[11:14] <vmuser> anyone running geronimo3 ?
[16:04] <goles> Hey guys, I'm starting a fresh ubuntu 13 64 bits server, I was wondering if someone knows about a decent guide about the basics of security that I should be aware of, (I'm not exactly a noob, but I want to cover my bases).
[16:04] <goles> I already disabled SSH password login (for instance)
[16:07] <goles> Anyone around? :D
[16:07] <andol> goles: The most important part is really to understand the daemons you are running on the server, and have them properly configurd, to not allow more than neccesary.
[16:09] <goles> andol: I think I should be more or less ok then... will browse through https://help.ubuntu.com/13.04/serverguide/ though
[17:52] <bitbyte> hey guys is there any specific setup you would suggest for dyndns on ubuntu server
[18:24] <virusuy> bitbyte: what do you mean by "setup" ??
[18:25] <bitbyte> looking to setup dyndns on my server but the noip2 never updates
[18:25] <bitbyte> or dosnt run correctly
[18:25] <bitbyte> a friend suggested ddclient but I'm not too sure
[18:25] <virusuy> well, i used dyndns like 6 years ago,
[18:26] <virusuy> and setup at that time seems really easy and straightforward
[18:28] <bitbyte> i also need to setup irc client some one suggested athene but can't find any documentation really
[18:32] <virusuy> this is the first time that i read about that irc client
[18:32] <virusuy> lol
[18:33] <bitbyte> fair do's it dosnt look very known
[18:33] <bitbyte> when i checked the forums
[18:35] <virusuy> but it's an IRC client ?? or something else related with IRC ?
[18:35] <bitbyte> its an irc client
[18:36] <bitbyte> any who i gotta go
[18:36] <virusuy> oh, ok, cheers
[18:36] <bitbyte> laters man
[19:23] <resno> anybody good with postfix? im needing some help.
[19:23] <sw> !ask | resno
[19:23] <resno> i didnt expect someone to be around now really
[19:24]  * sw doesn't see opening times in the /topic.
[19:24] <sw> resno: By the way, they have their own channel dedicated to support over at #postfix.
[19:24] <resno> ya, but its quiet
[19:24] <resno> just looking to solve my issue
[19:24] <sw> So can you ask it or not?
[19:27] <resno> heres what i got. http://pastebin.com/1e4WJBsR i am using php sending a message and then i would like the list of aliases to broadcast it out to the users
[20:03] <ntzrmtthihu777> hello, someone care to test my apache server from the outside?
[20:13] <goles> Hey guys, I'm configuring a web server using nginx on ubuntu server... I was wondering about which could be a good place to store my ssl certificates? (so that they are only accessible to the nginx user)
[20:25] <TheLordOfTime> goles:  someplace outside the web directory
[20:26] <TheLordOfTime> goles:  most users aren't in the www-data group so ideally someUser:www-data would work, so that normal users can't see it
[20:26] <TheLordOfTime> or www-data:www-data (if it exists on your system) can be the ownership groups
[20:26] <TheLordOfTime> and then somewhere else outside the web root directory that is still "secure"
[20:29] <jsonperl> any reason anyone can think that occasionally all processors would drop to 0% usage for a minute or two
[20:32] <shankstaBytes> can i reinstall apache and clear all the configuration files ?
[20:34] <sw> shankstaBytes: $ apt-get purge apache2; apt-get install apache2
[20:34] <goles> TheLordOfTime: This is very strange though... I installed nginx and all the information that I've read says that the installation should have created dirs sites-available/sites-enabled, however in my case they where not
[20:35] <TheLordOfTime> goles:  nginx -v
[20:35] <TheLordOfTime> pastebin the output
[20:35] <TheLordOfTime> from the command line
[20:35] <TheLordOfTime> or maybe just paste the one output i forget whether it's multiline
[20:35] <TheLordOfTime> *checks*
[20:35] <TheLordOfTime> yeah it's one line output
[20:36] <goles> TheLordOfTime: this is the line nginx version: nginx/1.4.1
[20:36] <shankstaBytes> the default SSL isn't working for me whats a good way to debug?
[20:36] <shankstaBytes> apache error log?
[20:37] <shankstaBytes> im just doing a testing server and i need ssl enabled
[20:38] <shankstaBytes> if i purge apache2 and apache2-common will that delete /var/www
[20:39] <TheLordOfTime> goles:  which OS?
[20:39] <TheLordOfTime> 13.04?
[20:39] <TheLordOfTime> 13.10?
[20:39] <TheLordOfTime> 12.04?  And are you using the nginx ppa
[20:40] <goles> TheLordOfTime: Ubuntu 13.04 x64
[20:40] <goles> I added the nginx repository, updated and installed using apt-get install nginx
[20:40] <sw> shankstaBytes: No.
[20:41] <TheLordOfTime> goles:  which nginx repository?  ppa:nginx/stable   ?
[20:41] <goles> TheLordOfTime: let me check that
[20:41] <TheLordOfTime> goles:  and did you originally install the version in the Ubuntu repositories before installing the version in the nginx ppas
[20:43] <TheLordOfTime> goles:  if in doubt it's probably the stable ppa
[20:43] <TheLordOfTime> !info nginx raring
[20:43] <goles> TheLordOfTime: I think I didn't install any other version that the one added from the repos that are specified here: http://nginx.org/en/linux_packages.html#stable
[20:43] <TheLordOfTime> oopsies...
[20:43] <TheLordOfTime> xD
[20:43] <TheLordOfTime> goles:  ehhhhhhhh
[20:43] <TheLordOfTime> *looks*
[20:43] <goles> :D
[20:44] <TheLordOfTime> goles:  ehhhhhhhh
[20:44] <TheLordOfTime> goles:  i can't vouch for those  packages, the nginx team maintains its own PPA for nginx...
[20:44] <TheLordOfTime> goles:  i'm going to assume that based on the package you installed and the fact it does not include those folders it's a "bad package"
[20:44] <TheLordOfTime> i never use the nginx-provided repos for nginx i use the PPAs.
[20:45] <TheLordOfTime> ... that, and i maintain the PPAs so...
[20:45] <TheLordOfTime> goles:  sudo apt-get remove --purge nginx nginx-common
[20:45] <TheLordOfTime> goles:  then remove the repository you added
[20:45] <goles> TheLordOfTime: what do you suggest ? (this is what I actually see in /etc/nginx https://gist.github.com/Goles/ede540f0b66f686d317d )
[20:45] <TheLordOfTime> then do sudo add-apt-repository ppa:nginx/stable
[20:45] <goles> TheLordOfTime: ok, will do
[20:45] <TheLordOfTime> then do sudo apt-get update; sudo apt-get install nginx-full
[20:46] <TheLordOfTime> goles:  the PPA the nginx team (and coincidentally myself) maintain will add the sites-available and sites-enabled folders
[20:46] <TheLordOfTime> per Debian
[20:46] <TheLordOfTime> ...  oh damn i forgot about the migration to new libraries...
[20:46]  * TheLordOfTime grumblesa
[20:46] <TheLordOfTime> stupid stupid stupid me.
[20:46]  * TheLordOfTime preps an update for saucy
[20:47] <goles> TheLordOfTime: hahaha, this is the cool thing about irc :)
[20:47] <TheLordOfTime> goles:  ehh i've been meaning to update for a recent libraries migration upstream in debian, and i forgot to apply it xD
[20:49] <goles> TheLordOfTime: lol, I see... will follow your advice... seems like add-apt-repository is not installed by default in ubuntu server...
[21:07] <TheLordOfTime> goles:  sudo apt-get install python-software-properties
[21:10] <goles> TheLordOfTime: got it to work
[21:11] <goles> TheLordOfTime: thanks! :)
[21:11] <TheLordOfTime> goles:  i assume the sites-available and sites-enabled folders exist now :p
[21:11] <goles> TheLordOfTime: they do! ahahaha, btw... is it a normal thing to use sudo to startup nginx?
[21:12] <TheLordOfTime> goles: sudo service nginx stop; sudo service nginx start
[21:12] <TheLordOfTime> that launches the master daemon process but it doesn't access anything.  the workers are www-data by default
[21:13] <goles> TheLordOfTime: great, I see... I thougth that the workers would use the 'nginx' user
[21:13] <TheLordOfTime> goles:  nope, it uses www-data by default
[21:14] <TheLordOfTime> goles:  when in doubt, use the PPA.
[21:14] <TheLordOfTime> i try and keep that recent
[21:14] <TheLordOfTime> but i have to update the debian packaging on it to adapt to the latest debian upstream changes.
[21:14] <goles> TheLordOfTime: I see :) , thanks man
[21:16] <TheLordOfTime> goles:  yeppers!
[22:49] <zzak> anyone know a good resource for setting up procmail with postfix? ive been at it with google for hours and no luck
[22:50] <zzak> mailbox_command = /usr/bin/procmail
[22:50] <zzak> log: status=sent (delivered to command: /usr/bin/procmail)
[22:50] <zzak> but i get no email