| ClientAlive | What is the best way to align partitions across multiple disks? Is there a way to do it that doesn't involve creating partitions on the other disks just as spacers? My problem is, I'll have a raid array but not everything on this systeam can be in a raid array (the uefi system partition for instance). I still want the partitions in the raid array to lign up on the physical platters across all disks though. | 04:37 |
|---|---|---|
| soy_el_pulpo | I guess you can copy the partition of the disk you want to be the source to the other targets, assuming they are exactly the same | 04:53 |
| soy_el_pulpo | and only add to the raid the ones you need, excluding those that can't be RAIDed | 04:54 |
| soy_el_pulpo | you can use "sfdisk -d /dev/sda | sfdisk /dev/sdb" to copy the partition form sda to sdb | 04:55 |
| soy_el_pulpo | ClientAlive: hope this helps | 04:56 |
| ClientAlive | thx man | 04:57 |
| ClientAlive | it does :) | 04:57 |
| jacksonka | Anyone aware of an encryption algorithm stronger than ECDSA | 04:57 |
| jacksonka | Anyone aware of an encryption algorithm stronger than Elliptic Curve Digital Signature Algorithm? | 05:01 |
| jacksonka | Specifically ECDSA 521 | 05:02 |
| jacksonka | I am attempting to deploy Jabber has anyone done it on Ubuntu 12.04? | 05:15 |
| madprops | hi, I was wondering what the justifications for forking apache are | 06:10 |
| madprops | some folks at httpd seem to be appalled by this | 06:12 |
| andol | madprops: what fork are you refering to? | 06:23 |
| madprops | andol, http://wiki.apache.org/httpd/DebianDeb0rkification | 06:26 |
| andol | Wouldn't call that so much a fork, as providing a different set of default configuration. | 06:28 |
| andol | My personal opinion is that I do appreciate this split into include files, but agree with the wiki page on some not-optimal default. From what I have understood that is at least partly done in regards to backward compability, not breaking upgrades for packages which depend on Apache2, etc | 06:31 |
| balachmar | Hi, I am installing postfix as a mailserver on a vps and it is working with ufw disabled. But when I enable it it blocks port 587 even when in the status it allows udp and tcp from Anywhere | 07:13 |
| sarnold | balachmar: can you pastebin your ufw status output somewhere? | 07:16 |
| sarnold | balachmar: have you manually added any rules that would prevent it from working? | 07:16 |
| sarnold | balachmar: does netstat -tnlp | grep :587 show it listening? is it listening on the interfaces you expect? | 07:17 |
| sarnold | s/interfaces/addresses/ | 07:17 |
| balachmar | @sarnold: http://pastebin.com/uwV47Dr6 for ufw status verbose | 07:18 |
| sarnold | balachmar: hrm, I see an explicit DENY on 25; how are you testing that 587 doesn't work? | 07:18 |
| balachmar | sarnold: I am using thunderbird. and it works fine with ufw disabled | 07:19 |
| balachmar | sarnold: iptables output: http://pastebin.com/BKSjcCzd | 07:20 |
| sarnold | oof, I'm once again reminded that I need to study iptables more. :) | 07:20 |
| balachmar | sarnold: and netstat: http://pastebin.com/rZNyT7yx | 07:21 |
| sarnold | balachmar: and you're confident thunderbird isnt using 25? | 07:21 |
| balachmar | sarnold: yes, that was what I was thinking as well, with all that chaining, I am a bit abffled | 07:21 |
| balachmar | sarnold: well, it is telling me it uses 587 with STARTTLS | 07:22 |
| balachmar | But I can allow 25 for now | 07:22 |
| sarnold | balachmar: can you try something like openssl s_client -connect mailserver.foo.example.com:587 ? I think that should work.. | 07:22 |
| balachmar | sarnold: even with 25 open (according to ufw) no luck | 07:23 |
| balachmar | openssl s_client -connect mail.wligtenberg.nl:587 | 07:24 |
| balachmar | CONNECTED(00000003) | 07:24 |
| balachmar | mmm, I could have ubfoscated the server name there :) | 07:24 |
| sarnold | CONNECTED is actually encouraging.. | 07:24 |
| sarnold | 16 2272 ACCEPT tcp -- * * 0.0.0.0/0 0.0.0.0/0 tcp dpt:587 | 07:24 |
| sarnold | that shows some 16 packets accepted through to port 587, right? | 07:25 |
| sarnold | (line 73) | 07:25 |
| balachmar | sarnold: http://pastebin.com/695FdJc7 full thing from openssl | 07:26 |
| sarnold | balachmar: can you check the postfix logs? thjere might be something else oging on.. | 07:26 |
| sarnold | balachmar: aha, add a -starttls smtp to that openssl command line; I just got a nice SMTP session with your server | 07:28 |
| balachmar | @sarnold: you were able to send mail? | 07:29 |
| balachmar | @sarnold: I don't know :) | 07:36 |
| sarnold | balachmar: hehe :) | 07:37 |
| balachmar | @sarnold: aah I know why it whines about that | 07:37 |
| sarnold | balachmar: well, there's lots of reasons why it might fail to relay.. hopefully the logs say _why_ | 07:37 |
| balachmar | @sarnold: you need to login to do that | 07:37 |
| balachmar | @sarnold: do you know how I can login using the openssl command? | 07:37 |
| === mlocher_ is now known as mlocher | ||
| === irv_ is now known as irv | ||
| sarnold | balachmar: oh man, it looks complicated :) http://tools.ietf.org/html/rfc2554 | 07:38 |
| balachmar | maybe I can use this: http://www.ndchost.com/wiki/mail/test-smtp-auth-telnet | 07:38 |
| sarnold | balachmar: ooh. worth a shot. | 07:39 |
| balachmar | @sarnold: ok, authenticated :) | 07:44 |
| balachmar | @sarnold: and seemingly able to send an e-mail | 07:46 |
| sarnold | balachmar: nice :) can you send... | 07:46 |
| sarnold | woo. | 07:46 |
| balachmar | @sarnold: but it didn't arrive yet... | 07:46 |
| balachmar | @sarnold: mmm, it didn't work | 07:48 |
| balachmar | So, as soon as I turn off ufw, I can send e-mail | 07:49 |
| balachmar | sarnold: I think it is actually about sending it, not receiving the task of sending mail | 07:49 |
| balachmar | sarnold: yes, it is unable to resolve google.com hostname | 07:50 |
| balachmar | sarnold: I can't ping on that machine either when I turn on ufw | 07:50 |
| balachmar | sarnold: I just don't know which ports are required for that | 07:52 |
| sarnold | balachmar: ping is different, that uses icmp rather than tcp or udp | 07:52 |
| balachmar | @sarnold, ok and which port is used for DNS? | 07:53 |
| sarnold | balachmar: resolving google.com would require probably allowing input from port 53 back to your server on any ephemeral port... | 07:53 |
| sarnold | balachmar: (the request is probably made from an ephemeral port rather than a well-known port..) | 07:53 |
| sarnold | balachmar: .. is there a connection tracking module required / available for dns? | 07:54 |
| balachmar | sarnold: don't know | 07:54 |
| balachmar | sarnold: I know that ping google.com doesn't work as soon as I enable ufw and that postfix also complains about not knowing where to send the mail | 07:55 |
| sarnold | balachmar: hrm, I don't see one on my system anyway.. | 07:55 |
| sarnold | balachmar: 'ufw allow proto icmp' would probably fix that... | 07:56 |
| sarnold | (fix ping, that is. dunno about the rest. :) | 07:56 |
| balachmar | sarnold: ERROR: Need 'to' or 'from' clause ... (I forgot to mention this thing is running 8.04...) | 07:57 |
| sarnold | balachmar: aha, my shiny 13.04 laptop has them both optional :) | 07:57 |
| sarnold | .. though maybe that's just a shotrhand in the manpage. | 07:58 |
| balachmar | sarnold: and since it is a vps on openvz upgrading I cannot upgrade it | 07:58 |
| sarnold | balachmar: maybe 'to 0.0.0.0'? | 07:58 |
| balachmar | sarnold:ERROR: Unsupported protocol 'icmp' | 08:00 |
| sarnold | balachmar: try 'proto 1' ? (I found it via grep icmp /etc/protocols) | 08:01 |
| balachmar | sarnold:ERROR: Unsupported protocol '1' | 08:03 |
| balachmar | :) | 08:03 |
| balachmar | sarnold: Aah, there seem to be issues with ufw using non stock ubuntu kernels (which vps companies do) | 08:07 |
| balachmar | sarnold: so, fixing that first | 08:07 |
| sarnold | balachmar: oooof. :/ it's bedtime for me, I hope you get something working to your liking. :) | 08:28 |
| sarnold | balachmar: if you wind up fixing it, I'd be curious to know what the end result is. :) good luck | 08:28 |
| balachmar | sarnold: I will let you know via a pm | 08:42 |
| === acrocity_ is now known as acrocity | ||
| _dreamer | Hello, I am installing a webserver with apache mysql and php. I ran into some trouble while trying to connect to my mysql server (from a local machine that's not the server). I get the Can't connect to [local] MySQL server error and I do not understand how to fix it even after reading this, http://dev.mysql.com/doc/refman/5.6/en/can-not-connect-to-server.html. Can anyone help me? | 10:27 |
| _dreamer | Hello, I am installing a webserver with apache mysql and php. I ran into some trouble while trying to connect to my mysql server (from a local machine that's not the server). I get the Can't connect to [local] MySQL server error and I do not understand how to fix it even after reading this, http://dev.mysql.com/doc/refman/5.6/en/can-not-connect-to-server.html. Can anyone help me? | 10:32 |
| _dreamer | nvm, gonna use phpmyadmin... | 10:36 |
| balachmar | Hi, I'm installing my own mail server, and I can send mail, and connect to imap. But I don't receive mails that I send from my gmail account to my new mail address. | 11:57 |
| balachmar | I am not sure how I can check that | 11:57 |
| e_t_ | balachmar: do you have an MX record pointing to the mail server you set up? | 12:06 |
| balachmar | e_t_: yes, I now found this website that allowed me to check to which server it is pointing | 12:07 |
| balachmar | e_t_: http://mxtoolbox.com/SuperTool.aspx and that was fine | 12:07 |
| balachmar | e_t_: however when I did an smtp check, it failed. Now I allow port 25 as well, I didn't know if that was required | 12:07 |
| balachmar | e_t_: and that seemed to fix it :) I didn't really want to open 25, because I am sending over ssl, but apparently I also need it to receive mails :D | 12:08 |
| e_t_ | Port 25 has to be open on a mail server. Otherwise, it's like welding your mailbox shut. | 12:09 |
| balachmar | e_t_: yep, kind of got that now :D | 12:09 |
| liri | hey guys | 13:39 |
| liri | I've got an Ubuntu natty server, where all of my repositories are configured to use us.archive.ubuntu.com. When I issue an apt-get update, I get 404 Not Found on many of the configured repositories. | 13:40 |
| liri | Should I fix up the repositories configuration some how or should I just go about doing a dist-upgrade? | 13:42 |
| mardraum | personally I would upgrade, otherwise, look for a mirror that still holds that ancient release. | 13:45 |
| liri | yeah I think I found a way | 13:46 |
| liri | just convert the source.list file from us.archive.ubuntu.com to old-releases.ubuntu.com | 13:46 |
| liri | should do it for the basic stuff | 13:46 |
| liri | thanks though | 13:46 |
| === highvolt1ge is now known as highvoltage | ||
| garrettkajmowicz | Greetings! I just upgraded my server from 10.04 LTS to 12.04 LTS and the newly-installed kernels will not boot. Specifically, I get dumped to a busybox shell. If I boot a kernel from 10.04, everything comes up fine. The funny thing is that if I am in the busybody shell, the root volume isn't mounted, but "mount /dev/md0 /root" works just fine. Any thoughts? | 17:22 |
| qman__ | garrettkajmowicz, try creating/recreating /etc/mdadm/mdadm.conf | 17:44 |
| qman__ | backing up any existing files of course | 17:44 |
| qman__ | the 10.04 kernel may be doing autodetection that the 12.04 kernel isn't doing | 17:45 |
| garrettkajmowicz | qman__: I can buy that (working on the file now). However, simply running "mount /dev/md0 /root" works flawlessly once I'm in busybox - the RAID set has been automatically assembled. | 17:48 |
| garrettkajmowicz | qman__: I've checked the mdadm.conf file and updated it with a few bits. Next reboot (which will disable this connection) I will see if anything works better. | 17:52 |
| qman__ | ok, just an idea | 17:52 |
| qman__ | one other thing, check to make sure /boot didn't fill up | 17:54 |
| qman__ | if it did you may have gotten partial/broken files on your new kernels or new initramfs files | 17:55 |
| lenny__ | Hello this may be the wrong place for this question so I am sorry in advanced. I have set up my own server and have configured the DNS to point to it when I arrive at the page the page displays webpagename.com but when I go to any link it shows my server name. Is doing a mod rewrite the best way to handle this or is their a better way to do this? | 18:19 |
| lenny__ | sorrry server IP not name | 18:19 |
| qman__ | lenny__, that means you need to reconfigure your web application's settings | 18:25 |
| qman__ | most web applications have a configuration file which has a setting for your site URL - where it is will depend on that application | 18:26 |
| lenny__ | ok so for instance this is a wordpress install I should be looking their? | 18:30 |
| balachmar | I am trying to install roundcube, installed package form repos, but server/roundcube/installer/ doesn't exist | 18:31 |
| qman__ | yes, wordpress should have a configuration file with a setting that is currently set to your server's IP, and that should be changed to your site name | 18:31 |
| lenny__ | ok thank you very much qman__ | 18:31 |
| andol | Seem to recall that wordpress has that setting in the database? (Commonly modified from /wp-admin/) | 18:32 |
| lenny__ | I think wp-config.php should have it if not ill check the database. myserver is locked down to only allow shell access from my network though so I will check in an hour when I get back. | 18:33 |
| === diplo_ is now known as diplo | ||
| === yofel_ is now known as yofel | ||
| === Ursinha is now known as Ursinha-afk | ||
| === Ursinha-afk is now known as Ursinha | ||
| === Ursinha is now known as Ursinha-afk | ||
| === Ursinha-afk is now known as Ursinha | ||
| === daker_ is now known as daker | ||
| codepython777 | anyone using vagrant / puppet / chef here? | 23:31 |
| codepython777 | I was thinking of provisioning using bash, and was wondering if someone had any luck with that? | 23:31 |
| === unreal_ is now known as unreal | ||
| madprops | is there much difference between CentOS and Ubuntu Server when it comes to security? | 23:49 |
| qman__ | yes, the two take different approaches on a number of issues | 23:52 |
| qman__ | if you're really asking if one is more secure than the other though, the answer is no | 23:53 |
| qman__ | security isn't about selecting one product over another, it's about strategy and behavior, you're only as strong as your weakest link | 23:56 |
Generated by irclog2html.py 2.7 by Marius Gedminas - find it at mg.pov.lt!