/srv/irclogs.ubuntu.com/2011/05/24/#ubuntu-server.txt

SpamapS	kirkland: definitely jealous of your trip.. Plitvice has been on my todo since I saw pics.	00:00
kirkland	SpamapS: heh, yeah, you'd love it ;-)	00:10
ph8	hmmm	00:16
ph8	i've got a kernel panic	00:16
ph8	on a rubbish KVM	00:16
ph8	is there a way to RSEIUB without the sysrq key?	00:16
ph8	I can hold alt, but not sysrq	00:16
ph8	i can only 'tap' print screen rather than simulate a hold	00:17
RoAkSoAx	lbor/win 2	00:24
RoAkSoAx	lol	00:24
=== jjohansen is now known as jj-afk
NCommander	why is aptitude shipped as part of UEC?	01:20
NCommander	oh, nm, tasksel depends on it. Shutting up now :-) (although I'm still confused on why its Task: uec)	01:21
jdii	Can anyone here help me with a question about load balancing	02:58
uvirtbot	New bug: #787312 in samba (main) "package smbclient 2:3.4.7~dfsg-1ubuntu3.6 failed to install/upgrade: subprocess dpkg-deb --fsys-tarfile returned error exit status 2" [Undecided,New] https://launchpad.net/bugs/787312	04:26
toddnine	Hey guys. Have a cron question. I'm trying to do a rolling backup across all nodes in our cluster. Each node will need to run every 6 hours. I can do all the maths in chef, but I'm unsure the best way to enter them into cron. Essentially every node will run ever 6 hours, but with our 3 nodes they need to be in 2 hour offsets. I, I. N1: 0,6,12,18 N2: 2, 8, 14, 20, etc	05:04
toddnine	Is it possible to do this with the */6 syntax, or do I need to list the hours explicity?	05:05
SpamapS	toddnine: you may want to look into something like bacula	05:11
toddnine	SpamapS: Thanks for the response	05:12
toddnine	I'm actually good on the backup solution itself. It's a custom program we've written to sync our Cassandra data with S3 for disaster recovery	05:12
SpamapS	toddnine: it has more sophisticated capabilities for scheduling and can very easily do differential/incrementals ... plus it uses a database to track files so restoring is generally very very efficient	05:12
toddnine	Staggering it across the nodes is the issue, and across 2 DCs on 2 sides of the world :)	05:13
SpamapS	ah you're out there on the edge. :)	05:13
SpamapS	yeah Bacula can automatically stagger servers in groups	05:13
SpamapS	but.. you probably have to run some "dump my data" thing out of cassandra	05:13
toddnine	Yeah, exactly	05:14
toddnine	the script and the backup itself works really well	05:14
toddnine	it's the timing of the automation. I can work out the math in my chef recipes, but I'd rather not :)	05:14
toddnine	looks like I don't have much of an option	05:14
SpamapS	so, you can just do something really lame and have the servers you want offset sleep for 3 hours..	05:15
toddnine	how so ?	05:16
SpamapS	Or, what I'd do.. I'd have one script that manages all of the backups.. so it would just make sure that no more than X ran at once, and start itself every 6 hours.	05:16
toddnine	Yeah, who controls the backup though?	05:17
SpamapS	the server backer upper	05:18
SpamapS	:p	05:18
toddnine	and what if it crashes :)	05:19
SpamapS	there is no "it" in the cloud	05:19
SpamapS	always "they"	05:19
toddnine	exactly	05:19
SpamapS	otherwise its not webscale	05:19
lifeless	SpamapS: around ?	06:13
* lifeless looks for ubuntu server team members to help diagnose an lp issue with their team		06:14
=== smb` is now known as smb
fastveg	Hey guys, I need some help getting a script to run even after I close the SSH window	09:01
joschi	fastveg: start-stop-daemon, nohup, screen. the last one is kind of dirty and you should use one of the first two.	09:02
fastveg	Someone said that you could basically just put an & symbol at the end of the command and it should work, but I'm not having any luck with that	09:02
joschi	fastveg: no, just sending the process to the background (with the ampersand) won't work. it's still attached to the login session	09:03
fastveg	joschi, thanks... let me show you the script and if you could help me format it.... one sec	09:03
fastveg	scrapy crawl domain.com --set FEED_URI=filename.json --set FEED_FORMAT=json	09:04
fastveg	so this is a python script that crawls a bunch of urls and returns the output as a .json file	09:05
fastveg	(using the scrapy python framework)	09:05
fastveg	I actually did try to use screen, but didn't have luck witht hat either.... but I'm not sure I formatted correctly	09:06
fastveg	joschi: someone said to use screen like this: screen -dmS my_app python bla.py -- but how would that look on the script above?	09:08
joschi	fastveg: exactly as you wrote it ;)	09:10
joschi	instead of bla.py put in your script call	09:10
fastveg	does the word python still need to be there? because I took that out last time.	09:11
fastveg	also, thanks for the info about &, I was trying to google exactly what it did, which was entirely impossible	09:11
joschi	fastveg: see section JOB CONTROL in bash's man page	09:13
joschi	fastveg: the "python" just calls the script as a parameter of the python interpreter. if it has a proper she-bang (#!/usr/bin/python or similar in the first line), it'll work without the "python"	09:14
fastveg	joschi: thanks. why is screen considered hacky compared to the other two methods?	09:15
fastveg	and will screen still work if I exit the ssh session (unlike ampersand?)	09:16
joschi	fastveg: screen's purpose is to multiplex terminals for interactive usage. it has far too many features you won't need	09:16
joschi	fastveg: yes, it'll work	09:16
joschi	you just have to detach the session instead of quitting screen	09:16
fastveg	dude, thanks so much, great info. have a good day.	09:16
fastveg	joschi: detach the session = closing the terminal window? or something else?	09:18
joschi	fastveg: try ctrl-a + d ;)	09:18
bencc	I've installed openssh-server and /etc/ssh/sshd_config is empty, is that ok?	10:03
_ruben	nope	10:22
uvirtbot	New bug: #787496 in tomcat6 (main) "tomcat6-user 6.0.24 with confluence deadlocks" [Undecided,New] https://launchpad.net/bugs/787496	12:26
andygraybeal	SpamapS, so i ran fsck -yf /dev/mapper/volume_name -- it ran, says everything is clean but i still have issues with that folder	13:14
andygraybeal	any ideas?	13:15
andygraybeal	am i running fsck wrong ? i booted into single user mode and unmounted /dev/mapper/volume_name	13:16
andygraybeal	like right now, ls -al is taking 10% of my cpu..	13:18
andygraybeal	trying to read that folder	13:18
moonpup	would anyone know why logwatch delivers it's email to me everyday at 6:25am, but when I check mail it says no new mail. if i go into my Maildir I see the new mail sitting in the new folder	13:51
smoser	hggdh, console output (get-console-output) is your only hope at that point.	13:59
hggdh	smoser: so I was not wrong... and jj-afk confirmed it is an issue, anyway	13:59
hggdh	smoser: thanks	14:00
smoser	what was the problem ?	14:00
hggdh	maverick proposed does not boot on m1.small	14:00
RoAkSoAx	morning all	14:20
Jeeves_	Morning	14:20
ahasenack	smoser: hi, are you the "owner" of uec-images.ubuntu.com basically?	14:22
ahasenack	smoser: I ask because I'm switching the way we access that query directory from http to https	14:22
ahasenack	smoser: seems to work, ssl is available, but I wanted to ping you about it	14:23
smoser	ahasenack, yes. you should use https, and it is available by design. and yes, i supposed i "own" it as no one else does	14:29
smoser	but hopefully that will be moving to more "release team" at some point soon	14:29
ahasenack	smoser: cool, thanks	14:30
smoser	ahasenack, remember, rsync is also available.	14:30
smoser	but there would be no way to do ssl over that i dont think.	14:31
ahasenack	smoser: but it's such a small file	14:31
smoser	and we don't sign that data.	14:31
ahasenack	yeah, we got a request for some sort of detached gpg signature for that file, or inline	14:31
ahasenack	but one step at a time	14:31
smb	hggdh, smoser Am on it (maverick ec2)	14:32
smoser	ahasenack, what file would you want signed?	14:32
ahasenack	smoser: released.latest.txt	14:33
=== hito_jp0 is now known as hito_jp
smoser	smb, i was about to bother you about lucid-updates. its still just '-proposed'. we expect new kernel in -updates sometime soon still?	14:33
smoser	ahasenack, is that enough for you though?	14:34
ahasenack	smoser: that and https, I think we are covered	14:34
smoser	why would you need signed and https?	14:34
ahasenack	probably signed would be enough too	14:34
ahasenack	smoser: I can switch to https right now with a one-line change in the code, but switching to verifying a signature is much more involved	14:34
smoser	right.	14:34
smoser	and why would you not want /query/maverick/server/released.txt signed also ?	14:35
ahasenack	"%s/server/released.current.txt" % ubuntu_release)	14:35
ahasenack	that one too	14:35
ahasenack	I'm just looking through the code	14:35
ahasenack	and finding all the bits we fetch	14:35
uvirtbot	New bug: #787551 in ntp (main) "ntpdate 4.2.6p2@1.2194-o: "no server suitable for synchronization found" - works with 4.2.4p8@1.1612-o " [Undecided,New] https://launchpad.net/bugs/787551	14:36
smb	smoser, I would not be the authoritative source there. I lost track a bit. Probably best ask sconklin or bjf	14:36
smoser	k	14:37
smoser	ahasenack, right.	14:37
=== marrusl_ is now known as marrusl
uvirtbot	New bug: #787558 in openvpn (main) "package openvpn 2.1.3-2ubuntu3 failed to install/upgrade: subprocess installed post-installation script returned error exit status 1" [Undecided,New] https://launchpad.net/bugs/787558	14:46
SpaceBass	anyone using a Drobo (specifically Drobo-s) with server? any tips on formatting, lun size, etc?	14:51
Lenhix	Hello. Is there any way of installing a package with PHP 5.2 in Ubuntu Server 10.04?	14:59
Lenhix	A customer had a lot of apps and they're not working with PHP 5.3. I'd rather not have to compile it...	15:00
fastveg	I'm having some trouble getting a command to continue to run after I disconnect ssh	15:02
fastveg	The command is formatted like this, it's a python script: scrapy crawl domain.com --set FEED_URI=filename.json --set FEED_FORMAT=json	15:03
fastveg	I tried to use screen and did this: screen -dmS my_app python scrapy crawl domain.com --set FEED_URI=filename.json --set FEED_FORMAT=json	15:03
fastveg	but nothing happened. is the my_app supposed to be in there?	15:04
fastveg	first time using screen	15:04
smoser	ahasenack, so... i guess to effectively sign things, i'd probably just put a top level file with MD5SUMS (and/or SHA1SUMS) and then a signature on that file.	15:06
Lenhix	fastveg: have you tried #screen?	15:12
fastveg	haven't ;)	15:13
ahasenack	smoser: works	15:16
kirkland	hallyn: what are you calling "escape mode" ?	15:49
hallyn	'ctrl-a escape'.	15:51
hallyn	guess i'm not sure what screen calls it	15:51
kirkland	hallyn: okay, okay, in scrollback mode	15:51
kirkland	hallyn: screen calls it "copy" mode	15:51
kirkland	hallyn: i call it "scrollback" mode	15:51
kirkland	hallyn: okay, so you'd like screen to obey more vi-bindings when in scrollback/copy mode?	15:52
hallyn	right	15:52
hallyn	these days i pretty much exclusively use that for cut/paste on terminal	15:53
hallyn	(bc the S10-3 touchpad sucks so bad)	15:53
kirkland	hallyn: okay, http://manpg.es/screen.1	15:53
hallyn	but it's too slow bc i have to think about only using b/w	15:53
kirkland	hallyn: search for " copy"	15:53
kirkland	hallyn: I think it's the second hit	15:53
kirkland	hallyn: this is definition of what's available keybinding-wise, while in scrollback mode	15:54
hallyn	meh, thanks	15:54
kirkland	hallyn: to add more, we'll need to patch/enhance screen itself	15:55
hallyn	what percent of the file are you at? I don't see a list of available commands. I do see a list of the default bound ones	15:57
hallyn	all right i guess i'm gonna have to patch that	16:00
=== unreal_ is now known as unreal
SpamapS	lifeless: I wasn't around then, around now.	16:18
SpamapS	andygraybeal: interesting	16:18
andygraybeal	SpamapS, it's totally my fault	16:18
andygraybeal	omg, i had a script that was going wacko and i'll explain more when i get time to the ubuntu-server mail list... i need some help	16:18
andygraybeal	fsck checked fine and everything fine, it's that i'm an idiot	16:19
andygraybeal	giddie goat...	16:19
andygraybeal	SpamapS, thank yuo for the hand holding	16:20
andygraybeal	i had a script that was making files exponentially	16:20
andygraybeal	gah!!!!!!!!!!!	16:20
=== mconigliaro_ is now known as mconigliaro
SpamapS	andygraybeal: sweeeeet	16:25
SpamapS	andygraybeal: so there were like, a bazillion files in there?	16:25
andygraybeal	yea	16:25
SpamapS	why didn't I think of that? :-P	16:25
andygraybeal	hahahaha	16:25
andygraybeal	;)	16:25
SpamapS	oh well now you got a little maintenance on the FS out of it. :)	16:26
andygraybeal	0 bytes.. all of them	16:26
andygraybeal	ya, i need help from the list to re-write my script.. i'll get to that soon. yuo can laugh when you see what i was doing.	16:26
SpamapS	If you've never crashed a server by doing something recursive or exponential, you haven't worked on Unix. :)	16:28
* patdk-wk loves recursive functions :)		16:29
patdk-wk	easy to get yourself in trouble though	16:29
andygraybeal	SpamapS, :))))	16:29
* genii-around remembers a server which kept trying to write to /var/log about /var not being able to mount		16:30
andygraybeal	hah, nice	16:30
RoyK	genii-around: using /var on dedicated filesystem isn't really what I do with most servers (anymore)	16:47
* ScottK remembers discovering that the fish protocol would try to transfer all files in parallel when he tried to move about a quarter million small files all at once.		16:47
ScottK	That was also the day I learned about fork bombs.	16:48
RoyK	lol	16:48
* RoyK somewhat misses the days of CGI - I DoSed a server all by myself once, back in 1998 or so, just by trying to 'fix' a poll		16:49
=== jj-afk is now known as jjohansen
CharlieSu	Hi. On my production servers I'd like for Users to be prompted to enter a description of what work they're performing upon SSHing in. Ideally I'd log the message to the auth.log or something similar. Anyone have experience doing something like this? I'm trying to determine the best place to do this. Should I specify a PROMPT_COMMAND in my authorized keys files? Do I need to create a custom shell that invokes bas	17:07
pmatulis	CharlieSu: my first thought is to put a forced command (script) that will ① execute a separate script asking & processing the info and ② proceed to log in normally	17:19
hallyn	ScottK: you're telling me not to bother with the packaging request bugs?	17:30
ScottK	I think they are a waste of time.	17:30
hallyn	ScottK: I was following https://wiki.ubuntu.com/UbuntuDevelopment/NewPackages	17:31
ScottK	It's optional.	17:31
hallyn	hm	17:31
SpamapS	If you want to do UDD..	17:31
SpamapS	you won't show up in the sponsoring queue w/o a bug	17:31
hallyn	so what is the alternative? just ask someone to sponsor and dput?	17:31
SpamapS	"just ask someone" is not exactly scalable..	17:31
hallyn	given it's 4 or 5 packages, i'd prefer to avoid one bug per	17:31
hallyn	SpamapS: you can't scale me anyway, foo!	17:32
ScottK	Neither is the sponsoring queue for new packages	17:32
RoAkSoAx	Daviey: let me know when you send the email	17:32
SpamapS	99% of the time the new packages should go into Debian anyway.	17:32
ScottK	Since it's several related packages, my advice is find a dev that's at least sort of interested and work with them.	17:32
ScottK	Agreed.	17:32
SpamapS	the maintainer relationship there is stronger, so unless there's a good reason not to put it in Debian, you should man up and be the Debian maintainer, or the package won't be taken care of on the right level in Ubuntu.	17:33
Daviey	SpamapS: SPICE does have some reasons for going to Ubuntu first.	17:33
Daviey	but hallyn is beter placed to answer that.	17:33
hallyn	SpamapS: yes, there's good reason not to put it in debian	17:33
ScottK	Daviey can sponsor then.	17:33
SpamapS	Such as, we want to make sure Debian doesn't have it first? ;-)	17:34
hallyn	Daviey: mind sponsoring?	17:34
SpamapS	like, DFSG reasons?	17:34
=== NG_ is now known as ng_
ScottK	SpamapS: Speaking of which, are you in NM yet?	17:34
Daviey	hallyn: show me the mone^D branches / dsc's	17:34
Daviey	SpamapS: no... hallyn will answer this better, but it was more aligned with versioing of things... and Debian being "somewhat" off another stable release.	17:35
SpamapS	ScottK: I've got key signatures and I'm maintaining a few packages. I think next is finding a DD to carry my flag.	17:35
hallyn	SpamapS: see bug 787220	17:35
uvirtbot	Launchpad bug 787220 in ubuntu "[needs-packaging] celt051" [Wishlist,New] https://launchpad.net/bugs/787220	17:35
ScottK	Did I see a DM application from you recently?	17:35
ScottK	I don't remember.	17:35
SpamapS	ScottK: no	17:35
ScottK	SpamapS: Ask your Debian sponsor if you're ready for DM.	17:35
hallyn	Daviey: lemme clean up the copyright files today. but the sources are all in ppa:serge-hallyn/spice2	17:36
hallyn	Daviey: if you prefer, i can push a tarball to p.c.c	17:36
Daviey	hallyn: either way suites me.	17:37
Daviey	hallyn: can you explain the reasoning again for going to Ubuntu first?	17:37
SpamapS	ScottK: I've had 5 different sponsors. :-P	17:37
ScottK	SpamapS: You only need one to say yes.	17:37
hallyn	Daviey: sure. there's a few interlocking reasons, first is that we want it in main (preferably) by 12.04. Debian doesn't care to rush it bc they have no release for 2 years.	17:38
hallyn	Daviey: now, spice depends on celt (for now), which is under development. Each new version of it is not compatible with the previous	17:38
CharlieSu	pmatulis: I'm actually doing this PROMPT_COMMAND="other.sh;$PROMPT_COMMAND";	17:39
hallyn	Daviey: spice may drop celt at some point, but they won't switch versions until celt hits a stable release (which may never happen)	17:39
SpamapS	ScottK: I will be working closely w/ Nobert on MySQL, and slangasek on upstart stuff in Debian this cycle.	17:39
ScottK	Great.	17:39
CharlieSu	pmatulis: in /etc/profile.d/question.sh where other.sh logs to my logger	17:39
SpamapS	ScottK: I figure they'll get tired of me bugging them and we can do it then.	17:39
hallyn	Daviey: we (and ubuntu) have celt 0.7.1 packaged. spice requires 0.5.1. Debian won't package celt051 for the reasons cited above. So Debian is just waiting.	17:39
hallyn	Daviey: we coudl patch spice to use celt0.7.1, but then we wouldn't be able to use our client with redhat server and vice versa	17:40
hallyn	Daviey: let me know if i've not blabbed enough yet :) I htink I outlined it better in the packaging request bug	17:41
Daviey	hallyn: sounds good to me	17:46
fastveg	how would I open a website in text only from the command prompt	18:06
CharlieSu	fastveg: links2	18:07
Pici	fastveg: w3m http://google.com	18:07
Pici	w3m should be installed on ubuntu-server by default	18:07
fastveg	pici: awesome, thanks. not installed on mine for some reason but I can grab it	18:08
CharlieSu	fastveg: links2 has X support	18:08
fastveg	ahh ok	18:08
fastveg	haha w3m is sweet. loving the text based google	18:10
* RoyK just tested links2 with X and probably won't use it again :P		18:12
hallyn	Daviey: ok, so when filling iin the list of copyrights in debian/copyright, do i include things like FSF copyright for install.sh that came through autogen?	18:16
CharlieSu	Hi. I'd like to make a custom shell like this https://gist.github.com/989190 so that I can get the reason why people are logging in when they do. Is there a way to something like this without having to do this? If not, is there a way to tell /etc/passwd to try this and then /bin/bash if this file isn't present?	18:28
=== hallyn is now known as hallyn_afk
hallyn_afk	Daviey: ok, i think the copyright files are pretyt much sorted out. I prolly went overboard on the spice one and should yank some out. But all of the oneiric targeted ones in ppa:serge-hallyn/spice2 are the ones	18:31
hallyn_afk	Daviey: if i disappear, kim0 is a good one to re-test if you like, once they hit universe	18:31
* hallyn_afk bbl		18:31
Daviey	hallyn_afk, sorry	18:31
Daviey	hallyn_afk, no, keep the copyright limited to the upstream files... autogenerated files don't normally matter.	18:31
bencc	how do I set fqdn?	18:34
RoyK	bencc: /etc/defaultdomain and /etc/hostname should do	18:35
RoyK	bencc: perhaps adding your domain to the search path in /etc/resolv.conf too	18:42
patdk-wk	heh, I always hate that :)	18:43
patdk-wk	I refuse to ever add a search domain, just causes all kinds of bad dns requests to my recursors	18:44
RoyK	patdk-wk: how?	18:46
patdk-wk	everytime it gets a failed lookup, it appends the search domain to it, and tries again	18:47
=== RoyK is now known as Neverwhere
=== Neverwhere is now known as RoyK
scott[8]	is there a "best" or perfered ssh package? for a website production box running 10.4	19:17
Pici	scott[8]: The standard openssh-server package is pretty much the standard.	19:18
scott[8]	thanks.	19:18
Pici	With less redundancy in that sentence ;)	19:18
scott[8]	haha	19:18
=== unreal_ is now known as unreal
uvirtbot	New bug: #787733 in apache2 (main) "bug in lamp-server" [Undecided,New] https://launchpad.net/bugs/787733	19:56
lynxman	adam_g o/	20:01
adam_g	heyo	20:01
=== negronjl_ is now known as negronjl
=== hallyn_afk is now known as hallyn
64MAAJY2L	When changing the port number for ssh in /etc/ssh/sshd_config how do you know which port numbers are safe to use?	20:15
RoyK	64MAAJY2L: any port is generally safe, or unsafe	20:17
RoyK	64MAAJY2L: if you want to stop people brute-forcing your machine on ssh, use something like fail2ban or denyhosts	20:18
RoyK	I use the latter, since it's distributed in terms of lists of attackers	20:18
64MAAJY2L	If I changed the port for ssh in /etc/ssh/sshd_config from 22 to say 80 I'm assuming that would cause problems because port 80 is for http right?	20:20
scott[8]	64MAAJY2L, it's not going to stop all traffic going to that port	20:21
RoyK	64MAAJY2L: just leave it at port 22	20:21
scott[8]	^	20:21
RoyK	64MAAJY2L: and just install denyhosts to block bots scanning for passwords	20:22
64MAAJY2L	Ok I will install denyhosts	20:22
RoyK	64MAAJY2L: also, using something like john to probe the passwords of your users might be good - or cracklib to make sure they don't choose passwords like 'beer'	20:23
RoyK	64MAAJY2L: moving the ssh port to something else won't help much - a simple scan will show which ports listen to what	20:24
64MAAJY2L	RoyK: john the ripper right?	20:24
RoyK	yep	20:24
henninge	kirkland: ping ;)	20:24
kirkland	henninge: howdy	20:24
henninge	kirkland: Hi, can you give me a hint about encrypted homedirs?	20:25
kirkland	henninge: probably ... what's your question(s)?	20:25
henninge	kirkland: the man pages seem to only refer to the old "Private" setup (a subdirectory).	20:26
semiosis	64MAAJY2L: /etc/services lists what services commonly use certain ports, but in general you could put ssh on any port that doesnt already have a service on it	20:26
henninge	kirkland, how is does that change when a complete homedir is encrypted?	20:26
kirkland	henninge: okay, so you have a user already installed and you want to convert that user to an encrypted home dir?	20:27
henninge	no ;)	20:27
semiosis	64MAAJY2L: you can use 'netstat -anp' to see what services are bound to what ports	20:27
kirkland	henninge: okay ... you want to .... install from scratch and have your home dir encrypted?	20:27
henninge	kirkland, I have a user with an encrypted homedir but somehow that config got lost.	20:27
kirkland	henninge: "that config" ... you mean your ~/.ecryptfs directory?	20:27
64MAAJY2L	right.. can't believe I forgot about using netstat	20:27
henninge	kirkland, right	20:28
kirkland	henninge: okay, and this is 11.04?	20:28
henninge	kirkland, I mean it is there but it is for my old config	20:28
henninge	yes	20:28
henninge	kirkland, full story:	20:28
kirkland	henninge: what "old config"?	20:28
* RoyK wouldn't use Zimbra on anything != LTS		20:28
henninge	I backed up my old homedir which was not encrypted but had a Private dir.	20:28
henninge	then I installed 11.04 and created the user with an encrypted homedir	20:29
henninge	after that I restored my old homedir.	20:29
kirkland	henninge: which overwrote your .ecryptfs?	20:29
henninge	kirkland, exactly	20:30
henninge	kirkland, I have the key,though	20:30
henninge	the new key	20:30
kirkland	henninge: perfect, that was my next question :-)	20:30
henninge	;-)	20:30
kirkland	henninge: and, are you using encrypted filenames?	20:30
henninge	yes	20:30
kirkland	henninge: perfect ...	20:30
kirkland	henninge: okay, do this:	20:30
kirkland	henninge: cd $HOME/.ecryptfs	20:31
kirkland	henninge: touch auto-mount auto-umount	20:31
kirkland	henninge: echo "$HOME" > Private.mnt	20:31
kirkland	henninge: ecryptfs-wrap-passphrase ./wrapped-passphrase	20:32
kirkland	henninge: (enter your new mount passphrase, that you recorded)	20:32
henninge	Ah, already did that last one	20:32
henninge	;)	20:32
kirkland	henninge: logout, and back in	20:32
kirkland	henninge: that should do it	20:32
henninge	oh, cool	20:32
kirkland	henninge: give it a try	20:32
henninge	kirkland, I guess it does not matter if I use graphical or console login?	20:34
kirkland	henninge: should not	20:34
kirkland	henninge: but console fails more gracefully	20:34
kirkland	henninge: in case it fails	20:35
kirkland	henninge: i recommend testing console first	20:35
henninge	kirkland, I tried, nothing happens	20:35
henninge	I mean, I am in the blank homedir	20:35
bencc	config file should have 0644 or 0600 mode? for example /etc/nginx/nginx.conf	20:36
bencc	it has 0644 but I don't understand why not 600	20:36
kirkland	henninge: okay, you've logged in, and you're that user	20:36
kirkland	henninge: but your home dir is not mounted	20:37
kirkland	henninge: mount \| grep ecryptfs	20:37
kirkland	henninge: shows nothing, right?	20:37
henninge	nada	20:37
henninge	right	20:37
ruben23	guys any idea when i do this i ahve this error----------------> http://pastebin.com/YWCcWKZf	20:38
kirkland	henninge: okay, ls -alF $HOME \| pastebinit	20:38
kirkland	henninge: let me check that your symlinks are setup correctly	20:39
genii-around	!info php-imap	20:39
ubottu	Package php-imap does not exist in natty	20:39
genii-around	ruben23: I think you want php5-imap instead	20:40
henninge	kirkland, will do, have to do "man pastebinit" first ... ;)	20:41
kirkland	henninge: or just pastebin the output	20:41
henninge	not easy from the console	20:42
uvirtbot	New bug: #787755 in samba (main) "Samba does not notice added or removed CUPS printers" [Undecided,New] https://launchpad.net/bugs/787755	20:42
kirkland	henninge: hence, pastebinit :-)	20:43
henninge	http://paste.ubuntu.com/612431	20:43
henninge	kirkland, still need to do that number manually ;)	20:43
henninge	I think that .cache was created by Gnome on the first failed login	20:44
kirkland	henninge: and ls -alF $HOME/.ecryptfs \| pastebinit	20:44
henninge	right	20:44
henninge	url++ ;-)	20:44
henninge	http://paste.ubuntu.com/612432	20:44
henninge	argh	20:45
henninge	try again	20:45
henninge	kirkland: http://paste.ubuntu.com/612434	20:45
henninge	kirkland, shouldn't I be able to search for error messages somewhere?	20:46
kirkland	henninge: sure, syslog	20:47
kirkland	henninge: sudo grep -i ecryptfs /var/log/*	20:47
kirkland	henninge: and the contents of $HOME/.Private/ ... they look encrypted?	20:48
henninge	kirkland, it does	20:49
henninge	ECRYPTFS_FNEK_...	20:49
kirkland	henninge: okay, I'm at a loss, then ...	20:49
kirkland	henninge: try this:	20:49
kirkland	henninge: ecryptfs-mount-private	20:49
kirkland	henninge: enter your passphrase	20:49
kirkland	henninge: oh, wait	20:49
kirkland	henninge: we forgot one thing :-)	20:49
kirkland	henninge: doh	20:50
henninge	"not setup properly"	20:50
kirkland	henninge: cd $HOME/.ecryptfs	20:50
kirkland	henninge: yup, i just remembered ...	20:50
kirkland	henninge: keyctl clear @u	20:50
henninge	huh?	20:50
kirkland	henninge: first, clear your keyring ^	20:50
kirkland	henninge: then:	20:50
kirkland	henninge: ecryptfs-insert-wrapped-passphrase-into-keyring	20:50
kirkland	henninge: you should get a message that two keys were inserted into your keyring	20:51
kirkland	henninge: and there will be a signature for each	20:51
henninge	man page says to pass in a file as a parameter?	20:51
henninge	ok, works without	20:52
henninge	kirkland, only one key	20:52
kirkland	henninge: okay, that's fine	20:52
kirkland	henninge: now, do: keyctl list @u	20:52
kirkland	henninge: should show you two keys, right?	20:52
henninge	sudo?	20:53
kirkland	henninge: no sudo	20:53
kirkland	henninge: as your user	20:53
henninge	"list is not a legal command"	20:53
kirkland	keyctl list @u	20:53
henninge	sorry, tab completion took be to keytool ...	20:54
henninge	2 keys in keyring ;-)	20:54
henninge	kirkland, try again (logout/login) ?	20:54
kirkland	henninge: not yet ...	20:54
kirkland	henninge: we need to put those two key signatures into $HOME/.ecryptfs/Private.sig	20:55
kirkland	henninge: one per line	20:55
henninge	ah, that one	20:55
henninge	actually, I had meant to ask about that file in the first place ... ;)	20:55
henninge	forgot	20:55
kirkland	henninge: the first one needs to be the one that came back from ecryptfs-insert-wrapped-passphrase-into-keyring	20:55
kirkland	henninge: and the second line needs to be "the other one" in your key sig list	20:55
henninge	ok	20:55
kirkland	henninge: yeah, sorry, i barfed on this one	20:56
kirkland	henninge: once you've done that	20:56
kirkland	henninge: try ecryptfs-mount-private	20:56
henninge	ok, standby	20:57
henninge	kirkland, yeah!!! ;-D	21:00
kirkland	henninge: ;-)	21:00
kirkland	henninge: sorry about that	21:00
henninge	kirkland, I'll try the login/logout now	21:00
henninge	kirkland, no need to be sorry	21:00
henninge	kirkland, thank you very much ;)	21:01
kirkland	henninge: welcome	21:01
henninge	login/logout worked, too	21:01
henninge	kirkland, will you be in Dublin?	21:01
kirkland	henninge: yep	21:01
henninge	kirkland: Cool, I'll see you there and buy you a drink	21:02
kirkland	henninge: \o/	21:02
henninge	... or an ice cream or whatever	21:02
henninge	;-)	21:02
=== ng_ is now known as NG_
=== NG_ is now known as ng_
SpamapS	I believe the appropriate favor currency in Dublin is a Guinness	21:17
* kirkland will work for Guinness		21:17
JFo	I'd walk a mile...	21:17
SpamapS	May 24 13:18:15 clint-MacBookPro libvirtd: 13:18:15.000: 1385: error : qemuDomainObjBeginJobWithDriver:453 : Timed out during operation: cannot acquire state change lock	21:20
SpamapS	HRM	21:20
soren	While doing what?	21:20
jj995	I did "zpool create external -m /external /dev/sde", and when my system rebooted sde became sdd -- can/should I have specified a UUID instead? How can I rename the device used by the zpool?	21:22
jj995	(no answer in #zfs, so I was hoping to luck out here)	21:23
SpamapS	soren: forcing a dead VM off	21:24
SpamapS	eventually it actually did work	21:24
SpamapS	jj995: zfs isn't really a linux thing. ;)	21:24
SpamapS	even if it is	21:24
SpamapS	it isn't	21:24
=== MTecknology is now known as dead_letter
andygraybeal	SpamapS, i kill the process when that happens to me	21:30
andygraybeal	er .. when a vm isn't responding with virsh	21:30
cillin	just got bind9 and got it running as caching nameserver, but will the database built be persistant or wiped on reboot?	21:36
kirkland	negronjl: ping	21:42
kirkland	negronjl: okay, I think I'm about ready for that "dotdee" demo ;-)	21:42
uvirtbot	New bug: #787789 in bacula (main) "package bacula-director-mysql 5.0.3-0ubuntu2 failed to install/upgrade: le sous-processus script post-installation installé a retourné une erreur de sortie d'état 1" [Undecided,New] https://launchpad.net/bugs/787789	21:52
lynxman	kirkland: can I see? :)	21:52
kirkland	lynxman: sure :-)	21:52
lynxman	yay	21:53
kirkland	lynxman: let's get negronjl back online, and do a demo	21:53
* kirkland fires up an ec2 vm		21:53
lynxman	kirkland: nods	21:53
negronjl	lynxman, kirkland: where are you guys doing the demo at?	21:56
lynxman	negronjl: I guess ec2	21:56
kirkland	negronjl: lynxman: ssh ubuntu@ec2-50-17-120-128.compute-1.amazonaws.com	21:56
kirkland	negronjl: hey, join us in ec2 + mumble	21:58
raoult1	kk the download to Upgrading Ubuntu 11.4 is 100%	22:00
cillin	some "Avahi" is complaining about fully qualified domain name, how can i change it to something else? like "homenet.org" or so	22:04
=== ng_ is now known as NG_
RoAkSoAx	kirkland: am I too late for the dotdee demo? :L(	22:22
kirkland	RoAkSoAx: i can do it again	22:22
lynxman	kirkland: encore encore! \m/	22:22
RoAkSoAx	kirkland: no worries :), whenever you schedule to show it to someone else I can jump in	22:23
RoAkSoAx	kirkland: are we changing powernap config.d/ to dotdee?	22:23
kirkland	RoAkSoAx: :-) maybe we should ...	22:23
kirkland	RoAkSoAx: i was going to demo for kees too (who had the marvelous idea to use inotify)	22:24
negronjl	hmm.... interesting. kirkland. maybe we should start incorporating dotdee into our projects ( orchestra, etc. ). thoughts?	22:24
kirkland	negronjl: great idea; let me give it a thought	22:24
RoAkSoAx	kirkland: sure let me know when you show it to him and I'll tag along	22:24
kirkland	RoAkSoAx: let me fix the upstart job, and i'll demo in a few	22:24
RoAkSoAx	kirkland: k ;)	22:24
cillin	anyone can help me with how to change / set a fully qualified domain name?	22:28
kirkland	RoAkSoAx: what's your LP id?	22:42
RoAkSoAx	kirkland: andreserl	22:42
kirkland	RoAkSoAx: ssh ubuntu@ec2-50-17-120-128.compute-1.amazonaws.com	22:43
negronjl	kirkland: if it is another dotdee demo, mind if I join in?	22:43
kirkland	negronjl: heh	22:44
kirkland	negronjl: sure, same machine	22:44
kirkland	negronjl: same demo	22:44
negronjl	ahh...ok. I thought you had time to fix the issues.	22:44
kirkland	RoAkSoAx: you in?	22:44
kirkland	negronjl: oh, yeah, i did do that :-)	22:45
negronjl	kirkland: im in	22:45
RoAkSoAx	kirkland: in	22:46
kirkland	RoAkSoAx: are you on mumble too?	22:46
kirkland	RoAkSoAx: i'll talk you through it	22:46
arooni	how can i find out the process id and process name of the output of this command: QUEUE=scraper RAILS_ENV=backend rake resque:work --trace ?	23:13
SpamapS	OMG	23:21
SpamapS	https://launchpad.net/ubuntu/+source/rubygems/1.7.2-1	23:21
SpamapS	+ executables are now installed to /usr/local/bin.	23:21
* SpamapS sends a giant hug Lucas Nussbaum's way		23:21
cillin	is there any alternative to Webmin?	23:51
Corey	cillin: Yes, "Knowing what you're doing."	23:51
=== Snugger_ is now known as Snugger
cillin	.......well thats a helpful answer, all i want is an graphical enviroment to set things	23:52
qman__	cillin, ebox is an alternative to webmin	23:55
qman__	however, though perhaps rude, I agree with Corey	23:56
qman__	these web GUIs tend to just make fixing things a lot harder when they break	23:56
qman__	and anyone running something like an internet mail server needs to know more than how to click it in a web GUI, otherwise you're just going to get owned	23:57
SpamapS	!ebox	23:59
ubottu	ebox is a web-based GUI interface for administering a server. It is designed to work with Ubuntu/Debian style configuration management. See https://help.ubuntu.com/community/eBox	23:59
SpamapS	damnit I submitted a new factoid for that like 2 months ago	23:59
SpamapS	its not called ebox anymore	23:59
SpamapS	!zentyal	23:59

Generated by irclog2html.py 2.7 by Marius Gedminas - find it at mg.pov.lt!