[00:04] <wizonesolutions> argh, how do I actually connect to the VNC console on a KVM guest?
[00:04] <wizonesolutions> I'd rather SSH in but don't know how to figure out its IP
[01:10] <wizonesolutions> goodness gracious. figured out how to get the VMs bridged so I could SSH in, but that was way underdocumented. I should somehow contribute when I have time...
[01:13] <TheLordOfTime> SpamapS:  good idea, thanks.
[02:48] <akiva> okay let me get this straight
[02:49] <akiva> a dns server basically takes an IP, and attaches a name to it, such as www.name.com, to which it then arranges the names in a type of heirarchy
[02:49] <akiva> such as www.name.com/foo
[02:50] <mardraum> you look like you are confusing DNS and HTTP
[02:51] <akiva> I am just looking at my installation here
[02:51] <akiva> and I am trying to learn about the different types of servers that I can install
[02:51] <akiva> to which I want to set up dummies in which I can learn from
[02:51] <ScottK> mardraum: No.  He's not.
[02:52] <mardraum> ScottK: how is "/foo" related to DNS
[02:54] <akiva> so a dns then is basically taking addresses, and attaching naming schemes which are/can be heirarchical.
[02:54] <ScottK> Except he's right to an extent.
[02:54] <akiva> mardraum: foo is the name of a sup page in the site. Just chose the name foo :P
[02:55] <ScottK> DNS will figure the IP address associated with example.com or www.example.com.
[02:55] <ScottK> Within a sing host, it doesn't help you.
[02:55] <mardraum> akiva: yes, which is HTTP, not DNS
[02:55] <ScottK> mardraum: It could be multiple protocols.
[02:55] <mardraum> heh
[02:55] <ScottK> For a web server it's http, but for an ftp server it's ftp.
[02:56] <ScottK> The path within the host is not tied to a specific protocol.
[02:56] <akiva> Would I ever use a DNS server practically speaking?
[02:56] <mardraum> it's not DNS though, is it ScottK ?
[02:56] <mardraum> I think that's what we are trying to establish.
[02:56] <ScottK> No, it's not.
[02:56] <ScottK> DNS get's you an IP/hostname pairing that's it.
[02:56] <akiva> okay, interesting
[02:57] <ScottK> Everything after that is related to the file hierarchy of the host.
[02:57] <akiva> but http, ftp, dns, these are all "Name Servers"?
[02:57] <mardraum> DNS gets you more than simple IP/hostname pairing, what about MX records, TXT records, etc
[02:57] <ScottK> They are all protocols.
[02:57] <ScottK> Sure, but in this context.
[02:59] <akiva> protocols, each one with distinct advantages, etc
[03:10] <taipres> does debian use less mem than ubuntu?
[03:11] <taipres> server that is
[03:12] <qman__> not if you install the same packages, by any measurable amount
[03:12] <taipres> what do you consider measurable
[03:12] <qman__> 10MB
[03:12] <taipres> ok
[03:12] <qman__> memory use depends on what software you install
[03:13] <qman__> you can choose to install less stuff with different install options
[03:13] <qman__> like JeOS or minimal, though minimal is more difficult to get working
[03:14] <taipres> am asking because i'm running it on a VPS
[03:14] <taipres> so memory is a bottleneck
[03:14] <qman__> the only notable difference here is that debian, when you choose to not install the GUI, installs less packages than the regular ubuntu server install
[03:15] <mardraum> they only affect "memory" while they are running, are you actually concerned with disk space?
[03:19] <genii-around> Setting APT::Install-Recommends off helps quite a bit with the bloat
[03:26] <ScottK> But, you're on your own if something doesn't work the way you expect.  The system's designed for those to be on unless you know what you're doing.
[03:28] <taipres> I aways remove apache2 immediately heh
[03:29] <taipres> thanks
[03:29] <mardraum> I didn't think apache2 was installed by default
[03:30] <taipres> well for VPS's it seems to be
[03:30] <taipres> at least ones i've tried
[03:30] <ScottK> That's your VPS's provider doing that.
[03:30] <ScottK> It's not part of the Ubuntu Server default install.
[03:31] <taipres> that's weird that'd add software then make an imagine, since is for openvz
[03:31] <taipres> xen, or what have you
[03:31] <taipres> I only use openvz atm though
[03:31] <taipres> image rather
[03:31] <mardraum> it's not weird, since 99% of people who don't know what they are doing will want LAMP
[03:32] <mardraum> provider is simply cutting down on support calls
[03:32] <taipres> good point :)
[03:33] <taipres> though mysql and phpmyadmin not installed by default, from ones i've seen
[03:33] <taipres> I get unmanaged vps's though
[03:33] <mardraum> php, not phpmyadmin
[03:34] <taipres> yeah that either, have to apt-get it
[03:34] <mardraum> I guess they are going with a more secure default then, not the kitchen sink, good for them
[03:35] <taipres> yeah I love budget vps's, get nice servers for few bucks a month that gives me far far more control and flexibility than shared hosting, can remove/install distros in few seconds too, I usually pick ubuntu though
[03:36] <taipres> easiest, but I keep hearing people recommend debian for servers
[03:49] <ScottK> Debian and Ubuntu have very different release processes.
[03:49] <taipres> debian like turtle, ubuntu like rabbit? :)
[03:49] <ScottK> If you need non-ancient software in a release, Debian may not be for you.
[03:49] <ScottK> Sort of.
[03:49] <ScottK> Ubuntu releases every 6 months.
[03:49] <taipres> i'm using version
[03:49] <ScottK> Debian releases when they believe it's ready.
[03:50] <taipres> 11.04 currently
[03:50] <ScottK> You may want to consider upgrading.
[03:50] <taipres> does the new 12 use a lot of memory?
[03:50] <ScottK> It's not much different than 11.04, but to get to 12.04, you need to upgrade to 11.10 and then 12.04.
[03:50] <ScottK> Direct upgrades from 11.04 aren't supported.
[03:51] <taipres> well there's a template for to, so I could switch over, it'd be fresh install anyway
[03:51] <taipres> just don't want to use a bunch of new memory for the latest version when it's not necessary
[03:56] <qman__> the important reason here is 12.04 is LTS and supported for 5 years, while 11.04 isn't, and is already over year through its support
[03:57] <taipres> who supports it
[03:58] <qman__> Canonical
[03:58] <qman__> the important part of support being patches and this channel
[04:00] <taipres> my host has two images
[04:00] <taipres> ubuntu-12.04-x86 326MBs and ubuntu-12.04-x86q1-July over 500mbs?
[04:00] <taipres> weird the latter is so much larger trying to figure out why
[04:01] <taipres> i'm sure patches are good practice but linux seems pretty secure
[04:02] <taipres> only downside i've personally seen, in terms of myself for older ubuntu is repo isn't the best
[04:03] <taipres> has older software, I'm aware 11.04 has almost released its end of cycle for support though
[04:07] <ScottK> Patches won't make it bigger.
[04:15] <morpheu> ola pessoal
[04:16] <morpheu> to com um problema
[04:16] <morpheu> no servidor
[05:11] <taipres> just installed debian looks to be using 2 more megabytes then the ubuntu install
[05:11] <taipres> dang was hoping for the opposite, removed all default services I don't need
[06:36] <akiva> is it wise to encrypt a server?
[06:46] <seekwill> akiva: What do you mean?
[06:47] <akiva> seekwill: I am trying to setup a business, and I have established 5 types of systems I am going to be using
[06:47] <akiva> and of these 5 types, I am trying to determine which types I should bother with encryptions,
[06:47] <akiva> particularly the lvm, and the disk
[06:48] <akiva> given that a server does not tend to get stolen, and it might be bothersome if it needs rebooting right away, I am thinking I will not encrypt my server types of computers
[06:48] <seekwill> You can never have too much security, but there are other things I worry about before disk encryption
[06:48] <akiva> such as?
[06:48] <seekwill> Network and physical security
[06:49] <akiva> Network is something I have yet to get too yet.
[06:49] <seekwill> So, what are these five types?
[06:50] <akiva> Server, Administrators, Executives, Departments, and Terminals
[06:50] <akiva> The server is obviously going to be tucked away on its rack, doing its thing.
[06:51] <akiva> Admins are the only users who have read write access to the servers,
[06:51] <seekwill> Are you the business owner, the IT manager, or?
[06:52] <akiva> IT manager
[06:52] <akiva> Might as well say business owner though, given circumstances
[06:52] <akiva> I got a simple spreadsheet. explains it all
[06:52] <seekwill> If you are the business owner, I would highly suggest outsourcing this so you can focus on your core business
[06:53] <akiva> No, I don't believe in doing that type of thing
[06:53] <akiva> or rather, I do not enjoy it.
[06:53] <seekwill> The question you're asking seems to be at a much higher architectural level, which doesn't always work well over IRC
[06:54] <akiva> What does IRC have to do with it?
[06:54] <seekwill> I could be jumping to conclusions too early, but that's just the feeling I get
[06:54] <akiva> Anyways~
[06:56] <akiva> speaking from previous experience, I do want any higher up to have their disks encrypted.
[06:56] <seekwill> For example, I disagree with your statement that disk encryption on your servers is unnecessary as you don't generally reboot servers outside a maintenance window
[06:56] <akiva> I have witnessed laptops and desktops being stolen before.
[06:57] <seekwill> ... or just don't store that data on those machines :/
[06:57] <akiva> seekwill: I don't understand the logic behind that
[06:57] <akiva> Yes, I am looking into the cloud too
[06:58] <akiva> ubuntu one I figure should suffice
[06:58] <akiva> Google Docs... maybe, but I am not entirely sold on that yet.
[06:59] <seekwill> Don't understand the logic behind what?
[07:00] <akiva> disk encrypting a server thats always running?
[07:00] <akiva> and that is highly unlikely to be stolen?
[07:00] <seekwill> Umm ok
[07:00] <seekwill> Is your server stored in a commercial data center with 24/7 security? How sensitive is the data you're storing?
[07:01] <seekwill> But like I said, these are not really the conversations that go well over IRC, in my opinion
[07:01] <akiva> seekwill: Very sensitive. It would be stored locally.
[07:01] <seekwill> If you are worried about data being stolen, I would never consider using Ubuntu One or Google Docs
[07:02] <seekwill> I have a much higher confidence with commercial data centers than my own office
[07:02] <akiva> No, not google docs
[07:02] <akiva> with ubuntu one, I don't really know. Its purpose would only be to back up certain emails and local documents
[07:03] <SpamapS> akiva: Have you ever heard the statement "Security is a process, not a product" ?
[07:03] <seekwill> SpamapS++
[07:03] <akiva> seekwill: I used to work in security and surveillance, so I tend to have...
[07:03] <akiva> no
[07:03] <seekwill> :/
[07:03] <akiva> SpamapS: I think that is a fair statement.
[07:03] <SpamapS> Ok, well you'll understand this if you worked in surveillance
[07:04] <SpamapS> If surveillance was about products.. people wouldn't be needed.
[07:04] <SpamapS> likewise w/ security
[07:04] <SpamapS> you can automate *a lot*
[07:04] <SpamapS> but you still have to go through the process of planning and evaluating
[07:05] <akiva> SpamapS: Agreed, such is why I am trying to create standards
[07:05] <seekwill> There are lots of security standards out there
[07:05] <seekwill> Even certifications!
[07:05] <SpamapS> akiva: indeed, its good to start with a process which gets you going and mitigates your risk early on...
[07:05] <seekwill> :)
[07:05] <akiva> seekwill: Certs can go fly a kite :P
[07:05] <seekwill> Ok :)
[07:06] <akiva> SpamapS: I am focussing on long term scalability, and setting password standards that will be highly secure without giving you a headache
[07:06] <SpamapS> akiva: anyway, encrypting your server isn't really the question to ask
[07:06] <SpamapS> Its "what am I risking if I let security be at 0"
[07:07] <akiva> contrary to popular belief, "@#<sea TsatZX5@#^" is not that secure of a password
[07:07] <SpamapS> find a dollar value for that..
[07:07] <SpamapS> spend an appropriate percentage of that dollar amount protecting it
[07:07] <seekwill> How did you guess my password?!?!? :(
[07:07] <akiva> SpamapS: well, I am specifically talking about lvm and disk encryption
[07:08] <akiva> SpamapS: These types of encryptions if I am not so naive, are important when physical theft is involved
[07:08] <akiva> seekwill: ha ha ha
[07:08] <SpamapS> akiva: great. What assets would be at risk without whole-disk encryption? How much are they worth? How much will encryption cost? answer those, and you'll have your answer.
[07:09] <seekwill> But you get the answer "for now". Things change
[07:09] <akiva> well, how does one physically steal a server rack locked in its own air conditioned room?
[07:09] <seekwill> So because you can't do it, means no one else can?
[07:10] <SpamapS> Honestly, sysadmins and engineers suck at security planning (I say that as a sysadmin/engineer). You need an insurance agent to really get things right.
[07:10] <akiva> as to encryption, here is one thing I do not know
[07:10] <SpamapS> akiva: how is not important..
[07:10] <SpamapS> akiva: why. answer that first.
[07:10] <SpamapS> If its worth $1,000,000 .. they can spend $100,000 on equipment / man power / planning and still profit from the theft.
[07:11] <akiva> for a server, where performance is important, does an encrypted file system need more cpu power etc?

[07:11] <seekwill> lol
[07:11] <SpamapS> akiva: yes it will use a few more cycles to encrypt/decrypt data
[07:11] <akiva> SpamapS: Perhaps you are more optomistic about those in the workforce than I am.
[07:12] <akiva> SpamapS: That was my supposition, though I was not entirely sure.
[07:13] <ScottK> The other thing you have to ask yourself is what are you guarding against?
[07:13] <akiva> ScottK: Good question. But one step at a time right now
[07:14] <ScottK> Without knowing the answer to that question, you can't answer the encryption question.
[07:14] <SpamapS> To me, you look at risk factors once you've assesed the value of your assets. Its hard to know how likely things are without numbers.
[07:14] <akiva> lvm encryption and disk encryption, given that physical theft risk is near nil, that such would not be neccessary
[07:15] <akiva> that is not to say that some other type of encryptian would not be important.
[07:15] <akiva> given the assumption that this server will not be stolen
[07:15] <SpamapS> "physical theft risk is near nil" .. this sounds like WAG method of assessment
[07:15] <akiva> SpamapS: What is Wag?
[07:16] <akiva> And trust me.
[07:16] <SpamapS> Wild Ass Guessing
[07:16] <ScottK> I know someone who has an encrypted VM and has to go to the data center every time the VM is restarted to enter a passphrase because he wants to ensure the data center operators don't have access to it.
[07:16] <akiva> Like I said, I have experience in this particular regard
[07:16] <akiva> ScottK: It will be held locally
[07:16] <akiva> ScottK: but yes, in that case
[07:16] <akiva> that would be very advisable.
[07:17] <SpamapS> akiva: as do many here.. many whom you're subtly ignoring, I suspect because you want to play with encryption.
[07:17] <SpamapS> I've seen many people talk themselves into security "solutions"
[07:17] <akiva> SpamapS: If I wanted to play with encryption, then I would not question it.
[07:18] <SpamapS> my customers, back when I was doing spam filters and basic intrusion detection systems, often talked themselves into buying an IDS even before I had assessed their risk.. because the web interface was cool
[07:18] <SpamapS> akiva: also you can measure how much encryption drains the performance
[07:18] <akiva> SpamapS: Indeed, that is exactly what I am doing. What is my purpose here however? To see if there is any oversight.  does disk encryptian protect against any non physical attempts at data theft?
[07:18] <akiva> I don't know
[07:19] <SpamapS> install w/ and w/o it.. measure the metrics that matter to your business.
[07:20] <akiva> SpamapS: Yes, that will be tricky. I will need to do it anyways, but that will be depending on performance forecasts
[07:20] <SpamapS> akiva: if you leave the volumes encrypted most of the time, and only use the physical console to decrypt.. you can mitigate a remote attack
[07:21] <SpamapS> but you'd still be vulnerable to root exploits while the volumes are decrypted.
[07:21] <akiva> right
[07:22] <SpamapS> and even if they're encrypted and the box is rooted..
[07:22] <SpamapS> if you don't notice before decrypting.. you're still vulnerable because now they have keyboard logged the passphrase
[07:22] <akiva> SpamapS: but I am just asking about disk and lvm encryptian
[07:22] <akiva> that is all right now
[07:22] <SpamapS> Its primarily a mitigation strategy for physical access violations.
[07:23]  * SpamapS reboots into quantal w/ fingers crossed
[07:24] <akiva> assuming I only have to worry about remote attacks, a disk encryptian and an lvm encryptian are not going to help mitigate attacks. Is this correct?
[07:32] <alex88> hi guys, from http://kernel.ubuntu.com/~kernel-ppa/mainline/ i need a kernel > 3.4, can i use the quantal release also if i'm running precise?
[07:37] <SpamapS> alex88: I believe there is a PPA with the backport
[07:39] <akiva> SpamapS: Have you used landscape?
[07:41]  * alex88 searchs
[07:42] <feisar> how pricey is Landscape?
[07:42] <akiva> seems pretty reasonable to me
[07:42] <akiva> 33 a year I think for webhosting
[07:42] <akiva> local hosting is about 100 per year
[07:43] <feisar> the number of Ubuntu Server boxes I manage is increasing and I understand that Landscape can centrally manage them
[07:44] <akiva> wait, its more
[07:44] <akiva> I am thinking of something else apparently
[07:44] <akiva> waint
[07:44] <akiva> wait*, I think I am thinking of openerp
[07:44] <akiva> Wanting to impliment this too :)
[07:45] <koolhead11> akiva: feisar mailing the markting folks via there canonical website will be more helpful
[07:45] <koolhead11> the place is more developer oriented :P
[07:45] <feisar> akiva: I have been looking at OpenERP for a small business that needs a new finance package
[07:46] <feisar> koolhead11: yeah, thanks
[07:46] <koolhead11> Daviey: so i seriously feel am missing something with LXC or it has some bugs
[07:46] <akiva> feisar: ugh, mail
[07:46] <akiva> thanks though, it probably is correct
[07:47] <taipres> sadly my vps provider, most their images for distros are broken
[07:47] <akiva> feisar: I am looking to set up a warehouse, and need something that will be able to deal with idependent product serials etc
[07:47] <taipres> one after another, tried latest ubuntu, one didn't load other used like 30mbs of ram I think and couldn't ssh in
[07:48] <feisar> taipres: what's the hardware?
[07:48] <feisar> taipres: oh sorry, just seen the above
[07:49] <taipres> I knew 12.x used lot more mem, was hoping wasn't as much as I saw at least for 1 build
[07:49] <taipres> so i'll hold off on that
[08:16] <jamespage> Daviey: any particular reason rabbitmq-server was synced for quantal rather than merged?
[08:17] <lynxman> morning o/
[08:17] <jamespage> morning lynxman
[08:18] <lynxman> jamespage: mr Page :)
[08:18] <mardraum> can anyone give me an idea about what else I can do to help debug 1014350
[08:19] <jamespage> bug 1014350
[08:27] <jamespage> mardraum, I think you've already done loads
[08:28] <Daviey> jamespage: MAAS, LS and the DM were happy that the ubuntu changes had been adopted
[08:28] <Daviey> jamespage: see the merge bug
[08:28] <jamespage> Daviey, OK - I'm going to drop the mcollective delta as well then as it depends on stuff that no longer exists
[08:29] <mardraum> jamespage: thanks for looking, I'll be patient :D
[08:30] <jamespage> mardraum, the kernel team have a pretty good triage process and your right in it...
[08:52] <nocturn> Hi, I have KVM running on 11.10 server with a 12.04 guest.   I set up prerouting and forwarding on the host to make port 25 on the guest available to the outside.  Post is open remotely, but not reaching the guest.  A similar forward to another VM on port 22 is working.   What could I be missing?
[08:53] <nocturn> Rule: -A PREROUTING -p tcp -m tcp -d 78.46.74.45 --dport 25 -j DNAT --to-destination 192.168.122.13
[08:53] <nocturn> -A FORWARD -p tcp -d 78.46.74.45 --dport 25 -j ACCEPT
[08:53] <nocturn> .45 is public
[09:02] <fasta> Is there any GUI to completely control iptable rules?
[09:05] <RoyK> !fwbuilder
[09:05] <RoyK> stupid bot
[09:05] <RoyK> http://www.iptables.info/en/iptables-gui.html
[09:05] <RoyK> first hit on google ;)
[09:07] <koolhead11> zul: let me know when you around
[09:08] <koolhead11> hi jamespage
[09:08] <jamespage> hey koolhead11
[09:08] <koolhead11> how are things jamespage
[09:08] <jamespage> +1
[09:08] <jamespage> and you
[09:08] <jamespage> ?
[09:08] <koolhead11> am awesomer
[09:08] <koolhead11> e
[09:08] <koolhead11> need some help from Zul to get LXC working in essex
[09:09] <fasta> RoyK: that's not a GUI, because it requires me to understand the syntax of iptables.
[09:09] <koolhead11> jamespage: i wonder who shot those kareoke videos and where are they
[09:09] <fasta> RoyK: I am sure a GUI could be designed which doesn't require that.
[09:09] <koolhead11> the UDS one
[09:09] <koolhead11> :P
[09:10] <RoyK> fasta: well, it's the best I could find - learning iptables syntax isn't that hard, after all
[09:10] <koolhead11> RoyK: +1
[09:10] <fasta> RoyK: it's also silly that one even needs to learn a syntax, because it only creates a dependency on Linux.
[09:10] <RoyK> fasta: if you need something simple, try pfSense - it's based on FreeBSD, not iptables, but it's simple and easy to use
[09:10] <fasta> RoyK: it's basically a kind of vendor lockin.
[09:10] <koolhead11> fasta: http://www.shorewall.net/ might help
[09:10] <RoyK> fasta: it's *NEVER* silly to learn anything
[09:11] <fasta> RoyK: so, you mean: install a virtual machine?
[09:11] <RoyK> fasta: either learn how things work, or use something fancy
[09:11]  * RoyK likes to learn how things work
[09:11] <fasta> RoyK: I like to learn how things of importance work.
[09:11] <RoyK> fasta: but fancy GUIs isn't really an ubuntu server issue
[09:12] <RoyK> most people in here uses the commandline to do things the proper way
[09:12] <fasta> RoyK: yes, it is, because I haven't seen one.
[09:12] <fasta> RoyK: I will decide what is proper.
[09:12] <RoyK> I haven't seen God, is that an ubuntu server issue, then?
[09:12] <RoyK> !ufw
[09:13] <fasta> RoyK: server configuration, of which iptables is a part, is a nm ubuntu server problem.
[09:13] <RoyK> fasta: that's the proper ubuntu firewall
[09:13] <fasta> RoyK: that's not a serious solution.
[09:13] <RoyK> then use iptables
[09:13] <RoyK> case closed
[09:13] <fasta> RoyK: because I wanted to have full control over iptables.
[09:13] <RoyK> then learn it
[09:13] <fasta> RoyK: you apparently don't get it.
[09:13] <RoyK> I do, you don't
[09:13] <fasta> RoyK: you said that fancy GUIs aren't a problem on Ubuntu server.
[09:13] <RoyK> you don't get full control over *anything* by trusting a fancy GUI
[09:13] <fasta> RoyK: sure you can.
[09:14] <fasta> RoyK: you can read the source code for the fancy GUI.
[09:14] <RoyK> if that GUI is written well, and proper, and doesn't have too much bugs, yes
[09:14] <fasta> RoyK: which happens to be what I am looking for.
[09:14] <RoyK> but it'll take a long time, and most people give up and use iptables instead
[09:14] <fasta> RoyK: what you are saying is that there is no fancy GUI on Ubuntu server.
[09:14] <fasta> RoyK: and that those that are there are bug ridden.
[09:15] <RoyK> fasta: so, please, either google for a fancy iptables gui, or *learn* *iptables*
[09:15] <fasta> RoyK: and thus that Ubuntu server does have a problem.
[09:15]  * RoyK ignores fasta 
[09:15] <fasta> RoyK: lol
[09:15] <fasta> RoyK: you shouldn't start an argument with me.
[09:15] <fasta> RoyK: because, of course I Googled.
[09:15] <fasta> RoyK: you just are so ignorant that you think one google query solves all problems.
[09:16] <fasta> Why you would think that is beyond me.
[09:16]  * RoyK reminds himself of the phrase "Never argue with an idiot, they drag you down to their level and beat you with experience bumper sticker"
[09:16] <fasta> RoyK: you are just projecting ignorance.
[09:18] <fasta> RoyK: judging by your credentials, you are -- by far -- the idiot here.
[09:18] <fasta> RoyK: I advice you to consider who your talking to before you even consider to call someone an idiot.
[09:18] <mardraum> oh look, this guy again
[09:18] <mardraum> new nick!
[09:19] <fasta> I wish IRC responses were tagged with the CV immediately.
[09:20] <fasta> Then at least I could automatically ignore those responses.
[09:20]  * mardraum popcorn
[09:20] <nocturn> fasta, you are being rude when you received help.  RoyK was more patient with you than I would be
[09:21] <fasta> nocturn: I am sorry; I received _no_ help.
[09:21] <fasta> nocturn: RoyK only wasted my time.
[09:21] <fasta> nocturn: I have been patient with him.
[09:21] <fasta> nocturn: not the other way around.
[09:21] <fasta> nocturn: comprendo?
[09:21] <nocturn> He gave you the answer, just not the one you wanted to hear.
[09:21] <fasta> nocturn: no, he gave me _an_ answer.
[09:21] <fasta> nocturn: initially a wrong one.
[09:21] <nocturn> fasta: 42
[09:22] <nocturn> that's the right answer
[09:22] <nocturn> you're welcome
[09:22] <fasta> nocturn: good book
[09:22] <fasta> nocturn: most people who say it, didn't read it.
[09:22] <nocturn> I read it allright, listened to the radio show too, didn't like the movie though
[09:23] <fasta> nocturn: same with the exception of the radio show.
[09:25] <RoyK> nocturn++
[09:26] <fasta> RoyK-=9e10;
[09:26] <fasta> +1
[09:26] <fasta> I like
[09:26] <fasta> I hate
[09:45] <RoyK> sometimes those trolls come by...
[11:42] <nocturn> Been trying some stuff, but no progress.  I cannot foward port 25 on a VM guest to port25 on the VM host using iptables.  Yet the same rules for port 22 on another VM do the trick...
[11:44] <melmoth> something is already listening on port 25 on the host , and nothing was listening on port 22 ?
[11:47] <zul> morning
[11:49] <nocturn> melmoth: No, I checked
[11:49] <nocturn> nothing is listening on either port on the host.  And the guest respond on those ports from the host (using netcat)
[12:10] <blizzkid> lo all. Running into trouble using nut (network ups tools). Anyone knows how to cancel all timers? Doc says to remove files, but pipe is used instead of files...
[12:26] <nocturn> I needed to SNAT it too!
[12:26] <nocturn> fixed
[13:05] <zul> smoser: nova package has the persistent volume support now.
[13:07] <adac> Is it absolutely painless to install python3 via apt-get on lucid LTS?
[13:17] <ScottK> adac: It is, but it's python3.1, so there's a limit to how painless using it will be.
[13:17] <ScottK> It also won't interfere with any python stuff.
[13:18] <adac> ScottK, oh ok so it never becomes the system python
[13:18] <Mandark> hey guys, hopin sum1 can guide me in the right direction>>
[13:18] <ScottK> Dear lord no.
[13:18] <Mandark> configuring multiple VirtualHosts, enabled the new site entry but what seems to be happening is its ignoring the previous virtual host entry and applying the rootdirectory to all hosts over port 80. i.e. domain1.com >> /var/www/domain1/   domain2.com >> /var/www/domain1/
[13:18] <Mandark> has anybody had a similar problem or heard of a resolution?
[13:20] <adac> ScottK, hehehe
[13:21] <adac> ScottK, is there also 2.7 that can be installed?
[13:21] <ScottK> Not for 10.04.
[13:21] <ScottK> 12.04 has python3.2 and python2.7.
[13:22] <ScottK> If you want 2.7 for something, it's really easier just to upgrade.
[13:22] <xnox> ok you can start a chroot.... but that would be ugly
[13:23] <Mandark> if no other resolutions come up, it might have to b that
[13:24] <ScottK> There are PPAs with python2.7, which, if you only need the standard library and no extensions might work if you can find one run by someone you can trust (anyone can get a PPA, so don't assume it's any different than downloading from some random site on the net).
[13:25] <adac> ScottK, kk thank you so much!
[13:28] <adac> ScottK, what would be the sytem python version on 12.04?
[13:29] <ScottK> python2.7.
[14:00] <koolhead17> zul, awake?
[14:01] <zul> koolhead17: yep
[14:02] <koolhead17> zul, have you tried LXC with essex
[14:02] <zul> koolhead17: yep
[14:04] <koolhead17> zul, and what all pkgs am supposed to install
[14:04] <zul> koolhead17: the usual packages and libcgroup1-lite
[14:04] <koolhead17> because i installed some pkg i think python-nova-lxc
[14:05] <koolhead17> ooh okey so i missed this pkg libcgroup-lite
[14:05] <zul> no there isnt a package called python-nova-lxc
[14:05] <koolhead17> zul, i meant some nova pkg with lxc extension
[14:06] <zul> ok if you have nova-compute-kvm and nova-compute-lxc installed then it wont work youll have to remove nova-compute-kvm
[14:08] <koolhead17> zul, so nova-compute-lxc and libcgroup-lite i hope it will download the lxc pkg along with.
[14:08] <zul> koolhead17: and you will need to to install lxc as well
[14:11] <koolhead17> gosh zul why novaa-compute-lxc depends on lxc ? :(
[14:12] <zul> koolhead17: it doesnt you might need stuff in there
[14:13] <hw_junkie>  /window 4
[14:18] <koolhead17> thanks zul !! finally 3ed day after hitting my ass all around i found the soln, will do the testing in lab tomorrow :)
[14:18] <koolhead17> will trouble you if stuck
[14:18] <zul> cool
[14:18] <koolhead17> zul, can i test play with quantum for essex?
[14:19] <zul> koolhead17: i wouldnt
[14:19] <koolhead17> zul, so better i should wait for folsom PPA to play on 12.04 :)
[14:20] <koolhead17> adam_g, sir
[14:20] <zul> koolhead17: yes
[14:21] <koolhead17> cool
[15:01] <pawad> Who should I be talking to if my Lucid server is sending a lot of http traffic to Canonical servers in London?
[15:02] <tgm4883> pawad, I guess that would depend on what was in that traffic
[15:02] <tgm4883> or what was sending it
[15:03] <pawad> So far it looks like apt-gets, but that might be actual updates I was running on the weekend. I'm talking 1.5GB+ over 4 days
[15:06] <zul> smoser: ping
[15:06] <smoser> here
[15:06] <tgm4883> pawad, is that just for one computer?
[15:07] <zul> smoser: can you change the maintainer of ec2-api-tools to scott moserk please? so i dont get upload notifications
[15:07] <smoser> hmm..
[15:07] <smoser> i will chnage in the packaging branch that i have.
[15:07] <pawad> tcpdump from a Lucid server on Rackspace. HTTP traffic only between 2012-07-28 to this morning.
[15:08] <zul> smoser: cool...because obviously im not the maintainer anymore as well :)
[15:08] <smoser> Maintainer: Ubuntu Developersk <ubuntu-devel-discuss@lists.ubuntu.com>
[15:08] <smoser> does that look good?
[15:10] <zul> yep
[15:10] <tgm4883> pawad, have you tried using something like nethogs to see what it is?
[15:10] <tgm4883> what is sending the data I mean
[15:11] <zul> pawad: you might want to talk to rackspace then
[15:11] <pawad> I have the dump file loaded in Wireshark.
[15:12] <pawad> It's unmanaged server. they've given me the suggestions they can. But they wont do much more then that without a support contract.
[15:14] <apw> can anyone remind me where the 'update only to the next LTS' flag is for a server
[15:23] <seicherlbob> hi there! I've had a failed harddisk in a raid1. now i got a new drive of equal size, but this one has 4K blocksize (the old one had 512B). Is it possible to add the new drive to the array or will this crash my data?
[15:52] <Kingsy> guys, I have just installed xcache via a cpanel.. and now I need to change some of the values in its ini file.. how do I find it? I have no idea where the cpanel has installed it too..
[16:01] <Kingsy> nm really stupid question
[16:08] <r3dLunchb0x_> anyone know why on ubuntu 11.04 server, landscape-sysinfo presents incorrect info when you login?
[16:30] <danielsh`> guys
[16:30] <danielsh`> the download instructions don't link to the md5 or pgp of the iso files
[16:30] <danielsh`> any reason for that ?
[16:31] <Pici> !hashes
[16:32] <danielsh`> err, thanks, that was my next questino
[16:33] <danielsh`> it would be nice if the download page actually linked to them
[16:34] <danielsh`> some of the people who download ubuntu actually care about checking md5's
[16:47] <osmosis> what partition is /dev/mapper/me-swap_1  attached too?  when I use cfdisk, i dont see a swap partitions. I am using a LUKS encrypted volume.
[17:20] <osmosis> if installed with full disk encryption...is the swap partition encrypted as well?
[17:30] <babbio> Hi guys….I need your help…I need my pc to automatically connect to my home wifi connection at boot (also without login) so that I can ssh into my server and have an active connection…I read a lot of doc on how to modify the /etc/network/interfaces but at the reboot I have no internet connection
[17:44] <axisys> can I add more than one port in the ufw/application.d/myapp ?
[17:45] <axisys> or do I need myapp-port-x myapp-port-y .. blah ?
[17:45] <axisys> and add a new port number for each
[17:45] <axisys> i need to have multiple tacacs+ server instance running on different ports
[17:57] <roaksoax> adam_g: what was the bug# for the nova-network lock thingy?
[18:14] <jdstrand> axisys: you can add more than one. Eg: ports=5353/udp|5298
[18:23] <adam_g> roaksoax: one sec
[18:24] <adam_g> roaksoax: https://review.openstack.org/#/c/10321/
[18:24] <roaksoax> adam_g: thanks
[18:29] <adam_g> roaksoax:  ppa:openstack-ubuntu-testing/essex-stable-testing should have a nova package built with that commit included, you can set 'nova-release' in the charm config to that ppa and it will install from there
[18:33] <roaksoax> adam_g: arrgh.. can't seems to reproduce being able to access the instances using its private IP from "outside"
[18:36] <roaksoax> ahh daaah never mind :)
[19:01] <r3dLunchb0x_> is there a nagios expert here?
[19:21] <SpamapS> adam_g: ping, just accepted your openvswitch FTBFS fix (no bug to notify you on ;)
[19:26] <adam_g> SpamapS: cool. i noticed verification-done on the bug, im assuming the non-FTBFS archs from the original upload made it to -proposed?
[19:29] <SpamapS> adam_g: yeah, FTBFS of one arch does not affect the others for publishing
[19:33] <adam_g> SpamapS: is that true of all archs? im getting openssl armhf failures now :)
[19:35] <SpamapS> adam_g: the binaries will get published as they build. We just won't copy them to -updates until all arches pass
[19:35] <adam_g> SpamapS: ah, gotcha
[19:35] <SpamapS> adam_g: but in the openvswitch case.. it was FTBFS for the release too.. so I care even less. ;)
[20:57] <LordOfTime> SpamapS:  still around?
[21:08] <LordOfTime> SpamapS:  the debdiff was uploaded to LP Bug 1014044, and I subscribed the sponsors team accordingly.  My internet died shortly later, so I didnt get to subscribe sponsors to the other bug (LP BUg 1006738), but i mentioned in 1014044 that they'd have to review 1006738 as well
[21:08] <LordOfTime> in case you;d like to do the actual sponsoring... :P
[21:32] <SpamapS> TheLordOfTime: I'll take a look later
[21:32] <TheLordOfTime> SpamapS:  cool, just one question
[21:32] <TheLordOfTime> shoudl i subscribe the sponsors team to the other bug where i did not upload the debdiff to?
[21:33] <SpamapS> TheLordOfTime: no, one bug for one upload is fine. :)
[21:33] <TheLordOfTime> cool.
[21:33] <TheLordOfTime> oh damn, i forgot to put the SRU template on the segfault bug
[21:33] <TheLordOfTime> :/
[21:53] <SpamapS> adam_g: https://launchpad.net/ubuntu/+source/openssl/1.0.1-4ubuntu5.4 ... looks like that patch needs some tweaking to be non-x86-friendly
[21:58] <adam_g> SpamapS: ya, i saw
[22:21] <shodan45> I have an empty file named (literally) /var/log/mail.* on a freshly imaged 12.04 VM.... wtf?
[22:22] <dannf> is the code for building maas ephemeral images available?
[22:44] <r3dLunchb0x_> anyone here know anything about nagios 3.3.1 for ubuntu?
[23:15] <slicslak> what should i install for java these days?  standing up a solr server
[23:18] <slicslak> looks like openjdk should be fine.
[23:18] <slicslak> thx