[00:22] <zombu2> evening
[00:58] <pmatulis> evening
[03:56] <zombu2> netsplit galore
=== TDJACR is now known as PennAppsBot
=== PennAppsBot is now known as TDJACR
=== justizin_ is now known as justizin
=== ben14_ is now known as ben14
[07:07] <InFierno> Hi anyoen can give me a hand with what format i use to setup IPAlias in Ubuntu
[07:08] <InFierno> (server 12.04LTS)
=== hilarie_ is now known as hilarie
=== hilarie_ is now known as hilarie
[07:32] <lordievader> Good morning.
=== hilarie_ is now known as hilarie
=== Lcawte|Away is now known as Lcawte
=== bekks_ is now known as bekks
=== dw3 is now known as dw1
=== Ursinha is now known as Ursinha-afk
[11:20] <Pupeno_> How long should ntpd to update the clock?
[11:41] <joe_dm> hi all
[11:41] <joe_dm> Whats the best way to make a user with no permissions for use as an SSH tunnel only
[13:16] <andol> joe_dm: command="/bin/echo Thou shall not pass!",no-pty,no-X11-forwarding,no-agent-forwarding,permitopen="forward_to_ip:foward_to_port" ssh-rsa ...
[13:18] <joe_dm> andol: Thanks, I ended up giving it rbash
[13:19] <joe_dm> and added this to bashrc
[13:19] <joe_dm> [ -t 0 ] && read -p "Press [Enter] to exit..." && exit
[13:19] <joe_dm> and trap the escape ctrl
[13:21] <andol> joe_dm: But will .bashrc help you in case someone just does a "ssh servername command" then?
[13:21] <joe_dm> andol: no, where do I put your stuff into?
[13:22] <andol> That is authorized_keys entries
[13:22] <andol> Putting it infront of the key you are using
[13:23] <andol> joe_dm: Full example at http://paste.ubuntu.com/7558712/
[13:25] <joe_dm> andol: where is the authorized_keys stored, is it a per user thing in the home directory?
[13:26] <maxb> By default, though this can be configured otherwise
[13:26] <andol> The default is ~/.ssh/authorized_keys
[13:27] <joe_dm> isn't ~ just shortcut for home?
[13:27] <andol> Yepp
[13:27] <andol> The config option is AuthorizedKeysFile
[13:27] <joe_dm> user is ssh-tunnel and i cant find /home/ssh-tunnel/.ssh
[13:28] <andol> You need to create it yourself if you want it.
[13:28] <joe_dm> do i need to generate a key too then?
[13:30] <maxb> Oh, were you trying to set it up using password authentication?
[13:31] <joe_dm> yeah
[13:31] <fridaynext> I have a media server with a Celeron G1610 and no video card - would it be pointless to mine bitcoin with it?
[13:31] <jrwren> yes, very pointless
[13:31] <joe_dm> very very pointless
[13:32] <joe_dm> you might get one in a few hundered years
[13:32] <fridaynext> Gotcha. Definitely will avoid it.
[13:32] <joe_dm> even with a GPU the ASICs have made them almost pointless
[13:32] <fridaynext> I want to start using BTC for some transactions, and I figured since I have the media server, why not use it for something else - but I'll leave that 'something else' for non-futile efforts.
[13:33] <fridaynext> And the ASICs are incredibly expensive.
[13:33] <joe_dm> I'll leave you to decide that
[13:34] <fridaynext> well the one's i've looked at are.
[13:34] <shauno> unless someone else is paying your electricity bill, it doesn't work out anymore.  it's cheaper to buy the btc than to cpu/gpu mine them.
[13:35] <joe_dm> thats one opinion. I know people who would disagree
[13:35] <fridaynext> Is there anything useful a G1610 running ubuntu server 12.04 can be doing all day, since I leave it on anyway?
[13:35] <fridaynext> like should I do folding@home?
[13:35] <joe_dm> anything you make it do will make it use more electricity, keep that in mind
[13:36] <fridaynext> Yeah I guess I should just aim to get rid of it completely, and switch to a basic NAS setup, for even lower electricity usage.
[13:40] <joe_dm> andol: would rbash be enough to secure me from people running commands with ssh?
[13:56] <andol> joe_dm: I have never looked into rbash myself.
[13:56] <joe_dm> what about using sudoers to strip all commands?
[13:57] <joe_dm> or alias all commands to echo "access denied"
[14:44] <Gallomimia> i'm looking for a bit of help getting a grub script and initrd customized to boot my rather member:strange looking raid setup. the problem i'm having is that i'm booted from ubuntu 14.04 liveCD and can't get the system to boot. how do i make a grub script for the non-live filesystem?
[15:12] <bekks> Gallomimia: Which RAID level do you try to boot?
[15:17] <Gallomimia> the raid is a level 5, but boot is on a partition that is not raided. a small slice of the first drive in the raid. if i can swing it i'd like to raid1 that partition to all 3 drives
[15:17] <bekks> So the short answer is "no raid".
[15:18] <bekks> And whats the exact issue you have?
[15:23] <Gallomimia> bekks: i have no bootloader for that install. i need to config grub properly, and get an initrd that will mount assemble the raid, ask for the crypto passphrase, and get lvm going since the rootfs is on that. i actually don't know where to start, and my system is as yet only running in liveCD
[15:24] <bekks> Then why dont you install grub?
[15:24] <Gallomimia> did that... it works. boots up to grub. doesn't go any further
[15:24] <Gallomimia> blank screen. tried nomodeset
[15:26] <dasjoe> Remove "quiet splash" so it can show any errors
[15:26] <Gallomimia> ah, a good place to start
[15:34] <Gallomimia> i can't find any option of quiet splash in the grub config...
[15:55] <dasjoe> Gallomimia: just edit the kernel command line in grub's boot menu, that should be enough for testing. But what you're looking for is in /etc/default/grub, "GRUB_CMDLINE_LINUX_DEFAULT"
[16:13] <Gallomimia> dasjoe: why would the files in /etc/default/grub on my liveCD affect my config for main boot? don't i need to run update-grub or something? wouldn't that update the grub config for the liveCD instead?
[16:15] <dasjoe> Gallomimia: I didn't mean your Live CD environment, sorry for being unclear. I assumed you chrooted into your installation and were looking for some of grub's configuration
[16:15] <Gallomimia> hmmmmm
[16:15] <Gallomimia> chroot into my installation. that sounds like a good thing to do
[16:16] <Gallomimia> maybe i should try that after i reboot and edit the grub menu to try no quiet splash
[16:17] <Gallomimia> if i chroot into my installation, i can run things like mkinitramfs and grub-mkconfig and update-grub?
[16:17] <dasjoe> Sure
[16:17] <Gallomimia> can i also run apt-get install and get packages installed on that installation?
[16:18] <Gallomimia> it's like a light brighter than a welding arc has come on and overpowered my half dozen candles with focusing mirrors
[16:28] <joe_dm> how does chroot work for a single user?
[16:28] <joe_dm> can you chroot just one user so whenever that user logs in they are in like a jail?
[16:29] <joe_dm> or does chroot apply to everyone?
[16:35] <Patrickdk> neither
[16:36] <Patrickdk> you can do whatever you want with chroot, the issue with chroot is, everything must be inside it, all programs, libraries, and crap that user needs
[16:37] <joe_dm> not for me as I just want the user to be able to open a bash to hold ssh tunnels open via putty
[16:37] <joe_dm> How do you run chroot for a single user?
[16:37] <Patrickdk> hmm, heh?
[16:37] <Patrickdk> you can't run bash in a chroot
[16:38] <Patrickdk> without first installing every single thing bash depends on inside that chroot first
[16:38] <joe_dm> ?
[16:38] <joe_dm> lol
[16:38] <Patrickdk> chroot cuts that *program* off from the rest of the disk
[16:38] <Patrickdk> so everything anything you do in the chroot, needs everything to exists in there
[16:39] <joe_dm> surely there is a standard way to do it or a program that automates it?
[16:39] <joe_dm> seems like jails would be in demand
[16:39] <Patrickdk> jails are the same as a chroot
[16:39] <joe_dm> if not chroot is there a good way to make a jail or sandbox
[16:39] <Patrickdk> except it also limits program/network/... stacks
[16:40] <Patrickdk> doing any kind of jail/sandbox will have the same limits
[16:40] <Patrickdk> do you really expect the jail/sandbox/chroot to go OUTSIDE, to grab things?
[16:40] <Patrickdk> that would be a huge security issue
[16:40] <Patrickdk> why you basically need to copy /lib /usr into your chroot
[16:40] <joe_dm> no, I expect it to never get outside.
[16:41] <joe_dm> I'll do the googles in the morning. almost 3am here.
[16:41] <joe_dm> I get what you mean though :)
[16:45] <[lutchy]> There is Restricted BASH ?
[16:46] <[lutchy]> If it's just for SSH Tunnel, how about /bin/nologin ?
[17:06] <bobby_> Hi, I have a question regarding screen savers / powerdown on ubuntu server. I am running several ubuntu servers on laptops. My problems is that after a while the screen goes blank, as in white. How can i turn this feature off ?
=== Ursinha-afk is now known as Ursinha
[17:15] <bobby_> tried setterm -blank 0
[17:15] <bobby_> hope it will work, but i doubt it
=== justizin_ is now known as justizin
[17:20] <Tohsh> Booting issue with clean install of headless 14.04 server. Will only boot with ‘nomodeset’ flag on kernel line of boot loader. Verified UUID matches fstab and blkid. Freezes during adding swap. Never had this issue on previous releases. Can anyone advise?
=== Ursinha is now known as Ursinha-afk
[18:50] <subman> I'm trying to upgrade my 12.04 LTS server to 14.04 LTS via 'sudo do-release-upgrade', but that returns 'No new release found'.  If I do a 'sudo do-release-upgrade -d', don't that take me to the next development release, 12.10?
[19:03] <bekks> subman: 12.04 to 14.04 will be available when 14.04.1 is released.
[19:03] <subman> bekks, thanks!
[19:04] <bekks> subman: the "next" development release is 14.10
[19:09] <subman> bekks, right, but from my 12.04 LTS, the 'next' development release seen would be 12.10, no?
[19:11] <andol> subman: I tried doing do-release-upgrade -d on a 12.04 server, and it wanted to give me 14.04. Might have helped that I had /etc/update-manager/release-upgrades set to include "Prompt=lts".
[19:14] <subman> andol, Mine is also set to Prompt=lts
[19:16] <subman> andol, Oh, I see what you are saying now.  With the '-d' option you get 12.04>14.04
[19:21] <andol> subman: Yepp
[19:21] <subman> andol, doing it right now, thanks.
[19:23] <andol> np
[19:54] <bekks> subman: No. The next development release is 14.10
[19:55] <bekks> subman: 14.04 is the development release until 14.04.1 is released.
[19:55] <subman> bekks, Ah, got it.
[19:56] <subman> This is not a production server anyway, no worries at all here with experimentation.  Gotta learn somehow!
=== InFierno is now known as elfuego
[20:28] <elliotd123> Is there a way to tell what caused my server (12.04) to shut down? I looked through auth.log and kern.log and can't find anything suspicious.
[20:29] <elliotd123> It just looks like it shut down gracefully for no apparent reason in the middle of the night last night
[20:31] <pmatulis> elliotd123: there should be something in the logs.  maybe you had a power problem
[20:31] <elliotd123> no it's a VM in ESXi, and there's other VMs on the same server that didn't crash
[20:31] <elliotd123> is there a way to tell what user might have sent an "init 0" signal or the like?
[20:33] <pmatulis> elliotd123: look for suspicious sudo commands in auth.log .  is there a root password set?
[20:35] <elliotd123> no there's no root password set, and auth.log shows normal stuff right up until it got powered off - doesn't look like anyone logged in or anything right before hand
[20:42] <elliotd123> no sudo commands
[20:44] <hxm> does "PAM service(sshd) ignoring max retries" means someone is brute forcing ssh?
[20:45] <hxm> or is any kind of script or application trying to login ssh too fast or too many times
[20:46] <elliotd123> hxm: that could be - but I'm not sure why that would crash the server. Doesn't sshd by default start dropping connections when there's too many?
[20:47] <hxm> does not crash, im just in a ssh session and I see that message
[20:48] <elliotd123> oh sorry I thought you were responding ot my question haha
[21:26] <apb1963> ubuntu 12.04 ... can't get tomahawk to play sound.  It requires vlc backend which I installed... is there something else I need to do?
[23:43] <DonRichie> My vServer is horribly under capacity. Where can I find some folks who want to have something hosted to get rid of this ressource-wasting