[00:01] <jrwren> hazmat: i actually pitched removal of a number of packages recently :)
[00:01] <hazmat> jrwren, i'm primarily looking at lxc instances (including in cloud-instances), and minimizing seconds on container boot time, its easy to avoid via some container customizerization
[00:01] <hazmat> jrwren, fair enough
[00:01] <hazmat> its easy to do externally
[00:02] <jrwren> hazmat: do you then git clone something to teh new instance?
[00:03] <hazmat> jrwren, git is used internally by juju when deploying charms, but fair enough i'm snapshotting against a base image for the containers, easy enough to add there, out of curiosity what packages were you pitching to remove?
[00:03] <jrwren> oh, a juju thing.
[00:03] <jrwren> would make sense to have a jujuimg separate from cloudimg IMO
[00:04] <hazmat> jrwren, basically i'm creating a base juju image from each series/release cloud image, i can add the extra package there just as easily
[00:05] <hazmat> although it would be nice if lxc-attach would work with precise and hwe kernels.. ssh normalizes nicely across the containers.
[00:09] <hazmat> by base juju image i mean container with  btrfs snapshot for lxc-clone. the default cloud images have nothing in specific support of juju btw.
[00:19] <jrwren> right. i know the cloudimg pretty well.
[00:20] <jrwren> everything else you just said, i've no idea what you are talking about :)
[00:58] <mushtar> is this the right channel for discussing CloudInit, i.e. https://help.ubuntu.com/community/CloudInit ?
[01:00] <lifeless> it's a fine channel
[01:00] <lifeless> for that and many other things
[01:00] <mushtar> oh good
[01:01] <mushtar> is it possible to get cloud-init to run on my mac?
[01:02] <mushtar> i want to be able to use write-mime-multipart
[01:27] <mushtar> figured it out. bzr branch lp:cloud-init
[03:38] <kirkland> jamespage: uh oh, what happened?
[04:23] <MarGul> Hi I have just unstalled ubuntu server 12.04 and I have changed ip address to static (been pinging it from my laptop and I know its connected to my network). Then I installed nginx running the command aptitude install nginx. The version of nginx is 1.5.6. When I then, on my laptop, type in my servers ip address in my webbrowser I get nothing.
[04:23] <MarGul> Im following the manual http://arstechnica.com/gadgets/2012/11/how-to-set-up-a-safe-and-secure-web-server/2/
[05:11] <crimsonmane> i need to re-do my certs ... i just ran through the steps i used the first time but it failed to change the cert as evidenced by the old data being present and not the new data. i used a different email address to make them stand out.
[05:30] <anepanaliptos> hello..
[05:30] <anepanaliptos> dont tell me !ask, i know. just being kind.
[05:30] <anepanaliptos> ok guys.. so this is what i want to do. I dont really understand lvms and the like, but i know what i want..
[05:31] <anepanaliptos> my old machine was a simple 1 disk setup, and while installing ubuntu i chose the guided partitoning and chose luks + lvm
[05:31] <anepanaliptos> i want to do the same again, except this time, with two disks. and i want the "2nd disk" to be in teh LVM so i only have to type the key once.
[05:32] <jkitchen> but not raid?
[05:32] <anepanaliptos> lvm though seems to create one giant partion, like dynamic disks. i dont want that. i want one "partition" on the 1st disk, and the "other/storage" on the other
[05:32] <anepanaliptos> correct. but no raid.
[05:32] <jkitchen> they're separate PVs then
[05:32] <jkitchen> no way around that
[05:33] <anepanaliptos> um
[05:33] <anepanaliptos> is there a way the "storage" disk can mount into the first group?
[05:33] <jkitchen> you can mount things wherever you want
[05:34] <anepanaliptos> (im at the guided screen if you wanna teamviewer and push the buttons, but i have a feeling you know what i want to do..)
[05:34] <anepanaliptos> i dont mind how the "mounting process" happens, as long as.. see the reason why i want them seperate is so that i could possibly transport the second disk and mount it on another computer someplace.
[05:35] <patdk-lap> anepanaliptos, why do that at all?
[05:35] <patdk-lap> why *type the key* multible times?
[05:35] <anepanaliptos> i dont want to.
[05:35] <patdk-lap> then don't
[05:35] <anepanaliptos> so how would i set it up so i dont have to?
[05:36] <patdk-lap> there are many ways
[05:36] <patdk-lap> I personally use a script to fetch the key
[05:37] <patdk-lap> the script asks for the password to decrypt
[05:37] <patdk-lap> it then uses that password to get the key
[05:37] <patdk-lap> I store the keys in a gpg archive
[05:37] <anepanaliptos> woah too complicated
[05:37] <patdk-lap> :)
[05:37] <patdk-lap> you could go lazy
[05:37] <patdk-lap> just save the key onto your first disk
[05:37] <anepanaliptos> ok what's that route look like?
[05:37] <anepanaliptos> aa ok.
[05:37] <patdk-lap> and reference that file to unlock the second
[05:38] <patdk-lap> if first is locked, can't unlock the second
[05:38] <anepanaliptos> ok. can that be done "near boot time" ?
[05:38] <patdk-lap> near boot time?
[05:38] <patdk-lap> what does that mean?
[05:38] <anepanaliptos> that sounds better.
[05:38] <anepanaliptos> before for example, apache2 starts up
[05:38] <patdk-lap> no idea
[05:38] <patdk-lap> it happens when disks mount
[05:38] <patdk-lap> that is upto upstart
[05:38] <anepanaliptos> perfect.
[05:39] <patdk-lap> issues is, anyone that roots your server, has access to the decrypt key
[05:39] <patdk-lap> so using a script, while much harder, is safer, by alittle bit
[05:39] <anepanaliptos> hmm.
[05:39] <anepanaliptos> hmmm.
[05:40] <anepanaliptos> i think ill just type it twice.
[05:40] <patdk-lap> what exactly are you protecting against?
[05:40] <anepanaliptos> how do i setup luks without the volgroup stuff then?
[05:40] <anepanaliptos> im trying to protect againt physical theft
[05:41] <patdk-lap> then it doesn't matter
[05:41] <anepanaliptos> so when you yank the power, you're done and you need the key again.
[05:41] <patdk-lap> well, those are totally different
[05:41] <lifeless> anepanaliptos: oh, so if people are serious about stealing kit they won't yank the power
[05:41] <anepanaliptos> lifeless: lol.
[05:41] <patdk-lap> the best way to steal it, is to root it and copy the data while it's up
[05:42] <jkitchen> and nobody even knows
[05:42] <patdk-lap> the system is much less protected when it's running
[05:42] <lifeless> anepanaliptos: there are stock products that replace the power supply hot
[05:42] <anepanaliptos> yeah im just talking about like a dumb theif stealing equipment.
[05:42] <anepanaliptos> look, its my mailserver
[05:42] <patdk-lap> then saving your key for the other disks in /etc, is safe enough
[05:43] <anepanaliptos> im trying to "protect" against some "not nice people" accessing.. my mail. if it were to get siezed.
[05:43] <patdk-lap> cause it's unlikely they logged in, and rooted your server to get those keys first
[05:43] <anepanaliptos> that kind of thing.
[05:43] <patdk-lap> siezed?
[05:43] <anepanaliptos> but im happy with this solution too
[05:43] <anepanaliptos> 23:42 < patdk-lap> then saving your key for the other disks in /etc, is safe enough
[05:43] <patdk-lap> that implies people know what they are doing
[05:43] <anepanaliptos> not really. local authoraties arent that smart.
[05:44] <jkitchen> thermite trap
[05:44] <jkitchen> problem solved
[05:44] <patdk-lap> jkitchen, what triggers it?
[05:44] <patdk-lap> not solved :)
[05:44] <anepanaliptos> again, too technical.
[05:45] <anepanaliptos> how do you guys protect your mail servers?
[05:45] <jkitchen> patdk-lap: "oh shit" button
[05:45] <jkitchen> :)
[05:45] <jkitchen> tie it to your iphone "siri, nuke the drives please"
[05:45] <anepanaliptos> when i had the first one, with only a physical raid, i felt "safe" with luks
[05:45] <patdk-lap> personally, I have to insert a special usb stick
[05:45] <patdk-lap> and type in a password
[05:46] <anepanaliptos> ok. any things i can "rtfm" to help me setup something similar?
[05:46] <patdk-lap> but, for email
[05:46] <patdk-lap> it is much much more likely they tapped your internet connection
[05:47] <anepanaliptos> eeh. still pointless. ssl.
[05:47] <patdk-lap> what ssl?
[05:47] <patdk-lap> smtp doesn't use ssl
[05:47] <anepanaliptos> i use webmail.
[05:47] <patdk-lap> so your email is safe until you send/receive
[05:47] <anepanaliptos> yeah. i understand those rules.
[05:48] <patdk-lap> till everyone starts doing dane/tlsa, I don't really get the whole encrypted email thing
[05:49] <patdk-lap> if you secured your email, like with s/mime, or pgp
[05:49] <patdk-lap> there would be no need for encryption
[05:49] <patdk-lap> the only thing your somewhat protecting is your email history, from *before* they tapped your connection
[05:49] <anepanaliptos> ohkay.
[05:50] <anepanaliptos> so single disk it is that mounts the others via key.
[05:50] <patdk-lap> well, the simple way is, use your password to unlock your root disk
[05:50] <patdk-lap> then save the keys on your root disk, maybe like /etc/disk.keys/....
[05:50] <patdk-lap> and use those files to unlock the other disks
[05:51] <patdk-lap> someone would have to copy those files first, to unlock the other disks
[05:51] <patdk-lap> or have the password to unlock the first disk
[05:51] <patdk-lap> that is the simple way
[05:51] <patdk-lap> any other way, gets into messing with initramfs, and that isn't much fun
[05:52] <anepanaliptos> yeah. i think that way is best.
[05:53] <patdk-lap> s/best/acceptable/
[05:53] <anepanaliptos> and as far as the whole email thing, there is MX tls
[05:53] <anepanaliptos> 23:53 < patdk-lap> s/best/acceptable/
[05:53] <anepanaliptos> ^^ agreed.
[05:53] <patdk-lap> smtp mx tls is mitm
[05:54] <patdk-lap> it is full of selfsigned, unsigned, broken, expired, certs
[05:54] <anepanaliptos> correct. but for "the people who care" that i exange email with, we have exchanged keys.
[05:54] <patdk-lap> so you can't enable hard verification
[05:54]  * patdk-lap just has lots of ipsec tunnels
[05:56] <anepanaliptos> yeah i dont know if i trust creating an ipsec tunnel with someone.
[06:18] <_root_> for IP Aliasing: both Ip should have the same MAC address?
[06:20] <jkitchen> you don't need to specify the mac
[06:20] <jkitchen> unless you're talking about something different than I'm thinking of :)
[08:35] <_root_> I have to add my first IP to my VPS this way http://paste.ubuntu.com/6497998/ and because of that I cant get the eth0:0 to IP alias. could you give me a clue as to what should I do to get eth0:0 working
[09:27] <blueking> samba seem to be tricky to manage get installed   there are some issues several places
[09:31] <blueking> are there samba install scripts that are up to date ?
[10:08] <nf7> How can I get /etc/crontab to run a script as if it is in the same working directory as the script?
[10:08] <jkitchen> nf7: cd /path/to/dir && /path/to/dir/script
[10:08] <nf7> ohhhhh
[10:09] <nf7> jkitchen: is this a messy way to do it?
[10:09] <jkitchen> that's the way to do it
[10:10] <nf7> jkitchen: awesome, thanks a lot
[10:10] <jkitchen> yup
[10:10] <andol> nf7: Alt have the script start off by entering the desired working directory, assuming that applies equally well.
[10:11] <nf7> andol: it's a Python script, is it possible to do that?
[10:11] <jkitchen> http://docs.python.org/2/library/os.html#os.chdir
[10:12] <nf7> thank you!
[10:18] <nf7> jkitchen: Is it possible to have os.chdir point to the scripts path (so it will work no matter where I put the script), or do I need to always manually enter the path?
[10:28] <jkitchen> nf7: http://docs.python.org/2/library/sys.html#sys.argv  http://docs.python.org/2/library/os.path.html#os.path.basename
[10:30] <nf7> jkitchen: Thanks a lot. It's really hard for me to read and find my own information using the documentation. Is there some sort of guide on how to utilize the documentation properly? Or do I just need to learn more.
[10:30] <jkitchen> I am permalinking you directly to the functions you want
[10:31] <nf7> jkitchen: Right, I'm just asking for future reference.
[10:31] <jkitchen> oh
[10:31] <jkitchen> I just google for the function name
[10:31] <jkitchen> or thereabouts
[10:31] <nf7> Cause I need to stop bothering people so much about little things.
[10:31] <jkitchen> hah, it's fine
[10:31] <nf7> Ah ok, how long have you been programming with Python?
[10:31] <jkitchen> I don't
[10:32] <jkitchen> I've been a professional google user for about 13 years now though
[10:32] <nf7> hahah
[10:32] <nf7> that's always a good skill
[10:32] <nf7> do you program with anything though? or just use Ubuntu server?
[10:33] <jkitchen> I am a recovering perl user turned rubyist
[10:33] <jkitchen> dabbled briefly in python
[10:33] <nf7> cool, there's a lot of perl in linux isn't there?
[10:33] <nf7> I was fixing a problem with a wifi card's hardware a while back and I ran into a lot of perl scripts
[10:33] <jkitchen> there's a lot of a lot of stuff in linux
[10:34] <nf7> right
[10:34] <jkitchen> used to be perl was really popular for a lot of stuff though
[10:35] <jkitchen> still is, truth be told
[10:35] <nf7> Perl and Python are very similar aren't they?
[10:35] <jkitchen> lots of folks like me who can whip up all kinds of shit in perl in no time
[10:35] <jkitchen> but trying to keep up with the new hotness
[10:35] <nf7> That's what someone told me anyway.
[10:35] <jkitchen> perl python and ruby are like the romance languages
[10:36] <nf7> What kind of stuff do you use Ruby for?
[10:36] <jkitchen> my company is a rails shop
[10:36] <jkitchen> so... basically everything
[10:36] <nf7> Right, I've dabbled very little with Ruby, seemed almost identical to Python up to what I learned.
[10:36] <jkitchen> hah
[10:36] <jkitchen> not even remotely :)
[10:36] <nf7> Cool, so web development?
[10:36] <nf7> yeah of course, past a point
[10:36] <jkitchen> no, I'm ops
[10:37] <jkitchen> I just run the servers
[10:37] <nf7> interesting
[10:37] <jkitchen> but I use puppet for managing my servers, and foreman for managing the metal
[10:37] <jkitchen> so there's some ruby there
[10:37] <nf7> I've been programming for about 3 months right now. Just writing some Reddit bots, having them run on a Ubuntu server on an old netbook that I'm SSH'ing into. It's fun.
[10:38] <jkitchen> now that this migration is almost finished (working on it right now, in fact, should be done shortly) I'll be able to get into the code side of things a bit more and start making things suck less
[10:38] <jkitchen> cool
[10:38] <nf7> Well I didn't understand much of that but it sounds interesting.
[10:38] <nf7> What OS do you use for programming/personal use?
[10:39] <jkitchen> OSX is my daily driver
[10:39] <jkitchen> but really it's just a pretty terminal
[10:39] <jkitchen> chrome, iterm, adium, and a music player
[10:40] <jkitchen> my primary operating environment is an ubuntu server with about 2 dozen tmux sessions
[10:40] <nf7> Yeah I was using OSX as well but I recently switched back to Windows, I like 8.1 a lot.
[10:40] <jkitchen> I can't work on windows
[10:40] <jkitchen> like literally am incapable
[10:40] <nf7> Just don't like it or missing some particular program?
[10:40] <jkitchen> there are no terminals for windows
[10:40] <jkitchen> putty doesn't qualify.
[10:41] <jkitchen> putty is great for what it is, but it's not what I need.
[10:41] <jkitchen> plus I really enjoy having a proper unix command line on my daily driver
[10:42] <nf7_> Whoops, lost the Wifi there for a moment, back though.
[10:42] <nf7_> What did I miss?
[10:42] <jkitchen> dunno
[10:43] <jkitchen> I have one windows machine, and it's been turned off for the last 8 months.
[10:43] <nf7_> Well the main reason I switched back to Windows is that I really like 8.1, they've figured out their hotkeys, took some pointers from OSX as well with the spotlight style search and a few other things.
[10:43] <nf7_> Plus I really like Thinkpads
[10:43] <jkitchen> if I were going to use a thinkpad it would have linux on it.
[10:43] <nf7_> Can get around 12 hours of battery with two packs and the docking base is amazing
[10:44] <jkitchen> but there is no finer laptop than the 13" retina macbook pro
[10:44] <nf7_> I love coming home and simply snapping it on and having it connect to the speakers, mouse, screen, keyboard, external hd instantly, it's great
[10:44] <nf7_> Yeah that's actually what I had as well, great machine
[10:44] <jkitchen> "docking base"
[10:44] <jkitchen> some proprietary thing
[10:44] <nf7_> yes it's lenovo proprietary
[10:45] <jkitchen> I have a thunderbolt display
[10:45] <nf7_> very similar
[10:45] <nf7_> the apple one?
[10:45] <jkitchen> yes
[10:45] <nf7_> that's one of the nicest screens, crazy expensive though
[10:45] <jkitchen> was free
[10:45] <nf7_> I think if I ever bought an OSX machine again I'd get a 13 inch Macbook pro
[10:45] <nf7_> the battery on those things is crazy
[10:45] <nf7_> macbook air*
[10:45] <jkitchen> everything on this thing is crazy.
[10:46] <jkitchen> oh, not the air
[10:46] <jkitchen> I am spoiled by retina
[10:46] <nf7_> yeah the retina is great
[10:46] <nf7_> I love how you can scale the resolutions
[10:46] <nf7_> you know what I'm talking about?
[10:47] <jkitchen> I only use it at the 1680x1050 effective resolution
[10:47] <nf7_> I like it at whatever the default it
[10:47] <nf7_> is*
[10:48] <jkitchen> dunno, I love linux on the desktop, but I also love not having to fuck with my laptop to have it work
[10:48] <ikonia> there is no need for tha language jkitchen
[10:48] <jkitchen> sorry
[10:48] <ikonia> no problem, thank you
[10:49] <jkitchen> (didn't realize mac was a dirty word, amirite?)
[10:49] <nf7_> haha
[10:49] <jkitchen> I kid.
[10:50] <jkitchen> I came close to buying a thinkpad or samsung series 9 this time around, but then the mavericks preview came out where they were talking about the battery optimizations they were doing at the OS and hardware levels and stuff
[10:50] <jkitchen> mind blown
[10:50] <jkitchen> sorry but there's just no way linux can compete with that :(
[10:51] <nf7_> OSX has crazy good power utilization.
[10:51] <jkitchen> that's the kind of stuff you can do when you are fully vertical
[10:51] <nf7_> Windows must be the worst.
[10:51] <nf7_> Even so, I get really good battery life on my ThinkPad
[10:51] <jkitchen> for sure
[10:51] <nf7_> I've actually removed all Lenovo drivers
[10:52] <nf7_> there were a bunch of power management ones, but I notice no difference whatsoever with them off.
[10:52] <jkitchen> but there's always that time when you're sitting there and boom, 90% -> 10% in what feels like minutes because something is chewing up power
[10:52] <nf7_> Yeah true
[10:52] <jkitchen> happened on my android phone all the time
[10:52] <jkitchen> happened on my thinkpads in the past
[10:52] <jkitchen> I do miss linux on the desktop though.
[10:52] <nf7_> I can't stand all the tools and utilities Lenovo puts on their machines (even if they aren't bloatware technically), first thing I did was a fresh install from a Microsoft CD
[10:53] <ikonia> is this really anything to do with ubuntu server ?
[10:53] <ikonia> perhaps take it to one of the offtopic channel please ?
[10:53] <jkitchen> heh
[10:53] <nf7_> I was just heading out anyway, thanks for the help.
[10:54] <jkitchen> np, good luck
[10:54] <Gilligan94> Hi I have a system without a graphics card and I want to set up ubuntu server on it, what would the best way to do this be?
[10:54] <ikonia> a serial connection
[10:54] <jkitchen> Gilligan94: network console
[10:54] <Gilligan94> so I'll beable to install it over SSH?
[10:54] <jkitchen> it really doesn't even have like an onboard vga? weird.
[10:54] <jkitchen> Gilligan94: yup
[10:55] <Gilligan94> yea no VGA this is an AMD system
[10:55] <jkitchen> doesn't mean it doesn't have a vga port on board
[10:55] <jkitchen> in fact with newer AMDs it seems like it's hardecr to get one WITHOUT an apu than with...
[10:55] <Gilligan94> in this case it doesn't have any VGA
[10:55] <jkitchen> crazy
[10:56] <Gilligan94> I believe this mobo and CPU was aimed at gaming so they just assumed you would use a dedicated GPU
[10:57] <ikonia> what is the motherboard model
[10:57] <Gilligan94> not sure, I dont have it on hand currently
[10:59] <jkitchen> not even hdmi?!
[10:59]  * jkitchen is baffled
[10:59] <Gilligan94> nope nada
[11:00] <Gilligan94> kinda cool IMO keeps the cost down
[11:00] <jkitchen> eh
[11:00] <jkitchen> by about $2
[11:00] <jkitchen> anywho OFF TOPIC
[11:00] <jkitchen> try the network installer.
[11:00] <Gilligan94> every little bit counts >.>
[11:00] <Gilligan94> alright thanks
[11:01] <jkitchen> or serial console
[11:01] <jkitchen> but I doubt it has a serial port
[11:01] <Gilligan94> yea I dont think it does
[11:01] <ikonia> if it's not got any form of vga for "cost saving" they won't have put a serial port on
[11:01] <jkitchen> right
[11:02] <Gilligan94> any advantage to using 13.10 over 12.04?
[11:02] <jkitchen> plenty
[11:02] <ikonia> Gilligan94: it really depends on your needs
[11:02] <jkitchen> go with 13.10 unless you need LTS
[11:03] <Gilligan94> alright
[11:51] <blueking> does there exist scripts  up to date for install of samba ?
[12:01] <ikonia> blueking: the package manager will manage updates
[12:05] <frojnd> Hi there. I need a little assitance with mx records. I successfully set multuiple A records for server's IP. So when I go to mydomain1.com it  goes there without a problem. It's the same with mydomain2.com Now I'd like to set up MX records for mail server for mydomain1.com. Under free DNS hosting section of my host provider, I set up: Name: mydomain1.com,  Type: MX, Value: IP
[12:06] <frojnd> WHen I do dig -t mx mydomain1.com I can't see mydqomain1.com under mx...
[12:06] <frojnd> Am I doing this correctly?
[12:07] <frojnd> I also tried for google mails and it's rather different then I did: Name: atl1.aspmx.i.google.com, Type: MX, Value: mydomain1.com
[12:07] <ikonia> dns changes will take time to go live
[12:07] <frojnd> So: do I have to first set A recrod for mail.mydomain1.com and then use this?
[12:07] <ikonia> mx records need to be a vali dhost name too
[12:08] <frojnd> ikonia: I've set up yesterday and still not seen.
[12:08] <ikonia> is the fqdn of the mx host able to be resolved
[12:08] <frojnd> ikonia: so in theory, if I set first A record: mail.mydomain1.com for server's ip and then use for mx like this: mail.mydomain1.com Type: MX value: mydomain1.com will it work?
[12:08] <ikonia> MX has to be a fqdn, not an ip
[12:09] <frojnd> aha
[12:09] <frojnd> we found a problem
[12:09] <frojnd> let me try
[12:11] <frojnd> It says changes will be visible in max 4 hours
[12:12] <frojnd> Nevertheless I noticed a few problems with postfix
[12:14] <frojnd>  postfix/cleanup[1128]: warning: mysql:/etc/postfix/mysql-virtual-alias-maps.cf lookup error for "root@mydomain1.com" this warning each second, which is worring me
[12:14] <frojnd> log is already 18MB big
[12:14] <frojnd> ioptop is running like crazy :)
[12:15] <frojnd> In that *.maps.cf I have user, password, hosts, dbname and query
[12:17] <frojnd> Also in that file, user is not root
[12:43] <blueking> ikonia:  not that kind I was thinking.. but script to get everything installed
[12:44] <ikonia> the package manager will install everything
[13:57] <leelondon> i used ubuntu-s for five years guys
[13:57] <leelondon> please like https://www.facebook.com/DwayneJohnson
[13:57] <leelondon> the rock
[15:07] <frojnd> Ok. I have setup a MX record for mydomain1.com as mail.mydomain1.com and is also seen if I do dig -t mx mydomain1.com
[15:07] <frojnd> What does that error mean for postfix?  Nevertheless I noticed a few problems with postfix
[15:07] <frojnd>   postfix/cleanup[1128]: warning: mysql:/etc/postfix/mysql-virtual-alias-maps.cf lookup error
[15:55] <Maddeth> Hey all, anyone know if there is a netatalk channel?
[15:56] <Maddeth> or anyone able to help bme with some netatalk issues
[15:56] <Maddeth> s/bme/me/
[16:45] <subman> I've tried adding a second hard drive to my ubuntu server machine but now it won't boot up.  It gets stuck at verifying dmi pool.  Any ideas?
[18:47] <bitbyte> Hey guys any one here who can help out with a VPN problem ?
[18:50] <jkitchen> ?ask
[18:50] <jkitchen> ??ask
[18:51] <jkitchen> don't ask to ask, just ask. if someone can help and is willing, they might just do that
[18:53] <anepanaliptos> yes. but i dont know what your problem is.
[18:56] <bitbyte> sorry got called away from the machine as i typed enter
[18:56] <bitbyte> I'm having some problems understanding generating the certificates
[18:56] <jkitchen> bitbyte: what sort of vpn are you creating, openvpn?
[18:56] <bitbyte> I am following the setup outlined here : http://serverfault.com/questions/212382/how-to-set-up-strongswan-or-openswan-for-pure-ipsec-with-iphone-client
[18:57] <bitbyte> but the openssl command I am having trouble finding any details for. Any ideas on some documents to read up more on it
[18:57] <jkitchen> there's always 'man openssl'
[18:57] <bitbyte> I am setting up StrongSwan on ubuntu server, I think I have the config right. But when i generate the certs they don't seem to work right
[18:58] <jkitchen> but basically that guy is setting up a CA and such
[18:58] <jkitchen> for my vpn (openvpn) I use the easy-rsa stuff that ships with openvpn
[18:58] <jkitchen> to manage my ca
[18:59] <bitbyte> If I'm just setting up a home VPN would i need to setup the Certificate Authority ?
[18:59] <jkitchen> yes
[18:59] <bitbyte> I was looking on ss64 for the openssl command but had no luck
[18:59] <jkitchen> if you follow those directions on the page exactly, it should work fine
[18:59] <jkitchen> what step did you have trouble with?
[19:00] <bitbyte> Ok I will give it another shot, The issues began when i copied the certs over to my osx test laptop and it did not recognize the certs even when fully important to keychain
[19:01] <bitbyte> The setup I have at the moment is : http://pastebin.com/g2yhYYC0
[19:02] <bitbyte> If I understand this correct the leftsubnet 10.10.10.x/24 will be the network the VPN clients are on and 0.0.0.0/24 will accept any inbound IP's
[19:02] <jkitchen> I can't speak to that part, sorry
[19:02] <bitbyte> and having the interfaces=%default route it should pass it through to the em1 ethernet interface and connect it to my internal 10.10.5.x/24 network
[19:04] <bitbyte> There was one other item i was wondering about which was that when i run the openssl to generate the certs it asks for a password, Can this be taken off ?
[19:05] <bitbyte> Because if I understand it correctly, it will require the password to be entered every time its requested to be used.
[19:16] <anepanaliptos> yes you can leave it blank and push enter
[19:17] <bitbyte> When i pushed enter it seems to exit the creation of the cert
[20:29] <blueking> hello
[20:31] <blueking> I have a question about reboot/init 6      I have an issue with it    tried google for it but found no answer to it, maybe someone here knows  ?   the issue about reboot/init 6 is that it shuts down computer and doesn't restart    are there ways to force  pc/linux restart ? I am running ubuntu server 13.10
[20:56] <zkvvoob> Hi guys, I'm trying to find out why my Ubuntu 12.04 server with Postfix/Dovecot suddenly stopped receiving emails. Sending works fine. Could someone give me a hand?
[21:01] <zkvvoob> Please?
[21:12] <zkvvoob> Anyone?
[21:23] <blueking> I have a question about reboot/init 6      I have an issue with it    tried google for it but found no answer to it, maybe someone here knows  ?   the issue about reboot/init 6 is that it shuts down computer and doesn't restart    are there ways to force  pc/linux restart ? I am running ubuntu server 13.10
[21:53] <sander^home> How do I decrypt a pgp message?
[21:54] <jkitchen> you need the private key
[21:54] <jkitchen> then you just gpg --decrypt
[22:03] <sander^home> jkitchen, do you have a compleate example?
[22:04] <jkitchen> sander^home: huh?
[22:04] <jkitchen> gpg --decrypt filename
[22:05] <sander^home> jkitchen, ah, ok. And what argument do I spesify the private key, and where do I spesify the message?
[22:05] <jkitchen> sander^home: you need the private key in your keyring
[22:05] <jkitchen> and you can either pipe the message in or specify a filename
[22:06] <jkitchen> gpg will figure out which private key to use to decrypt the file if you have multiple private keys in your keyring
[22:07] <sander^home> jkitchen, how do I import the private key into my keyring?
[22:09] <jkitchen> sander^home: gpg --import keyfilename
[22:09] <jkitchen> or you can pipe the key into --import
[22:16] <sander^home> jkitchen, seems like I got an public key..and a message
[22:17] <jkitchen> sander^home: if you don't have the private key you can't decrypt the message
[22:17] <jkitchen> that's kinda the point
[22:24] <sander^home> jkitchen, ok. Thanks alot:)
[22:27] <zkvvoob> Hi guys, I'm trying to find out why my Ubuntu 12.04 server with Postfix/Dovecot suddenly stopped receiving emails. Sending works fine. Could someone give me a hand?
[22:30] <blueking> noone had problem with shutdown -r, reboot, init 6  ?
[22:30] <jkitchen> zkvvoob: what's in your maillog?
[22:30] <jkitchen> also, what's the domain?
[22:31] <zkvvoob> jkitchen: http://paste.ubuntu.com/6501474/
[22:33] <jkitchen> Dec  1 00:20:02 server sm-mta[7723]: NOQUEUE: SYSERR(root): hash map "access": missing map file /etc/mail/access.db: No such file or directory
[22:33] <jkitchen> that's not postfix, for one
[22:34] <jkitchen> sm-mta I'm gonna guess is sendmail
[22:34] <zkvvoob> jkitchen: but I removed that
[22:34] <zkvvoob> sendmail
[22:34] <jkitchen> clearly not
[22:34] <zkvvoob> what do I do then?
[22:34] <jkitchen> remove sendmail, install postfix
[22:35] <zkvvoob> like I said, already did that: apt-get remove sendmail, apt-get autoremove
[22:35] <jkitchen> how did sendmail get on there to begin with?
[22:35] <zkvvoob> I was trying to figure out why the PHP Mail function was not working and tried setting up sendmail; when nothing changed, I removed it
[22:35] <zkvvoob> and reinstalled Postfix
[22:35] <jkitchen> ah
[22:35] <jkitchen> that'll do it.
[22:36] <zkvvoob> but maybe I messed something with the config files
[22:36] <jkitchen> postfix ships its own /usr/sbin/sendmail, so you don't need to actually have sendmail installed
[22:36] <jkitchen> dpkg -l | grep sendmail
[22:37] <zkvvoob> jkitchen: http://paste.ubuntu.com/6501494/
[22:38] <jkitchen> ok, what about postfix
[22:38] <jkitchen> also, perhaps sendmail is still running, check your process list
[22:38] <jkitchen> or try telnet localhost 25
[22:38] <zkvvoob> jkitchen: http://paste.ubuntu.com/6501495/
[22:38] <jkitchen> ok, postfix isn't installed either
[22:39] <zkvvoob> so, apt-get install postfix again?
[22:39] <jkitchen> so between that and the fact that you removed postfix and installed sendmail, that would cause mail to stop working, yes.
[22:39] <jkitchen> yea, install postfix
[22:39] <zkvvoob> aye, aye
[22:39] <jkitchen> but first check the process list
[22:39] <zkvvoob> how?
[22:39] <jkitchen> sendmail may still be running
[22:39] <jkitchen> ps aux | grep sendmail
[22:39] <jkitchen> maybe
[22:40] <jkitchen> I don't (won't) use sendmail, so I'm not sure what all processes it uses
[22:40] <zkvvoob> root      4303  0.0  0.0  13548  2208 ?        Ss   Nov30   0:00 sendmail: MTA: accepting connections root      8372  0.0  0.0   4392   808 pts/0    S+   00:40   0:00 grep --color=auto sendmail
[22:40] <jkitchen> yea, it's still running. kill it.
[22:40] <zkvvoob> again, how? :(
[22:40] <jkitchen> kill 4303
[22:41] <jkitchen> 4303 is the pid of the sendmail process there
[22:41] <zkvvoob> right, got it
[22:41] <zkvvoob> done
[22:41] <jkitchen> (second column)
[22:41] <zkvvoob> now install postfix?
[22:41] <jkitchen> yup
[22:41] <jkitchen> and hopefully you didn't apt-get purge it before, it should still have your configu
[22:41] <zkvvoob> no, I didn't purge anything
[22:41] <zkvvoob> it's installed
[22:41] <zkvvoob> now what?
[22:41] <blueking> anyone knows what option -d means ? in -> "reboot -d -f -i"      looking at file /etc/rc6.d/S90reboot
[22:42] <blueking> man doesn't mention -d option
[22:43] <jkitchen> zkvvoob: in theory, postfix is up and running and your mail should be working again
[22:43] <zkvvoob> hm, ok, I'll tail the mail log and send a messge
[22:45] <zkvvoob> jkitchen: http://paste.ubuntu.com/6501525/
[22:45] <zkvvoob> and there's no trace of the message in my mailbox
[22:45] <jkitchen> Dec  1 00:45:01 server postfix/smtpd[9185]: error: unsupported dictionary type: mysql
[22:46] <jkitchen> you may need to install postfix-mysql
[22:46] <jkitchen> dunno if you were actually using that before or whatnot
[22:48] <zkvvoob> jkitchen: nothing - http://paste.ubuntu.com/6501545/
[22:49] <jkitchen> you need to restart postfix after installing the package
[22:49] <zkvvoob> did that
[22:49] <jkitchen> ok
[22:49] <jkitchen> mailq says?
[22:50] <zkvvoob> jkitchen: http://paste.ubuntu.com/6501552/
[22:52] <jkitchen> zkvvoob: those are bounce messages, you can look at what they say with postcat. postcat -q B6C8C601566
[22:52] <jkitchen> though unless your clock is quite off those are most likely not relevant to this matter
[22:52] <Xeronix> I'm having trouble installing Ubuntu Server 13.10 - my USB keyboard is not recognized by my computer once I get into the installation steps
[22:52] <Xeronix> I'm stuck at Select a Language
[22:52] <jkitchen> Xeronix: replug?
[22:52] <Xeronix> jkitchen: I have tried that
[22:52] <zkvvoob> jkitchen: no, it's not off, they are old; aparently I've not been receiving message for quite some time, not just today
[22:52] <jkitchen> just a thought :)
[22:53] <jkitchen> zkvvoob: I'd bet there's a strong correlation between when you uninstalled postfix and installed sendmail and when your mail stopped working
[22:53] <jkitchen> Xeronix: do you have any sort of legacy usb support enabled in your bios?
[22:53] <zkvvoob> jkitchen: the thing is I never actually uninstalled postfix
[22:53] <Xeronix> jkitchen: I do
[22:53] <zkvvoob> jkitchen: at least I don't remember
[22:54] <Xeronix> Under USB configuration
[22:54] <jkitchen> zkvvoob: postfix and sendmail are mutually exclusive
[22:54] <Xeronix> I have Legacy USB Support enabled
[22:54] <zkvvoob> jkitchen: I know that now, yes
[22:54] <jkitchen> Xeronix: you might disable that
[22:54] <zkvvoob> jkitchen: so what could I try now?
[22:54] <Xeronix> DISABLE it?
[22:54] <jkitchen> Xeronix: yes, linux has supported usb keyboards for over a decade
[22:54] <jkitchen> you don't need the bios to do that for you anymore
[22:55] <jkitchen> zkvvoob: how are you testing your mail?
[22:55] <Xeronix> jkitchen: Still no use, it's not working :(
[22:55] <jkitchen> Xeronix: you rebooted that quickly?
[22:55] <Xeronix> Yep
[22:55] <jkitchen> lies.
[22:55] <Xeronix> USB install
[22:55] <zkvvoob> jkitchen: sending a message from another account, tail -f /var/log/mail.log; checking webmail if anything's arrived
[22:55] <Xeronix> it's not a server, so it doesn't have a long POST cycle either
[22:55] <jkitchen> zkvvoob: what's the domain?
[22:55] <zkvvoob> jkitchen: I already sent you the output of telnet localhost 25
[22:56] <zkvvoob> jkitchen: saturn13.eu
[22:56] <zkvvoob> or mail.saturn13.eu - for the SMTP
[22:56] <Xeronix> jkitchen: Like literally, my keyboard loses power or something
[22:56] <Xeronix> hmm
[22:56] <jkitchen> Xeronix: weird. is it a fancy keyboard or just off the shelf thing
[22:56] <Xeronix> does Ubuntu have USB3 support built in?
[22:56] <Xeronix> jkitchen: Nope, I used it yesterday to install server on another machine
[22:57] <jkitchen> weird
[22:57] <jkitchen> in theory it shouldn't matter, because of usb hid
[22:57] <jkitchen> but yea.
[22:57] <jkitchen> HEH
[22:57] <jkitchen> zkvvoob: tail -f your log file
[22:58] <jkitchen> you should have just seen a message from me
[22:58] <jkitchen> 250 2.0.0 Ok: queued as 58C7D600040
[22:58] <Xeronix> jkitchen: shite, just disabled legacy usb and my keyboard no longer works for getting into the bios
[22:59] <zkvvoob> jkitchen: I think I did, here http://paste.ubuntu.com/6501595/
[22:59] <jkitchen> Xeronix: wat
[22:59] <jkitchen> :(
[22:59] <zkvvoob> jkitchen: but I don't see the actual message in my mailbox
[22:59] <Xeronix> going to CMOS reset
[23:01] <DRice7> hey guys - can anyone help me with my Xorg starting problem? Error found at bottom of: http://paste.ubuntu.com/6501600/
[23:02] <jkitchen> zkvvoob: bounce says unknown user bz
[23:03] <zkvvoob> jkitchen: that's insane, I'm logged in my webmail with that user
[23:03] <zkvvoob> jkitchen: here, I just logged out and then back in
[23:03] <jkitchen> zkvvoob: well, most webmail programs are just imap clients
[23:03] <jkitchen> so your imap server and postfix are disagreeing
[23:03] <zkvvoob> jkitchen: right, so what should I do then?
[23:04] <jkitchen> are you doing some virtual users setup or something with postfix?
[23:04] <jkitchen> (I'm assuming so since you have mysql involved)
[23:04] <zkvvoob> jkitchen: maybe, I'm using ISPCOnfig, maybe it got confused with the postfix situation - should I remove the account and add it again?
[23:04] <jkitchen> no
[23:04] <jkitchen> postfix is probably just not looking at it
[23:05] <jkitchen> I don't know what ISPConfig is though, is that some sort of third party panel thing?
[23:05] <jkitchen> like cpanel or plesk or such
[23:05] <zkvvoob> yes, like cPanel
[23:05] <jkitchen> if so, you should probably contact their support
[23:05] <jkitchen> oh, it's open source.
[23:05] <jkitchen> hrm
[23:05] <zkvvoob> so?
[23:05] <jkitchen> well, maybe ask their irc channel then? :)
[23:06] <blueking> hmm
[23:06] <zkvvoob> :D
[23:06] <zkvvoob> Well, thank you very much for your help jkitchen !
[23:06] <jkitchen> I have never used ispconfig so I have no idea how it's configured
[23:06] <jkitchen> no problem, good luck
[23:06] <blueking> *sighs*
[23:07] <blueking> debian  and ubuntu are built on same kernel ?
[23:08] <jkitchen> blueking: all linux distros are by definition built off of the linux kernel
[23:10] <blueking> jkitchen:  just wonder why I have reboot problem on debian and ubuntu  but not in opensuse
[23:11] <jkitchen> the 'reboot' command isn't part of the kernel
[23:11] <jkitchen> what problem are you having?
[23:11] <DRice7> blueking, it has to do with the acpi drivers
[23:11] <DRice7> apt-get install pastebinit
[23:11] <DRice7> dmesg | pastebinit
[23:11] <DRice7> check the ACPI messages
[23:11] <blueking> jkitchen:  reboot, shutdown -r, init 6    all shuts down pc
[23:12] <jkitchen> ahh, yes. that's probably ACPI thing.
[23:12]  * jkitchen hands the baton to DRice7 
[23:12] <blueking> ok
[23:20] <blueking> DRice7:  what am I looking for ?
[23:23] <blueking> DRice7:   have some acpi warning at line 858 - 864
[23:28] <blueking> jkitchen:   what should I look for about acpi in dmesg ?
[23:43] <blueking> hmm'
[23:49] <blueking> edited grub  put in acpi=off   no change to reboot