[00:00] [ 13.408612] ADDRCONF(NETDEV_UP): eth0: link is not ready [00:00] is the only line that looks like it has an issue [00:00] weird [00:00] happens on multiple boxes [00:01] Im' just finally tired of dealing with it. [00:01] the only commonality is that I have bridged networking configured for KVM [00:01] grep the source, see what' causes that error? [00:02] do all of the systems have the same nic? [00:02] mmm [00:02] no, completely different nics [00:03] I look to the source in these sorts of situations [00:10] what are primary differences between the generic and server kernel flavors? [00:21] djbdns vs BIND vs ???: Any suggestions for a home DNS server with under 30 hosts (some VMs)? [00:24] openbsd + built in BIND [00:24] it'll take you 10 minutes to setup [00:24] but that's mee [00:24] *moho [00:31] dnsmasq? [00:31] pfsense? [00:38] CrazyGir: I want it to run on Ubuntu Server since that's what I'm comfortable with. [00:53] I can't make a recommendation for you, sorry :( [00:53] np [01:02] onecrazycat: if it's for a home network, dnsmasq might be all you need... [01:12] JanC: That's what I'm going with. [01:21] would anyone have a few moments to help me troubleshoot a samba share? [01:55] I just discovered my apache installation is being used for an http proxy. Can someone assist me in the process of preventing such? [01:56] rallias: disable mod_proxy ? [01:57] I don't have it installed [01:58] it's part of every apache install... [01:58] er wait... i do, but it was allready disabled. [01:59] why do you think apache is used as a proxy? [02:00] 109.230.251.14 - - [20/Mar/2011:07:36:48 -0500] "GET http://119.160.244.96/?login=jokerincal232&passwd=testing HTTP/1.0" 200 455 "-" "-" [02:00] numerous lines similar to that [02:04] along with evidence of other exploits such as webdav and phpmyadmin [02:04] *attempted [02:05] rallias, the byte count is 455.. likely exactly the size of your default page [02:06] rallias, do wget http://localhost/ -> 455? [02:07] 525 bytes [02:07] everyone gets `vulnerability scans` everyday [02:08] the size of an error page is likely to be different depending on the URL requested ;) [02:09] rallias, do you know how to telnet into your default page? [02:09] you don't get the default page when there is an error [02:09] its 200 [02:10] 400 bad request is 301 bytes [02:10] if you get a 200 response for a non-existing page, that's certainly wrong too [02:10] give me your IP/domain - I will telnet it [02:11] rallias: I suppose that IP address is not yours? [02:11] umm... nope. [02:11] ah, Yahoo [02:12] Yep [02:12] I also have evidence that they're trying to get on IRC, returning a 405 error [02:14] seems like it originates from a server in Amsterdam [02:15] I can extract all the IP addresses from it if you want [02:15] rallias, I also get proxy attempts with 200 returned and they get my default page [02:16] I'm just in the process of downloading the access.log files [02:16] welcome to internet hosting [02:17] the water is fine, jump in [02:17] oh :/ [02:18] just curious, but is it "legal" to have a colon in a filepath in unix? [02:19] rallias: only '/' and NULL are not allowed in a file name or directory name [02:19] ah. [02:19] So would it be possible to have a file path be /var//?isac [02:20] a file named "?isac" is certainly possible [02:21] those are always fun [02:21] but would that thing be a valid file path? [02:21] sure [02:21] i mean the /var//?isac [02:22] in most cases it would be valid, yes [02:23] most cases? [02:23] well, some applications might complain about the double // [02:23] and depending on where you use it, you might need to escape the ? [02:24] oh ok, so apache won't b&m? [02:24] b&m ? [02:24] b and moan [02:25] I guess that depends on how apache is configured ;) [02:26] under standard ubuntian configuration (with about 20 vhosts)? [02:26] I've never tested using such filenames ;) [02:26] apache normally changes invalid to _ I think [02:26] anything it doesn't like atleast :) [02:27] ok [02:27] and most likely it won't serve anything outside its DocumentRoot(s) [02:27] wow some people keep out of date dns... [02:27] ok [02:28] well... i've tried using .com/../ before... [02:29] when you use the default file serving stuff, that should not work ;) [02:29] ok [02:29] oh noes someone found my youtube rips folder... [02:29] lol [02:30] 173.169.175.37 - - [10/Apr/2011:10:07:37 -0500] "GET /I%20Just%20Had%20Sex%20(feat.%20Akon)_(1080p).mp4 HTTP/1.1" 200 24820 "http://***** [02:30] :/ [02:30] rallias: did you try using your server as a proxy from home? [02:30] yeah [02:30] it didn't work... [02:31] i feel slightly... er... not as smart as possible. [02:33] now that i think about it... why do I have port 8080 open... [02:39] how do I modify the php max run time thing? [02:47] any good djbdns install guides available for 10.04 Lucid Server? [02:49] that's nuts :) [02:51] session.gc_maxlifetime ? [02:51] djbdns or dnsmasq: FIGHT! (I really want opinions though…) [02:53] onecrazycat: for a simple home network it's easy: dnsmasq [02:54] JanC: I'm still on the fence… I don't want to limit myself in the future… what is it that makes dnsmasq better for a simple network? [02:55] I thought all the djbdns stuff hadn't been updated for years [02:55] dnsmasq is simple, does everything a network needs :) [02:55] patdk-nb_: From what I'm reading it doesn't support redundancy in DHCP (failover). [02:56] small networks generally don't have multible routers :) [02:56] therefor it would be pointless anyways [02:57] patdk-nb_: for me I want to install a lot of VMs, and even a small VPS at home… I'm getting my learn on, and I want this solution to expand with my network (virtual hosts). You still think dnsmasq will be cool for around 30-50 servers? [02:57] dnsmasq could handle that without an issue [02:57] all depending on your dns query rate [02:58] I would probably go with dhcpd and pdns-recursor, cause that is what I default to [03:00] it depends on what you want to do and what you want to integrate with [03:01] if you want to use a tool to manage your VMs that also configures DHCP/DNS, check what it supports... (I doubt any such tools integrates with djbdns though) [03:04] It's a home network, so I'm rocking a little linksys router too… but i want it virtualized and customizable. [03:05] It's a learning experience endeavor :) [03:34] I am trying to install openVPN from openvpn.net [03:35] and I get an error message when I try to start the server [03:35] http://pastebin.ubuntu.com/595019/ === dendrobates is now known as dendro-afk === dendro-afk is now known as dendrobates [05:23] onecrazycat: my suggestion, if you have not yet decided, is to go with what is simple easy, get your learn on, and if you out-grow it in the future, switch [05:24] you'll learn quite a lot more that way, and the experience won't be lost [05:24] but more importantly, you won't be tripped up anylonger [05:24] CrazyGir: dnsmasq is installed and running :) [05:24] CrazyGir: … and more importantly, working :) [05:27] sweet [05:27] that's fantastic [05:27] yea, there's a certain amount of time/energy I allow myself to mull over a decision like that [05:27] afterwhich it's time to get to work [05:30] so the server flavor doesn't ship with man by default? [05:30] am I off my rocker? [05:32] hello [05:33] I am just getting started with ubuntu server [05:33] I installed it as LAMP, could I use it for a DNS server now? [05:33] van7hu: yes [05:35] van7hu: here's a good rule to remember… you can run as many daemons (services) as you want as long as you have the memory, hard drive space, and processor cycles. That and open ports. If say, port 80 is already used by Apache, nothing else can use that port. [05:35] yeah, thanks [05:35] I just asked to ask [05:52] HAH: motd includes See "man sudo_root" for details. [05:52] foo@base:~$ man sudo_root >>> -bash: man: command not found [05:53] this is a vm built with vmbuilder [05:53] am I missing something? [06:17] sorry for the n00b question, but I'm from the BSD world where init/rc is a bit different.. how do you get a list of the daemons that start with each runlevel? [06:25] CrazyGir: afaik, /etc/rcx.d/ has the list of scripts that run at run-level 'x'. those with 'S' are the ones that are started at that run-level. [06:26] yea, I'm also seeing stuff about upstart, which is cool, but adds complexity to the question [06:26] :P [06:27] here's a better question.. I've added ntpd via openntpd, assuming this hasn't been converted to upstart (not showing up in service --status-all), what should I do to ensure openntpd starts on boot and stays up? [06:31] is it best to create your own upstart init config as described here? https://help.ubuntu.com/community/UbuntuBootupHowto [06:36] CrazyGir: yes, that seems to be the proper one [06:38] CrazyGir: see, the link also says that this process has been tested for the latest ubuntu version, 11.04. so, that is the way to go [06:38] yea, I never know with ubuntu docs though, they're a bit all over the place [06:39] much more complete than many other linux distros, but not really fully trustworthy either [06:40] CrazyGir: that may be because sometimes, the docs are not updated for the newer ubuntu versions. but for docs that are, they are the way to go [06:43] sure, just not what you are used to when coming from BSD ;) [06:44] http://upstart.ubuntu.com/cookbook/ <--- this is a fantastic example of good quality, but this is not seen across the board [06:45] well.. sort of. some sections are missing :P [07:12] having trouble installing ubuntu server 10.10 on seagate cheetah ST39204LC SCSI hard drive using Adaptec 39160 PCI card on channel B, BIOS detects the drive, I did a low level format from the SCSI Utility, it was successful, then I verified the disk, and it passed, I have it set as ID0 and is being detect as so... BIOS sees it but Ubuntu partioner doesnt....hmm? [07:27] are you stuck with adaptec hardware lucky711x ? [07:28] yes I am CrazyGir [07:32] :( [07:32] are you _sure_ it is supported? (and well) [07:36] lucky711x: ^^ [07:36] yes CrazyGir I have had it detected and install before on the same eqpt [07:36] installed* [07:37] but it wouldnt boot and I did a low level format then tried to install again and no luck now [07:43] CrazyGir, what scsi hardware do you prefer? [07:45] CrazyGir, its weird while im trying to install ubuntu in power cycles on and off === KB1JWQ is now known as Corey [08:09] lucky711x: by 'supported' I mean to ask if you know this hardware model works well in linux/ubuntu === mdz is now known as mdz` [08:10] in short, adaptec makes crap hardware as I've seen (see the OpenBSD write ups from a decade ago if interested) [08:10] I prefer scsi/raid controllers that are well documented for devs to build working drivers [08:10] Yes is it support i forget what driver the kernel uses but it should work just fine [08:11] 'supported' and 'working well' are not the same [08:11] especially for 'open' hardware, note my sarcasm enclosing open [08:12] supposing it does work well, do you end up with anything in dmesg? [08:12] and / or do you have another card you can confirm as working? [08:12] and/or can you try an install to a std disk to confirm the rest of the hardware works [08:13] lol well i wish i could get a dmesg but i am still stuck on install [08:14] im trying a low level format again, but unfortunately i keep getting a stop [08:14] i am probably about to boot up my sata drive and run some tools on the drive [08:14] try other hardware.. in all the various combinations, to confirm what works and what doesn't [08:14] on the scsi drive* [08:15] well i have been working on this for about 36 hours troubleshooting different things, jumpers, settings in SCSIselect utility, settings in bios, formats, you name it, ive probably tried it [08:19] CrazyGir, mind if i pm you? [08:20] sure === zz_carcinogen75 is now known as carcinogen75 === carcinogen75 is now known as zz_carcinogen75 === mdz` is now known as mdz [10:47] New bug: #763467 in keepalived (main) "SIOCGMIIREG errors on e1000e interface" [Undecided,New] https://launchpad.net/bugs/763467 === morpeth is now known as bsd123123 === xnixan_ is now known as xnixan [14:20] any reason why ubuntu-server would be unable to figure out its hostname? even with a proper hostname set in /etc/hostname [14:23] ah.. a _ is not a valid character for a hostname :P [15:45] Can anyone give me a link to the changes in 11.04 server? [15:52] Anyone know the changes? Other than small ui things? === dendrobates is now known as dendro-afk === lenios__ is now known as lenios_ [17:11] quick question. If I have dovecot running pop3 plain mode. and I log in remotely, is my password sent totally in the clear [17:12] only if you broke docecot's config [17:13] so what encryption is used for dovcot pop3 plain [17:13] none, that is why it's called plain :) [17:14] so passwords are sent in the clear? [17:14] not unless you break the config :) [17:14] lol [17:14] I can connect to my server using plain and pull mail [17:14] I broke the config? [17:15] disable_plaintext_auth = yes, is default [17:15] ah [17:15] if so, dovecot won't allow you to connect [17:15] so unless you change that, no, you can't === dendro-afk is now known as dendrobates [17:39] is there any security advantage between pop3 secure and imap secure [17:39] or are both same secure [17:41] heh [17:41] use ssl or tls [17:42] or both :) [17:42] they use the same methods to encrypt, if that's what you're asking [17:42] tls uses the standard port, ssl uses alternate ports [17:43] I think he was asking the difference between pop3 and imap, but heh, not enough info :) [17:44] i have it set up for pop3s. I configure my client for pop3 ssl/tls and it works, it sends a cert and connects. So good. but also in my client there is the option for 'normal password' and 'encrypted password' [17:44] when i choose normal I get the cert and connect fine [17:44] imap is a much better system IMO, especially with people getting email on their phones and several computers and whatnot [17:45] choose encrypted and it says - pop server doesnt support this [17:45] yeah, don't do that [17:45] that encryption is weaker than SSL and is deprecated [17:45] lol ok [17:45] it's how they used to do things before SSL/TLS existed [17:45] right sweet [17:49] I want to pick up roots email - for log reports and whatnot. I can't login directly as root. so in aliases, I add root: user and newaliases [17:49] user is not getting roots email though [17:49] there is actually a function built in when you set up the email the first time [17:49] who to deliver root's mail to [17:49] oh [17:50] I don't have to start again do I? [17:50] I'll see if I can find how to invoke it [17:51] ah, looks like it was just a frontend to /etc/aliases [17:51] so you did it right [17:52] might have to restart postfix [17:53] bsd123123, ^ [18:34] Hi Guys [18:35] I'm having problems with configuring the puppet client, modifying puppet.conf for the [client] section doesn't seem to be read by the puppet service when it is restart ! [21:06] New bug: #763923 in postfix (main) "package postfix 2.8.2-1ubuntu1 failed to install/upgrade: subprocess installed post-installation script returned error exit status 75" [Undecided,New] https://launchpad.net/bugs/763923 === dendrobates is now known as dendro-afk === erichammond1 is now known as erichammond [23:01] New bug: #764004 in amavisd-new (main) "package amavisd-new-postfix 1:2.6.5-0ubuntu2 failed to install/upgrade: subprocess installed post-installation script returned error exit status 1" [Undecided,New] https://launchpad.net/bugs/764004 [23:17] New bug: #764014 in net-snmp (main) "*** buffer overflow detected ***: /usr/sbin/snmptrapd terminated" [Undecided,New] https://launchpad.net/bugs/764014 [23:38] hello! I have a few VMs I created with vmbuilder and specified the server kernel release, main and universe repos, etc.. pretty stock stuff for a server, though some things like man seem to be missing.. does this seem correct? and if so, is there a list of differences between ubuntu std and server? [23:41] dig/dns tools is another