/srv/irclogs.ubuntu.com/2011/04/04/#ubuntu-server.txt

jeeves_moss	how do I set up an internal DNS?	00:10
=== sjefen6_ is now known as sjefen6
=== tschundeee_ is now known as tschundeee
=== Lcawte is now known as Guest20532
=== lifeless_ is now known as lifeless
io_error	Good evening, do the EC2 AMI images work with pvgrub?	02:29
kaushal	Hi	03:11
kaushal	I have planned to use 10.04 LTS for setting up Gateway in my office	03:12
kaushal	what should be the hardware configuration and what all recommended applications are needed ?	03:12
io_error	Do the official EC2 AMI images work with pvgrub?	03:26
=== cerber0s is now known as cerberos
=== dendroba` is now known as dendro-afk
=== dendro-afk is now known as dendrobates
=== jaskal is now known as Guest76113
=== jetole is now known as Guest57897
=== kim0 is now known as Guest95923
axisys	how do I setup a NAS on ubuntu server? I have a 1TB WD usb storage that I attached to my ubuntu server .. I like to make it accessible from all of the other computers (mac and linux) .. kind a like a private dropbox	04:05
=== airtonix_ is now known as airtonix
rnigam	hello everyone, I have a netperf question. I am trying to set the socket buffer size on sender and reciever side using -m and -M and the buffer size actually doubles when i run the netperf command. I am running netperf on Maverick. Please direct me to the right channel if this should not be here. Thanks.	04:08
axisys	ok i mounted the usb storage like this	04:08
axisys	/dev/sdb1 on /mnt type vfat (rw)	04:08
axisys	how do I make sure it sticks a reboot?	04:08
io_error	axisys: Add an entry into /etc/fstab	04:09
axisys	in other words what should the /etc/fstab look like?	04:09
axisys	io_error: :-)	04:09
io_error	axisys: Something like this: /dev/sdb1 /mnt vfat defaults 0 0	04:09
axisys	io_error: thanks	04:10
=== IdleOne is now known as excal_cheating
=== excal_cheating is now known as IdleOne
axisys	ok so this worked ..	04:11
axisys	/dev/sdb1 /storage vfat rw 0 0	04:11
axisys	io_error: thanks a lot	04:11
io_error	axisys: as long as it works :)	04:11
axisys	i guess now I have to find out how to share it over the network so my mac mini to rw to it	04:12
io_error	axisys: have you the GUI installed?	04:12
axisys	io_error: on the ubuntu server?	04:13
io_error	axisys: right	04:13
axisys	io_error: no .. just cli	04:13
axisys	but i can x11 over ssh if necessary .. after all they all are hanging off of my linksys router	04:13
io_error	axisys: hm, first need to install samba... like apt-get install samba4	04:14
axisys	io_error: hmm.. mac does not read nfs?	04:15
io_error	axisys: sure you can do NFS to the Mac, but Windoze will not like it	04:15
axisys	io_error: i have no windows.. just mac ppc and ubuntu	04:16
io_error	oh, well just set up NFS and forget about that samba junk :)	04:16
axisys	io_error: yep.	04:16
axisys	how do I share the storage folder ? in solaris i could run share	04:16
axisys	/storage is where the usb device mounted	04:17
io_error	axisys: Add a line in /etc/exports ... example: /storage *(ro,insecure,all_squash)	04:17
axisys	io_error: oh ok.. thanks	04:18
io_error	axisys: it works pretty much the same as solaris /etc/exports	04:18
io_error	Does the official EC2 AMI work with pvgrub?	04:20
uvirtbot	New bug: #749895 in amavisd-new (main) "package amavisd-new-postfix 1:2.6.4-1ubuntu6 failed to install/upgrade: subprocess installed post-installation script returned error exit status 1" [Undecided,New] https://launchpad.net/bugs/749895	04:21
axisys	io_error: what does insecure and all_squash do?	04:25
shadow42085	hi	04:26
io_error	axisys: They're in the man page :) mainly just makes the export REALLY read-only and locks it down a bit more	04:26
io_error	axisys: if you want it writeable you'll have to put in different options anyway	04:27
=== jmarsden_ is now known as jmarsden
shadow42085	I need to know which free control panel for websites are	04:28
shadow42085	ththe easiest to use	04:28
shadow42085	sorry bout the double	04:28
io_error	shadow42085: there really aren't many that are good AND free	04:30
shadow42085	well I was considering webmin but it's obsolete	04:30
io_error	shadow42085: The only free one I can think of offhand is ispconfig, but it's been a long time since I looked at that	04:30
shadow42085	I think i have seen it but never used it	04:31
io_error	shadow42085: In any case if you want to set up web hosting software, the absolute best place to go is webhostingtalk.com forum	04:31
io_error	cPanel is king in web hosting, because it's very good, but you also have to pay for it	04:32
shadow42085	i know cPanel I have used it before	04:32
shadow42085	when I used free hosting	04:32
io_error	Well I finally found the answer to my own question. The official EC2 AMI images are already using pvgrub.	04:33
shadow42085	but I am using an old server that I am tinkering with	04:33
io_error	shadow42085: I think cPanel has a free trial, but if you insist on free stuff then I suggest you check out the WHT forum for more ideas	04:35
shadow42085	ok	04:35
=== SpamapS_ is now known as SpamapS
shadow42085	i will just go back to webmin it was the easiest	04:55
axisys	io_error: failing to mount it on nfs client	04:55
axisys	sudo mount -t nfs4 192.168.1.106:/storage /mnt	04:55
axisys	mount.nfs4: mounting 192.168.1.106:/storage failed, reason given by server: No such file or directory	04:55
io_error	axisys: Did you kick the NFS server?	04:55
axisys	sudo exportfs	04:55
axisys	sudo exportfs	04:55
axisys	/storage 192.168.1.0/24	04:55
io_error	axisys: Restart the nfs server, and if that doesn't work, kick it for real :)	04:55
io_error	Oh, and make sure /storage exists and it's mounted :)	04:55
axisys	sudo /etc/init.d/nfs-kernel-server restart <-- run that	04:55
io_error	anything in the log?	04:55
axisys	My Stuff	04:55
axisys	/storage$ ls	04:55
axisys	My Stuff	04:55
axisys	io_error: nfs server log	04:57
axisys	io_error: http://pastebin.com/iV9ZmN55	04:57
axisys	some people suggested to disable ipv6 during boot to fix it. from 2010	05:03
axisys	hmm	05:03
axisys	/dev/sdb1 on /storage type vfat (rw) <-- could the vfat be a problem?	05:05
axisys	i am trying to nfs share the usb drive..	05:05
io_error	axisys: no, errno 97 is address not supported by protocol. You can try blacklisting ipv6 if you aren't using ipv6 on your home network.	05:07
io_error	axisys: add "blacklist ipv6" to /etc/modprobe.d/blacklist.conf and reboot	05:07
=== WinstonSmith_ is now known as WinstonSmith
axisys	ok.. my irc is running on the nfs server.. any way to avoid reboot ?	05:14
axisys	ok i am taking the path of samba	05:38
axisys	i see the folder .. but cannot write to it	05:40
axisys	drwxr-xr-x 4 root root 16384 1969-12-31 19:00 /storage .. i think i need to change it to nobody.nogroup .. but it is failing	05:42
axisys	sudo chown nobody.nogroup /storage	05:42
axisys	chown: changing ownership of `/storage': Operation not permitted	05:42
axisys	this is how storage is mounted	05:43
axisys	/dev/sdb1 /storage vfat rw,relatime,fmask=0022,dmask=0022,codepage=cp437,iocharset=iso8859-1,shortname=mixed,errors=remount-ro 0 0	05:43
axisys	i guess i need to add switches in the mount option to make it nobody, ngroup	05:43
io_error	axisys: You'll need the uid= and gid= options in /etc/fstab, and you also need to set a user mapping in /etc/exports	05:51
=== jussi01_ is now known as jussi
shadow42085	I am having CA problems now	06:57
shadow42085	!pastebin	06:58
ubottu	For posting multi-line texts into the channel, please use http://paste.ubuntu.com \| To post !screenshots use http://imagebin.org/?page=add \| !pastebinit to paste directly from command line \| Make sure you give us the URL for your paste - see also the channel topic.	06:58
shadow42085	is there anyone still here?	07:02
=== ttx` is now known as ttx
uvirtbot	New bug: #749983 in openssh (main) "GSSAPI auth fails when incorrect reverse" [Undecided,New] https://launchpad.net/bugs/749983	07:42
=== danielck_ is now known as danielck
m_tadeu	hi everyone....does anyone know how can I verify if a udp package is being forwarded from a router to a server?	08:10
jjohansen1	m_tadeu: any other machine on the local network can watch all the packets using packet sniffing, look at wireshark or similar tools	08:20
m_tadeu	jjohansen1: thanx...I'll take a look at it	08:22
=== rbniknej is now known as squishy
=== JoePSU_ is now known as JoePSU
=== doko__ is now known as doko
alex88	hi guys..someone ever used portknocking?	10:20
SpamapS	alex88: long ago I did.. had a script that would tail my deny logs.	10:38
alex88	SpamapS: sorry for late answer..but i'm thinking..you need to knock the right ports in the right sequence?	10:48
alex88	will any error need you to restart the attempt?	10:48
SpamapS	alex88: yeah the idea is you have a script on your laptop/phone/whatever that just hits the sequence of ports and then the FW allows traffic from your IP	10:49
=== nijaba_afk is now known as nijaba
alex88	SpamapS: yeah i know the idea..my thought was that if someone will syn scan the full port range it will hit the ports	10:51
=== cjwatson_ is now known as cjwatson
SpamapS	alex88: the sequence is exact	10:54
SpamapS	alex88: if one port arrives that isn't in the seq, you assume that is not the right knock	10:55
alex88	SpamapS: so you have to restart from the beginning?	10:58
SpamapS	alex88: of course, otherwise as you say portscans would have a good chance of hitting your knock	10:59
alex88	SpamapS: that was my doubt.. thank you very much :)	11:01
alex88	oh, last one..how can portknocking be encrypted?	11:02
SpamapS	alex88: its a random sequence of numbers.. its already a key	11:02
alex88	i mean, if you sniff you see serveral tcp syn.. but those can be replayed..	11:02
SpamapS	alex88: you could use a OTP system, meaning you can only use one knock one time	11:03
SpamapS	and just pre-share a list of knocks	11:03
alex88	yeah read about that..but in this http://www.portknocking.org/view/knocklab/knock_lab it seems it just encrypt the config	11:03
SpamapS	alex88: I stopped using port knocking because it was a PITA to use on public terminals..	11:05
alex88	pita?	11:06
SpamapS	alex88: I found it was easier to simply carry public keys (1 privileged, one non-privileged) and disable password auth for SSH.	11:06
SpamapS	PITA = Pain In The Arse	11:06
alex88	lool ok :)	11:06
alex88	well sure for the ssh security :) for now i've that enabled when you connect to vpn	11:07
SpamapS	same story for VPN really..	11:07
SpamapS	certs.. ssh.. whatever it is	11:07
* lool pops up		11:07
alex88	yup..	11:13
=== Nigel_ is now known as G
=== eerie_ is now known as eerie
=== ScottK2 is now known as ScottK
=== twister004_ is now known as twister004
=== Pici` is now known as Pici
=== sjefen6_ is now known as sjefen6
=== ehw_ is now known as ehw
=== klaas_ is now known as klaas
soren	ScottK: Re bug 741616.. It's already in the queue, as it turns out.	14:13
uvirtbot	Launchpad bug 741616 in nova "[FFe] Add a nova-ajax-console-proxy package" [Wishlist,Confirmed] https://launchpad.net/bugs/741616	14:13
ScottK	soren: OK. I'll try and have a look a bit later then.	14:13
soren	ScottK: Ta very much.	14:14
shadow42085	i can't seam to get auth login and auth=login in a dovecot-postfix setup	14:19
shadow42085	any ideas	14:21
uvirtbot	New bug: #739364 in irqbalance (main) "irqbalance crashed with SIGSEGV in readdir64()" [Medium,Triaged] https://launchpad.net/bugs/739364	14:22
al-maisan	hello there! I am installing ubuntu server on a system that uses LVM, what device should should I specify to grub-install?	14:25
al-maisan	the installer suggests "/dev/mapper" and the LV group is called "VolGroup00"	14:26
shadow42085	i can't seam to get auth login and auth=login in a dovecot-postfix setup any ideas?	14:26
uvirtbot	New bug: #738489 in squid (main) "squid crashed with SIGABRT in raise()" [Medium,Incomplete] https://launchpad.net/bugs/738489	14:27
uvirtbot	New bug: #744173 in php5 (main) "php5 assert failure: * glibc detected * /usr/bin/php: double free or corruption (!prev): 0x08c672e8 ***" [Medium,Incomplete] https://launchpad.net/bugs/744173	14:32
uvirtbot	New bug: #471980 in dhcp3 (universe) "no pude anexar un archivo a la carta" [Low,Confirmed] https://launchpad.net/bugs/471980	14:37
shadow420	I am trying to setup a mail server using postfix/dovecot but when I telnet into it and test it and don't see auth login and auth=login any ideas?	14:38
=== txwikinger2 is now known as txwikinger
=== jasonb_ is now known as jasonb
shadow420	!mailserver	14:40
ubottu	Ubuntu supports the Simple Mail Transfer Protocol (SMTP) and provides mail server software of many kinds. You can install a basic email handling configuration with the "Mail server" task during installation, or with the "tasksel" command. See also https://help.ubuntu.com/community/MailServer and https://help.ubuntu.com/10.04/serverguide/C/email-services.html	14:40
zul	hallyn: have you seen this before? with lxc and libvirt? https://bugs.launchpad.net/nova/+bug/749973	14:42
uvirtbot	Launchpad bug 749973 in nova "libvirtError: internal error cannot determine default video type" [High,Confirmed]	14:42
uvirtbot	New bug: #742995 in irqbalance (main) "irqbalance crashed with SIGSEGV in g_slice_alloc()" [Medium,Incomplete] https://launchpad.net/bugs/742995	14:43
hallyn	zul: no. how does it determine video type?	14:45
hallyn	does it try any ioctls? I'm wondering whether the devices namespace is to blame	14:45
shadow420	I am trying to setup a mail server using postfix/dovecot but when I telnet into it and test it and don't see auth login and auth=login any ideas?	14:45
Webbb	#ubuntu-fi	14:50
al-maisan	when installing ubuntu server on a LVM system: can the /boot partition be inside the the LVG as well or do I need to keep it on a normal (i.e. non-lvm) partition?	14:51
hallyn	zul: you know, now that i've got lxc-clone with lvm, i just can't stand the delay any more in starting cloud instances to test a bug :)	14:55
=== skaet_ is now known as skaet
MTeck	I'm trying to copy only a specific set of files that could be buried pretty much anywhere. I'm trying to do it with something like this... rsync -auz --delete --include "/" --include ".[Pp][Nn][Gg]" --include ".[Dd][Oo][Cc]" --exclude "" /source/ /dest but that seems to grab everything	14:59
RoAkSoAx	morning all	14:59
=== ahs3` is now known as ahs3
MTeck	Any thoughts about what I'm doing wrong?	15:00
=== reisi_ is now known as reisi
=== mok0_ is now known as mok0
=== mok0 is now known as 5EXACFVV1
kirkland	RoAkSoAx: hiya	15:07
kirkland	RoAkSoAx: made it back okay?	15:07
kirkland	RoAkSoAx: how did the talk go?	15:07
shadow420	I am trying to setup a mail server using postfix/dovecot but when I telnet into it and test it and don't see auth login and auth=login any ideas?	15:09
=== JayFo is now known as JFo
RoAkSoAx	kirkland: it went well	15:10
RoAkSoAx	kirkland: yeah made it back alive... left hotel 9.30am arrived miami 10.30pm	15:10
RoAkSoAx	got delayed in dallas	15:10
hallyn	zul: (reminder) can you push the new lxc package?	15:11
kirkland	RoAkSoAx: bummer	15:11
kirkland	RoAkSoAx: we got a little feedback on cobbler ppa packages, https://bugs.launchpad.net/bugs/741661	15:11
uvirtbot	Launchpad bug 741661 in cobbler "Web UI does not work from default install (2.1.0~bzr-2009-0ubuntu1)l" [Medium,In progress]	15:11
shadow420	I am trying to setup a mail server using postfix/dovecot but when I telnet into it and test it and don't see auth login and auth=login any ideas?	15:12
kirkland	RoAkSoAx: looks like those packages are better, but there's a new exception	15:12
RoAkSoAx	kirkland: i'll look at it in a bit. I also have the patch for the hardlink thing, but have to test it first	15:15
kirkland	RoAkSoAx: i want to get something uploaded today	15:15
kirkland	RoAkSoAx: let's get it to a point where it's definitely better than what was there	15:15
kirkland	RoAkSoAx: and upload	15:15
kirkland	RoAkSoAx: and continue working on next issues	15:15
RoAkSoAx	kirkland: ok cool, I'm about to test the patch and will upload to PPA	15:15
kirkland	RoAkSoAx: at that point, I suggest we get that into the archive	15:15
kirkland	RoAkSoAx: and then keep burning down other issues incrementally	15:16
shadow420	I am trying to setup a mailserver using postfix/dovecot but when I telnet into it and test it and don't see auth login and auth=login any ideas?	15:17
RoAkSoAx	kirkland: so better, yet, upload what's in PPA now, and from there I'll apply the hardlink patch	15:20
RoAkSoAx	so we have something functional right now	15:20
th0mz_	is ther a way to reload network only on 1 interface and not all please ?	15:20
th0mz_	i changed a few things in the interfaces file, but ifdown & ifup doest seems to apply changes.	15:21
semiosis	th0mz_: i think 'service network-interface restart INTERFACE=???' will do it	15:23
zul	hallyn: yep	15:23
=== dendrobates is now known as dendro-afk
=== dendro-afk is now known as dendrobates
th0mz_	thanks semiosis	15:24
kirkland	RoAkSoAx: good, i agree	15:26
kirkland	RoAkSoAx: i might wait for SpamapS to come online this morning	15:27
shadow420	I am trying to setup a mailserver using postfix/dovecot but when I telnet into it and test it and don't see auth login and auth=login any ideas?	15:27
kirkland	RoAkSoAx: he offered on Friday to take a look and do a quick round of testing	15:27
RoAkSoAx	kirkland: yeah, cause the new issue that was reported on bug #741661 might also be something related to upstream?	15:27
uvirtbot	Launchpad bug 741661 in cobbler "Web UI does not work from default install (2.1.0~bzr-2009-0ubuntu1)l" [Medium,In progress] https://launchpad.net/bugs/741661	15:27
shadow420	um excuse me?	15:28
kirkland	RoAkSoAx: right	15:30
kirkland	RoAkSoAx: i don't know what that error means	15:30
kirkland	RoAkSoAx: we might need to jump in #cobbler and ask	15:30
RoAkSoAx	kirkland: i think it is an issue when trying to edit kickstarts	15:34
kirkland	RoAkSoAx: perms/owners on a dir in /var/lib/cobbler, i bet	15:34
zul	hallyn: lxc-fix-3bugs lxc-clone and fix-template-syntax?	15:49
hallyn	zul: lxc-clone should not be in there	15:50
hallyn	lxc-fix-3bugs does have 3 fixes though	15:50
hallyn	and that's the branch, yes	15:51
hallyn	much as I'd like to get lxc-clone in there, I think skaet would have my head :)	15:51
zul	ack	15:51
zul	hallyn: done	16:13
hallyn	zul: thanks!	16:14
zul	hallyn: have you seen this error before with lxc and libvirt before: https://bugs.launchpad.net/nova/+bug/749973	16:15
uvirtbot	Launchpad bug 749973 in nova "libvirtError: internal error cannot determine default video type" [High,Confirmed]	16:15
=== al-maisan is now known as almaisan-away
uvirtbot	New bug: #750371 in squid (main) "squid causing /var to stay busy during shutdown" [Undecided,New] https://launchpad.net/bugs/750371	16:16
hallyn	zul: no. do you know what nova does to check display?	16:16
hallyn	zul: my guess is it's because of the devices namespace	16:16
hallyn	uh, cgroup	16:16
hallyn	zul: can you reproduce it?	16:17
hallyn	if you can, try doing so with a container where all of the 'cgroup.devices.*$' entries in the config are commented out	16:17
hallyn	ah, no	16:17
Kartagis	hello	16:18
zul	hallyn: i havent been able to but ttx can	16:18
Kartagis	2011-04-04 15:14:36 IMAP(bilgi): Error: mail_location not set and autodetection failed: Mail storage autodetection failed with home=/home/bilgi	16:18
Kartagis	2011-04-04 15:14:36 IMAP(bilgi): Fatal: Namespace initialization failed	16:18
Kartagis	2011-04-04 15:16:21 imap-login: Info: Aborted login (auth failed, 3 attempts): user=<bilgi@bilgisayarciniz.org>, method=PLAIN, rip=184.82.40.118, lip=184.82.40.118, secured <--- could this be why I am unable to login?	16:18
hallyn	zul: what is major:minor for /dev/nbd12 ?	16:18
hallyn	zul: I suspect you need to add those to the devices cgroup	16:18
hallyn	(to the whitelist that is)	16:18
zul	ttx: ^^^	16:18
ttx	yep?	16:19
=== hggdh_ is now known as hggdh
hallyn	so add something like:	16:19
zul	hallyn: hmm how do you do that?	16:19
ttx	hmm, I need to reinstall to further test. Maybe comment on the bug, the original poster might get the info to you faster than I do	16:20
hallyn	lxc.cgroup.devices.allow = b 43:* rwm	16:20
=== zz_carcinogen75 is now known as carcinogen75
hallyn	commented	16:21
zul	ttx: we were just disccusing that lxc libvirt bug	16:22
zul	you were able to reproduce it at one point right?	16:22
ttx	yes.	16:23
ttx	before natty blew up my test laptop.	16:23
ttx	zul: I followed your wikipage.	16:23
ttx	i suspect the poster of the bug did, too.	16:23
ttx	zul: maybe the instructions are missing a critical step.	16:24
zul	hallyn: this is using libvirt exclusively	16:24
parkdriver	I currently have a clean install of ubuntu server 10.04.2 LTS but I read about ubuntu 11.x being released this month	16:25
parkdriver	worth the upgrade or should i keep the 10.04.2 LTS?	16:25
zul	ttx: it might be...ill try to reproduce it locally	16:27
ScottK	soren: Done.	16:27
hallyn	zul: but libvirt still uses the devices cgroup	16:27
hallyn	zul: where is your wiki page?	16:28
zul	hallyn: http://wiki.openstack.org/LXC	16:28
=== dendrobates is now known as dendro-afk
=== oubiwann` is now known as oubiwann
=== dendro-afk is now known as dendrobates
=== kees_ is now known as kees
=== almaisan-away is now known as al-maisan
=== al-maisan is now known as almaisan-away
=== almaisan-away is now known as al-maisan
uvirtbot	New bug: #750402 in cobbler (universe) "Editing Kickstarts/Snippets errors with "tainted file location"" [Undecided,New] https://launchpad.net/bugs/750402	16:51
zul	kirkland: are you going to patch cobbler for the bug just opened?	17:01
kirkland	zul: yes, RoAkSoAx and I are working on it	17:01
kirkland	zul: we have a package in a PPA for testing	17:02
zul	k	17:02
RoAkSoAx	kirkland: Ok, so had to change the patch for hardlink as the hardlink we have in Ubuntu is different that the one in fedora (now testing)	17:04
kirkland	RoAkSoAx: k	17:05
Kartagis	hello	17:06
RoAkSoAx	kirkland: ok I'm ready to upload to ppa, do you want me to add a ~ppa2 changelog entry, or just modify the ~ppa1 and but it to ~ppa2?	17:06
Kartagis	can anybody be so kind to tell me why I can login to horde but to imp?	17:06
kirkland	RoAkSoAx: do the latter	17:06
RoAkSoAx	kirkland: done	17:21
jjohansen	hggdh: any results on the test yet?	17:22
hggdh	jjohansen: they failed, seemingly the same error	17:22
rnigam	hello everyone, I have a netperf question. I am trying to set the socket buffer size on sender and reciever side using -m and -M and the buffer size actually doubles when i run the netperf command. I am running netperf on Ubuntu Maverick Server. Please direct me to the right channel if this should not be here. Thanks.	17:22
jjohansen	hggdh: hrmm interesting	17:22
=== dendrobates is now known as dendro-afk
jjohansen	hggdh: so kvm can't be launched at all or only from eucalyptus?	17:24
hggdh	jjohansen: I do use kvm on natty, on my laptop; on this machine it is only via euca	17:25
patdk-wk	Kartagis, imp uses imap auth, horde uses any auth you want	17:25
jjohansen	hggdh: can you try launching a plain kvm instance on the machine in question?	17:25
Kartagis	patdk-wk: I set horde to use IMAP auth	17:25
patdk-wk	are you sure the imap auth settings for horde and imp are the same?	17:26
patdk-wk	I would just tell horde to use imp auth	17:26
hggdh	jjohansen: will try; right now, though, I am in the middle of a lucid proposed kernel test (that is also failing)	17:26
jjohansen	hggdh: well thats not good :(	17:27
Kartagis	patdk-wk: yes	17:27
hggdh	jjohansen: heh. Tell me about it...	17:27
=== chuck_ is now known as zul
=== lamont` is now known as lamont
=== TheEvilPhoenix is now known as EvilPhoenix
=== mrmist_ is now known as mrmist
shaggy2	I need help, I am trying to set a static ip on my ubuntu server 10.10 it came out with error this error	17:49
shaggy2	sudo /etc/init.d/networking restart	17:49
shaggy2	* Reconfiguring network interfaces... SIOCDELRT: No such process	17:49
shaggy2	SIOCADDRT: No such process	17:49
shaggy2	Failed to bring up eth1.	17:49
shaggy2	when I do ifconfig I get eth1 and eth1:2	17:50
pmatulis	shaggy2: maybe pastebin your interfaces file	17:50
shaggy2	ok whats the link for pastebin? never used it	17:50
webb	Hi	17:52
webb	Anyone here is an expert with installing WEBMIN?	17:53
shaggy2	http://pastebin.com/BSWTLHQN	17:53
SpamapS	!webmin	17:53
ubottu	webmin is no longer supported in Debian and Ubuntu. It is not compatible with the way that Ubuntu packages handle configuration files, and is likely to cause unexpected issues with your system.	17:53
SpamapS	webb: ^^	17:53
SpamapS	webb: try ebox	17:54
SpamapS	or whatever they call it now	17:54
webb	Oh... ok	17:54
shaggy2	I have used webmin once before. search google for help thats how I done it, but yes it does fault out	17:54
webb	eBox is now known as Zentyal	17:55
shaggy2	pmatulis: http://pastebin.com/BSWTLHQN	17:55
SpamapS	!ebox	17:55
ubottu	ebox is a web-based GUI interface for administering a server. It is designed to work with Ubuntu/Debian style configuration management. See https://help.ubuntu.com/community/eBox	17:55
pmatulis	shaggy2: no loopback interface huh?	17:56
shaggy2	there is	17:57
pmatulis	shaggy2: i don't see it in the file	17:57
webb	Thanks guys	17:57
webb	let me give it a try	17:58
shaggy2	# The loopback network interface	17:58
shaggy2	auto lo	17:58
shaggy2	iface lo inet loopback	17:58
shaggy2	sorry missed it in the selection	17:58
webb	:D I think I will be back shortly asking for help...	17:58
shaggy2	heng on I will pastebin the whole file	17:59
shaggy2	pmatulis: http://pastebin.com/czJgRvFJ	18:00
shaggy2	I returned it to auto to see what happened on restart with that one	18:01
pmatulis	shaggy2: and the result?	18:01
shaggy2	http://pastebin.com/VQ3VzCnJ	18:03
webb	anyone knows is zentyal compatible with ubuntu server 10.10?	18:03
pmatulis	shaggy2: looks good	18:04
shaggy2	thats on auto, I want to chagne it to static cause I am changing the network addresses on my local systems so they are not public	18:05
SpamapS	webb: it should be	18:05
SpamapS	webb: looks like they're still calling it ebox even now in natty	18:06
SpamapS	ebox \| 2.0.16-0ubuntu1 \| natty/universe \| source, all	18:06
shaggy2	at I have a couple of items on my network that I don't want on the public ip's and I can not manualy set the ip for them so I have to do them on dhcp on the router	18:06
webb	SpamapS: Have a look at http://forum.zentyal.org/index.php?topic=5443.0	18:09
pmatulis	shaggy2: i would configure it manually to test	18:09
webb	It is important to notice that all Zentyal releases are based on the Ubuntu LTS versions. Each Zentyal release is based on the Ubuntu LTS version that is available at the moment the release is launched.	18:10
SpamapS	webb: ahh.. so in the regard.. you're not going to get much help from upstream. :-/	18:10
webb	So.. it's not compatible?	18:10
=== skaet is now known as skaet_afk
shaggy2	pmatulis: I got it to work, I reentered all the details that I changed, and then removed the dhcp3-client and it all works fine	18:16
pmatulis	shaggy2: nice	18:20
=== hallyn is now known as hallyn_afk
=== dendro-afk is now known as dendrobates
RoAkSoAx	kirkland: ok so installing a Fedora kvm instance with koan works. The ubuntu one not quite though! Looking into that now	18:49
zertyui	hello	18:50
zertyui	is there any incoherence when you mysql and PostgreSQL on ubuntu lucid ?	18:50
zertyui	i mean on a same machine	18:50
jcole	i have a problem with automatic nsswitch and pam management.. i currently create a config for auth-client-config, but now i have pam-auth-update trying to also manage my pam configs.. this is causing my users lots of problems	18:50
jcole	so, what i would like to know, which method should i use to manage nsswitch and pam? auth-client-config? pam-auth-update? auth-client-config+pam-auth-update??	18:50
kirkland	RoAkSoAx: sweet	18:51
kirkland	RoAkSoAx: i reviewed the ~ubuntu-virt ppa cobbler, looks like a vast improvement over whats in Natty right now	18:51
kirkland	RoAkSoAx: i'm going to upload that now	18:51
jcole	i am supporting hardy on up	18:52
kirkland	RoAkSoAx: and then sponsor the cherry pick fix for https://bugs.launchpad.net/bugs/750402	18:52
uvirtbot	Launchpad bug 750402 in cobbler "Editing Kickstarts/Snippets errors with "tainted file location"" [High,Confirmed]	18:52
kirkland	did SpamapS ever come online today?	18:52
RoAkSoAx	kirkland: yeah that sounds like a good plan	18:53
RoAkSoAx	kirkland: and yeah he was online	18:53
RoAkSoAx	SpamapS: ping	18:53
jcole	cjwatson: btw, you were tright, the automated installer issue i had for sources.list was due to a buggy app borking sources.list after install	18:53
kirkland	SpamapS: yo	18:53
kirkland	RoAkSoAx: oh, hmm	18:53
kirkland	RoAkSoAx: looks like some cruft leaked into debian/patches	18:54
kirkland	dpkg-source: info: applying debian-changes-2.1.0-0ubuntu3	18:54
kirkland	dpkg-source: info: applying debian-changes-2.1.0-0ubuntu3~ppa1	18:54
RoAkSoAx	kirkland: yeah I also though the same but the diff's didn't show anything on them	18:55
RoAkSoAx	so I just assumed it came from before	18:55
kirkland	RoAkSoAx: okay, i'll prune them	18:55
RoAkSoAx	alrighty	18:55
kirkland	RoAkSoAx: please forward 35_fix_hardlink_bin_path.patch to upstream cobbler	18:56
RoAkSoAx	kirkland: yes will do, will also fw 31_add_ubuntu_koan_utils_support.patch and 32_fix_koan_import_yum.patch	18:56
kirkland	RoAkSoAx: okay, uploaded cobbler_2.1.0-0ubuntu3_source.changes	18:57
kirkland	RoAkSoAx: yes, please do	18:57
RoAkSoAx	kirkland: awesome!	18:57
kirkland	RoAkSoAx: i don't think i can forward 33_authn_configfile.patch upstream	18:57
kirkland	RoAkSoAx: that'll need to be a minor config difference between us and them	18:57
RoAkSoAx	yeah that makes sense	18:58
kirkland	RoAkSoAx: we have debconf, so we can make auth config by default	18:58
RoAkSoAx	kirkland: but I think that's not needed if we use the cobbler user instead of creating new users	18:58
RoAkSoAx	let me check	18:58
uvirtbot	New bug: #564550 in apache2 (main) "apache2 crashed with SIGSEGV in zend_std_get_method()" [Low,Incomplete] https://launchpad.net/bugs/564550	18:58
jcole	on the wiki, it says to use auth client here (ldap) -> https://help.ubuntu.com/community/LDAPClientAuthentication#Notes%20for%207.10%20and%20later	19:01
jcole	but then, it says to use pam update here (active directory) https://help.ubuntu.com/community/ActiveDirectoryWinbindHowto#PAM	19:01
RoAkSoAx	kirkland: yeah maybe they are enable that in their packaging too, but maybe not, so yeah that's not worth forwarding upstream	19:01
jcole	seems like debian doesnt have auth client so it must be an ubuntu only thing... debian uses pam update instead... but the problem with pam update is it doesnt manage nsswitch	19:03
jcole	so, should i use a combination of both?	19:03
=== skaet_afk is now known as skaet
jcole	fyi, these are my auth client configs for ldap only and ldap+kerberos -> http://pastebin.com/X0D90cFr	19:08
jcole	those configs work for hardy on up	19:08
jcole	im also using pam_mkhomedir and pam_ccreds (for offline ldap logins)	19:09
zertyui	hello there	19:10
cjwatson	jcole: cool, thanks for following up	19:10
zertyui	how to grep two content on the same time ?	19:10
jcole	cjwatson: thanks for pointing me to the d-i logfile, i had no idea d-i saved that	19:11
jcole	zertyui: grep -e string1 -e string2 file.txt ?	19:12
zertyui	how to apt-cache search grep two content ?	19:12
jcole	cjwatson: now im having an issue with my users logging into their boxen :/ pam-auth-update is clobbering auth-client-updates configs	19:12
jcole	zertyui: you can use regex with apt-cache search	19:13
zertyui	how ?	19:14
jcole	apt-cache search string1\\|string2	19:15
cjwatson	jcole: nothing I know about, I'm afraid	19:15
jcole	zertyui: or, apt-cache search "string1\|string2"	19:15
zertyui	dklmù*	19:15
jcole	cjwatson: what is the preferred method to manage nsswitch and pam on an ubuntu-server? seems like managing logins methods would be a trivial thing	19:17
pmatulis	jcole: auth-client-config	19:18
zertyui	you don't get my point	19:19
zertyui	what i mean is :	19:19
jcole	pmatulis: and what about pam-auth-update clobbering my auth-client-configs	19:19
pmatulis	jcole: well, don't do that then	19:19
jcole	pmatulis: this is my auth client configs -> http://pastebin.com/X0D90cFr	19:20
zertyui	i simply need to grep two content like dev and postgresql when i do apt-cache search postgresql \|grep postgresql & dev	19:20
pmatulis	jcole: and?	19:20
jcole	pmatulis: those work fine, but pam-auth-update (which debian uses) clobbers my config	19:20
zertyui	how to do this ?	19:20
pmatulis	jcole: so don't use it	19:21
cjwatson	jcole: not my field, sorry	19:21
semiosis	zertyui: if you want to grep for 'a AND b', you can pipe from one grep to another... \| grep a \| grep b... will show lines containing both a AND b	19:22
jcole	pmatulis: how do i remove it?	19:23
semiosis	zertyui: if you want to grep for 'a OR b', you need to use the grep regexp for OR, which is vertical-bar \|, so it needs to be escaped so the shell doesnt interpret it as a pipe... grep a\\\\|b	19:23
pmatulis	jcole: the package?	19:23
zertyui	ok working	19:26
jcole	pmatulis: "apt-get remove --purge libpam-runtime" tries to remove "at* cron* gdm-guest-session* libpam-ck-connector* login* lsb-core* network-manager-pptp* network-manager-pptp-gnome* pppconfig* pppoeconf* pptp-linux* ubuntu-desktop* ubuntu-standard*"	19:26
zertyui	thanks semiosis	19:26
semiosis	yw	19:26
jcole	pmatulis: i have it disabled in debconf also	19:26
zul	SpamapS: can you put openvpn on your list to upstartify for natty+1	19:26
pmatulis	jcole: boy, how did you come up with that command?	19:27
jcole	pmatulis: dpkg -S /usr/sbin/pam-auth-update	19:27
pmatulis	jcole: did you install it manually?	19:27
SpamapS	zul: That one seems like it could be very tricky..	19:27
SpamapS	zul: not that its simple w/ sysvinit.. but there are a number of ways openvpn is used.	19:28
zul	SpamapS: yeah i looked at it before and shudder	19:28
pmatulis	jcole: why not just leave it alone?	19:28
zul	SpamapS: i was just looking at bugs and there are bugs like openvpn is started after x	19:28
zertyui	is it possible to pickup a command from history ?	19:29
jcole	pmatulis: my users are getting libpam-runtime installed by default and pam-auth-update is borking their pam configs which are suppoe	19:29
jcole	bleh	19:29
SpamapS	zul: right.. there's really no reason to delay openvpn after its networking is available. The issue is that it sometimes needs a particular interface.. so we may need to be very smart and try starting it multiple times.	19:30
pmatulis	jcole: so stop using the command. i don't get your problem really	19:30
zul	SpamapS: totally agreed	19:30
pmatulis	SpamapS: yes, like a bride, notably	19:30
pmatulis	heh	19:30
pmatulis	bridge	19:30
SpamapS	hahahaha	19:30
SpamapS	zul: do we have a server team idea pool yet?	19:31
jcole	pmatulis: im not using pam auth update it gets automatically ran when some libs are installed (like ldap, krb, etc.)	19:31
zul	SpamapS: nope afaik	19:31
jcole	libpam-runtimelibpam-runtime/overridebooleanfalse	19:32
jcole	pmatulis: that is the debconf value for disabling it ^^	19:32
pmatulis	jcole: that's weird - the interference, i've never seen it	19:33
SpamapS	pmatulis: meaning it creates a bridge, or needs a bridge before it starts? Therein lies the rub.. because its hard to know which.	19:33
jcole	pmatulis: tell you what, try this on your box: apt-get install krb5-config krb5-user ldap-utils libnss-db libnss-ldap libpam-ccreds libpam-krb5 libpam-ldap nss-updatedb	19:34
pmatulis	SpamapS: AFAIK, 'needs a bridge', but there is also the tap stuff that can screw things up	19:34
jcole	pmatulis: i support hardy on up, and some ubuntus dont have pam update, so you need a newer ubuntu	19:35
pmatulis	jcole: ah ok, "some ubuntus don't have pam update"	19:35
pmatulis	jcole: which release is borked?	19:36
jcole	pmatulis: now the problem is many of my users cant log into their boxen now	19:36
jcole	pmatulis: their pam config are all scerwed up	19:36
SpamapS	pmatulis: right, so I'm thinking we may need to really tightly integrate openvpn w/ upstart and run one upstart job per physical interface that comes up.	19:37
SpamapS	Which.. at that point, sounds like ifup-post.d	19:37
jcole	pmatulis: it looks like ldap/krb libs have config scripts for pam-auth-update so that must be why pam-auth-update is invoked	19:38
pmatulis	jcole: which release is borked?	19:38
jcole	pmatulis: i know at least lucid and maverick	19:38
pmatulis	jcole: er, these releases have both pam-auth-update and auth-client-config ?	19:39
SpamapS	hallyn_afk: ping re bug #574665	19:39
uvirtbot	Launchpad bug 574665 in qemu-kvm "kvm + virtio disk corrupts large volumes (>1TB)." [High,In progress] https://launchpad.net/bugs/574665	19:39
jcole	pmatulis: its not all my users... i think a pam-auth-update debconf box popped up for many of my users and they just hit enter or something	19:39
jcole	pmatulis: yes	19:40
pmatulis	jcole: best do a test yourself to make sure what the problem is	19:40
jcole	pmatulis: just install those packages above that i told you about and you will see pam-auth-update prompt to run	19:41
pmatulis	jcole: b/c such a thing would have caused an outrage. i've been using ldap and kerberos lately and it 'just works'	19:41
hallyn_afk	SpamapS: yes?	19:41
=== hallyn_afk is now known as hallyn
jcole	pmatulis: try to revert/remove it (-r) and see what happens	19:41
pmatulis	jcole: why do you say the prompt is due to pam-auth-update?	19:41
jcole	pmatulis: im thinking maybe because im disabling pam-auth-update in debconf ("libpam-runtime libpam-runtime/override boolean false") there is no "bare" pam config being generated	19:45
pmatulis	jcole: you did that before experiencing any grief?	19:46
jcole	pmatulis: so, running auth-client-config does create a "bare" config for my users.. now, if they reverted auth-client-config, there is no "bare" config to go back to because pam-auth-update never created one in the first place	19:46
jcole	pmatulis: try to revert you auth-client-config (-r) and then try to login locally	19:48
jcole	pmatulis: chance is, you dont have a bare pam config that will work	19:48
pmatulis	14:45 < jcole> pmatulis: im thinking maybe because im disabling pam-auth-update in debconf ("libpam-runtime libpam-runtime/override boolean false") there is no "bare" pam config Brumle	19:48
jcole	pmatulis: this is what i think the problem is	19:48
pmatulis	being generated c0nv1ct_	19:48
pmatulis	bleh	19:48
pmatulis	jcole: did you make the debconf change before things went pear-shaped?	19:49
jcole	pmatulis: there is a debconf prompt that asks you if you want pam-auth-update to manage you pam configs, setting that debconf value disables it	19:51
jcole	pmatulis: i am having auth-client-config manage my pam configs	19:51
pmatulis	jcole: well, like you hypothesize, it looks like these tools are inter-dependent	19:53
jcole	pmatulis: did you try to -r your auth-client-config and check if you can still login?	19:53
pmatulis	jcole: i'm not doing any tests right now	19:53
jcole	pmatulis: well, it seems i should use pam-auth-update to mange pam since all ubuntu/debian auth packages (ldap/krb/etc) now include configs for pam-auth-update	19:56
pmatulis	jcole: probably if you let the system do what it wants you should be good but that doesn't help you now does it?	19:56
jcole	pmatulis: i was using auth-client-update at first because the ubuntu wiki talks about it here -> https://wiki.ubuntu.com/AuthClientConfig	19:57
jcole	pmatulis: but, if its not the standard for ubuntu/debian packages then it doesnt make sense to use it anymore, especially after the issues im having	19:58
wwwd	Hey all! I used $useradd to create a user. When I try and log in I am getting a blank background with no control or desktop. The messages are: Could not update ICEauthority file /home/user/.ICEauthority, Ther is a problem with the configuration server (/usr/lib/libconf-2-4/config-sanity-check-2 exited with status 256). I have tried adding user to group and asigning privlidges. Any idea why this is happening?	19:58
wwwd	By the way I also tried using the GUI >admin>users and groups...same	19:59
pmatulis	jcole: btw, you should have confirmed the proper way and then force that on your clients. never let users configure that kind of stuff	19:59
jcole	pmatulis: i dont let my users configure there nss/pam	19:59
pmatulis	jcole: didn't you say that?	20:00
jcole	pmatulis: i have these configs that do it for them -> http://pastebin.com/X0D90cFr	20:00
jcole	their*	20:00
david5345	My Linux server clock is drifting too much. Both on 10.04 and 8.04 LTS I loose a lot of time. I found one server last week that lost 500 seconds in the space of 30 days. Why are my Ubuntu boxes having such a hard time keeping the time ?	20:00
pmatulis	14:39 < jcole> pmatulis: its not all my users... i think a pam-auth-update debconf box popped up for many of my users and they just hit enter or something	20:00
jcole	pmatulis: right	20:01
pmatulis	jcole: well, that's what should be avoided	20:01
jcole	pmatulis: i cant remove the package that has pam-auth-update	20:02
jcole	pmatulis: if i could, i would add a "conflicts" for it to my control file	20:02
pmatulis	jcole: how/why did such a thing run for them?	20:03
jcole	pmatulis: like i told you above, its after installing the krb/ldap libs	20:03
jcole	pmatulis: ubuntu/debian krb/ldap libs have configs included in them by default for pam-auth-update, so pam-auth-update prompts to run	20:04
pmatulis	jcole: right, so they should never install such packages	20:04
jcole	pmatulis: what?	20:05
SpamapS	hallyn: so, that package hasn't been uploaded to lucid-proposed yet, has it?	20:05
jcole	pmatulis: i want to enable ldap logins, so i need the ldap libs	20:05
pmatulis	jcole: it sounds like you're migrating existing systems so you should get into a management tool (puppet) or create a custom package that automates things	20:06
jcole	pmatulis: what is the alternate package for libpam-ldap that does not include pam-auth-update configs?	20:06
jcole	pmatulis: or libpam-krb?	20:06
jcole	pmatulis: is that on the ubuntu wiki/docs somewhere for managing logins?	20:08
kirkland	Daviey: zul: not much activity in #cobbler-devel, huh?	20:10
pmatulis	jcole: there are no alternate packages like that	20:10
zul	kirkland: more activity on the cobbler ml	20:11
kirkland	zul: i see	20:12
jcole	pmatulis: you suggested me not to install those libs so my users wouldnt get that prompt	20:12
jcole	pmatulis: those are the libs that enable ldap/krb in pam	20:12
pmatulis	jcole: you deliver them in another way i meant	20:13
jcole	pmatulis: apt-get install ?	20:13
pmatulis	jcole: no	20:13
hallyn	SpamapS: should'nt have been	20:13
hallyn	SpamapS: i don't know if it has been today, but don't think so	20:13
pmatulis	jcole: i gave you 2 ideas above	20:13
SpamapS	hallyn: I'm asking because verification-* usually has special meaning regarding testing the packages in -proposed	20:15
jcole	pmatulis: what im doing is very simple, manage nss/pam with a config file for auth-client-config, that's it	20:15
hallyn	SpamapS: then I goofed	20:15
pmatulis	jcole: how did modify debconf for these packages?	20:15
hallyn	SpamapS: i thought verification-needed/done were with respect to SRU process before going into -proposed	20:16
hallyn	SpamapS: pls to remove that tag :)	20:16
SpamapS	hallyn: ok, well it sounds like its ready for upload to -proposed. You have per-package upload on it right?	20:16
pmatulis	jcole: pam, ldap, kerberos is not simple i'm afraid. especially when end users are doing the configuring	20:16
* hallyn tilts his head		20:17
jcole	pmatulis: in my package, i have depends on those krb/ldap libs above, an auth-client-config file and a debconf value that tells pam-auth-update "No" for managing pam	20:17
pmatulis	jcole: ah, so you have a custom package then	20:17
SpamapS	hallyn: ok so you should upload your package to lucid-proposed then and ask Richard to test again if he can from -proposed. ;)	20:17
hallyn	sigh, what's the bug# again. this thing doesn't color usermsgs on playback	20:17
jcole	pmatulis: the problem is not with the krb or ldap config files themselves	20:18
SpamapS	bug #574665	20:18
uvirtbot	Launchpad bug 574665 in qemu-kvm "kvm + virtio disk corrupts large volumes (>1TB)." [High,In progress] https://launchpad.net/bugs/574665	20:18
hallyn	ah there it is	20:18
hallyn	thanks :)	20:18
SpamapS	hallyn: np. :)	20:18
hallyn	SpamapS: will do	20:18
hallyn	takes my mind off of the painful multiple-patch backport iw as trying to do	20:18
jcole	pmatulis: the problem is with the tools that are managing pam configurations	20:18
hallyn	also for lucid libvirt	20:19
pmatulis	jcole: did you roll out any clients with your package before users got involved?	20:19
jcole	pmatulis: you are telling me now to write a puppet system for managing pam configs instead of pam-auth-update or auth-client-config	20:20
pmatulis	jcole: no, it's just an idea that's related	20:20
pmatulis	jcole: i believe custom packages is the best solution for existing systems	20:21
hallyn	zul: is https://launchpadlibrarian.net/68220165/buildlog_ubuntu-natty-armel.lxc_0.7.4-0ubuntu4_FAILEDTOBUILD.txt.gz something you've seen before?	20:22
jcole	pmatulis: are you saying to create my own pam management system?	20:23
zul	hallyn: yep	20:23
pmatulis	jcole: no, AFAICT, you have modified packages that you're having users run. that seems the best way	20:23
hallyn	zul: is it a transient error? or a bug in the packaging?	20:24
jcole	pmatulis: im not modifying any packages	20:24
zul	hallyn: no i think its autoconf not recognizing arm ill look at it	20:24
jcole	pmatulis: i have a simple package that depends on those krb/ldap libs above, an auth-client-config file and a debconf value that tells pam-auth-update "No" for managing pam	20:24
hallyn	zul: thanks!	20:25
jcole	pmatulis: i could even put that in a shell script in 3 lines	20:25
jcole	pmatulis: its not complicated	20:25
pmatulis	jcole: fine, fine. did you test it?	20:25
hallyn	SpamapS: oh maste,r what do you recommend? Merging the bzr tree, or dputing a source package, for lucid-proposed?	20:26
jcole	pmatulis: yes, applying the auth-client-config works	20:26
jcole	pmatulis: it works perfectly	20:26
pmatulis	jcole: so, how does it go pear-shaped?	20:27
jcole	pmatulis: reverting the auth-client-config	20:27
pmatulis	jcole: why revert then?	20:27
Daviey	kirkland, seems not	20:27
SpamapS	hallyn: whatever results in the exact same package as your PPA had being uploaded. :)	20:28
SpamapS	hallyn: IMO, dput is probably simpler.. but merging should result in the same thing.	20:28
Daviey	kirkland, seems you and zul are most active :)	20:28
hallyn	SpamapS: all right i'll give UDD a sporting chance	20:29
jcole	pmatulis: many reasons, because some users want to remove the package or they dont want ldap logins, etc.	20:29
pmatulis	jcole: ah!	20:29
jcole	pmatulis: i think the reverted configuration is not bare enough to even allow local logins	20:29
jcole	pmatulis: sine pam-auth-update never runs	20:30
jcole	since*	20:30
jcole	pmatulis: so, im wondering if the recommended way on ubuntu is to use both pam-auth-update and auth-client-config	20:30
soren	ScottK: Wicked, thanks.	20:30
pmatulis	jcole: in my travels i have never seen the need to disable anything using debconfg	20:32
pmatulis	jcole: so i guess the answer to your wondering is 'yes'	20:33
jcole	pmatulis: youve never seen seeded debconf to configure/disable applications?	20:34
jcole	pmatulis: you can either do it manually with dpkg-reconfigure or with debconf-set-selections or a preseed file in a package	20:35
pmatulis	jcole: i meant in ldap/krb situation	20:38
jcole	pmatulis: dpkg-reconfigure krb5-config	20:38
pmatulis	jcole: "in my travels i have never seen the need to disable anything using debconf when using ldap/krb"	20:39
jcole	pmatulis: if pam-auth-update uses that debconf value to determine if it should manage pam configs or not, then how else should i tell pam-auth-update to not manage pam configs besides updating that debconf value?	20:42
jcole	pmatulis: thanks for the food for thought... im going to use a hybrid method	20:43
pmatulis	jcole: that's the thing, you don't tell it not to manage pam	20:44
pmatulis	jcole: basically i see your issue an 'overengineered problem'	20:45
jcole	pmatulis: how do you suggest to manage pam configs?	20:46
kirkland	Daviey: heh	20:47
jcole	pmatulis: i hardly see an auth-client-update config file or an pam-auth-update config file as "over-engineering"	20:48
RoAkSoAx	kirkland: so It seems that once I finish patching koan to install Ubuntu KVM's, using the NQA pressed is going to be trivial	20:48
kirkland	Daviey: I'd rather just talk to zul in #ubuntu-server then :-)	20:48
kirkland	RoAkSoAx: neat	20:49
adam_g_	hi--does anyone know if there has been any progress or news regarding this issue, other than what is on the ticket? https://bugs.launchpad.net/ubuntu/+source/linux/+bug/666211 -- ive been running into the same issue between different filesystems and block device flavors repeadetly over the last 1.5 weeks on ec2	20:49
uvirtbot	Launchpad bug 666211 in linux "maverick on ec2 64bit ext4 deadlock" [High,Confirmed]	20:49
pmatulis	jcole: over-engineering by disabling stuff. you don't need to do that	20:55
pmatulis	jcole: and as you see, it messes things up	20:55
smoser	adam_g_, i think, unfortunately, the bug has the right status	20:57
smoser	i do not htink that smb has been able to make any progress on it.	20:57
smoser	but having an easy recreate would be helpful	20:58
jcole	pmatulis: disabling pam-auth-update and using auth-client-config, is like disabling exim so you can use postfix	20:59
adam_g_	smoser: i wouldn't say i can reliably reproduce on-demand, but i come across it frequently enough.	20:59
pmatulis	jcole: that's your assumption. it may not be correct. and like i said, i never needed to do such a thing and i never had such a problem	21:14
io_error	Hello! I am about to install 10.04 LTS on a private KVM virtual machine. Should I: "Install Ubuntu Server" or "Install Ubuntu Enterprise Cloud"? What's the difference?	21:32
lenios	io_error, you should install server	21:33
io_error	lenios: Thanks. But what's the difference?	21:34
io_error	The website is so full of marketing buzzspeak that I can't tell what's really going on	21:34
RoAkSoAx	io_error: it says it there "Ubuntu Enterprise Cloud"	21:35
RoAkSoAx	io_error: Install Ubuntu Server installs only the server compoennets	21:35
lenios	if you want to create your cloud using ubuntu, you'll use "install ubuntu enterprise cloud"	21:35
RoAkSoAx	to run whatever you want	21:35
io_error	lenios: OK, so it installs the tools you would build a private cloud with?	21:35
RoAkSoAx	while the other than installs a server, but with the software package for Eucalyptus based Cloud	21:35
lenios	yes	21:35
io_error	RoAkSoAx, lenios: Ah, now I get it. Thanks :) Not building any private clouds today...	21:36
io_error	Just want a local build environment so I don't have to pay for a bunch of extra EC2 instances :)	21:37
kirkland	RoAkSoAx: i just uploaded another cobbler fix	21:51
kirkland	RoAkSoAx: you want to put together an upload with an nqa preseed?	21:52
=== carcinogen75 is now known as zz_carcinogen75
ghostrocket	hi all - when i run a full-upgrade on my ubuntu ami box, is that the equivalent of using the latest daily build?	22:33
=== a7ndrew_ is now known as a7ndrew
RoAkSoAx	hallyn: ping?	22:58
hallyn	RoAkSoAx: yeah?	22:58
RoAkSoAx	hallyn: howdy! I was wondering if you know how does libvirt treat ubuntu distros?	22:58
RoAkSoAx	hallyn: cause I'm working on cobbler, and it throws this: virtinst library does not understand variant natty, treating as generic	22:59
hallyn	virtinst != libvirt	23:00
hallyn	isn't it part of virt-tools?	23:00
hallyn	mdeslaur does more with that than I do (and much appreciated by me, too)	23:00
RoAkSoAx	argh right, just noticed :)	23:01
RoAkSoAx	hallyn: alright, I'll nag him	23:01
RoAkSoAx	thanks :)	23:01
uvirtbot	New bug: #750786 in samba (main) "nmbd job fails to start on boot" [Undecided,New] https://launchpad.net/bugs/750786	23:01
shaiguit1r	Hey, I read https://help.ubuntu.com/10.04/serverguide/C/postfix.html but I'm a bit stuck when I telnet to port 25 (postfix master running there) it hangs on CLOSED tcp	23:10
raphink_	shaiguit1r: is postfix running?	23:11
shaiguit1r	CLOSE_WAIT that is	23:11
shaiguit1r	raphink_: yeah	23:11
raphink_	ps axuww \| grep postfix	23:11
shaiguit1r	shai@Ubuntu-1004-lucid-32-minimal ~ $ sudo lsof -i:25	23:12
shaiguit1r	COMMAND PID USER FD TYPE DEVICE SIZE/OFF NODE NAME	23:12
shaiguit1r	master 14056 root 12u IPv4 331903 0t0 TCP *:smtp (LISTEN)	23:12
shaiguit1r	master 14056 root 13u IPv6 331905 0t0 TCP *:smtp (LISTEN)	23:12
shaiguit1r	ai@Ubuntu-1004-lucid-32-minimal ~ $ ps axuww \| grep postfix	23:12
shaiguit1r	root 14056 0.0 0.1 5812 1792 ? Ss Apr04 0:00 /usr/lib/postfix/master	23:12
shaiguit1r	postfix 14360 0.0 0.1 5828 1692 ? S 00:07 0:00 pickup -l -t fifo -u -c	23:12
shaiguit1r	postfix 14361 0.0 0.1 5872 1720 ? S 00:07 0:00 qmgr -l -t fifo -u	23:12
shaiguit1r	postfix 14376 0.0 0.1 5824 1708 ? S 00:08 0:00 proxymap -t unix -u	23:12
raphink_	do you have a local firewall?	23:12
shaiguit1r	hmm yes	23:12
raphink_	sudo iptables -L	23:13
shaiguit1r	That might be crapping things, but TBH I'm pretty n00b with iptables, so not sure	23:13
shaiguit1r	sec	23:13
shaiguit1r	ta!	23:13
shaiguit1r	raphink_: http://pastie.org/pastes/1756312/text?key=mpwx9lk5fcuxpqmrmtoya	23:13
shaiguit1r	line 8 has smtp	23:14
shaiguit1r	open	23:14
shaiguit1r	If I got it right :P	23:14
raphink_	looks good to me	23:15
shaiguit1r	Hmm, OK	23:15
raphink_	what do you see in /var/log/mail.log when you try to telnet localhost 25 ?	23:15
raphink_	you're supposed to see something like	23:15
raphink_	Apr 5 00:14:48 jonah postfix/smtpd[18408]: connect from localhost.localdomain[127.0.0.1]	23:15
raphink_	Apr 5 00:14:53 jonah postfix/smtpd[18408]: disconnect from localhost.localdomain[127.0.0.1]	23:15
shaiguit1r	oh wow that's lame	23:16
shaiguit1r	http://pastie.org/private/mpwx9lk5fcuxpqmrmtoya	23:16
shaiguit1r	raphink_: ^	23:16
raphink_	hehe	23:17
shaiguit1r	Sorry I'm pretty new at this	23:17
patdk-lap	yep, if there is any config issue, smtpd wil lbomb	23:17
raphink_	the fatal lines don't look too good ;-)	23:17
shaiguit1r	that's weird though, I followed:	23:17
shaiguit1r	https://help.ubuntu.com/10.04/serverguide/C/postfix.html	23:17
shaiguit1r	on 10.04 ubuntu	23:17
raphink_	let's see, you're missing aliases.db	23:17
shaiguit1r	there's no mention of /etc/aliases.db	23:17
raphink_	try	23:17
raphink_	sudo touch /etc/aliases	23:18
raphink_	sudo newaliases	23:18
patdk-lap	aliases comes in by default	23:18
patdk-lap	normally setup by the installer	23:18
shaiguit1r	root@Ubuntu-1004-lucid-32-minimal ~ # ls /etc/aliases.db	23:18
shaiguit1r	ls: cannot access /etc/aliases.db: No such file or directory	23:18
shaiguit1r	root@Ubuntu-1004-lucid-32-minimal ~ # ls /etc/aliases	23:18
shaiguit1r	/etc/aliases	23:18
shaiguit1r	root@Ubuntu-1004-lucid-32-minimal ~ # cat /etc/aliases	23:18
shaiguit1r	# See man 5 aliases for format	23:18
shaiguit1r	postmaster: root	23:18
raphink_	sudo service postfix restart	23:18
raphink_	then you're just missing "sudo newaliases" shaiguit1r	23:18
shaiguit1r	sudo touch /etc/aliases && sudo newaliases && sudo service postfix restart	23:18
shaiguit1r	?	23:19
raphink_	yes	23:19
raphink_	the touch is not necessary since you already have the file	23:19
shaiguit1r	root@Ubuntu-1004-lucid-32-minimal ~ # sudo newaliases	23:19
shaiguit1r	postalias: fatal: open database /etc/aliases.db: Permission denied	23:19
shaiguit1r	Need to touch the db file first?	23:20
raphink_	huhu	23:20
raphink_	is your filesystem OK ? ;-)	23:20
shaiguit1r	oh dont' get me worried :)	23:20
patdk-lap	newalias doesn't careabout timestamps	23:21
patdk-lap	it updates it, no matter what	23:21
* shaiguit1r straces it		23:21
red2kic	I have a question about whois.net -- Am I allowed to contact the owner? I hate lawyer jargons.	23:21
raphink_	patdk-lap: I had recommended the touch in case the file didn't exist, not because of the timestamp	23:21
patdk-lap	I know	23:21
patdk-lap	but he seems to be stuck on timestamps	23:22
shaiguit1r	hmm, weird!	23:22
shaiguit1r	even after touching the file, it doesn't open it, and I'm root.	23:22
raphink_	red2kic: the owner of whois.net ? or the owner of a domain?	23:22
red2kic	raphink_: The owner of a domain name.	23:23
raphink_	red2kic: if you've got the address, what prevents you from writing to someone?	23:23
raphink_	shaiguit1r: did you check that your partition is not mounted read-only?	23:23
red2kic	raphink_: I pretty much have little next to zero experiences with websites.	23:24
patdk-lap	people call me from my whois info all the time	23:25
patdk-lap	the usa spammer that did it, has moved to china though	23:26
shaiguit1r	raphink_: I can touch and rm the file, so I doubt it.	23:26
raphink_	by the way red2kic, there's a `whois` command that does the same as whois.net	23:26
raphink_	shaiguit1r: do you have selinux set up on this box?	23:27
shaiguit1r	root@Ubuntu-1004-lucid-32-minimal ~ # touch /etc/aliases.db && rm /etc/aliases.db && echo $?	23:27
shaiguit1r	0	23:27
shaiguit1r	nope, don't think so	23:27
red2kic	raphink_: Ah. That's a cool command!	23:27
raphink_	shaiguit1r: you could still check	23:28
raphink_	ps axZ \| grep postfix	23:28
raphink_	to see if it's confined	23:28
shaiguit1r	bah!	23:28
shaiguit1r	raphink_: my bad, /etc/aliases was owned by www-data!	23:28
shaiguit1r	for some reason	23:28
shaiguit1r	say, all of /etc/ should be owned by root, is that correct?	23:28
raphink_	that shouldn't prevent root from writing to /etc/aliases.db	23:29
shaiguit1r	newaliases just worked	23:29
shaiguit1r	it did	23:29
raphink_	really	23:29
shaiguit1r	-rw-r--r-- 1 www-data www-data 51 2011-04-05 00:19 /etc/aliases	23:29
shaiguit1r	other doesn't have w	23:29
shaiguit1r	but yeah,that's weird.	23:29
raphink_	that said, it's a better idea to give /etc/aliases to root than www-data ;-)	23:29
shaiguit1r	:)	23:29
shaiguit1r	right	23:29
raphink_	given your system conffiles to apache's user is usually a bad idea for other reasons ;-)	23:29
shaiguit1r	thanks. So all of /etc/ can safely be moved to root right?	23:30
raphink_	let's see	23:30
raphink_	in general, yes, but not always	23:30
raphink_	sudo find /etc/ -not -user root -exec ls -l {} \;	23:30
raphink_	I've got a few files that don't belong to root	23:30
shaiguit1r	which pacakges?	23:31
raphink_	openfire configurations for example	23:31
raphink_	but that's not standard confs	23:31
raphink_	in general, everything belongs to root there	23:31
shauno	I've only got one, bind/rndc.key is bind:bind. a fair few which aren't root's group tho	23:31
shaiguit1r	oh which?	23:31
shaiguit1r	ah for DNS	23:32
shaiguit1r	nothing else?	23:32
raphink_	sudo find /etc/ -not -user root -exec ls -l {} \;	23:33
raphink_	will list the files that don't belong to root	23:33
shauno	http://paste.ubuntu.com/589454/ that's a fairly boring box, mail & dns. group ownerships seem to be used in a fair few places tho	23:37
shauno	root:root is a sane plan if your ownerships are seriously messed up, but there will be cleaning up to do	23:37
shauno	(enough cleaning up that it wouldn't be my Plan A)	23:37
patdk-lap	heh, my list of not root is much much larger	23:41
patdk-lap	and my system isn't screwed up :)	23:41
shaiguit1r	heh	23:42
shaiguit1r	I did that chown to www-data in the past, it was my bad.	23:42
patdk-lap	couchdb, quagga, ssl, shadow, cups, backuppc, munin	23:42
patdk-lap	seems to be the big offenders	23:43
shaiguit1r	chowne dit back to root, we'll work our way through problems next up.	23:43
shaiguit1r	OK, so the postfix works great, thanks for the help!	23:44
shaiguit1r	Great community.	23:44
shaiguit1r	ta.	23:44
=== dendrobates is now known as dendro-afk

Generated by irclog2html.py 2.7 by Marius Gedminas - find it at mg.pov.lt!