/srv/irclogs.ubuntu.com/2012/10/13/#ubuntu-server.txt

=== cpg is now known as cpg|away
=== Stoob is now known as 45PAA9ZZT
=== cpg|away is now known as cpg
=== cpg is now known as cpg|away
=== ScottK2 is now known as ScottK
=== LordOfTime is now known as TheLordOfTime
=== n0ts is now known as n0ts_off
=== n0ts_off is now known as n0ts
pmp6nlHello, is suphp or suExec installed by default in ubuntu server 12.04? Thanks02:46
patdk-laphmm, php and apache isn't install by default, so no02:47
pmp6nlpatdk-lap, I installed php and apache, so are those included?02:53
patdk-lapsuexec should be, suphp no02:53
jvargasguys, do you know of a web application to display postfix's incoming/outgoing/status log?02:54
jvargasin a user friendly way.02:54
pmp6nlok patdk-lap thanks.  Whats a good way to reset ftp info. I forgot my password.02:54
=== n000 is now known as koolhead17
cyphermoxhey03:54
cyphermoxassuming I'm using juju with a local environment now; and my environment data-dir is on an external drive that wasn't mounted immediately when I booted03:54
cyphermoxhow do I get juju to get back to being able to connect to whatever it tries to connect to to get the state of services?03:55
cyphermoxright now all I get is "2012-10-12 23:55:27,150 ERROR could not connect before timeout"03:55
pmp6nlHello, is there a way to disable sftp temporarily?  So I can use just FTP?04:10
pmp6nlCan anyone tell me if the following is good for my.cnf file http://pastebin.com/vBcAbyz604:20
pmp6nlWhere does ubuntu log mysql errors?05:12
uvirtbotNew bug: #1066224 in bind9 (main) "package libdns81 1:9.8.1.dfsg.P1-4ubuntu0.4 failed to install/upgrade: eroare la scrierea în „<standard output>”: Success" [Undecided,New] https://launchpad.net/bugs/106622405:31
SyriaHi, Could you please let me know whether these settings are correct?06:14
Syriahttp://paste.ubuntu.com/1276269/06:14
=== cpg|away is now known as cpg
=== Err404NotFound is now known as Error404NotFound
=== dendrobates is now known as dendro-afk
=== Guest72551 is now known as maxb\
=== maxb\ is now known as maxb
=== protoCall7_ is now known as protoCall7
basil60hi I'm wondering if someone can offer advice on checking my ubuntu server for malware. My ISP contacted me about SPAM reported from my IP. My PC appears clean, and I believe it must have come from my server. I've run a rootkit check, which showed nothing. I just run a server for a website, and some other service like opensim and MOO. I'm a linux noob, but I'd like to keep my server online after I clean up an problems.07:00
CrypticSquaredbasil60: start with going through logs and check for gaps in timestamps etc07:05
basil60thanks..when you say logs....which ones should I be looking through for malware activity?07:05
CrypticSquaredbasil60: all of them. /var/log/*07:06
CrypticSquaredespecially the auth.log and apache logs07:06
basil60Ok...gaps in timestamps???What will that show?07:06
CrypticSquaredif someone really does have access they most likely delete any logs to their activity.07:07
basil60thanks..I'll start checking07:07
basil60how will I tell suspicious activity - does this look suspicious? 220.248.86.150 - - [05/Oct/2012:02:06:10 +1000] "HEAD / HTTP/1.0" 200 176 "-" "-"07:18
basil60and what about this - 85.190.0.3 - - [05/Oct/2012:16:02:21 +1000] "CONNECT 213.92.8.7:31204 HTTP/1.0" 200 322 "-" "-"07:20
basil60and does this look suspect? 209.34.230.10 - - [05/Oct/2012:14:04:51 +1000] "GET /user/soapCaller.bs HTTP/1.1" 404 397 "-" "Morfeus Fucking Scanner"07:22
basil60morfeus fucking scanner07:22
basil60I'll try again later07:37
Jeeves_ufw allow proto vrrp from any to any08:19
Jeeves_ERROR: Unsupported protocol 'vrrp'08:19
Jeeves_Grrrr08:19
Jeeves_Anyone has a clue how to open this up using ufw?08:21
lordievaderJeeves_: Find the ports "vrrp" uses and open those.08:22
Jeeves_lordievader: vrrp has its own protocol number08:23
Jeeves_11208:23
Jeeves_But ufw's code is too basic08:23
Jeeves_if 'proto != (tcp|udp|ipv6|any); BORK'08:24
lordievaderJeeves_: Perhaps this is usefull to you: http://www.cyberciti.biz/faq/linux-unix-verify-keepalived-working-or-not/08:25
Jeeves_lordievader: I know how keepalived works08:27
Jeeves_I now also know that UFW is tooo uncomplicated :)08:27
lordievaderJeeves_: I was going for the manual iptables edit..08:27
Jeeves_lordievader: That's already in place08:28
Jeeves_I was hoping I could do it nicely08:28
Jeeves_But thanks08:30
lordievaderJeeves_: I'm sorry I couldn't be of more help.08:31
Jeeves_lordievader: It's not your fault Ubuntu often starts new stuff but doesn't finish them as often :)08:36
Jeeves_s/Ubuntu/Canonical08:36
=== n0ts is now known as n0ts_off
=== n0ts_off is now known as n0ts
=== n0ts is now known as n0ts_off
RoyKthe default behaviour for raid, to jump into busybox on bootup if a drive is dead, doesn't make sense10:21
ogra_patches accepted :)10:22
=== doko_ is now known as doko
=== cpg is now known as cpg|away
ScG^Dedicatedhi there, I am new to apparmor and I am creating some profiles by allowing (and sometimes globbing) basicly everything so I can change it later on. My problem is that I have no idea what some rules do or why they need access to something like for example my /home/user/.private (I believe), I would certainly appreciate it if anyone could help me out or point me a little into the right direction :)12:04
delinquentmecan I copy remote symlinks with rsync?12:05
RoyKogra_: http://paste.ubuntu.com/1276713/12:11
RoyKogra_: it's prompted for during the installer, but only if you have root on raid, meaning if you don't know this, and you lose a drive, even with a RAID-6 with a spare, which is totally good, the server won't boot up because of this nonsense, and you need console access12:13
RoyK!bug 105954112:14
uvirtbotLaunchpad bug 1059541 in initramfs-tools "Change default behavoir to boot degraded RAID" [Undecided,New] https://launchpad.net/bugs/105954112:14
ScG^Dedicatedanyone able to help me out with apparmor?12:18
RoyK!ask | ScG^Dedicated12:26
ubottuScG^Dedicated: Please don't ask to ask a question, simply ask the question (all on ONE line and in the channel, so that others can read and follow it easily). If anyone knows the answer they will most likely reply. :-) See also !patience12:26
ScG^Dedicatedwell I have a multiple questions really12:29
ScG^Dedicatedand I am also not really too sure what to ask sometimes12:29
uvirtbotNew bug: #1066272 in openvpn (main) "script_security not set" [Undecided,New] https://launchpad.net/bugs/106627212:30
ScG^Dedicatedok here goes12:31
ScG^Dedicatedwhy does my xchat need to access my /home/*/erwin/.Private/ directory?12:32
RoyKthat's where the encrypted files are stored if you use encrypted homedir12:33
ScG^DedicatedRoyK, why would xchat need to access or store something there though?12:37
ScG^DedicatedI can't imagine that xchat needs to access it to be able to function properly12:38
RoyKScG^Dedicated: nether do I - linux should mount the encrypted filesystem and expose it as it is12:38
ScG^Dedicatedwhat is the  /usr/lib/i386-linux-gnu directory used for?12:41
=== dendro-afk is now known as dendrobates
RoyKScG^Dedicated: system libraries12:48
ScG^Dedicatedugh so hard to understand everything I feel like I need a lot more linux knowledge before I try using AppArmor12:51
RoyKguess so :)12:51
RoyKScG^Dedicated: for what do you want to use apparmor?12:51
ScG^DedicatedRoyK: I enjoy learning and especially security related things so I am trying to secure my laptop as well as I can12:53
RoyKit's probably well secured already12:54
RoyKScG^Dedicated: have you configured ufw?12:54
ScG^Dedicatedso after I finally manage to get AppArmor working I will do a reïnstall and will encrypt my HDD12:54
ScG^Dedicatedyes12:54
ScG^DedicatedI have used Bodhi Zazen's security topic on ubuntuforums12:55
RoyKapparmor is there by default12:55
RoyKbut it's probably possible to secure things better12:55
RoyKthing is, normally it's not needed12:55
RoyKselinux is even better for securing linux, but then, it's even more complex12:56
ScG^DedicatedI am pretty new to linux and I do not understand how it works yet, which makes me feel a little unsafe to be honest aswell12:56
ScG^Dedicatedhaha I have read that too indeed12:56
RoyKso better spend some time understanding how linux works12:56
ScG^DedicatedI want to start out with apparmor12:57
RoyKthen what do you want it for?12:57
ScG^Dedicatedand also, I like ubuntu ^^12:57
RoyKapparmor is already installed and configured12:57
ScG^Dedicatedtrue12:57
ScG^DedicatedI want to add profiles for the things I use12:57
ScG^Dedicatedlike firefox, xchat, skype etc12:57
RoyKok12:57
RoyKI can't help you there, sorry12:58
ScG^Dedicatedno problem12:58
ScG^DedicatedI am already very gratefull for your help/time so far :)12:58
RoyK:)12:59
ScG^Dedicatedbasicly me plan was/is: configure firefox and install and configure extra plugins for it. then configure ufw. then look into changing some default ubuntu settings. and then move on to apparmor. after I got everything how I want it. I reïnstall everything but then encrypt my whole HDD with TrueCrypt ^^13:01
RoyKScG^Dedicated: encrypted home should suffice for most13:02
RoyKthat also uses encrypted swap, so your data is safe13:03
ScG^Dedicatednot from the outside :p13:03
ScG^Dedicatedmust make it impenetrable! haha13:03
RoyKwell, unplug it ;)13:04
ScG^Dedicateddon't worry RoyK I enjoy it13:04
ScG^Dedicatedwhahaha13:04
RoyKthat's the classic tradeoff13:04
RoyKyou can't secure a system 100% so long it's networked13:04
ScG^Dedicatedyou might be able to answer something else though13:04
RoyKand connected to the internet != secure13:04
* RoyK works with securing systems13:04
ScG^DedicatedI know linux does not require AV because we do not have direct root access virusses can't do what they are made to do am I right?13:05
patdk-lapdefently not13:05
patdk-lapthe same applies to windows too, and they still get viruses13:06
patdk-lapand just cause you don't have root, doesn't mean the virus must have root to do it's thing, or there isn't a root exploit13:06
RoyKScG^Dedicated: there are root exploits too, that can be rather nasty, but there's a while since one hit my machines13:06
RoyKlocal root exploit may seem "just local", but with a small trojan, it can be rather nasty13:07
patdk-lapI see viruses on linux, about every week, and a root exploit about once a month13:07
patdk-laplucky the root exploits are normally patched and don't work13:07
RoyKpatdk-lap: viruses?13:07
RoyKpatdk-lap: what sorts?13:07
patdk-laproyk, ya, users and other people uploaded them to the webservers13:07
patdk-lapnormally to send spam, not looking for root13:08
RoyKlinux-targeted viruses?13:08
patdk-laphmm, ya13:08
RoyKexample?13:08
patdk-lapthere have been linux targeted botnets for years now13:08
RoyKusing some php shite to get in?13:08
ScG^Dedicatedhow do you pretect yourself from them?13:08
patdk-lapwell, anything to get in, apache, php, ftp, sftp, ...13:09
RoyKdoesn't help much to upload a file on ftp...13:09
RoyKunless someone has enabled auto-execute of anonymous ftp uploads ;)13:09
ScG^Dedicatedpatdk-lap, you make it sound like linux isn't any safer then windows13:10
patdk-lapwell, the ftp/sftp issues are normally double, virus infected windows machine and they get the users passwords to attack with13:10
patdk-lapScG^Dedicated, well, root is much harder to get at than windows13:11
patdk-lapbut protecting a user from running something bad, can't be done13:11
patdk-lapif a user installs a spam sending program, how do you protect from that?13:11
ScG^Dedicatedagreed13:11
patdk-lapnot all viruses want to hack the system, that is my issue :)13:12
patdk-lapnow doing clamav scans does find a lot of them, not 100%13:12
patdk-lapI do my own regex scans of all file uploads too, that helps catch the ones clamav misses13:13
ScG^DedicatedI am pretty confused now though13:13
ScG^Dedicatedare there virusses outside of installing infected software?13:13
RoyKScG^Dedicated: for your laptop, what patdk-lap says normally won't concern you, since it's about uploads to servers13:13
ScG^Dedicatedahh right13:14
patdk-lapthere are all kinds of viruses13:14
patdk-lapbut unless you have an entry point, your unlikely to get one :)13:14
RoyKpatdk-lap: there are, but don't spread more FUD than necessary13:14
patdk-lapwell, saying linux is imune to viruses is fud13:14
RoyKno, it's the opposite of FUD, it's naïvety13:15
ScG^Dedicatedwell up till now I believed that linux was sort of immune to virusses as long as you don't install software that is infected13:15
RoyKpatdk-lap: but linux and mac os x are still way better than windows at that point13:15
ScG^Dedicatedoh and rootkits they too13:16
RoyKScG^Dedicated: rootkits, javascript viruses, java security holes, whatnot13:16
patdk-lapoh ya java :)13:16
RoyKto secure your laptop completely you should encrypt the disk, throw away the key and turn off the machin13:17
patdk-laplots of linux machines got hit with that last month :(13:17
ScG^DedicatedRoyK, well the java,javascript and such you can protect yourself from with the noscript addon for Firefox right?13:17
RoyKjava applets aren't scripts13:17
patdk-lapnoscript is only for javascript13:17
ScG^DedicatedI have no idea how to prevent getting rootkits though other then rkhunter and the chrootkit13:17
ScG^DedicatedI thought noscript was for java too13:18
patdk-lapgenerally, rootkits don't work, if you update13:18
RoyKScG^Dedicated: calm down, in most settings, a linux machine is rather secure13:18
patdk-lapbut, a rootkit has to get onto your system first, to be used13:18
RoyKScG^Dedicated: if you allow ssh into the system, using things like denyhosts will help a lot13:19
RoyKif you don't, no problem there13:19
ScG^Dedicatedalright but for example, it's been years since I had anything on my windows machine since I secured it well. I am trying to do the same with linux this time but this time I want it to be even better. I am only working towards that goal for fun13:19
ScG^Dedicatedno SSH here13:19
patdk-lapwell, you generally have two things to protect13:20
patdk-lapmake sure you install updates, and use apparmor type things13:20
patdk-lapthat protects from rootkit type stuff13:20
patdk-lapand then protect from external access (updates help here too for like firefox)13:20
ScG^Dedicatedby external you mean firefox, xchat, skype and such? the www? ^^13:21
patdk-lapyep13:21
patdk-lapI haven't had issues with firefox/xchat13:22
patdk-lapI normally don't go to virus prone websites though13:22
ScG^Dedicatedany tips as to protect from that? I already use ufw and some firefox addons with secure configuration13:22
patdk-lappersonally, I haven't bothered at all13:22
ScG^DedicatedI whitelist most sites13:23
patdk-lapand I don't bother to *secure* my windows machine either I use13:23
ScG^Dedicatedohh ok xD13:23
RoyKScG^Dedicated: I think you're being a bit paranoid ;)13:23
patdk-lapnether have had a virus13:23
ScG^DedicatedRoyK, I just enjoy it13:23
patdk-lapit's more user habbits, and websites you visit that gets viruses, I have seen13:23
RoyKok :)13:23
ScG^Dedicatedit's not like I fear it13:23
ScG^Dedicatedbut I find it a really entertaining challange13:23
patdk-lapit's just my servers, that must have external user logins or webservers that I have issues with :)13:24
ScG^Dedicatedso in other words my laptop is pretty darn virus/rootkit proof after I get apparmor to work? ^^13:25
patdk-lapalways seems to be a new 0day wordpress issue :(13:25
patdk-lapScG^Dedicated, should be good without it13:25
RoyKScG^Dedicated: it's probably safe enough - and btw, this is a server channel ;)13:25
patdk-lapapparmor will only help really, to help stop rootkits13:25
ScG^DedicatedI know sorry13:25
RoyKnp13:25
ScG^Dedicatedbut when I was searching for an apparmor related channel this was the only one with actual active people in it ^^;13:26
patdk-lapwell, it's a weekend13:26
ScG^DedicatedI can make a server though and try it on that if that helps no problem :p13:26
ScG^Dedicatedplanning to create a server in the future so this will help ^^13:27
ScG^Dedicatedare new releases of distributions also safer? or doesn't that really matter?13:28
delinquentmehow can I find out if a process is still running by its PID?13:44
RoyKdelinquentme: kill -0 $pid13:45
RoyKthat'll return zero if the process is running13:46
RoyKas in13:46
delinquentmeRoyK, but that wont kill the process right?13:46
RoyKif `kill -0 $pid`; then echo ALIVE; fi13:46
RoyKnot with -013:46
delinquentmecool!13:46
RoyKperhaps get rid of stderr like 2>/dev/null13:47
RoyKif `kill -0 $pid 2>/dev/null`; then echo ALIVE; fi13:47
* RoyK also wants ipv6 at home13:50
=== n0ts_off is now known as n0ts
delinquentmeHow can I edit the paths of a number of symlinks in a dir13:53
delinquentmeorr how about modifying the paths of anything that is a symlink within a directory?13:56
delinquentmeso I could possibly run a " find -type l " ... and then pipe it into ln for modifications right?14:07
RoyKshould work14:07
delinquentmecan symlinks be made to have relative paths instead of full system paths?14:09
RoyKyes14:10
RoyKln -s ../something somethingelse14:10
patdk-lapsometimes odd things happen then, expecially when you have symlinked folders14:11
RoyKmkdir x; cd x; ln -s ../x x; # whee!14:11
patdk-lapno I don't mean that :)14:12
delinquentmefind ./ -type l | ln TARGET LINK_NAME14:12
patdk-lapcan't remember exactly what it was14:12
patdk-lapbut when doing a symlink inside a folder symlink, things got strange14:12
delinquentmeso I've got that right ..?  now do I put in a variable or something in that to ensure that the item being piped from find ... is used as the LINK_NAME14:12
delinquentme?14:12
patdk-lapthink cause some things would access it via symlink folder, and some would dereference it first, and the relative didn't match up on both cases14:12
RoyKpatdk-lap: it must be resolvable - symlinks are just text files with an extra attribute, so if you're in /some/dir/blah, the symlink to ../123 will be just that, and won't work if you symlink /some/dir/blah to /wtf14:14
patdk-lapyep :)14:15
delinquentmesooo is there a system var that represents each item instance of something returned back from find?14:17
delinquentmein a pipe operation?  something like in ruby:   some_array.each{ |x| puts x}  where x is the var which contains the single instance of every item in some_array14:18
patdk-lapyou mean the -exec option?14:19
patdk-lapman find14:19
delinquentmepatdk-lap, kind of ... but since I'm running this recursively on a number of files ... files which I would like to maintain the names of14:22
delinquentmeid need something like find ./ -type l -exec command { ln -s -f some_file/tons/of/links individual_file/returned_by_find }14:23
delinquentmepatdk-lap, ^ .... if that is at all sensical14:23
RoyKfind ... -exec is a bit limited - I'd rather pipe that into something useful like perl script14:28
RoyKor script up the thing14:28
patdk-lapI normally would just pipe it to awk14:32
patdk-laplet awk write the new ln commands, then run the script awk makes14:32
TJ-How about "find ./ -type l -execdir ln -sf some_file/tons/of/links {} /;" ?14:36
=== masACC is now known as maswan
=== n0ts is now known as n0ts_off
=== n0ts_off is now known as n0ts
=== n0ts is now known as n0ts_off
=== n0ts_off is now known as n0ts
=== n0ts is now known as n0ts_off
=== n0ts_off is now known as n0ts
=== n0ts is now known as n0ts_off
resureGood day. What is the best way to add node.js app as a service that runs under some user with some env variables?18:16
ironmresno, check: man service18:17
=== cpg|away is now known as cpg
=== n0ts_off is now known as n0ts
=== n0ts is now known as n0ts_off
=== n0ts_off is now known as n0ts
=== n0ts is now known as n0ts_off
=== n0ts_off is now known as n0ts
Patty_19Hallo guys, I am new at Ubuntu, I have been playing with Ubuntu server (no GUI) for a while and there is a peculiarity I do not understand. Suddenly the font of the text  change without any reason, does anyone know why?? and how can i revert this?? ;-) thanks21:16
roaksoaxPatty_19: maybe try sudo dpkg-reconfigure console-setup21:19
Patty_19hmm ok i will try it thank you.21:20
Patty_19it happen very often, i though it was some sort of bug or perhaps normal behaviour21:20
submanI'm trying to setup webmin on two ubuntu servers, but I keep getting the famous 'Invalid RPC login' error.  In my searching is seems related only to Ubuntu and it's policy of no root logins.  Is there a way around this?  I don't seem to be able to find any online.21:22
jmarsden!webmin21:24
ubottuwebmin is no longer supported in Debian and Ubuntu. It is not compatible with the way that Ubuntu packages handle configuration files, and is likely to cause unexpected issues with your system.21:24
jmarsden!rootsudo21:24
ubottusudo is a command to run command-line programs with superuser privileges ("root") (also see !cli). Look at https://help.ubuntu.com/community/RootSudo for more information. For graphical applications see !gksu (GNOME, Xfce), or !kdesudo (KDE). If you're unable to execute commands with sudo see: http://www.psychocats.net/ubuntu/fixsudo21:24
submanAny alternatives?21:25
jmarsdenYes, but i forget its name...21:25
jmarsden!ebox21:25
ubottuzentyal is a web-based GUI interface for administering a server. It is designed to work with Ubuntu/Debian style configuration management. See https://help.ubuntu.com/community/Zentyal (Project formally known as eBox - including in Lucid/10.04).21:25
jmarsdenThere you go, take a look at zentyal21:26
submanThanks!21:26
jmarsdenYou're welcome21:26
submanI wish they would warn and stop providing up to date versions for debian then.21:26
submanOh, Zentyal is pay?21:28
jmarsdenNo, it should be free.  At least it was last time I looked!21:28
submanAh, I see.  Community version.  Whew.21:32
submanSmall Business is 50 Euros a month.21:33
submanThanks again.21:33
jmarsdenGlad to help.21:34
RoyKtest21:42
SpamapSsmoser: hey, I'm playing with quantal containers and cloud-init and I'm seeting nocloud-net userdata being processed before eth0 is up21:48
=== fjlacoste is now known as flacoste
\Master\Pehden\dumb question but is it possible to make my ubuntu-server throtle when downloading update23:43

Generated by irclog2html.py 2.7 by Marius Gedminas - find it at mg.pov.lt!