/srv/irclogs.ubuntu.com/2013/05/02/#ubuntu-server.txt

skraitowe release this keylogger to the wild hope it help system admin00:00
skraitonever use it for your desktop it crash the gui00:00
skraitoonly for server00:00
skraitothx sarnold00:00
skraitobtw sarnold couple of month back i saw in ubuntu website the license is 300 buck00:01
sarnoldskraito: probably the most useful thing for a hardening script would be /etc/adduser.conf setting DIR_MODE. Old-time Unix admins often wish the mode were 0750 or 0700.00:01
skraitobut i cant find it anymore00:01
=== markthomas1 is now known as markthomas
skraitoanyway thank you just check back 0x71.org for couple of weeks i start coding it next two week00:01
skraitosee ya guys have a great day00:02
markthomasAh, okay.  So, Aison, now to your question:00:04
markthomassarnold: are the init-bottom scripts stored in /etc/initramfs-tools?00:06
sarnoldmarkthomas: I see a pile of /usr/share/initramfs-tools/   http://paste.ubuntu.com/5624452/00:07
sarnoldmarkthomas: (that's an apt-file search command)00:07
markthomassarnold: let me rephrase:  my system has nothing in there at present, so I wasn't sure if they're kept there or if those dirs are for temporary storage only.00:08
sarnoldmarkthomas: ah, good question, don't know that either :( my /etc/.../init-bottom/ is also empty00:09
markthomasAison: Can you check your filesystem for init-bottom directories in /etc, or apparently in /usr/share, and see if you have any scripts laying around?  That's on the system we're troubleshooting.00:09
sarnoldmarkthomas: I'd bet those are for local customizing, and the ones in /usr/share/... are also copied into the initramfs, just not expected to be modified for any reason00:10
Aisonmarkthomas, ok00:11
markthomassarnold: that's reasonable.  If Aison 's boot was hanging there, I was going to see if any packages had placed anything there that might be having trouble.  If we can find it and disable it, we can regenerate initramfs and boot, then fix the problem.00:11
sarnoldmarkthomas: sounds like a good plan00:12
markthomasOnly thing I have under /usr/share/initramfs-tools/scripts/init-bottom is related to udev.  And the splash screen (plymouth)00:12
sarnoldmarkthomas: mine has udev and plymouth. as i understand plymouth, there's no _need_ for it. udev feels less likely to fail and more important...00:13
markthomasYeah.  I'm not sure how we'll troubleshoot udev with no visibility into the failure.00:13
=== wedgwood is now known as wedgwood_away
markthomasAison: I'm going to branch off in pursuit of an undomesticated water foul: are you comfortable doing a pastebin of your /etc/fstab?00:15
Aisonmarkthomas, the initbottom in etc is empty00:15
markthomasAnd don't worry if the joke doesn't translate.  Neither does "wild goose chase".00:15
Aisonthe one in usr have got plymouth and udev files00:15
markthomasAison:  okay.  fstab?00:15
Aisonmarkthomas, http://nopaste.info/667ecbce2c.html00:19
markthomasWere those nfs mounts commented out before?00:21
Aisonmarkthomas, yes00:21
Aisonthat's the first i tried00:22
Aisonsomehow update-initramfs hangs00:24
markthomasWait…update-initramfs hangs?00:24
Aisonyes00:24
Aisonjust noticed that00:24
markthomasAre you running that chroot, or in your live environment?00:25
AisonI chroot00:25
markthomasOkay.  And you tried -vvv or some such?00:26
Aisonjust running with -vvv00:28
Aisonwell, it hangs at Building cpio /boot/initrd.img-3.8.0-19-generic.new initramfs00:28
markthomasOkay.00:28
markthomas...00:29
Aisonwhat do I have to mount also before changeroot?00:30
Aisondev, proc, sys?00:30
sarnold/boot if that is a separate device00:31
Aisonit's not00:31
markthomasI would mount those after chroot.   /boot, too00:31
markthomasThat being said, I'm a bit stumped.00:31
Aisonwell, update-initramfs: Generating /boot/initrd.img-3.8.0-19-generic00:34
Aisonis not working00:34
Aisonthe file /boot/initrd.img-3.8.0-19-generic.new is created00:34
Aisonbut it remains 0 in size00:34
markthomasAison: thinking...00:35
qman__Aison, I didn't see what your parent command is, but if you chroot into an install and want to run update-grub, you have to enxure that you first mounted /proc, /sys, and /dev, and rm /etc/mtab00:37
qman__ensure*00:37
sarnoldmarkthomas: a few ideas, full filesystem, can't read source files, incorrect calling of cpio _may_ expect input data via stdin?, ...00:37
markthomassarnold: I think the last one is negative.  As for the others...00:38
markthomassarnold: what's the easiest way to revert to an earlier kernel nowadays?00:38
sarnoldmarkthomas: yeah, it seemed a longshot. but I've waited a long time for a 'grep' command waiting on stdin before... :)00:38
markthomasOnce upon a time, all the old kernels hung around indefinitely.00:38
markthomasGood point.  Aison, can you rule out the full filesystem?00:38
sarnoldmarkthomas: distro upgrade is an odd situation for that, of course. /lib/cache/apt/..something normally has old packages around that you can dpkg -i00:39
qman__/var/cache/apt/archives00:39
sarnoldsigh00:39
sarnoldthanks qman__ :)00:39
qman__but yeah, lots of things won't work in a chroot if you don't do those things I mentioned00:40
Aisonmarkthomas, what do you mean? the fs looks fine here00:41
markthomasAison: df -h shows <100%?00:42
Aison13% :)00:42
markthomasAison: while we're grasping at straws, can you unmount the filesystem and fsck it?  It's one thing that the system won't boot, but for it to fail when building the initramfs...00:44
Aisonalready done00:44
markthomasLike sarnold said, we have to look for why cpio might fail.00:44
markthomasAison: nice.  And darn.00:45
markthomasthinking...00:46
AisonI also reinstalled cpio00:46
sarnoldmarkthomas: I wonder what tools you've got to watch cpio try to work; fatrace might be nice if available, but I don't think it is on any disks.. vmstat 1 would show at least disk traffic.. strace shows everything, but might not be the easiest00:46
markthomassarnold: ugh00:47
markthomasThat's all.  Just...ugh00:47
sarnoldmarkthomas: yes. ugh. :)00:48
Aisonlet me try strace00:48
Aisonargh, im tired01:00
Aisontrying it tomorrow :P01:00
sarnoldgood luck Aison01:00
Aisonwell, there is a solution somehow :P01:00
markthomasAison:  Good luck.  My nick is registered, so send me a msg if I'm not around and let me know what happens.01:00
Aisonsure01:01
phunyguyHello, I hope I have a simple question here.  I run an ubuntu router with a few different subnets on a small home network.  Is it possible to do things like forward all multicast traffic out all LAN ports? I had to split up my network for stability reasons, but I still enjoy things like autodiscovery services (bonjour, etc) which afaik work over multicast.  Is something like this possible?01:07
sarnoldphunyguy: the warning at the top isn't encouraging, but perhaps .. http://lartc.org/howto/lartc.multicast.html01:11
phunyguysarnold: I did read something else about pimd, but the forum post was 9 years old so I wasn't too optimistic about that one.01:15
=== Ursinha is now known as Ursinha-afk
phunyguyanother unrelated question, I keep seeing these in syslog: "kernel: [   87.187907] br0: received packet on eth1 with own address as source address"01:43
phunyguyeth1 is a member of br001:43
phunyguyshould I be worried?01:44
lifelessonly if you don't expect that to be happening01:44
qman__it generally means something is set up wrong, but not necessarily01:57
phunyguyqman__: yeah I get that, and everything seems to work, I just don't like the message.02:08
phunyguyand I don't like it because I don't /really/ know what it means.02:08
qman__it means that packets are coming in on eth1 "from" eth1's IP address02:10
qman__which, depending on how things are wired, means that either you're reflecting your own outbound traffic back at yourself02:11
qman__or that you have an IP conflict02:11
qman__or that you're being spoofed02:11
phunyguyI was guessing mac, not IP.02:14
phunyguyand I found a common theme with google searching.... a wifi AP on that subnet.02:14
phunyguyI have a Linksys E1200 on that subnet with dd-wrt on it, with routing disabled, in a pure AP setup02:15
qman__generally if you have a MAC conflict the switch stops working correctly02:15
qman__and one end or the other can't get on the network at all02:15
phunyguyI am going to try something02:15
phunyguyalso, not sure how I would be spoofed on eth1.. only a few things on my LAN currently, and it's not coming from WAN side.  xD02:38
=== hggdh_ is now known as hggdh
agu10^hey. i want to upload files to my ubuntu server from windows03:55
agu10^fast and easy. what do you suggest?03:55
dpb1agu10^: sftp is the easiest for me.04:04
agu10^do you access root in your server?04:04
agu10^i would like to edit the filesystem and text config files from windows too04:05
agu10^like it was a network drive04:05
dpb1agu10^: I would usually enable root login for something like that.  But some security experts would frown on it, I'm sure.  all the more reason to use sftp. :)04:06
agu10^root login?04:07
agu10^how can i see the whole filesystem from windows?04:07
dpb1agu10^: 1) download filezilla 2) login with sftp (uses same transport as ssh).  If you want remote FS access as the super user?  See https://help.ubuntu.com/community/RootSudo, enable root logins, enable root ssh access, and use filezilla with the root user same as before04:17
CyrusI think we would do more than frown at that. There's a special place in hell for people that do what you're suggesting.04:18
Cyrus;)04:18
dpb1agu10^: there are a lot of methods to do this is a more managed/secure way, but that is the shortest path to get root access to your whole filesystem remotely.  Just know that it is a security vulnerabilty. (your root password)04:18
CyrusI say that with love in my heart.04:18
dpb1<304:20
agu10^i see04:21
agu10^thanks04:21
agu10^do i have to set up anything server-side to access my sftp from filezilla?04:21
dpb1agu10^: try it with your regular user.  It should just work.  sftp is just a "fancy" ssh connection.04:22
agu10^oh cool04:22
agu10^there is a problem. in filezilla i can't edit files without downloading and re-uploading04:23
agu10^i want to easily open files as if they were on a network drive04:23
Cyrusagu10^, what you're really asking for is 1.) Not a good idea.04:24
Cyrus2.) A lot harder than you seem experienced to handle. (No offense.)04:24
agu10^why would it be hard?04:24
agu10^of course it's probably slow04:24
agu10^but it's only hard if there aren't good tools for it04:24
CyrusBecause what you really want is a system-wide samba server setup.04:25
CyrusAnd there lie dragons.04:25
agu10^i don't think i want any of that :P04:25
agu10^just do this over ssh and it'll be fine04:25
agu10^just i don't want to DOWNLOAD, edit and then UPLOAD04:26
CyrusWell, I know of solutions to psuedo-mount ssh as a local hard drive through fuse.04:26
agu10^i want to drag & drop files, and double click to open, edit, then save04:26
Cyrussshfs and all that.04:26
CyrusBut for Windows? I have no idea. I doubt something like that exists.04:26
agu10^okay04:26
agu10^i give up04:26
dpb1yes, there are explorer extensions for that.04:26
agu10^for ssh?04:27
agu10^I cannot login using filezilla04:28
CyrusAre you trying to log in as root?04:28
agu10^i thought i didn't have to setup anything server-side04:28
dpb1agu10^: you would need to get that working first.04:28
agu10^no. as my user which i use through ssh04:28
CyrusAh, then it should work.04:28
agu10^... it doesn't :(04:29
CyrusUser error. :P04:29
CyrusAre you sure filezilla is set to SFTP?04:29
Cyrus(Not FTP with SSL)04:29
agu10^i don't know. i just used quickconnect04:30
CyrusWell you need to check, these things matter.04:30
CyrusFilezilla is a multi-protocol client.04:30
dpb1agu10^: FYI, once you have mastered that, here is a more explorer-ish way to do things: http://www.swish-sftp.org/  -- but get filezilla working first. It's a good tool to master.04:31
agu10^Error:Disconnected: No supported authentication methods available (server sent: publickey)04:33
agu10^Error:Could not connect to server04:33
agu10^how can i login using only my password instead of a key?04:33
dpb1agu10^: how do you normally connect to this server?04:34
agu10^using a public key, with putty04:34
CyrusI see.04:34
agu10^but i just want to use my password instead04:34
CyrusThen you have to change your authentication settings in your sshd on the server.04:35
CyrusOr04:35
CyrusAlternatively..04:35
CyrusUse WinSCP instead of Filezilla.04:35
CyrusWinSCP can interface with putty's public key thing. It's been so long since I used Windows, so I don't remember the specifics.04:35
agu10^just how do i change auth on my server?04:35
agu10^i don't like putty04:35
CyrusYou have to start editing /etc/ssh/sshd_config04:35
agu10^and i don't care about safety04:36
* Cyrus backs away slowly and disappears into the night.04:36
dpb1agu10^: search that file for "Password"04:36
agu10^how do i search in vim?04:37
dpb1agu10^: /04:38
dpb1 /Password<enter>04:38
agu10^PasswordAuthentication no04:38
agu10^ ?04:38
dpb1yup, change to yes.  sudo service ssh restart04:38
agu10^okay great04:39
agu10^Command:open "ubuntu@potentialstudio.com" 2204:39
agu10^Command:Pass: ***********04:39
agu10^Error:Authentication failed.04:39
agu10^Error:Critical error04:39
agu10^Error:Could not connect to server04:39
dpb1agu10^: did you restart the ssh service?04:40
agu10^yes04:40
dpb1are you sure the user and password are correct? :)04:41
agu10^hmm not sure04:41
agu10^maybe there was no password actually04:41
agu10^should i make a new user?04:41
dpb1you can change the password when logged in as the ubuntu user04:42
agu10^how04:43
dpb1agu10^: sudo passwd ubuntu    <- that will change the password for the user ubuntu without prompting for the current one04:43
agu10^i don't know the current password04:43
agu10^i better create a new user i think04:43
dpb1sure, go for it.  no harm either way04:44
dpb1the new user will not have sudo access by default, but that is ok.04:44
agu10^useradd: user 'admin' already exists04:44
agu10^ubuntu@domU-12-31-39-10-4A-43:~$ users04:44
agu10^ubuntu04:44
agu10^i want to add the 'admin' user and give it root access. but idk why it exists and is not in the list of users04:44
dpb1agu10^: you used sudo?04:46
agu10^yes04:46
agu10^users only lists 'ubuntu'04:47
agu10^though useradd throws an error... wtf04:47
dpb1agu10^: try a different name, just to test04:47
agu10^useradd: cannot lock /etc/passwd; try again later.04:47
agu10^okay, sudo did it04:48
agu10^for the user 'pepe'04:48
agu10^it's still not listed with the 'users' command :(04:48
dpb1k.  even for him, you will need to change the password04:48
agu10^what? the user is not even listed04:49
dpb1agu10^: I *think* users just gives back logged in users (going off memory)04:49
agu10^ok04:49
Cyrus       users - print the user names of users currently logged in to the current host04:49
agu10^how do i list all users?04:49
dpb1agu10^: cat /etc/passwd is the first step.04:50
agu10^that is long04:50
dpb1good. :)04:50
dpb1cat /etc/passwd |grep pepe04:50
agu10^that's what she said04:50
agu10^okay i deleted pepe. how do i add root access to admin and change its password?04:51
dpb1agu10^: sudo passwd <user> will allow you to change passwords.04:52
agu10^great. :D04:53
agu10^should i give it root rights?04:53
dpb1agu10^: just to test your sftp, you shouldn't need to.04:54
agu10^wow it lists folders04:55
dpb1yes, you should be able to view most everything as a regular user in ubuntu.  changing things is typically restricted to just your home folder though.04:55
agu10^dpb1, cool. what if i want to access root files but with a password?04:56
dpb1agu10^: that is where you look at that SudoRoot link I gave you.  Basically do a similar process, but with the root user.  Read that page, it's a good one.  Toward the end is where it talks about how to enable the root user, and why you don't want to do that normally.04:58
agu10^okay, great.04:58
agu10^there is no way to get admin to be that root user?04:59
dpb1agu10^: yes, there are always options (which is why ubuntu is so great), let me give you a link.04:59
agu10^no, it's fine05:00
agu10^i rather login with the root user when i want to do that05:00
agu10^and keep the rest just in the admin folder05:00
dpb1agu10^: that is really the safest way to do things.05:01
agu10^i have a problem05:01
agu10^the uploaded files aren't accessible by apache :S05:02
agu10^i mean, index.html is, but the folders (js/css, etc) are not.05:02
agu10^so it looks like this: http://alvid.com.ar/05:02
agu10^without styles or images :(05:03
dpb1agu10^: do ls -l <directory>, and use paste.ubuntu.com to paste back the results.05:03
agu10^http://paste.ubuntu.com/5624901/05:04
dpb1agu10^: so, best practice for files in that directory.  whenever you upload you want05:05
sarnoldagu10^: yikes!05:06
sarnoldagu10^: your index.html can be written to by anyone on the server05:06
sarnoldagu10^: and your directories can only be read by 'admin' and by 'root'. apache runs as neither admin nor root. it cannot read your other files.05:06
dpb1what sarnold said. :)05:07
agu10^sarnold, great. how do i fix this? should i make index.html be admin's and apache able to read all?05:07
sarnoldagu10^: first, chmod 644 index.html.05:07
sarnolddon't let that live for any longer.05:07
agu10^ok05:08
agu10^should i do that with all folders in the website?05:08
agu10^i had to make it publically accessible because05:08
agu10^i modify index.html with a php script05:08
agu10^sarnold, how do i make my website work and only be modified by admin and php scripts?05:10
sarnoldagu10^:05:10
sarnoldsigh, lost internet for a while05:11
sarnoldagu10^: are you -sure- you want your website to be modifyable by running php scripts? I've seen far too many people hacked and their website content modified to send viruses or worms to the website users..05:12
agu10^i made a php script that will modify my website05:12
agu10^so i can do it on a web panel interface05:12
agu10^so... i guess :P05:12
agu10^can i do it so only THAT php script can do it?05:13
agu10^and only some files05:13
agu10^hmm nevermind, i think i only have to let apache read my admin-created files05:14
agu10^and i leave the others public for my php script to modify freely05:14
agu10^sarnold, how do i let apache read my files?05:15
dpb1agu10^: so, your directories need "sudo chmod go+rx <dir>" run on them for starters05:15
agu10^what is that?05:15
sarnoldagu10^: you've definitely got an odd situation there :) but something like chown -R admin *  followed by chmod 755 on all the directories and chmod 644 on all the files05:16
agu10^:S when i upload files they are owned by admin admin. how do i make those accessible by apache so they can be shown online?05:16
agu10^i don't think i need anything else than that for now05:16
dpb1give them the right permissions and it should stick when you upload replacements.  just try it.05:18
agu10^i don't want to upload replacements05:18
agu10^i may upload new files aswell05:18
agu10^i need to let apache read ALL new files i upload from filezilla05:18
dpb1there are three sets of permissions, user, group and other.  If you upload new files, you will need to make sure permissions are correct.  FYI, filezilla will let you set permissions. :)05:21
agu10^ok, which permissions should i set though?05:21
agu10^i'll set them on filezilla, but what exactly?05:21
agu10^it says the folder is 777!05:22
agu10^oh but the children were not05:22
dpb1user = rw, group = r, other = r is a good default.05:22
dpb1for a directory, the execute bit should be set, or the directory will not be browsable.05:22
dpb1This is a good page, FYI: https://help.ubuntu.com/community/FilePermissions05:24
agu10^dpb1, i just want apache to show the website05:24
agu10^dpb1, is apache "other" ?05:24
sarnolddo not set your permissions to 66605:25
sarnoldor 77705:25
dpb1agu10^: because your files are owned by admin and in the admin group, other is how apache will be reading them, yes.05:25
sarnold(stupid off-by-one fingers :)05:25
agu10^ok, should i set other = r and x on folders?05:25
agu10^or just r on folders?05:25
sarnoldrx05:25
agu10^771 or 77x ?05:26
sarnolddirectories are strange; 'r' lets you see contents, 'x' lets you 'traverse' the directory to see lower directories or open files05:26
agu10^ok05:26
sarnold755 or 775, depending upon the situation, would be better, yes05:26
agu10^what does x do on files?05:26
dpb1agu10^: also, a more typical setup is to have the group 'www-data' on all your web files.  just fyi.05:27
agu10^what's the difference between 775 and 77x ?05:27
sarnoldagu10^: the 'x' on files allows you to execute files05:27
agu10^i see05:27
sarnoldagu10^: well, 77x doesn't actually exist :)05:27
agu10^oh it says that on filezilla05:27
sarnoldo_O05:27
sarnoldrather than 771?05:27
agu10^yes05:28
* sarnold kicks silly filezilla05:28
dpb1hehe05:28
agu10^774, if i check execute it's 775. if i check again it gets a different symbol and says 77x05:28
sarnoldbaffling :)05:29
dpb1ya, that has to be a bug.05:29
agu10^okay i set it to 775 then05:29
agu10^This works great! Thanks :D05:34
agu10^i'm now trying to set up a simple mail server. I need to get info@domains.com email addresses. for many different domains. What is easy to set up for this? I installed citadel but it doesn't seem to be easy to handle this.05:35
sarnoldagu10^: most people would use postfix or exim as first choices..05:37
agu10^okay05:37
agu10^how do i uninstall citadel though?05:38
agu10^i hate when i install lots of packages that never work... :(*05:38
sarnoldagu10^: it'd be something along the lines of apt-get purge citadel*05:43
agu10^sarnold, thanks05:45
sarnoldagu10^: check out the serverguide listed in the /topic, it has good details on setting up mail servers05:46
sarnoldbed time :)05:46
agu10^byee05:46
agu10^I would like to install postfix to make info@mydomains.com emails and access them on gmail through imap or pop/smtp. do you think it can be easy to set up many many many user@randomdomain.com email accounts?05:48
ke7vyvWhat would cause my NIC to connect at a slower speed then what the specs say?07:48
ke7vyvAll other devices connect fine but one.07:50
vedicHey guys, need advice. I am running 8 core xeon server with 8 GB RAM. I want to create 3 VMs on this to host different services. What software is good for that? I am familiar with VirtualBox and it has been working good for me on my desktop. I know how to setup VirtualBox from command line on a remote server. I would like to know from you if VirtualBox is suitable for medium load servers running 24x7 ? WHat is the best when it comes to create VPS on a physic08:01
rbasaklibvirt+KVM works well for me.08:03
ke7vyvCould my OS be keeping my system from connecting to my lan at 1Gbps? The specs say 1 Gb.08:24
Ben64ke7vyv: probably not08:24
ke7vyvBen64: Any ideas?08:25
Ben64check chipset to see if any problems exist?08:25
Ben64also, cabling and other devices are important to get the 1gbit link08:25
ke7vyvBen64: I'm new to this stuff. How would I check the chipset?08:26
Ben64lspci | grep -i ethernet08:26
ke7vyvAll other devices connect at 1gbit.08:27
ke7vyvBen64: I'll give that a try.08:29
ke7vyvThanks.08:29
ke7vyvOh any ideas on why it would be 100mbit and not 1gbit like it should?08:30
Ben64well some chipsets don't play nicely with linux08:31
ke7vyvBen64: I tried ethtool eth0 would that be the same?08:31
ke7vyvOK08:31
rbasakWhat does ethtool say?08:31
ke7vyvIt says 100mbit08:32
ke7vyvThat's all I can remember.08:32
rbasakIt says a lot more than that, surely?08:32
rbasakIt should tell you what the driver supports.08:33
ke7vyvI'm not near the machine to see what else08:33
rbasakYou might want to fix that first.08:34
ke7vyvWhat being near it?08:35
ke7vyvI thought of that but figured I would get some things to try for when I am.08:36
ke7vyvWell I'll come back when I'm near it.08:38
=== ak5_ is now known as ak5
ke7vyvrbasak, Ben64: lspci | grep -i ethernet 00:04.0 Ethernet controller: Silicon Integrated Systems [SiS] 191 Gigabit Ethernet Adapter (rev 01)09:28
rbasakke7vyv: please pastebin the ethtool output.09:32
ke7vyvHeres my ethtool results  http://pastebin.com/mMWZwMvv09:32
rbasakLooks like either your driver doesn't support gigabit or your NIC doesn't support gigabit or something between the driver and the NIC isn't configured for gigabit.09:33
rbasakThe name of your NIC certainly suggests that it supports gigabit :)09:34
ke7vyvWell the cable I hooked up to another machine and gigabit worked fine.09:35
rbasakThe problem is not the cable. It's between the driver and your NIC.09:36
rbasak(or so ethtool seems to say)09:36
ke7vyvSo on the system itself09:36
ke7vyvIf I transplanted the hdd from another system could that be causing it?09:39
mndohi09:47
mndoi just added a new volume on my card and although the new volume appears on the scsi bus a new block device is not created09:48
mndohow can i solve this?09:48
ke7vyvrbasak: Would this apply to me? https://answers.launchpad.net/ubuntu/+source/network-manager/+question/6645509:50
agu10^hello. what do you suggest for setting up a simple email forwarding server to get custom email addresses?09:53
ke7vyvI read online to change the MTU to 1492.10:04
ke7vyvIs that just to connect to the net?10:04
ke7vyvrbasak: I found this but my kernal version isn't listed.   http://www.howtoforge.com/creating-the-sis191-gigabit-ethernet-driver-on-linux-2.610:24
WaltherI have a zvol on which a virtual server is installed in lvm. However I need to change the names of the lvm partitions / the lvm group - how should I approach this?10:39
Waltherbooting the virtual with a ubuntu server cd is not really helpful as it doesn't provide a "live-cd" -like environment10:39
ke7vyvI'm following steps on a site and it says to goto kernel.net and download my kernel version. My kernel is 3.5.0-23-generic and it's not listed. What do I do?11:06
mardraumuse a "site" specific for your distro and release11:07
RoyKke7vyv: why do you need the kernel source?11:09
RoyKke7vyv: if you really need them, apt-get install linux-source11:10
ke7vyvThe page I found that tells how to fix my nic said to download them.11:10
ke7vyvRoyK: Here is the site  http://www.howtoforge.com/creating-the-sis191-gigabit-ethernet-driver-on-linux-2.611:12
RoyKke7vyv: I see - use the apt-get I gave you. you shouldn use the ubuntu kernel, not those from kernel.org11:12
ke7vyvRoyK: OK I'll try that.11:13
RoyKor11:13
RoyKyou may want to try the linux-image-3.8.0-19-generic kernel11:14
ke7vyvRoyK: I don't see that on kernel.org11:15
RoyKit's an ubuntu package11:15
RoyKapt-get install it11:15
ke7vyvOK11:15
ke7vyvIt won't let me11:18
agu10^_how do i run a command on startup?11:21
jairI have been hearing a lot about juju but have one specific question, is it free software?11:40
jairjust checking making sure this is not something like eucalyptus used only if you pay to canonical?11:42
highvoltagejair: juju is free software11:51
highvoltagejair: other distributions are even packaging it11:51
jairhighvoltage: thank you sir, I really appreciate it, chating with another ubuntu guy at #juju11:53
jair;)11:53
jairbut glad to hear that11:53
jairthank you so much!11:57
agu10^_I need to disable iptables. Yet i keep getting "service iptables stop". I need to disable it forever, not just until next reboot. Any clues?12:06
qman__a better question is why; by default it's an accept all policy with no rules12:08
rbasakagu10^_: I don't think any iptables rules are present by default, so disabling it depends on how you enabled it.12:08
rbasakDid you install ufw perhaps?12:09
=== 92AAAI3TG is now known as ahasenack
qman__ufw is also accept-all by default12:09
agu10^_rbasak, why do i care about the default rules?12:10
agu10^_some sofware installed new rules without my permission12:10
qman__then you need to fix/remove that software12:10
rbasakThere are multiple ways to "install new rules", so how to do what you want depends on exactly what the software did.12:11
qman__when you "stop" iptables, you flush the rules and set accept policies, you don't actually remove it from anything12:11
qman__because netfilter is compiled into the kernel12:11
=== shadeslayer is now known as kubot1
=== kubot1 is now known as shadeslayer
agu10^_how do i delete all iptables rules?12:18
agu10^_i just want the default setup12:18
ak5I have mongodb in qemu but it is failing to allocate more diskspace - any ideas?12:58
Arrickhey all, in ubuntu 12.04, running apache2, and php5, where all do I need to change the max post size and max file upload size so that moodle (I've changed it in there) that I can upload the courses? I've changed /etc/php5/apache2/php.ini to reflect what I need, and it showed up in moodle as an option, but then when I try to upload a file, it says it is too big still.13:17
zuldid you restart apache?13:19
Arrickyeah13:29
=== wedgwood_away is now known as wedgwood
=== andreas__ is now known as ahasenack
zulhallyn:  ping14:51
=== cod3r is now known as megha
vibedigitalHi. I'm using 12.04 and trying to connect remotely to virtualbox using phpvirtualbox. all stuff look ok. but in web browser phpvirtualbox dont load only the background. someone can help please?14:56
hallynzul: .15:13
zulhallyn:  do you still have your 1.0.4 stuff lying around?15:14
hallynzul: uh, isn't it in a few ppas?  i think i also had it on p.p.c.  hold on15:15
zulhallyn:  supposedly ;)15:15
hallynzul: https://launchpad.net/~serge-hallyn/+archive/virt/+files/libvirt_1.0.4-0ubuntu1%7Eppa1.dsc    hopefully that's the latest i had15:19
hallyndid you see 1.0.5 was released today?15:19
zulhallyn:  cool thanks15:20
zulhallyn:  chuck@homer:~/work/server/libvirt/libvirt-1.0.5$  (i did see ;)15:20
hallyn+1 :)15:20
Davieyzul: hey, would you have time to try openstack on our xen packages soon?15:38
zulDaviey:  i did some last cycle, it almost works out of the box with libvirt-xen I didnt try with xcp15:39
=== Ursinha-afk is now known as Ursinha
Davieyzul: is it a pain to check for you?15:49
zulDaviey:  no i can do it no problem15:50
zulDaviey:  xcp is a bit more of a pain15:51
Davieyzul: if you can do both, that would make me super happy.. and document what you did :)15:57
plarshallyn: ping16:09
plarsor jamespage16:10
plarsis lp:ubuntu-test-cases/server the right branch to be using for server smoke tests?16:11
hallynplars: sounds right to me16:15
plarshallyn: I need to move everything in lib to the scripts subdir, it's breaking jobs with the current layout16:16
plarshallyn: let me move things around and I'll propose a merge, I pinged you because it looks like you've done a lot of the recent commits16:16
hallyn<blink>16:16
hallynplars: I only did the lxc testscases, don't knwo about the wider layout.  I would like to think that if utah changed, its users would be notified, so hopefuly jamespage knows about this16:17
bcessahi there, newbie question: if I have purchased a SSL certificate for abc.com can I create and sign valid email certificates for user@abc.com with it? Or do I need to setup a full CA for that purposes?16:17
hallynplars: thanks, hopefully it just works with your fix16:18
plarshallyn: I don't think it's that utah changed, maybe the scripts they use to generate the jobs changed at some point, but I'm not sure of the history... I'm not sure why anything under scripts would have been useful if it weren't already like this before16:18
plarshallyn: it's a simple fix, just give me a moment16:18
sarnoldbcessa: x509 certs have a list of constraints that limits how the certificate can be used. normally you cannot use a webserver certificate for further signing.16:18
sarnoldbcessa: the openssl x509 tool can help you see which constraints are set on your certificate.16:19
bcessasarnold: thanks a ton man, looking at it ;)16:20
bcessahere are the extensions details http://pastebin.com/Hp4jiaiL I suppose the: "X509v3 Basic Constraints: critical CA:FALSE" prevents this right?16:23
sarnoldbcessa: that's probably the one, but it's been a decade since I've done this myself..16:25
bcessaok, thanks :)16:26
=== andreas__ is now known as ahasenack
Aisonhello :)16:41
zulDaviey:  sure but xcp only runs on precise basically but I can have a look16:41
Aisoni'm still working on fixing my broken two testmachines. Both are broken after upgrade to raring from quantal16:42
=== matsubara is now known as matsubara-lunch
Aisonso far I noticed that update-initramfs is somehow broken, it hangs forever16:42
jamespageadam_g, promoting folsom a grizzly stuff to updates16:47
xnoxWalther: just use lv / vg rename, make sure you edit fstab and update-grub after wards....17:04
xnoxno need to boot into live cd or anything like that.17:04
zulhallyn:  1.0.5 building now17:09
RoyKAison: tried stracing it?17:13
hallynzul: cool17:13
markthomas_Aison: same problem as yesterday?17:14
=== markthomas_ is now known as markthomas
AisonRoyK, markthomas: yes, still not working :)17:27
RoyKwhat does strace have to say?17:27
Aisonhmm, there are endless many output lines :P17:27
AisonI have to record it17:27
RoyKstrace -f ...17:27
Aison-f is just following the client processes I think?!?17:28
Aisonor child processes17:28
Aisonah yes, follow forks17:28
Aisonahh, -o is the right option to record into a file17:29
RoyKAison: any output yet?17:49
RoyKupdate-initramfs normally doesn't take 20 minutes ;)17:50
Aisonno, I lost the contact to the machine....17:50
Aisonand i'm not at home right now17:50
Aisonbut i'm just upgrading a 3rd machine, maybe that fails also :P17:50
Aisonwell, the upgrade itself terminated without any errors in all cases17:50
RoyKwhat was this - lucid to precise?17:51
sarnoldRoyK: [6~[6~[6~[6~[6~[6~[6~[6~[6~[6~[6~[6~[6~[6~quantal to raring17:52
sarnoldsigh17:52
* RoyK wonders who would be running something with 9 months support for a server17:53
sarnoldRoyK: someone who intends to upgrade in nine months :)17:53
Aisonin all cases it was a quantal17:54
RoyKwell, obviously, but I don't really see the point for stuff in production :P17:54
Aisonone was a server, one a client17:54
Aisonboth test machines17:54
RoyKfor test it's fun17:54
Aisonand both no longer boot after upgrade to raring17:54
* RoyK has a few raring VMs around already, and a work PC17:54
RoyKmy PC at work upgraded without issues17:55
AisonI also upgraded my personal netbook with xubuntu17:55
Aisonthat worked fine17:55
Aisonand now I upgrade a personal client with kubuntu17:55
Aisonluckily I have got dayli backups of all machines on tape17:56
parallel21Anyone using salt?17:56
Aisonso I can playback and repeat17:56
RoyKparallel21: salt?17:57
parallel21saltstack17:58
Pici#salt exists17:58
parallel21They do not answer17:58
parallel21So I thought I'd try here too17:58
parallel21While I wait17:59
sarnoldthey may also be waiting for a more specific question17:59
parallel21Why don't things werk!?17:59
sarnoldparallel21: you may wish to re-read this before tring again :)  http://www.catb.org/esr/faqs/smart-questions.html18:00
parallel21merci18:01
zulhallyn:  builds fine the stuff that you did for 1.0.4 is not needed ill upload it to my ppa in a couple of minutes18:02
RoyKAison: what about strace?18:04
AisonRoyK, I lost contact to the machine :(18:06
AisonI have to got there first18:06
RoyKah18:06
RoyKright18:06
Aisonbut I'm going to provide the results here18:06
zulhallyn:  one question for your though should we disable vbox in 1.0.5 though?18:15
markthomas_Aison: I seem to have lost connectivity awhile back.  How goes the work on that initrd problem?18:28
sarnoldmarkthomas_: funny enough he also lost connectivity to his machine..18:28
sarnoldmarkthomas_: last I heard he aimed the upgade at a third system and also wedged _that_ one.18:29
markthomas_sarnold: so, there could be something being repeated in the configuration that's causing a problem.  Or maybe a larger issue.  Less likelyi a random failure.18:30
Aisonmarkthomas_, well, I tried with strace to find reason why it hangs18:32
sarnoldmarkthomas_: he's got a touch :)18:32
sarnoldAison: are you upgrading with cd or do-release-upgrade?18:32
Aisonnothing more18:32
Aisonsarnold, do-release-upgrade18:32
zulhallyn:  https://launchpad.net/~zulcss/+archive/libvirt-testing/+packages18:37
=== matsubara-lunch is now known as matsubara
markthomas__Apparently, I need to change IRC clients.  This one keeps dying.18:44
* RoyK uses irssi18:46
RoyKweechat should work well too, and supports proxying to mobile devices etc18:46
RoyKirssi is a bit old-school (but so am I :P)18:47
dpb1 /go 318:47
sarnoldI use irssi only because the inertia required to switch to weechat is astonishing..18:47
markthomas__xchat has always worked well...until today.18:47
sarnoldheh :/18:48
RoyKxchat doesn't work too well over remote ssh :P18:48
markthomas__I suppose not.18:48
=== markthomas is now known as Guest22632
=== markthomas__ is now known as markthomas
plarshallyn: ok, got it to all succeed in this branch, can you take a look and merge? I don't have access to push to your branch: https://code.launchpad.net/~pwlars/ubuntu-test-cases/server-fixlib/+merge/16222219:11
ke7vyvOK on http://www.howtoforge.com/creating-the-sis191-gigabit-ethernet-driver-on-linux-2.6 it says I need to create thee driver for my sis191 nic. Can someone help me I'm lost.19:33
ke7vyvIt says to go to kernel.org and download my kernel version but mine isn't listed.19:36
RoyKkermit: so 3.8 from ubuntu didn't work?19:41
RoyKerm19:41
RoyKkermit: not for you19:41
RoyKke7vyv: see above19:41
RoyKke7vyv: the versioning ubuntu and other distros uses isn't the same as with kernel.org. just download the latest kernel - should be 3.919:42
ke7vyvRoyK: I'm lost on how to do it.19:42
RoyKke7vyv: I guess you tried 3.8 from ubuntu?19:42
ke7vyvRoyK: I did what you said to but it wouldn't install19:43
RoyKany output?19:43
RoyKpastebinit19:44
RoyK!pastebinit19:44
ubottupastebinit is the command-line equivalent of !pastebin - Command output, or other text can be redirected to pastebinit, which then reports an URL containing the output - To use pastebinit, install the « pastebinit » package from a package manager - Simple usage: command | pastebinit -b http://paste.ubuntu.com19:44
ke7vyvok19:44
RoyKke7vyv: apt-get install linux-image-3.8.0-19-generic should do the job19:45
ke7vyvnope19:46
ke7vyvRoyK: http://pastebin.ubuntu.com/5626980/19:47
RoyKapt-get update19:47
RoyKerm19:47
RoyKwait19:47
RoyKthis was precise_19:47
RoyK?19:47
ke7vyv12.0419:48
RoyKlinux-image-3.8.0-19-generic - Linux kernel image for version 3.8.0 on 64 bit x86 SMP19:48
RoyKthis should work for precise19:48
RoyK(aka 12.04)19:48
RoyKit's in the repos19:49
ke7vyvI don't know.19:49
ke7vyvI'm lost19:50
RoyKwell, run apt-get update first19:51
RoyKthen apt-get install linux-image-3.8.0-19-generic19:51
smoserhallyn, ping19:51
ke7vyvI tried that earlier but it works now19:52
RoyKke7vyv: good - try that kernel before trying to make your own19:53
RoyKnew chipsets sometimes require changes to the drives as well as pci IDs19:54
ke7vyvRoyK: It's done now what do I do?19:54
RoyKreboot19:55
ke7vyvK19:55
smoseris there some trick i need to do to  make kvm perform reasonably with ubuntu iso ?19:58
hallynsmoser: what's up?19:58
smoseri'm running raring and trying to boot a raring amd64 iso. and, wow. painful.19:58
ke7vyvRoyK: It's back and it didn't fix it.19:58
hallynsmoser: hm.  i had trouble with quantal on precise when i didn't use tap netif19:59
hallynbut other than that, kvm has been speedy for me19:59
RoyKke7vyv: perhaps something from backports?19:59
hallynsmoser: are you using /usr/bin/kvm, or adding -enable-kvm?19:59
smoseri can't see the mouse move around inside the window.19:59
hallynsdl?19:59
smoseri was using kvm.19:59
RoyKke7vyv: always easier with packets than hand-craftet stuff19:59
smoseri suppose sdlk.19:59
smoserkvm -usb -usbdevice tablet -net nic,model=virtio -net user -soundhw es1370 -drive if=virtio,file=disk.img -m 1024 -cdrom ubuntu-13.04-desktop-amd64.iso19:59
smoserbut i can drop just about all those arguments of modify them.20:00
hallynsmoser: try adding cache=none?20:00
ke7vyvRoyK: Is my kernel supposed to have changed.20:00
smoserhallyn, i'm not writing anything20:00
hallynzul: i think we should drop vbox until 1.0.6, yes20:00
RoyKpaste uname -a output20:00
smoseri think its graphics driver20:00
hallynsmoser: hm.  if you use vnc is it faster?  can you try -monitor stdio and info graphics?20:01
RoyKke7vyv: that is, pastebin output from "uname -a" :þ20:01
RoyKor just paste it - it's only one line after all20:02
ke7vyvRoyK: Linux ubuntu 3.8.0-19-generic #30~precise1-Ubuntu SMP Wed May 1 22:26:36 UTC 2013 x86_64 x86_64 x86_64 GNU/Linux20:02
RoyKyou're running 3.8, yes20:02
hallynplars: looking20:02
smoserhallyn, its not 'info graphics'20:02
ke7vyvWebmin doesn't show the change.20:02
RoyKke7vyv: since that doesn't work, download the latest 3.8 or 3.9 from kernel.org and patch the driver, copy /boot/config-whateverthenameofthekernel to .config in the kernel source root and run make menuconfig (or oldconfig, but that's a bit disturbing if you don't know kernel)20:03
ke7vyvRoyK: reopened webmin and it changed.20:03
RoyK!webmin | ke7vyv20:04
ubottuke7vyv: webmin is no longer supported in Debian and Ubuntu. It is not compatible with the way that Ubuntu packages handle configuration files, and is likely to cause unexpected issues with your system.20:04
zulhallyn:  ack20:04
RoyKke7vyv: learn the commandline - it doesn't take too long and it gives you a deep insight into what really happens20:04
ke7vyvRoyK: I'm trying to. lol20:05
ke7vyvRoyK: How do I patch the driver?20:06
RoyKit's in that page you posted yesterday20:06
hallynsmoser: huh, thereno option for that.  drat.20:06
RoyKedit a header file etc20:06
RoyKke7vyv: does ifconfig -a see the interface now?20:07
hallynanyway i'd say try -vga vmware, or -vga qxl with spice20:07
smoserhallyn, /var/log/X tells me its cirrus_driv20:07
hallyndrat, the kernel is supposed to not keep that from happening or something - plars was having bugs with cirrus (other than slowness)20:08
smoseri have drawing issues too20:08
hallynmaybe we need a patch to make vmware the default20:08
ke7vyvRoyk: Yes but the connection speed is wrong.20:08
RoyKke7vyv: what does dmesg say about the interface?20:08
RoyKa bit strange if the interface is visible and the connection speed is wrong20:08
RoyKif it's visible, it's not because of the lack of a pci id20:09
RoyKrather a new driver needed20:09
ke7vyvRoyK: http://pastebin.ubuntu.com/5627059/20:11
markthomasAison: when you can, should file a bug against initramfs-tools on launchpad.  If this problem has ocured >1 time, it needs looked at20:11
=== Ursinha is now known as Ursinha-afk
RoyKke7vyv: [   21.192009] sis190 0000:00:04.0 eth1: link on 1000 Mbps Full Duplex mode20:12
ke7vyvRoyK: ethtool results  http://pastebin.ubuntu.com/5627066/20:14
RoyKke7vyv: eth0 doesn's seem to be connected20:14
RoyKke7vyv: wierd - is this for eth1?20:15
ke7vyvRoyK: Yes20:15
hallynplars: pushed20:15
RoyKit really should be consistent with what dmesg tells, which is 1Gbps20:15
RoyKwhat does actual test runs across the cable tell you?20:16
ke7vyv100Mbps20:16
RoyKwell, post a bug20:16
ke7vyvDon't know how.  lol20:17
RoyK!ubuntu-bug20:17
ke7vyvI'm just making the switch to ubuntu.20:17
RoyKwell, just run ubuntu-bug20:17
ke7vyvOK20:17
RoyKwhat sort of switch are you using?20:18
ke7vyvwhat do you mean?20:19
RoyKI guess your machine is connected to a switch?20:19
ke7vyvYes a 1Gbps 8 port.20:20
RoyKok, probably non-managed20:20
ke7vyvNo20:20
RoyKbut looks like autonegotiate showed 1Gbps20:20
RoyKok - can you force gigabit on the switch?20:21
RoyKif so, do the same on the linux box20:21
ke7vyvI have 4 other systems that work fine.20:21
RoyKwhat sort of nic is this?20:22
ke7vyvNot sure its on a HP mediaserver so I can't change it.20:23
RoyKlshw20:23
ke7vyvRoyK: http://pastebin.ubuntu.com/5627112/20:26
plarshallyn: thanks!20:29
hallynsmoser: for unity3d, i've had best behavior under spice.  Still not ideal, but worked best20:31
hallynjdstrand: mdeslaur: waht kvm graphics combo do you use when you boot desktop cd ?20:32
hallynsmoser: separately, it's possible that 1.4.1 improves things.  was going to push that to saucy soon.  I had a raring version somewhere, but doesn't seemt obe in my virt ppa20:34
=== Ursinha-afk is now known as Ursinha
=== Jikan is now known as Jikai
=== Jikai is now known as Jikan
=== Jikan is now known as Jikai
=== Jikai is now known as Jikan
sarnoldhallyn: mdeslaur has some config stuff in uvt to turn off the worst of the graphics offenders, see around line 2180 in uvt..21:53
hallynsarnold: oh, very cool21:55
sarnoldI wouldn't say it's -quick-, but it's better21:56
hallynsmoser: I'm trying out desktop here, kvm -vga qxl -spice port=5930,disable-ticketing -m 1024;  needs more memory, but it's doing ok21:56
hallynthe mouse isn't staggering, really only the dash is painful to use21:56
hallyn(this is on my 3 year old vaio)21:59
AisonI wounder why I have got so many :i386 packets installed after upgrade to raring21:59
=== Jikan is now known as Jikai
=== Jikai is now known as Jikan
aMonikerSo, part of my application uses a JSON API to talk to a wordpress instance on the same box over HTTP22:15
aMonikerAre there any big downsides to this?22:15
aMonikerIt's unlikely to be used by more than a thousand or so users at once22:15
aMonikerand even then, probably not that many22:15
fhfhello I was wondering if I can install MAAS node manualy ie. I have fresh Ubuntu Server 12.04 install and want to connect it to MAAS Clouster.22:26
sarnoldfhf: I think you've gone one step too far by installing something on it :) half the point is that the machine is off and unconfigured until you add it to the cloud...22:28
fhfsarnold: So it's impossible? I wanted to try it if I can create Ubuntu MAAS cluster on VPSes and manage it with juju it will save me "some" time22:29
ke7vyvRoyK: So I'm trying to edit the driver for my nic using the 3.9 kernel but I'm not sure where the info is I'm supposed to change is.22:34
sarnoldaw nuts... if fhf returns, someone please aim him at http://jujucharms.com/~virtual-maasers/precise/virtual-maas22:37
sarnoldfhf: check out http://jujucharms.com/~virtual-maasers/precise/virtual-maas23:16
fhfk, ty23:17
smoserhallyn, -vga qxl is significantly better than anything else i tried.thanks23:45
tedskiI'm attempting to follow https://help.ubuntu.com/12.04/serverguide/kerberos-ldap.html on a fresh 12.04 build.  Of course, since krb5_newrealm is never ran and the backend is ldap, /etc/krb5kdc/principal is never created.23:46
tedskihowever, when i try to run kadmin.local, it fails with No such file or directory23:46
tedskiwhen i strace that, i see it's trying to open /etc/krb5kdc/principal23:47
tedskildap shows the proper entries after creating the realm there and running stashsrvpw23:47
tedskihttp://paste.ubuntu.com/5627614/23:51
tedskimy krb5.conf points to the ldap backend23:51
tedskioops23:51
tedskidb_library is missing :/23:52
tedskiugh23:52
tedskii hate careless mistakes that only show their face once you pastebin them :)23:52
sarnold:D23:54

Generated by irclog2html.py 2.7 by Marius Gedminas - find it at mg.pov.lt!