/srv/irclogs.ubuntu.com/2011/12/23/#ubuntu-server.txt

yakster	heres the line //192.168.1.129/GoFlex\ Home\ Public/ /media/GoFlex cifs username=matthew,password=4546413,iocharset=utf8,file_mode=0777,dir_mode=0777 0 0 whats wrong with it	00:02
Smaug	hey all	00:04
Smaug	i am on ubuntu 8.04	00:04
Smaug	it has OpenSSH 4.7	00:04
Smaug	i want to use a newer version of OpenSSH. how bad/okay an idea would it be to use a package intended for a later version?	00:04
ikonia	very bad	00:04
Smaug	ikonia: ok	00:05
Smaug	how difficult is it to upgrade a server?	00:05
Smaug	the wiki makes it seem easy, a single command. surely there are things that can go wrong that i must be aware of?	00:06
ikonia	things can go wrong, like if you have external software sources enabled, or software outside the package manager, however the guides covers it well	00:06
ikonia	!upgrade	00:06
ubottu	For upgrading, see the instructions at https://help.ubuntu.com/community/UpgradeNotes - see also http://www.ubuntu.com/desktop/get-ubuntu/upgrade	00:06
ikonia	time to go	00:06
Smaug	i have to go, thanks for your help ikonia. one more thing. if i choose to upgrade, what process can I use to compile a list for myself of items to check to make sure that everything is running properly after an upgrade?	00:10
=== arosales is now known as antonio_afk
=== michael is now known as Guest77618
Guest77618	can some one remote desktop me and help me do this? https://help.ubuntu.com/community/PXEInstallMultiDistro	00:42
Smaug	if i choose to upgrade ubuntu, what thought process can I use to compile a list for myself of items to check to make sure that everything is running properly after an upgrade?	02:17
qman__	not sure what you're asking, either your software works or it doesn't	02:19
qman__	you would know best what needs to work	02:19
dork	Smaug: make a tarball of your /etc dir and maybe an output of dpkg -l &> installedpackages.txt	02:24
dork	or something	02:24
dork	though like qman said	02:24
dork	you typically know when stuff is broken	02:24
dork	the tarball of /etc and the package output is just to help mitigate downtime	02:25
qman__	yeah, backups are always a good idea	02:25
qman__	but my point is, it's your server, you should know what services you need running on it, check those	02:25
qman__	not much else to it	02:26
Smaug	qman__: yeah okay	02:30
Smaug	dork: qman__: thanks for the input	02:30
dork	np	02:30
twb	dork: if it's etckeeper just git clone the /etc repo to somewhere else :P	02:31
twb	dpkg --get-selections for the package list	02:31
dork	ah cool	02:32
Smaug	qman__: i know what's running, but how do I know if I really know what's running? /paranoia, my server is 3 yrs old, btw	02:32
qman__	well, if you don't know it's running, and you don't notice if it stops running, you must not need it that much	02:33
dork	Smaug: check your processes, check services that are set to auto start at default level	02:34
qman__	and in some cases it'd be better if it did stop running, one less attack vector	02:34
Smaug	dork: thanks, will do. qman__: a good point	02:34
patdk-lap	heh, easy solution	02:35
patdk-lap	turn it off	02:35
patdk-lap	of no one bitchs after a week, scrap :)	02:35
patdk-lap	really too soon though	02:36
patdk-lap	if it's an accounting system, it could go a few months without them knowing it's gone	02:36
patdk-lap	my accounting people are the worst	02:36
dork	it'll be that one user who still uses their 5gb samba share for storing their 128k limewire mp3s	02:36
patdk-lap	I still have to keep the 3 times legacy systems functioning, for when they need to access that old old old data	02:36
dork	had to do that with ISPBilling for a few years but put a stop to it by just not dealing with it	02:37
dork	that was a nightmare migration heh	02:38
patdk-lap	dunno about you	02:38
patdk-lap	but we have to keep records going back x years, for contracts, and goverment crap :(	02:38
dork	what industry	02:38
dork	ISP/Telco?	02:39
patdk-lap	goverment contractor	02:39
dork	ah	02:39
patdk-lap	neither	02:39
dork	yeah that didn't exist until recently in ISP land	02:39
dork	now you have to retain dhcp records for certain retention lengths	02:39
dork	that's new as of this year	02:39
patdk-lap	what country?	02:39
dork	US	02:39
dork	which is a huge pain in the ass, and absolutely useless to anyone except the government	02:40
patdk-lap	oh, that law only covers isp's	02:40
dork	yep	02:40
patdk-lap	probably why I do't know much about it :)	02:41
dork	you're better off	02:41
dork	best experience one could ask for in IT but at management level it can take years off your life	02:41
patdk-lap	oh, that is the childporn crap law	02:41
qman__	to top it off, it doesn't even do them any good, because an IP is not a person	02:41
patdk-lap	qman, so far :(	02:42
qman__	any lawyer worth his salt will shoot that down as evidence	02:42
patdk-lap	and any of our elected crap will make it a law somehow	02:42
dork	qman__: if your dhcp gets served up to the CPE equipment and not the customers router, it's easy to ID once they subpeana (sp) you	02:44
dork	even if it is bount to a customers router/whatever they terminate with it's not that hard	02:44
dork	macs don't change that often	02:44
dork	it's just a bitch harvesting that much dhcp data for that long	02:44
dork	so much nonsense for no reward for the carrier	02:44
patdk-lap	heh, that law only and specifically says to hold dhcp only info?	02:45
patdk-lap	how odd	02:45
dork	no there's more to it, and specific criteria	02:45
dork	i've been out of the ISP industry for 5 whole months now :P went into software dev	02:45
dork	that shit was getting enacted as soon as i was leaving	02:45
dork	yeah	02:48
dork	the protect our children act	02:48
patdk-lap	hmm	02:52
patdk-lap	it's strictly to isp bandwidth providers	02:52
patdk-lap	so guess webhosting and email is in the clear	02:53
patdk-lap	I remember them attempting to require ftp logs for years	02:53
patdk-lap	for the same purpose	02:53
dork	we've never had to do that	02:53
dork	s/we've/they	02:53
patdk-lap	no, it didn't become law	02:53
dork	oh attempting	02:54
dork	sorry	02:54
patdk-lap	I was worried, cause I was already doing 500gigs of ftp logs a day, compressed	02:54
patdk-lap	new logging method is nice, but also inaccurate, can compress them much much better	02:54
dork	yeah we just outputted syslog to remote traps for analyses and log-rolling	02:55
dork	for all services	02:56
dork	s/rolling/rotating/	02:56
patdk-lap	hmm, logs are 350gigs now a day, without any compression	02:59
patdk-lap	I should try turning the dup detection back on, but it's hightly cpu intensive	02:59
patdk-lap	maybe I should adjust the dup detection to after the fact, so it can just run once a day to dedup	02:59
=== bkerensa is now known as bkerensa\|AFK
pythonirc1011	we are looking to build a reliable email system with backup (at least as reliable as gmail). We want to run ubuntu-server. Any recommendations for hardware?	03:12
dork	i like dell personally	03:13
dork	or are you asking for hardware insight for your specific use	03:14
pythonirc1011	dork: I'm more interested in building the whole system? I want at least 3-way reliability, with 3 systems as fall back...one after the other...and mirroring	03:14
dork	what do you mean 3 way reliability	03:15
dork	like 5 9's of availability?	03:15
pythonirc1011	something like that	03:16
pythonirc1011	at least as good as what google's gmail system has	03:16
pythonirc1011	preferably better	03:16
dork	i like dell poweredge, specifically the R410's with xeon 5600 gulftowns	03:16
pythonirc1011	probably they run some form of linux on their email system	03:16
dork	haha	03:16
pythonirc1011	lets say i buy 3 of those...put them in 3 different locations...then how do i configure them so that one is a fallback compared to the other...and all 3 have up2date emails for all the users	03:17
dork	go google drbd/heartbeat/ldirectord/pacemaker	03:17
dork	might want to learn how to run LAMP stacks before you approach that though	03:18
dork	not assuming you don't already but it sounded like you might need to start a few steps earlier	03:18
pythonirc1011	dork: have you built an ha ever?	03:19
pythonirc1011	thanks for the pointers	03:22
qman__	FYI, google uses commodity hardware	03:22
qman__	their redundancy is done in software	03:22
twb	patdk-lap: are you still using FTP? If so, why?	03:23
* twb is an anti-FTP bigot		03:23
qman__	the only reason I ever used FTP is that I was unaware that better things existed	03:23
twb	pythonirc1011: HA is a huge PITA	03:24
twb	pythonirc1011: unless you're a national- or multinational-size company I advise you not to bother	03:24
pythonirc1011	twb: can i get a 2TB HA hard drive online to backup my emails for cheap?	03:25
twb	pythonirc1011: I don' know; I don't approve of offshoring data storage	03:25
twb	pythonirc1011: I suppose that's what amazon S2 is	03:25
pythonirc1011	twb: then what choice do i have ? I have moving anything online...but i cant build a HA email system...	03:26
twb	If you want DR for existing emails I advise you to buy half a dozen 2TB disks in external USB drives, and use them as rotatin backups, such that at least one is always offsite	03:26
* ball uses FTP at work every day.		03:26
qman__	many of the outfits I do work for use Windows SBS and the pop3 connector, they only get mail every 15 minutes	03:26
pythonirc1011	twb: We need something automated...manual wont do	03:26
twb	pythonirc1011: if you're on a stock business ADSL plan, your internet connection will go down more often than a normal, non-HA linux mailserver	03:27
qman__	yeah, you don't need high availability to satisfy the needs of the 99%	03:27
qman__	you just need an automated backup system	03:27
pythonirc1011	twb: I'm on 100GBit network. this is for a college.	03:28
qman__	which is not that hard to set up, get a couple boxes in different places on the net, and rsync	03:28
twb	If you absolutely must have automated backups, then I recommend using rsnapshot to push incremental backups to a remoet host	03:28
pythonirc1011	I want something where i have 3 machines...if one fails, i get an email--replace the machine...the other 2 are still working...	03:28
twb	pythonirc1011: college as in where the students sleep, college as in the one university campus, or college as in one entire university (multiple campuses)?	03:28
dork	HA is pretty simple	03:29
dork	btw	03:29
twb	How many users are we talking?	03:29
pythonirc1011	just one building -- where internet is fast	03:29
dork	not sure what twb's experience is but my HA stuff is flawless	03:29
pythonirc1011	connectivity is not an issue..and our speeds are awesome.	03:29
twb	dork: I've been having exciting fun with corosync and drbd lately, it's nontrivial	03:29
pythonirc1011	600 users	03:29
pythonirc1011	dork: what did you use to build ha?	03:29
qman__	that's way beyond the scope of anything there was at my college, we had 10MB mailboxes on a single sun server	03:30
qman__	not even worth using, I just had it forwarded	03:30
dork	pythonirc1011: heartbeat and ldirector for load balancing routing and balancing DBS and JBOSS app servers	03:30
dork	ldirectord	03:31
pythonirc1011	qman__: Exactly what we have now. Want to change	03:31
twb	dork: I'm probably smaller time than you	03:31
twb	dork: usually I am ~20 seats, a couple ~100	03:31
dork	twb: we're a 15 man shop and i'm the only sys engineer, software company though so very small footprint for me to manage	03:31
twb	Maybe you just are more tolerant of fugly bloated flaky code then ;-)	03:32
pythonirc1011	I'm not sure we should actually try ha -- if it misfires...we have too many people complaining... :)	03:32
twb	Yeah IME if you try to do HA you are more likely to make it worse than better unless you have some practice and are lucky	03:32
dork	twb: i inherited it, i will say that i would rather throw up a few monster xen dom0's and rely on their availability options than have to deal with software clustering	03:32
dork	but for routing it's sort of neutral	03:33
pythonirc1011	so, is there an easy way to build a reliable email system	03:33
twb	You can probably scale up to 600 users on a single grunty mailserver box with simple RAID1 (or 5, if you insist) array of 2TB disks	03:33
qman__	yeah	03:33
qman__	a standard mail server is very robust	03:33
pythonirc1011	twb: its not one machine thats the problem -- its just that we want robust	03:33
pythonirc1011	realible	03:34
twb	As soon as you have >1 box you need to deal with giving them a consistent backend and so you have a SAN plus two/three mailservers plus two load balancing servers in front of them	03:34
pythonirc1011	and at least 3 systems parallely running for fallback	03:34
qman__	just get good hardware and good backups, you can be back up from catastrophic failure in a few minutes	03:34
twb	The other thing we do which kinda sorta works is to have a second machine sitting there ready to go, with its disks synced from the active server nightly	03:34
twb	So in theory if the main host goes tits up even an idiot NOC monkey can just go power it down, move the cables to the backup and reboot the backup off its HDD instead of the "i'm a backup" usb key	03:35
pythonirc1011	all of this sounds like manual labor... I want something completely automated...which lets me sleep at night, when 2 machines die...and the power is down...	03:35
twb	pythonirc1011: I can't give you that	03:35
qman__	IME, not worth the effort setting it up in the first place	03:36
dork	pythonirc1011: if you want automated hire a sys admin	03:36
pythonirc1011	will exchange be better for this requirement? What do medium size companies use?	03:36
twb	That's like asking for to have sex with a unicorn, or for secure single sign-on	03:36
qman__	ten minutes of doing work when the stuff blows up is cheaper than weeks of developing and testing an automated system	03:36
twb	pythonirc1011: large companies use exchange or domino IME and they are both a fucking pain	03:36
twb	qman__: hear, hear	03:36
dork	pythonirc1011: you either need a sys admin or you need an exchange box and a cheap consultant for emergencies imo	03:37
qman__	exchange is enough of a nightmare on its own	03:37
qman__	I'm with twb on the backup server regularly rsynced ready to go	03:37
twb	I get the impression that apart from being plain stupid in some of its behaviour, exchange is one of Microsoft's more reliable products	03:37
qman__	swap cables and reboot	03:37
qman__	I've spent way too much time fixing broken exchange servers to agree with that	03:38
=== sixstringsg is now known as sixstringsg\|away
twb	pythonirc1011: if you like i can even sell you the failover machine as a solution :-)	03:38
twb	qman__: I'm only comparing it to other MS crap, not e.g. postfix	03:38
dork	i've never ran an exchange box, but i've known a lot of stupid people who have	03:39
qman__	though to be fair, I haven't done it on an enterprise level, where there's actually a dedicated box	03:39
dork	s/people/consultants/	03:39
pythonirc1011	so after 30 years - email is still an unsolved problem :)	03:39
dork	pythonirc1011: not for IT people	03:39
twb	I haven't had to deal with exchang, tho, only postfix/dovecot (good) and byari, scalix, sogo, zimbra (all fugly evil crap)	03:39
qman__	but the absurd licensing costs, plus the tens of thousands in hardware is just too much for any customer I've worked with	03:39
twb	pythonirc1011: the PROBLEM is users' sense of entitlement	03:39
dork	courier-imap and exim are decent too	03:39
twb	pythonirc1011: they should be GRATEFUL that their mail usually arrives the same day it was sent	03:40
dork	but yeah dovecot/postfix	03:40
pythonirc1011	twb: entitlement?	03:40
twb	dork: I'm not a fan of either but I concede exim has a non-negligible user base ;-)	03:40
qman__	exchange 2010 is supposed to run on a dedicated server with three raids, 11GB of RAM just for exchange, plus 100MB RAM per mailbox	03:40
twb	What I hate is seeing boxes set up as postfix/dovecot using cyrus' sasl because it was calld "sasl-bin" :-//	03:41
dork	wow	03:41
pythonirc1011	twb: With a 100GBit internet switch in the building, they better be grateful if the email arrives in a second...not a day? :)	03:41
twb	qman__: wow	03:41
pythonirc1011	qman__: wow! 100MB RAM / mailbox! wth?	03:41
qman__	those numbers straight from microsoft	03:41
pythonirc1011	I guess they are hoping -- all exchange users -- please pay $5/year to MS :)	03:41
qman__	it actually costs more than that	03:42
twb	pythonirc1011: no they are thinking "we have a captive market of MAPI users"	03:42
dork	i'm surprised they're not taking the google apps approach yet	03:42
twb	Because all the FOSS-flavoured mail systems have proprietary MAPI plugins	03:42
dork	or maybe they are? dunno	03:42
twb	dork: OWA	03:42
qman__	the only cost effective way to run exchange is with small business server where it's all included, and runs on one box	03:43
dork	ahh	03:43
twb	dork: it was actually pretty impressive when I saw it in 2003, looked exactly like outlook	03:43
qman__	but even then it's a mess	03:43
twb	qman__: does SBS have per-seat CALs?	03:43
qman__	yes	03:43
twb	They don't say something like "first five seats are free with the SBS" ?	03:44
dork	oh it's old eh	03:44
qman__	yeah, I think they include 10 these days	03:44
twb	OK	03:44
pythonirc1011	thanks for illuminating me with the pain of email systems :)	03:45
qman__	but yeah, the whole reason anyone uses it at all is outlook	03:45
qman__	and calendars	03:45
ball	qman__: Ten seats would probably cover us. Not going to invest in Windows Server though.	03:45
qman__	otherwise postfix / dovecot / roundcube would do the job	03:46
dork	alpine!	03:46
qman__	we still have some customers running nitix	03:46
qman__	and by how well it works I'm surprised they're not still around	03:47
qman__	must have priced themselves way out of proportion	03:47
twb	ball: the cost of licensing isn't the licenses, it's enforcement	03:48
twb	ball: like if you have 100 seats and 3 visio licenses and you shuffle the license to a different desk every few months, that hassle is where the cost is	03:48
twb	Not that, say, Skilled Engineering did that...	03:48
twb	qman__: I rolld out prayer instead of roundcube/squirrel (because I boycott PHP), and so far the users have been OK with it, for all it's simple	03:49
twb	qman__: the main thing is to set it to "cambridge" theme instead of "default", so it looks like it's from 2001 instead of 1996	03:49
qman__	heh	03:50
dork	never heard of prayer but it's the most annoying thing i've searched for in a while	03:50
twb	Oh and there's some weird problem with attachments when using ldap-backed apache reverse-proxy	03:50
twb	dork: apt-cache show prayer \| grep Homepad	03:50
twb	dork: apt-cache show prayer \| grep Homepage	03:51
phosphene	haha, ditto dork	03:52
dork	lol	03:52
phosphene	I think I just signed myself up for 10 prayer-a-day emails	03:52
dork	haha	03:52
twb	Kids these days...	03:53
ball	I find myself wondering whether Ubuntu Server would do the job. Admin costs might be steep though.	03:54
twb	ball: if you're going to babysit a box you need to understand it	03:54
twb	ball: that applies to all OSs	03:55
twb	ball: either learn, deploy something else, or hire a babysitter	03:55
qman__	windows always requires more work, it's just cheaper to hire people who know it	03:55
twb	Right	03:55
qman__	you can trust me on that one, I'm an MCSA	03:55
qman__	and I manage more exchange/AD environments than I know what to do with	03:56
dork	slacker	03:56
twb	A clueful sysadmin is expense, for either, but a clueful unix sysadmin can babysit 10 times the boxes a clueful windows sysadmin can	03:56
twb	It's just that a clueless MCSA is dirt cheap, highly available and can get it right just enough you won't sack him	03:57
qman__	yeah	03:57
qman__	a windows server is nearly a full time job	03:57
twb	I babysit some prisons	03:57
dork	Braindump	03:57
qman__	a well set unixy server barely requires yearly maintenance	03:57
dork	or whatever the site is called	03:57
twb	They used to run Windows on prisoner desktops	03:57
qman__	example above, the customers running nitix	03:57
dork	where people go in to memorize microsoft test questions	03:58
twb	They had a full time guy whose whole job was to take apart a prisoner desktop, search for contraband, then reflash it with windows	03:58
qman__	never have to do anything for them	03:58
twb	He only managed about 1.75 machines per day	03:58
qman__	windows servers though, I'm constantly on them fixing things	03:58
twb	qman__: yeah that's why I get called in to unfuck unix systems that are running FC3 or etch or whatever	03:58
twb	qman__: because they were deployed 10 years ago and worked ever since	03:59
ball	qman__: I have two jobs. For one I help babysit hundreds of Windows servers. For the other we have one little BSD box.	03:59
ball	The smaller site is a non-profit.	03:59
twb	ball: you use puppet or something for them?	04:00
qman__	the last time I had to do anything for a nitix using customer, they had saved like 30GB of junk on their desktop, so their computer was taking forever to log on	04:00
qman__	trying to sync 30GB over 10/100	04:00
twb	and pst files are pathological to rsync, and you can't tell outlook not to make any	04:02
ball	twb: What is "puppet"?	04:02
twb	configuration management	04:03
ball	Never heard of it.	04:03
twb	Have you heard of cfengine	04:03
ball	twb: No.	04:04
twb	Wow	04:04
twb	You babysit 100s of windows boxen and you haven't heard of configuration management. You poor bastard.	04:05
qman__	I only handle a few dozen, and they're all for different customers, in different environments	04:07
qman__	so such a system is impractical	04:07
qman__	but yeah, most of my job is fixing SBS when it breaks itself	04:07
qman__	pop3 connectors backing up, SQL databases growing enormous and choking	04:08
ball	twb: The admins use something to push out updates to the servers but I don't remember what it's called. Not something I mess with.	04:08
qman__	WSUS, what a mess that is when it breaks	04:08
ball	I think it's a third-party thing.	04:08
ball	Might begin with S.	04:08
twb	qman__: that rings a bell	04:09
qman__	I spent the better part of a week trying to fix (read: remove and reinstall) WSUS on a customer's server	04:09
qman__	it's just cryptic error after cryptic error	04:09
twb	Just stealth-deploy lucid	04:10
qman__	I got it working, but the reporting still doesn't work	04:10
qman__	and, straight from microsoft, only way to fix that is format and reinstall	04:10
ball	So I'd like to find a Linux that can serve up some file space (to a few Windows desktops) and perhaps support LTSP for a thin-client trial.	04:11
twb	quotmstr over on #emacs works for MS in their nomadic "find broken crap and fix it" team	04:11
twb	He has some awesome rants as he's wading through the code	04:12
ball	...if it can host email too, that's a win but if not then I may just pay Google US$ 50/user/year	04:12
qman__	LTSP is not so easy	04:12
qman__	but the rest of that is	04:12
qman__	samba, postfix	04:12
twb	Like instead of syslog everything emits binary log data that can only be turned into text by the app that generated the data	04:12
qman__	LTSP is one of those things best left on a box by itself solely for that purpose	04:12
qman__	because it's big and complicated	04:12
twb	Last time I looked at LTSP is was turnkey	04:12
twb	Provided you let it take control of the network, that is	04:12
qman__	it is	04:12
qman__	but only in its own context	04:13
twb	Like if you have your own DHCP server already then you need to deal with that	04:13
qman__	making that box do more things or changing it to suit your needs is not so easy	04:13
qman__	doable, just takes some effort	04:13
twb	eh; I rolled my own solution before LTSP existed, back when knoppix was the only live CD	04:13
twb	And I've been working on that ever since, so LTSP looks straightforwad to me :-)	04:13
twb	My stuff has way more rice, tho	04:14
qman__	still going to recommend you do it with two servers though	04:15
qman__	one for LTSP, one for the mail and file shares	04:15
qman__	just keeps things simpler, and helps performance wise	04:16
ball	twb: I'd let it control the network that the terminals live on.	04:16
ball	...but not the one that's connected to the Internet	04:16
twb	Fair enough	04:16
twb	LTSP5+ you can just tell it to boot off network and run locally, as opposed to netbooting an XDMCP client	04:17
twb	In that case you don't need a beefy ltsp server, it's basically just a NAS	04:17
qman__	nice	04:17
qman__	I haven't used it that new	04:17
twb	That's how we do it in prisons (only not LTSP)	04:17
twb	The nearest windows equivalent requires you to have disk for each desktop stored on the SMB server	04:18
twb	So for example if you have a 2GB rootfs image you would need 2GB × no desktops on the server	04:18
qman__	we've got one customer that uses microsoft terminal services	04:18
qman__	five users	04:18
twb	TS is thin client, that's different	04:18
qman__	and it works pretty well except for the licensing mess	04:19
twb	I meant the boot-and-forget approach	04:19
qman__	they can't install their version of office because that's not licensed for it	04:19
qman__	yeah	04:19
twb	We have a TS server here just to run bloody quickbooks	04:19
twb	stupid ato	04:19
twb	The amount of hassle I had getting vmware server 1.x VMs for TS2k3, XP and 98 ports over to a modern system...	04:20
qman__	quickbooks is another racket, they want you to upgrade every year for software that really doesn't improve at all	04:21
qman__	my dad still uses quickbooks 99, because it does everything that's needed	04:21
twb	That's because the lawyer mill changes the laws every year	04:21
qman__	runs in windows 7 64-bit, too	04:22
twb	I would LIKE to use thingo instead, the gtk on, but apparently that "won't work with the ATO"	04:22
ball	What software could I use to manage Samba and Postfix?	04:22
twb	ball: vi	04:22
* ball chuckles		04:22
qman__	yeah, I don't know what you mean by manage	04:22
qman__	configure and forget	04:22
ball	qman__: Well I configured our existing Samba instance with some help and because it's been "hands off" for years I wasn't able to replicate the configuration on another server when I tried.	04:23
ball	...I have a book on Samba but it's about three inches thick and probably quite out of date.	04:23
qman__	copy and paste smb.conf	04:23
twb	yeah exactly	04:24
twb	smb.conf isn't exactly rocket science	04:24
qman__	only time it gets even a little bit complicated is with authentication	04:24
twb	fucking machine accounts	04:24
qman__	but that's more on your LDAP/NT server	04:24
ball	It may have just been down to the underlying OS then.	04:25
twb	As if I'm giving smbldaptools rootbindpw to ldap	04:25
ball	I could try again with a Linux box.	04:25
twb	haha, you were running samba on QNX?	04:25
ball	NetBSD	04:25
qman__	well, there's your problem	04:25
twb	heh	04:25
qman__	netBSD isn't meant to be used by people	04:25
* ball nods		04:26
twb	qman__: come on, just because you live in your mom's basement and strain soup through your beard doesn't mean you aren't a person	04:26
ball	It used to be pretty solid.	04:26
qman__	not that there's anything wrong with it in terms of performing a service	04:26
twb	BSD can FOAD, I'm not prefixing everything with /usr/gnu/bin to get useful userland tools	04:26
qman__	it's just so far down the minimalism line, it's nearly impossible to use	04:27
qman__	you have to be the type who knows the system like the back of your hand to do anything with it	04:27
ball	I've lived in NetBSD for so many years that I'm fairly comfortable with it.	04:27
ball	...but I don't have the time or energy to learn Samba and Postfix to the same extent.	04:28
twb	postfix is way easier than samba	04:28
twb	postfix you would have to bite of your own hands to have trouble with	04:28
ball	...and I honestly think NetBSD is why Samba didn't work last time I tried it.	04:28
ball	brb	04:28
twb	I'm bored, just not quite bored enough to work on this stupid fw	04:29
twb	too hot to cycle home	04:34
qman__	yeah, postfix is pretty simple even without a nice preconfigured package	04:35
qman__	I've set it up on freeBSD and sun from source before	04:35
ball	I set up a mail server experimentally once... just the once.	04:51
ball	It worked.	04:51
twb	Except it was an open relay	04:53
ball	twb: No, it wasn't.	04:53
ball	Well, I should probably sleep on it and phone the boss in the morning if he's around.	05:00
Tm_T	morning	05:49
uvirtbot	New bug: #908038 in postfix (main) "package postfix 2.7.0-1ubuntu0.2 failed to install/upgrade: subprocess installed post-installation script returned error exit status 1" [Undecided,New] https://launchpad.net/bugs/908038	07:45
zastaph	if I want to install ubuntu for kvm, should I install 10.04 LTS as Normal or minimal system (for virtual machine) ?	13:06
uvirtbot	New bug: #908112 in ipmitool (universe) "#110992 still happens (modules are not loaded)" [Undecided,New] https://launchpad.net/bugs/908112	13:11
_ruben	zastaph: depends on your goal(s)	13:17
zastaph	to virtualize 3 ubuntu servers on a hp microserver	13:17
_ruben	the vm part doesn't really matter here	13:17
uvirtbot	New bug: #908114 in samba (main) "upgrading from 11.04 to 11.10" [Undecided,New] https://launchpad.net/bugs/908114	13:20
zastaph	what matters	13:28
=== Lcawte\|Away is now known as Lcawte
=== scubes13 is now known as BEZ\|Kevin
=== mendel__ is now known as mendel_
overrider	So strange - i want to setup pptpd, and have remotetip 192.168.30.1-100 as a line in my pptpd.conf. Trouble is, when i connect to that pptpd server, it gives me an ip of 192.168.1.1 instead of 30.1 . Any clues?	15:27
=== sixstringsg\|away is now known as sixstringsg
uvirtbot	New bug: #908154 in php5 (main) "PHP session garbage collection measured in minutes instead of seconds" [Undecided,New] https://launchpad.net/bugs/908154	15:41
=== sixstrin- is now known as sixstringsg
=== Lcawte is now known as Lcawte\|Away
gondoi	anyone here have experience with creating a repo for their own custom packages?	18:42
gondoi	aka not wanting to mirror, create a new unique repo	18:43
adam_g	gondoi: yeah, use reprepro	18:44
gondoi	not apt-ftparchive?	18:45
adam_g	gondoi: i think reprepro uses apt-ftparchive to update the repository.	18:47
adam_g	theres a number of good howtos on reprepro out there. i was working on a juju charm that deploys reprepo + buildd to the cloud for a personal, private PPA + builder. maybe ill get it working over the holiday	18:48
gondoi	adam_g: i'll dig into that then	18:48
gondoi	thanks	18:48
sweb	is there any solution for bind file creator ?	18:53
StevenR	sweb: what do you want to do? Write named.conf file?	19:07
sweb	StevenR: yeah i'm newbie on bind and dns. any standrad script can help me. is there any one /	19:07
sweb	?	19:07
StevenR	sweb: I would just start with the basics and there's some good examples online. It's pretty well documented	19:08
sweb	StevenR: where ? on ubuntu wiki ?	19:08
StevenR	possibly. google knows more. I'm afraid I don't have any examples	19:09
dork	sweb: you should really be creating them by hand so you understand the structure of a zone and config file, bind comes with tools that allows you to check the sanity of you config and zone files so you can start out with a skeleton, make your records, run named-checkzone domain.tld zone.file and it'll tell you if it's syntaxually 'good' or not	19:20
dork	'newbies' shouldn't be running name servers	19:20
sweb	dork:ty, i want to starnt learning	19:21
sweb	start*	19:21
dork	cool	19:21
dork	it's pretty easy	19:21
sweb	dork, syntax of db file is so different	19:21
dork	just focus on basic named.conf and a basic zone file, start with one domain, learn how serials and ttl's work, start with basic records like A and C-NAMEs	19:22
dork	sweb: the records are pretty simple, the metadata, the other stuff is a little more complicated but there's plenty of well written documentation	19:22
sweb	dork: i see somthing about security. it's interest bind have a security sides	19:22
dork	yes of course	19:23
dork	DNS is easily exploitable because of newbies running dns servers with bad configurations	19:23
sweb	dork: it better to use public domain name service like opendns ? for security ?	19:24
dork	if you are unwilling to learn bind and dns then yes, you and everyone else will benefit from it	19:26
sweb	i'm expert on PHP and Zend Framework. I'm nerd but time is a major problem :(	19:27
dork	if you can read the horse dung that is called PHP you can read and interpret a zone file	19:28
dork	:P	19:29
=== Resistance is now known as EvilResistance
xubuntu	hey	21:42
zastaph	where is authorized_keys stored when installing openSSH during the software selection screen during ubuntu install? if I manually install openSSH after then its in ~/.ssh	21:43
xubuntu	no idea i wish i could help	21:44
xubuntu	are you good with ssh?	21:44
xubuntu	i need some help	21:44
RoyK	zastaph: there isn't an authorized_keys file by default	21:44
xubuntu	has to be created?	21:44
RoyK	zastaph: create it under $HOME/.ssh	21:44
zastaph	ok, but where should I put it? I put it in my ownmade ~/.ssh like i usually do but putty wont connect	21:44
RoyK	zastaph: you may want to chmod -R go-rwx $HOME/.ssh	21:45
xubuntu	you could just re install ssh now	21:45
RoyK	xubuntu: ??	21:45
* RoyK installs win95 on xubuntu's machine		21:45
xubuntu	lol	21:45
xubuntu	thanks?	21:45
zastaph	RoyK, that rings a bell.. i think I saved the solution for that ;)	21:45
xubuntu	but i want windows ME	21:45
* RoyK slaps xubuntu around		21:46
xubuntu	sudo apt-get purge ssh and then re install it sudo apt-get install ssh idk if that helps you at all	21:46
RoyK	xubuntu: stop it	21:46
xubuntu	what am i doing?	21:46
RoyK	xubuntu: reinstalling stuff isn't a good idea unless you're a true windoze idiot and beleives restarting your car may fix the engine	21:46
xubuntu	ooh haha i guess i'm a noob lol i'm sorry thanks for the heads up	21:47
zastaph	ah yes here is the solution http://www.openssh.org/faq.html#3.14	21:47
RoyK	you don't just reinstall a package - you fix the problem. in quite a few cases, reinstalling the package won't help at all	21:47
xubuntu	makes sense	21:48
RoyK	zastaph: in the faq ;)	21:48
xubuntu	RoyK i have a question about tunneling and SSH	21:48
RoyK	!ask	21:48
ubottu	Please don't ask to ask a question, simply ask the question (all on ONE line and in the channel, so that others can read and follow it easily). If anyone knows the answer they will most likely reply. :-) See also !patience	21:48
xubuntu	!ask how do i tunnel port 563 with putty it doesn't seem to work when i set source port to 563 still seems to use port 563 from my local machine not my ssh server thanks for any help	21:49
ubottu	xubuntu: I am only a bot, please don't think I'm intelligent :)	21:49
EvilResistance	xubuntu: dont use !ask to ask the question	21:50
RoyK	xubuntu: that seems to be a putty question to me, and last I checked, putty doesn't run on linux :P	21:51
EvilResistance	RoyK: actually...	21:51
EvilResistance	it does... :P	21:51
EvilResistance	but its designed to run from Windows	21:51
* RoyK was waiting for that		21:51
RoyK	EvilResistance: STILL! most people DON'T use putty on linux	21:51
xubuntu	true!	21:51
EvilResistance	RoyK: not disputing that ;P	21:51
RoyK	for good reason....	21:52
xubuntu	lol	21:52
xubuntu	i can see why now	21:52
xubuntu	anyone know i could tunnel that port 563 to my ssh server?	21:52
RoyK	what do you meant tunnel to your ssh server?	21:53
EvilResistance	define "tunnel that port" to your ssh server	21:53
EvilResistance	you mean have 563 direct itself to your SSH server as an SSH listening port?	21:53
EvilResistance	if so, are you on a NAT?	21:53
EvilResistance	;P	21:53
* RoyK wonders if xubuntu knows at all		21:54
xubuntu	yes i think that's what i mean i'm a newb and no NAT	21:54
xubuntu	well I guess I do have a NAT	21:54
xubuntu	sorry	21:54
EvilResistance	xubuntu: are you behind a router on a home network or something?	21:57
EvilResistance	RoyK: that's how you find out ^	21:57
xubuntu	yes I am on a home router but I am only trying to do it from comp to comp on my home network just to test it out	21:57
RoyK	EvilResistance: sometimes I'm not really in the mood of digging that deep to try to find out what people are asking for, before even trying to answer their questions	22:02
EvilResistance	:P	22:04
EvilResistance	xubuntu: you'd need to modify the sshd_config file	22:04
EvilResistance	and add a listener on port 563	22:04
EvilResistance	RoyK: 'tis a habit i picked up as a server technician ;P	22:05
xubuntu	i wouldn't add the listener via putty?	22:06
EvilResistance	xubuntu: you'll need to open /etc/ssh/sshd_config via sudo on the ssh server machine, and either change 'listen 22' to 'listen 563', or add a listen line after 'listen 22' saying 'listen 563'	22:06
EvilResistance	no, PuTTY is just the client, not the server	22:06
EvilResistance	you have to tell the SSH server to listen on the given port	22:06
EvilResistance	if you want to forward 563 to port 22 within that box, it can be done, but its not something i recommend	22:07
EvilResistance	esp. if its only within your internal network	22:07
xubuntu	ahh i see i'm not trying to change 22 to 563 i'm trying to have my usenet on the comp i'm on now use the proxy of my ssh via port 563 if that makes any sense?	22:07
RoyK	EvilResistance: I know the habit, but I have found the off switch	22:14
EvilResistance	xubuntu: now i dont follow you	22:16
EvilResistance	perhaps RoyK will	22:16
RoyK	xubuntu: I don't think it makes much sense, no :P	22:18
RoyK	xubuntu: please explain exactly what you're trying to do	22:19
xubuntu	ok this is hard to explain since i'm a newb i have sabnzbd+ installed on my computer i want to be able to have it used my ssh server as a proxy via ssl port 563	22:23
SpamapS	xubuntu: what is sabnzbd+ ?	22:24
xubuntu	usenet program	22:24
SpamapS	xubuntu: so you want to tunnel NNTP via SSH so that it looks like you are connecting via the remote server's address?	22:26
xubuntu	exactly!	22:27
xubuntu	i knew there was a better way to explain it then what i was saying, thanks	22:27
xubuntu	is it even possible?	22:28
RoyK	so something like ssh -L 10563:nntphost:536 localhost	22:32
xubuntu	10563?	22:32
kschap	Is there a distro that'll run on a 32-bit computer?	22:32
RoyK	that'll make ssh listen to 10563/tcp and connect to nntphost port 536	22:33
RoyK	kschap: yeah, things like ubuntu runs on 32bit machines too ;)	22:33
kschap	Server RoyK?	22:33
RoyK	xubuntu: just avoiding port 536 since it's <1024 and ports <1024 are reserved for root	22:33
RoyK	kschap: yes	22:33
EvilResistance	kschap: you can download 32bit server if you want	22:33
EvilResistance	i think it exists....	22:33
EvilResistance	checks	22:34
kschap	Really?	22:34
RoyK	it certainly does	22:34
kschap	Did not know that.	22:34
* RoyK has several 32bit servers around		22:34
EvilResistance	yep its available	22:34
kschap	It's on the main Ubuntu website?	22:34
EvilResistance	kschap: yes	22:34
EvilResistance	kschap:	22:34
EvilResistance	http://www.ubuntu.com/download/server/download	22:34
EvilResistance	whoops forgot that link ;P	22:34
kschap	Cool thanks!	22:34
xubuntu	oooh maybe that is why it is not working i can't use 563 since it's reserved for root thanks! i'll try that	22:34
EvilResistance	kschap: just choose "32-bit" when you choose the architecture	22:34
kschap	OK	22:34
kschap	Thanks!	22:34
* RoyK just setup a pandaboard with ubuntu :D		22:35
xubuntu	and what does nntphost do?	22:35
RoyK	xubuntu: that's your nntp server	22:35
* pmatulis got a pandaboard but neglected to get a power supply for it		22:35
RoyK	pmatulis: any 5V thing will do	22:35
RoyK	or most	22:35
xubuntu	RoyK thank you	22:35
pmatulis	RoyK: yeah, i don't like taking chances with voltage, ordered a proper p/s	22:36
RoyK	xubuntu: man ssh and read about the flags -n -f and -N...	22:36
RoyK	pmatulis: 5V is 5V :þ	22:36
RoyK	xubuntu: I've added -o ExitOnForwardFailure yes -o ServerAliveInterval 5 -o ServerAliveCountMax 3 to my tunnels	22:37
RoyK	pmatulis: normal pandaboad or ES?	22:38
xubuntu	thanks again! will definitely try it out	22:38
RoyK	pmatulis: btw, most of those SD cards are SLOOOOOW	22:38
Kumar	Hi every one	22:39
Kumar	i need some help	22:39
RoyK	running off a sandisk 32GB card here that's supposed to give me 20MB/s, but can't get >10MB/s, which is rather on the low side....	22:39
RoyK	!ask	22:40
ubottu	Please don't ask to ask a question, simply ask the question (all on ONE line and in the channel, so that others can read and follow it easily). If anyone knows the answer they will most likely reply. :-) See also !patience	22:40
Kumar	I am had installed Ubuntu Server 11.10. I wanted to know if there is a way to install the GUI	22:40
RoyK	kschap: apt-get install ubuntu-desktop	22:40
kschap	What's that?	22:41
RoyK	erj	22:41
RoyK	erm...	22:41
RoyK	Kumar: apt-get install ubuntu-desktop	22:41
RoyK	kschap: never mind :P	22:41
Kumar	Thank q so much	22:41
kschap	Oh OK.	22:41
Kumar	:-)	22:41
xubuntu	RoyK is nntphost:563 a command for ssh?	23:04
_Neytiri_	I am having a issue with my system, my old install of 10.4 crashed on me and when i reinstalled i my raid array didnt come back online, i copied the fstab file and rebooted and still no luck, all my drives came back but my raided drives, it was a software raid consisting of 2 phisical 2 tb disks, 3 drives created off of them 1 4gb driv (raid 0) and 2 998 gig drives (raid 1). Under the	23:09
_Neytiri_	Disk utility (yes i installed a gui) i try to start the raid and get the error: not enough componunts to start the raid array	23:09
wmp	hello, how to disable this logs: TCP: Peer 62.20.205.29:55814/51753 unexpectedly shrunk window 429997799:429999424 (repaired)	23:19
yann2	hello! I know there has been quite an issue with sun's java lately - but I'm getting it as proposed for removal on my ubuntu 10.10 servers? Is that normal?	23:22
arrrghhh	hello. has anyone setup a PXE provisioning server before? it seems this is possible, i'd like to be able to send linux and windows images over the network.	23:24
arrrghhh	i've done linux images over PXE before, but i'm struggling sending windows images. i found a few guides, but i quickly get lost. anyone done this before?	23:24
EvilResistance	arrrghhh: ##windows might be more useful for your windows needs	23:26
EvilResistance	or ##windows-server	23:26
arrrghhh	EvilResistance, well the problem is i want the provisioning server to be linux...	23:27
EvilResistance	ah	23:27
EvilResistance	nevermind then :P	23:27
arrrghhh	i already have a linux server, so this should be simple.	23:27
arrrghhh	https://help.ubuntu.com/community/PXEInstallMultiDistro	23:28
arrrghhh	that seems freakin awesome	23:29
arrrghhh	i just don't know how to fit win7 or even xp into that...	23:29
Lcawte	Hi, I've finally got into my server install, but I have to go through another disks grub... I have to go into commadn line and set the configfile to the server disk, any reason why its not working from the server disk?	23:36
Lcawte	And how I can fix it?	23:36
arrrghhh	so GRUB is on the wrong hdd...?	23:36
arrrghhh	is that the problem?	23:37
Lcawte	no... I have a copy on both hard drives (with different config files), but only one of them will load after post, disk a (a desktop) requires me to go into command line and reset configfile to get into disk b's grub. Disk b doesn't let me into its own grub when I boot up...	23:38
arrrghhh	why not just set your BIOS to boot from disk b instead of disk a?	23:39
Lcawte	I do, but it won't let me boot into disk b's grub even when I do that	23:40
arrrghhh	i'm confused...	23:41
arrrghhh	disk b is where server is installed	23:41
Lcawte	yes	23:41
arrrghhh	but disk b's grub is completely not functional?	23:41
Lcawte	I can not boot into the grub on disk b, unless I have disk a set in bios at the bootable device and I boot through its command line	23:42
arrrghhh	so grub works on disk b, assuming you don't boot from disk b	23:42
arrrghhh	that makes no sense	23:42
arrrghhh	have you tried re-installing grub on disk b?	23:42
arrrghhh	you'll have to do it from a live environment, or when booted into disk a.	23:42
Lcawte	hmm, ok, I'll try that	23:43
Lcawte	"/usr/sbin/grub-setup: warn: Sector 32 is already in use by FlexNet; avoiding it. This software may cause boot or other problems in future. Please ask its author not to store data in the boot track."	23:44
Lcawte	Hmm, what the?	23:44
arrrghhh	never heard of that before	23:44
arrrghhh	FlexNet...?	23:44
Lcawte	Yeah, me neither	23:45
arrrghhh	http://askubuntu.com/questions/31289/dual-booting-on-separate-hard-drives	23:47
Lcawte	Yeah, I just found that... so, I read something about if grub wasn't there, it'd boot to the partition makrked as "boot" partition	23:51
zastaph	is the CAP_NET_ADMIN capability still required to do KVM in Ubuntu lucid? https://help.ubuntu.com/community/KVM/Networking	23:53

Generated by irclog2html.py 2.7 by Marius Gedminas - find it at mg.pov.lt!