[00:00] <gjpminingco> hey all i am needing some major help
[00:02] <gjpminingco> I have a Server running Ubuntu Server 14.04, I have my Internet coming in on port em1 with a static IP, I want to Give Inet access to all my hardware on my switch that is connected to my server via em2 and i had it working but now after trying to install a dhcp server for all non static ip hardware i have lost internet access for my hardware on my switch
[00:07] <sarnold> gjpminingco: check your IPs on your interfaces, routing tables, iptables rules, and ip_forwarding sysctl..
[00:13] <gjpminingco> is there anyway i can keep my system from loosing it's Static IP every time i restart
[00:14] <sarnold> gjpminingco: set the ip in /etc/network/interfaces ?
[00:16] <gjpminingco> thanks
[00:24] <gjpminingco> anyone any good at setting up ICS on ubuntu server and Also setting up DHCPD to run also
[00:25] <sarnold> ICS?
[00:29] <gjpminingco> Internet Connection Sharing
[00:58] <sarnold> gjpminingco: ah. you probably want to research iptables snat -- the nicest description of snat and dnat I've seen so far is here: http://www.linuxquestions.org/questions/linux-security-4/iptables-dnat-snat-and-masquerading-264649/#post1341452 -- but perhaps there are better guides :)
[00:59] <sarnold> gjpminingco: I'm lazy enough I'd probably try shorewall frontend first :)
[01:04] <Patrickdk> :)
[01:04] <Patrickdk> sarnold, it's required, when you have like 20+ vlans, and vpn's and other crap all going on in the same box
[01:04] <Patrickdk> way too much to do by hand
[01:05] <sarnold> Patrickdk: that's encouraging :) nice to hear there' ssomething that does a tolerable job with complex setups :)
[01:06] <Patrickdk> ya, my first attempt at it was nice :)
[01:06] <Patrickdk> a xen machine, like 5 different internal bridges, two external nics, and 6 vpn's
[01:06] <Patrickdk> different vpn's where allowed different access to the internal bridges/xen clients
[01:07] <Patrickdk> could be done by hand sure, but the mount of time for a simple change would have been painful
[02:00] <zartoosh> hi what process creates /etc/network/interface file ? thx
[02:01] <RoyK> zartoosh: vi
[02:02] <zartoosh> RoyK,  no what I mean is, this file originally get populated with network interfaces , what process does this? thx
[02:03] <RoyK> zartoosh: it's pre-built by the installer
[02:16] <zartoosh> RoyK, okay I tried to modify its content through preseeding it failed... thanks
[02:53] <DaD> DaD  Lo all.. Any sysops maintaining Ubuntu 14.04LTS AMP stack servers?
[03:12] <slompo> hi
[03:13] <slompo> A Brazilian?
[03:13] <sarnold> slompo: there is #ubuntu-br
[03:14] <DaD> Guys... I need some help
[03:14] <slompo> thanks sarnold
[03:14] <sarnold> slompo: you're welcome, have fun :)
[03:15] <slompo> have people from all over the world here?
[03:20] <slompo> you think it worth being set up a small host to host small websites and email accounts of small businesses? Or would it be better to leave it on account of the great hosts?
[03:22] <sarnold> slompo: I suggest looking at email and web hosting differently; email is an absolutely miserable thing to host yourself but hosting your own website is not too bad
[03:23] <sarnold> slompo: of course, handling spikes of web traffic (slashdot, daringfireball, etc.) can be pretty hard on your own, but that's not a problem most people have. keeping up on security fixes for your website software is the main task and that's also not terrible, just tedious most of the time :)
[03:24] <slompo> I understand. I already have a server in digitalocean, but my emails are on dreamhost, and I suffer a bit with this. In Brazil we do not have very good service providers.
[03:36] <slompo> -h
[03:38] <slompo> bye, thanks
[05:21] <lordievader> zartoosh: What you could do is modify the 70-net-persistent rule and change the name to eth0.
[08:13] <liquid-silence> hi all, setting up a new mail server, should I just use postfix + sql backend? or would I need to think of dovecot
[08:13] <peetaur2> postfix is a MTA... it doesn't give users their mailboxes. You need a thing like dovecot for that.
[08:14] <liquid-silence> or courier-imap?
[08:14] <liquid-silence> I am looking for something that does however give me the ability to create accounts via database or something
[08:14] <liquid-silence> as it will be multi domain
[08:15] <liquid-silence> but I also don't want to spend 10 hours when adding one account
[08:17] <liquid-silence> peetaur2 so I presume I need to look at dovecot + postgresql?
[08:17] <peetaur2> yes probably you want a database supported by both your MTA and whichever IMAP server you choose
[08:18] <liquid-silence> ok dovecot it is, have not done this in a while though :D
[08:18] <liquid-silence> mind if I ask some more questions?
[08:28] <fathi_> anyone can help me please ?
[09:11] <pds> any one around here that has xp with preeseeding and is will to help me out setting it up => already created the preseed file since it my first time doing so i would like to have a peerreview http://dpaste.com/1V7C296
[09:14] <pmatulis> pds: what problem are you having?
[09:15] <pds> well i would like to know how i can test it out
[09:15] <pds> and if the preseed file is out
[09:15] <pds> and if the preseed file is correct *
[09:16] <peetaur2> pds: I put mine in the initrd on the netboot server
[09:17] <peetaur2> pds: but that means you need a whole new initrd for each uniquely configured machine, rather than just a new preseed for each machine
[09:17] <peetaur2> pds: which is fine for me... so if that's fine for you, I can tell you how to do that
[09:17] <pmatulis> not many people are willing to comb a preseed file.  best is to try it, try to fix any resulting error, and then ask here if you need help
[09:17] <pmatulis> pds: ↑
[09:18] <pds> it may be a better idea if i can swap the preseed files at will, but at this moment i just want to get a PoC working
[09:21] <pds> so let the beast go, and let's go nuts
[09:23] <peetaur2> pds: so I don't know if you want it but if you do, here's what I do to pack the preseed into the initrd http://pastebin.com/iXDPDssb
[09:25] <pds> what would be the effect of this?
[09:27] <peetaur2> anything booting from your netboot will use the preseed
[09:28] <peetaur2> assuming you set the dirs right ;)
[09:29] <pds> spoiler: brace yourself newbie questions related to pxe booting and preseeding incomming
[09:30] <ed8> hi, I'm working on a systemd services and when I try to run: systemctl daemon-reload
[09:30] <ed8> I got: systemctl: command not found
[09:30] <ed8> the 'systemd{,-shim}' packages are installed
[09:31] <ed8> I'm running on a 14.04
[09:32] <pds> i would like to pxe boot a ubuntu server 14.04LTS with the seed file i wrote http://dpaste.com/1V7C296.  After that i would like to use ansible do some configuration files.
[09:34] <pds> so a) how can i pxeboot the server, b) how can i couple the preseed file that i wrote to do it's business (automate the installation) and c) how can i provide a custom script at the end to wget the ansible stuff and let it spin
[09:53] <pmatulis> pds: netbooting, preseeding, and custom installation scripts is a big topic.  you will get better help here if you do some research beforehand
[09:56] <pds> did so see resources
[09:58] <maxb> pds: I had a quick look at your preseed.cfg paste. I quickly stopped looking at it because it was so mired in commented out stuff, I couldn't easily see the functional bits. In any case, preseed setup always ends up requiring actual testing. It's sadly not practical to expect to write a preseed which works first time
[09:58] <peetaur2> he actually did quote resources before, which had all the steps...
[09:58] <peetaur2> not sure why he didn't try them :D
[09:58] <peetaur2> (yesterday I think)
[09:58] <maxb> So, test it, and come back with questions if you can't solve how it breaks! :-)
[09:59] <pds> for petes sakes how do i test in the first place
[10:01] <peetaur2> pds: Yesterday, you linked http://digitalsanctum.com/2013/03/22/how-to-setup-a-pxe-server-on-ubuntu/ and I linked http://www.linuxquestions.org/questions/linux-newbie-8/automated-remote-installs-of-ubuntu-using-kickstart-802660/
[10:02] <peetaur2> pds: and then I said those are fine, but use pressed instead of kickstart
[10:02] <peetaur2> and you already have a preseed file, so just put it in the initrd, skip thte kickstart steps (which makes the web server obsolete also), and then try it, and come back with errors and confusion, but not just "please tell me all the steps on IRC" ... these guides already do that fine.
[10:03] <maxb> pds: You test by attempting to run an installation
[10:03] <maxb> "Try it out and see if it works" is a pretty simple testing methodology :-)
[10:05] <peetaur2> yes
[10:05] <peetaur2> and then you are welcome to come back with any errors or questions to resolve confusion
[10:06] <peetaur2> but IRC is really not the place for pasting howtos
[10:06] <peetaur2> howtos for very specific things, sure... but not for general things where the only specific part is your preseed file
[10:37] <pmatulis> pds: truth be told, this stuff can be confusing due to the different ways to achieve preseeding.  are your targets virtual or real?
[10:51] <mndo> Hi, I am having network problems on the guests of a kvm trusty server - pinging the guest goes from a couple of ms to several seconds.. any ideas?
[10:55] <oro> hi all, any experience here with bcache?
[10:55] <oro> udev screws up bcache* naming after each reboot. Ubuntu 14.04, bcache-tools from PPA
[11:07] <rbasak> oro: I'd like to land bcache-tools in the archive proper, so I'm quite interested in the issue you have.
[11:07] <rbasak> oro: but I haven't actually tried it myself yet. Let me know what you find though, please?
[11:10] <oro> rbasak, http://pastebin.com/A9YBL9Ag
[11:10] <oro> here you can see, that after two boots the bcache*  numbered devices get their names in different order
[11:11] <oro> I want to have one disk SSD cache (/dev/sdn) in front of 11 HDDs (/dev/sd{b,c,d,e,f,g,h,i,j,k,l})
[11:20] <oro> rbasak, also you can see the wrong registration order in dmesg
[11:20] <oro> http://pastebin.com/vEjpKm00
[11:33] <pds> pmautils following http://www.linuxquestions.org/questions/linux-newbie-8/automated-remote-installs-of-ubuntu-using-kickstart-802660/ atm
[11:33] <pds> testing on virtuals
[11:34] <pds> but the actual devices are real
[11:34] <pds> the final project that is
[11:51] <pds> so following the tutorial
[11:51] <pds> sudo /etc/init.d/openbsd-inetd start =>  * Not starting internet superserver: no services enabled
[11:58] <pds> @pmatulis seems like the tutorial you gave me could use an update
[11:59] <pds> do you actually need openbsd-inetd
[11:59] <pmatulis> pds: i didn't give you a tutorial
[11:59] <pds> well you linked to http://www.linuxquestions.org/questions/linux-newbie-8/automated-remote-installs-of-ubuntu-using-kickstart-802660/ no
[11:59] <pds> nmv that was peetaur
[12:00] <pds> any way do you actually need openbsd-inetd
[12:01] <pds> god darn it how hard can it be to find a decent source on how to preseed an ubuntu server 14.04 LTS
[12:05] <pmatulis> pds: go for the original documentation.  you are referring to blogs and forums
[12:06] <pds> #http://digitalsanctum.com/2013/03/22/how-to-setup-a-pxe-server-on-ubuntu/ #http://www.linuxquestions.org/questions/linux-newbie-8/automated-remote-installs-of-ubuntu-using-kickstart-802660/ #http://linux.opm.si/programska-oprema/ubuntu-14-04-network-install  #UNIX and Linux System Administration Handbook 4th Edition (Jun 2010) #page 417 - 419  #ftp://cpe-69-205-130-169.stny.res.rr.com/Public/E-BOOKS/Linux%20System%20Administrati
[12:06] <pds> how many more do you need :)
[12:06] <pds> give me a sec
[12:06] <pds> here you go
[12:06] <pds> http://dpaste.com/0FY7V8N
[12:06] <pds> that all the stuff i read over the past 2-3 days
[12:09] <pds> sp you can't blame for not trying
[12:13] <pmatulis> pds: here:
[12:13] <pmatulis> http://www.debian.org/releases/stable/i386/apb.html.en
[12:13] <pmatulis> http://d-i.alioth.debian.org/doc/internals/
[12:15] <pmatulis> pds: and i asked you a question but you did not answer, so i'm also trying to help you
[12:24] <pds> i'm not blaming you i'm just getting a bit frustrated because i'm reading reading reading without having any  progress
[12:24] <pds> what was your question i may have missed is because well i was reading
[12:26] <pds> hmmm if is about real or virutal i did answer
[12:26] <pds> testing on vm's because if i fuck up something it's easier to throw away and restart
[12:27] <pds> but the final goal is psychical devices (hp thin clients) to be exact
[12:29] <pds> around [13:33] to be precise
[13:26] <pmatulis> pds: ok
[13:26] <pmatulis> pds: you will need at the very least a web server to dish up the preseed files
[13:27] <pmatulis> pds: you can point to those files in different ways
[13:30] <pmatulis> ==> virt-install (for virtual installs) or pxe (needs dhcp,isolinx) are 2 popular ways
[14:04] <LarsN> when using preseed to automate pxe installs of 12.04, I'm running into a small catch.  I have the following entry in my preseed file: d-i debian-installer/locale string en_US
[14:04] <LarsN>  however the installer still pauses, waiting for me to specify which country I'm in.
[14:04] <LarsN> Is the solution as simple as adding: d-i debian-installer/country string US
[14:05] <LarsN> which I would have thought to be redundant?  Or is there another setting I need to include to get past the country string.
[14:05] <ldelarosa> Hello guys I need some help, I just set up apache as reverse proxy and It's working with "http" but not with "https"
[14:07] <LarsN> looks like d-i debian-installer/country string US did fix it.  Good to know.
[15:04] <zartoosh> lordievader, thanks that worked.
[15:09] <lordievader> zartoosh: Nice, good to hear.
[15:49] <lordievader> Good afternoon.
[16:28] <Demon_Jester> hey guys i have a linux based server at my home and im currently in the process of "hardening" it. I am wanting to know if anyone here that manages on linux based servers that setup alerts you for suspicious activity.
[17:04] <sarnold> Demon_Jester: checking for apparmor DENIED messages is a good way to see if confined services or programs are being probed; checking dmesg for segfaults is useful; checking authentication times may be useful...
[17:07] <Demon_Jester> well i mean im thinking of writing a script to send me alerts when im away if stuff has been modified or if it finds other things still wip
[17:09] <sarnold> Demon_Jester: makes sense; apt-cache search tripwire shows some similar tools that may be helpful
[17:11] <Demon_Jester> sarnold: ok thanks
[17:19] <zul> hallyn:  ping
[17:28] <patdk-wk> tripwire is nice
[17:28] <patdk-wk> but also, tripwire is predictable, first thing people look for
[17:28] <patdk-wk> just hope you get your security done good
[17:59] <Trudko> hi guys I have ubuntu server where I have production code and I would like to easily create copy of that so I can run it locally in vm to test the code
[18:18] <aandy> hi, anyone who has experience with carp on ubuntu? i'm using ucarp, but my question is general: i have a simple setup of advskew for master/slave of 1 and 100. it works as expected (slave takes over as master fails), but master regains the ip "too fast" (i.e. before a service has been started). which parameter is it i'm suppose to change to let the master be online for a bit longer before gaining the ip again
[18:26] <hallyn> zul: what's up
[18:27] <zul> hallyn:  how does lxc-snapshot work with unprivileged containers
[18:27] <hallyn> zul: same way as with privileged containers...  it creates a overlayfs clone in a custom lxcpath
[18:27] <hallyn> zul: the location has changed recently, so i'm not sure where it ends up in trusty
[18:27] <zul> hallyn:  ok
[18:27] <hallyn> it could be .local/share/lxcsnaps or .local/share/lxc/$container/snaps
[18:28] <hallyn> stgraber: https://jenkins.qa.ubuntu.com/job/utopic-adt-cgmanager/27/ARCH=amd64,label=adt/console  i have no idea what is going on.  is it ok for the adt testcase to restart cgmanager with --debug and then print out the /var/log/upstart/cgmanager.log?
[18:29] <stgraber> hallyn: sure
[18:34] <Level15> hi. I am trying to install mantis bug tracker on ubuntu 14.04. According to https://launchpad.net/ubuntu/trusty/+package/mantis there is a mantis package for trusty, however, when i do aptitude search mantis i get nothing. Any ideas?
[18:35] <hallyn> stgraber: ok trying
[18:37] <sarnold> Level15: looking for the mantis source package itself shows a different story, only available for lucid, precise, saucy: https://launchpad.net/ubuntu/+source/mantis
[18:37] <Level15> sarnold: hm, so that means the package does not exist for trusty?
[18:40] <sarnold> Level15: that's whatthat looks like -- it was removed from debian eight months ago: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=730121
[18:41] <Level15> sighs
[18:41] <Level15> thanks
[18:52] <GrantK> When I ssh into my ubuntu 12.04LTS server, my login message announces: Your current Hardware Enablement Stack (HWE) is going out of support ... Install a newer HWE version by running: "sudo apt-get install linux-generic-lts-trusty linux-image-generic-lts-trusty"
[18:52] <GrantK> but, when I exec that install cmd, it reports: "linux-generic-lts-trusty is already the newest version. linux-image-generic-lts-trusty is already the newest version."
[18:52] <GrantK> Do I actually need the update? or is the message 'confused'?
[18:57] <GrantK> checking `hwe-support-status --verbose` returns "Your Hardware Enablement Stack (HWE) is supported until April 2017."
[18:58] <GrantK> which to believe?
[19:09] <genii> GrantK: I'm inclined to believe hwe-support-status
[19:18] <GrantK> genii: Checking versions manually, I'm 'correctly' updated, apparently.  Seems you're right. Nice if the notices get fixed -- but NBD if you know actual state.  Thx!
[19:22] <bitfury> !info mysql-server
[19:59] <lordievader> Upgraded to Trusty from Saucy like a smooth ride. Nice work Ubu server devs \o/
[20:04] <bitfury> !info apache
[20:04] <bitfury> !info apache2
[20:39] <bitfury> !info vtiger
[21:02] <ashd> sarnold:
[21:02] <ashd> oops
[22:27] <ghsh> hello
[22:28] <ghsh> where can i ask some questions right here on channel or ?
[22:28] <sarnold> ghsh: welcome to irc; irc works best if you just ask questions directly and wait around a little while for an answer
[22:28] <Patrickdk> never
[22:28] <Patrickdk> !ask
[22:29] <sarnold> sigh
[22:29] <Patrickdk> bots where made to be abused
[22:29] <Patrickdk> just if someone could get all my triggers programmed into it