| greppy | Mean_Admin: it works for me. | 00:52 |
|---|---|---|
| greppy | I have 3 systems using it currently, and have access from my android to it as well. | 00:52 |
| greppy | haven't tried to set it up without x11, but they have a howto or faq or something for doing that. | 00:53 |
| malev | hi there! In my server sometimes (more frequently than what I'd like) I start getting this: [malev@~] free-bash: fork: Cannot allocate memory what can I do to debug it? | 01:37 |
| malev | where can I search for the error? | 01:37 |
| === mns` is now known as Guest58915 | ||
| missil | hi all i need server lessons - configuring and setting up virtualization in ubuntu server - struggled to get vms running now i cannot connect to the vms or launch virt-manager due to a gtk error | 02:06 |
| === Guest58915 is now known as mns` | ||
| RoyK | & | 02:12 |
| qman__ | malev, looks like you're out of memory | 02:27 |
| qman__ | check out what's using it with top or a number of other tools | 02:27 |
| malev | qman__, I'm using it, but check this oout: Mem: 524800k total, 375728k used, 149072k free, 0k buffers | 02:28 |
| malev | I still have some memory | 02:28 |
| malev | or 512MB si too low? | 02:28 |
| qman__ | 512MB is low, but if you still have 149MB or so free, that's not the cause here | 02:29 |
| qman__ | have you set limits? | 02:29 |
| qman__ | also, if what you're trying to start needs more memory than what is available, that error would result | 02:29 |
| malev | qman__, no that I remember, how can I check it? | 02:29 |
| qman__ | /etc/security/limits.conf or /etc/security/limits.d/ | 02:30 |
| malev | qman__, it's all commented | 02:31 |
| qman__ | check the number of processes as well | 02:31 |
| qman__ | ps aux | wc -l | 02:32 |
| qman__ | should be a few hundred or less | 02:32 |
| qman__ | depending on what you have running | 02:32 |
| malev | qman__, oks, I'll run ti, but riight now I'm low of memory and I have to restart :) | 02:33 |
| malev | qman__, you think that with 1Gb of memory I wont have that kind of problems? | 02:33 |
| qman__ | not necessarily | 02:34 |
| qman__ | your memory isn't totally full, which indicates something else is wrong | 02:34 |
| qman__ | without limits set, normally the system won't stop you unless it's literally out of resources | 02:34 |
| qman__ | there may be default limits now, though, I don't know for sure | 02:35 |
| malev | [malev@~] ps aux | wc -l ->19 | 02:36 |
| qman__ | take note of it when the server starts acting up | 02:36 |
| qman__ | maybe make a script that runs it every few seconds or so and logs it | 02:37 |
| malev | that's a good idea | 02:37 |
| qman__ | cannot fork; could not allocate memory means that it literally could not acquire resources to fork | 02:38 |
| qman__ | so if you're hitting physical limits, or set limits on memory or processes, that would do it | 02:38 |
| qman__ | finding the culprit is a little more difficult, but not too much | 02:39 |
| malev | don't know waht is the culprit | 02:39 |
| malev | qman__, thanks! I really apreciate your help! | 02:42 |
| qman__ | a good way to determine if it's physical or software limits would be to log on with another user | 02:42 |
| malev | qman__, what is ps aux | wc -l ? | 02:42 |
| qman__ | as limits are set per user | 02:42 |
| qman__ | ps aux lists all processes, wc -l counts lines | 02:42 |
| qman__ | so it's not an exact number but close enough to figure out what the problem is | 02:43 |
| malev | qman__, you think in some moment I start to have a lot of proccess working? | 02:43 |
| qman__ | yes, it's possible you're suffering what is effectively a fork bomb | 02:44 |
| qman__ | and that test would show if that's the case | 02:44 |
| malev | oks! I'm gonna work on that! | 02:44 |
| qman__ | if that number gets huge, in the thousands, that's probably the case | 02:44 |
| qman__ | whether it's malicious or just a misconfiguration or bug though, it won't tell you | 02:45 |
| qman__ | that requires more investigation | 02:45 |
| qman__ | in the process of your investigation, it might be a good idea to leave a root terminal open | 02:47 |
| qman__ | since root is allotted a small reserve of resources for these types of occasions | 02:48 |
| malev | qman__, oks! i'll | 02:50 |
| === mns` is now known as Guest27359 | ||
| ranger03 | how do i upgrade the kernek on ubuntu-server? | 04:47 |
| ranger03 | how do i upgrade the kernel on ubuntu-server? | 04:47 |
| twb | ranger03: with apt-get, like everything else. | 04:47 |
| ranger03 | apt-get upgrade kernel-imageXXXXX ? | 04:48 |
| ranger03 | apt-get upgrade linux-virtual <--is that correct ? | 04:49 |
| Brandon_ | I have been looking online on how to setup samba with user home directories (already did this), but I want it so when you type in the username of that directory and the password it connects. I tried doing the valid users = %s but when i try to map it the drive it says its mapped to a different username. | 05:26 |
| koolhead11 | hi all | 06:27 |
| koolhead11 | zul, ping | 06:27 |
| Macer | hm | 06:30 |
| koolhead11 | hi Macer | 06:31 |
| ph8 | hey all, i'm trying to set my samba permissions right (file level) - i can get read access and write access if I set 777 on the directory, but what group is samba trying to access it as? I see smbd processes running as root and nobody but i've tried chgrp -R'ing the whole share directory to those groups and setting 771 but no read or write! | 06:52 |
| flowbee | my server got hacked and the vps provider shut it down because it was abusing dns providers or something. is there a quick setup i can do to secure my box? | 07:58 |
| flowbee | i.e. what steps do i need (disable root ssh, only allow for key based ssh; changing ssh ports etc) | 07:58 |
| ebrown | aku | 07:58 |
| greppy | flowbee: it depends on how they got in. | 08:01 |
| flowbee | how do i add a user to sudoers file.... so that i have to enter prompt for password | 08:10 |
| greppy | flowbee: %sudo ALL=(ALL) ALL | 08:13 |
| greppy | change %sudo to a username | 08:13 |
| greppy | %sudo means anyone in the sudo group. | 08:13 |
| flowbee | got it | 08:14 |
| twb | Or just "sudo adduser fred sudo" | 08:21 |
| twb | i.e. add fred to %sudo | 08:21 |
| twb | I'm not sure if, unspecified, you are always prompted for a password, or if caching is allowed | 08:22 |
| flowbee | trying to follow this guide http://www.andrewault.net/2010/05/17/securing-an-ubuntu-server/ | 08:22 |
| flowbee | getting to: Restrict access to /bin/su to admin group members:;;; sudo dpkg-statoverride --update --add root admin 4750 /bin/su => dpkg-statoverride: An override for '/bin/s' already exists, aborting. | 08:22 |
| twb | flowbee: there's no point locking su, just ensure root doesn't have a password | 08:22 |
| greppy | flowbee: how did they get in? | 08:23 |
| flowbee | greppy, i have no idea. but i did have ssh for root | 08:24 |
| twb | Oh, he was compromised. In that case, he should do a fresh install | 08:24 |
| flowbee | even tho the password was pretty solid | 08:24 |
| twb | Consider everything on the system compromised unless proven otherwise | 08:24 |
| greppy | == twb | 08:24 |
| flowbee | oh i did | 08:24 |
| twb | flowbee: password-based access should be disabled | 08:24 |
| flowbee | i wiped it | 08:24 |
| flowbee | and i'm securing now | 08:24 |
| flowbee | going to do key based auth only now | 08:25 |
| flowbee | good luck getting it this time fuckers | 08:25 |
| flowbee | excuse my french; just upset i got hacked | 08:25 |
| w00 | if you host a vulnerable application they will get back in.. | 08:25 |
| flowbee | and i was referring to hackers; not you guys :) | 08:25 |
| twb | I also use kernel-based IPS instead of denyhosts/fail2ban | 08:25 |
| greppy | flowbee: while a good idea to secure auth, it is very likely that they got in through something else. | 08:25 |
| twb | http://cyber.com.au/~twb/doc/iptab | 08:25 |
| flowbee | it amazes mee | 08:25 |
| flowbee | how people can exploit stuff | 08:25 |
| twb | greppy: yeah, it was probably because he's running fucking phpmyadmin or so | 08:25 |
| flowbee | no i'm not | 08:25 |
| flowbee | at least i dont think it is | 08:26 |
| twb | flowbee: are you running any PHP at all? | 08:26 |
| greppy | flowbee: I've had boxes compromised because someone had an out of date php calendar app | 08:26 |
| flowbee | wow | 08:26 |
| flowbee | i dont run php; unless their ubuntu stack has it installed | 08:26 |
| greppy | what do you use the box for? | 08:26 |
| flowbee | LANGUAGE = (unset),LC_ALL = (unset),LANG = "en_CA.utf8" | 08:27 |
| twb | flowbee: well, good | 08:27 |
| flowbee | this box will be used to break apart my backend tasks from my webserver | 08:27 |
| flowbee | cuz my backend tasks are bringing down my web app/mysql instance | 08:28 |
| twb | What's its IP? I'll throw openvas at it | 08:28 |
| flowbee | no php is running | 08:28 |
| flowbee | twb, one moment let me finish attempting at 'securing it' | 08:28 |
| flowbee | although given my record | 08:28 |
| flowbee | not sure how awesome i'll be at it :) | 08:28 |
| * greppy jumps into the van to go break a switch and a router. | 08:28 | |
| twb | flowbee: pfft, if it has an IP now, it doesn't matter if *I* know it as well | 08:28 |
| flowbee | haha | 08:29 |
| twb | greppy: bricked it, eh? | 08:29 |
| greppy | twb: nah, ROMMON upgrade | 08:29 |
| greppy | have to be on site. | 08:29 |
| twb | Bleh | 08:29 |
| twb | This is why my routers run either ubuntu or openwrt | 08:29 |
| twb | Well, OK, my procurve is running some Lucky Dragon junk | 08:30 |
| greppy | ubuntu and/or openwrt don't support the types of interfaces, much less the load | 08:30 |
| twb | Fair enough | 08:30 |
| ebrown | hardy heron | 08:31 |
| ebrown | blankOn | 08:31 |
| ebrown | Mint | 08:31 |
| ebrown | Vinux | 08:31 |
| ebrown | Wkeh wis | 08:31 |
| flowbee | getting: perl: warning: Setting locale failed. | 08:31 |
| flowbee | how do i get my locales working (for aptitude) | 08:31 |
| jmarsden | sudo dpkg-reconfigure locales # probably | 08:33 |
| twb | jmarsden: actually for me on Ubuntu it's "locale-gen en_AU.UTF-8; update-locales LANG=en_AU.UTF-8" | 08:34 |
| twb | Last time I looked Ubuntu did some silly thing where you either did that, or (by default) you got 200MB of English locales for tbird and oo.org on your headless server | 08:34 |
| flowbee | damn | 08:34 |
| flowbee | installed ufw and now i cant ssh anymore | 08:34 |
| flowbee | i thought this guide was supposed to be good | 08:34 |
| twb | flowbee: if you follow "some guide I found", you are on your own | 08:36 |
| flowbee | heheh | 08:38 |
| flowbee | do you folks have a simple firewall your recommend? | 08:38 |
| twb | flowbee: netfilter | 08:38 |
| flowbee | is there some weird ssh setup i have going on where i cant log into my box with multiple ssh sessiosn: ssh_exchange_identification: Connection closed by remote host | 08:41 |
| Syria | Hello, I want to enable mod_rewrite ubuntu server 10.4.2 | 08:46 |
| Syria | How can i do this? | 08:46 |
| ph8 | more of a question for ##apache | 08:47 |
| ph8 | but there is good documentation on the internet for this | 08:47 |
| ph8 | look for information about RewriteEngine On | 08:47 |
| jmarsden | Syria: sudo a2enmod rewrite | 08:48 |
| Syria | jmarsden Thank you. | 08:49 |
| jmarsden | Syria: You're welcome | 08:49 |
| Syria | ph8 thnx :) | 08:49 |
| ebrown | hahahahahahahahahahahha | 08:52 |
| ebrown | hahahahahahahahahahahahahahahaha | 08:52 |
| twb | flowbee: no, what you've done is drop NEW ssh connections | 08:56 |
| twb | flowbee: your existing connection is allowed because it was up before you started ufw | 08:57 |
| flowbee | i'm still getting ssh_exchange_identification: Connection closed by remote host even though i'm set up to use key based auth (at least .ssh dir is) | 08:58 |
| flowbee | and ufw isnt currently running | 08:58 |
| ebrown | !seen twb | 09:03 |
| ubottu | I have no seen command | 09:03 |
| ebrown | ? | 09:03 |
| ebrown | ? | 09:03 |
| ebrown | ? | 09:03 |
| ebrown | ? | 09:03 |
| ebrown | ? | 09:03 |
| ebrown | ? | 09:03 |
| ebrown | ? | 09:03 |
| ebrown | ? | 09:03 |
| ebrown | ? | 09:03 |
| ebrown | ? | 09:03 |
| ebrown | ? | 09:03 |
| pedrocr | I just booted a computer after a motherboard swap. It has two raid arrays running over the same 4 disks. The raid5 array apparently resynced and is now working. The raid1 array is working but degraded with only 2 of the 4 disks. all disks seem to have some smart errors on bootup but nothing else. any ideas on what this could be and how to repair the raid1 array? | 10:55 |
| pedrocr | mdadm --re-add seems to be working | 11:08 |
| pedrocr | I wonder why this happened at all | 11:08 |
| pedrocr | I've configured smartmontools now | 11:09 |
| elijahsh | Hi! I'm configured pppoe client on my 10.04 server. Everything work fine except when my provider lose my connection. Ppp tries reconnect several times and stop with no luck. Where I can change the number of tries and timeout between them? | 11:37 |
| === cmagina-afk is now known as cmagina | ||
| === rpinson_ is now known as raphink | ||
| afeijo | hi guys, I'm trying to setup a dns server in a new server here, I installed bind9 and configured it, it appear to be ok. Do I need to config something in my dsl router and/or the workstations? | 14:15 |
| afeijo | do I need dhcp at my server? | 14:16 |
| afeijo | route cmd at my laptop show as default to 10.0.0.250, it should be 10.0.0.1 (this is the server ip) | 14:17 |
| === med_out is now known as medberry | ||
| uvirtbot | New bug: #783480 in php5 (main) "Invalid multiarch patch" [Undecided,New] https://launchpad.net/bugs/783480 | 14:46 |
| zul | does anyone know why we dont have things like php-imap in main? | 14:52 |
| lynxman | zul: I think it's because libc-client is in universe as well | 14:59 |
| zul | lynxman: yeah it should probably change to make the merge easier | 14:59 |
| lynxman | zul: think so as well, it makes sense | 15:01 |
| uvirtbot | New bug: #783487 in apr (main) "Please sync apr 1.4.4-1 from Debian Unstable." [Undecided,New] https://launchpad.net/bugs/783487 | 15:06 |
| hallyn_ | zul: gmornin'! Were you planning on sending the libvirt patch to send 'container=libvirt' through ENV to the libvirt mailing list? (If not, I"ll send it, but I don't want to take any of your credit :) | 15:09 |
| zul | hallyn: i wasnt but go ahead | 15:09 |
| hallyn_ | zul: ok, will do. | 15:10 |
| _ruben | afeijo: uhm, dns and default routes are pretty much unrelated | 15:10 |
| lynxman | zul: oh btw is the LXC libvirt problem fixed in natty or still in progress? | 15:12 |
| zul | lynxman: well uds was last week so...still in progress ;) | 15:13 |
| lynxman | zul: fair point :D | 15:13 |
| lynxman | zul: tbh I'm still suffering from UDS, hardly productive today | 15:14 |
| hallyn_ | zul: don't suppose you're bored and wnating to implement debian networking support for netcf? :-) | 15:14 |
| zul | lynxman: hah your flight wasnt as long as some people ;) | 15:14 |
| hallyn_ | It should've been on uds agenda, oh well. | 15:15 |
| zul | hallyn_: netcf? | 15:15 |
| lynxman | zul: it was, I had to do a 4 hours connection at heathrow ;) | 15:15 |
| zul | lynxman: only? :) | 15:15 |
| lynxman | zul: yeah, uphill through the snow between T5 and T3 :D | 15:16 |
| zul | it snowed? | 15:16 |
| lynxman | zul: nope, just wanted to add drama to my story | 15:16 |
| * zul is not awake | 15:16 | |
| zul | oh | 15:16 |
| afeijo | _ruben, I'm quite lost right now :( | 15:18 |
| hallyn_ | zul: netcf is what libvirt uses to automatically manipulte networking | 15:24 |
| _ruben | afeijo: you might wanna describe more clear what your actual goal is here, what is the dns server to be used for for instance | 15:25 |
| afeijo | _ruben, new ubuntu 11.04 x64 server installed a few days ago, now I need to configure a dns server at that server, the IPs are been distributed by the dsl wifi router, I installed and configured my local domain with bind9. Do I need to do any settings at the router now? or to each linux/mac/windows station? | 15:29 |
| zul | hallyn_: ah ok | 15:32 |
| SpamapS | hallyn_: was it you that was trying to have irssi not highlight a window whenever there are joins/parts/nicks/etc. ? | 15:42 |
| hallyn_ | SpamapS: nope | 15:45 |
| hallyn_ | SpamapS: mine (when i use irssi) doesn't do that | 15:45 |
| hallyn_ | zul: patch is away | 15:47 |
| zul | hallyn_: cool | 15:47 |
| a7ndrew | i'm none too sure about NFS: anyidea why the uid and gid on the client side would show as '4294967294' and nothing sensible? and why root wouldn't be able to see the subdirs? | 15:48 |
| lynxman | a7ndrew: that sounds like your client is interpretating the -1:-1 of the nobody:nobody gid and uid to the maximum uid/gid available | 15:49 |
| === BlackZ_ is now known as BlackZ | ||
| a7ndrew | lynxman: thanks, interesting hint. Just chowning the dir to root:root didn't work :P | 15:52 |
| Daviey | Yeeeeeeeeeeehaaaaaaaaa! | 16:00 |
| hallyn_ | Daviey: gmornin :) | 16:05 |
| Daviey | hallyn_, Hello sir! | 16:05 |
| Daviey | You were missed last week.. | 16:06 |
| hallyn_ | :( | 16:06 |
| genii-around | a7ndrew: According to https://help.ubuntu.com/community/NFSv4Howto#Troubleshooting "all directories and files on the client are owned by uid/gid 4294967294:4294967294) then you need to set in /etc/default/nfs-common: NEED_IDMAPD=yes and restart nfs-common " | 16:06 |
| Daviey | hallyn_, Having a beer over webcam didn't really fit, but the thought was there. | 16:06 |
| robbiew | hallyn_: FYI...I placed an order for some Toshiba AC100 netbooks (ARM based), planning on giving you one for LXC development/testing this cycle | 16:06 |
| robbiew | and loan one to upstream (daniel?) | 16:06 |
| hallyn_ | robbiew: neat! will be great to finally be able to test that | 16:07 |
| hallyn_ | yeah, daniel would be good. I gather he was there in person last week? | 16:07 |
| hallyn_ | Daviey: i had a cold affligem in the fridge :) | 16:07 |
| Daviey | heh | 16:08 |
| robbiew | hallyn_: yeah, we briefly met...and I told him I'd get him hardware | 16:10 |
| robbiew | order is already placed | 16:10 |
| a7ndrew | genii-around: thanks, i've been reading that, I restarted nfs-common on the client, now the directory is owned by nobody:nogroup, still cant chown to root, still shows no subdirs. Feel i'm getting closer though. | 16:11 |
| a7ndrew | funny directory, that one. Root doesn't have permission to remove it, and its too busy to be unmounted | 16:14 |
| hallyn_ | zul: drat, i don't think libvirt folks will take your patch. But they point out we can use the LIBVIRT_LXC_UUID the same way. | 16:16 |
| zul | hallyn_: doh! | 16:17 |
| ScottK | NCommander: For your armel server spec... The image you're talking about won't talk to the serial port by default like the current headless images will it? | 16:18 |
| NCommander | ScottK: we were looking at implementing a way to switch that | 16:20 |
| ScottK | Most non-dev server people don't use serial. | 16:20 |
| ScottK | NCommander: I think it's worth mentioning in the spec then. | 16:21 |
| NCommander | ScottK: I disagree, I used to use serial for server management primilary and I know several organizations that do so as well. | 16:23 |
| ScottK | NCommander: OK. Some do. Some don't. | 16:23 |
| ScottK | In any case, the server ISO default install targets small deployments (since any non-trivial deployment will preseed/roll their own), so serial by default isn't the right answer. | 16:24 |
| * ScottK still thinks NCommander should put it in the spec. | 16:24 | |
| NCommander | ScottK: it will be in the spec | 16:24 |
| ScottK | Great. | 16:25 |
| ScottK | Thanks. | 16:25 |
| * NCommander is writing the specs up now | 16:25 | |
| ScottK | Yep. I'm getting mail from LP about it. | 16:25 |
| NCommander | ScottK: well I broke the super-spec into a lot of smalelr ones, you can see the dependnency tree | 16:25 |
| ScottK | NCommander: Would you please subscribe to them then so I can follow along? | 16:26 |
| NCommander | ScottK: are you in the ubuntu-armel team? | 16:28 |
| * NCommander was going to add the armel team to all the specs | 16:28 | |
| ScottK | No. | 16:28 |
| zul | NCommander: how did you break down the spec? | 16:28 |
| NCommander | zul: see dependency tre: https://blueprints.launchpad.net/ubuntu/+spec/server-o-arm-server | 16:29 |
| zul | NCommander: cool can you put a note in the whiteboard | 16:30 |
| NCommander | zul: k | 16:30 |
| zul | thanks | 16:31 |
| roasted | So I'm running 11.04 desktop edition and I have dhcp-server installed... but under service--status-all I have no listing of it. ? | 16:42 |
| SpamapS | roasted: service--status-all .. not sure what you mean by that | 16:45 |
| SpamapS | roasted: did you mean 'service --status-all' ? | 16:46 |
| * SpamapS suspects yes | 16:46 | |
| uvirtbot | New bug: #783541 in samba (main) "pam_smbpass should not check that it is running as root" [Undecided,New] https://launchpad.net/bugs/783541 | 16:46 |
| roasted | yes | 16:46 |
| roasted | SpamapS, what is isc-dhcp-server? | 16:46 |
| roasted | could that be it? It's currenty disabled. | 16:46 |
| SpamapS | thats the dhcp server I'm sure | 16:46 |
| SpamapS | that command needs some help btw | 16:46 |
| roasted | that wasn't like that for 10.10 | 16:47 |
| roasted | sigh | 16:47 |
| roasted | constant changes. I can't keep up with this! | 16:47 |
| roasted | do you know how I would start dhcp on 11.04? | 16:47 |
| SpamapS | because dhcp was moved to upstart for 11.04 IIRC | 16:47 |
| SpamapS | roasted: did you try 'service isc-dhcp-server status' ? | 16:47 |
| roasted | says dhcpd is not running | 16:47 |
| SpamapS | roasted: would you expect the OS to never change? ;) | 16:48 |
| SpamapS | roasted: you may want to stay on LTS's if thats the case. | 16:48 |
| roasted | I do for mission critical stuff | 16:48 |
| roasted | this is my laptop we're talking about | 16:49 |
| roasted | but I do imaging from my laptop, hence the dhcp | 16:49 |
| roasted | just kind of irritating when commands are changing so frequently, even for 6 mo releases | 16:49 |
| roasted | anyway, how would I get the service going? All previous commands I remember are, of course, not working. | 16:49 |
| SpamapS | roasted: ok well it may be that it failed to start because your network wasn't up when the system started | 16:49 |
| SpamapS | roasted: does your laptop have statically configured networking then I presume? | 16:50 |
| roasted | I would presume so, as I plugged in after we wereup and running | 16:50 |
| roasted | yes | 16:50 |
| SpamapS | the supported way to start any service is 'sudo service xxxx start' | 16:50 |
| roasted | bingo | 16:50 |
| roasted | failed | 16:50 |
| roasted | lol | 16:50 |
| SpamapS | roasted: dhcpd will fail if the exact interface it is configured for is not setup right | 16:51 |
| roasted | it gets set up through FOG, which Im trying to install | 16:51 |
| roasted | I never had to configure it prior | 16:51 |
| SpamapS | what is FOG ? | 16:51 |
| roasted | think of ghost | 16:51 |
| roasted | except it doesn't suck | 16:51 |
| roasted | and it's free/linux based | 16:51 |
| SpamapS | cool | 16:51 |
| roasted | FOG = Free Open(source) Ghost | 16:52 |
| roasted | where are dhcp configs stored? I can just copy it from my 10 10 install | 16:52 |
| SpamapS | Ok, well then it sounds like FOG must be started before isc-dhcp-server | 16:53 |
| SpamapS | roasted: /etc/dhcp/dhcpd.conf | 16:53 |
| SpamapS | roasted: I take it FOG is not in Ubuntu? | 16:53 |
| roasted | It's a .tar.gz I have to install | 16:53 |
| roasted | installs in terminal from a .sh file or something | 16:54 |
| roasted | I've installed it hundreds of times. the installer does all of the work for you pending answering a few questions | 16:54 |
| roasted | dear unity. stop freezing. thx. | 16:54 |
| SpamapS | roasted: ah, ok, well if the installer configures the network.. does it just modify /etc/network/interfaces or try to do something else clever? | 16:54 |
| roasted | I have to set up a static IP first. | 16:55 |
| roasted | then I run the installer and it asks if the IP I have is the one I want the server configured for. | 16:55 |
| roasted | I say yes and it does the rest for me. | 16:55 |
| roasted | setting up a 192.168 scope, which is the pool that my laptop uses when I image | 16:55 |
| roasted | rebooting. fn unity | 16:56 |
| roasted | now that I rebooted maybe itll be running | 16:57 |
| roasted | since Im plugged in | 16:57 |
| roasted | ah, nope. definitely isn't running. | 16:57 |
| roasted | hm | 16:58 |
| roasted | my dhcpd file is fine on 11.04. it matches identically to my 10 10 install | 16:58 |
| AlexMax | The last time I restarted my server, SSHD did not come up. I'm not really familiar with upstart, how can I tell if openssh is actually attempting to start at boot? | 17:06 |
| AlexMax | I have no idea if it's not being started at all, or if it's being started and not working | 17:07 |
| AlexMax | My host was able to start ssh manually from the terminal | 17:07 |
| shaggster | Ok anybody have an idea why apache would be running under limited permission, getting an error through php fopen() failed to create stream permission denied running a script that creates a file. Everywhere i search says to chmod it 777 but i would like to not have it risk that, but it does work I verified it.. running 10.10 Enterprise cloud | 17:11 |
| shaggster | futhermore something very interesting is the file acctually gets created, but can't see it unless i upload something else to the directory.. refreshing or changing dir doesnt show the file.. | 17:12 |
| flowbee | hi folks; i'm getting: ssh_exchange_identification: Connection closed by remote host | 17:16 |
| flowbee | ssh_exchange_identification: Connection closed by remote host .... when i try to initiate a second ssh session to my ubuntu 10.04 server. i have allowed key based auth | 17:16 |
| === KB1JWQ is now known as Corey | ||
| hallyn_ | zul: do you care one iota if i go ahead and modify lxcguest to handle libvirt without your patch right now? | 17:23 |
| hallyn_ | (i assume not) | 17:23 |
| zul | hallyn_: hella no | 17:23 |
| hallyn_ | :) | 17:24 |
| hallyn_ | all right i'll do that today and then drop the patch from libvirt after jdstrand reviews the rest of my proposed merge | 17:24 |
| hallyn_ | thanks | 17:24 |
| hallyn_ | jinkeys, debian's dvtm is old old old - still has the fd leak from a year ago | 17:25 |
| === jerrad is now known as NightDragon | ||
| Gunni | what command was it again to see what libraries a binary uses? | 17:43 |
| genii-around | Gunni: ldd | 17:45 |
| Gunni | ty | 17:46 |
| kpettit | Any suggestions on a good blocklist program? Trying to get a generic blocklist I can use to block IP address and such | 17:54 |
| genii-around | !info dansguardian | 17:55 |
| ubottu | dansguardian (source: dansguardian): Web content filtering. In component universe, is optional. Version 2.10.1.1-3 (natty), package size 484 kB, installed size 2396 kB | 17:55 |
| kpettit | genii-around, I'll check it out. It looks like it's web specific though. | 17:56 |
| genii-around | Yep | 17:56 |
| kpettit | I'm looking for something that's more generic. Basically block all ports to known bad IP addresses. | 17:56 |
| genii-around | Why not just add those IP to your hosts.deny file | 17:57 |
| kpettit | genii-around, I do, as I find them. But it's a pain to keep up with. | 17:57 |
| kpettit | I'm using fail2ban for some stuff. And I see other bad stuff in the logs. But would feel better if I could use a community block list as added protection. | 17:58 |
| Daviey | kpettit, Using others blacklists is generally discouraged TBH. | 18:02 |
| Daviey | (other than for Bayesian) | 18:02 |
| kpettit | I can see the reasoning on that. This is for a couple of dev type servers that normal public users would be using. | 18:03 |
| kpettit | Just trying to figure out the lowest effort way to have better security. Looking at all the fail2ban logs scare me abit. Tons and tons of bot attacks | 18:03 |
| === koolhead11 is now known as koolhead11|afk | ||
| surjikal | Hey guys, I just imported a VM of ubuntu 10.04 server 32bit that I setup at home on vbox. Now I'm at work and obviously, the fqdn is wrong. Is there a way to reconfigure the network completely, like it was done during the install? | 18:09 |
| Daviey | kpettit, well if you know exactly who is connecting to the servers, use whitelisting :) | 18:18 |
| SpamapS | surjikal: the hostname is recorded in /etc/hostname , if you have a static hostname, thats the place it should be. Note that there are some other things that may need updating as well, like /etc/mailname | 18:19 |
| kpettit | I would if it was the same IP addresses. The guys I have going to it rove around alot. Going in from a starbucks, home, library, etc. | 18:19 |
| surjikal | SpamapS, in /etc/hostname, I only see my hostname. Is there something I can enter there to change the fqdn? | 18:20 |
| SpamapS | surjikal: if you edit that file, you can run 'sudo hostname `cat /etc/hostname`' to set the system wide hostname. Note that services may not pick up the new hostname until they are restarted. | 18:26 |
| surjikal | I changed /etc/hosts | 18:27 |
| SpamapS | kpettit: you want a VPN solution of some kind then. | 18:27 |
| kpettit | probaly. | 18:27 |
| SpamapS | kpettit: the closest thing to a decent block list is denyhosts .. and its barely more than no protection at all. | 18:27 |
| kpettit | VPN's always seem kind of painful to setup. KNow of a good one that is faily easy to use? | 18:27 |
| SpamapS | kpettit: I've always used OpenVPN but I don't know how good or easy the frontends are. | 18:28 |
| kpettit | SpamapS, I think your right about VPN though. I've just been avoiding it becuase of pain with them in the past. | 18:28 |
| kpettit | I don't care so much about hte front end. I'm ok with the CLI stuff. Last time I tried OpenVPN though it was fairly painful to do a simple VPN for a few people | 18:29 |
| SpamapS | kpettit: if you have control over the remote machines its pretty easy to put a shell script or batch file together that starts and stops openvpn automatically w/ client certs for auth.. | 18:29 |
| kpettit | SpamapS, your right. I'll give it try. Thanks for the suggestion. | 18:33 |
| === smb is now known as smb-afk | ||
| MTecknology | !away > smb-afk | 19:45 |
| ubottu | smb-afk, please see my private message | 19:45 |
| zul | Daviey: when you get a chance can you have a look at https://help.ubuntu.com/community/UbuntuBackports | 19:49 |
| zul | doh... | 19:49 |
| zul | i mean https://bugs.launchpad.net/ubuntu/+source/eucalyptus/+bug/778392 | 19:49 |
| uvirtbot | Launchpad bug 778392 in eucalyptus "[UEC 2.0+bzr1241-0ubuntu4.1] Unstable state for the iscsi daemon" [Undecided,New] | 19:49 |
| Daviey | zul, looks like one for upstream comment i think | 19:50 |
| stgraber | hallyn_: are you going to SRU bug 607636 ? | 20:28 |
| uvirtbot | Launchpad bug 607636 in lxc "chardev: opening backend "pty" failed" [High,Fix released] https://launchpad.net/bugs/607636 | 20:28 |
| stgraber | hallyn_: if you don't have the time to do it, I'm fine doing it | 20:29 |
| hallyn_ | stgraber: please go ahead. I do think it should be SRUd | 20:29 |
| stgraber | ok, doing it now | 20:30 |
| hallyn_ | stgraber: thanks | 20:31 |
| stgraber | uploaded | 20:32 |
| === Pelmen is now known as SchneeSchwarz | ||
| RoyK | hi all. I just started virt-manager to add some drives to a test-vm, but then, I get this http://karlsbakk.net/virt-manager-issue1.png - can't see the old images, and can't create new ones - any ideas? | 20:55 |
| === negronjl is now known as negronjl_afk | ||
| RoyK | hm... seems I found the issue - it was trying to open som old storage files which had been removed | 21:07 |
| RoyK | where does virt-manager have its config? I need to remove these from the 'known storage files' | 21:07 |
| hallyn_ | zul: if i give you a natty .deb for lxcguest, can you trivially test that it still does the right thing under libvirt? | 21:16 |
| zul | hallyn_: sure i can probably do it tonight | 21:16 |
| hallyn_ | zul: http://people.canonical.com/~serge/lxcguest_0.7.4-0ubuntu9_amd64.deb | 21:17 |
| zul | hallyn_: ok ill get to it tonight | 21:17 |
| hallyn_ | so long as that passes, i'll push it to oneiric. (natty doesn't actually need it of course) | 21:17 |
| hallyn_ | thanks | 21:17 |
| hallyn_ | ttyl | 21:17 |
| seaLne | how do you make ncurses not cause your eyes to bleed in natty (turn it back to normal blue colour) | 21:45 |
| seaLne | very scary experience during an upgrade | 21:46 |
| addisonj | wtf... why can i not ./run a progam from /tmp on 10.04 lts? | 21:52 |
| soren | addisonj: Maybe it's mounted noexec? | 21:53 |
| seaLne | no exec mounting? | 21:53 |
| addisonj | its not a seperate partition | 21:53 |
| addisonj | its just on . | 21:54 |
| addisonj | oops / | 21:54 |
| soren | addisonj: Maybe it's not executable. | 21:55 |
| soren | addisonj: You're not exactly giving a lot of detail here. | 21:55 |
| flowbee | hi folks... is there a fast way to move from debian etch => ubuntu 10.04 ? i have a debian box on linode but id love to move to ubuntu | 21:56 |
| addisonj | trying to install SAS, it unpacks its own java version to run an installer, which it unpacks to /tmp, i haven't been able to get it run, thought it was a path issue, but if i go straight ti the folder where the java binary is, it still says no such file or directory | 21:57 |
| addisonj | -rwxr-xr-x 1 csroffice csroffice 65116 2007-10-05 03:19 java | 21:57 |
| addisonj | http://pastebin.com/ec7VpzT3 there is the mount | 21:58 |
| soren | addisonj: What exactly are the commands you're trying to run that fail? | 22:00 |
| saveur7elf | hello) | 22:02 |
| addisonj | the installer script unpacks its own java and a jar to run the gui installer, here is the actual command ../../products/javaruntime__92280__lax__xx__sp0__1/bin/java -Xmx1024M -jar deploywiz/setup.jar -startuplocation /media/samba/SAS_9_2_3/Compresed/Linux_64bit/SAS_9.23_Linux_x64 -templocation /tmp/_setup29781 | 22:03 |
| saveur7elf | guys, Where I can get usb ubuntu? | 22:04 |
| addisonj | its a relative path from the location of the jar to the unpacked location of the java binary, but it fails to find the binary (although that is a valid path) | 22:04 |
| flowbee | hi folks... is there a fast way to move from debian etch => ubuntu 10.04 ? i have a debian box on linode but id love to move to ubuntu. but i'll still need to reconstruct my whole setup right? there are no migrations scripts? | 22:06 |
| maxb | saveur7elf: what exactly do you need, there are several forms | 22:06 |
| saveur7elf | mm... ubuntu 11.04 for usbflash) | 22:07 |
| addisonj | I at first thought bash was bugging out on the relative path, but nope, even if i got straight to the directory, it won't run the binary, gives a no such file or path error, which noexec doesn't do correct? | 22:07 |
| maxb | flowbee: you need a clean install for that | 22:07 |
| flowbee | maxb, i guess i meant getting the configuration and packages off of debian and onto ubuntu | 22:07 |
| maxb | saveur7elf: live system? installer? | 22:08 |
| saveur7elf | installer | 22:08 |
| addisonj | flowbee, what configs? are you talking like apache? or your gnome and everything? | 22:08 |
| flowbee | addisonj, i mean like the mysql config/apache config/etc | 22:09 |
| flowbee | and bash stuff | 22:09 |
| maxb | flowbee: no special tooling, just normal file copy/backup tools | 22:09 |
| addisonj | do a fresh install and just move em over, probably the easiest way | 22:09 |
| flowbee | yeah | 22:10 |
| RoyK | hi all. I have qemu/kvm setup on this ubuntu 10.04 machine. after adding some test disks, I want to remove them, but it seems virt-manager can't do this and removing them manually just messes up virt-manager. any idea where these are referenced and how I can remove that? | 22:10 |
| flowbee | how long will 10.04 lts be supported for | 22:10 |
| addisonj | 3 more years? something like that | 22:10 |
| maxb | saveur7elf: you probably want the boot.img.gz disk image from any mirror | 22:10 |
| RoyK | flowbee: LTS is five years for server, 3 for desktop | 22:11 |
| bluethundr | hey guys, I am looking for a way to add the backports repository to a 9.04 (jaunty) server | 22:11 |
| bluethundr | https://help.ubuntu.com/community/UbuntuBackports | 22:11 |
| addisonj | so about 4 more years of support now | 22:11 |
| RoyK | addisonj: yeah | 22:11 |
| * RoyK still runs 8.04 on some servers | 22:12 | |
| addisonj | anyways... back to me issue... yep, pretty much absolutely flumoxed as to why this is acting this way... | 22:12 |
| flowbee | so done with debian | 22:14 |
| flowbee | everything will be running 10.04 now | 22:14 |
| RoyK | :) | 22:14 |
| === negronjl_afk is now known as negronjl | ||
| Macer | blah | 22:29 |
| flowbee | how do i change default editor to vim? | 22:29 |
| soren | bluethundr: Jaunty is dead. Move on. | 22:30 |
| RoyK | flowbee: see /etc/alternatives - there's an editor symlink there | 22:31 |
| RoyK | flowbee: or just set the EDITOR variable | 22:31 |
| bluethundr | soren this is a production server.. it moves onto the current release when the senior sa says it does :) | 22:38 |
| uvirtbot | New bug: #783699 in php5 (main) "package libapache2-mod-php5 5.3.5-1ubuntu7.2 failed to install/upgrade: subprocess installed post-installation script returned error exit status 1" [Undecided,New] https://launchpad.net/bugs/783699 | 22:42 |
| RoyK | http://imgur.com/gallery/0pxaV | 22:43 |
| SpamapS | bluethundr: has that senior sa decided to backport all relevant security patches to jaunty? Poor sod. | 22:43 |
| bluethundr | heh | 22:44 |
| Pumpkin- | or vetting every security announcement to see if it impacts them, or getting appropriate signoffs to not patch it | 22:44 |
| Pumpkin- | I'm glad I make those kind of decisions | 22:44 |
| soren | bluethundr: Production servers that don't receive critical security updates. Fascinating. What was your IP again? | 22:49 |
| bluethundr | soren, my IP is xx.xx.xx.xxx | 22:50 |
| soren | bluethundr: I thought it might be. | 22:51 |
| bluethundr | lol | 22:51 |
| uvirtbot | New bug: #783706 in php5 (main) "package libapache2-mod-php5 5.3.5-1ubuntu7.2 failed to install/upgrade: subprocess installed post-installation script returned error exit status 1" [Undecided,New] https://launchpad.net/bugs/783706 | 22:51 |
| roasted | So... question... let's say I want to rsync my home directory to a samba share. Well, CIFS mounts to .gvfs... wouldn't I create an infinite loop by rsyncing /home/user to /home/user/.gvfs/network_storage/user? | 23:40 |
| RoyK | just use --exclude | 23:42 |
| RoyK | or -x aka --one-file-system | 23:42 |
| roasted | RoyK, do you know of any rsync GUI's that have this option? I'm trying to help my parents set this up with the NAS I left behind. | 23:43 |
| RoyK | nah - I only use the commandline | 23:44 |
| roasted | yeah, me too | 23:44 |
| roasted | maybe I should just walk them through forwarding SSH so I can get in there | 23:44 |
| roasted | what exatly doe s"one file system" do? | 23:45 |
| roasted | doesnt sound too descriptive at first glance | 23:45 |
| RoyK | it doesn't follow mounts | 23:46 |
| RoyK | so if you rsync / and /blah is mounted, that won't be rsync'ed | 23:46 |
| roasted | it seems as if grsync has a "do not leave file system" option | 23:47 |
| roasted | which, when you hover over it, notates -x and --one-file-system | 23:47 |
| roasted | so if I'm rsync'ing /home/fred to /home/fred/.gvfs/network_storage/fred, how does that "doesn't follow mounts" apply? I'm not entirely sure I understand. | 23:48 |
| RoyK | check with 'mount' | 23:48 |
| RoyK | if it's listed there, it won't be backed up with -x | 23:48 |
| roasted | so that would thereby include .gvfs as "mount" when its checked | 23:49 |
| RoyK | is it listed if you type 'mount'? | 23:49 |
| roasted | uh | 23:49 |
| roasted | hang on | 23:49 |
| roasted | it doesnt say exactly .gvfs/network_storage/fred | 23:50 |
| roasted | but it says something about .gvfs fuse | 23:50 |
| roasted | daemon etc | 23:50 |
| RoyK | dunno if rsync will exclude fuse mounts | 23:51 |
| roasted | damnit | 23:51 |
| roasted | I wonder if there's a way to tell | 23:51 |
| roasted | like to see what command this gui is using | 23:51 |
| RoyK | just try | 23:51 |
| RoyK | you'll see the loop if it happens | 23:52 |
| roasted | thats the problem | 23:56 |
| roasted | I won't - they will, and they won't even know it | 23:56 |
| roasted | :P | 23:56 |
| roasted | I just did a quick test bed here with my laptop and a tes CIFS share | 23:58 |
| roasted | looks like it'll work if I check that box in grsync | 23:58 |
| roasted | I think they just have SO mcuh data that they cant tell if its looping or just working | 23:59 |
Generated by irclog2html.py 2.7 by Marius Gedminas - find it at mg.pov.lt!
