/srv/irclogs.ubuntu.com/2011/03/26/#ubuntu-server.txt

=== medberry is now known as med_out
Techie	i am currently using iptables for my gateway, however this does not seem to support uPnP port forwarding, is there an alternative that does support uPnP?	02:29
Patrickdk	ya, iptables :)	02:31
Patrickdk	linux-igd	02:31
Techie	do explain?	02:31
Techie	does linux-igd work with iptables, or is it a gateway software itself?	02:32
Patrickdk	that is why google exists	02:33
Techie	i was hoping you might be able to inform me while i furiously search, however google does make the world go roun	02:33
Techie	round*	02:33
Techie	hrmm, will be back in a bit, gotta put my server back into the network	02:36
=== TuxIce is now known as Guest9195
aslan	hi, i work in hospital and we have almost 150 client, we try to use Active Directory Domain Controller, but if we do this, we will have so much money to pay for licence. i want to install computers ubuntu. our hospital software works in linux. and i want to make something like windows Active Directory system, i hear about openldap and pfsense. i take a look of them and these are so confused for me. does anyone suggest me a good software same active	08:49
aslan	directory ? but i want software that can be controlled with a good user interface. thanks.	08:49
uvirtbot	New bug: #742994 in squid (main) "package squid 2.7.STABLE7-1ubuntu12.2 failed to install/upgrade: le sous-processus script post-installation installé a retourné une erreur de sortie d'état 1" [Undecided,New] https://launchpad.net/bugs/742994	08:56
volkan	Heey! Saturday morning terror... I wanted to install some packages on our ubuntu server and after a connection error the amazon based server was unavailable. Only stopping and starting the instance got the server back to life. Now i tried dpkg --configure -a to finish the installation but the server got unavailable again.... Heeeelp?	09:16
raphink	volkan: first you could try running the dpkg --configure in a screen	09:50
raphink	in case the configure steps cut the ssh connection, it will at least allow them to continue while the ssh is cut	09:50
volkan	heey! Thank you...	09:51
raphink	and then you can reattach later	09:51
volkan	@raphink: dpkg: --configure needs at least one package name argument	09:51
raphink	volkan: -a I mean	09:51
raphink	the one you were trying	09:51
raphink	maybe it could be interesting to see the list of packages yet to configure	09:51
raphink	dpkg -l \| grep '^iU'	09:52
raphink	will tell you that	09:52
raphink	that migth give you a hint on which package is the issue	09:52
volkan	Thes server get's unavailable when i run dpkg --configure -a...	09:52
raphink	I understood that part volkan	09:52
volkan	I just activated multiverse to install the ec2 admin tools... The last ssh output is: Setting up openjdk-6-jre-headless	09:53
raphink	so I'm suggesting ways to find out why and fix it	09:53
volkan	update-alternatives: using /usr/lib/jvm/java-6-openjdk/jre/lib/jexec to provide /usr/bin/jexec (jexec) in auto mode.	09:53
volkan	Uh... Nice:	09:53
raphink	by unavailable, what do you mean exactly?	09:53
raphink	does the ssh connection reset	09:54
raphink	do other services still work?	09:54
raphink	does the server crash (and do you have anything in dmesg then?)?	09:54
volkan	ssh connections hangs... apache off everything is gone...	09:54
raphink	alright	09:54
volkan	what is dmesg?	09:54
raphink	kernel messages	09:54
raphink	useful to debug when a machine crashes	09:55
raphink	type "dmesg" in a console	09:55
volkan	i did dpkg -l \| grep '^iU' Do you want the output?	09:55
volkan	ok	09:55
raphink	you could paste the output of dpkg -l \| grep '^iU' in a pastebin	09:55
raphink	pastebinit is a useful too for that by the way	09:55
raphink	dpkg -l \| grep '^iU' \| pastebinit	09:55
volkan	ok one moment!	09:55
raphink	(apt-get install pastebinit)	09:56
raphink	forget about that last one if you don't want to make your server crash again ;-)	09:56
volkan	no apt-get :)	09:56
raphink	just copy and paste into a pastebin :-)	09:56
raphink	or use pastebinit from your local machine :-)	09:56
raphink	ssh ubuntu@ec2-instance dpkg -l \| grep '^iU' \| pastebinit	09:57
volkan	http://pastebin.com/Z58tfutt	09:57
raphink	:-)	09:57
raphink	ok, that's dmesg	09:57
volkan	http://pastebin.com/166JW6hc	09:57
raphink	just these 6 lines?	09:58
volkan	Yes!	09:58
raphink	ok	09:58
raphink	and when you run dpkg --configure -a, you see	09:58
raphink	update-alternatives: using /usr/lib/jvm/java-6-openjdk/jre/lib/jexec to provide /usr/bin/jexec (jexec) in auto mode	09:58
raphink	and then it crashes	09:58
raphink	right?	09:58
volkan	new pastebin:	09:59
volkan	http://pastebin.com/F9avmFJk	10:00
raphink	ok	10:00
raphink	lets see	10:01
volkan	And when i do -a	10:01
raphink	can you paste the contents of /var/lib/dpkg/info/penjdk-6-jre-headless.postinst?	10:01
volkan	http://pastebin.com/HMuTPHi1	10:01
volkan	oh that was something else... Yes one minute...	10:01
raphink	sorry, missing an o	10:01
raphink	can you paste the contents of /var/lib/dpkg/info/openjdk-6-jre-headless.postinst?	10:01
raphink	;-)	10:02
volkan	http://pastebin.com/HEVqzLQZ	10:03
raphink	sooo	10:03
raphink	the update-alternatives commands in run in the loop from 37 to 59	10:04
raphink	these work fine it seems	10:04
raphink	sorry, even down to 65 actually	10:04
volkan	Oke....	10:04
raphink	that's the jexec alternative	10:04
raphink	which we see works fine	10:04
raphink	or not actually	10:05
raphink	let me see :-)	10:05
volkan	By the way: Thank you! :)	10:05
raphink	we see	10:05
raphink	update-alternatives: using /usr/lib/jvm/java-6-openjdk/jre/bin/tnameserv to provide /usr/bin/tnameserv (tnameserv) in auto mode.	10:05
raphink	and then it crashes	10:05
raphink	tnameserv is listed in jre_tools, so it's in the loop from 37 to 59 probably that it crashes	10:06
raphink	or right after	10:06
volkan	Can't i just cancel that install?	10:06
raphink	you could	10:07
raphink	but I'd rather find why it does that :-)	10:07
volkan	Ok!	10:07
volkan	Better!	10:07
volkan	By the way: i'm doing all the server stuff but i'm kind of an advanced noob... Are you available for paid support sometimes?	10:09
raphink	I don't have a company to bill	10:09
raphink	canonical provides server support, you know?	10:09
raphink	:-)	10:09
raphink	let's see	10:10
raphink	can you try running this (long command)?	10:10
volkan	haha... ehm... i don't have the company that can pay for it :)	10:10
raphink	update-alternatives --install /usr/bin/jexec jexec /usr/lib/jvm/java-6-openjdk/jre/lib/jexec 1061 --slave /usr/share/binfmts/jar jexec-binfmt /usr/lib/jvm/java-6-openjdk/jre/lib/jar.binfmt	10:11
raphink	can you run that?	10:11
volkan	ok...	10:11
volkan	update-alternatives: using /usr/lib/jvm/java-6-openjdk/jre/lib/jexec to provide /usr/bin/jexec (jexec) in auto mode.	10:11
raphink	and it doesn't crash?	10:12
volkan	but seriously we could buy you stuff at amazon... Is actually better than getting payed... You will get presents!	10:12
volkan	nope!	10:12
raphink	ok	10:12
raphink	let's try another one	10:12
volkan	it's still there..	10:12
raphink	(thanks for the suggestion ;-)	10:12
raphink	hmmm	10:13
raphink	edit /var/lib/dpkg/info/openjdk-6-jre-headless.postinst	10:13
raphink	and add "set -x" after the line that says "set -e"	10:14
raphink	so that will add a line 6 before current line 6	10:14
raphink	right	10:14
raphink	?	10:14
volkan	yes!	10:14
raphink	save the file	10:14
raphink	then run	10:15
volkan	did it..	10:15
raphink	dpkg --configure -a	10:15
raphink	again	10:15
volkan	:)	10:15
raphink	that will make the whole thing verbose	10:15
raphink	so we see where exactly this "Timeout, server not responding" message comes from	10:15
volkan	http://pastebin.com/mx7nFfiD	10:16
volkan	oke stopping and starting the instance again...	10:16
raphink	is that all you saw?	10:16
volkan	Yes...	10:17
volkan	And the timeout server not responding...	10:17
raphink	ah, you did see it	10:17
raphink	so you're crashing at line 80	10:18
raphink	line 74 is nuts	10:19
raphink	case java-6-openjdk in	10:19
raphink	cacao\|shark);;	10:19
raphink	*)	10:19
raphink	etc.	10:19
raphink	the string "java-6-openjdk" will never match cacao or shark	10:19
raphink	from your package list yet-to-be-configured	10:20
raphink	I see you have cacao, so I guess you want to use that	10:20
raphink	and the statement at line 74 is wrong and gets you in the default case when you should enter the first one, which does nothing	10:20
raphink	and hence does not crash ;-)	10:20
volkan	sorry no idea what cacao is but it some dependency...	10:20
raphink	you know what	10:21
raphink	change line 74 (which is now 75 for you with set -x)	10:21
raphink	sorry, line 75, now 76	10:21
raphink	into	10:21
raphink	\|cacao\|*shark);;	10:21
raphink	save and run dpkg --configure -a again	10:21
raphink	;-)	10:21
raphink	so you don't get into the case that crashes for you	10:22
volkan	instance isn't up already... just a sec...	10:22
raphink	ok	10:22
volkan	YEEEY!	10:24
volkan	Hero of my weekend!	10:24
raphink	now you have to make sure that java actually works ;-)	10:25
volkan	Do you a quick test?	10:26
volkan	Do you know a quick test?	10:26
raphink	well I don't know, there's probably a reason why you have java installed on this server, no?	10:26
raphink	:-)	10:26
volkan	dependency of amazon tools... I just tried them seems to work!	10:27
raphink	ok then that should be fine	10:27
raphink	:-)	10:27
raphink	that said, it might not hurt to open a bug on this package	10:27
raphink	with your fix and a note on how the case statements look very weird ;-)	10:27
volkan	Really thank you... You saved my weekend... should i do it or do you want to do it?	10:27
volkan	I will do it!	10:27
raphink	thank you	10:28
raphink	you can subscribe me	10:28
volkan	How?	10:28
raphink	there's a subscribe someone link to the right of each bug	10:29
raphink	put "raphink"	10:29
raphink	:-)	10:29
volkan	oke! You are not interested in amazon stuff are you :) ?	10:29
volkan	I have some performance problems on a lamp stack...	10:29
jfb_h20	suddenly my computer won't boot when a external USB drive is plugged in... any suggestions on what to check?	10:43
a7ndrew	bios boot order?	11:20
peta	hello everybody	12:06
peta	i'm faced by a tricky challenge	12:06
peta	i got a remote machine based on 10.04. during the the last days i set it up, did finetuning and securing. now i want to "clone" the system, transfer the image via ssh to my local machine and use it in a virtual machine. the remote machine has has a 2x750gb RAID1 setup. the problem is that i only want to "clone" the actual os files (users,groups,packages, settings, asf.) without the grub settings, so that i can just copy the image	12:10
peta	use it without a neat.	12:10
peta	might it be sufficient to do a remote rsync, or some other "simple" file/folder copy action?	12:12
=== Alan_ is now known as Alan
downloadSSH	ei	13:25
downloadSSH	in BIOS of my old computer there is an option for "shared memory"	13:25
downloadSSH	what is that	13:25
downloadSSH	I think it's related with the graphics card	13:26
downloadSSH	so.. should I disable it since I am running ubuntu server?	13:28
=== dendro-afk is now known as dendrobates
froud	Hi, have Ubuntu Server Ubuntu 10.04.2 LTS with LAMP stack installed and Postfix. Having trouble enabling php mail to send mail from apps like joomla and weberp, but when I run my own script using phpmail it works. I've tried removing postfix for sendmail but the result remains the same, cannot send messages from phpmail functions. Anything one may suggest I have missed. The same problem is...	13:59
froud	...on two servers.	13:59
downloadSSH	ok so now I have another issue	14:07
downloadSSH	in TTY	14:07
downloadSSH	im trying to type !	14:07
downloadSSH	but it adds some chars	14:08
downloadSSH	I am using alt + !	14:08
=== reisi_ is now known as reisi
downloadSSH	do you know what this means	14:34
downloadSSH	"ac97 codec read timeout"	14:34
downloadSSH	in tty	14:34
=== downloadSSH is now known as TTY_problem
DrDetroit	Dovecot seems to have loaded at install, and I have postfix also installed, but not running. Can someone point me to a good howto on how to get postfix and dovecot working correctly on ubuntu-server 10.04	15:21
TTY_problem	"With some keyboard layouts, AltGr is a modifier key used to input some characters, primarily ones that are unusual for the language of the keyboard layout, such as foreign currency symbols and accented letters. These are often printed as an extra symbol on keys."	15:22
TTY_problem	AltGr key replacement:	15:23
TTY_problem	than i dont know what to choose	15:23
jmarsden	TTY_problem: With some (many) other keyboard layouts, there is no AltGr key... so if you do not have one, leave it out :)	15:27
TTY_problem	U have it	15:27
TTY_problem	I	15:27
TTY_problem	jmarsden	15:28
TTY_problem	it's next to space bar	15:28
TTY_problem	jmarsden: http://i55.tinypic.com/2dkfern.png	15:28
jmarsden	TTY_problem: You have one labelled AltGr? or you are trying to fake an AltGr key by using some other 'replacement' key?	15:28
TTY_problem	jmarsden: I have one key saying alt gr	15:29
TTY_problem	¬££££§@@££@@£	15:30
jmarsden	if it is just to the right of the space bar, the default "Right Alt" is probably the one you want.	15:30
TTY_problem	see	15:30
TTY_problem	ok	15:30
TTY_problem	:)	15:30
TTY_problem	now it's asking for a compose key	15:30
TTY_problem	│ The Compose key (known also as Multi_key) causes the computer to interpret the next few keystrokes as a combination in order to produce a character not found on the keyboard. │	15:31
jmarsden	Same deal. if you don't have one, tell it you don't have one.	15:31
TTY_problem	jmarsden: when I use thr arrows in TTY it types characters	15:31
TTY_problem	:s	15:31
jmarsden	That might not be a keyboard-configuration issue, you can usually fix that with entries in ~/.inputrc	15:32
jmarsden	But for now use the tab key to move around, or try ctrl-n for next and ctrl-p for previous instead of using the arrow keys.	15:33
TTY_problem	jmarsden: right arrow = [C	15:35
TTY_problem	damn	15:35
jmarsden	DrDetroit: the dovecot-postfix package does the configuration work for you...	15:35
jmarsden	TTY_problem: That's fine, that can be fixed with .inputrc and is not a keyboard layout issue.	15:36
DrDetroit	jmarsden: i get an error /etc/main.cf not found	15:36
TTY_problem	how jmarsden ?	15:36
TTY_problem	I just want to fix the ! and 1 problem	15:36
jmarsden	DrDetroit: Did you install postfix from the Ubuntu package, or from a tarball??	15:37
DrDetroit	jmarsden I chose it when I did the initial server installation	15:38
DrDetroit	I can see dovecot is running, and I assume when I get a main.cf in the /etc dir it will run also	15:38
RoyK	DrDetroit: iirc, that should be /etc/postfix/main.cf	15:38
DrDetroit	Royk: I know, but it is not there	15:39
DrDetroit	I am wondering if i have to run some sort of postconf command to get one	15:39
TTY_problem	ok it's in /etc/imputrc	15:39
TTY_problem	how do i fix it	15:39
jmarsden	DrDetroit: The package version of postfix looks in /etc/postfix for main.cf not in /etc/	15:40
DrDetroit	i apoligize, I am in /etc/postfix and main.cf is not there	15:40
jmarsden	TTY_problem: Try as a test export INPUTRC=/etc/inputrc	15:40
RoyK	DrDetroit: postfix comes with a generic one	15:40
DrDetroit	there is no main.cf in the /etc/postfix directory	15:41
RoyK	or (iirc) dpkg --configure postfix will create one	15:41
jmarsden	DrDetroit: OK, so can you do sudo dpkg-reconfigure dovecot-postfix	15:41
TTY_problem	jmarsden: what does the command do?	15:41
RoyK	erm, dpkg-reconfigure - yes	15:41
RoyK	ignore my post above	15:41
DrDetroit	ok thank you I wil try that	15:41
jmarsden	TTY_problem: sets a variable that makes your shell read that file of key mappings	15:41
DrDetroit	jmarsden: ah dovecot-postfix is not installed	15:42
TTY_problem	jmarsden: im sshing to the computer and other keyboard is connected but im stuck at login prompt	15:43
TTY_problem	because of keyboard layout	15:43
=== dendrobates is now known as dendro-afk
jmarsden	DrDetroit: Yu can either configure each of them separately, or use that package to do both together. Using dovecot-postfix is, I would say, easier for beginners.	15:43
DrDetroit	can i istall that package with apt-get install dovecot-postfix?	15:44
jmarsden	TTY_problem: Do you have this issue on your local machine, or only over SSH?	15:44
TTY_problem	jmarsden: the problem is the keyboard in TTY	15:44
TTY_problem	over SSH works fine	15:44
jmarsden	DrDetroit: Yes. Might be good to sudo apt-get purge dovecot postfix # first, to remove the ones you have installed now.	15:44
jmarsden	TTY_problem: You said: <TTY_problem> jmarsden: im sshing to the computer and other keyboard is connected but im stuck at login prompt	15:45
jmarsden	So now I am confused, which is it? :)	15:45
TTY_problem	jmarsden: im stuck localy	15:46
jmarsden	Ah, that's not what I thought you said earlier.	15:46
TTY_problem	jmarsden: because I need to type ! for the password ;)	15:46
jmarsden	WHy would arrow keys not working prevent you from logging in locally?	15:46
TTY_problem	but 1 or ! chars dont work	15:46
TTY_problem	and arrows also dont work	15:47
TTY_problem	and backspace	15:47
TTY_problem	and delete..........	15:47
TTY_problem	got it?	15:47
TTY_problem	:p	15:47
TTY_problem	all this in TTY from where im trying to login	15:47
jmarsden	And there is a 1 or a ! in your password??	15:48
TTY_problem	yes	15:48
TTY_problem	there is a !	15:48
TTY_problem	and it shows "login incorrect" becuaseo obviously the password was not typed correctly because of keyboard	15:49
TTY_problem	because*	15:49
DrDetroit	jmarsden: one final question, when configuring postfix, i am assuming I do NOT choose use procmail, since dovecot will used, is that correct?	15:50
TTY_problem	this is really annoying problem	15:51
jmarsden	DrDetroit: From memory, don't specify postfix as the local delivery agent unless you need it. procmail and dovecot do different things	15:51
jmarsden	TTY_problem: Sounds like at install time the wrong kind of keyboard was specified, or else there is a bug somewhere in how Ubuntu handles your keyboard...	15:51
jmarsden	But let me play a little before I give you more things to try...	15:52
DrDetroit	jmarsden: thank you I will play arround with this for a while	15:52
jmarsden	DrDetroit: You're welcome	15:52
TTY_problem	jmarsden: when I installed it everything worked fine	15:52
TTY_problem	now doesnt	15:52
TTY_problem	really weird.	15:52
jmarsden	TTY_problem: OK... so what changed just before it stopped working?	15:53
TTY_problem	nothing	15:54
TTY_problem	just installed things on the server	15:54
TTY_problem	:s	15:56
jmarsden	What things? Anything keyboard or input related?	15:56
jmarsden	OK, one more thing to try: sudo dpkg-reconfigure console-setup # Did you do this already?	15:57
TTY_problem	jmarsden: yes	16:03
jmarsden	OK... I'm running out of ideas... does the output of grep ^X /etc/default/console-setup look reasonable for your keyboard?	16:05
jmarsden	(on the ssh session, obviously, since you can't yet log in locally)	16:05
TTY_problem	jmarsden:	16:05
TTY_problem	the problem is the key "1"	16:05
TTY_problem	it's adding chars	16:06
TTY_problem	:P	16:06
jmarsden	You mean you have a sticky '1' key, a hardware issue with the keyboard??	16:07
TTY_problem	jmarsden: output http://pastebin.com/raw.php?i=keSY0y1j	16:07
jmarsden	Seems sane to me. Can you check whether other Linux/Ubuntu PCs you have that work fine have the same settings there?	16:08
TTY_problem	jmarsden: I even counted the keys	16:09
jmarsden	I'm guessing you have a desktop machine or laptop, as well as the server?	16:09
TTY_problem	it has 105 keys	16:09
TTY_problem	then i searched for the model on the wweb and found a site say my model is 107/108 keys	16:09
TTY_problem	:P	16:09
jmarsden	TTY_problem: One more (maybe strange?) idea: Can you swap the keyboard of the server with the keyboard of some other PC, just to check that the issue is not a hardware problem in the keyboard itself?	16:19
TTY_problem	jmarsden: ill try	16:20
TTY_problem	jmarsden: btw im in recovery mode now	16:20
TTY_problem	and im browsing the system with root user	16:20
TTY_problem	o.o	16:20
TTY_problem	i didnt type the password but i logged in	16:20
jmarsden	Why? You were browsing it over SSH just fine before... Anyway... try swapping keyboards and see if that helps.	16:20
TTY_problem	changed the keyboard now it works.	16:44
jmarsden	TTY_problem: OK, so it was a hardware issue... annoying, but buying a new keyboard should be inexpensive :)	16:45
TTY_problem	jmarsden: I installed Ubuntu with another keyboard but I was convinced that i didnt :P	16:49
* RoyK renicks TTY_problem to PEBKAC_problem		16:50
TTY_problem	jmarsden: using recovery mode I edit /etc/hosts file without typing a password	16:52
TTY_problem	isnt this really dangerous..	16:53
RoyK	TTY_problem: just set a root password	16:53
RoyK	sudo passwd root	16:54
RoyK	it's all documented in the handbook	16:54
RoyK	!handbook	16:54
RoyK	wtf	16:54
RoyK	!guide	16:55
ubottu	The Ubuntu server guide may be found at http://help.ubuntu.com/10.04/serverguide/C/	16:55
RoyK	sorry	16:55
jmarsden	TTY_problem: Anyone with physical access to your machine can fairly easily do anything they want to it anyway (e.g. boot from a CD, or even remove its hard drives!), so recovery mode not needing a password is not a significant weakness in practice. Servers need good physical security.	16:58
TTY_problem	jmarsden: yeah but I would know that I got "robbed"	17:00
TTY_problem	if they edit files I wont notice xP	17:00
jmarsden	TTY_problem: So if they boot from a CD, edit files and reboot, how is that different from booting into recovery mode in terms of damage done or discoverability?	17:00
TTY_problem	jmarsden: couldnt 'they' install a keylogger..	17:02
TTY_problem	jmarsden: Im just worried with the system not the hardware	17:02
jmarsden	Yes, either by booting from CD or using recovery mode :) Physical security is important. Secure your server.	17:03
TTY_problem	so I just need to set a root password right?	17:03
jmarsden	No, that does not prevent someone walking up to the sevrer and booting it from a CD.	17:03
jmarsden	You "just" need to physically secure your servers.	17:03
TTY_problem	jmarsden: ah you disabling boot from cdrom	17:04
TTY_problem	in bios	17:04
TTY_problem	and setup a password etc?	17:04
TTY_problem	you mean*	17:05
TTY_problem	or just lock the server on a room?	17:05
TTY_problem	:p	17:05
jmarsden	Then they remove the drives, connect them to their laptop and edit the files, then put your drives back in.	17:05
jmarsden	I mean you physically secure your servers.	17:05
TTY_problem	ye	17:05
jmarsden	Locking them up is one way to do that, yes.	17:05
TTY_problem	jmarsden: if I encrypt the disks	17:05
TTY_problem	they cant edit	17:05
TTY_problem	the files right	17:06
TTY_problem	they cant access	17:06
jmarsden	Yes, if you use full disk encryption and get it exactly right you can avoid that kind of attack. Is the risk of such attack really worth the extra work and issues of using full disk encryption for your circumstances?	17:06
TTY_problem	jmarsden: no	17:08
TTY_problem	jmarsden: Im just trying to understand how to secure a server	17:08
TTY_problem	but in practice i dont need it	17:08
TTY_problem	at least now	17:08
jmarsden	There are books written on that subject... read them when you need them.	17:09
TTY_problem	k	17:11
TTY_problem	jmarsden: should I use a password in BIOS?	17:11
TTY_problem	if I lost it how can I reset it?	17:11
jmarsden	That depends on the motherboard, usually there is a BIOS reset jumper you can use to set the BIOS back to a default state...	17:12
DrDetroit	Jmarsden: thanks for your help, I have my postfix sending mail, but not receiving it, but thats ok for now anyways, since I am trying to set up a replacement server and can't set the correct domain name until i retire the old box	17:14
DrDetroit	jmarsden:	17:15
jmarsden	DrDetroit: You're welcome.	17:15
DrDetroit	now onto configuring the eth0 for a fixed ip, even though I dont want to use that yet	17:15
TTY_problem	jmarsden: yeah I've reset it phisically	17:15
TTY_problem	ok so that's it	17:16
TTY_problem	doesnt matter to use password in bios if the "attacker" can open the computer	17:16
TTY_problem	:p	17:16
jmarsden	DrDetroit: https://help.ubuntu.com/10.04/serverguide/C/network-configuration.html see section titled "Static IP Address Assignment"	17:18
DrDetroit	jjmarsden: thanks again! I have 2 ethernet ports, currently using eth1 for my connection, but will try and set eth0 as a fixed ip interface for when I put the box in place	17:18
jmarsden	TTY_problem: Right. So you end up back at "physically secure the machine" :)	17:19
TTY_problem	:)	17:20
RoyK	TTY_problem: a good approach is to monitor system uptime and react if the system was taken down - then - if your data requires safety, encrypt the data part.	17:31
RoyK	or, as jmarsden says, simply secure the physical system	17:31
RoyK	TTY_problem: a server secured by 100 tons of cement, not connected to a network, will be safe, but not very usable :P	17:32
TTY_problem	heh	17:36
TTY_problem	:)	17:36
TTY_problem	later	17:36
TTY_problem	back	18:30
TTY_problem	damn	18:52
TTY_problem	I can type ! and 1 in gedit	18:53
TTY_problem	but in terminal it adds characters	18:53
TTY_problem	really weird	18:53
TTY_problem	if i type 1 it writes ~1	18:53
=== TTY_problem is now known as kb_problem
kb_problem	damn lulz	18:59
=== dendro-afk is now known as dendrobates
* davygravy greets ubuntu-server-gurus, acknowledges their network expertise... clears throat and proceeds to ask his question...		19:31
davygravy	not ubuntu-server oriented specifically, but was referred here after visiting ubuntu channel	19:31
davygravy	I've got a bootloader on an embbedded/NAS device that will only boot if it can ping & get a response from a specific (hardcoded) ip addy	19:33
=== dendrobates is now known as dendro-afk
davygravy	what console utility (cli) will send a spoofed response to it, spoofing that ip?	19:34
jmarsden	davygravy: Just add that IP as an alias on one of your existing network interfaces; the network stack will respond to pings, not any cli tool :)	19:37
davygravy	hmmm... the hardcodded ip addy belongs to a dev machine ... which because it is powerhungry 700W beast, is turned off frequently	19:38
jmarsden	Then change the dev machine to use some other IP and then proceed as I suggested :)	19:39
davygravy	dev machine provides a tftp server that sends initrds to the embedded devices when their drives die, allowing them to go into an emergnecy/maintenance mode	19:40
jmarsden	davygravy: Either use that "dev machine" as a tftp server and leave it on 24x7, or migrate that tftpd function to some other less power guzzling machine that you leave on 24x7 -- either it is a server that can be expected to be around, or it is not, you can't have it both ways :)	19:42
davygravy	tftp server addy is hardcoded, as well, into the bootloaders	19:42
davygravy	yeah, the router runs uclibc optware, so I should be able to migrate stuff to it	19:42
jmarsden	davygravy: hack the bootloaders to use DHCP or BOOTP, maybe, to get that tftp server address dynamically? Hard coding things like that is ... not pretty.	19:44
davygravy	thanks, jmarsden- I'm thinking that I can go in and tinker w/ nvram maybe... maybe not-so-hard-coded	19:46
davygravy	thanks for the chance to bounce ideas ;)	19:46
davygravy	the router can run netcat/nc (so I can manipulate the boot process via netconsole), as well, so problem might be solved	19:48
jmarsden	davygravy: You're welcome :)	19:54
storz	I have a bit of an easy question but I have a feeling that there is alot more to it than just this.	19:55
storz	I'm following the guide https://help.ubuntu.com/10.04/serverguide/C/postfix.html	19:55
storz	What would be my imap username, server, and password?	19:55
jmarsden	storz: (a) if you are running imap on your own server, you should know what your own username, password and hostname are ; (b) if you use IMAP provided by an ISP, ask them for that info :)	19:56
jmarsden	storz: IMAP is not something provided by postfix, btw, so you might be a little confused?	19:56
uvirtbot`	New bug: #743280 in samba (main) "Folder-watching is broken" [Undecided,New] https://launchpad.net/bugs/743280	19:57
storz	@jmarsden: I'm running it myself. I've installed dovecot as per that guide so imap should be working, correct? And yes, I am incredibly confused. This is my first go at a mail server.	19:59
storz	assume that my username would be the username I set up (storz@mydomain.com) and my password. But I'm getting password mismatch errors when I attempt to connect in my mail log.	19:59
storz	Mar 26 12:47:16 ve dovecot: auth-worker(default): pam(storz@ve.7hnjx2yh.vesrv.com,127.0.0.1): pam_authenticate() failed: Authentication failure (password mismatch?)	19:59
jmarsden	storz: Unless you are using virtual domains in some way, your username is probably storz, not storz@mydomain.com	20:00
jmarsden	BTW this is about dovecot, not postfix, see the log line you just posted :)	20:00
Jasonn	How do i install KLIPS support on ubuntu server?	20:02
storz	jmarden: are you referring to apache's virtual domains? If so then yes, I am using them.	20:02
jmarsden	storz: No, I am referring to dovecots virtual domains, because it is dovecot you are authenticating to :)	20:02
jmarsden	storz: Can you just telnet localhost imap and then type in .login storz yourpassword and see what happens ?	20:03
jmarsden	Oh, that should be . login storz yourpassword	20:04
jmarsden	(with a space between the . and the login)	20:04
jmarsden	Jasonn: I don't really know, but ipsec tncfg may help, see http://manpages.ubuntu.com/manpages/lucid/man8/ipsec_tncfg.8.html	20:06
Jasonn	thanks	20:11
jmarsden	Jasonn: You're welcome	20:11
Jasonn	Do you have any idea of how to install it?	20:12
Jasonn	Or better yet	20:12
Jasonn	could you explain to me like a 5 year old how to install a vpn?	20:12
jmarsden	Jasonn: sudo apt-get install openswan	20:12
jmarsden	If you need "like a 5 year old", why are you asking about KLIPS >	20:13
Jasonn	Because	20:13
Jasonn	it sais that KLIPS support is not installed	20:13
jmarsden	Step back and ask your real question. What are you trying to do? What devices or computers will be at each end of the VPN tunnel?	20:13
Jasonn	My server on one end	20:15
Jasonn	and my desktop on the other	20:15
Jasonn	and my cellphone too	20:15
storz	jmarsden: Got it. Thanks. No, I can't. I get NO (AUTHENTICATIONFAILED) Authentication failed.	20:15
davygravy	jmarsden: thanks, I think I found the solution I was originally looking for ... icmpush ... will build this w/ my Buildroot/uclibc toolchain & try it that way. In any case, thanks for your advice & insight.	20:15
storz	Hold on. Could it be that I have my dovecot installed incorrectly?	20:16
storz	Postfix definitely is correct as I can receive email no problem. Perhaps my dovecot is not reading my email database for logins?	20:16
jmarsden	storz: by default dovecot uses the unix password database	20:16
jmarsden	storz: That is why I said you should know your own username and pw earlier on :)	20:16
* davygravy waves goodbye to nice, friendly people		20:16
jmarsden	davygravy: You're welcome	20:16
Jasonn	jmarsden:	20:17
storz	@jmarsden: That would do it. I've been assuming that it would connect to my mysql db and work with it. Do you know if dovecot has this functionality (but needs to be enabled I guess)?	20:17
jmarsden	storz: You can make it use whatever back end db you need, I think by editing its pam config file under /etc/pam.d/ but there may be other ways too	20:18
storz	Jmarsden: Thank you! I tried using my unix account and it is working perfectly. Thats what I was missing. I'll see if I can't get it to worth with mysql now.	20:19
jmarsden	storz: You're welcome	20:19
Jasonn	How can i remove all package i have installed?	20:21
Jasonn	only the ones i installed	20:21
jmarsden	Jasonn: sudo apt-get purge PACKAGENAME1 PACKAGENAME2 ... PACKAGENAME99	20:22
jmarsden	Do you know which ones you installed?	20:22
Jasonn	no	20:22
jmarsden	You may be able to read /var/log/dpkg.log to figure that out.	20:22
Jasonn	Hm	20:22
Jasonn	Thanks:)	20:23
jmarsden	You're welcome. Lesson to learn: make notes as you configure a server, documenting what you do and why. It makes reverting changes easier. (Of course, having good backups is another way to deal with this!)	20:23
jmarsden	Jasonn: if you used apt-get you can also look in /var/log/apt/history.log	20:25
Jasonn	Ok i got it	20:26
kees	anyone ever noticed thunderbird + dovecot sucking HUGE bandwidth?	20:28
Jasonn	no	20:28
ScottK	kees: I read that first time through as "anyone ever noticed thunderbird sucking?" and thought, "Duh."	20:29
ScottK	:-)	20:30
Jasonn	jmarsden: Dont really know if this is your area of expertise, but is there a better client to use on ubuntu desktop to connect to VPNs??	20:30
jmarsden	kees: After upgrading to TB 3, its default options changed to sync everything locally (or something like that), I had that issue until I figured it out and told it not to do that...	20:30
jmarsden	Jasonn: Have you tried openvpn? https://help.ubuntu.com/10.10/serverguide/C/openvpn.html	20:31
Jasonn	No, i mean a client	20:31
jmarsden	Jasonn: You want a pretty GUI wrapper? No, I don't know what to suggest for that, sorry.	20:32
Jasonn	Ok	20:32
Jasonn	thanks :)	20:32
slim_	hi, any recommendation for a sip server that can integrate with MS OCS ?	20:34
kees	ScottK: heheh	21:02
old_keyboard	wazzup	21:37
uvirtbot`	New bug: #743322 in awstats (main) "Man page for awstats-update installed in the wrong place" [Undecided,New] https://launchpad.net/bugs/743322	21:42
zertyui	hello there	21:55
zertyui	anyone know about postfix ?	21:55
=== dendro-afk is now known as dendrobates
old_keyboard	I dont	22:02
DrDetroit	jmarsden was helping me get it set up, but i think he is away atm	22:03
DrDetroit	i wonder if i can somehow migrate my old iptables setup my new ubuntu 10.04 server	22:04
old_keyboard	DrDetroit: cant you copy them?	22:09
old_keyboard	sudo iptables -L	22:09
DrDetroit	old_keyboard: my old iptables rests on a rh7.3 machine, so even though it's iptables was taken years ago from a debian machine, I was not sure it would work	22:10
DrDetroit	On may old machine, we had a file called iptables and in it were all the rules	22:11
=== dendrobates is now known as dendro-afk
DrDetroit	old_keyboard: according to the manual I think i can just take my old rules and copy them as /etc/iptables.rules onto the new machine	22:22
old_keyboard	ok :)	22:23
DrDetroit	of course removing anything that is not a rule	22:23
old_keyboard	If I change /etc/motd does it update the system info after a kernel update?	22:40
old_keyboard	On Ubuntu systems, /etc/motd is typically a symbolic link to /var/run/motd.	22:47
Jasonn	Hey, i wanna run a web proxy on my server, how do i do this?	22:57
old_keyboard	Ithink you need squid	23:00
Jasonn	No, i want a webproxy not a proxy server	23:01
old_keyboard	hm	23:01
old_keyboard	try https://help.ubuntu.com/10.10/serverguide/C/	23:02
old_keyboard	change link if not maverick	23:03
old_keyboard	Is ifup and ifdown the same as ifconfig ?	23:05
DrDetroit	no	23:05
old_keyboard	I mean the function	23:06
DrDetroit	ifup (interface) or ifdown (interface) turns on or turns off the specified interface	23:06
DrDetroit	ifconfig configures an interface	23:07
DrDetroit	or gives you a report on one	23:07
DrDetroit	ie ifconfig eth0 should show you the relevant information for that interface	23:07
DrDetroit	see man ifconfig	23:07
old_keyboard	DrDetroit: sudo ifconfig eth0 up	23:08
old_keyboard	sudo ipup eth0	23:08
old_keyboard	looks the same	23:08
DrDetroit	i switch to root when i want to do something so i dont use sudo	23:08
DrDetroit	sorry	23:08
old_keyboard	lol	23:09
old_keyboard	DrDetroit: forget the sudo look at the commands	23:09
old_keyboard	I think they do the same thing.	23:09
DrDetroit	maybe ipup and ifup are the same, but i dont think ipup and ifconfig are the same	23:10
DrDetroit	and it very well may give the same results	23:10
DrDetroit	i never use ifup or ifdown or any of that stuff	23:10
DrDetroit	i like my stuff to stay on all the time	23:11
DrDetroit	<---simple minds require simple stuff	23:11
old_keyboard	:D	23:11
DrDetroit	I am new to ubuntu server, I have mostly run debian and before that FreeBSD and Redhat in the old days	23:12
old_keyboard	k	23:13
=== dendro-afk is now known as dendrobates
old_keyboard	I am running ntpd how do I know if ntpdate is running at boot?	23:31
old_keyboard	i just want ntpd	23:31
=== dendrobates is now known as dendro-afk
old_keyboard	anyway i just purged ntpdate.	23:50
qman__	ntpdate is in the default install	23:51
qman__	in order to provide good time the server must get its time from a reliable source	23:52
qman__	when you install ntpd, things get configured the right way for it to work	23:52
=== quentusrex_ is now known as quentusrex
old_keyboard	qman__: yes i use ntp	23:54
old_keyboard	and i use a server near me	23:54
qman__	ntpdate is the tool that retrieves the time	23:55
qman__	ntpd is the service that provides it	23:55
old_keyboard	o.o	23:57
old_keyboard	qman__: they are different things	23:57
old_keyboard	for the same purpose	23:57
old_keyboard	get time from internet	23:57
old_keyboard	but ntpd is more accurate	23:57
old_keyboard	correct me if i am wrong	23:57
old_keyboard	https://help.ubuntu.com/10.10/serverguide/C/NTP.html	23:57
old_keyboard	"Ubuntu has two ways of automatically setting your time: ntpdate and ntpd. "	23:58
qman__	it isn't more accurate	23:59
qman__	it just adjusts it smoothly and constantly	23:59
qman__	your time is only as accurate as the time source	23:59

Generated by irclog2html.py 2.7 by Marius Gedminas - find it at mg.pov.lt!