jrwren | hazmat: i actually pitched removal of a number of packages recently :) | 00:01 |
---|---|---|
hazmat | jrwren, i'm primarily looking at lxc instances (including in cloud-instances), and minimizing seconds on container boot time, its easy to avoid via some container customizerization | 00:01 |
hazmat | jrwren, fair enough | 00:01 |
hazmat | its easy to do externally | 00:01 |
jrwren | hazmat: do you then git clone something to teh new instance? | 00:02 |
hazmat | jrwren, git is used internally by juju when deploying charms, but fair enough i'm snapshotting against a base image for the containers, easy enough to add there, out of curiosity what packages were you pitching to remove? | 00:03 |
jrwren | oh, a juju thing. | 00:03 |
jrwren | would make sense to have a jujuimg separate from cloudimg IMO | 00:03 |
hazmat | jrwren, basically i'm creating a base juju image from each series/release cloud image, i can add the extra package there just as easily | 00:04 |
hazmat | although it would be nice if lxc-attach would work with precise and hwe kernels.. ssh normalizes nicely across the containers. | 00:05 |
hazmat | by base juju image i mean container with btrfs snapshot for lxc-clone. the default cloud images have nothing in specific support of juju btw. | 00:09 |
=== freeflying is now known as freeflying_away | ||
jrwren | right. i know the cloudimg pretty well. | 00:19 |
jrwren | everything else you just said, i've no idea what you are talking about :) | 00:20 |
=== robbyf_ is now known as RobbyF | ||
mushtar | is this the right channel for discussing CloudInit, i.e. https://help.ubuntu.com/community/CloudInit ? | 00:58 |
lifeless | it's a fine channel | 01:00 |
lifeless | for that and many other things | 01:00 |
mushtar | oh good | 01:00 |
mushtar | is it possible to get cloud-init to run on my mac? | 01:01 |
mushtar | i want to be able to use write-mime-multipart | 01:02 |
mushtar | figured it out. bzr branch lp:cloud-init | 01:27 |
=== liam_ is now known as Guest46102 | ||
kirkland | jamespage: uh oh, what happened? | 03:38 |
MarGul | Hi I have just unstalled ubuntu server 12.04 and I have changed ip address to static (been pinging it from my laptop and I know its connected to my network). Then I installed nginx running the command aptitude install nginx. The version of nginx is 1.5.6. When I then, on my laptop, type in my servers ip address in my webbrowser I get nothing. | 04:23 |
MarGul | Im following the manual http://arstechnica.com/gadgets/2012/11/how-to-set-up-a-safe-and-secure-web-server/2/ | 04:23 |
crimsonmane | i need to re-do my certs ... i just ran through the steps i used the first time but it failed to change the cert as evidenced by the old data being present and not the new data. i used a different email address to make them stand out. | 05:11 |
anepanaliptos | hello.. | 05:30 |
anepanaliptos | dont tell me !ask, i know. just being kind. | 05:30 |
anepanaliptos | ok guys.. so this is what i want to do. I dont really understand lvms and the like, but i know what i want.. | 05:30 |
anepanaliptos | my old machine was a simple 1 disk setup, and while installing ubuntu i chose the guided partitoning and chose luks + lvm | 05:31 |
anepanaliptos | i want to do the same again, except this time, with two disks. and i want the "2nd disk" to be in teh LVM so i only have to type the key once. | 05:31 |
jkitchen | but not raid? | 05:32 |
anepanaliptos | lvm though seems to create one giant partion, like dynamic disks. i dont want that. i want one "partition" on the 1st disk, and the "other/storage" on the other | 05:32 |
anepanaliptos | correct. but no raid. | 05:32 |
jkitchen | they're separate PVs then | 05:32 |
jkitchen | no way around that | 05:32 |
anepanaliptos | um | 05:33 |
anepanaliptos | is there a way the "storage" disk can mount into the first group? | 05:33 |
jkitchen | you can mount things wherever you want | 05:33 |
anepanaliptos | (im at the guided screen if you wanna teamviewer and push the buttons, but i have a feeling you know what i want to do..) | 05:34 |
anepanaliptos | i dont mind how the "mounting process" happens, as long as.. see the reason why i want them seperate is so that i could possibly transport the second disk and mount it on another computer someplace. | 05:34 |
patdk-lap | anepanaliptos, why do that at all? | 05:35 |
patdk-lap | why *type the key* multible times? | 05:35 |
anepanaliptos | i dont want to. | 05:35 |
patdk-lap | then don't | 05:35 |
anepanaliptos | so how would i set it up so i dont have to? | 05:35 |
patdk-lap | there are many ways | 05:36 |
patdk-lap | I personally use a script to fetch the key | 05:36 |
patdk-lap | the script asks for the password to decrypt | 05:37 |
patdk-lap | it then uses that password to get the key | 05:37 |
patdk-lap | I store the keys in a gpg archive | 05:37 |
anepanaliptos | woah too complicated | 05:37 |
patdk-lap | :) | 05:37 |
patdk-lap | you could go lazy | 05:37 |
patdk-lap | just save the key onto your first disk | 05:37 |
anepanaliptos | ok what's that route look like? | 05:37 |
anepanaliptos | aa ok. | 05:37 |
patdk-lap | and reference that file to unlock the second | 05:37 |
patdk-lap | if first is locked, can't unlock the second | 05:38 |
anepanaliptos | ok. can that be done "near boot time" ? | 05:38 |
patdk-lap | near boot time? | 05:38 |
patdk-lap | what does that mean? | 05:38 |
anepanaliptos | that sounds better. | 05:38 |
anepanaliptos | before for example, apache2 starts up | 05:38 |
patdk-lap | no idea | 05:38 |
patdk-lap | it happens when disks mount | 05:38 |
patdk-lap | that is upto upstart | 05:38 |
anepanaliptos | perfect. | 05:38 |
patdk-lap | issues is, anyone that roots your server, has access to the decrypt key | 05:39 |
patdk-lap | so using a script, while much harder, is safer, by alittle bit | 05:39 |
anepanaliptos | hmm. | 05:39 |
anepanaliptos | hmmm. | 05:39 |
anepanaliptos | i think ill just type it twice. | 05:40 |
patdk-lap | what exactly are you protecting against? | 05:40 |
anepanaliptos | how do i setup luks without the volgroup stuff then? | 05:40 |
anepanaliptos | im trying to protect againt physical theft | 05:40 |
patdk-lap | then it doesn't matter | 05:41 |
anepanaliptos | so when you yank the power, you're done and you need the key again. | 05:41 |
patdk-lap | well, those are totally different | 05:41 |
lifeless | anepanaliptos: oh, so if people are serious about stealing kit they won't yank the power | 05:41 |
anepanaliptos | lifeless: lol. | 05:41 |
patdk-lap | the best way to steal it, is to root it and copy the data while it's up | 05:41 |
jkitchen | and nobody even knows | 05:42 |
patdk-lap | the system is much less protected when it's running | 05:42 |
lifeless | anepanaliptos: there are stock products that replace the power supply hot | 05:42 |
anepanaliptos | yeah im just talking about like a dumb theif stealing equipment. | 05:42 |
anepanaliptos | look, its my mailserver | 05:42 |
patdk-lap | then saving your key for the other disks in /etc, is safe enough | 05:42 |
anepanaliptos | im trying to "protect" against some "not nice people" accessing.. my mail. if it were to get siezed. | 05:43 |
patdk-lap | cause it's unlikely they logged in, and rooted your server to get those keys first | 05:43 |
anepanaliptos | that kind of thing. | 05:43 |
patdk-lap | siezed? | 05:43 |
anepanaliptos | but im happy with this solution too | 05:43 |
anepanaliptos | 23:42 < patdk-lap> then saving your key for the other disks in /etc, is safe enough | 05:43 |
patdk-lap | that implies people know what they are doing | 05:43 |
anepanaliptos | not really. local authoraties arent that smart. | 05:43 |
jkitchen | thermite trap | 05:44 |
jkitchen | problem solved | 05:44 |
patdk-lap | jkitchen, what triggers it? | 05:44 |
patdk-lap | not solved :) | 05:44 |
anepanaliptos | again, too technical. | 05:44 |
anepanaliptos | how do you guys protect your mail servers? | 05:45 |
jkitchen | patdk-lap: "oh shit" button | 05:45 |
jkitchen | :) | 05:45 |
jkitchen | tie it to your iphone "siri, nuke the drives please" | 05:45 |
anepanaliptos | when i had the first one, with only a physical raid, i felt "safe" with luks | 05:45 |
patdk-lap | personally, I have to insert a special usb stick | 05:45 |
patdk-lap | and type in a password | 05:45 |
anepanaliptos | ok. any things i can "rtfm" to help me setup something similar? | 05:46 |
patdk-lap | but, for email | 05:46 |
patdk-lap | it is much much more likely they tapped your internet connection | 05:46 |
anepanaliptos | eeh. still pointless. ssl. | 05:47 |
patdk-lap | what ssl? | 05:47 |
patdk-lap | smtp doesn't use ssl | 05:47 |
anepanaliptos | i use webmail. | 05:47 |
patdk-lap | so your email is safe until you send/receive | 05:47 |
anepanaliptos | yeah. i understand those rules. | 05:47 |
patdk-lap | till everyone starts doing dane/tlsa, I don't really get the whole encrypted email thing | 05:48 |
patdk-lap | if you secured your email, like with s/mime, or pgp | 05:49 |
patdk-lap | there would be no need for encryption | 05:49 |
patdk-lap | the only thing your somewhat protecting is your email history, from *before* they tapped your connection | 05:49 |
anepanaliptos | ohkay. | 05:49 |
anepanaliptos | so single disk it is that mounts the others via key. | 05:50 |
patdk-lap | well, the simple way is, use your password to unlock your root disk | 05:50 |
patdk-lap | then save the keys on your root disk, maybe like /etc/disk.keys/.... | 05:50 |
patdk-lap | and use those files to unlock the other disks | 05:50 |
patdk-lap | someone would have to copy those files first, to unlock the other disks | 05:51 |
patdk-lap | or have the password to unlock the first disk | 05:51 |
patdk-lap | that is the simple way | 05:51 |
patdk-lap | any other way, gets into messing with initramfs, and that isn't much fun | 05:51 |
anepanaliptos | yeah. i think that way is best. | 05:52 |
patdk-lap | s/best/acceptable/ | 05:53 |
anepanaliptos | and as far as the whole email thing, there is MX tls | 05:53 |
anepanaliptos | 23:53 < patdk-lap> s/best/acceptable/ | 05:53 |
anepanaliptos | ^^ agreed. | 05:53 |
patdk-lap | smtp mx tls is mitm | 05:53 |
patdk-lap | it is full of selfsigned, unsigned, broken, expired, certs | 05:54 |
anepanaliptos | correct. but for "the people who care" that i exange email with, we have exchanged keys. | 05:54 |
patdk-lap | so you can't enable hard verification | 05:54 |
* patdk-lap just has lots of ipsec tunnels | 05:54 | |
anepanaliptos | yeah i dont know if i trust creating an ipsec tunnel with someone. | 05:56 |
=== Ursinha is now known as Ursinha-afk | ||
_root_ | for IP Aliasing: both Ip should have the same MAC address? | 06:18 |
jkitchen | you don't need to specify the mac | 06:20 |
jkitchen | unless you're talking about something different than I'm thinking of :) | 06:20 |
=== NomadJim_ is now known as NomadJim | ||
=== freeflying_away is now known as freeflying | ||
_root_ | I have to add my first IP to my VPS this way http://paste.ubuntu.com/6497998/ and because of that I cant get the eth0:0 to IP alias. could you give me a clue as to what should I do to get eth0:0 working | 08:35 |
blueking | samba seem to be tricky to manage get installed there are some issues several places | 09:27 |
blueking | are there samba install scripts that are up to date ? | 09:31 |
nf7 | How can I get /etc/crontab to run a script as if it is in the same working directory as the script? | 10:08 |
jkitchen | nf7: cd /path/to/dir && /path/to/dir/script | 10:08 |
nf7 | ohhhhh | 10:08 |
nf7 | jkitchen: is this a messy way to do it? | 10:09 |
jkitchen | that's the way to do it | 10:09 |
nf7 | jkitchen: awesome, thanks a lot | 10:10 |
jkitchen | yup | 10:10 |
andol | nf7: Alt have the script start off by entering the desired working directory, assuming that applies equally well. | 10:10 |
nf7 | andol: it's a Python script, is it possible to do that? | 10:11 |
=== wickedpuppy3 is now known as wickedpuppy | ||
jkitchen | http://docs.python.org/2/library/os.html#os.chdir | 10:11 |
nf7 | thank you! | 10:12 |
nf7 | jkitchen: Is it possible to have os.chdir point to the scripts path (so it will work no matter where I put the script), or do I need to always manually enter the path? | 10:18 |
jkitchen | nf7: http://docs.python.org/2/library/sys.html#sys.argv http://docs.python.org/2/library/os.path.html#os.path.basename | 10:28 |
nf7 | jkitchen: Thanks a lot. It's really hard for me to read and find my own information using the documentation. Is there some sort of guide on how to utilize the documentation properly? Or do I just need to learn more. | 10:30 |
jkitchen | I am permalinking you directly to the functions you want | 10:30 |
nf7 | jkitchen: Right, I'm just asking for future reference. | 10:31 |
jkitchen | oh | 10:31 |
jkitchen | I just google for the function name | 10:31 |
jkitchen | or thereabouts | 10:31 |
nf7 | Cause I need to stop bothering people so much about little things. | 10:31 |
jkitchen | hah, it's fine | 10:31 |
nf7 | Ah ok, how long have you been programming with Python? | 10:31 |
jkitchen | I don't | 10:31 |
jkitchen | I've been a professional google user for about 13 years now though | 10:32 |
nf7 | hahah | 10:32 |
nf7 | that's always a good skill | 10:32 |
nf7 | do you program with anything though? or just use Ubuntu server? | 10:32 |
jkitchen | I am a recovering perl user turned rubyist | 10:33 |
jkitchen | dabbled briefly in python | 10:33 |
nf7 | cool, there's a lot of perl in linux isn't there? | 10:33 |
nf7 | I was fixing a problem with a wifi card's hardware a while back and I ran into a lot of perl scripts | 10:33 |
jkitchen | there's a lot of a lot of stuff in linux | 10:33 |
nf7 | right | 10:34 |
jkitchen | used to be perl was really popular for a lot of stuff though | 10:34 |
jkitchen | still is, truth be told | 10:35 |
nf7 | Perl and Python are very similar aren't they? | 10:35 |
jkitchen | lots of folks like me who can whip up all kinds of shit in perl in no time | 10:35 |
jkitchen | but trying to keep up with the new hotness | 10:35 |
nf7 | That's what someone told me anyway. | 10:35 |
jkitchen | perl python and ruby are like the romance languages | 10:35 |
nf7 | What kind of stuff do you use Ruby for? | 10:36 |
jkitchen | my company is a rails shop | 10:36 |
jkitchen | so... basically everything | 10:36 |
nf7 | Right, I've dabbled very little with Ruby, seemed almost identical to Python up to what I learned. | 10:36 |
jkitchen | hah | 10:36 |
jkitchen | not even remotely :) | 10:36 |
nf7 | Cool, so web development? | 10:36 |
nf7 | yeah of course, past a point | 10:36 |
jkitchen | no, I'm ops | 10:36 |
jkitchen | I just run the servers | 10:37 |
nf7 | interesting | 10:37 |
jkitchen | but I use puppet for managing my servers, and foreman for managing the metal | 10:37 |
jkitchen | so there's some ruby there | 10:37 |
nf7 | I've been programming for about 3 months right now. Just writing some Reddit bots, having them run on a Ubuntu server on an old netbook that I'm SSH'ing into. It's fun. | 10:37 |
jkitchen | now that this migration is almost finished (working on it right now, in fact, should be done shortly) I'll be able to get into the code side of things a bit more and start making things suck less | 10:38 |
jkitchen | cool | 10:38 |
nf7 | Well I didn't understand much of that but it sounds interesting. | 10:38 |
nf7 | What OS do you use for programming/personal use? | 10:38 |
jkitchen | OSX is my daily driver | 10:39 |
jkitchen | but really it's just a pretty terminal | 10:39 |
jkitchen | chrome, iterm, adium, and a music player | 10:39 |
jkitchen | my primary operating environment is an ubuntu server with about 2 dozen tmux sessions | 10:40 |
nf7 | Yeah I was using OSX as well but I recently switched back to Windows, I like 8.1 a lot. | 10:40 |
jkitchen | I can't work on windows | 10:40 |
jkitchen | like literally am incapable | 10:40 |
nf7 | Just don't like it or missing some particular program? | 10:40 |
jkitchen | there are no terminals for windows | 10:40 |
jkitchen | putty doesn't qualify. | 10:40 |
jkitchen | putty is great for what it is, but it's not what I need. | 10:41 |
jkitchen | plus I really enjoy having a proper unix command line on my daily driver | 10:41 |
nf7_ | Whoops, lost the Wifi there for a moment, back though. | 10:42 |
nf7_ | What did I miss? | 10:42 |
jkitchen | dunno | 10:42 |
jkitchen | I have one windows machine, and it's been turned off for the last 8 months. | 10:43 |
nf7_ | Well the main reason I switched back to Windows is that I really like 8.1, they've figured out their hotkeys, took some pointers from OSX as well with the spotlight style search and a few other things. | 10:43 |
nf7_ | Plus I really like Thinkpads | 10:43 |
jkitchen | if I were going to use a thinkpad it would have linux on it. | 10:43 |
nf7_ | Can get around 12 hours of battery with two packs and the docking base is amazing | 10:43 |
jkitchen | but there is no finer laptop than the 13" retina macbook pro | 10:44 |
nf7_ | I love coming home and simply snapping it on and having it connect to the speakers, mouse, screen, keyboard, external hd instantly, it's great | 10:44 |
nf7_ | Yeah that's actually what I had as well, great machine | 10:44 |
jkitchen | "docking base" | 10:44 |
jkitchen | some proprietary thing | 10:44 |
nf7_ | yes it's lenovo proprietary | 10:44 |
jkitchen | I have a thunderbolt display | 10:45 |
nf7_ | very similar | 10:45 |
nf7_ | the apple one? | 10:45 |
jkitchen | yes | 10:45 |
nf7_ | that's one of the nicest screens, crazy expensive though | 10:45 |
jkitchen | was free | 10:45 |
nf7_ | I think if I ever bought an OSX machine again I'd get a 13 inch Macbook pro | 10:45 |
nf7_ | the battery on those things is crazy | 10:45 |
nf7_ | macbook air* | 10:45 |
jkitchen | everything on this thing is crazy. | 10:45 |
jkitchen | oh, not the air | 10:46 |
jkitchen | I am spoiled by retina | 10:46 |
nf7_ | yeah the retina is great | 10:46 |
nf7_ | I love how you can scale the resolutions | 10:46 |
nf7_ | you know what I'm talking about? | 10:46 |
jkitchen | I only use it at the 1680x1050 effective resolution | 10:47 |
nf7_ | I like it at whatever the default it | 10:47 |
nf7_ | is* | 10:47 |
jkitchen | dunno, I love linux on the desktop, but I also love not having to fuck with my laptop to have it work | 10:48 |
ikonia | there is no need for tha language jkitchen | 10:48 |
jkitchen | sorry | 10:48 |
ikonia | no problem, thank you | 10:48 |
jkitchen | (didn't realize mac was a dirty word, amirite?) | 10:49 |
nf7_ | haha | 10:49 |
jkitchen | I kid. | 10:49 |
jkitchen | I came close to buying a thinkpad or samsung series 9 this time around, but then the mavericks preview came out where they were talking about the battery optimizations they were doing at the OS and hardware levels and stuff | 10:50 |
jkitchen | mind blown | 10:50 |
jkitchen | sorry but there's just no way linux can compete with that :( | 10:50 |
nf7_ | OSX has crazy good power utilization. | 10:51 |
jkitchen | that's the kind of stuff you can do when you are fully vertical | 10:51 |
nf7_ | Windows must be the worst. | 10:51 |
nf7_ | Even so, I get really good battery life on my ThinkPad | 10:51 |
jkitchen | for sure | 10:51 |
nf7_ | I've actually removed all Lenovo drivers | 10:51 |
nf7_ | there were a bunch of power management ones, but I notice no difference whatsoever with them off. | 10:52 |
jkitchen | but there's always that time when you're sitting there and boom, 90% -> 10% in what feels like minutes because something is chewing up power | 10:52 |
nf7_ | Yeah true | 10:52 |
jkitchen | happened on my android phone all the time | 10:52 |
jkitchen | happened on my thinkpads in the past | 10:52 |
jkitchen | I do miss linux on the desktop though. | 10:52 |
nf7_ | I can't stand all the tools and utilities Lenovo puts on their machines (even if they aren't bloatware technically), first thing I did was a fresh install from a Microsoft CD | 10:52 |
ikonia | is this really anything to do with ubuntu server ? | 10:53 |
ikonia | perhaps take it to one of the offtopic channel please ? | 10:53 |
jkitchen | heh | 10:53 |
nf7_ | I was just heading out anyway, thanks for the help. | 10:53 |
jkitchen | np, good luck | 10:54 |
Gilligan94 | Hi I have a system without a graphics card and I want to set up ubuntu server on it, what would the best way to do this be? | 10:54 |
ikonia | a serial connection | 10:54 |
jkitchen | Gilligan94: network console | 10:54 |
Gilligan94 | so I'll beable to install it over SSH? | 10:54 |
jkitchen | it really doesn't even have like an onboard vga? weird. | 10:54 |
jkitchen | Gilligan94: yup | 10:54 |
Gilligan94 | yea no VGA this is an AMD system | 10:55 |
jkitchen | doesn't mean it doesn't have a vga port on board | 10:55 |
jkitchen | in fact with newer AMDs it seems like it's hardecr to get one WITHOUT an apu than with... | 10:55 |
Gilligan94 | in this case it doesn't have any VGA | 10:55 |
jkitchen | crazy | 10:55 |
Gilligan94 | I believe this mobo and CPU was aimed at gaming so they just assumed you would use a dedicated GPU | 10:56 |
ikonia | what is the motherboard model | 10:57 |
Gilligan94 | not sure, I dont have it on hand currently | 10:57 |
jkitchen | not even hdmi?! | 10:59 |
* jkitchen is baffled | 10:59 | |
Gilligan94 | nope nada | 10:59 |
Gilligan94 | kinda cool IMO keeps the cost down | 11:00 |
jkitchen | eh | 11:00 |
jkitchen | by about $2 | 11:00 |
jkitchen | anywho OFF TOPIC | 11:00 |
jkitchen | try the network installer. | 11:00 |
Gilligan94 | every little bit counts >.> | 11:00 |
Gilligan94 | alright thanks | 11:00 |
jkitchen | or serial console | 11:01 |
jkitchen | but I doubt it has a serial port | 11:01 |
Gilligan94 | yea I dont think it does | 11:01 |
ikonia | if it's not got any form of vga for "cost saving" they won't have put a serial port on | 11:01 |
jkitchen | right | 11:01 |
Gilligan94 | any advantage to using 13.10 over 12.04? | 11:02 |
jkitchen | plenty | 11:02 |
ikonia | Gilligan94: it really depends on your needs | 11:02 |
jkitchen | go with 13.10 unless you need LTS | 11:02 |
Gilligan94 | alright | 11:03 |
blueking | does there exist scripts up to date for install of samba ? | 11:51 |
ikonia | blueking: the package manager will manage updates | 12:01 |
frojnd | Hi there. I need a little assitance with mx records. I successfully set multuiple A records for server's IP. So when I go to mydomain1.com it goes there without a problem. It's the same with mydomain2.com Now I'd like to set up MX records for mail server for mydomain1.com. Under free DNS hosting section of my host provider, I set up: Name: mydomain1.com, Type: MX, Value: IP | 12:05 |
frojnd | WHen I do dig -t mx mydomain1.com I can't see mydqomain1.com under mx... | 12:06 |
frojnd | Am I doing this correctly? | 12:06 |
frojnd | I also tried for google mails and it's rather different then I did: Name: atl1.aspmx.i.google.com, Type: MX, Value: mydomain1.com | 12:07 |
ikonia | dns changes will take time to go live | 12:07 |
frojnd | So: do I have to first set A recrod for mail.mydomain1.com and then use this? | 12:07 |
ikonia | mx records need to be a vali dhost name too | 12:07 |
frojnd | ikonia: I've set up yesterday and still not seen. | 12:08 |
ikonia | is the fqdn of the mx host able to be resolved | 12:08 |
frojnd | ikonia: so in theory, if I set first A record: mail.mydomain1.com for server's ip and then use for mx like this: mail.mydomain1.com Type: MX value: mydomain1.com will it work? | 12:08 |
ikonia | MX has to be a fqdn, not an ip | 12:08 |
frojnd | aha | 12:09 |
frojnd | we found a problem | 12:09 |
frojnd | let me try | 12:09 |
frojnd | It says changes will be visible in max 4 hours | 12:11 |
frojnd | Nevertheless I noticed a few problems with postfix | 12:12 |
frojnd | postfix/cleanup[1128]: warning: mysql:/etc/postfix/mysql-virtual-alias-maps.cf lookup error for "root@mydomain1.com" this warning each second, which is worring me | 12:14 |
frojnd | log is already 18MB big | 12:14 |
frojnd | ioptop is running like crazy :) | 12:14 |
frojnd | In that *.maps.cf I have user, password, hosts, dbname and query | 12:15 |
frojnd | Also in that file, user is not root | 12:17 |
=== julian is now known as alamar | ||
=== Ursinha-afk is now known as Ursinha | ||
blueking | ikonia: not that kind I was thinking.. but script to get everything installed | 12:43 |
ikonia | the package manager will install everything | 12:44 |
leelondon | i used ubuntu-s for five years guys | 13:57 |
leelondon | please like https://www.facebook.com/DwayneJohnson | 13:57 |
leelondon | the rock | 13:57 |
frojnd | Ok. I have setup a MX record for mydomain1.com as mail.mydomain1.com and is also seen if I do dig -t mx mydomain1.com | 15:07 |
frojnd | What does that error mean for postfix? Nevertheless I noticed a few problems with postfix | 15:07 |
frojnd | postfix/cleanup[1128]: warning: mysql:/etc/postfix/mysql-virtual-alias-maps.cf lookup error | 15:07 |
Maddeth | Hey all, anyone know if there is a netatalk channel? | 15:55 |
Maddeth | or anyone able to help bme with some netatalk issues | 15:56 |
Maddeth | s/bme/me/ | 15:56 |
=== mjohnson15_2 is now known as mjohnson15 | ||
subman | I've tried adding a second hard drive to my ubuntu server machine but now it won't boot up. It gets stuck at verifying dmi pool. Any ideas? | 16:45 |
=== mibofra- is now known as mibofra | ||
bitbyte | Hey guys any one here who can help out with a VPN problem ? | 18:47 |
jkitchen | ?ask | 18:50 |
jkitchen | ??ask | 18:50 |
jkitchen | don't ask to ask, just ask. if someone can help and is willing, they might just do that | 18:51 |
anepanaliptos | yes. but i dont know what your problem is. | 18:53 |
bitbyte | sorry got called away from the machine as i typed enter | 18:56 |
bitbyte | I'm having some problems understanding generating the certificates | 18:56 |
jkitchen | bitbyte: what sort of vpn are you creating, openvpn? | 18:56 |
bitbyte | I am following the setup outlined here : http://serverfault.com/questions/212382/how-to-set-up-strongswan-or-openswan-for-pure-ipsec-with-iphone-client | 18:56 |
bitbyte | but the openssl command I am having trouble finding any details for. Any ideas on some documents to read up more on it | 18:57 |
jkitchen | there's always 'man openssl' | 18:57 |
bitbyte | I am setting up StrongSwan on ubuntu server, I think I have the config right. But when i generate the certs they don't seem to work right | 18:57 |
jkitchen | but basically that guy is setting up a CA and such | 18:58 |
jkitchen | for my vpn (openvpn) I use the easy-rsa stuff that ships with openvpn | 18:58 |
jkitchen | to manage my ca | 18:58 |
bitbyte | If I'm just setting up a home VPN would i need to setup the Certificate Authority ? | 18:59 |
jkitchen | yes | 18:59 |
bitbyte | I was looking on ss64 for the openssl command but had no luck | 18:59 |
jkitchen | if you follow those directions on the page exactly, it should work fine | 18:59 |
jkitchen | what step did you have trouble with? | 18:59 |
bitbyte | Ok I will give it another shot, The issues began when i copied the certs over to my osx test laptop and it did not recognize the certs even when fully important to keychain | 19:00 |
bitbyte | The setup I have at the moment is : http://pastebin.com/g2yhYYC0 | 19:01 |
bitbyte | If I understand this correct the leftsubnet 10.10.10.x/24 will be the network the VPN clients are on and 0.0.0.0/24 will accept any inbound IP's | 19:02 |
jkitchen | I can't speak to that part, sorry | 19:02 |
bitbyte | and having the interfaces=%default route it should pass it through to the em1 ethernet interface and connect it to my internal 10.10.5.x/24 network | 19:02 |
bitbyte | There was one other item i was wondering about which was that when i run the openssl to generate the certs it asks for a password, Can this be taken off ? | 19:04 |
bitbyte | Because if I understand it correctly, it will require the password to be entered every time its requested to be used. | 19:05 |
anepanaliptos | yes you can leave it blank and push enter | 19:16 |
bitbyte | When i pushed enter it seems to exit the creation of the cert | 19:17 |
blueking | hello | 20:29 |
blueking | I have a question about reboot/init 6 I have an issue with it tried google for it but found no answer to it, maybe someone here knows ? the issue about reboot/init 6 is that it shuts down computer and doesn't restart are there ways to force pc/linux restart ? I am running ubuntu server 13.10 | 20:31 |
zkvvoob | Hi guys, I'm trying to find out why my Ubuntu 12.04 server with Postfix/Dovecot suddenly stopped receiving emails. Sending works fine. Could someone give me a hand? | 20:56 |
zkvvoob | Please? | 21:01 |
zkvvoob | Anyone? | 21:12 |
blueking | I have a question about reboot/init 6 I have an issue with it tried google for it but found no answer to it, maybe someone here knows ? the issue about reboot/init 6 is that it shuts down computer and doesn't restart are there ways to force pc/linux restart ? I am running ubuntu server 13.10 | 21:23 |
sander^home | How do I decrypt a pgp message? | 21:53 |
jkitchen | you need the private key | 21:54 |
jkitchen | then you just gpg --decrypt | 21:54 |
sander^home | jkitchen, do you have a compleate example? | 22:03 |
jkitchen | sander^home: huh? | 22:04 |
jkitchen | gpg --decrypt filename | 22:04 |
sander^home | jkitchen, ah, ok. And what argument do I spesify the private key, and where do I spesify the message? | 22:05 |
jkitchen | sander^home: you need the private key in your keyring | 22:05 |
jkitchen | and you can either pipe the message in or specify a filename | 22:05 |
jkitchen | gpg will figure out which private key to use to decrypt the file if you have multiple private keys in your keyring | 22:06 |
sander^home | jkitchen, how do I import the private key into my keyring? | 22:07 |
jkitchen | sander^home: gpg --import keyfilename | 22:09 |
jkitchen | or you can pipe the key into --import | 22:09 |
sander^home | jkitchen, seems like I got an public key..and a message | 22:16 |
jkitchen | sander^home: if you don't have the private key you can't decrypt the message | 22:17 |
jkitchen | that's kinda the point | 22:17 |
sander^home | jkitchen, ok. Thanks alot:) | 22:24 |
zkvvoob | Hi guys, I'm trying to find out why my Ubuntu 12.04 server with Postfix/Dovecot suddenly stopped receiving emails. Sending works fine. Could someone give me a hand? | 22:27 |
blueking | noone had problem with shutdown -r, reboot, init 6 ? | 22:30 |
jkitchen | zkvvoob: what's in your maillog? | 22:30 |
jkitchen | also, what's the domain? | 22:30 |
zkvvoob | jkitchen: http://paste.ubuntu.com/6501474/ | 22:31 |
jkitchen | Dec 1 00:20:02 server sm-mta[7723]: NOQUEUE: SYSERR(root): hash map "access": missing map file /etc/mail/access.db: No such file or directory | 22:33 |
jkitchen | that's not postfix, for one | 22:33 |
jkitchen | sm-mta I'm gonna guess is sendmail | 22:34 |
zkvvoob | jkitchen: but I removed that | 22:34 |
zkvvoob | sendmail | 22:34 |
jkitchen | clearly not | 22:34 |
zkvvoob | what do I do then? | 22:34 |
jkitchen | remove sendmail, install postfix | 22:34 |
zkvvoob | like I said, already did that: apt-get remove sendmail, apt-get autoremove | 22:35 |
jkitchen | how did sendmail get on there to begin with? | 22:35 |
zkvvoob | I was trying to figure out why the PHP Mail function was not working and tried setting up sendmail; when nothing changed, I removed it | 22:35 |
zkvvoob | and reinstalled Postfix | 22:35 |
jkitchen | ah | 22:35 |
jkitchen | that'll do it. | 22:35 |
zkvvoob | but maybe I messed something with the config files | 22:36 |
jkitchen | postfix ships its own /usr/sbin/sendmail, so you don't need to actually have sendmail installed | 22:36 |
jkitchen | dpkg -l | grep sendmail | 22:36 |
zkvvoob | jkitchen: http://paste.ubuntu.com/6501494/ | 22:37 |
jkitchen | ok, what about postfix | 22:38 |
jkitchen | also, perhaps sendmail is still running, check your process list | 22:38 |
jkitchen | or try telnet localhost 25 | 22:38 |
zkvvoob | jkitchen: http://paste.ubuntu.com/6501495/ | 22:38 |
jkitchen | ok, postfix isn't installed either | 22:38 |
zkvvoob | so, apt-get install postfix again? | 22:39 |
jkitchen | so between that and the fact that you removed postfix and installed sendmail, that would cause mail to stop working, yes. | 22:39 |
jkitchen | yea, install postfix | 22:39 |
zkvvoob | aye, aye | 22:39 |
jkitchen | but first check the process list | 22:39 |
zkvvoob | how? | 22:39 |
jkitchen | sendmail may still be running | 22:39 |
jkitchen | ps aux | grep sendmail | 22:39 |
jkitchen | maybe | 22:39 |
jkitchen | I don't (won't) use sendmail, so I'm not sure what all processes it uses | 22:40 |
zkvvoob | root 4303 0.0 0.0 13548 2208 ? Ss Nov30 0:00 sendmail: MTA: accepting connections root 8372 0.0 0.0 4392 808 pts/0 S+ 00:40 0:00 grep --color=auto sendmail | 22:40 |
jkitchen | yea, it's still running. kill it. | 22:40 |
zkvvoob | again, how? :( | 22:40 |
jkitchen | kill 4303 | 22:40 |
jkitchen | 4303 is the pid of the sendmail process there | 22:41 |
zkvvoob | right, got it | 22:41 |
zkvvoob | done | 22:41 |
jkitchen | (second column) | 22:41 |
zkvvoob | now install postfix? | 22:41 |
jkitchen | yup | 22:41 |
jkitchen | and hopefully you didn't apt-get purge it before, it should still have your configu | 22:41 |
zkvvoob | no, I didn't purge anything | 22:41 |
zkvvoob | it's installed | 22:41 |
zkvvoob | now what? | 22:41 |
blueking | anyone knows what option -d means ? in -> "reboot -d -f -i" looking at file /etc/rc6.d/S90reboot | 22:41 |
blueking | man doesn't mention -d option | 22:42 |
jkitchen | zkvvoob: in theory, postfix is up and running and your mail should be working again | 22:43 |
zkvvoob | hm, ok, I'll tail the mail log and send a messge | 22:43 |
zkvvoob | jkitchen: http://paste.ubuntu.com/6501525/ | 22:45 |
zkvvoob | and there's no trace of the message in my mailbox | 22:45 |
jkitchen | Dec 1 00:45:01 server postfix/smtpd[9185]: error: unsupported dictionary type: mysql | 22:45 |
jkitchen | you may need to install postfix-mysql | 22:46 |
jkitchen | dunno if you were actually using that before or whatnot | 22:46 |
zkvvoob | jkitchen: nothing - http://paste.ubuntu.com/6501545/ | 22:48 |
jkitchen | you need to restart postfix after installing the package | 22:49 |
zkvvoob | did that | 22:49 |
jkitchen | ok | 22:49 |
jkitchen | mailq says? | 22:49 |
zkvvoob | jkitchen: http://paste.ubuntu.com/6501552/ | 22:50 |
jkitchen | zkvvoob: those are bounce messages, you can look at what they say with postcat. postcat -q B6C8C601566 | 22:52 |
jkitchen | though unless your clock is quite off those are most likely not relevant to this matter | 22:52 |
Xeronix | I'm having trouble installing Ubuntu Server 13.10 - my USB keyboard is not recognized by my computer once I get into the installation steps | 22:52 |
Xeronix | I'm stuck at Select a Language | 22:52 |
jkitchen | Xeronix: replug? | 22:52 |
Xeronix | jkitchen: I have tried that | 22:52 |
zkvvoob | jkitchen: no, it's not off, they are old; aparently I've not been receiving message for quite some time, not just today | 22:52 |
jkitchen | just a thought :) | 22:52 |
jkitchen | zkvvoob: I'd bet there's a strong correlation between when you uninstalled postfix and installed sendmail and when your mail stopped working | 22:53 |
jkitchen | Xeronix: do you have any sort of legacy usb support enabled in your bios? | 22:53 |
zkvvoob | jkitchen: the thing is I never actually uninstalled postfix | 22:53 |
Xeronix | jkitchen: I do | 22:53 |
zkvvoob | jkitchen: at least I don't remember | 22:53 |
Xeronix | Under USB configuration | 22:54 |
jkitchen | zkvvoob: postfix and sendmail are mutually exclusive | 22:54 |
Xeronix | I have Legacy USB Support enabled | 22:54 |
zkvvoob | jkitchen: I know that now, yes | 22:54 |
jkitchen | Xeronix: you might disable that | 22:54 |
zkvvoob | jkitchen: so what could I try now? | 22:54 |
Xeronix | DISABLE it? | 22:54 |
jkitchen | Xeronix: yes, linux has supported usb keyboards for over a decade | 22:54 |
jkitchen | you don't need the bios to do that for you anymore | 22:54 |
jkitchen | zkvvoob: how are you testing your mail? | 22:55 |
Xeronix | jkitchen: Still no use, it's not working :( | 22:55 |
jkitchen | Xeronix: you rebooted that quickly? | 22:55 |
Xeronix | Yep | 22:55 |
jkitchen | lies. | 22:55 |
Xeronix | USB install | 22:55 |
zkvvoob | jkitchen: sending a message from another account, tail -f /var/log/mail.log; checking webmail if anything's arrived | 22:55 |
Xeronix | it's not a server, so it doesn't have a long POST cycle either | 22:55 |
jkitchen | zkvvoob: what's the domain? | 22:55 |
zkvvoob | jkitchen: I already sent you the output of telnet localhost 25 | 22:55 |
zkvvoob | jkitchen: saturn13.eu | 22:56 |
zkvvoob | or mail.saturn13.eu - for the SMTP | 22:56 |
Xeronix | jkitchen: Like literally, my keyboard loses power or something | 22:56 |
Xeronix | hmm | 22:56 |
jkitchen | Xeronix: weird. is it a fancy keyboard or just off the shelf thing | 22:56 |
Xeronix | does Ubuntu have USB3 support built in? | 22:56 |
Xeronix | jkitchen: Nope, I used it yesterday to install server on another machine | 22:56 |
jkitchen | weird | 22:57 |
jkitchen | in theory it shouldn't matter, because of usb hid | 22:57 |
jkitchen | but yea. | 22:57 |
jkitchen | HEH | 22:57 |
jkitchen | zkvvoob: tail -f your log file | 22:57 |
jkitchen | you should have just seen a message from me | 22:58 |
jkitchen | 250 2.0.0 Ok: queued as 58C7D600040 | 22:58 |
Xeronix | jkitchen: shite, just disabled legacy usb and my keyboard no longer works for getting into the bios | 22:58 |
zkvvoob | jkitchen: I think I did, here http://paste.ubuntu.com/6501595/ | 22:59 |
jkitchen | Xeronix: wat | 22:59 |
jkitchen | :( | 22:59 |
zkvvoob | jkitchen: but I don't see the actual message in my mailbox | 22:59 |
Xeronix | going to CMOS reset | 22:59 |
DRice7 | hey guys - can anyone help me with my Xorg starting problem? Error found at bottom of: http://paste.ubuntu.com/6501600/ | 23:01 |
jkitchen | zkvvoob: bounce says unknown user bz | 23:02 |
zkvvoob | jkitchen: that's insane, I'm logged in my webmail with that user | 23:03 |
zkvvoob | jkitchen: here, I just logged out and then back in | 23:03 |
jkitchen | zkvvoob: well, most webmail programs are just imap clients | 23:03 |
jkitchen | so your imap server and postfix are disagreeing | 23:03 |
zkvvoob | jkitchen: right, so what should I do then? | 23:03 |
jkitchen | are you doing some virtual users setup or something with postfix? | 23:04 |
jkitchen | (I'm assuming so since you have mysql involved) | 23:04 |
zkvvoob | jkitchen: maybe, I'm using ISPCOnfig, maybe it got confused with the postfix situation - should I remove the account and add it again? | 23:04 |
jkitchen | no | 23:04 |
jkitchen | postfix is probably just not looking at it | 23:04 |
jkitchen | I don't know what ISPConfig is though, is that some sort of third party panel thing? | 23:05 |
jkitchen | like cpanel or plesk or such | 23:05 |
zkvvoob | yes, like cPanel | 23:05 |
jkitchen | if so, you should probably contact their support | 23:05 |
jkitchen | oh, it's open source. | 23:05 |
jkitchen | hrm | 23:05 |
zkvvoob | so? | 23:05 |
jkitchen | well, maybe ask their irc channel then? :) | 23:05 |
blueking | hmm | 23:06 |
zkvvoob | :D | 23:06 |
zkvvoob | Well, thank you very much for your help jkitchen ! | 23:06 |
jkitchen | I have never used ispconfig so I have no idea how it's configured | 23:06 |
jkitchen | no problem, good luck | 23:06 |
blueking | *sighs* | 23:06 |
blueking | debian and ubuntu are built on same kernel ? | 23:07 |
jkitchen | blueking: all linux distros are by definition built off of the linux kernel | 23:08 |
blueking | jkitchen: just wonder why I have reboot problem on debian and ubuntu but not in opensuse | 23:10 |
jkitchen | the 'reboot' command isn't part of the kernel | 23:11 |
jkitchen | what problem are you having? | 23:11 |
DRice7 | blueking, it has to do with the acpi drivers | 23:11 |
DRice7 | apt-get install pastebinit | 23:11 |
DRice7 | dmesg | pastebinit | 23:11 |
DRice7 | check the ACPI messages | 23:11 |
blueking | jkitchen: reboot, shutdown -r, init 6 all shuts down pc | 23:11 |
jkitchen | ahh, yes. that's probably ACPI thing. | 23:12 |
* jkitchen hands the baton to DRice7 | 23:12 | |
blueking | ok | 23:12 |
blueking | DRice7: what am I looking for ? | 23:20 |
blueking | DRice7: have some acpi warning at line 858 - 864 | 23:23 |
blueking | jkitchen: what should I look for about acpi in dmesg ? | 23:28 |
blueking | hmm' | 23:43 |
blueking | edited grub put in acpi=off no change to reboot | 23:49 |
Generated by irclog2html.py 2.7 by Marius Gedminas - find it at mg.pov.lt!