[00:36] <zul> adam_g: whats up?
[01:06] <echosystm> wheres the ubuntu development channel?
[01:06] <twb> echosystm: development of what?
[01:06] <echosystm> packages
[01:06] <twb> #ubuntu-devel
[01:07] <echosystm> thanks
[01:23] <a1fa>  i am trying to purge perl, http://pastebin.com/KH4qXthJ
[01:23] <a1fa> however its messing up
[01:24] <a1fa> i may have manually removed some files
[01:24] <a1fa> and now i cant get it out of the apt database
[01:24] <a1fa> what to do?
[01:27] <twb> Reinstall from scratch
[01:27] <qman__> touch the files it's looking for
[01:27] <qman__> it works, I've done it
[01:27] <a1fa> dpkg -r - --force-remove-reinstreq
[01:27] <a1fa> worked just fine
[01:35] <a1fa> any other way of making this dumb thing stop
[01:36] <a1fa> 21st century.. we are not dealing with rpms here guys :0
[01:39] <pmatulis> a1fa: making what stop?
[01:40] <twb> a1fa: 21st century... don't "manually remove some files"
[01:40] <a1fa> my bad dude ;)
[01:40] <a1fa> but the files are bacvk
[01:40] <twb> Still getting the error?
[01:42] <a1fa> yes, i know why
[01:42] <a1fa> POSIX.pm has not been reinstalled
[01:44] <a1fa> can someone apt-file search POSIX.pm please?
[01:45] <twb> $ dlocate POSIX.pm ==> perl-base: /usr/lib/perl/5.12.3/POSIX.pm
[01:45] <a1fa> hm
[01:45] <a1fa> what version are you on?
[01:45] <twb> sid
[01:46] <a1fa> doh
[01:47] <a1fa> how about File.pm?
[01:48] <twb> Same
[01:48] <twb> You know packages.u.c has a dpkg -S equivalent
[01:49] <a1fa> really
[02:03] <free99> hello all, I've been trying to install LDAP on my server for a little while. Now I know you're probably as tired as I am of LDAP, but my question is simple
[02:03] <free99> I was previously using ldap on 10.04 and recently moved up to a new install of 11.04... it seems that the back and frontends get populated by the post-install script...
[02:04] <free99> how do I get rid of the configuration provided and replace it with the one I have?
[02:05] <twb> free99: well, fun story
[02:05] <qman__> you go back to 10.04
[02:05] <qman__> not to be mean, but seriously
[02:05] <qman__> it's going to be less of a headache
[02:05] <free99> (facepalm)
[02:05] <qman__> and it has a longer support lifetime
[02:06] <qman__> not sure why you'd move to 11.04 for something like that in the first place
[02:06] <twb> free99: wait, what do you want to repopulate -- the config database (slapcat -n0), or the "real" database, the one with the user objects (slapcat -n1) ?
[02:06] <twb> qman__: because new versions = SHINY
[02:07] <qman__> shiny's great for desktops and fooling around, but not for the backbone of your network
[02:07] <free99> twb: I need to do both, I assume... I have a nice tree setup, and users to go with it. Adding the users isn't a big deal, but the tree is where I'm having a problem, besides getting TLS to work properly (whole other story, forget I metnioned it)
[02:07] <twb> You would be amazed how often I have to train people to avoid shiny by means of operant conditioning
[02:08] <a1fa> ?
[02:08] <twb> free99: I don't know what you mean by "tree is where I'm having a problem"
[02:08] <free99> (sigh) I moved to 11.04 because my last system failed thanks to a drive failing despite it being raid 5...
[02:08] <twb> a1fa: as in you hit them with a stick when they upgrade things
[02:08] <free99> and I figured things with TLS had improved, perhaps
[02:08] <twb> free99: that would be because bootdegraded defaults to no
[02:09] <qman__> regardless if it's better or not, with 11.04 you'd have to upgrade in 6 months, and again in another 6
[02:09] <qman__> too much work
[02:10] <a1fa> why would you do that?
[02:10] <free99> Isn't the config database where the actual layout is, e.g. the root and its branches? The users and their data were in /var/lib/ldap I thought...
[02:10] <qman__> because that's the normal release schedule
[02:10] <qman__> which is why LTS exists, so you don't have to
[02:10] <twb> free99: the config database is what used to be slapd.conf
[02:10] <free99> besides which I have a bunch of specific enhancements and such that I want to put back in but can't seem to, especially using an accesslog overlay
[02:11] <twb> free99: now it's like /etc/openldap/cn=config/ crap
[02:12] <twb> I think with enough effort you could migrate your 10.04 cn=config tree to whatever 11.04 has, but I agree with qman__ that you shouldn't use anything but LTS
[02:12] <free99> yeah, I know... I've been resisting the urge to move to slapd.conf very, very hard for the past month
[02:12] <a1fa> twb: who do you hit?
[02:12] <twb> a1fa: the users responsible
[02:13] <twb> https://secure.wikimedia.org/wikipedia/en/wiki/LART
[02:13] <free99> I'm going to blame my age and lack of experience for going with a non-LTS, just because I can :P
[02:13] <qman__> and then there's the companies that grab a non-LTS release and just leave it like that for years, and you end up with 9.04 shells you can't patch
[02:14] <twb> qman__: you think that's bad?
[02:14] <free99> at this point I already have several other services running successfully on it, so... I'm not rushing to reinstall everything despite having made a script that does the majority of security and such
[02:15] <twb> qman__: yesterday I recovered a server from 2002, running Mandrake 10, with *XFS* filesystems, an empty fstab and a 100% full root filesystem due to years of SQL dumps in /home/merlin/public_html/cron/data/backups
[02:15] <qman__> wow
[02:15] <free99> but in retrospect, yeah, bad plan on my part
[02:15] <a1fa> who
[02:15] <a1fa> what
[02:15] <twb> When the customer regained conciousness, I gently explained that he should migrate to a supported OS
[02:16] <twb> Oh, and the machine allows password-based root logins and wasn't behind a NAT :-/
[02:16] <qman__> and apparently is storing backups in public_html
[02:16] <twb> qman__: the whole web app was in there
[02:16] <twb> And of course it's PHP/MySQL
[02:17] <free99> pass me some of what that guy who setup the box was smoking
[02:17] <twb> He was probably a work experience student or an indian rent-a-coder or some shit
[02:18] <free99> so... is there a way for me to wipe out the default config and replace it with mine? I have two LDIFs, that should take care of everytihng...
[02:18] <twb> free99: just apply the LDIFs, then
[02:19] <a1fa> twb: you hit people at work?
[02:19] <twb> a1fa: sure
[02:19] <twb> a1fa: otherwise they do not learn
[02:19] <a1fa> where do you work?
[02:19] <a1fa> HR loves you :)
[02:19] <twb> cyber.com.au
[02:19] <free99> ldapadd and slapadd both complain that the databases already exist
[02:20] <twb> free99: so presumably your LDIF assumes the database is empty
[02:20] <twb> free99: in which case you need a different LDIF
[02:21] <free99> I mean I suppose I can have two databases, but why? the LDIF specifically points to {1}hdb which already exists... I know if I get rid of the {1} it'll increment to create a new database, but..
[02:24] <twb> So write an LDIF that modifies the {1}hdb object instead of trying to create it
[02:32] <free99> that's a good idea twb, I'll look into it :)
[02:33] <twb> Personally I think it would be easier to give up and redo it in lucid
[02:33] <twb> LDAP is a massive pain in the arse
[02:34] <free99> dude, I burned 4 hours today trying to get ldap to tell me when someone successfully binds to the server so I can make a script that prunes old accounts
[02:34] <free99> and it still doesn't work lol
[02:34] <twb> You know how I did that?
[02:35] <twb> I gave $boss a list of accounts and said "tick the ones that should continue to exist"
[02:36] <free99> ah I wish I could do that, I'm trying to do this for a unix lab where new students show up all the time, old ones leave...
[02:36] <free99> my boss has been doing it that way for a while
[02:36] <twb> Surely your uni knows which students are still there
[02:36] <free99> he's currently running the network on an NIS box setup in....95 I think
[02:36] <twb> Well, NIS just works
[02:37] <free99> it seems pretty insecure from what I've heard..
[02:37] <twb> It's only real downsides are that it's completely insecure, and that newer services can't talk speak it.
[02:37] <RoyK> twb: NIS rocks like elvis, somewhat out of style...
[02:39] <twb> Grr, so now I have an "urgent" task to work out why my apache reverse proxy is breaking prayer (webmail) attachments
[02:40] <kellnola> At my last job we still used NIS for automount maps and groups heh.
[02:41] <twb> I'm glad I have LDAP working now, but I would've been happier if I could've stuck with nIS
[02:41] <kellnola> the only prob with LDAP is all the different implementations ...
[02:42] <kellnola> openldap is a little behind the commercial ones
[02:44] <twb> I wouldn't know about proprietary solutions
[02:44] <twb> Except that all the kerberos people seem to have an attitude of "AD or GTFO"
[03:15] <kellnola> twb, really? There's lots of unix "kerberos people"
[03:15] <twb> Not on #kerberos AFAICT
[03:16] <kellnola> well AD is by far the most widely used implementation
[03:16] <kellnola> so that isn't surprising
[03:16] <twb> You say something like "I just want krb to work without the hassle of running a 2k3 server" and they are all "what are you talking about, Windows is the bestest, unix is for fags"
[03:17] <kellnola> ugh
[03:18] <kellnola> sounds like "idiocracy"
[03:18] <kellnola> I have noted that windows folks rarely understand the underlying technologies they use very well
[03:18] <kellnola> I have never met a windows admin that understood kerberos very well
[03:19] <twb> So anyway, what I have now is a nice simple openldap server with authorization performed by means of bind attempts, no root bind at all (only local root user has rw privs), and the ppolicy overlay to deal with password expiry and such.
[03:19] <kellnola> or for that matter, DNS, or pretty much anything else
[03:19] <kellnola> twb, great!
[03:19] <twb> And no samba support because dealing with bullshit like "machine accounts" would've meant giving write access to LDAP to the samba host
[03:19] <kellnola> if it's all unix you have no use for samba
[03:20] <twb> The main downside is that without kerberos, there only really trustworthy network filesystem you can use is sshfs
[03:20] <kellnola> that would be correct
[03:20] <kellnola> I have to get around to NFS4
[03:21] <twb> NFSv4 on its own (i.e. krbless) is obviously not a big win re security
[03:21] <twb> You can still just get any old client and say "sudo -u twb cat ~twb/.netrc" or whatever
[03:21] <kellnola> it was really meant to work with it
[03:21] <free99> dammit... I really have to get kerberos working too?
[03:21] <kellnola> nfs3 is kind of horrifying wrt security
[03:22] <twb> I do still use NFSv3 for /home on a subset of the local LAN which (hopefully) has better physical security.
[03:22] <twb> Which is to say, the servers in the machine room
[03:22] <kellnola> nfs3 is in very wide use in the unix world
[03:22] <twb> we have an exciting problem with nfsv3 atm where secondary group permissions are totally ignored
[03:23] <kellnola> thankfully v4 has acls
[03:24] <twb> Which breaks an otherwise perfectly adequate posix permission like ceo:officers 750 /srv/nfs/agm-minutes/
[03:25] <kellnola> I'd rather use document management than nfs for general office crap. there's good free ones
[03:25] <twb> web UIs?  DO NOT WANT
[03:26] <kellnola> twb, webdav or web ui
[03:26] <twb> I am slowly increasing the amount of stuff we keep in git-backed rest/markdown
[03:26] <kellnola> it does keep users from making a mess of the system
[03:28] <twb> I'm only allowing apache with bad graces, and PHP and MySQL not at all
[03:29] <twb> So if your DMS is sitting on top of, like, tomcat, it can just FOAD
[03:30] <twb> For my customers' systems, I feel differently because they're all idiots and, as you say, they'll make a mess if given the chance
[03:32] <kellnola> it also puts a crimp on "that one guy in the office who knows MS Access really really well" and that persons penchant for creating zillions of shitty little databases for everyone to use
[03:32] <twb> No windows here :-)
[03:32] <twb> Well, there is one that we have to use to talk to the stupid federal tax people :-/
[03:32] <kellnola> where do you work? university? industry?
[03:33] <twb> cyber.com.au
[03:33] <twb> basically a rent-a-sysadmin shop
[03:34] <kellnola> the only all unix job I ever landed was at a (US) fed that did geological/ seismic analysis
[03:34] <twb> Most of our customers have windows desktops, but dealing with those is farmed off to whichever poor bastard we just hired
[03:35] <twb> s/just/last/
[03:35] <kellnola> there is definitely a certain amount of happiness that comes with never having to even look at windows, and actually being able to solve their problems
[03:35] <kellnola> *the users problems
[03:36] <qman__> my job is pretty similar but unfortunately it's mostly windows environment, small companies and local governments running windows SBS servers
[03:36] <free99> I love unix, but christ I hate ldap
[03:38] <qman__> my linux-ward progress so far includes a machine to store/scan infected systems' files, and a remote backup solution with backuppc
[03:39] <qman__> without drop-in DC capability, linux just won't work its way into the customers' shops
[03:40] <qman__> and even then, some of them have custom software
[03:40] <free99> you'd think some company out there would work up a proprietary solution just because of that
[03:40] <free99> though I guess likewise is trying that out
[03:40] <twb> free99: proprietary solution for what?
[03:41] <free99> a drop-in domain-controller?
[03:41] <twb> We have a proprietary solution for that
[03:41] <twb> built on top of linux and samba :-)
[03:41] <qman__> samba 4 is supposed to do the job, if/when it ever gets done
[03:42] <kellnola> samba integrates just fine as an AD member, and of course can be an (old type) DC
[03:42] <qman__> the other biggie is exchange for contacts and calendars
[03:42] <qman__> mail is no problem, but the other stuff is harder
[03:42] <kellnola> qman__, we sell a product call zimbra to our clients, it's a unix based exchange clone
[03:42] <kellnola> works very well with outlook
[03:42] <qman__> nice
[03:43] <kellnola> they can't tell the diff
[03:43] <qman__> how's the system requirements on that
[03:43] <kellnola> oh it's all hosted off site
[03:43] <twb> qman__: samba 3 is a DC, it's just not an AD DC
[03:44] <qman__> we've got customers with quad cores and 8 gigs of RAM crawling with SBS2011, they just keep making it impossibly huge
[03:44] <kellnola> qman__, we have one client using their own server, the app seems pretty well bahaved
[03:44] <qman__> and don't even think about using blackberry enterprise
[03:44] <qman__> that basically doubles the RAM requirement, by itself
[03:44] <kellnola> god I hate SBS
[03:44] <kellnola> and all it's stupid restrictions
[03:44] <twb> Re "groupware", we roll out ZCS (zimbra), and we've rolled out scalix in the past and we've dealt with sogo and thingy as well.
[03:44] <twb> They're all abysmally shite
[03:45] <kellnola> twb, heh
[03:45] <twb> ZCS compiles all of ubuntu in /opt with custom patches and CVS snapshots of upstream codebases
[03:45] <qman__> I mean, what's the point in selling a small business package, when it'll only run on a four grand server
[03:45] <twb> I found the guy who makes the ZCS packages, and it was clear he didn't understand why distros even exist
[03:45] <kellnola> twb, all I've ever seen from them is tarballs
[03:45] <twb> He just thought everyone should have a linux kernel and then his huge ZCS blob
[03:46] <twb> kellnola: I use "package" loosely
[03:46] <kellnola> twb, MOST commercial unix devs are just like that
[03:46] <twb> kellnola: yeah, it's a bloody crock
[03:46] <twb> And on Linux it's unforgivable
[03:46] <kellnola> they do not have the deep understanding of systems, or discipline, that OSS devs have
[03:47] <twb> I could understand people doing it on Windows or SCO where there is no package infrastructure or anything
[03:47] <twb> (Yes, I have to deal with SCO and SunOS and crap sometimes :-(
[03:47] <kellnola> twb, thankfully we just have them use ZCS hosting
[03:48] <twb> kellnola: out on some VPS in "the cloud" somewhere, a la buying a commercial gmail contract?
[03:48] <kellnola> I don't want them running mail in-house anyway, unless they're huge
[03:48] <kellnola> twb, yes it's cloud
[03:48] <twb> Yeah, I think we avoid that because of concerns about data sovereignty and such
[03:48] <qman__> the prospect of going entirely down when the comcast modem craps out is not appealing to our customers
[03:48] <twb> Or just because users want to keep reading mail when their shitty .au DSL falls over for a week
[03:48] <kellnola> well we have other concerns like frequent evacuations, hurricanes, etc.
[03:49] <qman__> and actually, we've been trying to get people to move their mail in-house because of how terrible the SBS POP3 connector is
[03:49] <twb> I'm about to switch from ADSL2+ to "naked" ADSL2+ at home, and the migration time for Telstra to do their part is FOUR WEEKS
[03:50] <qman__> and how difficult it is to get email to phones when all they have is pop to some other host
[03:50] <twb> For what amounts to unplugging a cable from one DSLAM and patching it into a different DSLAM
[03:50] <twb> qman__: well, IMAP/MAPI/webmail, not POP
[03:50] <kellnola> how fast is ADSL2+?
[03:51] <twb> kellnola: theoretical maximum is something like 24mbps down, 4mbps up
[03:51] <free99> does this look like a correct ldif to modify the pre-existing database?
[03:51] <free99> dn: olcDatabase={1}hdb,cn=config
[03:51] <free99> changetype: modify
[03:51] <free99> add: olcDbIndex
[03:51] <free99> olcDbIndex: uid pres,eq
[03:51] <free99> -
[03:51] <kellnola> we're almost all HFC, some metro ethernet, a couple of DS1
[03:51] <twb> free99: that all depends
[03:51] <qman__> unfortunately one of the hosts most of our customers are on does not offer any of that, only POP
[03:51] <twb> free99: here's a working one for lucid, that shuts up slapd syslog some: http://paste.debian.net/122044/
[03:51] <qman__> they're stuck in the 90s, and keep getting on spam lists
[03:52] <twb> free99: but I don't know what your current cn=config database contains, or what you want it to contain
[03:52] <qman__> it's been a nightmare
[03:52] <kellnola> wow I haven't seen anyone using POP in quite some time ... and I live in a backwater
[03:52] <twb> kellnola: but in .au a privatized ex-government company has a monopoly on the copper, and they're letting it rot because they want to migrate to FTTH at the government's expense
[03:53] <twb> kellnola: so it's usually more like 2-6mbps down
[03:53] <kellnola> no so bad
[03:53] <kellnola> DSL here is just terrible
[03:53] <kellnola> the support won't even speak to you if the modem's bridged
[03:54] <free99> twb: it doesn't have the right suffix, it got picked based on my FQDN which isn't good enough
[03:54] <twb> Yeah, well, I expect better connectivity in the continent's second biggest city...
[03:54] <free99> that script you linked me is a big help though, thanks
[03:55] <twb> free99: ah, well, that's a major pain in the arse to fix
[03:55] <kellnola> samba 4 is becoming like Duke Nukem 3D
[03:55] <twb> free99: because you will have to rename all the dn's in the {1}hdb
[03:55] <kellnola> I am so sick of waiting for it
[03:55] <free99> kellnola: I thought it came out already
[03:55] <kellnola> though I didn't give a crap about Duke Nukem 3D
[03:55] <twb> free99: btw, you should read the ldapmodify and ldif manpages and such
[03:55] <free99> duke-nuke 'em forever?
[03:56] <free99> I'm working through a tutorial right now actually, and trying to adapt it lol
[03:56] <kellnola> free99, LDAP is wonky but once you get used to it you'll appreciate it
[03:56] <twb> https://secure.wikimedia.org/wikipedia/en/wiki/Duke_Nukem_Forever
[03:56] <free99> I already have big plans for it, but that's if I can get the SOB running
[03:56] <twb> "the game was released in 2011 but had been in development since 1996."
[03:56] <kellnola> yeah "Forever" sorry
[03:58] <kellnola> so, you folks that service outside clients, how do you deal with the crap of users running their desktops as administrator? Most of ours insist on it
[03:58] <kellnola> windows users I mean
[03:58] <kellnola> we are thinking of moving to an SLA based system where the price would be less the more restrictive it is
[03:59] <qman__> the software they run requires it
[03:59] <qman__> it's the only option
[03:59] <kellnola> qman__, much of the time, yes ... thinking about having them run a dedicated terminal server for garbage like that
[03:59] <qman__> tried terminal services with one, it's a total mess
[04:00] <qman__> and expensive, really expensive
[04:00] <qman__> a server and some CALs costs enough, but then they want office
[04:01] <kellnola> I don't know, we're doing that with one of them, it's working out pretty well
[04:01] <kellnola> so far
[04:01] <qman__> and they can't use the office they already bought and have the license to, you have to get a volume license
[04:01] <qman__> and then when their proprietary app needs an update
[04:01] <kellnola> the app itself is so expensive they don't notice the CAL's really :-/
[04:01] <qman__> an administrator has to log on to the server console directly and update it
[04:01] <qman__> because it won't update over TS
[04:02] <qman__> just all the licensing bull you have to work around is insane
[04:03] <kellnola> qman__, well that goes for anything with windows
[04:03] <kellnola> who can figure that BS out it is total insanity
[04:03] <kellnola> not to mention the "upgrade paths"
[04:04] <qman__> trying to explain to a customer that they bought the wrong version of the software
[04:04] <qman__> despite it being the right software they need, just not licensed for the other software they're running
[04:04] <qman__> and that the version they need costs five times as much
[04:04] <qman__> just because
[04:04] <kellnola> qman__, yes that's lovely
[04:05] <kellnola> I'm thinking of trying to get out of all this and maybe develop and sell POS systems for people ... something where I would not be pulling my hair out every day
[04:05] <kellnola> over retarded shit
[04:07] <riz0n> I have an Ubuntu Server, and have some email aliases in the aliases file. Is there a way to create a wildcard alias? (like, for instance, account-??? would accept from account-000 or account-123 etc. to the address accounts)
[04:08] <kellnola> riz0n, don't think so, at least not in /etc/aliases. There might be an MTA that does that
[04:08] <twb> riz0n: that is called "sub-addressing"
[04:09] <twb> For example foo+bar@gmail.com will be delivered to foo@gmail.com
[04:10] <kellnola> wow ... jellyfish have shut down the second nuclear plant in two weeks
[04:10] <DougJ> is there a way to run the explorer with admin powers
[04:11] <DougJ> so I don't have to use a terminal to manipulate files in system directories?
[04:11] <twb> riz0n: I think it's $recipient_delimiter in postfix
[04:11] <qman__> DougJ, not a server question, but the answer is gksudo nautilus
[04:11] <twb> DougJ: what is "explorer"
[04:11] <twb> qman__: nooo, current gvfs will have something like "sudo://" I expect
[04:12] <twb> qman__: better than running the whole app with escalated privds
[04:12] <twb> *privs
[04:12] <DougJ> twb, it's nautilus, you did not know what I was talking about?
[04:12] <qman__> I suppose
[04:12] <twb> DougJ: I don't use GUIs
[04:12] <qman__> command line is better anyway
[04:12] <twb> qman__: +1
[04:12] <riz0n> right i am familiar with the "+" subaddressing, but thats not what im going after
[04:12] <riz0n> ill just make some aliases for the #'s i need
[04:12] <DougJ> twb, you never have ever?
[04:12] <twb> riz0n: well, that's all you can have AFAIK, though obviously you can use "-" instead of "+"
[04:12] <qman__> and as said before, that is not a server question
[04:13] <qman__> as server does not have a GUI
[04:13] <qman__> so if you want to reliably get answers to GUI questions, you're asking in the wrong channel
[04:13] <DougJ> qman__, your answer was plenty reliable thanks
[04:14] <DougJ> qman__, I don't have access the the regular support channel as I am banned
[04:14] <twb> DougJ: that is no excuse to ask the wrong channel
[04:14] <DougJ> twb, but it is a reason
[04:14] <qman__> and probably a good way to get banned in more channels
[04:15] <twb> Hear, hear.
[04:15] <DougJ> qman__, any way to get unbanned?
[04:15] <qman__> dunno, I'm just a user
[04:15] <DougJ> well, I don't have many options then do I
[04:15] <twb> DougJ: the freenode documentation probably discusses the general process
[04:16] <twb> http://freenode.net/faq.shtml#unban
[04:17] <DougJ> how can you speak to an op if you arn't in the channel?
[04:17] <qman__> find out who they are, and /msg directly
[04:18] <qman__> as for who the ops are, it's definitely documented somewhere
[04:18] <DougJ> oh really I didn't know that worked when you weren't in a channel with someone
[04:18] <twb> qman__: the page I linked to shows how to list ops
[04:18] <DougJ> yeah, that link twb...
[04:18] <DougJ> yeah
[04:21] <free99> so this ldif is getting very tedious. considering that the package installer for slapd uses the FQDN to make the choice of domain *for* me, can I temporarily change my FQDN?
[04:21] <free99> I mean, how can I change it temporarily
[04:22] <free99> oh, wtf?
[04:23] <free99> I did a dpkg-reconfigure and first thing it asks is if I want to skip having it configure ldap for me
[04:25] <hackeron> hey, question - how do I connect to a wireless access poing using a WPA passcode from the command line?
[04:26] <qman__> last time I tried to do that was years ago, and I didn't succeed
[04:27] <qman__> it required wpa_supplicant and some significant handwriting of configuration files
[04:27] <qman__> the situation may or may not have improved since, but I don't know
[04:27] <twb> free99: with priority=low it asks IIRC
[04:27] <twb> free99: ICBW, because currently I disable auto-setup
[04:28] <free99> auto-setup is what got me chasing my tail for the past week lol
[04:28] <twb> http://paste.debian.net/122047/ shows the server side of my setup; NOTE that client-side setup is already done, so the ldap utilities are already looking at/for slapd before it exists.
[04:28] <free99> so if I want the autosetup to ask all the questions the first time around, how do I do that in one shot?
[04:28] <hackeron> qman__: yeh, the guides are can find look unreasonably hard :( -- except for this one: http://modelr.wordpress.com/2009/06/01/how-to-get-wireless-network-on-ubuntu-server/ - but that one is kind of hard coded to just 1 wireless access point
[04:29] <twb> hackeron: WPA2 PSK or Enterprise?
[04:30] <hackeron> twb: just WPA PSK
[04:30] <twb> Install hostapd.  Write hostapd.conf.  You are done.
[04:30] <free99> hackeron: I know network-manager, as crappy as it can be, has a good CLI system that almost nobody uses, and it's good at roaming
[04:30] <twb> Writing hostapd.conf is about as easy as writing wpa_supplicant.conf, i.e. trivial.
[04:30] <twb> free99: it doesn't have a good CLI system.
[04:31] <twb> free99: NM uses wpa_supplicant, and since wpa_supplicant has perfectly good roaming and CLI functionality, there is absolutely no reason to use NM
[04:32] <twb> http://paste.debian.net/122048/ <-- NM-less WPA2-PSK client with pre-defined networks
[04:32] <hackeron> twb: so you would recommend hostapd?
[04:32] <twb> hackeron: hostapd is really your only choice
[04:32] <hackeron> twb: what about http://paste.debian.net/12204 you just posted?
[04:32] <twb> That's the client side
[04:33] <hackeron> I am talking about the client side
[04:33] <free99> that's a good script
[04:33] <twb> Do you want to configure an AP or a client
[04:33] <twb> Oh right
[04:33] <hackeron> my "server" is an access pont
[04:33] <hackeron> point*
[04:33] <free99> the ldap one you sent me I mean
[04:33] <twb> hostapd is for the AP, wpa_supplicant is for the client side.
[04:33] <hackeron> twb: ah, awesome :) - thank you!
[04:33] <twb> They are built from the same codebase
[04:34] <twb> free99: note that it's rather peculiar in places, e.g. no root bind dn
[04:35] <free99> http://paste.debian.net/122050/
[04:35] <free99> that's mine
[04:36] <hackeron> twb: is there a script that will join a know SSID if it can find one, otherwise try all the open ones one by one until it can find one that has access to the internet?
[04:37] <hackeron> join a known*
[04:37] <free99> lol hackeron, that'd be pretty cool
[04:38] <hackeron> heh, indeed :P - especially in a car
[04:38] <free99> so when I run apt-get install, is there a way to get an in-depth configuration screen?
[04:38] <twb> hackeron: I don't know about open APs, because I've never encountered one
[04:39] <twb> I don't think that's particularly on-topic for -server tho
[04:39] <twb> free99: dpkg-reconfigure debconf ?
[04:40] <hackeron> twb: why not? - if I ask on #ubuntu they'd say network manager, heh - but I'm doing this on ubuntu-server :P
[04:40] <free99> ok, that's for all of 'em
[04:40] <free99> but what about doing it for only packages I'm interested in?
[04:40] <hackeron> twb: the info in your link worked beautifully btw, thank you!
[04:40] <twb> Well, Ubuntu users are idiots
[04:40] <hackeron> heh, that's another reason why I ask here, heh
[04:40] <free99> ....
[04:41] <free99> hey man, when I was a BSD head, I got everything done and well
[04:41] <twb> free99: then you need to set... DEBCONF_PRIORITY=low, I think, prior to your apt-get run
[04:41] <free99> but hal killed everything
[04:41] <twb> free99: you can't do it per-package, you can do it per-run, or you can invoke dpkg-reconfigure on a package AFTER it's installed
[04:41] <twb> If hal is still alive, you should kill it
[04:42] <free99> I heard debian was doing something like bringing their packages over to freebsd or something of that nature...
[04:42] <twb> The useful functionality was rolled into udev, and the stupid XML RPC crap is still present, but in the newer equally dumb udisks/uthingy
[04:42] <free99> including udev
[04:43] <twb> free99: debian supports two kernels -- linux and freebsd's
[04:43] <free99> really?
[04:43] <free99> hot-damn!
[04:43] <free99> wait, there's got to be a caveat or three there
[04:43] <twb> There's also nexenta, which was nominally Debian/kOpenSolaris, but due to the cuddle of death, I think it's pretty denatured now.
[04:44] <twb> free99: well, Debian/kFreeBSD has a lot fewer eyeballs than Debian GNU/Linux or FreeBSD.
[04:53] <free99> freakin' awesome, I got it
[05:24] <poseidon> So I have a long script on my local computer.  It's in bash.  I want to be able to ssh into a server, run the script, then go into a terminal (while being able to see that info).  So far all I've been able to do is something along the lines of ssh host command && bash.
[05:24] <poseidon> Any ideas?
[05:25] <twb> ssh host -t /path/to/script ?
[05:27] <poseidon> twb: the script is on the local computer
[05:27] <poseidon> Not on the remote
[05:27] <twb> Ugh
[05:28] <twb> Either scp it across, or do something evil and wrong like { cat script; cat; } | ssh -t host
[05:31] <free99> wth does it mean when you get "ldap_modify: Insufficient access (50)" despite having the system set to allow local root to do anything/
[05:34] <twb> -YEXTERNAL
[05:48] <free99> hmm, I am doing -Y EXTERNAL
[05:51] <twb> Same thing
[05:53] <free99> I mean I'm doing that and it's still not working
[05:54] <free99> as root: ldapadd -x -D "cn=admin,dc=itech,dc=portal,dc=baruch,dc=cuny,dc=edu" -W  -H ldapi:/// -f test2.ldif
[05:55] <twb> I see no -YEXTERNAL there.
[05:56] <free99> oh, right, that's my attempt w/o it lol
[05:56] <free99> ldapadd -Y EXTERNAL -H ldapi:/// -f test2.ldif
[05:58] <free99> http://paste.debian.net/122057/
[05:58] <free99> that's the ldif I'm trying to add in
[05:59] <free99> I appreciate the help a lot twb
[06:01] <twb> free99: you probably should not tell us your hashed passwords
[06:01] <free99> I messed with it a little just in case, don't worry
[06:01] <twb> And if you intend to only use -YEXTERNAL, don't set an oldRootPW at all
[06:01] <twb> *olc
[06:02] <twb> Lines 1 and 2 are pointless
[06:02] <twb> And you can omit "changeType: modify" if you're passing it to ldapmodify
[06:02] <free99> well... I'm going to need a web front-end for the server, we have several people who are going to be adding/removing users
[06:02] <twb> ldapadd and ldapmodify are basically identical except for the default ChangeType
[06:02] <twb> free99: fair enough
[06:03] <twb> free99: although you could theoretically give object creation rights to those users, and have the web app "sign in" to ldap as them to make changes
[06:03] <free99> (sigh) you know that feeling where you're at the limit of your knowledge and stuff keeps getting piled on you?
[06:03] <twb> Most existing web apps don't operate that way, they just assume they have full root access
[06:03] <free99> I've been working on this for about 3 weeks straight, bootstrapped
[06:03] <twb> (Where "root" means ldap root bind dn, not unix root user)
[06:04] <twb> free99: yep, BTDTBTTS
[06:04] <free99> what's that mean?
[06:05] <twb> Been There, Done That, Bought The T-Shirt.
[06:05] <free99> yeah man..
[06:05] <twb> Or, you know, JFGI
[06:06] <free99> lol do I even want to know?
[06:11] <twb> https://duckduckgo.com/lite?q=JFGI
[06:21] <free99> aw maan
[06:21] <free99> JFGI, you have no idea how much I'm going to wear that word out and bring further shame to unix peeps everywhere
[06:26] <twb> Not saying "peeps" would be a start.
[06:26] <free99> oh werd? I'm getting sleep drunk...
[06:26] <free99> I think I should read a book
[06:26] <free99> so I guess I'll see you later
[06:26] <free99> and thanks again for your help twb
[06:27] <free99> peace
[07:29] <twb> Oh *awesome*.
[07:30] <twb> New client, they have a machine accepting password-based root logins from the internet, with a dictionary-based password, and they are running... Debian 4.0
[07:30] <greppy> ...
[07:30] <twb> Ahaha, and proftpd instead of vsftpd
[07:31] <greppy> what's wrong with proftpd?
[07:31] <twb> It's not vsftpd
[07:31] <greppy> that's not a helpful explanation.
[07:31] <twb> Or better than either, would obviously be OpenSSH's SFTP
[07:32] <twb> greppy: the short version is that vsftpd cares about security more than anything else, and proftpd doesn't.
[07:32] <twb> greppy: ICBF digging up the MITRE security history of both
[07:37] <w00> http://www.h-online.com/security/news/item/Vsftpd-backdoor-discovered-in-source-code-update-1272310.html
[07:39] <twb> w00: yes, I know
[07:39] <twb> Though that doesn't affect Ubuntu or Debian.
[07:41] <twb> I should be very clear that I recommend OpenSSH, and I only recommend vsftpd if SFTP is not an option for stupid non-technical reasons.
[07:43]  * greppy feels the same way, just s/vs/pro/ :)
[07:43] <twb> I dunno about proftpd, but one thing I like about vsftpd is that every feature is off by default
[07:44] <twb> So you have to opt into e.g. rw or auth
[07:44] <greppy> I almost never trust defaults, even if they are default in the current version, I explicitly set things.
[07:44] <twb> http://mywiki.wooledge.org/FtpMustDie
[07:44] <twb> I guess I also haven't run an FTPd for about eight years...
[07:45] <greppy> due to running a shared hosting server, I have had to keep running one.
[07:46] <twb> Bah
[07:46] <twb> SFTP
[07:46] <twb> Anyone too stupid to use SSH doesn't deserve access to your box
[07:46] <twb> Especially since even windows ftp clients can speak SFTP
[07:47] <greppy> in a perfect world, yes, I certainly point people to sftp if it is an option for them.
[07:54] <ruben23> hi guys how do i set conjob to run every two days it will run a particular script
[07:58] <twb> * * */2 * *
[08:00] <ruben23>  twb: if i set at 12 noon time..?
[08:01] <twb> Oh sorry
[08:01] <twb> It should be more like 0 12 */2
[08:01] <twb> I'm used to just writing @daily
[08:02] <twb> But I don't htink you can write @daily/2
[08:03] <szpuni> cronetab -e will help you ;)
[08:03] <ruben23> 0 12 */2 /usr/share/astguiclient/AST_CRON_audio_3_ftp.pl --MP3
[08:03] <twb> ruben23: you need to supply all five fields
[08:03] <ruben23> like that..? that script will run every 2 days and 12 noon time
[08:03] <szpuni> rather than have settings in separate daily monthly etc files
[08:04] <twb> ruben23: have you read "man 5 crontab" yet?
[08:04] <ruben23> im reading with google now- but im confuse of what the meaning of /2..?
[08:04] <twb> "every second one"
[08:05] <twb> Because third field is day of month
[08:06] <ruben23> 0 means..?
[08:07] <twb> ruben23: please read the crontab(5) manpage in full THEN ask me if you still don't understand, I have other work to do right now
[09:45] <piquadrat> Hi! Does anybody know of a PPA with packages for solr 3.1, 3.2 or 3.3?
[09:50] <kiranmurari> piquadrat: https://launchpad.net/~trevor/+archive/solr
[09:51] <ed8> hi, which software do I use to scan a server for viruses ?
[09:55] <ed8> I was serious~
[09:56] <ed8> or at least rootkit scan
[10:04] <w00> rkhunter
[10:04] <ed8> I used chkrootkit, but still looking for free virus scanner
[10:05] <w00> clamav
[10:07] <ed8> w00: any generic command for both of them ?
[11:04] <van7hu> hello
[11:04] <van7hu> how could I configure multi vhost in my machine? I mean using Apache
[11:33] <linuxnizer> hi everyone
[11:34] <linuxnizer> can Ubuntu Server support 32TB RAID setup? (I know ext4 can go up to 16TB only)
[11:58] <asdfasdf> i need help making a custom kernel
[12:25] <smoser> jamespage, around ?
[12:26] <jamespage> smoser: sure am - just reviewing ec2 testing results
[12:29] <jamespage> smoser: have you seen this udev error before?
[12:29] <jamespage> udevd[186]: failed to create queue file: No such file or directory
[12:29] <jamespage> udevd[186]: error creating queue file
[12:31] <smoser> i dont recall that.
[12:33] <smoser> so... the 20110706 failed to publish. i can re-run and it will continue
[12:33] <smoser> s/re-run/re-start/
[12:34] <Ursinha> good morning :)
[12:36] <smoser> good morning
[12:38] <metap0d> Hi everyone, I want to see all services that boot with my Ubuntu Server .. s there a GUI or console tool or file etc I can edit to modify them?
[12:39] <Ursinha> metap0d: I believe you can do that with update-rc.d
[12:39] <kim0> Hi everyone, just letting you know we're having the Ubuntu Cloud Days irc event on the 25th/26th. Everyone is invited to add a session at https://wiki.ubuntu.com/UbuntuCloudDays/Timetable Please add your session as soon as you can, if unsure about the title, just write TBD. Ping me for any details, thanks
[12:39] <pmatulis> metap0d: right now there is a mix of sysvinit and upstart files
[12:39] <smoser> ok. so i resumed the publish of the 20110706. looks like python, bind and libdrm2 changed
[12:41] <pmatulis> metap0d: update-rc.d works with most sysvinit-based services, but not all IIUC
[12:42] <pmatulis> metap0d: you need to edit upstart jobs directly AFAIK
[12:42] <pmatulis> metap0d: for sysvinit and upstart files, see /etc/init.d and /etc/init, respectively
[12:42] <smoser> jamespage, how did it go so far? on 20110705?
[12:42] <jamespage> smoser: OK I will re-run the tests once it publishes out
[12:42] <jamespage> so generally OK
[12:43] <jamespage> or maybe not
[12:43] <smoser> ?
[12:43] <jamespage> cloud-config still looks broken (all tests failed)
[12:43] <jamespage> found bug 806453
[12:44] <jamespage> and I did not realised that ec2 endpoint IP addresses change so half the tests failed from the new QA lab
[12:44] <smoser> yeah, :-(
[12:44] <metap0d> pmatulis,Ursinha: This is my first server install so I'm not too familiar with everything yet, but thanks I think that should be enough to get started :)
[12:44] <jamespage> damn those outbound firewall rules!
[12:44] <smoser> so, for 806453, i've seen the "falling back to /dev/udev on my system here even"
[12:44] <smoser> maybe something needs to create /run that is not
[12:45] <smoser> i have no /run on my system
[12:45] <smoser> jamespage, how is cloud-config failng ?
[12:45] <jamespage> yeah - I see that message all the time
[12:45] <smoser> i dn't recall why we were seeing that before
[12:45] <jamespage> just looking at the cloud config stuff
[12:45] <Ursinha> metap0d: np :)
[12:45] <smoser> a result of bug 784937 ?
[12:46] <smoser> are we able to see historic results in iso tracker?
[12:47] <jamespage> smoser: http://paste.ubuntu.com/638881/
[12:48] <smoser> where does that happen ?
[12:48] <smoser> and is it reproducilbe
[12:48] <smoser> i understand the "can't mount"
[12:49] <smoser> swap is probably wrong
[12:50] <smoser> but it shouldnt fail
[12:50] <jamespage> smoser - so that one appears to happen on ebs storage
[12:50] <jamespage> this one - http://paste.ubuntu.com/638884/ - happens on instance-store
[12:51] <smoser> not on all boot
[12:51] <smoser> right?
[12:51] <jamespage> So it looks like its always on the reboot after first boot
[12:51] <jamespage> cc contains:
[12:51] <jamespage> mounts:
[12:51] <jamespage>  - [ ephemeral0, /opt , auto, "defaults,noexec" ]
[12:51] <jamespage>  - [ swap, null ]
[12:52] <smoser> happening after reboot would make sense.
[12:52] <jamespage> TBH the results are being clouded by the network issues to the ec2 endpoints
[12:53] <smoser> it is fall out of bug 784937
[12:53] <jamespage> I need to get that resolved and re-run against the new image
[12:53] <smoser> what is in /etc/fstab ?
[12:54] <smoser> well.... i really need to be going for a couple hours.
[13:34] <Deesl> hello... has anyone got an idae about why the Ubuntu installer would be unable to find a cdrom after it has booted off it inside a domU?
[14:00] <jamesiarmes_> I am trying to create an AMI on EC2 built from the Ubuntu 10.10 x86_64 instance-store AMI (ami-08f40561). I am having issues launching an instance from my custom AMI. In an attempt to track down the issue, I launched an instance from the original AMI and immediatly created a new AMI by running euca-bundle-vol follwed by euca-upload-bundle on the instance and registering the new AMI through the console. However, when I launch an instance from my
[14:00] <jamesiarmes_> new AMI, it goes from pending to terminated with a reason of "Client.InstanceInitiatedShutdown" and no console output available. Could I be doing something incorrect when I create my new AMI?
[14:14] <Deesl> anyone around?
[14:19] <ppetraki> Deesl, what's your question?
[14:20] <Deesl> ppetraki: I am trying to get a Ubuntu server domU working in a gentoo dom0.. I am mounting the ISO as xvdc and using pvgrub and the VM boots up fine... but once its through the initial phases, the installer says it could not mount the cdrom and cant proceeed
[14:20] <Deesl> I am clueless about what is happening here..
[14:21] <ppetraki> Deesl, it had to be Xen...
[14:22] <ppetraki> Deesl, do other domUs find the cdrom fine? like fedora?
[14:22] <Deesl> ppetraki: I have a Gentoo domU. I can check
[14:23] <Deesl> but the question is, if it was xen, then how come the Ubuntu domU even booted up
[14:23] <Deesl> it actually booted up and allowed me to select the language and the Country
[14:23] <ppetraki> Deesl, well, it would be an installer bug, though it helps to verify.
[14:23] <ppetraki> Deesl, how is xvdc defined?
[14:24] <Deesl> disk = [ 'tap:aio:/home/subhro/ubuntu-11.04-server-amd64.iso,hda:cdrom,r' , 'phy:/dev/VolumeGroup00/pocVolume,xvda,w' ] ... This is the precise line
[14:24] <ppetraki> Deesl, dump the tap, just use "file://"
[14:24] <Deesl> I just changed xvdc to hda as an attempt
[14:25] <Deesl> with file also does not work
[14:25] <Deesl> hang on let me check once
[14:25] <Deesl> disk = [ 'file:/home/subhro/ubuntu-11.04-server-amd64.iso,xvdc:cdrom,r' , 'phy:/dev/VolumeGroup00/pocVolume,xvda,w' ] this is what it says now
[14:26] <ppetraki> Deesl, ok, that's better.
[14:26] <Deesl> just created it
[14:26] <Deesl> hang on
[14:26] <Deesl> it booted off the CD GRUB and allowed me to select country and Language
[14:27] <Deesl> now its stuck... absolute blank screen
[14:27] <Deesl> and it tells me that its unable to find a CDROM to mount
[14:28] <ppetraki> interesting...
[14:28] <Deesl> want a screenshot?
[14:28] <ppetraki> nah
[14:29] <ppetraki> been a while since I've debugged xen, that's all
[14:29] <Deesl> hmm
[14:30] <Deesl> is there a way to get a install shell?
[14:30] <Deesl> I am old hands at Gentoo but brand new to Ubuntu.
[14:31] <ppetraki> Deesl, alt Fx
[14:32] <Deesl> does not work
[14:32] <Deesl> I am just SSHed in to the dom0
[14:32] <Deesl> and connecting over xl console
[14:33] <Deesl> so probably my alt and function keys dont reach the domU
[14:33] <ppetraki> Deesl, what we want to see is how the guest is interpreting the block device
[14:33] <Deesl> right...
[14:33] <Deesl> so what could be a way?
[14:34] <Deesl> there is an option to get a shell in the install menu...
[14:34] <Deesl> but there is no /dev/xvd? or /dev/[hs]d? inside the devfs for that install shell
[14:35] <ppetraki> Deesl, could create an ftp install, using the dom0 as the host
[14:35] <Deesl> O_o
[14:36] <Deesl> FTP is so much of a trouble :(
[14:37] <Deesl> how can I do a net install?
[14:37] <ppetraki> Deesl, retry with --scsi option
[14:37] <Deesl> --scsi where?
[14:37] <ppetraki> Deesl, in the VM cli, when you start the machine
[14:38] <ppetraki> Deesl, http://wiki.debian.org/Xen#DomU_.28guests.29
[14:38] <Deesl> am I just using pygrub......
[14:38] <ppetraki> Deesl, I don't know whether our kernel has xen block support compiled in or not
[14:38] <Deesl> my host is Gentoo though
[14:38] <binBASH> Hi there, what is correct way of reporting kernel crashs like this one? http://imgur.com/a/75ACq
[14:39] <ppetraki> Deesl, I'm talking about the guest. that would explain why no xvd devices are found
[14:39] <Deesl> ppetraki: I wonder how to translate a xen-create-image that works on Debian to one on Gentoo
[14:39] <ppetraki> Deesl, got me
[14:40] <Deesl> ppetraki: let me see how to pass --scsi to create-image
[14:40] <Deesl> since I am NOT creating an image
[14:41] <Deesl> my main disk is completely empty.. I am trying to boot off the CDROM (ISO) and install
[14:41] <Deesl> later on will paravirtualize it
[14:45] <Deesl> ppetraki: still didnt find anything :(
[14:45] <ppetraki> Deesl, hmmm.
[14:45] <ppetraki> Deesl, would really help if I had a xen host handy.
[14:45] <Deesl> I dont have any spare play dom0s to offer you :(
[14:45] <ppetraki> Deesl, you could try an expert install, drop to a shell, and try to modprobe the xen blockback drivers
[14:46] <ppetraki> Deesl, err blockfront
[14:46] <Deesl> ppetraki: can you guide a little bit on that?
[14:46] <ppetraki> Deesl, it's just "F6" at the installer menu, select expert, and boot from there. you get a drop down menu from there
[14:47] <Deesl> okay I am on the menu which starts off with Change LAnguage, country etc
[14:47] <Deesl> the third one says Detect CDROM
[14:47] <Deesl> whcih obviously is going to fail
[14:47] <ppetraki> Deesl, so drop to shell, and modprobe xen-blkfront
[14:48] <Deesl> okay hang on
[14:48] <ppetraki> Deesl, verify its loaded, then exit the shell, and try to detect the cdrom
[14:49] <Deesl> FATAL: Module xen_blkfront not found.
[14:49] <Deesl> phew...
[14:51] <Deesl> so there is no such module...
[15:03] <Ursinha> Daviey: hai :)
[15:04] <Ursinha> Daviey: did you get to understand that keyring error you got with that launchpadlib script?
[15:04] <Ursinha> that's insanely vague, I'm counting on your memory to know what I'm talking about :)
[15:05] <zul> ouch :)
[15:09] <Daviey> Ursinha: hello and no
[15:09] <Daviey> are you experiecing it?
[15:09] <Daviey> I suspect it's related to the user wide launchpad auth?
[15:13] <Ursinha> Daviey: yes, I am
[15:13] <Ursinha> I'm trying to run a script in another machine
[15:13] <Ursinha> so I wonder if that's requiring UI interaction of some kind...?
[15:13] <Ursinha> like typing password in gnome keyring or something
[15:13]  * Ursinha tries
[15:13] <Daviey> Ursinha: Well recently oneiric desktop started asking for a password when connecting to wireless.  I suspect it's the same issue.
[16:25] <jamespage> jhunt: around? I have an upstart question re differences in behaviour lucid->maverick->natty
[16:25] <DarkLordZim> has anyone worked with ettercap on a 64bit ubuntu based install? i'm getting the following error: "Dissector "dns" not supported (etter.conf line 70)" i've tried to google it, and i keep finding everyone saying it has to do with 64bit systems, would it work if just installed a 32bit OS?
[16:25] <jhunt> jamespage: hi
[16:26] <jamespage> jhunt: so it relates to how upstart deals with non-zero return codes in the pre-start block of a configuration
[16:27] <ronnie> i have one server, with 3 virtual machines. One for static media, one for the database and one for the web-application. How can i best connect to the database, if all the servers have an own IP?
[16:27] <jamespage> bascially on lucid it looks like it ignores them; but on natty it definately is not - i.e. the pre-start fails as a result
[16:27] <jamespage> any thoughts?
[16:27] <jamespage> I'm specifically talking about the samba nmbd.conf which calls testparam during pre-start
[16:31] <marrusl> RoAkSoAx, o/ .... do know of any ubuntu-specific cobbler documentation?
[16:33] <RoAkSoAx> marrusl: yes
[16:34] <jhunt> jamespage: checked the code and can't see a change post-lucid. Also, a quick pre-start test that does "exit 1" correctly fails on lucid.
[16:34] <jhunt> jamespage: and hi to you! :)
[16:35] <RoAkSoAx> marrusl: we have basic documentation https://help.ubuntu.com/community/Cobbler
[16:35] <RoAkSoAx> marrusl: what are you looking for exactly >?
[16:35] <marrusl> RoAkSoAx, no that should do!  just looking for a customer.  I didn't think we did.
[16:36] <RoAkSoAx> marrusl: hehe yeah it's still very basic
[16:36] <jamespage> jhunt: so its more related to the return code of something the pre-start block calls rather than what it specifically exits with
[16:36] <marrusl> RoAkSoAx, that will work, anything more detailed and they can still just hit up the upstream cobbler docs.  thanks!
[16:36] <RoAkSoAx> marrusl: ;)
[16:38] <jhunt> jamespage: if you change "exit 1" to "/bin/false" (full path to avoid shell builtins), you still get the expected behaviour.
[16:48] <jhunt> jamespage: I pulled apart nmbd.conf and tried a basic test on lucid+natty, but I can't see the problem you're describing. Could you come up with a minimal test case?
[16:52] <jamespage> jhunt: sure can
[18:28] <smoser> jamespage, around ?
[18:28] <smoser> Daviey, where are we wrt the uec images ?
[18:33] <Daviey> smoser: hola.. jamespage gave them a sniff earlier and reported success.
[18:34] <Daviey> smoser: although, he found one bug which i think he raised.. and also had to update for the new ec2 endpoint.
[18:34] <Daviey> (firewall)
[18:35] <smoser> ok. i asked in -release to populate iso with 20110706 images
[18:35] <smoser> and am pre-publishing those right now
[18:37] <Daviey> smoser: seems he discovered an issue with i386 images.. but can't see the bug
[18:39] <zooko> Anybody have a trick for finding a fast package mirror without the GUI MirrorTest.py?
[18:39] <smoser> Daviey, https://bugs.launchpad.net/ubuntu/+source/udev/+bug/806453
[18:40] <Daviey> smoser: thassim
[18:40] <Daviey> smoser: Do you want to add that to the release notes, or should i?
[18:42] <smoser> you please.
[18:42] <smoser> its minor
[18:42] <smoser> i *think* not 100%
[18:48] <Daviey> smoser: ok, thanks.
[18:48] <Daviey> smoser: now get back to the beach.
[18:56] <jamespage> smoser, Daviey: around now
[18:58] <smoser> jamespage, just see above.  the iso tracker being populated with images as soon as someone in -release sees it.
[18:58] <jamespage> I ran tests against 20110705 and 20110706 - I found bug 806453 only in i386 instance-store instances
[18:59] <jamespage> smoser: also reconfirmed those issues during reboot with the cloud-config tests that mount swap/ephemeral as being repeatable
[18:59] <jamespage> do you want me to update that previous bug report with more information?
[19:01] <smoser> jamespage, please do.
[19:01] <smoser> really i want the kernel issue fixed.
[19:03] <jamespage> key difference was that we saw it on ebs and instance-store types this time; also got different results between i386 and amd64
[19:03] <jamespage> I'm going todo it tomorrow.
[19:09] <RoAkSoAx> irc
[21:29] <hggdh> smoser: we still are being hit by cloudconfig, correct? If so, do you remember the bug #?
[22:05] <flyback> what's the boot option or installer option to force assume a 586 cpu instead of installing 686 versions of the kernel and glibc
[22:05] <flyback> ubuntu server 10.04LTS
[22:05] <flyback> I know the newer ones are 686 only
[22:14] <yeason> I'm trying to configure openvas in 11.04 but can't seem to get it to listen on any address. I found that these changes need to be made /etc/default/openvas-<servicename> but I'm not sure how to get it to listen to anything other than 127.0.0.1
[22:15] <yeason> anyone know how to get it to listen any address?
[22:16] <alamar> http://manpages.ubuntu.com/manpages/natty/man8/openvasd.8.html -a option looks good..
[22:17] <yeason> I know about starting it manually, I'm trying to figure out how to get the automatic startup scripts working this way
[22:17] <yeason> I've tried removing that particular field from the conf file as well as setting it to a blank but it still errors
[22:18] <alamar> what field?
[22:19] <yeason> within the configuration file for each service (there's 3 or 4) there are fields such as "ADMINISTRATOR_ADDRESS=127.0.0.1" which provides the script in the init.d folder with the parameters for starting the server
[22:19] <yeason> in that case when starting the openvasad service it fills in localhost for the -a option
[22:20] <alamar> try 0.0.0.0
[22:22] <yeason> ffs... the ONLY thing I didn't try... good call and thanks
[22:23] <alamar> did it work?
[22:23] <alamar> well np ;)
[22:23] <yeason> yep, netstat -tlp shows *:<theport>
[22:23] <alamar> :)
[22:23] <yeason> it's one of those that in hindsight is obvious but I never would have thought of it
[23:06] <rallias> can someone help me install mod_gzip on my server?