/srv/irclogs.ubuntu.com/2013/11/05/#ubuntu-server.txt

=== freeflying_away is now known as freeflying
=== Ursinha-afk is now known as Ursinha
=== Ursinha is now known as Ursinha-afk
michele2hi there00:39
michele2hi there00:40
sarnoldmichele2: hello; note that irc tends to be quiet unless there's something specific to discuss. :)00:40
=== Ursinha-afk is now known as Ursinha
=== kevireillyy is now known as kevireilly
=== peter is now known as Guest8108
MavKenI have installed 13.10 on my vps but others recommend not to use 13.10 on production server... do any of you use this version on production server?02:31
pmatulisMavKen: it depends what your needs are02:32
MavKenI host about a dozen static sites and a site that uses codeigniter02:33
MavKenso far, haven't had any issues.02:33
pmatulisMavKen: if 12.04 gives you want you want then use it since it's an LTS and is supported longer (until april 2017).  then again, 14.04, the next LTS, is out in 6 months so you might consider installing 13.10 and then do a single release jump to it and stick with it for 5 years02:34
sarnoldMavKen: probably the most annoying issue is that you'll have to upgrade in eight months or so.02:34
sarnoldMavKen: you may wish to consider upgrading to 14.04 LTS when it is available and you feel comfortable doing the upgrade, and sticking with that for a few years, to reduce the cost of maintenance / ownership02:35
MavKenyeah, since I have mostly static sites, I just zip them up, clean install os then unzip.. planning to install 14.04 once it is available02:35
wewI want to ask question how to grep in order to get only the essid and signal level when i issue the iwlist command.03:17
=== freeflying is now known as freeflying_away
=== freeflying_away is now known as freeflying
wewI want to ask question how to grep in order to get only the essid and signal level when i issue the iwlist command.03:27
pmatuliswew: man grep03:28
wewpmatulis: sorry for that question im a beginner in pmatulis at the moment i use this command "iwlist wlan1 scan | grep -e ESSID -e Signal"03:30
wew*beginner in ubuntu03:30
wewbut what i want to get is only the ESSID name and signal level and nothing else03:31
pmatuliswew: maybe pastebin the entire output of 'iwlist wlan1 scan'03:35
pmatulis!pastebin03:35
ubottuFor posting multi-line texts into the channel, please use http://paste.ubuntu.com | To post !screenshots use http://imagebin.org/?page=add | !pastebinit to paste directly from command line | Make sure you give us the URL for your paste - see also the channel topic.03:35
MavKenwhere can i edit the script that is used when a new user is created?03:40
pmatulisMavKen: you don't want to do that03:40
MavKenwhy?03:40
pmatulisMavKen: explain your rationale, you're prolly missing something03:41
MavKenin my /etc/skel folder I have public_html and then the twitter bootstrap framework... when I create a new user, I want the username to be inserted into a php file as the "project name" appearing the in title/navbar03:42
=== freeflying is now known as freeflying_away
pmatulisMavKen: i feel you're toiling around in the wrong boiler room.  sounds like you should be doing this with an external shell script03:44
MavKenso i would like config.php created in the process with the following line: <?php $site_title = "<username entered here>"; ?>03:44
pmatulisMavKen: editing system utilities is not the way.  these changes will conflict if the utility ever gets upgraded.  i also feel that you should separate the system-level stuff from application-level stuff03:46
wewpmatulis: this is the link http://pastebin.com/p1z7Y4YS03:47
wewhttp://pastebin.com/p1z7Y4YS03:47
MavKenok03:48
=== freeflying_away is now known as freeflying
=== silverf0x is now known as zz_silverf0x
=== gary_poster is now known as gary_poster|away
wewhello there can someone help me how to use grep in this problem given . http://pastebin.com/c01UX1B805:17
trupheenixhello. Are there any kind people here who can help me with postfix and sasl? I keep getting this error:     pwcheck_method: auxprop05:43
trupheenix    auxprop_plugin: sql05:43
trupheenix    mech_list: PLAIN LOGIN CRAM-MD5 DIGEST-MD5 NTLM05:43
trupheenix    sql_engine: pgsql05:43
trupheenix    sql_hostnames: 127.0.0.1, 192.0.2.105:43
trupheenix    sql_user: username05:43
trupheenix    sql_passwd: secret05:43
trupheenix    sql_database: dbname05:43
trupheenix    sql_select: SELECT password FROM users WHERE user = '%u'@'%r'05:43
trupheenixoops05:43
trupheenixsorr05:43
trupheenixy05:43
trupheenixI keep getting this error warning: SASL authentication failure: cannot connect to saslauthd server: No such file or directory05:43
sarnoldtrupheenix: is an saslauthd running? can you find what socket file postfix is expecting and see if anything else has that socket open? (lsof or fuser...)05:47
trupheenixsarnold, how do i do that? :(05:52
trupheenixsarnold, ok i got it. let me try05:54
sarnoldtrupheenix: hrmm, looks like things can be complicated here. Check out these urls for some additional reading: https://help.ubuntu.com/12.04/serverguide/postfix.html#postfix-sasl  and  https://help.ubuntu.com/community/Postfix#Authentication05:55
sarnold(the community guide looks a bit dated, I saw references to 6.06...)05:56
trupheenixsarnold, so what are you suggesting?05:56
trupheenixsarnold, ok let me figure out what file is postfix looking for05:56
trupheenixsarnold, I'm trying to use Cyrus SASL.06:03
trupheenixsarnold, but looks like now I will have to use DoveCot. DoveCot on POP3 seems to work OK.06:04
joosseecan anyone help me get my video card to work? firemv2400 im reading this but it is way above my paygrade: https://bugs.launchpad.net/ubuntu/+source/xserver-xorg-video-ati/+bug/109138006:06
joosseecan i revert to xorg 7.0 in 12.04?06:07
wewhello there can someone help me how to use grep in order to get only the signal level and ESSSID when issuing iwlist command ? thanks.06:14
webdev13hi guys , i dont know that much about linux commands and ubuntu07:32
webdev13i'm trying to add new virtualhost , but i have no idea how to do this on apache server07:32
sarnoldwebdev13: I hope this is helpful to you: https://help.ubuntu.com/12.04/serverguide/httpd.html#http-configuration07:33
webdev13sarnold , i already have virtualhost , system admin made it for me07:35
webdev13i want to add new one , i dont know which file  i should edit and how to access it ?07:35
PupenoHello.09:54
=== freeflying is now known as freeflying_away
=== alex88_ is now known as alex88
trupheenixcan anyone here help me with dovecot installation?11:35
trupheenixmy dovecot process doesn't seem to start at all11:35
trupheenixany postfix dovecot experts here?12:45
pmatulis!ask | trupheenix12:47
ubottutrupheenix: Please don't ask to ask a question, simply ask the question (all on ONE line and in the channel, so that others can read and follow it easily). If anyone knows the answer they will most likely reply. :-) See also !patience12:47
trupheenix!patience12:48
ubottuDon't feel ignored and repeat your question quickly; if nobody knows your answer, nobody will answer you. While you wait, try searching https://help.ubuntu.com/ or http://ubuntuforums.org/ or http://askubuntu.com/12:48
trupheenixok. So i have set up postfix+dovecot with postgresql as the backend store. I have setup postfix to use sasl authentication via dovecot. I have checked SMTP,POP3 and IMAP logins and they work fine. However now I have issue with mailboxes. Is it compulsory for dovecot to have home directories for each e-mail id?12:52
=== zz_Gurkenmaster is now known as Gurkenmaster
=== gary_poster|away is now known as gary_poster
=== freeflying_away is now known as freeflying
trupheenixmy postfix installation is not delivering mails to dovecot. Here is my postconf output: https://gist.github.com/anonymous/7318863 Here is my doveconf output: https://gist.github.com/anonymous/7318896 Finally here is my output from tail -f /var/log/mail.* when I send a mail: https://gist.github.com/anonymous/7318945 Can anyone tell me why postfix is not handing over the mails to dovecot and why am I getting a not delivered responder eventhough13:31
trupheenixthe us13:31
trupheenix <trupheenix> er exists on my server? I was able to send mails from this same user but now I cannot receive it. Any help would be appreciated.13:31
=== empty is now known as davidbowlby
=== Maple__ is now known as Guest7013
=== deav_ is now known as wl-deav
=== Guest7013 is now known as Mapley
=== Ursinha is now known as Ursinha-afk
jdstrandadam_g: hey, I think there was a breakdown in the process-- keystone 1:2013.1.4-0ubuntu1 dropped the fix for bug #1202952 that was in the security update for 1:2013.1.3-0ubuntu1.115:13
jdstrandadam_g: I mentioned that one in irc. I also mentioned another one15:14
* jdstrand goes to look15:14
jdstrandadam_g: actually, nm-- both patches are in there. the ChangeLog and debian/changelog didn't list one15:19
=== Ursinha-afk is now known as Ursinha
=== rharper_ is now known as rharper
NaGeLcan someone help me with this problem?15:53
NaGeLhttp://askubuntu.com/questions/371563/port-25-smtp-port-connection-refused15:54
babinlonstonim using kvm and other Distribution were installed as Guest operating systems  there are  /dev/sda6 , /dev/sda7 /dev/sda8 /dev/sda9 ,  there are upto /dev/sda15 available in my PC , i need to create a backup of /dev/sda6 to /dev/sda14 , if there is some issue i need to restore from that /dev/sda14 to /dev/sda6 , how can i Do it guide me to snapshot it ... I'm using LVM for /16:06
remix_tjNaGeL: try with netstat -alptn | grep 2516:08
remix_tjyou'll see if the mailserver is bound only to localhost16:08
remix_tjor to any address16:08
NaGeLtcp        0      0 0.0.0.0:25              0.0.0.0:*               LISTEN      12775/master16:09
NaGeLtcp6       0      0 :::25                   :::*                    LISTEN      12775/master16:09
NaGeLthats what i get16:09
remix_tjuhm strange16:12
NaGeLyes16:12
remix_tjand from your machine you cannot do telnet IP_OF_SERVER 2516:13
NaGeLtelnet: Unable to connect to remote host: Connection refused16:13
NaGeLthat is what i get16:13
ikoniaconnection refused is probably being blocked by the auth rules16:14
ikoniaeg: telnet localhost 2516:15
ikoniatry that16:15
NaGeLthat works16:15
NaGeLas the guide says i use dvecot for smtp auth and there is a line like this16:15
NaGeL# Disable LOGIN command and all other plaintext authentications unless16:15
NaGeL# SSL/TLS is used (LOGINDISABLED capability). Note that if the remote IP16:15
NaGeL# matches the local IP (ie. you're connecting from the same computer), the16:15
NaGeL# connection is considered secure and plaintext authentication is allowed.16:15
NaGeLdisable_plaintext_auth = yes16:15
NaGeLcan this be the problem?16:16
ikoniaNaGeL: ok, so it looks like it's only accepting connections to localhost/from localhost16:16
NaGeLnope.. set it to no, still connection refuised16:17
ikoniaset what to no16:17
NaGeLdisable_plaintext_auth = no16:18
ikoniayou're not getting that far16:18
NaGeLin dovecot16:18
ikoniadovecot is not your mail server16:18
NaGeLbut thats what i use for smtp auth.16:18
ikoniayou have a mail server running on port 25 that is only accepting connections to localhost16:18
NaGeLyes, and thats kinda problem.16:19
ikoniaright, so why are you looking at dovecot or user auth16:19
NaGeLdunno.. i have no idea where to look, i'm just trying out things.  and as i said i set dovecot's SALS as the smtp auth16:20
NaGeLOOOH smtps is working16:24
NaGeLcool16:24
NaGeLthen its better if the stmp is blocked becouse it will work only ina secure connection16:25
NaGeLthanks ikonia remix_tj  for the help!16:26
=== zhouqt is now known as gfrog
=== chmurifree is now known as chmuri
jcastrogaughen, ok I've approved another batch of blueprints16:34
jcastroI was thinking of scheduling either today or tomorrow, how do you feel you're getting on with them? Mostly done or still gathering?16:34
jrwrenNaGeL: who is your ISP? many ISPs (comcast for example) block outgoing port 25 in an effort to reduce spam from bot nets.16:37
=== cmagina_ is now known as cmagina
=== zhouqt is now known as gfrog
strixUK1hi.  i have a from-scratch ubuntu 12.04 server installation, and i am scratching my head why it doesn't perform comparably to the machine it's replacing (hostgator-configured, centos 5.9-based thing).17:43
strixUK1example: loading a 230-odd MB SQL dump takes 45 sec on new machine, and 30 sec on old.17:44
strixUK1any pointers as to what sort of tuning i should be looking at?17:44
strixUK1i've already compared active mysql configuration on the new box, and updated those parameters that needed it17:44
TheLordOfTimestrixUK1: why is a 15 second restore making you scratch your head...?17:54
TheLordOfTime15-seconds-difference *17:54
strixUK1because the machine is unloaded and a 50% extra load time indicates something isn't right17:59
ikoniait's not %50 load time17:59
strixUK1it's not the absolute difference that bothers me, but the relative difference17:59
ikoniaare the machine identical17:59
ikoniais it consistantly the same difference18:00
strixUK1yes, consistently the same (plus or minus small variation)18:00
ikoniaare the machines the same18:00
strixUK1the machines aren't really similar.  i'm not really sure what the spec of the old machine is because it's a hostgator dedicated box, and they're not particularly forthcoming about their machine specs.  the new machine is a slightly older cpu architecture, but it has more memory.18:01
ikoniathen why are you comparing them18:01
ikoniaand why do you think something is wrong18:01
strixUK1the other big differences are that the new box runs in a xen VM, where the old one is running in a qemu VM; and write latencies in the new box are maybe 2-3 times longer than the old machine.18:02
ikoniaa machine you don't know the spec of is slightly faster with a small import than a totally different machine18:02
strixUK1(if a 230 MB dump is 'small')18:02
ikoniait is18:02
strixUK1an sql search-and-replace operation takes about 70 sec on the old box and about 120 sec on the new, but that's very roughly comparable with the difference in sql load18:03
trupheenixhello ikonia can you help me with a problem I'm facing in postfix?18:03
ikoniatrupheenix: no idea.18:03
ikoniatrupheenix: ask the channel, some good people in here18:03
TheLordOfTimestrixUK1: if the machines are not identical, then you are comparing apples and oranges18:03
strixUK1if the new machine really is that much lower performance than the old, then there's nothing much i can do about it and will just live with it, but i'd like to ascertain that it isn't anything to do with the tuning or other configuration between the two18:03
TheLordOfTimeif the hardware is different, it's apples v. oranges.18:03
ikoniastrixUK1: why don't you forget the old machine, as it's a pointless comparison, and just look at what the new one is doing and see if you can make it better18:04
strixUK1TheLordOfTime: perhaps.  i'm not expecting identical performance, or even faster performance on the new box, but a 50% difference seems.. surprising.18:04
ikoniastrixUK1: why is it surprising, you don't even know the spec of the old machine18:04
TheLordOfTime^ that18:04
strixUK1ikonia: exactly, so my question is is there anything i should be looking at tuning-wise to improve upon?18:04
ikoniaa machine you don't know the spec of, is faster than a machine you do know the spec of, it's a pointless compariosn18:05
ikoniastrixUK1: you tune problems, looking for problems will indicate what to tune18:05
TheLordOfTimeexactly what ikonia said18:05
strixUK1because they're similar classes of machines, and i would not expect such a significant difference in performance, even if the new box is possibly a bit older18:05
TheLordOfTimeas long as the restore didn't cause any problems there's nothing to fix18:05
TheLordOfTimesimilar "classes" of machines have substantial variance inside their own class too you know18:06
TheLordOfTimeso unless you're comparing *identical hardware* your comparison is void18:06
ikoniastrixUK1: focus on the new machine, forget the old one, look for problems, fix problems18:06
TheLordOfTimeexactly18:06
TheLordOfTimeunless you're restoring 25MB SQL backup files every day it's not anything to worry about18:06
strixUK1what i do know about the old machine is the processor (Xeon(R) CPU E3-1265L V2 @ 2.50GHz), vs new machine (Xeon(R) CPU X3210  @ 2.13GHz)18:06
ikoniastrixUK1: you don't know that as they are virtual machines18:07
TheLordOfTime^18:07
ikoniathat is the host, not the guest18:07
strixUK1yeah, i just want to make sure that there isn't anything i can/should be doing with the new machine before i make it go live18:07
strixUK1right18:07
ikoniastrixUK1: yes, there is lots you can do with the new machine,18:07
ikoniastrixUK1: but you have to work out where the bottlenecks are and see if they are config or limitations18:07
ikoniaconfig can be fixed, limitations can't18:08
strixUK1hang on, the guest machines don't change cpu types?  (i'm in touch with one of the xen developers and can ask if necessary)18:08
strixUK1right, so that's my question.  what should i be looking at in terms of config of the new machine?18:08
ikoniastrixUK1: forget all that - just focus on making the new machine work as good as it can18:08
TheLordOfTimeexactly what ikonia said18:08
ikoniastrixUK1: look where your bottlenecks are that would be the first point18:08
strixUK1alright, how do i go about evaluating that sort of thing?18:09
ikoniadoing tasks and monitoring resources18:09
ikoniaseeing what tasks make what resources get utilized,18:09
ikoniaseeing if resources are maxed out for a period18:09
ikoniaseeing if that maxing out is causing wait on other resources18:09
strixUK1well, i can tell you that iostat doesn't indicate a lot of activity during this DB load18:09
ikoniastrixUK1: activity, no, wait ?18:10
strixUK1eg, the device containing / is mostly idle during the load with occasional bursts of 40-60 MB/sec18:12
strixUK1which i presume is because most of the write activity is sticking around in os cache rather than being flushed to disc18:12
ikoniastrixUK1: is the database on / ? is the backup being read from ?18:12
ikoniafrom /18:12
strixUK1yes and yes18:13
ikoniastrixUK1: what is the wait time on the device ?18:13
strixUK1not much read activity either, but again i presume the dump is in os cache18:13
strixUK1average await is around 30 ms18:14
ikoniaok, so that's almost half a second18:14
ikoniado you find that acceptable ?18:14
strixUK1(which, as i said earlier, is rather slower than the old machine, which is about 9 ms)18:14
strixUK1what's half a second?18:14
ikoniastrixUK1: ok, so why is there wait time, is it because it's waiting on another resource, is it because the disk device is slow, is it because the host the vm is running on is overutilized ?18:15
patdk-wkdo what?18:15
patdk-wk30ms == 500ms?18:15
ikoniaoops18:15
strixUK1right18:15
ikoniabad maths there18:15
ikonia300ms sorry18:15
patdk-wknormal time for a green disk is 15-30ms18:15
patdk-wknormal time for a 7200rpm disk is 8-12ms18:15
ikoniathe green ones I have are faster than that18:15
patdk-wkikonia, only if they are running in non-green mode18:16
ikoniapatdk-wk: so you mean from "standing start"18:16
patdk-wkpretty much18:16
ikonianever measured that to be honest18:16
patdk-wkjust let it idle for 30seconds :)18:16
patdk-wkwell, it should sleep after 11seconds or so18:16
patdk-wkthen access something random18:16
strixUK1again, the hardware is not new, and my host noticed that one of the pair (software raid1) was a bit slower than the other.  he's at the DC at the moment swapping out the slower one.  but the difference wasn't enough to account for 9ms vs 30 ms latency.18:17
strixUK1however, it could well be the speed of disc18:17
ikoniaraid1 will depend on the slowest disk18:17
ikoniaso it can delay writes18:17
patdk-wkidle with burts sounds like bad spots on the disk18:17
patdk-wkis that read or write load?18:18
patdk-wkwrite load shouldn't be affected18:18
strixUK1patdk-wk: or cache flushing18:18
patdk-wkif so, you did improper test :)18:18
=== zz_silverf0x is now known as silverf0x
strixUK1this machine has no load to speak of and it has 7 GB of memory, so it seems likely that most activity will be sticking around in cache18:19
strixUK1patdk-wk: i'm not particularly interested in disc performance because there's nothing i can actually do about that.18:19
ikonia7GB of ram....18:19
ikoniathat's an odd number18:20
patdk-wkoh?18:20
patdk-wkso what is the problem that is attempting to be solved then?18:20
strixUK1if this load operation is operating mostly from/to cache, then the difference in performance is accounted for not by disc but by OS config.18:20
ikoniastrixUK1: the disk performance seems a factor18:20
strixUK1hostgator doubtless tune their machines much better than me, hence why i'm wondering what bits of the OS might be relevant to this sort of activity18:20
strixUK1ikonia: it's a VM, albeit the only VM on the machine, hence the odd number.  the physical machine has 8 GB in it.18:21
strixUK1and i have done zero tuning of the base operating system (ubuntu 12.04 server), because i've never had to before.18:21
ikoniaso it's a 8GB physical machine allocated 8GB to a vm18:21
ikoniasorry 7 gb to a vm18:21
strixUK1right.18:21
ikoniawhy would you run that configuration, surly just using the host would be better18:21
strixUK1host's choice, i guess.  not completely sure why he wants this running in a VM, but that's what hostgator do, too.  (in their case, qemu, not xen)18:22
ikoniaok, just seems a bit odd18:22
strixUK1in principle, the VM could be migrated elsewhere for upgrade or whatever, but that doesn't really apply when the disc is local to the machine rather than on a SAN18:22
patdk-wkit does, you can migrate the disk and memory at the same time18:23
patdk-wkexpecially if they do a drbd of the disks between machines18:23
strixUK1yes, in principle, but i gather than migrating disc is a bit hairy ;)18:23
patdk-wkdunno :) do it in vmware every day18:23
strixUK1okay, well, that's the answer then i guess18:23
strixUK1malc hasn't said anything about block device replication, so i assume that's not happening.  he's a small operation.18:24
Msiwhat is like the top 10 home server usages?18:36
patdk-wkask google?18:44
geniiMsi: It probably varies according to need. The ones I commonly know of or use: remote access to CCTV systems, centralized file storage and access, SSH jump-off point to machines on the LAN inside the house, small web and email servers if you want to host your own with a static IP, home automation control.18:45
strixUK1and PVR/HTPC18:46
joosseeok its officaly: i hate the ubuntu desktop19:00
joosseewhats a good window manager for hands on server administration?19:01
joosseecan i install the mint one?19:01
geniijoossee: The usual convention is to run servers headless and administer them remotely by SSH at commandline, or by a web-based control panel like Zentyal or similar.19:05
patdk-wkyuk, web-based control panel?19:06
joosseegenli .. and I am noblely working towards that goal but in the interim i reallyneed to at least be able to open files as root :)19:07
sarnoldyeah if you want the yakuza to help you administer your machines :)19:07
sarnoldjoossee: sudo vim /path/to/filename   or sudo emacs /path/to/filename  ...19:07
joosseeok if xorg.conf does not exist i can create it and set params and xorg will use it?19:10
sarnoldyeah19:11
joosseeis it still used in 12.04 xorg? still at /etc/x11/xorg.conf ya?19:13
sarnold/etc/X11/xorg.conf -- note the X19:13
joosseeoh crap19:15
joosseeis there avim quick reference sheet thats good?19:15
genii!xorgconf19:16
ubottuThe /etc/X11/xorg.conf file is deprecated, but sometimes may still be needed to pass values to specific drivers. Generic xorg.conf generation: http://ubottu.com/y/xorgconf - ATI/AMD ( fglrx driver ) specific: http://ubottu.com/y/atiamd - NVidia ( nvidia driver )specific: http://ubottu.com/y/nvidia man xorg.conf for file structure and syntax.19:16
sarnoldgenii: neat :)19:16
sarnoldjoossee: 'i' to enter insert mode, <esc> to return to command mode; :wq<enter> to save and exit, :q!<enter> to quit without saving19:17
joosseegot it ty19:23
joosseeman trying to get my video card to dual screen is making me crazy19:23
sarnoldjoossee: oh, you're the guy who pasted that bug link last night "this is above my pay grade"... agreed, that looked like a problem ripe for driving someone crazy.19:25
geniijoossee: For graphical issues, you're more likely to find help in the regular channels like #ubuntu ( or if Mint, then #linuxmint-help on irc.spotchat.org )19:25
joosseeya i actuallykinda spam both at the same time :)19:26
joosseehere is more of a server question though: i wanna have a nice cirtualization server, i have 28GB of ram. Do i need a swap file? PS i use volume encryption19:28
Roryjoossee: You don't necessarily need a swap file/partition but if you have the space for one, there's absolutely no harm19:29
sarnoldjoossee: I like having swap partitions, if some unbacked memory is really unused, the kernel can shove it off to swap and use the memory for something more important. you won't want much swap _traffic_ on your system, but having some swap available is convenient.19:30
joosseeyes that what i figured19:30
joosseei am having some difficulty using encrypted partiions and a swap file on said partiions?19:30
joosseecan someone explain the relationship between LVM and encrupted partitions?19:31
sarnoldjoossee: note that VMs often require less 'ram' than a physical system would, because the host's block cache will provide for much of the 'caching' needs.19:31
joosseeinteresting19:31
xnoxjoossee: what's confusing between LVM and encrypted partitons?19:57
xnoxjoossee: encrypted volume can provide a single volume (device that one can format as a file-system or swap space).19:58
xnoxjoossee: lvm provides logical volumes, thus one can turn one device into something that can have multiple volumes without repartitioning.19:59
xnoxjoossee: typically one puts lvm VolumeGroup on an encrypted partition - such that despite single partition in the partition table, one has multiple logical volumes for various file systems / mount points / swap.19:59
joosseexnox, ty. so procedurally i create the encrypted partition and then a LVM inside of it?20:00
joosseeand within LVM i can have root fs and swapspace?20:01
xnoxjoossee: yes. Conceptually the correct terms are: hard-drive -> partition -> encrypted LUKS volume -> LVM's Volume Group (VG) -....> multiple LVM's Logical Volumes (LVs) -....-> formated with e.g. ext4, SWAP, etc.20:02
xnoxjoossee: not sure why you need to create it, as that's one of the automatic partitioning recipes options in both server and desktop installer.20:03
joosseexnox; multiple physical raid volumes. guided doesnt allow me to include them as /home20:03
xnoxjoossee: a tick box to encrypt whole install, or in server install it's one option down "Use full disk, setup lvm".20:03
joosseexnox; in 12.04?20:03
joosseedidnt see that20:04
joosseei will look again next go around\20:04
xnoxjoossee: enter manual mode, setup raid volumes as you wish, and then go back and partition automatically "Use entire disk, ecrypt + LVM"20:04
xnoxjoossee: so yeah with raid you want it different.20:04
xnoxjoossee: do you want everything encrypted or just /home ?20:04
joosseexnox; everything but /boot20:05
xnoxjoossee: well, that's everything =) at the moment /boot is always unencrypted.20:05
xnoxjoossee: are you following Ubuntu Server Guide?20:06
xnoxjoossee: https://help.ubuntu.com/12.04/serverguide/advanced-installation.html covers LVM and RAID.20:06
xnoxhm. encryption (LUKS) should be added.20:06
joosseexnox, no... i have done this a few time for bootsticks and whatnot20:06
joosseeand im familiar with hardware20:07
jamescarrprobably better suited here20:37
jamescarrW: Failed to fetch http://ppa.launchpad.net/ubuntu-x-swat/r-lts-backport/ubuntu/dists/raring/main/binary-amd64/Packages  404  Not Found20:37
jamescarrdid it change?20:37
=== mibofra- is now known as mibofra
joosseefinally got my FireMV 2250 working perfectly. thanks guys21:03
=== michele2 is now known as ycy
=== Gurkenmaster is now known as zz_Gurkenmaster
Silvio-Hey guys one of my sites was hit with a vuln: http://www.exploit-db.com/exploits/29290/, i updated my php using apt-get install php5, this brought my update to PHP 5.3.2-1ubuntu4.21 with Suhosin-Patch (cli) (built: Sep  4 2013 19:13:13)21:55
PatrickdkSilvio-, and what about it? it was fixed Thu, 03 May 2012 15:42:0822:06
Patrickdksince you didn't update your system for like, half a year, what do you expect?22:06
Silvio-how do i know if my current php is protected?22:06
Patrickdkhttp://people.canonical.com/~ubuntu-security/cve/2012/CVE-2012-1823.html22:07
Patrickdklearn how to read CVE's22:07
Patrickdkfixed in 5.3.2-1ubuntu4.1522:07
Silvio-yea i need too, but if i read that correctly i am patched22:07
Silvio-thank you22:08
=== gary_poster is now known as gary_poster|away
RorySilvio-: If your server was compromised, upgrading PHP will only close the door to future compromises, it won't un-hack you22:30
Silvio-ya i know it sucks, im trying to figure out what if the php has a backdoor22:33
sarnoldit need not be in php22:33
sarnoldyour best bet is to take the machine offline and redeploy a replacement22:34
RoryThat's the only way to be sure, unfortunately22:34
Silvio-damn22:34
RoryYeah it's a massive bummer22:34
sarnoldif you're curious what they've done, it might be worth investigating. just be careful what you do with the hard drive or filesystem images.22:35
Silvio-ya im just a dev, our it guy is gone until monday22:35
sarnoldyikes22:35
Silvio-ya i have some understanding but not much, i can see he was posting stuff eventually the server crashed22:35
Silvio-thats why i found out the site was down22:36
Silvio-that also might mean he wasnt able to do what he wanted so he killed the server?22:36
Silvio-or am i being too optimisic22:36
RoryId you're a dev, and there's a systems guy who is supposed to be in charge, I'd recommend letting the systems guy know immediately22:37
RoryIf*22:37
Silvio-i did tell him22:37
RoryWas it compromised and posting spam or something?22:38
RoryWhat was the actual nature of the hack?22:38
Silvio-basically im trying to secure this as best as i can for when he comes back22:38
Silvio-http://www.exploit-db.com/exploits/29290/22:38
Silvio-this is what he used22:38
=== jamescarr_ is now known as jamescarr
RoryYes but what did he do with it?22:38
RoryOh haha we've had that one too22:38
Silvio-sucks i dont know what was posted22:39
RoryOK let me re-phrase - how do you know you are compromised?22:39
Trudkohi guys, I am going to install bunch of stuff regarding Ruby On rails development on my env, thing is I done this few times already, including installation on ubuntu server. What is best way how to automate installation ? I need to install Ruby, apache, mysql, rbevn etc etc22:53
=== lifeless_ is now known as lifeless
sarnoldTrudko: you have many choices: you can configure preseed files if you're doing multiple installs, you can use juju charms if you want something suitable for 'private cloud' use, or you could use puppet or chef or shell scripts ...22:57
Trudkosarnold, what about capistrano?23:01
sarnoldTrudko: it's quite popular in the rails world, I've never used it myself. does cap make it easy to configure non-rails services?23:01
Trudkosarnold, not sure frankly I also heard about it from rails world23:01
sarnoldTrudko: I ha dthe impression it was more aimed at the gem bundles and database migrations and so forth -- but then I've never _used_ it. sorry. :)23:02
Trudkono problem :)23:02
joosseeis there a trick to getting an adapter into 5ghz modein ununtu 12.04?23:07
=== freeflying is now known as freeflying_away
=== gary_poster|away is now known as gary_poster
=== gary_poster is now known as gary_poster|away
=== freeflying_away is now known as freeflying

Generated by irclog2html.py 2.7 by Marius Gedminas - find it at mg.pov.lt!