/srv/irclogs.ubuntu.com/2013/02/27/#ubuntu-server.txt

trevorjadam_g: it also works fine if I just use hosts: files dns mdns4 in nsswitch.conf00:00
=== wedgwood is now known as wedgwood_away
trevorjadam_g: but that would break some people's ability to use mdns as some nasty ISPs have a .local domain in their DNS zones00:01
adam_gtrevorj, i think the MAAS domain name is configurable?00:03
trevorjadam_g: I configured it, the DNS part works fine00:04
trevorjadam_g: the problem is in nsswitch.conf you have this by default: hosts:          files mdns4_minimal [NOTFOUND=return] dns mdns400:05
trevorjadam_g: since the [NOTFOUND=return] is there, it never checks anything below .local if avahi can't resolve it00:05
trevorjadam_g: which it cannot since it's a subdomain of .local and not just avahi's default of .local00:05
trevorjadam_g: would it be best if I change avahi-daemon's domain to my real subdomain of .local? But then what if I want a DNS address for that to be resolvable that's not avahi published?00:06
sarnoldI think everyone just gave up fighting .local and switched to .priv or .intern or something else :(00:07
trevorjlol00:08
trevorjkind of hard for me to switch at this point =(00:08
trevorjDo people really use multiple avahi domains?00:10
patdk-lappeople really use avahi?00:11
trevorjlol, right00:11
sarnoldheh, yeah, to my knowledge, no one _uses_ it.00:11
=== sagaci is now known as jpickett
patdk-lapthe only thing I ever see using it is, airprint00:12
sarnoldbut perhaps living the Apple Lifestyle or sometihng it'd be handy?00:12
trevorjI guess I really don't mind disabling it I just don't want some package to pull in avahi-daemon and much up my resolves one day00:12
sarnoldthat sounds like a healthy fear :)00:12
trevorjI should really just fix nsswitch.conf, which is why I have the post-install config question to begin with ;)00:13
tyson_trevorj: Now that I have done it what should the address be? my dns:ip:port??00:41
trevorjtyson_: to access it externally?00:43
tyson_trevorj: yes00:43
trevorjtyson_: your external IP:port00:44
trevorjtyson_: unless you use ddns or something00:44
trevorjtyson_: ssh is -p for port00:44
trevorjtyson_: 22 is default00:44
tyson_trevorj: I usualy do it indoors with ssh -l user ip or ssh user@ip00:44
trevorjtyson_: I recommend to setup ssh key auth if you're making this externally accessible00:45
tyson_trevorj: ok, thank you.00:45
trevorjtyson_: you also may be interested in fail2ban to block all those chinese ssh attackers00:46
genii-aroundAlternately move ssh to some other high numbered obscure port00:47
tyson_trevorj: lol... really ??? i'm gonna be honest... there is nothing on that server other then movies and photos.... are Chinese really into ssh? how does that fail2ban work?00:48
trevorjtyson_: they just try random IPs by brute forcing passwords00:48
tyson_genii-around: I did think about that]00:48
trevorjtyson_: I had a box get cracked with a 32 char random password once00:48
trevorjtyson_: took 5 years of brute forcing but they got in00:48
tyson_damn00:49
trevorjtyson_: nah wait, it was probably 16 chars, I think thats when I convinced my boss to move to ssh key auth for everything and 32 chars00:49
trevorjtyson_: but still00:49
tyson_trevorj: so, if i got it right, the fail2ban puts the ip on a ban list after a certain amount of attemps, right?00:50
genii-aroundtyson_: fail2ban will put their ip temporarily into hosts.deny after a certain amount of failed login attempts.00:50
trevorjIt will add a reject iptables rule00:50
tyson_genii-around: lol... that happened to me with my website server.... very nice.... couldn't access it through the weekend00:51
trevorjtyson_: I access them from a different IP when that happens01:04
trevorjtyson_: hell, hop on tor even ;)01:04
tyson_trevorj: I had to, from my ipad 3G01:05
trevorjtyson_: sounds fun, I love tablet ssh01:05
trevorjtyson_: really like the keyboard </sarcasm>01:05
trevorjtyson_: very handy though01:06
tyson_trevorj: it helps with the kids... when I tell them to turn them off and they don't... I DO IT MYSELF01:06
trevorjahaha01:06
tyson_trevorj: but sometimes I get the karma, just like now.... I am trying to do what you gays told me, reboot the server and can not access it now...01:07
trevorjwonderful typo01:07
tyson_trevorj: oh well, gotta plug in the mouse and keyboard nd get on with it01:07
trevorjtyson_: what did you do on it?01:08
trevorjtyson_: ssh key auth and/or fail2ban?01:08
trevorjtyson_: or high port, etc etc01:08
tyson_trevorj: the update, upgrade, then the nameserver change01:08
trevorjah01:08
trevorjfun stuff01:08
tyson_trevorj: then started with ports and allowences01:09
trevorjtyson_: I always hate that moment, when you realize you need a keyboard01:09
tyson_trevorj: then went on to the router and port forward.... now STUCK01:09
tyson_trevorj: hahahaha01:09
tyson_trevorj: I am very lucky that the machine is right here in front of me... but hey it is 1:10 in the morning so i will give it a miss for now and come back to it tomorrow01:10
trevorjtyson_: you got it, sorry for the troubles, hope all goes well01:11
tyson_trevorj: sorry about the typo. I never get it right, honestly....01:11
trevorjtyson_: lol, I found it funny, no worries01:12
tyson_trevorj: it took me years to get the HE and SHE right.... nevermind the gay and guy... its just the way English people read, drives me mad01:12
trevorjtyson_: is english not your first language?01:12
trevorjtyson_: you speak it very well if not, could of fooled me01:12
tyson_trevorj: I am Portuguese by the way01:13
tyson_trevorj: it is now a days, I have an all english family, such as wife and kids. Live in England as well but I come from Portugal dough01:13
tyson_trevorj: and you are English, right???01:14
trevorjtyson_: I'm a nasty American01:14
trevorjtyson_: ;)01:14
tyson_trevorj: Really??? please, don't take this the wrong way.... I thought you were English as you made a mistake very common with the English could of instead of could have... but hey.... with my gay ang guy who am I to say anything01:16
tyson_trevorj: lol01:16
trevorjtyson_: lol, yeah I'm by no means perfect, thanks for noticing though, now I'll look for it01:16
tyson_trevorj: thank you for your help today... you were very helpful indeed... now off to bed. Hope to type to you soon to increase my knowledge01:17
trevorjtyson_: have a good night01:17
GTAXLHow can I implement 2.4.x Apache repos into Ubuntu server?01:32
katronixHi all, would this be a good place to ask about suPHP issues? or can you point me to the right channel if not?01:43
sarnoldkatronix: can't hurt to ask anyhow though maybe ##php would be better, if it more about php..01:46
katronix[Tue Feb 26 20:37:56 2013] [error] [client 107.201.252.193] SoftException in Application.cpp:299: Script "/home/chris/sites/chrisamoody.com/public_html/test.php" resolving to "/home/chris/sites/chrisamoody.com/public_html/test.php" not within configured docroot01:46
katronixtrying to identify what to do with this error to fix it01:47
sarnoldkatronix: this page here mentions a suphp.conf file, with a [global] config option 'docroot': http://www.suphp.org/DocumentationView.html?file=CONFIG01:48
sarnoldkatronix: how is your suphp.conf docroot set?01:48
katronixsarnold, let me check01:48
katronixah there is the issue lol01:50
azbyinhi all04:57
azbyinis there a way to change the uid/gid of the default "ubuntu" user ?04:57
patdk-lapjust edit it05:07
azbyinis there a user with uid 999 ?05:09
azbyini mean a usual one for some service05:09
qman__don't think so05:25
qman__be aware that doing this will cause all the user's files to no longer belong to the user05:25
qman__you need to chown afterward05:25
azbyinyeah, i know05:25
azbyini was wondering if it might conflict with some packages in the future where they generate a new user with uid 99905:25
qman__I don't know of any packages that create a user, which are not in the 100-range, or 1000+05:26
qman__which is not to say they don't exist, I just haven't seen any05:26
azbyinlooks like x2go uses uid 99905:26
son_hey06:28
son_I think there something wrong with my MX record06:29
histoson_: probably06:29
son_when I use dig A mail.domain.com there is no IP06:29
histoson_: what's your domain?06:29
son_in A record06:29
histoson_: there shoudn't be an ip for the mx record06:29
son_hmd-c.com06:29
histoson_: let me check06:29
son_ok thanks06:30
histoson_: Your mx is set to mail.hmd-c.com.06:30
son_yes06:30
son_thats my server name06:30
histoip is 173.201.193.199 for mail.hmd-c.com06:31
son_I think thats the ptr record right?06:32
histoson_: that's what mail.hmd-c.com resolves as06:32
son_so what do you think is the problem?06:32
son_I can send and receive emails internally06:33
son_but externally I can only send but not receive06:33
histoson_: Is that the IP of the server?06:33
son_no06:33
histoson_: then that's the problem06:33
son_yeah06:34
histoson_: you need to point mail.hmd-c.com to your mail server06:34
son_how can I point that?06:34
histoson_: in your a name records06:34
son_i've bought that domain in godaddy.com06:34
histoson_: go to godaddy's total dns control and create an A record pointing mail  at your IP of your mailserver06:35
son_sorry im a newbie here in DNS and mail server stuff06:35
histoson_: me too i've never done it but I understand what's wrong.06:35
son_I already did that06:35
histoson_: did you install av and anti spam stuff?06:35
son_yeah06:35
son_there is no log in mail.log06:35
son_when I send from yahoo or google to my server06:35
histoson_: mail.hmd-c.com is not resolving to the right ip righ?06:35
son_yes06:36
histothat's the issue how the hell wwould mail get to your server if mail.hmd-c.com isn't pointing tot he right place. YOu need to double check your dns records on godaddy06:36
son_ok wait06:36
histoson_: outside email servers are going where is mail.hmd-c.com and they see 72.167.82.1106:37
histoson_: is that the right one?06:37
son_my IP here in my server is 112.202.181.19006:37
histoson_: Your dns is jacked up06:38
son_my MX record already pointed to mail.hmd-c.com06:38
son_i know lol06:38
histoson_: The ip for mail.hmd-c.com is changing06:38
histoson_: everytime I ping it06:38
son_yeah06:38
son_I think thats because of godaddy06:38
histoson_: You need to fix your dns settings with godaddy. Your A names what are they set  to?06:39
son_my A record points to my IP address06:39
histoson_: What is it set as?06:39
son_112.202.181.190 this IP06:39
son_@06:40
histono @ www mail????06:40
histoson_: okay add another one06:40
histoadd mail and point it at your IP06:40
son_in A record?06:40
son_done06:41
son_host = mail, points to = 112.202.181.19006:41
son_is that right?06:41
histoson_: yes06:42
histoassuming that 112.202.181.190 is your ip06:42
son_yeah its my public IP06:42
histoson_: still hasn't propagated yet06:42
son_it will take some time I guess06:42
histoson_: give it a few minutes06:42
son_yea sure06:43
son_I've been stuck here for a couple of days06:43
histoson_: what'd you have mail set as before cname?06:44
histoor just not set?06:44
son_not set06:44
histoson_: are you sure you didn't just create a cname? it looks like you did from dig06:45
son_yea godaddy provided that06:45
histoson_: there are 2 A records for some reason of both just hmd-c.com pointed at two different ips06:46
son_the other IP was provided by godaddy06:46
son_I just didn't erase that06:46
histoson_: well it should be workign now. It resolves properly now06:46
son_really?06:46
histoson_: A records are for IPs  cnames are for hostname forwarding06:46
histoson_: yes mail.hmd-c.ocm resolves to 112.202.181.19006:47
histowhich is what your mx record is set to.06:47
histoLooks good now06:47
son_i'll give it a try06:47
histoson_: Which howto did you follow?06:47
son_flurdy06:47
histo?06:47
histolinkage06:47
son_http://flurdy.com/docs/postfix/06:48
son_still no log :(06:49
histoson_: It should be working. People should be hitting imap assuming the port is open06:50
histoson_: let me check06:50
son_yea sure06:50
son_i've tried sending mails to yahoo and it was there but when I reply to my server nothing happens06:51
histoson_: what is it port 143?06:51
son_I think thats the imap06:51
histodns just went wonky agai06:52
histoagain06:52
son_what?06:52
histoIt's not pointed at your ip anymore06:52
histoson_: Alright what do you have in your DNS records?06:53
son_cname?06:53
histoson_: pastebin a screenshot06:53
histo!paste | son_06:53
ubottuson_: For posting multi-line texts into the channel, please use http://paste.ubuntu.com | To post !screenshots use http://imagebin.org/?page=add | !pastebinit to paste directly from command line | Make sure you give us the URL for your paste - see also the channel topic.06:53
histoson_: also your ip is refusing connections on port 143 and port 220 so no IMAP.06:56
histoson_: is it maybe imaps?06:56
son_hmm06:56
histoson_: did you set your router to forward the ports06:57
son_I dont know really06:57
son_yeah06:57
son_my ISP block port 2506:57
histoSo what'd you do to resolve that?06:57
son_http://paste.ubuntu.com/5569813/ heres the link06:57
son_relay host to my ISP06:58
son_I connect via port 58706:58
son_and use their smtp server06:58
histoson_: Where'd you get that info from your isp?06:59
son_i've called my ISP and thats the only thing they gave me06:59
histoson_: Are you using any of the other services provided by godaddy for the secureserver stuff?07:00
son_nope, it was there when I bought it07:01
son_this is my /etc/postfix/main.cf http://paste.ubuntu.com/5569816/07:01
histoson_: get rid of all those cnames then and create antoerh aname with @ as the host and point it at your ip07:01
histoson_: postfix is not the issue07:02
histoson_: one is your DNS the other issue is your ports being blocked07:02
histoson_: so lets fix the dns first then the ports07:02
son_ok sure07:02
histoson_: So the only thing you should have is two anames one for @ and one for mail  both pointed at your ip and an MX record pointed at mail.hmd-c.com07:03
son_ive already deleted all cnames07:04
histoson_: Okay then fix the anames07:04
son_error07:04
histoson_: ?07:05
histoWhat's the error?07:05
son_A record of a different type exists for the hostname @, could not create CNAME07:05
son_thats the log07:06
histoWhy are you creating cnames?07:06
histoNO CNAMES07:06
son_what will I create?07:06
histotwo A's one for mail and one for @ both pointed at your IP07:06
histoor atleast one for mail07:07
son_its ok now07:07
son_ill try to send to yahoo07:07
son_using telnet07:07
histoson_: it's still not updated here07:08
son_it sends07:09
son_but lets wait for a while07:09
histoson_: as we've already figured out sending is not the issue. Not quite sure why you keep checking that. Has nothing to do with receiving07:09
son_right07:09
son_im just testing sorry07:09
son_do you think its ok now?07:11
son_ive tried sending from yahoo and I still dont get any logs :(07:11
histoson_: let me check07:11
son_sure07:11
histoson_: there is still a goofy aname record of 50.63.202.5207:12
histoson_: and pinging mail.hmd-c.com is not resolving to your IP so no it's not working still07:12
son_lest wait for a while07:12
son_ive already remove that address07:13
histoson_: Why not look at your router and make sure that your ports are forwarded to your server07:14
histowhile we wait07:15
son_im using dlink 60007:15
histoson_: Okay log in and forward port 143 to the internal IP of your server07:16
son_its done07:17
histookay well it's not answering07:18
son_do you think its an ssl issue?07:19
histoson_: did you only enable imaps  or imap ?07:19
histoson_: it's not even listening on port 14307:19
son_yeah07:20
histoson_: let me look at the silly howto you are following hold on?07:20
son_yea sure07:20
son_thanks for the time07:20
histoson_: did you install shorewall?07:21
son_not yet07:21
son_im planning to set this up first before I install that07:21
histoOkay07:21
histoYou installed courier right?07:22
son_yeah07:22
histoson_: On that machine can you telnet localhost 14307:23
son_yeah I can07:23
histoson_: And it answers with?07:24
son_Connected to localhost.localdomain. Escape character is '^]'. * OK [CAPABILITY IMAP4rev1 UIDPLUS CHILDREN NAMESPACE THREAD=ORDEREDSUBJECT THREAD=REFERENCES SORT QUOTA IDLE ACL ACL2=UNION STARTTLS] Courier-IMAP ready. Copyright 1998-2011 Double Precision, Inc.  See COPYING for distribution information.07:24
histoson_: okay now make sure your forwarded both tcp and udp port 143 on your router to internal ip of your server07:26
son_its already forwarded07:27
histoson_: You said you have  a dlink dir600?07:27
son_yes07:27
histoson_: http://portforward.com/english/routers/port_forwarding/Dlink/DIR-600/Imap.htm07:28
histoDo you have a DSL modem also?07:28
histoor calbe or whatever07:28
histolike Cable modem > dlink > server ????07:28
histoor just dlink > server???07:28
son_dsl > router > server07:28
histoson_: So a seperate dsl modem right?07:29
histoon top of the dlink?07:29
son_yes07:29
son_running my server behind a router07:29
histoAhh you have a double nat issue07:29
histodsl modem is seeing the request for port 143 and doesn't know what to do with it.  The request never even gets to your home router07:30
histoSo you have a couple of options to fix this.07:30
son_how?07:30
histoYou can configure your dsl modem to be a bridge device and let the dlink handle your dsl connection. Or you can edit the config of your dsl modem and put your routers IP int he DMZ07:32
histoson_: in your routers config you can probably see what IP your dsl modem is giving your router. Then you should be able to connect to your dsl modems config page and change settings there.07:33
histobrb07:34
son_im not sure I think Im not authorized to do configuration07:34
histoson_: http://www.practicallynetworked.com/networking/fixing_double_nat.htm  here is an explaination. YOu can configure your dsl modem. You had to to enter a username and password for your dsl connection.07:35
histoRead up on that for an explanation you will understand what's going on. I have to go for a bit.07:35
son_ive already enabled dmz in my router07:37
histoson_: You need to put your router in the dmz on the dsl mdoem07:50
son_i think bridge mode is disabled in my dsl07:51
son_when I login in the browser it only display the information about the dsl07:52
histoson_: Yes if your dslmodem is in bridge mode you can't even login to it. You put your dsl login settings in your dlink.07:53
son_how?07:53
histoson_: The easiest way is for you to login to your dsl modem and disable any firewalls and put your router's WAN IP in the DMZ07:53
histoson_: if not what kind of dsl modem is it?07:54
son_P-660HN-T1A07:54
son_ive already enable dmz points to my server07:55
son_in my router07:55
histoson_: let me see07:56
son_how?07:56
histonope still not working07:56
histoI'm trying to telnet 112.202.181.190 143   and it's not responding07:56
histoSo the port isn't being forwarded still07:56
son_aww :(07:56
histoOn the dsl modem put the routers WAN IP in the DMZ and be done07:56
histothe servers ip is probably on a different class and the dsl modem doesn't know what to do with the request07:57
son_how can I put WAN IP on the dsl modem07:58
son_the dsl modem gives me nothing07:58
son_only status and information07:58
son_I get it!08:00
histo?08:01
son_ive already log in into the admin account08:02
histoThe cable that runs from the dsl modem to the router is plugged into the WAN port on the router. The router gets an IP from the dsl modem. The router also has an IP and subnet that it hands to inside machines. The WAN port's IP needs to be placed in the DMZ on the DSL Modem. I don't know how else to explain this.08:02
histoOnce you accomplish this rejoice and be done with all your issues08:02
son_ive already open ports in dsl modem08:03
son_ive open port 14308:03
=== smb` is now known as smb
son_can you telnet my ip again?08:03
son_hey what encapsulation will I choose?08:07
son_in bridge mode08:07
histoTrying right now. It's just sitting there now08:07
histoIt's not answering but it's not denying the request either08:07
histoNot sure what you have setup now.08:08
histoand your IP isn't responding to pings anymoe08:08
histoson_: anymore08:08
son_still there?08:12
son_I lost my internet connection08:13
son_histo are you still there? can you telnet my ip again?08:14
son_histo08:19
histoYeah I'm back08:20
histoson_: doesn't answer and doesn't deny it's just sitting there blinking termianl not sure what is going on08:20
son_after I enabled bridge mode I lost my connection probably because of NAT08:21
histoson_: No you need to set your connection up in your dlink after you brdige mode the dsl modem08:24
son_where here?08:25
histoI don't have a dlink so I don't know usually on the setup page the first screen you come to on the router.08:25
histoLet me see if I can find some directions08:25
histoYou'll also need your dsl login name and password for this08:25
son_yeah sure08:25
histoson_: Alright on the setup page08:26
histoson_: There is a internet connection wizard should walk you through it after you put your dsl modem in bridge mode again.  If not you can do manual setup.08:26
histoson_: http://screenshots.portforward.com/routers/Dlink/DIR-600/Internet_Setup.htm  This page08:27
son_do I enable access point mode?08:27
histoson_: I would look for something that says pppoe08:28
son_o yeah i saw that08:29
histoI can't find pictures of the internet connection wiziard settings08:29
son_dynamic or static ip?08:29
histoson_: I don't know what you ISP gives you.08:30
histoson_: most are dynamic08:30
son_static it is lol08:30
son_this is my public ip right?08:30
son_112.202.181.19008:31
son_this?08:31
histoson_: Your ip should be assigned after you sign in08:31
histoson_: You shouldn't ahve to put all this in. Are you doing the wizard or the manual?08:32
son_manual08:32
histoson_: doe the wizard please08:32
histouse the wizard08:32
son_ok08:32
histoson_: are you still ont he same network?08:34
histoson_: like with this chat?08:34
histoIf so your IP changed08:35
son_got dc again08:37
son_hey can we do this tomorrow?08:38
son_im at work and its almost time to go08:39
son_histo08:39
histoyea im sure someone can help08:39
son_but I want you to teach me08:40
son_lol08:40
son_you have facebook account?08:40
histoNope08:42
histoson_: YOu need to find out if you isp is giving a dynamic IP. you will have issues08:42
son_yeah I'll just contact them tomorrow08:43
son_will you still be here tomorrow?08:43
son_same time?08:43
son_lol08:43
son_please I really need this to be done, or else my boss will fire me :(08:44
histoI will not be here. Others can help. You understand that you have a doublenat like described above on that page. Others can help you fix it.08:47
son_one last08:48
son_I get this error everytime I try to send to my server from google08:48
histoWhat's that?08:49
son_http://paste.ubuntu.com/5569972/08:49
son_here08:49
son_you have any idea?08:50
histoson_: Yeah you need to open open serveral ports08:50
histoson_: let me find you a howto that expalins everythign give me a sec08:51
son_yea sure08:51
histoson_: Still looking for the guide I had it was great and would be perfect for you. I'll ahve to search through browser history bare with me08:53
son_ok08:54
son_still have 5 mins left lol08:54
son_thank you for your time mate08:54
son_you've helped me a lot08:54
histoson_: http://workaround.org/ispmail/squeeze   This explains everything.  Atleast you will understand all the components08:54
histoson_: everything will be clear after readin ghtat08:55
son_I already visited that site but didn't stay there08:55
son_hey can you telnet me again for one last time?08:57
joel___Good evening. MySQL isn't 'working' quite right with my new web server. However, it's installed and accessible via command-line. Any idea what it is I need to add to my php.ini file in order to load the php-mysql module?09:04
joel___NM - the 'module' wasn't installed. apt-get install php5-mysql09:05
joel___lolz. Ty anyway.09:06
=== aarcane_ is now known as aarcane
jamespagezul, your rtslib package FTBFS; I fixed it up and a load of other issues with the packaging and uploaded to raring.09:51
jamespagezul, https://launchpad.net/ubuntu/raring/+source/rtslib/2.1.fb27-0ubuntu210:19
rbasakjamespage: hey. Please could you review/sponsor bug 1132302? The version in my PPA is fine to upload as-is; just knock off the ~ppa2 suffix. https://launchpad.net/~racb/+archive/experimental/+files/drbd8_8.4.3-0ubuntu1%7Eppa2.dsc diff against 2:8.3.13-2 (debian/ dir only): http://paste.ubuntu.com/5570163/10:57
uvirtbotLaunchpad bug 1132302 in drbd8 "drbd8-utils are not compatible with kernel 3.8" [High,Triaged] https://launchpad.net/bugs/113230210:57
jamespagerbasak, sure10:57
jamespagerbasak, +1 uploaded thanks for doing that work11:02
rbasakjamespage: no problem. Thank you for sponsoring!11:03
jamespageDaviey, wondered why mongodb took so long to build - it also builds all is dependencies and static links them11:38
jamespagelol11:38
Davieyfml11:38
* RoyK sticks to postgresql11:41
Sander^workDo anyone have some experience with canonical support? Wondring if I should go for service spesific support, like for eg. mysql.. Or for ubuntu support as it  covers more services.. Do anyone in here have any support agreements?11:43
vezqSander^work: what kind of support you are looking for?11:50
DavieySander^work: I think Canonical support is brilliant.. but some might argue i am biased.11:51
Sander^workvezq, basicly mainly for mysql and apache.. We have virtualization platforms as vmware and xen.11:55
Sander^workDaviey, Do you know if canonical have deep mysql experience?12:23
DavieySander^work: depends what aspect of deep you mean.. :).. If it's optimisation of database schema for mysql, then no.. if it's.. "How do i do foo?" .. "Or foo doesn't seem to be working?".. then likely yes12:25
Sander^workDaviey, Are they eg. able to assist in recovering from a system failure with corrupt mysql data? In the current case the fix was to set innodb_file_per_table=1 and export all tables invidually and reimport them. Is this a typical case they could have found out about?12:30
DavieySander^work: I would hope so.. but probably best to speak to them :)12:35
ivoksjamespage or adam_g anyone around?12:59
jamespageivoks, yes12:59
david_any one remember the command that repeatedly executes a command. So I can give it a command like ps ax and it reacts like top ?13:00
david_watch13:01
david_I found it13:01
nilliI'm on an Ubuntu 8.04.4 LTS server and I've run into issues with ports. My PHP script needs to do a SoapClient() call for an address specifying port 2443, but my server doesn't seem to respond on that port. I used instructions on http://portquiz.positon.org:2443/ and got no response on this Ubuntu server, while doing the same thing on a different server did give me a response.. so how do I make my Ubuntu server allow this port?13:46
ikonianilli: what is listening on that port ?13:47
nillisudo netstat -anpc | grep 244313:47
nillitcp        0      1 myip:51624        theirip:2443     SYN_SENT    19378/apache213:48
ikonianilli: , I asked what was listening on that port13:48
nillihow do I check that?13:48
ikonianilli: is the port 2443 on a server you manage ? or someone elses13:48
nillisomeone else's, but when I try to connect I only get "connection timed out", which is the same symptom I get when testing the wget command from portquiz13:49
ikonianilli: just do a basic telnet test13:49
ikonianilli: confirm the port is open and listening13:49
nilli"telnet portquiz.positon.org 2443" gets stuck at "Trying..."13:50
ikonianilli: ok, so that sounds like the remote server is not responding13:51
nillibut if I go to the address with :2443 in my browser, I have no issues13:51
nillihttps://payment.raddabarnen.se:244313:52
ikonianilli: I get a connection13:53
ikonianilli: if I telnet to payment.raddabarnen.se 244313:53
nillitelnet: Unable to connect to remote host: Connection timed out13:53
nilliso my server is the issue13:53
ikonianilli: are you running a firewall ?13:54
nilliI have no idea13:54
nilliI started working at this company just recently and I had to instruct my host how to give me root access because he didn't know how13:54
ikonianilli: ok, so it's doubtful it's a software firewall, but it's worth checking13:55
ikonianilli: more probable it's a network firewall13:55
ikoniaboth could be right though13:55
nilliI hope it's a setting on this machine, we'll have unusable websites in 2 weeks unless I can fix this :S13:55
ikonianilli: check ufw service, try turning it off if you can13:56
ikonianilli: that will remove the ubuntu default firewall13:56
nilliufw: command not found13:56
ikonia(disable it)13:56
ikoniait's a service, not a command13:56
nilliin init_d then?13:57
jpdsIt is a command.13:57
ikoniajpds: can you just run ufw ?13:57
jpdsikonia: Yes.13:57
ikoniathere you go then13:57
jpdsikonia: How else would you configure it?13:57
ikoniajpds: I meant to stop and start, I thought it was just a wrapper around iptables13:57
nillisudo ufw disable13:58
nillisudo: ufw: command not found13:58
ikonianilli: iptables -L will show if you have any rules13:59
nillione screen of lines, they all seem to go from "source anywhere" to "destination anywhere"13:59
ikoniaso looks pretty open13:59
nilliwith one line for source localhost and another for destination localhost14:00
nilliah, and they all say ACCEPT14:00
nillihm, I see that they specify things like :ftp and :ssh and :www14:01
nilliif I add one for :apache2 do you think my issue could be solved?14:01
ikoniano apache2 is wwww14:01
nilliah ok14:01
ikonianilli: do a sudo iptables -F and flush thenm14:01
ikoniathem14:01
ikoniaor jpds maybe able to do it better with ufw14:01
ikoniaI don't know the ufw syntax14:01
jpdsikonia: sudo ufw status verbose14:02
ikoniathanks jpds14:02
ikoniathere you go nilli14:02
ikoniasaves me reading the man page14:02
nilliexcept I don't have ufw14:02
jpdsikonia: Which you should do anyway.14:02
ikoniajpds: if I needed it I'd be happy to14:02
ikoniajpds: is ufw default in 8.04 ?14:03
jpdsikonia: I think so.14:03
jdstrandit is14:04
ikonianilli: actually.......can you show me the output of uname -a on your server14:04
ikoniaI wonder if this is one of those vps ones that have bits missing14:04
nilliLinux nilli 2.6.32-042stab055.10 #1 SMP Thu May 10 15:38:32 MSD 2012 i686 GNU/Linux14:04
jpdsNice.14:04
ikoniathere we go14:04
ikoniait's one of those dodgy vp's14:05
ikoniavps14:05
nillihow do you see that?14:05
ikoniathe kernel14:05
nillithe bits behind 2.6.32 ?14:05
ikoniayes14:05
nillimkay14:05
jpdsnilli: An Ubuntu kernel would never require someone getting stab'ed.14:05
ikonialet alone 55 times14:05
nillihaha14:06
jpdsikonia: 'tis but a flesh wound.14:06
ikonianilli: in seriousness you can either mess around with iptables, or contact your host and ask them if they are firewalling you locally or external to the guest14:06
ikonianilli: experience says the install will be an "odd one"14:06
nilliit doesn't make sense that port 2443 would be blocked if my iptables say ACCEPT source anywhere destination anywhere14:07
ikonianilli: depending on your rules, it could be accept on established, or anything,14:07
ikoniaflushing the rules will be a good test14:07
ikoniabut you may also be firewalled at the host, not guest14:08
nillibut flushing them sounds scary, what if some of it was added on purpose14:08
nillican I pastebin the file to you?14:08
ikoniabest to talk to your host14:08
nillithe output*14:08
nillihe doesn't know anything :S14:08
ikoniabest to pick a host that does14:08
nillihehe14:08
nillihttp://pastebin.com/GY8VRApy14:10
daniel_-eebsd14:10
ikoniathat looks like it's dropping ports14:10
ikonianilli: I'd drop those rules and test14:11
nilliso -F ?14:11
nilliis there a way for me to backup this first?14:11
ikoniaiptables-save14:11
nilli"Use I/O-redirection provided by your shell to write to a file."14:13
nilliiptables-save > file.txt14:13
nillisounds good?14:13
ikoniayes14:13
nillinice, ok, that looks good14:14
nilli-F seems to take a while14:15
nilliis it supposed to? it's not done yet14:17
nilli$ sudo iptables -F14:17
ikoniathat should flush the rules14:19
nilliI haven't had any output at all yet, so it seems it's still working14:20
nillioh damn.. I can't ssh into it anymore14:20
ikoniait's possible this is set from the host14:21
nillioh god, the websites aren't responding14:21
nilli>_<14:21
nillineed to cal lmy boss14:21
nillidid I mention I just started working here?14:21
ikoniayou need to call your host14:22
br0xenblkperl: I got pulled away from my desk yesterday, thanks for the help re: postfix.14:34
nillihah, managed to find the host (tracing ip ftw) and he was kind enough to change the drop policies to accept14:40
nillibut "iptables-restore < iptables.txt" doesn't work14:40
nilliError occurred at line: 214:40
nilliline 2 is "*mangle"14:41
nilliiptables-restore v1.3.8: iptables-restore: unable to initialize table 'mangle'14:41
nilliand that seems to be a kernel issue14:45
=== tarzxvf is now known as ubuntu-phone
=== ubuntu-phone is now known as failover
nillino it wasn't, I just forgot sudo14:50
zuljamespage: fixing quantum wheee14:51
jamespagezul,well I'm fixing mongodb on ARM14:51
jamespagefun and slow at the same time....14:52
zuljamespage:  ouch good luck on that...whats wrong?14:52
jamespagezul, 2.2.x introduced a whole load of new ASM code14:52
jamespagewhich works on x86 - but not arm14:52
* zul runs away14:52
jamespagezul, stealing a patch from fedora14:52
zuljamespage:  well thats not too bad then14:53
=== wedgwood_away is now known as wedgwood
zuljamespage: hey can you upload rtslib to staging as well? (when you get a chance)15:04
jamespagezul, please review - http://people.canonical.com/~jamespage/ca-updates/15:08
zuljamespage: +115:09
jamespagezul, uploaded15:12
zuljamespage:  cool15:12
zuljamespage/yolanda: https://code.launchpad.net/~zulcss/quantum/quantum-ftbfs-2/+merge/15082415:20
Pupeno_wDoes anybody know how to change the file system type from ext3 to ext4 so running mount /dev/blah /mnt will mount it as ext4 instead of ext3?15:35
crassI've gotten myself into a strange situation. Somehow the ondisk partitions are out of sync with what the kernel thinks they are15:43
crassspecifically, a partition has been deleted, but the kernel still sees it and the filesystem on it is mounted.  Is there a way to get the starting sector of the partition from the kernel?15:44
crassjust found it in /sys/block/sdX/sdXY/start15:47
ardianHi I just installed apache on amazon ec2 which I also just created but when I try to access the public dns nothing comes up do I have to wait for the dns to be updated or anything like that or is there a firewall problem that I have to work on ?15:49
JanCwhat do you mean with "access the public dns"?  using a host name to browse to your virtual server?15:54
ardianJanC: giving my address to the web browser16:04
ardianit doesn't give anything back16:05
JanCwhat do you mean by "address"?  IP address or the domain name?16:05
ardianJanC: yes16:07
JanC...16:07
JanCardian: which of the two?16:08
ardianJanC: domain is pointed to the ip so its the same16:08
ardianJanC: when I visit the site it is like the server down, even that though I am connecting to it via ssh16:09
JanCyou ssh to the domain name?16:10
ardianyes16:10
ardianec2-54-235-8-102.compute-1.amazonaws.com16:10
ardianJanC: to this one, do I have to enable the ports on the Control Panel of it16:11
JanCI've never used EC2, but if there is a control panel where you have to open ports, then I assume there is a firewall  ☺16:12
JanCI can't even ping to ec2-54-235-8-102.compute-1.amazonaws.com, so it seems like they firewall even useful things...16:15
ardianI see16:16
HarisHello all16:32
HarisI have to setup ubuntu (via cobbler) on a centos based pxe for network installs of 12.04lts. I have a cobbler distro/profile set. I have the netboot iso/image for 12.04lts. How do I setup cobbler/pxe for installs ? So far, from the setup that I'v done thus far, whenever the install starts, it asks me for the missing cd-rom16:34
zulhallyn:  i have libvirt-1.0.3-rc2 packaged16:50
hallynzul: how's it testing?16:51
zulhallyn: just building it now16:51
hallyncool16:51
Hariswhen I run cobbler import from the mini iso for 12.04lts, does it import the initrd.gz and kernel that work up network installs or does it import the images which look for a local cd/dvd-rom ?17:07
HarisI'v tried from the main CD image for precise. Its not doing the network part17:08
garbagegodI have a linode in which apache2 is failing silently17:22
garbagegodIs there a verbose option to /etc/init.d/apache2 or anything?17:22
Picigarbagegod: failing as in it wont start?17:24
garbagegodcorrect, but no errors17:24
garbagegodsame with apache2 -k17:25
tyson_trevorj: HI there17:26
garbagegodanyone17:29
Harisdoes the http://releases.ubuntu.com/precise/ubuntu-12.04.2-server-amd64.iso image contain the files from netboot ?17:30
tyson_trevorj: it seems that the experiments of last night didn't go down that well. The errors start on the booting fd0 error then /dev/mapping/swap-1 unable to find drive to mount and then waiting for network configuration and waiting another 60 sec.17:31
tyson_Hi, I am having trouble with the swap drive when booting, can anyone help?17:56
Harisgot it working18:12
zulhallyn:  https://launchpad.net/~zulcss/+archive/libvirt-testing18:15
hallynzul: ack18:17
hallyn(i'm trying to build a cross-gdb armhf->amd64...  crosstools from linaro not treating me right)18:18
hallynmaybe i should ping plars18:18
hallynstgraber: any preference for the name for ppa i create for userns kernel for ubuntu-lxc?18:19
hallynshould we just name it generically ppa:ubuntu-lxc/kernel, and re-use for any future lxc kernel extensions?18:20
stgraberhallyn: I think kernel makes sense18:20
hallynk18:22
=== ogra_ is now known as ogra
_KaszpiR_yawn18:52
_KaszpiR_ubuntu server, any vnc advised?18:52
dedalusare the raring server daily iso builds functional?19:00
dedalusthey're really tiny, and when i tried to boot a VM off one it said no kernel modules found19:00
three18tihey guys.  I need to find an image on the file system but I don't know the name of it.  I have a copy that I can match against.19:14
three18tiI thought about taking the md5 sum but that seems like there would be a lot of overhead on a production server...19:15
three18tiI see imagemagick has "identify" but I'm not sure how to leverage that to find the image.19:15
sarnoldthree18ti: if you limit it to just files with the same size..19:15
three18tiok, that might help.19:15
three18tithat way I'm only md5ing a few files.19:15
sarnoldthree18ti: yeah; something like: find /path -size 2220c   (for chars! go figure)19:16
three18tior maybe find /path -size 9.93KB19:17
three18tior I guess just K19:17
sarnoldthree18ti: I'd be leery of trusting that. Call me crazy but I know where I stand with exact numbers of bytes. :)19:18
three18tiok, that makes sense.19:18
three18tialso seems that find doesn't like the decimal.19:19
three18tithanks sarnold.19:21
adam_gjamespage, just updated that glance charm MP with an alternative fix19:35
streulmahello, what's more stable, use Ubuntu Server of Debian as server ?19:54
ScottKIt depends19:56
ogra... on how you bolt it to the ground ...19:57
ScottKAnd if the stuff in Debian stable is new enough to have the features you need.19:58
streulmahmm, yes, but htop, I can't do htop -C20:00
ograwell, so you already have your answer :)20:01
=== matsubara is now known as matsubara-afk
thegoatok, so i have sendmail up and running, and it says mail was delivered to my mailbox successfully, but i fire up alpine, or even just mail and they say i have no mail20:47
thegoatany idea where it's keeping it?20:48
=== xcrracer_ is now known as xcrracer
sarnoldthegoat: first place to look is /var/spool/mail/username21:29
thegoatfound it....there was an id10t error on my part21:30
=== xcrracer_ is now known as xcrracer
sarnoldthegoat: hehe, nice :D21:34
=== xcrracer_ is now known as xcrracer
sh_thi everyone. im trying to get ufw working with nat masquerading but i'm getting an error "ERROR: problem running ufw-init" after following the simple instructions here https://help.ubuntu.com/12.04/serverguide/firewall.html about adding a few entries to before.rules. can anyone suggest how to go about fixing this?22:35
sh_tif I remove the entries for the nat masquerading the error is gone22:36
jdstrandsh_t: can you paste your before.rules files at paste.ubuntu.com (or similar)?22:36
sh_tit's a stock config with those exact lines from the docs there.22:37
TheLordOfTimepaste them anyways?22:38
TheLordOfTimes/paste/pastebin/22:38
jdstrandsh_t: if you could past them, it would help22:38
jdstrands/past/paste/22:38
sh_thttp://paste.ubuntu.com/5571958/22:38
jdstrandsh_t: you forgot to add COMMIT after the POSTROUTING rule22:38
sh_tah. the instructions didnt seem clear about that. i thought it was just saying "dont delete it from the end of the file"22:39
jdstrandsh_t: you need a COMMIT for each table. in your case, *nat and *filter22:39
sh_tright, i understand22:39
sh_tthanks :]22:39
* jdstrand nods22:39
sh_tinteresting though thats it not underneath the *filter22:40
sh_talthough i guess thats at the end of the file, nvm22:40
tedskish_t: quick question... is this host on a static or dynamic ip?22:40
sh_ttedski: issue is resolved22:40
tedskii know22:40
tedskibut, i was just curious22:41
sh_tit's on a static ip22:41
tedskiwas going to offer some input unrelated to your issue22:41
sh_tjust rigging up an openvpn gateway22:41
tedskii prefer to use SNAT over MASQUERADING for static IP hosts22:41
tedski-A POSTROUTING -s 172.16.253.0/24 -o eth0 -j SNAT --to-source xx.xx.xx.xx22:42
tedskiwhere xx.xx.xx.xx is your static ip22:42
tedskithat's just a best-practices type thing... not related to any issue22:43
sh_tok, thanks22:44
tedskinp22:45
sliddjuri updated /etc/pam.d/common-password:password        requisite       pam_cracklib.so retry=3 minlen=8 difok=3 dcredit=1 ucredit=1 lcredit=1 ocredit=122:50
sliddjurwhy doesnt new password rules work?22:50
sliddjurdo i need to restart some service?22:50
sarnoldsliddjur: I believe pam changes take effect immediately22:53
sliddjursarnold: and cracklib-check are supposed to look for the values set in common-password?22:59
sarnoldsliddjur: I don't know about cracklick-check -- does it have an /etc/pam.d/cracklib-check or similar entry?23:00
sarnoldsliddjur: .. or is just an application?23:00
sliddjursarnold: an application23:01
sliddjuranyways, when setting new password for my user it doesnt seem to use my values set (minlen=8)23:01
sarnoldsliddjur: hrm, the pam_cracklib(8) manpage has 'required' instead of 'requisite'23:08
sliddjursarnold: doesnt seem to change behaviour23:11
sarnoldsliddjur: harumph :) sorry, no more ideas...23:12
sliddjursarnold: ok. thanks anyways. got to sleep :)23:12
sarnoldsliddjur: woo :)23:12
tyson_Hi, in which machine do I have to set the ssh key??? main machine or the one i am accessing remotly?23:25
sarnoldtyson_: private portion on the local machine, public portion into the ~/.ssh/authorized_keys of the remote machine23:26
tyson_sarnold: thank you23:26
bastidrazorif i were to want nm-applet to manage my etho, would i remove 'auto etho' from /etc/interfaces?23:32
roaksoaxzul: how do you fix stuff like this? :) https://bugs.launchpad.net/ubuntu/+source/maas/+bug/113403623:54
uvirtbotLaunchpad bug 1134036 in maas "Package install hangs if LC_ALL is not set" [Undecided,New]23:54
bigjoolswhy would LC_ALL not be set anyway?23:55
roaksoaxbigjools: yeah that's why I was asking him since I never came across such thing23:56
bigjoolsit seems to happen on a few of my server installations23:56
roaksoaxi do remember smoser dealing with similar bugs23:56
roaksoaxsmoser: around?23:56
bigjoolsoh and to fix this particular instance, LC_ALL=C didn't help, I had to set it to C.UTF-823:56
bigjoolswtf!23:56

Generated by irclog2html.py 2.7 by Marius Gedminas - find it at mg.pov.lt!