[02:46] <pmp6nl> Hello, is suphp or suExec installed by default in ubuntu server 12.04? Thanks
[02:47] <patdk-lap> hmm, php and apache isn't install by default, so no
[02:53] <pmp6nl> patdk-lap, I installed php and apache, so are those included?
[02:53] <patdk-lap> suexec should be, suphp no
[02:54] <jvargas> guys, do you know of a web application to display postfix's incoming/outgoing/status log?
[02:54] <jvargas> in a user friendly way.
[02:54] <pmp6nl> ok patdk-lap thanks.  Whats a good way to reset ftp info. I forgot my password.
[03:54] <cyphermox> hey
[03:54] <cyphermox> assuming I'm using juju with a local environment now; and my environment data-dir is on an external drive that wasn't mounted immediately when I booted
[03:55] <cyphermox> how do I get juju to get back to being able to connect to whatever it tries to connect to to get the state of services?
[03:55] <cyphermox> right now all I get is "2012-10-12 23:55:27,150 ERROR could not connect before timeout"
[04:10] <pmp6nl> Hello, is there a way to disable sftp temporarily?  So I can use just FTP?
[04:20] <pmp6nl> Can anyone tell me if the following is good for my.cnf file http://pastebin.com/vBcAbyz6
[05:12] <pmp6nl> Where does ubuntu log mysql errors?
[06:14] <Syria> Hi, Could you please let me know whether these settings are correct?
[06:14] <Syria> http://paste.ubuntu.com/1276269/
[07:00] <basil60> hi I'm wondering if someone can offer advice on checking my ubuntu server for malware. My ISP contacted me about SPAM reported from my IP. My PC appears clean, and I believe it must have come from my server. I've run a rootkit check, which showed nothing. I just run a server for a website, and some other service like opensim and MOO. I'm a linux noob, but I'd like to keep my server online after I clean up an problems.
[07:05] <CrypticSquared> basil60: start with going through logs and check for gaps in timestamps etc
[07:05] <basil60> thanks..when you say logs....which ones should I be looking through for malware activity?
[07:06] <CrypticSquared> basil60: all of them. /var/log/*
[07:06] <CrypticSquared> especially the auth.log and apache logs
[07:06] <basil60> Ok...gaps in timestamps???What will that show?
[07:07] <CrypticSquared> if someone really does have access they most likely delete any logs to their activity.
[07:07] <basil60> thanks..I'll start checking
[07:18] <basil60> how will I tell suspicious activity - does this look suspicious? 220.248.86.150 - - [05/Oct/2012:02:06:10 +1000] "HEAD / HTTP/1.0" 200 176 "-" "-"
[07:20] <basil60> and what about this - 85.190.0.3 - - [05/Oct/2012:16:02:21 +1000] "CONNECT 213.92.8.7:31204 HTTP/1.0" 200 322 "-" "-"
[07:22] <basil60> and does this look suspect? 209.34.230.10 - - [05/Oct/2012:14:04:51 +1000] "GET /user/soapCaller.bs HTTP/1.1" 404 397 "-" "Morfeus Fucking Scanner"
[07:22] <basil60> morfeus fucking scanner
[07:37] <basil60> I'll try again later
[08:19] <Jeeves_> ufw allow proto vrrp from any to any
[08:19] <Jeeves_> ERROR: Unsupported protocol 'vrrp'
[08:19] <Jeeves_> Grrrr
[08:21] <Jeeves_> Anyone has a clue how to open this up using ufw?
[08:22] <lordievader> Jeeves_: Find the ports "vrrp" uses and open those.
[08:23] <Jeeves_> lordievader: vrrp has its own protocol number
[08:23] <Jeeves_> 112
[08:23] <Jeeves_> But ufw's code is too basic
[08:24] <Jeeves_> if 'proto != (tcp|udp|ipv6|any); BORK'
[08:25] <lordievader> Jeeves_: Perhaps this is usefull to you: http://www.cyberciti.biz/faq/linux-unix-verify-keepalived-working-or-not/
[08:27] <Jeeves_> lordievader: I know how keepalived works
[08:27] <Jeeves_> I now also know that UFW is tooo uncomplicated :)
[08:27] <lordievader> Jeeves_: I was going for the manual iptables edit..
[08:28] <Jeeves_> lordievader: That's already in place
[08:28] <Jeeves_> I was hoping I could do it nicely
[08:30] <Jeeves_> But thanks
[08:31] <lordievader> Jeeves_: I'm sorry I couldn't be of more help.
[08:36] <Jeeves_> lordievader: It's not your fault Ubuntu often starts new stuff but doesn't finish them as often :)
[08:36] <Jeeves_> s/Ubuntu/Canonical
[10:21] <RoyK> the default behaviour for raid, to jump into busybox on bootup if a drive is dead, doesn't make sense
[10:22] <ogra_> patches accepted :)
[12:04] <ScG^Dedicated> hi there, I am new to apparmor and I am creating some profiles by allowing (and sometimes globbing) basicly everything so I can change it later on. My problem is that I have no idea what some rules do or why they need access to something like for example my /home/user/.private (I believe), I would certainly appreciate it if anyone could help me out or point me a little into the right direction :)
[12:05] <delinquentme> can I copy remote symlinks with rsync?
[12:11] <RoyK> ogra_: http://paste.ubuntu.com/1276713/
[12:13] <RoyK> ogra_: it's prompted for during the installer, but only if you have root on raid, meaning if you don't know this, and you lose a drive, even with a RAID-6 with a spare, which is totally good, the server won't boot up because of this nonsense, and you need console access
[12:14] <RoyK> !bug 1059541
[12:18] <ScG^Dedicated> anyone able to help me out with apparmor?
[12:26] <RoyK> !ask | ScG^Dedicated
[12:29] <ScG^Dedicated> well I have a multiple questions really
[12:29] <ScG^Dedicated> and I am also not really too sure what to ask sometimes
[12:31] <ScG^Dedicated> ok here goes
[12:32] <ScG^Dedicated> why does my xchat need to access my /home/*/erwin/.Private/ directory?
[12:33] <RoyK> that's where the encrypted files are stored if you use encrypted homedir
[12:37] <ScG^Dedicated> RoyK, why would xchat need to access or store something there though?
[12:38] <ScG^Dedicated> I can't imagine that xchat needs to access it to be able to function properly
[12:38] <RoyK> ScG^Dedicated: nether do I - linux should mount the encrypted filesystem and expose it as it is
[12:41] <ScG^Dedicated> what is the  /usr/lib/i386-linux-gnu directory used for?
[12:48] <RoyK> ScG^Dedicated: system libraries
[12:51] <ScG^Dedicated> ugh so hard to understand everything I feel like I need a lot more linux knowledge before I try using AppArmor
[12:51] <RoyK> guess so :)
[12:51] <RoyK> ScG^Dedicated: for what do you want to use apparmor?
[12:53] <ScG^Dedicated> RoyK: I enjoy learning and especially security related things so I am trying to secure my laptop as well as I can
[12:54] <RoyK> it's probably well secured already
[12:54] <RoyK> ScG^Dedicated: have you configured ufw?
[12:54] <ScG^Dedicated> so after I finally manage to get AppArmor working I will do a reïnstall and will encrypt my HDD
[12:54] <ScG^Dedicated> yes
[12:55] <ScG^Dedicated> I have used Bodhi Zazen's security topic on ubuntuforums
[12:55] <RoyK> apparmor is there by default
[12:55] <RoyK> but it's probably possible to secure things better
[12:55] <RoyK> thing is, normally it's not needed
[12:56] <RoyK> selinux is even better for securing linux, but then, it's even more complex
[12:56] <ScG^Dedicated> I am pretty new to linux and I do not understand how it works yet, which makes me feel a little unsafe to be honest aswell
[12:56] <ScG^Dedicated> haha I have read that too indeed
[12:56] <RoyK> so better spend some time understanding how linux works
[12:57] <ScG^Dedicated> I want to start out with apparmor
[12:57] <RoyK> then what do you want it for?
[12:57] <ScG^Dedicated> and also, I like ubuntu ^^
[12:57] <RoyK> apparmor is already installed and configured
[12:57] <ScG^Dedicated> true
[12:57] <ScG^Dedicated> I want to add profiles for the things I use
[12:57] <ScG^Dedicated> like firefox, xchat, skype etc
[12:57] <RoyK> ok
[12:58] <RoyK> I can't help you there, sorry
[12:58] <ScG^Dedicated> no problem
[12:58] <ScG^Dedicated> I am already very gratefull for your help/time so far :)
[12:59] <RoyK> :)
[13:01] <ScG^Dedicated> basicly me plan was/is: configure firefox and install and configure extra plugins for it. then configure ufw. then look into changing some default ubuntu settings. and then move on to apparmor. after I got everything how I want it. I reïnstall everything but then encrypt my whole HDD with TrueCrypt ^^
[13:02] <RoyK> ScG^Dedicated: encrypted home should suffice for most
[13:03] <RoyK> that also uses encrypted swap, so your data is safe
[13:03] <ScG^Dedicated> not from the outside :p
[13:03] <ScG^Dedicated> must make it impenetrable! haha
[13:04] <RoyK> well, unplug it ;)
[13:04] <ScG^Dedicated> don't worry RoyK I enjoy it
[13:04] <ScG^Dedicated> whahaha
[13:04] <RoyK> that's the classic tradeoff
[13:04] <RoyK> you can't secure a system 100% so long it's networked
[13:04] <ScG^Dedicated> you might be able to answer something else though
[13:04] <RoyK> and connected to the internet != secure
[13:04]  * RoyK works with securing systems
[13:05] <ScG^Dedicated> I know linux does not require AV because we do not have direct root access virusses can't do what they are made to do am I right?
[13:05] <patdk-lap> defently not
[13:06] <patdk-lap> the same applies to windows too, and they still get viruses
[13:06] <patdk-lap> and just cause you don't have root, doesn't mean the virus must have root to do it's thing, or there isn't a root exploit
[13:06] <RoyK> ScG^Dedicated: there are root exploits too, that can be rather nasty, but there's a while since one hit my machines
[13:07] <RoyK> local root exploit may seem "just local", but with a small trojan, it can be rather nasty
[13:07] <patdk-lap> I see viruses on linux, about every week, and a root exploit about once a month
[13:07] <patdk-lap> lucky the root exploits are normally patched and don't work
[13:07] <RoyK> patdk-lap: viruses?
[13:07] <RoyK> patdk-lap: what sorts?
[13:07] <patdk-lap> royk, ya, users and other people uploaded them to the webservers
[13:08] <patdk-lap> normally to send spam, not looking for root
[13:08] <RoyK> linux-targeted viruses?
[13:08] <patdk-lap> hmm, ya
[13:08] <RoyK> example?
[13:08] <patdk-lap> there have been linux targeted botnets for years now
[13:08] <RoyK> using some php shite to get in?
[13:08] <ScG^Dedicated> how do you pretect yourself from them?
[13:09] <patdk-lap> well, anything to get in, apache, php, ftp, sftp, ...
[13:09] <RoyK> doesn't help much to upload a file on ftp...
[13:09] <RoyK> unless someone has enabled auto-execute of anonymous ftp uploads ;)
[13:10] <ScG^Dedicated> patdk-lap, you make it sound like linux isn't any safer then windows
[13:10] <patdk-lap> well, the ftp/sftp issues are normally double, virus infected windows machine and they get the users passwords to attack with
[13:11] <patdk-lap> ScG^Dedicated, well, root is much harder to get at than windows
[13:11] <patdk-lap> but protecting a user from running something bad, can't be done
[13:11] <patdk-lap> if a user installs a spam sending program, how do you protect from that?
[13:11] <ScG^Dedicated> agreed
[13:12] <patdk-lap> not all viruses want to hack the system, that is my issue :)
[13:12] <patdk-lap> now doing clamav scans does find a lot of them, not 100%
[13:13] <patdk-lap> I do my own regex scans of all file uploads too, that helps catch the ones clamav misses
[13:13] <ScG^Dedicated> I am pretty confused now though
[13:13] <ScG^Dedicated> are there virusses outside of installing infected software?
[13:13] <RoyK> ScG^Dedicated: for your laptop, what patdk-lap says normally won't concern you, since it's about uploads to servers
[13:14] <ScG^Dedicated> ahh right
[13:14] <patdk-lap> there are all kinds of viruses
[13:14] <patdk-lap> but unless you have an entry point, your unlikely to get one :)
[13:14] <RoyK> patdk-lap: there are, but don't spread more FUD than necessary
[13:14] <patdk-lap> well, saying linux is imune to viruses is fud
[13:15] <RoyK> no, it's the opposite of FUD, it's naïvety
[13:15] <ScG^Dedicated> well up till now I believed that linux was sort of immune to virusses as long as you don't install software that is infected
[13:15] <RoyK> patdk-lap: but linux and mac os x are still way better than windows at that point
[13:16] <ScG^Dedicated> oh and rootkits they too
[13:16] <RoyK> ScG^Dedicated: rootkits, javascript viruses, java security holes, whatnot
[13:16] <patdk-lap> oh ya java :)
[13:17] <RoyK> to secure your laptop completely you should encrypt the disk, throw away the key and turn off the machin
[13:17] <patdk-lap> lots of linux machines got hit with that last month :(
[13:17] <ScG^Dedicated> RoyK, well the java,javascript and such you can protect yourself from with the noscript addon for Firefox right?
[13:17] <RoyK> java applets aren't scripts
[13:17] <patdk-lap> noscript is only for javascript
[13:17] <ScG^Dedicated> I have no idea how to prevent getting rootkits though other then rkhunter and the chrootkit
[13:18] <ScG^Dedicated> I thought noscript was for java too
[13:18] <patdk-lap> generally, rootkits don't work, if you update
[13:18] <RoyK> ScG^Dedicated: calm down, in most settings, a linux machine is rather secure
[13:18] <patdk-lap> but, a rootkit has to get onto your system first, to be used
[13:19] <RoyK> ScG^Dedicated: if you allow ssh into the system, using things like denyhosts will help a lot
[13:19] <RoyK> if you don't, no problem there
[13:19] <ScG^Dedicated> alright but for example, it's been years since I had anything on my windows machine since I secured it well. I am trying to do the same with linux this time but this time I want it to be even better. I am only working towards that goal for fun
[13:19] <ScG^Dedicated> no SSH here
[13:20] <patdk-lap> well, you generally have two things to protect
[13:20] <patdk-lap> make sure you install updates, and use apparmor type things
[13:20] <patdk-lap> that protects from rootkit type stuff
[13:20] <patdk-lap> and then protect from external access (updates help here too for like firefox)
[13:21] <ScG^Dedicated> by external you mean firefox, xchat, skype and such? the www? ^^
[13:21] <patdk-lap> yep
[13:22] <patdk-lap> I haven't had issues with firefox/xchat
[13:22] <patdk-lap> I normally don't go to virus prone websites though
[13:22] <ScG^Dedicated> any tips as to protect from that? I already use ufw and some firefox addons with secure configuration
[13:22] <patdk-lap> personally, I haven't bothered at all
[13:23] <ScG^Dedicated> I whitelist most sites
[13:23] <patdk-lap> and I don't bother to *secure* my windows machine either I use
[13:23] <ScG^Dedicated> ohh ok xD
[13:23] <RoyK> ScG^Dedicated: I think you're being a bit paranoid ;)
[13:23] <patdk-lap> nether have had a virus
[13:23] <ScG^Dedicated> RoyK, I just enjoy it
[13:23] <patdk-lap> it's more user habbits, and websites you visit that gets viruses, I have seen
[13:23] <RoyK> ok :)
[13:23] <ScG^Dedicated> it's not like I fear it
[13:23] <ScG^Dedicated> but I find it a really entertaining challange
[13:24] <patdk-lap> it's just my servers, that must have external user logins or webservers that I have issues with :)
[13:25] <ScG^Dedicated> so in other words my laptop is pretty darn virus/rootkit proof after I get apparmor to work? ^^
[13:25] <patdk-lap> always seems to be a new 0day wordpress issue :(
[13:25] <patdk-lap> ScG^Dedicated, should be good without it
[13:25] <RoyK> ScG^Dedicated: it's probably safe enough - and btw, this is a server channel ;)
[13:25] <patdk-lap> apparmor will only help really, to help stop rootkits
[13:25] <ScG^Dedicated> I know sorry
[13:25] <RoyK> np
[13:26] <ScG^Dedicated> but when I was searching for an apparmor related channel this was the only one with actual active people in it ^^;
[13:26] <patdk-lap> well, it's a weekend
[13:26] <ScG^Dedicated> I can make a server though and try it on that if that helps no problem :p
[13:27] <ScG^Dedicated> planning to create a server in the future so this will help ^^
[13:28] <ScG^Dedicated> are new releases of distributions also safer? or doesn't that really matter?
[13:44] <delinquentme> how can I find out if a process is still running by its PID?
[13:45] <RoyK> delinquentme: kill -0 $pid
[13:46] <RoyK> that'll return zero if the process is running
[13:46] <RoyK> as in
[13:46] <delinquentme> RoyK, but that wont kill the process right?
[13:46] <RoyK> if `kill -0 $pid`; then echo ALIVE; fi
[13:46] <RoyK> not with -0
[13:46] <delinquentme> cool!
[13:47] <RoyK> perhaps get rid of stderr like 2>/dev/null
[13:47] <RoyK> if `kill -0 $pid 2>/dev/null`; then echo ALIVE; fi
[13:50]  * RoyK also wants ipv6 at home
[13:53] <delinquentme> How can I edit the paths of a number of symlinks in a dir
[13:56] <delinquentme> orr how about modifying the paths of anything that is a symlink within a directory?
[14:07] <delinquentme> so I could possibly run a " find -type l " ... and then pipe it into ln for modifications right?
[14:07] <RoyK> should work
[14:09] <delinquentme> can symlinks be made to have relative paths instead of full system paths?
[14:10] <RoyK> yes
[14:10] <RoyK> ln -s ../something somethingelse
[14:11] <patdk-lap> sometimes odd things happen then, expecially when you have symlinked folders
[14:11] <RoyK> mkdir x; cd x; ln -s ../x x; # whee!
[14:12] <patdk-lap> no I don't mean that :)
[14:12] <delinquentme> find ./ -type l | ln TARGET LINK_NAME
[14:12] <patdk-lap> can't remember exactly what it was
[14:12] <patdk-lap> but when doing a symlink inside a folder symlink, things got strange
[14:12] <delinquentme> so I've got that right ..?  now do I put in a variable or something in that to ensure that the item being piped from find ... is used as the LINK_NAME
[14:12] <delinquentme> ?
[14:12] <patdk-lap> think cause some things would access it via symlink folder, and some would dereference it first, and the relative didn't match up on both cases
[14:14] <RoyK> patdk-lap: it must be resolvable - symlinks are just text files with an extra attribute, so if you're in /some/dir/blah, the symlink to ../123 will be just that, and won't work if you symlink /some/dir/blah to /wtf
[14:15] <patdk-lap> yep :)
[14:17] <delinquentme> sooo is there a system var that represents each item instance of something returned back from find?
[14:18] <delinquentme> in a pipe operation?  something like in ruby:   some_array.each{ |x| puts x}  where x is the var which contains the single instance of every item in some_array
[14:19] <patdk-lap> you mean the -exec option?
[14:19] <patdk-lap> man find
[14:22] <delinquentme> patdk-lap, kind of ... but since I'm running this recursively on a number of files ... files which I would like to maintain the names of
[14:23] <delinquentme> id need something like find ./ -type l -exec command { ln -s -f some_file/tons/of/links individual_file/returned_by_find }
[14:23] <delinquentme> patdk-lap, ^ .... if that is at all sensical
[14:28] <RoyK> find ... -exec is a bit limited - I'd rather pipe that into something useful like perl script
[14:28] <RoyK> or script up the thing
[14:32] <patdk-lap> I normally would just pipe it to awk
[14:32] <patdk-lap> let awk write the new ln commands, then run the script awk makes
[14:36] <TJ-> How about "find ./ -type l -execdir ln -sf some_file/tons/of/links {} /;" ?
[18:16] <resure> Good day. What is the best way to add node.js app as a service that runs under some user with some env variables?
[18:17] <ironm> resno, check: man service
[21:16] <Patty_19> Hallo guys, I am new at Ubuntu, I have been playing with Ubuntu server (no GUI) for a while and there is a peculiarity I do not understand. Suddenly the font of the text  change without any reason, does anyone know why?? and how can i revert this?? ;-) thanks
[21:19] <roaksoax> Patty_19: maybe try sudo dpkg-reconfigure console-setup
[21:20] <Patty_19> hmm ok i will try it thank you.
[21:20] <Patty_19> it happen very often, i though it was some sort of bug or perhaps normal behaviour
[21:22] <subman> I'm trying to setup webmin on two ubuntu servers, but I keep getting the famous 'Invalid RPC login' error.  In my searching is seems related only to Ubuntu and it's policy of no root logins.  Is there a way around this?  I don't seem to be able to find any online.
[21:24] <jmarsden> !webmin
[21:24] <jmarsden> !rootsudo
[21:25] <subman> Any alternatives?
[21:25] <jmarsden> Yes, but i forget its name...
[21:25] <jmarsden> !ebox
[21:26] <jmarsden> There you go, take a look at zentyal
[21:26] <subman> Thanks!
[21:26] <jmarsden> You're welcome
[21:26] <subman> I wish they would warn and stop providing up to date versions for debian then.
[21:28] <subman> Oh, Zentyal is pay?
[21:28] <jmarsden> No, it should be free.  At least it was last time I looked!
[21:32] <subman> Ah, I see.  Community version.  Whew.
[21:33] <subman> Small Business is 50 Euros a month.
[21:33] <subman> Thanks again.
[21:34] <jmarsden> Glad to help.
[21:42] <RoyK> test
[21:48] <SpamapS> smoser: hey, I'm playing with quantal containers and cloud-init and I'm seeting nocloud-net userdata being processed before eth0 is up
[23:43] <\Master\Pehden\> dumb question but is it possible to make my ubuntu-server throtle when downloading update