plkHi everyone... this is a long shot but does anyone know why postfix smtp would pass shadowauth and fail SASL auth?00:58
=== brrr is now known as prator
=== prator is now known as brrr
=== Sierra is now known as AdransNumber1Fan
=== thumper is now known as thumper-otp
=== superspring_ is now known as superspring
=== brrr is now known as prator
=== thumper-otp is now known as thumper
=== croepha_ is now known as croepha
=== prator is now known as brrr
=== AdransNumber1Fan is now known as Sierra
lordievaderGood morning.06:40
=== mld_ is now known as mld
=== khaitanya is now known as Guest87370
=== inaddy is now known as tinoco
=== irv_ is now known as irv
=== ayr_ton is now known as ayr-ton
=== Daviey_ is now known as Daviey
=== ValicekB_ is now known as ValicekB
=== Abhijit_ is now known as Abhijit
=== Lcawte|Away is now known as Lcawte
=== ikonia_ is now known as ikonia
=== soren_ is now known as soren
=== Pici` is now known as Pici
smoser`hallyn, is there any cost to subuid/subgid mappings being complex12:38
=== smoser` is now known as smoser
smoseras in 'lxc-usernsexec' -m b:0:32000:1 -m b:1:33563:1 -m b:2:45191:1 ... ...12:40
smoseras opposed to just: lxc-usernsexec -m b:0:65535:6553412:41
hallyni haven't measured it13:12
smoserhallyn, does that end up being something in the kernel that is utilized real-time ?13:47
smoseror does -m b:0:65535:65534 just end up in the kernel as 65534 individual mappings.13:47
smoserthat would esem expensive13:47
hallynit's in mappings by ranges13:48
hallynit should be very fast13:48
smoserso its possible then that 65535 individual mappings would perform poorly compared to a range13:49
smoserunless something went in and realized it coudl re-write that.13:49
dav1dp0101Does anyone have experience or advice on how to change permissions on an apache2 web server? I put some files on my server at /var/www/html/archives and I can't access the files through a web browser (I get a 403 error). Checking my /var/log/apache2/error.log, I get: (13)Permission denied: AH00132: file permissions deny server access. I have changed the user and group owners to a default user, but still I don't have it working. Any thoughts?14:09
thegoati am trying to configure smtp auth on 12.04 server, but everytime i try to pass my creds when sending an email it comes back with login failed and i can't find any logging as to why14:25
patdk-wkwell, what *does* the logs say?14:28
thegoati can't find any logging as to why14:28
thegoatnothing in mail.log or auth.log14:28
thegoator daemon.log14:28
thegoatis there a way to run sendmail in the foreground in a non daemon mode so i can can get some verbose output?14:30
darkside_hey guys14:35
darkside_keep getting this message while accessing a NAS using CIFS: "CIFS VFS: bogus file nlink value 0", any ideas what it can be?14:37
pmatulisthegoat: what smtp server are you using?14:38
zulhallyn:  libvirt 1.2.7 is building in  my libvirt testing ppa (ppa:zulcss/libvirt-testing)14:40
thegoatpmatulis: yeah i know ;-)14:41
pmatulisthegoat: have you considered postfix?  sendmail is so 1980's14:41
pmatulis(good music in the 80's though)14:41
thegoatthe milter i use seems to require sendmail, so i am kind of stuck14:42
pmatulisah, milters, that brings me back14:42
pmatulisthegoat: not many people here will have experience with sendmail as an MTA i'm afraid14:43
thegoati am using sendmail out of the box, trying to tweak things from what i get from searches, but i am at my witts end.14:44
pmatulisthegoat: tell your people to get into 21st century?14:45
thegoatyeah i know.....but it's an upstream provider so that might not work too well ;-)14:45
thegoatno biggie, i'll keep digging14:46
streulmafinally running Ubuntu Server 14.04.1 fresh install from Virtualbox on Hosting server VPS in the cloud.14:49
streulmabooted in recovery, wiped hda1 and copied over with NC my Ubuntu Server 14.04.1 tar.gz14:50
patdk-wkmilters don't require sendmail14:52
patdk-wkmilters require a sendmail milter interface, that postfix supports14:52
patdk-wkthough personally, I dislike milters :)14:52
=== miceiken_ is now known as miceiken
=== jiffe98 is now known as jiffe
thegoatpmatulis: got it working :-D15:38
=== Azelphur_ is now known as Azelphur
irverm, i'm getting W: Failed to fetch http://ca.archive.ubuntu.com/ubuntu/dists/raring-backports/multiverse/binary-i386/Packages  404  Not Found [IP: 80]16:09
irvwhen trying to sudo apt-get update16:09
cfhowlett!raring | irv,16:11
ubottuirv,: Ubuntu 13.04 (Raring Ringtail) was the 18th release of Ubuntu. Support ended on January 27, 2014. See !eol, !upgrade and http://ubottu.com/y/raring16:11
irvoh kk16:11
irvso i need to dist upgrade?16:11
irvpreferably to an LTS16:11
irvas this is my production webserver :P16:11
irvi was on the bleeding edge lol16:11
irvnot the best idea but hwatever16:11
irvso to upgrade to 14.04?16:12
irvit's telling me i can do-release-upgrade to go to 13.1016:12
irvdo i have to do that before going to 14.04?16:12
cfhowlettirv, 13.10 is also dead.  easier to download and clean install 14.04 but you can do an eolupgrade if you wish16:13
irvyeah there's a decent amount of customization to the webserver so i don't wanna start from a fresh install this time16:16
irvi'll look eolupgrade, thx :)16:16
irvhmm, so seems the simplest way is something like sudo apt-get update sudo apt-get dist-upgrade sudo update-manager -d sudo do-release-upgrade16:24
irvbut i can't even run the update without errors since hte old repos are down16:24
geniiirv: Change the repo names from ca.archive.ubuntu.com  to old-releases.ubuntu.com16:25
* RoyK sticks to LTS releases unless he's testing stuff16:28
irvwhat about the security ones16:31
irvsame thing?16:31
pmatulisirv: google for 'ubuntu old-releases'16:32
pmatulisthere is a wiki page16:32
irvcool, thanks16:33
irvit's going now16:33
irvi'm just toying with awstats before i upgrade16:38
irvtaking a while to do it's initial run16:38
cfhowlettirv, that's why I suggested you get the 14.04.1 iso and just clean install.16:43
RoyKcfhowlett: may be easier to upgrade if you have configured a lot of stuff, or if you're somewhat new to linux/ubuntu, or both...16:44
irvyeah, i probably will stand up a new VM alongside16:45
irvand migrate over16:45
irvbut because this is a production server16:45
irvi can't afford the downtime to set up all that stuff from scratch heh16:45
irvso i'll just throw it up to 14.04.1 upgrade then stand up a freshie and take my time moving stuff over16:45
YamakasYguys which keyring am I missing ? Ign http://nl.archive.ubuntu.com:80 trusty Release                             No keyring installed in /etc/apt/trusted.gpg.d/16:51
RoyKirv: If I were you, I'd start with a new VM instead of upgrading something in production. Things sometimes break during upgrades, and it's not always easy to fix them without a reinstall16:52
irvyeah i have a full copy of the VHDX16:54
irvso if something goes wrong i'll simply flip over to that16:54
irvbut yeah i feel ya16:54
RoyKyuch - hyper-v :P16:56
irvahah, yeahhh16:57
irvi know i know :P16:58
irvbut it's 95% windows infra16:58
irvjust my webservers and a few other random servers are on linux :(16:58
irvand ubuntu actually runs quite nice on hyperv now a days16:58
irvit's hyperv 2012 too heh16:58
RoyKhaven't used that - ubuntu didn't run too well on 2008r2's hyper-v - in fact - it just disconnected from the network when traffic was high, without anything in the logs on either ubuntu nor windows16:59
irvlol sounds like a fun issue to diagnose17:06
irvi've had 400 days of solid uptime on these boxes17:06
=== Kalki is now known as Caitanya
RoyKirv: 400 days of uptime? although that may seem nice, it doesn't seem very good regarding security patching :P17:14
irvlol yeah17:15
irvhence why i need to upgrade to a modern LTS distro :D17:15
irvmost of those are just internal web servers tho for things like security cams etc :)17:15
irvbut i do see your point17:15
lordievaderGood evening.18:19
pmatulislordievader: evening18:26
=== kirkland` is now known as kirkland
=== kirkland is now known as Guest82850
lordievaderHey pmatulis, how are you doing?18:28
pmatulisflying high again18:29
=== Guest82850 is now known as kirkland`
=== keithzg_ is now known as keithzg
webfoxHello folks!19:12
webfoxI was trying to change the ssh port at my machine but it is not working as it should.19:13
RoyKwebfox: how did you change it? got a firewall?19:13
webfoxWhat I did is change Port 22 to 2222 at /etc/ssh/ssh_config.19:13
lordievaderwebfox: Define 'not working as it should'19:13
webfoxIs that enough? I don't have a active firewall.19:14
sarnolddid you restart sshd?19:14
RoyKwebfox: ssgd_config would be better19:14
RoyKsshd_config, even19:14
webfoxlet me see it, just a sec.19:14
RoyKssh_config is the client config19:15
geniiwebfox: I think you wanted sshd_config and not ssh_config19:15
webfoxGreat, now it is working just fine! Thank you guys!19:18
webfoxhow do I find squid version?19:40
sarnoldwebfox: dpkg -l '*squid*'19:40
RoyKwebfox: squid -v19:41
webfoxsquid proxy, path is not default installed here.19:42
webfoxsarnold: strangely it shows version 3.3.819:42
webfoxI was expectins something as 7.04 to 7.1019:43
sarnoldwebfox: you can aim a browser right at the squid port, e.g. localhost:3128, mine reports "Generated Wed, 27 Aug 2014 19:43:01 GMT by hunt (squid/3.3.8)"19:43
webfoxsarnold: do you still using default port?19:44
RoyKwebfox: latest version is 3.4.619:44
sarnoldwebfox: what 'squid' are you expecting? wikipedia reports their most recent version is 3.4.6, released in june 201419:44
YamakasYi'm trying to find the right debian-installer source for 14.04.1 LTS19:44
webfoxwell, not sure now. I was reading  https://help.ubuntu.com/community/Squid19:44
sarnoldwebfox: funny enough I am. no idea why, I thought the debian mirror setup I used had it on 8000, but I'm apparently listening on both.19:45
RoyKwebfox: the current version probably works :P19:45
webfoxI am quite new on using it. And is seems to be blocking everything by default.19:45
sarnoldwebfox: oh, that appears to be talking about ubuntu versions from seven years ago :)19:45
webfoxsarnold: :P19:46
RoyKwebfox: did you change the squid config? ;)19:46
webfoxRoyK: not sure how, yet ;)19:46
RoyKwebfox: vi /etc/squid3/squid.conf19:46
RoyKwebfox: or change 'vi' to 'nano' if you're a newbie19:47
webfoxNo, I use vim19:47
sarnoldwebfox: don't worry, the first time I set up squid was back in 96 or 97, it seems fairly similar.. :)19:47
RoyKsarnold: more or less the same ;)19:47
webfoxI would like to allow an specific IP full access.19:48
webfoxOthers than that completly blocked.19:48
RoyKwebfox: just read the config file - it's got lots of comments - look for ^acl19:48
webfoxOk. let me try it.19:49
YamakasYanyone and idea about this when building an image ?19:56
YamakasYcp /usr/lib/syslinux/pxelinux.0 ./tmp/netboot/dir_tree/ubuntu-installer/amd6419:56
YamakasYcp: cannot stat '/usr/lib/syslinux/pxelinux.0': No such file or directory19:56
YamakasYthis is on the 14.04.1 source19:56
sarnoldYamakasY: install syslinux-common?19:57
YamakasYsarnold: is installed19:58
YamakasYit was all pain to get the right packages :)19:58
YamakasYwhen I pull a recent one from git it goes well, but that one is too new for LTS19:58
YamakasYso won't boot19:58
YamakasYsarnold: so is that source missing parts ?20:00
sarnoldYamakasY: I'm not sure; is the 'cp' running in a chroot or lxc container or sometihng similar?20:01
YamakasYsarnold: I do a fakeroot20:01
sarnoldYamakasY: apt-file search pxelinux.0  reports that path is owned by syslinux-common, so if the package is installed, it should be there20:02
sarnoldYamakasY: hmmm. fakeroot LD_PRELOADs some libraries, which might not work depending upon the programs that are executed20:02
YamakasYsarnold: yeah I had some trouble with packages so I downloaded the latest stable ones for syslinux and so on20:02
YamakasYyeah running as root now20:02
YamakasYkinda fun to do20:02
sarnoldoh okay20:03
YamakasYthere is a stupid preseed bug for netcf20:03
sarnoldYamakasY: well, when it doubt, add in strace :)20:03
YamakasYdamn again20:04
YamakasYsarnold: should syslinux be too new ?20:04
sarnoldYamakasY: no idea there. All I know is you've got an error saying the file doesn't exist, but you're confident the file is there, right? so break out strace and find out what's going on to change the filesystem view..20:05
YamakasYsarnold: nah I installed the package20:05
YamakasYthat is20:05
sarnoldlunchtime :) have fun YamakasY20:06
YamakasYdamn my mirror server is becoming a hoo!20:07
YamakasYsarnold: have a nice lunch20:07
YamakasYsarnold: fixed, the package was too new to other location20:23
YamakasYthe maintainer like to rename a lot btw20:23
webfoxI am reading a tutorial about squid and there is a like as : "Get ready with the configuration file located at /opt/squid/etc/squid.conf"20:27
webfoxI don't think it is for Ubuntu because I don't have any items inside /opt folder20:28
webfoxBut I don't know if it uses a different .config file other than the main default one.20:29
qman__On ubuntu, squid uses /etc/squid3/squid3.conf20:29
webfoxyes, perhaps the book just uses the default .config file. I think I will make a backup of it. :D20:30
scoutmastershakeHas anyone had a problem with 14.04 and proftpd where user auth just stops working for one user? I'm having this problem and the only work around currently is to reset the password with passwd.20:37
=== Bilge- is now known as Bilge
pmatulisscoutmastershake: hello, how are you?20:57
zzxcAlright I got a question. I have someone wanting to to a SFTP connection in my machine (chrooted with a rbash shell to prevent anything but SFTP). The guy keeps insisting that I need to send him a public key. Is it just me or does that make absolutly no sense?21:10
zzxcas I understand it private keys should always be on the client side and public keys should always be on the client side. Otherwise you have a private key that is shared on a shared resource.21:12
fridaynextI'm having an email issue.21:16
fridaynextMy WordPress installs are supposed to send me emails to notify me of new sales.  They are, indeed sending out the emails,21:16
fridaynextbut those emails are going directly to the Postfix/dovecot install that I switched away from 2 weeks ago, instead of my Google Apps address.21:16
fridaynextDo you folks know how php mail() works, to get it to route outside of my Ubuntu 12.04 (Linode) server?21:16
catbus1Hi, I am getting the hash sum mismatch error from the apt-get update around package bzip2. I found an irclog about the same error message on this channel, and learned that this might be temporary, but I have encountered this issue several times. I am wondering if someone can point me to the right direction to get this solved.21:17
scoutmastershakepmatulis: hellp21:29
scoutmastershakepmatulis: hello21:29
pmatulisscoutmastershake: yes?21:30
scoutmastershakeHas anyone had a problem with 14.04 and proftpd where user auth just stops working for one user? I'm having this problem and the only work around currently is to reset the password with passwd.21:31
pmatuliszzxc: the person logging in needs to have his public key on the server he's logging in to21:31
zzxcpmatulis: Yeah thats what I was thinking.21:31
pmatuliszzxc: did you test logging in with keys to the chrooted environment?21:32
pmatulisscoutmastershake: so after resetting the password everything works?  sounds like the user forgot the original password21:33
RoyKscoutmastershake: I stopped using proftpd some years back - vsftpd is nice - and if you need it secure, use sftp21:34
RoyKscoutmastershake: don't use cleartext login as with ftp, use sftp, it's supported on most platforms, windows included (filezilla is a good sftp client)21:35
catbus1W: Failed to fetch bzip2:/var/lib/apt/lists/partial/us.archive.ubuntu.com_ubuntu_dists_precise_main_source_Sources  Hash Sum mismatch21:36
catbus1this is on 12.04.521:36
zzxcpmatulis: I've set this up serveral times before. I have a few users that already have jail and I've had no issues. I've even had other companies have me walk them through how to set up there own.21:37
zzxcpmatulis: Issue is he's not giving me a public key21:37
sarnoldcatbus1: is it still there after a fresh apt-get update?21:40
catbus1sarnold: yes. and I just did the apt-get update again, it's still there.21:40
sarnoldcatbus1: can you grab the IP address (netstat -antp | grep http) while downloading the package lists?21:44
catbus1sarnold: and
scoutmastershakenever used vsftp how does it compare to proftpd21:47
sarnoldcatbus1: thanks!21:48
scoutmastershakedoes it allow my to lock users in ther home directories21:48
fridaynextmail sent from my ubuntu server to an email address attached to a domain on the same server isn't making it out to my google apps account - any ideas how to fix this?21:59
fridaynextI've already deleted references of the email address from virtual domains, forwardings, etc.21:59
sarnoldfridaynext: check server logs to see if the googleapps server reported any errors22:01
fridaynextsarnold: mail works going to google apps, as long as it originates off of this server.22:02
fridaynextsarnold: ah - found it.22:03
fridaynextit's getting marked as spam now.22:03
fridaynextthanks for that tip! made me check the logs, which proved to me that it was indeed getting delivered.22:04
=== FreezingCold is now known as NegativeForty
pmatuliscatbus1: dunno, try changing mirrors22:43
=== Lcawte is now known as Lcawte|Away

Generated by irclog2html.py 2.7 by Marius Gedminas - find it at mg.pov.lt!