| === Lcawte is now known as Lcawte|Away | ||
| === markthomas is now known as markthomas|away | ||
| === zz_DenBeiren is now known as DenBeiren | ||
| rzeka | I am about to set automatic backups on server but I'm wondering. Is it better to connect to target machine from source or to source from target. In 1st case, when I have 3 different sources, I cannot tell if previous backup is done so I might get 2 backups running at the same time. In 2nd method, if backup server is hacked anyone may get access to other servers with ease (login through ssh keys) | 07:33 |
|---|---|---|
| === Lcawte|Away is now known as Lcawte | ||
| === bilde2910|away is now known as bilde2910 | ||
| vidarne | with taskset you can set a specific running program to a core as root/superuser but is there a way for a regular user to be allowed to set what core a program shall use ? i have 3 game servers runing and i dont want them to use core/treds 1-3. | 11:49 |
| vidarne | is it visudo i have to use for that ? | 11:51 |
| === bilde2910 is now known as bilde2910|away | ||
| DonRichie | vidarne: You can give root permission for specific commands with sudo | 12:01 |
| Kartagis | postfix/smtp[8844]: connect to mail.example.com[xxx.xxx.xxx.xxx]:25: Connection refused how come? | 12:57 |
| Kartagis | guys, it seems that I can't receive any mail and I re | 13:08 |
| Kartagis | ceive this in the log | 13:08 |
| Lartza | Not sure if I should ask this on php or apache so... Running Apache2 with php5-fpm and proxypassmatch, problem with aliases on webapps like phpmyadmin | 14:00 |
| Lartza | Getting a "primary script unknown" error but there's no better info anywhere | 14:00 |
| Lartza | I use ProxyPassMatch pointing to fcgi://127.0.0.1:9000/var/www/html/$1 and Alias /phpmyadmin /usr/share/phpmyadmin | 14:01 |
| Lartza | Fixed I think :) | 14:09 |
| === bilde2910|away is now known as bilde2910 | ||
| === Lcawte is now known as Lcawte|Away | ||
| dav1dp0101 | Hey, does anyone know how to remove the X windowing system and any display manager and graphics manager I may have installed? I think I installed a few different types but I don't remember what. | 15:51 |
| === Lcawte|Away is now known as Lcawte | ||
| === markthomas|away is now known as markthomas | ||
| jsonperl | hiya, I have a fairly non-ubuntu related "disaster recovery" question, but you folks are sharp :) | 17:14 |
| * patdk-wk goes around popping balloons | 17:14 | |
| jsonperl | I want to host a backup web app, ready to failover if my "primary" app has issues | 17:15 |
| patdk-wk | and? | 17:15 |
| jsonperl | My initial thought was to take care of it via a CNAME change when said issue occurs | 17:15 |
| jsonperl | And keep an A record already pointing to the "spare" | 17:15 |
| patdk-wk | doesnt matter | 17:16 |
| jsonperl | Though now I'm thinking I'll still have the same issues with TTL as I would with just a straight A record | 17:16 |
| patdk-wk | so your question is ONLY related to dns failover? | 17:16 |
| jsonperl | failover in general | 17:16 |
| patdk-wk | nothing else in the scope? like failover disk data, the application itself, webservers, .... | 17:16 |
| jsonperl | You would likely use a load balancer, and redirect? | 17:16 |
| jsonperl | Just the webserver | 17:16 |
| patdk-wk | there are like 5 good ways to do it | 17:17 |
| jsonperl | Do you have a pref? | 17:17 |
| patdk-wk | but every method has it's own time and scaling issues | 17:17 |
| jsonperl | I like the CNAME route, since it's drop dead simple | 17:17 |
| jsonperl | but DNS prop may be a bit of an issue | 17:17 |
| jsonperl | and it's obviously not automated | 17:17 |
| jsonperl | but this is a disaster situation, so I'm somewhat unconcerned about that | 17:18 |
| patdk-wk | why is it not automated? | 17:18 |
| jsonperl | cname switching? | 17:18 |
| patdk-wk | ya | 17:18 |
| jsonperl | I mean, it could be I spose | 17:18 |
| patdk-wk | it always was for me | 17:18 |
| patdk-wk | I had each dns server test reachability | 17:18 |
| patdk-wk | and only serve whatever one was usable | 17:18 |
| jsonperl | I'm not running my own dns | 17:18 |
| jsonperl | I'm on route 53 | 17:18 |
| patdk-wk | if the dns servers can't test, then you just have to go *best* guess | 17:18 |
| jsonperl | perhaps they have some automation for that though | 17:19 |
| patdk-wk | and assume the dns servers have the same reachability as your testing location | 17:19 |
| jsonperl | btw happy new year pat | 17:19 |
| patdk-wk | they do | 17:19 |
| patdk-wk | but I hadn't used it too much, so can't remember if it's good enough, think it is though | 17:19 |
| jsonperl | that may be the best solution | 17:19 |
| jsonperl | least moving parts | 17:19 |
| === martinst is now known as martins-afk | ||
| Novice201y | Hi. How can I limit TLS version to ingore SSL3 on my Ubuntu 12.04 Server? | 18:58 |
| Novice201y | Hi. I run OpenVPN Access Server on VPS's Ubuntu 12.04 and want to limit TLS version that accessing /admin via https will try something higher that SSL3. | 19:22 |
| qman | You will need to adjust the web server's SSL configuration | 19:25 |
| === duxklr| is now known as duxklr | ||
| qman | How precisely you do that depends on which web server you're running | 19:25 |
| Novice201y | qman: I don't think so - I installed only OpenVPN Access Server on this Ubuntu, changes options under SSL tab, but still ask for SSL3 on conection. | 19:27 |
| qman | A pretty decent guide for securing SSL on some common softwares: https://wiki.mozilla.org/Security/Server_Side_TLS | 19:27 |
| qman | If the OpenVPN Access Server runs its own web server, you will have to check with their documentation on how to configure it | 19:28 |
| === Lcawte is now known as Lcawte|Away | ||
| qman | The algorithm selection is handled by the service, it's not a systemwide setting | 19:30 |
| Novice201y | qman: Thanks | 19:32 |
| Aison | hello | 19:54 |
| Aison | I would like to setup several vlans | 19:54 |
| Aison | with network/interfaces it works | 19:55 |
| Aison | and I guess with network/interfaces vconfig is used | 19:55 |
| Aison | but now I would like to use GVRP to announce the VLAN | 19:55 |
| Aison | this can be done eg. with | 19:55 |
| Aison | ip link add link eth0 eth0.260 type vlan id 260 gvrp on loose_binding on | 19:56 |
| Aison | can I somehow define a VLAN device inside network/interfaces so that GVRP is used? | 19:56 |
| Aison | or maybe I need to define a inet manual device?!? | 20:00 |
| === markthomas is now known as markthomas|away | ||
| jvwjgames | Hi | 21:35 |
| jvwjgames | I need emergency help with my website | 21:35 |
| jvwjgames | my website is sufering sever probems | 21:43 |
| jvwjgames | i need help can someone please help me | 21:44 |
| cryptodan | what kind | 21:44 |
| jvwjgames | let me explain | 21:44 |
| jvwjgames | here is my website | 21:44 |
| jvwjgames | try to goto it | 21:45 |
| jvwjgames | http://jvwjgames.net | 21:45 |
| cryptodan | whats the issue | 21:45 |
| jvwjgames | my customers recive an http error 504 gateway timeout error | 21:46 |
| cryptodan | I can get to it | 21:46 |
| jvwjgames | really | 21:46 |
| cryptodan | http://i.imgur.com/YmI2sPF.png | 21:47 |
| jvwjgames | hmmm | 21:47 |
| jvwjgames | my phone i use mobile data and get an http error 504 | 21:48 |
| jvwjgames | but interal network can get to it | 21:48 |
| cryptodan | when i use www.jvwjgames.net I get a not found | 21:48 |
| jvwjgames | ya that expected cause i don't have an A record for www.jvwjgames.net only jvwgjames.net | 21:49 |
| cryptodan | but without the www's I get to it | 21:49 |
| jvwjgames | *jvwjgames.net | 21:49 |
| jvwjgames | ya | 21:49 |
| jvwjgames | but for some odd reason my phone can't from out side my network | 21:50 |
| jvwjgames | is it my server issue or is it tmobile issue | 21:50 |
| cryptodan | tmobile | 21:51 |
| jvwjgames | yes tombile | 21:51 |
| cryptodan | you can check via www.network-tools.com or another site like it | 21:51 |
| jvwjgames | ok this is strange | 21:56 |
| jvwjgames | it says it is ok on a website tester i used but my phone it has an http error 504 | 21:57 |
| jvwjgames | hmmm | 21:57 |
| cryptodan | then its a tmobile issue | 21:57 |
| jvwjgames | hmm i just don't get it | 22:00 |
| jvwjgames | cause all other websites work | 22:00 |
| jvwjgames | on tmobile | 22:02 |
| jemejones | does anyone know of a tool that can see if any packages that i have installed have a known vulnerability (by pulling a feed from a cve database)? | 22:03 |
| jemejones | i think maybe nessus can do it | 22:03 |
| cryptodan | yes nessus can | 22:03 |
| jemejones | i'm trying to figure out if openvas (a fork of nessus from way-back-when) can do it | 22:04 |
| jemejones | ok - awesome | 22:04 |
| cryptodan | jvwjgames: could be an issue between tmobile and comcast | 22:04 |
| jvwjgames | comcast? | 22:05 |
| jvwjgames | did you do an ip lookup | 22:05 |
| jvwjgames | lol | 22:05 |
| cryptodan | jvwjgames: yup | 22:05 |
| jvwjgames | nice | 22:05 |
| cryptodan | but it works for me so its an issue with tmobile | 22:06 |
| jvwjgames | i have a tracert program on my android phone and it can do a tracrt just fine | 22:07 |
| jvwjgames | from mobile data | 22:07 |
| cryptodan | traceroute is performed via ICMP or UDP it doesnt care about port 80 | 22:07 |
| === markthomas|away is now known as markthomas | ||
| jvwjgames | this is really strange | 22:14 |
| jvwjgames | i can get to the site via mobile data if i use https but can't if i use http | 22:15 |
| jvwjgames | ok | 22:17 |
| jvwjgames | i found the problem | 22:17 |
| jvwjgames | This is a known problem with US T-mobile - they fail to route to certain web services, including to Memsource. However, there is a workaround: Always use https for all communication, including using https from Memsource Editor. That should get you connected. | 22:17 |
| jvwjgames | You should report this issue to T-Mobile, so that they fix this. Their users seem to have similar problems connecting not just to Memsource: | 22:17 |
| jvwjgames | so this is a know issue on T-Mobile apperantly | 22:18 |
| cryptodan | now I know another reason not to use tmobile | 22:23 |
| === TheRealCrell is now known as Crell | ||
| === akaWolf1 is now known as akaWolf | ||
| === dw2 is now known as dw1 | ||
| === rcj is now known as Guest87135 | ||
| === thesheff17_ is now known as thesheff17 | ||
| === bilde2910 is now known as bilde2910|away | ||
Generated by irclog2html.py 2.7 by Marius Gedminas - find it at mg.pov.lt!
