[03:04] <fang0654> Anyone know of any way of automatically updating tripwire when security updates are installed, or of a better means of checking that no system files are tampered with automatically?
[03:05] <fang0654> nevermind, looks like debsums will do what I need
[04:42] <BaldFat> I have samba working on my server for printer but no file shares show
[08:51] <uvirtbot`> New bug: #1076277 in rrdtool (main) "package rrdcached 1.4.7-1 failed to install: le sous-processus script post-installation installé a retourné une erreur de sortie d'état 139" [Undecided,New] https://launchpad.net/bugs/1076277
[08:55] <danieljs> Hello. I'm trying to install Phantomjs 1.7 on Ubuntu 11.04 x64. the hosting is mediatemple. I get "segmentation fault". Anyone can help? thank you.
[09:10] <TheLordOfTime> danieljs:  you know 11.04 is end of life right?
[09:21] <uvirtbot`> New bug: #1076286 in puppet (main) "Puppet agent not correcly configuring facts synch'd from master" [Undecided,New] https://launchpad.net/bugs/1076286
[09:25] <cjs> I did an install of a server from the Ubuntu alternate install disc with two mds: /boot and LVM container, and a root and swap inside the LVM container. However, when I try to boot that disk, it just hangs with a blank screen (apparently before or around the very start of grub). Any thoughts on what's wrong?
[09:25] <cjs> (And yes, I'm going to re-do the install from the server disk. Brain fart.)
[09:36] <uvirtbot`> New bug: #1076290 in cobbler (universe) "cobbler-web throws 500 internal server error" [Undecided,New] https://launchpad.net/bugs/1076290
[10:56] <danieljs> Hello. I'm trying to install Phantomjs 1.7 on Ubuntu 11.04 x64. the hosting is mediatemple. I get "segmentation fault". Anyone can help? thank you.
[10:57] <danieljs> I can't install a newer version of ubuntu on mediatemple...
[10:59] <gucki> good morning
[10:59] <gucki> I'm using latest ubuntu quantal server and have a serious kvm memory problem.
[11:00] <gucki> A kvm guest i started with -m 2048 (so 2048 of ram) is actually taking 2700 (res) and 4700 (virt) as seen by top or ps on the host...?! :-(
[11:00] <gucki> how can i debug and fix this? :-)
[11:01] <cjs> gucki: That may not be a problem.
[11:02] <gucki> cjs: why not? the guest is consuming much more resources than it should?
[11:02] <cjs> gucki: Possibly not. Let me just check my guests.
[11:03] <cjs> gucki: Though I am on an 8.04 system here.
[11:04] <cjs> gucki: Ok, so my guests set up for 1572864 bytes of memory have a VSS of 1787264 and RSSs ranging from 612600 to 788200
[11:04] <cjs> Oh, wait, one has a VSS of 1818048.
[11:05] <koolhead17> here i am , this is me!!
[11:05] <gucki> cjs: mh, so a little overhead but not that much as on my system...
[11:06] <cjs> gucki: I'm guessing that my RSS is considerably less than allocated because I rebooted yesterday and these VMs don't do much (and in particular, don't use much memory).
[11:07] <cjs> But remember, with all memory in use, you'd expect RSS (when you're not paging to swap) to be the size of the memory allocated to the VM *plus* whatever KVM is using for its own code, data, etc.
[11:08] <cjs> And VSS may not all be memory that's actually in use. I believe that VSS represents all mapped pages, regardless of whether they've ever been backed by disk or physical RAM.
[11:08] <cjs> So, you might be able to work out what's going on by looking at your total RAM+swap in use, and figuring out how much larger that is than the memory allocated to the guests.
[11:09] <cjs> (Oh, yeah, RSS may also represent shared pages, if I recall correctly. So four VMs would share the pages holding the KVM code that they're running.)
[11:17] <gucki> cjs: yes, so i'd expect an rss of 2048mb + a few megs (not 700!) for kvm..
[11:18] <gucki> cjs: guess i'll write to the kvm mailinglist..
[11:27] <cjs> gucki: Yeah, I guess 700 MB is a bit much.
[11:27] <cjs> gucki: But as I said, take a look at total memory usage of your system and see if there's hundreds of megs not account for there, too.
[11:28] <Daviey> koolhead17: Have you met evilnickveitch ?
[11:28] <Daviey> koolhead17: evilnickveitch is the evilest, bestest doc king in the world (second to you ofc.).
[11:28] <koolhead17> hello evilnickveitch :)
[11:29] <evilnickveitch> ah! koolhead17 , yes, we have conversed briefly!
[11:29] <Daviey> koolhead17: he might be able to help you drive the docs you were talking to me about.
[11:29] <koolhead17> Daviey: we exchanged email
[11:29] <koolhead17> thanks Daviey :)
[11:29] <koolhead17> hello evilnickveitch again!! :D
[11:29] <evilnickveitch> so there Daviey, nobody needs you :P
[11:30] <evilnickveitch> hi koolhead17 , we should catch up sometime :)
[11:31] <koolhead17> evilnickveitch: yes sir!!
[11:31] <koolhead17> evilnickveitch: Daviey is Daviey :D
[11:33] <Daviey> evilnickveitch: I am just a dumb manager now, i know.
[11:33] <koolhead17> Daviey: so your saying manager role makes ppl dumb :D
[11:34] <Daviey> koolhead17: Yep.
[11:34] <koolhead17> evilnickveitch: pm?
[11:34] <evilnickveitch> ok
[11:34] <koolhead17> Daviey: now that is harsh!! :D
[11:43] <cjs> So when my 12.04 amd64 server install boots, I get a grub menu, and things seem to work ok if I do a rescue boot. But if I do a non-rescue boot, I end up with a blank screen. (The monitor's still getting a signal, but there's no text or anything else.) Ctrl-Alt-F1 through F8 don't bring up anything, either. Ideas?
[12:17] <cjs> Anybody here know how I change the option to abort or continue a boot when the RAID is broken?
[12:22] <xnox> cjs: dpkg-reconfigure mdadm
[12:23] <xnox> should offer to answer boot-degraded question.
[12:23] <xnox> or you can set boot option to boot-degraded.
[12:23] <xnox> rebuild initramfs.
[12:31] <ironm> Hello. I run buntu-server 12.04 based KVM host. I am not sure if it is my wrong configuration or a kvm networking issue. Both  <interface type='direct'> and <interface type='bridge'> *don't* work. Only  <interface type='network'> works as expected. Config files including description of the test environment are at http://rsync.it-infrastrukturen.org/.kvm/ and in this file: http://rsync.it-infrastrukturen.org/.kvm/README-kvm-networking-
[12:31] <ironm> issues.txt
[12:32] <ironm> http://rsync.it-infrastrukturen.org/.kvm/README-kvm-networking-issues.txt
[12:32] <RoyK> xnox: ut should be *default* to boot degraded!
[12:32] <RoyK> !bug 1059541
[12:32] <uvirtbot`> Launchpad bug 1059541 in initramfs-tools "Change default behavoir to boot degraded RAID" [Undecided,New] https://launchpad.net/bugs/1059541
[12:33] <ironm> Is there any possibility to run KVM in debug mode or other ubuntu specific trace possibilities? Thank you in advance for any hints.
[12:33] <xnox> RoyK: the decision was from before my time. At the time there was a divide between: never boot system if it's known to not have assumed reliability vs always boot even if degraded.
[12:34] <patdk-lap> heh, every hardware raid I have ever worked with, boots degraded
[12:38] <cjs> xnox: Thanks!
[12:42] <a_ok> I'm using lsyncd, but the ubuntu package only contains an old fashioned init script. how do I make it start on boot?
[12:43] <RoyK> xnox: I'm not blaming you, just saying that RAID is pretty useless if a server fails to boot with a single dead drive
[12:45] <a_ok> RoyK: depends on why you are using it. If you are going for speed for example RAID can make quite a difference
[12:46] <patdk-lap> heh?
[12:46] <patdk-lap> a raid with one disk bad, working, is faster than a raid with one disk bad that won't boot
[12:46] <cjs> xnox: Actually, dpkg-reconfigure mdadm didn't seem to do the trick, because it didn't add bootdegraded=true to my linux line in the grub config.
[12:47] <xnox> cjs: did you run update-initramfs ?
[12:47] <cjs> xnox: (Or at least, that's what I'm told on boot.)
[12:47] <RoyK> a_ok: it's no point in checking if a disk is missing - if you can mount it, mount it - if you can't, it'll throw you into single anyway
[12:47] <cjs> xnox: I thought that dpkg-reconfigure did that for me.
[12:47] <xnox> cjs: there are two interfaces one is a fine in the initramfs and the other one is linux-kernel boot option.
[12:48] <a_ok> patdk-lap: mmm guess I budded in a conversation without having all the background info sorry.
[12:48] <xnox> cjs: can you unpack initramfs and check? Instructions here: https://wiki.ubuntu.com/Initramfs
[12:48] <cjs> So I need either one, but not both? I.e., my system should work without the bootdegraded=true, so long as other things are set?
[12:49] <cjs> xnox: Ah, I just tried the reconfigure again, and it printed, afterwards: "update-initramfs: deferring update (trigger activated)".
[12:49]  * RoyK guesses Dell has hired high school kids cheaply to develop their iDRAC software
[12:49] <cjs> xnox: I use "update-initramfs -u"?
[12:52] <cjs> xnox: yeah, update-initramfs -u did it. Thanks.
[12:58] <otfrom> 'lo all
[13:01] <uvirtbot`> New bug: #1076353 in nova (main) "nova [-] Could not find driver for connection_type None" [Undecided,New] https://launchpad.net/bugs/1076353
[13:04] <caribou> smoser: thanks for the Merge on recordfailtimeout for Oneiric
[13:04] <caribou> smoser: anything else that is required ? You mentioned something about not being marked Merged
[13:05] <uvirtbot`> New bug: #1076306 in openssh (main) "Upgrading of OpenSSH on 10.04 LTS" [Undecided,New] https://launchpad.net/bugs/1076306
[13:30] <BaldFat_> I have Samba serving printer fine but not files. Nothing in my samba logs and my smb.conf looks standard. What tools can I use to trace down my issue?
[13:39] <smoser> caribou, you must have requested merge review from some group, and i'm not in that group, so i couldn't mark the thing as "merged" . maybe you can.
[13:39] <caribou> smoser: lemme check...
[13:40] <caribou> smoser: if you meant the "Status" field switched to Merged, looks like I just did, so yes I can
[13:42] <caribou> smoser: anything else needed so it get uploaded to -proposed ?
[13:42] <caribou> (thought I think you mentioned that it had already been done)
[13:43] <smoser> caribou, i thought i uploaded. did i not?
[13:44] <caribou> smoser: maybe you did, but I thought it had to be flagged as Merged for the upload to happen
[13:44]  * caribou is still getting familiarized with the whole SRU proces
[13:48] <smoser> caribou, its interesting...
[13:48] <smoser> ubuntu distributed development has different levesls of acceptance.
[13:49] <smoser> in the end, the archive is definitive.
[13:51] <caribou> smoser: ok, just got your email. That's what I thought
[13:51] <caribou> smoser: just that I went to look at the SRU request queue and did not see anything related to grub2
[13:51] <smoser> i just sent you an email. http://paste.ubuntu.com/1342560/
[13:51] <smoser> (for anyone playing along at home)
[13:54] <caribou> smoser: is the process different for packages in Universe (which is the case for grub2) ?
[13:54] <smoser> grub2 is not in universe.
[13:55] <smoser> but it is no different for packages that are.
[13:57] <Daviey> tyhicks: Hey, are you looking to merge acpid? :)
[13:59] <Mez> 3
[14:08] <Aison> it looks like some service on my server is blocked by ufw
[14:08] <Aison> fileserv kernel: [876531.112366] [UFW BLOCK] IN=bond0.10 OUT= MAC= SRC=10.0.0.2 DST=239.255.255.253 LEN=131 TOS=0x00 PREC=0x00 TTL=1 ID=0 DF PROTO=UDP SPT=34570 DPT=34570 LEN=111
[14:08] <Aison> this is logged on my server
[14:08] <Aison> and the source is my server, destination some multicast address
[14:28] <patdk-wk> aison, and your question?
[14:30] <Aison> patdk-wk, oh yes :P well, why is something blocked coming from the same machine?
[14:31] <Aison> it is sent by 10.0.0.2 and received bei 10.0.0.2?!?
[14:31] <patdk-wk> cause that is not *coming* from your machine
[14:31] <patdk-wk> IN=bond0.10 OUT=
[14:31] <patdk-wk> so it came IN bond0.10 and to you
[14:31] <Aison> but src is 10.0.0.2
[14:31] <Aison> hmm
[14:32] <patdk-wk> you have never heard of address spoofing, or more than one machine configured with the same ip?
[14:32] <Aison> and I read the logs on 10.0.0.2
[14:32] <Aison> patdk-wk, it is just a small testing network
[14:32] <Aison> there is by sure no other machine with same ip
[14:32] <patdk-wk> if it was going OUT from your machine it would say
[14:32] <patdk-wk> IN= OUT=bond0.10
[14:33] <patdk-wk> but it's multicast, it might be looping your outgoing packet back in to you
[14:33] <patdk-wk> I'm not sure on the rules about that
[14:34] <Aison> yes, that's what I think also, but then I wounder what application on 10.0.0.2 creates this multicast packet
[16:25] <uvirtbot`> New bug: #1076442 in nova (main) "nova-novncproxy has a missing dep on websockify" [Undecided,Confirmed] https://launchpad.net/bugs/1076442
[16:27] <SirScott> mdadm --device --scan is giving me an ARRAY of '/dev/md/0' and not '/dev/md0'.  Is that really what I want in my mdadm.conf?
[16:29] <xnox> SirScott: sure, it's valid name.
[16:29] <xnox> SirScott: read the manpages. It could be that you have a partinionable md device.
[16:29] <SirScott> xnox: thanks, don't know why i didn't bother noticing it in /dev/md/
[16:39] <SpamapS> Sirthe question is, why doyou want an mdadm.conf ?
[16:39] <SpamapS> doh
[16:39] <SpamapS> I hate when they leave
[16:40] <xnox> SpamapS: that was what I was thinking as well... but hey it was easier to answer the question that was asked =)
[17:04] <tyhicks> Daviey: Hey - I'll take a look at the merge today
[17:10] <uvirtbot`> New bug: #1076464 in logwatch (main) "unmatched entries for gnome-screensaver" [Undecided,New] https://launchpad.net/bugs/1076464
[17:14] <uvirtbot`> New bug: #1076461 in logwatch (main) "unmatched entries for smartd" [Undecided,New] https://launchpad.net/bugs/1076461
[17:31] <Daviey> tyhicks: thanks!
[17:44] <tempspace> Has anybody run into any issues with Ubuntu Server and the Intel Xeon SandyBridge E E5-4650
[17:59] <zul> hallyn: im going to upload libvirt 1.0.0 if you have any objections
[18:12] <NotLarry> I did a reboot -n on ubuntu 11.04 server this morning and now I get "ALERT! /dev/mapper/MachineName-root does not exist" and a busybox, initramfs prompt.  Raid array, which checks out at boot.  Nothing strange has happened (i applied not updates or installs) and the system had already rebooted twice today.  Can someone point me to what is going on?  No encrypted drives  or directories.  and ls /dev/mapper/ shows a link to ../d
[18:14] <sarnold> NotLarry: cut off at "../d"
[18:15] <NotLarry> ../dm-0, which seems to exist
[18:16] <uvirtbot`> New bug: #1076489 in php5 (main) "Cannot be uninstalled without installing Apache2" [Undecided,New] https://launchpad.net/bugs/1076489
[18:25] <Daviey> jamespage: ceph ftbfs in precise, expected
[18:25] <Daviey> ?
[18:26] <Daviey> jamespage: armel, armhf still building
[18:27] <ironm> hello. Please allow me one question. Is it possible to bring during the boot "unused" eth interfaces up? (without giving them an IP address)?
[18:27] <ironm> I run ubuntu-server 12.04.1 LTS
[18:28] <ironm> I have in iterfaces like:
[18:28] <ironm> auto eth1
[18:28] <ironm> iface eth1 inet manual
[18:30] <zul> Daviey: i think its a build ordering issue for ceph
[18:31] <Daviey> zul: took 1 hour, 38 minutes, 0.1 seconds
[18:31] <Daviey> sadly i can't tell you the milliseconds, which are vital
[18:31] <zul> heh
[18:39] <NotLarry> thanks all, after about the 4th reboot it came up
[18:48] <jamespage> Daviey, it may be fussy about leveldb
[18:49] <jamespage> infact it is - I remember now
[19:03] <cornfeed> is there a way to tell apt to make sure installs fresh copies of all the config/init/default files again?
[19:03] <cornfeed> for a certain package?
[19:05] <escott> cornfeed, http://serverfault.com/questions/82801/linux-how-to-restore-config-file-using-apt-get-aptitude
[19:05] <cornfeed> fancy, good find, thanks!
[19:07] <cornfeed> hmm didnt work
[19:07] <cornfeed> brb
[19:24] <cornfeed> wow, i ended up having to extract it manually
[19:55] <BaldFat_> cornfeed: apt-get purge <package> then apt-get install <package>
[19:55] <cornfeed> yep didnt work either
[19:55] <sarnold> really?
[19:55] <BaldFat_> purge should get rid of everything. What package may I ask?
[19:55] <sarnold> I've never seen that one fail; though you're not always in a position to be able to _use_ it...
[19:55] <cornfeed> couldnt make this stuff up
[19:56] <cornfeed> yeah the weirdest thing is the file it was complaining about didnt even exist
[19:56] <BaldFat_> cornfeed: fact is stranger then fiction
[19:56] <cornfeed> inspircd
[19:56] <escott> BaldFat_, purge doesnt forget config modifications for some reason
[19:56] <BaldFat_> so this is a package and not something you built?|
[19:57] <cornfeed> i have compiled it manually, then that didnt work so i removed all the files I had in place, rebooted, and tryed installing through apt, which resulted in that error
[19:57] <cornfeed> correct
[19:57] <cornfeed> built, removed (entirely), then did apt
[19:57] <BaldFat_> purge should and I swear it has before but who knows. I really find apt and aptitude as not the best (DUCKS) I love zypper for the last 5 years it has been great for me and the one server tht uses it.
[19:58] <cornfeed> yeah, apt leaves alot to be desired
[19:58] <cornfeed> i like gentoo's portage soooo much
[19:58] <escott> cornfeed, something like --force-confnew should work for you
[19:58] <BaldFat_> cornfeed: yeah that makes sense then. I hate building stuff because you have to manually look at the sh and figure out what got sent where. PC-BSD and Mac has the solution but no one will ever do it in Linux I am afraid
[19:58] <escott> or a purge followed by a --force-confmiss
[19:59] <BaldFat_> cornfeed: Google says they use Ubuntu mainly because apt and aptitude is MUCH better then yum and zypper :P
[19:59] <cornfeed> lol
[20:00] <cornfeed> linux and opinions
[20:00] <cornfeed> a source of endless hilarity and argument
[20:01] <BaldFat_> make it so much more fun. We can fight among ourselves for decades instead of the OS wars
[20:01] <BaldFat_> also VIM
[20:01] <cornfeed> lol
[20:02] <BaldFat_> the newer people aka the last 2 years or so have no idea the rpm vs deb and vim vs everything wars were. That's a good thing.
[20:04] <BaldFat_> cornfeed: This seems like a solution: dpkg -i --force-confmiss <package>
[20:10] <cornfeed> tried that too
[20:10] <cornfeed> no luck
[20:11] <zul> hallyn: ping
[20:24] <escott> i think the force confmiss only forces the installation of missing config files. so you would have to remove the file in question first
[20:35] <cornfeed> okay, so this leads to another question. who do I contact to get a package updated?
[21:24] <autif> I have hit this bug while customizing an installation. https://bugs.launchpad.net/ubuntu/+source/debootstrap/+bug/1001131
[21:24] <uvirtbot`> Launchpad bug 1001131 in debootstrap "debootstrap fails to install customized Ubuntu" [Undecided,Confirmed]
[21:25] <autif> I was hoping someone could point me to how to go about repackaging debootstarp from a deb file
[21:25] <autif> into a udeb
[21:31] <Daviey> dave@voodoo:~$ curl http://libvirt.org/news.html 2>/dev/null | grep "Chuck Short"
[21:31] <Daviey>       ARMHF: implement /proc/cpuinfo parsing (Chuck Short),<br />
[21:31] <Daviey>       ARMHF: CPU Support for armhf. (Chuck Short),<br />
[21:31] <Daviey> woot!
[21:31] <zul> whee!
[21:32] <jamespage> nice one zul!
[21:32] <jamespage> zul, are you or hallyn planning a libvirt upload for raring anytime soon?
[21:33] <zul> jamespage: im sitting on one right now but i have to talk to hallyn first probably monday
[21:34] <jamespage> zul, any chance you could enable the rados pool support?  I think it just needs a bd on librbd-dev
[21:34] <zul> jamespage: it runs win28k just fine :) sure..
[21:34] <jamespage> zul, lo
[21:34] <jamespage> l
[21:34] <jamespage> can't type
[21:34] <zul> too much karaoke
[21:46] <tboat> hey all! I'm currently trying to configure OpenVPN on my 12.04 server, and I get the following server when attemting to create ssl authentications: ./easy-rsa/build-ca: 8: ./easy-rsa/build-ca: ./pkitool: not found
[21:51] <tboat> or does anyone have a link to a good OpenVPN setup guide?
[21:54] <sarnold> tboat: looks like pkitools is packaged in /usr/share/doc/openvpn/examples/easy-rsa/2.0/pkitool in the openvpn package
[21:56] <tboat> yes, and it i moved it to the openvpn/easy-rsa folder, where i am running the build-ca command
[21:57] <tboat> so it is there, but doesn't pick it up
[21:59] <sarnold> it is perhaps not executable in a documentation directory :)
[22:03] <tboat> i copied it from the doc directory to /etc/openvpn
[22:06] <tboat> had to edit /vars, got it figured out :)
[22:07] <ironm> hello. Is there any other possibility on ubuntu-server 12.04.1 LTS for interface bondind (teaming/aggregation) than using ifenslave ?
[22:08] <Daviey> zul: can you triage bug 1076442 pls
[22:08] <uvirtbot`> Launchpad bug 1076442 in nova "nova-novncproxy has a missing dep on websockify" [Undecided,Confirmed] https://launchpad.net/bugs/1076442
[22:09] <Daviey> bug 1052677 , bug 1073289 , bug 1073275
[22:09] <uvirtbot`> Launchpad bug 1052677 in horizon "Error when clicking on OpenStack logo" [Medium,Fix released] https://launchpad.net/bugs/1052677
[22:09] <uvirtbot`> Launchpad bug 1073289 in nova "nova-common has an incorrect dep on python-nova (= 2012.1-0ubuntu2)" [Undecided,New] https://launchpad.net/bugs/1073289
[22:09] <uvirtbot`> Launchpad bug 1073275 in python-glanceclient "python-glanceclient has a bad version dep on python-prettytable" [Undecided,New] https://launchpad.net/bugs/1073275
[22:18] <AaronHome> Hello.  I have an Ubuntu10 server that has its one ethernet port config'd in /etc/network/interfaces as "eth0". I've built a new Ubuntu12 server on another disk, attached to another machine.  Now time to swap.
[22:19] <AaronHome> But the old Ubu10 bug, with the new Ubu12 disk in it boots ok, but inisist on 'talking' to the ethernet port that used to be "eth0" as "eth2".
[22:19] <AaronHome> I've no idea why, but would _like_ to keep it as, or change it back to, "eth0".
[22:20] <AaronHome> Can I do that somehow?
[22:22] <erichammond> smoser, utlemming: http://cloud.ubuntu.com/ami/ is showing the AMI id for the old 099720109477/ubuntu/images/ebs/ubuntu-precise-12.04-amd64-server-20120424 instead of the newer 099720109477/ubuntu/images/ebs/ubuntu-precise-12.04-amd64-server-20121026.1
[22:22] <smoser> erichammond, unfortunately thats a known issue.
[22:22] <lifeless> AaronHome: you have udev rules that are pinning the new boxes ethernet ports as eth0/eth1
[22:23] <erichammond> smoser: It came up here: http://askubuntu.com/questions/214431/
[22:25] <AaronHome> lifeless: Those are autogenerated then?  _I_ never created them intentionally/manually.
[22:25] <lifeless> yes
[22:29] <AaronHome> lifeless: Found it (/etc/udev/rules.d/70-persistent-net.rules) Changed it.  Thanks.
[22:30] <lifeless> no probs
[23:06] <uvirtbot`> New bug: #1076656 in mysql-5.5 (main) "mysql --ssl-capath option doesn't work" [Undecided,New] https://launchpad.net/bugs/1076656
[23:39] <joren> Is there a recommended way to setup an apt cache/proxy server these days? What's the best tool to use for that?
[23:40] <patdk-lap> apt-get install apt-cache-ng
[23:40] <lifeless> apt-get install squid-deb-proxy
[23:41] <patdk-lap> I always have issues using squid to cache apt repo's
[23:41] <joren> k, thank you both
[23:41] <joren> I'll use the ng thing, I think that's what I was looking for
[23:42] <patdk-lap> then for existing systems, you need to add someting like:
[23:42] <patdk-lap> Acquire::http::Proxy "http://xxxx:3142";
[23:42] <patdk-lap> into /etc/apt/apt.conf
[23:42] <joren> cool
[23:42] <joren> easy enough
[23:42] <joren> would be easier if puppet was everywhere :P
[23:43] <patdk-lap> heh, I do it at system install, so not bad
[23:43] <patdk-lap> and use different dns overrides for local or general internet caches
[23:43] <joren> cool, ya, I'll have to add it to my preseed
[23:43] <joren> local mirror is long over due
[23:43] <joren> er local cache
[23:43] <jcastro_> just put the same cache server in your preseed
[23:43] <bananapie> I installed fail2ban, it doesn't work because I don't accept passwords on ssh.
[23:44] <jcastro_> and after the first installation you'll be good
[23:45] <joren> well, *seems* to work
[23:46] <joren> I guess the really test will come later on
[23:46] <joren> real, rather
[23:49] <joren> bananapie, http://serverfault.com/questions/248376/fail2ban-bans-me-after-a-series-of-successful-logins <- perhaps?
[23:50] <joren> though, you probably don't need fail2ban on ssh if you only allow ssh keys.
[23:50] <bananapie> joren: Nice :D
[23:50] <bananapie> I stopped using passwords years ago.
[23:50] <patdk-lap> joren, still need it :(
[23:51] <patdk-lap> I have had people dos a t1 line, doing ssh attempts
[23:51] <joren> I guess if you only have 1.5mbit, then ya :P
[23:51] <patdk-lap> so just to keep bandwidth under control :)
[23:51] <joren> and ya, I guess it's still useful
[23:52] <bananapie> How can I simulate ssh hacking on my server ?
[23:52] <bananapie> I did for i in `seq 1 50` ; do ssh serverip; done;
[23:53] <bananapie> But it didn't ban me
[23:53] <bananapie> I didn't even see anything in the logs :(
[23:53] <joren> oh, if it's *not* banning you, that server fault thing probably wouldn't do it
[23:54] <beeg98> I would just use ssh randomuser@myserver
[23:54] <joren> his for thing shoulda done it
[23:56] <joren> bananapie, nothing shows up in /var/log/authlog ?
[23:59] <bananapie> dat's right
[23:59] <bananapie> nothing shows up in auth.log, even though I see the traffic with ngrep