/srv/irclogs.ubuntu.com/2012/09/08/#ubuntu-server.txt

halvorsUbuntu 12.10 have the "miniupnpd" deamon avaliable in the universe repository, but i can't get it work with iptables, it seems like it doesn't integerate correctly with iptables.00:03
=== arrrghhhAWAY is now known as arrrghhh
=== arrrghhhAWAY is now known as arrrghhh
=== arrrghhh is now known as arrrghhhAWAY
=== arrrghhhAWAY is now known as arrrghhh
=== arrrghhhAWAY is now known as arrrghhh
qcjnhi, i have a "homework" making a service start up script. But in college we use fedora 15. Since at home i'm using Ubuntu, i thought of making it on ubuntu. But it seems that there is a lot of difference. from syslog to rsyslog. no chkconfig on ubuntu. functions are not at  /etc/rc.d/init.d/functions. and are the functions the same ? And maybe there's other thing i haven't seen. ???02:53
arrrghhhqcjn, well for one ubuntu moved to upstart recently02:57
arrrghhhthat's a pretty big difference02:57
arrrghhhsyslog and rsyslog - i don't see what that has to do with startup scripts...02:58
arrrghhhi'm not so familiar with fedora tho02:58
patdk-laprecently?03:00
patdk-lapalmost 4 years ago03:00
qcjnarrrghhh, syslog rsyslog is because we have to make a script that if some acces or modify a file then it is log in /var/log/my_file_service.log03:00
arrrghhhpatdk-lap, sorry i just moved off of 10.04...03:01
patdk-lapupstart came in with 9.1003:01
arrrghhhyes.  which is right before 10.0403:01
patdk-lapyep03:01
arrrghhhi just remember the transition being recent... i'm old :P03:02
patdk-lapheh, I do the alpha and beta testing03:02
patdk-lapso that added an extra 6months to me almost03:02
patdk-lapseens like forever ago, in testing :)03:02
arrrghhhnice.  on quantal already?03:02
patdk-lapbeen doing testing on it ya03:02
arrrghhhnice03:02
arrrghhhi just went to precise03:03
arrrghhhit finally went .1 ;)03:03
patdk-lapI just started upgrading my stuff from lucid to precise03:03
patdk-laphave my package repo all up now with the fixes and other things I need03:03
patdk-lapand done all the testing I needed03:03
arrrghhhyea i had a few hiccups.  mostly config file changes i needed to make.03:03
arrrghhhdnsmasq really threw me for a loop03:03
patdk-lapI didn't even modify my dnsmasq03:04
patdk-lapoh wait, I'm not using dnsmasq :)03:04
arrrghhhhaha03:04
arrrghhhi guess i'm a masochist03:05
arrrghhhlet's have it all in one... oh no it's all broken03:05
qcjnok, i think i understand the principle of the chkconfig command. What it does when you put the add option it checks in the service script, with grep maybe, what are the option that you have put on the chkconfig line03:05
patdk-lapI have like 100 vm's03:06
arrrghhhdang03:06
qcjnno /var/lock/subsys/   either03:10
qcjnmust be /run/lock03:10
arrrghhhqcjn, every linux distro will be slightly different03:12
qcjnok03:13
arrrghhhabout the only thing similar is the kernel ;)03:14
qcjnarrrghhh, would you know how i can make so that it logs in /var/log/myservice.log   in fedora 15 we just had to add this line      user.*   /var/log/myservice.log     in the syslog.conf and restart syslogd03:20
arrrghhhqcjn, it's similar.  change /etc/rsyslog.conf03:20
arrrghhher, that might be in /etc/rsyslog.d/50-default.conf actually03:21
qcjni tried putting it in 50_default but it doesn't work03:21
qcjnneither in rsyslog.conf03:21
qcjnit s always sent to /var/log/syslog03:21
arrrghhhqcjn, well look at the lines03:21
arrrghhhthey are processed in order03:22
arrrghhhthe *.* -/var/log/syslog sends everything to /var/log/syslog03:22
arrrghhhthere's a user.* that's commented out pointing to /var/log/user.log03:22
patdk-lapwell lines go to all rules03:22
patdk-lapunless it hits a stop rule03:22
arrrghhhoh yea, you could send the same information to multiple places03:22
arrrghhhsimultaneously03:22
arrrghhhqcjn, so uncomment that line and change it to /var/log/myservice.log03:23
qcjnarrrghhh, yes i've seen the user.log , but i want my own03:24
arrrghhhi don't understand03:25
qcjni'll try it. but i ve put aline similar as the user.log under the commented one, and it didn't work. Always just the syslog03:25
arrrghhhchange the /var/log/user.log to /var/log/myservice.log03:25
qcjnpatdk-lap, must i put a "stop rule "03:25
qcjncause we can test with logger command03:26
patdk-lapif you want to not log it, yes03:27
qcjnpatdk-lap, no thats not what i want. I want it to be log in myservice.log03:28
patdk-lapheh?03:28
arrrghhhqcjn, don't put any stop rules..03:28
patdk-lapyou said you didn't want it in syslog03:28
patdk-lapso  you put a rule that says, log to myservice03:28
arrrghhhyes03:29
patdk-lapthen you put a rule that says, don't follow any more rules03:29
qcjni don't want the other services not to be able to log in syslog. i just want myservice to be log in myservice.log03:30
arrrghhhqcjn, then add the line i mentioned?03:31
arrrghhhso you want everything to go to /var/log/syslog and /var/log/myservice.log?03:31
arrrghhhadd a line '*.*      -/var/log/myservice.log'03:31
qcjnlogger -p user.info "file has been modified" <== this is the line in the sript03:32
arrrghhhwhat is this, i don't even...03:32
patdk-lapthat line will log it, and log it with sync active03:33
paradizelosti'm setting up lvm for the first time and looking to do a snapshot rotation, but i'm not sure on how to size my snapshot volume, any recommendations?03:33
patdk-lapbut it won't stop it03:33
patdk-lapthe simple way03:34
qcjnit wont stop it to log to syslog. Right. but that doesn't matter. As long has it s logged in myservice.log03:34
patdk-lap10-myservice.conf03:34
qcjnok03:34
patdk-lapuser.*  /var/log/myservice.log03:34
patdk-lapuser.*  ~03:34
patdk-lapdone :)03:34
qcjnuser.*  ~   <== but will this line stop other services from writing to syslog ?03:34
patdk-lapit will stop anything that matchs03:35
qcjnah, ok. now i see03:35
qcjnThanks. I'll try this03:35
patdk-lapI use that often, to not log annoying stuff I don't care about03:36
qcjnok03:36
arrrghhhpatdk-lap, so can you explain why the second line is necessary?03:37
arrrghhhit seems like the first line would be sufficient03:37
patdk-laparrrghhh, I have to say it again? it logs to ALL matching lines03:38
arrrghhhthat... i guess just doesn't make sense.03:38
patdk-lapnothing about the first one says, don't continue03:38
arrrghhhbut i'm not in the right state of mind for this03:38
patdk-lapthe - only means, don't write buffer03:39
patdk-lapif you use - on all logs, your going kill performance03:39
patdk-lapso use it when needed03:39
arrrghhhit's on 'em by default03:39
qcjnit s like saying "write to that file only" if there is another rule, don't follow it. Right03:40
patdk-lapya, and by default it's for safety03:40
paradizelostanyone who can help with lvm snapshotting around?03:40
patdk-lapsync logs can be nice and all, but generally I don't see the point of sync writes for syslog/messages, for auth, sure03:41
patdk-lapmaillog, for me atleast, defently not, too much logging for it to be sync03:41
qcjnfor now i don't really understand what all does category's of log means. Sean them for the first time yesterday03:45
qcjns/all does/all those03:45
qcjnseen03:45
qcjndaemon /root/bin/suivi_fic_lsof.sh   <=== this is a line in my service, and i get this error ==> ligne 20: daemon : commande introuvable03:57
qcjn. /lib/lsb/init-functions  <== this is in the service script to03:57
qcjnearlier i did a "grep daemon /lib/lsb/init-functions" and some line came out. But i'm to much of a novice to tell if the functions we're ok !03:59
Kentoshello there03:59
qcjnBy the way, the rsyslog, works, i tested it with logger03:59
qcjnhi, Kentos03:59
Kentosstill giving my dell 2800 the old college try, hoping to get it running04:00
Kentoscan't seem to find a way to boot into an install cd or usb04:01
arrrghhhKentos, even the alternate CD?04:01
Kentosyeah, i got into the alternate CD i believe but i had no idea what was going on with that, looked like a desktop install or something04:02
arrrghhhwell make sure you download the right disc04:02
KentosDLing the 32bit yeah04:02
arrrghhhserver or desktop04:02
Kentosabout 20 times no so far lol04:02
Kentoslol i didnt buy a server to run ubuntu desktop on it =P04:02
arrrghhher04:03
arrrghhhi guess alternate is for desktop only04:03
Kentosbut indeed i have DLed the server ones a lot, the alternate cd doesnt look really like either but some different installer entirely04:03
arrrghhhsorry, i forgot about that04:03
arrrghhhthe alternate and server installs should be the same from the installer perspective04:03
arrrghhhjust what is installed is different obviously04:04
=== cpg is now known as cpg|away
Kentosgave me different boot interfaces, only 4 options on the alt installer and the server one wouldnt install properly, didnt detect my nic or a lot of my hardware04:04
arrrghhhwhat do you mean didn't detect your nic04:04
Kentosmight have to try an older version of the ubuntu server04:05
arrrghhhis this really old hardware or something?04:05
arrrghhhdid you test the hardware first?  is it good?04:05
Kentossaid my network adaptor wasnt detected, asked me where to get the driver from, but, i reloaded the old OS on it(which was the previous owners) and the card is working fine04:05
arrrghhhthat doesn't sound like ubuntu server.04:06
Kentoshuh?04:06
arrrghhh"said my network adaptor wasnt detected, asked me where to get the driver from"04:06
arrrghhhthat doesn't sound like anything ubuntu server would do ^^04:07
arrrghhhasked you where to get the driver from?  that sounds very windows-ish04:07
Kentosyeah gave me an option, 'not installed' 'hdlc' and "use driver on meida' or something similar04:07
Kentosyeah, i suppose it does04:07
arrrghhhthis was during the installation?04:08
Kentosbut windows doesnt have a purple background and a text installer lol04:08
arrrghhh.....04:08
arrrghhhregardless, is this really old hardware?04:08
Kentosthis was while trying to install from a usb which was odd, i didnt think it could do that. The odd part is it didnt ask me which of the 7 drives to isntall it on04:09
Kentosyeah, its a dell poweredge 280004:09
arrrghhhyou can install from usb04:09
Kentoswell, some consumer products dont support it that are as old as this server, but it has a usb emulation option, hardware auto and floppy selectionds04:09
Kentosharddrive**04:10
arrrghhhwell i really don't know04:10
Kentosits an interesting interface, Im not familiar with actual server hardware, let alone a server bios and raid card 'bios' etc.04:10
arrrghhhit sounds like you've tried so much you don't know what you've tried anymore.04:10
Kentosno04:11
Kentosi've tried using many diferent DLs of the iso, but with the real hash check page (not the main support page one that gives false hash values) it looks like it should boot with what i have, however it wont seem to boot from the CD drive, and the checksum on the usb (when done before trying to install) produces errors04:12
arrrghhhwell that's not good04:13
arrrghhhwhat are you talking about false values04:13
arrrghhhoy... the md5sum should be right on the iso04:13
Kentosthe md5sum values listed on the main ubuntu howtomd5sum check(or whatever the link is) points to a page that states many different hash values, i've never found one that matched so far. However when i google the hash value checks i found a seperate site that listed the hash values of what i saw on my checks04:14
arrrghhhlol04:15
arrrghhhthis sounds dubious at best04:15
Kentoswhich just shows the numbers in a browser listed, no special website design or anything04:15
Kentoswell, its all i can find on the hash values that works, and downloading the files never work no matter if i use mirrors or torrents04:15
arrrghhhdo the downloads not complete or something?04:16
Kentosit always produces the hash value that is not directly shown on the ubuntu support pages04:16
Kentosthey always complete04:16
arrrghhhthere isn't an md5sum on the iso itself?04:16
Kentosthe iso is just an iso file, i could take a look again but thats pages and pages of numbers04:17
arrrghhhlook inside the iso04:17
arrrghhhit's just like a zip file04:17
Kentosi used winmd5sum for the hash check04:17
arrrghhhno04:17
Kentosidk about that04:17
arrrghhhwell, that's one place to hashcheck i guess04:17
arrrghhhthat would check if the download is good04:17
arrrghhhi guess you're not getting a boot menu so you can't integrity check, nvm04:18
Kentosthats what im saying, i do the hash check and no matter where i get the download its always the same hash value04:18
Kentosbut it doesnt match the value on ubuntus main support site, let me try and find it again04:18
mysteriousdarrenKentos: did you try to install any?04:18
arrrghhhit should be on the iso04:18
Kentoshttps://help.ubuntu.com/community/UbuntuHashes04:19
Kentosthat one always shows me an incorrect match04:19
arrrghhhso you burn the iso04:20
arrrghhhyou go to install04:20
arrrghhhand the installer fails?04:20
Kentoshowever i never get a different hash value from a check on any DL of the ISO, meaning every iso always shows the same hash value when checked, but of course it doesnt match as i stated before04:20
arrrghhhas i said04:21
arrrghhhthe MD5 is on the ISO04:21
arrrghhhmd5sum.txt04:21
arrrghhhat the root of the iso04:21
Kentosno, cant even get it to boot on the cd, i used a usb through the universalusbinstaller, since i can't even get it to show up with a cd04:21
arrrghhhalthough i guess that's just md5's of the individual files04:21
arrrghhhderp, i thought it had the md5 of the iso04:21
arrrghhhKentos, that sounds like a hardware/bios issue04:21
arrrghhhif you can't get it to boot from cd04:21
Kentosno worries, it is an old server, im not sure it will work with the newer 12.04 release04:22
arrrghhhit should04:22
arrrghhhif it's not even booting from the cd... lol04:22
Kentosim currently cleaning some scsi drives in hopes that ill get a step further lol no idea how that would help but i'm trying whatever I can04:22
arrrghhh....04:23
arrrghhhyou should try booting without anything plugged in, just to see if you can get the thing to boot04:23
arrrghhhwell, plug in the optical drive04:23
arrrghhhbut if you can't even boot like that, your BIOS is not configured correctly04:23
Kentosyeah, ill check it out in a minute here, i was thinking of pulling the HD trays out and see what happens04:24
arrrghhhso you've checked the BIOS settings?04:25
arrrghhhsometimes boot from cd is disabled for security reasons04:25
arrrghhhor so people can't accidently screw things up :P04:25
Kentosyeah i might have, but i didnt see an option to enable or disable boot from cd04:26
arrrghhhmight be the issue04:27
arrrghhhif it's disabled, it might not show up in the boot order04:27
arrrghhhso you'll have to enable it04:27
Kentosjust boot sequence, and boot disk priority04:27
Kentosno, the ATA drive(the cdrom) should be enabled04:27
arrrghhhhey you said you can't boot from it04:28
Kentosoddly theres a virtual floppy and virtualcdrom drive on here,. no idea what thats about04:28
arrrghhhDRAC04:28
arrrghhhthere's probably a DRAC card04:28
Kentosyeah, but i got a usb stick as well lol04:28
Kentosyeah there is04:28
arrrghhhthat's what the virtual stuff is for04:28
Kentosmaybe i should disable the RAID drives? not sure what to do lol04:31
=== cpg|away is now known as cpg
arrrghhhdisable everything04:31
arrrghhhdisconnect everything04:31
arrrghhhstrip it down to the bare essentials04:31
arrrghhhmake sure you can boot from some cd04:32
arrrghhhthat you know works in other machines for example04:32
Kentosill check it on this machine quick and make sure04:32
=== arrrghhh is now known as arrrghhhAWAY
qcjnGnite, andthanks04:44
Kentosalrighty04:46
Kentosseems as though its telling me to reconnect all the drives and reboot the system, im going to let it go forward and try to boot though, the CD was indeed a good cd04:48
protoCall7Hey oApocalypse:  did you ever get your minidlna project figured out?05:07
=== n0ts_off is now known as n0ts
=== cpg is now known as cpg|away
=== cpg|away is now known as cpg
mysteriousdarrenKentos: what happened?06:55
=== n0ts is now known as n0ts_off
=== n0ts_off is now known as n0ts
Sachin__whats the solution for thread level file locking?07:50
=== n0ts is now known as n0ts_off
=== mcclurmc_away is now known as mcclurmc
=== cpg is now known as cpg|away
kisomHey guys. I need a pointer to how I should get my ubunty 12.04 machine to connect to a WPA network using mschapv211:51
kisomGoogle haven't turned out anything useful so far11:51
=== n0ts_off is now known as n0ts
=== n0ts is now known as n0ts_off
KentosHey everyone13:45
=== n0ts_off is now known as n0ts
Danawarhey ubuntu server my server went down this morning at 7:20 and i have no idea why all my hosted services like teamspeak minecraft etc went offline15:46
Danawarafter reading the syslogs the last entry nearest the time was -15:46
DanawarSep  8 07:09:01 Grantleyserver CRON[11129]: (root) CMD (  [ -x /usr/lib/php5/maxlifetime ] && [ -d /var/lib/php5 ] && find /var/lib/php5/ -depth -mindepth 1 -maxdepth 1 -type f -cmin +$(/usr/lib/php5/maxlifetime) ! -execdir fuser -s {} 2>/dev/null \; -delete)15:46
DanawarSep  8 07:17:01 Grantleyserver CRON[11748]: (root) CMD (   cd / && run-parts --report /etc/cron.hourly)15:47
Danawaris there any where else is should be looking for information on why the server went down?15:47
SpamapSDanawar: perhaps look at what /etc/cron.hourly runs15:53
DanawarLooking into that directory there is nothing just .placeholder15:58
DanawarCould the server have over heated or somthing? where would that be presented in logs?15:59
DanawarThe server was on no vga output and no services like ssh were working15:59
qman__sounds like a hardware crash, if there is any log, it could be in /var/crash16:02
qman__but that only occurs if you have it set up to, and even then only under certain types of crashes16:02
qman__you can also check /var/log/kern.log for panics16:02
DanawarI will check both now thanks for your help!16:03
qman__one other thing, if you have a kernel panic, the keyboard num lock / caps lock / scroll lock lights will flash in various patterns16:04
DanawarOnly pidgeon and compiz crashes16:04
qman__if you're running compiz, you're running a desktop16:05
qman__there's a reason server doesn't include those things, they're not stable, and a graphics crash can halt a system16:05
DanawarTrue16:06
DanawarI took the risk because i am a novice and trying to learn server administration and security16:06
Danawarlast item in kern log was ufw  at 4:00 in the morning im gussing it was probably a graphics crash16:07
qman__just FYI, the correct way is to install the absolute minimum software needed on the server, and administer it from your desktop with SSH16:11
qman__there aren't any GUI tools to administer it anyway16:11
qman__it eliminates unnecessary security risks and potential things to crash16:13
=== n0ts is now known as n0ts_off
Troy^trying to think of some other neat things to run on my server right now it is just pretty much a sickbeard, couchpotato, usenet downloader/processor17:58
Troy^please help, i'm trying to make specific users only able to access their home directory, i edited the config file but on login of that user it gets Response:500 OOPS: vsftpd: refusing to run with writable root inside chroot()18:53
=== cpg|away is now known as cpg
qman__Troy^, the right solution is to not use FTP19:04
qman__SFTP has this feature built in, it only needs to be enabled19:04
Troy^SFTP is accessable by a ftp client correct?19:05
qman__only if it supports it19:05
qman__but filezilla and winSCP both support it19:05
qman__there are dozens of other reasons to never use FTP for anything, ever19:05
qman__http://mywiki.wooledge.org/FtpMustDie if you want to learn them19:06
qman__http://www.debian-administration.org/articles/590 for an explanation of how to set up sftp for chroots19:06
qman__it's for debian but ubuntu is close enough19:07
Troy^ok thanks i'll try it out19:08
Troy^so what is suppose to replace ftp19:10
StevenRsftp19:11
StevenRyou can use rssh if you only want sftp users to have sftp/scp access19:11
qman__or you can use the sftponly directive in the config19:17
qman__as in that example19:17
Troy^seems like something keeps eating my server ram19:28
Troy^when i first boot it uses like 11-19% memory19:28
Troy^3 days later i'm at 45%19:28
qman__what are you using to measure it19:31
qman__rather, do free -m19:32
qman__ignore the first set of numbers, and instead only pay attention to the free memory +/- buffers/cache19:32
qman__linux (rightly) uses all free memory as disk cache whenever possible19:32
riz0nhello, I have a new Ubuntu 12.04.1 server installation. I have configured postfix, dovecot, spamasssassin, amavis, and SA is actually flagging spam as it should. I am using the Maildir/ format for email. I want to enable procmail so that the server will automatically move all messages marked as ***SPAM*** to junk e-mail folder. I created a /etc/procmailrc file, which defines DEFAULT and19:35
riz0nMAILDIR  as "$HOME/Maildir/" and uncommented the mailbox_command=procmail -a "$EXTENSION" ... however when I do this, spam messages no longer get marked, and it is not moving the messages to its respective location. I need this filter to be system-wide. What do I need to do to get this to function properly?19:35
Troy^oh ok qman__ that makes sense19:35
Troy^1346m free19:36
=== cpg is now known as cpg|away
riz0nAlso,if you guys would like to see my config files, where would be a good place to pastebin?19:39
=== arrrghhhAWAY is now known as arrrghhh
=== arrrghhh is now known as arrrghhhAWAY
Troy^riz0n: cat cfg.conf | pastebinit19:57
Troy^where cfg.conf is interchangeable etc.19:57
riz0nTroy^: http://ubuntuforums.org/showthread.php?p=1222665420:10
Troy^riz0n: i'll look at it but possibly may not beable to help. i have very little knowledge in running a mail server20:13
Troy^* ^Subject.*\*\*SPAM\*\*20:16
Troy^your missing another "*"20:16
Troy^?20:16
guntbertafter installing ubuntu server on a dell machine (no idea if that is important) the grub menu won't show even with <shift> pressed - any ideas how to get the grub menu (without commenting out the "GRUB_HIDDEN" lines in /etc/default/grub) ?20:16
Troy^riz0n: this line * ^Subject.*\*\*SPAM\*\* does not look right to me if your mail is going to have the spam be renamed to ***SPAM*** in front20:18
qman__guntbert, most likely, your keyboard isn't working in the short amount of time that grub listens for keystrokes20:35
qman__I'd suggest turning off hidden and using a longer timeout (like 5 seconds)20:35
qman__at least to troubleshoot it20:35
qman__you can then turn hidden back on if you confirm it20:36
guntbertqman__: ah, you might be on to the cause - with hidden switched off and timeout=5 I was not able to select anything - so remains the question: what could I do to keep the keyboard activated?20:37
qman__the culprit is probably the USB keyboard settings in the BIOS20:37
qman__problem is, a dell or any other OEM board probably won't let you change them20:38
qman__if your system is old enough to have a PS/2 port and you have a PS/2 keyboard, give it a try20:40
guntbertqman__: entirely possible - thanks for the input - strange thing is that the keyboard works immediately after the system start (F12 for boot menu for instance)20:40
qman__also, if you're using a wireless keyboard or something equally high-level, try a normal one20:40
qman__there's a reason USB keyboards took so long to catch on as standard20:40
qman__the support has always been weird like that20:41
qman__what is probably happening: Dell BIOS sees USB keyboard and knows how to use it, but is set in a mode where it doesn't send legacy keystrokes to the OS20:41
guntbertno, they are rather new systems - only usb - but it is only a real problem when I mess up the password hash in the preseed file :)20:41
qman__after grub loads linux, linux knows what to do with it20:41
guntbertqman__: your explanation is very convincing, thanks20:42
riz0nTroy^: Thanks. Here is the issue. When I have the mailbox_command line #'d out, I get messages in the INBOX with ***SPAM*** however when the line is uncommented, spam messages do not have ***SPAM*** prefixed to the subject. I did add the extra \* to the procmailrc file20:44
Troy^hmm riz0n i don't really know what to say20:45
riz0nTroy^: Thanks. I think one problem was, possibily, was I had the the mailbox_command line before the content_filter. I changed those two lines around.20:49
Troy^riz0n: works now?20:49
riz0nAlso in the procmailrc file, should I have :0 or :0: ??20:49
riz0nTroy^: Not sure, I will have to wait for someone to spam me :P20:50
Troy^riz0n: ahh lol20:50
riz0nOK I will wait a few hours and see what happens. if I don't get the results I am aiming to achieve, I will come back and seek more advice.21:00
learnorchestraguys, a newbie question, is MAAS and Orchestra the same thing?21:00
=== cpg|away is now known as cpg

Generated by irclog2html.py 2.7 by Marius Gedminas - find it at mg.pov.lt!