[00:22] <tjbenator0> Spam filtering now functional. Thanks for pointing me in the right direction.
[01:07] <ruben23> hi guys i have a ubuntu server- is there any solutions where i can image the whole system or even snapshot to revert from aworking system...so anything happens i can revert back right away.
[01:23] <ruben23> guys any suggestion how can i backup my working ubuntu server and save it as image incrementally- in any event i can revert to a working image and restore it.
[01:45] <tjbenator0> You could use something like rsnapshot to back up config files, etc.
[01:45] <tjbenator0> You could restore files as needed
=== CripperZ- is now known as cripperz
=== cripperz is now known as N0DE`
[02:03] <kriskropd> how do I know if removing tomcat6 from my server will affect another package that depends on it?
[07:43] <lordievader> Good morning.
[08:32] <cwhy1> howdy
[08:40] <lordievader> Hey cwhy1, how are you?
=== ashleyd is now known as ashd
=== Adri2000 is now known as Guest58072
[09:53] <Abhijit> ubuntu server is does partition as specified in sample.seed file in cobbler. but it do not understand the network configuration. instead halts for user input for network configuration.
[09:54] <Abhijit> what do i need to do to make cobbler sample.seed work perfectly with ubuntu server 14.04?
[09:54] <Abhijit> lammy, is spamming with porn links in pm.
[09:54] <Abhijit> ops^
=== N0DE` is now known as CripperZ-
=== trijntje_ is now known as trijntje
[12:07] <zartoosh> hi there is ubuntu-destop package, but there in no ubuntu-server package. Is ubuntu-minimal close to ubuntu-server ....? thx
[12:07] <RoyK> zartoosh: ubuntu server is just ubuntu desktop without the desktop part
[12:09] <Abhijit> ubuntu server is does partition as specified in sample.seed file in cobbler. but it do not understand the network configuration. instead halts for user input for network configuration.
[12:10] <peetaur2> zartoosh: minimal is basically 'server' without the server... just install ssh, or whatever you need.
=== Cyberspirit is now known as freax
[12:22] <zartoosh> RoyK, Abhijit  peetaur2  thanks for your feedback. I am investigating installation of ubuntu-server on a separate disk. The debootstrap automaitcall install some packages which conflict with ubuntu-server, i.e. it install buysbox, but ubuntu server requires busybox-static.
[12:22] <Abhijit> ??
[12:22]  * Abhijit goes back to check what did he contributed?
[12:23] <peetaur2> zartoosh: think of those ubuntu-minimal/server things as starting points... just install them once, then install what you want (and remove ubuntu-minimal also, which won't uninstall the things it installed)
[12:23] <peetaur2> remove only if it is because of a conflict
[12:23] <RoyK> zartoosh: why busybox?
[12:24] <zartoosh> RoyK debootstrap install busybox as default, it is not my choice.
[12:24] <ikonia> why would you just not do a standard ubuntu server install
[12:25] <ikonia> rather than this round the houses approach
[12:25] <peetaur2> if you don't need it, then you shouldn't care which one is installed... just mash some keys until it's happy
[12:25] <peetaur2> yeah good question.. what is he starting with ... these should be installed already by the installer
[12:25] <ikonia> download ubuntu server, burn CD/usb stick, install done
[12:25] <ikonia> 20 minutes work
[12:26] <ikonia> rather than this complex process
[12:26] <zartoosh> ikonia, it is for field implementation which there is no access to ubuntu.archives,
[12:26] <ikonia> what has that got do with anything ?
[12:26] <ikonia> burn CD/usb stick
[12:26] <ikonia> no acccess to ubuntu.acrhives needed
[12:27] <zartoosh> ikonia, you are right as I said I am investigating possible solution...
[12:28] <ikonia> there is no need for a solution
[12:28] <ikonia> there is no problem
[12:28] <zartoosh> ikonia, :)
[12:28] <ikonia> I'm not joking
[12:28] <ikonia> I don't see a problem, so I don't understand why you are doing this
[12:29] <zartoosh> ikonia, okay so, as I said just looking at possibility of using debootstrap, that is all..
=== [Abhijit] is now known as Abhijit
=== Guest58072 is now known as Adri2000
[14:21] <punkgeek> can i encription /root with LUKS ?
[15:12] <LarsN> I'm running into a problem while trying to do an unattended installation using Preseed.  Specifically the partitioner starts, and then nearly immediately crashes out with a "not root filesystem" error.  The partitioning part of the preseed file is listed here: http://pastie.org/9389004
[15:13] <LarsN> Is there anything special I need to do if I've got Intel Matrix Raid devices?  I "think" the installer might not be seeing the raid device?
[15:20] <kully> hey all; how can I hide hidden folders from an ftp user. Guy will be connecting in VIA filezilla and it's showing all the hidden ubuntu files/folders of his directory
[15:20] <kully> i.e. .ssh .bashrc etc
[15:23] <DeltaHeavy> kully: Not sure if you can. You could change the ownership/permissions of them and take away execute rights for that use.
[15:23] <DeltaHeavy> In order to "enter" a directory you need to have execute permissions.
[15:25] <kully> ok cool. I'll look into that, also is there anyway to have him redirect to a certain directory on sftp login?
[15:25] <kully> i.e. instead of hitting his /home/ dir to hit /var/www/ upon sftp log in
[15:26] <DeltaHeavy> kully: I believe so. I highly suggest the use of SFTP over FTP. You can do quite a few things to make it secure. I usually have the SFTP user jailed in their home directory and have local mounts in their homedir, one for each website they'd be editing on that server.
[15:26] <DeltaHeavy> kully: You also might want to change the default shell for that SFTP user to '/bin/false'
[15:26] <LarsN> kully: from within the filezilla client I believe you can direct it to /var/www as an example.
[15:27] <LarsN> kully: also depending on which FTP server you're running you can make changes on the server side.  I agree with DeltaHeavy though, if you can direct him/her toward sftp you're in a lot better shape security wise.
[15:27] <DeltaHeavy> kully: To make it so that dir is their default directory (I reccommend the other method I told you about, and I can help you do that), just change the user's home dir.
[15:27] <DeltaHeavy> FTP is insecure as hell and garbage for a few other reasons. Slower being one of them.
[15:27] <kully> LarsN I'm trying to make this as simple for the user as they arn't to tech literate. I just want him to click on filezilla and beable to drop the files in the directory
[15:27] <LarsN> if you have to use FTP, you should set the user's shell to /bin/false, as he/she'll be sending username/password in plain text.
[15:27] <DeltaHeavy> FTP IMO should be considered a "Legacy Protocol" and avoided at all costs.
[15:27] <kully> yeah I'm using sftp authenticating with rsa
[15:27] <LarsN> kully: filezilla supports sFTP out of the box.
[15:28] <kully> right i'm using sftp for this
[15:29] <LarsN> for true double-click only, you could go so far as to provide a set of keys for this user/folder and associate the private key within filezilla.
[15:29] <LarsN> kully: iirc, (and it's been years since I've used FTP), you should be able to do virtually anything you want with vsftp.
[15:29] <LarsN> s/vsftp/vsftpd
[15:29] <DeltaHeavy> He's using SFTP though. Forget about FTP.
[15:30] <DeltaHeavy> kully: You going to change their home dir, or just do network mounts? IMO if you set up the account right you can just remove all folders like .bashrc and .ssh
[15:30] <kully> yea i didn't want to use vsftp because that would negate all the other security settings I have in place
[15:30] <DeltaHeavy> Actually, if you're using RSA auth, they NEED to have permissions into .ssh I think. I could be wrong though.
[15:30] <kully> yeah they need permissions to .ssh
[15:31] <kully> I was thinking of creating a symlink to the directory in the dir
[15:31] <kully> but I want filezilla to not show hidden files/folders
[15:31] <LarsN> kully: one second, installing filezilla to look :)
[15:31] <kully> haha thanks!
[15:31] <DeltaHeavy> kully: That'd be less secure IMO. I'd just give them access to .ssh.
[15:32] <DeltaHeavy> Like, it COULD be less secure. It sounds weird.
[15:32] <kully> yeah currently he does have access to all that stuff, and that's ok, I just don't want him to see it. He's the COO and he'll be like what are these files and why can I see them. I just want to see /var/www/whatever/documents
[15:33] <kully> so I want to redirect the sftp default directory for just his user to /var/www/whatever/documents
[15:33] <LarsN> kully: so, when you setup the new site in Filezilla
[15:33] <LarsN> and set it to SFTPd
[15:33] <DeltaHeavy> kully: And expalin "It's needed to log in without a password" and be done with it. The .bashrc and all that can be fixed by changing their shell to '/bin/false'.
[15:33] <LarsN> under "advanced" you can set the "default local directory"
[15:34] <kully> Lars
[15:34] <kully> nice
[15:34] <LarsN> which would let you have /home/someuser  be his home directory, but /var/www/ as what shows up
[15:34] <kully> that's exactly what I neded. Perfect
[15:34] <DeltaHeavy> I spent a lot of time configuring SFTP to make it safe, as for small web projects I store the password for that account in plain text on my local machine for an SFTP plugin for my text editor. Since that's a huge problem, I secured the ever living crap out of my SFTP account.
[15:34] <LarsN> s/would/should
[15:34] <LarsN> want to clarify, I haven't tested this....  :)
[15:34] <kully> yeah I'm going to test it now; seems like that's what I'm looking for though
[15:35] <LarsN> been so long since I've used filezilla, I thought that feature was there, but wasn't sure.
[15:36] <kully> yep. That works like a charm
[15:37] <LarsN> kully excellent.  I'd still suggest working to ensure strong security around the user and SFTP in general.
[15:37] <DeltaHeavy> kully: I also suggest making an 'sftp' group and applying this to the **END** of your /etc/ssh/sshd_config - http://paste.ubuntu.com/7794011/
[15:37] <LarsN> but glad the filezilla parts work at a minimum.
[15:37] <DeltaHeavy> kully: That in combination with changing the default shell to /bin/false, and making some entries in /etc/fstab for local mounts, you're gold.
[15:38] <DeltaHeavy> I can walk you through it if you wish. It's safe enough for me to comfortable have my password for any secured account in a plain text file on my local machine, that I fear may one day be accidently pushed to a git repo :p
[15:38] <LarsN> anyone here an Preseed wizard with experience around Intel Matrix "raid" devices?
[15:38] <DeltaHeavy> It's basically a bare SFTP account not capable of any shell or shell-like activities.
[15:39] <kully> Delta: yeah I'm setting those things now too. That's perfect.
[15:39] <kully> i'm in a good place now thanks guy
[15:39] <kully> s
[15:39] <kully> and gals
[15:40] <LarsN> *ThumbsUp*
[15:40] <DeltaHeavy> kully: np, if you need any help feel free to come. ALso I forgot to mention to MAKE that group (the one I call 'sftp') and apply it to the user you want.
[16:11] <DeltaHeavy> Back when I was using Ubuntu mainly as a desktop I heard upgrading from version to version was somewhat buggy and problem prone. Is this still the case? I have a LEMP server running 12.04, and it'd be nice if I could upgrade it to 14.04 but I don't want to gamble with a production server. Are there ANY disadvantages to running the update?
[16:12] <DeltaHeavy> I assume my LEMP stack will be updated and I suspect everything will work fine on newer versions of the server software and PHP. I'm using MariaDB so it won't effect that.
[16:13] <bekks> DeltaHeavy: That assumption heavily depends on the software used.
[16:14] <DeltaHeavy> bekks: It's a production server for 2 websites that are almost completely static. Is that what you meant? Otherwise I'm not sure what you mean.
[16:14] <DeltaHeavy> Also if I do it I'll be doing in the middle of the night where I can handle up to 6hrs of downtime.
[16:14] <bekks> static websites with mariadb and php? Sounds - odd :)
[16:14] <DeltaHeavy> Further downtime wouldn't be disasterous either. These aren't high traffic websites.
[16:15] <OliPicard> Greetings all, I am using a VPS with a hosting firm. I have tried to run a graceful reboot on the server using shutdown -r now and reboot now however the server is unresponsive. any idea why?
[16:16] <DeltaHeavy> bekks: They do a few things via PHP/MariaDB. Mostly dealing with the YouTube, MailChimp, and EventBrite API which is pretty minimal, and as entries are added to the API I store them in the DB too for insurance.
[16:25] <patdk-wk> the upgrade stability depends on many things
[16:25] <patdk-wk> if you made config changes the debian/ubuntu way or not
[16:25] <patdk-wk> the changes packages have made (if any)
[16:26] <patdk-wk> and if you are using no-longer supported features (big issue with php)
[16:32] <DeltaHeavy> patdk-wk: I know all the PHP in this site will be compatable with v5.5. I've made very little configuration changes in /etc/nginx/nginx.conf and /etc/php5-fpm/<whatever the pool file is>, and would be A-OK with making these changes again. Are there ANY other drawbacks to doing an upgrade?
[16:32] <DeltaHeavy> I remember doing it from 8.04 to 8.10 which ended up being disasterous but I was a GNU/Linux noob at the time.
[16:32] <patdk-wk> I had big issues back in 7.x 8.x and 10.x for upgrades
[16:32] <patdk-wk> I haven't had really little annoynces with 12.04
[16:32] <DeltaHeavy> How will it differ than a clean install of 14.04?
[16:32] <patdk-wk> and 14.04 has been very smooth
[16:32] <DeltaHeavy> Or is it pretty much the same.
[16:33] <DeltaHeavy> I guess going from LTS to LTS would be a lot smoother too since they'd focus on that more I guess.
[16:33] <patdk-wk> well, it's pretty much almost exactly the same
[16:33] <patdk-wk> the difference is, preferences set from 12.04 default install will hang around
[16:33] <patdk-wk> vs getting 14.04 preferences
[16:33] <patdk-wk> but that is normally a gui/gnome thing, not server
[16:34] <DeltaHeavy> Yeah, that's totally fine with me.
[16:34] <patdk-wk> the one thing you might have issues with, if your using 12.04 or so
[16:34] <patdk-wk> ubuntu didn't have mariadb back then
[16:34] <patdk-wk> and now does
[16:34] <patdk-wk> that might cause alittle package upgrade issue
[16:35] <patdk-wk> easy enough to solve, but might be annoying for a little bit :)
[16:36] <DeltaHeavy> patdk-wk: I'm using a 3rd party PPA. I think I'd just dump my DBs, uninstall MariaDB, remove the PPA, and start from scratch with the official repo in that case.
[16:36] <patdk-wk> :)
[16:36] <DeltaHeavy> I didn't know 14.04 came with MariaDB in the official repos though. Great news.
[16:39]  * RoyK prefers postgresql over {mariadb,mysql} any day
[16:40] <DeltaHeavy> Agree'd, but when working with some PHP site that other developers will probably have to use one day, I prefer going with what MOST people know.
[16:40] <DeltaHeavy> Mind you with PDO I don't think I"d have to worry about that =/
[16:40] <patdk-wk> you do
[16:40] <DeltaHeavy> I need to get on a good ORM for all the PHP work I do outside of a framework.
[16:41] <patdk-wk> pdo while a nice idea, is broken and buggy
[16:41] <DeltaHeavy> It is? I havn't noticed :p
[16:41] <patdk-wk> I had so much fun attempting to get lastinsertid working
[16:41] <patdk-wk> for mysql, it just works :)
[16:41] <patdk-wk> for everyone else, buggy as crap
[16:42] <patdk-wk> and the bugs change from version to version :)
[16:42] <DeltaHeavy> Ah, yeah. When I'm working with PHP sans framework MaraiDB/MySQL is my goto.
[16:43] <DeltaHeavy> As much as I wish everybody would move away from PHP and MaraiDB/MySQL all together :p
[16:43] <RoyK> DeltaHeavy: from PHP to what_
[16:43] <RoyK> ?
[16:43] <patdk-wk> forth
[16:43] <RoyK> ada
[16:43] <patdk-wk> lisp :)
[16:44] <patdk-wk> I can never have enough brackets
[16:44] <DeltaHeavy> RoyK: Anything lol. I'm trying to move mainly to Python personally.
[16:44] <RoyK> hehe
[16:44] <DeltaHeavy> Django specifically. Everything that's small fish I still do in PHP.
[16:44] <RoyK> perl in good old cgi mode
[16:44] <RoyK> that'll make your day
[16:44] <DeltaHeavy> plzno
[16:44] <patdk-wk> I use perl as my backend code
[16:44] <patdk-wk> and normally php/lua for frontend
[16:44] <DeltaHeavy> In College I had to make a website in Perl without using any libraries like 'CGI'
[16:45] <patdk-wk> I still have some websites coded in C
[16:45] <RoyK> hehe
[16:45] <RoyK> like nagios, hardcoded html i C
[16:45] <RoyK> yuch
[16:45] <patdk-wk> na, it used html template files :)
[16:46] <patdk-wk> basically I created php/mysql into a small c cgi
[16:46] <patdk-wk> it was back in php v2 days though
[16:55] <patdk-wk> hmm, this is giving me horrible results
[16:55] <patdk-wk> using xz -9, I'm only getting a max of 2% better compression vs gzip -9
[17:10] <jamescarr> if an init.d script has a call like   log_daemon_msg "Stopping $DESC"
[17:10] <jamescarr> where does log_daemon_msg go to!?
[17:10] <patdk-wk> depends on what log_daemon_msg function does
[17:11] <patdk-wk> most likely, syslog
[17:11] <jamescarr> I thought so too, but alas nothing
[17:12] <TJ-> jamescarr: upstart captures console output and flushes it to "/var/log/boot.log"
[17:12] <jamescarr> patdk-wk: right but given this is a stock 14.04 setup I was assuming there was a common location it would log to
[17:12] <jamescarr> syslog wasn't it
[17:12] <jamescarr> TJ-: checking...
[17:13] <jamescarr> TJ-: no dice, seems that is just the boot.log
[17:13] <patdk-wk> log_daemon_msg doesn't sound like, console output :)
[17:14] <Chris_hubu> Hello everyone
[17:14] <lietzmk> Hello Chris
[17:15] <Chris_hubu> I used to use Debian on all my servers but am moving to Ubuntu. One some VMs I'm going to use Ubuntu 12 (Xen VMs) and to manage them via opennebula
[17:15] <Chris_hubu> any downsides that I'm not aware of related to the fact that I'll stick to ubuntu 12 for a while?
[17:17] <lietzmk> I believe you get updates to Debian longer then ubuntu. LTS 5years
[17:17] <Chris_hubu> that I know
[17:17] <TJ-> jamescarr: Are you calling the init.d script manually then?
[17:18] <Chris_hubu> what I meant is, would you see anything wrong about keeping ubuntu12 on production VMs/servers for the time being?
[17:18] <lietzmk> I switch from Debian to Ubuntu, 4 years ago, that is the biggest for me
[17:18] <jamescarr> TJ-: via service foo start
[17:19] <Chris_hubu> -_-
[17:21] <sarnold> Chris_hubu: the ubuntu update manager thing doesn't prompt 12.04 users about 14.04 until after 14.04.1 is released, which ought to be in a month or two
[17:21] <sarnold> Chris_hubu: there's nothing wrong with staying on 12.04 LTS if you'd rather
[17:21] <Chris_hubu> thanks a lot, sarnold I wasn't sure.
[17:22] <Chris_hubu> anyone here ever used opennebula on ubuntu servers?
[17:22] <lietzmk> I'm going to leave 12.04 on my main production server till 2017, then replace the whole box
[17:22] <Chris_hubu> ok
[17:24] <TJ-> jamescarr: well, "log_daemon_msg()" is in "/lib/lsb/init-functions" and calls "log_daemon_msg_{pre,post}()" in "/lib/lsb/init-functions.d/50-ubuntu-logging" - they all write to stdout
[18:46] <DeltaHeavy> How can I alter the DEFAULT user:group ownerships recersivly in an entire directory?
[18:53] <sarnold> DeltaHeavy: see the bsdgroups option in mount(8)
[18:56] <DeltaHeavy> sarnold: This isn't a mounted volume though. It's in the root fs.
[19:13] <patdk-wk> chmod?
[19:13] <patdk-wk> chown I mean
[19:16] <DeltaHeavy> patdk-wk: I'm still a little confused. I'm Googling and it seems 'bsdgroups' is in fact a mount option.
[19:16] <DeltaHeavy> I don't see it in the chown man pages anywhere
[19:16] <patdk-wk> heh?
[19:16] <patdk-wk> see it?
[19:16] <DeltaHeavy> Not in chown
[19:16] <patdk-wk>   -R, --recursive
[19:16] <patdk-wk>               operate on files and directories recursively
[19:16] <DeltaHeavy> I know that one
[19:17] <patdk-wk> well, then what is the question
[19:17] <patdk-wk> cause yours wasn't specific enough
[19:17] <DeltaHeavy> How can I alter the DEFAULT user:group ownerships recersivly in an entire directory?
[19:17] <patdk-wk> oh, heh
[19:17] <DeltaHeavy> Note the 'DEFAULT' in all caps :p
[19:17] <patdk-wk> well, oviously you can't default a user/owner
[19:18] <patdk-wk> the group depends on the directory owner
[19:18] <patdk-wk> maybe you want to make the directory sticky?
[19:18] <patdk-wk> look in chmod for that
[19:20] <DeltaHeavy> patdk-wk: That's crappy >: I have a bunch of document roots and for small projects I use an SFTP plugin for my text editor. I upload these files through a special account that has a chroot'd enviroment and no actual shell access. It gives each NEW file it uploads a user:group of its own user, when I want it to specifically be webdev:sftp
[19:20] <patdk-wk> well, that is easy :)
[19:20] <patdk-wk> login as the webdev user :)
[19:21] <DeltaHeavy> patdk-wk: But these files aren't uploaded through there because it's not an account I want to be throwing out access to everybody, nor store in a plain text file on my computer in order to use the plugin.
[19:21] <DeltaHeavy> This account is specifically for all SFTP operations.
[19:21] <patdk-wk> maybe rethink how you do permissions?
[19:21] <DeltaHeavy> How should I go about that?
[19:21] <patdk-wk> or use acl's instead?
[19:21] <patdk-wk> I dunno, I don't know your goal
[19:22] <DeltaHeavy> I was thinking of giving in and just using ACLs.
[19:22] <DeltaHeavy> Basically I want the owenrship of webdev:sftp for all new files created regardless of what user made them.
[19:22] <patdk-wk> acl's have what you want though
[19:22] <patdk-wk> with it's inherit option
[19:22] <DeltaHeavy> Yeah, probably. I just don't have the time to learn them right now.
[19:23] <patdk-wk> well, doing what you want, won't happen, that would be a security issue
[19:23] <patdk-wk> you could make a small script to do it
[19:23] <patdk-wk> use inotify, and change the user
[19:23] <patdk-wk> so it happens instantly after upload
[19:23] <patdk-wk> but then your likely have issues updating the file, depending on the other permissions
[19:26] <DeltaHeavy> patdk-wk: I usually just run 'sudo chown -R webdev:sftp *' to fix it as I'm not adding files often, but I'd like to fix this proper some time.
[19:26] <DeltaHeavy> I think I'll just learn how to use acls
[19:26] <DeltaHeavy> Unix file permissions are way to limited.
[19:27] <patdk-wk> yes they are, but they are simple :)
[19:28] <DeltaHeavy> Yeah, I'm not hating on them.