[00:58] <vjacob> hiya. what kind of pros/cons can you think of either in favour or against a free (open-source) NAS box for a home file (media) server as opposed to a more general purpose distribution such as Ubuntu Server?
[01:03] <PatrickDK> if you can't answer that, a nas distro it is for you
[01:04] <vjacob> PatrickDK: good point, takker :)
[01:05] <PatrickDK> the main thing that trumps all that, is your personal knowledge, and how much you want to mess with it
[01:50] <hallyn> lifeless: oh, sorry, is that your question :)  you need to install the qemu-kvm-spice package, then run kvm-spice instead of just kvm
[01:50] <hallyn> make sure to add '-enable-kvm' to the options, otherwise use the same options you've been using
[01:53] <hallyn> lifeless: using virt-manager, at the end of the wizard you can click 'advanced options', go to 'display vnc', and then choose spice instead of vnc
[02:00] <lifeless> hallyn: ok, and virt-manager knows to run qemu-kvm-spice ?
[02:01] <lifeless> hallyn: (and thanks!)
[02:27] <pmp6nl> Should iptables be blocking dns packets?
[02:28] <patdk-lap> sure, if you told it to
[02:29] <pmp6nl> it is, but is it suppose to be doing that.  Is it good or bad? patdk-lap - thanks
[02:33] <patdk-lap> pmp6nl, only you can answer that
[02:34] <pmp6nl> do you block dns patdk-lap ?
[02:34] <patdk-lap> if you told it to, yes, it shoudl block it, or it would be a pretty lousy filter
[02:34] <patdk-lap> is it good or bad? dunno, who told it to would have to answer that
[02:34] <patdk-lap> yes and no
[02:34] <patdk-lap> your asking the wrong questions
[02:35] <pmp6nl> ok, so what would the point be of dns contacting the server?
[02:35] <patdk-lap> heh?
[02:35] <patdk-lap> to resolve domain names
[02:35] <patdk-lap> as that is what dns does
[02:35] <patdk-lap> stupid question
[02:35] <pmp6nl> Yes, but i have a separte dns server
[02:35] <patdk-lap> like of like asking, what is the point of running an http server
[02:35] <pmp6nl> well thanks for being super helpful patdk-lap
[02:36] <patdk-lap> trying, but your questions are ultra roundabout
[02:38] <pmp6nl> how can someone ask a more specific question if they are trying to learn it and dont know how to ask more specifically?  If I am on a VPS does the host server (which is what controls the dns) need to contact my vps specifically
[02:39] <patdk-lap> yes
[02:39] <patdk-lap> how else will you be able to lookup dns entries?
[02:40] <patdk-lap> if you reject all replies?
[02:40] <patdk-lap> atleast this time you asked a specific question
[02:42] <pmp6nl> Well everything has been working fine for 8 months...
[02:43] <patdk-lap> depending on how it is setup, if your using conntrack, it will attempt to match outgoing and incoming udp packets so it will work
[02:44] <pmp6nl> humm, that must be what its doing then. Ill research this more. THanks
[02:44] <patdk-lap> but that can also have large memory usage effect if you do a lot of udp
[02:47] <pmp6nl> might be, trying to figure out what is using so much memory.  Though it looks like apache
[03:32] <vjacob> is it possible to change the cipher of the disk encryption post-install?
[03:33] <vjacob> hi. is it possible to change the cipher of the disk encryption post-install?
[05:14] <jotterbot1234> has anyone here had a go at trying to run an Adobe Update Server on ubuntu?
[05:14] <jotterbot1234> specifically AUSST which they say can run on linux
[06:48] <grendal-prime> oi
[06:48] <grendal-prime> soooo is there a reason that the vncserver that is integrated into the os is so...well...sucky?
[06:49] <grendal-prime> and if so can i point that fancy front end to use like the x11vnc server?
[08:41] <luminous> do you need to "register" services with upstart?
[08:41] <luminous> I have an upstart init script from a package contrib (uwsgi), it's pretty simple, has the same perms as everything else in /etc/init, but upstart fails to recognize it when I try `service uwsgi start`
[08:42] <luminous> start: Unknown job: uwsgi
[08:42] <luminous> -_-
[08:43] <jodh> luminous: Try init-checkconf - http://upstart.ubuntu.com/cookbook/#init-checkconf
[08:44] <jodh> luminous: ...and try using the upstart commands, rather than the SysV ones: 'start uwsgi'.
[08:51] <luminous> it keeps changing I didn't know there where new commands
[08:51] <luminous> HAH, cannot run as root?
[08:52] <luminous> ERROR: failed to ask Upstart to check conf file
[08:53]  * luminous thanks ini-checkconf for the details
[08:53] <luminous> jodh: `start uwsgi` fails with the same error.. "start: Unknown job: uwsgi"
[08:54] <luminous> I shall consider this system broken and redeploy :)
[08:54] <luminous> thanks to salt and the cloud!
[08:55] <jodh> luminous: you are probably running in a console environment: there is a fix in the pipeline, but dbus changed its behaviour recently. You need to start a dbus-daemon whilst init-checkconf runs: eval `dbus-launch --auto-syntax`
[08:56] <jodh> luminous: as an alternative, you can put upstart into debug mode, touch the problematic file and look at the system log. It will show if the job in question failed to parse. To do this: 'initctl log-priority debug && touch /etc/init/uwsgi.conf && tail /var/log/syslog'
[09:05] <balboah> bash: /sbin/reboot: Input/output error
[09:05] <balboah> yay for dead drive
[09:05] <luminous> sweet, I would not have identified the log-priority so quickly. that is a nice trick
[09:59] <frojnd_> Hi there.
[10:00] <frojnd_> I keep getting this in /var/log/auth.log Accepted publickey for git from IP port 56006 ssh2 even though I've set port for ssh 10022, does that mean that user is typing in wrong port command?
[10:12] <RoyK> frojnd: iirc that just means it came from port 56006, that being the source port
[10:31] <frojnd> ah ok.
[10:31] <frojnd> One more question about ~/.ssh and everything iside it
[10:32] <frojnd> Every computer should have chmoded ~/.ssh like this chmod 700 ~/.ssh && chmod 600 ~/.ssh/* correct me if I'm wrong?
[10:32] <remix_tj> frojnd: no, correct
[10:32] <remix_tj> only owner has to access .ssh
[10:44] <frojnd> reverse mapping checking getaddrinfo for abts-north-dynamic*.in [122.161.*] failed - POSSIBLE BREAK-IN ATTEMPT! Why does this upper case say possible break in?
[10:46] <frojnd> The user only tried to commit through git for 5 times
[11:07] <mathi> hello
[11:09] <mathi> I try to install ubuntu server from my external hard drive (through usb), the problem is that the installation steps asks me to mount from CD-ROM
[11:09] <mathi> there is a workaround: http://demtrex.wordpress.com/2011/04/04/work-around-the-cd-rom-detection-issue-when-installing-ubuntu-server/
[11:10] <mathi> but for me it doesn't suggest me to "Manually select a CD-ROM module and device"
[11:10] <mathi> I am trying t install version 12.10 by the way
[12:26] <frojnd> Any ideas on that reverese mapping?
[12:27] <frojnd> http://scottlinux.com/2012/03/07/troubleshooting-ssh-server-logs-and-error-messages/ <- Next one, connecting client has no or bad reverse DNS (PTR). Does not necessarily mean you have a ‘break-in attempt’.
[12:27] <frojnd> ok, I'm good
[13:45] <rideh> Updated mongo but now using service reports its an "unknown instance"
[13:52] <CPrompt^> I have a fresh install of server 12.10.  I set up a virtual host in the "sites-available" that points to a directory in my home directory (/home/user/www).  Every morning when I try to access the site, the permissions are set so I get a "Forbidden".  I chmod it to 755 and all comes back.
[13:52] <CPrompt^> What could be causing this?  All it is, is a LAMP server running a Wiki
[13:52] <CPrompt^> there are no scripts that are running and I am the only one that has access to it
[13:53] <rideh> did you use a stack script to install 12.10?
[13:54] <rideh> can you run apache as the user?
[13:54] <CPrompt^> rideh: I just let it install everything as normal, yes
[13:55] <CPrompt^> not sure about running apache as the user.  I guess I could but that depends
[13:57] <CPrompt^> i'll change the user in the apache.conf and see what happens.  Unfortunatley it will probably be tomorrow before I find out if it works  LOL
[13:59] <rbasak> zul: hey. May I take the logwatch merge please?
[13:59] <rbasak> (seems straightforward enough
[13:59] <rbasak> )
[13:59] <zul> rbasak: you dont even have to ask
[13:59] <rbasak> Thanks!
[14:01] <CPrompt^> rideh: thanks.  I think that actually did the trick
[14:02] <apw> are we aware of network manager stomping on virbr0 on raring hosts ?
[14:27] <hallyn> lifeless: right, it (virt-manager) should then DTRT
[14:52]  * apw has had to add 'iface virbr0 inet manual' to /etc/network/interfaces to keep my bridge working
[15:03] <hallyn> apw: oh?  i thought that bug was fixed on friday?
[15:04] <hallyn> yup, at least lxcbr0 is running fine on my raring box with n-m still running
[16:29] <hallyn> stgraber: how had you created that VM?  You manually in virt-manager clicked the cpu features you wanted?
[16:33] <stgraber> hallyn: I never manually selected cpu flags, so my guess is that virt-manager did that for me at some point
[16:33] <hallyn> zul: ^ (see Laney and stgraber above) I'm not sure yet, but we may need some changes to libvirt to accomodate the switch from qemu-kvm to qemu
[16:34] <zul> hallyn: ack
[16:40] <hallyn> stgraber: wait a sec.  you're using qemu-kvm-spice in that paste.  which has not changed
[16:41] <hallyn> oops, wrong chan eh
[16:55] <Combatjuan> Hello, how do I go about determining if this kernel bug https://bugzilla.kernel.org/show_bug.cgi?id=42981 has been patched in my ubuntu kernel (linux-image-3.2.0-35).  Does the -35 map directly to the upstream revision?
[16:57] <mathi> I can't install Ubuntu Server because it blocks at this step: Configure the package manager
[16:57] <mathi> the last things it says is: Scanning the mirror
[16:57] <mathi> and then it goes back to the Ubuntu installer main menu
[16:59] <mathi> anyone ?
[17:05] <RoyK> mathi: never seen that one - can you resolve/ping an internet host like google.com from the commandline? just press alt+left to switch to a console
[17:05] <mathi> RoyK, it says, google is alive
[17:07] <mathi> RoyK, at about 21%, it goes directly back to "Ubuntu installer main menu"
[17:07] <rbasak> mathi: in the menu, go down to save debug logs and pastebin them?
[17:07] <mathi> ok second
[17:09] <mathi> syslog:   http://pastebin.com/raw.php?i=Nzn4PTgc
[17:10] <mathi> hardware-summary:   http://pastebin.com/raw.php?i=JTGRVsLB
[17:10] <mathi> partman:    http://pastebin.com/raw.php?i=m7AEp2TT
[17:12] <mathi> rbasak, ^
[17:12] <RoyK> mathi: which version of ubuntu is this?
[17:12] <mathi> RoyK, Ubuntu Server 12.10
[17:13] <mathi> ubuntu-12.10-server-amd64.iso
[17:13] <RoyK> dunno - I've hardly installed 12.10...
[17:13] <RoyK> not sure if it'll solve it, but I'd recommend using LTS releases like 12.04 for servers
[17:14] <RoyK> I always do, unless it's a test site and I want to test something new and fancy
[17:14] <mathi> RoyK, but 12.10 is a stable release, no ?
[17:14] <RoyK> it's stable, but not long term support
[17:14] <RoyK> !lts
[17:14]  * qhartman also uses only LTS releases on servers
[17:15] <mathi> ok, i'll go for that because I tried to install Ubuntu server for more than 4 hours, without success
[17:15] <RoyK> and LTS is generally more stable over time, and is *generally* better kept after by canonical
[17:15] <mathi> ok thanks I'll try right now:)
[17:15] <RoyK> that's a lot of time trying to setup ubuntu...
[17:15] <resno> if you had to allow ftp access which server would you use?
[17:15] <qhartman> It can be a pain if the release you're using leaves support and PPAs you are using drop it.
[17:16] <RoyK> mathi: what sort of server is this?
[17:16] <rbasak> mathi: not sure if wget is available to you in the recovery shell, but if it is, can you try "wget http://archive.ubuntu.com/ubuntu/dists/quantal/Release" and check that you get sensible data?
[17:16] <mathi> RoyK, i want to make an asterisk server (ipbx)
[17:16] <RoyK> oh
[17:16] <rbasak> mathi: apart from that I'm not sure, sorry. It still sounds like a network issue, but I've not seen it before.
[17:17] <mathi> rbasak, I already shut down, I am going to follow the advices here, to install LTS. except if you are really interested, I can start the server again and check for you
[17:17] <RoyK> well, are you going to use the asterisk version in the repos, or build from source?
[17:17] <RoyK> the one in the repos is rather old
[17:17] <rbasak> mathi: OK no problem. Go ahead with the LTS attempt
[17:17] <mathi> RoyK, i'll install asterisk 11
[17:17] <mathi> quite new release
[17:18] <RoyK> k
[17:18]  * RoyK used to work with asterisk for three years, some 4 years ago, and isn't allowed to use the needed vocabulary for asterisk pbx in this channel
[17:19] <mathi> well downloading the 12.04, gonna have a rest, be back later to keep you up to date for this apt issue
[17:19] <mathi> RoyK, why? :-)
[17:19] <RoyK> !language
[17:20] <mathi> ahaha I just got the joke
[17:21] <RoyK> mathi: it's probably been cleaned up a bit since then, but I know uninett.no still sticks to 1.4 for their service for norwegian universities and colleges because of new bugs
[17:37] <qhartman> I had much better luck working with the sipX IP PBX stuff than Asterisk.
[17:37] <qhartman> But it's been multiple years since I mucked with it as well.
[17:38] <RoyK> qhartman: dunno if sipx can do all of what asterisk can, though
[17:39] <RoyK> guess it depends what you need
[17:39] <qhartman> RoyK, True, it doesn't do Voicemail and that sort of thing. I was working with it to integrate voip stuff into an existing legacy PBX system.
[17:39] <qhartman> IT was not standalone
[17:39] <qhartman> But sipX was much easier to get going and less quirky than Asterisk
[17:40] <RoyK> if it's just a sip proxy you need, I guess SER/OpenSER/SpenSIPS would do better than asterisk
[17:41] <RoyK> s/Spen/Open/
[19:22] <dokg> I am trying to boot from a USB external hard drive. It works for Ubuntu 12.10, but doesn't for the 12.04 LTS release
[19:23] <dokg> I get for the latter, the error: "No DEFAULT or UI configuration directive found!"
[19:23] <dokg> rbasak, still here ? :$
[20:00] <raub> Quicn-n-easy question: shouldn't the reverse zone entry (in named.conf.local) for 172.16.101.64/27 look something like zone "64-27.101.16.172.in-addr.arpa" IN { [...] }; ?
[20:23] <frojnd> Hi there.
[20:24] <frojnd> When I perform sudo apt-get update && sudo apt-get upgrade It says: The following packages have been kept back: linux-generic linux-headers-generic linux-image-generic and the following will be upgraded: dpkg dpkg-dev libdpkg-perl libfreetype6 linux-libc-dev
[20:24] <frojnd> it keep em back all the time, where is set this?
[20:27] <RoyK> frojnd: what version?
[20:27] <frojnd> RoyK: 12.4
[20:27] <RoyK> it really shouldn't hold back linux-generic and friends
[20:27] <RoyK> report a bug
[20:30] <maxb> Really?
[20:30] <maxb> Surely this is far more likely to be a artifact of the peculiarities of packages installed on this system than a bug?
[20:31] <maxb> The packages could be on hold status, or there could be some kind of other dependency holding them back
[20:31] <frojnd> maxb: where do I check if it's on hold status?
[20:31] <maxb> 'dpkg -l linux-generic linux-headers-generic linux-image-generic', look at the first column
[20:32] <frojnd> I already got server  when it was installed alreeady
[20:32] <frojnd> maxb: it's ii for all three
[20:32] <maxb> Not on hold, then.
[20:32] <frojnd> 3.2.0.31.34
[20:32] <frojnd> They are all this version
[20:33] <frojnd> http://paste.ubuntu.com/1556497/
[20:33] <maxb> I'd guess some other package dependency holding the others back
[20:33] <frojnd> is there a log for apt?
[20:33] <maxb> Current is 3.2.0.36.43
[20:33] <frojnd> But that's just an speculation and blind guessing
[20:34] <maxb> Oh, of course they're held back
[20:35] <maxb> plain 'upgrade' only upgrades packages which don't require new packages to be installed to satisfy dependencies
[20:35] <maxb> The whole point of those linux packages mentioned is to cause the installation of new kernel package version/names, by dependency
[20:36] <frojnd_> maxb: if you wrote something I didn't receive due to change of IP...
[20:36] <maxb> 20:34 < maxb> Oh, of course they're held back
[20:36] <maxb> 20:35 < maxb> plain 'upgrade' only upgrades packages which don't require new packages to be installed to satisfy dependencies
[20:36] <maxb> 20:35 < maxb> The whole point of those linux packages mentioned is to cause the installation of new kernel package version/names, by dependency
[20:37] <frojnd_> ok
[20:37] <frojnd_> so when other packages will need upgrade so will those three
[20:37] <frojnd_> if I understand this correctly?
[20:38] <maxb> Um. I don't really understand what you're trying to say, but I think the answer is "No."
[20:39] <maxb> What you need to do, is to read the descriptions of 'upgrade' and 'dist-upgrade' in the apt-get manpage
[20:39] <maxb> That explains the difference pretty well
[20:40] <patdk-wk> upgrade only installs current stuff
[20:40] <patdk-wk> dist-upgrade installs NEW stuff
[20:41] <frojnd_> aha
[20:41] <frojnd_> I see
[20:44] <Quest>  what are the different foip fax over ip software
[20:45] <frojnd_> In practice what's more secure upgrade or dist-upgrade? For people who has been using ubuntu-server for more then 6months?
[20:49] <mdeslaur> you need to use dist-upgrade to get all the security updates
[20:51] <frojnd> mdeslaur: I was concinred about that if I do dist-upgrade I might upgrade release, but then I found out that this could be done if I had modified /etc/apt/sources.list and also that this is now know as full upgrade not release upgrade
[20:51] <frojnd> this is now known as full upgrade
[20:51] <RoyK> mdeslaur: erm, shouldn't an upgrade get all the security updates, while dist-upgrade would get the low-priority upgrades?
[20:52] <stgraber> RoyK: no, dist-upgrade just means that in the event where an extra package needs to be installed or removed to satisfy the upgrade, apt will do so
[20:52] <stgraber> RoyK: upgrade (also known as safe-upgrade) will never add or remove a package on your system and will instead prevent any package the would pull or remove packages from getting installed
[20:53] <mdeslaur> In stable releases, it should be fine to always use dist-upgrade. In the dev release, you have to be careful, and possibly use upgrade sometimes when the archive is in a state of flux.
[20:53] <frojnd> linux-headers-3.2.0-36 linux-headers-3.2.0-36-generic linux-image-3.2.0-36-generic <- this requires reboot, is there a workarouind?
[20:54] <stgraber> you can install them now, it won't force you to reboot, though you won't get the fixes (and potential security fixes, I don't know that particular version) until you reboot
[20:54] <frojnd> stgraber: so the only way is to reboot
[20:55] <mdeslaur> RoyK: occasionally security updates do have to pull in a new package, so if you're not using dist-upgrade, you're missing out.
[20:55] <stgraber> frojnd: usually any package update requires the affected software to be restarted, when that's the kernel, it means a full system reboot
[20:55] <frojnd> stgraber: roger that.
[20:55] <frojnd> Let's time it then
[20:56] <stgraber> ksplice allows you to apply some fixes online without reboot but that's an external service provided by Oracle and I'm not sure we actually support it in any way (and I've had quite a few weird kernel bugs caused by it in the past)
[20:56] <RoyK> frojnd: it doesn't require an immediate reboot, but one to replace the running code
[20:57] <Quest>  what are the different foip fax over ip software
[20:57] <frojnd> RoyK: yeah I know that but eventually I have to do it. I might as well do it now when noone is wokring on it
[20:58] <RoyK> Quest: foip is fax over ip using T.38 which is rather tricky, since T.38 is a rather wide standard
[20:58] <frojnd> stgraber: ah yeah that.
[20:58] <RoyK> fax over ip is just foip
[20:58] <RoyK> or perhaps a scan-email-gateway
[21:00] <Note> Hello, I am having problems adding a repository
[21:00] <Note> I get add-apt-repository: command not found
[21:00] <Note> I added python-software-properties
[21:00] <Note> but I still get the same erro
[21:00] <Note> r
[21:01] <RoyK> Quest: the timing in t.38 must be really strict for T.30 traffic to get through well
[21:01] <RoyK> Note: google that ;)
[21:02] <Note> I did, and every google search says add python software properties
[21:02] <Note> I added it and installe
[21:02] <Note> And I still get command not found
[21:02] <frojnd> I have GRUB_TIMEOUT=10 in /etc/default/grub in what should I change it to reserve seconds?
[21:02] <RoyK> Note: python-software-properties installed?
[21:02] <Note> RoyK, yes
[21:02] <frojnd> But GRUB_DEFAULT=0
[21:03] <Note> Setting up python-software-properties (0.92.9) ...
[21:03] <Note> root@vps:~# sudo add-apt-repository ppa:nginx/stable
[21:03] <Note> sudo: add-apt-repository: command not found
[21:03] <Note> root@vps:~# sudo apt-get install python-software-properties
[21:03] <soren> roaksoax: Are you able to stop by #ubuntu-meeting to talk about your SRU request?
[21:04] <Note> RoyK,
[21:04] <Note> python-software-properties is already the newest version.
[21:04] <Note> 0 upgraded, 0 newly installed, 0 to remove and 0 not upgraded.
[21:04] <Quest> RoyK,  how do i know i have t38 support? i have asterisk pbx runing
[21:05] <Note> nevermind
[21:05] <Note> i was doing add-apt
[21:05] <Note> its apt-add
[21:05] <Note> doh!
[21:05] <Note> hm, that didn't work either
[21:05] <soren> roaksoax: Oh, it's not on the agenda anymore. Never mind.
[21:06] <RoyK> Quest: well, asterisk is supposed to have some t.38 support, but even with spandsp (some 4 years ago), it didn't work properly. Steve Underwood, who wrote spandsp, didn't want to commit his code to Digium's regime, so digium apparently took some of it and wrote their own stack. Better ask on #asterisk for more info
[21:07] <Quest> thanks
[21:08] <RoyK> Quest: Digium isn't playing nicely with GPL - they apparently take pure GPL code and pour into asterisk, which is dual licensed
[21:08] <frojnd> Omg
[21:08] <Quest> hm
[21:08] <frojnd> 2minute s12 seconds boot time
[21:09] <frojnd> 2minutes 19seconds from the moment I run sudo reboot :o
[21:09] <frojnd> This a lot don't you think?
[21:10] <RoyK> frojnd: depends what sort of disk you've got and how many services running, and how slow the BIOS is
[21:11] <RoyK> frojnd: better time it from the time you hit enter in grub and to the login prompt
[21:12] <frojnd> RoyK: I don't have pysical access.. it's dedicated server
[21:12] <frojnd> Let me find out what disks I really have
[21:14] <RoyK> frojnd: no bmc/drac/ipmi/something?
[21:14] <frojnd> RoyK: where?
[21:14] <frojnd> RoyK: hdparm -I /dev/sda http://paste.ubuntu.com/1556630/
[21:15] <RoyK> frojnd: some (or most?) servers have possibilities for remote access when the OS is down
[21:15] <frojnd> RoyK: I can remotely go to rescue mode
[21:15] <frojnd> if I *mess* something up
[21:15] <hallyn> stgraber: hm, did i never send the patch to lxc-devel to close the rootfs.hold fd?  i thought i sent it last week...  but not seeing it in my mbox
[21:16] <RoyK> erm... why that hdparm output? it doesn't say much
[21:16] <RoyK> frojnd: smartctl -a may say a bit more if you're afraid of hardware errors
[21:16] <frojnd> RoyK: I'm not but I can perform it
[21:16] <frojnd> they keep backups..
[21:17] <frojnd> I mean it's in raid
[21:17] <RoyK> frojnd: you're not what?
[21:17] <frojnd> :D
[21:19] <stgraber> hallyn: I think you did, I just haven't reviewed it yet. Let me check
[21:19] <stgraber> hallyn: "[PATCH] don't leak the rootfs.pin fd into the container"
[21:20] <hallyn> stgraber: phew.  ok.  no hurry, i just wanted to make sure i didn't forget to send it.
[21:21] <stgraber> hallyn: reviewed and acked. Pushing to staging now
[21:21] <stgraber> hallyn: I think I also still have something to review on the per-container logfile stuff
[21:22] <hallyn> stgraber: perhaps not, bc i pushed one or two myself
[21:22] <hallyn> (since the pile ws becomign confusing)
[21:22] <hallyn> just sent the first patch (of probably 3) for lxc-attach for user namespaces
[21:23] <frojnd> RoyK: http://paste.ubuntu.com/1556652/
[21:23] <frojnd> RoyK: read speeds are ok
[21:23] <RoyK> frojnd: what raid config was this? is this write?
[21:24] <frojnd> sudo hdparm -tT /dev/sda
[21:24] <frojnd> ah raid
[21:26] <RoyK> 100MB/s to a single drive is ok
[21:26] <frojnd> I only run a few services
[21:27] <RoyK> well, then don't bother about I/O
[21:27] <RoyK> what you get here is sufficient
[21:27] <frojnd> pstree: http://paste.ubuntu.com/1556670/
[21:28] <RoyK> what about it?
[21:28]  * RoyK flags n00b
[21:28] <frojnd> just to see how many services server is running
[21:29] <RoyK> ps faxw is probably better for showing what's on
[21:30] <frojnd> http://paste.ubuntu.com/1556675/
[21:32] <frojnd> not much :P
[21:36] <frojnd> Can you suggest me some good security tutorials for admins?
[21:37] <RoyK> first of all, don't install more services than needed
[21:37] <RoyK> second, use ufw to open only needed ports
[21:37] <frojnd> RoyK: that is already done
[21:37] <RoyK> third, use something like denyhosts to block ssh worms and such
[21:37] <RoyK> that covers most
[21:38] <RoyK> well, of course, use common sense in choosing passwords
[21:38] <RoyK> long ones are good
[21:38] <RoyK> http://xkcd.com/936/
[21:40] <patdk-wk> heh, anything >12chars is reasonably secure currently
[21:40] <patdk-wk> I'm more into the 20-30 length though
[21:40] <RoyK> that xkcd thing is rather good, though
[21:40] <patdk-wk> yep
[21:40] <frojnd> where do you store it? keepassx or similar?
[21:40] <frojnd> RoyK: it's great :)
[21:40] <patdk-wk> I had a website today that required 9 letters only, not 8 or 7, or 10, but exactly 9
[21:40] <patdk-wk> I use keepass :)
[21:40] <RoyK> frojnd: no need to store a password you can remember
[21:41] <frojnd> RoyK: true that :)
[21:41] <frojnd> RoyK: but when you have a lot passwords :D
[21:41] <frojnd> and I mean 20+
[21:41] <patdk-wk> royk, even after using a different password for 50+ websites?
[21:41] <frojnd> thigs starts to get interesting..
[21:41] <RoyK> then I use keepassx for the less secure ones
[21:41] <frojnd> hehe
[21:41] <frojnd> do you extra encrypt it?
[21:41] <RoyK> well, I store the keepassx data on an encrypted partition :P
[21:42] <frojnd> what if you forget to power off that hard drive :P
[21:42] <RoyK> it should be consistent enough
[21:42] <RoyK> so long as keepassx hasn't done anything recently
[21:43] <frojnd> mhm
[21:43] <RoyK> and I have backups...
[21:43] <RoyK> encrypted, of course
[21:43] <frojnd> RoyK: do you upload the to clouds too? like dropbox or now "mega"
[21:43] <frojnd> or only other secure serveres
[21:44] <RoyK> tertiary backups goes to crashplan, which is said to be encrypted
[21:44] <RoyK> dunno how true that is, but really, I hope I don't have to find out
[21:55] <frojnd> heh
[21:55] <frojnd> denyhosts is slick
[21:56] <frojnd> I'm looking how to configure it but I see now that it configures everything by some rules
[21:56] <patdk-wk> royk, they are encrypted fine
[21:56] <patdk-wk> but if someone else uploads the *same* file, they will know what *your file* is
[21:56] <patdk-wk> but unless there is a dup match, it's prefectly secure
[22:09] <mathi> RoyK, I finally tried to install 12.04 LTS, but it fails earlier in the installation process : Configure the network. Network authentication failed. Your network is probably not using the DHCP protocol. Alternatively, the DHCP server may be slow or some network hardware is not working properly
[22:09] <mathi> I suspect it's the latter possibility mentionned, as it worked nicely in 12.10
[22:09] <mathi> maybe 12.04 cannot detect my wireless card :(
[22:10] <mathi> what should I do in this case ?
[22:12] <patdk-wk> just don't bother, setup wireless after it's installed
[22:13] <mathi> patdk-wk but I already installed ubuntu server without internet and I gave up ...
[22:13] <mathi> because too many problems afterwards
[22:15] <sander__> Do any brand ship servers preinstalled with ubuntu-server?
[22:31] <mathi> why can't Ubuntu see my wireless card ? :( why on Windows I never have that problem
[22:31] <mathi> sigh
[22:34] <Fleck> mathi: lspci + google
[22:36] <Fleck> or lsusb if USB wireless card
[22:49] <mathi> omg... Ubuntu Server 12.04 gives same error as 12.10 at installation for me
[22:49] <mathi> it just doesn't go beyond "Configure the package manager"
[22:49] <mathi> Scanning the mirror...
[22:50] <mathi> and goes back to main menu
[22:50] <mathi> ok I think i'm done with this os
[22:50] <RoyK> try installing without setting an ip address
[22:50] <RoyK> might be something bad with the installer on your hardware
[22:50] <mathi> RoyK, i skipped the network part
[22:50] <RoyK> ok
[22:51] <mathi> because 12.04 couldn't conect on the internet
[22:51] <mathi> I will install Lubuntu and i'll see of it gets any better ...
[22:51] <RoyK> mathi: I've installed ubuntu without networking a few times
[22:51] <RoyK> mathi: is this a vm?
[22:52] <mathi> RoyK, no
[22:52] <mathi> it's a ZOTAC computer
[22:52] <mathi> ZOTAC ZBOX SD-ID12 - Intel Atom Dual Core D525 Intel GMA 3150 Wi-Fi N
[22:52] <RoyK> never heard of the brand
[22:53] <RoyK> cabled networking somehow?
[22:53] <mathi> http://www.techfresh.net/wp-content/uploads/2011/08/Zotac-ZBOX-SD-ID12-U-Barebone-Mini-PC-11.jpg
[22:53] <mathi> RoyK, i don't have cable, only wifi
[22:53] <mathi> i could ... but i should move all my stuff
[22:54] <RoyK> try disabling wifi in the bios
[22:54] <RoyK> iirc wifi support in the installer isn't too good on the server platform
[22:55] <RoyK> works well with manual config, though
[22:55] <RoyK> good luck - I'm off to bed
[22:56] <mathi> RoyK, the manual config asks domain name etc
[22:56] <mathi> quite strange
[23:12] <Shogoot_ofwork> Hi people. Im setting up my first Ubuntu-server. I was wondering if im going to use RAID, and need to ask. The laptop im using as server has a 166 GB drive and i have a 500GB second hd attached to it. does it make nay sense to use RAID1, would the effect be that i only would have a 166GB Hd to write to? as the necesarily mirror each other?
[23:13] <bradm> Shogoot_ofwork: correct, raid1 needs to have same sized paritions to work with - I guess you could partition off the > 166G part of the external disk and use it, but I haven't done that before.
[23:15] <Shogoot_ofwork> ok thanks. i guess its a no go, as i the data on the resting 334GB of the second drive would not have the backup i want it to have if using RAID1
[23:16] <bradm> wait, raid is _not_ backup.
[23:16] <Shogoot> its a mirror its what i meant ;)
[23:16] <bradm> but, yes, the rest of the disk wouldn't be protected.
[23:17] <Shogoot> bradm, thanks for the help
[23:59] <Note> Hello, I have a VPS running nginx, mysql and php, I have created a contact form that links to a .php document enabling visitors to send messages using the website and for me to receive the message sent from the website
[23:59] <Note> however, i am not receiving the email, i think it is down to my server
[23:59] <Note> what do i need to install for my server to be able to forward the mail on?