=== dendro-afk is now known as dendrobates
[00:41] <bastidrazor>  when setting mutt to use imap and remote folders.. i don't know the path i should use for INBOX.
=== dendrobates is now known as dendro-afk
=== dendro-afk is now known as dendrobates
[01:01] <jeeves_> ok, after an hour or so of pulling my hair out, I'm now down to figuring that the one port on my server isn't responding the internal requests.  I currently have a server with port forwarding on the router, and now that I have BIND setup, it's refusing to talk to the internal clients on the secondary NIC
[01:06] <jeeves_> so, what would cause the server to forget it's brains when it's serving up requests from other networks?
=== draven_sol is now known as draven
=== dendrobates is now known as dendro-afk
[02:07] <dku> Is there anything wrong with this iptables rule? "iptables -t nat -A PREROUTING -p tcp -i eth0 --dport 10000 -j DNAT --to-destination 192.168.3.95:3000"  I'm trying to accept connections to my box on port 10000 and forward them to an internal IP at port 3000. Still getting connections refused to port 10000 after running that rule, so it doesn't seem to be working...
=== jeeves_ is now known as jeeves_moss
[02:34] <dku> never mind, figured it out
=== jfluhmann_ is now known as jfluhmann_bedtim
=== jfluhmann_bedtim is now known as jfluhmann_
=== dendro-afk is now known as dendrobates
[04:49] <aliverius> i have installed a server inside a kvm in my server to isolate certain services accessible from the internet, for example a web server. i will need an aql server for that. can i use the sql server of the host or would that imply a security risk?
=== dendrobates is now known as dendro-afk
=== dendro-afk is now known as dendrobates
[05:57] <aliverius> i have installed postgresql lighttpd and php5-cli
[05:57] <aliverius> since i am a begginer i wanted to ask if that is all i need to run a webserver
[05:58] <aliverius> i wanted to avoid apache and mysql
=== dendrobates is now known as dendro-afk
=== dendro-afk is now known as dendrobates
=== cole is now known as Guest89726
[07:22] <mithran1> hi all, what is the correct way to set the ip address of an ethernet interface is it 'ifconfig eth0 <ip> netmask <netmask>'?
[07:24] <mithran1> i actually have an ubuntu server installed on a machine and that server is not responding to a network boot request, it says no DHCP offers received, where do I start to troubleshoot this problem?
[07:25] <twb> mithran1: an interfaces can have zero or more addresses, not just one
[07:27] <mithran1> twb: ok..1 of my interfaces, is getting a funny address(something that is not part of the public network), but it needs an address thats part of the publi network for us to work with the server, the hardware cabling seems to be fine (ie the DHCP server and this network interface are on the same VLAN)
[07:28] <mithran1> can someone give me some pointers on trouble shooting DHCP issues, with ubuntu or linux in general?, this is the first time i would be doing that, so I dont know much :(
[07:31] <twb> mithran1: what is this "funny address"?
[07:32] <mithran1> 192.168.5.xxx <- is the public address, 192.168.112.1 is what my ubuntu server is getting
=== newbie is now known as Guest83073
[07:32] <twb> Maybe you have a rogue DHCP server on your network
[07:33] <twb> Run dhclient -v and see where the DHCPACK comes from
[07:35] <mithran1> that command just seems to give me some version information?
[07:36] <twb> Ugh, one moment
[07:36] <twb> OK, no -v on lucid
[07:38] <mithran1> twb: if i statically set my ip using ifconfig, will it remain if i restart the server?
[07:38] <twb> No.
[07:38] <mithran1> ok good
[07:40] <mithran1> twb: so when i statically set the ip using the 'ifconfig eth0 <ip> netmask <netmask>' command, I am not able to ping computers on the public network..
[07:43] <mithran1> DHCPDISCOVER on br1_101 to 255.255.255.255 port 67 interval 6, ok i just picked that up from when the server was rebooting....
[07:44] <mithran1> twb : is there a way to say ask this ip for a dhcp request?
[07:44] <twb> Yes -- DHCPREQUEST instead of DHCPDISCOVER
[07:45] <twb> But I don't know how you configure that on the filesystem
[07:53] <mithran1> No DHCPOFFERS received. \n No working leases in persistent database - sleeping.\n, please let me know if there is anything you want me to try, im trying to see if there is some issue with the DHCP server here...
[08:10] <asadeddin> Hey all. I have a problem that i need some help with. We're moving from one ip to another and I need to update the MX record, doing this will give me some downtime because i have to wait for the thing to propagate and then swtich the hardware and software setup
[08:10] <asadeddin> is there a way i can setup the new MX record while keeping the old one
[08:11] <asadeddin> so that the new one propagates and then i can swtich the hardware and software setup quickly
[08:11] <asadeddin> then i can delete the old record
[08:11] <shauno> asadeddin: you can have multiple MXes and give a different weight to them
[08:11] <asadeddin> priorities
[08:11] <asadeddin> yeah
[08:12] <asadeddin> and? how can i use that to my advantage, because i see my problem is that I need it to point to two different ip's, so one will give an answer while the other no response
[08:16] <asadeddin> anyone?
[08:18] <shauno> asadeddin: that's how I understand having multiple records should work?  eg, I have mail1 with priority 10, mail2 with priority 20.  so mail2 only gets used when mail1 is unavailable
[08:19] <twb> shauno: MXs?
[08:19] <joschi> asadeddin: just lower the TTL (e. g. 1h) for the respective zones in your name servers a few days before you need to do the switch.
[08:19] <joschi> asadeddin: then do the switch and raise the TTL again
[08:19] <shauno> twb, mail exchange records for dns
[08:19] <twb> Yeah, you can have lots
[08:20] <twb> Note that ill-behaved peers (read: spammers) might decide to try the "wrong" MX first
[08:21] <asadeddin> so basically... Start a new MX record pointing to the new IP address with a lower priority than the current one. When the switch happens, the old one will fail and the new one will take over as the MX record. Is that correct?
[08:21] <asadeddin> then i can delete the old one and raise the new MX priority
[08:21] <twb> You may also want an entry like this one:
[08:21] <twb> keegel.id.au.           8643    IN      MX      900 tarbaby.junkemailfilter.com.
[08:22] <shauno> asadeddin: that's my understanding, yeah.  they 'should' use the highest priority they can connect to, and fall down the chain in order until one answers
[08:22] <asadeddin> ok
[08:22] <asadeddin> how do i know if the new one propagated? i mean it's difficult no?
[08:23] <twb> asadeddin: you ask the DNS server you want to know if it propagated to.
[08:23] <twb> e.g. dig @8.8.8.8 to test one of google's DNS servers
[08:24] <twb> You probably want the old host to -j REJECT rather than -j DROP, though, so it falls through faster
[08:24] <asadeddin> i dont know how to do that
[08:24] <asadeddin> i m currently doing all of this in the domain host web panel
[08:25] <asadeddin> let me see what's infront of me
[08:25] <asadeddin> thanks tho for the excellent support. i was sure the ubuntu-server guys would know ;)
[08:28] <asadeddin> ok
[08:28] <asadeddin> basically what i see infront of me is a bit weird
[08:28] <asadeddin> there are no custom MX records listed, but under A records I see the @ is pointed to our mail server
[08:30] <asadeddin> anyideas?
[08:39] <xampart> asadeddin: we did isp change recently. it was quite easy, as we first put 2NICs to our server, and configured our new ip to that. then we made dns changes and monitored the traffic
[08:39] <twb> I don't support "web panels", sorry
[08:41] <asadeddin> i like the NIC thing lol
[08:41] <asadeddin> creative
[08:42] <asadeddin> my problem is that i m not seeing any custom made MX records. I see the @ A record is pointing our IP
[08:44] <xampart> so you should a an mx record pointing to either your mail server or (like our mx) to our email virus service ip
[08:45] <asadeddin> i understand
[08:45] <asadeddin> i should call network solutions and see what they have to say about this
[08:45] <asadeddin> maybe i can get an idea of my current setup better
[08:45] <asadeddin> but thanks a lot all! i really appreciate the help. :)
[08:58] <eagles0513875|2> what is the right way to setup a cron job on ubuntu server lucid
[09:29] <eagles0513875|2> hey guys anyone here
[09:30] <joschi> eagles0513875|2: run `crontab` or edit the files in /etc/cron.*
[09:30] <raphink> hi eagles0513875|2
[09:30] <eagles0513875|2> joschi: either way will work right
[09:31] <eagles0513875|2> joschi: if it requeres root to run this script would crontab be better to use
[09:31] <raphink> eagles0513875|2, you can use /etc/cron.d/* whatever user is required
[09:31] <joschi> eagles0513875|2: it depends. you could also run the skript with sudo in your user crontab
[09:32]  * eagles0513875|2 is totally confused
[09:32] <eagles0513875|2> thing is i need this script to run as root as i then need cron to send the root user an email if there is an error
[09:32] <eagles0513875|2> ill use root crontab
[09:38] <eagles0513875|2> joschi: what would i need to put in the cron tab to setup a daily run of my script at a given time
[09:39] <joschi> eagles0513875|2: see `man 5 crontab`
[09:42] <eagles0513875|2> thanks shoudl be able to figure it out now
[09:44] <SuperRoach> Hello there. Has anyone here tried to and been able to update their php version to 5.3 (from 5.2) to help patch its security?
[09:53] <eagles0513875|2> joschi: how can i update an already existing crontab entry
[09:53] <eagles0513875|2> to change when its run etc
[09:53] <joschi> eagles0513875|2: just edit the crontab file
[09:54] <eagles0513875|2> my next question is how can i get it to send an email to root if there are errors with the backup script
[09:54] <eagles0513875|2> if the script produces stderr
[09:55] <eagles0513875|2> is that possible to do?
[09:57] <joschi> eagles0513875|2: look for MAILTO in `man 5 crontab`
[09:57] <eagles0513875|2> ok
[09:58] <eagles0513875|2> joschi: now in the case of ubuntu if i want to mail to root would i use sudo?
[09:58] <eagles0513875|2> or a user whose listed in the sudoers file
[10:00] <joschi> eagles0513875|2: look for MAILTO in `man 5 crontab`
[10:00] <eagles0513875|2> joschi: i did but seeing as ubuntu doesnt have root but uses sudo hence why im asking
[10:00] <joschi> eagles0513875|2: try `id root` and you'll see that there is a root user
[10:01] <eagles0513875|2> if leave MAILTO= "" no mail is sent otherwise mail will be sent to the owner of the crontab
[10:01] <eagles0513875|2> so since i used sudo crontab -e it will send it to root right
[10:01] <eagles0513875|2> if im reading the man page right
[10:03] <xampart> eagles0513875|2: you could "echo "root your.user@domain" >> /etc/aliases && newalises"
[10:03] <eagles0513875|2> O_o
[10:04] <eagles0513875|2> is my understanding of the man page correct though
[10:05] <eagles0513875|2> xampart:  i do mail to and pass what you pasted above
[10:06] <eagles0513875|2> wow just found something similar to what you just mentioned
[10:09] <eagles0513875|2> outa curiosity is it possible to have the root crontab one job runnign sending mail to root daily another sent to lets say user a to back up his data and let him know its backed up
[10:09] <eagles0513875|2> is that possible
[10:11] <xampart> what exactly?
[10:12] <eagles0513875|2> lets say you have multiple users runnign their respective cron jobs via the root crontab
[10:13] <eagles0513875|2> is it possible to have Mailto send an email to one user about their job and then to a different user about a different job
[10:14] <xampart> "By default cron jobs sends a email to the user account executing the cronjob."
[10:14] <eagles0513875|2> so in my case root
[10:14] <eagles0513875|2> which makes the mail to redundant
[10:14] <xampart> why not use users crontab
[10:14] <eagles0513875|2> this one im running a backup into /mnt and i need root to back up my files to that location
[10:15] <xampart> it is possible
[10:16] <eagles0513875|2> well i have it setup in root crontab for now
[10:16] <sky1> which packages for ubuntu i need for an basic authentification only with the form login page from request tracker .. no samba or other stuff is necessery
[10:16] <sky1> on the client side
[10:33] <jussi> Hrm, Im having an issue with my server, I want to have all pages in domain.com/subdir/ redirect back to domain.com/subdir/index.html - How would I acheive this?
[10:37] <jussi> alternately, is it possible that I only allow trafic to there from one ip address?
[10:39] <eagles0513875|2> jussi: traffic from one ip i think is done with .htaccess if im not mistkaen
[10:39] <eagles0513875|2> if not that im sure you can use hosts.allow as well
[10:39] <eagles0513875|2> and route accordingly in iptables
[10:40] <shauno> htaccess is easiest, as it'd only affect that vhost & directory.  something like http://paste.ubuntu.com/590661/
[10:41] <shauno> redirecting everything back to index.html would be some mod_rewrite magics that I'm not capable of doing off my head :)
[10:42] <mithran1> is there a command like top for ifconfig??
[10:47] <uvirtbot`> New bug: #753330 in samba (main) "The Samba 'panic action' script, /usr/share/samba/panic-action, was called for PID 1783 (/usr/sbin/winbindd)." [Undecided,New] https://launchpad.net/bugs/753330
[10:47] <raphink> mithran1, why would you like such a command?
[10:48] <raphink> mithran1, you want to watch your IP address?
[10:48] <soren> mithran1: You mean ilke iftop?
[10:48] <soren> s/ilke/like/
[10:48] <jussi> shauno: thanks. I ended up googling for it, found post no 2 here: http://www.webmasterworld.com/apache/4085501.htm
[10:48] <jussi> (which worked)
[10:49] <shauno> jussi: looks convincing, but you can see why it's harder to produce blind :)
[10:49] <jussi> shauno: yeah. :)
[10:54] <mithran1> raphink: thank you so much, its looks awsome
=== uvirtbot` is now known as uvirtbot
[10:57] <raphink> mithran1, you mean soren right?
[10:58] <mithran1> ya raphink: I did mean soren, sorry..
[10:58] <mithran1> soren: thanks a lot, that is a really good tool, helps me do exactly what I want to
[10:59] <soren> np
[11:03] <pluesch0r> hi everybody. i'm trying to install grub on a disc that i restored from a backup. i've booted my box from a install disc.
[11:04] <pluesch0r> after mounting the disc, bind-mounting dev and supplying proc on the correct position, i'm trying to find /boot/grub/stage1 inside the grub shell.
[11:04] <pluesch0r> however, the file is not found (it is there, though).
[11:04] <pluesch0r> what could i be doing wrong?
[11:05] <pluesch0r> i'm using grub 0.97-29ubuntu53 on an ext4 disc.
[11:05] <jussi> Hrm, just downloaded lucid server, and Im getting:  Unknown keyword in configuration file gfxboot.
[11:05] <jussi> vesamenu.c32:  not a COM32R image
[11:05] <jussi> any way to boot?
[11:06] <eagles0513875|2> lucid server has worked for me like a charm
[11:06] <eagles0513875|2> brb need to reboot work laptop
[11:38] <jamespage> Daviey: fix for bug 749720 uploaded and proposed if you would to review :-)
[11:38] <uvirtbot> Launchpad bug 749720 in mod-wsgi "Wrong symlink in libapache2-mod-wsgi-py3 and incompatible with python3.2" [Medium,Confirmed] https://launchpad.net/bugs/749720
[11:41] <Daviey> jamespage, super
[11:41] <Daviey> what was wrong with the detecting python version line?
[11:41] <Daviey> jamespage, fancy adding DEP-3 headers to the patch?
[11:41] <jamespage> Well I'm no regex guru but it mapped 3.2-1 -> 3.2-1 instead of 3.2
[11:42] <Daviey> ahh
[11:42] <jamespage> Daviey: ack - occurred to me just after proposed the patch
[11:42] <Daviey> super!
[11:42] <jamespage> give me 5
[12:08] <jamespage> Daviey: branch updated as requested :-)
[12:11] <Daviey> jamespage, awesome, just reviewing something else... will then sort it out
[12:13] <xampart> how are your central loggin systems set up?
[12:20] <TeTeT> SpamapS: hi, could you fix bug 561750 for Lucid as well?
[12:20] <uvirtbot> Launchpad bug 561750 in squid "squid starts and stops immediately (after upgrade from karmic to lucid)" [Medium,Fix released] https://launchpad.net/bugs/561750
[12:44] <a7ndrew> less less
=== squishy is now known as SquishyNotHere
[13:10] <daxroc> Hey all
[13:11] <kaipanoi> Mornin
[13:11] <kaipanoi> or afternoon or evening, as appropriate
[13:20] <daxroc> Having a problem with mysql-cluster-server package, http://pastebin.com/WG74xyFb
[13:23] <daxroc> any one know how I could fix the following error ?
[13:24] <mok0> daxroc: line 16 says it
[13:42] <daxroc> mok0: libmysqlclient is causing the conflict, I can't remove it tho ?
[13:43] <raphink> daxroc, that looks like a bug in lucid
[13:46] <daxroc> raphink: on 10.10
[13:48] <raphink> daxroc, I doubt so
[13:48] <daxroc> The version I am using is 10.10, with that error
[13:49] <raphink> mysql-cluster-client-5.1 7.0.9-1ubuntu7 and libmysqlclient16 is from stock lucid
[13:49] <raphink> sorry
[13:49] <raphink>  mysql-cluster-client-5.1 7.0.9-1ubuntu7 is from stock lucid
[13:49] <raphink> and libmysqlclient16 5.1.41-3ubuntu12.10 is from lucid-updates
[13:49] <raphink> maverick has higher versions of both
[13:50] <daxroc> raphink: sorry I am using lucid
[13:50]  * daxroc hides
[13:50] <raphink> anyway, this is a bug, there should be a conflict between the two packages
[13:51] <raphink> is there something that prevents you from removing the libmysqlclient16 package?
[13:52] <daxroc> not sure how? apt-get remove libmysqlclient16 ?
[13:52] <raphink> that, or use apt-get install mysql-cluster-client-5.1 libmysqlclient16-
[13:53] <raphink> which will remove libmysqlclient16 at the same time as it installs mysql-cluster-client-5.1
[14:02] <daxroc> raphink: not letting me remove libmysqlcleint, php5-mysql depends on it , when I try and remove php5-mysql it gives an error about mysql-cluster-server not installed correctly
[14:04] <raphink> daxroc, if you have packages depending on libmysqlclient16, you can use equivs to fix that
[14:04] <raphink> (and do report the bug, please)
[14:08] <daxroc> raphink: not sure what I should do wiht equivs
[14:08] <daxroc> can I force uninstall and reinstall after ?
[14:11] <N3> good domain registrar with privacy?
[14:18] <asadeddin> hey all. quick question. I'm planning on moving ISP's and I found out we have no MX record, although we have a mail server in the office that's working. Our IP's for all other and none on the A records is set to our mail server
[14:19] <asadeddin> no if we should move ISP's, all i have to do is change the IP's for the A records?
[14:29] <raphink> sorry daxroc I was afk
[14:30] <raphink> see http://www.debian.org/doc/manuals/apt-howto/ch-helpers.en.html about equivs
[14:30] <raphink> build a fake package that provides libmysqlclient16 so php doesn't complain
[14:38] <RoAkSoAx> morning all
[14:41] <semiosis> morning RoAkSoAx
[14:41] <RoAkSoAx> morning semiosis
[14:45] <Klight> Hello all, anyone good with wpasupplicant, I've got it installed okay and even got a connection, however now the server crashes (hangs) on shut down or reboot. I'm very new at all this so I thought I ask the pros :)
[14:57] <raphink> hi RoAkSoAx
[14:58] <RoAkSoAx> hi raphink
[15:15] <pmatulis_> quick one.  i created an alias with 'ip address add 192.168.7.100/24 dev br0'.  but this never shows up with ifconfig.  normal?
[15:16] <uvirtbot> New bug: #753580 in dhcp3 (universe) "dhclient does not strip or escape shell meta-characters" [Undecided,New] https://launchpad.net/bugs/753580
[15:23] <zul> SpamapS: ping
=== doko_ is now known as doko
[15:41] <uvirtbot> New bug: #753605 in mysql-5.1 (main) "removing mysql with apt doesn't delete user mysql" [Undecided,New] https://launchpad.net/bugs/753605
=== rizzuh_laptop_ is now known as rizzuh_laptop
[16:11] <hggdh> Daviey: there?
=== robbiew1 is now known as robbiew
[16:16] <uvirtbot> New bug: #753661 in nut (main) "upsd write() failed for 127.0.0.1: Broken pipe" [Undecided,New] https://launchpad.net/bugs/753661
=== michael_ is now known as minorbug
=== zz_carcinogen75 is now known as carcinogen75
[16:59] <Daviey> hggdh, o/
=== Guest89726 is now known as cole
[17:03] <andygraybeal> can a group be inside of another group?  so for instance the group 'lpadmin' is inside the group  'coordinator'; so every time i assign someone to the group 'coordinator' they also are inside the group 'lpadmin' ... or is this rediculous thought pattern?
[17:04] <SpamapS> zul: pong
[17:09] <MTecknology> I'm having some troubles... http://dpaste.com/529722/ ... the physical volume has 1013.6 GB available to it - but pvdisplay indicates that it thinks there is only 704.00 GB available
[17:09] <SpamapS> MTecknology: did you pvresize it?
[17:10] <MTecknology> SpamapS: I wanna hug you
[17:12] <SpamapS> MTecknology: please refrain .. people will talk
[17:12]  * patdk-wk wants a hug too!
[17:12] <MTecknology> well...
[17:12] <patdk-wk> hmm, I couldn't locate any amavisd-new 2.7.0 packages anywhere :(
[17:12] <MTecknology> SpamapS: i won't hug you then.. i'll just kiss your nick on the screen
[17:12] <patdk-wk> just finished building one, took a few hours :(
[17:13] <patdk-wk> now to throw it onto my production test server :)
[17:13] <screen-x> Hi all, I'm having trouble building a debian package for a perl module with dh-make-perl. First error is "Too early to specify a build action 'vendor'. Do 'Build vendor' instead." full output: http://scsys.co.uk:8002/96335
[17:14] <MTecknology> SpamapS: point is - thanks :)
[17:15] <SpamapS> MTecknology: glad you got it going
[17:16] <patdk-wk> hmm, slow launchpad day
[17:16] <SpamapS> screen-x: seems like that module isn't built right for CPAN
[17:17] <SpamapS> patdk-wk: the fact that you can notice when its slow is a testament to how much faster it has gotten of late. ;)
[17:17] <patdk-wk> I know :)
[17:17] <patdk-wk> sometimes I had builds take an hour to even notice I submitted them
[17:17] <screen-x> SpamapS: hmmmm, so theres a bug in the module itself?
[17:17] <patdk-wk> let alone build
[17:18] <SpamapS> screen-x: or in its packaging.
[17:18] <SpamapS> screen-x: meaning, its perl packaging
[17:18] <RoAkSoAx> kirkland: ping
[17:19] <RoAkSoAx> zul: ping
[17:19] <screen-x> SpamapS: ok, thanks
[17:20] <zul> RoAkSoAx: pong
[17:20] <RoAkSoAx> zul: by any chance do you have some free time and a cobbler server ready to netbook?
[17:20] <RoAkSoAx> zul: I'm getting an error during install that says
[17:21] <RoAkSoAx> "No kernel modules were found. etcetc"
[17:21] <zul> RoAkSoAx: not right know i dont
[17:21] <zul> the iso import failed or soemthing?
=== jamespage is now known as ringo
[17:22] <RoAkSoAx> zul: nope, the imported ISo is the same, and was working fine on Monday as far as I can remember
[17:22] <RoAkSoAx> s/same/same I had for quite a while now/
[17:22] <zul> weird...did you guys break something? ;)
[17:23] <RoAkSoAx> zul: well only I patch was added from the time It was working fine till now, so that might be it
[17:23] <zul> RoAkSoAx: which patch is this?
[17:23] <RoAkSoAx> 36_tainted_file_path.patch
[17:24] <RoAkSoAx> zul: but that really shouldn't affect in any way
[17:25] <zul> RoAkSoAx: try it withouth
[17:25] <RoAkSoAx> zul: yeah building now :)
=== ringo is now known as jamespage
[17:31] <MTecknology> SpamapS: how about this one? http://dpaste.com/529732/
[17:34] <MTecknology> OH!... I grew the physical volume wrong.... and now it's beyond it's actual capacity
[17:39] <MTecknology> and i learned yet more today....
[17:39] <MTecknology> working perfect now
[17:39] <MTecknology> online resize of fs taking place and no issues expected
[17:40] <patdk-wk> looks like amavisd-new is working good :)
[17:54] <shaiguitar> hey, my main.cf looks like this: http://pastie.org/pastes/1768470/text?key=bt9yd6xho5kiie5ditgiq
[17:54] <shaiguitar> andI was wondering how to config to forward everything (including local mail) to an external
[17:54] <shaiguitar> @gmail address?
[17:54] <shaiguitar> I'm a total noob at this, so TIA :P
[17:54] <shaiguitar> specifically I guess I should change procmail -a "$EXTENSION" also? I don't know though TBH
[17:57] <robbiew> jamespage: JamesPage: do you have a wordpress account?
[17:57] <shaggy2> g'day helpfull people, I need some help, I have changed the network card that the server uses, I need to know how to find out what network cards are installed and what the short name (eth*) the system has given?
[17:57] <robbiew> Daviey: fyi...granted you admin rights to the wordpress blog
[17:58] <Daviey> robbiew, ta
[18:01] <shaggy2> FYI, I had 3 cards installed, my network was on eth1 I removed 2 cards for use in another system and now I only have the onboard card, I thought it would just be eth0 but it's apparently an unknown interface assistance please anyone?
[18:02] <kaipanoi> ifconfig -a
[18:03] <shaggy2> thank you
[18:04] <kaipanoi> np
[18:06] <shaggy2> I almost have everything back up and running after a complete network overhaul... I changed from using my netgear router from handling everything to installing freebsd with pfsense (complete installer package) and using that to handle 2 different IP ranges
[18:07] <kaipanoi> I love pfsense
[18:07] <shaggy2> I am learning it.
[18:08] <kaipanoi> its the only fw we use at work
[18:08] <shaggy2> was told to just run it in a VM for a while till I learn it, I just went right ahead and installed it, stuffed it up then reinstalled it, and now got it fully working and handling everything todo with networking
[18:09] <shaggy2> can I disable NAT on one adaptor (ip range) but not the other?
[18:11] <kaipanoi> might be better to just use 1:1
[18:11] <shaggy2> what is 1:1
[18:11] <kpettit> I haven't had to deal with hardware in awhile.  What's the best mid-high end processor for running virtual machines, probally with virtualbox?
[18:12] <shaggy2> is that like DMZ?
[18:12] <kaipanoi> how much money do you have, kpettit? ;)
[18:13] <kaipanoi> shaggy2, kinda/maybe. with 1:1 NAT you can make a private IP appear to have a public IP
[18:13] <kaipanoi> http://doc.pfsense.org/index.php/1:1_NAT
[18:13] <RoyK> kpettit: you can probably do well with an elderly opteron
[18:14] <kpettit> kaipanoi, I was thinking of spending 700-1k on a desktop.
[18:14] <RoyK> kpettit: the important part in most cases is memory, not cpu
[18:14] <RoyK> kpettit: anything will do in that price range
[18:14] <RoAkSoAx> zul/win 18
[18:14] <RoAkSoAx> argh
[18:14] <kpettit> So there isn't any specific processor feature or anythning that I should be looking for?
[18:15] <RoyK> all new processors, except some atoms, support what you need
[18:15] <kpettit> I know some of the older processors are missing some virtualzation features.  Just wanted to make sure i didn't miss something
[18:15] <RoyK> and for a desktop, you wouldn't really want an atom
[18:15] <kpettit> RoyK, perfect.  Thanks
[18:15] <RoyK> older, yes, but that's like 3 years old or so
[18:15] <kaipanoi> ensure it has AMD-V or TV-x
[18:15] <kaipanoi> http://en.wikipedia.org/wiki/X86_virtualization
[18:16] <kpettit> I've got a dual-core xeon now with 4gb.  And it just isn't keeping up wiht me doing 1 vm and regular desktop stuff
[18:16] <RoyK> kpettit: also, kvm will probably do better than vbox
[18:16] <RoyK> (just my 2c)
[18:16] <shaggy2> kaipanoi: ok here is my setup, 1 nic is the WAN, next is the Private IP's (eg 192.168), 3rd is the public ip's a /29 setup. on the public IP nic I have 3 servers. that have the /29 ips (eg 150.101)
[18:16] <kpettit> kpettit, I've been anxious to try that.  It's been awhile.  kvm wasn't quite there last time I tested, but it's been a good year or two sense I tried last
[18:16] <RoyK> kpettit: talking to yourself? :)
[18:17] <kpettit> apparently.  I think I forgot to take my meds.  kpettit, no you didn't
[18:17] <shaggy2> lol we all talk to ourselves, we are allll NUTS :)
[18:17] <RoyK> kpettit: kvm is in at least lucid and so on
[18:17]  * RoyK doesn't talk tohimself, yes!, no, he doesn't
[18:17] <kpettit> :)
[18:18] <MTecknology> sudo -s
[18:18] <RoyK> first sign of sanity, really
[18:18] <MTecknology> sorry
[18:18] <RoyK> you should hear me if I debug something bad :P
[18:18] <kpettit> haha.  I bet.  I usually have to make sure my kids aren't around when I start coding.
[18:18] <shaggy2> should here be when I stuff soemthing up with the network or the servers
[18:18] <shaggy2> I abuse myself
[18:20] <MTecknology> I'm a good coder, so no bad language comes from me
[18:20] <kpettit> :) THat was pretty good
[18:20] <RoyK> hah - the windoze guys at work had decided to use Ahsay for windoze backup instead of sticking with bacula for it all and then, suddenly, ahsay added another 800% to their pricing - boss decided to switch to bacula in a fraction of a second
[18:21] <kpettit> RoyK, gotta love that.  Sticker shock seems to make alot of opensource converts
[18:22] <RoyK> bacula is _fast_ btw
[18:22]  * patdk-wk wants to play with bacula
[18:22] <patdk-wk> I have a 25 lto lib, doing nothing
[18:22] <patdk-wk> cause the expensive corperate software doesn't work
[18:23] <RoyK> with 220TB worth of backup storage, we don't need further investments in a few years :P
[18:23] <patdk-wk> royk, but what happens when you fill that next month? :)
[18:23] <RoyK> we won't
[18:24] <RoyK> if we do in a year or two, we get another disk shelf or two
[18:24] <patdk-wk> when the commercial backup thing worked, it took >2weeks to do a backup
[18:24] <patdk-wk> it never finished, I killed it
[18:24] <patdk-wk> out data is completely replaced within 2 weeks
[18:25]  * patdk-wk just doing an rsync was faster than 2 weeks :)
[18:25] <RoyK> we were considering getting disk-based backup for Legato, but the pricing was hilarious - you have to pay for the amount of storage space available to Legato
[18:25] <RoyK> and when 100TB doesn't cost much, paying > 10x the price of that for licenses, well, bacula was a better choice :P
[18:28] <jamespage> robbiew: I do
[18:30] <shaggy2> umm anyone here no anything about dns servers??? I have bind9 installed and have it set with a domian name and the ipaddress of where is it hosted, I have set the name servers with my register to that of my server but it's not happening
[18:30] <MTecknology> time to start writing a bash app... and also time to start music so i don't lose it
[18:30] <MTecknology> this this is going to be a minimum of 5 billion lines.....
[18:31] <RoyK> shaggy2: what's the IP of the host and the domain name (zone) it's supposed to service? I can test form here if you like
[18:31] <RoyK> MTecknology: in bash...
[18:31] <shaggy2> admin.shaggyweb.net and the ip is 150.101.191.139
[18:32] <RoAkSoAx> SpamapS: can I close this one as kirkland already worked on getting the cobbler-web package working? bug #705691
[18:32] <uvirtbot> Launchpad bug 705691 in cobbler "cobbler-web should include a working configuration and a README file detailing the steps necessary" [Wishlist,Confirmed] https://launchpad.net/bugs/705691
[18:32] <RoyK> Dora:~ roy$ host admin.shaggyweb.net 150.101.191.139
[18:32] <RoyK> ;; connection timed out; no servers could be reached
[18:33] <RoyK> shaggy2: I guess, either bind isn't started, or a firewall blocks it
[18:35] <shaggy2> ok I'll look into it
[18:35] <MTecknology> RoyK: ya... odly enough- i think that's the best choice unless except for possible python- but i'm also not a python fan
[18:36] <RoyK> MTecknology: bash scripting is for tiny stuff, not for writing applications
[18:36] <RoyK> MTecknology: bash is parsed, not precompiled
[18:36] <RoyK> use something sane like python, php, perl, even mono
[18:36]  * RoyK likes perl
[18:37] <MTecknology> RoyK: it's not really an app.. it's a very simple management interface for sentinel servers. the hard part is going to be all the whiptail i'll be using
[18:37] <MTecknology> or dialog.. not sure yet
[18:37] <MTecknology> and saving configs
[18:38] <RoyK> just use a sane programming language with database support (which includes them all, the sane ones)
[18:38] <MTecknology> they need to be able to edit the config manually too
[18:38] <shaggy2> can someone ping 150.101.191.139 for me please
[18:39] <MTecknology> shaggy2: no
[18:39] <MTecknology> RoyK: i'm still considering python for this - just not sure - it's the best tool, but i don't like it
[18:39] <MTecknology> best tool for 'this'
[18:39] <MTecknology> job
[18:39] <MTecknology> I need to stop swapping keyboards
[18:41] <RoyK> MTecknology: python, or java, or perl, or mono, or php, or ruby, or anything, really, will do the job nicely. which one you choose is only a matter of which one you know the best or like the most
[18:41] <kpettit> I love me some python.  Espically for cli apps.
[18:41]  * RoyK uses perl for that :P
[18:42] <MTecknology> perl or python would be best suited for this i'm sure
[18:42] <RoyK> I have to admit I use shell scripts for easy stuff, but when it comes to saving state, shell scripts rather suck
[18:42] <kpettit> so many languages, so little time
[18:42] <RoyK> já, ég veit
[18:43] <kpettit> yeah, I agree.  I started using pythong becuase it was easier for me to pick up than some of the other ones at the time.  And I needed to be able to do cli, gui, and web stuff.
[18:43] <RoyK> kpettit: then python is probably the best to you for you
[18:43] <kpettit> My brain can't handle learning too many different things at the same time :)
[18:43] <kpettit> last time I tried, I forgot my kids names.
[18:43] <RoAkSoAx> zul: apparently it wasn't cobbler, but rather and issue with the archives, as I imported today's ISO and no error whatsoever
[18:44]  * RoyK once attended German and Icelandic courses in parallel - NOT a good idea
[18:44] <zul> RoAkSoAx: cool beans
[18:46] <pittstains> can someone tell me what the aolserver4-nsd application does?  i see that it's running on a server I administer, but I have no recollection of installing it
[18:51] <RoyK> pittstains: AOL Web server AFAICS
[18:51] <RoyK> pittstains: if you don't recall installing it, I guess running chkrootkit might be a good idea :P
[18:52] <pittstains> RoyK: the man page says only "Nsd is the AOLserver binary."
[18:52] <RoyK> yeah, but are you running aolserver?
[18:53] <pittstains> it was running when i logged in, and it was hogging port 80 so Apache couldn't listen on it
[18:53] <RoyK> pittstains: did you install the server?
[18:53] <pittstains> no, i am a little concerned about how it got there...
[18:54] <RoyK> !chkrootkit
[18:54] <RoyK> stupid bot
[18:54] <pittstains> haha
[18:54] <RoyK> !google chkrootkit
[18:54] <ubottu> I have no google command, use http://www.google.com/
[18:54] <pittstains> hm, i'm also seeing a /home/sysgames directory that doesn't look familiar
[18:54] <pittstains> aaaaaaaaaaaaaaaarg
[18:55] <RoyK> pittstains: see above :P
[18:56] <Pici> !info chkrootkit
[18:56] <ubottu> chkrootkit (source: chkrootkit): rootkit detector. In component main, is optional. Version 0.49-4 (maverick), package size 301 kB, installed size 824 kB
[18:56] <pittstains> yup, and there's a new user called sysgames in /etc/passwd... the newest user, even
[18:56] <RoyK> pittstains: I'd download chkrootkit from the source, not the ubuntu package, to be sure
[18:56] <RoyK> pittstains: what's the id of that user?
[18:56] <RoyK> `id sysgames`
[18:57] <pittstains> royK: 503 according to /etc/passwd
[18:57] <RoyK> k
[18:57] <pittstains> why from source?
[18:57] <RoyK> well, most of it is perl, plus some binaries, but then you know it's not been tampered with
[18:58] <RoyK> use the source, luke...
[19:00] <pittstains> RoyK: any suggestions for tracking down the entry point of this attack?  i'd prefer to close the hole in addition to eliminating the installed garbage
[19:00] <RoyK> check all logs
[19:00] <RoyK> and dates on new files
[19:00] <RoyK> if the attacker has gained root access, which it seems, better reinstall
[19:01] <RoyK> there may be setuid binaries around you can't find very easily
[19:02] <RoyK> people can add additions to existing cron jobs to open tunnels to the outside as well
[19:02] <bluethundr> hey guys...  how do I find what ethernet / wlan driver is loaded in ubuntu?
[19:02] <RoyK> if the box is rooted, reinstall
[19:02] <bluethundr> lspci turns up nothing
[19:02] <RoyK> lspci is rather old
[19:02] <bluethundr> it's 8.04 LTS
[19:02] <RoyK> lshw is a bit better
[19:02] <RoyK> both scan the bus
[19:02] <bluethundr> hmm ok thanks I'll give that a try
[19:02] <RoyK> to see what drivers are loaded, lsmod
[19:03] <bluethundr> right thanks
[19:03]  * RoAkSoAx off to lunch
[19:04] <pittstains> RoyK: i hate computers
[19:04] <RoyK> pittstains: hehe - so do I - I also love them :P
[19:04] <pittstains> i think you're probably right.... thanks for your help
[19:05] <RoyK> np
[19:08] <pittstains> RoyK: huh!  somehow the date on the aolserver4-nsd file (in /usr/sbin) is november 5, 2008
[19:08] <pittstains> not sure i've even had the server that long!
[19:08] <patdk-wk> maybe it came out of a tar file with timestamps preserved :)
[19:08] <RoyK> pittstains: file dates can be changed
[19:08] <RoyK> pittstains: or perhaps it's just false alarm
[19:09] <RoyK> pittstains: when was the last reboot? when was the last time did apache was running?
[19:09] <RoyK> s/did//
[19:09] <petani> all i problem with php5
[19:10] <petani> i have problem with php5
[19:10] <pittstains> $ uptime
[19:10] <pittstains>  14:10:02 up 14:08,  1 user,  load average: 0.00, 0.01, 0.00
[19:10] <petani> some body help me
[19:10] <patdk-wk> petani, can't do that
[19:10] <patdk-wk> you have supplied no info to help you
[19:11] <petani> why php5 in ubuntu not support image anti alias on phpgd
[19:11] <petani> my php5 not support image anti alias
[19:12] <pittstains> RoyK: not sure how to figure out last time apache was running
[19:12] <petani> or image rotating
[19:12] <RoyK> petani: no idea - perhaps that's a newer feature or perhaps it's in a module not installed?
[19:12] <pittstains> also not sure why uptime is only 14 hours
[19:12] <RoyK> pittstains: smells bad...
[19:13] <RoyK> pittstains: if you're close to the server (the server not being on the other side of the planet in some colo etc), I'd recommend reinstalling it
[19:13] <petani> RoyK : i am install phpgd
[19:13] <RoyK> petani: did you restart apache after you did that?
[19:13] <petani> but it not run images anti alias
[19:13] <petani> ye
[19:13] <petani> i restart
[19:13] <petani> in centos is running
[19:13] <RoyK> sorry - no idea - might be a module missing
[19:14] <pittstains> RoyK: no physical access to the machine :-/     .... looks like i have a long day ahead of me tomorrow
[19:14] <RoyK> try asking on #php - maybe they know
[19:14] <pittstains> also, the existence of the sysgames user is troubling
[19:14] <RoyK> pittstains: can you give me its IP?
[19:15] <RoyK> pittstains: it'd be fun to scan it to see what I can find from here :)
[19:15] <petani> my friend tell me because scurity isues
[19:16] <pittstains> RoyK: sent in a PM
[19:16] <petani> join #php
[19:16] <pittstains> please do tell me what you find :-)
[19:17] <RoyK> pittstains: I'll send you a report - openvas just started :)
=== maedox__ is now known as maedox
[19:18] <petani> RoyK, my problem related it  http://www.jibas.net/content/fordis/fordisisi.php?kode=SISFO&page=59
[19:20] <RoyK> petani: I don't quite understand your language, Malay?
[19:20] <petani> not malay
[19:20] <petani> is indonesian
[19:21] <RoyK> ok, sorry
[19:21] <RoyK> I still don't understand shit, though
[19:21] <RoyK> better ask on #php
[19:21] <petani> oke than's
[19:21] <RoyK> perhaps someone there can point you to where to find a download
[19:22] <petani> i try recompile php5 to support phpgd anti alias
[19:22] <petani> images
[19:22] <petani> rotating
[19:24] <pittstains> RoyK: also have new users tor and messagebus...
[19:25] <pittstains> don't really have time to dig into my logs until tomorrow, but suffice it to say i'm irritated
[19:26] <RoyK> having a server hacked tends to make a sysadmin annoyed :P
[19:26] <pittstains> gah, i'm a programmer first, sysadmin second
[19:26] <pittstains> i hate having to wear so many damn hats
[19:27] <pittstains> i'll be locking down SSH logins to a small set of IPs on all my machines tomorrow
[19:27] <pittstains> that will at least minimize my exposure
[19:28] <pittstains> i repeat: aaaaaaaaaaaaaaaaaaarg!
[19:28]  * RoyK is a sysadmin first, a photographer second ..... and out there somewhere perhaps a programmer :)
[19:33] <RoyK> pittstains: see pm
[19:35] <pittstains> RoyK: i hate this report!
[19:35] <RoyK> pittstains: it doesn't show any security holes
[19:35] <pittstains> that SSH one doesn't look too nice!
[19:36] <RoyK>   Successful exploits will allow attackers to obtain four bytes of plaintext from
[19:36] <RoyK>   an encrypted session.
[19:36] <RoyK> four bytes
[19:36] <pittstains> :-)
[19:36] <RoyK> you'll have to be seriously interested in hacking the site to gain anything from that
[19:36] <pittstains> okok, reading comprehension
[19:37] <pittstains> very interesting report, though!  i will be looking at openvas in more depth later!
[19:38] <RoyK> pittstains: openvas rocks :)
[19:43]  * RoyK runs another scan against the office
[19:44] <geekbri> so is it correct that you can't use | in cron jobs?
[19:46] <uvirtbot> New bug: #753924 in php5 (main) "package php5-fpm 5.3.5-1ubuntu6 failed to install/upgrade: подпроцесс установлен сценарий post-installation возвратил код ошибки 1" [Undecided,New] https://launchpad.net/bugs/753924
[19:48] <RoyK> geekbri: use a shell script
[19:48] <geekbri> RoyK: i guess i'll have to if | isn't supported in crontab.  IS that the case?
[19:48] <SpamapS> RoyK: as long as it works "out of the box" and explains itself in the README, then I'd agree, that feature is implemented. :)
[19:49] <RoyK> geekbri: I've seen variable success with using piping with cron
[19:49]  * RoyK sticks to shell scripts - they work
[19:49] <geekbri> RoyK: honestly i was just trying to pipe output to "logger" so i didnt have to rotate a new log :'(
[19:50] <RoyK> sorry - I don't know if it works - I usually handle logs in a script
[19:50] <RoyK> there's something rather fishy about cron/upstart in lucid
[19:50] <RoyK> the bug is filed, but last I checked, it wasn't even accepted
[19:50] <geekbri> yeah im just getting complained to by our DB about how they dont want a shell script claling a php script etc etc :)
[19:51] <RoyK> a php script should be able to handle its logs quite easily
[19:52] <geekbri> RoyK: yes i brought that up to them already :)
[19:52] <RoyK> so... 380TB and counting :D
[19:53] <RoyK> perhaps we'll reach 1PB next year
[19:55] <geekbri> RoyK: it's valid to call something like source my.env && command in cron through right?
[19:56] <RoyK> geekbri: just try - I've lost track on cron since Lucid - it seems to be a bit buggy
[19:56] <geekbri> RoyK: thanks! i will :)
[19:56] <RoyK> btw
[19:56] <RoyK> source 'something' probably won't work
[19:56] <geekbri> well i'd include the full path
[19:56] <RoyK> since cron wants to run an executable
[19:56] <RoyK> 'source' isn't
[19:56] <geekbri> oh hrm... so can you not use source??
[19:56] <RoyK> source is an internal bash command
[19:57] <RoyK> just create a script that does the 'source' bit
[19:57] <geekbri> yeah im just facing pressure from some high level folks to not create a seperate script thats run and to put it all just in cron directly
[19:58] <RoyK> those 'high level folks' should be high level enough to write a script that is cronable
[19:58] <geekbri> hehe you would think that right!
[19:59] <RoyK> I work in a research institute - we have scientists complaining about all sorts of things
[19:59] <RoyK> if you just tell them how things work, it's usually not a problem
[20:00] <geekbri> the problem is, and i have no idea why they've designed it this way, but their php scripts rely on bash enviromental variables.
[20:00] <RoyK> then create a script as a wrapper
[20:00] <RoyK> you won't get the user environment into cron
[20:01] <geekbri> right, but thats where all the complaining comes in, because they say, well why do we need to write a script to run a script... and i've tried to explain but they just dont seem to get it
[20:01] <RoyK> because cron doesn't read .bashrc
[20:01] <geekbri> yeah but, its actually a totally seperate file with just a bunch of exports in it.
[20:01] <geekbri> so it resides in /etc/web/conf.d/stage2.env or something to that effect
[20:02]  * RoyK gets tierd
[20:02] <geekbri> anyway i'll have to try to see if the source will work, and if it doesn't which it probably wont, i'll have to write that wrapper and tell them thats just the way it'll have to be
[20:03] <RoyK> geekbri: google cron environment
[20:03] <geekbri> RoyK: rgr that
[20:04] <RoyK> rgr?
[20:05] <geekbri> roger
[20:05] <geekbri> roger that
[20:06] <RoyK> sorry, didn't know that tla
=== carcinogen75 is now known as zz_carcinogen75
[20:14] <hallyn> hggdh_, any update on bug 746751 ?
[20:14] <uvirtbot> Launchpad bug 746751 in linux "kernel: [Firmware Bug]: the BIOS has corrupted hw-PMU resources (MSR 38d is 30)" [Critical,In progress] https://launchpad.net/bugs/746751
[20:17] <hggdh_> hallyn: it seems, really, to be related to walrus issues, I opened bug 753779 on it
[20:17] <uvirtbot> Launchpad bug 753779 in eucalyptus "walrus fails to retrieve images on instance startup" [Undecided,New] https://launchpad.net/bugs/753779
=== hggdh_ is now known as hggdh
[20:34] <RoAkSoAx> robbiew: systemd won't yet be considered till the LTS?
[20:36] <RoyK> what's sysdamd?
[20:36] <RoyK> ah
[20:37] <RoyK> I guess we'll have to get pissed off another 18 months with upstart before we can attempt that one
[20:37] <RoyK> s/off //
[20:45] <RoyK> [offtopic] http://www.youtube.com/watch?v=kNxX4SDqpVU
[21:37] <amber285> Hi All,My company has just recently migrated from a Windows to a Linux farm.  At the moment we don’t have document storage system so we are using Google docs at the present time. We don’t see this as the safest method of document storage so I have been assigned the task of finding a better solution.I have been advised to set an FTP server but this method seems dated and the search functionality isn’t very good and I’ve a
[21:50] <RoyK> heh - amber285 spent two whole minutes waiting for an answer :)
[21:50] <semiosis> RoyK: she didnt even finish writing her
[21:53] <RoyK> semiosis: agre
[22:23] <amstan> i have around 6 comps in my house, all need to download latest debs
[22:23] <amstan> i'm looking for the simplest clone of apt-proxy
[22:23] <amstan> it would be nice if i didn't have to change all lines from sources.list
[22:46] <jjohansen> hallyn: any new info I should be aware of on Bug #746751
[22:46] <uvirtbot> Launchpad bug 746751 in linux "kernel: [Firmware Bug]: the BIOS has corrupted hw-PMU resources (MSR 38d is 30)" [Critical,In progress] https://launchpad.net/bugs/746751
=== dendrobates is now known as dendro-afk
=== dendro-afk is now known as dendrobates
=== dendrobates is now known as dendro-afk
[23:42] <shauno> on postfix, should I have an alias for MAILER-DAEMON, since he's signing off on bounces? or is that meant to disappear to stop cyclic loops