/srv/irclogs.ubuntu.com/2011/03/27/#ubuntu-server.txt

old_keyboardlol ofc00:00
aliveriusis it possible that many pcs access the same nfs share withou;side effects?00:00
old_keyboardbut those ntp servers are accurate.00:00
qman__aliverius, that's sort of the entire point of nfs00:00
aliveriusgreat cause i need to  share data between a kvm host and guest00:01
old_keyboardqman__: I just dont understand why ntpd listen at UDP port 12300:09
old_keyboardto get time (duh)?00:10
old_keyboardI dont to run it as a server00:10
old_keyboarddont want00:10
=== smoser` is now known as smoser
qman__ntpd serves time on that port00:11
qman__if you don't want others accessing it, block it in your firewall00:11
old_keyboardbut i dont want to serve00:11
old_keyboardI did.00:11
old_keyboardqman__: so I can use my machine as server even that i get that time from other sv?00:12
qman__that's how ntp works00:12
qman__you get time from class 2, 3, 4 servers depending on your configuration00:12
qman__your ntpd then becomes one class above that00:13
old_keyboardnice :)00:13
old_keyboardbut there should be an option to listen00:14
qman__and each link in the daisy chain is one class higher, until 1600:14
old_keyboard:x00:14
qman__16 is considered totally unreliable00:14
old_keyboardto close listen port00:14
old_keyboardi meant00:14
old_keyboardyeh00:14
qman__most people who run ntpd run it to provide network time00:15
qman__as ntpdate is good enough for 99%00:15
old_keyboardi run it to get time00:15
old_keyboard:p00:15
qman__the other 1% can block it in the firewall00:15
old_keyboardk00:15
Patrickdkhmm, the default ntp config doesn't serve time00:18
qman__IIRC, it doesn't serve time, but it still listens on the port00:19
qman__and simply rejects any requests00:19
Patrickdkya, cause port 123 is much more than just receive/send time00:19
Patrickdkit's also the control interface and stuff00:19
Patrickdkif your paranoid about it listening on port 123, use ntpdate00:20
old_keyboardPatrickdk: :D00:20
Patrickdkjust make sure you script it properly00:20
old_keyboardno im paranoid00:20
old_keyboardi just block 123 port00:20
* Patrickdk runs a pool server :)00:20
old_keyboardPatrickdk: if default ntp config doesnt act as server there's not secutiry risk then00:21
PatrickdkI dunno what happened, but been getting flooded with ntp requests from china for the last month00:21
Patrickdkthere is always a security risk00:21
Patrickdkand it does act as a server00:21
old_keyboardddos00:21
Patrickdkjust cause it doesn't respond00:21
Patrickdkdoesn't mean someone won't find a vaunerability00:21
old_keyboardok00:21
Patrickdkit's just the likelyhood is even less00:22
old_keyboardthanks for clarifying my doubts00:22
* Patrickdk has never been scared though of it00:23
old_keyboardconfig shows00:23
old_keyboard# By default, exchange time with everybody, but don't allow configuration.00:23
=== justin__ is now known as jMyles
Patrickdkhmm?00:24
old_keyboardrestrict -4 default kod notrap nomodify nopeer noquery00:24
old_keyboard./etc/ntp.conf00:24
Patrickdknoquery makes it not let other people request time00:24
old_keyboardrestrict 127.0.0.100:24
old_keyboardonly at localhsot right00:24
Patrickdkallow everything on localhost00:24
old_keyboardoh00:24
old_keyboard# Local users may interrogate the ntp server more closely.00:25
old_keyboardand how I do that?00:25
Patrickdkhttp://support.ntp.org/bin/view/Support/AccessRestrictions00:25
Patrickdkyou want to allow local access?00:25
old_keyboardno just get time00:25
Patrickdkrestrict 192.168.0.0/16 default nomodify notrap nopeer00:25
old_keyboardPatrickdk: ok it means that i can access it from subnet00:26
Patrickdkoh that isn't right00:26
old_keyboard# If you want to provide time to your local subnet, change the next line. # (Again, the address is an example only.) #broadcast 192.168.123.25500:26
Patrickdkrestrict 192.168.0.0 mask 255.255.0.0 notrap nopeer nomodify00:26
Patrickdkis what I'm using00:26
old_keyboard0.0?00:27
Patrickdkhmm, ya00:27
old_keyboardshould I  disable restrict 127.0.0.1 restrict ::100:28
old_keyboard?00:28
old_keyboardwith #00:28
Patrickdkwhy?00:28
old_keyboardi dont want anyone to access it00:28
Patrickdkyou don't trust your own machine it's running on?00:28
old_keyboard:)00:28
Patrickdkif you do, ntpq and stuff won't work00:28
old_keyboardah k00:28
Patrickdkyou could always password restrict it00:29
old_keyboardPatrickdk: restrict -4 default kod00:29
old_keyboard-4 is for ipv4?00:30
Patrickdkya00:30
old_keyboardand default and kod?00:30
Patrickdkkiss of death00:30
Patrickdkit won't do really anything, without the limit option00:30
Patrickdknot sure about default :)00:30
Patrickdknever really use it myself00:30
old_keyboarddefault is to listen all adresses maybe00:30
Patrickdkno00:31
old_keyboardOH00:31
old_keyboardBy default, exchange time with everybody, but don't allow configuration.00:31
old_keyboardso if i want to configure need to remove default00:31
old_keyboardPatrickdk: so i just need restrict 192.168.0.0 mask 255.255.0.0 notrap nopeer nomodify00:31
old_keyboardand to open 123 port in router?00:32
Patrickdkif your subnet uses 192.160.x.x00:32
old_keyboardand soft firewall00:32
Patrickdk192.168.x.x00:32
old_keyboardyea00:32
old_keyboardgot it00:32
old_keyboardPatrickdk: and i only want the router00:33
old_keyboardI put its IP?00:33
AtomhunterHey how do you select multiple software packages to install when installing ubu server?00:33
old_keyboardrestrict 192.168.1.69 mask 255.255.0.0 notrap nopeer nomodify00:33
old_keyboardfor example00:34
old_keyboard?00:34
Patrickdkwhy the odd restrict ip?00:36
old_keyboardPatrickdk: if router is 192.168.0.100:37
old_keyboardI use that IP?00:37
old_keyboardwhy did u use 0.0 as example?00:38
old_keyboardis it like wildcard?00:38
Patrickdkcause anything that is a 0 in the netmask is pointness to define in the ip00:38
Patrickdkand lots of programs will bomb out if you do00:38
old_keyboardbomb out?00:38
Patrickdkcause mine was *correct* and yours is, odd :)00:38
Patrickdkcrash, syntax error, fail, ...00:39
old_keyboardPatrickdk: i just want the router to access the sv00:39
old_keyboardso i just put router ip00:39
old_keyboardis that correct?00:39
PatrickdkNO00:39
old_keyboardor i use my local ip00:39
old_keyboard?00:39
PatrickdkNO00:40
old_keyboardNO00:40
Patrickdklearn how ip subnets work00:40
old_keyboardtell me teacher00:40
Patrickdkgoogle, ip subnet00:40
old_keyboard:D00:40
* old_keyboard reading in is native language00:41
old_keyboardClass C00:43
old_keyboardB in that case00:44
Patrickdkignore anything talking about classes00:44
old_keyboardB 10 128.0.0.1 191.255.255.254 255.255.0.0 /1600:44
old_keyboardit's kinda advanced00:45
old_keyboardPatrickdk: I found this config on a site http://forums13.itrc.hp.com/service/forums/questionanswer.do?admit=109447627+1301185010084+28353475&threadId=135709400:48
old_keyboardrestrict default ignore restrict 127.0.0.1 restrict your.ntp.server00:48
old_keyboardand in here http://www.debianadmin.com/ntp-server-and-client-configuration-in-debian.html they say to use restrict 192.168.1.0 mask 255.255.255.0 nomodify notrap00:51
Patrickdkman, you really can't be bothered to learn what anything does?00:52
Patrickdkjust blindly follow whatever anything tell you to do?00:52
old_keyboardi am learning00:53
old_keyboardyou say something other ppl say something different00:53
old_keyboard:)00:53
PatrickdkI told you exactly what you wanted00:53
Patrickdkthose are generic00:54
Patrickdkand the first one has nothing to do with anything you want00:54
old_keyboardok00:54
old_keyboardrestrict 192.168.0.0 mask 255.255.0.0 notrap nopeer nomodify00:54
Patrickdkyou could remove the nopeer if you want00:54
old_keyboardgonna get hacked :(00:54
Patrickdkwhy?00:55
old_keyboardwhat is the nopeer00:55
old_keyboardoption00:55
old_keyboardno connections?00:55
Patrickdkyou shouldn't allow anyone using a 192.168.x.x network range on your network00:55
Patrickdkit's for when two ntp servers agree to talk to each other00:55
Patrickdkthey can use each other as clients or servers00:55
old_keyboardso i remove that I could mess it up00:55
Patrickdkno00:56
old_keyboardhm00:56
old_keyboardok00:56
Patrickdkit means another ntp server on your network could become the source of time00:56
Patrickdkand if that person is screwing with you00:56
Patrickdkcould theoredically cause your server to get bad time00:56
old_keyboardnice00:57
old_keyboardPatrickdk: and restrict 127.0.0.1 is for unlimited access00:58
old_keyboard?00:58
Patrickdkya02:00
old_keyboardsee i've learned something new today02:00
old_keyboardthen sudo service ntp restart02:01
old_keyboardPatrickdk: what about the -4 and -6 should I remove it?02:02
Patrickdkdoubt it matters, dunno02:02
old_keyboarddoesnt make a difference since i only use ipv402:02
PatrickdkI haven't bothered02:02
old_keyboardk02:02
Patrickdkthe ORDER in the file matters a LOT though02:03
old_keyboardk02:03
old_keyboardi comment out those 2 lines and add restrict 192.168.0.0 mask 255.255.0.0 notrap nomodify02:03
Patrickdkso now your open to everyone?02:04
old_keyboardnot yet02:04
Patrickdkwell, if you commented out the restrict default lines02:04
old_keyboardbut added restrict 192.168.0.0 mask 255.255.0.0 notrap nomodify02:04
Patrickdkjust add the restrict 192.168.0.0 line AFTER those02:04
old_keyboard#restrict -4 default kod notrap nomodify nopeer noquery #restrict -6 default kod notrap nomodify nopeer noquery02:04
Patrickdkya, so now since no one is restricted by default :)02:05
old_keyboardgonna get hax00red02:06
Patrickdkor maybe it doesn't02:07
Patrickdkbut that never opened it up for me02:07
Patrickdkprobably have lots of other things going on with my config, cause it's a few hundred lines long02:07
old_keyboardso im open to my subnet02:08
old_keyboardand the rest of the world if i forward port in router02:08
old_keyboard?02:08
old_keyboardall the options here http://www.eecis.udel.edu/~mills/ntp/html/accopt.html02:12
shaggy2hello people. I need assistance with changing the IP addess of my ubuntu server, I have obtained a seet of ip's from my isp and have them running on the network, I just checked the ip of the server and it's still runing the old one, how to I change it?02:35
Atomhunterthat is a google-able question02:36
shaggy2the current ip is 192.168.0.8 and I need to change it to *.*.*.139 (the * rep the puplic ip)02:36
* patdk-lap still doesn't get why people bother hiding ip addresses02:36
patdk-lapthey are *public* knowledge, and of a small enough space to *guess*02:36
shaggy2so I can't help on this item in the ubuntu-server HELP channel?02:37
old_keyboarduse a VPN02:37
patdk-laptechnically, the answer is simple, edit /etc/network/interfaces02:37
shaggy2last time i sent a public ip here I ended up with DOS attacks02:37
patdk-lapbut the question you didn't ask, and can't do much about really is02:37
patdk-lapyou have to change the config of all your programs also02:37
shaggy2that I can get help from the program website, as it's one master program that changes everything, just wont do the eth ip02:38
patdk-lapthey overloaded your internet connection?02:38
shaggy2yes02:39
shaggy2ok it seems that the ip address is obtained automaticly, how do I do a release renew in ubuntu-serer?02:40
shaggy2the interface is eth102:40
patdk-lapyou run a server via dhcp?02:41
shaggy2I set static via the router. but I need to get the ip on the server first02:41
shaggy2it hasn't failed me yet02:41
Atomhunterifconfig -a will show you its address02:42
patdk-lapdoes the router have a public ip?02:42
patdk-lapand it's going route that public ip into the same network your mixing private ip?02:42
patdk-lapand you have no issue with that?02:42
Atomhunteri don't know if he realizes the issue....02:43
shaggy2all devs on my network will be running the public ip addresses02:43
shaggy2I have firewalls on all systems02:43
Atomhunter*facepalms hard*02:44
shaggy2are firewalls not good enough02:44
Atomhunterno, you want to subnet public from private02:44
shaggy2how do I do that?02:45
Atomhunterwhat type of routers do you have?02:45
shaggy2netgear02:45
patdk-lapmodel numbers :)02:45
shaggy2dg834g02:45
shaggy2but it will be changing02:45
Atomhunterserial numbers...02:45
shaggy2u need that for?02:46
patdk-lapoh, home system crap02:46
shaggy2you cant get the info on the model?02:46
Atomhunternvm.... I didn't realize that was model...02:46
Atomhunteryea... your need more commerical system... I'm using a home system netgear... so wish i could stick a different firmware on it02:46
shaggy2I can get the serial number if you need it02:46
Atomhunterno need02:47
shaggy2ok recomend?02:47
Atomhuntersomething you can flash pfsense onto...02:49
Atomhunteryeah I can't recommend somethign... I'm only a security student atm...02:52
shaggy2oh ok. sorry guys I am new to this type of networking02:52
Atomhunterget shoved into a sys admin role?02:53
shaggy2not really, I am starting a hosting company, so learning on the fly BEFORE I get customers02:54
Atomhunterooohhh... erm... whats your computer knowledge?02:55
DrDetroitshaggy2: how are you connected to your isp? dedicated line?02:55
shaggy22 decicated lines02:55
DrDetroitok02:55
DrDetroitJust configure each machine on your network with a different ip from the range you have been assigned02:56
shaggy2I have 2 ADSL2+ connections atm, first in line when fiber comes into my town (if your from australia then you'll know what I am on about if not the lookup the Australian NBN)02:56
DrDetroithaha i live in Arkansas, we just retired the  tin can and string02:57
DrDetroitI assume you have a router on each line02:57
shaggy2so on a system that I don't want on the public network, I just set for eg 192.168.0.3 on the same subnet as the public systems?02:57
Atomhunteri live in south dakota... we still have pony express02:57
DrDetroitrouter---->main box----->switch---->rest of the boxes02:57
DrDetroitthe main box can do  your firewalls and nat02:58
Atomhunter*cough* pfsense02:58
DrDetroithehe ok02:58
DrDetroiti will be quiet now02:58
Atomhunteroh hey... keep going :_02:59
AtomhunterI was just suggesting using pfsense02:59
shaggy2both modem are going into a linux box that goes to a router all in the main room, then in my server room trunk cable (5 line) into a switch then into 3 systems and a server02:59
DrDetroitsounds like you know what your doing, I will be quiet03:00
shaggy2everything runs from the main modem, the 2nd only kicks on on reduncy03:00
Atomhuntermake sure to test that it'll kick in aka unplug the main, so you don't discover its not working03:01
shaggy2already done, I do a weekly test03:01
shaggy2the router after the linux box in the dg834g03:02
DrDetroitI run my network as i showed above03:02
Atomhunteri'll be quite now too... look up some linux sys admin/network admin books if you need to look into subnetting and stuff03:02
DrDetroitmy main box has the public ip the rest are private03:02
DrDetroitmain box does firewall, nat, web and mail but mostly just tosses packets around03:02
shaggy2well thats how I had it before, but had to make changes so I can run a DNS server03:02
Atomhuntermine is schools network -> crapy router -> switch -> boxes03:02
shaggy2that is what got me unstuck03:02
DrDetroitjust put the dns server on the main box also03:02
shaggy2I could view all domians on my network, but the people that was outside couldn't get to see them cause it was directing to local address's03:03
old_keyboard123/tcp closed ntp03:03
old_keyboardshouldn't it respond as open03:04
old_keyboard?03:04
DrDetroitif you are hosting other folks then i would assume you would have those boxes with public ip's also03:04
DrDetroitso that they can get to them03:04
shaggy2well I only had 1 pub ip untill today03:04
DrDetroitstill the configuration i gave you will do that too03:04
DrDetroitnod03:04
shaggy2so anyways back to changing the ip on the ubuntu server03:05
shaggy2I can manualy set it03:05
DrDetroitsure03:05
shaggy2just need someone to tell me how03:05
patdk-lapthis is much more of an issue than that03:05
patdk-lapyou need to resign your whole network03:06
DrDetroithttp://www.howtogeek.com/howto/ubuntu/change-ubuntu-server-from-dhcp-to-a-static-ip-address/03:06
patdk-lapand I don't think that *router* you have will let you do it03:06
shaggy2well this is the only thing that "NEEDS Static"03:06
shaggy2it's allready done, I was on the phone with netgear support for 3 hours having them telling me that it wont do it, and then after 3 hours saying do this and this and this and now it works03:07
DrDetroitdont forget to make a backup before you edit the file03:07
shaggy2paid them $89.95 for them to tell me to buy a new mobem, only to then turn around after abusing them then it now works03:07
DrDetroitmy advice is worth what you paid for it03:08
DrDetroithehe03:08
DrDetroittake a look at that artice, it should fix you up03:08
shaggy2sweet thank you, but how do I make a backup of that file?03:08
Atomhunterhey how can i see if my raid is mounted or not?03:09
DrDetroitcp filename filename.original03:09
DrDetroitalso make sure you look at the comment from03:09
DrDetroitNickname007 and do that too03:10
KMFrogcould also set static dhcp per mac03:10
DrDetroitotherwise you wont have any name resolution03:10
DrDetroithope that helps03:10
* patdk-lap still wonders how using a static ip inside the nat part of that router will work03:11
KMFrogshaggy2 you hosting webservers?03:16
DrDetroitshaggy2: if your changes dont work you can always cp filename.original filename and be back where you started03:19
Atomhunterformatting my server's 1.5tb raid... zeroing... omg... so much time...03:23
tonyyarussoWhat does the automatic generation of /etc/ssl/private/dovecot.pem?04:58
lookin_for_MBhi05:10
lookin_for_MBDo you know a good website to search mother board model?05:11
uvirtbot`New bug: #683591 in sensors-applet (universe) "sensors-applet randomly picks up duplicates" [Undecided,Invalid] https://launchpad.net/bugs/68359105:17
lookin_for_MBhm05:17
jmarsdentonyyarusso: The postinst maintainer script in the dovecot-common package05:35
tonyyarussojmarsden: Ah.  Is there an easy way to re-run it (to change the hostname), or do I have to walk through things manually?  (The primary system hostname is johnmarty.org, but I want Dovecot's certificate for mail.johnmarty.org)05:37
jmarsdenI'm not sure.  Look at /var/lib/dpkg/info/.dovecot-common.postinst and maybe you can copy it somewhere, edit that script to do just the certificate generation, and run your modified copy?05:37
tonyyarussoseems reasonable05:38
jmarsdenMake that   /var/lib/dpkg/info/dovecot-common.postinst05:38
tonyyarussojmarsden: I ended up having to do a bit more than that, but got it now.06:33
uvirtbot`New bug: #743484 in nut (main) "libupsclient.pc contains unresolved symbols" [High,Confirmed] https://launchpad.net/bugs/74348407:42
shaggy2hello09:46
shaggy2anyone know anything about frame routes. or where I can get help09:46
shaggy2Atomhunter: are you there?10:08
DrDetroitshaggy2: how did changing to a fixed ip go?10:09
shaggy2not goot10:10
shaggy2all ips are done10:10
DrDetroitwhy?10:10
shaggy2but my router dun support framed routes10:10
shaggy2fucken netgear10:10
DrDetroitah10:10
shaggy2lookin for a decent router that will do it, was pointed at cisco10:10
shaggy2it's a shame10:11
shaggy2the netgear dg834g has been in use for about 4 years now across heaps of different isp's, and this is the first time it hasn't been able to do something10:11
DrDetroitsorry to hear that10:12
shaggy2it is gunna be a sad day to see it go10:12
shaggy2never missed a beat10:12
air^no matter how good it was, it's no good once it fails to keep up. :)10:13
shaggy2had a problem connecting once my ISP said I need a new modem, I said no check everything else first, thats when they found out the my line was pulled from the ADSL socket in the exchange10:13
shaggy2how dodgy is that10:14
shaggy2so can anyone recomend a router for me10:16
DrDetroitcant your isp recommed what you should be using?10:17
air^shaggy2: so, you'r looking at an adsl modem + router combined?10:18
shaggy2yeah10:18
air^I've never liked that combo, rather have a bridged adsl modem than wont messup + standalone router.10:18
shaggy2dun have to be, I do have a dlink adsl2+ that I can use10:19
air^currently I use a bridged zyxel + apple's time capsule, howeverm the timecapsule is not that great.10:19
air^the bridged zyxel on the other hand doesn't fuck up. it just does it's thing. :)10:20
shaggy2cool10:20
shaggy2I just need something that supports framed routes... I have never played with this before so it's all new to me10:21
air^(this is the cheapest basic version of the zyxel adsl modem, just one port in, one out, and in bridged mode, basically all it's features are disabled and can't break)10:21
air^but I know nothing about framed routes, so can't recommend anything there. :/10:22
shaggy2lol same with my ISP who sell them10:22
air^afk. gott go get my house built. :)10:24
shaggy2lol10:24
air^seriously.10:24
air^it ain't gonna build itself. :)10:24
shaggy2lol10:31
kickarhey guys, i am having a bit of a problem with apache displaying php errors in browser, I have set my my php.ini varialbles to display errors10:38
lenioswhat's the problem kickar ?10:56
kickarlenios,  hi, I can't get php error message displayed in browser10:56
kickarif there is an php error i get either plain white screen either10:56
kickar"The page you are trying to view cannot be shown because it uses an invalid or unsupported form of compression."10:56
KMFrogkickar what browser10:59
kickarKMFrog,  every well know browser11:00
kickarIE, Mozilla, CHrome11:00
KMFrogthey all say that exact thing?11:00
kickaryes error 330 Error content decoding failed11:00
kickaron my gentoo machine displayes mysql conn. error11:01
kickari believe it is php/apache related issue11:01
KMFrogcan you wget / telnet it to see the raw output?11:01
kickarKMFrog,  yes I can11:02
kickarit says "Warning: mysql_connect(): Unknown MySQL server host 'http' (1) in /var/www/qa-db.php on line 50"11:02
KMFrogyou doing your own compression?11:02
KMFrogin php11:03
kickari have tried to install a cms11:03
kickarhave you seen that before11:04
KMFrogah, ok, CMS is maybe trying to do its own gzip compression and its all failing because of the error11:04
KMFrogyou will need to remove the http:// from your config i would guess by that message11:04
KMFrogif its http://localhost it needs to be localhost11:04
KMFrogfor the db address11:04
kickarKMFrog,  i am not trying to fix this particular issue, I am trying to get apacge to show11:05
kickarthe error in browser11:05
KMFrogthe CMS probably says its a compressed page, but then the error is in plaintext so the browser dies11:05
kickarit is the same on the test script that i wrote11:07
kickarKMFrog,  do you have any idea?11:08
KMFrogfixing the mysql error11:09
kickarI mean at all11:09
kickarcheck http://otgovorimi.com11:09
kickarthis is the ubuntu server11:09
kickarthis is the gentoo machine11:10
kickarhttp://dhwebservices.com/web/11:10
kickarit is the same script11:11
shaunooh that's odd.  your first url has something in the first four bytes which kills my browser11:12
kickarshauno,  they are the same script11:13
kickarthe first is ubuntu server11:13
kickarthe second one is gento11:13
kickargentoo*11:13
shaunothe good page starts ef bb bf  .. and then into the html.  the bad one has an extra byte, ef bb bf 0a ...11:13
kickarshauno,  maybe I have miskaten something in php / apache configuration11:14
kickarKMFrog,  welcome back11:15
KMFrogsrry, client died -_-11:15
kickardid you get my last 2 lines ?11:15
kickarubuntu server: http://otgovorimi.com11:15
kickargenoo server: http://dhwebservices.com/web/11:15
kickarthe same script11:15
kickarthe same error11:15
shaunooh, 0a's just a linefeed.  I've no idea why that's making any difference11:15
kickarmaybe apache conf?11:16
KMFrogkickar I would say its a case of the CMS not handling errors very well, if you fix the error it will probably work11:18
KMFrogwhat cms is it11:18
kickarKMFrog,  the same with WP, Joomla, and so on11:18
kickarit is some free q&a cms11:18
kickarjust for testing11:19
kickarmy goal is not to fix this particular error, but to fix apache11:19
KMFrogapache is probably ok11:19
KMFrogit looks like php issues11:19
kickarmaybe i have missed a module11:21
lenioskickar, try to do a test page in php and see if errors are displayed11:21
kickarwhat php modules I should install to have a good production enviroument11:21
KMFroggood test page:   <?php phpinfo(); ?>11:22
KMFroganyname.php11:22
lenioserror page: <?php echo 'test'.'not ended; ?>11:22
leniosi might have a syntax error besides the missing quote11:23
kickarhttp://otgovorimi.com/info.php11:24
KMFrogworks fine11:24
kickarhttp://otgovorimi.com/error.php11:25
kickardisplays the error fine now11:25
KMFrogmakes me think again that CMS is not dealing with errors very well11:25
lenioscms related, yes11:25
kickarKMFrog,  but what about the other url?11:26
kickarthe are both the same script on different systems set the same way11:26
KMFrogkickar if error.php is <?php echo 'test'.'not ended; ?>  .. then its normal it wont work :p11:26
kickari mean about11:27
kickarfor example i have set up a wp here11:27
lenioscan you give phpinfo(); for both servers?11:27
kickarjust a second11:27
ikoniakickar: have you asked the guys in #wordpress as I suggested11:29
ikoniakickar: you seem to be repeating the same question as in #ubuntu11:29
kickarikonia,  just looking for an answer11:29
kickari have asked in #php as well11:29
ikoniakickar: did you ask the guys in #wordpress who I told you HAD the answer and explained it to me11:29
kickarikonia,  their solution is adding a ling in .htaccess to show error, but this is not going to fix my entire server11:30
kickarhttp://dhwebservices.com/info.php11:30
kickarlenios, here is the gentoo one11:30
leniosmaybe it's just not your server11:30
KMFrogwas the .htaccess line to disable gzip?11:30
ikonialenios: it's not a server issue11:31
kickarlenios,  i have had the same issue with WHMCS, Joomla!, Wordpress etc.11:31
ikoniamy RHEL and Fedora machines to it too, it's how PHP clasifies errors11:31
ikoniathe guys in ##php should be able to explain this, and the guys in #wordpress explained this to me approx 2 days ago11:31
leniosmy error test page is displayed as expected, anyway11:32
ikoniathe settings in the php.ini need to be set a certain way, it's not just enabling logging and restarting11:32
kickarikonia,  thet gave me that link now:  http://codex.wordpress.org/User:Sivel/FAQ11:32
kickarthey*11:32
kickarand it is not a bit of a help11:32
kickarikonia,  can you do me a favor and pastebin me you php.ini  file?11:33
ikoniakickar: why ?11:33
kickarso i can compare mine to yours11:33
ikoniawhy ? mines not got logging enabled11:33
kickarok11:34
ikoniapastebin yours, we can look over it11:34
kickarhttp://gist.github.com/88911411:35
ikoniakickar: this is ubuntu 10.04 ?11:35
jkgeytiAny idea why I only see ./powerbtn in /etc/acpi/event in ubuntu server 10.04 ? I want to to run a script on power change.11:36
kickar10.1011:36
ikoniakickar: why did you set the error_reporting = -111:38
kickarikonia,  -1 should be everythinh11:39
ikoniareally, I thought that was nothing ?11:39
ikoniaI know mine didn't use -111:39
kickarok, now is : E_ALL | E_STRICT11:40
kickarthe same11:40
ikoniaI didn't change that11:41
kickardo you remember what did you change,  or maybe point me to some reading11:41
aliverius$ sudo mdadm -r /dev/md0 /dev/sdb11:46
aliveriusmdadm: hot remove failed for /dev/sdb: Device or resource busy11:46
aliveriushow do i remove this from my raid 1 array?11:46
aliveriusi erroneusly made the whole /dev/sdb a mirror while i should have made just one partition11:47
ikoniaaliverius: is it still building the array11:52
aliveriusno11:52
ikoniakickar: I don't remember, I got the info from #wordpress guys11:52
aliveriusikonia: i marked it as faulty11:53
ikoniaaliverius: but is the build/sync process totally complete ?11:53
aliveriusand it still doesnt remove11:53
aliveriushow do i unmark it faulty?11:54
ikoniaaliverius: you have to remove and hot add11:54
ikoniamarking it as faulty should have removed it though11:54
aliveriushow do i unmark it?11:54
ikoniayou don't11:54
ikoniayou need to remove and re-add it11:54
aliveriusboth drives?!11:54
ikoniano, the one you have marked as faulty11:55
ikoniaand I don't mean physially remove it11:55
* aliverius fears he will render the 1st disk non bootable11:55
ikoniaremove it from the array11:55
aliveriussudo mdadm -f /dev/md011:55
aliveriusi marked all the array faulty :(11:56
ikoniaooh, you marked the array, not the disk11:56
aliveriusi mucked up right?11:56
ikoniawell, it's not the end of the world11:56
aliveriusplease help me11:57
ikoniacan you pastebin the output of cat /proc/mdstad please11:57
ikoniacan you pastebin the output of cat /proc/mdstat please11:57
aliveriushttp://pastebin.com/FNXwnyuM11:58
ikoniaaliverius: great, no problems, was it disk sdb you wanted to remove ?11:58
aliveriusyes12:00
aliveriusshall i mark that as faulty?12:00
ikoniayes, mdadm -f /dev/sdb12:00
aliverius$ sudo mdadm -f12:00
aliveriusmdadm: an md device must be given in this mode12:00
aliveriusthis is what made me mark the whole array12:01
aliveriusok lets do as you said12:01
ikoniaaliverius: mdadm /dev/md0 -f /dev/sdb12:01
ikoniayou don't want to fail the whole array, just the one disk12:01
aliveriusmdadm: hot removed /dev/sdb12:02
aliveriusty ikonia12:02
ikoniathere we go12:02
aliveriusnow i can partition it and make it like the first disk12:02
aliverius:))12:02
ikoniaexcellent12:02
aliveriusbut how do i partition it exactly as the first disk?12:11
aliveriuswhen i built the array12:11
aliveriusi thought it would use part of sdb not the whole sdb...12:12
ikoniaaliverius: just make a partition the same size as the one you want to mirror12:13
ikoniabe aware though that you may have performance issues if you've using part of a disk for a mirror and part for something else12:13
ikoniamirroring is normally done disk/disk mirroring partitions like for like12:13
aliveriusreally? nobody ever told me12:13
ikonianot a partition on a disk for mirroring and a partition for something else12:13
aliveriusbut ok12:14
aliveriusit may boot a bit slower and that's all12:14
aliveriusi need to mirror only 700G12:14
aliveriusthe other 2x1.3G are precious12:14
aliveriusas space12:14
aliveriusnot the data inside them12:15
ikoniano12:15
ikoniageneral performance may suffer12:15
* aliverius is wondering if he will be able to run the server headless forever12:15
aliverius:(12:15
aliveriusanyway, i cant do otherwise now12:15
ikoniait won't be "that" bad12:15
ikoniaI don't mean your machine will grind to a halt12:16
aliveriusi will have to logout12:24
aliveriusso, bb and thanks ikonia12:24
=== dendro-afk is now known as dendrobates
petahello guys15:27
=== IdleOne is now known as Idle0ne
hardwiredhow do I enable and disable a daemon at boot? e.g. smdb. I am confused by all those possibilities with upstart, update-rc, runlevels15:43
hardwiredseems unnecessarily complex.15:43
lenios_hardwired, it depends on the daemon15:45
hardwiredlenios: OK, what are the possibilities, and how can I identify which daemon uses which method?15:46
hardwiredand... why does it depend on the daemon? can't there be one single way for all daemons?15:46
=== Idle0ne is now known as IdleOne
hardwireddo I edit files in /etc/init/ ? won't they get overwritten at the next upgrade?15:49
iceflatlinesysv-rc-conf15:51
hardwirediceflatline: thanks, I'll check that out.15:52
hardwirediceflatline: this doesn't show smdb, yet it is started at boot.15:53
hardwirediceflatline: and it has no markers for cron, yet cron is started at boot.15:54
hardwirediceflatline: oh wait, it has smbd.15:55
hardwirediceflatline: but no marker for cron.15:56
hardwiredaha;15:58
hardwiredCAVEATS15:58
hardwired       sysv-rc-conf only manages the symlinks in the "rc{runlevel}.d" directories. It's possible that packages may have15:58
hardwired       other ways of being disabled or enabled.15:58
iceflatlineI think cron is started in user space but I don't recall.15:59
hardwiredwhat do you mean started in userspace?16:00
hardwiredof course cron runs in userspace and not in the kernel16:00
hardwiredI think I got the rc stuff covered with that sysv-cr-conf, thanks!16:00
hardwirednow I need to fugure out the other half, the upstart stuff.16:01
hardwiredinitctl list gives a nice list of what is running16:02
qman__sysv-rc-conf will only work on sysv scripts, not upstart ones16:04
qman__AFAIK there is no simple, easy way to manage upstart scripts, you must edit them manually16:04
hardwiredqman__: I think i just found one:16:05
fefwerfHello all16:05
hardwiredWith newer versions of Upstart, you can make use of override files and the manual stanza to achieve the same result in a simpler manner:   echo "manual" >> /etc/init/myjob.override16:05
fefwerfDoes someone know a good tutorial on setting up Dovecot+Postfix+SASL+LDAP on a recent Ubuntu sever?16:06
fefwerfI seem to be unable to do it despie an overkill of information16:06
fefwerfi need some virtual users16:06
qman__fefwerf, that's covered in the server guide16:06
hardwiredfefwerf: I suggest you find some preconfigured config files and use them as a base for your system16:07
fefwerfqman__ looking at the right as we speak16:07
hardwiredfefwerf: that's what I did with dovecot+exim+postgres16:07
qman__it's under postfix16:07
qman__it covers SASL and postfix+dovecot16:07
fefwerfhttps://help.ubuntu.com/10.04/serverguide/C/postfix.html did not work. Should I just install the postfix-dovecot package an add on LDAP&virtual users?16:08
qman__what do you mean by "did not work"?16:08
fefwerfpostfix/smtpd[4657]: fatal: no SASL authentication mechanisms16:09
fefwerfI don't understand16:09
fefwerfdo I have to activate SASL somewhere, Dovecot and Postfix are running16:09
qman__did you do the configuration in dovecot, and restart dovecot?16:10
fefwerfye16:10
fefwerfSorry i just checked,  dovecot-auth is NOT running16:10
fefwerfI will try to fix that16:11
qman__eh, that guide needs updating16:11
qman__it uses /etc/init.d to restart services16:11
fefwerfauth-worker(default): Killed with signal 15 (by pid=1 uid=0 code=kill)16:12
shaunoI did postfix/dovecot/sasl with that guide a couple of months ago.  I don't remember stumbling across anything that got in my way16:13
fefwerflooks like somehow my dovecot is not configured right, I'll look into it16:13
fefwerfdovecot main process (5061) terminated with status 8916:13
hardwiredqman__> it uses /etc/init.d to restart services16:15
hardwiredha!16:15
hardwiredthe transission to upstart is a mess :-)16:15
qman__yeah16:15
qman__really not a fan of upstart16:15
hardwiredwhat they should have done is look at the NetBSD rc.d system16:15
hardwiredit is so simple and effective16:16
qman__systemd is pretty brilliant too16:16
fefwerfSorry hardwired&qman___ looks like I broke my dovecot.conf, will correct and try again16:16
hardwiredyep. the rc.d lacks parallel startup. that's a big drawback these days16:17
hardwiredfefwerf:  not need to apologize :-)16:17
fefwerfI think parallel startup is no big issue for most servers16:17
fefwerfBut what do I know ;)16:18
hardwiredvery true16:26
hardwiredmy upstart is not recent enough for the above-mentioned method to work16:26
fefwerfOK fixed my dovecot.conf, looks like Postfix can use SASL now16:27
fefwerfNow i need to add on LDAP&Virtual users16:28
fefwerfI want a combination of local system users and virtual LDAP users for my Dovecot-Postfix setup16:39
fefwerfhow should I do that?16:39
fefwerfis https://help.ubuntu.com/community/PostfixCompleteVirtualMailSystemHowto a good starting point?16:41
hardwiredlaters16:44
wout-lnxHallyn???18:16
wout-lnxYou awake?18:16
dkuI created an Upstart service, but it is unable to start for some reason, while if I run the same command I pass to exec from the command line, it works fine. How can I debug this?18:20
dku(by unable to start, I mean the service immediately terminates)18:20
elnurThere was a way to restrict a user to his home dir by typing a special home dir in /etc/passwd. I can't remember it. Could anyone remind me of it?18:40
elnurThere was an additional character to prepend/append to home dir in /etc/passwd18:40
zulhallyn: i got a box that can amd qemu-kvm now fyi18:46
aliveriusikonia: are you there?19:08
ikoniaaliverius: yes19:17
aliveriusikonia: i partitioned the second disk with exactly the same size19:20
aliveriusdo i proceed normally?19:20
ikoniayup19:20
aliveriussudo mdadm -a /dev/md0 /dev/sdb419:23
aliverius?19:23
ikoniadepends on your partion layout and raid type19:23
ikoniaread up on the options this time19:23
aliveriusraid 1 and the partition will be sdb419:23
aliveriusi am browsing the man pages but still i am not confident19:24
ikoniawhat is not clear to you ?19:24
aliveriusif that is the correct syntax19:24
ikoniawhat makes you think it's not19:24
aliveriusthe fact the man page doesnt make it clear19:25
aliveriusbut from my experience it should be the right one19:25
ikoniaok, what are you worried is not right19:26
ikoniaand what part does the man page not make clear ?19:26
ikonia(trying to get you confident in what you're doing)19:26
uvirtbot`New bug: #743763 in exim4 (main) "package exim4-config (not installed) failed to install/upgrade: le sous-processus script post-installation installé a retourné une erreur de sortie d'état 1" [Undecided,New] https://launchpad.net/bugs/74376319:26
aliveriusikonia: nothing is unclear, maybe i wanted to have an example command, just to be sure19:32
aliveriusbut oh19:32
aliveriusmdadm [mode] <raiddevice> [options] <component-devices>19:32
aliveriusbeggining of the man page :p19:32
aliveriusok now i am sure19:32
aliveriuslets build the array!19:32
aliveriusmdadm: /dev/sdb4 not large enough to join array19:33
aliveriusoooops19:33
aliveriushttp://pastebin.com/rghs01j4  <--- /dev/sdx4 are the two partitions that would become an array19:35
aliveriusis it ok if i give the second disk partitio a few megabytes more?19:36
ikoniasure19:36
aliveriusisnt it strange since the blocks are exactly the same?19:37
ikoniaaliverius: the disks aren't19:40
aliveriusno they are19:41
aliveriusboth same model19:41
ikoniathat's odd19:43
ikonianot uncommon though19:43
aliveriusikonia: http://pastebin.com/XAgdjStA :)19:50
aliveriusafterwards is there anything more to do?19:50
ikonianothing more19:50
ikoniaaliverius: great news, nice job.19:50
ikoniasit back and enjoy19:51
aliveriusthanks a lot19:51
aliveriusi dont see you in lfs19:51
aliveriusgot bored of it?19:51
centHOGGhi, anybody here install server on a USB stick?19:59
ikoniayou can do that, but very frew people would20:01
* centHOGG server NAS20:01
centHOGGyeah20:01
centHOGGever seen freeNAS?20:01
centHOGGruns off a USB stick20:01
centHOGGfor boot20:01
ikoniadon't want to run a nas of usb20:03
centHOGGactually freenas is pretty clever.. just too much FS overhead20:04
xperiahello to all. i have heavy prolems here with ubuntu server i installed just yesterday20:50
xperiaproblem is the hybrid disk that i use inside that server20:51
xperiaafter the installement of ubuntu everything worked like it should20:51
xperiabut then after several reboots ubuntu wanted check the disk with fscheck20:51
xperiahere it stuck now20:51
xperiasomehow ubuntu crashes full when it try to fscheck the hybrid disk20:52
xperiabefore it worked everything all fine but this fscheck breaks now everyting20:52
uvirtbot`New bug: #743821 in samba (main) "package winbind 2:3.5.8~dfsg-1ubuntu1 failed to install/upgrade: le sous-processus dpkg-deb --fsys-tarfile a retourné une erreur de sortie d'état 2" [Undecided,New] https://launchpad.net/bugs/74382120:56
xperiais anybody here to help me ?20:59
centHOGGwhaz wrong21:04
guntbertxperia: not that I'm not willing to help, but alas I have no idea hwat a hybrid disk might be21:04
centHOGGditto21:04
guntbert*what21:04
thesheff17xperia: I don't know much about the hybrid disks..I'm running a Seagate Momentus XT 500 GB 7200RPM SATA 3Gb/s 32 MB Cache 2.5 Inch Solid State Hybrid Drive ST95005620AS-Bare Drive Seagate Momentus XT 500 GB 7200RPM SATA 3Gb/s 32 MB Cache 2.5 Inch Solid State Hybrid Drive ST95005620AS-Bare Drive with no problems on an 64 bit 10.04 Desktop version.21:17
centHOGGkewl21:18
thesheff17xperia: I would test for the drive being bad. Then try to re install ubuntu..did try different kernel version during boot?21:19
xperiathesheff17: i have the exact harddisk here is it a Seagate Momentus XT 500 GB 7200RPM SATA 3Gb/s 32 MB Cache 2.5 Inch Solid State Hybrid Drive21:37
thesheff17xperia: what version of ubuntu are you using?21:38
xperiai am using it on the newest ubuntu server natty alpha 3 release21:38
xperiait boot all fine till fscheck21:38
xperiabut then it crash full21:38
xperiascreen goes off and nothing happen21:38
thesheff17xperia: try 10.10 or even 10.04 which is an LTS...why alpha?21:39
centHOGGLTS21:39
thesheff17LTS = long term support21:39
* centHOGG concur21:39
xperiathesheff thanks for tip21:40
storzHey everyone.  I have a question about dovecot.21:40
xperialooking just right now if disk is good21:40
storzWhen postfix saves an email, it saves it into /home/vmail/domain/user/new (or cur or tmp).21:40
storzBut when I try to access it via imap, dovecot goes to /home/vmail/domain/user/Maildir/new (or cur or tmp).21:40
storz How do I correct this?  In dovecot.conf, it is set to: mail_location = maildir:/home/vmail/%d/%n21:40
xperiastorz this is more a postfix / doecot question21:45
xperianormally all the info configuring this software is availble on the net21:45
xperiaif you dont have luck possibility is to ask in the chanels of postfix and dovecot21:45
storzxperia.  Thanks. I know.  I was just hoping that one of you have run into this before.  Figured it'd be a bit quicker.21:46
Al-Bundywhat is the command to configure network on Ubuntu server?21:55
guntbertAl-Bundy: see https://help.ubuntu.com/10.04/serverguide/C/network-configuration.html21:55
aliveriuslets say i decide to boot my raid 1 without one disk21:57
aliveriusthen i reboot woth both disks connected21:57
aliveriuswhat happens? does it sync automatically to the newst disk?21:58
uvirtbot`New bug: #743858 in openssh (main) "sshd not appending to /var/log/btmp" [Undecided,New] https://launchpad.net/bugs/74385822:11
xperiathesheff17: i booted the server now with a live cd. maked a fsck on the disk and ubuntu server load all fine now22:12
xperiaafter the reboot22:13
xperialooks like a problem with fsck in ubuntu natty alpha 322:13
xperiaokay have to do see you all next time bye22:13
aliveriusikonia: you there? i made some questions above22:44
uvirtbot`New bug: #743883 in samba (main) "cannot load packages.  Broken packages" [Undecided,New] https://launchpad.net/bugs/74388322:56
uvirtbot`New bug: #743920 in tftp-hpa (main) "package tftpd-hpa 0.49-1 failed to install/upgrade:" [Undecided,New] https://launchpad.net/bugs/74392023:56

Generated by irclog2html.py 2.7 by Marius Gedminas - find it at mg.pov.lt!