[00:39] <prgCoder> hi guys - can anyone point me to a website on how to setup / install a secure Apache / PHP / MySQL envionment for a Ubuntu server? Please
[03:21] <prgCoder> hi guys - can anyone point me to a website on how to setup / install a secure Apache / PHP / MySQL environment for a Ubuntu server? Please
[03:50] <chilli-salad> prgCoder, have you tried the ubuntu server guide?
[04:25] <Semor> where can I find kernel  debug info for  3.5.0-23-generic #35~precise1-Ubuntu ?
[04:27] <prgCoder> chilli-salad: thanks
[05:04] <jpds> Semor: ddebs.ubuntu.com ?
[05:04] <derrik> is thin client = windows terminal server?
[05:05] <Semor> jpds:what is the differnce between 3.5.0-23-generic and 3.5.0-23-generic precise1 ?
[05:05] <jpds> derrik: No.
[05:05] <jpds> Semor: Pardon? Do you have links?
[05:10] <derrik> jpds it isnt?
[05:11] <derrik> i found with google:  A thin client is a network computer without a hard disk drive
[05:13] <Semor> jpds: do you know the precise1 version of ubuntu server?
[05:13] <jpds> derrik: It might be an example instance of it; but it's not the only version of it.
[05:14] <jpds> Semor: You mean 12.04.1 LTS ?
[05:15] <Semor> yes ,that is
[05:15] <Semor> It is the kernel I am running
[05:16] <lifeless> Semor: what does "uname -a" show ?
[05:17] <Semor> Linux localhost 3.5.0-23-generic #35~precise1-Ubuntu SMP
[05:19] <Semor> how do I install debug symbols for it?
[09:37] <WalterN> trying to figure out what is typical or good for spam filtering for postfix
[09:38] <WalterN> https://help.ubuntu.com/community/PostfixAmavisNew is that typical?
[09:38] <WalterN> or some/all of these? https://help.ubuntu.com/community/Postfix#Other_Postfix_Guides
[09:50] <mardraum> WalterN: yeah amavisd-new, postgrey and SPF records for your domains
[09:50] <mardraum> WalterN: and spamhaus ZEN list
[09:52] <WalterN> erm, what? :-x
[09:52] <mardraum> WalterN: google.com
[09:53] <WalterN> I normally prefer asking in IRC before google, but w/e
[09:53] <mardraum> you asked, I answered
[09:53] <mardraum> if you just "erm what" then you need to google
[09:54] <WalterN> so spamassassin is not as typical?
[09:54] <mardraum> it's part of amavisd-new
[09:54] <WalterN> oh ok
[09:55] <mardraum> the other things will stop the shit actually getting to amavisd-new
[09:55] <mardraum> go read about them.
[11:58] <greppy> WalterN: I have used this in the past on ubuntu and debian servers: http://www200.pair.com/mecham/spam/
[12:21] <hallyn> lifeless: can you open a bug detailing how it interferes?
[12:22] <hallyn> lifeless: do you mean that you do a one-filesystem backup of /var and want all containers backed up by that?
[12:22] <lifeless> hallyn: yes
[12:23] <lifeless> hallyn: I'm presuming the answer is 'there is no way to disable it today'
[12:24] <hallyn> lifeless: you're telling me that if i mount btrfs at /mnt, and create a new subvolume at /mnt/a, then --one-filesystem will not traverse /mnt/a?
[12:24] <lifeless> hallyn: correct
[12:24] <lifeless> hallyn: it may be constrained by 'when /mnt/a is mounted'
[12:25] <hallyn> you dont' mount subvolumes though
[12:25] <lifeless> hallyn: I ran into this with /home earlier today - noticed I had nothing in my home backups for this year
[12:25] <hallyn> is there a btrfs mount option to not do that?
[12:25] <lifeless> hallyn: because the fstab for a new install with btrfs has a mount rule for home.
[12:26] <lifeless> hallyn: you could argue that it's broken rsync one-file-system heuristics, though IMO if its in the mount table, treating it as a mount point is pretty sane ;)
[12:26] <hallyn> why is it in the mount table
[12:26] <hallyn> it didnt' use to be
[12:27] <lifeless> hallyn: search me
[12:27] <lifeless> /dev/mapper/lifelesshp-root /home           btrfs   defaults,noatime,subvol=@home 0       2
[12:27] <lifeless> hallyn: see #ubuntu-devel about the time I pinged you, I had a chat with RAOF about it
[12:28] <hallyn> lifeless: i have 5 subvolumes under /home/serge/lxcbase, and they do not show up in 'mount'
[12:29] <lifeless> hallyn: right, they need to be mounted
[12:30] <lifeless> hallyn: I don't know offhand whether it's a) being a subvolume or b) being in mtab that breaks --one-file-system.
[12:30] <lifeless> hallyn: I can drill into it
[12:30] <hallyn> lifeless: I don't understand
[12:30] <hallyn> lifeless: 'mounted' by who?
[12:30] <hallyn> the contents are there without mounting them.
[12:30] <lifeless> hallyn: I'll chat another time; its 0030 here.
[12:30] <hallyn> lifeless: np - thanks
[12:30] <hallyn> lifeless: one thing,
[12:30] <lifeless> hallyn: see above w.r.t. /home which sent me down the path of looking at this for lxc too
[12:31] <hallyn> i wonder if what is actually screwing you up is the default behavior of lxc to always bind-mount rootfs for containers - btrfs or not
[12:31] <lifeless> hallyn: and /home is mounted by fstab which the installer sets up.
[12:31] <hallyn> lifeless: ok, thanks.  ttyl.
[12:31] <lifeless> I need to mount my crypted backups to check whether lxc containers are missing or not
[12:31] <lifeless> and yeah thats a good point
[12:31] <hallyn> ok.  they really shouldn't be
[12:32]  * hallyn hopes he doesn't have to redesign the whole thing :)
[12:32] <lifeless> well there may be multiple issues at play :>
[12:32] <lifeless> anyhow, another day! gnight
[12:32] <hallyn> gnight
[12:33] <koolhead11> hallyn, hi there
[12:43] <hallyn> hey
[12:46] <koolhead11> how have you been
[12:47] <hallyn> all right.  yourself?
[12:55] <hallyn> stgraber: uh, hopefully you've not made any updates to lxc staging branch in the last hour
[12:55] <stgraber> hallyn: nope, I haven't. I'm at debconf so unlikely to do a lot of commits this week.
[12:56] <stgraber> hallyn: I'm looking at LXC on Android at the moment, specifically getting a local implementation of getifaddrs
[12:56] <hallyn> stgraber: ok - no reason for me saying that, carry on :)
[12:56] <hallyn> fun
[12:57] <hallyn> i'm *seriously* soon gonna dogfood ubuntu phone in qmeu phone soon, not sure if android under that will be good for testing lxc in
[13:05] <zul> roaksoax/jamespage: https://code.launchpad.net/~zulcss/python-heatclient/refresh/+merge/179695
[13:17] <zul> jamespage/roaksoax: https://code.launchpad.net/~zulcss/python-keystoneclient/netaddr/+merge/179699
[13:18] <jamespage> zul,-1 feedback in MP
[13:18] <zul> argh
[13:20] <zul> jamespage:  hes my evil twin who didnt have his DEBEMAIL set
[13:20] <zul> jamespage:  fixed now
[13:23] <jamespage> zul, still does not look like a new upstream release to me
[13:24] <zul> jamespage:  how about now/
[13:27] <jamespage> zul, +1
[13:28] <zul> jamespage:  thanks
[15:05] <bkfitz> trying to allow my developers to upload code to my apache instance via sftp... questions: what should the permissions be on /var/www?  I believe Openssh is handling the sftp, how do I change the default directory to /var/www/codetest?  How do I grant the 'ftpuploader' user permissions to this folder but not the rest of /var/www
[15:30] <darthanubis> Ubuntu 13.04 - add-apt-repository is not adding repos
[15:31] <darthanubis> no error, and lsb_release -a results in a segmentation fault
[15:31] <darthanubis> look for an assist?
[15:32]  * darthanubis back to google
[15:33] <darthanubis> the web only shows ppl that have the not found error, but I do haveit installed
[15:34] <darthanubis> yes, I could edit the source.list by hand, just like add apt for the lazy
[15:34] <darthanubis> and am curious why anything on the system does not work as intended
[15:37] <darthanubis> http://pastebin.com/A6WkxsVf
[15:48] <darthanubis> I can't remove python-software-properties
[16:45] <red6m> is it possible to delete a paste from http://paste.ubuntu.com/ ?
[16:59] <andol> red6m: Well, if it is critically important enough I guess you might be able to convenince someone with root access to do that for you...
[17:03] <red6m> andol, yeah. I guess I'll wait if it disappears n 30 days - and after that I might gonna have to find someone to delete it :-\ posted confidential shit by mistake.
[17:29] <ribo> is something wrong with us-west-2.ec2.archive.ubuntu.com?
[17:29] <ribo> Failed to fetch http://us-west-2.ec2.archive.ubuntu.com/ubuntu/pool/main/l/linux/linux-libc-dev_3.8.0-26.38_amd64.deb  403  Forbidden
[17:29] <sarnold> ribo: note that ec2 reports "403" when other servers might report "404".
[17:30] <sarnold> s/ec2/s3/
[17:30] <ribo> I still have the same question, then :)
[17:30] <sarnold> ribo: so if you're asking for files that have not yet synced over, or have been removed, the 403 response can be extremely confusing :)
[17:31] <ribo> was an apt-get upgrade :|
[17:34] <sarnold> ribo: perhaps you caught it in the middle of a resync.. try again in a few minutes.
[17:37] <ribo> not usually one to complain about things I'm getting for free, but that kinda sucks for auto provisioning instances, heh
[17:37] <ribo> guess I'll just wait then
[17:58] <darthanubis> I can't remove python-software-properties
[17:58] <darthanubis> http://pastebin.com/A6WkxsVf
[17:58] <darthanubis> looking for an assist?
[18:00] <ogra_> check your logs for filesystem errors i would guess ... and if you have enough space ... that file doesnt just go corrupt out of nowhere
[18:08] <qman__> darthanubis, looks like your dpkg database is broken
[18:08] <qman__> as already mentioned, check that /var didn't run out of space, and try to correct the error on that line
[19:11] <zul> adam_g/roaksoax: https://code.launchpad.net/~zulcss/keystone/babel/+merge/179780
[20:41] <darthanubis> ogra_, thx, qman__ var did not run out of space. But would a corrupted FS also break my dpkg? I suppose.
[20:41] <Pici> 70
[20:42] <qman__> darthanubis, yes
[20:48] <s0m3body> Hello, was wondering how I could install Ubuntu Server over SSH through the server's recovery console?
[20:57] <darthanubis> qman__, thx
[21:11] <failmaster> hey guys, i have a problem switching luks passphrase auth to key file based for root fs, details: http://askubuntu.com/questions/330660/what-is-the-correct-way-to-use-key-file-luks-authorization anyone?
[21:18] <fbdystang> Hi, does IMAP on port 143 require an MX record or an A record? Thanks
[21:20] <guntbert> fbdystang: neither
[21:21] <s0m3body> Well, it does require an A record, but the actual port doesn;t
[21:21] <s0m3body> doesn't *
[21:21] <fbdystang> guntbert: URL?
[21:22]  * s0m3body points out the fact that if you don't know what kind of record it needs, you shouldn't be setting up a mail server
[21:22] <fbdystang> s0m3body: right but does the external DNS see it as an A record?
[21:22] <s0m3body> fbdystang: what do you mean?
[21:23] <fbdystang> hehe, I am a noob but I already have it set up and working with pop3. Trying to get IMAP working
[21:23] <s0m3body> if you set an A record, every DNS (should) see it as an A record..
[21:23] <guntbert> fbdystang: are you talking about setting up a mail server? the client just needs to get the IP address, hence you would need an A record for the mail server
[21:23] <fbdystang> guntbert: Thank you , that answers my question :)
[21:23] <guntbert> fbdystang: if pop3 works the DNS is ok
[21:24] <fbdystang> I had my external DNS service pointing to my imap port as an MX record, and I think that is what is causing issues
[21:25] <s0m3body> yep
[21:25] <guntbert> fbdystang: DNS doesn't deal with ports at all
[21:25] <genii> Well, port 53 ;-)
[21:26] <guntbert> genii: splitting hairs? it *uses* 53 :-)
[21:27]  * genii slides guntbert a tasty coffee
[21:27] <guntbert> what I need now - before going to bed - hmmm
[21:29] <fbdystang> So, if IMAP comes in on an IP, not a port, how does it resolve to 143?
[21:30] <genii> fbdystang: The protocol itself... so the server listens on 143, and whatever client is trying 143
[21:35] <storrgie> Would anyone know where I should go with an issue like this: I've got a usb audio device (DAC) plugging into an ubuntu server build and the device appears to be disconnecting and reconnecting repeatedly (https://gist.github.com/storrgie/03b65e769de393e9cf0a)
[21:38] <sarnold> storrgie: in wild-guess land, perhaps it is waiting for a driver to download some firmware to the device?
[21:39] <sarnold> storrgie: do you know if it is supposed to work well under linux? can you run a usb sniffer of some sort under windows and see what it does? compare / contrast with a sniffer under linux?
[21:47] <storrgie> sarnold, I believe its supposed to work well under linux, however the manufacture doesn't support it working well under linux
[21:54] <storrgie> sarnold, I'm actually trying to email the engineer that worked on the usb interface to get some info from him
[21:54] <storrgie> I'm guessing its on their end
[21:55] <sarnold> storrgie: do re-check the docs to see if there is firmware or other userspace tools you need to run to make it work
[21:57] <storrgie> sarnold, thanks!
[22:16] <LargePrime> hey helpful ones.  installing open vpn using the 12.04 guide.
[22:16] <LargePrime> https://help.ubuntu.com/12.04/serverguide/openvpn.html
[22:16] <LargePrime> it fails at "source vars"
[22:17] <LargePrime> **************************************************************
[22:17] <sarnold> fails how?
[22:17] <LargePrime>   No /etc/openvpn/easy-rsa/openssl.cnf file could be found
[22:17] <LargePrime>   Further invocations will fail
[22:17] <LargePrime> **************************************************************
[22:17] <LargePrime> is ther error?
[22:17] <LargePrime> https://forums.openvpn.net/topic8819.html
[22:17] <LargePrime> has a fix
[22:17] <LargePrime> to just point at the config
[22:17] <LargePrime> any thoughts?  it that a good idea?
[22:21] <SuperLag> grub seems different than what I remember it
[22:21] <SuperLag> How do you change which kernel boots, by default, if several are listed in the menu.lst file?
[22:22] <LargePrime> sarnold: sorry i have been inturupted.  i'll be back in an hour.  hope you are here
[22:22] <LargePrime> and thank you
[22:48] <genii> SuperLag: Grub2 doesn't use menu.lst
[22:50] <genii> SuperLag: You have to edit /etc/default/grub file and add a line: GRUB_DEFAULT=#      ...where # is the entry you want to be default. Then sudo update-grub
[23:30] <failmaster> guys, where can i read about booting system over grub 2 related to detailed sequence, mostly about how it gets us into initrd image and how control being passed through stages of boot? please, sorry for my retarded english
[23:32] <genii> !grub2
[23:35] <failmaster> genii, i've been there, but from what i read i don't get the next thing: our initrd image is sotred on filesystem which normally has mount point at /boot later on a booted system, i need to have a clue on how it gets mounted from the very first stages and when it becomes accessible and from which mount points (if there are some others but /boot as far as i know there are none)
[23:36] <sarnold> failmaster: grub2 can understand a lot of different types of filesystems
[23:37] <sarnold> failmaster: so it can read initrd and kernel images off of filesystems without needing the disk blocks hard-coded (as lilo required)
[23:37] <failmaster> sarnold, yeah i know that, at least it comes as a conclusion due to the fact it needs fs modules necessary to read from that /boot device it's installed on
[23:39] <failmaster> sarnold, what i don't understand is why people telling me that there is no way my bootloader media is mounted and accessible during initrd stage
[23:43] <genii> The full official documentation is at http://www.gnu.org/software/grub/manual/grub.html
[23:44] <failmaster> same problem trying to make rootfs device unlocked on boot using keyfile /boot/key but today, one guys gave me a tip, saying it shouldn't work like that http://askubuntu.com/questions/330660/what-is-the-correct-way-to-use-key-file-luks-authorization
[23:44] <failmaster> genii, oh, thanks, sorry for being banned in google lol
[23:48] <LargePrime> sarnold: I am back
[23:50] <sarnold> hey LargePrime, any luck?