to verify it
[14:10] <RoAkSoAx> zul: still waiting for upstream to do the official release, last week they said ~14 days
[14:11] <Daviey> patdk-wk, If i take my IMAP as an example, an encrypted password is sent over TLS... and the password is a hash on the server.
[14:11] <patdk-wk> encrypted password?
[14:12] <thesuliban1980> The point is: When  I don't use sasl then I authenticate w/o encryption  to the ldap and I transmit a password hash which then is compaired to the one stored in the directory. In that case anyone can see the hash on the network... but nor user root or ldap admin know the users passwords....
[14:12] <thesuliban1980> on the other hand
[14:12] <patdk-wk> daviey what login method?
[14:13] <thesuliban1980> when I use sasl, the connection from the ldap client to it's server might be more secure, but after hacking the ldap's admins password or the system root ones, I know all users passwords....
[14:13] <hallyn> Daviey: cmagina was testing my port from debian-experimental, I'm waiting on his final ok or nack
[14:13] <thesuliban1980> isn't it?
[14:14] <patdk-wk> http://wiki.dovecot.org/Authentication/Mechanisms
[14:14] <Daviey> hallyn, awesome.
[14:14] <patdk-wk> unless you mean the TLS is the encryption, and that doesn't count, cause the password is still plaintext inside
[14:14] <thesuliban1980> let me start over:
[14:15] <cmagina> hallyn: the package didn't work for me.  it resulted in constant path fofb, io errors, and scsi error handling kicking off
[14:15] <Daviey> patdk-wk, In which case https is  insecure.
[14:15] <patdk-wk> I didn't say that
[14:15] <Daviey> a secure tunnel != plain text.
[14:15] <patdk-wk> but I did say, besides pki
[14:15] <patdk-wk> I said passing the password as plaintext
[14:15] <thesuliban1980> If sasl requires all passwords to be in cleartext within ldap, and someone hacks the ldap admin's password, then he has access to the cleartext password from all users...
[14:15] <cmagina> hallyn: i had tossed the logs onto a server in my home directory.  i had taken a glance at them, but i've been side tracked with other work since, so haven't had a chance to dig deeper
[14:16] <thesuliban1980> whereas without sasl only the password hashes...
[14:16] <patdk-wk> thesuliban1980, sasl doesn't require it, but using any login methods other than a plaintext password won't work
[14:16] <thesuliban1980> that makes a big difference to me...
[14:16] <hallyn> cmagina: d'oh, that's right
[14:16] <patdk-wk> and either way, the server will know the plaintext password at some point
[14:16] <patdk-wk> either always, or just when you attempt to login
[14:16] <hallyn> cmagina: let me try and get other things out of the way so i can look at those logs this afternoon
[14:17] <thesuliban1980> patdk-wk: I don't understand why.
[14:17] <cmagina> hallyn: i might have some spare time to look at them as well.  the logs contain the console from the server, the servers logs, and even logs from the SCMs
[14:17] <ttx> soren: <smoser> so... is that log you see all one instance boot ?
[14:17] <patdk-wk> if you want to pass the hash over the internet, you need plaintext password in sasl to verify it
[14:18] <jdstrand> ScottK: hey. not sure you are aware of this: http://lurker.clamav.net/message/20110211.125402.ce5e76db.en.html
[14:18] <thesuliban1980> My concern are not password hashes or cleartext traveling the network - therefore I use tls/ssl...
[14:18] <smoser> he got back to me, ttx
[14:18] <patdk-wk> if you want hash in sasl, you need plaintext passed over the internet (but can be inside ssl/tls) to verify
[14:18] <jdstrand> ScottK: basically v12663 daily.cld crashes 0.95 servers. they fixed it, but if you see bug reports with something like: "Thu Feb 10 17:25:09 2011 -> ERROR: reload db failed: Malformed database", that is why
[14:18] <ScottK> jdstrand: I saw that.  We also got a bug about it too.
[14:18] <thesuliban1980> my concern is that it if the admin's account is hacked using sasl all user passwords are cleartext... otherwise only hashes...
[14:19] <jdstrand> ScottK: ok. apparently I am behind the curve :)
[14:19] <ScottK> jdstrand: Thanks for pointing it out.  It does suggest to me that pushing 0.96 to lucid-proposed once the freeze is lifted might not be a bad idea.
[14:20] <thesuliban1980> So in the end: which advantage do I have If I use sasl?
[14:20] <jdstrand> ScottK: yeah. cause they said they are only actively regression testing 0.97 and 0.96
[14:21] <jdstrand> ScottK: I did find this interesting (0.97 aiui): "The current
[14:21] <jdstrand> version of freshclam has a special option "TestDatabases", which is
[14:21] <jdstrand> enabled by default and makes sure the new databases can be loaded
[14:21] <jdstrand> properly before they get installed in the system."
[14:21] <hggdh> thesuliban1980: privacy on the path
[14:21] <ScottK> I'm running 0.96 from backorts, so I never saw the issue.
[14:21] <Daviey> jdstrand, Are you doing AA work today?
[14:21] <ScottK> That's a nice feature.
[14:21] <jdstrand> Daviey: yes
[14:21] <jdstrand> ScottK: it is
[14:21] <thesuliban1980> I, not familiar with that expression "on the path". What does it mean exactly?
[14:22] <jdstrand> Daviey: I haven't looked at it yet though
[14:22] <Daviey> jdstrand, good :)
[14:22] <jdstrand> Daviey: good that I haven't looked at it yet? sounds rather ominous...
[14:24] <Daviey> jdstrand, well... bind9 was uploaded the other day and it's still in unapproved... and it could really do with an extra patch (as pointed out by mdeslaur)... if you were to reject it, or rather not approve it.. that would be good :)
[14:24] <Daviey> lucid-proposed
[14:25] <jdstrand> Daviey: oh sure thing
[14:25] <Daviey> jdstrand, cool, thanks
[14:25] <thesuliban1980> ?
[14:28] <jdstrand> Daviey: fyi, it has 'lucid-updates' in the changelog. that should be 'lucid-proposed'
[14:29] <jdstrand> Daviey: so I'm rejecting 1:9.7.0.dfsg.P1-1ubuntu0.2
[14:29] <jdstrand> Daviey: done
[14:30] <Daviey> pah... how did that happen :/
[14:30] <Daviey> jdstrand, thanks
[14:30] <jdstrand> Daviey: sure, np
[14:44] <bobg> i want to deploy ldap-auth-client on a lot of machines. Is there a way that I can preseed the answers to the debcnf questions when I am installing the package with apt-get?  i.e. I know how to do it at OS install time, but not for packages installed after installation
[14:47] <rubbs> I've got a vps provider claiming that the 2.6.32-306-ec2 #11-Ubuntu SMP kernel handles memory different than the other distros they offer as a justification as to why my ram usage jumps from 100mb to 600mb after a kernel update. Can I call BS on this? (Note: this is a fresh install 100mb, then update&&upgrade all of the sudden 600mb, no packages installed)
[15:10] <t3cki3> guys i'm using backintime on my ubuntu 10.04 is there a way in which i can change the time of the backup as i need to run the backup job at 13:00 not 00:00
[15:11] <t3cki3> you guys are the experts... come on ppl... i kno someone out here knows the answer to this
[15:12]  * patdk-wk has no clue what backintime is
[15:13] <genii-around> I imagine it's like a system snapshot
[16:04] <bcessa> hi there, I just create an EC2 instance of ubuntu lucid lynx in AWS and get a message that a newer build is available, the thing is I don't really know how to upgrade it, any ideas?
[16:08] <bobg> bcessa, "sudo apt-get update;  sudo apt-get upgrade"  ?
[16:08] <bobg> that updates lucid to the latest packages
[16:08] <bcessa> amm not really, as far as I can tell that upgrade the packages but not the AMI build itself :o
[16:09] <bobg> i am not sure if you are talking about some sort of amazon upgrade
[16:09] <bobg> then I don't know
[16:09] <bcessa> don't think so, the AMI I'm using is the official ubuntu image, looks there's a new release of it, thnx for the attention anyway :)
[16:12] <bobg> i figured out my earlier question ( on a machine where I manually installed the package, "sudo debconf-get-selections | grep -i ldap > auth.preseed" then before installing on a new machine, "cat auth.preseed  | debconf-set-selections "
[16:13] <bobg> now I am wondering how to install a custom auth profile
[16:17] <zul> smoser: where is the ttylinux images you had at one point?
[16:35] <gswallow> heya, anyone here ever configure ufw from within preseed.txt?
[16:36] <smoser> zul, http://lmgtfy.com/?q=smoser+ttylinux
[16:36] <zul> smoser: arse
[16:44] <jdstrand> gswallow: see /usr/share/doc/ufw/README.Debian
[16:48] <gswallow> jdstrand: thanks.  I have that stuff included.  I also had some other things set (ufw/existing_configuration and ufw/allow_custom_ports) set, based on what I found when I ran debconf-show ufw.  I removed those.  Will retry.
[17:01] <bpgoldsb> Anyone know of a tool that will assist in building a list of all security updates on an ubuntu-server and pushing them into a reporting tool?
[17:01] <bpgoldsb> i.e. scraping apt for data and pushing it to a mysql db with a web or other frontend.
[17:03] <bobg> anyone know why there are both ldap-auth-client and ldap-auth-config? The descriptions are similar, and there is a circular dependency so that if you install either one, both will be installed. ldap-auth-config -> ldap-auth-client ->libpam-ldap -> ldap-auth-config (where -> stands for 'depends on')
[17:18] <siege-> Hello - I upgraded the dovecot-postfix package this morning, and now my main.cf is missing some changes I had made. Specifically DNSBL and postgrey settings.
[17:18] <siege-> Did the package update move where those settings should be stored?
[17:22] <SpamapS> siege-: I believe that package may have a bug where it generates a config file without warning users that it will be overridden on upgrade..
[17:23] <SpamapS> siege-: the upgrade didn't ask you to confirm changes right?
[17:23] <siege-> yup, exactly. I've gotten that warning for upgrades in the past
[17:24] <SpamapS> but not this time?
[17:24] <SpamapS> I wonder if it was moved out of the package and now isn't protected as a conffile.. :-/
[17:24] <siege-> To be honest I'm not certain it was that package that gave the warning in the past, I just know not this time of course :)
[17:25] <siege-> Yeah that's what I was wondering if the conffile was moved and it's using a different one now
[17:26] <siege-> My bad for not backing it up! Now to find the tutorials I used for setting up RBL and postgrey :)
[17:27] <siege-> SpamapS: thanks for the help, I'll be more cautious updating the package next time
[17:27] <SpamapS> siege-: you may want to report that as a bug
[17:28] <SpamapS> siege-: or look through the existing bugs.. I swear I've seen it reported
[17:29] <siege-> Ok - I will take a look, thanks
[17:32] <Slyboots> Anyone know any good sites for uh.. Ubuntu.. Training?
[17:32] <Slyboots> .. *free*
[17:33] <Slyboots> I mean things like.. network hardening, good system pratices.. diagnosing problems..
[17:33] <Slyboots> SysAdmin stuff
[17:33] <greppy> Slyboots: the ubuntu manual?
[17:34] <siege-> Slyboots: https://help.ubuntu.com/10.10/serverguide/C/index.html
[17:39] <zul> there is a q+a session going on in #ubuntu-classroom right now
[17:39] <Slyboots> Its just I keep running into small nigglign problems and Im conserned about teh secuirty of my machine :D
[17:46] <siege-> hey that's me
[17:47] <siege-> SpamapS: I just learned that the main.cf did get backed up though, so all hope is not lost (/var/backups/dovecot-postfix)
[17:54] <Slyboots>  Actually what I really want right now, is Decent Adblocking in a way thats not going to trash webpages
[17:55] <SpamapS> siege-: oh good!
[17:55] <Slyboots> Sort of like Adblock; but network wide, Im using Squid with Privoxy right now but.. its a bit of a mess
[17:55] <avis> has anyone seen eagles051 on this channel ?
[17:56] <patdk-wk> a few months back
[17:56] <avis> thank you
[17:56] <avis> i lost his email
[17:56] <pmatulis> anyone know of a ftp daemon stress test tool?
[17:56] <genii-around> avis: Try #kubuntu-offtopic
[17:56] <avis> thank you
[17:58] <avis> comcast today.  i'll be setting up a apache2 webserver, very basic, using dyndns.org and port 80.  i really only want to use it for streaming media simply, deposit sound file and stream elsewhere
[17:59] <Slyboots> avis: Use MPD?
[17:59] <avis> i gave debian my best shot.  ubuntu won.
[18:00] <avis> i didn't mean on a lan
[18:00] <Slyboots> Dont see how that makes a difference
[18:01] <avis> i'll research that thank you
[18:03] <nimrod10> Slyboots, probably what you need for adblocking is something to put in your host file
[18:04] <Slyboots> nimrod10: that doesnt really work terribly well, What Im trying to do is replicate what Adblock does (Strip all adds and dynamically reformat the HTML to remove them"
[18:04] <Slyboots> Rather than have huge popup windows open with "Cant display page"
[18:04] <Slyboots> Which isnt much of an improvment :)
[18:07] <lirakis> finally got hostapd working for a wifi access point this morning
[18:07] <nimrod10> I see
[18:07] <lirakis> very finiky
[18:08] <lirakis> wouldnt work in b mode
[18:08] <lirakis> only in g
[18:08] <lirakis> bizzare
[18:33] <bobg> i am trying to find out info on writing pam-auth-update profiles -- the man page is not much help -- googled to no avail -- anone have a tip?
[18:37] <lacovima> where can I find out more about the Orchestra project mentioned by robbiew?
[18:39] <robbiew> lacovima: https://blueprints.launchpad.net/ubuntu/+spec/cloud-server-n-install-service
[18:39]  * RoyK sends his greetings to the Egyptian people :)
[18:46] <binBASH> RoyK: Party time!
[18:47] <RoyK> :)
[18:48]  * binBASH was in Egypt four times...
[18:48]  * RoyK has never visited an arab country
[18:53] <binBASH> RoyK: well it's one of the best destinations for scuba divers like me ;)
[18:53] <RoyK> ok :)
[18:54] <binBASH> Ohh nice, ripe got a new site \o/
[18:57] <zul> robbiew: for the virtual-networking spec do we really need a checkbox test since it has its own testsuite when the package is built?
[18:58] <robbiew> zul: huh? /me needs to read it
[18:58] <robbiew> one sec
[18:59] <robbiew> zul: what's the aim of the checkbox test
[19:00] <zul> robbiew: i have no idea its something that nijaba brought up at the session at uds
[19:00] <robbiew> so I imagine the testsuite in the package verifies the code
[19:00] <robbiew> but a checkbox test
[19:01] <robbiew> would run some sort of networking tests across the virtual device
[19:01] <robbiew> to ensure it works
[19:01] <robbiew> but I imagine we could just run any existing networking tests
[19:01] <robbiew> just over that virtual devices
[19:01] <robbiew> device
[19:01] <robbiew> right?
[19:02] <zul> i guess but i dont think we ever used checkbox for server tests
[19:02] <zul> unless there is something i dont know about which is a pretty good chance
[19:04] <zul> i dont see the point right now
[19:12] <kees> bpgoldsb: security updates> what's the specific goal?
[19:13] <kees> bpgoldsb: you could just look at the -security pocket Packages file for a full list? I'm not sure what exactly you're looking for.
[19:16] <zul> robbiew: oops i was wrong about checkbox
[19:17] <robbiew> zul: ok
[19:27] <pting> using tcpdump, is it possible to log the process id of the packet captured? i can't seem to find an example anywhere
[19:27] <bpgoldsb> kees: 1. Generate a list of pending security updates (as you get when you login by default).  2. Handle sending that list to a central location (database).  3. Provide a frontend (web) to look at all my hosts reporting, and what packages are security-updates are pending on them.
[19:33] <flic> hi
[19:33] <flic> is atheros wifi card 100% supported on ubuntu-server 10.4?
[19:34] <flic> it works on ubuntu-desktop
[19:39] <RoyK> flic: server and desktop uses the same kernel and drivers, so it should work
[19:39] <flic> ok
[19:39] <RoyK> that is, the same _version_ of the kernel, but then, that shouldn't affect a driver
[19:39] <flic> it's not the same kernel conf, yea
[19:40] <RoyK> minor diff
[19:40] <RoyK> scheduling and HZ differences
[19:40] <RoyK> that's about it
[19:55] <guntbert> pting: cannot be possible - that information is not within the packets
[20:01] <hggdh> smoser: ping re. Hardy proposed kernel on ec2
[20:01]  * smoser runs and hides
[20:02] <smoser> hardy kernels on ec2 much different that others
[20:02] <smoser> we will need someone to build one
[20:02] <hggdh> who would be the victim, er, volunteer?
[20:03] <smoser> well, in the past it has been jjohansen, or zul i think
[20:03] <smoser> hardy is significantly different....
[20:03] <hggdh> zul ^ would you mind?
[20:04] <smoser> we have to somehow get one built, and then i have to manually upload it.
[20:07] <hggdh> bummer
[20:07] <torrancew> Hi all, we're beginning to deploy Lucid server on ESX 3.5, and we're seeing some strange performance issues - commands taking a while to return when there's no load, etc, and we're seeing a few strange segfaults in the logs. Has anyone encountered this?
[20:07] <jmgalloway> anyone know why my installer hangs on the language selection?
[20:08] <torrancew> http://pastebin.com/ZC1eZA9f <--- One of the segfaults we're seeing
[20:09] <jmgalloway> Im trying to install a new copy of ubuntu server and the install is hanging
[20:25] <RoyK> jmgalloway: hanging where?
[20:26] <lenios> on the language selection
[20:27] <jmgalloway> language selection
[20:28] <jmgalloway> I am downloading the iso again to see if that was the problem
[20:29] <MACscr> hmm, im trying to get snmp to work on my ubuntu 8.04 server, but for the life of me i keep getting: Timeout: No Response from localhost
[20:29] <MACscr> i have it working just fine on 20 other servers, though they are centos based
[20:29] <patdk-wk> and install and run an snmp server?
[20:30] <MACscr> patdk-wk: i have it installed already and a custom snmpd.conf setup
[20:36] <jjohansen> hggdh: I've kicked off a hardy xen build (I think)
[20:36] <jmgalloway> how long does it usually take on the language selection part of the install?
[20:36] <hggdh> jjohansen: super, thank you
[20:37] <torrancew> jmgalloway: did you let it try to pick for you?
[20:37] <jmgalloway> try to pick?  I just see all of the languages listed and english hilighted
[20:37] <torrancew> jmgalloway: hit enter
[20:37] <jmgalloway> i did
[20:37] <torrancew> ah
[20:38] <jmgalloway> frozen
[20:38] <torrancew> so, there are 2 parts IIRC of the langauge bit (been a while since I did a manual install)
[20:38] <torrancew> one where you choose a general langauge, and one where you set the keyboard layout
[20:38] <jmgalloway> right
[20:38] <torrancew> which are you at?
[20:39] <jmgalloway> general language, the first graphical image of the install
[20:39] <torrancew> yeah, that's not normal.
[20:39] <jmgalloway> nope, I've downloaded the iso twice and burned it like 5 times
[20:40] <torrancew> jmgalloway: did you try burning at lower speeds?
[20:40] <jmgalloway> no, I'm just using the window's 7 burning software...it wont let me change the burn speed
[20:40] <torrancew> sorry, I know that's not a fun answer to hear, but it needs to be asked...
[20:40] <torrancew> ah
[20:40] <torrancew> ouch
[20:41] <jmgalloway> this is a new machine, first os to be loaded on it
[20:42] <torrancew> jmgalloway: i'd recommend you find a way to burn at a lower speed (boot linux on a usb, or another machine), to rule that out
[20:43] <jmgalloway> yeah, let me go see if that windows machine has some other tool for burning
[21:04] <jdstrand> hallyn: hey. I was wondering if you saw my latest comment in the kvm instability bug: https://bugs.launchpad.net/ubuntu/+source/linux/+bug/694029/comments/24
[21:05] <hallyn> jdstrand: yeah.  i wasn't sure where to go from here :)
[21:05] <jdstrand> hallyn: don't you have an x201s?
[21:05] <hallyn> jdstrand: it sounds like kvm_intel and the wireless driver stepping on each other
[21:05]  * jdstrand nods
[21:05] <hallyn> jdstrand: no
[21:05] <hallyn> kirkland: has something like it
[21:05] <jdstrand> hmm
[21:05] <hallyn> i'm not one of the cool boys :)
[21:05] <jdstrand> hehe
[21:06] <hallyn> jdstrand: in any case it sounds like it needs to be reclassified as against linux-image i guess
[21:06] <hallyn> i wouldn't mind looking through the driver source
[21:06] <hallyn> jdstrand: which driver is in use according to lspci -v?
[21:06] <jdstrand> hallyn: as a qemu-kvm maintainer, would you mind doing that?
[21:06] <hallyn> retargetting?  happily :)
[21:07] <hallyn> oh you already had targetted it at linux.
[21:07] <jdstrand> hallyn: the lspci should be in the bug
[21:07] <hallyn> ok
[21:08] <jdstrand> hallyn: I used 'ubuntu-bug linux' when I filed it
[21:08] <hallyn> i'll write down a note to look at the driver source, though not optimistic
[21:08] <jdstrand> hallyn: I can say that I don't otherwise have instabilities using the wireless
[21:08] <jdstrand> hallyn: so, it does seem kvm related
[21:09] <hallyn> (my own wireless card won't let me join my ad-hoc wireless network.  that one hurtsright now)
[21:09] <jdstrand> hallyn: I'll also test the maverick kernel with wireless too, to double-verify it is ok on maverick
[21:09] <hallyn> jdstrand: but qemu-kvm package doesn't provide the kernel module
[21:09] <hallyn> how weird would it be to assign the linux bug to myself while i look at the drivers?
[21:10] <hallyn> (since i'm not on kernel team)
[21:10] <jdstrand> hallyn: I realize that. but it is still a 'kvm-y' sort of thing, so I don't know where the server and kernel team's draw the linie
[21:10] <hallyn> don't wanna step on any toes
[21:10] <jdstrand> hallyn: I'm sure they would not mind in the least
[21:10] <hallyn> heh, probably 2 arm's lengths away from our respective selves :)
[21:10] <jdstrand> heh
[21:11] <kirkland> jdstrand: i have an x201
[21:11] <kirkland> jdstrand: what's up?
[21:11] <jdstrand> kirkland: talking about bug #694029
[21:12] <jdstrand> kirkland: with >=2.6.37 kernels there is severe guest instability when the host is using wireless
[21:12] <kirkland> jdstrand: okay, let me test here ...
[21:13] <jdstrand> kirkland: the best test I've found is to have two VMs-- let's say maverick -- and then either pull down a bunch of packages or do apt-get upgrade from release
[21:14] <jdstrand> kirkland: so have a couple of throwaway server installs, and then do 'apt-get install ubuntu-desktop' in both
[21:14] <jdstrand> kirkland: it might take a few times, but I hit it pretty darn all the time
[21:15]  * kirkland is really sad byobu is no longer on the live desktop :-( :-( :-(
[21:16] <jdstrand> kirkland: you might check if you have the same wireless nic as I reported in the bug
[21:16] <hallyn> why is it gone?
[21:17] <hallyn> jdstrand: have you reproduced it withOUT having simultaneous i686 and amd64 VMs?
[21:17] <jdstrand> hallyn: oh yes
[21:17] <kirkland> jdstrand: i have Centrino Ultimate-N 6300
[21:17] <jdstrand> one VM is easily enough here
[21:18] <hallyn> oh
[21:18] <jdstrand> Intel Corporation Centrino Advanced-N 6200 here
[21:18] <kirkland> jdstrand: okay, i have two live desktops dist-upgrading 84 packages right now
[21:18] <hallyn> oh, yieah, the 6300 is where they fixed that flaw in the 6200 where it would randomly write to user memory
[21:18] <kirkland> jdstrand: over wireless
[21:20] <jdstrand> kirkland: cool. thanks. like I said, it might take a couple of times. I wrote a script and let it run over and over, and 'grep -i error' (though 'grep Segmentation' would also do it)
[21:20] <jdstrand> (cause I ssh into them to run the command, send the output to tee, and grep that)
[21:20] <binaryhat> it appears that when i use virtualization and craps out, my server turns off
[21:21] <binaryhat> any ideas?
[21:21] <patdk-wk> psu too small?
[21:21] <binaryhat> i was copying a file over
[21:22] <binaryhat> patdk-wk, my psu?
[21:22] <binaryhat> u think so?
[21:22] <patdk-wk> just one of I'm sure many many issues
[21:23] <patdk-wk> well, with all the info you provided, I'm sure it can't be anything else :)
[21:23] <jdstrand> kirkland: at the risk of being daft, you are using a natty host with a 2.6.37 or higher kernel, right?
[21:23] <patdk-wk> natty is 2.6.28 (or was)
[21:23] <jdstrand> 2.6.38
[21:24] <patdk-wk> ya, what I meant, damn keys moving on me
[21:24] <binaryhat> i have a 450W PSU patdk-wk
[21:24] <patdk-wk> and what all is in your computer?
[21:24] <jjohansen> hggdh: where do you want your -xen debs?
[21:24] <patdk-wk> cpu, drives, cards?
[21:25] <patdk-wk> hmm, 2.6.38-3 now :(
[21:25] <binaryhat> is that not enough?
[21:26] <patdk-wk> how should I know? my computers normally need a 1000w or larger
[21:26] <kirkland> jdstrand: absolutely
[21:26] <kirkland> jdstrand: i am suffering through natty with the rest of you
[21:27] <kirkland> jdstrand: 2.6.38-3-generic
[21:27] <jdstrand> kirkland: haha
[21:27] <kirkland> jdstrand: my X and desktop are almost completely UNUSABLE
[21:27] <jdstrand> kirkland: well, yes, but some might boot into a maverick kernel still. I was cause of this bug until I found everything was stable with wired
[21:27] <kirkland> jdstrand: i spend most of my day in a tty hugging w3m, irssi, and mutt
[21:28] <kirkland> ctrl-alt-f1 is my savior
[21:28] <jdstrand> kirkland: oh, you might want to upgrade with today's compiz fixes. finally got the stacking right so no invisible windows (gosh that was annoying)
[21:28] <jdstrand> haha
[21:28] <kirkland> jdstrand: can you alt-tab?
[21:28] <kirkland> jdstrand: or resize windows?
[21:28] <kirkland> jdstrand: or move windows?
[21:28] <jdstrand> I can alt-tab
[21:28] <kirkland> dammit
[21:28] <kirkland> i can't
[21:28] <jdstrand> I can resize windows
[21:28] <kirkland> dammit
[21:28] <kirkland> i can't
[21:29] <jdstrand> kirkland: this is unity I presume?
[21:29] <hallyn> i can see a second gnome-terminal under my current gnome-terminal
[21:29] <kirkland> jdstrand: nope
[21:29]  * hallyn waits for more cursing
[21:29] <jdstrand> ah, I am using unity
[21:29] <kirkland> hallyn: dammit, i can't
[21:29]  * hggdh grabs some popcorn
[21:29] <hallyn> \o/
[21:29] <jdstrand> I don't know what is going on with classic
[21:29]  * RoAkSoAx wants to kill corosync+cman integration xD
[21:29] <jjohansen> hggdh: kernel.ubuntu.com/~jj/linux-headers-2.6.24-28-xen_2.6.24-28.86_amd64.deb
[21:29] <jjohansen> kernel.ubuntu.com/~jj/linux-headers-2.6.24-28-xen_2.6.24-28.86_i386.deb
[21:29] <jjohansen> kernel.ubuntu.com/~jj/linux-image-2.6.24-28-xen_2.6.24-28.86_amd64.deb
[21:29] <jjohansen> kernel.ubuntu.com/~jj/linux-image-2.6.24-28-xen_2.6.24-28.86_i386.deb
[21:30] <hallyn> oh - on my other laptop classic doesn't work right, but i start up unity, it says ' you dont' have 3-d support', and then ti gvies me a nice desktop
[21:30] <kirkland> jjohansen: do you happen to have ppa kernel builds of your ecryptfs filename patches?
[21:30] <hggdh> jjohansen: thank you
[21:30] <hallyn> jjohansen: and do you happen to have a git tree of your ecryptfs filename patches? :)
[21:30] <hggdh> smoser: ^
[21:31] <jjohansen> kirkland: not a ppa, but I have debs
[21:31] <jjohansen> hallyn: yep git://kernel.ubuntu.com/jj/ubuntu-natty.git
[21:31] <smoser> dagummit jjohansen i was hoping you wouldn't do that so quickly
[21:32] <jjohansen> kirkland: I have to say I really hate kernel ppas and just use debs when I can
[21:32] <jjohansen> kirkland: I can set one up now that we are trying to get wider testing
[21:33] <kirkland> jjohansen: that's fine
[21:33] <hallyn> jjohansen: thx, i'm noting that to take a look next week
[21:33] <kirkland> jjohansen: apw does something similar for me from time to time
[21:34] <jjohansen> kirkland: I was going to attach a link for the current .debs to the bug report
[21:38] <RoAkSoAx> kirkland: do you still have the image with eucalyptus?
[21:39] <RoAkSoAx> the cloud in your pocket one
[21:43] <binaryhat> im using 10.10 and in order for network bridging to work, I have to add three parameters to /etc/sysctl.conf and do  sysctl -p /etc/sysctl.conf.  isnt there a better way?
[21:45] <torrancew> binaryhat: not trying to sound like a grey-bearded sysadmin, but what's so wrong with that?
[21:47] <binaryhat> nothing except dmesg reports that xyz is deprecated torrancew
[21:49] <torrancew> ah, didn't realize that, binaryhat
[21:50] <binaryhat> it happened again!  I had virtual connection to kvm running and my server shut off!
[21:51] <binaryhat> 3rd time
[21:51] <binaryhat> why would it do that
[22:19] <kirkland> RoAkSoAx: i think it's linked to from my blog
[22:20] <RoAkSoAx> kirkland: k cool thanks
[22:34] <binaryhat> it appears that when i use virtualization, my server turns itself off
[22:34] <binaryhat> plenty of memory, 8gb and 450w psu
[22:40] <MACscr> i have a stalled kernel module that i cant seem to remove with rmmod because it says its still in use. Any recommendations short of rebooting?
[22:47] <jmgalloway> anyone know why ifup eth0 does not work?  I cant get eth0 working to have a connection to my server
[23:04] <avis> hello all
[23:05] <avis> i am finally on comcast without a port 80 blocked.  i would like to run an apache webserver for private file sharing.  i had heard something about webdav and something about being able to share files over the web using a script, and i have such a script.  i just don't know if its functional.
[23:05] <hggdh> smoser: is it possible to update the kernel on a Hardy ec2 image?
[23:07] <avis> could someone look at this script and tell if it could be used as a dropbox replacement ?
[23:07] <avis> http://pastebin.com/fFqUiF2V
[23:07] <avis> share-http-here.sh