/srv/irclogs.ubuntu.com/2011/07/13/#ubuntu-server.txt

=== ng_ is now known as zz_ng_
CrystalVoidqman__,  mostley iscsi + zfs probley ...  so yah loads of software work00:01
qman__how many disks, and what sort of data rates you want to achieve?00:02
qman__also, are you getting a good disk controller?00:03
CrystalVoidno firm count on disk atm .. but 2 to 8 ish probley  .. .// controller .. whatever is onbord .. i hate it but i am forced to use scrap whatever i can dig up00:03
CrystalVoidspeeds ... i hope to use some minor compression so 60 to80 would be good .. but ill take what i can get00:04
qman__then it's not worth bothering with the better chip00:04
TheEvilPhoenixqman__:  question, so as long as I dont install the kerberos PAM package there's no risk of breaking the standard UNIX local login/authentication system?00:04
qman__the controller will be a tighter bottleneck00:04
qman__TheEvilPhoenix, so long as PAM is not modified, local authentication will not be affected00:05
TheEvilPhoenixah very good00:05
qman__I can't say whether the package you want to install will modify PAM or not00:05
TheEvilPhoenixqman__:  i think kerberos has its own PAM package... but i'll check00:05
twbIn current releases the manifest will give a good hint, because it will provide files in thingo00:06
twb/usr/share/pam/ ?00:07
CrystalVoidthank you qman__  :)  i think that tips me in faver of the smaller chip00:07
TheEvilPhoenixlemme check00:07
twbThere's a directory that gets turned into pam by a debconf clicky-clicky checklist UI thing00:07
TheEvilPhoenixbecause it loads a few parameters00:07
TheEvilPhoenixs/parameters/prereqs/00:07
twbNot /usr/share/pam00:07
qman__CrystalVoid, you're only looking at ~20% difference between them anyway, so if power or cost is a concern, the less powerful chip is the better choice00:10
TheEvilPhoenixtwb:  the libpam-krb5 package isnt being installed, and that package installs the Kerberos auth module for PAM, so I should be good right?00:11
twbTheEvilPhoenix: libpam-krb5 *is* the pam krb auth module.00:11
TheEvilPhoenixbut its not required for the package i needed to install00:11
twbOh, right, I misread you00:11
TheEvilPhoenixso i'm trying to make sure that that module is *not* installed00:11
twbSure.00:12
TheEvilPhoenixso it doesnt override the base UNIX authentication00:12
TheEvilPhoenixand if all else fails, uninstall everything with purge, right? XD00:12
twbAFAIK even if you did install libpam-krb5 noninteractively, it still wouldn't break local flat-file authentication.00:13
qman__yeah, it would just add krb5 to it00:13
TheEvilPhoenixit did that with a Ubuntu server I used once before00:13
TheEvilPhoenixso :p00:13
TheEvilPhoenixi like to be preemptive and ask rather than be sorry later00:13
qman__now, if krb5 is horribly, horribly broken, it may effectively break local auth00:13
twbI suspect you managed to contribute to that case.00:13
twbqman__: it's not so much "broken" as "special"00:14
TheEvilPhoenixstop blaming this on pebkac00:14
nonotzaanyone know if wireshark is available for shell only?00:26
utlemmingyeah, its call tshark00:26
utlemmingalthough "tcpdump -w pcap" will give you a dump that you can import into the GUI version00:27
nonotzathanks00:27
twbtshark can do that too, obviously00:29
twbIf you have enough disk space for the pcap, I would run tcpdump on the router or server, tho, because it's deps are far smaller than tshark's00:29
ZimskyDoes anyone know of any fan speed control software?00:34
ZimskyFor controlling system fans both manually and automatically.00:35
twbZimsky: that's done in the kernel.00:47
ZimskyOh00:47
twbThere's also fancontrol - utilities to read temperature/voltage/fan sensors00:48
twbbut IIRC it's only for stuff the normal kernel can't talk to, or it's obsoleted by the kernel stuff.00:48
twbYou probably want something like /sys/class/fan00:48
Zimskywhat is that?00:48
twbZimsky: /sys/ is a pseudofilesystem used to talk to the kernel00:49
Zimskyso how do I use it?00:49
twbI don't know.00:49
twbUsually I stop caring once the fan slows down on its own, because I trust the kernel to make reasonable decisions.00:50
twbkernel question: can I "reload" a ko while it's in use?00:55
twbThe manufacturer says "If you reload the solos-pci module it should reset the Solos chipsets."00:55
twb# rmmod solos-pci; modprobe solos-pci ==> ERROR: Module solos_pci is in use00:55
twbApparently even stopping the pppds didn't allow me to rmmod it :-/01:01
=== jjohansen is now known as jj-afk
serueSpamapS: lp:~serge-hallyn/ubuntu/oneiric/lxc/lxc-0.7.4.2-cleanup-patches/ / http://people.canonical.com/~serge/lxc_0.7.4.2-0.3ubuntu3-pkg has been cleaned up, thanks to broder01:49
serueSpamapS: when you get a chance, pls re-pull and, if it looks ok, push?01:54
alamarwhere exactly are the scripts that do the networking setup nowadays? (with upstart and such)01:54
seruealamar: some is in /etc/network/if-up.d/upstart;  some in /etc/init/network*01:56
alamarthank you01:56
alamarthe reason I ask is I was wondering if ubuntu uses ifconfig/route or iproute2 for initial network setup on boot01:59
twbalamar: by default it uses the old stuff (see "ifupdown" package).01:59
twbalamar: you can easily use "manual" stanzas in interfaces(5) to use iproute2 instead, and there is a minority of people (inc. me) who do this.02:00
twbalamar: also, NM will do whatever the hell it does.02:00
serueif you let it :)  the fiend02:01
twbStep #1 is purge NM02:01
twbalamar: here's a very complex iproute2-based interfaces(5) -- http://paste.debian.net/122735/02:06
StrangeCharmafter doing a fresh install, after grub, i just get a blinking cursor. i've tried a couple of times, with no luck. what am i doing wrong here?02:32
twbStrangeCharm: IMO?  Using grub02:34
* twb is a grub hater.02:34
StrangeCharmimo?02:35
StrangeCharmgrub's the default?02:35
twbIn My Opinion02:35
twbFor some reason Ubuntu and Debian use syslinux for CDs and USB keys and network installs, but still use grub for hard disks.  IMO syslinux (as extlinux) should also be used for hard disks, because it is simple and deterministic and it Just Works.02:36
twb(The argument against it is that some people have weird setups, like 2007-era EFI-only macbooks, and syslinux doesn't support those.)02:37
shanghi all, anyone here has used orchestra before to deploy Ubuntu server?03:10
twbNever heard of it.03:20
lifelesstwb: new bootstrap thingy in oneiric03:22
lifelesstwb: https://lists.ubuntu.com/archives/oneiric-changes/2011-May/001881.html03:22
twbas in a replacement for debootstrap?03:22
lifelesslayers on top AIUI03:22
lifelessreplacement for kickstart perhaps03:23
twbBut kickstart is totally useless for debian, because preseeding is already there, better supported, and prettier03:27
twbEr, s/debian/ubuntu/03:27
twblifeless: orchestra looks more like FAI03:29
twbSheesh, source format 1.0 in a new ubuntu-driven project?  Someone's a 3.0 hater.04:10
twblifeless: yeah, orchestra is definitely in the same category of thing as FAI04:12
DanaG1hmm, I wonder how long it'll take before btrfs gets a fsck that'll fix things.04:29
DanaG1hmm, I figured out what's happening with my slow boot...04:37
DanaG1It sits at a blank cursor before the message that says something about starting kernel.04:37
rixiusI'm trying to get ubuntu-server on my macbook, that  has a broken display. Is there a method to make a bootable CD that will fully automate installation and end with ssh enabled?05:32
Tommy_nmwhi everyone05:41
Tommy_nmwI am newbie of Ubuntu server05:41
Tommy_nmwfacing many problems using ubuntu as newbie05:41
rixiusTommy_nmw: what's the problem?05:42
Tommy_nmwthe only thing is my ubuntu server will be without internet05:43
Tommy_nmwat work, due to office policy, I can use or download from internet only from Windows XP05:44
Tommy_nmwI do not know what complete packages I could download manually from Windows XP for my ubuntu server05:44
twb[ "$QUICK" ] && touch /var/run/ppp-quick05:56
twbWhat the fucking fuck?  How is that supposed to be per-connection when you have two PPPoA lines?05:56
twbifupdown and ppp are like sausages, don't look at how they're made :-/05:56
twbWhat I'm actually doing is replacing ifdown's totally useless ppp integration with an upstart job that calls "pppd call foo" for each PPPoA line, because APPARENTLY pppd, despite being told "persist", will simply exit if you leave the line unplugged for ten minutes, and never come back up.06:01
twb>grrr<06:01
twbAlso, WTF is with ifupdown being written in noweb06:01
lifelesstwb: it was al the rage06:05
twbIt just reinforces that ifupdown needs to die06:06
twbSo it turns out that despite (AFAICT) being coded to do so, ifupdown is simply not passing "unit 0" to the pppd call (via pon), so it's only by complete accident that I've been getting correct pppN numbers by now.06:10
twb(I would have used meaningful names for my ppp ifaces, except that pppd encodes iface names as ints, not strings :-/ )06:11
lifelesspppd is pretty old itself06:12
DanaG1okay, I decided to go with Ubuntu Server + zfs.06:15
DanaG1All I care about is that the FS works, and that it's not a royal pain to do anything like it is with openindiana.06:15
twblifeless: yeah, I could really do without ever having to touch ppp or radius ever06:17
Tommy_nmwhi06:46
Tommy_nmwhi06:57
Tommy_nmwwho could help in EVDO connection?06:58
=== zz_ng_ is now known as ng_
twbWhat is an EVDO?07:26
e_t_It's a type of "3G" cellular data service.07:27
twbOh that stuff07:27
twbDunno, but I hear people do pppd with strange AT codes to make 3G go07:28
Tommy_nmwEvolution-Data Optimized07:29
Tommy_nmwhttp://en.wikipedia.org/wiki/Evolution-Data_Optimized07:30
=== smb` is now known as smb
=== koolhead17|afk is now known as koolhead17
uvirtbotNew bug: #809753 in logwatch (main) "logwatch bug in postfix filter" [Undecided,New] https://launchpad.net/bugs/80975309:27
=== ng_ is now known as zz_ng_
twister004hi guys... how can I manually configure my wireless interface in ubuntu?10:44
=== The-Comp1ler is now known as The-Compiler
Ursinhabuenos dias, amigos12:03
shingenmy headless server died... removed hdd, trying to boot in vbox but I get nothing.  where can I start with troubleshooting boot issues?12:30
lynxmanUrsinha: morgen13:05
=== zz_ng_ is now known as ng_
shingenblargh, grub got hosed, strange13:16
=== ng_ is now known as zz_ng_
jamespagekirkland: around?13:58
ConstantineXVIfor an XMPP server, if you only have the server port open outside your firewall, no one on the outside can log on or create accounts, right?14:07
joschiConstantineXVI: yes14:19
ConstantineXVIjoschi: good, thanks14:19
joschiConstantineXVI: but usually you can also configure these permissions in most XMPP servers14:19
joschiConstantineXVI: at least the registration part14:19
ConstantineXVIjoschi: want just anything inside the firewall (aws group, actually) to be able to register, but people on the outside still able to talk to the bot14:22
=== zz_ng_ is now known as ng_
kirklandjamespage: howdy15:34
=== Andre_Go` is now known as Andre_Gondim
=== koolhead17 is now known as koolhead17|
RoAkSoAxutlemming_: btw... you didn't need to roll back to natty , i lots keyboard/mouse too. You just needed to delete /run/udev16:22
=== twister004_ is now known as twister004
patrickmwjamespage: I thought I was added to ~ubuntu-server-iso-testing-dev but I'm not on the members list.  Did you add me to a different project?16:29
=== ng_ is now known as zz_ng_
jamespagepatrickmw: i'll check a bit later16:34
patrickmwjamespage: ack. I have a branch I want to propose16:35
jamespagehmm - you should be able todo that without being a member16:35
=== med_out is now known as medberry
T3CHKOMMIEhey everyone got a really quick hardware question for you. im rutting an Zotac ION N330 board and im trying to figure out if a mini ITX FF 150 psu will run that and a 2.5 hdd16:45
T3CHKOMMIE150W that is.16:46
baggar11T3CHKOMMIE: is there something about that config that makes you think it won't work?16:47
T3CHKOMMIEsaw a review on the PSU some guy was complaining it wouldnt run his N33016:49
T3CHKOMMIEseems strange to me, i imagin a atom wont draw that much16:49
patdk-wklooks like it won't work :( n330 needs like 90watts, and the 2.5" drive needs 10watts16:51
T3CHKOMMIE150 isnt enought?16:51
patdk-wkfor 100watts?16:51
patdk-wkhopefully, unless it's a crappy 150watt psu :)16:51
T3CHKOMMIEseems like its crappy.... i need an emergency replacement case and psu for a busted server.16:52
patdk-wkcan't believe that thing needs 90watts16:52
T3CHKOMMIElooking to just get bye until payday.16:52
patdk-wkmy atom laptop uses 7watts, including the screen and 2.5" drive16:52
T3CHKOMMIEmother board says its a 8w TPU16:52
T3CHKOMMIETDP* sorry16:52
baggar11T3CHKOMMIE: I think you'd be fine16:52
T3CHKOMMIEbaggar11 ill bite the bullet and order it and hope it all works. might have a problem when doing 1080p but for now i think it will work?16:54
_rubenmy atoms have 90W psus iirc17:11
patdk-wkmine only has a 40watt17:13
DanaG!find libmono-remoting17:17
ubottuPackage/file libmono-remoting does not exist in natty17:18
DanaGwhere is libmono-remoting?17:18
DanaGSystem.Runtime.Remoting17:18
DanaGah, libmono-system-runtime2.0-cil17:18
fowlduckI'm trying to find out if apache 2.2.17 on ubuntu natty suffers from these vulnerabilities: http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2011-1928 and http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2011-041917:20
uvirtbotfowlduck: The fnmatch implementation in apr_fnmatch.c in the Apache Portable Runtime (APR) library 1.4.3 and 1.4.4, and the Apache HTTP Server 2.2.18, allows remote attackers to cause a denial of service (infinite loop) via a URI that does not match unspecified types of wildcard patterns, as demonstrated by attacks against mod_autoindex in httpd when a /*/WEB-INF/ configuration pattern is used.  NOTE: this issue exists because of an incorrect fix17:20
uvirtbotfowlduck: Stack consumption vulnerability in the fnmatch implementation in apr_fnmatch.c in the Apache Portable Runtime (APR) library before 1.4.3 and the Apache HTTP Server before 2.2.18, and in fnmatch.c in libc in NetBSD 5.1, OpenBSD 4.8, FreeBSD, Apple Mac OS X 10.6, Oracle Solaris 10, and Android, allows context-dependent attackers to cause a denial of service (CPU and memory consumption) via *? sequences in the first argument, as demonstrat17:20
fowlduckI can't find anything on the bug tracker or in the ubuntu changelog, but I could just be crappy at searching launchpad17:20
Picifowlduck: See http://people.canonical.com/~ubuntu-security/cve/2011/CVE-2011-0419 and http://people.canonical.com/~ubuntu-security/cve/2011/CVE-2011-192817:21
uvirtbotPici: Stack consumption vulnerability in the fnmatch implementation in apr_fnmatch.c in the Apache Portable Runtime (APR) library before 1.4.3 and the Apache HTTP Server before 2.2.18, and in fnmatch.c in libc in NetBSD 5.1, OpenBSD 4.8, FreeBSD, Apple Mac OS X 10.6, Oracle Solaris 10, and Android, allows context-dependent attackers to cause a denial of service (CPU and memory consumption) via *? sequences in the first argument, as demonstrated b17:21
uvirtbotPici: The fnmatch implementation in apr_fnmatch.c in the Apache Portable Runtime (APR) library 1.4.3 and 1.4.4, and the Apache HTTP Server 2.2.18, allows remote attackers to cause a denial of service (infinite loop) via a URI that does not match unspecified types of wildcard patterns, as demonstrated by attacks against mod_autoindex in httpd when a /*/WEB-INF/ configuration pattern is used.  NOTE: this issue exists because of an incorrect fix for17:21
Piciuvirtbot: thats annoying.17:21
uvirtbotPici: Error: "thats" is not a valid command.17:21
PiciTheres a CVE search somewhere in Launchpad, but this tool is much nicer.17:21
fowlduckcool, thanks17:22
utlemming_smoser: ping17:28
smoserhere17:29
utlemming_smoser: I take it we want to have new live-build scripts generate VMDK, OVF and tarballs correct?17:30
=== utlemming_ is now known as utlemming
smoserwell, you can probably re-use the stuff17:32
smoservmdk is generated from the partition image17:33
smoserbut yeah17:33
utlemmingokay, I'll dig on that. thanks17:33
=== zz_ng_ is now known as ng_
uvirtbotNew bug: #810044 in cloud-init (main) "cloud-init will have race conditions for cloud-config with multiple network adapters" [Undecided,New] https://launchpad.net/bugs/81004417:57
benccubuntu server doesn't come with ntp installed, right?17:59
benccis it standard to install the ntp package to sync the clock?17:59
Picibencc: ntpdate is installed by default, but not ntp.  And yes, I'd install it for properly maintaining time18:02
smoserutlemming, the goal really woudl be to just drop in a different "vmbuidler" command. and have everything else just work as is18:03
benccPici: ntp or openntpd ?18:03
Picibencc: It looks like openntpd doesn't change the clock's rate, which I feel is one of the main features of ntp.18:04
utlemmingsmoser: yup, that is my goal18:04
benccPici: ok. thanks18:04
utlemmingsmoser: I want to make this as simple as I can18:04
smoseryeah.18:04
smoserwe should be comparing the filesystem content output18:05
smoserbetween the two18:05
smoserwe need to be aware of everything that is different, and understand why18:05
utlemmingI did a pass of that yesterday and am working out the differences now.18:06
utlemmingThe biggest difference I've found is that the new images don't have grub2 files dropped to /boot/grub, so I'm going to get that fixed.18:07
utlemmingI also did a md5 comparision to try and spot configuration difference. I have to follow up by diff'ing them.18:08
=== mcahornsirup_ is now known as mcahornsirup
serue_SpamapS: lp:~serge-hallyn/ubuntu/oneiric/lxc/lxc-0.7.4.2-cleanup-patches/ / http://people.canonical.com/~serge/lxc_0.7.4.2-0.3ubuntu3-pkg has been cleaned up, thanks to broder18:33
serue_SpamapS: when you get a chance, could you pls re-pull and, if it looks ok, push?18:33
SpamapSserue_: sorry I've been wrapped up in a bunch of other things. I'll take a look soon.18:35
serue_SpamapS: np, thanks!18:53
serue_Daviey: .19:23
smosersoren, can you verify ? 81007419:26
smosers/verify/confirm/19:27
sorenbug 81007419:32
uvirtbotLaunchpad bug 810074 in firefox "firefox crashes with pentadactyl installed" [Undecided,New] https://launchpad.net/bugs/81007419:32
sorensmoser: Uh..19:32
sorensmoser: a) I don't know what Pendactyl is, b) I don't really use Firefox.19:33
sorensmoser: Is that really the bug you meant? If so, I wonder why you're asking me :)19:33
smoserpentadactyl is to vimperator what openstack is to eucalyptus (sort of)... a more open and usable fork.19:33
smoseri thought you were a vimperator user19:34
Aisonhow can I disable the cpu frequency scaling?19:45
Aisonis that some bios thingie or some ubuntu server thingie?19:45
sorensmoser: I use Chrome, actually.19:53
sorensmoser: I occasionally miss vimperator, though.19:53
smosersoren, chrome schmome19:53
=== guntbert_ is now known as guntbert
=== ng_ is now known as zz_ng_
=== def is now known as Guest31308
=== guntbert_ is now known as guntbert
=== erichammond1 is now known as erichammond
=== Jare_ is now known as Jare
=== mcahornsirup_ is now known as mcahornsirup
uvirtbotNew bug: #810157 in nova "support '-' for writing to stdout in nova-manage environment/zip" [Undecided,In progress] https://launchpad.net/bugs/81015721:21
tkeithHow can I figure out if I'm vulnerable to CVE-2011-1770? Is DCCP something that's enabled by default?21:54
uvirtbottkeith: Integer underflow in the dccp_parse_options function (net/dccp/options.c) in the Linux kernel before 2.6.33.14 allows remote attackers to cause a denial of service via a Datagram Congestion Control Protocol (DCCP) packet with an invalid feature options length, which triggers a buffer over-read. (http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-1770)21:55
tkeithHa, what a smart bot :) My question still stands though.21:55
=== lullabud is now known as warzauwynn
patdk-laptkeith, strip all dccp off packets on your network23:02
patdk-lapor have your switch do it23:02
tkeithpatdk-lap: So, assuming everything outside the server is untrusted, it'd be vulnerable?23:03
patdk-lapwould say so23:03
tkeithpatdk-lap: Ok, thank you, that's what I needed to know23:04
=== skrewler_ is now known as skrewler

Generated by irclog2html.py 2.7 by Marius Gedminas - find it at mg.pov.lt!