/srv/irclogs.ubuntu.com/2012/11/23/#ubuntu-server.txt

genii-around	typo3 default database name of typo3-database causes problems when you try to do a mysql command like: GRANT ALL ON typo3-database TO 'somebody'@'somewhere' ...it chunks out because of the hyphen	00:26
=== benji is now known as Guest55591
kjs	is anyone on amazon EC2 micro? I wonder if it's fast enough for a small blog? about 5k visitors a day?	01:37
TheLordOfTime	i don't have 5k visitors a day but i dont see why it wouldnt be able to handle 5,000 visitors a day	01:38
TheLordOfTime	i know a few ubuntu members with HUGE blog turnaround traffic-wise and they use EC2 micros.	01:38
kjs	TheLordOfTime: but you're on a micro?	01:39
kjs	ah ok, cool, if you don't mind me asking, how much does it cost you roughly per month?	01:39
tonyyarusso	Is micro the one they'll give you free for the first year?	01:41
TheLordOfTime	kjs, my blog's on a micro, but i'm in the free tier right now	01:43
TheLordOfTime	my blog doesn't get 5k/day traffic though	01:43
kjs	5k is not a lot	01:43
kjs	my blog is also static, so it should be fine... the free tier?	01:44
* kjs goes to google about this		01:44
TheLordOfTime	they have a free 1y micro tier for people	01:45
TheLordOfTime	then after that year they charge you.	01:45
tonyyarusso	Works out to about $15/mo, compared to $20 for the base Linode.	01:45
TheLordOfTime	mhm	01:45
TheLordOfTime	of course when my year's up i'm 'shifting data over to the cheaper server(s) i use for TrekWeb (which is a LOT higher data traffic)	01:46
TheLordOfTime	(cheaper, yet higher data traffic... don't ask how i even achieve that)	01:46
kjs	I am currently at Linode.	01:47
tonyyarusso	me too	01:47
kjs	might move to amazon for a year if it's free tho :P	01:47
tonyyarusso	I should probably ask if I can run a server at work though and save the money. Would be pretty easy.	01:48
kjs	I know at work we have a bunch of VPS now + an old dedicated server, I wonder if I should setupa server running openstack and run the vps's on that would save money... Single point of failure on that server then though...	01:50
kjs	OVH are setting 2 x 120Gb SSD's, 32Gb of ram unlimited 100mbps for 59GBP	01:51
tonyyarusso	My workplace has a full datacenter (a couple, actually), but I don't know if they'd let me colocate a personal system there. Probably, but I don't know.	01:54
tonyyarusso	might be worth a shot	01:54
kjs	patch it in and find out ;)	01:54
tonyyarusso	heh, no	01:55
=== chilicuil_away is now known as chilicuil
=== nerd is now known as fire
RoyK	+++	02:47
RoyK	++	02:47
=== n0ts_off is now known as n0ts
TheGuy	Hey everyone, happy thanksgiving	05:47
TheGuy	anyone with eperience setting up multiple websites under one eternal IP address? Having difficulties setting it up properly	05:48
patdk-lap	using what webserver?	05:51
TheGuy	standard LAMP setup, apache2	05:52
TheGuy	I have been looking into the virtual host setup guides and hve not been able to find one applicable or that will work	05:52
patdk-lap	http://ubuntu-tutorials.com/2008/01/09/setting-up-name-based-virtual-hosting/	05:53
patdk-lap	probably the simplest	05:53
TheGuy	as is, it directs querries from both site domain addresses to one sites files	05:53
patdk-lap	now your not making sense	05:54
TheGuy	excuse me, when someone types one address, it goes to one site, they type the other address it goes to the same site	05:55
patdk-lap	then you probably failed to setup the default catchall virtualhost for that ip	05:55
patdk-lap	so that all unknowns go there	05:55
patdk-lap	otherwise apache just picks one, or the first one, or whatever	05:55
TheGuy	I will look through this site you linked me, looks like some good info, Ill keep that in mind	05:56
=== chilicuil is now known as chilicuil_away
TheGuy	hmmm, that guide did not work either, a lot of errors on the reload	06:13
=== n0ts is now known as n0ts_off
patdk-lap	it sounds like you have followed too many guides	06:15
patdk-lap	and have made way too many changes that you dunno what they are	06:15
TheGuy	no, i actually know the eact files that i have changed lol	06:25
TheGuy	since it is only 1 that they tell me to change that is included	06:25
TheGuy	which is the apache2.conf file, and that i should make the site-available files and then enable them	06:26
TheGuy	the webserver is still more then operational and does show 1 site, but the other site is not shown when typing in its adress, it defaults to the first one	06:27
TheGuy	there has to be something im missing, or that these guides are missing, since its all basically the same process minus one thing here and plus one thing there, i have not gotten any to work	06:28
=== Akendo_ is now known as Akendo
=== smb` is now known as smb
=== mcclurmc_away is now known as mcclurmc
=== n0ts_off is now known as n0ts
=== cwillu_ is now known as cwillu
=== nerd is now known as security
=== Akendo is now known as Akendo_
=== Akendo_ is now known as Akendo
Akendo	Good Morning Guys, what a wonderful day!	12:06
=== cpg is now known as cpg\|away
zul	Daviey: apparently you can download vm in openstack through bittorrent	13:56
Daviey	zul: oh?	13:58
zul	xenapi only though	13:58
Daviey	interesting... it's how twitter do their code pushout aiui	14:01
Daviey	zul: whilst i have you, yolanda is super keen to contribute.. Do you have anything that would be good th throw that way?	14:01
zul	Daviey: are we talking packaging or upstream stuff?	14:02
iliv	anyone familiar with policykit? I botched up sudoers file, and read it on the might Internet that pkexec visudo can help me, but it needs /usr/lib/policykit-1/polkit-agent-helper-1 running. however, trying to start that helper results in "polkit-agent-helper-1: wrong number of arguments. This ...	14:03
iliv	... incident has been logged.'	14:03
zul	yolanda: ping	14:04
yolanda	hi zul	14:04
iliv	booting into recovery mode is least desired option, I'd love to do this with 0 downtime	14:04
zul	yolanda: heya...python-glanceclient is ftbfs if you want to take a crack at fixing that, that would be cool otherwise there is a bunch of bugs folsom-backport-potential in launchpad at https://bugs.launchpad.net/bugs that could possibly be backported	14:05
yolanda	checking	14:07
yolanda	zul, ok, i'll take a look at it	14:08
zul	yolanda: cool if you need any help lemme know	14:08
yolanda	ok	14:09
zul	koolhead17: you want some openstack stuff to do?	14:10
koolhead17	zul, sure sir	14:13
koolhead17	show me the way am all in	14:13
zul	koolhead17: figure out why stable/folsom is ftbfs https://jenkins.qa.ubuntu.com/view/Openstack_Testing/view/Folsom/job/precise_folsom_nova_stable/664/console	14:13
=== matsubara is now known as matsubara-lunch
hallyn	stgraber: bug 1075917, I'm intendingn to mark it wontfix with a comment that it is a new feature, not a bugfix. should if you disagree	15:21
uvirtbot	Launchpad bug 1075917 in lxc "[wishlist] Support for lxc.network.gateway in precise" [Wishlist,Confirmed] https://launchpad.net/bugs/1075917	15:21
stgraber	hallyn: yeah, sounds fine. I'm in the process of getting an official lxc backport to precise anyway	15:22
yolanda	zul, here is a paste of the errors on glanceclient: http://paste.ubuntu.com/1379659/	15:24
zul	yolanda: grr...ok we just might want to disable the tests or let the package to build even if the tests fail	15:25
yolanda	i'll take a look	15:26
hallyn	stgraber: cool, thanks	15:33
chmac	What's the command to see which applications are using the network?	15:41
chmac	Something on the machine is downloading ~1Mb/s and I can't figure out what it is.	15:41
=== Malediction_ is now known as Malediction
=== nerd is now known as megharsh
iliv	chmuri, try trafshow or iptraf	15:49
=== n0ts is now known as n0ts_off
uvirtbot	New bug: #1080995 in clamav (main) "package clamav-freshclam 0.97.6+dfsg-1ubuntu1 failed to install/upgrade: subprocess installed post-installation script returned error exit status 128" [Undecided,New] https://launchpad.net/bugs/1080995	15:56
=== CrypticS_ is now known as CrypticSquared
uvirtbot	New bug: #509647 in lxc (universe) "[MIR] lxc" [Undecided,New] https://launchpad.net/bugs/509647	16:06
uvirtbot	New bug: #1080658 in ipsec-tools (main) "Overwriting proposal produces segfaults" [Undecided,New] https://launchpad.net/bugs/1080658	16:10
jamespage	zul, I just noticed that all of the branch merges in the lab happen the wrong way around	16:17
zul	jamespage: uh?	16:17
jamespage	its not functionally impacting but it makes the bzr history look really odd	16:17
zul	jamespage: how so?	16:18
jamespage	bzr branch lp:~openstack-ubuntu-testing/nova/grizzly	16:18
zul	right	16:18
jamespage	bzr merge lp:~openstack-ubuntu-testing/nova/grizzly-precise	16:18
jamespage	bzr push lp:~openstack-ubuntu-testing/nova/grizzly-precise	16:18
jamespage	the changelog for the merge accmulates over time	16:18
jamespage	I think it should branch the grizzly-precise branch; merge the grizzly branch and then push it	16:19
jamespage	maybe	16:20
jamespage	I need to take a look at it again	16:20
zul	jamespage: that sounds right to me	16:20
jamespage	zul, from the precise-grizzly branch atm its impossible to tell the lab builds apart from each other	16:24
jamespage	lol	16:24
=== matsubara-lunch is now known as matsubara
zul	okies g1 uploaded	16:30
yolanda	zul, if i build the package with the DEB_BUILD_OPTIONS=nocheck , it builds properly	16:33
zul	yolanda: right because nocheck disables the testsuite, if you add \|\| true where it runs the test then you should be ok	16:34
yolanda	ok, just force the conditions for the nocheck always to be true, right?	16:35
zul	right	16:36
yolanda	ok	16:36
=== Akendo is now known as Akendo_
yolanda	zul, it works, yes	16:58
zul	yolanda: cool	16:58
yolanda	where can i push the changes?	16:58
zul	bzr branch lp:~openstack-ubuntu-testing/glance/grizzly	16:59
* zul lunches		16:59
yolanda	ok	16:59
uvirtbot	New bug: #1073275 in python-glanceclient (main) "python-glanceclient has a bad version dep on python-prettytable" [Medium,Fix released] https://launchpad.net/bugs/1073275	17:01
=== n0ts_off is now known as n0ts
yolanda	zul, sorry, what version number should i set in changelog? the last one is 2013.1~g1~20121114.296.g517739f-0ubuntu3	17:07
TheLordOfTime	wouldnt it be all that plus a .1 ?	17:08
TheLordOfTime	for bugfixing at least.	17:08
TheLordOfTime	new releases, different issue :P	17:09
jamespage	yolanda, one sec - lemme check	17:09
jamespage	yolanda, just add your changes to the changelog entry already present	17:10
jamespage	its UNRELEASED so still open for additions prior to final upload	17:10
yolanda	ok	17:11
jamespage	yolanda, dch -t will add you to the current changelog entry	17:11
yolanda	yes	17:12
=== n0ts is now known as n0ts_off
jamespage	adam_g, zul: I sorted out the swift stable/folsom builds - not sure why it had not been switched over from trunk but it is now	17:18
* jamespage likes lots of green balls		17:18
yolanda	zul, should i push it to same branch or i push to another that is mine and then we do the merge?	17:19
zul	yolanda: just push it to the same branch we havent worked out the merge system yet	17:19
yolanda	ok	17:19
Daviey	jamespage: I think that should be added as a quote.	17:20
jamespage	yolanda, you can raise a merge proposal but you currently then have to re-target it in launchpad to the correct branch	17:21
zul	jamespage: can we add a table of contents to this page: https://wiki.ubuntu.com/ServerTeam/OpenStack im going to be adding some content as well me thinks	17:21
zul	Daviey: done and done	17:21
jamespage	zul, feel free - but make it nice and pretty!	17:21
yolanda	seems i'm having some issue with the push: bzr: ERROR: Cannot lock LockDir(http://bazaar.launchpad.net/~openstack-ubuntu-testing/glance/grizzly/.bzr/branch/lock): Transport operation not possible: http does not support mkdir()	17:27
yolanda	i readed and says something about being identified with launchpad-login, but i'm in	17:27
Daviey	yolanda: please can you work out where you are pushing?	17:27
Daviey	seems you are pushing over http, not ssh.	17:28
yolanda	seems i'm pushing to http, yes, but if i push by bzr+ssh it also fails with permission denied	17:29
Daviey	yolanda: you are not in ~openstack-ubuntu-testing... you want to psuh to ~yolanda and request a merge proposal	17:29
yolanda	i see	17:29
yolanda	oh, my launchpad messed keys again :(	17:32
yolanda	i cannot push event to my existing branches	17:32
yolanda	sorry, even	17:32
lvmer	I'm looking to setup a LAN storage for movies / pictures that will be viewable on a living room tv. What is the best way to do this? 1) Have a simple win7 computer next to the TV that connects to a LAN Samba storage server in the basement - funnels movie/picture files to the tv. 2) Are "smart" tv's available? Where I can just ethernet connect them and they will work with the samba server? 3) DLNA? 4) open to ideas?	17:37
sarnold	lvmer: investigate mythtv	17:38
digadvan	any of you setup a bind9 dns slave server before? are the zone files suppose to replicate from master to slave automatically?	17:38
sarnold	lvmer: I've tried dlna to my ps3, damned thing is very picky about file formats though	17:38
xnox	lvmer: mythbuntu is for you.	17:38
lvmer	yah I was thinking either mythtv or a dlna like tvmobili	17:38
lvmer	but I was definitely worried about formats	17:39
sarnold	lvmer: but simple http to serve the files, copy them over to the ps3, and play them 'locally', works well enough for me for as infrequently as top gear is released....	17:39
lvmer	sarnold: YOU ARE A TOP GEAR FAN?!	17:39
lvmer	sarnold: omg mee too!!! I have every single episode / special	17:39
sarnold	lvmer: of course. :) hehe.	17:39
lvmer	sarnold: lmk if you ever need any, 'finalgear.com' is a great resource.... xD	17:39
sarnold	lvmer: yeah, I'm thrilled for those guys, saves tons of time on irc, feels way less dirty than the Big Torrent Sites... :)	17:40
lvmer	so for myth tv - I will need 2 computers right? 1 = NAS or samba storage 2 = vga to tv & sound to reciever?	17:40
lvmer	because some of my blue ray rips from my brother (he is obsessed with blurays) are 7.1 sound. And I'm not quite sure how to get that in/out the tv or reciever	17:41
sarnold	lvmer: I think there's a backend myth machine and a frontend myth machine; probably storage could be on backend or on a third machine	17:42
lvmer	because vga = no sound connection && hdmi = stero	17:42
lvmer	sarnold: ok, & which computer is the most important?	17:42
sarnold	lvmer: dunno there, sorry. :)	17:42
lvmer	because right now I have 2 old computers.... 1x = year 2000 & p4 - 2ghz, 2gb ram, IDE HDDS, other = laptop 2008, 3gb ram, duo-core.	17:43
lvmer	my goal is to build a newer computer so I can use like 6x SATA HDD's	17:43
lvmer	and I'm wondering... should this be the storage computer in the basement? or the computer with an old gpu connected to the tv?	17:43
yolanda	https://code.launchpad.net/~yolanda.robla/glance/grizzly/+merge/135955	17:44
yolanda	zul ^	17:44
digadvan	any bind gurus online?	17:44
lvmer	xnox: I appreciate the help.	17:45
lvmer	sarnold: I appreciate the help.	17:45
lvmer	/me is off to investigate mythtv & mythubuntu	17:45
sarnold	digadvan: oh, right, slaves, got distracted. I _think_ the zone transfers need to be configured on both peers, to ensure the master allows the slave to request zone transfer	17:46
digadvan	sarnold: I did configure the slave to see the master and allowed tranfer from master to slave.. but still no go.	17:50
sarnold	digadvan: anything in the logs?	17:50
genii-around	digadvan: You might have to bump the serial number in the zone file. eg: right under IN SOA ns hostmaster ( is usually something like: 2012112200 ; serial number -- yyyyMMddss.	17:53
genii-around	Otherwise it doesn't push the new records out	17:54
uvirtbot	New bug: #1082429 in glance (main) "glance-client fails to build from source" [Undecided,Invalid] https://launchpad.net/bugs/1082429	17:56
zul	yolanda: merged thanks	18:07
yolanda	zul great	18:16
zul	yolanda: np	18:17
yolanda	leaving for today, have a nice weekend	18:18
=== mcclurmc is now known as mcclurmc_away
sh_t	hi everyone. has anyone here used Ubuntu precise with bonding mode 4 (LACP/802.3ad)? I'm unable to get any traffic past my gateway router.. but I can ping the gateway. everything in /proc/net/bonding/bond0 appears to be correct as if the bond was working but no traffic passes through the gateway.	19:04
sh_t	I've attempted exactly what's described here https://help.ubuntu.com/community/UbuntuBonding as well as an older method where you put the configuration into /etc/modprobe.d/bonding.conf -- both behave the same	19:05
sarnold	sh_t: does 'ip route show' show the gateway as a 'via nnn.nnn.nnn.nnn' entry anywhere?	19:07
capitaninsaneoh	hello	19:08
capitaninsaneoh	If I am adding iptables rules to the default input chain and I've opened up a service that uses UDP and TCP do I need to add a default drop rule?	19:08
capitaninsaneoh	do I need to add - iptables -A INPUT -j DROP -p udp -i eth0	19:09
capitaninsaneoh	?	19:09
Daviey	zul: grizzly staging populated with folsom now	19:12
zul	Daviey: cool...still scheming	19:12
Daviey	roaksoax: suck, the LP diff is flawed.	19:13
sh_t	sarnold: sorry just a sec, tinkering to get it back to how it was :p	19:16
roaksoax	Daviey: boomer, how so? any links?	19:17
sh_t	sarnold: yes, it says "default via a.b.c.1 dev bond0 metric 100", next line "a.b.c.0/28 dev bond0 proto kernel scope link src a.b.c.10" where .10 is the servers IP	19:18
sarnold	sh_t: then I'm out of ideas :( good luck :)	19:19
sh_t	baha	19:19
sh_t	fml	19:19
Daviey	roaksoax: no, it was just the auto generated LP diff was broken	19:28
=== Jever\| is now known as Jever
roaksoax	ah, boomer	19:30
Danawar	Hey #ubuntu server i host minecraft servers on my server and today we got to 30 people online and the network just droped out on the server bring eth0 down then up again resolved the issue but it happened again after we again got more people joining is there any reason why this would happen and is there any way i can find out why it happened and resolve it thanks in advanced.	20:11
pmatulis	Danawar: check kernel logs	20:12
Danawar	Sure pmatulis what am i looking for in the kernel logs?	20:12
pmatulis	Danawar: anything suspicious. how should anyone here know what problem you have?	20:12
sarnold	when you say "the network just dropped out", do you mean that you had to use a physical console to run ifup / ifdown? or did your minecraft game stop working?	20:13
Danawar	I have alot of [UFW BLOCK] IN=eth0	20:14
Danawar	and before any of that "eth0: no IPv6 routers present"	20:15
sarnold	no ipv6 routers is normal unless you expected to be able to use ipv6 on your network :)	20:15
sarnold	ufw blocking IN=eth0 might be normal things or might be abnormal, depending upon what was being blocked and your local configuration.	20:16
Danawar	trying to remember the exact time it went down i should have noted it down ;/	20:16
Danawar	because i use a kvm there is alot of spam from keyboard and mouse hooks where i flick back and forth	20:16
Danawar	The only other abnormal thing i can see is ADDRCONF(NETDEV_UP): eth0: link is not rea	20:17
Danawar	and below it : atl1c 0000:02:00.0: irq 46 for MSI/MSI-X	20:18
Danawar	atl1c 0000:02:00.0: atl1c: eth0 NIC Link is Up<100 Mbps Full Duplex>	20:18
sarnold	"link is not ready" looks like another ipv6-specific thing:	20:21
sarnold	./net/ipv6/addrconf.c:pr_info("ADDRCONF(NETDEV_UP): %s: link is not ready\n",	20:21
sarnold	but if it were going up and down due to something else, something unexpected, that's interesting. :)	20:22
Danawar	It could be my poorly configured loopbacks	20:22
Danawar	i did them a while ago	20:22
Danawar	and never removed them	20:22
Danawar	because i got lost with ip tables O.o	20:22
Danawar	alot of firewall : SRC=0.0.0.0 DST=224.0.0.1	20:23
Danawar	but before the server went down	20:23
Danawar	lots of : SRC=78.70.170.191 DST=192.168.1.3 LEN=82 TOS=0x18 PREC=0x60 TTL=110 ID=16623 DF $	20:24
Danawar	$ PROTO=UDP SPT=63804 DPT=49461 LEN=36	20:24
guntbert	!paste \| Danawar	20:24
ubottu	Danawar: For posting multi-line texts into the channel, please use http://paste.ubuntu.com \| To post !screenshots use http://imagebin.org/?page=add \| !pastebinit to paste directly from command line \| Make sure you give us the URL for your paste - see also the channel topic.	20:24
Danawar	Sorry guntbert	20:25
guntbert	Danawar: no worries, keeping a paste in a pastebin just makes it easier to read - and doesn't clutter the channel :)	20:26
Danawar	Could i have been spam with requests from 78?	20:26
Danawar	like a ddos from one machine	20:26
sarnold	what's listening on 49461, if anything	20:26
Danawar	the requests have all different ports i believe	20:27
Danawar	The one underneath it says : PROTO=TCP SPT=55177 DPT=5010 WINDOW=8192 RES=0x00 SYN URGP=0	20:27
=== yofel_ is now known as yofel
Danawar	one quick question is where are iptables stored?	20:32
guntbert	Danawar: stored? you mean when you shut down your system?	20:33
Danawar	guntbert: along time ago i was trying to take requests like plotme.lagcraft.co.uk on a certain port and forward them to port 5001 but since i have never removed them because i couldnt figure out how	20:34
guntbert	!ufw \| Danawar	20:35
ubottu	Danawar: Ubuntu, like any other Linux distribution, has firewall capabilities built-in. The firewall is managed using the 'ufw' command - see https://help.ubuntu.com/community/UFW \| An alternative to ufw is the 'iptables' command - See https://help.ubuntu.com/community/IptablesHowTo \| GUI frontends such as Gufw (GNOME) and Guarddog (KDE from Lucid onwards) also exist.	20:35
Danawar	Iptables is so confusing O.o tryed to list them but i cant see any of the ones the i remember adding i guess this is abit to complex for me at the moment =/	20:39
sh_t	is there a simple way to prioritize traffic to certain ip's/ports on a network interface? i have a busy NIC sharing different jobs and connections to a mysql server are problematic.. was hoping to prioritize 3306 traffic for example	21:01
sarnold	sh_t: do you know lartc.org ?	21:02
webfox	Hello folks!	21:09
MrTorque	Hi everyone!	21:10
webfox	I am fcaing some hard time to use a version of Ubuntu Server as a client at a VirtualBox machine. I intend to use it as a Bridged client but I've heard it would be necessary to install hdcleint, is it true I need it and isn't it already pre-intalled?	21:10
MrTorque	I want to set up ubuntu with DNS for small office. Do i need to configure it as "Caching Server" or as "Primary Master Server"? (referring https://help.ubuntu.com/community/BIND9ServerHowto )	21:10
ScottK	MrTorque: Caching Server	21:11
MrTorque	ScottK: Two more questions then: would you recommend to setup dhcp-server to give "fix" ip adresses to the clients?	21:13
MrTorque	ScottK: Can i use Samba 4 with only caching DNS?	21:14
patdk-lap	samba doesn't depend on dns	21:15
patdk-lap	it helps yes, but not needed	21:16
MrTorque	patdk-lap: for AD they strongly recommend it (they said a working dns would prevent much frustration...)	21:16
patdk-lap	well for AD yes	21:17
patdk-lap	but you didn't say AD	21:17
patdk-lap	AD requires dns	21:17
MrTorque	patdk-lap: what kind of dns? Is "Caching DNS" sufficient?	21:19
patdk-lap	no	21:19
patdk-lap	you need caching and server	21:19
MrTorque	patdk-lap: hmpf... this thing is not easy for me.	21:20
patdk-lap	well, it shouldn't be	21:20
patdk-lap	you picked something that is not unix natice, and something relatively new	21:21
patdk-lap	and attempting to peice all the parts together	21:21
patdk-lap	it will take time, and lots of work	21:21
MrTorque	patdk-lap: hm. How long do you think would it take to get samba 4 running on ubuntu server with AD support (without encryption, without any mailserver-stuff)?	21:22
patdk-lap	no idea, never even wanted to attempt that myself :)	21:23
patdk-lap	but your going need ldap, dns, kerberos, samba	21:23
MrTorque	-.-	21:24
patdk-lap	I've set them all up, but never attempting to join them all to imitate AD	21:24
MrTorque	i hoped it would be easy nowadays...	21:24
patdk-lap	it really is, install windows server	21:25
patdk-lap	but then, I do believe in using the correct solution for the correct problem	21:25
MrTorque	I just need to share folders with some data and be able to configure access-rights with windows-explorer	21:27
MrTorque	Being able to reset the user-password on the server-side also would be nice	21:27
=== cpg\|away is now known as cpg
=== cpg is now known as cpg\|away
ball	Do Ubuntu kernels come with SLIP enabled?	21:38
patdk-lap	always	21:40
ball	Thanks	21:41
hallyn	stgraber: have you worked at all with the raring package? I notice bug 1070914 for instance still needs to be fixed in raring.	21:49
uvirtbot	Launchpad bug 1070914 in lxc "lucid containers don't start on quantal hosts" [High,Fix released] https://launchpad.net/bugs/1070914	21:49
hallyn	(I'll just add it to what I push on monday,	21:49
hallyn	but I want to make sure there isn't more still missing)	21:50
stgraber	hallyn: I'm not using the distro packages. I use my daily builds of the staging branch :)	21:50
stgraber	I'm planning to use my nexus7 to test the stock LXC but I need a new kernel for that	21:50
hallyn	stgraber: ok. i'll look through the quantal-proposed changelog on monday and make sure it'll all uptodate	21:51
=== chilicuil_away is now known as chilicuil
MrTorque	I am trying to set up bind9. but i get an error with: dig 100.168.192.in-addr.arpa. AXFR	22:20
MrTorque	;; connection timed out; no servers could be reached	22:20
MrTorque	Where did i do a mistake?	22:21
MrTorque	other checking-commands work: named-checkzone 100.168.192.in-addr.arpa. /etc/bind/db.192	22:21
MrTorque	and named-checkzone yfm.lc /etc/bind/db.yfm.lc	22:21
sarnold	MrTorque: do you know that the machine where you ran 'dig' from is allowed to contact the bind server on tcp port 53? that might be disabled in a firewall or configuration file	22:24
MrTorque	sarnold: i followed https://help.ubuntu.com/community/BIND9ServerHowto . The machine with the dns-server is the same machein as the one with the dig-command	22:25
MrTorque	iptables -L does not contain any rule (fresh installation of ubuntu server)	22:25
sarnold	MrTorque: hrm, do you need to add the allow-transfer directive with 127.0.0.1 in that case?	22:27
MrTorque	sarnold: i dont know.	22:29
MrTorque	the how-to does not say to do so	22:31
sarnold	MrTorque: indeed, the impression I'm getting is that bind9 is wide open until you add an allow-transfer directive...	22:32
sarnold	MrTorque: can you telnet localhost 53 ?	22:32
MrTorque	yes	22:32
MrTorque	nmap localhost gives: 53/tcp open domain	22:34
MrTorque	ping yfm.lc gives ping: unknown host yfm.lc	22:34
MrTorque	yfm.lc is the domain I did configure	22:34
MrTorque	(or at least tried to)	22:34
sarnold	MrTorque: hrm; does axfr work for reverse zones?	22:35
MrTorque	how do i check? and btw what does axfr stand for? is it a special token/name?	22:36
sarnold	MrTorque: axfr asks for the zone transfer	22:41
sarnold	MrTorque: what does dig yfm.lc axfr do? does that work?	22:41
MrTorque	yes, it does. i will pastebin it...	22:42
MrTorque	http://pastebin.ca/2254686	22:42
sarnold	that's axrf, not axfr -- what changes there? :)	22:43
sarnold	damn I hate dns. :)	22:43
MrTorque	hehe, and i do not yet understand it -.-	22:45
MrTorque	anyway, i get with axfr: ;; communications error to 80.83.97.38#53: end of file	22:45
MrTorque	http://pastebin.ca/2254688	22:46
sarnold	o_O	22:48
MrTorque	I added the new stuff at the top	22:49
MrTorque	so don't be confused because of that...	22:49
maswan	for dig:ing axfr:s you should specify the NS with @server.name.tld	22:49
sarnold	I tried it myself and got this: $ dig @80.83.97.38 yfm.lc axfr	22:49
sarnold	;; communications error to 80.83.97.38#53: end of file	22:49
MrTorque	maswan: but name resolution should work correctly by default, shouldn't it?	22:50
sarnold	.. which I think means that my IP is not allowed to make that query. heh.	22:50
MrTorque	sarnold: it is just a domain in the LAN, not a public one.	22:51
maswan	MrTorque: zone transfers are a special case, and can only be served by an NS holding the zone, not a general recursive resolver	22:51
MrTorque	maswan: I did create that zone (I think..., i followed https://help.ubuntu.com/community/BIND9ServerHowto and they were able to ping exaple.com )	22:51
maswan	is 80.83.97.38 your IP that you are setting up bind on?	22:53
MrTorque	maswan: no, it is not. I am behind a router, just wanting to set it up in LAN	22:54
maswan	MrTorque: then it doesn't make any sense to ask 80.83.97.38 for a zone transfer of yfm.lc	22:56
maswan	MrTorque: you should do @the.nameserver.IP (or name)	22:57
MrTorque	maswan: I thought the system would search locally first (since I am setting up a DNS Server) and then fallback on NS of internet. Or did I misunderstand sth?	22:58
MrTorque	i did upload my configuration files: named.conf.local http://paste.ubuntu.com/1380725/	22:58
sarnold	when you're configuring zone transfers you need to specifically ask the master :)	22:58
maswan	MrTorque: the system searches in whatever is configured in /etc/resolv.conf	22:58
MrTorque	db.yfm.lc http://paste.ubuntu.com/1380726/	22:58
MrTorque	db.192 http://paste.ubuntu.com/1380727/	22:59
maswan	MrTorque: the resolving is totally decoupled from the serving	22:59
MrTorque	maswan: cat /etc/resolv.conf gives: nameserver 80.83.97.38 \n nameserver 80.83.97.38 \n seach lan	22:59
MrTorque	how do I tell my system to first search on localhost?	23:00
maswan	MrTorque: yeah, you'd need to change that to nameserver 127.0.0.1	23:00
MrTorque	how do i do that? and will I be able to resolve internet domains as well?	23:01
maswan	MrTorque: if your local nameserver also resolves internet domains as well (for instance, if the "forwarders" section includes 80.83.97.38 80.83.97.38 like from the help.u.c page)	23:03
MrTorque	maswan: i added a forwarder section with google NS	23:05
maswan	MrTorque: DNS is not really very easy to just add some stuff locally, it fairly strongly assumes a global name tree. Making local additions can be done, but take a bit of work. I usually use a plain /etc/hosts for adding local stuff that isn't in a real zone.	23:05
MrTorque	so how do set my ns to 127.0.0.1?	23:05
maswan	MrTorque: yeah, that should work too.	23:05
maswan	MrTorque: you can start by testing it out with dig @127.0.0.1 www.ubuntu.com	23:05
MrTorque	maswan: that works	23:06
maswan	MrTorque: and also dig @127.0.0.1 axfr yfm.lc	23:06
maswan	to try your local zone	23:06
MrTorque	maswan: my long-term target is to get samba 4 with kerberos running	23:06
MrTorque	yes, that also	23:06
maswan	MrTorque: then you change /etc/resolv.conf so that there is only one "nameserver" line, and that is "nameserver 127.0.0.1"	23:07
MrTorque	I guess that is a good sign	23:07
maswan	unfortunately if you have more than one, it'll just ask one of them. and then sometimes you'd know about your local name, and sometimes it would go "nope, no .lc, doesn't exist" when you hit the other IP	23:08
maswan	it's actually much easier to do with a proper domain and a couple of public IPs	23:08
=== cpg\|away is now known as cpg
MrTorque	grml...	23:10
MrTorque	I sit behind a managed router	23:11
maswan	but did changing the nameserver line work for you locally?	23:11
MrTorque	And I do only have a ssh tunnel...	23:11
maswan	hm. if you want to do samba 4 with kerberos you probably have more than one machine, so instead of 127.0.0.1 I'd probably put in the rfc1918 adress you have on the inside in resolv.conf, then you can have the same on all of them	23:12
MrTorque	I did change /etc/resolv.conf. But i still can not ping yfm.lc	23:13
MrTorque	dig yfm.lc works	23:13
maswan	MrTorque: do you get an A record with an IP back from dig?	23:13
MrTorque	http://paste.ubuntu.com/1380750/	23:14
MrTorque	does not look like an A-entry	23:15
MrTorque	A record	23:15
maswan	yeah, that's a "yup, I can answer for yfm.lc, but there is no A-record there"	23:15
maswan	can you ping ns.yfm.lc?	23:15
maswan	or box.yfm.lc?	23:15
MrTorque	yes, both	23:15
maswan	then the dns setup works, just a matter of adding all the stuff you want to the zone	23:16
maswan	oh, you could also check if reverse works	23:16
maswan	I forget how to do that with dig, but the less precise but more user-friendly tool "host" can do that easily, just host 192.168.100.6	23:17
MrTorque	dig ns.yfm.lc axrf?	23:17
MrTorque	host 192.168.100.6 gives:	23:18
MrTorque	6.100.168.192.in-addr.arpa domain name pointer yfm.lc.	23:18
MrTorque	6.100.168.192.in-addr.arpa domain name pointer ns.yfm.lc.	23:18
maswan	dig @ns.yfm.lc axfr 100.168.192.in-addr.arpa.	23:18
MrTorque	http://paste.ubuntu.com/1380757/	23:19
maswan	ah, that works then. even if it is a bit strange that that IP should have the name "yfm.lc" and the name "ns.yfm.lc"	23:19
myhrlin	hi, is there a way to make PAM use multiple hash functions for passwords?	23:19
maswan	MrTorque: anyway, looks like you have both zones working then for now. "just" a matter of adding the right stuff to them. :)	23:20
MrTorque	but this still is only because I did manually edit /etc/resolv.conf	23:20
maswan	MrTorque: yeah, since you're adding stuff that isn't in the main globally known tree, it will only be known to clients that have been explicitly configured to only ask your name servers	23:21
MrTorque	which will forwad if he does not know either.	23:21
maswan	MrTorque: yeah	23:21
MrTorque	so far so good.	23:21
sarnold	myhrlin: have you seen pam_unix and crypt(3) manpages yet?	23:22
MrTorque	now i need to tell ubuntu to use 127.0.0.1 (himself (or herself?) rather itself...) to resolve names	23:22
maswan	MrTorque: yeah, or 192.168.100.6. other hosts on the same network that also need to resolve yfm.lc also need to be configured to use 192.168.100.6	23:23
myhrlin	sarnold: I have not, looking at them now and it looks like that's all I needed so far -- thanks!	23:23
sarnold	myhrlin: excellent :)	23:24
MrTorque	maswan: yeah, right.	23:24
maswan	MrTorque: Now, I'm a bit hazy on how modern ubuntu does that though. might be something involving network manager or so. On our server installs we ship custom resolv.conf:es that we've carefully written.	23:24
sarnold	MrTorque: if all your networked devices get settings from dhcp, you could have your dhcp server tell them which dns server to use	23:25
maswan	that's true, for a dhcp network that'd be the good place to configure it	23:26
MrTorque	sarnold: that would be awesome! I would not need to configure all the clients manually :)	23:28
MrTorque	can I somehow give prioritys for the nameservers?	23:31
maswan	hm. maybe. "If there are multiple servers, the resolver library queries them in the order listed. " but I'm not sure on how reliable that is	23:32
MrTorque	I added dns-nameservers 192.168.100.6 to /etc/network/interfaces but in resolv.conf the two NS from my ISP are on the top	23:32
maswan	that's from the manpage of resolv.conf	23:33
maswan	My experience is that you shouldn't mix	23:33
MrTorque	maswan: yes, I experience that too. ohm, yes, and it tells to add dns-nameservers to /etc/network/interfaces :)	23:34
maswan	anyway, there I'm not very experty and I'm also off for other things, 'later!	23:39
MrTorque	maswan: thank you very much for being so patient with me and I have a working dns now :)	23:46
MrTorque	sarnold: thank you also very much.	23:46
sarnold	MrTorque: I'm glad maswan came around :) recent experience wins every time :)	23:47

Generated by irclog2html.py 2.7 by Marius Gedminas - find it at mg.pov.lt!