/srv/irclogs.ubuntu.com/2014/06/10/#ubuntu-server.txt

=== GeekBlogTV_ is now known as James_Away
z1hazehello! could someone answer a few questions for me, and possibly help me out? Im a server owner, but I have little experience doing so; I had help setting up the server as it is, and everythin works great, except for the fact theres no actual ftp server installed on it. The server is setup with password authentication disabled and uses ssh keys, but now I am going to be required to install an ftp server on it, due to a control00:27
z1hazepanel for a gameserver that includes ftp.. what would be the easiest way to do this?00:27
z1hazebasically, if the password authenticaion is disabled, is that serverwide or is is that user specific? is it possible to have ftp logins without password authentication? I know it works with keys because i use filezilla that way, but the game-server control panel have ftp as part of the interface, and thres no where to setup ssh keys00:29
histoz1haze: it sounds like password authentication is disabled for ssh... That is not system wide e.g. if you installed an ftp server you could login via ftp using a password00:42
z1haze oh ok great!00:43
z1hazethats awesome, so i just install vsftp like normal, do i have to create separate usernames or do i login with my ssh usernames?00:44
sarnoldz1haze: oh man; ftp is a horrible protocol and all the servers are likewise horrible. are you sure you have to use ftp?00:54
sarnold(maybe that's unfair to the servers; the server authors did what they could, but the protocol is truly gross.)00:55
z1hazewell i want to use sftp but i dont think i can00:55
z1hazewhat do you suggest00:55
z1hazesarnold: here the the cpanel im installing http://www.multicraft.org/site/index00:55
=== Trey is now known as Guest36851
histoz1haze: why do you thihnk you need ftp?01:15
z1hazebecause it uses a built in ftp server01:16
histoz1haze: so you don't have to setup ftp if it's builtin01:16
z1hazeto be able to add/remove plugins01:16
z1hazeyea i realized that after the fact01:16
z1hazeim just new and dont feel comfortable jumping into things i liek to get an experienced opinion beforehand01:16
histoz1haze: you may want to test how secure their stuff is before your box gets owned01:16
z1hazetrue, its the largest cpanel for minecraft though, all of the major hosting companies use them01:17
sarnoldrestricting access to just your ips might be a worthwhile thing to do; most web-based control panels are horrid.01:18
histoz1haze: a lot of people use windows also01:18
histodoesn't make it safe01:18
z1hazei absolutely get where you're coming from01:18
z1hazebut i wouldnt know the first step to do about seeing if its secure, as far as testing01:18
z1hazei just use it to host game-servers really01:19
histoz1haze: make sure you consult the documentation the stuff like delete teh install.php as soon as everything is working is very important01:19
z1hazeoh yea im following their docs exactly01:19
z1hazethe setup.sh is very detailed01:19
SachiruQuery: Anyone every know of software that watches your DNS service on the server and logs which IPs ask for certain addresses?01:28
SachiruI'd like to track who's browsing por... tals for accounting experts on our network (and yes I know this is not a 100% foolproof system, what I'm asking for is basic logging/monitoring for beancounters, not something to track a person who is dedicated to having himself not tracked.01:29
sarnoldSachiru: first I'd check your dns server for logging levels, you may be able to turn up logs and get the info you want from there; you could probably also write a filter for tcpdump, or get close, and do the rest with grep. if you've got a host in the middle, ntop or iftop or similar may be able to get you there01:34
z1hazesarnold: i ran into an error after installing: its on the web panel  end now.. the install.php gave me a CException for application runtime path not valid make sure the directory is writable by the web-server process01:38
z1hazei have the entire folder owned by username:www-admin01:38
z1hazeis that not right?01:39
sarnoldz1haze: not www-data?01:39
z1hazeno, i checked the previous sites that were already there, they're all owned by my username:www-admin01:39
z1hazeshould that be switched to all www-data ?01:40
z1hazei didnt setup the initial web-servers so how would i find out what they SHOULD  be owned by01:40
sarnoldz1haze: probably your webserver is running as the 'www-data' user, and probably there's no supplmentary groups..01:40
z1hazecan i check that somehow?01:40
sarnoldz1haze: ps auxw | grep apache  or ps auxw | grep nginx -- depending..01:40
z1hazethe whole thing indcluding depending.. ?01:40
z1hazeoh duh i get it01:41
z1hazeshould i pastebin results?01:41
sarnoldz1haze: just look for the user column in the output01:42
z1hazehttp://pastebin.com/J2Wz7R2601:42
sarnold(you can pastebin it if you want...)01:42
sarnoldyeah, www-data01:42
z1hazewhere do you even see that though?01:42
z1hazeso would it be ok if i did like chown www-data:www-admin since my username is part of the www-admin group i will still be able to edit stuff01:43
z1hazeyay i did it! thanks so much sarnold, on to the next step!01:45
sarnoldz1haze: the first column of output is the userids of the process; root and www-data -- the root-owned apache process doesn't handle web traffic, it opens the port and then keeps track of the other children...01:45
sarnoldz1haze: so the www-data owned processes actually handle requests.01:46
z1hazei get it now01:46
sarnold(I truly hate the web server user account actually owning files, but that's a rant for another day.)01:46
z1hazealthough i did have afailure on the next step: failed the system security check: he first column of output is the userids of the process; root and www-data -- the root-owned apache process doesn't handle web traffic, it opens the port and t01:47
z1hazewhat does that even men01:47
sarnoldz1haze: from your ps auxw output :)  http://pastebin.com/J2Wz7R2601:48
z1hazeyou've lost me01:49
z1hazeshould i just remove the www-data from the .htaccess file?01:50
sarnoldnah feel free to ignore me :) hehe01:50
z1hazeim sorry im not trying to be rude and ignore u i dont didnt understand01:51
z1hazethe suggested solution is the change the AllowOverride None to AllowOverride All for the sites-enabled01:52
z1hazeis that a good fix/01:52
sarnoldz1haze: oh, I know you're not being rude :) just my explanation might not have actually made anything more clear for you, but that's okay -- eventually it'll make perfect sense, but there's no big problem if I don't make sense today :)01:53
z1hazeso how to i fix this error im getting?01:53
sarnoldz1haze: it's probably better if you can find out which specific directives you need to all .htaccess files to override, but if this webserver only does your game, it's probably fine.01:53
z1hazeyea well, it hosts game-servers and web-server01:54
z1hazeI think i see in the sites-enabled where to edit the AllowOverride None to All.. is that ok for me to do?01:55
sarnoldprobably fine01:55
z1hazei dont know what that does01:55
z1hazecould you kinda tell me what its actually doing?01:55
sarnoldit lets the .htaccess file override apache settings for specific directories01:55
sarnoldsee the whole help at http://httpd.apache.org/docs/current/mod/core.html#allowoverride01:56
sarnoldapache's help can be .. pretty dense. but it is very thorough.01:56
z1hazethe only apache i have experience with is the one i flew for 6 years :\01:57
sarnoldtalk about complicated :D01:57
z1hazeeasy peasy01:58
sarnoldnope -- my head turns inside out trying to grok the collective :D01:58
z1hazeoh u fly?01:58
sarnoldnope :)01:58
sarnoldbut man I loved helicoptors as a kid...01:58
z1hazeyea me too, was my dream, i actually enlisted as a crewchief for the apache, then dropped a packed to become a pilot 1 year or so after iwas in01:59
sarnoldnice :D02:00
z1hazesarnold: do you know stuff about database too?02:05
z1hazeanother small hiccup ive run into: Error querying user table: CDbCommand failed to execute the SQL statement: SQLSTATE[42S02]: Base table or view not found: 1146 Table 'multicraft_panel.server_config' doesn't exist. The SQL statement executed was: select count(*) from `server_config`02:05
z1hazeduring the setup02:05
z1hazethe database seems to not be initialized how do i initialize it?02:05
sarnoldz1haze: hopefully the install guide included some mention of a tool to run to populate the tables02:06
z1hazeur a smart man: it did i just didnt go far enough02:06
sarnoldhehe, I just figured no one would use it if they had to populate the tables by hand :)02:07
z1hazemakes sense, how long have you been in this game?02:07
sarnoldI've been using linux since 199402:08
z1hazetheres a tick asking me if i want to enable the multicraft api? what reason would i do this?02:08
sarnoldprobably if you use some clients like a phone app to manage the server..02:09
sarnold(that's a wild guess)02:09
z1hazewould that be like custom stuff?02:10
z1hazeoh btw, it says the integrated ftb is net2ftp02:10
sarnoldprobably the android app store has a dozen of them or something? :) heh02:11
z1hazeHow can i check if MySQL PDO support is enabled on my server?03:39
sarnoldz1haze: check '"pkg -l 'php5-mysql*'" output03:44
z1hazesarnold: im in big trouble i cant seem to figure this out03:45
sarnoldz1haze: iirc both php5-mysql and php5-mysqlnd work...03:45
z1hazeim getting db conn error03:45
z1hazewhen trying to use the plugin search thing03:45
z1hazesarnold: Error 50003:45
z1hazeCDbConnection failed to open the DB connection.03:45
z1hazewhat do i actually type form that command?03:46
z1hazei typed '"pkg -l 'php5-mysql*'" and its just frozen now03:47
sarnoldz1haze: leave off the " quotes03:48
z1hazebut you have the first " inside the ' and the second one outside03:49
z1hazeis it this? 'pkg -l 'php5-mysql*'03:49
sarnoldthe ' quotes around 'php5-mysql*' keeps bash from expanding the php5-mysql* glob into matching files, if you have any files in your current working directory named php5-mysql(something)03:50
z1hazeso is it like this then 'pkg -l 'php5-mysql*'03:51
z1hazebecause nothing happens when i do that03:51
z1hazeis just freezes03:51
z1hazei also tried pkg -l 'php5-mysql*' and it says no cmd pkd found03:52
z1hazepkg*03:52
[lutchy]hmmm03:52
[lutchy]What PHP program are you using that give you DB Conn error03:53
sarnolddpkg03:53
[lutchy]hmmm03:53
z1hazeok that worked03:53
z1hazehttp://pastebin.com/n6Z6DV9A03:54
z1hazeim using multicraft its a hosting control panel for minecraft servers03:54
z1hazeand it gives the error when trying to acces bukget which is the plugin installer03:54
[lutchy]I am confused, when did dpkg have DB conn error ? I have to say I am new at that03:55
z1hazeim trying to get to use the plugin installer and it tells me this Error 500 CDbConnection failed to open the DB connection03:55
z1hazethen the troubleshooting page says Your PHP installation needs MySQL PDO support, please check that this core extension is enabled03:56
[lutchy]So I assume you are you suing Ubuntu Server version ?03:56
[lutchy]s/suing/using/03:56
z1haze12.04 lts03:56
z1hazelol wow, nice one that correction03:57
[lutchy]The way I've seen PHP PDO is packages03:57
z1hazehow to i enable the pdo support?03:57
[lutchy]At least for openSUSE, 'sqlite PDO' is installed by default03:57
z1hazeim using mysql03:57
[lutchy]With 'mysql', you simply install php5-mysql (which should include the MySQL extensions and the PDO version as well)03:58
=== drupal212312 is now known as killdee
z1hazedo i ened to like install sudo apt-get install php5-sqlite?03:58
z1hazeok well03:58
[lutchy]No,03:58
z1hazei guess i need to enable the extension then?03:58
[lutchy]NO, I think the error might have been misleading03:59
z1hazeThe BukGet browser uses a temporary SQLite database to cache the plugin list. Make sure your PHP installation supports the PDO SQLite extension, it is required for this feature03:59
sarnoldhah, it requires both mysql and sqlite to function? o_O04:01
[lutchy]Again, depends how Ubuntu packages things... I would think that 'sqlite pdo' was included on default04:01
z1hazewell what else would make that happen04:01
z1hazei just need to enable that extension i think i just dont know how04:01
[lutchy]It could have been, some applications, where you can choose a DB backend04:02
z1hazeyea i choose mysql because thats what i have04:02
[lutchy]So, have SQLITE and MYSQL requirement is not unheard of04:03
z1hazeis the php.ini file i need to look at in the /etc/php5/cli?04:03
sarnold[lutchy]: not much is installed by default; everything is just a quick apt-get install away :)04:03
z1hazeguys :( how can i get this going?04:04
[lutchy]Right04:04
[lutchy]So, I think the error is misleading04:04
[lutchy]You can run 'phpinfo()'04:04
sarnoldz1haze: try apt-get install php5-sqlite04:04
[lutchy]be that with that and know for sure what php is loaded with04:05
z1hazeok ive done that sarnold04:05
[lutchy]Just create a simple php script in your document directory of your sever, make sure to start with a start tag04:05
sarnoldz1haze: okay, restart apache and try again :) if it doesn't Just Work, try [lutchy]'s phpinfo() suggestion04:05
[lutchy]With phpinfo()04:06
[lutchy]It's easier to read what's enable in PHP04:06
[lutchy]Than php -r 'phpinfo()'04:06
z1hazeok im not familiar with that what [lutchy] said, and unfortunately it did not fix it04:06
[lutchy]Alright... I walk you through it... though... I am not sure what application you are using but to do that04:07
z1hazeapplication for what04:07
z1hazei am just using putty04:08
[lutchy]You don't get the basics of a 'application'04:08
sarnold[lutchy]: he's installing http://www.multicraft.org/site/index04:08
[lutchy]Let me look at it04:08
[lutchy]If I find it fun, I might create a VM and test around04:09
z1hazehow do i simple enable that extension that its telling me04:09
[lutchy]If you don't know what you doing, that lease to more questions04:10
[lutchy]Personally, I don't think enabling that extension, is going to solve that problem as simply you thin it is...04:11
z1hazethats what the help says though04:11
[lutchy]Because software is clear what went wrong04:11
z1hazehttp://pastebin.com/3tDuYSkS04:11
z1hazehttp://www.multicraft.org/site/docs?view=troubleshooting#2004:11
z1hazethis is exactly my problem04:11
z1hazethey have atroubleshooting link just for it04:11
z1hazei dont get it04:13
[lutchy]What part you don't get04:14
[lutchy]I am sure people will help with that04:14
z1hazethe fact that its saying in that link i just posted to enable some pdo04:14
z1hazehow do i just enable what i need man? Im tired i really need to get this up and i hve to work in the morning04:16
[lutchy]You should figure that out yourself... it's very simple if you do enough research how PHP works04:18
z1hazeive been trying for hours now ok04:18
z1hazei really could just use a hand on it04:18
[lutchy]With PHP04:18
z1hazeif you know, please just lend a hand04:18
[lutchy]You have modules that enables a feature04:18
[lutchy]DBConn error doesn't sound like you missing a feature04:19
[lutchy]It's more like the program failed to connect to a DB04:19
z1hazedid you look at that page i just linked http://www.multicraft.org/site/docs?view=troubleshooting#2004:19
z1haze"The BukGet browser shows an error with the database connection"04:20
[lutchy]When you have database connection error, it's like the software can't connect to the DB04:21
z1hazeok?04:21
[lutchy]There are so many reasons why it may fail..04:21
sarnoldsadly that page is nearly useless -- there's lots of reasons why it mail fail, and that shows none of them.04:21
z1hazeso what do i do04:22
[lutchy]1) The Database is not running on the port that the software is trying to connect to04:22
z1hazeis there a place i can check what port my database is on04:22
[lutchy]no...04:23
z1hazegod. it seems your witholding when you respond04:23
[lutchy]sarnold, the directions are horrible ?04:23
z1hazeits like u know the answer but u wont say it, just stringing me on, its been hours i really need this fixed and i hope you can help04:23
z1hazeif you cannot help i will be on my way, just pleast let me know one way or another04:24
[lutchy]NO.. I don't know why you would think that in the first place04:24
[lutchy]I don't own a minecraft sever and I don't know why you think people would have an answer to that04:24
z1hazei didnt say you did, but as for reasons it wont connect to the database, thats pretty standard right04:25
sarnold[lutchy]: yeah, poor -- they could have had specific error messages with specific mediations. they gave a blanket solution for a vague problem04:26
z1hazewhat should i even do then04:28
[lutchy]That's what I thought, the error was misleading04:28
sarnoldz1haze: check error logs from mysql? php? apache? dunno. i've managed to avoid dealing with php for as long as I could :)04:28
[lutchy]<< likes php04:28
z1haze[Mon Jun 09 22:09:33 2014] [error] [client 192.99.20.118] client denied by server configuration: /home/www/multicraft.terminus-mc.com/www/protected/data/daemon/schema.mysql.sql04:29
[lutchy]wow04:29
z1hazeim assuming thats it04:29
z1hazebut how do i fix it04:29
sarnoldhey! now that's something :)04:30
z1hazewhat do i do though? im still not understanding04:30
[lutchy]right srnold04:30
sarnoldz1haze: check your configs .. some details.. http://httpd.apache.org/docs/2.2/howto/access.html04:31
z1hazeso i need to open the sites-enabled file?04:32
[lutchy]I hate people who think people should guess there problems, granted that people can be smart and withhold , that's not an issues if you don't know what a 'software' is04:32
[lutchy]uggg04:32
z1hazethen we move to belittle people i guess04:33
[lutchy]Knowing what it is will solve so many issues... I've been on Windows Forums04:33
z1hazeim sorry i havent spent my life behind a computer screen [lutchy]04:33
sarnoldcmon [lutchy], he's here to learn, same as the rest of us.04:33
[lutchy]They usually give 'blanket' solutions04:33
[lutchy]I want him to learn04:34
[lutchy]I really stress that..04:34
[lutchy]It's people like you that I don't like people who are asshole treat people like you.. I am being very forward04:35
sarnoldthat's a good goal :)04:35
z1hazewho are you calling an asshole? lol04:35
[lutchy]I guess you don't get it04:35
sarnoldI certainly don't :)04:36
z1hazesarnold: my host file shows this http://pastebin.com/gdk6qPTq i dont know if thats the same thing but from looking at the access control page its similar04:36
[lutchy]'I don't like people who are asshole treat people like you'04:36
sarnold[lutchy]: ahhhhh.04:36
z1hazespeak english?04:37
z1hazewas odd i dont have any deny in this host fire04:37
z1hazefile*04:37
[lutchy]I might have missed a comma04:37
[lutchy]Yeah, I missed a comma after 'that'...04:38
[lutchy]It's grammar I have issue with sometimes...04:39
z1hazeso the file is within my directory ive set, theres nothing that says deny, it says allow from all.. why would the server configreject it04:40
sarnoldz1haze: oh! try removing the final '/' at the end of the <directory> line04:41
sarnoldz1haze: <Directory /home/www/multicraft.terminus-mc.com/www>04:41
z1hazealright04:42
z1hazethat did it04:43
z1hazeman :( something so silly04:43
sarnolddamned apache04:43
z1hazeso why does that trailing / cause all that04:43
sarnoldI wasted two hours on that one a month ago.04:43
z1hazeno kidding?04:43
sarnoldyup.04:43
sarnoldfriendly dude in #apache guessed blindly and got it on the first try :)04:43
z1hazewell im glad you had been there done that haha04:43
z1hazeit seems like its just "one of those things"04:43
[lutchy]Probably...04:45
[lutchy]I am glad you have a better understanding04:46
z1hazewell thank you for your help i really do appreciate it04:47
sarnoldis it up and running? :)04:47
z1hazeyessir04:47
sarnold\o/04:47
z1hazeits not seeing all my current plugins but ill figure that part out04:47
[lutchy]I have to admit, that I am black, and the way I talk to black people... certain individuals04:49
[lutchy]It may get in the way how I type online....04:49
[lutchy]btw... I hate Apache.. I use Lighttpd on all over my servers.. it's much easier to config...04:53
[lutchy]Doh, it lack few features "-p :)04:53
sarnoldyeah, I prefer nginx, not that I know it any better..04:54
[lutchy]nginx ?04:55
[lutchy]That's worst04:55
[lutchy]I don't think nginx is an actual 'WebServer'04:55
[lutchy]sarnold, I was a bit curious about your opinion05:01
sarnold[lutchy]: yeah?05:02
[lutchy]nginx is shitty.. so ?05:04
sarnold[lutchy]: nah, I liked the code quality of the nginx server -- clean error handling, superb formatting functions that work better than working around the C standard functions, nice modular design05:05
sarnold[lutchy]: granted the chunked encoding had a few problems, but nearly every server's chunked encoding implementation has had problems05:06
[lutchy]That's how you make your decision05:08
[lutchy]OK05:08
[lutchy]Personally, well written code doesn't help me if it's to complex to configure ...05:09
=== thumper is now known as thumper-afk
[lutchy]I understand your point of view... security ...05:10
sarnold:D05:10
[lutchy]I care about security as well as I care how easy it will be to implement it...... you input does help ")05:14
Macerare there no free usenet servers nowadays? :/05:57
Macerfor an actual exchange of information not for alt.bin.awesomepiratestuff.0day.sweden ?05:58
sarnoldgmane..05:58
Macerah ok. so is this just the stuff that isn't related to piracy? i just wanted to subscribe to stuff like actual ubuntu newsgroups like the days of yore06:00
Macerand i don't care much for forums :)06:00
sarnoldyeah, the closest thing is probably the ubuntu-blah email lists, or askubuntu.com.06:01
sarnoldneither quite like the old usenet :(06:01
Macerno it is not.. but it seems because of the rampant piracy.. usenet is all but dead on the free exchange of information side06:02
Macerit's all commercialized piracy nowadays :) i just want a good usenet subscription06:02
Macercomcast killed their usenet server a long time ago :/06:02
Macerso ic an't use the local comcast one anymore06:02
* [lutchy] reads06:03
Macersarnold: you can use the gmane stuff in a usenet reader?06:03
Macerlike thunderbird or something? looks like they should have some sort of ubuntu group to subscribe to06:04
sarnoldMacer: see e.g. http://dir.gmane.org/gmane.linux.ubuntu.devel.changes.gutsy06:05
sarnold(randomly picked list..)06:05
Macerhttp://johnbokma.com/mexit/2005/01/14/gmane-mail-to-news.html06:06
Macerthere you go... that has instructions on how to do it .. nice.. thanks so much :)06:06
sarnoldhave fun :) bedtime06:07
[lutchy]It's funny, I don't know if it's the timing, there's actually content to read06:07
pcnIs this the right channel to ask about the cloud images?06:09
pcnI'm trying to get the trusty cloud image ova imported into either virtualbox or vmware fusion, and both break06:10
[lutchy]If it's based on Ubuntu Server.. sure...06:11
pcnIt's a server image, indeed.06:12
sarnold'ova'? ( I know I said bed, but.. i'm curious :) -- I don't see any .ova files at http://cloud-images.ubuntu.com/trusty/current/06:12
pcnWhoops, ovf06:12
pcnI'm trying to get to making an ova via import and export and some automation.06:12
pcnIt's failing at the get-go06:12
[lutchy]sarnold, if you go to bed, I am going to hunt you in your sleep06:12
sarnold[lutchy]: good luck :) I'm a big guy and I'm good with knots06:13
[lutchy]I am good with aliens to do my bidding.. end...06:13
pcnDoes anyone know how canonical creates the .ovf files?06:13
[lutchy]From I what I read, it's a standard06:14
sarnoldpcn: utlemming or smoser may be able to help when they arrive; not sure what timezones they're in, but it may be a little while..06:14
[lutchy]he was smoking something ^^06:14
[lutchy]He can clarify later06:14
[lutchy]I think, it's better to explain, from I read.. Only VirtualBox support that format06:15
[lutchy]Don't you still need VDH.. The Virtual Disk that hold the data06:17
[lutchy]What Virtual Solution are you using ?06:17
[lutchy]I just read sarnold, las comment, I guess those people can offer more infor06:19
[lutchy]Does VMWare even support OVF ?06:20
pcn[lutchy]: you can use qemu-img to convert the disk format06:20
[lutchy]Well, you did say it beak06:21
pcn[lutchy]: the problem I'm having is that most of the productsection's properties don't seem to be getting to cloud-init, and so e.g. no ssh key, no user password set, etc.06:21
pcnNo ssh pubkey is getting installed, I mean06:21
pcnAnd trying to import the ovf into vmware fusion, or convert it using vmwares ovftool, results in both (ovftool and vmware fusion gui) complaining about syntax that appears to be valid according to the spec06:23
pcnSo... fun06:23
[lutchy]Seem like you giving yourself to much headache06:24
[lutchy]If I may...06:25
[lutchy]I would create a format both understand very well06:26
[lutchy]I would make original copy, then split into copies.. I am not sure that would be efficient but that's what I what I would do06:27
pcnThat suggestion is not going to help me at the moment.06:27
[lutchy]It doesn't hurt me.. I hope you get better help06:28
pcnThanks06:36
Macersarnold: gmane.org was perfect. thanks :)06:38
Maceri already set it up in thunderbird. works like old school usenet.06:38
=== sanderj_ is now known as Sander^work
=== thumper-afk is now known as thumper
=== a1berto_ is now known as a1berto
lastarmsDoes anyone know how to patch the add-apt-repo problem on 12.04?09:32
lastarmsDoes anyone know how to patch the add-apt-repo problem on 12.04?09:40
histolastarms: do you have a link to the patch?10:10
YamakasYhi guys10:23
YamakasYanyone some tips about autofs a webdav share with ldap credentials ?10:23
lastarmshisto: https://bugs.launchpad.net/ubuntu/+source/software-properties/+bug/96875610:30
uvirtbotLaunchpad bug 968756 in software-properties "apt-add-repository fails while adding ppa if signing_key_fingerprint does not exist" [Medium,Fix released]10:30
histolastarms: download the patch and use the patch command to fix the ppa.py  so 'patch /path/to/ppa.py < patch.file10:39
pmatulismorning10:44
lastarmshisto: wow... you just made me feel so dumb...10:45
YamakasYman I need autocompletion!10:46
lastarmshisto: sorry, what do you mean by /path/to/ppa.py10:49
histolastarms: find that ppa.py file the patch is made for it's part of the package you are having an issue with10:51
histolastarms: locate ppa.py   should show you the path10:51
lastarmshisto: the patch is supposed to be for pycurl10:52
lastarmshttps://bugs.launchpad.net/ubuntu/+source/pycurl/+bug/106335010:52
uvirtbotLaunchpad bug 1063350 in pycurl "curl corrupts floating point context" [Medium,Triaged]10:52
lastarmssorry, I think I gave you the wrong site10:52
lastarmsit's #1110:52
histolastarms: let me check that one10:54
histolastarms: yeah same file has the issues10:55
histolastarms: it's patching ppa.py10:55
lastarmslocate ppa.py comes up with nothing10:55
histolastarms: I show it in /usr/lib/python3/dist-packages/softwareproperties/ppa.py10:56
lastarmshisto: I don't have that...10:57
lastarmshisto: I guess I'll just downgrade it then... too much time spent on this...10:57
histolastarms: find / -name 'ppa.py' 2>/dev/null10:57
lastarms/usr/share/pyshared/softwareproperties/ppa.py10:58
lastarms/usr/lib/python2.7/dist-packages/softwareproperties/ppa.py10:58
lastarmsI'm guessing the one in lib10:59
histolastarms: most likely10:59
histolastarms: you could diff them and see if they are different10:59
histolastarms: find / -name 'ppa.py' 2>/dev/null | xargs diff10:59
lastarmshisto: patch: **** Only garbage was found in the patch input.10:59
lastarmshisto: nvm i did something stupid11:01
histok11:01
lastarmshisto: yup, that seemed to have worked allright. Thanx for your help!11:02
histolastarms: np anytime11:02
Voyagethe 65000 port limit on a machine is a hardware limit? if yes, if I have a VPS one a machine and one that machine there are 3 more vps hosted. I will get shared number of ports and not 65000 ?11:34
rbasakVoyage: it's a protocol limit. However if you give each VPS its own IP address, then you won't hit that restriction.11:43
rbasak(but if you do NAT, then you will depending on how you use it)11:44
Voyagerbasak,  so its 65000 ports for http , and 65000 ports for some other protocol . e.g xmpp?11:45
Quoexlanyone home?11:46
Quoexlall night long I had a chinese fellow trying to hack my ssh11:47
rbasakQuoexl: finding that people are trying to bruteforce your ssh is pretty common.11:50
cfhowlettQuoexl and presumably he failed - which is good!11:50
rbasakJust make sure that you don't use password auth (or if you do then all possible logins have secure passwords)11:50
Voyage whats the max number of ports a machine can have opnned up?11:51
Quoexl6553611:51
QuoexlI use 26 digit pass-sentences11:51
ikoniaso why the concern ?11:52
ikoniayou know it's being attacked, follow your standard white hat practices and secure the box/ignore the threat11:52
VoyageQuoexl,  the 65000 port limit on a machine is a hardware limit? if yes, if I have a VPS one a machine and one that machine there are 3 more vps hosted. I will get shared number of ports and not 65000 ?11:52
rbasakJust make sure that you don't have some login available that you don't know about. I use "AllowUsers" to whitelist ssh logins.11:52
ikonia(as you said you where a white hat security professional) this should be school boy basics11:52
Quoexlnot really concerned, I threw up sshguard just in case11:52
Quoexlno I said I am a white hat from wayback11:53
ikoniaright, so that is a security professional11:53
Quoexlwell, people do pay me to do it11:53
ikoniaso you should be able to manage this standard attack with ease11:53
Quoexlits done, I win11:54
Quoexljust sharing11:54
ikoniadon't need break down of your day to day management of the host11:54
cfhowlettQuoexl share that kind of stuff, if you must, at http://thedailywtf.com/Default.aspx11:55
maswantou know what also helps against ssh bruteforce attempts: PasswordAuthentication no12:02
zuljamespage: debian has packaged designate its still in proposed because its foobared12:09
YamakasYany webdav expert here ? or actually autofs ones ?12:21
histo!any | YamakasY12:24
YamakasYhisto: you belong to any(one) :)12:27
YamakasYhisto: you use it ?12:29
ws2k3Hello, my ubuntu machine got stuck while upgrading13:09
ws2k3i use do-release-upgrade and now it hangs at setting up nfs-common13:13
pmatulisws2k3: upgrade from lucid to precise?13:13
ws2k3no13:14
ws2k3natty to Oneiric13:14
ws2k3what can i do about this ?13:17
zuljamespage: oh good you did logutils and signledispatch already13:17
pmatulisws2k3: i don't think Oneiric packages are still in the regular repositories13:17
pmatulishttp://archive.ubuntu.com/ubuntu/dists/13:17
ws2k3i use old.releashes as repository13:17
pmatulisoh13:18
ws2k3so i have the normale oOneiric repository13:18
pmatulisdunno.  all that comes to mind is13:18
pmatulishttps://bugs.launchpad.net/ubuntu/precise/+source/nfs-utils/+bug/86374113:19
uvirtbotLaunchpad bug 863741 in nfs-utils "apt doesn't want to replace portmap with rpcbind on upgrade" [Medium,Fix released]13:19
ws2k3ah oke well i cancalled the upgrade and did dpkg --configure -a so the upgrade showed up again haning on setting up nfs-common i cancesseled the upgrade of nfs-common and luckly it continue to do all the other packages13:20
Cyberspirithttps://www.youtube.com/watch?v=seFWvCDQFv013:24
YamakasYmhh automount is not running ?13:39
=== Trey is now known as Guest1972
ikoniaCyberspirit: please don't post that sort of thing in this channel13:56
Cyberspiritroger13:56
ikoniathanks13:57
=== rharper_ is now known as rharper
jcastrojamespage, are you guys going to be all set for running the UOS session in ~1 hour?13:59
jamespagejcastro, yup - gaughen is leading things14:00
jcastrorock14:00
gaughenjcastro, having some issues getting a hangout setup. getting an error message that "hangouts on air is disabled by the administrator"14:01
gaughenhave you started one successfully?14:01
YamakasYanyone using autofs here ?14:03
YamakasYI need to mount a webdav share on ldap auth14:03
jcastrogaughen, I use my personal account for hangouts14:03
YamakasYit seems to create the folder for the mount, but no mount is made14:03
jcastroI don't think we can on-air from our work accounts14:03
gaughenjcastro, guess I have to relearn this each time14:03
jcastrohow did it work last time?14:04
gaughendon't remember. gotta look. just finished making some caffeine. will drink some and then look.14:04
gaughendon't trust my brain until then. jcastro14:04
jcastroI agree14:04
gaughenjcastro, hmm, I used my work g+ last time14:11
jcastrogaughen, let me ask around14:18
gaughenjcastro, Leann has already asked IS, and we bugged mhall too14:18
jcastrooh14:19
jcastroshe is having problems too?14:19
psih0manhello everyone!14:30
psih0manwhat is the future init in ubuntu server? upstart or systemd?14:30
psih0manI was looking at the bug tracker http://reports.qa.ubuntu.com/reports/rls-mgr/rls-r-tracking-bug-tasks.html#server and could not find an answer to this question14:31
jcastrogaughen, looks like we're supposed to talk to IS if you have issues14:33
jcastropsih0man, we're switching to systemd14:34
jcastrohttp://summit.ubuntu.com/uos-1406/meeting/22277/ubuntu-server-plans-around-systemd/14:34
jcastrothere's a meeting tomorrow about it if you want to follow along ^^^^14:34
psih0manjcastro: thank you14:35
gaughenpsih0man, yeah, please come ask questions tomorrow!14:36
psih0manjcastro: is the switch to systemd planned for the next release or is this to be discussed during the meeting?14:39
jcastroI am not sure, last I heard foundations wanted to switch asap, but I haven't been following the discussion14:40
jcastrohttp://www.piware.de/2014/04/booting-ubuntu-with-systemd-now-in-utopic/14:41
jcastrohttps://lists.debian.org/debian-devel-announce/2014/05/msg00001.html14:41
pcnIs there anyone familiar with the process that canonical uses for creating the .ovf files, and/or what platforms the file is meant to be able to work with?14:47
pcn^^^ the .ovf files for the server cloud images14:48
=== cnj_ is now known as Guest45713
=== EzeQL____ is now known as EzeQL
=== medberry is now known as Guest32955
=== med_ is now known as Guest98256
lordievaderGood evening.16:52
stgraberzul: thanks for the patches, I was just about to refresh the python2 binding based on all the changes that went into the python3 recently. I believe there are 2-3 more changes to cherry-pick. I'll apply your changes and do the remaining cherry-picking ones I'm done with vUDS17:07
zulstgraber:  coolio...thanks17:08
=== Guest98256 is now known as medberry
hephNot sure if y`all are aware, but the us-west-2 ec2 mirrors are returning 403s when trying to download packages.17:57
hephmy guess is someone uploaded some files but forgot to set the s3 permissions17:57
hephbut it's turning my deploys into derploys, so I was hoping someone here could get that resolved17:57
sarnoldheph: s3 is funny, it never returns 404 -- it returns 403 instead, to avoid leaking information if an URL exists but permissions wouldn't allow it17:57
hephah, that's weird17:57
sarnoldheph: certainly annoying :)17:58
sarnoldheph: just to make sure, you ran apt-get update just before? or the tools appear to do that for you before upgrading?17:58
hephsarnold: so, when i use archive.ubuntu.com I can download the package gettext=0.18.1.1-10ubuntu3 (raring) fine, but when I use us-west-2.ec2.archive it fails with 40317:59
hephyes, apt-get update was ran18:00
sarnoldheph: thanks :)18:00
hephso, sounds like an incomplete mirror in s3 then?18:00
sarnoldheph: perhaps. we're a fairly .. "heavy" user of s3, our archive mirrors have found problems in s3 hosting before..18:01
hephI bet =)18:05
hephIt's your own fault, really... being so successful and all =P18:05
=== Lcawte|Away is now known as Lcawte
sarnoldheph: haha :D yes, exactly :)18:12
hephCan I relay to my team that someone is going to look into the s3 mirrors?18:13
sarnoldheph: yes; I've kicked it up the channels :)18:15
hephthx =)18:15
sarnoldthanks for reporting it :)18:15
sarnoldheph: oh cripes. I'm just now noticing that you mentioned 'raring' in your error message. raring was EOL'd back in january.18:17
sarnoldheph: https://wiki.ubuntu.com/Releases18:17
sarnoldheph: note that saucy EOLs in a month; it would be best to aim for 12.04 LTS or 14.04 LTS, depending upon which set of software versions you want18:18
hephyeah, it's legacy, we're working on it. can we expect the ec2 mirrors to not be kept up to date with the main archive mirrors though?18:18
hepheven though it's eol, the main mirror works18:18
sarnoldheph: at some point the main mirror will stop carrying it, and it'll move to old-releases18:19
sarnoldheph: I don't know when they get around to culling old content from the main archives, but I'm surprised it still works :)18:19
hephdoh, thanks for that clarification. guess it's time to switch our legacy systems to the archive.ubuntu mirror =|18:26
sarnoldheph: do realize that since raring was EOLd, there've been some high-visibility security problems -- at least one local->kernel privilege escalation, heartbleed, half-dozen other openssl issues, and scores more CVEs. Upgrading to an LTS release would cover a lot of asses^Wbases :)18:30
friendlyguyhi there. i'm trying to setup a lab with a sendmail server receiving mail via smtp in a virtual network(from another host/application). most things work already, BUT the sendmail server rejects the e-mail because the sender address does not resolve. i know that it doesn't resolve, and i don't want it to resolve. can someone tell me a easy way to deactivate this "feature"?19:07
sarnoldsmoser: thanks for collecting some nice tweets :)19:59
smoserthat was fun.20:00
smoserhopefully now ubuntu security will pop up on random people's youtube searches20:00
sarnoldha20:00
mdeslaurthanks smoser :)20:08
parallel21vsftpd allows root login by default?20:14
[lutchy]friendlyguy, people still use 'sendmail' :s20:40
[lutchy]In postfix, it would be part of smtpd_sender_restrictions, that does FQDN check20:43
[lutchy]Look through 'sendmail' docs that will you tell how to disable that20:43
=== DalekSec_ is now known as DalekSec
=== neunon_ is now known as neunon
histoYamakasY: What?20:59
=== lionel__ is now known as lionel
=== PaulePan1er is now known as PaulePanter
marshallhey ubuntu21:16
marshallhow do I start iptables? it's installed but i don't think it's running21:16
[lutchy]iptables is part of the kernel21:24
=== medberry is now known as Guest30515
[lutchy]So, there is no enable or disable or service to run... One would need to apply rules21:25
[lutchy]Some distributions have software that manages that for you... Take a look at http://www.thegeekstuff.com/2011/06/iptables-rules-examples/21:26
marshallhow do i get `iptables -t nat -A PREROUTING -p tcp --dport 80 -j REDIRECT --to-ports 5984` to work?22:00
hallynrbasak_: hey, i'm trying to run uvtool on precise from the ppa, but it appears to be not installable?22:28
hallynhttp://paste.ubuntu.com/7625825/22:29
=== Lcawte is now known as Lcawte|Away

Generated by irclog2html.py 2.7 by Marius Gedminas - find it at mg.pov.lt!