[00:27] <z1haze> hello! could someone answer a few questions for me, and possibly help me out? Im a server owner, but I have little experience doing so; I had help setting up the server as it is, and everythin works great, except for the fact theres no actual ftp server installed on it. The server is setup with password authentication disabled and uses ssh keys, but now I am going to be required to install an ftp server on it, due to a control
[00:27] <z1haze> panel for a gameserver that includes ftp.. what would be the easiest way to do this?
[00:29] <z1haze> basically, if the password authenticaion is disabled, is that serverwide or is is that user specific? is it possible to have ftp logins without password authentication? I know it works with keys because i use filezilla that way, but the game-server control panel have ftp as part of the interface, and thres no where to setup ssh keys
[00:42] <histo> z1haze: it sounds like password authentication is disabled for ssh... That is not system wide e.g. if you installed an ftp server you could login via ftp using a password
[00:43] <z1haze>  oh ok great!
[00:44] <z1haze> thats awesome, so i just install vsftp like normal, do i have to create separate usernames or do i login with my ssh usernames?
[00:54] <sarnold> z1haze: oh man; ftp is a horrible protocol and all the servers are likewise horrible. are you sure you have to use ftp?
[00:55] <sarnold> (maybe that's unfair to the servers; the server authors did what they could, but the protocol is truly gross.)
[00:55] <z1haze> well i want to use sftp but i dont think i can
[00:55] <z1haze> what do you suggest
[00:55] <z1haze> sarnold: here the the cpanel im installing http://www.multicraft.org/site/index
[01:15] <histo> z1haze: why do you thihnk you need ftp?
[01:16] <z1haze> because it uses a built in ftp server
[01:16] <histo> z1haze: so you don't have to setup ftp if it's builtin
[01:16] <z1haze> to be able to add/remove plugins
[01:16] <z1haze> yea i realized that after the fact
[01:16] <z1haze> im just new and dont feel comfortable jumping into things i liek to get an experienced opinion beforehand
[01:16] <histo> z1haze: you may want to test how secure their stuff is before your box gets owned
[01:17] <z1haze> true, its the largest cpanel for minecraft though, all of the major hosting companies use them
[01:18] <sarnold> restricting access to just your ips might be a worthwhile thing to do; most web-based control panels are horrid.
[01:18] <histo> z1haze: a lot of people use windows also
[01:18] <histo> doesn't make it safe
[01:18] <z1haze> i absolutely get where you're coming from
[01:18] <z1haze> but i wouldnt know the first step to do about seeing if its secure, as far as testing
[01:19] <z1haze> i just use it to host game-servers really
[01:19] <histo> z1haze: make sure you consult the documentation the stuff like delete teh install.php as soon as everything is working is very important
[01:19] <z1haze> oh yea im following their docs exactly
[01:19] <z1haze> the setup.sh is very detailed
[01:28] <Sachiru> Query: Anyone every know of software that watches your DNS service on the server and logs which IPs ask for certain addresses?
[01:29] <Sachiru> I'd like to track who's browsing por... tals for accounting experts on our network (and yes I know this is not a 100% foolproof system, what I'm asking for is basic logging/monitoring for beancounters, not something to track a person who is dedicated to having himself not tracked.
[01:34] <sarnold> Sachiru: first I'd check your dns server for logging levels, you may be able to turn up logs and get the info you want from there; you could probably also write a filter for tcpdump, or get close, and do the rest with grep. if you've got a host in the middle, ntop or iftop or similar may be able to get you there
[01:38] <z1haze> sarnold: i ran into an error after installing: its on the web panel  end now.. the install.php gave me a CException for application runtime path not valid make sure the directory is writable by the web-server process
[01:38] <z1haze> i have the entire folder owned by username:www-admin
[01:39] <z1haze> is that not right?
[01:39] <sarnold> z1haze: not www-data?
[01:39] <z1haze> no, i checked the previous sites that were already there, they're all owned by my username:www-admin
[01:40] <z1haze> should that be switched to all www-data ?
[01:40] <z1haze> i didnt setup the initial web-servers so how would i find out what they SHOULD  be owned by
[01:40] <sarnold> z1haze: probably your webserver is running as the 'www-data' user, and probably there's no supplmentary groups..
[01:40] <z1haze> can i check that somehow?
[01:40] <sarnold> z1haze: ps auxw | grep apache  or ps auxw | grep nginx -- depending..
[01:40] <z1haze> the whole thing indcluding depending.. ?
[01:41] <z1haze> oh duh i get it
[01:41] <z1haze> should i pastebin results?
[01:42] <sarnold> z1haze: just look for the user column in the output
[01:42] <z1haze> http://pastebin.com/J2Wz7R26
[01:42] <sarnold> (you can pastebin it if you want...)
[01:42] <sarnold> yeah, www-data
[01:42] <z1haze> where do you even see that though?
[01:43] <z1haze> so would it be ok if i did like chown www-data:www-admin since my username is part of the www-admin group i will still be able to edit stuff
[01:45] <z1haze> yay i did it! thanks so much sarnold, on to the next step!
[01:45] <sarnold> z1haze: the first column of output is the userids of the process; root and www-data -- the root-owned apache process doesn't handle web traffic, it opens the port and then keeps track of the other children...
[01:46] <sarnold> z1haze: so the www-data owned processes actually handle requests.
[01:46] <z1haze> i get it now
[01:46] <sarnold> (I truly hate the web server user account actually owning files, but that's a rant for another day.)
[01:47] <z1haze> although i did have afailure on the next step: failed the system security check: he first column of output is the userids of the process; root and www-data -- the root-owned apache process doesn't handle web traffic, it opens the port and t
[01:47] <z1haze> what does that even men
[01:48] <sarnold> z1haze: from your ps auxw output :)  http://pastebin.com/J2Wz7R26
[01:49] <z1haze> you've lost me
[01:50] <z1haze> should i just remove the www-data from the .htaccess file?
[01:50] <sarnold> nah feel free to ignore me :) hehe
[01:51] <z1haze> im sorry im not trying to be rude and ignore u i dont didnt understand
[01:52] <z1haze> the suggested solution is the change the AllowOverride None to AllowOverride All for the sites-enabled
[01:52] <z1haze> is that a good fix/
[01:53] <sarnold> z1haze: oh, I know you're not being rude :) just my explanation might not have actually made anything more clear for you, but that's okay -- eventually it'll make perfect sense, but there's no big problem if I don't make sense today :)
[01:53] <z1haze> so how to i fix this error im getting?
[01:53] <sarnold> z1haze: it's probably better if you can find out which specific directives you need to all .htaccess files to override, but if this webserver only does your game, it's probably fine.
[01:54] <z1haze> yea well, it hosts game-servers and web-server
[01:55] <z1haze> I think i see in the sites-enabled where to edit the AllowOverride None to All.. is that ok for me to do?
[01:55] <sarnold> probably fine
[01:55] <z1haze> i dont know what that does
[01:55] <z1haze> could you kinda tell me what its actually doing?
[01:55] <sarnold> it lets the .htaccess file override apache settings for specific directories
[01:56] <sarnold> see the whole help at http://httpd.apache.org/docs/current/mod/core.html#allowoverride
[01:56] <sarnold> apache's help can be .. pretty dense. but it is very thorough.
[01:57] <z1haze> the only apache i have experience with is the one i flew for 6 years :\
[01:57] <sarnold> talk about complicated :D
[01:58] <z1haze> easy peasy
[01:58] <sarnold> nope -- my head turns inside out trying to grok the collective :D
[01:58] <z1haze> oh u fly?
[01:58] <sarnold> nope :)
[01:58] <sarnold> but man I loved helicoptors as a kid...
[01:59] <z1haze> yea me too, was my dream, i actually enlisted as a crewchief for the apache, then dropped a packed to become a pilot 1 year or so after iwas in
[02:00] <sarnold> nice :D
[02:05] <z1haze> sarnold: do you know stuff about database too?
[02:05] <z1haze> another small hiccup ive run into: Error querying user table: CDbCommand failed to execute the SQL statement: SQLSTATE[42S02]: Base table or view not found: 1146 Table 'multicraft_panel.server_config' doesn't exist. The SQL statement executed was: select count(*) from `server_config`
[02:05] <z1haze> during the setup
[02:05] <z1haze> the database seems to not be initialized how do i initialize it?
[02:06] <sarnold> z1haze: hopefully the install guide included some mention of a tool to run to populate the tables
[02:06] <z1haze> ur a smart man: it did i just didnt go far enough
[02:07] <sarnold> hehe, I just figured no one would use it if they had to populate the tables by hand :)
[02:07] <z1haze> makes sense, how long have you been in this game?
[02:08] <sarnold> I've been using linux since 1994
[02:08] <z1haze> theres a tick asking me if i want to enable the multicraft api? what reason would i do this?
[02:09] <sarnold> probably if you use some clients like a phone app to manage the server..
[02:09] <sarnold> (that's a wild guess)
[02:10] <z1haze> would that be like custom stuff?
[02:10] <z1haze> oh btw, it says the integrated ftb is net2ftp
[02:11] <sarnold> probably the android app store has a dozen of them or something? :) heh
[03:39] <z1haze> How can i check if MySQL PDO support is enabled on my server?
[03:44] <sarnold> z1haze: check '"pkg -l 'php5-mysql*'" output
[03:45] <z1haze> sarnold: im in big trouble i cant seem to figure this out
[03:45] <sarnold> z1haze: iirc both php5-mysql and php5-mysqlnd work...
[03:45] <z1haze> im getting db conn error
[03:45] <z1haze> when trying to use the plugin search thing
[03:45] <z1haze> sarnold: Error 500
[03:45] <z1haze> CDbConnection failed to open the DB connection.
[03:46] <z1haze> what do i actually type form that command?
[03:47] <z1haze> i typed '"pkg -l 'php5-mysql*'" and its just frozen now
[03:48] <sarnold> z1haze: leave off the " quotes
[03:49] <z1haze> but you have the first " inside the ' and the second one outside
[03:49] <z1haze> is it this? 'pkg -l 'php5-mysql*'
[03:50] <sarnold> the ' quotes around 'php5-mysql*' keeps bash from expanding the php5-mysql* glob into matching files, if you have any files in your current working directory named php5-mysql(something)
[03:51] <z1haze> so is it like this then 'pkg -l 'php5-mysql*'
[03:51] <z1haze> because nothing happens when i do that
[03:51] <z1haze> is just freezes
[03:52] <z1haze> i also tried pkg -l 'php5-mysql*' and it says no cmd pkd found
[03:52] <z1haze> pkg*
[03:52] <[lutchy]> hmmm
[03:53] <[lutchy]> What PHP program are you using that give you DB Conn error
[03:53] <sarnold> dpkg
[03:53] <[lutchy]> hmmm
[03:53] <z1haze> ok that worked
[03:54] <z1haze> http://pastebin.com/n6Z6DV9A
[03:54] <z1haze> im using multicraft its a hosting control panel for minecraft servers
[03:54] <z1haze> and it gives the error when trying to acces bukget which is the plugin installer
[03:55] <[lutchy]> I am confused, when did dpkg have DB conn error ? I have to say I am new at that
[03:55] <z1haze> im trying to get to use the plugin installer and it tells me this Error 500 CDbConnection failed to open the DB connection
[03:56] <z1haze> then the troubleshooting page says Your PHP installation needs MySQL PDO support, please check that this core extension is enabled
[03:56] <[lutchy]> So I assume you are you suing Ubuntu Server version ?
[03:56] <[lutchy]> s/suing/using/
[03:56] <z1haze> 12.04 lts
[03:57] <z1haze> lol wow, nice one that correction
[03:57] <[lutchy]> The way I've seen PHP PDO is packages
[03:57] <z1haze> how to i enable the pdo support?
[03:57] <[lutchy]> At least for openSUSE, 'sqlite PDO' is installed by default
[03:57] <z1haze> im using mysql
[03:58] <[lutchy]> With 'mysql', you simply install php5-mysql (which should include the MySQL extensions and the PDO version as well)
[03:58] <z1haze> do i ened to like install sudo apt-get install php5-sqlite?
[03:58] <z1haze> ok well
[03:58] <[lutchy]> No,
[03:58] <z1haze> i guess i need to enable the extension then?
[03:59] <[lutchy]> NO, I think the error might have been misleading
[03:59] <z1haze> The BukGet browser uses a temporary SQLite database to cache the plugin list. Make sure your PHP installation supports the PDO SQLite extension, it is required for this feature
[04:01] <sarnold> hah, it requires both mysql and sqlite to function? o_O
[04:01] <[lutchy]> Again, depends how Ubuntu packages things... I would think that 'sqlite pdo' was included on default
[04:01] <z1haze> well what else would make that happen
[04:01] <z1haze> i just need to enable that extension i think i just dont know how
[04:02] <[lutchy]> It could have been, some applications, where you can choose a DB backend
[04:02] <z1haze> yea i choose mysql because thats what i have
[04:03] <[lutchy]> So, have SQLITE and MYSQL requirement is not unheard of
[04:03] <z1haze> is the php.ini file i need to look at in the /etc/php5/cli?
[04:03] <sarnold> [lutchy]: not much is installed by default; everything is just a quick apt-get install away :)
[04:04] <z1haze> guys :( how can i get this going?
[04:04] <[lutchy]> Right
[04:04] <[lutchy]> So, I think the error is misleading
[04:04] <[lutchy]> You can run 'phpinfo()'
[04:04] <sarnold> z1haze: try apt-get install php5-sqlite
[04:05] <[lutchy]> be that with that and know for sure what php is loaded with
[04:05] <z1haze> ok ive done that sarnold
[04:05] <[lutchy]> Just create a simple php script in your document directory of your sever, make sure to start with a start tag
[04:05] <sarnold> z1haze: okay, restart apache and try again :) if it doesn't Just Work, try [lutchy]'s phpinfo() suggestion
[04:06] <[lutchy]> With phpinfo()
[04:06] <[lutchy]> It's easier to read what's enable in PHP
[04:06] <[lutchy]> Than php -r 'phpinfo()'
[04:06] <z1haze> ok im not familiar with that what [lutchy] said, and unfortunately it did not fix it
[04:07] <[lutchy]> Alright... I walk you through it... though... I am not sure what application you are using but to do that
[04:07] <z1haze> application for what
[04:08] <z1haze> i am just using putty
[04:08] <[lutchy]> You don't get the basics of a 'application'
[04:08] <sarnold> [lutchy]: he's installing http://www.multicraft.org/site/index
[04:08] <[lutchy]> Let me look at it
[04:09] <[lutchy]> If I find it fun, I might create a VM and test around
[04:09] <z1haze> how do i simple enable that extension that its telling me
[04:10] <[lutchy]> If you don't know what you doing, that lease to more questions
[04:11] <[lutchy]> Personally, I don't think enabling that extension, is going to solve that problem as simply you thin it is...
[04:11] <z1haze> thats what the help says though
[04:11] <[lutchy]> Because software is clear what went wrong
[04:11] <z1haze> http://pastebin.com/3tDuYSkS
[04:11] <z1haze> http://www.multicraft.org/site/docs?view=troubleshooting#20
[04:11] <z1haze> this is exactly my problem
[04:11] <z1haze> they have atroubleshooting link just for it
[04:13] <z1haze> i dont get it
[04:14] <[lutchy]> What part you don't get
[04:14] <[lutchy]> I am sure people will help with that
[04:14] <z1haze> the fact that its saying in that link i just posted to enable some pdo
[04:16] <z1haze> how do i just enable what i need man? Im tired i really need to get this up and i hve to work in the morning
[04:18] <[lutchy]> You should figure that out yourself... it's very simple if you do enough research how PHP works
[04:18] <z1haze> ive been trying for hours now ok
[04:18] <z1haze> i really could just use a hand on it
[04:18] <[lutchy]> With PHP
[04:18] <z1haze> if you know, please just lend a hand
[04:18] <[lutchy]> You have modules that enables a feature
[04:19] <[lutchy]> DBConn error doesn't sound like you missing a feature
[04:19] <[lutchy]> It's more like the program failed to connect to a DB
[04:19] <z1haze> did you look at that page i just linked http://www.multicraft.org/site/docs?view=troubleshooting#20
[04:20] <z1haze> "The BukGet browser shows an error with the database connection"
[04:21] <[lutchy]> When you have database connection error, it's like the software can't connect to the DB
[04:21] <z1haze> ok?
[04:21] <[lutchy]> There are so many reasons why it may fail..
[04:21] <sarnold> sadly that page is nearly useless -- there's lots of reasons why it mail fail, and that shows none of them.
[04:22] <z1haze> so what do i do
[04:22] <[lutchy]> 1) The Database is not running on the port that the software is trying to connect to
[04:22] <z1haze> is there a place i can check what port my database is on
[04:23] <[lutchy]> no...
[04:23] <z1haze> god. it seems your witholding when you respond
[04:23] <[lutchy]> sarnold, the directions are horrible ?
[04:23] <z1haze> its like u know the answer but u wont say it, just stringing me on, its been hours i really need this fixed and i hope you can help
[04:24] <z1haze> if you cannot help i will be on my way, just pleast let me know one way or another
[04:24] <[lutchy]> NO.. I don't know why you would think that in the first place
[04:24] <[lutchy]> I don't own a minecraft sever and I don't know why you think people would have an answer to that
[04:25] <z1haze> i didnt say you did, but as for reasons it wont connect to the database, thats pretty standard right
[04:26] <sarnold> [lutchy]: yeah, poor -- they could have had specific error messages with specific mediations. they gave a blanket solution for a vague problem
[04:28] <z1haze> what should i even do then
[04:28] <[lutchy]> That's what I thought, the error was misleading
[04:28] <sarnold> z1haze: check error logs from mysql? php? apache? dunno. i've managed to avoid dealing with php for as long as I could :)
[04:28] <[lutchy]> << likes php
[04:29] <z1haze> [Mon Jun 09 22:09:33 2014] [error] [client 192.99.20.118] client denied by server configuration: /home/www/multicraft.terminus-mc.com/www/protected/data/daemon/schema.mysql.sql
[04:29] <[lutchy]> wow
[04:29] <z1haze> im assuming thats it
[04:29] <z1haze> but how do i fix it
[04:30] <sarnold> hey! now that's something :)
[04:30] <z1haze> what do i do though? im still not understanding
[04:30] <[lutchy]> right srnold
[04:31] <sarnold> z1haze: check your configs .. some details.. http://httpd.apache.org/docs/2.2/howto/access.html
[04:32] <z1haze> so i need to open the sites-enabled file?
[04:32] <[lutchy]> I hate people who think people should guess there problems, granted that people can be smart and withhold , that's not an issues if you don't know what a 'software' is
[04:32] <[lutchy]> uggg
[04:33] <z1haze> then we move to belittle people i guess
[04:33] <[lutchy]> Knowing what it is will solve so many issues... I've been on Windows Forums
[04:33] <z1haze> im sorry i havent spent my life behind a computer screen [lutchy]
[04:33] <sarnold> cmon [lutchy], he's here to learn, same as the rest of us.
[04:33] <[lutchy]> They usually give 'blanket' solutions
[04:34] <[lutchy]> I want him to learn
[04:34] <[lutchy]> I really stress that..
[04:35] <[lutchy]> It's people like you that I don't like people who are asshole treat people like you.. I am being very forward
[04:35] <sarnold> that's a good goal :)
[04:35] <z1haze> who are you calling an asshole? lol
[04:35] <[lutchy]> I guess you don't get it
[04:36] <sarnold> I certainly don't :)
[04:36] <z1haze> sarnold: my host file shows this http://pastebin.com/gdk6qPTq i dont know if thats the same thing but from looking at the access control page its similar
[04:36] <[lutchy]> 'I don't like people who are asshole treat people like you'
[04:36] <sarnold> [lutchy]: ahhhhh.
[04:37] <z1haze> speak english?
[04:37] <z1haze> was odd i dont have any deny in this host fire
[04:37] <z1haze> file*
[04:37] <[lutchy]> I might have missed a comma
[04:38] <[lutchy]> Yeah, I missed a comma after 'that'...
[04:39] <[lutchy]> It's grammar I have issue with sometimes...
[04:40] <z1haze> so the file is within my directory ive set, theres nothing that says deny, it says allow from all.. why would the server configreject it
[04:41] <sarnold> z1haze: oh! try removing the final '/' at the end of the <directory> line
[04:41] <sarnold> z1haze: <Directory /home/www/multicraft.terminus-mc.com/www>
[04:42] <z1haze> alright
[04:43] <z1haze> that did it
[04:43] <z1haze> man :( something so silly
[04:43] <sarnold> damned apache
[04:43] <z1haze> so why does that trailing / cause all that
[04:43] <sarnold> I wasted two hours on that one a month ago.
[04:43] <z1haze> no kidding?
[04:43] <sarnold> yup.
[04:43] <sarnold> friendly dude in #apache guessed blindly and got it on the first try :)
[04:43] <z1haze> well im glad you had been there done that haha
[04:43] <z1haze> it seems like its just "one of those things"
[04:45] <[lutchy]> Probably...
[04:46] <[lutchy]> I am glad you have a better understanding
[04:47] <z1haze> well thank you for your help i really do appreciate it
[04:47] <sarnold> is it up and running? :)
[04:47] <z1haze> yessir
[04:47] <sarnold> \o/
[04:47] <z1haze> its not seeing all my current plugins but ill figure that part out
[04:49] <[lutchy]> I have to admit, that I am black, and the way I talk to black people... certain individuals
[04:49] <[lutchy]> It may get in the way how I type online....
[04:53] <[lutchy]> btw... I hate Apache.. I use Lighttpd on all over my servers.. it's much easier to config...
[04:53] <[lutchy]> Doh, it lack few features "-p :)
[04:54] <sarnold> yeah, I prefer nginx, not that I know it any better..
[04:55] <[lutchy]> nginx ?
[04:55] <[lutchy]> That's worst
[04:55] <[lutchy]> I don't think nginx is an actual 'WebServer'
[05:01] <[lutchy]> sarnold, I was a bit curious about your opinion
[05:02] <sarnold> [lutchy]: yeah?
[05:04] <[lutchy]> nginx is shitty.. so ?
[05:05] <sarnold> [lutchy]: nah, I liked the code quality of the nginx server -- clean error handling, superb formatting functions that work better than working around the C standard functions, nice modular design
[05:06] <sarnold> [lutchy]: granted the chunked encoding had a few problems, but nearly every server's chunked encoding implementation has had problems
[05:08] <[lutchy]> That's how you make your decision
[05:08] <[lutchy]> OK
[05:09] <[lutchy]> Personally, well written code doesn't help me if it's to complex to configure ...
[05:10] <[lutchy]> I understand your point of view... security ...
[05:10] <sarnold> :D
[05:14] <[lutchy]> I care about security as well as I care how easy it will be to implement it...... you input does help ")
[05:57] <Macer> are there no free usenet servers nowadays? :/
[05:58] <Macer> for an actual exchange of information not for alt.bin.awesomepiratestuff.0day.sweden ?
[05:58] <sarnold> gmane..
[06:00] <Macer> ah ok. so is this just the stuff that isn't related to piracy? i just wanted to subscribe to stuff like actual ubuntu newsgroups like the days of yore
[06:00] <Macer> and i don't care much for forums :)
[06:01] <sarnold> yeah, the closest thing is probably the ubuntu-blah email lists, or askubuntu.com.
[06:01] <sarnold> neither quite like the old usenet :(
[06:02] <Macer> no it is not.. but it seems because of the rampant piracy.. usenet is all but dead on the free exchange of information side
[06:02] <Macer> it's all commercialized piracy nowadays :) i just want a good usenet subscription
[06:02] <Macer> comcast killed their usenet server a long time ago :/
[06:02] <Macer> so ic an't use the local comcast one anymore
[06:03]  * [lutchy] reads
[06:03] <Macer> sarnold: you can use the gmane stuff in a usenet reader?
[06:04] <Macer> like thunderbird or something? looks like they should have some sort of ubuntu group to subscribe to
[06:05] <sarnold> Macer: see e.g. http://dir.gmane.org/gmane.linux.ubuntu.devel.changes.gutsy
[06:05] <sarnold> (randomly picked list..)
[06:06] <Macer> http://johnbokma.com/mexit/2005/01/14/gmane-mail-to-news.html
[06:06] <Macer> there you go... that has instructions on how to do it .. nice.. thanks so much :)
[06:07] <sarnold> have fun :) bedtime
[06:07] <[lutchy]> It's funny, I don't know if it's the timing, there's actually content to read
[06:09] <pcn> Is this the right channel to ask about the cloud images?
[06:10] <pcn> I'm trying to get the trusty cloud image ova imported into either virtualbox or vmware fusion, and both break
[06:11] <[lutchy]> If it's based on Ubuntu Server.. sure...
[06:12] <pcn> It's a server image, indeed.
[06:12] <sarnold> 'ova'? ( I know I said bed, but.. i'm curious :) -- I don't see any .ova files at http://cloud-images.ubuntu.com/trusty/current/
[06:12] <pcn> Whoops, ovf
[06:12] <pcn> I'm trying to get to making an ova via import and export and some automation.
[06:12] <pcn> It's failing at the get-go
[06:12] <[lutchy]> sarnold, if you go to bed, I am going to hunt you in your sleep
[06:13] <sarnold> [lutchy]: good luck :) I'm a big guy and I'm good with knots
[06:13] <[lutchy]> I am good with aliens to do my bidding.. end...
[06:13] <pcn> Does anyone know how canonical creates the .ovf files?
[06:14] <[lutchy]> From I what I read, it's a standard
[06:14] <sarnold> pcn: utlemming or smoser may be able to help when they arrive; not sure what timezones they're in, but it may be a little while..
[06:14] <[lutchy]> he was smoking something ^^
[06:14] <[lutchy]> He can clarify later
[06:15] <[lutchy]> I think, it's better to explain, from I read.. Only VirtualBox support that format
[06:17] <[lutchy]> Don't you still need VDH.. The Virtual Disk that hold the data
[06:17] <[lutchy]> What Virtual Solution are you using ?
[06:19] <[lutchy]> I just read sarnold, las comment, I guess those people can offer more infor
[06:20] <[lutchy]> Does VMWare even support OVF ?
[06:20] <pcn> [lutchy]: you can use qemu-img to convert the disk format
[06:21] <[lutchy]> Well, you did say it beak
[06:21] <pcn> [lutchy]: the problem I'm having is that most of the productsection's properties don't seem to be getting to cloud-init, and so e.g. no ssh key, no user password set, etc.
[06:21] <pcn> No ssh pubkey is getting installed, I mean
[06:23] <pcn> And trying to import the ovf into vmware fusion, or convert it using vmwares ovftool, results in both (ovftool and vmware fusion gui) complaining about syntax that appears to be valid according to the spec
[06:23] <pcn> So... fun
[06:24] <[lutchy]> Seem like you giving yourself to much headache
[06:25] <[lutchy]> If I may...
[06:26] <[lutchy]> I would create a format both understand very well
[06:27] <[lutchy]> I would make original copy, then split into copies.. I am not sure that would be efficient but that's what I what I would do
[06:27] <pcn> That suggestion is not going to help me at the moment.
[06:28] <[lutchy]> It doesn't hurt me.. I hope you get better help
[06:36] <pcn> Thanks
[06:38] <Macer> sarnold: gmane.org was perfect. thanks :)
[06:38] <Macer> i already set it up in thunderbird. works like old school usenet.
[09:32] <lastarms> Does anyone know how to patch the add-apt-repo problem on 12.04?
[09:40] <lastarms> Does anyone know how to patch the add-apt-repo problem on 12.04?
[10:10] <histo> lastarms: do you have a link to the patch?
[10:23] <YamakasY> hi guys
[10:23] <YamakasY> anyone some tips about autofs a webdav share with ldap credentials ?
[10:30] <lastarms> histo: https://bugs.launchpad.net/ubuntu/+source/software-properties/+bug/968756
[10:39] <histo> lastarms: download the patch and use the patch command to fix the ppa.py  so 'patch /path/to/ppa.py < patch.file
[10:44] <pmatulis> morning
[10:45] <lastarms> histo: wow... you just made me feel so dumb...
[10:46] <YamakasY> man I need autocompletion!
[10:49] <lastarms> histo: sorry, what do you mean by /path/to/ppa.py
[10:51] <histo> lastarms: find that ppa.py file the patch is made for it's part of the package you are having an issue with
[10:51] <histo> lastarms: locate ppa.py   should show you the path
[10:52] <lastarms> histo: the patch is supposed to be for pycurl
[10:52] <lastarms> https://bugs.launchpad.net/ubuntu/+source/pycurl/+bug/1063350
[10:52] <lastarms> sorry, I think I gave you the wrong site
[10:52] <lastarms> it's #11
[10:54] <histo> lastarms: let me check that one
[10:55] <histo> lastarms: yeah same file has the issues
[10:55] <histo> lastarms: it's patching ppa.py
[10:55] <lastarms> locate ppa.py comes up with nothing
[10:56] <histo> lastarms: I show it in /usr/lib/python3/dist-packages/softwareproperties/ppa.py
[10:57] <lastarms> histo: I don't have that...
[10:57] <lastarms> histo: I guess I'll just downgrade it then... too much time spent on this...
[10:57] <histo> lastarms: find / -name 'ppa.py' 2>/dev/null
[10:58] <lastarms> /usr/share/pyshared/softwareproperties/ppa.py
[10:58] <lastarms> /usr/lib/python2.7/dist-packages/softwareproperties/ppa.py
[10:59] <lastarms> I'm guessing the one in lib
[10:59] <histo> lastarms: most likely
[10:59] <histo> lastarms: you could diff them and see if they are different
[10:59] <histo> lastarms: find / -name 'ppa.py' 2>/dev/null | xargs diff
[10:59] <lastarms> histo: patch: **** Only garbage was found in the patch input.
[11:01] <lastarms> histo: nvm i did something stupid
[11:01] <histo> k
[11:02] <lastarms> histo: yup, that seemed to have worked allright. Thanx for your help!
[11:02] <histo> lastarms: np anytime
[11:34] <Voyage> the 65000 port limit on a machine is a hardware limit? if yes, if I have a VPS one a machine and one that machine there are 3 more vps hosted. I will get shared number of ports and not 65000 ?
[11:43] <rbasak> Voyage: it's a protocol limit. However if you give each VPS its own IP address, then you won't hit that restriction.
[11:44] <rbasak> (but if you do NAT, then you will depending on how you use it)
[11:45] <Voyage> rbasak,  so its 65000 ports for http , and 65000 ports for some other protocol . e.g xmpp?
[11:46] <Quoexl> anyone home?
[11:47] <Quoexl> all night long I had a chinese fellow trying to hack my ssh
[11:50] <rbasak> Quoexl: finding that people are trying to bruteforce your ssh is pretty common.
[11:50] <cfhowlett> Quoexl and presumably he failed - which is good!
[11:50] <rbasak> Just make sure that you don't use password auth (or if you do then all possible logins have secure passwords)
[11:51] <Voyage>  whats the max number of ports a machine can have opnned up?
[11:51] <Quoexl> 65536
[11:51] <Quoexl> I use 26 digit pass-sentences
[11:52] <ikonia> so why the concern ?
[11:52] <ikonia> you know it's being attacked, follow your standard white hat practices and secure the box/ignore the threat
[11:52] <Voyage> Quoexl,  the 65000 port limit on a machine is a hardware limit? if yes, if I have a VPS one a machine and one that machine there are 3 more vps hosted. I will get shared number of ports and not 65000 ?
[11:52] <rbasak> Just make sure that you don't have some login available that you don't know about. I use "AllowUsers" to whitelist ssh logins.
[11:52] <ikonia> (as you said you where a white hat security professional) this should be school boy basics
[11:52] <Quoexl> not really concerned, I threw up sshguard just in case
[11:53] <Quoexl> no I said I am a white hat from wayback
[11:53] <ikonia> right, so that is a security professional
[11:53] <Quoexl> well, people do pay me to do it
[11:53] <ikonia> so you should be able to manage this standard attack with ease
[11:54] <Quoexl> its done, I win
[11:54] <Quoexl> just sharing
[11:54] <ikonia> don't need break down of your day to day management of the host
[11:55] <cfhowlett> Quoexl share that kind of stuff, if you must, at http://thedailywtf.com/Default.aspx
[12:02] <maswan> tou know what also helps against ssh bruteforce attempts: PasswordAuthentication no
[12:09] <zul> jamespage: debian has packaged designate its still in proposed because its foobared
[12:21] <YamakasY> any webdav expert here ? or actually autofs ones ?
[12:24] <histo> !any | YamakasY
[12:27] <YamakasY> histo: you belong to any(one) :)
[12:29] <YamakasY> histo: you use it ?
[13:09] <ws2k3> Hello, my ubuntu machine got stuck while upgrading
[13:13] <ws2k3> i use do-release-upgrade and now it hangs at setting up nfs-common
[13:13] <pmatulis> ws2k3: upgrade from lucid to precise?
[13:14] <ws2k3> no
[13:14] <ws2k3> natty to ﻿Oneiric
[13:17] <ws2k3> what can i do about this ?
[13:17] <zul> jamespage: oh good you did logutils and signledispatch already
[13:17] <pmatulis> ws2k3: i don't think Oneiric packages are still in the regular repositories
[13:17] <pmatulis> http://archive.ubuntu.com/ubuntu/dists/
[13:17] <ws2k3> i use old.releashes as repository
[13:18] <pmatulis> oh
[13:18] <ws2k3> so i have the normale oOneiric repository
[13:18] <pmatulis> dunno.  all that comes to mind is
[13:19] <pmatulis> https://bugs.launchpad.net/ubuntu/precise/+source/nfs-utils/+bug/863741
[13:20] <ws2k3> ah oke well i cancalled the upgrade and did dpkg --configure -a so the upgrade showed up again haning on setting up nfs-common i cancesseled the upgrade of nfs-common and luckly it continue to do all the other packages
[13:24] <Cyberspirit> https://www.youtube.com/watch?v=seFWvCDQFv0
[13:39] <YamakasY> mhh automount is not running ?
[13:56] <ikonia> Cyberspirit: please don't post that sort of thing in this channel
[13:56] <Cyberspirit> roger
[13:57] <ikonia> thanks
[13:59] <jcastro> jamespage, are you guys going to be all set for running the UOS session in ~1 hour?
[14:00] <jamespage> jcastro, yup - gaughen is leading things
[14:00] <jcastro> rock
[14:01] <gaughen> jcastro, having some issues getting a hangout setup. getting an error message that "hangouts on air is disabled by the administrator"
[14:01] <gaughen> have you started one successfully?
[14:03] <YamakasY> anyone using autofs here ?
[14:03] <YamakasY> I need to mount a webdav share on ldap auth
[14:03] <jcastro> gaughen, I use my personal account for hangouts
[14:03] <YamakasY> it seems to create the folder for the mount, but no mount is made
[14:03] <jcastro> I don't think we can on-air from our work accounts
[14:03] <gaughen> jcastro, guess I have to relearn this each time
[14:04] <jcastro> how did it work last time?
[14:04] <gaughen> don't remember. gotta look. just finished making some caffeine. will drink some and then look.
[14:04] <gaughen> don't trust my brain until then. jcastro
[14:04] <jcastro> I agree
[14:11] <gaughen> jcastro, hmm, I used my work g+ last time
[14:18] <jcastro> gaughen, let me ask around
[14:18] <gaughen> jcastro, Leann has already asked IS, and we bugged mhall too
[14:19] <jcastro> oh
[14:19] <jcastro> she is having problems too?
[14:30] <psih0man> hello everyone!
[14:30] <psih0man> what is the future init in ubuntu server? upstart or systemd?
[14:31] <psih0man> I was looking at the bug tracker http://reports.qa.ubuntu.com/reports/rls-mgr/rls-r-tracking-bug-tasks.html#server and could not find an answer to this question
[14:33] <jcastro> gaughen, looks like we're supposed to talk to IS if you have issues
[14:34] <jcastro> psih0man, we're switching to systemd
[14:34] <jcastro> http://summit.ubuntu.com/uos-1406/meeting/22277/ubuntu-server-plans-around-systemd/
[14:34] <jcastro> there's a meeting tomorrow about it if you want to follow along ^^^^
[14:35] <psih0man> jcastro: thank you
[14:36] <gaughen> psih0man, yeah, please come ask questions tomorrow!
[14:39] <psih0man> jcastro: is the switch to systemd planned for the next release or is this to be discussed during the meeting?
[14:40] <jcastro> I am not sure, last I heard foundations wanted to switch asap, but I haven't been following the discussion
[14:41] <jcastro> http://www.piware.de/2014/04/booting-ubuntu-with-systemd-now-in-utopic/
[14:41] <jcastro> https://lists.debian.org/debian-devel-announce/2014/05/msg00001.html
[14:47] <pcn> Is there anyone familiar with the process that canonical uses for creating the .ovf files, and/or what platforms the file is meant to be able to work with?
[14:48] <pcn> ^^^ the .ovf files for the server cloud images
[16:52] <lordievader> Good evening.
[17:07] <stgraber> zul: thanks for the patches, I was just about to refresh the python2 binding based on all the changes that went into the python3 recently. I believe there are 2-3 more changes to cherry-pick. I'll apply your changes and do the remaining cherry-picking ones I'm done with vUDS
[17:08] <zul> stgraber:  coolio...thanks
[17:57] <heph> Not sure if y`all are aware, but the us-west-2 ec2 mirrors are returning 403s when trying to download packages.
[17:57] <heph> my guess is someone uploaded some files but forgot to set the s3 permissions
[17:57] <heph> but it's turning my deploys into derploys, so I was hoping someone here could get that resolved
[17:57] <sarnold> heph: s3 is funny, it never returns 404 -- it returns 403 instead, to avoid leaking information if an URL exists but permissions wouldn't allow it
[17:57] <heph> ah, that's weird
[17:58] <sarnold> heph: certainly annoying :)
[17:58] <sarnold> heph: just to make sure, you ran apt-get update just before? or the tools appear to do that for you before upgrading?
[17:59] <heph> sarnold: so, when i use archive.ubuntu.com I can download the package gettext=0.18.1.1-10ubuntu3 (raring) fine, but when I use us-west-2.ec2.archive it fails with 403
[18:00] <heph> yes, apt-get update was ran
[18:00] <sarnold> heph: thanks :)
[18:00] <heph> so, sounds like an incomplete mirror in s3 then?
[18:01] <sarnold> heph: perhaps. we're a fairly .. "heavy" user of s3, our archive mirrors have found problems in s3 hosting before..
[18:05] <heph> I bet =)
[18:05] <heph> It's your own fault, really... being so successful and all =P
[18:12] <sarnold> heph: haha :D yes, exactly :)
[18:13] <heph> Can I relay to my team that someone is going to look into the s3 mirrors?
[18:15] <sarnold> heph: yes; I've kicked it up the channels :)
[18:15] <heph> thx =)
[18:15] <sarnold> thanks for reporting it :)
[18:17] <sarnold> heph: oh cripes. I'm just now noticing that you mentioned 'raring' in your error message. raring was EOL'd back in january.
[18:17] <sarnold> heph: https://wiki.ubuntu.com/Releases
[18:18] <sarnold> heph: note that saucy EOLs in a month; it would be best to aim for 12.04 LTS or 14.04 LTS, depending upon which set of software versions you want
[18:18] <heph> yeah, it's legacy, we're working on it. can we expect the ec2 mirrors to not be kept up to date with the main archive mirrors though?
[18:18] <heph> even though it's eol, the main mirror works
[18:19] <sarnold> heph: at some point the main mirror will stop carrying it, and it'll move to old-releases
[18:19] <sarnold> heph: I don't know when they get around to culling old content from the main archives, but I'm surprised it still works :)
[18:26] <heph> doh, thanks for that clarification. guess it's time to switch our legacy systems to the archive.ubuntu mirror =|
[18:30] <sarnold> heph: do realize that since raring was EOLd, there've been some high-visibility security problems -- at least one local->kernel privilege escalation, heartbleed, half-dozen other openssl issues, and scores more CVEs. Upgrading to an LTS release would cover a lot of asses^Wbases :)
[19:07] <friendlyguy> hi there. i'm trying to setup a lab with a sendmail server receiving mail via smtp in a virtual network(from another host/application). most things work already, BUT the sendmail server rejects the e-mail because the sender address does not resolve. i know that it doesn't resolve, and i don't want it to resolve. can someone tell me a easy way to deactivate this "feature"?
[19:59] <sarnold> smoser: thanks for collecting some nice tweets :)
[20:00] <smoser> that was fun.
[20:00] <smoser> hopefully now ubuntu security will pop up on random people's youtube searches
[20:00] <sarnold> ha
[20:08] <mdeslaur> thanks smoser :)
[20:14] <parallel21> vsftpd allows root login by default?
[20:40] <[lutchy]> friendlyguy, people still use 'sendmail' :s
[20:43] <[lutchy]> In postfix, it would be part of smtpd_sender_restrictions, that does FQDN check
[20:43] <[lutchy]> Look through 'sendmail' docs that will you tell how to disable that
[20:59] <histo> YamakasY: What?
[21:16] <marshall> hey ubuntu
[21:16] <marshall> how do I start iptables? it's installed but i don't think it's running
[21:24] <[lutchy]> iptables is part of the kernel
[21:25] <[lutchy]> So, there is no enable or disable or service to run... One would need to apply rules
[21:26] <[lutchy]> Some distributions have software that manages that for you... Take a look at http://www.thegeekstuff.com/2011/06/iptables-rules-examples/
[22:00] <marshall> how do i get `iptables -t nat -A PREROUTING -p tcp --dport 80 -j REDIRECT --to-ports 5984` to work?
[22:28] <hallyn> rbasak_: hey, i'm trying to run uvtool on precise from the ppa, but it appears to be not installable?
[22:29] <hallyn> http://paste.ubuntu.com/7625825/