[02:17] <JohnA> Does anybody have a recommendation as to a DMS? Most docs would be scanned document images. we want to move a large collection of client records online and provide some sort of search capability. Linux based a must. Webdav compatibility/capability would be desirable. Remote access also a must.
=== leo-nel is now known as leonel
[04:20] <uvirtbot> New bug: #986011 in clamav (main) "Package amavisd-new" [Undecided,New] https://launchpad.net/bugs/986011
=== jtv1 is now known as jtv
[06:24] <dog545> does anyone know any good weather terminal apps?
[06:26] <dog545> I am new to using irc, is there a rule i missed?
[06:31] <dog545> is anyone around?
[07:15] <uvirtbot> New bug: #986034 in samba (main) "package winbind 2:3.6.3-2ubuntu2 failed to install/upgrade: subprocess installed post-installation script returned error exit status 1" [Undecided,New] https://launchpad.net/bugs/986034
[07:16] <blendedbychris> http://pastie.textmate.org/private/wl6gh6on5zz00n9b4hhkq
[07:16] <blendedbychris> what's that mean?
[07:16] <blendedbychris> trying to create a csr
[07:19] <blendedbychris> :(
=== almaisan-away is now known as al-maisan
[08:28] <linocisco> hi all
[08:28] <linocisco> anyone here?
[08:28] <linocisco> anyone from germany?
=== al-maisan is now known as almaisan-away
[08:31] <linocisco> what divided east and west germany? how to call that poland area?
[08:33] <_ruben> go do your homework yourself
[08:43] <twb> Pretty sure a wall divided the
[08:43] <twb> Pretty sure a wall divided them
[08:44] <koolhead17> twb, :P
[08:44] <twb> blendedbychris: IME gnutls program is MUCH easier to use than openssl's
[08:46] <blendedbychris> meh i dont know what it was but it works now
[08:52] <twb> blendedbychris: it has args like this: certtool --generate-privkey --outfile /etc/ssl/private/fred.pem
[08:52] <twb> blendedbychris: whereas in ssl that is some bullshit like ssl rsa gen > foo.pem; <plus something to remove the private key>
[08:53] <blendedbychris> wait what?
[08:53] <blendedbychris> remove the private key?
[08:53] <blendedbychris> an pem should have a private key included
[08:53] <twb> Sorry
[08:54] <twb> remove the passphrase
[08:54] <twb> I'm a bit drunk
[08:54] <blendedbychris> you don't have to remove the passphrase?
[08:54] <twb> certtool doesn't add a passphrase unless you tell it to
[08:54] <blendedbychris> neither does openssl...
[08:54] <twb> Well none of the docs I could find seemed to know that
[08:55] <twb> certtool was straightforward and obvious for the four or five typical workflows that I actually care about
[08:55] <twb> And they were spelled out at length in info
[08:55] <blendedbychris> openssl genrsa -out /etc/csync2_ssl_key.pem 2048 just craps out a key afaik
[08:56] <blendedbychris> should be called .key
[08:56] <twb> if you say so
[08:56] <blendedbychris> (just ran it
[08:56] <twb> The extension is irrelevant
[08:56] <blendedbychris> well ya…
[08:56] <blendedbychris> when i see pem i always think a key  + a public but i'm probably mistaken
[08:57] <blendedbychris> if you do genrsa des -out … it will try to encrpyt it with a passphrase
[08:57] <blendedbychris> -des rather
[08:58] <twb> pem is just the format
[08:58] <twb> like uuencode or base 64
[08:58] <blendedbychris> hrm
[09:00] <twb> gpg --export --armour fred@example.net is also PEM format afaik
[09:00] <blendedbychris> i always see folk doing -des3 -out … and then rerunning it through the thing to remove the passphrase
[09:00] <twb> Yeah it is stupid cargo-cult shit
[09:00] <twb> But you look at the list of subcommands and it's a bit overwhelming because there's no ordering
[09:01] <twb> http://paste.debian.net/163925/
[09:03] <twb> But whatever, I've made my salespitch
[09:04] <blendedbychris> heh i actually don't understand enough about the crap to consider your option viable… i just fumble my way through
[09:04] <blendedbychris> and forget it about every 365 days
[09:04] <twb> I strongly recommend reading the gnutls info page
[09:06] <twb> http://paste.debian.net/163926/ also here are my notes on SSL/x509 theory
[09:06] <twb> "info gnutls | less" if you don't like the default info reader
[09:09] <twb> I should probably rewrite those notes, since I understand x509 a little better now
[09:19] <andrewhiggs> Hello everyone.
[09:20] <nibalizer> hello
[09:21] <uvirtbot> New bug: #986085 in mysql-5.1 (main) "package mysql-server-5.1 5.1.61-0ubuntu0.11.04.1 failed to install/upgrade: subprocess installed post-installation script returned error exit status 100" [Undecided,New] https://launchpad.net/bugs/986085
[09:23] <andrewhiggs> Anyone here using tomcat?
[09:27] <twb> !anyone
[09:27] <ubottu> A high percentage of the first questions asked in this channel start with "Does anyone/anybody..." Why not ask your next question (the real one) and find out? See also !details, !gq, and !poll.
[09:30] <andrewhiggs> My apologies.
[09:32] <twb> No problem
[09:34] <andrewhiggs> I am struggling to get tomcat (6.0.35) to work well on an Ubuntu Server currently testing on 12.04 but got same result on 11.04 and 11.10). The same application is running on a hosted solution with much better performance. I notice that the CPU does not appear to be being used (top shows %us to range between 5 and 15%) as much as the hosted solution (top show %us to be between 80 and 90%). How do I go about trouble shooting why the cpu is not being us
[09:36] <twb> NFI, sorry
[09:37] <andrewhiggs> Thanks twb ;)
[10:36] <andrewhiggs> How can I get Ubuntu to allow certain processes to use more resources than others? In this case I need tomcat and its database connections to be allowed more processing power.
[10:38] <Jeeves_> man nice
[10:39] <Jeeves_> But that's really just prioritizing
[10:40] <andrewhiggs> Thanks Jeeves_. I tried that but the %us still does not go above 15%. It usually hovers around 10%.
[10:41] <patdk-lap> andrewhiggs, and you have idle% >0?
[10:42] <andrewhiggs> Yip. That is normally around 80 - 90%.
[10:42] <patdk-lap> then the program is to blame
[10:42] <patdk-lap> it's has the option of using more, but isn't
[10:42] <patdk-lap> or you have more than one cpu, and it's single threaded
[10:42] <andrewhiggs> But the program run properly on another system?
[10:47] <andrewhiggs> If I have a processor with two cores and one is being used by the tomcat process almost fully would top show %us as 50%?
[10:51] <patdk-lap> yep
[10:51] <patdk-lap> assuming two cores and no hyperthreading
[10:52] <andrewhiggs> I have not done anything with hyperthreading. Would this be something likely to be set by default?
[10:52] <patdk-lap> depends on if your cpu support it, but normally enabled if it does
[10:52] <patdk-lap> just cat /proc/cpuinfo to see how many cpu's it sees
[10:53] <patdk-lap> processor: xx
[10:53] <andrewhiggs> It does see both. Both are running at 2.4Ghz.
[10:54] <Jeeves_> andrewhiggs: You can press '1' in top to see all cpus individually
[10:54] <Jeeves_> Also, look at iowaiy
[10:54] <Jeeves_> iowait
[10:54] <Jeeves_> if that's high
[10:54] <Jeeves_> Your processes are just waiting for your disks
[10:55] <andrewhiggs> %wa is usually quite low. I have only seen it spike once or twice.
[10:55] <andrewhiggs> top
[10:55] <andrewhiggs> Sorry. :-)
[10:57] <andrewhiggs> If I press 1 as suggested I see that both processors seem to be being used roughly half half.
[10:58] <andrewhiggs> Cpu0 is usually just a few percentage points above cpu1. Which I would think is normal.
[11:02] <_ruben> perhaps it just doesn't have any more work to do :)
[11:03] <andrewhiggs> But the tomcat application runs very slowly. The %us on another server is 80 - 90%. :-)
[11:05] <patdk-lap> nothing is worse than locking issues
[11:56] <andrewhiggs> How do you think I can try to trouble shhot why this process is not using more resources than it does?
[12:02] <Madkiss> hi there!
[12:02] <Madkiss> Whats the default iscsi target in Ubuntu 12.04?
[12:03] <Madkiss> I understand it is tgt?
=== lionel__ is now known as lionel
[12:22] <rye> hello, i have recently updated to the latest packages (on 18th of april), before that I was running for quite a long time with the packages of 2 weeks old. Now my test vms with windows7 are extremely slow w/o the changes to the underlying hardware.
=== matsubara-afk is now known as matsubara
[12:24] <rye> no dmesg messages, no syslog messages to pinpoint what's happening. I see elevated disk usage at times but it does not look like it was too different earlier
[12:25] <koolhead17> Madkiss, hey
[12:37] <Madkiss> hello koolhead17
[12:40] <koolhead17> Madkiss, trying to figure out what am doing wrong to get vnc running and other distro instances tested
[12:42] <jca1981> hi does anyone know an easy distribution to set up a small ftp server with web interface?
[12:43] <koolhead17> !ftp
[12:43] <ubottu> FTP clients: Nautilus (Places -> Connect to server), gFTP, FileZilla (for !GNOME); Konqueror, Kasablanca, KFTPGrabber (for !KDE); FireFTP (for Firefox); ftp, lftp (for !cli) - See also !FTPd
[12:43] <koolhead17> !ftpserver
[12:44] <_ruben> !ftpd
[12:44] <ubottu> FTP servers: ftpd, proftpd, pure-ftpd, twoftpd, vsftpd, MuddleFTPd, wzdftpd - Graphical front-ends: PureAdmin, GProftpd (for GNOME), KcmPureftpd (for !KDE) - See also !FTP
[12:46] <uvirtbot> New bug: #986159 in squid3 (main) "squid3 open file descriptors limit is set incorrectly" [Undecided,New] https://launchpad.net/bugs/986159
=== almaisan-away is now known as al-maisan
=== al-maisan is now known as almaisan-away
=== almaisan-away is now known as al-maisan
=== al-maisan is now known as almaisan-away
[14:16] <uvirtbot> New bug: #975450 in txlongpoll "bind all services not required by the nodes to the loopback interface or add ingress firewall rules for these services" [Undecided,Confirmed] https://launchpad.net/bugs/975450
[14:24] <rbasak> Any comments on the impact of bug 986159? The default number of file descriptors is 1024, is it? Would this bug cause issues in production?
[14:24] <uvirtbot> Launchpad bug 986159 in squid3 "squid3 open file descriptors limit is set incorrectly" [Undecided,New] https://launchpad.net/bugs/986159
[14:28] <rbasak> hallyn: ^^, can I get your opinion on this? Is this important for precise? Everyone else is at ODS it seem!
[14:28] <rbasak> seems!
[14:29] <hallyn> checking
[14:29] <RoyK> ods?
[14:30] <hallyn> opentack devel conf
[14:30] <RoyK> c
[14:30] <RoyK> k
[14:30] <hallyn> rbasak: ah, the bug makes sense.
[14:30] <hallyn> rbasak: i'd say, dput the fix and ask on #ubuntu-release what they think
[14:31] <rbasak> hallyn: I can't upload
[14:31] <hallyn> cause I have no idea (a) how important squid is to us or (b) how important the fd limit is to squid
[14:31] <rbasak> yeah that's what I'm thinking, too
[14:31] <hallyn> oh.  not sure i can either come to think of it :)
[14:31] <rbasak> I can ask in #ubuntu-release though
[14:31] <hallyn> i'll go peek in too
[14:32] <rbasak> Hmm
[14:32] <rbasak> Looks like squid got demoted to universe in precise
[14:34] <hallyn> rbasak: actually the ulimit part may be important
[14:34] <rbasak> ah it's squid3 and that is in main
[14:34] <hallyn> eh i guess not :)
[14:36] <hallyn> rbasak: well, tbh, i think that bug would be fine to SRU
[14:36] <rbasak> yes
[14:36] <hallyn> rbasak: it's not something that prevents it from rnning out of the box
[14:36] <rbasak> no
[14:42] <thebwt> over ldap authentication, is there a way to keep a workstation user with root access from 'su'ing into any other user account and bypassing authentication?
[14:42] <rbasak> thebwt: no. Root access is root access. Root can bypass anything.
[14:43] <rbasak> thebwt: note that root on one system isn't necessarily root on another, though.
[14:44] <thebwt> right, the issue is that a user could then su to other users and manipulate their home directories
[14:44] <thebwt> not so much root access
[14:44] <rbasak> Don't give the user root then.
[14:44] <thebwt> what about a machine booted into single user mode?
[14:44] <rbasak> Or put the home directories on a different machine
[14:44] <thebwt> they are mounted over nfs
[14:45] <rbasak> NFS trusts what the machine claims in general.
[14:45] <rbasak> The latest NFS stuff might fix that though, but I'm not up to date with it.
[14:50] <thebwt> so then on an ldap authentication with nfs mounts for the home dir. A standard machine booted in 'single' mode can create a massive breach in the network? That seems a bit silly, surely other people have run into the problem before.
[15:01] <dork> anyone experienced w/ mdadm/software raid and has had arrays assemble with strange hardware addresses like md127 and have it in auto-read-only?
=== Lcawte|Away is now known as Lcawte
=== almaisan-away is now known as al-maisan
=== xnavor_ is now known as xnavor
[17:56] <uvirtbot> New bug: #986314 in squid3 (main) "squid3 missing pie and bind-now hardening options" [Undecided,New] https://launchpad.net/bugs/986314
=== koolhead11|away is now known as koolhead11
=== fenris is now known as Guest89753
=== Guest89753 is now known as ejat
[18:19] <ZenMaster> Hi. :)
[18:19] <Pici> hi
[18:21] <MrWobz> Hello I have a problem, hdparm -tT displays BOTH drives as running reaaaally slow, Ive switched raid controllers and now I dont know what to do
[18:21] <ZenMaster> I need local name resolution, so that my users can connect to corporate intranet site.
[18:21] <ZenMaster> dnsmasq the way to go?
[18:33] <koolhead11> Daviey, are you really around? :P
=== matsubara is now known as matsubara-lunch
=== al-maisan is now known as almaisan-away
[19:07] <MrWobz> Hello I have a problem, hdparm -tT displays BOTH drives as running reaaaally slow, Ive switched raid controllers and now I dont know what to do, Its 3.0.0-12-server #20-Ubuntu SMP, I dont have the problem with 10.X though
[19:08] <Pici> MrWobz: You may want to try asking in ##linux as well, since I've noticed you're not getting (m)any answers here.
[19:09] <MrWobz> roger, its just I dont know whats different in terms of hdd management kernel level from 11.x and 10.x
[19:11] <Pici> MrWobz: 11.10 was the first release to use linux 3.0, prior releases were 2.6
[19:14] <MrWobz> It could mean in 3.0 a driver was dropped somewhere
[19:18] <Pici> Its possible, but I'd be surprised if it wasn't noticed.
=== matsubara-lunch is now known as matsubara
[19:43] <raubvogel> On op-panel, where are the passwords for voicemail defined? Are they the ones in /etc/asterisk/voicemail.conf?
[19:53] <Pici> raubvogel: You may want to ask in #asterisk
=== cloakable_ is now known as cloakable
[21:16] <uvirtbot> New bug: #986385 in lxc (universe) "lxc.mount.entry fails into mnt/subdir" [Medium,Confirmed] https://launchpad.net/bugs/986385
[22:25] <^Mike> I created a directory in /var/run to hold some sockets and pidfiles for several daemons. After rebooting, the directory is gone - why?
[22:38] <maxb> Because /var/run is a tmpfs; a ramdisk
[22:52] <SpamapS> ^Mike: its guaranteed to be *empty* at boot time :)
[22:52] <uvirtbot> SpamapS: Error: "Mike:" is not a valid command.
[22:55]  * ^Mike patpat uvirtbot
[22:56] <^Mike> SpamapS: thanks, I'll have my scripts create the directory if it doesn't exist then :\
[23:02] <pacsman> Hello, asking for who to choose between ubuntu-server or debian 6
[23:07] <^Mike> pardon? O.o
[23:09] <pacsman> jveu installer un OS sur un server proliant, ki serait le mieu, ubuntu-server ou debian 6
[23:12] <^Mike> it's fairly likely that the people in here are going to prefer ubuntu :)
[23:13] <pacsman> just askin :P
[23:14] <SpamapS> pacsman: ubuntu server has versions too. :)
[23:14] <SpamapS> pacsman: maybe people like ubuntu 10.04 > debian 6 > ubuntu 8.04
[23:18] <pacsman> k ty
=== Lcawte is now known as Lcawte|Away