=== ng_ is now known as zz_ng_ [00:01] qman__, mostley iscsi + zfs probley ... so yah loads of software work [00:02] how many disks, and what sort of data rates you want to achieve? [00:03] also, are you getting a good disk controller? [00:03] no firm count on disk atm .. but 2 to 8 ish probley .. .// controller .. whatever is onbord .. i hate it but i am forced to use scrap whatever i can dig up [00:04] speeds ... i hope to use some minor compression so 60 to80 would be good .. but ill take what i can get [00:04] then it's not worth bothering with the better chip [00:04] qman__: question, so as long as I dont install the kerberos PAM package there's no risk of breaking the standard UNIX local login/authentication system? [00:04] the controller will be a tighter bottleneck [00:05] TheEvilPhoenix, so long as PAM is not modified, local authentication will not be affected [00:05] ah very good [00:05] I can't say whether the package you want to install will modify PAM or not [00:05] qman__: i think kerberos has its own PAM package... but i'll check [00:06] In current releases the manifest will give a good hint, because it will provide files in thingo [00:07] /usr/share/pam/ ? [00:07] thank you qman__ :) i think that tips me in faver of the smaller chip [00:07] lemme check [00:07] There's a directory that gets turned into pam by a debconf clicky-clicky checklist UI thing [00:07] because it loads a few parameters [00:07] s/parameters/prereqs/ [00:07] Not /usr/share/pam [00:10] CrystalVoid, you're only looking at ~20% difference between them anyway, so if power or cost is a concern, the less powerful chip is the better choice [00:11] twb: the libpam-krb5 package isnt being installed, and that package installs the Kerberos auth module for PAM, so I should be good right? [00:11] TheEvilPhoenix: libpam-krb5 *is* the pam krb auth module. [00:11] but its not required for the package i needed to install [00:11] Oh, right, I misread you [00:11] so i'm trying to make sure that that module is *not* installed [00:12] Sure. [00:12] so it doesnt override the base UNIX authentication [00:12] and if all else fails, uninstall everything with purge, right? XD [00:13] AFAIK even if you did install libpam-krb5 noninteractively, it still wouldn't break local flat-file authentication. [00:13] yeah, it would just add krb5 to it [00:13] it did that with a Ubuntu server I used once before [00:13] so :p [00:13] i like to be preemptive and ask rather than be sorry later [00:13] now, if krb5 is horribly, horribly broken, it may effectively break local auth [00:13] I suspect you managed to contribute to that case. [00:14] qman__: it's not so much "broken" as "special" [00:14] stop blaming this on pebkac [00:26] anyone know if wireshark is available for shell only? [00:26] yeah, its call tshark [00:27] although "tcpdump -w pcap" will give you a dump that you can import into the GUI version [00:27] thanks [00:29] tshark can do that too, obviously [00:29] If you have enough disk space for the pcap, I would run tcpdump on the router or server, tho, because it's deps are far smaller than tshark's [00:34] Does anyone know of any fan speed control software? [00:35] For controlling system fans both manually and automatically. [00:47] Zimsky: that's done in the kernel. [00:47] Oh [00:48] There's also fancontrol - utilities to read temperature/voltage/fan sensors [00:48] but IIRC it's only for stuff the normal kernel can't talk to, or it's obsoleted by the kernel stuff. [00:48] You probably want something like /sys/class/fan [00:48] what is that? [00:49] Zimsky: /sys/ is a pseudofilesystem used to talk to the kernel [00:49] so how do I use it? [00:49] I don't know. [00:50] Usually I stop caring once the fan slows down on its own, because I trust the kernel to make reasonable decisions. [00:55] kernel question: can I "reload" a ko while it's in use? [00:55] The manufacturer says "If you reload the solos-pci module it should reset the Solos chipsets." [00:55] # rmmod solos-pci; modprobe solos-pci ==> ERROR: Module solos_pci is in use [01:01] Apparently even stopping the pppds didn't allow me to rmmod it :-/ === jjohansen is now known as jj-afk [01:49] SpamapS: lp:~serge-hallyn/ubuntu/oneiric/lxc/lxc-0.7.4.2-cleanup-patches/ / http://people.canonical.com/~serge/lxc_0.7.4.2-0.3ubuntu3-pkg has been cleaned up, thanks to broder [01:54] SpamapS: when you get a chance, pls re-pull and, if it looks ok, push? [01:54] where exactly are the scripts that do the networking setup nowadays? (with upstart and such) [01:56] alamar: some is in /etc/network/if-up.d/upstart; some in /etc/init/network* [01:56] thank you [01:59] the reason I ask is I was wondering if ubuntu uses ifconfig/route or iproute2 for initial network setup on boot [01:59] alamar: by default it uses the old stuff (see "ifupdown" package). [02:00] alamar: you can easily use "manual" stanzas in interfaces(5) to use iproute2 instead, and there is a minority of people (inc. me) who do this. [02:00] alamar: also, NM will do whatever the hell it does. [02:01] if you let it :) the fiend [02:01] Step #1 is purge NM [02:06] alamar: here's a very complex iproute2-based interfaces(5) -- http://paste.debian.net/122735/ [02:32] after doing a fresh install, after grub, i just get a blinking cursor. i've tried a couple of times, with no luck. what am i doing wrong here? [02:34] StrangeCharm: IMO? Using grub [02:34] * twb is a grub hater. [02:35] imo? [02:35] grub's the default? [02:35] In My Opinion [02:36] For some reason Ubuntu and Debian use syslinux for CDs and USB keys and network installs, but still use grub for hard disks. IMO syslinux (as extlinux) should also be used for hard disks, because it is simple and deterministic and it Just Works. [02:37] (The argument against it is that some people have weird setups, like 2007-era EFI-only macbooks, and syslinux doesn't support those.) [03:10] hi all, anyone here has used orchestra before to deploy Ubuntu server? [03:20] Never heard of it. [03:22] twb: new bootstrap thingy in oneiric [03:22] twb: https://lists.ubuntu.com/archives/oneiric-changes/2011-May/001881.html [03:22] as in a replacement for debootstrap? [03:22] layers on top AIUI [03:23] replacement for kickstart perhaps [03:27] But kickstart is totally useless for debian, because preseeding is already there, better supported, and prettier [03:27] Er, s/debian/ubuntu/ [03:29] lifeless: orchestra looks more like FAI [04:10] Sheesh, source format 1.0 in a new ubuntu-driven project? Someone's a 3.0 hater. [04:12] lifeless: yeah, orchestra is definitely in the same category of thing as FAI [04:29] hmm, I wonder how long it'll take before btrfs gets a fsck that'll fix things. [04:37] hmm, I figured out what's happening with my slow boot... [04:37] It sits at a blank cursor before the message that says something about starting kernel. [05:32] I'm trying to get ubuntu-server on my macbook, that has a broken display. Is there a method to make a bootable CD that will fully automate installation and end with ssh enabled? [05:41] hi everyone [05:41] I am newbie of Ubuntu server [05:41] facing many problems using ubuntu as newbie [05:42] Tommy_nmw: what's the problem? [05:43] the only thing is my ubuntu server will be without internet [05:44] at work, due to office policy, I can use or download from internet only from Windows XP [05:44] I do not know what complete packages I could download manually from Windows XP for my ubuntu server [05:56] [ "$QUICK" ] && touch /var/run/ppp-quick [05:56] What the fucking fuck? How is that supposed to be per-connection when you have two PPPoA lines? [05:56] ifupdown and ppp are like sausages, don't look at how they're made :-/ [06:01] What I'm actually doing is replacing ifdown's totally useless ppp integration with an upstart job that calls "pppd call foo" for each PPPoA line, because APPARENTLY pppd, despite being told "persist", will simply exit if you leave the line unplugged for ten minutes, and never come back up. [06:01] >grrr< [06:01] Also, WTF is with ifupdown being written in noweb [06:05] twb: it was al the rage [06:06] It just reinforces that ifupdown needs to die [06:10] So it turns out that despite (AFAICT) being coded to do so, ifupdown is simply not passing "unit 0" to the pppd call (via pon), so it's only by complete accident that I've been getting correct pppN numbers by now. [06:11] (I would have used meaningful names for my ppp ifaces, except that pppd encodes iface names as ints, not strings :-/ ) [06:12] pppd is pretty old itself [06:15] okay, I decided to go with Ubuntu Server + zfs. [06:15] All I care about is that the FS works, and that it's not a royal pain to do anything like it is with openindiana. [06:17] lifeless: yeah, I could really do without ever having to touch ppp or radius ever [06:46] hi [06:57] hi [06:58] who could help in EVDO connection? === zz_ng_ is now known as ng_ [07:26] What is an EVDO? [07:27] It's a type of "3G" cellular data service. [07:27] Oh that stuff [07:28] Dunno, but I hear people do pppd with strange AT codes to make 3G go [07:29] Evolution-Data Optimized [07:30] http://en.wikipedia.org/wiki/Evolution-Data_Optimized === smb` is now known as smb === koolhead17|afk is now known as koolhead17 [09:27] New bug: #809753 in logwatch (main) "logwatch bug in postfix filter" [Undecided,New] https://launchpad.net/bugs/809753 === ng_ is now known as zz_ng_ [10:44] hi guys... how can I manually configure my wireless interface in ubuntu? === The-Comp1ler is now known as The-Compiler [12:03] buenos dias, amigos [12:30] my headless server died... removed hdd, trying to boot in vbox but I get nothing. where can I start with troubleshooting boot issues? [13:05] Ursinha: morgen === zz_ng_ is now known as ng_ [13:16] blargh, grub got hosed, strange === ng_ is now known as zz_ng_ [13:58] kirkland: around? [14:07] for an XMPP server, if you only have the server port open outside your firewall, no one on the outside can log on or create accounts, right? [14:19] ConstantineXVI: yes [14:19] joschi: good, thanks [14:19] ConstantineXVI: but usually you can also configure these permissions in most XMPP servers [14:19] ConstantineXVI: at least the registration part [14:22] joschi: want just anything inside the firewall (aws group, actually) to be able to register, but people on the outside still able to talk to the bot === zz_ng_ is now known as ng_ [15:34] jamespage: howdy === Andre_Go` is now known as Andre_Gondim === koolhead17 is now known as koolhead17| [16:22] utlemming_: btw... you didn't need to roll back to natty , i lots keyboard/mouse too. You just needed to delete /run/udev === twister004_ is now known as twister004 [16:29] jamespage: I thought I was added to ~ubuntu-server-iso-testing-dev but I'm not on the members list. Did you add me to a different project? === ng_ is now known as zz_ng_ [16:34] patrickmw: i'll check a bit later [16:35] jamespage: ack. I have a branch I want to propose [16:35] hmm - you should be able todo that without being a member === med_out is now known as medberry [16:45] hey everyone got a really quick hardware question for you. im rutting an Zotac ION N330 board and im trying to figure out if a mini ITX FF 150 psu will run that and a 2.5 hdd [16:46] 150W that is. [16:47] T3CHKOMMIE: is there something about that config that makes you think it won't work? [16:49] saw a review on the PSU some guy was complaining it wouldnt run his N330 [16:49] seems strange to me, i imagin a atom wont draw that much [16:51] looks like it won't work :( n330 needs like 90watts, and the 2.5" drive needs 10watts [16:51] 150 isnt enought? [16:51] for 100watts? [16:51] hopefully, unless it's a crappy 150watt psu :) [16:52] seems like its crappy.... i need an emergency replacement case and psu for a busted server. [16:52] can't believe that thing needs 90watts [16:52] looking to just get bye until payday. [16:52] my atom laptop uses 7watts, including the screen and 2.5" drive [16:52] mother board says its a 8w TPU [16:52] TDP* sorry [16:52] T3CHKOMMIE: I think you'd be fine [16:54] baggar11 ill bite the bullet and order it and hope it all works. might have a problem when doing 1080p but for now i think it will work? [17:11] <_ruben> my atoms have 90W psus iirc [17:13] mine only has a 40watt [17:17] !find libmono-remoting [17:18] Package/file libmono-remoting does not exist in natty [17:18] where is libmono-remoting? [17:18] System.Runtime.Remoting [17:18] ah, libmono-system-runtime2.0-cil [17:20] I'm trying to find out if apache 2.2.17 on ubuntu natty suffers from these vulnerabilities: http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2011-1928 and http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2011-0419 [17:20] fowlduck: The fnmatch implementation in apr_fnmatch.c in the Apache Portable Runtime (APR) library 1.4.3 and 1.4.4, and the Apache HTTP Server 2.2.18, allows remote attackers to cause a denial of service (infinite loop) via a URI that does not match unspecified types of wildcard patterns, as demonstrated by attacks against mod_autoindex in httpd when a /*/WEB-INF/ configuration pattern is used. NOTE: this issue exists because of an incorrect fix [17:20] fowlduck: Stack consumption vulnerability in the fnmatch implementation in apr_fnmatch.c in the Apache Portable Runtime (APR) library before 1.4.3 and the Apache HTTP Server before 2.2.18, and in fnmatch.c in libc in NetBSD 5.1, OpenBSD 4.8, FreeBSD, Apple Mac OS X 10.6, Oracle Solaris 10, and Android, allows context-dependent attackers to cause a denial of service (CPU and memory consumption) via *? sequences in the first argument, as demonstrat [17:20] I can't find anything on the bug tracker or in the ubuntu changelog, but I could just be crappy at searching launchpad [17:21] fowlduck: See http://people.canonical.com/~ubuntu-security/cve/2011/CVE-2011-0419 and http://people.canonical.com/~ubuntu-security/cve/2011/CVE-2011-1928 [17:21] Pici: Stack consumption vulnerability in the fnmatch implementation in apr_fnmatch.c in the Apache Portable Runtime (APR) library before 1.4.3 and the Apache HTTP Server before 2.2.18, and in fnmatch.c in libc in NetBSD 5.1, OpenBSD 4.8, FreeBSD, Apple Mac OS X 10.6, Oracle Solaris 10, and Android, allows context-dependent attackers to cause a denial of service (CPU and memory consumption) via *? sequences in the first argument, as demonstrated b [17:21] Pici: The fnmatch implementation in apr_fnmatch.c in the Apache Portable Runtime (APR) library 1.4.3 and 1.4.4, and the Apache HTTP Server 2.2.18, allows remote attackers to cause a denial of service (infinite loop) via a URI that does not match unspecified types of wildcard patterns, as demonstrated by attacks against mod_autoindex in httpd when a /*/WEB-INF/ configuration pattern is used. NOTE: this issue exists because of an incorrect fix for [17:21] uvirtbot: thats annoying. [17:21] Pici: Error: "thats" is not a valid command. [17:21] Theres a CVE search somewhere in Launchpad, but this tool is much nicer. [17:22] cool, thanks [17:28] smoser: ping [17:29] here [17:30] smoser: I take it we want to have new live-build scripts generate VMDK, OVF and tarballs correct? === utlemming_ is now known as utlemming [17:32] well, you can probably re-use the stuff [17:33] vmdk is generated from the partition image [17:33] but yeah [17:33] okay, I'll dig on that. thanks === zz_ng_ is now known as ng_ [17:57] New bug: #810044 in cloud-init (main) "cloud-init will have race conditions for cloud-config with multiple network adapters" [Undecided,New] https://launchpad.net/bugs/810044 [17:59] ubuntu server doesn't come with ntp installed, right? [17:59] is it standard to install the ntp package to sync the clock? [18:02] bencc: ntpdate is installed by default, but not ntp. And yes, I'd install it for properly maintaining time [18:03] utlemming, the goal really woudl be to just drop in a different "vmbuidler" command. and have everything else just work as is [18:03] Pici: ntp or openntpd ? [18:04] bencc: It looks like openntpd doesn't change the clock's rate, which I feel is one of the main features of ntp. [18:04] smoser: yup, that is my goal [18:04] Pici: ok. thanks [18:04] smoser: I want to make this as simple as I can [18:04] yeah. [18:05] we should be comparing the filesystem content output [18:05] between the two [18:05] we need to be aware of everything that is different, and understand why [18:06] I did a pass of that yesterday and am working out the differences now. [18:07] The biggest difference I've found is that the new images don't have grub2 files dropped to /boot/grub, so I'm going to get that fixed. [18:08] I also did a md5 comparision to try and spot configuration difference. I have to follow up by diff'ing them. === mcahornsirup_ is now known as mcahornsirup [18:33] SpamapS: lp:~serge-hallyn/ubuntu/oneiric/lxc/lxc-0.7.4.2-cleanup-patches/ / http://people.canonical.com/~serge/lxc_0.7.4.2-0.3ubuntu3-pkg has been cleaned up, thanks to broder [18:33] SpamapS: when you get a chance, could you pls re-pull and, if it looks ok, push? [18:35] serue_: sorry I've been wrapped up in a bunch of other things. I'll take a look soon. [18:53] SpamapS: np, thanks! [19:23] Daviey: . [19:26] soren, can you verify ? 810074 [19:27] s/verify/confirm/ [19:32] bug 810074 [19:32] Launchpad bug 810074 in firefox "firefox crashes with pentadactyl installed" [Undecided,New] https://launchpad.net/bugs/810074 [19:32] smoser: Uh.. [19:33] smoser: a) I don't know what Pendactyl is, b) I don't really use Firefox. [19:33] smoser: Is that really the bug you meant? If so, I wonder why you're asking me :) [19:33] pentadactyl is to vimperator what openstack is to eucalyptus (sort of)... a more open and usable fork. [19:34] i thought you were a vimperator user [19:45] how can I disable the cpu frequency scaling? [19:45] is that some bios thingie or some ubuntu server thingie? [19:53] smoser: I use Chrome, actually. [19:53] smoser: I occasionally miss vimperator, though. [19:53] soren, chrome schmome === guntbert_ is now known as guntbert === ng_ is now known as zz_ng_ === def is now known as Guest31308 === guntbert_ is now known as guntbert === erichammond1 is now known as erichammond === Jare_ is now known as Jare === mcahornsirup_ is now known as mcahornsirup [21:21] New bug: #810157 in nova "support '-' for writing to stdout in nova-manage environment/zip" [Undecided,In progress] https://launchpad.net/bugs/810157 [21:54] How can I figure out if I'm vulnerable to CVE-2011-1770? Is DCCP something that's enabled by default? [21:55] tkeith: Integer underflow in the dccp_parse_options function (net/dccp/options.c) in the Linux kernel before 2.6.33.14 allows remote attackers to cause a denial of service via a Datagram Congestion Control Protocol (DCCP) packet with an invalid feature options length, which triggers a buffer over-read. (http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-1770) [21:55] Ha, what a smart bot :) My question still stands though. === lullabud is now known as warzauwynn [23:02] tkeith, strip all dccp off packets on your network [23:02] or have your switch do it [23:03] patdk-lap: So, assuming everything outside the server is untrusted, it'd be vulnerable? [23:03] would say so [23:04] patdk-lap: Ok, thank you, that's what I needed to know === skrewler_ is now known as skrewler