trevorj | adam_g: it also works fine if I just use hosts: files dns mdns4 in nsswitch.conf | 00:00 |
---|---|---|
=== wedgwood is now known as wedgwood_away | ||
trevorj | adam_g: but that would break some people's ability to use mdns as some nasty ISPs have a .local domain in their DNS zones | 00:01 |
adam_g | trevorj, i think the MAAS domain name is configurable? | 00:03 |
trevorj | adam_g: I configured it, the DNS part works fine | 00:04 |
trevorj | adam_g: the problem is in nsswitch.conf you have this by default: hosts: files mdns4_minimal [NOTFOUND=return] dns mdns4 | 00:05 |
trevorj | adam_g: since the [NOTFOUND=return] is there, it never checks anything below .local if avahi can't resolve it | 00:05 |
trevorj | adam_g: which it cannot since it's a subdomain of .local and not just avahi's default of .local | 00:05 |
trevorj | adam_g: would it be best if I change avahi-daemon's domain to my real subdomain of .local? But then what if I want a DNS address for that to be resolvable that's not avahi published? | 00:06 |
sarnold | I think everyone just gave up fighting .local and switched to .priv or .intern or something else :( | 00:07 |
trevorj | lol | 00:08 |
trevorj | kind of hard for me to switch at this point =( | 00:08 |
trevorj | Do people really use multiple avahi domains? | 00:10 |
patdk-lap | people really use avahi? | 00:11 |
trevorj | lol, right | 00:11 |
sarnold | heh, yeah, to my knowledge, no one _uses_ it. | 00:11 |
=== sagaci is now known as jpickett | ||
patdk-lap | the only thing I ever see using it is, airprint | 00:12 |
sarnold | but perhaps living the Apple Lifestyle or sometihng it'd be handy? | 00:12 |
trevorj | I guess I really don't mind disabling it I just don't want some package to pull in avahi-daemon and much up my resolves one day | 00:12 |
sarnold | that sounds like a healthy fear :) | 00:12 |
trevorj | I should really just fix nsswitch.conf, which is why I have the post-install config question to begin with ;) | 00:13 |
tyson_ | trevorj: Now that I have done it what should the address be? my dns:ip:port?? | 00:41 |
trevorj | tyson_: to access it externally? | 00:43 |
tyson_ | trevorj: yes | 00:43 |
trevorj | tyson_: your external IP:port | 00:44 |
trevorj | tyson_: unless you use ddns or something | 00:44 |
trevorj | tyson_: ssh is -p for port | 00:44 |
trevorj | tyson_: 22 is default | 00:44 |
tyson_ | trevorj: I usualy do it indoors with ssh -l user ip or ssh user@ip | 00:44 |
trevorj | tyson_: I recommend to setup ssh key auth if you're making this externally accessible | 00:45 |
tyson_ | trevorj: ok, thank you. | 00:45 |
trevorj | tyson_: you also may be interested in fail2ban to block all those chinese ssh attackers | 00:46 |
genii-around | Alternately move ssh to some other high numbered obscure port | 00:47 |
tyson_ | trevorj: lol... really ??? i'm gonna be honest... there is nothing on that server other then movies and photos.... are Chinese really into ssh? how does that fail2ban work? | 00:48 |
trevorj | tyson_: they just try random IPs by brute forcing passwords | 00:48 |
tyson_ | genii-around: I did think about that] | 00:48 |
trevorj | tyson_: I had a box get cracked with a 32 char random password once | 00:48 |
trevorj | tyson_: took 5 years of brute forcing but they got in | 00:48 |
tyson_ | damn | 00:49 |
trevorj | tyson_: nah wait, it was probably 16 chars, I think thats when I convinced my boss to move to ssh key auth for everything and 32 chars | 00:49 |
trevorj | tyson_: but still | 00:49 |
tyson_ | trevorj: so, if i got it right, the fail2ban puts the ip on a ban list after a certain amount of attemps, right? | 00:50 |
genii-around | tyson_: fail2ban will put their ip temporarily into hosts.deny after a certain amount of failed login attempts. | 00:50 |
trevorj | It will add a reject iptables rule | 00:50 |
tyson_ | genii-around: lol... that happened to me with my website server.... very nice.... couldn't access it through the weekend | 00:51 |
trevorj | tyson_: I access them from a different IP when that happens | 01:04 |
trevorj | tyson_: hell, hop on tor even ;) | 01:04 |
tyson_ | trevorj: I had to, from my ipad 3G | 01:05 |
trevorj | tyson_: sounds fun, I love tablet ssh | 01:05 |
trevorj | tyson_: really like the keyboard </sarcasm> | 01:05 |
trevorj | tyson_: very handy though | 01:06 |
tyson_ | trevorj: it helps with the kids... when I tell them to turn them off and they don't... I DO IT MYSELF | 01:06 |
trevorj | ahaha | 01:06 |
tyson_ | trevorj: but sometimes I get the karma, just like now.... I am trying to do what you gays told me, reboot the server and can not access it now... | 01:07 |
trevorj | wonderful typo | 01:07 |
tyson_ | trevorj: oh well, gotta plug in the mouse and keyboard nd get on with it | 01:07 |
trevorj | tyson_: what did you do on it? | 01:08 |
trevorj | tyson_: ssh key auth and/or fail2ban? | 01:08 |
trevorj | tyson_: or high port, etc etc | 01:08 |
tyson_ | trevorj: the update, upgrade, then the nameserver change | 01:08 |
trevorj | ah | 01:08 |
trevorj | fun stuff | 01:08 |
tyson_ | trevorj: then started with ports and allowences | 01:09 |
trevorj | tyson_: I always hate that moment, when you realize you need a keyboard | 01:09 |
tyson_ | trevorj: then went on to the router and port forward.... now STUCK | 01:09 |
tyson_ | trevorj: hahahaha | 01:09 |
tyson_ | trevorj: I am very lucky that the machine is right here in front of me... but hey it is 1:10 in the morning so i will give it a miss for now and come back to it tomorrow | 01:10 |
trevorj | tyson_: you got it, sorry for the troubles, hope all goes well | 01:11 |
tyson_ | trevorj: sorry about the typo. I never get it right, honestly.... | 01:11 |
trevorj | tyson_: lol, I found it funny, no worries | 01:12 |
tyson_ | trevorj: it took me years to get the HE and SHE right.... nevermind the gay and guy... its just the way English people read, drives me mad | 01:12 |
trevorj | tyson_: is english not your first language? | 01:12 |
trevorj | tyson_: you speak it very well if not, could of fooled me | 01:12 |
tyson_ | trevorj: I am Portuguese by the way | 01:13 |
tyson_ | trevorj: it is now a days, I have an all english family, such as wife and kids. Live in England as well but I come from Portugal dough | 01:13 |
tyson_ | trevorj: and you are English, right??? | 01:14 |
trevorj | tyson_: I'm a nasty American | 01:14 |
trevorj | tyson_: ;) | 01:14 |
tyson_ | trevorj: Really??? please, don't take this the wrong way.... I thought you were English as you made a mistake very common with the English could of instead of could have... but hey.... with my gay ang guy who am I to say anything | 01:16 |
tyson_ | trevorj: lol | 01:16 |
trevorj | tyson_: lol, yeah I'm by no means perfect, thanks for noticing though, now I'll look for it | 01:16 |
tyson_ | trevorj: thank you for your help today... you were very helpful indeed... now off to bed. Hope to type to you soon to increase my knowledge | 01:17 |
trevorj | tyson_: have a good night | 01:17 |
GTAXL | How can I implement 2.4.x Apache repos into Ubuntu server? | 01:32 |
katronix | Hi all, would this be a good place to ask about suPHP issues? or can you point me to the right channel if not? | 01:43 |
sarnold | katronix: can't hurt to ask anyhow though maybe ##php would be better, if it more about php.. | 01:46 |
katronix | [Tue Feb 26 20:37:56 2013] [error] [client 107.201.252.193] SoftException in Application.cpp:299: Script "/home/chris/sites/chrisamoody.com/public_html/test.php" resolving to "/home/chris/sites/chrisamoody.com/public_html/test.php" not within configured docroot | 01:46 |
katronix | trying to identify what to do with this error to fix it | 01:47 |
sarnold | katronix: this page here mentions a suphp.conf file, with a [global] config option 'docroot': http://www.suphp.org/DocumentationView.html?file=CONFIG | 01:48 |
sarnold | katronix: how is your suphp.conf docroot set? | 01:48 |
katronix | sarnold, let me check | 01:48 |
katronix | ah there is the issue lol | 01:50 |
azbyin | hi all | 04:57 |
azbyin | is there a way to change the uid/gid of the default "ubuntu" user ? | 04:57 |
patdk-lap | just edit it | 05:07 |
azbyin | is there a user with uid 999 ? | 05:09 |
azbyin | i mean a usual one for some service | 05:09 |
qman__ | don't think so | 05:25 |
qman__ | be aware that doing this will cause all the user's files to no longer belong to the user | 05:25 |
qman__ | you need to chown afterward | 05:25 |
azbyin | yeah, i know | 05:25 |
azbyin | i was wondering if it might conflict with some packages in the future where they generate a new user with uid 999 | 05:25 |
qman__ | I don't know of any packages that create a user, which are not in the 100-range, or 1000+ | 05:26 |
qman__ | which is not to say they don't exist, I just haven't seen any | 05:26 |
azbyin | looks like x2go uses uid 999 | 05:26 |
son_ | hey | 06:28 |
son_ | I think there something wrong with my MX record | 06:29 |
histo | son_: probably | 06:29 |
son_ | when I use dig A mail.domain.com there is no IP | 06:29 |
histo | son_: what's your domain? | 06:29 |
son_ | in A record | 06:29 |
histo | son_: there shoudn't be an ip for the mx record | 06:29 |
son_ | hmd-c.com | 06:29 |
histo | son_: let me check | 06:29 |
son_ | ok thanks | 06:30 |
histo | son_: Your mx is set to mail.hmd-c.com. | 06:30 |
son_ | yes | 06:30 |
son_ | thats my server name | 06:30 |
histo | ip is 173.201.193.199 for mail.hmd-c.com | 06:31 |
son_ | I think thats the ptr record right? | 06:32 |
histo | son_: that's what mail.hmd-c.com resolves as | 06:32 |
son_ | so what do you think is the problem? | 06:32 |
son_ | I can send and receive emails internally | 06:33 |
son_ | but externally I can only send but not receive | 06:33 |
histo | son_: Is that the IP of the server? | 06:33 |
son_ | no | 06:33 |
histo | son_: then that's the problem | 06:33 |
son_ | yeah | 06:34 |
histo | son_: you need to point mail.hmd-c.com to your mail server | 06:34 |
son_ | how can I point that? | 06:34 |
histo | son_: in your a name records | 06:34 |
son_ | i've bought that domain in godaddy.com | 06:34 |
histo | son_: go to godaddy's total dns control and create an A record pointing mail at your IP of your mailserver | 06:35 |
son_ | sorry im a newbie here in DNS and mail server stuff | 06:35 |
histo | son_: me too i've never done it but I understand what's wrong. | 06:35 |
son_ | I already did that | 06:35 |
histo | son_: did you install av and anti spam stuff? | 06:35 |
son_ | yeah | 06:35 |
son_ | there is no log in mail.log | 06:35 |
son_ | when I send from yahoo or google to my server | 06:35 |
histo | son_: mail.hmd-c.com is not resolving to the right ip righ? | 06:35 |
son_ | yes | 06:36 |
histo | that's the issue how the hell wwould mail get to your server if mail.hmd-c.com isn't pointing tot he right place. YOu need to double check your dns records on godaddy | 06:36 |
son_ | ok wait | 06:36 |
histo | son_: outside email servers are going where is mail.hmd-c.com and they see 72.167.82.11 | 06:37 |
histo | son_: is that the right one? | 06:37 |
son_ | my IP here in my server is 112.202.181.190 | 06:37 |
histo | son_: Your dns is jacked up | 06:38 |
son_ | my MX record already pointed to mail.hmd-c.com | 06:38 |
son_ | i know lol | 06:38 |
histo | son_: The ip for mail.hmd-c.com is changing | 06:38 |
histo | son_: everytime I ping it | 06:38 |
son_ | yeah | 06:38 |
son_ | I think thats because of godaddy | 06:38 |
histo | son_: You need to fix your dns settings with godaddy. Your A names what are they set to? | 06:39 |
son_ | my A record points to my IP address | 06:39 |
histo | son_: What is it set as? | 06:39 |
son_ | 112.202.181.190 this IP | 06:39 |
son_ | @ | 06:40 |
histo | no @ www mail???? | 06:40 |
histo | son_: okay add another one | 06:40 |
histo | add mail and point it at your IP | 06:40 |
son_ | in A record? | 06:40 |
son_ | done | 06:41 |
son_ | host = mail, points to = 112.202.181.190 | 06:41 |
son_ | is that right? | 06:41 |
histo | son_: yes | 06:42 |
histo | assuming that 112.202.181.190 is your ip | 06:42 |
son_ | yeah its my public IP | 06:42 |
histo | son_: still hasn't propagated yet | 06:42 |
son_ | it will take some time I guess | 06:42 |
histo | son_: give it a few minutes | 06:42 |
son_ | yea sure | 06:43 |
son_ | I've been stuck here for a couple of days | 06:43 |
histo | son_: what'd you have mail set as before cname? | 06:44 |
histo | or just not set? | 06:44 |
son_ | not set | 06:44 |
histo | son_: are you sure you didn't just create a cname? it looks like you did from dig | 06:45 |
son_ | yea godaddy provided that | 06:45 |
histo | son_: there are 2 A records for some reason of both just hmd-c.com pointed at two different ips | 06:46 |
son_ | the other IP was provided by godaddy | 06:46 |
son_ | I just didn't erase that | 06:46 |
histo | son_: well it should be workign now. It resolves properly now | 06:46 |
son_ | really? | 06:46 |
histo | son_: A records are for IPs cnames are for hostname forwarding | 06:46 |
histo | son_: yes mail.hmd-c.ocm resolves to 112.202.181.190 | 06:47 |
histo | which is what your mx record is set to. | 06:47 |
histo | Looks good now | 06:47 |
son_ | i'll give it a try | 06:47 |
histo | son_: Which howto did you follow? | 06:47 |
son_ | flurdy | 06:47 |
histo | ? | 06:47 |
histo | linkage | 06:47 |
son_ | http://flurdy.com/docs/postfix/ | 06:48 |
son_ | still no log :( | 06:49 |
histo | son_: It should be working. People should be hitting imap assuming the port is open | 06:50 |
histo | son_: let me check | 06:50 |
son_ | yea sure | 06:50 |
son_ | i've tried sending mails to yahoo and it was there but when I reply to my server nothing happens | 06:51 |
histo | son_: what is it port 143? | 06:51 |
son_ | I think thats the imap | 06:51 |
histo | dns just went wonky agai | 06:52 |
histo | again | 06:52 |
son_ | what? | 06:52 |
histo | It's not pointed at your ip anymore | 06:52 |
histo | son_: Alright what do you have in your DNS records? | 06:53 |
son_ | cname? | 06:53 |
histo | son_: pastebin a screenshot | 06:53 |
histo | !paste | son_ | 06:53 |
ubottu | son_: For posting multi-line texts into the channel, please use http://paste.ubuntu.com | To post !screenshots use http://imagebin.org/?page=add | !pastebinit to paste directly from command line | Make sure you give us the URL for your paste - see also the channel topic. | 06:53 |
histo | son_: also your ip is refusing connections on port 143 and port 220 so no IMAP. | 06:56 |
histo | son_: is it maybe imaps? | 06:56 |
son_ | hmm | 06:56 |
histo | son_: did you set your router to forward the ports | 06:57 |
son_ | I dont know really | 06:57 |
son_ | yeah | 06:57 |
son_ | my ISP block port 25 | 06:57 |
histo | So what'd you do to resolve that? | 06:57 |
son_ | http://paste.ubuntu.com/5569813/ heres the link | 06:57 |
son_ | relay host to my ISP | 06:58 |
son_ | I connect via port 587 | 06:58 |
son_ | and use their smtp server | 06:58 |
histo | son_: Where'd you get that info from your isp? | 06:59 |
son_ | i've called my ISP and thats the only thing they gave me | 06:59 |
histo | son_: Are you using any of the other services provided by godaddy for the secureserver stuff? | 07:00 |
son_ | nope, it was there when I bought it | 07:01 |
son_ | this is my /etc/postfix/main.cf http://paste.ubuntu.com/5569816/ | 07:01 |
histo | son_: get rid of all those cnames then and create antoerh aname with @ as the host and point it at your ip | 07:01 |
histo | son_: postfix is not the issue | 07:02 |
histo | son_: one is your DNS the other issue is your ports being blocked | 07:02 |
histo | son_: so lets fix the dns first then the ports | 07:02 |
son_ | ok sure | 07:02 |
histo | son_: So the only thing you should have is two anames one for @ and one for mail both pointed at your ip and an MX record pointed at mail.hmd-c.com | 07:03 |
son_ | ive already deleted all cnames | 07:04 |
histo | son_: Okay then fix the anames | 07:04 |
son_ | error | 07:04 |
histo | son_: ? | 07:05 |
histo | What's the error? | 07:05 |
son_ | A record of a different type exists for the hostname @, could not create CNAME | 07:05 |
son_ | thats the log | 07:06 |
histo | Why are you creating cnames? | 07:06 |
histo | NO CNAMES | 07:06 |
son_ | what will I create? | 07:06 |
histo | two A's one for mail and one for @ both pointed at your IP | 07:06 |
histo | or atleast one for mail | 07:07 |
son_ | its ok now | 07:07 |
son_ | ill try to send to yahoo | 07:07 |
son_ | using telnet | 07:07 |
histo | son_: it's still not updated here | 07:08 |
son_ | it sends | 07:09 |
son_ | but lets wait for a while | 07:09 |
histo | son_: as we've already figured out sending is not the issue. Not quite sure why you keep checking that. Has nothing to do with receiving | 07:09 |
son_ | right | 07:09 |
son_ | im just testing sorry | 07:09 |
son_ | do you think its ok now? | 07:11 |
son_ | ive tried sending from yahoo and I still dont get any logs :( | 07:11 |
histo | son_: let me check | 07:11 |
son_ | sure | 07:11 |
histo | son_: there is still a goofy aname record of 50.63.202.52 | 07:12 |
histo | son_: and pinging mail.hmd-c.com is not resolving to your IP so no it's not working still | 07:12 |
son_ | lest wait for a while | 07:12 |
son_ | ive already remove that address | 07:13 |
histo | son_: Why not look at your router and make sure that your ports are forwarded to your server | 07:14 |
histo | while we wait | 07:15 |
son_ | im using dlink 600 | 07:15 |
histo | son_: Okay log in and forward port 143 to the internal IP of your server | 07:16 |
son_ | its done | 07:17 |
histo | okay well it's not answering | 07:18 |
son_ | do you think its an ssl issue? | 07:19 |
histo | son_: did you only enable imaps or imap ? | 07:19 |
histo | son_: it's not even listening on port 143 | 07:19 |
son_ | yeah | 07:20 |
histo | son_: let me look at the silly howto you are following hold on? | 07:20 |
son_ | yea sure | 07:20 |
son_ | thanks for the time | 07:20 |
histo | son_: did you install shorewall? | 07:21 |
son_ | not yet | 07:21 |
son_ | im planning to set this up first before I install that | 07:21 |
histo | Okay | 07:21 |
histo | You installed courier right? | 07:22 |
son_ | yeah | 07:22 |
histo | son_: On that machine can you telnet localhost 143 | 07:23 |
son_ | yeah I can | 07:23 |
histo | son_: And it answers with? | 07:24 |
son_ | Connected to localhost.localdomain. Escape character is '^]'. * OK [CAPABILITY IMAP4rev1 UIDPLUS CHILDREN NAMESPACE THREAD=ORDEREDSUBJECT THREAD=REFERENCES SORT QUOTA IDLE ACL ACL2=UNION STARTTLS] Courier-IMAP ready. Copyright 1998-2011 Double Precision, Inc. See COPYING for distribution information. | 07:24 |
histo | son_: okay now make sure your forwarded both tcp and udp port 143 on your router to internal ip of your server | 07:26 |
son_ | its already forwarded | 07:27 |
histo | son_: You said you have a dlink dir600? | 07:27 |
son_ | yes | 07:27 |
histo | son_: http://portforward.com/english/routers/port_forwarding/Dlink/DIR-600/Imap.htm | 07:28 |
histo | Do you have a DSL modem also? | 07:28 |
histo | or calbe or whatever | 07:28 |
histo | like Cable modem > dlink > server ???? | 07:28 |
histo | or just dlink > server??? | 07:28 |
son_ | dsl > router > server | 07:28 |
histo | son_: So a seperate dsl modem right? | 07:29 |
histo | on top of the dlink? | 07:29 |
son_ | yes | 07:29 |
son_ | running my server behind a router | 07:29 |
histo | Ahh you have a double nat issue | 07:29 |
histo | dsl modem is seeing the request for port 143 and doesn't know what to do with it. The request never even gets to your home router | 07:30 |
histo | So you have a couple of options to fix this. | 07:30 |
son_ | how? | 07:30 |
histo | You can configure your dsl modem to be a bridge device and let the dlink handle your dsl connection. Or you can edit the config of your dsl modem and put your routers IP int he DMZ | 07:32 |
histo | son_: in your routers config you can probably see what IP your dsl modem is giving your router. Then you should be able to connect to your dsl modems config page and change settings there. | 07:33 |
histo | brb | 07:34 |
son_ | im not sure I think Im not authorized to do configuration | 07:34 |
histo | son_: http://www.practicallynetworked.com/networking/fixing_double_nat.htm here is an explaination. YOu can configure your dsl modem. You had to to enter a username and password for your dsl connection. | 07:35 |
histo | Read up on that for an explanation you will understand what's going on. I have to go for a bit. | 07:35 |
son_ | ive already enabled dmz in my router | 07:37 |
histo | son_: You need to put your router in the dmz on the dsl mdoem | 07:50 |
son_ | i think bridge mode is disabled in my dsl | 07:51 |
son_ | when I login in the browser it only display the information about the dsl | 07:52 |
histo | son_: Yes if your dslmodem is in bridge mode you can't even login to it. You put your dsl login settings in your dlink. | 07:53 |
son_ | how? | 07:53 |
histo | son_: The easiest way is for you to login to your dsl modem and disable any firewalls and put your router's WAN IP in the DMZ | 07:53 |
histo | son_: if not what kind of dsl modem is it? | 07:54 |
son_ | P-660HN-T1A | 07:54 |
son_ | ive already enable dmz points to my server | 07:55 |
son_ | in my router | 07:55 |
histo | son_: let me see | 07:56 |
son_ | how? | 07:56 |
histo | nope still not working | 07:56 |
histo | I'm trying to telnet 112.202.181.190 143 and it's not responding | 07:56 |
histo | So the port isn't being forwarded still | 07:56 |
son_ | aww :( | 07:56 |
histo | On the dsl modem put the routers WAN IP in the DMZ and be done | 07:56 |
histo | the servers ip is probably on a different class and the dsl modem doesn't know what to do with the request | 07:57 |
son_ | how can I put WAN IP on the dsl modem | 07:58 |
son_ | the dsl modem gives me nothing | 07:58 |
son_ | only status and information | 07:58 |
son_ | I get it! | 08:00 |
histo | ? | 08:01 |
son_ | ive already log in into the admin account | 08:02 |
histo | The cable that runs from the dsl modem to the router is plugged into the WAN port on the router. The router gets an IP from the dsl modem. The router also has an IP and subnet that it hands to inside machines. The WAN port's IP needs to be placed in the DMZ on the DSL Modem. I don't know how else to explain this. | 08:02 |
histo | Once you accomplish this rejoice and be done with all your issues | 08:02 |
son_ | ive already open ports in dsl modem | 08:03 |
son_ | ive open port 143 | 08:03 |
=== smb` is now known as smb | ||
son_ | can you telnet my ip again? | 08:03 |
son_ | hey what encapsulation will I choose? | 08:07 |
son_ | in bridge mode | 08:07 |
histo | Trying right now. It's just sitting there now | 08:07 |
histo | It's not answering but it's not denying the request either | 08:07 |
histo | Not sure what you have setup now. | 08:08 |
histo | and your IP isn't responding to pings anymoe | 08:08 |
histo | son_: anymore | 08:08 |
son_ | still there? | 08:12 |
son_ | I lost my internet connection | 08:13 |
son_ | histo are you still there? can you telnet my ip again? | 08:14 |
son_ | histo | 08:19 |
histo | Yeah I'm back | 08:20 |
histo | son_: doesn't answer and doesn't deny it's just sitting there blinking termianl not sure what is going on | 08:20 |
son_ | after I enabled bridge mode I lost my connection probably because of NAT | 08:21 |
histo | son_: No you need to set your connection up in your dlink after you brdige mode the dsl modem | 08:24 |
son_ | where here? | 08:25 |
histo | I don't have a dlink so I don't know usually on the setup page the first screen you come to on the router. | 08:25 |
histo | Let me see if I can find some directions | 08:25 |
histo | You'll also need your dsl login name and password for this | 08:25 |
son_ | yeah sure | 08:25 |
histo | son_: Alright on the setup page | 08:26 |
histo | son_: There is a internet connection wizard should walk you through it after you put your dsl modem in bridge mode again. If not you can do manual setup. | 08:26 |
histo | son_: http://screenshots.portforward.com/routers/Dlink/DIR-600/Internet_Setup.htm This page | 08:27 |
son_ | do I enable access point mode? | 08:27 |
histo | son_: I would look for something that says pppoe | 08:28 |
son_ | o yeah i saw that | 08:29 |
histo | I can't find pictures of the internet connection wiziard settings | 08:29 |
son_ | dynamic or static ip? | 08:29 |
histo | son_: I don't know what you ISP gives you. | 08:30 |
histo | son_: most are dynamic | 08:30 |
son_ | static it is lol | 08:30 |
son_ | this is my public ip right? | 08:30 |
son_ | 112.202.181.190 | 08:31 |
son_ | this? | 08:31 |
histo | son_: Your ip should be assigned after you sign in | 08:31 |
histo | son_: You shouldn't ahve to put all this in. Are you doing the wizard or the manual? | 08:32 |
son_ | manual | 08:32 |
histo | son_: doe the wizard please | 08:32 |
histo | use the wizard | 08:32 |
son_ | ok | 08:32 |
histo | son_: are you still ont he same network? | 08:34 |
histo | son_: like with this chat? | 08:34 |
histo | If so your IP changed | 08:35 |
son_ | got dc again | 08:37 |
son_ | hey can we do this tomorrow? | 08:38 |
son_ | im at work and its almost time to go | 08:39 |
son_ | histo | 08:39 |
histo | yea im sure someone can help | 08:39 |
son_ | but I want you to teach me | 08:40 |
son_ | lol | 08:40 |
son_ | you have facebook account? | 08:40 |
histo | Nope | 08:42 |
histo | son_: YOu need to find out if you isp is giving a dynamic IP. you will have issues | 08:42 |
son_ | yeah I'll just contact them tomorrow | 08:43 |
son_ | will you still be here tomorrow? | 08:43 |
son_ | same time? | 08:43 |
son_ | lol | 08:43 |
son_ | please I really need this to be done, or else my boss will fire me :( | 08:44 |
histo | I will not be here. Others can help. You understand that you have a doublenat like described above on that page. Others can help you fix it. | 08:47 |
son_ | one last | 08:48 |
son_ | I get this error everytime I try to send to my server from google | 08:48 |
histo | What's that? | 08:49 |
son_ | http://paste.ubuntu.com/5569972/ | 08:49 |
son_ | here | 08:49 |
son_ | you have any idea? | 08:50 |
histo | son_: Yeah you need to open open serveral ports | 08:50 |
histo | son_: let me find you a howto that expalins everythign give me a sec | 08:51 |
son_ | yea sure | 08:51 |
histo | son_: Still looking for the guide I had it was great and would be perfect for you. I'll ahve to search through browser history bare with me | 08:53 |
son_ | ok | 08:54 |
son_ | still have 5 mins left lol | 08:54 |
son_ | thank you for your time mate | 08:54 |
son_ | you've helped me a lot | 08:54 |
histo | son_: http://workaround.org/ispmail/squeeze This explains everything. Atleast you will understand all the components | 08:54 |
histo | son_: everything will be clear after readin ghtat | 08:55 |
son_ | I already visited that site but didn't stay there | 08:55 |
son_ | hey can you telnet me again for one last time? | 08:57 |
joel___ | Good evening. MySQL isn't 'working' quite right with my new web server. However, it's installed and accessible via command-line. Any idea what it is I need to add to my php.ini file in order to load the php-mysql module? | 09:04 |
joel___ | NM - the 'module' wasn't installed. apt-get install php5-mysql | 09:05 |
joel___ | lolz. Ty anyway. | 09:06 |
=== aarcane_ is now known as aarcane | ||
jamespage | zul, your rtslib package FTBFS; I fixed it up and a load of other issues with the packaging and uploaded to raring. | 09:51 |
jamespage | zul, https://launchpad.net/ubuntu/raring/+source/rtslib/2.1.fb27-0ubuntu2 | 10:19 |
rbasak | jamespage: hey. Please could you review/sponsor bug 1132302? The version in my PPA is fine to upload as-is; just knock off the ~ppa2 suffix. https://launchpad.net/~racb/+archive/experimental/+files/drbd8_8.4.3-0ubuntu1%7Eppa2.dsc diff against 2:8.3.13-2 (debian/ dir only): http://paste.ubuntu.com/5570163/ | 10:57 |
uvirtbot | Launchpad bug 1132302 in drbd8 "drbd8-utils are not compatible with kernel 3.8" [High,Triaged] https://launchpad.net/bugs/1132302 | 10:57 |
jamespage | rbasak, sure | 10:57 |
jamespage | rbasak, +1 uploaded thanks for doing that work | 11:02 |
rbasak | jamespage: no problem. Thank you for sponsoring! | 11:03 |
jamespage | Daviey, wondered why mongodb took so long to build - it also builds all is dependencies and static links them | 11:38 |
jamespage | lol | 11:38 |
Daviey | fml | 11:38 |
* RoyK sticks to postgresql | 11:41 | |
Sander^work | Do anyone have some experience with canonical support? Wondring if I should go for service spesific support, like for eg. mysql.. Or for ubuntu support as it covers more services.. Do anyone in here have any support agreements? | 11:43 |
vezq | Sander^work: what kind of support you are looking for? | 11:50 |
Daviey | Sander^work: I think Canonical support is brilliant.. but some might argue i am biased. | 11:51 |
Sander^work | vezq, basicly mainly for mysql and apache.. We have virtualization platforms as vmware and xen. | 11:55 |
Sander^work | Daviey, Do you know if canonical have deep mysql experience? | 12:23 |
Daviey | Sander^work: depends what aspect of deep you mean.. :).. If it's optimisation of database schema for mysql, then no.. if it's.. "How do i do foo?" .. "Or foo doesn't seem to be working?".. then likely yes | 12:25 |
Sander^work | Daviey, Are they eg. able to assist in recovering from a system failure with corrupt mysql data? In the current case the fix was to set innodb_file_per_table=1 and export all tables invidually and reimport them. Is this a typical case they could have found out about? | 12:30 |
Daviey | Sander^work: I would hope so.. but probably best to speak to them :) | 12:35 |
ivoks | jamespage or adam_g anyone around? | 12:59 |
jamespage | ivoks, yes | 12:59 |
david_ | any one remember the command that repeatedly executes a command. So I can give it a command like ps ax and it reacts like top ? | 13:00 |
david_ | watch | 13:01 |
david_ | I found it | 13:01 |
nilli | I'm on an Ubuntu 8.04.4 LTS server and I've run into issues with ports. My PHP script needs to do a SoapClient() call for an address specifying port 2443, but my server doesn't seem to respond on that port. I used instructions on http://portquiz.positon.org:2443/ and got no response on this Ubuntu server, while doing the same thing on a different server did give me a response.. so how do I make my Ubuntu server allow this port? | 13:46 |
ikonia | nilli: what is listening on that port ? | 13:47 |
nilli | sudo netstat -anpc | grep 2443 | 13:47 |
nilli | tcp 0 1 myip:51624 theirip:2443 SYN_SENT 19378/apache2 | 13:48 |
ikonia | nilli: , I asked what was listening on that port | 13:48 |
nilli | how do I check that? | 13:48 |
ikonia | nilli: is the port 2443 on a server you manage ? or someone elses | 13:48 |
nilli | someone else's, but when I try to connect I only get "connection timed out", which is the same symptom I get when testing the wget command from portquiz | 13:49 |
ikonia | nilli: just do a basic telnet test | 13:49 |
ikonia | nilli: confirm the port is open and listening | 13:49 |
nilli | "telnet portquiz.positon.org 2443" gets stuck at "Trying..." | 13:50 |
ikonia | nilli: ok, so that sounds like the remote server is not responding | 13:51 |
nilli | but if I go to the address with :2443 in my browser, I have no issues | 13:51 |
nilli | https://payment.raddabarnen.se:2443 | 13:52 |
ikonia | nilli: I get a connection | 13:53 |
ikonia | nilli: if I telnet to payment.raddabarnen.se 2443 | 13:53 |
nilli | telnet: Unable to connect to remote host: Connection timed out | 13:53 |
nilli | so my server is the issue | 13:53 |
ikonia | nilli: are you running a firewall ? | 13:54 |
nilli | I have no idea | 13:54 |
nilli | I started working at this company just recently and I had to instruct my host how to give me root access because he didn't know how | 13:54 |
ikonia | nilli: ok, so it's doubtful it's a software firewall, but it's worth checking | 13:55 |
ikonia | nilli: more probable it's a network firewall | 13:55 |
ikonia | both could be right though | 13:55 |
nilli | I hope it's a setting on this machine, we'll have unusable websites in 2 weeks unless I can fix this :S | 13:55 |
ikonia | nilli: check ufw service, try turning it off if you can | 13:56 |
ikonia | nilli: that will remove the ubuntu default firewall | 13:56 |
nilli | ufw: command not found | 13:56 |
ikonia | (disable it) | 13:56 |
ikonia | it's a service, not a command | 13:56 |
nilli | in init_d then? | 13:57 |
jpds | It is a command. | 13:57 |
ikonia | jpds: can you just run ufw ? | 13:57 |
jpds | ikonia: Yes. | 13:57 |
ikonia | there you go then | 13:57 |
jpds | ikonia: How else would you configure it? | 13:57 |
ikonia | jpds: I meant to stop and start, I thought it was just a wrapper around iptables | 13:57 |
nilli | sudo ufw disable | 13:58 |
nilli | sudo: ufw: command not found | 13:58 |
ikonia | nilli: iptables -L will show if you have any rules | 13:59 |
nilli | one screen of lines, they all seem to go from "source anywhere" to "destination anywhere" | 13:59 |
ikonia | so looks pretty open | 13:59 |
nilli | with one line for source localhost and another for destination localhost | 14:00 |
nilli | ah, and they all say ACCEPT | 14:00 |
nilli | hm, I see that they specify things like :ftp and :ssh and :www | 14:01 |
nilli | if I add one for :apache2 do you think my issue could be solved? | 14:01 |
ikonia | no apache2 is wwww | 14:01 |
nilli | ah ok | 14:01 |
ikonia | nilli: do a sudo iptables -F and flush thenm | 14:01 |
ikonia | them | 14:01 |
ikonia | or jpds maybe able to do it better with ufw | 14:01 |
ikonia | I don't know the ufw syntax | 14:01 |
jpds | ikonia: sudo ufw status verbose | 14:02 |
ikonia | thanks jpds | 14:02 |
ikonia | there you go nilli | 14:02 |
ikonia | saves me reading the man page | 14:02 |
nilli | except I don't have ufw | 14:02 |
jpds | ikonia: Which you should do anyway. | 14:02 |
ikonia | jpds: if I needed it I'd be happy to | 14:02 |
ikonia | jpds: is ufw default in 8.04 ? | 14:03 |
jpds | ikonia: I think so. | 14:03 |
jdstrand | it is | 14:04 |
ikonia | nilli: actually.......can you show me the output of uname -a on your server | 14:04 |
ikonia | I wonder if this is one of those vps ones that have bits missing | 14:04 |
nilli | Linux nilli 2.6.32-042stab055.10 #1 SMP Thu May 10 15:38:32 MSD 2012 i686 GNU/Linux | 14:04 |
jpds | Nice. | 14:04 |
ikonia | there we go | 14:04 |
ikonia | it's one of those dodgy vp's | 14:05 |
ikonia | vps | 14:05 |
nilli | how do you see that? | 14:05 |
ikonia | the kernel | 14:05 |
nilli | the bits behind 2.6.32 ? | 14:05 |
ikonia | yes | 14:05 |
nilli | mkay | 14:05 |
jpds | nilli: An Ubuntu kernel would never require someone getting stab'ed. | 14:05 |
ikonia | let alone 55 times | 14:05 |
nilli | haha | 14:06 |
jpds | ikonia: 'tis but a flesh wound. | 14:06 |
ikonia | nilli: in seriousness you can either mess around with iptables, or contact your host and ask them if they are firewalling you locally or external to the guest | 14:06 |
ikonia | nilli: experience says the install will be an "odd one" | 14:06 |
nilli | it doesn't make sense that port 2443 would be blocked if my iptables say ACCEPT source anywhere destination anywhere | 14:07 |
ikonia | nilli: depending on your rules, it could be accept on established, or anything, | 14:07 |
ikonia | flushing the rules will be a good test | 14:07 |
ikonia | but you may also be firewalled at the host, not guest | 14:08 |
nilli | but flushing them sounds scary, what if some of it was added on purpose | 14:08 |
nilli | can I pastebin the file to you? | 14:08 |
ikonia | best to talk to your host | 14:08 |
nilli | the output* | 14:08 |
nilli | he doesn't know anything :S | 14:08 |
ikonia | best to pick a host that does | 14:08 |
nilli | hehe | 14:08 |
nilli | http://pastebin.com/GY8VRApy | 14:10 |
daniel_- | eebsd | 14:10 |
ikonia | that looks like it's dropping ports | 14:10 |
ikonia | nilli: I'd drop those rules and test | 14:11 |
nilli | so -F ? | 14:11 |
nilli | is there a way for me to backup this first? | 14:11 |
ikonia | iptables-save | 14:11 |
nilli | "Use I/O-redirection provided by your shell to write to a file." | 14:13 |
nilli | iptables-save > file.txt | 14:13 |
nilli | sounds good? | 14:13 |
ikonia | yes | 14:13 |
nilli | nice, ok, that looks good | 14:14 |
nilli | -F seems to take a while | 14:15 |
nilli | is it supposed to? it's not done yet | 14:17 |
nilli | $ sudo iptables -F | 14:17 |
ikonia | that should flush the rules | 14:19 |
nilli | I haven't had any output at all yet, so it seems it's still working | 14:20 |
nilli | oh damn.. I can't ssh into it anymore | 14:20 |
ikonia | it's possible this is set from the host | 14:21 |
nilli | oh god, the websites aren't responding | 14:21 |
nilli | >_< | 14:21 |
nilli | need to cal lmy boss | 14:21 |
nilli | did I mention I just started working here? | 14:21 |
ikonia | you need to call your host | 14:22 |
br0xen | blkperl: I got pulled away from my desk yesterday, thanks for the help re: postfix. | 14:34 |
nilli | hah, managed to find the host (tracing ip ftw) and he was kind enough to change the drop policies to accept | 14:40 |
nilli | but "iptables-restore < iptables.txt" doesn't work | 14:40 |
nilli | Error occurred at line: 2 | 14:40 |
nilli | line 2 is "*mangle" | 14:41 |
nilli | iptables-restore v1.3.8: iptables-restore: unable to initialize table 'mangle' | 14:41 |
nilli | and that seems to be a kernel issue | 14:45 |
=== tarzxvf is now known as ubuntu-phone | ||
=== ubuntu-phone is now known as failover | ||
nilli | no it wasn't, I just forgot sudo | 14:50 |
zul | jamespage: fixing quantum wheee | 14:51 |
jamespage | zul,well I'm fixing mongodb on ARM | 14:51 |
jamespage | fun and slow at the same time.... | 14:52 |
zul | jamespage: ouch good luck on that...whats wrong? | 14:52 |
jamespage | zul, 2.2.x introduced a whole load of new ASM code | 14:52 |
jamespage | which works on x86 - but not arm | 14:52 |
* zul runs away | 14:52 | |
jamespage | zul, stealing a patch from fedora | 14:52 |
zul | jamespage: well thats not too bad then | 14:53 |
=== wedgwood_away is now known as wedgwood | ||
zul | jamespage: hey can you upload rtslib to staging as well? (when you get a chance) | 15:04 |
jamespage | zul, please review - http://people.canonical.com/~jamespage/ca-updates/ | 15:08 |
zul | jamespage: +1 | 15:09 |
jamespage | zul, uploaded | 15:12 |
zul | jamespage: cool | 15:12 |
zul | jamespage/yolanda: https://code.launchpad.net/~zulcss/quantum/quantum-ftbfs-2/+merge/150824 | 15:20 |
Pupeno_w | Does anybody know how to change the file system type from ext3 to ext4 so running mount /dev/blah /mnt will mount it as ext4 instead of ext3? | 15:35 |
crass | I've gotten myself into a strange situation. Somehow the ondisk partitions are out of sync with what the kernel thinks they are | 15:43 |
crass | specifically, a partition has been deleted, but the kernel still sees it and the filesystem on it is mounted. Is there a way to get the starting sector of the partition from the kernel? | 15:44 |
crass | just found it in /sys/block/sdX/sdXY/start | 15:47 |
ardian | Hi I just installed apache on amazon ec2 which I also just created but when I try to access the public dns nothing comes up do I have to wait for the dns to be updated or anything like that or is there a firewall problem that I have to work on ? | 15:49 |
JanC | what do you mean with "access the public dns"? using a host name to browse to your virtual server? | 15:54 |
ardian | JanC: giving my address to the web browser | 16:04 |
ardian | it doesn't give anything back | 16:05 |
JanC | what do you mean by "address"? IP address or the domain name? | 16:05 |
ardian | JanC: yes | 16:07 |
JanC | ... | 16:07 |
JanC | ardian: which of the two? | 16:08 |
ardian | JanC: domain is pointed to the ip so its the same | 16:08 |
ardian | JanC: when I visit the site it is like the server down, even that though I am connecting to it via ssh | 16:09 |
JanC | you ssh to the domain name? | 16:10 |
ardian | yes | 16:10 |
ardian | ec2-54-235-8-102.compute-1.amazonaws.com | 16:10 |
ardian | JanC: to this one, do I have to enable the ports on the Control Panel of it | 16:11 |
JanC | I've never used EC2, but if there is a control panel where you have to open ports, then I assume there is a firewall ☺ | 16:12 |
JanC | I can't even ping to ec2-54-235-8-102.compute-1.amazonaws.com, so it seems like they firewall even useful things... | 16:15 |
ardian | I see | 16:16 |
Haris | Hello all | 16:32 |
Haris | I have to setup ubuntu (via cobbler) on a centos based pxe for network installs of 12.04lts. I have a cobbler distro/profile set. I have the netboot iso/image for 12.04lts. How do I setup cobbler/pxe for installs ? So far, from the setup that I'v done thus far, whenever the install starts, it asks me for the missing cd-rom | 16:34 |
zul | hallyn: i have libvirt-1.0.3-rc2 packaged | 16:50 |
hallyn | zul: how's it testing? | 16:51 |
zul | hallyn: just building it now | 16:51 |
hallyn | cool | 16:51 |
Haris | when I run cobbler import from the mini iso for 12.04lts, does it import the initrd.gz and kernel that work up network installs or does it import the images which look for a local cd/dvd-rom ? | 17:07 |
Haris | I'v tried from the main CD image for precise. Its not doing the network part | 17:08 |
garbagegod | I have a linode in which apache2 is failing silently | 17:22 |
garbagegod | Is there a verbose option to /etc/init.d/apache2 or anything? | 17:22 |
Pici | garbagegod: failing as in it wont start? | 17:24 |
garbagegod | correct, but no errors | 17:24 |
garbagegod | same with apache2 -k | 17:25 |
tyson_ | trevorj: HI there | 17:26 |
garbagegod | anyone | 17:29 |
Haris | does the http://releases.ubuntu.com/precise/ubuntu-12.04.2-server-amd64.iso image contain the files from netboot ? | 17:30 |
tyson_ | trevorj: it seems that the experiments of last night didn't go down that well. The errors start on the booting fd0 error then /dev/mapping/swap-1 unable to find drive to mount and then waiting for network configuration and waiting another 60 sec. | 17:31 |
tyson_ | Hi, I am having trouble with the swap drive when booting, can anyone help? | 17:56 |
Haris | got it working | 18:12 |
zul | hallyn: https://launchpad.net/~zulcss/+archive/libvirt-testing | 18:15 |
hallyn | zul: ack | 18:17 |
hallyn | (i'm trying to build a cross-gdb armhf->amd64... crosstools from linaro not treating me right) | 18:18 |
hallyn | maybe i should ping plars | 18:18 |
hallyn | stgraber: any preference for the name for ppa i create for userns kernel for ubuntu-lxc? | 18:19 |
hallyn | should we just name it generically ppa:ubuntu-lxc/kernel, and re-use for any future lxc kernel extensions? | 18:20 |
stgraber | hallyn: I think kernel makes sense | 18:20 |
hallyn | k | 18:22 |
=== ogra_ is now known as ogra | ||
_KaszpiR_ | yawn | 18:52 |
_KaszpiR_ | ubuntu server, any vnc advised? | 18:52 |
dedalus | are the raring server daily iso builds functional? | 19:00 |
dedalus | they're really tiny, and when i tried to boot a VM off one it said no kernel modules found | 19:00 |
three18ti | hey guys. I need to find an image on the file system but I don't know the name of it. I have a copy that I can match against. | 19:14 |
three18ti | I thought about taking the md5 sum but that seems like there would be a lot of overhead on a production server... | 19:15 |
three18ti | I see imagemagick has "identify" but I'm not sure how to leverage that to find the image. | 19:15 |
sarnold | three18ti: if you limit it to just files with the same size.. | 19:15 |
three18ti | ok, that might help. | 19:15 |
three18ti | that way I'm only md5ing a few files. | 19:15 |
sarnold | three18ti: yeah; something like: find /path -size 2220c (for chars! go figure) | 19:16 |
three18ti | or maybe find /path -size 9.93KB | 19:17 |
three18ti | or I guess just K | 19:17 |
sarnold | three18ti: I'd be leery of trusting that. Call me crazy but I know where I stand with exact numbers of bytes. :) | 19:18 |
three18ti | ok, that makes sense. | 19:18 |
three18ti | also seems that find doesn't like the decimal. | 19:19 |
three18ti | thanks sarnold. | 19:21 |
adam_g | jamespage, just updated that glance charm MP with an alternative fix | 19:35 |
streulma | hello, what's more stable, use Ubuntu Server of Debian as server ? | 19:54 |
ScottK | It depends | 19:56 |
ogra | ... on how you bolt it to the ground ... | 19:57 |
ScottK | And if the stuff in Debian stable is new enough to have the features you need. | 19:58 |
streulma | hmm, yes, but htop, I can't do htop -C | 20:00 |
ogra | well, so you already have your answer :) | 20:01 |
=== matsubara is now known as matsubara-afk | ||
thegoat | ok, so i have sendmail up and running, and it says mail was delivered to my mailbox successfully, but i fire up alpine, or even just mail and they say i have no mail | 20:47 |
thegoat | any idea where it's keeping it? | 20:48 |
=== xcrracer_ is now known as xcrracer | ||
sarnold | thegoat: first place to look is /var/spool/mail/username | 21:29 |
thegoat | found it....there was an id10t error on my part | 21:30 |
=== xcrracer_ is now known as xcrracer | ||
sarnold | thegoat: hehe, nice :D | 21:34 |
=== xcrracer_ is now known as xcrracer | ||
sh_t | hi everyone. im trying to get ufw working with nat masquerading but i'm getting an error "ERROR: problem running ufw-init" after following the simple instructions here https://help.ubuntu.com/12.04/serverguide/firewall.html about adding a few entries to before.rules. can anyone suggest how to go about fixing this? | 22:35 |
sh_t | if I remove the entries for the nat masquerading the error is gone | 22:36 |
jdstrand | sh_t: can you paste your before.rules files at paste.ubuntu.com (or similar)? | 22:36 |
sh_t | it's a stock config with those exact lines from the docs there. | 22:37 |
TheLordOfTime | paste them anyways? | 22:38 |
TheLordOfTime | s/paste/pastebin/ | 22:38 |
jdstrand | sh_t: if you could past them, it would help | 22:38 |
jdstrand | s/past/paste/ | 22:38 |
sh_t | http://paste.ubuntu.com/5571958/ | 22:38 |
jdstrand | sh_t: you forgot to add COMMIT after the POSTROUTING rule | 22:38 |
sh_t | ah. the instructions didnt seem clear about that. i thought it was just saying "dont delete it from the end of the file" | 22:39 |
jdstrand | sh_t: you need a COMMIT for each table. in your case, *nat and *filter | 22:39 |
sh_t | right, i understand | 22:39 |
sh_t | thanks :] | 22:39 |
* jdstrand nods | 22:39 | |
sh_t | interesting though thats it not underneath the *filter | 22:40 |
sh_t | although i guess thats at the end of the file, nvm | 22:40 |
tedski | sh_t: quick question... is this host on a static or dynamic ip? | 22:40 |
sh_t | tedski: issue is resolved | 22:40 |
tedski | i know | 22:40 |
tedski | but, i was just curious | 22:41 |
sh_t | it's on a static ip | 22:41 |
tedski | was going to offer some input unrelated to your issue | 22:41 |
sh_t | just rigging up an openvpn gateway | 22:41 |
tedski | i prefer to use SNAT over MASQUERADING for static IP hosts | 22:41 |
tedski | -A POSTROUTING -s 172.16.253.0/24 -o eth0 -j SNAT --to-source xx.xx.xx.xx | 22:42 |
tedski | where xx.xx.xx.xx is your static ip | 22:42 |
tedski | that's just a best-practices type thing... not related to any issue | 22:43 |
sh_t | ok, thanks | 22:44 |
tedski | np | 22:45 |
sliddjur | i updated /etc/pam.d/common-password:password requisite pam_cracklib.so retry=3 minlen=8 difok=3 dcredit=1 ucredit=1 lcredit=1 ocredit=1 | 22:50 |
sliddjur | why doesnt new password rules work? | 22:50 |
sliddjur | do i need to restart some service? | 22:50 |
sarnold | sliddjur: I believe pam changes take effect immediately | 22:53 |
sliddjur | sarnold: and cracklib-check are supposed to look for the values set in common-password? | 22:59 |
sarnold | sliddjur: I don't know about cracklick-check -- does it have an /etc/pam.d/cracklib-check or similar entry? | 23:00 |
sarnold | sliddjur: .. or is just an application? | 23:00 |
sliddjur | sarnold: an application | 23:01 |
sliddjur | anyways, when setting new password for my user it doesnt seem to use my values set (minlen=8) | 23:01 |
sarnold | sliddjur: hrm, the pam_cracklib(8) manpage has 'required' instead of 'requisite' | 23:08 |
sliddjur | sarnold: doesnt seem to change behaviour | 23:11 |
sarnold | sliddjur: harumph :) sorry, no more ideas... | 23:12 |
sliddjur | sarnold: ok. thanks anyways. got to sleep :) | 23:12 |
sarnold | sliddjur: woo :) | 23:12 |
tyson_ | Hi, in which machine do I have to set the ssh key??? main machine or the one i am accessing remotly? | 23:25 |
sarnold | tyson_: private portion on the local machine, public portion into the ~/.ssh/authorized_keys of the remote machine | 23:26 |
tyson_ | sarnold: thank you | 23:26 |
bastidrazor | if i were to want nm-applet to manage my etho, would i remove 'auto etho' from /etc/interfaces? | 23:32 |
roaksoax | zul: how do you fix stuff like this? :) https://bugs.launchpad.net/ubuntu/+source/maas/+bug/1134036 | 23:54 |
uvirtbot | Launchpad bug 1134036 in maas "Package install hangs if LC_ALL is not set" [Undecided,New] | 23:54 |
bigjools | why would LC_ALL not be set anyway? | 23:55 |
roaksoax | bigjools: yeah that's why I was asking him since I never came across such thing | 23:56 |
bigjools | it seems to happen on a few of my server installations | 23:56 |
roaksoax | i do remember smoser dealing with similar bugs | 23:56 |
roaksoax | smoser: around? | 23:56 |
bigjools | oh and to fix this particular instance, LC_ALL=C didn't help, I had to set it to C.UTF-8 | 23:56 |
bigjools | wtf! | 23:56 |
Generated by irclog2html.py 2.7 by Marius Gedminas - find it at mg.pov.lt!