=== sieb_away is now known as sieb [00:39] hi guys - can anyone point me to a website on how to setup / install a secure Apache / PHP / MySQL envionment for a Ubuntu server? Please === marcoceppi|away is now known as marcoceppi|trave === IdleOne is now known as frenocha === frenocha is now known as IdleOne === sieb is now known as sieb_away === acrocity_ is now known as acrocity === sieb_away is now known as sieb [03:21] hi guys - can anyone point me to a website on how to setup / install a secure Apache / PHP / MySQL environment for a Ubuntu server? Please === sieb is now known as sieb_away [03:50] prgCoder, have you tried the ubuntu server guide? === sieb_away is now known as sieb [04:25] where can I find kernel debug info for 3.5.0-23-generic #35~precise1-Ubuntu ? [04:27] chilli-salad: thanks === sieb is now known as sieb_away [05:04] Semor: ddebs.ubuntu.com ? [05:04] is thin client = windows terminal server? [05:05] jpds:what is the differnce between 3.5.0-23-generic and 3.5.0-23-generic precise1 ? [05:05] derrik: No. [05:05] Semor: Pardon? Do you have links? [05:10] jpds it isnt? [05:11] i found with google: A thin client is a network computer without a hard disk drive [05:13] jpds: do you know the precise1 version of ubuntu server? [05:13] derrik: It might be an example instance of it; but it's not the only version of it. [05:14] Semor: You mean 12.04.1 LTS ? [05:15] yes ,that is [05:15] It is the kernel I am running [05:16] Semor: what does "uname -a" show ? [05:17] Linux localhost 3.5.0-23-generic #35~precise1-Ubuntu SMP [05:19] how do I install debug symbols for it? === sieb_away is now known as sieb === sieb is now known as sieb_away === sieb_away is now known as sieb === sieb is now known as sieb_away === mrmist is now known as mist === smb` is now known as smb === sieb_away is now known as sieb === sieb is now known as sieb_away === sieb_away is now known as sieb === sieb is now known as sieb_away === sieb_away is now known as sieb === sieb is now known as sieb_away [09:37] trying to figure out what is typical or good for spam filtering for postfix [09:38] https://help.ubuntu.com/community/PostfixAmavisNew is that typical? [09:38] or some/all of these? https://help.ubuntu.com/community/Postfix#Other_Postfix_Guides [09:50] WalterN: yeah amavisd-new, postgrey and SPF records for your domains [09:50] WalterN: and spamhaus ZEN list [09:52] erm, what? :-x [09:52] WalterN: google.com [09:53] I normally prefer asking in IRC before google, but w/e [09:53] you asked, I answered [09:53] if you just "erm what" then you need to google [09:54] so spamassassin is not as typical? [09:54] it's part of amavisd-new [09:54] oh ok [09:55] the other things will stop the shit actually getting to amavisd-new [09:55] go read about them. === wedgwood is now known as Guest52531 === sieb_away is now known as sieb === sieb is now known as sieb_away === NiTeMaRe- is now known as NiTeMaRe === sieb_away is now known as sieb === sieb is now known as sieb_away [11:58] WalterN: I have used this in the past on ubuntu and debian servers: http://www200.pair.com/mecham/spam/ === gary_poster|away is now known as gary_poster [12:21] lifeless: can you open a bug detailing how it interferes? [12:22] lifeless: do you mean that you do a one-filesystem backup of /var and want all containers backed up by that? [12:22] hallyn: yes [12:23] hallyn: I'm presuming the answer is 'there is no way to disable it today' [12:24] lifeless: you're telling me that if i mount btrfs at /mnt, and create a new subvolume at /mnt/a, then --one-filesystem will not traverse /mnt/a? [12:24] hallyn: correct === s is now known as Guest37677 [12:24] hallyn: it may be constrained by 'when /mnt/a is mounted' [12:25] you dont' mount subvolumes though [12:25] hallyn: I ran into this with /home earlier today - noticed I had nothing in my home backups for this year [12:25] is there a btrfs mount option to not do that? [12:25] hallyn: because the fstab for a new install with btrfs has a mount rule for home. [12:26] hallyn: you could argue that it's broken rsync one-file-system heuristics, though IMO if its in the mount table, treating it as a mount point is pretty sane ;) [12:26] why is it in the mount table [12:26] it didnt' use to be [12:27] hallyn: search me [12:27] /dev/mapper/lifelesshp-root /home btrfs defaults,noatime,subvol=@home 0 2 [12:27] hallyn: see #ubuntu-devel about the time I pinged you, I had a chat with RAOF about it [12:28] lifeless: i have 5 subvolumes under /home/serge/lxcbase, and they do not show up in 'mount' [12:29] hallyn: right, they need to be mounted [12:30] hallyn: I don't know offhand whether it's a) being a subvolume or b) being in mtab that breaks --one-file-system. [12:30] hallyn: I can drill into it [12:30] lifeless: I don't understand [12:30] lifeless: 'mounted' by who? [12:30] the contents are there without mounting them. [12:30] hallyn: I'll chat another time; its 0030 here. [12:30] lifeless: np - thanks [12:30] lifeless: one thing, [12:30] hallyn: see above w.r.t. /home which sent me down the path of looking at this for lxc too [12:31] i wonder if what is actually screwing you up is the default behavior of lxc to always bind-mount rootfs for containers - btrfs or not [12:31] hallyn: and /home is mounted by fstab which the installer sets up. [12:31] lifeless: ok, thanks. ttyl. [12:31] I need to mount my crypted backups to check whether lxc containers are missing or not [12:31] and yeah thats a good point [12:31] ok. they really shouldn't be [12:32] * hallyn hopes he doesn't have to redesign the whole thing :) [12:32] well there may be multiple issues at play :> [12:32] anyhow, another day! gnight [12:32] gnight [12:33] hallyn, hi there [12:43] hey [12:46] how have you been [12:47] all right. yourself? === sieb_away is now known as sieb [12:55] stgraber: uh, hopefully you've not made any updates to lxc staging branch in the last hour [12:55] hallyn: nope, I haven't. I'm at debconf so unlikely to do a lot of commits this week. [12:56] hallyn: I'm looking at LXC on Android at the moment, specifically getting a local implementation of getifaddrs [12:56] stgraber: ok - no reason for me saying that, carry on :) [12:56] fun [12:57] i'm *seriously* soon gonna dogfood ubuntu phone in qmeu phone soon, not sure if android under that will be good for testing lxc in [13:05] roaksoax/jamespage: https://code.launchpad.net/~zulcss/python-heatclient/refresh/+merge/179695 [13:17] jamespage/roaksoax: https://code.launchpad.net/~zulcss/python-keystoneclient/netaddr/+merge/179699 [13:18] zul,-1 feedback in MP [13:18] argh [13:20] jamespage: hes my evil twin who didnt have his DEBEMAIL set [13:20] jamespage: fixed now [13:23] zul, still does not look like a new upstream release to me [13:24] jamespage: how about now/ [13:27] zul, +1 [13:28] jamespage: thanks === medberry is now known as med_ === Rallias is now known as Gasseus === alamar is now known as julian === railsraider_ is now known as railsraider === Guest52531 is now known as wedgwood === ema_ is now known as ema === Gasseus is now known as Rallias [15:05] trying to allow my developers to upload code to my apache instance via sftp... questions: what should the permissions be on /var/www? I believe Openssh is handling the sftp, how do I change the default directory to /var/www/codetest? How do I grant the 'ftpuploader' user permissions to this folder but not the rest of /var/www [15:30] Ubuntu 13.04 - add-apt-repository is not adding repos [15:31] no error, and lsb_release -a results in a segmentation fault [15:31] look for an assist? [15:32] * darthanubis back to google [15:33] the web only shows ppl that have the not found error, but I do haveit installed [15:34] yes, I could edit the source.list by hand, just like add apt for the lazy [15:34] and am curious why anything on the system does not work as intended [15:37] http://pastebin.com/A6WkxsVf [15:48] I can't remove python-software-properties === Ursinha-afk is now known as Ursinha [16:45] is it possible to delete a paste from http://paste.ubuntu.com/ ? [16:59] red6m: Well, if it is critically important enough I guess you might be able to convenince someone with root access to do that for you... [17:03] andol, yeah. I guess I'll wait if it disappears n 30 days - and after that I might gonna have to find someone to delete it :-\ posted confidential shit by mistake. [17:29] is something wrong with us-west-2.ec2.archive.ubuntu.com? [17:29] Failed to fetch http://us-west-2.ec2.archive.ubuntu.com/ubuntu/pool/main/l/linux/linux-libc-dev_3.8.0-26.38_amd64.deb 403 Forbidden [17:29] ribo: note that ec2 reports "403" when other servers might report "404". [17:30] s/ec2/s3/ [17:30] I still have the same question, then :) [17:30] ribo: so if you're asking for files that have not yet synced over, or have been removed, the 403 response can be extremely confusing :) [17:31] was an apt-get upgrade :| [17:34] ribo: perhaps you caught it in the middle of a resync.. try again in a few minutes. [17:37] not usually one to complain about things I'm getting for free, but that kinda sucks for auto provisioning instances, heh [17:37] guess I'll just wait then [17:58] I can't remove python-software-properties [17:58] http://pastebin.com/A6WkxsVf [17:58] looking for an assist? [18:00] check your logs for filesystem errors i would guess ... and if you have enough space ... that file doesnt just go corrupt out of nowhere [18:08] darthanubis, looks like your dpkg database is broken [18:08] as already mentioned, check that /var didn't run out of space, and try to correct the error on that line === whaley_ is now known as whaley [19:11] adam_g/roaksoax: https://code.launchpad.net/~zulcss/keystone/babel/+merge/179780 === empty is now known as davidbowlby [20:41] ogra_, thx, qman__ var did not run out of space. But would a corrupted FS also break my dpkg? I suppose. [20:41] 70 [20:42] darthanubis, yes [20:48] Hello, was wondering how I could install Ubuntu Server over SSH through the server's recovery console? === julian is now known as alamar [20:57] qman__, thx === andreas__ is now known as ahasenack [21:11] hey guys, i have a problem switching luks passphrase auth to key file based for root fs, details: http://askubuntu.com/questions/330660/what-is-the-correct-way-to-use-key-file-luks-authorization anyone? [21:18] Hi, does IMAP on port 143 require an MX record or an A record? Thanks [21:20] fbdystang: neither [21:21] Well, it does require an A record, but the actual port doesn;t [21:21] doesn't * [21:21] guntbert: URL? [21:22] * s0m3body points out the fact that if you don't know what kind of record it needs, you shouldn't be setting up a mail server [21:22] s0m3body: right but does the external DNS see it as an A record? [21:22] fbdystang: what do you mean? [21:23] hehe, I am a noob but I already have it set up and working with pop3. Trying to get IMAP working [21:23] if you set an A record, every DNS (should) see it as an A record.. [21:23] fbdystang: are you talking about setting up a mail server? the client just needs to get the IP address, hence you would need an A record for the mail server [21:23] guntbert: Thank you , that answers my question :) [21:23] fbdystang: if pop3 works the DNS is ok [21:24] I had my external DNS service pointing to my imap port as an MX record, and I think that is what is causing issues [21:25] yep [21:25] fbdystang: DNS doesn't deal with ports at all [21:25] Well, port 53 ;-) [21:26] genii: splitting hairs? it *uses* 53 :-) [21:27] * genii slides guntbert a tasty coffee [21:27] what I need now - before going to bed - hmmm [21:29] So, if IMAP comes in on an IP, not a port, how does it resolve to 143? [21:30] fbdystang: The protocol itself... so the server listens on 143, and whatever client is trying 143 [21:35] Would anyone know where I should go with an issue like this: I've got a usb audio device (DAC) plugging into an ubuntu server build and the device appears to be disconnecting and reconnecting repeatedly (https://gist.github.com/storrgie/03b65e769de393e9cf0a) [21:38] storrgie: in wild-guess land, perhaps it is waiting for a driver to download some firmware to the device? [21:39] storrgie: do you know if it is supposed to work well under linux? can you run a usb sniffer of some sort under windows and see what it does? compare / contrast with a sniffer under linux? [21:47] sarnold, I believe its supposed to work well under linux, however the manufacture doesn't support it working well under linux [21:54] sarnold, I'm actually trying to email the engineer that worked on the usb interface to get some info from him [21:54] I'm guessing its on their end [21:55] storrgie: do re-check the docs to see if there is firmware or other userspace tools you need to run to make it work [21:57] sarnold, thanks! === Ursinha-afk is now known as Ursinha [22:16] hey helpful ones. installing open vpn using the 12.04 guide. [22:16] https://help.ubuntu.com/12.04/serverguide/openvpn.html [22:16] it fails at "source vars" [22:17] ************************************************************** [22:17] fails how? [22:17] No /etc/openvpn/easy-rsa/openssl.cnf file could be found [22:17] Further invocations will fail [22:17] ************************************************************** [22:17] is ther error? [22:17] https://forums.openvpn.net/topic8819.html [22:17] has a fix [22:17] to just point at the config [22:17] any thoughts? it that a good idea? [22:21] grub seems different than what I remember it [22:21] How do you change which kernel boots, by default, if several are listed in the menu.lst file? [22:22] sarnold: sorry i have been inturupted. i'll be back in an hour. hope you are here [22:22] and thank you [22:48] SuperLag: Grub2 doesn't use menu.lst [22:50] SuperLag: You have to edit /etc/default/grub file and add a line: GRUB_DEFAULT=# ...where # is the entry you want to be default. Then sudo update-grub [23:30] guys, where can i read about booting system over grub 2 related to detailed sequence, mostly about how it gets us into initrd image and how control being passed through stages of boot? please, sorry for my retarded english [23:32] !grub2 [23:32] GRUB2 is the default Ubuntu boot manager. Lost GRUB after installing Windows? See https://help.ubuntu.com/community/RestoreGrub - For more information and troubleshooting for GRUB2 please refer to https://help.ubuntu.com/community/Grub2 [23:35] genii, i've been there, but from what i read i don't get the next thing: our initrd image is sotred on filesystem which normally has mount point at /boot later on a booted system, i need to have a clue on how it gets mounted from the very first stages and when it becomes accessible and from which mount points (if there are some others but /boot as far as i know there are none) [23:36] failmaster: grub2 can understand a lot of different types of filesystems [23:37] failmaster: so it can read initrd and kernel images off of filesystems without needing the disk blocks hard-coded (as lilo required) [23:37] sarnold, yeah i know that, at least it comes as a conclusion due to the fact it needs fs modules necessary to read from that /boot device it's installed on [23:39] sarnold, what i don't understand is why people telling me that there is no way my bootloader media is mounted and accessible during initrd stage [23:43] The full official documentation is at http://www.gnu.org/software/grub/manual/grub.html [23:44] same problem trying to make rootfs device unlocked on boot using keyfile /boot/key but today, one guys gave me a tip, saying it shouldn't work like that http://askubuntu.com/questions/330660/what-is-the-correct-way-to-use-key-file-luks-authorization [23:44] genii, oh, thanks, sorry for being banned in google lol [23:48] sarnold: I am back [23:50] hey LargePrime, any luck?