/srv/irclogs.ubuntu.com/2011/04/07/#ubuntu-server.txt

=== dendro-afk is now known as dendrobates
bastidrazor when setting mutt to use imap and remote folders.. i don't know the path i should use for INBOX.00:41
=== dendrobates is now known as dendro-afk
=== dendro-afk is now known as dendrobates
jeeves_ok, after an hour or so of pulling my hair out, I'm now down to figuring that the one port on my server isn't responding the internal requests.  I currently have a server with port forwarding on the router, and now that I have BIND setup, it's refusing to talk to the internal clients on the secondary NIC01:01
jeeves_so, what would cause the server to forget it's brains when it's serving up requests from other networks?01:06
=== draven_sol is now known as draven
=== dendrobates is now known as dendro-afk
dkuIs there anything wrong with this iptables rule? "iptables -t nat -A PREROUTING -p tcp -i eth0 --dport 10000 -j DNAT --to-destination 192.168.3.95:3000"  I'm trying to accept connections to my box on port 10000 and forward them to an internal IP at port 3000. Still getting connections refused to port 10000 after running that rule, so it doesn't seem to be working...02:07
=== jeeves_ is now known as jeeves_moss
dkunever mind, figured it out02:34
=== jfluhmann_ is now known as jfluhmann_bedtim
=== jfluhmann_bedtim is now known as jfluhmann_
=== dendro-afk is now known as dendrobates
aliveriusi have installed a server inside a kvm in my server to isolate certain services accessible from the internet, for example a web server. i will need an aql server for that. can i use the sql server of the host or would that imply a security risk?04:49
=== dendrobates is now known as dendro-afk
=== dendro-afk is now known as dendrobates
aliveriusi have installed postgresql lighttpd and php5-cli05:57
aliveriussince i am a begginer i wanted to ask if that is all i need to run a webserver05:57
aliveriusi wanted to avoid apache and mysql05:58
=== dendrobates is now known as dendro-afk
=== dendro-afk is now known as dendrobates
=== cole is now known as Guest89726
mithran1hi all, what is the correct way to set the ip address of an ethernet interface is it 'ifconfig eth0 <ip> netmask <netmask>'?07:22
mithran1i actually have an ubuntu server installed on a machine and that server is not responding to a network boot request, it says no DHCP offers received, where do I start to troubleshoot this problem?07:24
twbmithran1: an interfaces can have zero or more addresses, not just one07:25
mithran1twb: ok..1 of my interfaces, is getting a funny address(something that is not part of the public network), but it needs an address thats part of the publi network for us to work with the server, the hardware cabling seems to be fine (ie the DHCP server and this network interface are on the same VLAN)07:27
mithran1can someone give me some pointers on trouble shooting DHCP issues, with ubuntu or linux in general?, this is the first time i would be doing that, so I dont know much :(07:28
twbmithran1: what is this "funny address"?07:31
mithran1192.168.5.xxx <- is the public address, 192.168.112.1 is what my ubuntu server is getting07:32
=== newbie is now known as Guest83073
twbMaybe you have a rogue DHCP server on your network07:32
twbRun dhclient -v and see where the DHCPACK comes from07:33
mithran1that command just seems to give me some version information?07:35
twbUgh, one moment07:36
twbOK, no -v on lucid07:36
mithran1twb: if i statically set my ip using ifconfig, will it remain if i restart the server?07:38
twbNo.07:38
mithran1ok good07:38
mithran1twb: so when i statically set the ip using the 'ifconfig eth0 <ip> netmask <netmask>' command, I am not able to ping computers on the public network..07:40
mithran1DHCPDISCOVER on br1_101 to 255.255.255.255 port 67 interval 6, ok i just picked that up from when the server was rebooting....07:43
mithran1twb : is there a way to say ask this ip for a dhcp request?07:44
twbYes -- DHCPREQUEST instead of DHCPDISCOVER07:44
twbBut I don't know how you configure that on the filesystem07:45
mithran1No DHCPOFFERS received. \n No working leases in persistent database - sleeping.\n, please let me know if there is anything you want me to try, im trying to see if there is some issue with the DHCP server here...07:53
asadeddinHey all. I have a problem that i need some help with. We're moving from one ip to another and I need to update the MX record, doing this will give me some downtime because i have to wait for the thing to propagate and then swtich the hardware and software setup08:10
asadeddinis there a way i can setup the new MX record while keeping the old one08:10
asadeddinso that the new one propagates and then i can swtich the hardware and software setup quickly08:11
asadeddinthen i can delete the old record08:11
shaunoasadeddin: you can have multiple MXes and give a different weight to them08:11
asadeddinpriorities08:11
asadeddinyeah08:11
asadeddinand? how can i use that to my advantage, because i see my problem is that I need it to point to two different ip's, so one will give an answer while the other no response08:12
asadeddinanyone?08:16
shaunoasadeddin: that's how I understand having multiple records should work?  eg, I have mail1 with priority 10, mail2 with priority 20.  so mail2 only gets used when mail1 is unavailable08:18
twbshauno: MXs?08:19
joschiasadeddin: just lower the TTL (e. g. 1h) for the respective zones in your name servers a few days before you need to do the switch.08:19
joschiasadeddin: then do the switch and raise the TTL again08:19
shaunotwb, mail exchange records for dns08:19
twbYeah, you can have lots08:19
twbNote that ill-behaved peers (read: spammers) might decide to try the "wrong" MX first08:20
asadeddinso basically... Start a new MX record pointing to the new IP address with a lower priority than the current one. When the switch happens, the old one will fail and the new one will take over as the MX record. Is that correct?08:21
asadeddinthen i can delete the old one and raise the new MX priority08:21
twbYou may also want an entry like this one:08:21
twbkeegel.id.au.           8643    IN      MX      900 tarbaby.junkemailfilter.com.08:21
shaunoasadeddin: that's my understanding, yeah.  they 'should' use the highest priority they can connect to, and fall down the chain in order until one answers08:22
asadeddinok08:22
asadeddinhow do i know if the new one propagated? i mean it's difficult no?08:22
twbasadeddin: you ask the DNS server you want to know if it propagated to.08:23
twbe.g. dig @8.8.8.8 to test one of google's DNS servers08:23
twbYou probably want the old host to -j REJECT rather than -j DROP, though, so it falls through faster08:24
asadeddini dont know how to do that08:24
asadeddini m currently doing all of this in the domain host web panel08:24
asadeddinlet me see what's infront of me08:25
asadeddinthanks tho for the excellent support. i was sure the ubuntu-server guys would know ;)08:25
asadeddinok08:28
asadeddinbasically what i see infront of me is a bit weird08:28
asadeddinthere are no custom MX records listed, but under A records I see the @ is pointed to our mail server08:28
asadeddinanyideas?08:30
xampartasadeddin: we did isp change recently. it was quite easy, as we first put 2NICs to our server, and configured our new ip to that. then we made dns changes and monitored the traffic08:39
twbI don't support "web panels", sorry08:39
asadeddini like the NIC thing lol08:41
asadeddincreative08:41
asadeddinmy problem is that i m not seeing any custom made MX records. I see the @ A record is pointing our IP08:42
xampartso you should a an mx record pointing to either your mail server or (like our mx) to our email virus service ip08:44
asadeddini understand08:45
asadeddini should call network solutions and see what they have to say about this08:45
asadeddinmaybe i can get an idea of my current setup better08:45
asadeddinbut thanks a lot all! i really appreciate the help. :)08:45
eagles0513875|2what is the right way to setup a cron job on ubuntu server lucid08:58
eagles0513875|2hey guys anyone here09:29
joschieagles0513875|2: run `crontab` or edit the files in /etc/cron.*09:30
raphinkhi eagles0513875|209:30
eagles0513875|2joschi: either way will work right09:30
eagles0513875|2joschi: if it requeres root to run this script would crontab be better to use09:31
raphinkeagles0513875|2, you can use /etc/cron.d/* whatever user is required09:31
joschieagles0513875|2: it depends. you could also run the skript with sudo in your user crontab09:31
* eagles0513875|2 is totally confused09:32
eagles0513875|2thing is i need this script to run as root as i then need cron to send the root user an email if there is an error09:32
eagles0513875|2ill use root crontab09:32
eagles0513875|2joschi: what would i need to put in the cron tab to setup a daily run of my script at a given time09:38
joschieagles0513875|2: see `man 5 crontab`09:39
eagles0513875|2thanks shoudl be able to figure it out now09:42
SuperRoachHello there. Has anyone here tried to and been able to update their php version to 5.3 (from 5.2) to help patch its security?09:44
eagles0513875|2joschi: how can i update an already existing crontab entry09:53
eagles0513875|2to change when its run etc09:53
joschieagles0513875|2: just edit the crontab file09:53
eagles0513875|2my next question is how can i get it to send an email to root if there are errors with the backup script09:54
eagles0513875|2if the script produces stderr09:54
eagles0513875|2is that possible to do?09:55
joschieagles0513875|2: look for MAILTO in `man 5 crontab`09:57
eagles0513875|2ok09:57
eagles0513875|2joschi: now in the case of ubuntu if i want to mail to root would i use sudo?09:58
eagles0513875|2or a user whose listed in the sudoers file09:58
joschieagles0513875|2: look for MAILTO in `man 5 crontab`10:00
eagles0513875|2joschi: i did but seeing as ubuntu doesnt have root but uses sudo hence why im asking10:00
joschieagles0513875|2: try `id root` and you'll see that there is a root user10:00
eagles0513875|2if leave MAILTO= "" no mail is sent otherwise mail will be sent to the owner of the crontab10:01
eagles0513875|2so since i used sudo crontab -e it will send it to root right10:01
eagles0513875|2if im reading the man page right10:01
xamparteagles0513875|2: you could "echo "root your.user@domain" >> /etc/aliases && newalises"10:03
eagles0513875|2O_o10:03
eagles0513875|2is my understanding of the man page correct though10:04
eagles0513875|2xampart:  i do mail to and pass what you pasted above10:05
eagles0513875|2wow just found something similar to what you just mentioned10:06
eagles0513875|2outa curiosity is it possible to have the root crontab one job runnign sending mail to root daily another sent to lets say user a to back up his data and let him know its backed up10:09
eagles0513875|2is that possible10:09
xampartwhat exactly?10:11
eagles0513875|2lets say you have multiple users runnign their respective cron jobs via the root crontab10:12
eagles0513875|2is it possible to have Mailto send an email to one user about their job and then to a different user about a different job10:13
xampart"By default cron jobs sends a email to the user account executing the cronjob."10:14
eagles0513875|2so in my case root10:14
eagles0513875|2which makes the mail to redundant10:14
xampartwhy not use users crontab10:14
eagles0513875|2this one im running a backup into /mnt and i need root to back up my files to that location10:14
xampartit is possible10:15
eagles0513875|2well i have it setup in root crontab for now10:16
sky1which packages for ubuntu i need for an basic authentification only with the form login page from request tracker .. no samba or other stuff is necessery10:16
sky1on the client side10:16
jussiHrm, Im having an issue with my server, I want to have all pages in domain.com/subdir/ redirect back to domain.com/subdir/index.html - How would I acheive this?10:33
jussialternately, is it possible that I only allow trafic to there from one ip address?10:37
eagles0513875|2jussi: traffic from one ip i think is done with .htaccess if im not mistkaen10:39
eagles0513875|2if not that im sure you can use hosts.allow as well10:39
eagles0513875|2and route accordingly in iptables10:39
shaunohtaccess is easiest, as it'd only affect that vhost & directory.  something like http://paste.ubuntu.com/590661/10:40
shaunoredirecting everything back to index.html would be some mod_rewrite magics that I'm not capable of doing off my head :)10:41
mithran1is there a command like top for ifconfig??10:42
uvirtbot`New bug: #753330 in samba (main) "The Samba 'panic action' script, /usr/share/samba/panic-action, was called for PID 1783 (/usr/sbin/winbindd)." [Undecided,New] https://launchpad.net/bugs/75333010:47
raphinkmithran1, why would you like such a command?10:47
raphinkmithran1, you want to watch your IP address?10:48
sorenmithran1: You mean ilke iftop?10:48
sorens/ilke/like/10:48
jussishauno: thanks. I ended up googling for it, found post no 2 here: http://www.webmasterworld.com/apache/4085501.htm10:48
jussi(which worked)10:48
shaunojussi: looks convincing, but you can see why it's harder to produce blind :)10:49
jussishauno: yeah. :)10:49
mithran1raphink: thank you so much, its looks awsome10:54
=== uvirtbot` is now known as uvirtbot
raphinkmithran1, you mean soren right?10:57
mithran1ya raphink: I did mean soren, sorry..10:58
mithran1soren: thanks a lot, that is a really good tool, helps me do exactly what I want to10:58
sorennp10:59
pluesch0rhi everybody. i'm trying to install grub on a disc that i restored from a backup. i've booted my box from a install disc.11:03
pluesch0rafter mounting the disc, bind-mounting dev and supplying proc on the correct position, i'm trying to find /boot/grub/stage1 inside the grub shell.11:04
pluesch0rhowever, the file is not found (it is there, though).11:04
pluesch0rwhat could i be doing wrong?11:04
pluesch0ri'm using grub 0.97-29ubuntu53 on an ext4 disc.11:05
jussiHrm, just downloaded lucid server, and Im getting:  Unknown keyword in configuration file gfxboot.11:05
jussivesamenu.c32:  not a COM32R image11:05
jussiany way to boot?11:05
eagles0513875|2lucid server has worked for me like a charm11:06
eagles0513875|2brb need to reboot work laptop11:06
jamespageDaviey: fix for bug 749720 uploaded and proposed if you would to review :-)11:38
uvirtbotLaunchpad bug 749720 in mod-wsgi "Wrong symlink in libapache2-mod-wsgi-py3 and incompatible with python3.2" [Medium,Confirmed] https://launchpad.net/bugs/74972011:38
Davieyjamespage, super11:41
Davieywhat was wrong with the detecting python version line?11:41
Davieyjamespage, fancy adding DEP-3 headers to the patch?11:41
jamespageWell I'm no regex guru but it mapped 3.2-1 -> 3.2-1 instead of 3.211:41
Davieyahh11:42
jamespageDaviey: ack - occurred to me just after proposed the patch11:42
Davieysuper!11:42
jamespagegive me 511:42
jamespageDaviey: branch updated as requested :-)12:08
Davieyjamespage, awesome, just reviewing something else... will then sort it out12:11
xamparthow are your central loggin systems set up?12:13
TeTeTSpamapS: hi, could you fix bug 561750 for Lucid as well?12:20
uvirtbotLaunchpad bug 561750 in squid "squid starts and stops immediately (after upgrade from karmic to lucid)" [Medium,Fix released] https://launchpad.net/bugs/56175012:20
a7ndrewless less12:44
=== squishy is now known as SquishyNotHere
daxrocHey all13:10
kaipanoiMornin13:11
kaipanoior afternoon or evening, as appropriate13:11
daxrocHaving a problem with mysql-cluster-server package, http://pastebin.com/WG74xyFb13:20
daxrocany one know how I could fix the following error ?13:23
mok0daxroc: line 16 says it13:24
daxrocmok0: libmysqlclient is causing the conflict, I can't remove it tho ?13:42
raphinkdaxroc, that looks like a bug in lucid13:43
daxrocraphink: on 10.1013:46
raphinkdaxroc, I doubt so13:48
daxrocThe version I am using is 10.10, with that error13:48
raphinkmysql-cluster-client-5.1 7.0.9-1ubuntu7 and libmysqlclient16 is from stock lucid13:49
raphinksorry13:49
raphink mysql-cluster-client-5.1 7.0.9-1ubuntu7 is from stock lucid13:49
raphinkand libmysqlclient16 5.1.41-3ubuntu12.10 is from lucid-updates13:49
raphinkmaverick has higher versions of both13:49
daxrocraphink: sorry I am using lucid13:50
* daxroc hides13:50
raphinkanyway, this is a bug, there should be a conflict between the two packages13:50
raphinkis there something that prevents you from removing the libmysqlclient16 package?13:51
daxrocnot sure how? apt-get remove libmysqlclient16 ?13:52
raphinkthat, or use apt-get install mysql-cluster-client-5.1 libmysqlclient16-13:52
raphinkwhich will remove libmysqlclient16 at the same time as it installs mysql-cluster-client-5.113:53
daxrocraphink: not letting me remove libmysqlcleint, php5-mysql depends on it , when I try and remove php5-mysql it gives an error about mysql-cluster-server not installed correctly14:02
raphinkdaxroc, if you have packages depending on libmysqlclient16, you can use equivs to fix that14:04
raphink(and do report the bug, please)14:04
daxrocraphink: not sure what I should do wiht equivs14:08
daxroccan I force uninstall and reinstall after ?14:08
N3good domain registrar with privacy?14:11
asadeddinhey all. quick question. I'm planning on moving ISP's and I found out we have no MX record, although we have a mail server in the office that's working. Our IP's for all other and none on the A records is set to our mail server14:18
asadeddinno if we should move ISP's, all i have to do is change the IP's for the A records?14:19
raphinksorry daxroc I was afk14:29
raphinksee http://www.debian.org/doc/manuals/apt-howto/ch-helpers.en.html about equivs14:30
raphinkbuild a fake package that provides libmysqlclient16 so php doesn't complain14:30
RoAkSoAxmorning all14:38
semiosismorning RoAkSoAx14:41
RoAkSoAxmorning semiosis14:41
KlightHello all, anyone good with wpasupplicant, I've got it installed okay and even got a connection, however now the server crashes (hangs) on shut down or reboot. I'm very new at all this so I thought I ask the pros :)14:45
raphinkhi RoAkSoAx14:57
RoAkSoAxhi raphink14:58
pmatulis_quick one.  i created an alias with 'ip address add 192.168.7.100/24 dev br0'.  but this never shows up with ifconfig.  normal?15:15
uvirtbotNew bug: #753580 in dhcp3 (universe) "dhclient does not strip or escape shell meta-characters" [Undecided,New] https://launchpad.net/bugs/75358015:16
zulSpamapS: ping15:23
=== doko_ is now known as doko
uvirtbotNew bug: #753605 in mysql-5.1 (main) "removing mysql with apt doesn't delete user mysql" [Undecided,New] https://launchpad.net/bugs/75360515:41
=== rizzuh_laptop_ is now known as rizzuh_laptop
hggdhDaviey: there?16:11
=== robbiew1 is now known as robbiew
uvirtbotNew bug: #753661 in nut (main) "upsd write() failed for 127.0.0.1: Broken pipe" [Undecided,New] https://launchpad.net/bugs/75366116:16
=== michael_ is now known as minorbug
=== zz_carcinogen75 is now known as carcinogen75
Davieyhggdh, o/16:59
=== Guest89726 is now known as cole
andygraybealcan a group be inside of another group?  so for instance the group 'lpadmin' is inside the group  'coordinator'; so every time i assign someone to the group 'coordinator' they also are inside the group 'lpadmin' ... or is this rediculous thought pattern?17:03
SpamapSzul: pong17:04
MTecknologyI'm having some troubles... http://dpaste.com/529722/ ... the physical volume has 1013.6 GB available to it - but pvdisplay indicates that it thinks there is only 704.00 GB available17:09
SpamapSMTecknology: did you pvresize it?17:09
MTecknologySpamapS: I wanna hug you17:10
SpamapSMTecknology: please refrain .. people will talk17:12
* patdk-wk wants a hug too!17:12
MTecknologywell...17:12
patdk-wkhmm, I couldn't locate any amavisd-new 2.7.0 packages anywhere :(17:12
MTecknologySpamapS: i won't hug you then.. i'll just kiss your nick on the screen17:12
patdk-wkjust finished building one, took a few hours :(17:12
patdk-wknow to throw it onto my production test server :)17:13
screen-xHi all, I'm having trouble building a debian package for a perl module with dh-make-perl. First error is "Too early to specify a build action 'vendor'. Do 'Build vendor' instead." full output: http://scsys.co.uk:8002/9633517:13
MTecknologySpamapS: point is - thanks :)17:14
SpamapSMTecknology: glad you got it going17:15
patdk-wkhmm, slow launchpad day17:16
SpamapSscreen-x: seems like that module isn't built right for CPAN17:16
SpamapSpatdk-wk: the fact that you can notice when its slow is a testament to how much faster it has gotten of late. ;)17:17
patdk-wkI know :)17:17
patdk-wksometimes I had builds take an hour to even notice I submitted them17:17
screen-xSpamapS: hmmmm, so theres a bug in the module itself?17:17
patdk-wklet alone build17:17
SpamapSscreen-x: or in its packaging.17:18
SpamapSscreen-x: meaning, its perl packaging17:18
RoAkSoAxkirkland: ping17:18
RoAkSoAxzul: ping17:19
screen-xSpamapS: ok, thanks17:19
zulRoAkSoAx: pong17:20
RoAkSoAxzul: by any chance do you have some free time and a cobbler server ready to netbook?17:20
RoAkSoAxzul: I'm getting an error during install that says17:20
RoAkSoAx"No kernel modules were found. etcetc"17:21
zulRoAkSoAx: not right know i dont17:21
zulthe iso import failed or soemthing?17:21
=== jamespage is now known as ringo
RoAkSoAxzul: nope, the imported ISo is the same, and was working fine on Monday as far as I can remember17:22
RoAkSoAxs/same/same I had for quite a while now/17:22
zulweird...did you guys break something? ;)17:22
RoAkSoAxzul: well only I patch was added from the time It was working fine till now, so that might be it17:23
zulRoAkSoAx: which patch is this?17:23
RoAkSoAx36_tainted_file_path.patch17:23
RoAkSoAxzul: but that really shouldn't affect in any way17:24
zulRoAkSoAx: try it withouth17:25
RoAkSoAxzul: yeah building now :)17:25
=== ringo is now known as jamespage
MTecknologySpamapS: how about this one? http://dpaste.com/529732/17:31
MTecknologyOH!... I grew the physical volume wrong.... and now it's beyond it's actual capacity17:34
MTecknologyand i learned yet more today....17:39
MTecknologyworking perfect now17:39
MTecknologyonline resize of fs taking place and no issues expected17:39
patdk-wklooks like amavisd-new is working good :)17:40
shaiguitarhey, my main.cf looks like this: http://pastie.org/pastes/1768470/text?key=bt9yd6xho5kiie5ditgiq17:54
shaiguitarandI was wondering how to config to forward everything (including local mail) to an external17:54
shaiguitar@gmail address?17:54
shaiguitarI'm a total noob at this, so TIA :P17:54
shaiguitarspecifically I guess I should change procmail -a "$EXTENSION" also? I don't know though TBH17:54
robbiewjamespage: JamesPage: do you have a wordpress account?17:57
shaggy2g'day helpfull people, I need some help, I have changed the network card that the server uses, I need to know how to find out what network cards are installed and what the short name (eth*) the system has given?17:57
robbiewDaviey: fyi...granted you admin rights to the wordpress blog17:57
Davieyrobbiew, ta17:58
shaggy2FYI, I had 3 cards installed, my network was on eth1 I removed 2 cards for use in another system and now I only have the onboard card, I thought it would just be eth0 but it's apparently an unknown interface assistance please anyone?18:01
kaipanoiifconfig -a18:02
shaggy2thank you18:03
kaipanoinp18:04
shaggy2I almost have everything back up and running after a complete network overhaul... I changed from using my netgear router from handling everything to installing freebsd with pfsense (complete installer package) and using that to handle 2 different IP ranges18:06
kaipanoiI love pfsense18:07
shaggy2I am learning it.18:07
kaipanoiits the only fw we use at work18:08
shaggy2was told to just run it in a VM for a while till I learn it, I just went right ahead and installed it, stuffed it up then reinstalled it, and now got it fully working and handling everything todo with networking18:08
shaggy2can I disable NAT on one adaptor (ip range) but not the other?18:09
kaipanoimight be better to just use 1:118:11
shaggy2what is 1:118:11
kpettitI haven't had to deal with hardware in awhile.  What's the best mid-high end processor for running virtual machines, probally with virtualbox?18:11
shaggy2is that like DMZ?18:12
kaipanoihow much money do you have, kpettit? ;)18:12
kaipanoishaggy2, kinda/maybe. with 1:1 NAT you can make a private IP appear to have a public IP18:13
kaipanoihttp://doc.pfsense.org/index.php/1:1_NAT18:13
RoyKkpettit: you can probably do well with an elderly opteron18:13
kpettitkaipanoi, I was thinking of spending 700-1k on a desktop.18:14
RoyKkpettit: the important part in most cases is memory, not cpu18:14
RoyKkpettit: anything will do in that price range18:14
RoAkSoAxzul/win 1818:14
RoAkSoAxargh18:14
kpettitSo there isn't any specific processor feature or anythning that I should be looking for?18:14
RoyKall new processors, except some atoms, support what you need18:15
kpettitI know some of the older processors are missing some virtualzation features.  Just wanted to make sure i didn't miss something18:15
RoyKand for a desktop, you wouldn't really want an atom18:15
kpettitRoyK, perfect.  Thanks18:15
RoyKolder, yes, but that's like 3 years old or so18:15
kaipanoiensure it has AMD-V or TV-x18:15
kaipanoihttp://en.wikipedia.org/wiki/X86_virtualization18:15
kpettitI've got a dual-core xeon now with 4gb.  And it just isn't keeping up wiht me doing 1 vm and regular desktop stuff18:16
RoyKkpettit: also, kvm will probably do better than vbox18:16
RoyK(just my 2c)18:16
shaggy2kaipanoi: ok here is my setup, 1 nic is the WAN, next is the Private IP's (eg 192.168), 3rd is the public ip's a /29 setup. on the public IP nic I have 3 servers. that have the /29 ips (eg 150.101)18:16
kpettitkpettit, I've been anxious to try that.  It's been awhile.  kvm wasn't quite there last time I tested, but it's been a good year or two sense I tried last18:16
RoyKkpettit: talking to yourself? :)18:16
kpettitapparently.  I think I forgot to take my meds.  kpettit, no you didn't18:17
shaggy2lol we all talk to ourselves, we are allll NUTS :)18:17
RoyKkpettit: kvm is in at least lucid and so on18:17
* RoyK doesn't talk tohimself, yes!, no, he doesn't18:17
kpettit:)18:17
MTecknologysudo -s18:18
RoyKfirst sign of sanity, really18:18
MTecknologysorry18:18
RoyKyou should hear me if I debug something bad :P18:18
kpettithaha.  I bet.  I usually have to make sure my kids aren't around when I start coding.18:18
shaggy2should here be when I stuff soemthing up with the network or the servers18:18
shaggy2I abuse myself18:18
MTecknologyI'm a good coder, so no bad language comes from me18:20
kpettit:) THat was pretty good18:20
RoyKhah - the windoze guys at work had decided to use Ahsay for windoze backup instead of sticking with bacula for it all and then, suddenly, ahsay added another 800% to their pricing - boss decided to switch to bacula in a fraction of a second18:20
kpettitRoyK, gotta love that.  Sticker shock seems to make alot of opensource converts18:21
RoyKbacula is _fast_ btw18:22
* patdk-wk wants to play with bacula18:22
patdk-wkI have a 25 lto lib, doing nothing18:22
patdk-wkcause the expensive corperate software doesn't work18:22
RoyKwith 220TB worth of backup storage, we don't need further investments in a few years :P18:23
patdk-wkroyk, but what happens when you fill that next month? :)18:23
RoyKwe won't18:23
RoyKif we do in a year or two, we get another disk shelf or two18:24
patdk-wkwhen the commercial backup thing worked, it took >2weeks to do a backup18:24
patdk-wkit never finished, I killed it18:24
patdk-wkout data is completely replaced within 2 weeks18:24
* patdk-wk just doing an rsync was faster than 2 weeks :)18:25
RoyKwe were considering getting disk-based backup for Legato, but the pricing was hilarious - you have to pay for the amount of storage space available to Legato18:25
RoyKand when 100TB doesn't cost much, paying > 10x the price of that for licenses, well, bacula was a better choice :P18:25
jamespagerobbiew: I do18:28
shaggy2umm anyone here no anything about dns servers??? I have bind9 installed and have it set with a domian name and the ipaddress of where is it hosted, I have set the name servers with my register to that of my server but it's not happening18:30
MTecknologytime to start writing a bash app... and also time to start music so i don't lose it18:30
MTecknologythis this is going to be a minimum of 5 billion lines.....18:30
RoyKshaggy2: what's the IP of the host and the domain name (zone) it's supposed to service? I can test form here if you like18:31
RoyKMTecknology: in bash...18:31
shaggy2admin.shaggyweb.net and the ip is 150.101.191.13918:31
RoAkSoAxSpamapS: can I close this one as kirkland already worked on getting the cobbler-web package working? bug #70569118:32
uvirtbotLaunchpad bug 705691 in cobbler "cobbler-web should include a working configuration and a README file detailing the steps necessary" [Wishlist,Confirmed] https://launchpad.net/bugs/70569118:32
RoyKDora:~ roy$ host admin.shaggyweb.net 150.101.191.13918:32
RoyK;; connection timed out; no servers could be reached18:32
RoyKshaggy2: I guess, either bind isn't started, or a firewall blocks it18:33
shaggy2ok I'll look into it18:35
MTecknologyRoyK: ya... odly enough- i think that's the best choice unless except for possible python- but i'm also not a python fan18:35
RoyKMTecknology: bash scripting is for tiny stuff, not for writing applications18:36
RoyKMTecknology: bash is parsed, not precompiled18:36
RoyKuse something sane like python, php, perl, even mono18:36
* RoyK likes perl18:36
MTecknologyRoyK: it's not really an app.. it's a very simple management interface for sentinel servers. the hard part is going to be all the whiptail i'll be using18:37
MTecknologyor dialog.. not sure yet18:37
MTecknologyand saving configs18:37
RoyKjust use a sane programming language with database support (which includes them all, the sane ones)18:38
MTecknologythey need to be able to edit the config manually too18:38
shaggy2can someone ping 150.101.191.139 for me please18:38
MTecknologyshaggy2: no18:39
MTecknologyRoyK: i'm still considering python for this - just not sure - it's the best tool, but i don't like it18:39
MTecknologybest tool for 'this'18:39
MTecknologyjob18:39
MTecknologyI need to stop swapping keyboards18:39
RoyKMTecknology: python, or java, or perl, or mono, or php, or ruby, or anything, really, will do the job nicely. which one you choose is only a matter of which one you know the best or like the most18:41
kpettitI love me some python.  Espically for cli apps.18:41
* RoyK uses perl for that :P18:41
MTecknologyperl or python would be best suited for this i'm sure18:42
RoyKI have to admit I use shell scripts for easy stuff, but when it comes to saving state, shell scripts rather suck18:42
kpettitso many languages, so little time18:42
RoyKjá, ég veit18:42
kpettityeah, I agree.  I started using pythong becuase it was easier for me to pick up than some of the other ones at the time.  And I needed to be able to do cli, gui, and web stuff.18:43
RoyKkpettit: then python is probably the best to you for you18:43
kpettitMy brain can't handle learning too many different things at the same time :)18:43
kpettitlast time I tried, I forgot my kids names.18:43
RoAkSoAxzul: apparently it wasn't cobbler, but rather and issue with the archives, as I imported today's ISO and no error whatsoever18:43
* RoyK once attended German and Icelandic courses in parallel - NOT a good idea18:44
zulRoAkSoAx: cool beans18:44
pittstainscan someone tell me what the aolserver4-nsd application does?  i see that it's running on a server I administer, but I have no recollection of installing it18:46
RoyKpittstains: AOL Web server AFAICS18:51
RoyKpittstains: if you don't recall installing it, I guess running chkrootkit might be a good idea :P18:51
pittstainsRoyK: the man page says only "Nsd is the AOLserver binary."18:52
RoyKyeah, but are you running aolserver?18:52
pittstainsit was running when i logged in, and it was hogging port 80 so Apache couldn't listen on it18:53
RoyKpittstains: did you install the server?18:53
pittstainsno, i am a little concerned about how it got there...18:53
RoyK!chkrootkit18:54
RoyKstupid bot18:54
pittstainshaha18:54
RoyK!google chkrootkit18:54
ubottuI have no google command, use http://www.google.com/18:54
pittstainshm, i'm also seeing a /home/sysgames directory that doesn't look familiar18:54
pittstainsaaaaaaaaaaaaaaaarg18:54
RoyKpittstains: see above :P18:55
Pici!info chkrootkit18:56
ubottuchkrootkit (source: chkrootkit): rootkit detector. In component main, is optional. Version 0.49-4 (maverick), package size 301 kB, installed size 824 kB18:56
pittstainsyup, and there's a new user called sysgames in /etc/passwd... the newest user, even18:56
RoyKpittstains: I'd download chkrootkit from the source, not the ubuntu package, to be sure18:56
RoyKpittstains: what's the id of that user?18:56
RoyK`id sysgames`18:56
pittstainsroyK: 503 according to /etc/passwd18:57
RoyKk18:57
pittstainswhy from source?18:57
RoyKwell, most of it is perl, plus some binaries, but then you know it's not been tampered with18:57
RoyKuse the source, luke...18:58
pittstainsRoyK: any suggestions for tracking down the entry point of this attack?  i'd prefer to close the hole in addition to eliminating the installed garbage19:00
RoyKcheck all logs19:00
RoyKand dates on new files19:00
RoyKif the attacker has gained root access, which it seems, better reinstall19:00
RoyKthere may be setuid binaries around you can't find very easily19:01
RoyKpeople can add additions to existing cron jobs to open tunnels to the outside as well19:02
bluethundrhey guys...  how do I find what ethernet / wlan driver is loaded in ubuntu?19:02
RoyKif the box is rooted, reinstall19:02
bluethundrlspci turns up nothing19:02
RoyKlspci is rather old19:02
bluethundrit's 8.04 LTS19:02
RoyKlshw is a bit better19:02
RoyKboth scan the bus19:02
bluethundrhmm ok thanks I'll give that a try19:02
RoyKto see what drivers are loaded, lsmod19:02
bluethundrright thanks19:03
* RoAkSoAx off to lunch19:03
pittstainsRoyK: i hate computers19:04
RoyKpittstains: hehe - so do I - I also love them :P19:04
pittstainsi think you're probably right.... thanks for your help19:04
RoyKnp19:05
pittstainsRoyK: huh!  somehow the date on the aolserver4-nsd file (in /usr/sbin) is november 5, 200819:08
pittstainsnot sure i've even had the server that long!19:08
patdk-wkmaybe it came out of a tar file with timestamps preserved :)19:08
RoyKpittstains: file dates can be changed19:08
RoyKpittstains: or perhaps it's just false alarm19:08
RoyKpittstains: when was the last reboot? when was the last time did apache was running?19:09
RoyKs/did//19:09
petaniall i problem with php519:09
petanii have problem with php519:10
pittstains$ uptime19:10
pittstains 14:10:02 up 14:08,  1 user,  load average: 0.00, 0.01, 0.0019:10
petanisome body help me19:10
patdk-wkpetani, can't do that19:10
patdk-wkyou have supplied no info to help you19:10
petaniwhy php5 in ubuntu not support image anti alias on phpgd19:11
petanimy php5 not support image anti alias19:11
pittstainsRoyK: not sure how to figure out last time apache was running19:12
petanior image rotating19:12
RoyKpetani: no idea - perhaps that's a newer feature or perhaps it's in a module not installed?19:12
pittstainsalso not sure why uptime is only 14 hours19:12
RoyKpittstains: smells bad...19:12
RoyKpittstains: if you're close to the server (the server not being on the other side of the planet in some colo etc), I'd recommend reinstalling it19:13
petaniRoyK : i am install phpgd19:13
RoyKpetani: did you restart apache after you did that?19:13
petanibut it not run images anti alias19:13
petaniye19:13
petanii restart19:13
petaniin centos is running19:13
RoyKsorry - no idea - might be a module missing19:13
pittstainsRoyK: no physical access to the machine :-/     .... looks like i have a long day ahead of me tomorrow19:14
RoyKtry asking on #php - maybe they know19:14
pittstainsalso, the existence of the sysgames user is troubling19:14
RoyKpittstains: can you give me its IP?19:14
RoyKpittstains: it'd be fun to scan it to see what I can find from here :)19:15
petanimy friend tell me because scurity isues19:15
pittstainsRoyK: sent in a PM19:16
petanijoin #php19:16
pittstainsplease do tell me what you find :-)19:16
RoyKpittstains: I'll send you a report - openvas just started :)19:17
=== maedox__ is now known as maedox
petaniRoyK, my problem related it  http://www.jibas.net/content/fordis/fordisisi.php?kode=SISFO&page=5919:18
RoyKpetani: I don't quite understand your language, Malay?19:20
petaninot malay19:20
petaniis indonesian19:20
RoyKok, sorry19:21
RoyKI still don't understand shit, though19:21
RoyKbetter ask on #php19:21
petanioke than's19:21
RoyKperhaps someone there can point you to where to find a download19:21
petanii try recompile php5 to support phpgd anti alias19:22
petaniimages19:22
petanirotating19:22
pittstainsRoyK: also have new users tor and messagebus...19:24
pittstainsdon't really have time to dig into my logs until tomorrow, but suffice it to say i'm irritated19:25
RoyKhaving a server hacked tends to make a sysadmin annoyed :P19:26
pittstainsgah, i'm a programmer first, sysadmin second19:26
pittstainsi hate having to wear so many damn hats19:26
pittstainsi'll be locking down SSH logins to a small set of IPs on all my machines tomorrow19:27
pittstainsthat will at least minimize my exposure19:27
pittstainsi repeat: aaaaaaaaaaaaaaaaaaarg!19:28
* RoyK is a sysadmin first, a photographer second ..... and out there somewhere perhaps a programmer :)19:28
RoyKpittstains: see pm19:33
pittstainsRoyK: i hate this report!19:35
RoyKpittstains: it doesn't show any security holes19:35
pittstainsthat SSH one doesn't look too nice!19:35
RoyK  Successful exploits will allow attackers to obtain four bytes of plaintext from19:36
RoyK  an encrypted session.19:36
RoyKfour bytes19:36
pittstains:-)19:36
RoyKyou'll have to be seriously interested in hacking the site to gain anything from that19:36
pittstainsokok, reading comprehension19:36
pittstainsvery interesting report, though!  i will be looking at openvas in more depth later!19:37
RoyKpittstains: openvas rocks :)19:38
* RoyK runs another scan against the office19:43
geekbriso is it correct that you can't use | in cron jobs?19:44
uvirtbotNew bug: #753924 in php5 (main) "package php5-fpm 5.3.5-1ubuntu6 failed to install/upgrade: подпроцесс установлен сценарий post-installation возвратил код ошибки 1" [Undecided,New] https://launchpad.net/bugs/75392419:46
RoyKgeekbri: use a shell script19:48
geekbriRoyK: i guess i'll have to if | isn't supported in crontab.  IS that the case?19:48
SpamapSRoyK: as long as it works "out of the box" and explains itself in the README, then I'd agree, that feature is implemented. :)19:48
RoyKgeekbri: I've seen variable success with using piping with cron19:49
* RoyK sticks to shell scripts - they work19:49
geekbriRoyK: honestly i was just trying to pipe output to "logger" so i didnt have to rotate a new log :'(19:49
RoyKsorry - I don't know if it works - I usually handle logs in a script19:50
RoyKthere's something rather fishy about cron/upstart in lucid19:50
RoyKthe bug is filed, but last I checked, it wasn't even accepted19:50
geekbriyeah im just getting complained to by our DB about how they dont want a shell script claling a php script etc etc :)19:50
RoyKa php script should be able to handle its logs quite easily19:51
geekbriRoyK: yes i brought that up to them already :)19:52
RoyKso... 380TB and counting :D19:52
RoyKperhaps we'll reach 1PB next year19:53
geekbriRoyK: it's valid to call something like source my.env && command in cron through right?19:55
RoyKgeekbri: just try - I've lost track on cron since Lucid - it seems to be a bit buggy19:56
geekbriRoyK: thanks! i will :)19:56
RoyKbtw19:56
RoyKsource 'something' probably won't work19:56
geekbriwell i'd include the full path19:56
RoyKsince cron wants to run an executable19:56
RoyK'source' isn't19:56
geekbrioh hrm... so can you not use source??19:56
RoyKsource is an internal bash command19:56
RoyKjust create a script that does the 'source' bit19:57
geekbriyeah im just facing pressure from some high level folks to not create a seperate script thats run and to put it all just in cron directly19:57
RoyKthose 'high level folks' should be high level enough to write a script that is cronable19:58
geekbrihehe you would think that right!19:58
RoyKI work in a research institute - we have scientists complaining about all sorts of things19:59
RoyKif you just tell them how things work, it's usually not a problem19:59
geekbrithe problem is, and i have no idea why they've designed it this way, but their php scripts rely on bash enviromental variables.20:00
RoyKthen create a script as a wrapper20:00
RoyKyou won't get the user environment into cron20:00
geekbriright, but thats where all the complaining comes in, because they say, well why do we need to write a script to run a script... and i've tried to explain but they just dont seem to get it20:01
RoyKbecause cron doesn't read .bashrc20:01
geekbriyeah but, its actually a totally seperate file with just a bunch of exports in it.20:01
geekbriso it resides in /etc/web/conf.d/stage2.env or something to that effect20:01
* RoyK gets tierd20:02
geekbrianyway i'll have to try to see if the source will work, and if it doesn't which it probably wont, i'll have to write that wrapper and tell them thats just the way it'll have to be20:02
RoyKgeekbri: google cron environment20:03
geekbriRoyK: rgr that20:03
RoyKrgr?20:04
geekbriroger20:05
geekbriroger that20:05
RoyKsorry, didn't know that tla20:06
=== carcinogen75 is now known as zz_carcinogen75
hallynhggdh_, any update on bug 746751 ?20:14
uvirtbotLaunchpad bug 746751 in linux "kernel: [Firmware Bug]: the BIOS has corrupted hw-PMU resources (MSR 38d is 30)" [Critical,In progress] https://launchpad.net/bugs/74675120:14
hggdh_hallyn: it seems, really, to be related to walrus issues, I opened bug 753779 on it20:17
uvirtbotLaunchpad bug 753779 in eucalyptus "walrus fails to retrieve images on instance startup" [Undecided,New] https://launchpad.net/bugs/75377920:17
=== hggdh_ is now known as hggdh
RoAkSoAxrobbiew: systemd won't yet be considered till the LTS?20:34
RoyKwhat's sysdamd?20:36
RoyKah20:36
RoyKI guess we'll have to get pissed off another 18 months with upstart before we can attempt that one20:37
RoyKs/off //20:37
RoyK[offtopic] http://www.youtube.com/watch?v=kNxX4SDqpVU20:45
amber285Hi All,My company has just recently migrated from a Windows to a Linux farm.  At the moment we don’t have document storage system so we are using Google docs at the present time. We don’t see this as the safest method of document storage so I have been assigned the task of finding a better solution.I have been advised to set an FTP server but this method seems dated and the search functionality isn’t very good and I’ve a21:37
RoyKheh - amber285 spent two whole minutes waiting for an answer :)21:50
semiosisRoyK: she didnt even finish writing her21:50
RoyKsemiosis: agre21:53
amstani have around 6 comps in my house, all need to download latest debs22:23
amstani'm looking for the simplest clone of apt-proxy22:23
amstanit would be nice if i didn't have to change all lines from sources.list22:23
jjohansenhallyn: any new info I should be aware of on Bug #74675122:46
uvirtbotLaunchpad bug 746751 in linux "kernel: [Firmware Bug]: the BIOS has corrupted hw-PMU resources (MSR 38d is 30)" [Critical,In progress] https://launchpad.net/bugs/74675122:46
=== dendrobates is now known as dendro-afk
=== dendro-afk is now known as dendrobates
=== dendrobates is now known as dendro-afk
shaunoon postfix, should I have an alias for MAILER-DAEMON, since he's signing off on bounces? or is that meant to disappear to stop cyclic loops23:42

Generated by irclog2html.py 2.7 by Marius Gedminas - find it at mg.pov.lt!