[01:55] <agu10^> Hello. I have a VPS in amazon ec2 cloud. It has two network interfaces with private IPs. Amazon routes two public IPs to those two private ones. How can I route my packets that arrive through eth1 so that they're sent back through eth1 instead of eth0?
[01:58] <justizin> try enabling the rp_filter if it isn't already..
[01:59] <agu10^> what is that? and how
[01:59] <justizin> it's the reverse path filter, google rp_filter it's pretty easy to toggle via sysctl or somesuch
[01:59] <justizin> i thought it was on by default, but check
[02:03] <agu10^> justizin, why would i want to turn it on?
[03:22] <Hitiek> sarnold: thanks. that got me started.
[09:36] <Guest16799> hi everyone
[09:36] <Guest16799> i really need help epoptes...
[09:37] <Guest16799> on ubuntu 12.04 server with ltsp
[09:43] <Guest16799> any1 here?
[09:50] <Guest16799> hi
[09:55] <Guest16799> hi
[12:09] <hxm> hello
[12:09] <hxm> please, how to install a imap/smtp server on ubuntu tls 12.04 server? i have multiple domains and i want to use roundcube, but i dont find the way to make dovecot or postfix work
[12:09] <hxm> im already desesperated or closer
[12:11] <Nafallo> hxm: seen https://help.ubuntu.com/12.04/serverguide/email-services.html ?
[12:11] <hxm> i saw many howtos, but that not, thanks, there i go
[12:11] <Nafallo> that's the official Ubuntu Server Guide, fwiw :-)
[12:11] <Nafallo> it's a good first place to check usually.
[12:12] <hxm> why the heck the official documentations are always the hardest to find in google
[12:12] <hxm> btw i have multiple domains in the same machine
[12:12] <Nafallo> *shrugs* too much noise. I tend to just type in help.ubuntu.com and be done with it :-)
[12:13] <hxm> yes, too much noise
[12:14] <Nafallo> the community part on help.u.c is also really helpful
[12:16] <hxm> most of cases i find better professional support in the community than the helpdesk companies
[13:40] <luis_> hi
[13:41] <jacobw> Hi
[13:43] <luis_> i like  help with Epoptes
[13:46] <luis_> Basically I cant view the clients
[13:46] <luis_> any ideas?
[13:48] <jacobw> Sorry, I haven't used it before.
[17:52] <Shogoot> Anyone to help me troubleshoot this? Forbidden You don't have permission to access /smn.php on this server. Apache/2.2.22 (Ubuntu) Server at 192.168.1.166 Port 80
[17:52] <Shogoot> Seems i got the var/www direcotry messed up rightswise, and i can t mak emy web page dispaly....
[18:07] <silo_> no? noone?
[18:10] <shogoot> NickServ identify salsero
[18:13] <shogoot> anyone taht can help
[18:13] <shogoot> ?
[18:33] <hxm> hello
[18:33] <hxm> im trying to do this https://help.ubuntu.com/12.04/serverguide/postfix.html
[18:34] <hxm> sorry i start over, i found a misstype
[18:35] <hxm> in the part 2. mail.example.com i have multiple domains in the machine
[18:35] <hxm> cant i manage all of them?
[18:35] <hxm> or i create a hostname and then use spf TXT dns entry for each other?
[18:58] <hxm> well after following this  https://help.ubuntu.com/12.04/serverguide/postfix.html and testing the smtp when  i use the ehlo command nothing appears
[18:59] <SpamapS> hxm: check /var/log/syslog and /var/log/mail.log
[19:03] <hxm> http://pastebin.com/bggsH5Af it says bad command startup no mecachism but is the last line (i added \n after it)
[19:20] <LargePrime> my server has 32k zombies
[19:20] <LargePrime> how do i fix?
[19:23] <streulma> hello, is there a good tutorial how to set up postfix dovecot and postfixadmin with mysql?
[19:23] <LargePrime>  also got a /usr/bin/lesspipe: fork: Cannot allocate memory
[19:23] <LargePrime> and it seems i cannot reboot!  please help
[19:23] <streulma> LargePrime: shutdown -r now ?
[19:24] <LargePrime> it just hangs
[19:24] <LargePrime> and the session locks up.
[19:25] <LargePrime> I can immediatly reconnect with a new session
[19:25] <LargePrime> i think it took
[19:25] <streulma> kill your inodes first
[19:25] <LargePrime> noob.  how? googleing
[19:27] <streulma> sudo sync && sudo echo 3 | sudo tee /proc/sys/vm/drop_caches
[19:27] <streulma> LargePrime: ^
[19:27] <LargePrime> and now it wont come back up
[19:27] <streulma> ?
[19:27] <streulma> server is down?
[19:28] <LargePrime> not responding
[19:28]  * maxb observes that sudo-ing 'echo 3' is a bit redundant
[19:29] <streulma> then it is rebooting...
[19:30] <maxb> streulma: Why do you suggest drop_caches, that doesn't seem related to the problem here?
[19:30] <streulma> clearing memory
[19:31] <maxb> I think you are mistaken, those caches would be automatically shrunk if needed
[19:32] <maxb> Also, the mention of 32k zombies and the fact that it's a fork call reporting that is highly suggestive that the system has run out of process IDs, not general memory
[19:35]  * LargePrime listens
[19:36] <maxb> LargePrime: Do you care more about just rebooting, or looking in to why this happened in the first place?
[19:36] <LargePrime> first place
[19:36] <LargePrime> and the server is down
[19:37] <LargePrime> it seems dead
[19:37] <maxb> Hrm. It will be next to impossible to deduce what happened without the output of 'ps -efH' or similar
[19:38] <LargePrime> forcing hard reboot
[19:39] <LargePrime> maxb:  can i get that after reboot?
[19:39] <maxb> No
[19:39] <maxb> What data did you have before to know there were 32k zombies?
[19:40] <LargePrime> max, can you give a guide or chcklist i should do for nextime?
[19:40] <LargePrime> upon ligin the server said there were 32k zombies
[19:40] <LargePrime> login*
[19:41] <maxb> The most important thing would be to capture some view of the process tree like 'ps -efH' gives you, to know what process the zombies are associated with
[19:41] <maxb> "said" - where?
[19:41] <LargePrime> no idea
[19:42] <LargePrime> again, total noob.  server up
[19:43] <LargePrime> what is the pastebinit command?
[19:45] <LargePrime> heh, its pastebinit
[19:47] <LargePrime> maxb: upon ssh login there is a small graph of server usage and a anvert from conical for landscape. under that it say there were 32k zombies.  it had specific number but i dont have it.
[19:47] <LargePrime> advert*
[19:48] <LargePrime> how do i send ps -efH to pastebinit
[19:48] <maxb> Interesting, I guess it must be part of the dynamic informational motd generation
[19:48] <maxb> I would never have thought that would be monitored there
[19:49] <LargePrime> so you saying your servers never have zombies?  you that good?
[19:49] <LargePrime> heh
[19:49] <LargePrime> how does one monitor for zombies?
[19:52] <maxb> People generally don't need to
[19:53] <maxb> It takes a process misbehaving in very specific ways for it to ever become a problem
[19:53] <LargePrime> well i think if i had 32k+ of them perhaps i shoul look for them?
[19:55] <maxb> I don't have anything in my /etc/update-motd.d/ that would report on such things - but perhaps you have other packages installed
[19:57] <maxb> Ah, it will be from landscape-sysinfo I imagine
[19:58] <LargePrime> yes
[19:59] <maxb> Anyway, I wouldn't worry about it much for now, but grab some ps -efH output for diagnosis if you find any zombies persisting for more than a few seconds in the future
[20:02] <LargePrime> http://paste.ubuntu.com/5633389/
[20:02] <LargePrime> are zombies named zombies?
[20:04] <streulma> ha
[20:04] <streulma> I think it's the Java process
[20:04] <streulma> that eats your server
[20:05] <streulma> your setting is high
[20:06] <LargePrime> ?
[20:07] <LargePrime> yes it is hosing java servers
[20:07] <LargePrime> what is "your setting is high"
[20:09] <streulma> yes
[20:09] <streulma> Xmx and Xms
[20:10] <streulma> Set it to half
[20:10] <streulma> 1024M
[20:10] <streulma> 4096M is that it uses 4GB of memory for each process !
[20:15] <LargePrime> and?
[20:22] <streulma> then your mem is not free anymore ?
[20:22] <streulma> how many memory is in your server ?
[20:24] <qman__> generally, having zombies is a bad coding decision but isn't directly harmful, as long as they're not flooding you out, which in this case, they appear to be
[20:26] <LargePrime> are thier logs for this ?
[20:39] <maxb> streulma: Sorry, but I have to say that you are giving bad advice. -Xms and -Xmx have ABSOLUTELY NOTHING to do with zombie processes
[20:53] <hxm> im able to send messages, but the email is root@localhost
[20:54] <hxm> where do i change that? i use mail() php
[20:54] <hxm> ah found it
[20:59] <nsaquatics> afternoon, I need help and so far nobody has been able to help me. I'
[21:00] <nsaquatics> I'm running 10.04 LTS with mysql on it and mysql server will not start stating not being able to read/write to the PID file...
[21:00] <nsaquatics> as far as I can tell it has all the required permissions, yet it still won't start for me.
[21:19] <jacobw> nsaquatics: Can you pastebin the exact error that you see from the init script?
[21:23] <nsaquatics> jacobw: will do.
[21:28] <nsaquatics> this is from the error.log: http://pastebin.com/hyqsvB21
[21:29] <nsaquatics> I'm tailing both the error.log and syslog...
[21:29] <jacobw> Samba configuration error?
[21:29] <nsaquatics> huh?... hangon..
[21:29] <jacobw> nsaquatics: I don't think that's the right paste
[21:30] <jacobw> nsaquatics: What do you see when you try to stop and start the service with init/upstart?
[21:30] <nsaquatics> jacobw: woops.. hangon
[21:30] <nsaquatics> jacobw: this is it: http://pastebin.com/hyqsvB21
[21:31] <nsaquatics> I start and stop via "service mysql sart/stop"
[21:31] <jacobw> Hmm, that's the same paste
[21:32] <nsaquatics> dangit...
[21:32] <nsaquatics> http://pastebin.com/jGh2j405 ??? Yeah, that's it... It didn't copy the new URL...
[21:34] <jacobw> nsaquatics: It should be using something like /var/run/mysql.pid instead of that path
[21:34] <nsaquatics> well I move the databases to that path because that's my datadisk. I wanted everything data to be on it. But it's been working since then
[21:35] <nsaquatics> Only recently when we lost power and the server restarted did this crap start.
[21:35] <jacobw> :)
[21:35] <nsaquatics> :( so now I can't get to the email server... (zarafa)
[21:36] <jacobw> See if that file exists and what the permissions are on it with 'ls -l'
[21:36] <jacobw> If it exists, remove it and try to start MySQL again
[21:37] <nsaquatics> NSAServer.pid right? Doesn't exist.
[21:38] <nsaquatics> I tried touching it and then modifing owner/rights to no avail.. I can try it again though.
[21:38] <nsaquatics> the folder mysql is owned by mysql:mysql
[21:39] <nsaquatics> and, yes I know its bad but it has 777 permissions on it at the moment.
[21:40] <jacobw> Let's see if putting the AppArmor profile for MySQL in complain mode helps
[21:40] <nsaquatics> it already is... but I'll check again.
[21:40] <jacobw> `sudo aa-complain /usr/sbin/mysqld`
[21:42] <nsaquatics> ok, so I touched the file and chown'ed it and chmod'ed it...
[21:42] <nsaquatics> also ran the aa-complain... restarting the server via "service mysql stop" and "service mysql start &"
[21:42] <jacobw> Did you try removing it?
[21:44] <hxm> after configure postfix if i send an email to hotmail is moved to spam folder, it says Microsoft SmartScreen has clasified this message as spam
[21:44] <hxm> is because of the spf entry?
[21:44] <hxm> i have a server with various domains
[21:44] <nsaquatics> jacobw: it being the NSAServer.pid file?
[21:44] <jacobw> nsaquatics: Yeah
[21:45] <jacobw> hxm: You need DKIM
[21:45] <nsaquatics> jacobw: I'll try that now.
[21:47] <jacobw> hxm: https://help.ubuntu.com/community/Postfix/DKIM
[21:48] <hxm> thanks, i was googleing
[21:48] <jacobw> nsaquatics: Also check the AppArmor profile is in complain mode with `sudo apparmor_status`
[21:48] <nsaquatics> jacobw: even though I stopped the mysql server it is still trying to respawn... I can see it in the logs...
[21:49] <nsaquatics> 1 profiles are in complain mode.    /usr/sbin/mysqld
[21:49] <nsaquatics> but no process is in complain mode...
[21:50] <jacobw> nsaquatics: OK, make sure to kill all the mysqld and mysqld_safe processes
[21:50] <nsaquatics> ok...
[21:51] <nsaquatics> jacobw: "ps -ef |grep mysql" should show me all of them right?
[21:52] <jacobw> Yeah
[21:53] <nsaquatics> sure enough, it just keeps trying to start it..
[21:53] <nsaquatics> jacobw: from the looks of it every 30 seconds it trys to respawn.
[21:54] <jacobw> nsaquatics: what does `ps -ef` show?
[21:55] <jacobw> nsaquatics: Um, that matches 'mysql'
[21:55] <hxm> jacobw: in the config file i can only set up a domain, but i have 2
[21:55] <nsaquatics> I was about to say, besides a shitload?
[21:55] <hxm> i use one ip for manage 2 mail domains, is this incorrect?
[21:56] <nsaquatics> root@NSAServer:/media/DataDisk/mysql# ps -ef |grep mysql
[21:56] <nsaquatics> root      2178 21303  0 16:55 pts/1    00:00:00 grep --color=auto mysql
[21:56] <nsaquatics> root     18714 12276  0 May03 pts/3    00:00:00 tail -f mysql.err
[21:56] <nsaquatics> at the moment but everytime I see it logging and rerun the command I can see the mysqld process pop up again.
[21:59] <nsaquatics> jacobw: here is what syslog and error.log pop out every 30sec's or so: http://pastebin.com/Ju3vxgCq
[21:59] <jacobw> hxm: check out this blog post, http://blog.tjitjing.com/index.php/2012/03/guide-to-install-opendkim-for-multiple-domains-with-postfix-and-debian.html
[22:00] <jacobw> nsaquatics: Does `service mysql stop` stop it respawning?
[22:00] <nsaquatics> jacobw: nope.
[22:01] <nsaquatics> jacobw: but trying it again just to make sure.
[22:02] <jacobw> nsaquatics: Use `pstree -ps` to see what's spawning the mysqld processes
[22:02] <nsaquatics> actually this time it looks like it did..
[22:02] <jacobw> Cool, start it again and check apparmor_status
[22:03] <nsaquatics> ok, at the moment it's like it was last time I checked it, so only the profile is in complain mode... starting it noe.
[22:06] <nsaquatics> jacobw: ok, it stayed the same because mysql bombs out, but right as I saw it trying to respawn, I ran it again and apparmor showed the mysqld process as being in complain mode, so it IS catching that it is supposed to ignore the mysql server. So if I'm understanding it correctly, it's definately not apparmor that's causing the problem, correct?
[22:06] <jacobw> That's right
[22:06] <jacobw> My laptop is about to run out of battery
[22:06] <nsaquatics> hmm no good...
[22:07] <nsaquatics> plug it in? :)
[22:07] <nsaquatics> where else can I look?
[22:07] <jacobw> Try starting mysql with --pid-file=/var/run/mysql.pid or similar
[22:08] <jacobw> Also check which user mysql runs as, and try operating on the file from the mysql user, etc.
[22:08] <nsaquatics> jacobw: ok will do
[22:08] <jacobw> o/
[22:08] <nsaquatics> jacobw: how do I see under which user it is actually runnign?
[22:28] <nsaquatics> anybody else care to help?
[22:33] <maxb> Erm, you're running mysql using paths on removable media?
[22:33] <maxb> That sounds a bit .... wrong
[22:34] <nsaquatics> no, not removable media... Mirrored drive...
[22:34] <nsaquatics> Mounted under /media/DataDisk
[22:36] <maxb> Hm
[22:36] <maxb> I suggest you not do that
[22:37] <maxb> The /media directory is conventionally reserved for automounting things
[22:37] <maxb> If you're statically configuring things in /etc/fstab, you should put them under /mnt
[22:41] <nsaquatics> maxb: I'll keep that in mind... I'll move it o monday but for now, I just need mysql to come up for one to two hours so I can backup the data...
[22:41] <maxb> That aside, the next obvious step would be to sudo to the mysql user and try touching a file in /media/DataDisk/mysql/
[22:42] <nsaquatics> ah... never thought of that.. moment...
[22:42] <maxb> And also do a pastebin of 'find /media/DataDisk/mysql -ls' so we can see the permissions in detail
[22:42] <nsaquatics> ok.
[22:44] <nsaquatics> maxb: pastebin: http://pastebin.com/CiYjih5Q
[22:45] <nsaquatics> maxb: also, how do I sudo to mysql?
[22:45] <maxb> sudo -s -u mysql
[22:46] <nsaquatics> maxb: ahh...
[22:47] <maxb> Note for the future: you might want to consider paste.ubuntu.com, it's not festooned with ads and prone to line-wrap things unhelpfully
[22:48] <nsaquatics> maxb: ok... will switch to that.
[22:50]  * maxb pauses to take a moment to shudder at all those mode 777 files
[22:51] <nsaquatics> maxb: sudo'd to mysql as was able to create the NSAServer.pid file by touching it. it now exists and has the following permissions: "-rw-rw-rw-+  1 mysql   mysql             0 2013-05-04 17:47 NSAServer.pid" however I cannot run the "find" command as mysql I guess?
[22:52] <nsaquatics> And yes, those will be changed back once this is figured out... :)
[22:53] <maxb> oh, now that's interesting. You got a +
[22:53] <maxb> Indicating extended ACLs are at work
[22:54] <maxb> Hm
[22:54] <maxb> I don't recall if find -ls shows those + signs
[22:54] <nsaquatics> maxb: well... I just added acl to the disk like yesterday..
[22:55] <nsaquatics> here is the output of find once I exited out from the mysql user:
[22:55] <maxb> Try 'ls -l', are there more files besides the newly created one with + signes after the mode listing?
[22:55] <nsaquatics> 60293221    0 -rw-rw-rw-   1 mysql    mysql           0 May  4 17:47 /media/DataDisk/mysql/NSAServer.pid
[22:55] <nsaquatics> hang on
[22:55] <nsaquatics> maxb: yes, all the other folders
[22:55] <maxb> So, you added ACLs to the disk yesterday and now your DB has stopped working....? :-)
[22:56] <nsaquatics> maxb: no cigar... I have been working on this for 4 days on and off.
[22:56] <maxb> I suppose I should also ask: what is the filesystem being used here?
[22:56] <nsaquatics> but I switched to working on upgrading to samba 4 in between sessions
[22:57] <nsaquatics> maxb: Tried the old work on something else for a while trick... didn't work..
[22:58] <nsaquatics> btw, ls -l shows the + but nothing more...
[22:58] <maxb> Right, for a full display of the ACLs over the entire directory tree, you'll need 'getfacl -R /media/DataDisk/mysql'
[22:59] <nsaquatics> maxb: this should be good...
[23:00] <maxb> Although given you could create the file as the mysql user, and you've apparently already eliminated apparmor, I'm starting to run out of ideas
[23:01] <nsaquatics> grrrr
[23:02] <nsaquatics> ok, here is the output just for the NSAServer.pid file. http://paste.ubuntu.com/5633809/
[23:03] <maxb> That ACL is a bit baffling. I'd like to see the nonrecursive (drop the -R) info for the containing directory
[23:04] <nsaquatics> maxb: http://paste.ubuntu.com/5633813/
[23:07] <maxb> Hm. Well, whilst I cannot point to any specific issues with these ACLs, given the general mystery that seems to exist here, I would be strongly inclined to remove all the extended ACLs from the mysql tree entirely, leaving just the traditional mode bits
[23:09] <nsaquatics> hmmm and how does one go about doing that?
[23:11] <maxb> Looks like it would be something like setfacl --recursive --remove-all /media/DataDisk/mysql
[23:12] <maxb> Though for completeness you should also review and potentially remove the ACL on /media/DataDisk
[23:29] <nsaquatics> maxb: thanks, I'll look at that... for now I'm trying to get someone to look at it first hand...