qman__actually you can00:32
qman__with rate limiting in iptables00:32
parkdriverqman__:  Thanks, that was what I was looking for: rate limiting.00:38
qman__parkdriver, pretty sure UFW has this built in now00:39
qman__something like sudo ufw allow ssh limit00:39
qman__you'd have to RTFM to verify00:39
parkdriverOh, that's great.00:39
parkdriverI'll Read The Fine Manual :)00:40
qman__glad to help :)00:40
SpamapSparkdriver: you may also want to look into denyhosts01:11
SpamapSparkdriver: it has a giant list of known bad hosts that have tried too many times on other servers.01:12
parkdriverSpamapS: Is that list already included with Ubuntu?01:12
SpamapSparkdriver: its in universe01:12
SpamapSparkdriver: its one of the first things I install on any box I need to open up ssh to the world on. ;)01:13
parkdriverI've the feeling that I still have to do that and that my ISP delivered a quite open Ubuntu box01:14
parkdriverSpamapS: you only open up ssh to certain IP's?01:14
SpamapSparkdriver: if I can live with that sort of config, yes01:14
SpamapSparkdriver: I always have one or two machines out there that I can ssh to from anywhere that become my "bounce" hosts.01:15
SpamapSparkdriver: running sshd on another port also helps.01:15
parkdriverSpamapS: Yes, I was planning on something obscure like port 39327.01:15
parkdriverSpamapS: I don't have the luxery of multiple boxes that I can SSH through so I've got to be careful.01:16
parkdriverSpamapS: Don't want to end up locking myself out.01:16
parkdriverSpamapS: Is an Ubuntu Server installation open to everything by default?01:19
SpamapSparkdriver: yes, denyhosts has locked one of my users out because he was on a public wifi in .nl that had been used to hack before. ;)01:19
parkdriverSpamapS: With other words: is an unconfigured Ubuntu Server vulnearble?01:20
SpamapSparkdriver: no, ubuntu server by default has only avahi open. OpenSSH server is an optional package.01:20
SpamapSparkdriver: another good option is to always have SSH keys with you, and turn off password auth01:20
parkdriverSpamapS: Yeah, good one.01:21
parkdriverSpamapS: I just scanned the newly installed host and it says hundreds ports are open01:22
SpamapSparkdriver: you must have added services then01:22
parkdriverSpamapS: I guess that only is a potential risk when there's a service running..01:22
SpamapSparkdriver: did you pick things like "LAMP server" ?01:22
parkdriverSpamapS: Well, no. Only openssh-server and htop.01:22
SpamapSparkdriver: sudo netstat -tnlp will show you all listening TCP ports and programs listening on them01:23
parkdriverSpamapS: No, it's a clean install. No out of the box services except for openssh-server.01:23
SpamapSI doubt that01:23
parkdriverSpamapS: Just ran the command and it only returns 'sshd'01:24
SpamapSthen you either a) are mistaken with your scan, or b) are rooted, and the rootkit is hiding all of the services running.01:24
parkdriverSpamapS: Discovered open port 49101/tcp on x.x.x.x01:24
parkdriverSpamapS: That's what zenmap (nmap gui) says to me.01:25
parkdriverSpamapS: I guess the port is 'open' but there's nothing listening on the port..01:25
SpamapSparkdriver: another possibility is your ISP is running a tarpitting firewall that shows open ports but responds VERY SLOWLY to slow down port scanners.01:25
parkdriverSpamapS: I'm probably mis interpreting the output of zenmap.01:25
SpamapSparkdriver: yeah. ;)01:26
jjohansenhggdh: any news?01:26
SpamapSanyway, I'm off. Good luck!01:26
parkdriverSpamapS: Then my ISP is doing a good job. Scanning takes ages to complete.01:26
parkdriverSpamapS: Thanks for the help. Bye!01:26
hggdhjjohansen: no, hallyn was going to have a go there this evening01:26
jjohansenhggdh: I haven't been able to reproduce locally01:27
jjohansenwell at least not that bug, I have plenty of other bugs popping up01:27
jjohansenhggdh: it may also be worth trying the oneric kernel01:29
=== dendro-afk is now known as dendrobates
bastidrazorApr  5 20:43:44 servitude unbound: [11904:0] notice: quit on signal, no cleanup and statistics, because installed libevent version is not threadsafe01:44
bastidrazorlaunchpad reports there was a fix but i'm still getting this.01:44
madteckheadHey, just setting up my first ec2 server to serve django and wondering what a good base AMI is? Should I use amazon's AMI or the Ubuntu Canonical ones?01:47
madteckheadany advice much appreciated.01:47
hggdhjjohansen: where can I find the oneric kernel? the ppa?01:52
jjohansenhggdh: hrmm, I don't its been pushed to a ppa yet, I can build one for you01:54
jjohansenhggdh: but the other tests take priority, the oneric kernel is 2.6.39 so it just gives us another point on the kernel time line to look for patches01:55
hggdhjjohansen: OK. Let's see what hallyn comes up with, then01:57
=== dendrobates is now known as dendro-afk
=== dendro-afk is now known as dendrobates
=== Bilge_ is now known as Bilge
=== Nigel_ is now known as G
=== gtaylor2 is now known as gtaylor
=== txwikinger2 is now known as txwikinger
=== mquin_ is now known as mquin
=== michael is now known as Guest82126
uvirtbot`New bug: #752172 in logwatch (main) "Ubutu-specific afpd configuration missing" [Undecided,New] https://launchpad.net/bugs/75217204:56
ruben23hi guys i change a username passwor don my ubuntu server but when i reboot i cant access the new password any help, im lockdonw05:07
ruben23lockdown i mean05:07
woonixFrom the Grub bootloader, select the (recovery mode) option05:09
woonixthen you will be able to change the password and reboot05:10
=== michael is now known as Guest42034
=== FireCrotch is now known as nickmoeck
Kartagiscan you help me with http://pastebin.com/6u4hDr2G please?07:42
=== dendrobates is now known as dendro-afk
jmarsdenKartagis: I am about to go to bed, but that really looks like a file or directory permissions issue, so check perms on each directory /var/mail/vhosts/bilgisayarciniz.org/ allow directory traversal by the user concerned and check permissions on the /var/mail/vhosts/bilgisayarciniz.org/bilgi file itself also, if it exists.08:21
skyhello all....which config file i have looking for to trace a connecting over ldap on port 389 to an AD MS server unbuntu 10.04 LTS08:27
skyi mean log file08:28
MetaJakemight anyone suggest some web-server alternatives to apache?08:33
joschiMetaJake: nginx and lighttpd are rather popular08:34
KartagisMetaJake: tomcat, nginx, lightppd08:34
joschiMetaJake: what's your usecase?08:34
MetaJakejoschi, sorry what is usecase? My situation? Just some static html and css. Down the road maybe some dynamic content with python + mysql.08:36
MetaJakekartahgis, I see. thank you08:36
MetaJakekartagis * ^08:37
KartagisMetaJake: why not use apache?08:39
MetaJakekartagis, apache is what I started with. I am new to linux web-servers in general and I wonder what options are out there, and how their capabilities compare to Apache.08:40
twbMetaJake: http://en.wikipedia.org/wiki/Comparison_of_http_servers08:55
twbMetaJake: key questions are: do you need PHP?  SSI?  CGI?  Authentication?  vhosts?08:55
twbA naïve HTTP server can be implemented in a dozen lines of sh.08:56
twbAfter apache, lighttpd and nginx are perhaps the most popular.08:56
MetaJaketwb I see thank you. What do you mean by sh?08:57
MetaJake(dozen lines of SH)08:57
twbMetaJake: /bin/sh09:13
MetaJaketwb, I see09:14
twbFor just serving files out to anonymous clients, I use thttpd or (internally) busybox httpd09:15
=== doko_ is now known as doko
uvirtbot`New bug: #752361 in cloud-init (main) "grub prompts for install device on upgrade" [High,New] https://launchpad.net/bugs/75236111:26
wokhey guys. ive created a ubuntu instance on ec2 using an official conanical image. how do i enable ssh on there without any current access?11:40
Davieywok, ssh should already be enabled... what you may find is that you need to modify your security group to all access on port 22... This is an aws issue12:13
wokDaviey: sorry, yea, id mistyped the port in the group :p12:19
wokthanks anyhow :)12:19
uvirtbot`New bug: #752429 in drbd8 (main) "drbd8-utils dependancy on drbd8-source can't work with maverick & natty kernel backports" [Undecided,New] https://launchpad.net/bugs/75242912:56
=== masACC is now known as maswan
=== maxb_ is now known as maxb
=== dendro-afk is now known as dendrobates
uvirtbot`New bug: #752487 in php5 (main) "Segmentation Fault in libapache2-mod-php5    5.3.2-1ubuntu4.7" [Undecided,New] https://launchpad.net/bugs/75248714:06
=== uvirtbot` is now known as uvirtbot
RoAkSoAxmorning all14:09
pmatulis_why do bots get a backtick?14:18
Kartagisif I want to deliver to ~/Maildir rather than /var/mail/%u, should I edit dovecot.conf namespace private location?14:26
jpdspmatulis_: I think that's the supybot default for alternative nicks (nice tail by the way)14:32
kruxKartagis, if you'r using namespace private { you can use location << yes..14:43
phoenixsampraswhen i do upgrade from 10.04 to 10.10, how can i keep using grub1?? i dont want grub214:43
SharkOn hey im trying to conf one of my pages to run apache on port 88, i have added NameVirtualhost *.88 and listen 88 to ports.conf, and my page is using virtualhost *:88 in sites-enabled, i have also opened port 88, but still not working, does anyone know if i have forgot smoething?15:04
semiosisSharkOn: service apache reload ?15:05
SharkOni do that after every conf :)15:05
SharkOnooh, now it suddenly works15:07
SharkOnthanks anyway15:07
SharkOnservice apache 2 reload = /etc/.init.d/apache restart15:07
SharkOni did the second one always, now i tried the first one and it seems to work15:08
pmatulis_jpds: hm, not sure why i have a tail in this channel and not in others15:08
semiosisno, reload != restart15:08
SharkOnbut a restart reloads the conf?15:08
semiosisreload causes apache to reread its configs but the process never goes away... restart quits & re-starts, which of course also rereads configs at startup like always15:08
chrismatIs it possible to use system tap on 10.04?15:09
chrismatI need to trace down a source of latency in our file server15:09
SharkOnsemiosis: ok thats what i thought, strange that it works now then, but good :D15:09
semiosisSharkOn: but usually "service xxx command" is the same as "/etc/init.d/xxx command", except when its not15:09
SharkOnokey :)15:10
semiosisSharkOn: (such as with upstart jobs)15:10
SharkOnwhen i have a page on some other port then 80, is it possible for someone to know which port it is, cuz now i write say www.mydomain.com:8815:11
SharkOnis it possible for someone to find out its 88 for that page ?15:11
semiosiswell if you tell them the url, the port is clearly right there15:11
SharkOnhow to c that if i have ServerSignature Off on apache?15:12
SharkOnjust asking, fun to know15:12
semiosisif you mean can people discover it without being told, yes they can do a port scan such as with nmap15:12
SharkOnooh i forgot about nmaping :)15:13
semiosisSharkOn: if you wanted to hide your web server even from a port scan, one way to do that is with a technique called "port knocking" which is very well explained here http://en.wikipedia.org/wiki/Port_knocking15:15
SharkOnah okey didnt knew about that, i dont want to do that for now, but good to know so i will read about that , thanks :)15:16
semiosishave fun!15:16
robosHi: So I'm about to inherit a bunch of ubuntu machines, so it's pretty new to me. What is the general thought of compiling vs. packages on ubuntu?15:18
semiosisuse packages and apt-get on with your life ;)15:18
semiosisthat's my general thought anyway15:18
robossemiosis, will things break if I mix the two?15:19
robosFor example, with rhel you always want to use RPMs because that's how all system updates and etc. are handled15:20
robosso to avoid duplicate packages and making a mess of the system it's best to only use RPMs. Not sure if it's the same with ubuntu or not15:20
semiosisrobos: you'll probably want to stay on that track.  ubuntu, being a derivative of debian, has a very large "universe" of packages it draws from15:21
semiosisrobos: many more than you're used to coming from RPM-based distros15:21
semiosisrobos: you can search for packages here http://packages.ubuntu.com/ and on a running ubuntu you can use the very nice package manager 'aptitude' to search/install/remove/etc packages15:22
semiosisrobos: aptitude isnt the only way, but it's a good place to start15:22
robosdoes ubuntu use dpkg for system updates?15:23
semiosisrobos: i assume you're using CLI, since we're in #ubuntu-server, but if you were using the GUI there's nice graphical package managers as well15:23
robosyeah, all CLI15:23
semiosisrobos: dpkg is the "back end" that does the heavy lifting, but you'll usually interact with higher-level utilities like apt-get & aptitude15:24
robosbut are all system updates handled through the package manager?15:24
semiosisrobos: what else would manage system updates?15:25
robossemiosis, well, i guess it could compile certain updates?15:26
RoAkSoAxkirkland: Howdy!! Where you able to test the NQA qith cobbler/koan?15:26
semiosisrobos: i suppose that's an option at your disposal, but usually (by default) everything is done through packages15:27
kirklandRoAkSoAx: I haven't, sorry15:27
semiosisrobos: it's anyone's guess what's going on in those systems you're inheriting though15:27
kirklandRoAkSoAx: in a virtual-sprint today15:27
roboscool. Okay, another question... say I download apache/httpd using apt-get/aptitude or whatever and it's managed through the package manager. Who's responsible for updating that software package (in this case apache httpd.)  Is Ubuntu or someone else?15:28
RoAkSoAxkirkland: no worries :)15:28
semiosisrobos: the apache developers write the code, of course.  then the debian developers & maintainers package it up, then the ubuntu developers & maintainers import (and possibly modify) the debian package and it gets distributed through the Universe respository15:30
RoAkSoAxkirkland: when you have the time you can test it so that you cna review the patch for virtinst of bug #751979 and sponsor it15:30
uvirtbotLaunchpad bug 751979 in virtinst "virt-install fails to install Ubuntu ISO when it is located in an HTTP location" [Medium,Confirmed] https://launchpad.net/bugs/75197915:30
semiosisrobos: that's the gist of it15:30
robosokay. Will the debian developers include any features in that update or do they only include bug fixes?15:31
robosFor example, rhel will "backport" only bug fixes.. they will not include any new features for stability purposes. I was wondering if ubuntu did the same15:31
RoAkSoAxrobos: yes we do. we call it SRU15:32
robosSRU.. sweet. I'll google and see how all that works15:33
semiosisrobos: well there are source code versions, debian package revisions, ubuntu package revisions, ubuntu distribution releases (lucid, maverick, etc)... so it really depends on the details of the package & versions you're talking about15:33
semiosisrobos: ubuntu distribution releases come every 6 months, which is usually when new features come out, updates within a single release are usually bug-fix.15:36
* semiosis feels like he's writing a wikipedia article here...15:36
semiosisrobos: actually, thats a great place to start: http://en.wikipedia.org/wiki/Ubuntu_(operating_system)15:36
robosIs there a list of packages that ubuntu uses SRU releases for?15:39
robosI'm assuming ubuntu does SRU releases for apache/httpd?15:42
semiosisrobos: https://wiki.ubuntu.com/StableReleaseUpdates sounds to me like it applies to all packages.. RoAkSoAx can you confirm?  is it just Universe, also Multiverse...?15:44
=== dendrobates is now known as dendro-afk
semiosisrobos: btw, Universe is the core package respository where all the main packages live (including apache of course).  Other repositories are Multiverse, Partner, and then there are Personal Package Archives (PPAs) which anyone can publish and anyone else can subscribe to15:45
robosah, gotcha15:46
robosso if you're running a production server you want to stick with Universe15:46
semiosisrobos: yeah, unless a package you need is in Multiverse, or not in either (I for example set up a PPA because I needed a package not in ubuntu at all)15:47
robosso I suppose, let's say httpd comes out with a new version. Ubuntu probably won't release that new version into universe because of SRU's.. but you can probably find the new version in multiverse?15:48
semiosisrobos: please see that wikipedia article for a better description of the various official repos, i'm not doing it justice15:50
robosyeah, i'm reading that and the wiki page about SRU's and other things15:50
roboslooks like Universe and Multiiverse are not supported by Ubuntu15:51
robosonly Main is15:51
=== nxvl_ is now known as nxvl
semiosisrobos: jump to the section "Package classification & support" there's a nice semiotic (!) square there that shows where things live15:52
robosyup, reading that as we speak15:53
semiosisrobos: see i told you i wasn't doing it justice15:53
semiosisrobos: sorry for the confusion15:53
robosi have a couple weeks to figure all this out :-)15:53
robosi'm running an ubuntu desktop as we speak15:53
robosi can probably stand up a dev server too and figure all this out15:54
roboscool; ty for the info guys15:57
semiosisrobos: gah cant believe I mixed up Main & Universe... since I dont use Canonical's paid support they're pretty much the same thing to me.15:58
semiosisrobos: you're welcome & have fun learning ubuntu, it's a great distro15:58
robosI'm just a little concerned about using it as a server in a production environment15:59
robosbut i'm sure that will go away. Having SRU's is a bit of a relief15:59
=== dendro-afk is now known as dendrobates
robossemiosis, I think Universe and Main both use SRu's. RoAkSoAx, can you verify16:01
robossemiosis, here is how I get that: http://ubuntuforums.org/showthread.php?p=847416916:01
robosLooks like Main and Universe joined teams16:02
Kartagisif I am keeping my mails in /srv/vmail/domain/user, what should the userdb static args home be? dovecot question,16:15
=== zz_carcinogen75 is now known as carcinogen75
boxybrownon one of my machines, when you log it it automatically tells you which packages are out of date16:24
boxybrownwhere is this configured? I'd like to have this on my other servers as well16:25
boxybrownlog in*16:25
jmarsdenboxybrown: That might be the output of landscape-sysinfo ?  That info is placed into the MOTD automatically.  Does running landscape-sysinfo by hand show you the info you want to see?16:29
boxybrownjmarsden: it says it isn't currently installed16:30
jmarsdenEven on the one that displays the package update info?  OK... then that wasn't it :)16:30
boxybrownjmarsden: correct.  the one thing I can think of is that I have bcfg2-server installed on the server that displays it16:31
boxybrownI'm just surprised that would automatically do that...16:31
jmarsdenI'm not familiar with that package.  apticron can send you emails about package updates, but I don't think it generates info at login time.16:32
boxybrownjmarsden: I think I found it.  I'm pretty sure it has to do with automatic updates functionality16:41
boxybrownand update-notifier16:43
Kartagiscan someone help me with dovecot? #dovecot isn't answering16:47
asadeddinhey all. I need some help setting up VNC. I m getting this error trying to start up vncserver   Starting VNC server: 2:cmlserver                           [FAILED]17:06
asadeddinany help appreciated!17:06
jjohansenhggdh, hallyn: ping re 74675117:12
hggdhjjohansen: I am here; hallyn was having some fun with the systems, and is probably more up-to-date17:13
EgonisIs there such thing as an easy way to balance bandwidth per-ip on an internet gateway box running Ubuntu Server 10.10?17:13
jjohansenhggdh: okay, just trying to come up to date so I know what is needed out of me17:13
phoenixsamprashow to install Ubuntu-server without GRUB2 ?17:14
=== cmagina is now known as cmagina-lunch
hallynjjohansen: it's seeming ot me like a problem between libvirt and kvm.  still looking at libvirt strace logs17:20
jjohansenhallyn: okay, let me know if you want anything/find anything17:21
hallynjjohansen: thanks17:21
jjohansenhallyn: really more thankyou, your doing all the work atm :)17:22
uvirtbotNew bug: #747387 in samba "smbd crashed with SIGABRT in make_connection_snum()" [Undecided,Triaged] https://launchpad.net/bugs/74738717:36
Kartagiscan someone help me with dovecot? #dovecot isn't answering17:39
=== cmagina-lunch is now known as cmagina
hallynjjohansen: it appears to be the guest kernel17:57
jjohansenhallyn: what kernel is the guest?17:58
hallynjjohansen: when I add the '-kernel' argument, i get "couldn't allocate memory" as I do in the tests.  When I drop that and just do '-boot c', then it doesn't.17:58
hallynno idea17:58
* jjohansen needs to find the bug and read it again17:58
hallynuh, the kernel is plaintext17:59
hallynhggdh: I think it was a euca error all along.17:59
hggdhhallyn: not really surprising... what was it?17:59
hallyncat /var/lib/eucalyptus/instances/eucalyptus/cache/eki-E98E1B85/kernel17:59
hallynon mabolo17:59
jjohansenhallyn: plaintext???!!!??18:00
hallynI don't know where that file comes from originally but it looks like something went bad during setup18:00
hallyn<euca:EucalyptusErrorMessageType xmlns:euca="http://msgs.eucalyptus.com"><euca:EucalyptusMessage><euca:correlationId>ab036b7a-2f02-402a-a8ee-7fd51f4184e6</euca:correlationId><euca:userId>admin</euca:userId><euca:_return>true</euca:_return></euca:EucalyptusMessage><euca:source>Bukkit</euca:source><euca:message>18:00
hallyncaching failure</euca:message><euca:requestType>GetDecryptedImageType</euca:requestType></euca:EucalyptusErrorMessageType>root18:00
hallynto be precise18:00
hggdhwhat the hell...18:01
zulim thinking hggdh is becoming a nervous wreck18:03
hggdhzul: not becoming, already there...18:04
hggdhhallyn: I will clear up the cache, and try again18:04
zuljust dont find a large tower and use your high powered rifle :)18:04
hallynzul, were you recently in fla talking to a pastor about kerosene and matches?18:05
hallyn'just don't do THAT, whatever you do.'18:05
zulhallyn: hehe18:06
bastidrazorhow do i get mutt to use a maildir from another local machine. mutt fromlaptop to access maildir on local lan server18:07
RoyKbastidrazor: iirc man muttrc18:08
bastidrazorRoyK: thank you.. i'll read up18:09
RoyKbastidrazor: you probably want an imap server on that server, though18:09
hallynppetraki: could you look at and comment on, if necessary, bug 737027?18:10
uvirtbotLaunchpad bug 737027 in multipath-tools "kpartx udev rule is broken" [Medium,New] https://launchpad.net/bugs/73702718:10
hallynppetraki: it sounds to me like they're coming to a nice consensus.  I don't really want to deviate from debian, but it seems like the right path to take.18:11
hallynbe nice to make natty with this, if unlikely.18:11
ppetrakihallyn, sure18:13
ppetrakiso, in general, afaic, kpartx is "the way"18:16
hallynso a dmraid patch woudl be appropriate?18:17
ppetrakiit doesn't make sense to duplicate the partition handling18:17
RoyKI've been reading a bit about UEC, and it seems rather complicated with one or two servers in front and the cluster nodes in the back. To make this failsafe, a lot of hardware is needed... Is there a way to create a cluster with only the cluster nodes and have failover between them, something like what's done in vmware/hyper-v?18:18
ppetrakithis is the "fake raid" stuff right?18:18
hallynso we should be able to reproduce in theory.  (but i haven't)18:18
hallynso then, multipath-tools only needs to be patched to s/dmraid/DMRAID in the kpartx rule18:18
ppetrakiRoyK, sounds like a Stratus box would solve your problem nicely18:19
ppetrakihallyn, so that rule isn't provided by the dmraid package?18:19
ppetrakiif there is such a thing18:20
hallyni'm just going based on comments in the bug.  i've not looked at the package18:21
mjeansonhi, does anyone run mcollective on hardy?18:21
hallynif i get a chance i'm thinking i'll try using dmraid on top of lvm to test multipath on a laptop.  possible in theory no?  :)18:21
ppetrakihallyn, if you have a supported fakeraid chipset18:23
jorenl_Hey everyone! I just tried to install ubuntu server 10.10, I ran through the whole setup process (all on default settings I think) but now this is happening when I try to boot: http://imgpaste.com/i/dbrsz.jpg http://imgpaste.com/i/konnd.jpg18:24
jorenl_the first image is the error on normal boot, the second is recovery mode18:25
jorenl_does anyone have an idea about what I can do?18:26
ppetrakihallyn, there appears to be a "dos SW RAID" vector, maybe you can try that18:26
ppetrakijorenl_, um, that looks bad, so, what kind of hardware does this box have, storage specifically?18:26
RoyKppetraki: stratus?18:27
jorenl_ppetraki: I don't know exactly, some old 40GB hard drive that was running windows perfectly fine an hour ago18:27
jorenl_should I open it up and check?18:27
ppetrakiRoyK, yeah, fault-tolerant, lockstep checkpointing18:27
ppetrakiRoyK, I know there's a single point of failure (or two) in the UEC design.18:28
ppetrakiRoyK, if that's the one you're talking about18:28
RoyKit is18:28
hallynSpamapS: hey SRU padawan - can you take a look at bug 748834 and tell me if you'd require me to split that into two separately SRU'd bugs?18:28
uvirtbotLaunchpad bug 748834 in libvirt "libvirt segfaults on networkIsActive or networkIsPersistent" [Undecided,In progress] https://launchpad.net/bugs/74883418:29
ppetrakiRoyK, then, you're either going to have to live with the blackout, and restart all the VMs. Or install a ft solution that won't blackout your application18:29
ppetrakiRoyK, VMware vmotion only gets you so far, you still lose what you're working on.18:30
ppetrakiRoyK, so if you can't afford *any* downtime. then the tech Stratus offers will suit you.18:30
RoyKppetraki: you'd still have to restart the VMs unless you run them in fault tolerant mode (on vmware), and that is rather expensive18:30
ppetrakiRoyK, right, so what if it was transparent?18:30
ppetrakiRoyK, because stratus machines literally mirror the CPUs18:31
RoyKwell, how on earth can this Stratus solution mirror the contents of memory without slowing down the cluster by XXXXX%?18:31
ppetrakiRoyK, you can walk up to one, rip the primary processing unit out, and you might see a 1-2 sec pause18:31
ppetrakiRoyK, that's it, no loss of data, connectivity, nothing18:32
RoyKrather cool networking between them, then18:32
jorenl_please someone help :/ my box is bricked and I hav eno clue what to do to fix it18:32
ppetrakiRoyK, I used to work there, yeah it is cool :)18:32
RoyK10gigE won't take you long for such a setup18:32
ppetrakiRoyK, the entry level price tag is about 12K, but when you consider what you're getting, it's cheap18:33
RoyKserious-looking infiniband, probably18:33
RoyKsounds like a good alternative to vmware18:33
ppetrakiunless you're transaction based, with journaling etc etc, it won't matter18:33
ppetrakiit runs vmware18:33
hallynjorenl_: how did you install?18:33
ppetrakithe platform is ft, it can run windows, RH, and vmware esx18:33
ppetrakiso now you can virtualize as much as you want, and literally never worry about downtime18:34
ppetrakigreat than 5 9's18:34
hallynjorenl_: try booting again, and hit shift or whatever to catch the grub menu,18:34
hallynthen look at what the command line is and hwat it gives for a 'root=' option18:34
hallynjorenl_: the screenshot you supplied offers the valid choices :)18:35
ppetrakiRoyK, and no 'yet another custom HA' solution for IS to  maintain :-)18:35
jorenl_hallyn: I downloaded the ubuntu server 10.10 install ISO; burned it to a disc and ran through the installation process, using mostly default settings (simple setup, only 1HD installed and ubuntu server as the only OS)18:35
=== kentb is now known as kentb[dell]
jorenl_hallyn: ok I'll try now and see, thanks.18:35
hallynjorenl_: I'm going to guess you wnat 'root=/dev/sda5',18:35
SpamapShallyn: looking now18:36
ppetrakijorenl_, sounds more of an install bug than a HW thing.18:36
SpamapShallyn: is it fixed in natty yet btw? still shows as in progress.18:37
jorenl_I'm in grub. 'c' for command line?18:37
uvirtbotNew bug: #752730 in autofs5 (main) "NFS mounts fail due to upstart condition on 'mounting TYPE=nfs'" [Undecided,New] https://launchpad.net/bugs/75273018:37
hallynjorenl_: no i think 'e' to edit the option18:38
jorenl_well wrong button I guess, retry :D18:38
hallynSpamapS: yes, fixed in natty.  i was in the middle of updating that when i decided i wasn' tsur what to do for maverick18:38
hallynbc half of it is fixed in mav, half not18:38
hallynthere updated for natty :)18:39
jorenl_hallyn: ok I'll type what it says in pastebin brb (thanks for the help)18:39
SpamapShallyn: both patches are so small and come from upstream, fixing one bug report. I'd accept it.18:39
hallynSpamapS: \o/18:39
SpamapShallyn: don't forget to subscribe ubuntu-sru after you upload to lucid-proposed. :)18:40
CrunchyChewiewhenever I try to SSH into my 10.10 VPS it says "Connection closed by xxx.xxx.xxx.xxx"18:41
CrunchyChewieI have a current SSH session open in another terminal I am afraid to close for fear of being permanently locked out18:41
hallynSpamapS: hm, i seem to misunderstand18:41
hallynSpamapS: i've always subscribed ubuntu-sru first and waited for permission to push to lucid-propsoed18:41
jorenl_Ok here it is: http://paste.ubuntu.com/590367/18:41
hallynSpamapS: (which, of course, is bc i couldn't do it myself anyway :)18:41
hallynSpamapS: so i should push it to -proposed first, then subscribe -sru, and then it goes fromthere?18:41
hallynman i was off base t hen18:42
hallynSpamapS: i'm not hitting the trigger until you confirm :)18:42
SpamapShallyn: yes thats the best way, because really ubuntu-sru doesn't get involved until that point18:42
hallynjorenl_: that is very wrong :)18:42
SpamapShallyn: if you want to check that it will be accepted first before starting, then thats another time to subscribe ubuntu-sru18:43
jorenl_hallyn: how? :/18:43
SpamapShallyn: also you should probably add the maverick task, even if you may not fix it, so its known that maverick is affected.18:43
jmarsdenCrunchyChewie: Read your logs to try to find out *why* that connection is being closed.  /var/log/messages and /var/log/auth.log is where I would start18:44
hallynjorenl_: oh, i see18:44
hallynSpamapS: oh, i can fix the maverick one, np on that18:44
jorenl_hallyn: ?18:44
CrunchyChewiejmarsden: on the server or the client?18:44
jmarsdenCrunchyChewie: On the server.18:44
hallynSpamapS: i'm doin gtoo many things at once to do that now and not mess it up though :)18:44
hallynjorenl_: it might not be wrong actually, but the 'root=/dev/mapper/HERENT--SERVER-root is probably the problem18:45
hallynjorenl_: please try replacing that with 'root=/dev/sda3' and see what happens18:45
jorenl_hallyn: ok...18:45
hallyn(and if that doesn't work, then with root=/dev/sda1)18:45
jorenl_so not root='(hd0,msdos1)'18:46
jorenl_where it says /dev/mapper etc :)18:46
hallynno no, leave that18:46
jorenl_I'll try18:46
hallynjorenl_: good luck :)  i'l lbe back in 10 mins18:46
CrunchyChewiejmarsden: bind to port xxxxx on failed: Address already in use18:46
jorenl_hallyn : ok :D18:46
monaDeveloperHi I'm trying to create ami from scratch using this http://alestic.com/2007/11/ec2ubuntu-build-ami18:47
SpamapShallyn: I must commend you on the healthy stream of fixes flowing into lucid's libvirt/kvm/etc. :)18:47
monaDeveloperbut I needed to understand what's the meaning of this: Pick which instance type and kernel version you want in your Ubuntu AMI. Start an instance of the matching Amazon Fedora Core AMI18:47
jmarsdenCrunchyChewie: So you seem to have multiple server processes trying to use the same port xxxxx .  Don't do that.18:47
monaDeveloperhow to start an instance of the matching amazon fedora core ami18:48
jorenl_hallyn: now it says Kernel panic - not syncing: No init found. Try passing init= option to kernel. See linux Documentation/init.txt for guidance.18:49
CrunchyChewiejmarsden: changing the port in sshd_config seemed to fix it, is the port range 54xxx bad to use?18:50
jmarsdenCrunchyChewie: Only bad if something else is using it :)18:50
CrunchyChewiejmarsden: thanks!18:50
jmarsdenCrunchyChewie: You're welcome.18:51
Aisondamn, my nfs4 mounts are not automounted at startup :( even when I do  post-up mount /home || true   in network/interfaces18:51
Aisonsomething is really missing18:51
monaDeveloperHi I'm trying to create ami from scratch using this http://alestic.com/2007/11/ec2ubuntu-build-ami18:54
monaDeveloperhow to start an instance of the matching amazon fedora core ami18:55
hallynjorenl_: hm, that's not good.  try root=/dev/sda1?18:56
hallynjorenl_: you can try 'init=/sbin/init', but it should try that by default...18:58
hallynjorenl_: d'oh!  did i say root=/dev/sda3?  i meant /dev/sda5'18:58
jorenl_hallyn: oh; I'll try sda5 then.18:59
hallynyeah that's the best bet18:59
jorenl_Kernel Panic - not syncing: VFS: Unable to mount root fs on unknown block-(8,5)19:00
jorenl_that's the original error19:00
jorenl_hallyn: forgot to mention your name if that matters :p19:01
hallynjorenl_: well, try /dev/sda1, but if that fails  then i have to assume something went wrong at install19:02
hallynjorenl_: you could boot from the installcd and nose around the hard disk to see what is on /dev/sda1 and /dev/sda519:02
jorenl_hallyn: I'll try sda1 first :/19:03
jorenl_No init found. Pfffffffffffffffffffffffff19:04
jorenl_hallyn: Just go through the install again and reformat and everything?19:04
hallynjorenl_: sure if you don't have anything on there yet19:05
hallynjorenl_: when you get to disk partitioning, take note of what's there.  the /dev/sda2 being 1 block is suspicious19:05
jorenl_hallyn: ok. Reinstalling. (thanks a heap for all the help, again)19:07
jorenl_hallyn: reinstall or rescue?19:07
jorenl_buhh. I'll try reinstall. nothing to lose.19:08
jorenl_hallyn: Ok, there's the partitioning part. I must have taken a wrong choice so I'll check up here first. Partitioning method: 1) Guided - use entire disk 2) Guided - use entire disk and set up LVM 3) Guided - use entire disk and set up encrypted LVM 4) Manual19:12
jorenl_someone? please?19:17
hallynjorenl_: use 119:17
jorenl_hallyn: ok there we go.19:17
hallynSpamapS: so i wonder how many bugs i have ubuntu-sru subscribed to for which i've not uploaded the branch...19:18
jorenl_hallyn: select disk to partition: SCSI (0,0,0) (sda) - 40.0GB ATA WDC WD4000BB-60DG ; only choice :)19:18
addisonjokay, riddle me this, what would allow me to "wget myhost.dom.com" and get back my index.html like one would expect, but when I "wget myhost.dom.com/index.html" I get a connection refused, but the same command does work on a different subnet19:19
=== ewook_ is now known as ewook
hallynok, so then presumably it offers /dev/sda1 as /boot, /dev/sda2 as extended and /dev/sda5 as / ?19:19
hallynjorenl_: ^19:19
jorenl_Remove existing logical volume data <Yes>19:19
SpamapShallyn: heh.. no telling. ubuntu-sru is subscribed to thousands of bugs19:20
jorenl_hallyn: I don't know, there was no way to check19:20
hallynjorenl_: hm.  ok, well at some point it'll look like it's offering you a final summary of what it's going to do,19:20
hallynand there is a button 'advanced options'19:20
hallynmake sure to click that19:20
hallynand make sure it is going to install grub onto /dev/sda19:20
maccam94i'm having trouble configuring the openssh sftp server. when my user tries to log in, they get "Received message too long 1131570529", which i believe is because the motd is being printed19:20
jorenl_hallyn: Logical volumes to be removed: root, swap_1; volume groups to be removed: HERENT-SERVER; Physical volumes to be removed: /dev/sda519:21
maccam94does anyone have sftp working? (this is ubuntu 10.04)19:21
hallynSpamapS: feh, there is bug 750565 at least.  so go ahead and rebase that on top of the other one i just uplaoded to -proposed, and dput it ?19:21
uvirtbotLaunchpad bug 750565 in libvirt "Unable to attach an EBS volume" [High,In progress] https://launchpad.net/bugs/75056519:21
hallynjorenl_: weird.  ok, just do it :)19:22
SpamapShallyn: you can stack them but they all have to verify before they hit -updates ...19:22
jorenl_hallyn: There's the summary. Soon to be on pastebin :p19:22
jorenl_hallyn: ok here it is. http://paste.ubuntu.com/590393/19:25
jorenl_hallyn: do it?19:26
uvirtbotNew bug: #299677 in mysql-dfsg-5.0 (universe) "package mysql-server_5.0.51a-3ubuntu5.4_all.deb: subprocess pre-installation script returned error exit status 1 (dup-of: 382713)" [Undecided,New] https://launchpad.net/bugs/29967719:27
jorenl_hallyn: well I guess I'll just do it and see what happens. ;P19:28
hallynSpamapS: of course :)19:31
hallynjorenl_: no need to be squeemish, you can always start over :)19:31
hallynjorenl_: if it fails again next time, we might try 'rescue' to figure out what happened19:32
hallynbut, lunchtime.  bbl19:32
jorenl_hallyn: bye! :D19:32
adam_gdoes anyone know where amazon makes requests for inclusion of patches such as https://bugs.launchpad.net/ubuntu/+source/linux/+bug/634316 ? also,  is there a running changelog or central repositority somewhere? AWS doesn't really document it anywhere on the official amazon linux AMI page19:53
uvirtbotLaunchpad bug 634316 in linux "include amazon EBS performance patch in -virtual kernel" [Undecided,Fix released]19:53
hallynfeh.  lucid-security, forgot about that one20:06
hallynjdstrand: a comment on libvirt and quilt :)  merging trees is *so* much easier in lucid's libvirt, where patches are not kept applied, than in maverick's, where they are kept applied.20:12
hallynin lucid i can actually do bzr merge.  in maverick i have to re-do the change by hand20:12
jorenl_hallyn: back :p20:15
hallynjorenl_: all set?20:15
jorenl_hallyn; I was away for (late) dinner and  left the install idling, I'm selecting software currently :p20:16
hallynSpamapS: drat, bug 584048 is another.  i'll have to wait until someone approves the lucid-proposed push i made earlier today, bc i've already deleted my local copy of it.  zounds.20:25
uvirtbotLaunchpad bug 584048 in qemu-kvm "kvm images losing connectivity w/bridged network" [High,In progress] https://launchpad.net/bugs/58404820:25
=== dendrobates is now known as dendro-afk
jorenl_hallyn; Install the GRUB to the master boot record? (Ubuntu server is the only OS)20:27
jorenl_ok :)20:28
jorenl_installation complete: let's give it a try...20:29
uvirtbotNew bug: #752833 in clamav (main) "apparmor deny freshclam mask="r" on /var/run/samba/unexpected.tdb" [Undecided,New] https://launchpad.net/bugs/75283320:31
AtomicSparkSo I'm trying to tunnel the tcp/ip connection for postgresql (jdbc) over ssh because my college has a whitelist for outgoing ports.20:31
jorenl_Ok. So far for the OS :) Now into the configuring. Hopefully I can do that on my own.20:32
hallynjorenl_: cool, have fun :)20:32
jorenl_hallyn: thanks a heap, really...20:32
AtomicSparkssh -L 80:serverhost:80 serverhost works, ssh -L 8080:serverhost:80 serverhost works, ssh -L 5432:serverhost:5432 serverhost does not. Neither does changing the client port to other ports. My pg_hba is set correctly for I can access it at home from the servers public ip.20:33
AtomicSparkI dont know what else to check. :<20:33
=== dendro-afk is now known as dendrobates
jorenl_I just tried pinging a site to check my internet connection and now it doesn't stop. How do I make it stop pinging? (noob alert xD)20:39
AtomicSparkI fixed it. I used localhost in the port host whatever area (I didn't use it before because I didn't have localhost set up for md5). But I guess thats allowed in host
AtomicSparkYay, etc.20:41
AtomicSparkjorenl_: Ctrl+C20:41
jorenl_AtomicSpark: thanks xD20:41
AtomicSparkYou're welcome.20:41
hggdhhallyn: on the kvm '-append <string>' -- shouldn't 'string be enclose in quotes?20:59
hallynhggdh: yes21:00
hallynhggdh: it's possible that euca's logger is just not quoting those21:00
hallynhggdh: until there is a valid kernel i wasn't going to worry about it :)21:00
hallynbut yes, if it's doing it without quotes then that's wrong21:00
hggdhhallyn: it's the /var/log/libvirt/qemu logs I am looking at21:01
hggdhbut yes, may be just printing21:01
hallynyes i saw it there too21:01
hallynhave you got a valid kernel and still getting problems?21:01
hggdhI am still having the problem, and should have a valid kernel. I am unsure how correct is the error, still digging in21:02
jorenl_What's the default web directory for apache?21:08
genii-aroundjorenl_: /var/www21:08
suigenerisis anyone available for help? #dovecot is not alive21:19
guntbertsuigeneris: you can try with your real question :)21:20
suigenerisguntbert, I have virtual users, and I can't authenticate21:21
guntbertsuigeneris: I didn't say that *I* can help, but somebody might21:22
the_raminkhas your dovecot ever worked?21:22
suigeneristhe_ramink, yes, with local users21:23
suigeneristhe_ramink, please don't tell me to go back to local21:23
suigenerisshould I pastebin my dovecot -n ?21:23
the_raminkI'm not sure what the means. All your users are local or virtual?21:24
suigeneristhe_ramink, at the moment they are virtual21:24
suigeneristhey are kept in a database21:24
the_raminkand local users work and virtual users never have?21:24
jorenl_I just made some changes to the Samba configuration21:25
jorenl_how do I make it reload the config?21:25
suigenerisjorenl_, sudo service smbd restart on ubuntu21:25
the_raminksuigeneris: can you log into Mysql using the credentials you have configured in Dovecot?21:25
the_raminkfrom the commandline21:26
jorenl_suigeneris thanks :D21:26
jorenl_Oh but I found this: "By default Samba will read the configuration file every 60 seconds so no HUP is needed."21:26
jorenl_and it's working. I'm happy :)21:26
suigeneristhe_ramink, I found a working configuration but it wasn't talking about a sql file21:28
suigenerislet me show you21:28
suigeneristhe_ramink, http://wiki1.dovecot.org/HowTo/SimpleVirtualInstall21:29
the_raminksuigeneris: You trying to be obtuse?21:31
suigeneriswhat does that mean?21:32
the_raminkwell I suppose this counts as a database21:32
RoyKwhere's the obtosity and database parts of this?21:35
hggdhhallyn: yeah, it is a timeout within eucalyptus -- walrus waiting for the kernel21:35
the_raminksuigeneris: what in the error log when you fail to authenticate21:36
hallynhggdh: hopefully easily fixed in userspace...21:36
hggdhrrrrriiiiighhhttt, yeah21:37
suigeneristhe_ramink, http://pastebin.com/vy5Xa9vt21:37
=== dendrobates is now known as dendro-afk
jorenl_Can someone help me with some samba config trouble? :/21:43
jorenl_I just can't seem to allow myself (from a windows pc) to add and edit files21:44
suigenerisjorenl_, what is it?21:44
jorenl_to my share21:44
suigenerisjorenl_, directory permissions?21:44
jorenl_in samba or in ubuntu?21:44
jorenl_that might be the problem21:44
suigeneristhe_ramink, are you there?21:45
jorenl_let me try21:45
the_raminksuigeneris: these are virtual users so you need to use the entire email adresss as the username.  From the logs it appears that you're just using a username21:45
suigeneristhe_ramink, I used that too21:47
suigenerisI telneted into mail server21:47
suigenerisa login completeemailaddress pass21:47
suigenerisno authentication21:48
the_raminkwhat's the passwd file look like for that user? you can xxx out the passwrd has21:48
suigenerisit's ssha21:52
jorenl_suigeneris: now it even says that I don't have read access ><21:52
suigenerisjorenl_, write list = yourusername21:52
suigenerisjorenl_, valid users = yourusername21:53
jorenl_yourusername, is that my ubuntu username?21:53
suigeneristhe_ramink, may I msg it to you? I don't want to pastebin21:54
jorenl_no access to \\HERENTSERVER\www pffffffffffffffff21:55
suigeneristhe_ramink, now it says password mismatch, and shows the password I typed21:57
suigenerisjorenl_, can you pastebin that share's conf part?21:58
jorenl_yes, in a sec21:58
jorenl_I just did sudo chmod ugo=rwx www and that fixed it; far from secure though :/22:00
suigeneristhat's evil22:01
jorenl_suigeneris why? >:D22:01
suigenerismake a group, make your users part or that group, and have the dir owned by that group22:02
suigenerisand 77022:02
suigenerisnot 77722:02
suigeneris777 is evil, it means world writable22:02
jorenl_The only user that will ever be editing it is me :)22:04
jorenl_But I can't manage to get samba to ask for my login :(22:04
suigeneriswhatever floats your boat22:04
jorenl_No really I want to do it properly22:05
jorenl_I just suck :/22:05
suigenerisjorenl_, does your current user in windows have a password?22:05
suigenerisgive it a password, log out/in, it will ask22:06
suigeneristrust me22:06
suigeneristhe same thing happened to me22:06
jorenl_I really think I just misconfigured samba22:06
foxbuntusuigeneris, actually 777 is world write + exec22:07
suigeneristrust me on this22:07
jorenl_It asked a password earlier today, when the server was still using Windows XP :/22:07
suigenerisjorenl_, generate a password22:07
suigenerisfoxbuntu, yes you're right22:07
jorenl_first, what does guest = ok mean22:08
suigeneristhe_ramink, 503 error22:08
suigenerisjorenl_, anybody can enter22:08
jorenl_just read?22:08
genii-aroundjorenl_: It means people who do not have a username and password on the system can view or use shares22:08
genii-around( if you assign a guest account to point to some local account you make for this purpose)22:09
=== dendro-afk is now known as dendrobates
jorenl_hey wait, it did ask for my pasword some time ago, so maybe windows just stored it.... very well possible22:10
uvirtbotNew bug: #752946 in drbd8 (main) "package drbd8-source 2:8.3.7-1ubuntu2.1 failed to install/upgrade:" [Undecided,New] https://launchpad.net/bugs/75294622:11
jorenl_I managed to put some files in there so I guess I'll just leave it.22:12
jorenl_ehhh. is an empty apache httpd.conf normal?22:12
suigenerislook into apache2.conf22:14
jorenl_Yeah, I saw it. I'm acting like an aweful noob and it's emberassing :/22:15
jorenl_the apache2.conf has some include in it for virual hosts; should I be using <VirtualHost> anymore?22:16
=== carcinogen75 is now known as zz_carcinogen75
coleout of the box i think you want to look in /etc/apache2/sites-avalable/default for the def virtual host22:21
jorenl_Thank you cole22:23
colejorenl_: np22:23
quesoIf I want to make some space by removing old kernels, how do I do that?22:23
SpamapStremor in LA22:24
SpamapSI think22:24
SpamapScould just be me breathing heavily from a workout22:25
colequeso: if you are looking to save space, I'd look at what else is causing issues...executing du -sh /path or * should help you pinpoint large amounts of data22:26
quesocole: I already know there is nothing else using the space.22:27
colejust make sure you don't delete the kernel you are booting...you can look in /boot and /usr/src for kernel related things you don't want...rm works on those files as well as any other...22:28
quesocole: Should I instead remove the package?22:28
coleif you know what kernel packages you've installed and don't want...sure22:29
quesoSo I need to uninstall the old linux-image packages, but it won't because the current linux-image isn't installed (thus leaving an unresolved dependency) . . but I can't make room until the dependency is resolved, which can't happen until there's room.  Help?22:38
quesoHow do I remove packages and ignore unresolved dependencies?22:38
colequeso: check out the --ignore-depends arg to dpkg22:42
jorenl_what's the sun java package name? :p22:42
semiosisjorenl_: its in the partner repo, sun-java6-jdk or something like that22:43
colejoren: sun-java6-bin is the JRE22:43
jorenl_partner repo :(22:43
colejoren: sun-java6-jdk is the jdk22:43
jorenl_yeah, sun-java6-jre is probably what I want right?22:44
semiosisjorenl_: just uncomment the line in your /etc/apt/sources.list then apt-get update & install22:44
quesoHow do I re-generate the grub boot list?22:52
suigenerisqueso, grub-install22:55
suigeneris(I think)22:55
quesosorry, in Hardy.  update-grub?22:55
suigenerisno idea about hardy22:55
quesogot it to work, thanks22:57
suigeneristhe_ramink, ++23:02
=== dendrobates is now known as dendro-afk
hallynjbernard: hey, just checking, any progress on security libcgroup update for natty?23:50

Generated by irclog2html.py 2.7 by Marius Gedminas - find it at mg.pov.lt!