| DGMurdockIII | i have a Dell PowerEdge Server i was wondering if any of you new much about them | 01:17 |
|---|---|---|
| === Guest91235 is now known as n00b123 | ||
| n00b123 | Hi Friends, I am setting an ubuntu server 12.04.1 with 2 x 2tb hard drivers wich I want to connect in RAID1. Also going to use encrypted LVM. What is best to do. Use the whole drive in one raid and one volume group and then differents logical volumes for /, SWAP, /var and /DATA or use 4 raids md , 4 vg and 4 lv ?? | 01:52 |
| === gary_poster is now known as gary_poster|away | ||
| maxb | n00b123: Unless you're deliberately trying to have some volumes encrypted and some not, I see no reason to use multiple md devices | 02:04 |
| maxb | And even then maybe not, but I'm unfamilier with encrypted LVM | 02:05 |
| maxb | However you will want to make sure you're absolutely confident how you want your bootloader to work before you start partitioning | 02:05 |
| maxb | Actually, having read a few things about the encryption it seems like you probably want an unencrypted md0 for /boot and an encrypted md1 for LVM | 02:09 |
| === cedr is now known as cdr | ||
| maxb | Hmm, although it seems you can nest the LVM and the encryption either way around | 02:11 |
| === cdr is now known as cedr | ||
| === LargePrime_ is now known as LargePrime | ||
| n00b123 | I was thinking if there is any advantage having parttions divided into diferent raids. just wondering what would be the best practice | 02:15 |
| n00b123 | Is there any way to grub-install /dev/md0 on busybox during instalation ?? | 02:16 |
| n00b123 | because on ubuntu 12.04.1 server instalalation, grub-install always fail because it always tries to install on /dev/sda. No options to change. Consequently I can never boot after instalation and have to boot from a live cd and install it manually (wih I'm trying to do right now !!) | 02:18 |
| === cedr is now known as cdr | ||
| kerframil | n00b123: 'installing' to md0 makes no sense. grub needs to write a master boot record, which belongs at the beginning of the first disk enumerated by the BIOS. that disk typically maps to /dev/sda in Linux. | 02:29 |
| kerframil | n00b123: indeed, if you were to write out an MBR to the beginning of an md block device, you may very well corrupt your RAID metadata (depending on the superblock format used) | 02:34 |
| n00b123 | yes, i tried and it failed. So, it is not possible to have the /boot partition on a RAID ?? If one hdd failed I am oing to be stucked... | 02:34 |
| n00b123 | What is the best practice to be prepared for a disk fail ?? | 02:35 |
| n00b123 | Have an independent /boot partition on both hdd and install grub on both ?? is that correct ? | 02:36 |
| kerframil | n00b123: yes, you can have /boot on RAID. I would tend to use RAID-1 because it allows for /boot to be directly mounted from an md member in diaster recovery scenarios. however, grub-2 can handle other RAID layouts. | 02:37 |
| kerframil | n00b123: for full bootloader redundancy, yes, would need to write out a boot sector to both disks. however, you don't need require two separate boot filesystems. | 02:37 |
| n00b123 | sorry, I can't understand (n00b) | 02:39 |
| kerframil | n00b123: I used to do this back in the day. let's say you have sda and sdb, and the first partitions of each are members of a RAID-1 array, on which the /boot filesystem resides. | 02:40 |
| kerframil | n00b123: I would enter the grub shell and type: | 02:40 |
| kerframil | device (hd0) /dev/sda | 02:40 |
| kerframil | root (hd0,0) | 02:40 |
| kerframil | setup (hd0) | 02:40 |
| kerframil | then I would repeat with only one change: mapping (hd0) to /dev/sdb (which controls where the MBR is written) | 02:41 |
| kerframil | I've never tried with grub2 though. most of my machines are using hardware RAID these days. | 02:41 |
| n00b123 | but /boot is under raid ?? md0=sda1,sdb2(/boot) | 02:43 |
| kerframil | that's awkward for grub-0.97 because they're different partitions. but Ubuntu uses grub2, which should be able to handle it fine (it has built-in modules to read Linux RAID volumes). but none of this comes into play until the bootsector is read and grub gets past 'stage1'. the bottom line is that installing to /dev/sda should be enough to get it booting, assuming the first disk remains online. | 02:45 |
| kerframil | the boot filesystem is not involved in the earliest stage of the boot process | 02:45 |
| n00b123 | ok, so when installing, I can configure the first partition os both hard drives as /boot and raid1 (md0=sda1,sdb1) and just grub-install /dev/sda and grub-install /dev/sdb. Ubuntu can not mount encrypted partition but can "mount" the raid partition. That's it ?? | 02:48 |
| n00b123 | I am a little bit confused because every instalation I tried, grub fail instaling on /dev/sda. When /boot was under raid and independent partitions | 02:49 |
| kerframil | n00b123: I have no experience of setting up bootloader redundancy in grub2 but, yes, that's about right. I suspect grub-install won't do the right thing when installing to /dev/sdb. that's why I always used the shell in grub-0.97. | 02:50 |
| kerframil | n00b123: that's curious. maybe you should run grub-install with the option to increase verbosity. | 02:50 |
| kerframil | n00b123: it should work, based on what you've said | 02:50 |
| n00b123 | that's why i was trying to grub-install while installing the system (CTRL+ALT+F2). | 02:51 |
| n00b123 | because after that, it is hard to boot it like it is under encripted lvm and raid | 02:52 |
| kerframil | n00b123: try grub-install --debug /dev/sda | 02:54 |
| n00b123 | grub-install does not work on busybox, and now I am having troubles mounting the partition under ubnutu 10.04 livecd (12.04 is failing the video config resolution under virtualbox) | 02:56 |
| kerframil | n00b123: is it no present at all, or are you getting an error? iirc, the debian-installer gets grub from a lightweight udeb package which is installed-on-the-fly i.e.: http://packages.ubuntu.com/precise/amd64/grub-installer/download | 03:04 |
| n00b123 | not present | 03:07 |
| n00b123 | sudo apt-get install mdadm lvm2 | 03:07 |
| n00b123 | and pvscan, vgdisplay, vgscan, lvscan finds nothing | 03:08 |
| n00b123 | cat /proc/mdstat show nothing to | 03:08 |
| n00b123 | last time i could mount it with ubuntu 12.04 | 03:08 |
| n00b123 | but now... nop | 03:09 |
| n00b123 | on diskd utility it shows the array | 03:10 |
| n00b123 | but say it is not running, when i try to bring it up, it says: not enogh omponents to start raid array | 03:11 |
| n00b123 | do I need to install any more package than mdadm ?? | 03:11 |
| kerframil | n00b123: to assemble an array from userspace, mdadm is enough | 03:12 |
| kerframil | n00b123: for example, mdadm -A /dev/md0 /dev/sda1 /dev/sdb2 | 03:13 |
| n00b123 | oops | 03:13 |
| n00b123 | just mounted the array | 03:14 |
| n00b123 | noob problem, forgot the sudo... sorry | 03:14 |
| n00b123 | grub-install not working with live cd. Can't find /dev bla bla bla. | 03:19 |
| n00b123 | I believe i will have to chroot | 03:19 |
| kerframil | n00b123: if you do, remember also to mound --bind /dev <chroot-path>/dev (after mounting your normal filesystems there). | 03:20 |
| kerframil | mount, rather | 03:20 |
| n00b123 | tried mounting it | 03:37 |
| n00b123 | when tried grub-install --root-directory=/media/47a...bla..bla /dev/sda | 03:39 |
| n00b123 | it gives me the error: usr/sbin/grub-probe: error: no mapping exists for 'vgtotal-lvroot' | 03:40 |
| n00b123 | auto detection of a filesystem module failed. | 03:40 |
| n00b123 | please specify the module with the option '--modules' explitly. | 03:41 |
| daddioio | hey guys, I installed 13.04 server and I have 2 nics. installer saw I have 2 nics, setup eth0; but not eth1. I thought no biggie, added to etc/networks/interface. Restart, but still no eth1. Am I missing something? | 03:46 |
| kerframil | n00b123: is lvroot encrypted/ | 03:49 |
| kerframil | ? | 03:50 |
| yeats | daddioio: what happens when you do 'sudo ifup eth1'? | 03:50 |
| daddioio | woohoo, she lives | 03:51 |
| daddioio | will it do that at reboot now? | 03:51 |
| daddioio | or do I need to tinker somewhere? | 03:51 |
| n00b123 | it is but i have already decripted it to mount on the /media/47...... | 03:52 |
| n00b123 | I can see the files on lvroot | 03:52 |
| yeats | daddioio: you can add 'auto eth1' to /etc/network/interfaces | 03:53 |
| daddioio | dang you are right yeats I forgot to add that...sorry bout that | 03:54 |
| yeats | ;-) | 03:54 |
| kerframil | n00b123: if you run ls -l /dev/mapper, do you see just one entry referring to "lvroot"? | 03:54 |
| n00b123 | i can see the vgtotal-lvroot, 3 others lv and another udisks-luks-uuid-bla bla bla | 03:59 |
| sonofzeus | hey there | 05:40 |
| phunyguy | quick question.... I have a router that is ubuntu server, and there are several subnets attached that can all talk to each other freely. Is there any (easy) way to get it to bounce multicast packets between networks? It's not a large network, so I am not worried about broadcast traffic becoming an issue. I have installed pimd, but Others say it "just works", however I cannot get it to work. Any ideas? | 05:58 |
| PryMar56 | phunyguy, dpkg -l smcroute | 06:08 |
| PryMar56 | phunyguy, http://www.google.com/search?q=ubuntuforums.org+multicast+forwarding+solved | 06:10 |
| PryMar56 | q=site: | 06:10 |
| skraito | hey guys | 06:11 |
| skraito | i am coding ubuntu server hardening | 06:12 |
| skraito | is it the same with redhat | 06:12 |
| skraito | i am new to it | 06:12 |
| skraito | but may be i can reuse the script from previous 0x71 script for redhat | 06:12 |
| skraito | where can i get documentation for ubuntu-server ? | 06:12 |
| skraito | https://help.ubuntu.com/12.04/serverguide/ | 06:12 |
| skraito | is it this one ? | 06:12 |
| === blackjack is now known as nyimak | ||
| === arrrghhhAWAY is now known as arrrghhh | ||
| === arrrghhh is now known as arrrghhhAWAY | ||
| === nouitfvf___ is now known as nouitfvf | ||
| skraito | hi anyone good at ubuntu-server i would like to talk to you | 08:33 |
| skraito | come to channel ##0x71 our whitehat hackers team | 08:34 |
| === G4MBY is now known as PaulW2U | ||
| === Tzunamii_ is now known as Tzunamii | ||
| === Pici` is now known as Pici | ||
| skraito | hi ubuntu-server | 10:26 |
| skraito | where did you get | 10:26 |
| skraito | hi daviey | 10:26 |
| skraito | where /etc/motd shell script | 10:26 |
| skraito | located | 10:26 |
| skraito | ? | 10:26 |
| === sygnous_ is now known as sygnous | ||
| === jrib is now known as Guest31537 | ||
| === Tm_T is now known as Guest1531 | ||
| skraito | hi guys | 10:56 |
| === Guest31537 is now known as jrib | ||
| AfroMark | Hi all. I'm setting up ubuntu server for the first time and I could do with a little guidance. | 12:21 |
| AfroMark | I'm following a few steps to increase security, following a few points from the guide here: http://www.thefanclub.co.za/how-to/how-secure-ubuntu-1204-lts-server-part-1-basics | 12:22 |
| AfroMark | Trying to do no.2: Securing the Shared Memory, but I'm not sure if I'm using VIM correctly | 12:23 |
| AfroMark | Could someone give me a little more guidance on how to insert the extra line into /etc/fstab? | 12:23 |
| qman__ | I see they fixed the PHP configuration on that guide | 12:30 |
| qman__ | that said I still disagree with several of the items they list | 12:30 |
| qman__ | ubuntu is secure by default, the rest is a matter of preference | 12:30 |
| qman__ | beyond all of that, ubuntu (and debian) have a limited version of vi by default, if you want the full featured version, install vim-nox | 12:31 |
| qman__ | and if you're unfamiliar with vim, you can use nano | 12:31 |
| AfroMark | so it's not essential to secure the shared memory? | 12:33 |
| qman__ | it's not essential to do any of those things; securing shared memory is only important on systems where you have untrusted users with shell access | 12:43 |
| qman__ | the other major problem with that article is it doesn't explain why each thing is to be done, or what it's for | 12:43 |
| qman__ | some of them are a good idea in certain situations but not others | 12:44 |
| qman__ | for example, the SSH section | 12:44 |
| qman__ | 1. root is not allowed to log in by default | 12:44 |
| qman__ | you have to go and set a root password or set up SSH keys to enable it | 12:44 |
| qman__ | 2. changing SSH port is an annoyance only | 12:45 |
| qman__ | it's an annoyance to you as much as it is an annoyance to an attacker, and that's all | 12:45 |
| qman__ | I also advise against installing nmap on your server, since nmap can be used without root access and simply invites users to do port scans | 12:46 |
| qman__ | you should run nmap from a separate system | 12:46 |
| === exekias_ is now known as exekias | ||
| rurufufuss_ | what tool can one use to check where the disk usage comes from, in command line? | 14:23 |
| rurufufuss_ | my ubuntu linode's 4GB is used up, nfi where they're used :( | 14:23 |
| qman__ | rurufufuss, du | 14:33 |
| qman__ | specifically, you can do this: du -sh /* | 14:33 |
| qman__ | that will sum each of the directories in the root | 14:33 |
| qman__ | you can then get narrower in scope until you nail down what's using all that space | 14:33 |
| qman__ | you can also use find to search for files over a certain size | 14:33 |
| qman__ | find / -type f -size +100M | 14:33 |
| qman__ | will find all files 100MB or larger | 14:34 |
| rurufufuss | qman__: thanks | 14:56 |
| AfroMark | Can anyone help me set up Samba on my server? I'm having difficulty getting it to work. | 15:18 |
| === arrrghhhAWAY is now known as arrrghhh | ||
| * n00b123 is Back !! | 16:07 | |
| === ivoks_ is now known as ivoks | ||
| === Guest1531 is now known as Tm_T | ||
| agu10^_ | Response:550 Create directory operation failed. | 17:00 |
| bekks | agu10^_: Are we supposed to guess when and what is causing that message? :) | 17:04 |
| agu10^_ | filezilla when uploading through ssh | 17:04 |
| agu10^_ | how can i fix it? | 17:04 |
| bekks | agu10^_: Thats not FTP, but SFTP, which, in fact, is SSH. | 17:04 |
| agu10^_ | yes | 17:05 |
| bekks | And that message indicates that you dont have permissions to create that directory. | 17:05 |
| agu10^_ | why don't i? | 17:05 |
| agu10^_ | that folder's permissions is 775 | 17:06 |
| agu10^_ | and i'm the owner | 17:06 |
| agu10^_ | so WTF | 17:06 |
| skraito | hi all | 17:11 |
| skraito | where do you get /etc/motd script from | 17:12 |
| skraito | in ubuntu server | 17:12 |
| qman__ | skraito, it is generated automatically using update-motd | 17:12 |
| skraito | update-motd ? | 17:17 |
| skraito | is that a command ? | 17:17 |
| skraito | nothing there | 17:17 |
| skraito | i want to erase it how to do it ? | 17:18 |
| agu10^_ | Why can't i create dirs without sudo? permissions are 775. WTF? | 17:19 |
| qman__ | skraito, no, it is a package, see man update-motd | 17:20 |
| agu10^_ | okay at /var/www i can create dirs. but at /var/www/wildcard i can't! Why is this? wildcard is 775. | 17:27 |
| streulma | why is Postfix config splitted in Ubuntu ? | 19:34 |
| === jetole_ is now known as jetole | ||
| === arrrghhh is now known as arrrghhhAWAY | ||
| shankstaBytes | is there an sftp banning program? | 19:46 |
| shankstaBytes | like failed login banning | 19:46 |
| === bastidra1or is now known as bastidrazor | ||
| RoyK | streulma: what do you mean split? | 20:07 |
| === wizonesolutions is now known as Lenfire | ||
| === Lenfire is now known as lenfire | ||
| === lenfire is now known as wizonesolutions | ||
| === cedr is now known as cdr | ||
| phunyguy | hello, I followed a guide on ubuntu.com to set up a bridged network interface, but I am getting errors in syslog saying:May 5 18:06:27 outerbanks kernel: [ 1691.020167] br0: received packet on eth1 with own address as source address | 22:14 |
| wilmaaaah | evening | 22:24 |
| wilmaaaah | has anyone running a kvm server with several virtual desktops? i have poor video performance | 22:25 |
| wilmaaaah | will a better graphics card on the server improve the performance? | 22:25 |
| wilmaaaah | or is this a client side issue? | 22:25 |
| wilmaaaah | i've switched from vnc to spice and it's not much of an improvement | 22:28 |
| wilmaaaah | serverside i have a 8mb onboard chip | 22:28 |
| wilmaaaah | i mean, the audio is awesome. maybe it's the weak chip on my client | 22:32 |
Generated by irclog2html.py 2.7 by Marius Gedminas - find it at mg.pov.lt!