[00:03] it is possible with gradm (IP ACL) === robrt`_ is now known as robrt` [00:27] I need help with the networking on my server. [00:27] electrofreak: ? [00:27] I just did a '/etc/init.d/networking restart' and now I can't ping anything local or over the internet [00:27] I can ping localhost tho [00:28] 'route -n' looks normal [00:28] give me /etc/networks [00:29] link-local 169.254.0.0 [00:29] this is all? [00:29] WMP: ^^ [00:29] yes [00:29] there is a comment, but I'm not typing that out [00:29] 1269.254.x.x would generally mean it didn't get a DHCP IP [00:29] and /etc/network/interfaces ? [00:30] /etc/networks is just a networks list like /etc/hosts is a hosts list [00:30] auto lo [00:30] iface lo inet loopback [00:30] and... [00:30] auto eth0 [00:30] electrofreak: pastebin [00:31] sorry, yea. I should for the rest of it (I'm typing this all by hand, btw) [00:31] ;) [00:32] you have dhcp? [00:32] no, it's static [00:33] http://pastebin.com/U90FQEj7 [00:33] so you mush write data to interfaces [00:33] hmmm [00:33] this data is good? [00:33] should be [00:34] I mean, yes... for my network it is. [00:34] what display dmesg? [00:34] always worked fine in the past [00:34] dmesg shows nothing fishy. what might I look for. [00:35] ifconfig [00:35] there are a few messages that are from my failed attempts to get it working on my own [00:35] ifconfig will be a pain to reproduce for you guys, heh. but it looks normal [00:36] I almost have a feeling the NIC module got messed up somehow [00:36] hmmm [00:36] I looked for it in lsmod, but don't think I saw it. was going to try reloading it [00:36] might be compiled in [00:36] maybe reboot? [00:36] I'd rather not, but if it comes to that :-/ [00:37] i havent other idea ;) [00:37] good reboot isn;t bad [00:37] yeaa... [00:37] sorry but it is time to sleep, bye bye [00:37] 97 days of uptime tho :-( [00:38] top [00:38] opps, wrong window [00:39] Greetings all [00:39] people stopped caring about uptime years ago [00:39] if that's the only thing stopping you, don't let it [00:40] I care about stability more than anything, even features :) [00:40] yea [00:40] I just hate rebooting for stupid crap [00:40] this should work [00:40] :-/ I guess it's my only option tho. damn it [00:44] reboot did fix it [00:44] as I suspected. It was likely something dumb with the NIC drivers, somehow got messed up when I restarted networking [00:44] or some weird lock or who knows what :-/ [00:44] maybe that rmmod [00:45] I don't see any modules for the nic [00:45] do they just compile it in these days? [00:47] might as well do the kernel upgrade and stuff to, now that I've rebooted [00:57] hey guys can i have 2 web-based file managers/browsers installed at the same time [00:57] like AjaXplorer and Webmin [00:58] I´ve followed the ubuntu server guide to configure a samba pdc sever. The win7 computer has entered the domain just fine, but the logged user cannot edit his own folder. Any ideas? [01:26] when installing a package by source, what do you need to do to make it identical to using a system like APT? [01:26] is it just the start/stop/restart scripts and update-rc.d? [01:57] what would the wget command be to spider ALL of my website looking for (and d-loading) one type of file (ie. .jpg)? [03:16] New bug: #790038 in cobbler (universe) "package cobbler-web 2.1.0-0ubuntu7 failed to install/upgrade: sub-processo script post-installation instalado retornou estado de saída de erro 1" [Undecided,New] https://launchpad.net/bugs/790038 === Snugger_ is now known as Snugger === Guest98960 is now known as xokvictor [06:53] hi all [06:56] can anyone tell me, which means that certifiaction of equipment? http://www.ubuntu.com/certification/ [07:37] Can anyone help me out with an overloaded rails server [07:45] xokvictor: that looks like a Hardware Compatibility List [08:05] How do I force Ubuntu to do an fsck on boot? [08:07] touch /forcefsck [08:07] And pray [08:09] That worked. It went right into fsck :) [08:18] can anyone tell me, which means that certifiaction of equipment? http://www.ubuntu.com/certification/ [08:22] ??? [08:22] anybody there? [08:24] xokvictor: system admins tend to care more about equipment that works, than equipment that is certified. Canonical will probably be happy to sell you on why certified equipment is "better supported" if your management needs that kind of reassurance. [08:26] "better supported" - hat do u mean? more stability, more supported devices? [08:27] xokvictor: the certification means that a number of tests have been passed on that machine. Not sure if the tests or their results are publicly available though [08:27] or better suport all devices in specified model? [08:28] xokvictor: so the certified release at least boots and all core components work [08:28] thanks [08:28] xokvictor: it probably will not test for some hardware as fingerprint readers on laptops that would require a manual test [08:28] TeTeT u r very helpful for me [08:28] xokvictor: or a tape in a server for backup [08:29] thank u very much [08:30] xokvictor: though understand that certification does not mean fully enabled, what your questions above seem to ask for [08:30] xokvictor: most likely a fully enabled Ubuntu would come pre-installed on a specific hardware from your vendor of choice [08:30] ok ) [08:31] xokvictor: I'd also recommend to contact your vendor of choice and ask them specifically on the ubuntu release and server you're interested in. Always helps to raise visibility [08:32] TeTeT: i'm new user in ubuntu, how i can help for ubuntu? [08:33] TeTeT: how to start learning? [08:33] xokvictor: check the help on help.ubuntu.com and if something is unclear or wrong, contact the page author and let them know. It's a good way to start, there are other ways, but going with the docs first is good [08:34] xokvictor: else, depends on your skills and what you want to do. For example, I do some bug triaging and fixing in my spare time at times [08:34] xokvictor: and try to be helpful on cloud related questions over IRC [08:35] what do u mean in last messege [08:35] what do u mean in last message [08:35] sorry for my english ) [08:35] xokvictor, and also join #ubuntu to solve beginner level questions :) [08:37] koolhead11, i'm from Ukraine, and want learning ubuntu and english ) thanks for recomendation [08:37] and want be helpful [08:38] xokvictor, spread the knowledge and more knowledge will come to you!! :D [08:38] and i want integrate Ubuntu in my organization $) [08:38] :) [08:39] koolhead11, u r right! [08:39] ) [08:46] xokvictor: it's a technology thing, called cloud, sort of a specialization of a server usage. I'm low on time right now, otherwise I'd give you an intro [08:49] TeTeT: you tell me about this? http://en.wikipedia.org/wiki/Cloud_computing [08:50] xokvictor: yes, specifically UEC, http://www.ubuntu.com/business/cloud/overview [08:52] TeTeT, yes, i'm readed about this option on this weekend, it's very good and i need this.. but i mean private cloud because it's more security [08:55] OK I am borked, because I glanced at this page and thought "TeTeTe" was cyrillic [08:57] <_ruben> heh [09:11] who can advise beter solution for NAT? [09:12] <_ruben> try asking your actual question(s) instead [09:14] xokvictor: IPv6 is the right solution to NAT [09:14] what do u mean? [09:14] ) [09:14] i have a server, and 500 pc's [09:14] <_ruben> with ipv6, you wont need NAT no more [09:15] why? [09:15] and with unicorns, you won't need vitamin C anymore [09:15] <_ruben> because you'll have way more ip addresses than you'll ever need [09:15] we r working in ipv4 [09:15] SpamapS: hey man, ipv6 is older than I am [09:16] Even the telcos have adopted IPv6 (4G), and they're usually behind everyone else [09:16] ok, but not all devices ready for ipv6 [09:16] xokvictor: such as? [09:16] i need ipv4 solution, but ipv6 interesting to [09:17] old printers [09:17] https://secure.wikimedia.org/wikipedia/en/wiki/IPv6#IPv6_readiness [09:17] <_ruben> solution for what? [09:17] for NAT [09:17] <_ruben> what about it? [09:17] You can't "solve" NAT without IPv6 [09:17] internet for inside pc's throute NAT [09:17] <_ruben> NAT for ipv4 is trivial to setup [09:18] xokvictor: we call that "routing" [09:18] what u can recommended? pf, natd, etc. [09:18] <_ruben> netfilter [09:18] Oh, sorry ) [09:18] Linux only has one NAT implementation, netfilter. It is part of the kernel. [09:19] like NetGraph in FreeBSD? [09:19] <_ruben> dunno, i dont do *bsd [09:20] <_ruben> iptables -t nat -j SNAT -h and man iptables are pretty much all you need [09:21] iptables better than netfilter? [09:21] <_ruben> iptables is the userland part of netfilter [09:24] how many people can working through iptable normally? [09:25] without lags [09:25] That would depend on hardware capabilities, and how those people use the network. [09:26] For example, a normal user would use a lot less that some stupid young person spending lurking on facebook and youtube. [09:26] *spending time [09:28] together network using about 400 people [09:28] <_ruben> depends on your hardware [09:28] one moment [09:29] <_ruben> if it's hardware from this century, you'll quite likely do just fine [09:29] _ruben: millenium even [09:29] <_ruben> crap, that's what i meant to say :p [09:29] <_ruben> xokvictor: how fast is the internet connection? [09:30] <_ruben> and what type? [09:32] CPU: Intel(R) Xeon(R) CPU 5110 @ 1.60GHz (1597.53-MHz K8-class CPU) [09:33] Multiprocessor System Detected: 4 CPUs [09:33] Intel had model strings that included "K8-class"? Wow. [09:34] 4GB Fully Buffered DIMMs DDR III [09:34] ) [09:34] normal? [09:34] _ruben, what do u mean about @type@ [09:34] "type" [09:36] xokvictor: is it satellite, 56k dialup, tie line, isdn, or what [09:39] xokvictor, that will be sufficient :D [09:40] hello, is it still possible to dist-upgrade a server from jounty to lucid? [09:40] slhsen1: upgrades from n to n+1 are always possible [09:40] slhsen1: in your case you'd have to go via karmic [09:41] <_ruben> and one usually doesnt do upgrade through dist-upgrade, but use do-release-upgrade instead [09:41] !upgrade [09:41] For upgrading, see the instructions at https://help.ubuntu.com/community/UpgradeNotes - see also http://www.ubuntu.com/desktop/get-ubuntu/upgrade [09:44] thanks, i was a little worried about dropped support, since i'm no longer to upgrade any packages [09:46] For debian, at least, that is just because EOLd releases are moved to a non-mirrored location [09:46] we have optical 15 Mb|s [09:47] <_ruben> 15 Mbit/s for 400 users .. ouch .. i'd almost feel sorry for the users [09:48] twb: so can I still access those packages? [09:48] slhsen1: I guess so [09:49] _ruben: depends if he means "actually 15mbps" or "theoretical maximum 15mbps" [09:49] In .au you rent a 22mbps line and get effective 0.5mbps [09:53] <_ruben> twb: lovely [09:54] <_ruben> sounds a "bit" like our UA office, claims to have a 100Mbit/s pipe, but iperf gets 300Mbit/s over it :p [09:54] "UA"? [09:54] But it's A-OK because RSN ma bell's copper will be told to GTFO and we will have FTTP. Honest. It's a core election promise. [09:54] <_ruben> ukraine [09:54] Oh. [09:54] _ruben: at least we aren't .za [09:55] <_ruben> where pigeon cariers with sd cards are faster than the actual lines [09:55] And the al smelting plants run at 30% capacity because they can't get enough juice from the grid [09:56] Never underestimate the bandwidth of a truck loaded with backup tapes. [09:56] <_ruben> yup [09:56] (Yes, OK, I acknowledge that turning alumina into aluminium is electrically expensive.) [10:05] sorry for wait, working :) [10:05] actually 15mbps [10:06] _ruben where u from? ) [10:07] <_ruben> netherlands [10:07] we have 100Mbps, but only in our country [10:08] <_ruben> got 100 at our office, 1000 at our colo's [10:08] <_ruben> working on getting 1Gbps vlans between all [10:25] and what about my quation? about routing? [10:25] ) [10:25] <_ruben> which question? [10:30] how many people can working through iptable normally? [10:31] <_ruben> people dont matter, the only thing that really matters is packets-per-second .. but with a 15Mbps line, you're not likely to hit any limits there [10:32] oneiric-alternate-i386.iso has dependency issues. am not able to install it :( [10:32] <_ruben> i have similar spec'ed machines do several 100Mbps for dozens of servers [10:34] we have limits for many people with bandwidth and sites [10:34] hello again, when i try to run do-release-upgrade on jounty I get "An upgrade from 'jaunty' to 'lucid' is not supported with this tool." message. Any workarounds for that? [10:34] hi, i just setup a new linode vps with an 11.04 32 bit image. I'm trying to do everything as a non-root user. i've added my user to the default set of groups but when i login as that user the shell is too minimal. When using a non-root user on aws i get 'full' shell access (i.e. i can run bash_completion, etc). any ideas how I can fix this on linode? [10:34] i'm trying to upgrade to karmic, and then to lucid [10:34] how much pps can sponsoring my hardware? [10:34] how much pps is normal? [10:36] slhsen: I believe jaunty is out of support since half a year, so not sure if upgrades are still possible [10:41] TeTeT: I was afraid of that [10:42] slhsen: check https://help.ubuntu.com/community/EOLUpgrades [10:45] TeTet: doing so, thanks [11:51] New bug: #790153 in irqbalance (main) "package irqbalance 0.56-1ubuntu3 failed to install/upgrade: ErrorMessage: subprocess installed post-installation script was killed by signal (Segmentation fault)" [Undecided,New] https://launchpad.net/bugs/790153 === dinox_ is now known as dinox [12:13] quit [12:22] morrrningingi [12:26] New bug: #790166 in samba (main) "package samba-common-bin 2:3.5.8~dfsg-1ubuntu2.2 failed to install/upgrade: subprocess installed post-installation script returned error exit status 2" [Undecided,New] https://launchpad.net/bugs/790166 === speakman_ is now known as speakman [12:53] Noon all [12:53] Has anyone seen problems with rr link agregation ( bonding ) with 11.04 ? [13:07] is there a good tutorial on how the comtroller and node are set ut in SaaS? [13:07] LinSkyrate: UEC? [13:07] mhm [13:08] feel ther i a lot of install tut,, but no actual setup [13:08] i have buldt a controller and one node for simulation /Training... but where from here? [13:09] i dont want ti connect ti Amazon just yet.. i need to learn more. There is a private cloud part.. i think this is for f.eks training [13:09] LinSkyrate: Canonical offers a training on UEC which guides you through starting instances and doing some stuff with it. I'm the instructor delivering it. feel free to follow the public exercise http://people.canonical.com/~tspindler/UEC/ebs-based-instance.pdf to get something working [13:10] thnx :) [13:10] np [13:18] TeTeT: is this howto after install of Ubuntu Server or is this Lunux in general? [13:21] TeTeT: seem to me that this is from a base linux doing this from scratch.. am i wrong? [13:22] when working with differennt services etc, they might have their own login/group. [13:22] sudo let's you be root, how to mimick other users? [13:22] (without having to login explicitly) [13:24] man su [13:25] hey guys what is /user/sbin/console-kit-daemon --no-daemon [13:28] LinSkyrate: it's after installing UEC, http://www.ubuntu.com/business/cloud/overview [13:28] dbgster: think sudo -u does let you take the role of another user [13:29] cool thanks [13:32] hi all , im tryin fresh instal of server its hanging at the list of [ 0.214 etc list , Kernel thread helper , being its last entry , is this normal >or what am i doin wrong ;( [13:33] should the machine be connected to the net whilee i instal ? or is it ok not to be ? [14:10] soren: ping have you seen bug #756138 [14:10] Launchpad bug 756138 in python-gflags "python-gflags version 1.3-1 failed to build on i386" [High,New] https://launchpad.net/bugs/756138 [14:13] zul: I hadn't, no. [14:14] poc [14:14] zul: Thanks. [14:14] soren: no worries... [15:00] a good day to all! where does ubuntu define which NIC is which interface? e,g. card1 is eth0, etc....? [15:06] <_ruben> WinstonSmith: /etc/udev/rules.d/70-persistent-net.rules [15:06] _ruben: thank you! === unreal_ is now known as unreal [16:58] do you recommend deleting/removing the "ubuntu" user on Amazon's AWS machines? [17:05] wunki, I do not [17:05] wunki, why would you? [17:09] smw: I don't know, maybe there were security implications.. [17:10] wunki, nope. It is more secure than other options [17:10] wunki, and since you are using ssh keys, it is not like you need to worry about dictionary attacks [17:10] smw: how do you use the "ubuntu" user? As your default shell user, or do you add another [17:11] wunki, yeah, I use it as my default user. [17:11] wunki, for certain things I su to another user [17:11] but you use the "ubuntu" user as administrator [17:12] yes [17:12] wunki, also, you may like ##aws ;-) [17:12] am I in the wrong channel :) [17:13] No. It is just another channel to find ec2 related info ;-) [17:13] ok, thanks. I will follow your advice and keep the ubuntu user around as administrator [17:14] I will add an extra user which will run the web application [17:14] that is a very good idea [17:14] what's the best thing to go for for a VPN server that supports PPTP on ubuntu server? [17:15] wunki, because ubuntu has ssh nopass, running stuff is like running as root. [17:15] sudo nopass* [17:15] smw: yeah, I noticed that, that's why I asked my initial question [17:22] Ethos: rephrase? [17:32] anyone know why my Ubuntu 9.10 domU never be able to mount the ext3 filesystem listed in the /etc/fstab? [17:32] i can always manually mounted by "sudo mount /srv/bkp" [17:32] this is my line in /etc/fstab [17:33] /dev/sda3 /srv/bkp ext3 defaults,errors=remount-ro 0 2 [17:33] there is no error message in /var/log/dmesg [17:45] cocoa117: is /dev/sda3 visible in /proc/partitions? [17:45] RoyK, let me have look [17:46] major minor #blocks name [17:46] 8 1 923795456 sda1 [17:46] 8 2 2097152 sda2 [17:46] 8 17 1465134973 sdb1 [17:46] yes, i call it sdb1 now, and it is visible [17:46] !pastebin [17:46] For posting multi-line texts into the channel, please use http://paste.ubuntu.com | To post !screenshots use http://imagebin.org/?page=add | !pastebinit to paste directly from command line | Make sure you give us the URL for your paste - see also the channel topic. [17:46] cocoa117: you said you tried to mount sda3, which doesn't exist [17:47] RoyK, sorry, I have changed the sda3 to sdb1, just to see if it makes any difference [17:48] so sda3 = sdb1, and sdb1 is currently visible under /pro/partitions [17:48] and i can always manually mount it [17:48] no error [17:52] cocoa117: wierd - one thing, not that it's an error, but setting defaults,someopt isn't needed, defaults is only used as a placeholder if no options are set [17:52] so defaults,errors=remount-ro == errors=remount-ro [17:53] RoyK, i know very wired. i have tried using auto, user, exec... and many different commbination, and didn't work [17:53] cocoa117: can you pastebin the entire fstab? [17:53] ok [17:53] hold on [17:56] Royk, http://pastebin.com/tHdrZt8a [17:59] anyone good with PPTPD, it's connecting but not giving the client an IP Address, also when I disconnect it takes a while for the server to be accessable again [18:05] /dev/sdb1 /srv/bkp ext3 defaults 0 2 <-- that one would be my fist attempt [18:05] cocoa117: which version of ubuntu is this? [18:05] it's 9.10 [18:05] RoyK, sorry, no [18:05] hm... not supported anymore, though [18:05] lsb_release -a [18:05] No LSB modules are available. [18:05] Distributor ID: Ubuntu [18:05] Description: Ubuntu 9.04 [18:05] Release: 9.04 [18:05] Codename: jaunty [18:06] New bug: #790292 in bind9 (main) "package bind9 1:9.7.3.dfsg-1ubuntu2.1 failed to install/upgrade: subprocess installed post-installation script returned error exit status 1" [Undecided,New] https://launchpad.net/bugs/790292 [18:06] definitely not supported [18:06] RoyK, i know. planning to upgrade to 10.10 first, see if it solve it [18:06] 8.04 is, though, so you might want to use that if you need something old [18:06] but it just wired, not supports to happen [18:06] cocoa117: I'd stick to LTS releases if I were you [18:07] RoyK, yes, i learned that now, so i will [18:07] * RoyK never uses anything but LTS releases for servers... [18:07] btw, why do you use Xen? [18:07] making a PVM with ubuntu on Xen is a PITA imho, and a HVM is dead slow on the I/O [18:08] RoyK, so I can run multiple OS, Windows, Ubuntu on the same box [18:08] why not KVM? [18:08] my room is small, don't want to keep many boxes [18:08] XEN isn't supported in Ubuntu anymore... [18:08] the dom0 is Debian, so i can do Xen [18:08] cocoa117: not KVM as in KVM switch, KVM as in Kernel Virtual Machine [18:08] I was running Ubuntu 8.04 with Xen at the time [18:08] it's way easier to deal with than Xen [18:09] RoyK, i know, it do require hardware support on the CPU [18:09] and the speed wasn't as good as, i did compare [18:10] the good thing with was KVM is official supported by Ubuntu, so it's easy to upgrade [18:10] if you compare KVM with libvirt i/o to Xen HVMs, the KVM easily wins that contest [18:10] anyway, thanx for ur efforts [18:10] np [18:11] oh, i was doing KVM linux and Xen pavirt [18:11] because i do use my Ubuntu as samba server, downloading, streaming server a lot [18:11] with libvirt drivers on the KVM guest? [18:11] the Windows box is just desktop, running things i can't with Ubuntu [18:12] yes, can't remember the version, sorry [18:12] anyway - if Xen works, it works :) [18:12] a while ago it was [18:12] and yes, KVM requires cpu virt extensions [18:12] don't have time to learn about KVM, so just stick with Xen for now [18:13] * RoyK didn't have time to learn about KVM either, he just started virt-manager and made some VMs [18:13] both of them are actively developed, so no need to switch right way, :) [18:13] true - what works, works [18:18] cocoa117: but to your mount problem, I really don't have much idea [18:19] does 9.04 use old syslogd, or rsyslogd? [18:22] cocoa117: IIRC it's syslogd, if so, you may want to add a line *.* /var/log/everything.log and reboot to see if you can find a hint in there [18:22] cocoa117: otherwise, upgrade to 10.04 via 9.10 - do-release-upgrade, reboot, and the same again [18:23] Royk, yes, i am preparing it at the moment [18:23] just make sure you have a backup in case something ugly hits the fan [18:23] i am doing backup now actually, tar, :) [18:23] why not just take a xen snapshot (if that's supported) or perhaps copy the vm image? [18:24] Royk, i don't know what ssylog is used in 9.04 [18:24] the only thing I can think of going bad, is grub2, and if so, you may not be able to boot the system [18:24] don't know how, with snapshot, i feel tar is safer for me, i done it in the past 1000 times, and know it worked [18:25] ok [18:25] after all, i do have 800G storage inside /srv folder [18:25] isn't that mostly on other filesystems? [18:25] I guess that's not on the root...? [18:25] i am just backup / without /srv for now, and do do-release-upgrade with backuped Ubuntu 9.04 first [18:25] if everything worked, then do the real upgrade [18:26] remember, you need to do that twice to get to 10.04 [18:26] ubuntu will always upgrade to the next release, or the next LTS release if no LTS (and configured to do so) [18:26] yep [18:26] s/no LTS/on LTS/ [18:27] i am thinking to change the upgrade line to LTS after upgrade to 10.04 [18:27] IIRC that's done automatically [18:27] once you upgrade to LTS, the config is changed, and must be changed back to 'normal' manually [18:27] oh, yes, i always change them back, :) because my laptop usage is more often then server :) [18:28] thanx for point it out [18:28] i take u use server more often [18:28] I do :) [18:28] * RoyK has 50+ ubuntu machines running at work [18:28] wow, all servers? [18:29] some workstations - some of the developers and scientists don't want windows [18:29] my work envirnoment have RedHat more then Ubuntu [18:29] I cannot but agree ;) [18:29] :) [18:30] we used to have a bunch of redhat around, but I managed to change that when I started - no reason to pay for opensource when you don't even use the support, so rather than paying blood money to RedHat, we got a support contract with a local company that has been doing linux consulting for 15 years [18:31] * RoyK can remember how people were laughing at them when they started up their business back in 1995 - doing CONSULTING for LINUX??? :) [18:31] i c [18:31] :) [18:31] yes 15 years, sound like long time ago [18:32] linux wasn't very good back then [18:32] glade to see the progress linux has made [18:32] heh - yeah - look at supercomputers/compute clusters around the world [18:33] or even webservers [18:33] agree [18:39] where is the default location of httpd.conf of apaceh2 [18:39] located? [18:42] sw0rdfish, httpd.conf is not used in ubuntu/debian configuration [18:42] sw0rdfish: all configs are under /etc/apache2 - you rarely would have to change apache2.conf (aka httpd.conf) - see the directories mods-enabled/mods-available and similar sites-* [18:42] but it still exists in /etc/apache2 [18:43] i just want to make /var/www/documents [18:43] password protected [18:43] i have to edit apache2.conf [18:43] nope [18:44] just create a .htaccess file there [18:44] yep, or modify the site configuration [18:44] or edit the virtualhost [18:44] /etc/apache2/sites-available/default in this case [18:44] well its not recommended to use .htaccess [18:44] why not? [18:45] so long as the apache user (www-data) can't write to the file, it should be pretty safe [18:45] yeah [18:45] http://httpd.apache.org/docs/2.0/howto/htaccess.html#when [18:46] its not recommened haha [18:46] recommended* [18:46] imho it doesn't matter much - still - just edit the apache config as qman__ said [18:46] well, the proper place in main configuration is /etc/apache2/sites-available/site-name [18:46] in this case the default site [18:47] well to be honest if they're recommending against its usage [18:47] based on the fact it slows things down [18:47] i guess i shouldn't have to worry cuz i don't have a lot of directories in my server [18:48] the slowdown is only noticable on a heavily loaded server [18:48] the performance impact is next to nothing, you'd only have to worry about it if you hosted hundreds of sites or something like facebook [18:48] oh cool [18:48] ok so whats the fastest way [18:48] the thing is i'd have to read a how-to to do it and don't have a lot of time to read lol [18:48] you have to do the same thing in either case [18:48] * RoyK sticks to .htaccess - easier to update and no apache reload needed [18:48] it's just a matter of which file you drop it in [18:49] nice ok [18:49] just make sure the htpasswd file is above the webroot [18:49] if you're going with basic [18:49] i should put .htaccess on /var/www to protect /var/www/documents [18:49] right [18:50] keep in mind that it'll throw you a 500 if you make a typo in .htaccess [18:50] you should place it in the root directory you want to protect, so if you want anonymous access to the files in /var/www, but protect what's under /var/www/documents, place the file in the latter [18:51] hey if i protect /var/www [18:51] everything under it will be protected right [18:51] yse [18:51] i might as well just do that [18:51] yes [18:52] keep in mind that the password transmission is in the clear unless you're using https [18:52] not sure if man in the middle is a concern for you [18:52] I am using https :) [18:53] uhhh let me guess it is [18:53] possible to encrypt the password with md5 [18:53] right [18:53] although i'm not gonna go for it, don't have time to read on that [18:53] htpasswd -m [18:55] there is a "passwords" file in /etc/apache2 [18:55] protecting another directory in /var/www [18:55] could I just use that one too [18:55] sure, just specify that in the .htaccess file [18:56] AuthUserFile /etc/apache2/passwd [18:56] cool [18:56] what does htdigest do [18:56] cuz i had to use that to change the passwd of that directory it protects [18:57] ahh nvm [18:57] if .htaccess is in the same directory to be protected it won't be compromised right? [18:58] sw0rdfish: just make sure it's not writable by the www-data user [18:58] it must be readable by it, but not writable [18:59] so something like this should be safe: chown root:www-data .htpasswd ; chmod 640 .htpasswd [18:59] perhaps change root to whatever user is meant to update it [19:00] i see [19:00] thanks man [19:04] Can anyone please help me understand what's going on with my raid-5 array and how/when I should mount it? Array installed from 11.04 liveusb install, md0, 18% sync, need auto-mount on boot. [19:06] well, it's 18% through syncing [19:06] just have to wait for that to finish [19:07] will it mount on completion? [19:07] it's been syncing for hours [19:07] it should be mounted already [19:07] and yes, syncing takes a very long time [19:07] especially with multi TB arrays [19:07] the md0 is present in /etc/md0 but I wasn't sure if that would turn into the root folder of the array [19:07] Okay. It's currently 6 TB [19:08] you must have pretty good hardware then [19:08] Mid-range $$ hardware [19:08] mine took three days, for 8 1TB disks in a raid 6 + hot spare configuration [19:08] damn [19:08] I can't believe it's so slow. Windows raid takes like 3 minutes. [19:09] that's because it doesn't actually build the array [19:09] it just assumes it'll work [19:09] makes sense [19:09] it's like quick format versus fill [19:09] full* [19:09] you can still use the array while it's syncing [19:09] so please help me feel not-crazy. when syncing is done, /etc/md0 will be the root folder of the array? [19:09] though there's a remote possibility of data loss [19:09] I'll wait ;) [19:09] probably not, unless you mounted it there [19:09] which is silly [19:10] /etc is for configuration, not storage [19:10] I don't know if I specified a mount [19:10] how can I view that? I haven't found any command showing me the mount point [19:10] mount [19:10] shows active mounts [19:10] and /etc/fstab shows configured mounts [19:10] not mounted [19:10] df -h shows free space on mounted disks, too [19:10] editing /etc/fstab will create a mount@boot-time right? [19:11] yes [19:11] Filesystem Size Used Avail Use% Mounted on /dev/sdd1 222G 1.1G 210G 1% / none 3.9G 248K 3.9G 1% /dev none 4.0G 0 4.0G 0% /dev/shm none 4.0G 336K 4.0G 1% /var/run none 4.0G 0 4.0G 0% /var/lock [19:11] well, if you configure it to [19:11] the 'noauto' option will make it not auto mount [19:11] while the 'auto' option makes it mount [19:11] I first will have to make a filesystem though from that reading, right? [19:12] yes [19:12] oh snap it's not even on there... [19:12] Can I make filesystem and mount during sync? [19:13] have to make a filesystem before you can mount it [19:13] yes [19:13] you have a few decisions to make there, too [19:13] such as? [19:13] many use LVM on top of the raid [19:13] I read that doesn't come without side-effects [19:14] particularly complexity [19:14] both methods have side effects [19:14] data-integrity is main concern [19:14] my file server is just a straight ext3 on md0 [19:14] well [19:14] silent data corruption is a big issue with large disks [19:14] it's a media server, going to be streaming media files with Twonky [19:14] and none of the stable linux filesystems have checksumming [19:14] and sharing the raid via samba [19:15] I've had a few videos go wonky on mine [19:15] hmm [19:15] a few I can handle [19:15] more than 10-20 would be unacceptable [19:15] nothing devastating, not even close [19:16] well that's good [19:16] what was devastating was when on my original raid 5 [19:16] is authtype digest, the best thing [19:16] any reason not to use ext4 for my purpose? [19:16] I had three drives die in one day [19:16] holy shit [19:16] which is not as rare or uncommon as you might think [19:16] western digitals? [19:16] seagates [19:16] hmm [19:17] I guess I'll be glad I'm using Caviar Green [19:17] which is why I am now running raid 6 with a hot spare [19:17] yuck [19:17] prepare for trouble [19:17] They've been stable for a long time [19:17] those are not designed to be used in a raid [19:17] but there is plan to swap them out [19:17] I know [19:17] WD raid drives are $$$$$$$$$$$$$$$$, unreasonably so [19:17] brand loyalist [19:17] yes [19:18] but using green drives is just asking for trouble [19:18] Well aware [19:18] expect disks to drop left and right [19:18] They've held out in a raid config for about 5 months and only 1 went bad [19:18] caviar blacks are the minimum WD [19:18] RAID class preferred, but they'll do [19:19] my current server is running samsungs, already had two go bad [19:19] fortunately not at the same time, so I could RMA them [19:20] what is the line to add in sites-available/default to make it force the usage of SSL [19:20] is ext4 bad for raid? [19:20] no, ext4 is probably your best pick on linux [19:21] but none of the common linux filesystems have checksumming, you'd need ZFS for that [19:21] zfs isn't as stable I thought [19:22] not in linux [19:22] it wasn't even an option in linux until recently [19:22] btrfs isn't stable either [19:22] screw it... i'll stick with ext4 [19:22] what's the command for it? I keep finding 2/3 but not 4 [19:22] sw0rdfish, sudo a2enmod ssl; then look for sites-available/default-ssl [19:22] make2fs doesn't support ext4? [19:23] don't know off the top of my head, always used the installer [19:23] google should tell [19:23] google is my nemesis today [19:24] ChmEarl, thanks [19:24] gparted? [19:24] gparted is for paritioning [19:25] though I think it's capable of creating filesystems, it also requires a GUI [19:25] yuck [19:26] I prefer JFS on linux over ext4. I've had some bad luck with ext based fs. [19:26] on servers at least [19:26] ext3 has always been good to me [19:26] lost some files with reiser, lost entire filesystems with XFS [19:27] only time I tried JFS, ubuntu couldn't mount it at boot [19:27] catch-22 file issue [19:27] * nkv shrugs. I worked at an ISP in the 90s and ext3 would eat the filesystems more often than JFS would when we had system crashes [19:28] That sorta set my bias [19:28] so, it may not be relevant anymore [19:28] before my time with linux [19:29] As long as you don't use ext2, you are probably pretty safe. :) [19:29] my only important advice is don't use XFS [19:29] total filesystem loss in a crash is a very real possibility [19:30] I use XFS, but it is a crappy port into linux. [19:30] unless you have absolute stability, don't use it [19:30] yeah [19:30] I'm going with ext4 [19:31] just trying to figure out the damn command. :P [19:31] mkfs.ext4 [19:32] need a few more options than that lol [19:32] not really [19:32] mkfs.ext4 /dev/md0 [19:32] I knew that, but I just didn't realize I knew it :/ [19:33] boom! [19:33] the 'portable' way to do it is mkfs -t ext4 /dev/whatever [19:34] I already used qman's command [19:34] :/ [19:34] RoyK: or make the symlink [19:34] same thing [19:34] I don't need portability [19:34] It makes the same thing. [19:34] Just need to be able to hook the raid into Twonky and Samba and I'm good [19:34] and maybe through DropBox in there [19:35] Just mkfs.ext4 isn't a real program. It is a link to mke2fs. [19:35] mke2fs knows what to do by the name it is called by. [19:36] RoyK was just saying the other command will work on just about any linux distro. [19:37] ah, well it's a link I'm thankful for [19:37] nkv: both will probably work - but the 'standard' way is to mkfs -t fstype /path/to/dev [19:37] some of the more advanced programs with 20+ options/switches through me for one [19:37] okay so raid has ext4 now [19:38] how to mount auto @ boot? [19:39] add it to /etc/fstab I assume [19:41] yep [19:42] pick a mount point, default options should be good [19:42] you could find the UUID but unless you plan on having more than one raid array ever attached, you shouldn't have to worry [19:42] perhaps add relatime or noatime if you expect heavy write load [19:42] I already found the UUID [19:42] erm [19:42] heavy _read_ load [19:42] I mean [19:43] yeah [19:43] updating atime can be quite expensive [19:43] with atime, a heavy read load turns into a heavy write load [19:43] whoever got the idea of 'whenever a read occurs, do a write'..... [19:44] that'll kill me when I migrate the existing data over to the array [19:44] what amount of data? [19:45] 4.5 TB [19:45] anyways thanks for the help, gotta run [19:45] not exactly planning ahead then, with only a 6TB array [19:46] * RoyK was about to hint on using rsync --bwlimit, but guesses he will find out the hard way [19:46] I need to update mine pretty soon, about 93% full [19:47] seems to me, with linux being able to dynamically add drives and even switch from raid5 to raid6, well, it should be doable [19:47] Ah. That actually sounds like it would have been a good canidate for lvm2 [19:47] a 93% full filesystem is bound to be badly fragmented [19:47] yeah, I'm at 8 1TB disks now [19:47] Then you can just append another array [19:47] need to make a new filesystem with bigger disks [19:48] holding out to save up some money, so hopefully I can just build a new server [19:48] md does support expansion of raid5/6 now. [19:48] doesn't linux support replacing drives with bigger ones, extending the volume by that? [19:48] do it up right [19:48] yeah, but it'll take forever that way [19:49] you can add drives now and extend arrays hot. It is really slow. [19:49] plus mine is still ext3 [19:49] 8TB limit IIRC [19:50] a little dumb on my part but ext4 wasn't exactly stable yet [19:53] is it possible to run a xserver on a server? [19:53] lol http://farm2.static.flickr.com/1096/894127714_9f98afa6f5_o.jpg20 [19:53] says cannot open display [19:53] elb0w: it is, but why would you? [19:53] this html->pdf module im using is looking for one [19:54] I dont know how entailed it is [19:54] is it a bad idea? [19:54] elb0w: if you're connecting from a linux client or something else with an X server, just install xauth etc on the server, and ssh -X to the server and the client's x server will be used [19:54] generally, yes [19:54] significant performance impact and security consideration [19:54] ugh this sucks, didnt say anything in pre-reqs [19:54] man [19:56] * RoyK starts humming at the RTFM song [19:58] not sure why a simple file conversion tool would need an X display [19:59] libraries, sure, but not an actual running X server [20:00] RoyK: it didnt say anywhere in the reqs [20:01] elb0w: just install xterm [20:01] nah im not going to use it [20:01] it's like 50k [20:01] https://github.com/mreiferson/php-wkhtmltox#readme the Qt made me think that it may of needed X but it never explicitly said it [20:01] so it won't fill up your disk much [20:01] I dont want to rn a x server [20:01] what are "the reqs"? [20:01] ill use something else [20:02] it's not about running an x server, it's about allowing x to be used from a client [20:02] pmatulis: requirements [20:02] elb0w: what/where? [20:02] pmatulis: I am not following your logic, you are not really making a point. [20:03] elb0w: nevermind, i don't have time [20:03] hello guys [20:03] i'm using the last version of "ubuntu server". I have to launch a java program. So I need the jre. But i'm not sure but it seems that the jre requires Xlibs. I'm using ubuntu server so i don't have any X... How to solve my problem ? [20:03] pmatulis: didnt ask for any, but thanks [20:03] fooman2011: just use a local X server, ssh -X to the server and the app should appear on your desktop [20:04] local, as in on your desktop [20:04] if you're on linux or OS X, it should be in there by default, if on windoze, use xming and putty [20:04] sorry i'm a newbe i don't undertsand :/ [20:04] mmh ok [20:04] but i don't want to see anything [20:05] my problem is when i want to install the jre [20:05] i have: [20:05] some windows version, afaics [20:05] The following NEW packages will be installed: avahi-daemon dbus gsfonts gsfonts-x11 java-common libasound2 libavahi-core7 libdaemon0 libfontenc1 libice6 libltdl7 libnss-mdns libpython2.7 libsm6 libxfont1 libxi6 libxt6 libxtst6 odbcinst odbcinst1debian2 sun-java6-bin sun-java6-jre unixodbc x11-common xfonts-encodings xfonts-utils [20:05] install xming, configure putty to do x11 forwarding, start xming, connect with the server etc [20:05] fooman2011: just install them [20:05] i don't want to use X [20:06] funny, on ubuntu live CD sshd is not installed but there is a sshd_config file [20:06] fooman2011: it won't start a big-ass x server, it will only allow you to use remote X [20:06] it's not a big problem to install all of this X stuff on ubuntu server ? [20:06] ok [20:06] thank you very much Royk [20:06] :) [20:06] fooman2011: no, it's not, I have it on almost all my ubuntu servers [20:07] let's go for the jre then :) [20:07] disregard my last comment. i was looking at ssh_config [20:27] fooman2011, you want the -headless version [20:50] anyone that can tell me what this key is? euca-run-instances -k emi-DF771072 [20:55] Hi, When I add a user in 10.10 it doesn't get added to the "users" group. Why is that, and what's it's significance. I'm learning Samba and the documentations I'm reading assumes that all users are added to the "users" group. [20:59] iptables port forwarding help needed. Please review and let me know why my 8080 port is not forwarded http://paste.ubuntu.com/615066/ [21:00] someone plz help on port forwarding .. http://paste.ubuntu.com/615066/ been struggling for a long time :-( [21:03] _GoRDoN_: can you help ? [21:07] anyone here ? [21:15] lunch time ? [21:15] holiday ? [21:26] New bug: #790363 in bind9 (main) "package bind9 1:9.7.3.dfsg-1ubuntu2.1 failed to install/upgrade: el subproceso instalado el script post-installation devolvió el código de salida de error 1" [Undecided,New] https://launchpad.net/bugs/790363 === remix_auei is now known as remix_tj === scoooterXL is now known as scooterXL === niekie_ is now known as niekie [21:31] someone plz help on port forwarding .. http://paste.ubuntu.com/615066/ been struggling for a long time :-( === Adri2000 is now known as Guest65110 [21:36] New bug: #790372 in bind9 (main) "package bind9 1:9.7.0.dfsg.P1-1ubuntu0.2 failed to install/upgrade: subprocess installed post-installation script returned error exit status 1" [Undecided,New] https://launchpad.net/bugs/790372 [21:44] i'm installing ubuntu servers automatically using the preseed method [21:44] it works fine, but I would like to have the installer prompt for IP-address and hostname only [21:45] the IP-address I get a prompt for if I don't specify it using preseeding, but the hostname is always set to 'ubuntu' [21:45] is there a way to have the installer prompt for hostname as well? [21:46] juliux_: I guess you'll need to add that to the forward table as well, but I'm not sure [21:46] roel-, I am pretty sure there is a way to set it [21:46] i know i can set it, but i want a prompt for it during installation [21:47] juliux_: that is - PREROUTING should be done before FORWARD, so I'm a bit unsure about that - have you tried to tcpdump/tshark/wireshark the traffic? [21:47] roel-, does it normally ask for it without preseeding?? === soren_ is now known as soren [21:48] smw: that's a good question [21:49] smw: but I think if I disable dhcp, I have to manually configure the network, including the hostname [21:49] yes [21:49] roel-, I guess what I would do is set hostname after install... [21:50] I don't know how to help. sorry [21:50] no problem [21:50] the thing is that I have to set the hostname manually, and also change the /etc/hosts file [21:50] which is a bit tedious [21:50] RoyK: telling me ? [21:51] erm, yes [21:51] roel-, why not have a post install script ask for the hostname? [21:51] smw: post-install script, haven't looked into that! thanks, let me google that [21:52] ok.. no haven't tried tcpdump/tshark etc .. [21:52] RoyK: do i need to run it on the server or client ? [21:53] jits: the router, obviously [21:54] RoyK: ok .. installing tshark .. tcpdump said no suitable device === maxb_ is now known as maxb [21:57] RoyK: tshark: There are no interfaces on which a capture can be done :-( [21:58] smw: I might have found a way to do this [21:59] smw: apparently i can set the 'seen' flag to false for this particular configuration option [21:59] cool [21:59] learn something new every day :-) [21:59] so: d-i netcfg/get_hostname seen false [21:59] i will try that tomorrow morning when I wake up, I'll let you know here [21:59] ;) [22:06] New bug: #790379 in mysql-5.1 (main) "package mysql-server-5.1 5.1.54-1ubuntu4 failed to install/upgrade: aliprosessi installed post-installation script palautti virhetilakoodin 1" [Undecided,New] https://launchpad.net/bugs/790379 === unreal_ is now known as unreal [22:27] can someone help my ethernet internet connection does not work on my server anymore it was working yesterday === Snugger__ is now known as Snugger === Snugger_ is now known as Snugger [22:41] New bug: #790392 in mysql-dfsg-5.1 (main) "package mysql-server-5.1 5.1.41-3ubuntu12.10 failed to install/upgrade: subprocess new pre-installation script returned error exit status 1" [Undecided,New] https://launchpad.net/bugs/790392 [22:42] I just instantiated natty on an amazon ec2 instance. i would like to make sure i have a good sources.list file before i install apache/php/mysql/etc. I plan to handle sensitive data on this machine. can anyone recommend an appropriate sources.list file? [23:09] i need to learn how to do split horizon dns zone [23:09] just sayn