[00:00] Daviey: what's the PPA url? i can take a look now [00:03] hudson's deprecated anyway. [00:03] deb http://pkg.jenkins-ci.org/debian binary/ [00:03] is what I use. [00:03] jiboumans, https://launchpad.net/~hudson-ubuntu/+archive/testing [00:04] actually, ~ubuntu-hudson is based on Natty... so soren's suggestion is probably better for LTS. [00:04] Daviey: you know me well :) of course i'm on LTS (smoser++) [00:05] jiboumans, What?! You aren't putting production loads on the development release?! [00:05] Daviey: indeed, I'm not hitting the crack pipe :) [00:05] :) [00:06] Daviey: ok, i'll try ffe process [00:06] Daviey: I do seem to recall that debuild was failing until i refreshed patch 01-kvers.patch [00:06] Daviey: but, hopefully you're off for the night and will read this in the morning :) [00:07] hallyn, Make sure you note that you spent significant time trying to cherry pick a fix etc. And new upstream snapshot seemed both more reliable, and less time - and more supportable rather than a massive patchset [00:07] Lay it on thick :) [00:08] hallyn, Ah, debuild will crap out if the patch contains fuzz... when quilt push doesn't... really annoying variation of defaults! [00:09] Daviey: 3.0 quilt or --with quilt ? [00:10] I think the 3.0 (quilt) thing is a bit broken. We really need 3.0 (bzr) [00:11] SpamapS, "quilt pop -a ; quilt push -a" works.. with default setup, mentions fuzz and offset... but the build process will only accept offset but not fuzz. [00:12] SpamapS, I recently pondered the idea of 3.0 (bzr), but can you imagine converting all of debian? :).... Really, i think bzr needs to have native knowledge of .pc [00:13] Daviey: there is an experimental 3.0 (bzr) somewhere, 3.0 (git) got bumped from experimental to approved recently, I though. [00:13] err, I thought. [00:14] sbeattie, Yeah - but how useful is that for /everything/... Other than a few DM that use bzr and Ubuntu native packages? [00:15] Daviey: useful? when has that ever been a criteria? :-) [00:15] lol [00:15] Has everyone else had puppet adverts following them across the internet today? [00:17] Do nightmares about clowns count? [00:18] Depends if you have the nightmare whilst awake :) [00:33] kirkland: dude could you also please publish the tarball for poewrnap at launchpad/net/powernap? === tsimpson_ is now known as tsimpson === tohuw is now known as Tohuw [01:38] Is there any compelling reason to leave usergroups=yes in adduser.conf if I'm configuring an Ubuntu LAMP server? Granted, I need to watch my perms (e.g. 644 not 664), but that's just paying attention, not a real argument against it. [01:40] There are two cases where the group permission is relevant: /home/fred (private personal files) and /srv/share (shared files that need group write access). [01:41] IME you cannot handle both correctly with plain POSIX permissions, so it is better to err towards privacy and leave usergroups=yes. [01:41] This allows users to opt-in to a shared group on specific files (i.e. /srv/share) rather than having to opt-out of same for /home/fred. [01:42] twb: good point. thank you [01:42] Obviously if you value security over convenience, you should study one or more LSM MACs, like grsecurity, selinux or apparmor. [01:44] twb: I'm going to learn apparmor last, but I do plan to incorporate it to some extent. I figure, get it working, then harden it. :) [01:44] Sure. [01:44] You're running PHP so you're pretty much screwed anyway [01:44] twb: why are the default directory perms in adduser.conf 0755 if you're not supposed to execute stuff in /home? [01:45] Tohuw: the default behaviour is to give world read access to files in $HOME [01:45] On the basis that sharing is useful, e.g. so you can read alice's .bashrc for handy things to put in your own [01:45] twb: "You're running PHP so you're pretty much screwed anyway" <-- it depends, I would say. You can harden php decently through proper php.ini and phpSuExec configuration. [01:46] http://en.wikipedia.org/wiki/PHP#Security [01:46] One quarter to one third of ALL vulnerabilities announce each year are PHP related. [01:46] twb: I was more asking about the "7" part. Doesn't that allow the user to execute from their home? [01:46] Tohuw: no, it's a umask. [01:47] Actually, not it isn't. [01:47] That's the actual permission that /home/fred will be set to, so 7 means rwx [01:48] So, why allow execution? I though executables were supposed to be in */bin dirs? [01:49] Tohuw: execute permission on a directory means that you're allowed to cd into it, IIRC [01:49] Something like that. Anyway, you need it [01:49] oh. Hm! [01:50] I'll be darned; you're right [01:50] Run info coreutils 'File permissions' [01:50] Revoking the executable bit prevents cd to the dir. [01:50] Unfortunately there's only info page, not manpage [01:51] `x' the permission the USERS have to execute the file, or search it if it is a directory. [01:54] the whole "oh let's only make info pages because info lolrulez" attitude is frankly annoying. [01:54] info foo | less [01:55] Now you have a big manpage [02:26] New bug: #735239 in postfix (main) "package postfix 2.7.0-1 failed to install/upgrade: 子程序 installed post-installation script 傳回了錯誤退出狀態 75" [Undecided,New] https://launchpad.net/bugs/735239 [02:29] twb: haha. It's more about telling users "just use man to find out about stuff", only some things don't have a man, or even worse, an outdated/very sparse one. [02:29] Though I suppose telling users, "just info it" is valid as all man pages are read by info, AFAIK [02:30] anyone here using a SAS Expander, and willing to recommend it for use in a new system ? i'm shopping for a SAS Expander for a ubuntu based system, and would love to hear from anyone running one now. [02:34] By "expander" do you mean a chassis that houses the disks, or a card that has SATA ports, or what? [02:37] a SAS expander is a circuit board, often housed on a PCI(E) shaped card or in a 5.25" bay that goes inside one of the chassis that houses the drives (or a main system) that allows multiple drives to be connected to one controller. Most of the expanders I've seen take one SFF-8088 or 8087 cable from a controller card, and "expand" it to connect 16 or 24 drives plus 2 additional expanders. [02:39] I've also seen SAS expanders built directly into a backplane, but those are too expensive for me. [02:43] Okay, I've RTFM, but I still don't understand what format the quota for quotauser should be in... [02:43] (quotauser as set in adduser.conf) [02:45] * twb looks for a picture [02:46] Hm, OK [02:47] I can't help; I mainly deal with SATA === raul is now known as bigbang [03:22] Is there a strict 1:1 relationship between inodes and files? I.e., every file has an inode. === bigbang is now known as krux [03:47] everything on a disk has an inode [03:48] even directories, symlinks, ... [03:48] not all inodes are files [03:49] Tohuw: no, two files can have the same inode (i.e. a hard link) [03:49] Patrickdk: well, multiple hard links often fit inside one inode, too... touch foo; ln foo bar ; ls -i foo bar # both have same inode number :) [03:49] ya, I wasn't thinking about that [03:49] Similarly, if you open a file, delete it, then create a new file, both files will be /tmp/x, but they will have different inodes [03:49] and wasn't even thinking about it that way [03:50] I was thinking stuff (files,dir,...) -> inodes -> blocks [03:50] inodes is a collection of blocks, basically [03:50] or, an inode [03:50] twb: thanks, I received the answer in another channel. I'm clear on it now. Is dumpe2fs the "standard" tool for viewing free inodes? [03:50] By contrast, FAT has no inodes, so you cannot delete an open ifle [03:51] tune2fs? [03:51] really df -i [03:51] oh [03:51] good ol df [03:51] Tohuw: I don't know why you would ever need to do that [03:51] df -i lists the percentage of inodes used/free [03:51] twb: setting rational quotas for my partitions [03:52] Tohuw: number of files is a rough guide to current inode usage within a specific directory tree [03:52] Given that I could theoretically run out of inodes before running out of blocks [03:52] then for quota purposes, it's pretty much dir+files=inodes [03:52] Tohuw: try find /home/ -user fred -xdev | wc -l [03:52] hopefully user fred is a standard user, and doesn't have only maildir files :) [03:52] twb: right, but I was more interested in total free inodes, to try and devise a policy for limiting them. [03:53] fred is my mta AND sql log rotation holder! :D [03:54] I'm doing one inode per 32kb currently [03:55] Patrickdk: what brought you to that decision? [03:55] it was the ratio setup before me, and I didn't see any point in changing it [03:56] 4k is just normally overkill [03:56] 64k is too big though :( [03:56] 16k would probably be good [03:56] but some users abuse inodes, not too many [03:56] Look at what users are using, then halve [03:58] I'm probably going lower the inode limit good pretty soon [03:58] once I convert all the email [05:00] Hi, Me again, still wondering which SAS Expanders people have used in here with a Ubuntu system [05:16] how can we answer that when you don't stick around for an answer? [05:17] patdk-lap: You could try answering using memoserv, if you really want to :) :) [05:18] I could [05:18] but I seriously don't even think the os knows about sas expanders [05:18] it's just sees drives connected to a scsi card [05:18] as long as the expanders and sas card get along, all should be good === twister004_ is now known as twister004 [06:08] jamespage, awake ? === twister004_ is now known as twister004 [07:12] New bug: #735296 in samba (main) "package winbind 2:3.4.7~dfsg-1ubuntu3.4 failed to install/upgrade: underproces installed post-installation script returnerede afslutningsstatus 127" [Undecided,New] https://launchpad.net/bugs/735296 === twister004_ is now known as twister004 [09:50] Hi all [09:51] I installed ubuntu server 10.04 64 bit and there is no desktop on it [09:51] i want to install desktop on that machine but there is no internet [09:52] luckymurali: of cource theres no desktop enviroment - servers usually don't have xorg / gnome [09:53] luckymurali: and - then you have to set up your network connection :) [09:53] <_ruben> luckymurali: if you want a desktop, install the desktop edition .. it's obvious i'd say [09:53] yes i know that, my concern is how to install desktopn on server without internet [09:54] <_ruben> you'd use the desktop cd/dvd to install it, as it's not on the server cd/dvd [09:54] luckymurali: get an internet connection. set up your wireless connection via cli. [09:54] or whatever you need for internet [09:54] TheInfinity,I need Desktop without internet [09:55] but i dont know where is the desktop pacakge [09:55] the desktop I need to use is for a specific reason [09:55] * _ruben points to #ubuntu [09:56] * TheInfinity would also say #ubuntu because i dont see the relation to server topics [09:56] any way thanks for your suggestions [10:02] New bug: #735369 in bacula "Bacula Admin Tool (bat) does not work well with Qt 4.6.2 in Lucid" [Undecided,New] https://launchpad.net/bugs/735369 === Nafallo_ is now known as Nafallo [11:06] hallyn: Hi hallyn; could you please post a link to more info about updating the apparmor profile (re mail on ubuntu-server list); i found some info on https://apparmor.wiki.kernel.org/index.php/Libvirt but I must say I have no experience with apparmor... [11:21] New bug: #735402 in squid (main) "package squid 2.7.STABLE7-1ubuntu12.2 failed to install/upgrade: sub-processo script post-installation instalado retornou estado de saída de erro 1" [Undecided,New] https://launchpad.net/bugs/735402 [11:37] New bug: #735409 in mysql-dfsg-5.1 (main) "package mysql-server-5.1 (not installed) failed to install/upgrade: il sottoprocesso nuovo script pre-installation ha restituito lo stato di errore 1" [Undecided,New] https://launchpad.net/bugs/735409 === e-jat_ is now known as e-jat === zul_ is now known as zul [13:20] morning all [13:23] morning RoAkSoAx [13:33] jdepi: jdstrand may know of an actual link about updating apparmor profiles for libvirt instances, but please send reply in email to whatever msg i sent yesterday, and we'll figure it out [13:34] hallyn, jdepi: that link and the /usr/share/doc/libvirt-bin/README.Debian.gz should have everything needed [13:35] hallyn: i did :-) [13:35] jdstrand: thanks, I should'vethought of that one [13:35] jdstrand: thanks, i'll have a look [13:44] idea for UDS: [13:44] no... make that [13:44] request for UDS: ACL by default [13:44] why are we still in the 20th century? :) [13:47] heh [13:47] acl by default on what? [13:48] filesystems [13:49] never used acl's [13:49] ivoks: Last we had that discussion, I think Adam Conrad (infinity) said something about Samba changing its behaviour if the filesystem had ACL enabled... and then we decided not to enable it. I think it [13:49] s ripe for another discussion. [13:49] makes life easier in some situations... /me thiks about samba and nfs [13:50] soren: hm... i can't remember what it was [13:51] ivoks: Anyways, it was almost 5 years ago. :) [13:51] ivoks: Hmm... Or was it in Boston? Anyways, several years ago for sure. [13:52] http://www.samba.org/samba/docs/man/Samba-HOWTO-Collection/AccessControls.html#id2614541 [13:52] i think it was prague [13:53] * soren tries to envision the Prague session rooms [13:53] I also forget when infinity left [13:54] i didn't know he left :) [13:55] like 2 years ago i think [13:56] ah [13:56] ivoks: its on my list to bring up [13:58] thanks :) [14:00] ok, maybe pushing it by default is over the line [14:00] but, lots of people are unaware of it and we could probably make better docs by mentioning how to utilize acl [14:03] absolutely; better docs are a minimum. simple tools to enable acl's would also help, imo [14:23] ivoks: pacemaker now also has support for acls [14:23] Daviey: do i need to create a new bug for the open-vm-tools FFE? [14:24] hallyn: is there a merge bug opened already? If so, nope [14:25] there is a bug open which the merge is needed for [14:25] (bug 727342) [14:25] Launchpad bug 727342 in open-vm-tools "package open-vm-dkms 2010.06.16-268169-3ubuntu1 failed to install/upgrade: open-vm-tools kernel module failed to build" [Critical,In progress] https://launchpad.net/bugs/727342 [14:25] cani just mark that one 'new' and put the info in there? [14:26] RoAkSoAx: hm... i don't see how's that relevant for pacemaker :) [14:26] hallyn: yeah, add [FFe] at the beginning of the bug title. You can also modify the title, and off course add the description for the FFe [14:27] RoAkSoAx: pacemaker doesn't do anything on the filesystem... ACLs are of no use for it [14:27] RoAkSoAx: maybe you are refering to pacemaker's internal ACL [14:27] ivoks: "S.U.S.E. has implemented support for ACLs. This means that you can now delegate permission to control parts of the cluster (as defined by you) to non-root users." [14:27] right, no internal ACL [14:27] ACL = access control list [14:27] what i was refering to is acl on filesystem [14:28] ivoks: yeah yeah but I mean, your conversation of FS ACL's reminded me mof pacemaker's [14:28] s/right, no internal ACL/right, so internal ACL/ [14:28] right... that's a nice feature [14:28] indeed [14:30] kirkland: howdy!! I just uploaded python-ethtool which is required by koan, could you please take a look at it when you have the time since it's in the NEW queue? thanks [14:42] hallyn, no [14:43] RoAkSoAx, Has it had FFe [14:57] Daviey: python-ethtool? yes [14:58] hallyn: yeah just use the same bug. I usually put [FFe] before the title of the bug and enhance description, etc etc (sorry for the delay i though I replied :) ) === ogra is now known as Guest56191 === Guest56191 is now known as ogra_ [15:02] p/whois soren [15:03] soren: hey, saw your presentation at fosdem about Openstack, great one [15:03] kirkland ping [15:04] lynxman: hi [15:04] RoAkSoAx: sure, i'm on a call at the moment [15:04] kirkland: no worries, whenever you have the time is fine ;) Thanks [15:05] kirkland: hey *waves* I had some unexepected troubles with the upstart file for mcollective and I modified it on my 1.1.3 packaging to get it closer to what SpamapS suggested (for mcollective-server-provisioner, which kinda is the same category) just wanted your opinion/ideas on it [15:06] kirkland: http://pastebin.ubuntu.com/580609/ === jjohansen is now known as jj-afk [15:06] kirkland: no hurries though [15:07] lynxman: np, i'm on the phone for the next ~1 hour [15:07] kirkland: can easily wait :) [15:08] how can I check mail for root user ? [15:11] orudie, 2 ways: either log in as root and type mail , or as your user (asuming you have sudo access) type sudo mail [15:12] isnt there a meeting today? [15:12] zul: daylight saving [15:12] is in effect [15:13] damn farmers [15:13] lol [15:13] zul: blame the sun [15:13] lynxman: farmers are more tangable [15:13] zul: true true [15:15] * SpamapS daylight savings time [15:15] the sun will actually be up for the meeting.. woot [15:17] how can I view sshd log ? [15:17] SpamapS: I resent daylight savings time for stealing 1 hour of my life [15:17] I resent it for wasting my time and everyone elses [15:17] I resent it for being a government-controlled resource [15:18] * RoAkSoAx doesn't really care [15:18] I especially resent when said government changes the start/stop times with only TWO WEEKS NOTICE because of some goddamn sporting even [15:18] * RoAkSoAx doesn't really care about daily savings [15:18] *event [15:18] orudie: mail for root should be forwarded to the user [15:18] orudie: depends on what you're looking for, mostly in /var/log/auth.log [15:18] arght daylight* [15:19] RoAkSoAx: inside a datacenter there's no daylight to save :D [15:19] Anyway, edison and friends obviated the need for a daystar [15:20] lynxman: hehe indeed. In my case is none sense since I have light till 8pm or so [15:20] lol [15:20] lynxman: it only borrows it ;) [15:21] RoAkSoAx: lucky you [15:21] lynxman: not really... because of that I don't sleep till late nite [15:21] SpamapS: yeah it's given back in October when I don't need it anymore to enjoy summertime :) [15:22] RoAkSoAx: me neither, but I just do it as an anti-farmer protest ;) [15:22] * lynxman joins together memes craftfully [15:22] lynxman: except in summer time when would you rather have more daylight.. when you've just awakened, or near sunset ... [15:23] SpamapS: hmm fair point [15:24] hm? I prefer light int he morning, thank you [15:25] night time should be dark. Lit by xmas lights. [15:25] hallyn: even if it wakes you up? [15:25] * hallyn for a moment relives college :) [15:25] lynxman: because it wakes me up [15:25] you know. at 8am. feh [15:25] You're talking to someone who doesn't get out of bed before 10AM [15:25] hallyn: that's too soon [15:25] lol [15:25] Unfortunately... my child/wife/alarm clock wake me up long before the sun threatens to do so naturally [15:25] twb: how does that feel? [15:26] all right, ubuntu desktop cd is still hanging on partman [15:26] Now, OK, it is 2:30AM and I am in the office [15:26] But that is not the point [15:26] vmbuilder to the rescue [15:26] "The datacenter!?, what is it?!" ... "Its a dank dark dungeon filled with servers and star wars fans, but thats not important right now." [15:27] it crowd? [15:27] Adaptation of Airplane! [15:27] (sounds like leslie nielsen) [15:27] ok [15:27] I liked when they gave her "the internet" in a box [15:27] i figured it crowd had an airplane moment [15:27] 'DONT DROP IT' [15:27] hello [15:27] Airplane was awesome [15:28] SpamapS: I've heard people get lost in datacenters... then they come back as deformed creatures after years of roaming through the cabling... [15:28] It's rebadged in .au, so when it was last on the telly I was watching for an hour going "this seems a lot like Airplane..." [15:28] twb: haha doh! [15:29] hm,e how does one have vmbuilder write to a lvm partition... [15:29] need help please, i can not install virtual box [15:29] Admittedly at that point I had only read the script on usenet, not actually seen the film [15:29] can you help please? [15:29] ua: that's not part of Ubuntu; it would be better to talk to your vendor (Oracle)... [15:30] virtualbox isn't part of Ubuntu? [15:30] virtualbox-ose - x86 virtualization solution - base binaries [15:30] * SpamapS has never tried to run it on Ubuntu so I'm actually curious [15:30] http://paste.debian.net/110739/ [15:31] spamaps>sorry i didn't understand what you mean [15:34] Ah, mea culpa [15:34] I forgot there was an open source "edition" [15:35] ua: you probably want virtualbox-ose, which is 4.0 in natty, but not before [15:36] twb>yes thank you, i tested now, it seems working [15:36] Daviey: ok so I was thinking we can ship two powernap-eucalyptus configs. One for when in powersave and the other for when in any other action method. The one for powersave would be default and will only have a [ProcessMonitor] for kvm, while the one for any other action method will have a [ProcessMonitor] for /sbin/init [15:36] may be i've to restart [15:37] Daviey: they can be installed in /usr/share/eucalyptus/ and the default either symlinked or copied to /etc/powernap/config.d/ [15:39] twb>can you tell me how could i inscrease the size of/boot?thank you [15:40] ua: you probably can't [15:41] Usually if /boot is its own partition, it'll be a simple primary partition, with another partition immediately after it [15:41] In theory it could be on LVM, in which case you can lvextend [15:42] If /boot is just part of your normal root filesystem, you can delete other stuff, and/or extend that partition. But if you're complaining, this is probably not the case [15:42] Note that vbox images probably don't belong in /boot -- /srv/vm would make more sense [15:47] twb>i've given 32Mb for /boot witch is own partition, but not it's full, that's why i'd like to increase it or purge somefiles ... [15:49] New bug: #734984 in debian-installer (main) "Ubuntu server Natty listening to port 953 in tcp and tcp6" [Undecided,New] https://launchpad.net/bugs/734984 [15:50] i've given 32Mb for ( /boot) witch is it own partition, for now boot patition is full, that's why i'd like to increase it or purge somefiles in... [15:51] twb>are you there friend? [15:52] where are you? === erichammond1 is now known as erichammond [16:50] I just setup a new ubuntu 10.04 server and I'm trying to move over some apache virtualhosts. I'm trying to use the default setup where you a2ensite and such. [16:51] so what is your problem? [16:51] My sites show up in etc/apache2/sites-enabled but when I try to go to their url's I only get the "default" [16:51] kpettit: paste an example of the virtualhost [16:51] to http://paste.ubuntu.com [16:52] if I remove the "default" site I can see my first virtualhost and only my first one. It doesn't seem to be paying attention to the ServerName [16:52] it's fustrating becuase same config works on identical ubuntu server. but I think that one is ubuntu 9.10. I'll paste... [16:53] http://paste.ubuntu.com/580658/ [16:53] maybe you copied something that is connected to the old machine [16:53] only this? [16:53] It's odd becuase if I remove the default it will show this domain's settings, but only this one. Like it's only going to show the first virtualhost or something [16:53] and other virtualhosts are set as? [16:54] yes, he serves the first working match [16:54] exactly same as the one I paste except the domain name and directory are different. I've got 3-4 of them on there [16:54] kpettit: and you are trying to access to http://www.setuplinux.com [16:54] ? [16:54] yes. [16:54] uhm [16:55] Right now if you go there it goes to the "default" with is a hello world. It doesn't pay attention to my virtualhost file unless I remove "default". [16:55] If I remove the "default" then it only pays attention to the next virtualhost in line for all the other virtualdomains. [16:56] http://paste.ubuntu.com/580663/ [16:57] this is a copy of the ports.conf which has the "NameVirtualHost" directive and such. I also put in the "default" virtualhost file. [16:57] everithing is correct... [16:57] uhm [16:58] yeah that's what I figured. Haven't had a issue where it only ever paid attention to one virtual host unless I hadn't set the NameVirtualHost directive or something, but it's there so I'm a confused. [16:58] let's verify something [16:58] It's a default brandnew install with updates as of this morning. [16:58] ls -la /etc/apache2/sites-enabled/ [16:58] in mine, I deleted the default one [16:58] ls -la /etc/apache2/sites-available/ [16:58] so we can check [16:58] It shows 000-default and my www.setuplinux.com and other sites. === JayFo is now known as JFo [17:00] I just verified it's not a permission thing. [17:01] tail -n 50 /var/log/apache2/error.log [17:01] ? === jj-afk is now known as jjohansen [17:04] it's something to do with the namevirtualhost directive not working right. [17:04] maybe you do not need to add NameVirtualHost *:80 a second time [17:04] I did and one of the virtualhosts worked. [17:05] but another one didn't so I'm checking on that. [17:05] i've some vhosts with namevirtualhost specified, other not [17:07] it should be a generic thing that you only need to specifiy once [17:08] kpettit: why you specified on serveralias the same thing is specified on servername? [17:09] i got it wokring. [17:09] for whatever reason it didn't like everything being in different files. I copied and pasted all my virtualhosts in the one "default" config and it works [17:10] I have no idea why it works in one config rather than having them in the seperate configs like is supposed to be the default [17:10] the default is with different configs [17:10] I have mine in 12 different files [17:10] because it includes sites-enabled/* [17:10] some files have more than on vhost line, most have one [17:10] what I mean by "default" is the file /etc/apache/sites-available/default [17:11] you shouldn't use sites-available [17:11] but sites-enabled [17:11] for whatever reason on this one my different virtualhosts config files weren't looked at. But I put them all in the one file and it works fine [17:11] sites-available is ignored :) [17:12] that same line is still in there and it works fine. [17:12] so it wasn't causing it to fail. [17:12] cause default is symlinked to sites-enabled [17:12] odd [17:13] patdk-wk, yeah I had them all in sites-available and there were symlinked to sites-enabled using the a2ensite commandline [17:13] ah [17:13] it would only look at one file. If I removed default it wouldn't only look at the next virtualhost and not any others [17:13] I just ignore sites-available completely [17:14] yeah, I normally do that. I was just trying to follow more the standard on Ubuntu. [17:14] seems way too confusing for what I do, to have them doubled up in two directories [17:14] no biggie. [17:15] I like the idea behind it. It's nice when having lots of virtualhosts so you can turn on/off easy. But didn't work for me this time around [17:24] kpettit: the apache2.conf is set at default? no customizations at all? [17:25] remix_tj, yes. It was a default install as of 2 hours ago [17:25] âñåì ïðèâåò [17:25] åñòü æëàíèå ïîìî÷ íóáó? [17:26] NidHelp6092: as far as i can see you're doing a pretty UTF-8 test case. [17:26] (((( [17:27] kpettit: putting everything in a file works? [17:28] yes [17:29] kpettit: the name of that file? [17:29] /sites-available/default [17:29] I just put all my stuff in the "default" file. [17:30] my 3 domains are up and running now. All seems well. not sure why having them in the different files didn't work. [17:30] kpettit: try grep sites-enabled /etc/apache2/apache2.conf [17:30] let's take a look to the config [17:31] Include /etc/apache2/sites-enabled/ [17:31] with * at the end? [17:31] I know it was looking in the directory becuase if I removed "default" and added my own it worked as well. But it only ever looked at the first file it found. NOt any others [17:31] no, it's just like I pasted [17:32] kpettit: try replacing with this [17:32] Shoudl it have a * at the end? [17:32] Include /etc/apache2/sites-enabled/[^.#]* [17:32] mine doesn't [17:33] my old server doen't either. I'll give it a try here in a bit though. [17:35] kpettit: also my lucid server does not [17:36] kpettit: this is an example of my working vhost on a single file [17:36] http://paste.ubuntu.com/580673/ [17:37] is not much different than yours.. [17:37] that hosed me up. I'm not sure what's happening with that. Have to role back. [17:41] usually apache is very straight forward for me. Oh well, it's all working now. [17:45] thanks for the help remix_tj [17:45] :-) [17:57] Hello [18:04] * RoAkSoAx is off to lunch [18:05] I'm having some problems with a static ip on an ubuntu server. I have configured the network in /etc/network/interfaces and double checked it against other servers on the same subnet (but with another IP off course). When I run "/etc/init.d/networking restart" I get an SIOCADDRT: No such process and the interface fails to come up [18:05] Any idea what could be causing this error? [18:05] dhcp works just fine [18:06] TKsw: maybe pastebin you interfaces file [18:06] TKsw: ifconfig -a and cat /etc/network/interfaces, please :-) [18:06] do *not* paste that stuff in here [18:06] no no [18:07] Just have to get a dhcp adress and then ssh :P [18:13] http://pastebin.com/CDDmHbPp [18:17] Anyone here configured a samba share to have password authentication? [18:21] per user? or per share? [18:23] Anyone has any clue what my network problem could be? :P [18:24] TKsw: remove this two lines [18:24] network xxx.xxx.102.0 [18:24] broadcast xxx.xxx.103.255 [18:25] Nope, still getting the error [18:25] uhm [18:26] are you sure gateway, netmask and address are matching? [18:26] (i see also ipv6 configured on your eth0...) [18:26] haha, found the error [18:26] After one hour of looking at the interfaces files I had typed an ip-adress wrong ;P [18:27] We were even two persons looking really hard at it and still didn't discover the error [18:27] Anyway, thanks for the help :) [18:27] :-) === Jonny51 is now known as Jonny5 [18:43] Daviey: ping did you upload bind sru yet? [18:43] hey, im turning an old laptop into an ubuntu server, hopefully should be ssh, ftp, email-(I have a gmail that i want to use for now) and web-(the domain name for this will be my new email pretty soon, i hope) will someone please point me to a few guides? inital googleing didn't turn anything up [18:43] zul, No, doing that today [18:43] Daviey: they can be installed in /usr/share/eucalyptus/ and the default either symlinked or copied to /etc/powernap/config.d/ --> ideas? [18:44] RoAkSoAx, hmm.. either/or i think... [18:44] oh, and an IRC server, if thats possible, havent googled it yet [18:45] RoAkSoAx, it's a config file, that people should be able to edit IMO... so a real file in /etc/ is better IMO. [18:45] RoAkSoAx, if it's /usr/share/, it should be static. [18:46] Daviey: right, but in /usr/share there's "examples" and one of these configs should be default and the other is a choice or backup or additional [18:46] yep, I would like to include IRC into that list [18:47] Daviey: and since /etc/powernap is not eucalyptus config it should not go by default there IMHO [18:47] RoAkSoAx, I don't think it matters either way tbh... Personally, adding complexity of a symlink seems unecessary. [18:48] RoAkSoAx, Well fair point, if we consider something like phpmyadmin and apache2... that uses the symlink approach. [18:48] for a conf.d. [18:48] Daviey: indeed [18:48] RoAkSoAx, go with that! [18:48] make it so. [18:56] anyone want to help? [18:58] Daviey: alrigth [19:00] format120, I'm really sorry, people aren't ignoring you - we are just all really busy at the moment. Please hang around, and hopefully someone will help soon. [19:02] jamespage, or anyone else... [19:02] wondering if anyone is aware of a "generic native launcher" applet [19:02] ok Daviey [19:03] we're using this nx web runner applet. but it basically just an applet that downloads native binaries, puts them into a user directory and then launcches them. [19:03] thanks, and im not just waiting for someone to hold my hand, I'm still googlein [19:03] it seems like there might be a more generic (open source/modifiable) applet that does that [19:09] i rebuilt a package (asterisk-mp3) and made it available on a local repository but my client ignores this version and downloads it from the official repo. How do I get my clients to use my local repo with higher priority than the official repo? [19:10] pin [19:10] google for apt pinning [19:14] !pinning | bobg [19:14] bobg: pinning is an advanced feature that APT can use to prefer particular packages over others. See https://help.ubuntu.com/community/PinningHowto [19:25] ubottu, Pici, thanks. it seems that pinning control which release a package is taken from . I have the exact version of the file on my local repo (its only rebuilt to fix a appearent build mistake in the official version(https://bugs.launchpad.net/ubuntu/+source/asterisk-addons/+bug/560656)). How does apt decide where to get a file if it exists in more than one repo? I know I could bump the version number of my build but I would rather [19:25] not if I don't need to [19:25] Error: I am only a bot, please don't think I'm intelligent :) [19:25] Launchpad bug 560656 in asterisk-addons "The mysql add-on module is out of sync with asterisk" [Undecided,Fix released] [19:28] bobg: It grabs the most recent version number unless the pinning setting say differently. [19:28] Daviey: you haven't yet merged the branch that creates the new eucalyptus-admin-tools package right? [19:29] RoAkSoAx, don't /think/ i have [19:29] RoAkSoAx, I merged the adding of it, but not the new package [19:30] Daviey: ubuntu2 was the one you merged, which was fixing the installing of the missing euca_admin python module [19:33] is there an automatic way to get ubuntu server on a USB? all the guids I found are outdated, or give you a .exe to do it, and Im on Arch linux [19:33] Pici, do you know what it does if the exact same filename (package version) exists on more than one repository? Is it arbitrary which one it chooses? is the order in the sources.list file significant? [19:33] Daviey: don't yet merge it though. I'm gonna do the powernap configs on top of that [19:34] bobg: I suppose it would be arbitrary. [19:37] format120, when I did it about 6 months ago it was surprisingly difficult. I think that the method I used was to mount the usb stick as a virtual drive on a xen virtual machine and then install Ubuntu into the VM -- i followed some how to (sorry i don't have any details) [19:37] Pici, thanks [19:37] ok, ill do some googleing, thanks [19:39] RoAkSoAx, ack [19:46] Daviey: RoAkSoAx: i prefer the /usr/share + symlink approach [19:46] kirkland: yeah that's best IMO [19:47] RoAkSoAx: \o/ [19:50] kirkland: Daviey where shall we document this changes though? [19:51] RoAkSoAx: hmm [19:51] RoAkSoAx: at least in http://help.ubuntu.com/community/UEC [19:52] RoAkSoAx: possibly a release note, if the admin needs to take action [19:53] kirkland: yeah I think a release note is definitely required as this will affect anyone who's running powernap on the NC's [19:54] RoAkSoAx: okay [19:54] RoAkSoAx: i can help you with that, if you like [19:54] kirkland: sure :) [19:57] hey guys, I'm trying to setup an ubuntu server, but don't have access to a cd drive. I could use a USB key, but that looks hard, can someone point me to a guide on installing over the network? I'm in Arch linux on this box, by the way [19:58] is it possible somebody might have a clue why my following cron line spits out an error about end of file unexpected expecting ")".*/2 * * * * . /etc/web/conf.d/reporting.env && cd /home/reporting/trunk/crons/ && echo "---------------------------------- `date`" >> /var/log/fc-crons/KPI_build.log && /usr/local/bin/php /home/reporting/trunk/crons/freecause_daily_KPI_build.php $(date -d yesterday +%Y-%m-%d) >> /var/log/fc- [19:58] crons/KPI_build.log 2>&1 [19:59] wait, nevermind, I didn't bother to check the ubuntu website, and fourms said that it was really complicated [19:59] format120: You might want to look at https://help.ubuntu.com/10.04/installation-guide/i386/linux-upgrade.html it shows a method using debbootstrap [20:04] <_ruben> geekbri: i'd put all those commands in script and have cron call that .. much cleaner imo, might ease up the debugging too [20:04] kirkland: should the symlinking be handled in eucalyptus-nc.postinst or shall I just tweak the packaging for that? [20:04] _ruben: i may just very well do that, as it seems it runs fine as a bash script [20:05] <_ruben> geekbri: i try to keep my cron entries as clean as possible, so i basically write a script whenever it needs to do more than 1 thing ;) [20:07] _ruben: i was just trying to avoid the internal dilema of where do i keep my script that run as crons ;) [20:08] <_ruben> i tend to just shove 'em in /usr/local/(s)bin/ [20:09] lynxman: Thanks! [20:09] <_ruben> or depending on the "frequency", one of the cron.{hourly,daily,weekly} dirs [20:09] i stil am dying to know what i've done wrong however :). I noticed a couple things. one since im using crontab -e i didn't need the users name, and two i used . to source the .env file instead of source [20:10] RoAkSoAx: it should be in a debhelper .links file [20:10] <_ruben> geekbri: you might be using bashisms and cron might be using sh .. just guessing here though [20:10] RoAkSoAx: unless logic is required [20:10] RoAkSoAx: in which case, postinst would have to be used [20:10] <_ruben> and i tend to avoid crontab -e as well ;) [20:10] _ruben: im pretty sure that is the problem. I think its the entry $(/bin/date -d yesterday +%Y-%m-%d) [20:11] <_ruben> /etc/cron.* is already scattered enough ;) [20:11] kirkland: yeah i'm just using dh_link in debian/rules... btw... I think I'm just gonna ship 1 conf that has kvm-euca = "kvm" and init = "^/sbin/init". Though kvm-euca will only be enabled [20:11] so that if admin changes from the default action of powersave to any other one, they'll have to change use the init ProcessMonitor rather than kvm-euca [20:13] _ruben: i think im just going to go ahead and put this one in a bash script :) [20:49] with l7 filters, can I port forward http:// requests to port 8000 and ws:// requests to port 9000? [20:50] I found good iptables resources but not l7 filter resources [20:50] <_ruben> bencc: no [20:51] _ruben: so what do i7 filters do? [20:51] <_ruben> bencc: NAT happens at the very first (SYN) packet, which doesn't have the URI in it [20:51] _ruben: so there is nothing I can do? [20:51] <_ruben> there's a lot of things you can do, just not what you want to ;) [20:51] except for a proxy? [20:52] <_ruben> proxy would be best solution for this, yes [20:53] _ruben: what about using port 8080, can I count on it to be open for most users? [20:54] for http of course [20:55] <_ruben> for certain values of "most", sure ;) [20:56] <_ruben> corporate businesses filter whatever they feel like, though i think 8080 would be kinda safe [20:56] cool. 8080 it is :) [20:57] if my users will be blocked, I'll send them here to complain [20:57] <_ruben> or just use ipv6 and don't have to deal with the ipv4 depletion issues and port overloading [20:57] what do you mean? [20:59] <_ruben> sounds to me your trying to offer 2 services on the same port on a single ipv4 address ... which is a result of the ipv4 depletion (no more ipv4 addresses "soon") ... ipv6 is one of the solutions to that [21:00] aren't I depend on the hosting service? [21:01] <_ruben> usualy you are, tho any self-respecting hosting service would already offer ipv6 or atleast be able to offer it in the very near future [21:01] <_ruben> then again, i'm an optimist from time to time [21:01] they usually charge for additional ip addresses [21:02] it doesn't cost much but it is another manual step in the deployment [21:03] of course a service accessible only over ipv6 is currently not accessible to many, many people... [21:04] <_ruben> make sure the service is "interesting" enough, put it on non-standard port on ipv4, and standard port on ipv6 ;) [21:04] <_ruben> "forcing" others to bite the bullet as well [21:05] convince fb to switch to ipv6 [21:07] * Patrickdk has switched fully to ipv6 awhile ago [21:08] the only thing I have that doesn't do ipv6 is fail2ban and mysql [21:12] <_ruben> bencc: fb as in facebook? they're on ipv6 atleast partially [21:12] _ruben: so when I go to facebook.com I see ipv6 ip [21:12] ? [21:13] <_ruben> nah, there's www.v6.facebook.com [21:13] <_ruben> still fetches most of its resources over ipv4 though i think [21:13] fail [21:14] server not found [21:14] www.v6.facebook.com. 3600 IN AAAA 2620:0:1cfe:face:b00c::3 [21:14] works here [21:15] <_ruben> same here [21:17] it freaking redirects me to ipv4 though [21:17] HTTP/1.0 302 Found [21:17] Location: http://www.facebook.com/common/browser.php [21:17] X-FB-Server: 10.43.78.53 [21:17] extra fail, they must be doing a ipv6 http proxy -> ipv4 backends [21:18] odd, I get sent to Location: http://www.v6.facebook.com/common/browser.php [following] [21:19] You are using an incompatible web browser. (firefox 3.6) [21:19] man facebook failing all over the place [21:20] ya, this time I got recirected to that also [21:20] turbotax didn't want to run on chromium for linux.. changed the useragent to windows.. finished taxes in 20 minutes. Suck it Intuit. [21:20] facebook must be having ipv6 routing issues [21:21] speaking of ipv6, can you set that up as a service? like ipv6 routing, then PAT onto an ipv4 external network? === Bilge is now known as magic8ball [21:22] set it up as a service? === magic8ball is now known as Bilge [21:22] you mean, nat64? [21:22] format120: no no no! [21:22] nat64 + dns64 [21:23] nat to external ipv4 is pretty useless [21:23] not if your running an ipv6 only internal network [21:23] what is the utility of running ipv6 internally if you are not connected to ipv6 public network? [21:24] who said it wasn't? [21:24] but not the whole world is ipv6 yet, so [21:24] I did Patrickdk, and I know its pointless, but its fun\ [21:24] oh? I didn't see the, only ipv4 external [21:26] you can simply use a dual stack network, i did it in my office [21:27] or you can try messing around with totd and ptrtd [21:27] if you're going to go that far, why not just find a tunnel broker? with that 1 more step, you could make the 6 actually useful [21:28] it sounds like fun. I have fios, and might be getting a new server, so i might add a fiberoptic nic, and just have fios directly to the server, and use it as my router, that would be sweet [21:29] you can build in very few minutes an ipv6 router with a linux machine connecting your network to the ipv6 internet using a tunnelbroker like HE.net [21:29] (as i did at work) [21:32] cool, well, I'm working on installing my first server, ever, right now, so it might be a while, with many dumb questions inbetween [22:40] hey, what landscape? it seems like its for managing large clouds of servers. do i want it to manage my updates? this is my only, and first server [22:41] Fredrick: landscape works well, but it isn't free [22:41] oh, lol, so i don't want it. [22:42] pkgsync or similar systems exist for doing the same [22:43] im builing the first 100% free network, gifted crappy PC's linux OS's, and free use of my rich friends soler panels, when hes not useing them, and if I do all of his yard work. lol [22:43] so what would be the best choice for a single server? [22:44] well, all that depends on the load etc [22:45] probably small, server is for DHCP and other router stuff, maybe a little ssh, ftp, and if im lucky, webserver [22:45] oh, and email [22:45] thats why im making it, the rest are just bonuses [22:46] im thinking, no automatic updates? and just ssh in, and do sudo apt-get update every now and again? [22:47] and apt-get dist-ugprade [22:47] dist-upgrade, even [22:47] apt-get update will only update the index [22:47] oh, how is that diffrent [22:47] security updates will happen automatically if chosen so in the setup [22:47] so pick that one? [22:48] Fredrick: apt-get update updates the package index, but doesn't download anything, use apt-get dist-upgrade (or perhaps apt-get upgrade if you're paranoid) to upgrade the system [22:48] yea, I went with that one. [22:49] ok, why would apt-get upgrade be more secure than apt-get dist-upgrade [22:49] AFAIK upgrade doesn't do kernel upgrades. [22:49] not really - dist-upgrade will only upgrade to the latest sub-release (as in from 10.04.2 to 10.04.3 when that eventually arrives) [22:50] air^: even dist-upgrade doesn't upgrade to 2.6.35, which is recommended [22:50] oh, ok [22:50] so how do I get up there? [22:50] apt-get install ... [22:50] my install disk is kinda old, so i might be back at .1 [22:51] 10.4.1 that is, not 10.0 [22:51] 1 [22:51] there is no 10.0 [22:51] there is 9.10 and 10.04 [22:51] year.month [22:52] so just apt-get install is more prefer than apt-get install upgrade? [22:52] I meant 10.01, but i hit enter to early [22:52] 10.01 doesn't exist either [22:53] it's year.month, with 6 months between each release [22:53] and its barely perfered over apt-get install dist-upgrade? [22:53] oh, ok [22:54] there is no such thing as "apt-get install dist-upgrade" [22:54] then why so long in between 10.04, and 10.10, [22:54] apt-get install somepackage [22:54] or apt-get dist-upgrade [22:54] Fredrick: how long between april 2010 and october 2010? [22:54] it's quite simple [22:54] err i mean why are we still on 10.04, and not 10.10 [22:55] !lts [22:55] LTS means Long Term Support. LTS versions of Ubuntu will be supported for 3 years on the desktop, and 5 years on the server. The current LTS version of Ubuntu is !Lucid (Lucid Lynx 10.04) [22:55] 10.04 is LTS. [22:55] 4, plus 6 is ten [22:55] you said it was 6 months, [22:55] between releases, yes, but two years between LTS releases [22:55] oh, [22:55] ok then [22:56] for a home setup, any release will probably do [22:56] but for production setups, I use LTS [22:56] thanks, i only have one keyboard, so i have to switch it back to the server, but ill stay in the channel, and switch back when i have a nother question [22:57] tanks [22:57] Fredrick: isn't your server networked? ;) [22:57] :D [22:59] hello, where do I set the network settings and nfs mount settings so that nfs is mounted AFTER the network is up? [23:00] currently nfs tries to mount the fstab entries before the network is up and so it fails [23:00] what nfs version? [23:00] normally, _netdev [23:00] 4 [23:00] nfs4 ignores _netdev [23:00] have to do it manually [23:01] very nice.... [23:01] https://help.ubuntu.com/community/NFSv4Howto [23:03] thx [23:24] ok, im at Software selection, whats a LAMP server? [23:24] Fredrick: Apache, mysql, php [23:25] ok, why would I want that? [23:28] what would a user be doing, in order to require a Lamp server? arent apache, and php programing languages? and msql a database? [23:31] ok, well what about a Tomcat Java server? [23:31] apache's a web server. php is a programming language, and mysql a database. together they make the stereotypical linux-based webserver [23:32] oh, thanks [23:32] what about Tomcat Java?