[04:28] <diddledan> one more day till the end of the world, otherwise known as ubuntu release day
[04:28] <daftykins> oh deary me
[04:28] <daftykins> what are you doing up diddledan ?!
[04:28] <diddledan> daftykins: didn't go to bed :-/
[04:28] <daftykins> D:
[04:29] <daftykins> would you like to see a picture?
[04:29] <daftykins> here is my friends trap-like home:
[04:29] <daftykins> https://www.dropbox.com/s/2yjdj6vtc8sq0hs/IMG_20131016_012728.jpg
[04:30] <daftykins> toilet... hole to certain death
[04:33] <diddledan> doubleyoo tee eff
[04:33] <diddledan> that's twisted
[04:34] <daftykins> inorite
[04:34] <diddledan> what's down there?
[04:57] <daftykins> mostly that friends central heating systems etc.
[04:57] <daftykins> and two flats they rent out
[05:16] <daftykins> bed time!
[06:53] <popey> Myrtti: awww http://imgur.com/6oBRyyr
[06:54] <Myrtti> awwww
[07:10] <popey> directhex: bee and puppycat is odd
[07:12] <MooDoo> morning all
[07:18] <diplo> Morning all
[07:20] <MooDoo> orning dipl
[07:21] <MooDoo> oh I give up with spelling today
[07:26] <diplo> hah
[07:26] <diplo> Morning mate
[07:32] <TheOpenSourcerer> yo
[07:33] <MooDoo> howdo TheOpenSourcerer
[07:42] <BigRedS> Gooood Morning!
[07:48] <popey> Your new giant time waster is.. http://orteil.dashnet.org/cookieclicker/
[07:53] <BigRedS> Haha, I spent 20 billion cookies on a grandma yesterday
[07:54] <popey> ☻
[07:59] <BigRedS> I think I've spent more clock cycles on generating cookies in the past couple of weeks than I have ever contributed to scientific research
[08:03] <Myrtti> I'm so excited .____________.
[08:07] <SuperMatt> and you just can't hide it?
[08:07] <SuperMatt> release party tomorrow \o/
[08:10] <BigRedS> Ah yeah, I need to make sure I leave at a reasonable time this time
[08:10] <BigRedS> I know I say that every time, but this time I do actually have stuff to do on the Friday
[08:11] <BigRedS> and, yeah, I say that each time, too
[08:17] <bigcalm> Good morning peeps :)
[08:24] <Myrtti> SuperMatt: nope, too excited!
[08:24] <Myrtti> http://i.imgur.com/RtbbB.gif
[08:25] <SuperMatt> I'm looking forward to the release party
[08:25] <SuperMatt> I won't be drinking though, I've given up (again)
[08:25] <Myrtti> oh yeah there's a release day tomorrow
[08:25] <Myrtti> we'll be on the road
[08:25] <Myrtti> a roadtrip to the office, no less
[08:26] <bigcalm> Wow, forgot that tomorrow is Thursday. I have no idea when I am
[08:27] <Laney> Frundesday
[08:27] <Myrtti> bigcalm: dun dun DUUUUNNNN
[08:28] <bigcalm> Myrtti: 1st day back in the office to do work. As much as I hated being ill, I did get used to not having to think about days of the week
[08:29] <bigcalm> Morning JamesTait. What day is it today?
[08:30] <SuperMatt> Oscar Wilde was born in 1854
[08:31] <SuperMatt> Boromir reaches Rivendell
[08:31] <SuperMatt> apparently
[08:31] <SuperMatt> and apparently tomorrow is the Council of Elrond
[08:32] <Myrtti> ooohhh!
[08:33] <Myrtti> Boromir.
[08:33] <funkyHat> Aw man, I knew there was somewhere else I was meant to be
[08:33] <SuperMatt> at the council of Elrond?
[08:33] <funkyHat> Yes
[08:34] <SuperMatt> well you have a day to get to Rivendell
[08:34] <SuperMatt> get cracking
[08:34] <JamesTait> Good morning all; happy Global Dignity Day! :-D
[08:34] <Myrtti> in case anyone is interested in a Philips wet and dry shaver, there's one on Amazon lightning deals in half an hour. I'll be trying to get one for D myself.
[08:34] <SuperMatt> if you go by car it shouldn't take you anywhere near as long as it took frodo
[08:34] <SuperMatt> JamesTait: you just listed all the things I don't havae
[08:34] <SuperMatt> -a
[08:35] <JamesTait> SuperMatt, maybe Feral Cat Day works better for you?
[08:35] <SuperMatt> yes thanks
[08:35] <JamesTait> \o/
[08:37] <brobostigon> good morning everyone,
[08:38] <bigcalm> Myrtti: do you have a link?
[08:39] <Myrtti> bigcalm: http://www.amazon.co.uk/deals-offers-savings http://www.amazon.co.uk/gp/product/B00D84IPF2/
[08:41] <bigcalm> 100 quid now, what is it likely to be in the lightning deal?
[08:41] <bigcalm> The deals-offers-savings link you pasted doesn't work for me
[08:42] <bigcalm> Aha, I see
[08:42] <bigcalm> Works via the site with extra gubbins
[08:42] <bigcalm> I'm in need of a new shaver
[08:43] <Myrtti> I'd say probably 60-70
[08:44] <jpds> bigcalm: https://www.amazon.co.uk/gp/product/B008PPGHOA/
[08:45] <jpds> Note that you do NOT want the newer version.
[08:46] <Myrtti> oh man that page fails to load fully
[08:46] <Myrtti> jpds: why?
[08:47] <Myrtti> lolok "But more importantly, if you ever run out of charge mid-shave, there's no way of using it off the mains! It's cordless only."
[08:48] <Myrtti> oh man, the leafblowers are back
[08:48] <Myrtti> abandon all hope all ye who enter
[08:50] <bigcalm> My current shaver is mains only as well :(
[08:51] <Myrtti> yes well that's the exact opposite
[08:58] <bigcalm> Oops
[08:58] <bigcalm> I mean doesn't work when plugged into mains
[08:58] <bigcalm> I r ill?
[08:59] <bigcalm> 50s, hope it's a good deal
[08:59] <shauno> rewriting my windows keymap to support all the deadkeys I'm used to.  newfound appreciation for how weird keyboards are, but still too sober to try to this in xkbd (one day ...)
[09:00] <bigcalm> 80 quid...
[09:00] <bigcalm> Is it worth it?
[09:00] <Myrtti> dunno
[09:01] <bigcalm> Ooo, with the trimmer attachment, I wonder if Hayley will cut my hair with it
[09:02] <Myrtti> Dunc said he'd be fine if it's about 50quid
[09:02] <Myrtti> before he boarded his plane
[09:02] <jussi> Myrtti: is he flying to TRE or HEL ?
[09:02] <Myrtti> tre of course
[09:03] <Myrtti> Stanstead and Pirkkala are so much closer than Heathrow/Luton/Gatwick and Helsinki
[09:03]  * bigcalm drops it from his basket
[09:04] <Myrtti> bigcalm: yeah I'm not sure it's worth it either
[09:07] <bigcalm> Myrtti: thanks for pointing it out though :)
[09:07] <bigcalm> I might look in on the deals now and then
[09:08] <DJones> Heh, I ordered that shaver from amazon a couple weeks ago, ended up cancelling the order because they couldn't deliver it & getting a different one
[09:10] <SuperMatt> I won't buy an electric shaver unless I can run ubuntu on it
[09:11] <SuperMatt> also, I would have to actually have to be able to grow a beard
[09:11] <SuperMatt> my baby face doesn't allow it
[09:16] <popey> i have hairdressers clippers
[09:16] <popey> more robust
[09:19] <bigcalm> popey: I'm guessing they don't see much action going by a recent mocking of your hair ;)
[09:19] <popey> :D
[09:19] <popey> i only use it for beardy
[09:19] <jussi> hehe
[09:20] <jussi> popey: I have those also for hair. need to dig them out again, getting to be a bit of a mop
[09:30] <shauno> I had to get rid of my clippers.  poor impulse control.  More than once I woke up with a hangover and a conscript-cut.
[09:30] <bigcalm> Hehe
[09:31] <bigcalm> Until reading the whole line, I thought your clippers worked on impulse power
[09:31] <shauno> that could be dangerous
[09:31] <bigcalm> Impulse power only Mr Crusher
[09:32] <MooDoo> make it sew
[09:33] <shauno> I've been trying to grow my hair back out for years.  but it seems to go through the stages of short, the 60's, urgh, the 70's, and then long.
[09:33] <shauno> it's not so easy to get through the middle stages without getting sick of it and lopping it all off
[09:34] <Laney> it's been ten years since i had my hair cut :O
[09:34] <jussi> I hate having hair longer than a few CM
[09:35] <jussi> oh, if there any kubuntu'ites here we now have polo shirts for sale :D
[09:35] <shauno> I miss long hair.  but in between short and long, thar be dragons
[09:35] <bigcalm> I don't miss having a mop
[09:35] <bigcalm> My hair grows quickly and thickly. Not good for anything
[09:37] <directhex> my hair doesn't grow long, it grows curly
[09:37] <directhex> sideways nonsense
[09:39] <jpds> Myrtti: Newer version has less battery life+lower quality blades.
[09:40] <Laney> oh hoorah
[09:40] <Laney> the spotify native client started working again
[09:40] <popey> what version you on?
[09:41] <popey> i feel i should have an update somewhere
[09:41] <popey> 1:0.9.4.183.g644e24e.428-1
[09:41] <Laney> 0.9.4.183.g644e24e0
[09:41]  * popey squints
[09:41] <Laney> i copied it from the about dialog
[09:41] <Laney> different machine
[09:41] <directhex> git tag in ordered version number
[09:42] <directhex> OH GOD HOW DO I COMPUTER
[09:42] <popey> \o/ crashed
[09:42] <Laney> mainly checked because i noticed that lastfm scrobbling from the web client was knackered
[09:43] <Laney> http://www.last.fm/user/lan3y/now
[09:43] <Laney> ace of base :>
[09:43] <popey> http://www.last.fm/user/popeydc/now
[09:43] <popey> ☻
[09:44] <BigRedS> I've had the Top Gun soundtrack on loop for a while, I'm not going anywhere near Last.fm for a bit
[09:46] <Myrtti> jpds: right
[09:46] <shauno> BigRedS: that's why I don't 'scrobble'.  some things shouldn't be admitted in public :p
[09:46] <Laney> be proud
[09:46] <ixxvil> hi
[09:46] <MooDoo> hi
[09:46] <popey> hi
[09:46] <Laney> hi
[09:46] <Dave2> hi
[09:47] <bigcalm> Hi
[09:47] <ixxvil> how do i set ubuntu t alert me of security updates in the terminal
[09:47] <bigcalm> apticron
[09:47] <ixxvil> my previous vps had something like that during login
[09:47] <MooDoo> bigcalm: oh you had to be different ;)
[09:47] <popey> sorry, we can only do "hi"
[09:47] <popey> yeah, there's a motd thing that pops up on login?
[09:47] <bigcalm> MooDoo: sorry, can't help myself
[09:47] <ixxvil> but i figured this was a default ubuntu thing
[09:47] <ixxvil> yeah
[09:47] <bigcalm> apticron
[09:47] <ixxvil> it used to tell me of security updates and recommended updates
[09:47] <popey> does that update motd bigcalm ?
[09:48] <ixxvil> what
[09:48] <bigcalm> popey: does for me
[09:48] <directhex> yes, i know that, hang on
[09:48] <directhex> something related to landscape iirc
[09:48] <Myrtti> http://www.last.fm/user/myrtti wheee
[09:49] <ixxvil> oh i need motd?
[09:49] <ixxvil> how do i install that
[09:49] <jpds> ixxvil: Yes, the feature is called 'update-motd'.
[09:49] <Laney> Your musical compatibility with myrtti is Low
[09:49] <Laney> :(
[09:49] <jpds> ixxvil: sudo apt-get install update-motd
[09:49] <directhex> update-notifier
[09:50] <directhex> hm, just in update-notifier-common
[09:50] <ixxvil> ok installed it
[09:50] <shauno> appears to be update-notifier-common on mine, but I expect one requires the other?
[09:50] <popey> Received disconnect from 127.0.0.1: 2: Too many authentication failures for alan
[09:50] <ixxvil> relogged in to my ssh, not seeing it
[09:50] <popey> oof
[09:50] <MooDoo> oops
[09:50] <ixxvil> do i need to set it up?
[09:51] <bigcalm> http://paste.ubuntu.com/6244774/
[09:51] <ixxvil> jpds: not seeing it during login after installation
[09:52] <ixxvil> ooh i need to write a script
[09:53] <bigcalm> Is what I have been suggesting not what is required?
[09:53] <ixxvil> are you talking to me
[09:54] <bigcalm> ixxvil: I use apitcron. The pastebin paste above is what I see when I log into my servers
[09:54] <ixxvil> yes thats it
[09:54] <ixxvil> thats the same thing i had previously
[09:54] <directhex> i'm sure that info is from landscape-client or something
[09:55] <ixxvil> i installed update-motd but it looks like i need to write a script
[09:55] <bigcalm> directhex: I don't use landscape
[09:55] <directhex> bigcalm, neither do i
[09:55] <directhex> bigcalm, regardless, check dpkg -l \*landscape\*
[09:55] <bigcalm> Okay
[09:55] <shauno> you shouldn't need to write a script, update-notifier-common provides it
[09:56] <ixxvil> bigcalm: so instaled that
[09:56] <ixxvil> apticron
[09:56] <bigcalm> :)
[09:56] <bigcalm> ixxvil: sudo apt-get update;exit;login
[09:56] <ixxvil> ok i still see nothing
[09:56] <ixxvil> relogged in
[09:57] <bigcalm> Odd
[09:57] <bigcalm> I thought it came from apticron
[09:57] <ixxvil> just install apticron?
[09:57] <ixxvil> or i have to config it?
[09:57] <bigcalm> I know that apticron will email you daily if there are updates to install
[09:57] <ixxvil> E: Could not open lock file /var/lib/apt/lists/lock - open (13: Permission denied)
[09:57] <ixxvil> E: Unable to lock directory /var/lib/apt/lists/
[09:58] <shauno> my understanding is pam_motd should call run-parts /etc/update-motd.d/ at login, and you should have a 90-updates-available in /etc/update-motd.d/
[09:58] <bigcalm> ixxvil: you need to install it as root
[09:58] <ixxvil> oo
[09:58] <popey> no
[09:58] <bigcalm> ixxvil: you need to be root to install anything from the cli
[09:58] <popey> apticron sends email
[09:58] <bigcalm> no?
[09:58] <popey> ixxvil: is asking about login screen
[09:59] <ixxvil> so should i uninstall it and then reinstalll?
[09:59] <popey> update-motd is the thing that updates the motd, as mentioned by jpds ☻
[09:59] <ixxvil> if so how do i uninstall
[09:59] <ixxvil> popey: what bigcalm mentioned is exactly wht im looking for, the same thing
[09:59] <popey> hang fire dude
[10:00] <bigcalm> I thought it came from apticron, I could be wrong
[10:00] <popey> update-notifier-common is the thing that actually provides the script which gets updates
[10:00] <popey> so you need update-notifier-common and update-motd
[10:00] <ixxvil> i need to install these as root?
[10:00] <ixxvil> not sudoer?
[10:00] <popey> sudo apt-get install update-motd update-notifier-common
[10:00] <popey> done
[10:00] <ixxvil> motd is already done
[10:01] <bigcalm> Ah, just had a thought. I'm referring to server installs. Are you doing this on a desktop install? It might not include what I've been talking about by default
[10:01] <ixxvil> no ssh
[10:01] <bigcalm> ?
[10:02] <ixxvil> its not a desktop, it's a vps
[10:02] <ixxvil> and im doing via ssh
[10:02] <bigcalm> I have no idea then :(
[10:02]  * bigcalm goes back to pretending to work
[10:03] <ixxvil> yay
[10:03] <ixxvil> thanks
[10:03] <ixxvil> that worked
[10:04] <ixxvil> howeverim not seeing system info like in bigcalm 's paste
[10:04] <popey> thats from landscape-client I believe
[10:04] <ixxvil> and landscape isnt free last i checked
[10:04] <popey> yes, it is
[10:05] <popey> the client
[10:05] <ixxvil> oh so what would i be paying for
[10:05] <jpds> That's not landscape.
[10:05] <popey> you're right, it's not
[10:05] <ixxvil> oh
[10:05] <ixxvil> so what is it then
[10:06] <ixxvil> could that be the apticron thingy?
[10:06] <popey> no.
[10:06] <popey> apticron sends emails when there are system updates
[10:07] <ixxvil> ah
[10:07] <jpds> Stop guessing random things.
[10:07] <MooDoo> anyone going to linuxcon next week?
[10:07] <ixxvil> jpds: so what is it then?
[10:08] <jpds> ixxvil: 'man update-motd'.
[10:08] <ixxvil> http://askubuntu.com/questions/7949/where-does-the-system-information-information-come-from-on-login
[10:08] <ixxvil> landscape-sysinfo..
[10:08] <jpds> And everything comes from /etc/update-motd.d/ .
[10:09] <ixxvil> i have to install landscape-common
[10:09] <ixxvil> says that article
[10:09] <ixxvil> do i?
[10:09] <jpds> Yeah, why not.
[10:09] <jpds> You shouldn't actually need landscape-client.
[10:10] <bigcalm> If this was a server install, why isn't it all there by default?
[10:10] <bigcalm> I swear that I haven't had to configure this myself
[10:11] <popey> yeah, it's landscape-common, not landscape-client
[10:11] <popey> bigcalm: depends who created the vps image
[10:11] <popey> might not be stock
[10:11] <bigcalm> Okay
[10:11] <popey> often isnt on a VPS
[10:11] <ixxvil> yay
[10:11] <ixxvil> landscape-common it is
[10:11] <ixxvil> i did
[10:12] <ixxvil> its a fresh install of 12.04
[10:12] <ixxvil> with basic things
[10:12] <ixxvil> im not running 100 websites
[10:13] <ixxvil> wel thats odd
[10:13] <ixxvil> users logged in : 0
[10:13] <ixxvil> shouldnt it show me as 1?
[10:13] <bigcalm> I have Ubuntu 12.04.3 installed on a virtualbox vm from yesterday. I can confirm that apticron does not edit the motd. Sorry about that. Though I do wonder if apticront is running apt-get update on a daily basis - or is this done anyway on servers?
[10:14] <bigcalm> s/apticront/apticron
[10:15] <ixxvil> ok the user thing is 0 as usual
[10:16] <ixxvil> bigcalm: well for me apticron isnt going to do anything nless i install it as root so
[10:16] <ixxvil> i dont think its fetching anything for me at the moment
[10:16] <ixxvil> the one popey  and jpds mentioned seems to have done it
[10:16] <ixxvil> + commons
[10:17] <bigcalm> ixxvil: I meant that to install anything from the CLI one has to have elevated privileges. Either by being root or using sudo
[10:17] <ixxvil> oh right
[10:17] <ixxvil> i do
[10:18] <bigcalm> The line you pasted meant 1 of 2 things. 1. you were not root or didn't use sudo when you did apt-get install apticron. 2. you had another package manager running that was locking the file
[10:18] <bigcalm> The error line that is
[10:19] <ixxvil> i used sudo
[10:19] <ixxvil> but it says i need to be root
[10:20] <ixxvil> i installed apticron after installing update-motd
[10:20] <popey> ixxvil: you dont need to "be root", you just need to have the privs of root, which sudo gives you
[10:21] <ixxvil> right
[10:21] <ixxvil> but this is weird
[10:21] <popey> what is?
[10:21] <ixxvil> i get the system info now but not the security alerts
[10:22] <popey> maybe you have no pending security updates?
[10:22] <ixxvil> if so shouldnt it say at the bottom?
[10:22] <ixxvil> : 0?
[10:22] <bigcalm> No, it doesn't appear to do so
[10:22] <bigcalm> If you run sudo apt-get update; exit; login
[10:22] <popey> 0 packages can be updated.
[10:22] <popey> 0 updates are security updates.
[10:22] <bigcalm> You will then see the magic numbers again
[10:22] <ixxvil> yeah i dont see that
[10:23] <bigcalm> I don't always see the numbers if I've recently logged in or run dist-upgrade I think
[10:23] <ixxvil> i jsut ran that
[10:23] <ixxvil> it fetched a bunch of stuff
[10:23] <popey> so you have no updates?
[10:23] <ixxvil> and logged me out
[10:24] <popey> http://reviews.cnet.co.uk/video-streamers/sky-now-tv-box-review-50011842/  +  http://community.mediabrowser.tv/permalinks/14670/guide-to-installing-mediabrowser3-onto-the-now-tv-box
[10:24] <bigcalm> So if you now ssh back into the server, you might see something
[10:24] <ixxvil> ah it shows up now
[10:24] <popey> looks interesting
[10:24] <ixxvil> 59 packages can be updated.
[10:24] <ixxvil> 25 updates are security updates.
[10:24] <bigcalm> Right
[10:24] <ixxvil> for updating those 25 seurity updates
[10:24] <ixxvil> how do i do it
[10:25] <popey> sudo apt-get update
[10:25] <popey> sudo apt-get dist-upgrade
[10:25] <ixxvil> oh
[10:25] <ixxvil> ok
[10:25] <Dave2> that would pull in all of the updates though
[10:25] <bigcalm> Am I thinking that apticron does a daily "apt-get update" or should that already be happening?
[10:25] <popey> true
[10:25] <popey> it already happens
[10:26] <ixxvil> lright thx
[10:26] <popey> as I said (a few times) apticron is for mailing you when there are updates ☻
[10:26] <ixxvil> which bigcalm does
[10:26] <ixxvil> i saw that in the paste
[10:27] <popey> ya, i do as well
[10:27] <ixxvil> ye im not superanal about that unless i was a sysadmin
[10:28] <ixxvil> one last thing
[10:28] <ixxvil> you guys got a decent iptabnle ruleset i can use?
[10:28] <davmor2> Morning all
[10:28] <ixxvil> the one that comes with my vps is absolute trash
[10:28] <jpds> ixxvil: ufw ?
[10:28] <ixxvil> it drops eveything
[10:28] <ixxvil> ye i heard about ufw
[10:28] <bigcalm> Morning davmor2
[10:28] <ixxvil> what is it
[10:28] <popey> $MORNING
[10:28] <jpds> !ufw | ixxvil
[10:28] <ali1234> why am i still playing this cookie game
[10:29] <davmor2> ali1234: because it's cookies
[10:29] <ali1234> this game reminds me a lot of eve online, except without the griefers
[10:29] <jpds> ixxvil: So, to allow SSH, you would do: sudo ufw allow 22; sudo ufw enable
[10:29] <popey> oh, crud
[10:30] <popey> left that running
[10:30] <ixxvil> oh my god
[10:30] <jpds> ixxvil: Then do: sudo ufw status verbose --- to see it running.
[10:30] <ixxvil> ufw is so easy
[10:30] <popey> 30 million cookies later
[10:30] <jpds> ixxvil: And that's the point. ;-)
[10:30] <ali1234> i am about to hit 500 million cookies
[10:30] <ali1234> there it goes
[10:31] <jpds> ixxvil: Of course, you can do: "sudo iptables -L -vn" to see what it does under the hood.
[10:31] <popey> heh
[10:31] <ali1234> ufw is good. it's syntax is a little confusing when you try to do advanced things like allow incoming connections only from one IP
[10:32] <BigRedS> is that an advanced thing to ask of a firewall?
[10:33] <ali1234> it is for ufw, yes
[10:33] <jpds> ali1234: Really?
[10:33] <ixxvil> so deny all and allow only 1 ip?
[10:34] <ixxvil> how do flush it like in iptables if something goes wrong
[10:35] <bigcalm> ixxvil: I hope you have a serial console to your VPS, just in case you lock yourself out with incorrect firewall rules :)
[10:35] <davmor2> ali1234: sudo ufw allow from <ip address> hows that hard?
[10:35] <ixxvil> bigcalm: you mean have to two opened at the same time?
[10:35] <ixxvil> ye i learnt that yday
[10:35] <jpds> davmor2: But no port.
[10:35] <ixxvil> cause i messed up on iptables twice and couldnt ssh back in
[10:36] <ixxvil> it DROPPed everything
[10:36] <ali1234> davmor2: that's not hard, but it also doesn't work
[10:36] <bigcalm> ixxvil: that's one way, but I do mean a serial console via a web interface provided by your hosting company
[10:36] <ixxvil> oh
[10:36] <jpds> ali1234: sudo ufw allow proto tcp from 192.168.0.1 to any port 22
[10:36] <ixxvil> like cpanel
[10:36] <ixxvil> ye i do
[10:36] <jpds> ali1234: That's what it is, it's in the man page.
[10:36] <ixxvil> mighthave to read up on ufw a bit
[10:36] <ixxvil> but it's certainly easier
[10:36] <ali1234> jpds: yeah. which is not the same as the "simple" syntax
[10:37] <bigcalm> I like rackspace's network policy manger for their cloud servers. That's a simple interface
[10:38] <ixxvil> thats simple
[10:38] <davmor2> ali1234: that's pretty simple in comparison to an iptables rule to do the same thing
[10:38] <ixxvil> compared to the weird flags in iptables
[10:38] <ixxvil> I ia i -A
[10:38] <ixxvil> and what not
[10:38] <ali1234> davmor2: i never said it wasn't i said it is the most complex thing ufw can do
[10:39] <ali1234> simple commands in ufw look like "ufw allow 80/tcp"
[10:39] <ali1234> you might expect that you can extend the simple commands like "ufw allow 80/tcp from <ip>" but this does not work
[10:40] <ali1234> instead you have to use the "extended" syntax which puts everything in a totally different order
[10:42] <ixxvil> whats the extended syntax
[10:48] <BigRedS> ixxvil: "ufw allow proto tcp from 192.168.0.1 to any port 22" at a guess
[10:49] <BigRedS> bigcalm: shorewall's got a lovely notion of 'safe-restart' which is a godsend on remote machines
[10:49] <BigRedS> it applies the new rules and prompts for a 'Y/N'; if it doesn't get that in a few minutes it reverts the rules
[10:49] <BigRedS> few minutes? I think it's 30 seconds actually
[10:50] <davmor2> ixxvil: https://help.ubuntu.com/community/UFW this is a good guide on ufw
[10:50] <ixxvil> tx
[10:50] <ixxvil> just wondering
[10:50] <ixxvil> ufw cant do rate limiting?
[10:51] <ixxvil> something like this - "I want to block everything for Z seconds after X connection in Y seconds
[10:54] <davmor2> http://serverfault.com/questions/368523/rate-limiting-with-ufw-setting-limits
[10:55] <davmor2> ixxvil: that was the first google hit for ufw rate limiting
[10:55] <davmor2> ixxvil: there were plenty of others if that was what you were after
[10:56] <ixxvil> ye
[10:56] <ixxvil> reading
[11:22] <popey> Noodles O'clock
[11:22] <ixxvil> alright later!
[11:24] <Laney> http://ubuntuone.com/0oxAT8t52o9p3U2wrtjUGP
[11:24] <popey> oops
[11:25] <Laney> was planned :-)
[11:25] <popey> i mean oops for the bandage
[11:25] <popey> i assume you didn't plan to hurt your toe
[11:25] <Laney> it's been ingrowing for years
[11:26] <Laney> finally decided to get it sorted
[11:30] <bigcalm> Ouch
[11:34] <mungbean_> not gonna click
[11:34] <bigcalm> mungbean_: nothing bad about the photo
[11:34] <bigcalm> Just feel ouch for Laney
[11:34] <mungbean_> my toe went manky and the doc couldn't grow a culture from it so not really sure what to do now
[11:35] <Laney> Should be smaller after Friday :P
[11:35] <Laney> want to know when I can go climbing again though
[12:04] <ixxvil> is it recommended to drop all incoming connections ?
[12:08] <BigRedS> Generally, yeah - default to dropping everything and then explicitly permit that which you actually want
[12:09] <ixxvil> thats the issue
[12:09] <ixxvil> i dunno want to permit
[12:09] <ixxvil> for outgoing
[12:09] <BigRedS> what sort of computer is this? a server?
[12:09] <ixxvil> vps
[12:09] <ixxvil> ive just got my site on it, nothing else
[12:09] <BigRedS> yeah, what's it doing?
[12:09] <ixxvil> just hosting a bunchof html, css, php pages
[12:09] <BigRedS> right, so you'll want to allow inbound connections to port 80
[12:09] <ixxvil> bootstrap
[12:09] <BigRedS> and perhaps 443 if you've got SSL
[12:10] <ixxvil> ye i do have ssl havent set it up yuet
[12:10] <BigRedS> you'll probably want to ssh in on port 22, too
[12:10] <BigRedS> and if you're not running any other services that's about it
[12:11] <BigRedS> Personally I wouldn't bother with outbound restrictions generally
[12:11] <BigRedS> safest is to block all of them and again open up holes as you need them, but wgets not JustWorking gets quite tedious pretty quickly
[12:13] <ixxvil> hold on
[12:13] <ixxvil> ssh is allowed
[12:14] <ixxvil> sudo ufw allow 2423/tcp
[12:15] <ixxvil> so for outbound deny all?
[12:15] <ixxvil> sorry
[12:15] <ixxvil> outgoing allow all?
[12:17] <BigRedS> I'd allow all outbound
[12:18] <BigRedS> and only permit inbound on ports 80 and 22
[12:20] <ixxvil> done
[12:20] <ixxvil> and for rate limiting sudo ufw limit 2323/tcp?
[12:21] <ixxvil> cause i changed the ssh port, nt sure why but i did
[12:24] <ixxvil> just one last thing
[12:24] <ixxvil> i was allow certain incoming like ssh and 80
[12:24] <ixxvil> but if i set the rule now to deny all incoming
[12:24] <ixxvil> which would have more precedence?
[12:24] <ixxvil> or it doesnt matteR?
[12:26] <ixxvil> also in the ufw status, why does it replicate the same rules twice?
[12:26] <ixxvil> is it replicated for both incoming and outgoing?
[12:33] <Azelphur> Does Ubuntu touch run on the N7 2013 (dual boot) yet?
[12:38] <mungbean_> anyone know why i get "insufficient storage space available" on my tablet when installing twitter app?
[12:38] <mungbean_> i have loads of space
[12:39] <Azelphur> mungbean_: which tablet
[12:39] <mungbean_> touchpad
[12:39] <Azelphur> (os, really)
[12:39] <mungbean_> runnig cm
[12:39] <Azelphur> mungbean_: checked settings > storage?
[12:39] <mungbean_> 4.1.2
[12:39] <daftykins> check the status of the /data partition
[12:39] <mungbean_> 149MB internal availabel, 1GB SD card available
[12:40] <mungbean_> most other apps update OK some don't
[12:40] <daftykins> #cyanogenmod-touchpad <--- may be more use
[12:40] <daftykins> i own one but i'm still running CM9
[12:43] <mungbean_> twitter app is utter fail
[12:43] <mungbean_> used to use tweetdeck but they blocked it. but i have to sign in with password every time i reboot my phone
[12:46] <mungbean_> fixed the install issue
[12:46] <mungbean_> moved the kindle app to sd card, even tho i had loads free already
[12:47] <daftykins> anyone done much by way of diagnosing freezing (mid-2010) macbook pros?
[12:47] <daftykins> i don't even know any apple channels on yonder freenode
[12:48] <daftykins> certainly my usual PC experience applies - so my first step would be to memtest this sucker once i'm near it later this afternoon
[12:52] <popey> mine used to freeze sometimes
[12:52] <popey> it's a 2010 MBP 13"
[13:00] <daftykins> popey: core 2 duo sucker? trouble is the variables are that i put an SSD in and doubled the RAM for this-un
[13:00] <mungbean_> i sold a broken powerpc macbook so a fiver
[13:01] <mungbean_> broken mobo, broken power switch, no disk, no ram
[13:04] <popey> yeah, mine is a c2d, still in daily use by wifey
[13:06] <popey> daftykins: i identified the problem as a manky chrome install
[13:06] <daftykins> oh really 0o
[13:06] <popey> had to do a lot of clearing up to wipe it away and start again
[13:06] <daftykins> i'll give the ol' fix permissions thing a run anywho
[13:06] <popey> been fine since
[13:07] <daftykins> this'un doesn't use anything besides Safari
[13:07] <popey> initially thought it was overheating given it's on wifeys lap
[13:07] <daftykins> heh
[13:17] <bigcalm> Is there much difference between the latest snapshot of 13.10 and what will be released tomorrow?
[13:17] <bigcalm> Pondering installing it in a VM and having a play
[13:19] <BigRedS> I'd hope not
[13:19] <popey> nope
[13:19] <bigcalm> VMs are very pleasing
[13:22] <daftykins> no risk to VMs, why not do five! XD
[13:22] <daftykins> then have fun tomorrow as the repos crawl as usual :>
[13:25] <popey> not if you use a mirror
[13:25] <popey> I'm using goscomb which is super speedy
[13:30] <jpds> squid-deb-proxy++
[13:32] <shauno> it's a shame squid-deb-proxy doesn't work out of the box.  seems silly having to install from the public mirrors before you can get to it
[13:44] <bigcalm> I appear to have chosen goscomb as well
[13:44] <bigcalm> Or the mirror choose did
[13:44] <popey> http://www.polygon.com/2013/10/15/4843366/nintendo-2ds-teardown-reveals-its-big-single-screen-construction
[13:44] <popey> gosh
[13:46] <bigcalm> Goodness
[13:47] <bigcalm> Just got around to listening to the latest uupc. Still no mention of an event on the 25th. Maybe it'll be in next week's episode ;)
[13:48] <bigcalm> This is odd
[13:49] <bigcalm> Running the software updater in the vm. The details window is showing static content with no scroll bar. expanding/contracting the details area, using the icon, updates the content
[13:49] <bigcalm> But it's not actively updating the details area
[13:50] <bigcalm> davmor2: ^^
[13:50] <bigcalm> I don't know if this is a problem with the updater or the fact it's running in a VM
[13:50] <bigcalm> There's no scroll bar either
[13:51] <davmor2> bigcalm: update manager is naff all to do with me sunshine ;)  It scrolled here this morning on HW if that is any help?
[13:52] <bigcalm> :P
[13:52] <bigcalm> Fair enough
[13:52] <bigcalm> How on earth can you be too busy to come to the LUG tonight?
[13:54] <ixxvil> nyone knows where you change the ServerName from 127.0.0.1 to the hostname?
[13:54] <ixxvil> do I add line in sites-enabled with Servername localhost?
[13:59] <davmor2> bigcalm: I've no idea, right.  I mean it's not like there is a release or anything tomorrow.............Oh wait
[14:01] <bigcalm> davmor2: shouldn't everything have been frozen already so that tomorrow's release is nice and relaxed?
[14:02] <ixxvil> any ideas?
[14:39] <BigRedS> ixxvil: in Apache?
[14:39] <BigRedS> what's the larger problem you're trying to solve?
[14:39] <BigRedS> each virtualhost has exactly one servername
[14:40] <BigRedS> normally when you add a virtualhost it gets its own file in sites-available
[14:40] <BigRedS> and you neable it with a2ensite
[14:40] <ixxvil> oh i fixed it
[14:40] <ixxvil> thanks
[14:41] <ixxvil> BigRedS: trying to setup SSL
[14:42] <ixxvil> try8ing to get the private key but i need root and i forgot
[14:42] <ixxvil> so waiting on the admin
[14:46] <trilitheus>  /leave
[14:46] <trilitheus> \leave
[14:50] <diplo> Guys, SSL you have to give your number over
[14:50] <diplo> Does anyone know if it has to be a DDI or can it be a switchboard number ?
[14:51] <directhex> ?
[14:52] <diplo> Basically we're wanting to register an ssl cert for a customer
[14:52] <diplo> They want a contact number, a direct line number and as far as I know a business number will do, you don't need to give them a Direct line number
[14:53] <directhex> depends on the SSL vendor's automation levels
[14:53] <directhex> chances are the number will be used for EV
[14:54] <diplo> But if you can get hold of that person through generic reception that is the same thing imo, trying to find info on the web but not succeeding yet :)
[14:56] <BigRedS> our SSL people are out; I can check when they get back
[14:56] <diplo> yeah found it, so basically it needs to match with business register ( company house ? ) and whois
[14:56] <BigRedS> it'll be comodo's, but generally everything has to match something publically available - company registration, domain whois etc.
[14:56] <BigRedS> oh
[14:56] <diplo> So sounds to me like the main number to me ( can you tell this is the first time I've registered an official cert :D
[14:56] <diplo> So yeah what you said
[14:58] <directhex> we use 2 different registrars
[14:58] <directhex> startcom are cheap and mostly automated, but not particularly trustworthy
[14:59] <directhex> digicert are much nicer and shiner, but omgexpensive
[15:01] <diplo> OK thanks
[15:02] <bigcalm> We've used RapidSSL, can't comment on their trust level though
[15:02] <bigcalm> If you want to pay though the nose, go with VeriSign or Thwart
[15:03] <bigcalm> T - 9 days
[15:03] <bigcalm> \o/
[15:07] <dwatkins> people actually check WHOIS information?
[15:08] <Azelphur> I do
[15:08] <dwatkins> as do I, but I didn't expect that they would be checked 'officially' when registering an SSL certificate, I guess it makes sense, though.
[15:09] <dwatkins> it's also a handy way to look up the address of a friend of mine in Michigan
[15:09] <directhex> yes
[15:09] <directhex> with startcom, they only let you get certs for a domain if you can confirm that you receive email to the address in whois
[15:10] <BigRedS> yeah, I think comodo do that
[15:10] <BigRedS> I try to not go anywhere near that bit of ssls
[15:10] <MooDoo> i work in hosting so do all the time.
[15:11] <BigRedS> yeah, I put the certs in place, but we have People to do the ordering :)
[15:17] <diplo> I've found part of the issue, one of my colleagues is rectifying it now.
[15:17] <dwatkins> I work in support, when people ask me about the prices, I can honestly say I have no idea about that side of things and refer them to sales.
[15:20] <shauno> heh, we do the same, but it seems to be taking some internal pushing and shoving
[15:22] <dwatkins> I was told in a previous job that being a technical support representative, there were reasons why I shouldn't give out pricing information, some legal and some relating to current discounts I might not be aware of.
[15:23] <dwatkins> I'm much happier not having to deal with that sort of thing if it means I get the occasional question passed on to me about where customers have to go to find their invoice on the website.
[15:23] <directhex> i don't deal direct with clients
[15:24] <shauno> I'm happy enough that we don't touch sales at all, but someone's pushing us to call customers who's contracts are expiring, "just to make sure they're aware".  which is waay too close for my liking
[15:24] <shauno> and typically a very awkward call because even if they want to do something about it, I can't renew them
[15:25] <shauno> just one of those silly things where there's way too many people involved
[15:25] <dwatkins> shauno: yeah, that should be the job of the salespeople, for sure.
[15:26] <dwatkins> I was encouraged a few years ago to try and "upsell" things like hard disk replacements, which was always a pretty awkward conversation in itself when someone's machine is down because their disk has died.
[15:27] <dwatkins> "Would you like an 8GB disk as an upgrade?" "No, I just want the bloomin' thing to work again, and I can't spend any money myself anyway" was the usual way the conversation went
[15:28] <shauno> the biggest wall I hit is that we're looking at datacenter-scale customers, so the people I'm talking to are rarely the people sales want to talk to anyway.  and the people I talk to are just as wary of salesmen as I am
[15:28] <dwatkins> indeed
[15:36] <shauno> oh well.  place I'm interviewing for is even bigger, so better get used to it I guess
[15:39] <ixxvil> apache is so confusing
[15:39] <ixxvil> ive got no httpd.conf
[15:39] <ixxvil> and inside of apache2.conf there is nothing about ssl
[15:40] <ixxvil> any idea where you see or amend the SSL section in apache2.conf??
[15:40] <shauno> there won't be .. anything that's global will be in mods-available/ssl.conf, and anything that's site-specific will be in sites-available/
[15:40] <directhex> what shauno said
[15:41] <Dave2> what directhex said
[15:41] <directhex> mods-enabled and sites-enabled possibly more relevant though ;)
[15:41] <shauno> possibly ;)  I just grepped ssl because I don't know the filenames offhand, so grep answers the actual file rather than the symlink
[15:42] <ali1234> what happens if your domain registrar goes bust?
[15:43] <Dave2> I imagine you'd be able to transfer to somewhere else
[15:43] <ali1234> how specifically do you go about doing that though?
[15:43] <shauno> if it's a .uk, you can get nominet to sort you out for a small fee (10-quid-ish)
[15:43] <Dave2> I've had domains through a company that was so badly managed that ICANN stepped in
[15:43] <ali1234> supposing it's a .com...
[15:43] <Dave2> I think they gave you the option to transfer, or after a while they all got sent to godaddy
[15:45] <Dave2> Also, it's reasonably likely that if you're worried about your registrar going bust, they're probably just reselling someone else
[15:46] <shauno> I only know .uk offhand because I've been there, nominet will retag it for a small fee & proof of id
[15:47] <shauno> had some registrar that went pop in 2008 or so.  messy.
[15:47] <Dave2> I assume it wasn't RegisterFly
[15:47] <shauno> doesn't ring a bell
[15:48] <Dave2> They were the one that I mentioned that went down in flames
[15:48] <diplo> I had an email when 123 got bought out by whoever it is now saying it's all being transferred to X
[15:48] <Dave2> Bad flames
[15:49] <Dave2> Flames which resulted in the latest news on the customer panel being the owner's ex-partner saying how bad it was and how all customers should move away now before they get screwed out of more money (I rephrased it to be slightly more polite).
[15:50] <shauno> I wish I could remember who I had, but it was quite messy.  they were meant to renew with the card on file, didn't, and then offered to sell it back to me for just shy of 5 digits
[15:52] <shauno> well, 9 hours, and I finally have a keymap I'm happy with.  I really should look into translating this to xkbd some day
[16:01] <ixxvil> this is so damn confusing
[16:01] <ixxvil> everyone calls it httpd/conf
[16:01] <ixxvil> and then suddenly outta nowhere there's an ssl.conf hidden away
[16:02] <ixxvil> i just broke my shit
[16:02] <directhex> you're reading RHEL tutorials
[16:02] <shauno> you'll find this all-over the place in debian/ubuntu-land.  if you're expecting one big configuration file, and don't find it, take a look around.  it's almost always been broken down piecemeal
[16:03] <directhex> splitting into per-module and per-site config allows an entire site to be shipped with configuration, rather than "now, copy-paste this chunk into the single config file" in the manual
[16:04] <ixxvil> the ubuntu oneso my httpd.conf file where i can see the SSL section is actually ssl.conf?
[16:04] <ixxvil> so my httpd.conf file where i can see the SSL section is actually ssl.conf?
[16:05] <ixxvil> ther eis no mention of ssl.conf in like about 30 links ive been reading
[16:05] <ixxvil> everyone just refers to httpd.conf or apache2.conf
[16:06] <ixxvil> and for those using apache2.conf you have no httpd.conf but ive read cases where theyve created one for adding user modules into /conf.d
[16:06] <directhex> "everyone"
[16:06] <ixxvil> so goddamn confusing
[16:06] <shauno> there's a few paragraphs of comments at the top of apache2.conf that explain what you're looking at
[16:07] <directhex> modules are configured per-module. sites are configured per-site. this makes more sense than a single 3000-line config file
[16:08] <ixxvil> i cant find it on then top of apache2.conf
[16:10] <ixxvil>  SSLCertificateChainFile does this come with ssl.conf?
[16:10] <ixxvil> or with apache2.conf
[16:10] <ixxvil> the ssl.conf has none of it
[16:11] <bigcalm> You might have better luck doing your SSL config via vhost files
[16:12] <ixxvil> you mean sites-available?
[16:12] <bigcalm> That's where they should be stored, yet
[16:12] <bigcalm> There might also be a default-ssl vhost in there
[16:12] <ixxvil> ye
[16:13] <bigcalm> s/yet/yes
[16:13] <ixxvil> what about change namehosts in ports.conf?
[16:13] <ixxvil> NameVirtualHost
[16:14] <ixxvil> it says if you change it there which i have then you need to change it in default-ssl
[16:15] <directhex> ixxvil, certificates are per-site. if i host foo.com and bar.com i might have a different certificate file for both, with a different chain
[16:15] <directhex> so certificate configuration is per-site, logically
[16:15] <ixxvil> ive got just one site
[16:15] <bigcalm> You can have ssl directives in vhost config files. Makes sense to keep them together
[16:16] <ixxvil> which i have
[16:17] <ixxvil> i should be modify8in default-ssl?
[16:17] <BigRedS> no
[16:17] <BigRedS> you should be making a new vhost file for this one
[16:17] <BigRedS> well, you *can*
[16:18] <BigRedS> there's a lot of scope for opionion here, does anyone else look after this machine with you?
[16:18] <directhex> default and default-ssl is an example file
[16:18] <directhex> you're missing the point by editing it
[16:18] <ixxvil> no they dont
[16:24] <funkyHat> I thought there was also a per-host certificate if you support HTTP1.1 properly? Old browsers won't know to tell the host the hostname in the ssl handshake
[16:24] <directhex> yes, for http 1.1
[16:24] <directhex> so all those msie 2 users
[16:24] <ixxvil> ok so the default-ssl actually already has these SSL derivatives
[16:25] <ixxvil> so why is there a need to put it in the vhosts?
[16:25] <ixxvil> there's an entry for it already there in /default-ssl
[16:25] <ixxvil> jsut change extension and it should work?
[16:25] <directhex> change what extension?
[16:26] <ixxvil> SSLCertificateFile    /etc/ssl/certs/ssl-cert-snakeoil.pem
[16:28] <directhex> ixxvil, you want to serve using a self-signed autogenerated certificate?
[16:28] <ixxvil> is the default-ssl just a sample?
[16:28] <ixxvil> no i dont
[16:28] <ixxvil> i hjave a commercial one
[16:28] <directhex> default-ssl is a basic example config to serve /var/www over ssl, if you enable the ssl module
[16:29] <directhex> default is a basic example config to serve /var/www without ssl
[16:30] <ixxvil> as of now
[16:30] <ixxvil> which one do i need to edit
[16:30] <ixxvil> enabled?
[16:31] <directhex> site configs live in sites-available
[16:32] <directhex> the "a2ensite" command creates a symlink to them in sites-enabled
[16:32] <ixxvil> ye si did that enable that
[16:32] <directhex> (and a2dissite to delete those symlinks)
[16:32] <directhex> much like a2enmod enables modules from mods-available
[16:32] <ixxvil> ive enabled a2ensite
[16:33] <ixxvil> where do i add the virtualhost with the ssl directives ?
[16:34] <funkyHat> Actually IE6 doesn't support SNI, and apparently neither do IE7 or IE8 if you're on Windows XP
[16:34] <ixxvil> you said default and default-ssl were just samples
[16:35] <directhex> sigh.
[16:35] <directhex> okay, here's a freebie.
[16:36] <ixxvil> should i edit the SSl derivatives in default-ssl?
[16:36] <funkyHat> ixxvil: copy one of them to a new file (yoursite.com or something) and edit the details in the new copy? Then run a2ensite yoursite.com
[16:36] <funkyHat> Doesn't the file have a comment to that effect?
[16:36] <directhex> here's an example vhost: http://paste.debian.net/hidden/c4ebcfb8/
[16:37] <directhex> uses SSL with a cert chain, serves a basic path over ssl, redirects non-ssl to ssl, uses a specific vhost domain.
[16:37] <directhex> all the things you need.
[16:40] <ixxvil> the last part
[16:40] <ixxvil> the SSL engine on, etc
[16:41] <ixxvil> i have that already in the vhosts file
[16:42] <directhex> "the vhosts file"?
[16:42] <ixxvil> well in sites-available/default
[16:42] <ixxvil> a the very end ive added those ssl directives
[16:43] <bigcalm> ixxvil: at the end of the file or within the </VirtualHost> tag?
[16:43] <ixxvil> within
[16:43] <ixxvil> but at the very last
[16:43] <ixxvil> should i have to add #?
[16:44] <bigcalm> A # is a comment
[16:49] <bigcalm> ixxvil: it's possible that you are trying to configure systems that are currently at a higher level than your current knowledge allows. I suggest reading a tutorial such as: https://help.ubuntu.com/10.04/serverguide/httpd.html
[16:49] <bigcalm> Hopefully you will see that it's written for Ubuntu 10.04, but a lot of the information is still relevant
[16:50] <ixxvil> i had this working previously
[16:50] <ixxvil> but with the new vps things are a lil different
[16:50] <ixxvil> and the naming conventions clearly fucked things over a bit more
[16:51] <bigcalm> !ohmy | ixxvil
[16:51] <ixxvil> ye
[16:51] <ixxvil> sorry
[16:51] <ixxvil> been sitting at this crap for hrs now
[16:51] <ixxvil> and this isnt even my job lol
[16:53] <bigcalm> Aha, there is an updated version: https://help.ubuntu.com/12.04/serverguide/httpd.html
[16:56] <ixxvil> ye thats the issue
[16:56] <ixxvil> this one has a different approach to what my vps said
[16:56] <ixxvil> so i followe the vps method,didnt work
[16:58] <ixxvil> the commercial ssl method, didnt work
[16:58] <ixxvil> because of the naming thing
[16:58] <ixxvil> linode has it written differently about mucking aorund with ports.conf
[16:59] <ixxvil> and now we have this that goes back to modifying the virtualhosts file
[16:59] <ixxvil> i need coffee
[17:04] <bigcalm> popey: what was the command mentioned in Command Line Lurv that will open a file in the appropriate gui app?
[17:05] <popey> xdg-open <file>
[17:06] <bigcalm> Yay :)
[17:06] <bigcalm> Ta
[17:06] <bigcalm> I will forget it soon enough
[17:08] <ixxvil> so the issue is i kept modifying default
[17:09] <ixxvil> and then did a2enmod
[17:09] <ixxvil> my sites-enabled and default are the same now
[17:10] <ixxvil> i didnt create a copy and then modify it as your link says
[17:10] <ixxvil> or rather i didnt know
[17:11] <ixxvil> cansomeone paste me the sites-available/default config that comes without changes?
[17:11] <ixxvil> cause i made some changes and not sure how to revert to the original to fix things
[17:14] <bigcalm> ixxvil: I think you need to brush up on your google skills. Something like "ubuntu revert apache configuration to default" gives lots of help
[17:16] <ixxvil> ye reinstall
[17:40] <DJones>  @online accounts stop opening multiple blank browser windows to tell me that I need to reausthorise my account
[17:50] <ixxvil> ok
[17:50] <ixxvil> so sites-available/default vs sites-available/default-ssl
[17:50] <ixxvil> its the essentially the same thing but one is without ssl and the other is?
[17:51] <ixxvil> and i need to put all of them together in one file is that it?
[18:08] <ixxvil> ok i reverted things
[18:08] <ixxvil> 000-default is for port 80
[18:16] <ixxvil> yes!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
[18:16]  * ixxvil takes a few shots in the air
[18:26] <popey> heh
[18:28] <ixxvil> that took 6 hrs rofl
[18:28] <ixxvil> i coud've found 2 deisgn jobs by then
[18:29] <ixxvil> paid someone to fix this and still saved an hr
[18:29] <ixxvil> guess i learnt something though
[18:33] <ixxvil> thanks all!
[18:33] <ixxvil> you guys have been very patient
[18:40] <mungbean_> yay, got £12.50 in vouchers for filling in a survey that i suspect was spam
[18:40] <mungbean_> s/pect/pected/
[18:41] <mungbean_> was an unsolicited email sent to vmware customers \o/
[18:42] <ali1234> i've been getting a lot of weird email lately
[18:43] <ali1234> today i got one from http://www.gymnasticsuk.org/ which looks completely legit in that it is highly specific
[18:44] <mungbean_> usually i bin anything like that cos i get a lot of targeted stuff via linkedin ppl looking up my address in the public company directory
[18:45] <mungbean_> is there any point updating firmware on kindles?
[18:45] <mungbean_> the kindle app gets new features like "time to finish" but unsure about the hardware ones
[18:47] <ali1234> my mum's kindle would crash all the time until i updated the firmware
[18:49] <mungbean_> cant find changelogs
[18:50] <mungbean_> seems there's only been a minor udpdate since 2012 june
[19:40] <ixxvil> so ufw check, ssl check, what else
[19:40] <ixxvil> anything else for security?
[19:40] <ixxvil> ssh check
[19:49] <ali1234> if you are running a php cms, make sure you set it up right
[19:51] <ixxvil> ive got php running here and there
[19:51] <ixxvil> but not like a full grown cms