/srv/irclogs.ubuntu.com/2012/10/31/#ubuntu-server.txt

erichammondapt-get update on EC2 us-east-1 results in: Failed to fetch bzip2:/var/lib/apt/lists/partial/us-east-1.ec2.archive.ubuntu.com_ubuntu_dists_precise-updates_main_source_Sources  Hash Sum mismatch00:07
erichammondhttp://askubuntu.com/questions/209844/00:09
=== n0ts_off is now known as n0ts
=== mcclurmc is now known as mcclurmc_away
mgwI have an issue going on with a post-up script — the script adds custom routes, but sometimes one or more of the routes is not added.  This is on a kvm guest.01:53
=== n0ts is now known as n0ts_off
bsdmanwhat services are being run on your ubuntu server?02:07
mgwbsdman: this particular system has redis and nginx — but it was happening on another server that had entirely different services02:11
mgwunfortunately, it's hard to reproduce02:11
benlakethis an appropriate place to ask about AWSOME?02:13
bsdmanbenlake, what do you wish to know?02:21
benlakedoes the implementation provide for non EC2 compliant API implementations?02:22
benlakebsdman:02:22
bsdmanno idea. little beyond my knowledge.02:23
benlakebsdman: no worries02:25
benlakehmm, looks like it might not be that bad to plug in a new cloud provider02:30
mgwbsdman: here's an excerpt from my log — https://gist.github.com/6d8169c1da423e07a70d02:43
mgwbsdman: also, it seems to just be the first boot after a destroy/create/start02:47
hallynstgraber: i saw the emails - excellent05:29
p7ank5te7Just curious, what's the best policy for adding shares? I noticed that I had pre-existing directories and the acl's didn't seem to take properly. I have another drive mounted as /Share, and the folders in there are owned by root:root with them at RWX for all users, but if I set no guest access, and set authenicated users to read-only and admins as RW it gives everyone RW. I'm still trying05:41
p7ank5te7to get used to this, so any suggestions are appreciated. I don't want them be created under /homes/samba/shares/..... is the main thing. I'm running zentyal 3.0 right now and that's where it creates a share if I use the interface. Are there any special permissions I have to set on these folders or something?05:41
=== n0ts_off is now known as n0ts
vezqhere is a snippet from my smb.conf which works with acls:06:58
vezqwritable = yes06:58
vezqvalid users = @Users06:58
vezqhide unreadable = yes06:58
vezqinherit permissions = yes06:58
vezqsecurity mask = 000006:58
vezqmap archive = no06:58
vezqforce directory mode = 077706:59
vezqforce create mode = 077706:59
vezqforce directory security mode = 77706:59
=== n0ts is now known as n0ts_off
=== Ursinha-afk is now known as Ursinha
uvirtbotNew bug: #1073463 in maas (main) "User-configurable files are not installed in /etc" [Undecided,New] https://launchpad.net/bugs/107346308:36
webwursthi! when using iscsi as storage-backend to kvm/libvirt i can migrate running virtualized systems from one host to another, but can't create snapshots. when using qcow2 based file-images it is the other way round. am i right?08:39
uvirtbotNew bug: #1070775 in maas/1.2 "The zone name (attached to a cluster controller) can still be changed when it contains in-use nodes and DNS is managed." [Critical,Fix committed] https://launchpad.net/bugs/107077508:41
uvirtbotNew bug: #1059645 in maas "URI in API description wrong when accessing machine via alternative interface" [High,In progress] https://launchpad.net/bugs/105964508:42
uvirtbotNew bug: #1064224 in maas "IPMI detection ends up with power_address of 0.0.0.0" [Undecided,New] https://launchpad.net/bugs/106422408:42
uvirtbotNew bug: #1064527 in maas "detect_ipmi needs improvement.  detects non-existant device in nested kvm" [Undecided,New] https://launchpad.net/bugs/106452708:42
uvirtbotNew bug: #1070522 in maas "maas-cli nodes new incomplete documentation" [Critical,Fix committed] https://launchpad.net/bugs/107052208:42
uvirtbotNew bug: #1070765 in maas/1.2 "DNS forward zone ends up with nonsensical entries" [Critical,In progress] https://launchpad.net/bugs/107076508:42
uvirtbotNew bug: #1070774 in maas/1.2 "The hostname of a node can still be changed once the node is in use" [Critical,Fix committed] https://launchpad.net/bugs/107077408:42
uvirtbotNew bug: #1066775 in maas/1.2 "Main page slow to load with many nodes" [Critical,Fix committed] https://launchpad.net/bugs/106677508:51
uvirtbotNew bug: #1073478 in squid3 (main) "squid3 does not clean up pid file" [Undecided,New] https://launchpad.net/bugs/107347809:15
houmanHello, it seems the Ubuntu 12.04 ami-9c78c0f5 is broken. Does anyone know when the next repository update is scheduled?09:27
=== n0ts_off is now known as n0ts
GargoyleMorning all09:42
GargoyleI'm hitting some annoying hurdles with munin on 12.10. Anyone else got any experience with it (I am getting html files, but no graphs)09:43
=== Ursinha is now known as Ursinha-afk
=== Ursinha-afk is now known as Ursinha
houmanWithin a EC2 Server instance, while running a ./configure, suddenly the terminal hangs during execution. e.g. at config.status: executing depfiles commands. I experienced the same thing once during e.g. sudo checkinstall. The whole terminal becomes unresponsive.  What could be the reason for that? This happens on a ec2 micro instance.10:05
=== n0ts is now known as n0ts_off
uvirtbotNew bug: #1073510 in nova (main) "Upstart init script executes before network bridge is available" [Undecided,New] https://launchpad.net/bugs/107351010:41
bubu\ahi guys, can anyone tell me why - smbmount //10.29.39.23/share /mnt/hd2/share -o user=samba,pass=blablabla,gid=ubuntu,uid=ubuntu mounts the drive corrently as ubuntu user on one server and mounts as root on another server....?10:57
=== mcclurmc_away is now known as mcclurmc
=== cpg is now known as cpg|away
_cronus_bubu\a, maybe you need to pass the forceuid and forcegid options as well11:10
vezqignore -channels #linuxoutlaws * JOINS PARTS QUITS NICKS11:12
ak5hi, can i easily install ubuntu server 12.04 lts on usb key using dd?11:13
ak5I have done this with archlinux11:13
ak5but I found no docs related to this specifically for ubuntu11:13
vezqnope, use startup disk creator if running ubuntu11:14
vezqor unetbootin with windows11:15
Jeeves_If I install something with --no-install-recommends, will it never bother me with the recommends again?11:15
ak5vezq: I am running a different distro11:15
vezqunetbootin also available for linux11:15
ak5vezq: thanks11:16
=== mcclurmc is now known as mcclurmc_away
ak5I have a "amd64" version of ubuntu server 12.04 - this works onintel x86_64 architecture too, right?12:02
RoyKak5: yes, it's called amd64 since it was AMD who first made that architecture - intel followed that when they finally found that the itanium run wasn't good enough12:03
ak5ok good, just checking12:03
ak5thanks12:04
=== n0ts_off is now known as n0ts
ak5I am confused what options to use in unetbootin for my ubuntu server 12.04 amd64 iso file12:15
ak5oh nevermind seems like my download is just corrupt -.-12:17
=== Ursinha is now known as Ursinha-afk
=== n0ts is now known as n0ts_off
=== yofel_ is now known as yofel
=== mcclurmc_away is now known as mcclurmc
=== shantorn__ is now known as shantorn
=== mcclurmc is now known as mcclurmc_away
=== mcclurmc_away is now known as mcclurmc
TuxLofI just logged in a KVM node which has a 100GB swap partition... someone hasn't been paying attention during installation  jesus lol14:03
roaksoaxjamespage: free by any chance?14:11
vezqtuxloaf: is there 256GB of RAM? ;)14:15
TuxLofhas 100gb of ram :p14:18
TuxLofalso a 48gb udev and 48gb cgroup partition from which just a couple MB is in use14:19
=== matsubara is now known as matsubara-lunch
vezq:)14:47
fosforiUmm.. does this sound familiar to some1? The file path or username are not showing up next to the dollar sign when I connect to my server via SSH14:52
=== mcclurmc is now known as mcclurmc_away
=== n0ts_off is now known as n0ts
bubu\afosfori, what shell does your user have on the remote machine?15:00
fosforibash15:00
uvirtbotNew bug: #1073571 in cinder "[Folsom] Conflict between nova-api and cinder-api" [Undecided,New] https://launchpad.net/bugs/107357115:01
bubu\ayou sure?15:01
bubu\acat the passwd file15:01
RoyKfosfori: perhaps someone has messed up PS115:02
fosforibubu\a: done15:03
RoyKtry15:03
RoyKPS1='${debian_chroot:+($debian_chroot)}\u@\h:\w\$ '15:03
fosforiJust got this baby up yesterday15:03
bubu\afosfori, def bash then? :/15:03
RoyKfosfori: is this for root, or a newly created user?15:03
fosforiI'm not too familiar with the commands :315:04
fosforiRoyK: new user15:04
RoyKthen it's probably not bash15:04
RoyKhttp://paste.ubuntu.com/1320990/15:04
RoyKfosfori: as that user, run chsh -s /bin/bash, or run chsh -s /bin/bash <username> as root15:05
bubu\afosfori, what shell does that user have when you cat /etc/passwd?15:06
fosforiOkay, let's see15:06
RoyKdefault shell is /bin/sh15:06
RoyKwhich is dash15:07
fosforiahh15:07
RoyKno idea why that's the default, since imho dash sucks badly15:07
fosforiyeah, I looked at the wrong line15:07
RoyKbingo15:07
fosforiSo how does this one help me getting that path to show up?15:08
RoyKyes15:09
RoyKas that user, just try to run bash15:09
RoyKand you'll see the difference15:09
RoyKseems it's a useradd default set in /etc/default/useradd15:11
[conrad]Does anyone know of anything more elaborate than https://wiki.ubuntu.com/EasyUbuntuClustering , and possibley more specific to a newer version such as 12.04 ? I'm essentially a duplicate of the first use case. We have 4 Dell servers that were recently freed up that we'd like to use together to hopefully achieve this.15:12
RoyK[conrad]: what is your target application for this?15:14
=== cpg|away is now known as cpg
RoyKI guess it's a compute cluster?15:14
=== cpg is now known as Guest42437
[conrad]RoyK: What we'd like to do is get the 4 servers ( they all have 4 cores ) working together as one, and if possible, run a single Virtual Machine off of the cluster, that would have access to all 16 cores.15:22
designbybeckI have a test server setup by I university IT, they don't like me because I'm to much of an open source advocate.... at any rate!  I did get a test box to play with Ubuntu Server 12.04. I've tried installing the LMS Canvas and only got so far, because I didn't know some of the prams IT setup.15:24
designbybeckBut I was pretty sure I installed PHP and such...shouldn't it have started by default? I did a 'ps aux | grep php' and didn't see it there15:25
=== mcclurmc_away is now known as mcclurmc
=== Error404NotFound is now known as ChuckNorrisLives
=== ChuckNorrisLives is now known as YouShallNotPass
=== YouShallNotPass is now known as Error404NotFound
=== Error404NotFound is now known as LiamNeesonKicksA
=== LiamNeesonKicksA is now known as JackNicholosonMa
=== JackNicholosonMa is now known as Error404NotFound
designbybecki see php and php5 in /usr/bin/15:31
designbybeckah I had to do sudo ps aux | grep php before I saw php there15:33
RoyK[conrad]: you can't do that15:33
designbybeckso it looks to be running.15:33
designbybecki can only access the doman locally15:34
designbybeckbut if I try something like domainname/phpinfo.php it doesn't list anything15:34
designbybeckI do have /var/www/index.html and that does display15:34
RoyK[conrad]: compute clusters are based on queueing - you can't just combine four servers to one15:35
RoyK[conrad]: rather get a new dual 16-core opteron instead ;)15:35
[conrad]RoyK: I wish it were that easy :-). Do you have any idea on the approach that was going to be taken in the link I provided? The first use case is pretty dead on with what trouble we have.15:36
RoyK[conrad]: I know linux and clustering quite well, and AFAIK there's no possible way to run a single VM on a cluster of machines working as single machine. It might be possible with a good infiniband network and knowledge to set it up, but before you've installed that, you've already spent more money than that dual 16-core opteron machine would cost15:38
uvirtbotNew bug: #1073603 in apache2 (main) "disable ssl compression to mitigate the BEAST attack" [Undecided,New] https://launchpad.net/bugs/107360315:39
RoyK[conrad]: what sort of job are you planning to run that needs 16 cores?15:40
designbybeckah good news... I got my php info to show up!15:41
designbybeckstep .001 done15:42
[conrad]RoyK: We don't necessarily have to do a single VM. We're open to any solution. Our problem is now is that we're constantly either under-utilizing our resources ( while they're sitting idle ), or running into situations where a single box is pinned, and other boxes in the office sit idle. We have several threaded applications that we've built and use that do a variety of things. I'm not sure any single application would effeciently u15:43
[conrad]se all 16, but if it was one large VM ( I understand it can't be ), we could have 2-3 users shelled or RDP'd into the machine doing similar tasks, and maximizing the resources..15:43
RoyKthen what you need is a queueing system15:44
RoyKso that jobs can be queued to the cluster and distributed to available resources15:44
RoyKthat's how they build large compute clusters these days15:45
bubu\awhy not build an internal cloud?15:45
RoyK[conrad]: something like http://en.wikipedia.org/wiki/SLURM15:46
RoyKbubu\a: not suitable for compute clusters15:46
bubu\atrade in your 4 servers for a SAN? :)15:47
RoyKbubu\a: not my servers, but still a bad idea - no chance you can run a compute cluster on a SAN alone ;)15:47
bubu\asorry have missed almost all fo this convo15:48
RoyKA SAN is nice to have for other uses...15:48
bubu\awhat are you trying to accomplish?15:48
bubu\aand why15:48
RoyKfor a compute cluster, you can easily use local storage on each node15:48
[conrad]bubu\a: See the first use case on https://wiki.ubuntu.com/EasyUbuntuClustering.15:49
RoyKbubu\a: read above - I'm merely answering [conrad], who wants to setup a compute cluster15:49
RoyK[conrad]: setting up SLURM isn't very hard, and it's well-proven - see the wikipedia article above15:49
[conrad]RoyK: This seems like it might be able to cover us. I seem some interesting features which might benefit us ( IE Idle nodes can be powered down , Different operating systems can be booted for each job ).15:49
RoyKSLURM is a linux thing15:50
[conrad]The upcoming feature "Integration with Apache Hadoop + Open MPI based job launch" could also be very benificial to us.15:50
RoyKbut you can possibly hack up something integrating with virsh15:50
[conrad]Ahh, yes all the OS's listed are *nix variants.15:50
RoyKso what you do is create an executable with some data and post that to the queue, then it'll run when resources are available15:51
bubu\ahmm15:51
bubu\atis a good question!15:51
RoyKI've never set it up myself, I quit my last job when we were in the process of moving to that15:52
[conrad]The only issue I see is that this would be have to be a console based executable right?15:52
RoyKyes15:52
RoyKsupercomputers don't run a GUI ;)15:53
RoyKor, i guess some do, but that's another ballpark15:53
=== Ursinha is now known as Ursinha-afk
[conrad]Right, I understand. But this would only solve half of our problem. Some of our utilities are GUI based, and others ( both console and GUI ) are Windows based.15:55
RoyKthen I guess you'll need two solutions, one for windows and one for linux15:56
bubu\aRoyK, could you not setup a big VM box on a SAN? people can thern TS into it to run whatever needed...15:56
RoyKI don't know any queueing solutions for windows, but IIRC Microsoft has something15:57
RoyKbubu\a: no, a SAN is only storage15:57
bubu\awell i know that but with the user of the servers too15:57
RoyKwell, of course, you can run a hypervisor on a machine connected to the SAN15:57
RoyKbut SAN is only storage15:58
bubu\ayes15:58
bubu\abut that could be the storage for the big VM15:58
bubu\aand the rest can run of the cores/ram from the servers15:58
RoyKso in this perspective, the SAN is irrelevant15:58
RoyKthink of a SAN as an external harddrive15:59
RoyKjust bigger and more fancy15:59
bubu\ayes i know15:59
bubu\aget proper servers conrad?16:00
bubu\aa G6 or something?16:00
bubu\afill it full of cores/ram - hook it up to a san for the storage16:00
* RoyK thinks G6 is only a model series from HP and rather irrelevant to computing power16:00
bubu\acreate a big VM?16:00
RoyKbubu\a: really, there's no point of running a big VM on a single node unless you have a cluster of nodes (for failover)16:01
bubu\ahmm yeah fair point16:02
RoyK[conrad]: but... if you just need up-to-4-core-VMs16:03
RoyKtake a look at https://alteeve.ca/w/2-Node_Red_Hat_KVM_Cluster_Tutorial16:03
RoyKit's a rather thorogh description on setting up KVM in a cluster16:04
RoyKthe howto uses DRBD for shared storage, but I don't think that'll be very good for four nodes16:04
RoyKbetter use shared storage somewhere, NFS works, but is a bit slow, glusterfs should work, if you have a SAN, then OCFS2 or GFS2 should do the job16:05
RoyK[conrad]: it takes a while to understand how the cluster works, so don't think a simple apt-get install will do16:06
[conrad]I'm sure of that. I've spent countless hours over time getting familiar with LDAP, and the other services we have implemented in out network currently.16:06
RoyK[conrad]: I've setup a two-node cluster like that (with GFS2) on CentOS - tried with Ubuntu first, but there wasn't much knowledge about it in the ubuntu world, at least not what I could find. Also, the amount of users on such systems seem to be far higher in the redhat world16:08
RoyK[conrad]: btw, https://wiki.ubuntu.com/EasyUbuntuClustering seems to be rather outdated, based on Hardy 8.0416:10
[conrad]RoyK: I saw that. That's why I mentioned in my original message about something more related to the current 12.0416:11
RoyK[conrad]: I guess that KVM cluster I liked to above would be the best start. You can implement that with ubuntu - most of the same tools exist16:12
RoyKexept sanlock, which is a bit stupid, since without it, and with shared storage (like GFS2 or NFS), there's no way of stopping two nodes to start the same VM, and doing so will definetely result in disk corruption (beleive me, I've tried...)16:13
nielCan anyone help me, yum isn't working anymore after installing EPEL.. whatever I do I get this error: http://pastebin.com/qzBeLNXL16:16
RoyK[conrad]: if you need a mixed environment, I'd say setting up a KVM cluster will be a good start. Then you can possibly setup a few Linux VMs to do the batchable work and then a windows VM or two to do the rest16:16
RoyKniel: erm - yum/EPEL is a redhat thing, and this is an Ubuntu channel ;)16:16
=== Ursinha-afk is now known as Ursinha
nieloh yeah lol16:17
=== mcclurmc is now known as mcclurmc_away
=== mcclurmc_away is now known as mcclurmc
RoyK[conrad]: you might want to read http://www.microsoft.com/hpc/en/us/product/high-performance-computing-faqs.aspx16:38
RoyK[conrad]: you can of course setup hyper-v to do the virtualization, but my experience in running Linux VMs on Hyper-V is not good - they tend to be offlined from the network if network traffic is high. I've seen that with ubuntu lucid - never made a test with precise, we moved the linux VMs to KVM before Precise landed16:40
uvirtbotNew bug: #1073639 in rabbitmq-server (main) "Option to not boot on install" [Undecided,New] https://launchpad.net/bugs/107363916:46
=== mcclurmc is now known as mcclurmc_away
moskydosHi Folks, I would appreciate any help with my problem since I spent so much time to solve it . I got a snapshot include files to be deployed , now I did the following steps to achieve that :17:35
moskydosCreating small ec2 Ubuntu Server 11.10 ( 64 bit)17:35
moskydosCreate new volume with snapshot needed ( I assigned 6 GB for it)17:36
moskydosAttached the volume to my ec2 instance17:36
moskydosCreated a new directory to hold the data ( /site )17:36
moskydosEdit /etc/fstab and add this : /dev/xvdf        /site    auto    defaults,nobootwait,noatime     0   0 and reboot my instance17:36
moskydosbut when I try to mount using sudo mount /dev/xvdf /site , i'm getting that i need to specify the format of the file17:37
moskydosif it was a ext file system, the linux ordinary one, it would have auto-detect it17:38
holsteinthe format of the partition*17:38
moskydosanyone can help with this issue please ?17:38
holstein!mount17:38
ubottumount is used to attach devices to directories. See also https://help.ubuntu.com/community/Mount17:38
holsteinmoskydos: i would test that i can mount the directory before adding it to fstab17:38
moskydosu r right holstein , but i'm doing that and it is not working so far , let me try to show you some results here17:39
holsteinmoskydos: i would take fstab out of the equation17:39
holsteinmoskydos: if you cant mount it, fstab cant17:39
moskydosu r right , let's forget about fstab at this stage , my main problem is that i can't mount the snapshot17:40
holsteinmoskydos: take some time and troubleshoot just mounting the partition, then when you can do that, you'll learn how to add it to fstabl17:40
holsteinmoskydos: how is it formatted?17:40
moskydoshttps://gist.github.com/8b7543922893f0771a8b17:41
holsteinDisk /dev/xvda1 doesn't contain a valid partition table - that is pretty relevant17:41
moskydosi'm just trying to figure out the format so I can do something like sudo mount -t vfat  /dev/xvdf /site or whatever is the format17:41
holsteinwhere are you getting this partition?17:41
holsteinif its broken, its broken...17:42
holsteinHPFS/NTFS/exFAT17:42
moskydosmm I didn't setup /dev/xvda1 , it is there already when I initiate new ubuntu instance17:42
moskydosthe volume that I want to attach is at xvdf17:43
holsteinmoskydos: i would ask whoever made it if they can mount it, or to test it, or to se if it is functioning properly17:43
holsteinmoskydos: i hear you, but if its bad, its bad..17:43
holsteinhttp://www.linuxquestions.org/questions/linux-laptop-and-netbook-25/problems-mounting-disk-in-ubuntu-11-10-ntfs-signature-missing-917973/ might be relevant17:44
moskydosmmm u recommend me to use another ec2 type somehow ?17:44
holsteinmoskydos: im just suggesting that you dont know anything about that partition.. you didnt create it. it could be the issue and you could waste lots of time trying to mount it and its broken17:44
holsteinim not saying that is the case, just that its an option17:45
=== fleish_ is now known as fleish
eagles0513875__hey guys im not finding a good how to for ubuntu 12.04 on how to setup virtual users and domains for use with dovecot + postfix any good how to's for this?18:07
moskydosholstein sorry for the headache here , I just wanna go through this step by step, I just created a new ec2 instance , I didn't do anything with it , I didn't even attach the snapshot , can u see the conf so far here https://gist.github.com/735b4adb8425df3fa92018:08
moskydosI just wanna make sure that at this stage nothing broken u know18:08
moskydosbefore I go further18:08
vezqeagles: http://www.exratione.com/2012/05/a-mailserver-on-ubuntu-1204-postfix-dovecot-mysql/18:35
eagles0513875__humm18:57
gatsby7hi there19:24
gatsby7is there any postifix or mail server guru ?19:25
alvarezpHi, guys! I just installed Ubuntu 12.04 LTS with Apache2 but I must be doing something wrong. The "it works" page takes about 15 sec to respond, then it responds quickly but after a while it does the same thing again. I suspect DNS problems. I enabled "options debug" in resolv.conf and apache and *.debug in syslog to /var/log/debug but I have absolutely no output.19:26
gatsby7suppose is not a local installation, right?19:27
gatsby7does error log say something?19:27
alvarezpI also did strace -r -p $APACHE_PID for all apache processes (I managed to reduce the clients to only 3) and the problematic function seems to be accept().19:27
alvarezpgatsby7, what do you mean by local? It's a physical box that I installed myself and I have full control over.19:28
alvarezpgatsby7, error logs are empty.19:28
alvarezpgatsby7, I may be able to help with postfix.19:28
alvarezpWhile the web browser is waiting for the response, strace keeps on the accept() function. I think it has something to do with the resolver library.19:29
alvarezpI also fully upgraded it, made sure nsswitch.conf has "hosts: files dns" and disabled ipv6, just to put it out of the way.19:30
alvarezpAny ideas on this weird behavior, or pointers on how can I debug this? :-S19:31
gatsby7alvarezp,  do you made any changes 2 apache2.conf?19:31
gatsby7btw i will explain my postfix problems19:33
gatsby7when mail comes from mobile devices, or from mailing lists, the sender address is shown ad sendername+SOME_WEIRD_CODE@domain.tld19:34
alvarezpgatsby7, I installed cacti and nagios which adds their respective files to conf.d (but I don't find any problems there). Then I changed StartServers and Min/MaxSpareThreads to reduce the number of processes to be able to use strace easily and changed the logging level to "Debug" on apache2/apache.conf and sites-available/default.19:34
gatsby7alvarezp, do you reach nagios proberly?19:36
alvarezpgatsby7, Yes: Nagios, Cacti and the "it works" page, but all of them with the same problem: 15-sec delay on the first try and immediately after recurring tries. After a while, the pattern repeats.19:36
alvarezpgatsby7, sendername+SOME_WEIRD_CODE@domain.tld is a valid mail format and it's the same receipient as sendername@domain.tld. Are you sure it is an error?19:37
gatsby7alvarezp, unfortuntely 20 days ago we didn't have this problem19:38
alvarezpgatsby7, never seen that behavior19:38
alvarezpgatsby7, I have mail servers of my own.19:38
alvarezpgatsby7, if you have configuration backups, have you tried diff-ing?19:39
gatsby7think i have 2 tell more details19:39
gatsby7:19:39
gatsby720 days ago we had one domain, the we decided19:39
gatsby7to have one more domain, using the same mail infrastructure19:40
gatsby7so we used virtual domain in postfix and forced with a script19:40
gatsby7that all user in the old domain will send mail with the new domain.19:41
gatsby7everything is working fine except for mailing list services and mobile devices19:42
gatsby7the strange fact is we force our user sender address, but this behaviour occurs when others mail us...19:43
alvarezpgatsby7, ohh, that's a perfect use case for configuration diffing19:44
alvarezpgatsby7, it'd be useful to know what directives changed, and see which ones are potential candidates for that behavior.19:46
alvarezpgabrtv, have you enabled debugging logs and checked?19:48
Troy^has anyone upgraded there server from 12.04 to 12.1019:54
=== n0ts is now known as n0ts_off
alvarezpAlso, HostnameLookups Off19:56
=== n0ts_off is now known as n0ts
ehab33Hi everyone,  how can I bundle instance into new AMI and share the AMI with some accounts IDs ? any up-to-dated article demonstrate this ?19:59
=== n0ts is now known as n0ts_off
alvarezpOhh god!!!!!! I found that the slow responses are not my server's fault: it's my web cache fault. :( Sorry all for the noise.20:35
=== Guest42437 is now known as cpg
allanmHi20:49
allanmI'm looking for a way to upgrade apache to 2.22.2 on ubuntu server 10.0420:49
patdk-wkallanm, reason?20:54
patdk-wkcause you will break all security patchs doing that20:55
allanmwell I'm actually trying to get a bunch of vulnerabilities patched21:00
allanmCVE-2011-3192 CVE-2010-2068 CVE-2010-1623 CVE-2010-145221:00
allanmCVE-2012-0031 CVE-2011-3607 CVE-2012-0053 CVE-2011-3348 CVE-2011-1928 CVE-2011-041921:00
allanmCVE-2010-0434 CVE-2011-441521:00
uvirtbotallanm: The byterange filter in the Apache HTTP Server 1.3.x, 2.0.x through 2.0.64, and 2.2.x through 2.2.19 allows remote attackers to cause a denial of service (memory and CPU consumption) via a Range header that expresses multiple overlapping ranges, as exploited in the wild in August 2011, a different vulnerability than CVE-2007-0086. (http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-3192)21:00
uvirtbotallanm: mod_proxy_http.c in mod_proxy_http in the Apache HTTP Server 2.2.9 through 2.2.15, 2.3.4-alpha, and 2.3.5-alpha on Windows, NetWare, and OS/2, in certain configurations involving proxy worker pools, does not properly detect timeouts, which allows remote attackers to obtain a potentially sensitive response intended for a different client in opportunistic circumstances via a normal HTTP request. (http://cve.mitre.org/cgi-bin/cvename.cgi?nam21:01
uvirtbotallanm: Memory leak in the apr_brigade_split_line function in buckets/apr_brigade.c in the Apache Portable Runtime Utility library (aka APR-util) before 1.3.10, as used in the mod_reqtimeout module in the Apache HTTP Server and other software, allows remote attackers to cause a denial of service (memory consumption) via unspecified vectors related to the destruction of an APR bucket. (http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1623)21:01
uvirtbotallanm: The (1) mod_cache and (2) mod_dav modules in the Apache HTTP Server 2.2.x before 2.2.16 allow remote attackers to cause a denial of service (process crash) via a request that lacks a path. (http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1452)21:01
uvirtbotallanm: scoreboard.c in the Apache HTTP Server 2.2.21 and earlier might allow local users to cause a denial of service (daemon crash during shutdown) or possibly have unspecified other impact by modifying a certain type field within a scoreboard shared memory segment, leading to an invalid call to the free function. (http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-0031)21:01
uvirtbotallanm: Integer overflow in the ap_pregsub function in server/util.c in the Apache HTTP Server 2.0.x through 2.0.64 and 2.2.x through 2.2.21, when the mod_setenvif module is enabled, allows local users to gain privileges via a .htaccess file with a crafted SetEnvIf directive, in conjunction with a crafted HTTP request header, leading to a heap-based buffer overflow. (http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-3607)21:01
uvirtbotallanm: protocol.c in the Apache HTTP Server 2.2.x through 2.2.21 does not properly restrict header information during construction of Bad Request (aka 400) error documents, which allows remote attackers to obtain the values of HTTPOnly cookies via vectors involving a (1) long or (2) malformed header in conjunction with crafted web script. (http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-0053)21:01
uvirtbotallanm: The mod_proxy_ajp module in the Apache HTTP Server before 2.2.21, when used with mod_proxy_balancer in certain configurations, allows remote attackers to cause a denial of service (temporary "error state" in the backend server) via a malformed HTTP request. (http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-3348)21:01
uvirtbotallanm: The fnmatch implementation in apr_fnmatch.c in the Apache Portable Runtime (APR) library 1.4.3 and 1.4.4, and the Apache HTTP Server 2.2.18, allows remote attackers to cause a denial of service (infinite loop) via a URI that does not match unspecified types of wildcard patterns, as demonstrated by attacks against mod_autoindex in httpd when a /*/WEB-INF/ configuration pattern is used.  NOTE: this issue exists because of an incorrect fix f21:01
uvirtbotallanm: Stack consumption vulnerability in the fnmatch implementation in apr_fnmatch.c in the Apache Portable Runtime (APR) library before 1.4.3 and the Apache HTTP Server before 2.2.18, and in fnmatch.c in libc in NetBSD 5.1, OpenBSD 4.8, FreeBSD, Apple Mac OS X 10.6, Oracle Solaris 10, and Android, allows context-dependent attackers to cause a denial of service (CPU and memory consumption) via *? sequences in the first argument, as demonstrated21:01
uvirtbotallanm: The ap_read_request function in server/protocol.c in the Apache HTTP Server 2.2.x before 2.2.15, when a multithreaded MPM is used, does not properly handle headers in subrequests in certain circumstances involving a parent request that has a body, which might allow remote attackers to obtain sensitive information via a crafted request that triggers access to memory locations associated with an earlier request. (http://cve.mitre.org/cgi-bi21:01
uvirtbotallanm: The ap_pregsub function in server/util.c in the Apache HTTP Server 2.0.x through 2.0.64 and 2.2.x through 2.2.21, when the mod_setenvif module is enabled, does not restrict the size of values of environment variables, which allows local users to cause a denial of service (memory consumption or NULL pointer dereference) via a .htaccess file with a crafted SetEnvIf directive, in conjunction with a crafted HTTP request header, related to (1)21:01
allanmsorry about that21:01
patdk-wkheh? those are patched21:03
allanmI'm currently running21:03
patdk-wkI would recommend you check ubuntu cve, or maybe even the apache package21:03
allanm2.22.1421:03
patdk-wkversion numbers != vaulnerable21:03
allanmlol the pci scan is marking me as if it was21:04
patdk-wkya, it's a pci scan21:04
patdk-wkyou think it actually checks if your vaunerable or not?21:04
patdk-wkread up on how to do pci scans :)21:04
allanm:)21:04
patdk-wkrun scan, it checks server version, says you have issues21:04
patdk-wkyou supply link that shows issue was corrected, done21:05
allanmsir you are 100% right21:06
patdk-wkhttps://launchpad.net/ubuntu/lucid/+source/apache2/+changelog21:06
patdk-wkcheck those cve's off that list :)21:06
patdk-wkattempting to pass pci scans via software versions leaves you having to manually patch or upgrade stuff yourself21:07
patdk-wkI've had a lot of people email me, about apache 2.4 for ubuntu, so they could pass pci scans :)21:09
allanm:)21:13
allanmpatdk-wk, you are amazin now I have to figure out how to deal with the company that does the PCI scan21:14
=== matsubara is now known as matsubara-afk
uvirtbotNew bug: #1073725 in elinks (universe) "links and elinks don't have js support enabled by default" [Undecided,New] https://launchpad.net/bugs/107372521:43
=== cpg|away is now known as cpg
=== cpg is now known as Guest81619
=== Guest81619 is now known as Guest81619|away
=== Guest81619|away is now known as cpg
zasternI'm having a really weird issue23:27
zasternapache becomes super slow to respond23:27
zasternif i do ufw enable23:27
zasterneven with 80 and 443 allowed23:28
Aisonwhat's that? SourceGuardian requires Zend Engine API version 220090626.23:42
AisonThe Zend Engine API version 220100525 which is installed, is newer.23:42
Aisonthis started after upgrade to 12.1023:43

Generated by irclog2html.py 2.7 by Marius Gedminas - find it at mg.pov.lt!