knoxyivoks: hi00:05
=== fisted_ is now known as fisted
knoxyivoks: I've more problems with my mysql server ubuntu...00:06
knoxysomebody help-me... look at http://img132.imageshack.us/f/capturarod.png/00:06
knoxythe problem00:06
knoxythe load average is very high now00:06
knoxyand I dont know what is the problem..00:06
knoxywhat's kblockd ?00:07
=== jj-afk is now known as jjohansen
DictatorZeroHey, I was wondering if there was anyone on who wouldn't mind giving some advice on a ubuntu server install for a web server00:36
pw-toxichi, can someone please help me to configure my samba server, so I windows7 users can access my public drives without having to prompt a username and password. I have now wasted ~1 hour configuring and reading about samba ;(01:06
pw-toxicI can already connect to ma shares with a certain user, but public shares dont work01:06
pocketmananyone have any experience with dyndns and subdomains?01:10
pw-toxicpocketman, i have a virtual host entry for each subdomain of my dyndns domain01:18
pocketmannm, got it. Thanks anyway!01:21
GaduI changed out most of the hardware on my server machine and the new onboard LAN does not show up in 'ifconfig'. It does show up in lspci though.01:53
GaduI tried a different LAN card and that was a no go as well (also shows up in lspci)01:54
Gaduinterestingly enough, booting up a live CD with either of them plugged into a LAN cable results in it working01:54
Gadubut if I boot the Live CD with one plugged in and switch the cable to the other, it doesn't not function01:54
GaduMy assumption is that I need to change something on the currently installed OS but I'm not sure what01:56
NicholasRogeAnyone mind giving me a hand?  I"m running a server, and using ubuntu server as the OS.  But for some reason, I can't access the sql server from outside localhost.  Anyone mind helping me figure out why?  (I've already made sure to forward port 3306)01:59
Gadunvm, the new cards are registered as eth2 and eth3 so I just changed /etc/network/interfaces and restarted networking =P02:08
GaduNicholasRoge: did you have apache and phpmyadmin?02:09
Gaduthat's probably the easiest way, and you'd just forward port 80 and not 330602:10
Gaduthen access it via <serverip>/phpmyadmin02:10
Gaduor the url if you have one02:11
NicholasRogeSorry, had to step away from teh computer.  And I have phpmyadmin, but I'd like to be able to user MySQL Query Browser.02:13
iggiHimm, I keep getting this weird error. Whenever I install ubnutu 10.10 on a KVM guest it times out with the resolution of the repos, but continues just fine when I hit enter (which is supposed to cancel). Only happens on file 1 (looking up and retrieving) works fine for the others after I hit enter02:14
Gadudid you comment out "bind-address" in /etc/mysql/my.cnf ?02:15
Gadumake sure you set a root password for your mysql as well (if you haven't already)02:16
NicholasRogeLet me check02:16
NicholasRogeI need to comment out bind-address?02:18
NicholasRogeThat would be the  problem.02:18
Gadunp ^_^ use sudo /etc/init.d/mysql restart after you comment it out02:18
NicholasRogeOf course.  :302:18
Gaduwhen I started out, I rebooted a linux server for everything until I learned of the init.d magic haha02:20
Gaduso I like to include it just in case02:20
Datz]Hi, I was wondering if anyone was here earlier when I asked about -virtual kernel?02:29
Datzmy box had some issue.. and halted for about an hour..02:29
Datzdoes anyone here use the -virtual kernel that could answer a few simple questions for me?02:40
Datz1. if I use the -virtual kernel, will kernel updates be possible with aptitude safe-upgrade?02:46
GaduDatz: I can't imagine a reason to prevent kernel updates through safe-upgrade with the -virtual kernel02:47
Gaduas long as you got the -virtual kernel from a repository, you'll get updates for it02:48
DatzGadu: thanks, aptitude search shows a later -virtual kernel version than I have. and aptitude update/safe-upgrade both are up to date.. so to speak02:49
Datzthinks may not be installed as they should be on the box though02:49
Gaduinstall the later version via aptitude install for now02:50
Gaduif it continues to go up in version without updating, something is wrong indeed02:50
Datzthe stange thing(or normal?) I noticed is if I purge the -server kernel package instead or "remove" it, I get kernel panic when the -virtual kernel is installed.02:51
Gadutry purging -server and installing the newer -virtual at once02:57
Datzok, I can try that. Tried before and that's what gave me panic, but I'll create a snapshot and try again :)02:58
Gadusudo aptitude purge linux-image-<version>-server ; sudo aptitude install linux-image-<version>-virtual02:58
Gadudoing it in 1 line will probably help02:59
Datzhumm, ok let me try02:59
Datzso just leave the current -virtual installed?02:59
Gaduyes, until the new version is installed and tested03:00
Gaduif I don't reply in a reasonable amount of time, just say my name (playing minecraft =P)03:01
Datzhehe, np thanks03:01
Datzok, that worked, now let me try removing the old -virtual kernel03:05
Datzok, purged the old virtual kernel too, everything is working03:08
DatzI don't know why this worked now, perhaps purging -server and installing the newer -virtual at once like you said?03:09
Datzanyway, thanks. :)03:09
Gadumore than likely and anytime XD03:11
Gaduif no1's around in here, try me in PM, might be on haha03:12
Gadufor the furture03:12
uvirtbotNew bug: #729477 in openssh (main) "package openssh-client 1:5.3p1-3ubuntu5 failed to install/upgrade: ErrorMessage: subprocess dpkg-deb --fsys-tarfile returned error exit status 2" [Undecided,New] https://launchpad.net/bugs/72947703:21
BilgeIf I do `ufw deny from`03:42
BilgeWhy can still connect03:43
jmarsdenBilge: Is ufw enabled? :)03:50
BilgeOf course03:54
BilgeIs it possible that the allow rules are taking priority?03:55
BilgeLike being allowed to connect to a service from anywhere is given priority of being denied everything from somewhere03:56
BilgeIt's definitely not working03:56
BilgeSomeone is fucking hacking my shit and I can't ban them and it's quite frustrating03:58
BilgeI can keep banning each IP address one at a time but I'll have to do it 255 times before I've plugged it entirely03:59
BilgeWhy is ufw being useless03:59
BilgeOr 253 or something since 0 and 255 are special I believe04:00
BilgeSome asshole owns an entire /24 subnet and I can't do anything about it immediately04:00
iggiBah, I'm running into some issues with bad/hard to understand documentation for UEC04:01
iggifor the most part it is accurate, but it changes termonoligy it seems04:02
jmarsdeniggi: File bugs against the docs.04:06
Bilgejmarsden: why might it not be working?04:06
BilgeThis guy is totally taking the piss and hacking one of my services using every possible IP04:07
BilgeIt's 4am and I am going to be up all night manually banning each IP04:07
jmarsdenBilge: Hard to know without a lot more work... what does  sudo ufw status     output (pastebin it)04:07
iggijmarsden: Will do, it's a small name switch between a node and controller, but threw me for a loop04:11
Bilge/Noticed it04:12
BilgeI'm running the latest LTS04:12
Bilgeufw 0.30pre1-0ubuntu204:12
BilgeCan't tell you how much I want to go to sleep right now, I'm supposed to be moving house tomorrow :(04:13
jmarsdenBTW, to add 255 rules for all IPs in a Class C (which you should not need to do) would be a one line command: for i in $(seq 1 255) ; do sudo ufw deby 74.115.0.$i ; done   # or something close04:13
BilgeIn bash you can do something like 1..255 and it expands it also04:13
BilgeBut I don't have time to relearn all that04:13
BilgeAnd I would do it into my service's IP ban file (which can only ban one IP at a time) since ufw clearly isn't working anyway04:14
jmarsdenLooks like the rule order may be the issue, to me.  ufw is working, you just don't understand it fully yet.04:14
BilgeOK but I wasn't aware that I could specify the order04:15
BilgeSo to me that isn't working04:15
BilgeIt just keeps appending new rules to the end04:15
BilgePresumably giving earlier rules precendence; which is a weird system if that is how it is actually working04:15
jmarsdenRules are numbered, use sudo ufw status numbered to see that... sounds like you have not yet read the ufw man page??04:16
jmarsden"First rule that matches gets applied" is pretty common logic in firewall filters, isn't it?04:18
BilgeI've inserted it at the top now04:18
jmarsdenOK, does it work better now?04:18
BilgeTime will tell04:19
BilgeJust banned about the 30th IP manually heh04:19
jmarsdenRemove all the single ip rules and see if the rule order was the issue; if it was, you can relax and get some sleep.04:20
BilgeThe single IP rules are in the service being attacked04:20
BilgeI turned to ufw to cut his range off since this crappy app only lets me ban single addresses04:20
BilgeThen was dismayed to realise it didn't work04:21
BilgeRTFM is a bit late when you're already being attacked heh04:21
jmarsdenOK, so read your log files to see whether ufw (iptables) is now blocking the packets...04:21
BilgeIs it possible to configure `ufw status` to always output the rule number? It seems like a convenient and short piece of information, especially for deleting rules if not inserting them in the right order as well04:21
BilgeWhich log file would tell me this?04:22
BilgeLooks like it is working now because he hasn't shown up again since inserting at the top04:22
jmarsdenOK... you did do sudo ufw logging on, right?04:23
jmarsdenIf you did, the log entries should be in /var/log/messages by default (I think... my setup here is ... a little modified)04:24
BilgeI think logging is off04:25
BilgeThat file is just full of --MARK-- lines04:25
jmarsdenYou are running a production server and "think" that logging is off? :)04:26
jmarsdensudo ufw loggin on    # will be a start04:27
jmarsdensudo ufw logging on    # will be a start  (with the g)04:27
BilgeWell I did `ufw logging` and it wouldn't tell me whether it was on or not04:30
BilgeSo how am I supposed to check?04:30
jmarsdenJust turn it on :)04:30
BilgeI've never had to mess about with ufw; I just use it to map services that I deploy04:30
BilgeAnd for that purpose it has worked adequately up until now04:31
BilgeI imagined that firewall logs would be verbose as hell04:31
BilgeJust a waste of disk space04:31
BilgeAnyway, is it possible to attach a note with rules so that I remember why I banned this subnet?04:31
jmarsdenNo, ufw is simple and small and doesn't easily let you do that.04:32
jmarsdenYou can just add a short note about firewall configuration (and the output of sudo ufw status numbered) to your system admin log (assuming you keep one) for that server.  I suspect you could add a comment to the /etc/ufw/ufw.conf file, but that assumesyou will remember where that file is next time around :)04:35
Bilgelol yes04:38
BilgeI can see loglevel=off in that file04:38
BilgeWhat does it get set to if I just specify "on"04:38
BilgeIt seems to expect low medium or high04:38
jmarsdenlow, I think.  try it :)04:40
BilgeDon't see anything in /var/log/messages though04:41
BilgeI would extend ufw to support comments04:42
BilgeIt would be useful for all rules04:42
jmarsdenGo for it, it is open source :)04:42
BilgeWell I was looking to you obviously since even if I did modify the source it would only benefit me04:43
jmarsdenNo, you could upload the changes to bzr on Launchpad and request a merge in the usual way.04:43
BilgeAnd I think it makes sense to include the rule number in the status output by default and an option to enable or disable it by default instead of having separate command (parameters) for that04:43
BilgeReason being that it conveys the importance of rule precedence more intuitively and makes rule deletion easier04:44
BilgeFor your consideration; I'm going to sleep :)04:45
jmarsdenOK.  Ah, try /var/log/ufw.log   when you wake up :)04:45
BilgeNo such file04:45
jmarsdenOK.  There's one here, and a few older rotated and compress versions of it, but that might be a local change I made, I forget.04:47
atari2600awhat's up w/ vbox support04:54
atari2600aWhen I realized the installer had a vm guest option, I tried it out & now I get dropped to initramfs04:55
atari2600awhichever you prefer to call it04:55
jmarsdenatari2600a: I have a feeling that options is for KVM virtualization, not Virtualbox, but I am not sure.04:55
jmarsdenA normal Ubuntu server install should work fine inside virtualbox.04:56
atari2600athe wiki said the option's for most popular VM's, so I would assume vbox would count as that04:57
atari2600a& the Ubuntu-server as a guest OS entry, complete w/ vbox installation instructions is there too, including instructions to install as a VM guest from the bootloader04:58
knoxyhi all.. How the more recommended version of kernel to ubuntu as virtual machine (VMware ESXi) ? 2.6.x.x-server or 2.6.x.x-virtual ?04:58
jmarsdenatari2600a: OK... I've just used the "regular" server install in virtualbox and had no issues... maybe wasting a little RAM, I suppose.04:59
patdk-lapknoxy, doesn't really matter, -virtual if it exists, for lucid though, it will just use -server though04:59
knoxypatdk-lap: Thanks05:00
atari2600await, found the problem, appearantly the minimal VM kernel doesn't support SATA05:00
* atari2600a reconfigures05:00
atari2600a& I'm actually going for saving some RAM :P05:01
atari2600apoor, stuck w/ 2GB of DDR205:01
DatzGadu: thanks man, will do05:01
atari2600awhy isn't nano installed by default05:05
atari2600anot everyone has the patience to boot into Vi D:05:05
iggimy server installs have nano by default and vi, but not vim. I cant use vi efficently, but vim, yes. First apt-get right there.05:16
iggiCan anyone help me with a UEC ssh key problem?06:08
[biabia]in unattended upgrades seems like it would be a good idea to automatically remove unused dependencies but the default is false.  also, by default it only dl's security updates, and doesnt reboot when needed unless enabled.  ok to change those 3?06:35
uvirtbotNew bug: #729513 in squid (main) "package squid (not installed) failed to install/upgrade: Unterprozess installiertes post-installation-Skript gab den Fehlerwert 1 zurück" [Undecided,New] https://launchpad.net/bugs/72951306:46
uvirtbotNew bug: #729517 in squid (main) "Installation failed (Paketoperation fehlgeschlagen)" [Undecided,New] https://launchpad.net/bugs/72951707:01
=== pau|c_ is now known as pau|c
uvirtbotNew bug: #729574 in bacula (main) "package bacula-director-mysql 5.0.1-1ubuntu1 failed to install/upgrade:" [Undecided,New] https://launchpad.net/bugs/72957411:07
RoyKThe short story "When sysadmins ruled the earth" from http://craphound.com/overclocked/download/ is a must for all good sysadmins :)12:00
pw-toxichi,  i want my samba server to allow guest logins12:22
pw-toxiccan someone please help me?12:22
pw-toxici have wassted several h urs for this12:22
=== fisted_ is now known as fisted
=== ecanto_ is now known as ecanto
bau-hi all, i have a problem: i'm trying to install ubuntu server, but i can't connect to the internet with my wifi board (dlink)... any suggestion?16:16
uvirtbotNew bug: #729694 in squid (main) "package squid 2.7.STABLE7-1ubuntu12.2 failed to install/upgrade: subprocess installed post-installation script returned error exit status 1" [Undecided,New] https://launchpad.net/bugs/72969416:21
uvirtbotNew bug: #729709 in munin (main) "Low max_processes leads to hosts being skipped" [Undecided,New] https://launchpad.net/bugs/72970916:41
HalbergMHey everyone!16:54
HalbergMI have a very quick question if anyone would be so kind to answer. How do I find the public IP address for my server?16:55
iggiAnyone able to help me resolve a UEC key issue17:02
NicholasRogeIf I CHMOD a directory to 777, is it possible for someone outside my website to upload things to it?17:05
jmarsdenworld-writeable directories are generally a bad idea from a security point of view.  You should not need to do that for a web directory.17:36
thesheff17_So I see this article w/ holes in the ubuntu kernel. http://www.zdnet.com.au/ubuntu-peppered-with-holes-339310663.htm  I patched my the server but the kernel version is  2.6.32-29-server...does this version patched for these problems?  The article recommends linux-image-2.6.35-25-server 2.6.35-25.44~lucid1.17:39
EvilPhoenixthesheff17_:  which distro you running?17:39
thesheff17_10.04 LTS17:40
iggiIf you need that kernel, 10.10 is on if upgrading is plausable17:41
EvilPhoenixyeah, that kernel isnt on 10.04 LTS17:42
thesheff17_I need to stick w/ LTS17:42
EvilPhoenixor if it is, i dont see it in the list17:42
thesheff17_I see linux-image-2.6.35-25-server in the packages...but wondering if I should hold back.17:42
EvilPhoenixi'd say this: "Do you ABSOLUTELY NEED that kernel"?17:43
EvilPhoenixif no, then dont worry about it17:43
RoyKiggi: 2.6.35 is in Lucid17:43
thesheff17_I did apt-get install landscape-common linux-headers-server linux-image-server linux-server this doesn't get that latest version?17:45
RoyKseems linux-image-2.6.35-27-generic is the latest - couldn't find a -server package17:45
thesheff17_ah ok17:45
RoyKthesheff17_: apt-get update && apt-get dist-upgrade17:45
Datzthesheff17_: have you had a look here? http://www.ubuntu.com/usn17:45
RoyKthe upgrade won't install 2.6.35, though17:45
Datzthat's odd.. looks like 10.04 is abandoning the 2.6.32 kernel, or at least not providing fixes for it? http://www.ubuntu.com/usn/usn-1083-117:52
thesheff17_So I just did apt-get install linux-image-2.6.35-25-server and uname -a uses Linux vm020 2.6.35-25-server any reason not to do this?   Is there a reason there is a miss match?17:58
RoyKthesheff17_: if you're already in 2.6.35, never mind17:58
DatzRoyK: does that mean that 10.04 users should upgrade to the 2.6.35 kernel?18:04
RoyKDatz: AFAICS, yes18:05
Datzah, k thanks18:05
RoyKDatz: and AFAICS the article at ubuntu.com says this is done automatically18:05
EvilPhoenixRoyK, i wish, it hasnt been done yet to my servers running 10.04 :/18:05
Datzok, well I'll have to wait and see, as I haven't see that yet18:05
RoyKEvilPhoenix: try an apt-get upgrade && apt-get dist-upgrade18:06
RoyKthe dist- part will take it to a new subversion, which may help18:06
EvilPhoenixcant.  upstream issues from my current locatoin to my server cant let me ssh in18:06
EvilPhoenixah... i see...18:06
iggiI'm trying to setup UEC, and I followed the documentation, but something seems to be wrong with the key setup. I get the error "INFO: We expect all nodes to have eucalyptus installed in //var/lib/eucalyptus/keys for key synchronization." followed by errors stating node-cert.pem, cluster-cert.pem, and node-pk.pem are missing. I looked and cannot find where in the documentation it mentions18:23
iggisetting up any of these keys.18:23
DatzRoyK: apt-get upgrade && apt-get dist-upgrade doesn't have any new updates for me. :|18:26
Datzoh well :P18:27
DatzI guess I could always install the 2.6.35 kernel manually :)18:27
uvirtbotNew bug: #729780 in bind9 (main) "bind9 fails to create pid file." [Undecided,New] https://launchpad.net/bugs/72978018:36
RoyKDatz: try that18:42
Datzwill do, thanks18:50
thesheff17_Datz: any reason that 2.6.35 isn't set to the latest kernel for lucid?18:54
thesheff17_I also just tried ksplice...which seems nice but also reports 2.6.32-29.58-server is the latest version18:56
Datzthesheff17_: I was wondering that myself actually18:56
pmatulisDatz + thesheff17_: the 2.6.35 kernel is not a lucid kernel.  it's the maverick kernel that people have the *option* to install19:14
thesheff17_pmatulis: This article recommends linux-image-2.6.35-25-server for lucid which is confusing... Does the latest kernel for lucid address these problems in this article? http://www.zdnet.com.au/ubuntu-peppered-with-holes-339310663.htm19:15
RoyKthesheff17_: those are fixed in 2.6.3519:17
thesheff17_RoyK which is only for maverick?19:18
pmatulisthesheff17_: don't believe everything you read19:21
pmatulisthesheff17_: just upgrade to the latest .32 kernel and you'll be fine19:21
thesheff17_pmatulis: haha ok good :)19:23
pmatulisthesheff17_: most of those things are even covered by the .31 kernel19:24
pmatulisthesheff17_: see http://www.ubuntu.com/usn/usn-1074-219:24
Datzpmatulis: this seems to suggest to update to 2.6.35 http://www.ubuntu.com/usn/usn-1083-119:37
Datzor is that if you are already using 2.6.35...19:41
Datzthat might make sense :)19:41
uvirtbotNew bug: #729819 in dovecot (main) "Dovecot !include_try does not work with 'deliver' - mail delivery fails" [Undecided,New] https://launchpad.net/bugs/72981919:41
pmatulisDatz: you have to actually read the page.  see what is affected19:44
Datzwell yea19:45
DatzI'm still not 100% clear :P19:55
iggianyone know how to change the port eucalyptus uses for rsync/scp/ssh? I don't use a standard port and it is failing every time.20:09
thesheff17_iggi: wish I just had hardware to test eucalyptus :-/20:11
iggithesheff17: 1 virtualization enabled computer. e.g.- $200 AMD Athlon X2. CC goeso n a vm inside node.20:12
thesheff17_iggi: so the virtualization of the processor will carry over through the virtual machine?  Are you using virsh?20:16
iggithesheff17_: I have a correct setup, but you can test it by throwing down a machine with ubnutu+kvm-qemu+libvirtd then run the CC on a vm20:17
thesheff17_iggi: did you have to do something special for it?  I just got This hardware does not support virtualizatoin acceleration.  This is on the virtual machine.20:23
thesheff17_iggi: ah the install just continued on..cool20:23
uvirtbotNew bug: #729844 in squid (main) "package squid 2.7.STABLE7-1ubuntu12.2 failed to install/upgrade: le sous-processus script post-installation installé a retourné une erreur de sortie d'état 1" [Undecided,New] https://launchpad.net/bugs/72984420:26
pmatulisDatz: what's your question then?21:34
iggiAnyone know why I would get a internal server error when I go to http://<cloud-ip-address>:8773/services/Eucalyptus on my UEC server? I get the error: "16:55:25 ERROR [NioServerHandler:New I/O server worker #1-10] Internal Error. com.eucalyptus.ws.server.NoAcceptingPipelineException"22:16
iggiappears to bea similar bug here: https://bugs.launchpad.net/ubuntu/+source/eucalyptus/+bug/51906222:21
uvirtbotLaunchpad bug 519062 in eucalyptus "Unable to connect to Eucalyptus Service on port 8773" [Low,Expired]22:21
rnigamtest 12322:43
guntbertrnigam: don't test here please, there exists #test22:44
rnigamJust installed ubuntu server on the latest Dell boxes with new AMD Opterons22:45
rnigamPlanning to create a virtualized environment.22:45
rnigamAny suggestions on tools?22:45
iggikvm, libvirt, eucalyptus22:45
rnigamwhat about virt-install?22:46
rnigamI am not sure which package has it on the server version or if it is still supported22:47
rnigamapt-get install python-virtinst returns nothing22:47
rnigamoh yes i have decided to use KVM and already have kvm and libvirt22:48
rnigamany word on  virt-inst package anyone?22:51
Datzpmatulis: I was unsure after reading http://www.ubuntu.com/usn/usn-1083-1 whether or not I should upgrade to 2.6.35-* from 2.6.32-2922:55
Datzor if 2.6.32-29 is patched and safe to use. That is all. ;)22:55
rnigamiggi: what is the best tool to create kvm virtual machines?22:58
jmarsdenrnigam: https://help.ubuntu.com/community/KVM/CreateGuests22:59
rnigamjmarsden: Thanks. That should get me going for now.23:01
jmarsdenrnigam: You're welcome.  It is part of a whole set of KVm related wiki pages, see the nav items under the main title on that page.23:01
uvirtbotNew bug: #729911 in squid (main) "package squid 2.7.STABLE7-1ubuntu12.2 failed to install/upgrade: subprocess installed post-installation script returned error exit status 1" [Undecided,New] https://launchpad.net/bugs/72991123:06
iggirnigam: virt-manager?23:08
rnigamjmarsden: Yes I see that. Thanks Again. The only problem is that While i was going through the KVM wiki I came across a tool called virt-install which turned out to be obsolete in this server version. I have decided to go by the last edited time on every page from hereon.23:09

Generated by irclog2html.py 2.7 by Marius Gedminas - find it at mg.pov.lt!