/srv/irclogs.ubuntu.com/2016/01/28/#ubuntu-server.txt

Pinkamena_DI installed ubuntu with software raid5 on six identical drives two days ago. It was fine while using it yesterday and rebooting it many times. Today I came in and I get raid error not enough operational devices on md0 (4/6) failed. I feel like this is so unlikely as to be impossible, and all drives are still seen in bios.00:00
tomreynhmm that's indeed a bit weird, Pinkamena_D00:47
tomreynunless you were unlucky and hit a set of bad drives, which happens occasionally.00:47
tomreyncheck S.M.A.R.T. data, do a long self-test on each of the drives00:47
tomreynalso make sure your layering of block devices is compatible to RAID-500:48
=== Lcawte is now known as Lcawte|Away
rbasaknacc: I was wondering about having two PPAs. A bootstrap PPA, as well as the current one.01:19
rbasaknacc: the current one could be set up to depend on the bootstrap PPA, so anything built in the bootstrap PPA can be build-depended on.01:20
rbasaknacc: then we might be able to prepare everything in the PPAs, ready to be rebuilt for the archive when we're ready, so then we can defer the decision.01:20
rbasakWe could even have multiple "levels" of bootstrap PPA if needed.01:20
rbasakJust a thought - I've not thought it through fully.01:21
naccrbasak: that seems reasonable. what is the benefit of having a distinct bootstrap PPA? just reducing the noise?01:23
rbasaknacc: so that the steps to bootstrap the main archive are laid out rather than lost01:24
naccrbasak: ah that makes sense01:47
pacmanfan26 packages can be updated.03:08
pacmanfan14 updates are security updates.03:08
pacmanfan^^^ the default motd has that. is there a way to display that again without creating having to exit the shell and log in again?03:09
pacmanfani can't find a way to print the default motd again, nor am i aware of an apt-get function that will show it03:09
tarpmanpacmanfan: /usr/lib/update-notifier/apt-check --human-readable  - in xenial, not sure about older03:14
tarpmanpacmanfan: for the apt bit specifically. the entire motd should be just in /etc/motd03:15
pacmanfanthat works, thanks!03:17
pacmanfanmy /etc/motd is empty, i guess because i haven't added a custom one03:17
tarpmanoh, sorry03:18
tarpmanseems to be /run/motd.dynamic03:18
tarpman/etc/motd used to be a symlink, I guess not any more03:18
tarpman(via "grep -r motd /etc/pam.d")03:18
* tarpman hasn't looked into this stuff in a while...03:19
pacmanfanaha, that explains all the docs i found referencing /etc/motd03:19
pacmanfani'm just like "huh... that must be for custom stuff"03:19
KaoticEvilanyone around that can lend a hand installing ubuntu server?04:14
KaoticEvilspecifically know why it wont see my nVidia RAID array during partition setup?04:14
PryMar56kernel cmdline: dmraid04:15
KaoticEvilPryMar56: could you elaborate a little bit more?04:16
KaoticEvili.e. where do i enter that?04:16
KaoticEvilright before entering the partitoner, it asks if i want to activate the RAID drive, i hit yes, and all i see in the partitoner is the single drive thats not in the array04:18
PryMar56what is the boot media?04:18
PryMar56USB or ISO? or Hypervisor?04:19
PryMar56how do you launch the installer?04:20
PryMar56if its a CD, hit F1 and read how to customize the kernel cmdline04:22
KaoticEvilPryMar56: USB, metal system, not VM04:22
KaoticEvili added "dmraid=true" to the cmdline, and still no joy :/04:23
KaoticEvilor do i not need the04:24
KaoticEvil"=true" part?04:24
PryMar56to disable it, I add : nodmraid, so I guess:dmraid (is enough)04:24
KaoticEvilPryMar56: i will try that, thanks04:25
PryMar56KE if the installer sees your nvidia fakeraid, the device names are unique and contain nv084084~ (wild chars)04:26
PryMar56nothing like sda1, sda204:26
KaoticEvilright.. i already found that out using PartedMagic04:26
KaoticEvilstill nothing04:28
PryMar56maybe insmod=dm-raid04:29
PryMar56the driver is called dm-raid.ko04:29
KaoticEvilwould i be better off using the installers software RAID?04:29
PryMar56KaoticEvil, I make no value judgement about the dmraid. Once you bothered to setup the nvidia bios raid, you owe it to yourself to expt with it and make your mind up04:31
PryMar56if you change course and go with software raid, you have to erase the fakeraid meta data first04:32
KaoticEvilthat would be fine.. no data on there at all04:32
KaoticEvilfresh install.. just put the hardware together today04:32
DexDeadlyhello, having trouble mounting a cifs share06:03
DexDeadlysorry samba share from my ubuntu server06:03
DexDeadlyanyone mounting a samba share using active directory07:16
DexDeadlythough a nas4free box if possible as well07:17
=== G is now known as Nigel
DexDeadlyanyone able to assist me08:05
DexDeadlynm got it08:16
=== stokachu_ is now known as stokachu
=== chmurifree is now known as chmuri
rbasakkickinz1: I'm looking at ntp now.12:39
rbasakkickinz1: did you have an MP in LP for it?12:39
kickinz1rbasak, not yet.12:45
rbasakkickinz1: OK. Also I just realised you can't, since there's no repo to merge into yet.12:46
rbasakkickinz1: shall we start as we mean to go on? I can create that now, then you can file an MP for your logical branch. I can review that with the inline comment functions, etc.12:47
rbasakkickinz1: and then after that's done, you can file a second MP for the merge itself.12:48
kickinz1rbasak, OK12:48
rbasakkickinz1: OK, I've created the ~ubuntu-server-dev ntp repo with your import.12:55
rbasakkickinz1: please could you submit an MP from https://code.launchpad.net/~kick-d/ubuntu/+source/ntp/+git/ntp/+ref/logical/4.2.6.p5+dfsg-3ubuntu9/+register-merge12:55
kickinz1rbasak, yes12:55
rbasakkickinz1: to go to the logical branch in the ~ubuntu-server-dev ntp git repo.12:55
rbasakThanks12:56
kickinz1Done.12:58
rbasakkickinz1: that looks good I think. 2416 lines alarmed me, but I think they're all the CVEs so it looks like what I expected. Thanks!13:00
kickinz1rbasak, yes, most are related to CVEs.13:07
=== cpaelzer_ is now known as cpaelzer_afk
=== smb` is now known as smb
=== smb is now known as Guest52432
kickinz1rbasak,  how do we proceed now?14:15
rbasakkickinz1: I'll review your merge next.14:20
rbasakkickinz1: probably through a second MP is best.14:20
rbasakI need to figure out what to push so that you can file one.14:20
kickinz1rbasak, maybe push new/debian (4.2.8p4+dfsg-3)?14:23
=== Lcawte|Away is now known as Lcawte
=== cpaelzer_afk is now known as cpaelzer_
mrtAkdenizhowdy!15:56
mrtAkdenizGuys, Is it a good idea to use different machine for databases?15:56
mrtAkdenizI mean buy 2 dedis, 1 for application server and 1 for database? Will there be any performance lose because of network?15:57
mrtAkdenizThese 2 dedis will be on the same IP gap15:57
naccmrtAkdeniz: I think the short answer is 'it depends'15:59
nacchow often are you hitting your db, etc. how is your network configured15:59
naccmrtAkdeniz: but there is insufficient information to make any guess15:59
=== JanC_ is now known as JanC
rbasakhttps://bugs.launchpad.net/ubuntu/+source/php5/+bug/152242216:45
ubottuLaunchpad bug 1522422 in php5 (Ubuntu) "Update to php 7.0" [Wishlist,Triaged]16:45
cpaelzer_rbasak: thanks will refer to that when questions about php 7 come up again16:46
=== cpaelzer_ is now known as cpaelzer
=== cpaelzer is now known as cpaelzer_afk
psyferreHey folks.  I've got an x86 ubuntu server that needed an OS update.  I did do-release -update (cleared out old kernels after it complained of low space in /boot), and it finished fine.  On reboot, I get "no such device" errors and no grub menu.  In rescue mode I can see all my data.  /boot is completely empty.  I edited fstab to change the uuid of /boot to /dev/sda1, and /boot looks normal.  Rebooting still yields the same error.18:05
psyferreAfter that reboot, I entered rescue mode again and tried the same thing... nothing in /boot this time. =-/18:05
psyferreupdate-grub complains that /boot/grub doesn't exist.  I just tried remounting /boot from /dev/sda1 and via UUID in fstab.  Neither way shows anything in /boot now.18:09
psyferreI *am* using LVM, so I told rescue mode to give me a shell in the root vg.  Is there anything special I need to do to get all partitions mounted?18:10
psyferreTo clarify - I'm not using recover mode from a grub menu, but via a live cd's "Repair a Broken System"18:13
pmatulispsyferre: /boot is in a LVM logical volume?18:16
psyferrepmatulis: yes, but not on its own.  It's part of the /root volume18:20
psyferrepmatulis: It's been a while since I really got into lvm, so I may not have my head around this the right way.  In Repair a Broken System, I had several options for a shell.  I chose the root lvm, rather than /dev/sda5.  Maybe that's incorrect?18:21
psyferreChoosing /dev/sda5 fails to mount.18:23
pmatulispsyferre: you need to expose the lvm layer18:25
psyferrepmatulis: Ah, now my google searches are yielding something useful.  Okay, so it looks like this is basically exactly what I need to do? http://ubuntuforums.org/showthread.php?t=134737518:32
pmatulispsyferre: that's the idea. it's been a while for me too18:33
psyferrepmatulis: awesome.  Thank you very much for your help.  I really appreciate it.18:33
pmatulispsyferre: welcome. let us know what happens18:35
kid4codingheja18:37
kid4codinggents18:37
bizhanI have installed ubuntu 15.04 on my system.  I have attached an embedded device to my system through via USB. I need to configure the usb to act as network adapter device. Any idea how this could be done. Many thanks in advance?18:37
kid4codingwhere is the best location of the document folder for an apache web server18:37
psyferrepmatulis: Will do.  I also found this tool: http://sourceforge.net/p/boot-repair-cd/home/Home/  Seems promising, and was recommended by howtogeek...18:37
psyferrehttp://www.howtogeek.com/114884/how-to-repair-grub2-when-ubuntu-wont-boot/18:38
pmatulisbizhan: normally the kernel either supports the usb network adapter or it doesn't. what do you see with dmesg command after inserting the device?18:39
sdezielpsyferre: you mentioned that your /boot was  contained in the root fs yet you are mentioning it has a UUID, this seems contradictory18:39
psyferresdeziel: It's likely that I'm munging terminology.  I have two volumes, root and swap.  Fstab has a line for the root lvm, and a separate one for /boot.  /boot is mounted via its uuid.18:41
=== cpaelzer_afk is now known as cpaelzer
sarnoldbizhan: please note that 15.04 reaches the end of its life in a few days https://wiki.ubuntu.com/Releases18:41
sarnoldkid4coding: /var/www is popular18:42
bizhanpmatulis, I get some errors: [32255.895599] wlan0: no IPv6 routers present18:42
bizhan[32451.653564] CFG80211-ERROR) wl_run_escan :  Escan set error (-25)18:42
sdezielpsyferre: if /boot has a UUID it means it's a partition (likely your sda1). The PV would then likely be in sda518:42
bizhansarnold, thanks I will start the update today.18:42
sdezielpsyferre: so when you'll run your repair stuff, make sure to work from inside your root LV and have your /dev/sda1 mounted on /boot inside that root FS18:43
psyferresdeziel: Yes, it's definitely sda1.  When I tried to mount /dev/sda1 as /boot it was empty.18:44
sdezielpsyferre: OK and if you umount it, is your data inside /boot ?18:45
sdezielpsyferre: maybe your sda1 is empty and mounting it shadows what's inside /boot from your root FS18:45
kid4codinggetns18:47
kid4codingIf I type #cat /etc/apache2/sites-available/mysite.conf18:48
kid4codingthe document root is set to /var/www/html/18:48
psyferresdeziel: Here's where I'm at currently: http://pasteboard.co/18xIWl3X.png18:48
kid4codingI have created a file .php containing a function to print out the configuration <?php phpversion(); ?>18:49
kid4codingI saved the file as info.php. When I go with my browser at http://localhost/info.php18:49
kid4codingI still get a black screen18:49
=== marcoceppi is now known as marcoceppi|airpl
sdezielpsyferre: looks good to me. This shows your /boot partition does have a bunch of kernels18:50
psyferresdeziel: everything *seems* to be proceeding logically...  Not sure why /boot was empty before.  It seems fine now... my last attempts were through fstab, then mount -a18:50
sdezielpsyferre: maybe it was not mounted before hence was empty?18:50
psyferresdeziel: Must not have been.  I changed lines in fstab, then mount -a, and it was back to normal.  Then rebooted.  After grub failed again, I went back in recovery mode and did mount -a... nothing in /boot.18:51
psyferresdeziel: I must have messed something up in the process.  So, my next step is drop into grub prompt, and do something like # root (hd0,0)  and # setup (hd0), right?18:53
psyferreHmmm... guess not.  "/bin/sh: 7: grub: not found"18:54
sdezielpsyferre: have your tried in the chroot you had in your recovery env?18:55
psyferresdeziel: Yes, If I understand you correctly.  After chroot foo I checked /boot.  Then I changed directory back to the root of foo and attempted to run grub18:57
kid4codingIs there any command to verify I got these modules installed18:58
kid4codingmysql-server libapache2-mod-auth-mysql php5-mysql18:58
sdezielpsyferre: yes. You might also need to mount /proc before chrooting. I vaguely recall that some version of grub needs it18:58
sdezielkid4coding: dpkg -l| grep mysql18:59
sarnoldkid4coding: dpkg -l 'mysql*' | cat18:59
sarnold(the pointless | cat  forces dpkg to show the full version numbers)18:59
psyferresdeziel: ah, that makes sense.  Okay, I'll give that a shot too.  Thank you!18:59
sdezielpsyferre: you are welcome18:59
sdezielsarnold: thanks for explaining the not so pointless cat :)19:00
sarnoldsdeziel :)19:00
kid4codingsdeziel: it seems that I do not have those modules19:00
kid4codingcan I only install the modules above with apt19:01
sdezielkid4coding: yes, apt should let you install those packages without problem19:03
=== marcoceppi|airpl is now known as marcoc|airplane
kid4codingdone19:08
kid4codingthank you19:08
kid4codingCan I leave the loopback address for the binding address of mysql rather than assigning my real IP since it can change?19:08
kid4codingI leave 127.0.0.119:08
sdezielkid4coding: if your PHP app is running on the same machine as your MySQL server, 127.0.0.1 will do just fine19:10
sarnoldkid4coding: if both the server and client run on the same system, that's probably better -- or there may be a named unix domain socket you could use too19:12
davidic657I am sick and tired of Ubuntu security notices hitting my system before some official notice19:14
davidic657you guys have you head up your ass or what19:14
Temperdoes the kernel support vlans on multiple virtual interfaces?19:14
davidic657you look like idiots19:15
davidic657well?19:16
Temperi have one firewall for a building that has multihomed businesses in it. The network is segregated by vlans. Now I want to setup a VPN server on the firewall to allow remote access.. and hints?19:16
sdezieldavidic657: what would you prefer? Get the notice only to see you cannot actually pull the patched software?19:16
davidic657do you guys have your heads in place or not?19:16
Temperdavidic657: with that kind of attitude who are you expecting a reply from?19:16
davidic657I dont care19:16
davidic657do not do the updates before notification19:17
Temperdavidic657: who, exactly, do you think you are?19:17
davidic657whats the thing abought the horse leavibnf etc etc19:17
ikoniadavidic657: what is the actual problem you're upset about19:17
davidic657getting updates with no news about them, like a day later19:18
Temperturn off auto updates19:18
davidic657security?19:18
Picidavidic657: turn on apt-listchnges19:18
Piciapt-listchanges19:18
davidic657justget it together guys and stop giving excuses19:19
sarnolddavidic657: feel free to subscribe https://lists.ubuntu.com/archives/ubuntu-security-announce/2016-January/date.html19:19
Picidavidic657: I still don't understand your question.19:19
jrwren_davidic657: please read: http://www.ubuntu.com/about/about-ubuntu/conduct19:19
davidic657pici you never will your better of on suse anyway19:19
ikoniadavidic657: ok - stop19:20
davidic657stopped19:20
ikoniadavidic657: either explain your problem calmly, and we'll be happy to talk/help with it if possible19:20
ikoniaor drop it19:20
ikoniaeither is fine19:20
davidic657I believe I said stopped19:20
ikoniaok19:20
davidic657or did you miss that typing?19:20
Temperthat's not stopped it's mutated19:21
ikoniaTemper: enough19:21
PiciAnyway.....19:21
ikoniaTemper: I've already asked you in #ubuntu to stop with this comments19:21
davidic657pici go to suse19:21
PiciI'm happy where I am, thanks.19:21
Temperikonia: no you didn't19:21
ikoniaTemper: ok then "please stop"19:21
Temperwith? using !commands?19:22
Tempersorry to play with the bot19:22
ikoniathanks19:22
PiciTemper: feel free to /msg ubottu if you want to try out !commands :)19:22
Tempersupercalifragilisticexpialidocious really does need to be added tho..19:22
ikoniaTemper: this stuff - we don't need to see it please19:22
Temperseriously relax..19:22
ikoniaI am19:23
ikoniaplease just stop with the silly comments19:23
davidic657chilled here19:23
Temperikonia: all work and no play...?19:23
davidic657get your act together19:23
ikoniadavidic657: you too19:23
ikoniait's a channel for ubuntu server discussion, please use it for that19:23
davidic657Hve its why I am here19:23
Temperbesides still waiting to see if anyone responds to my request for tips on how to VPN into a vlan environment...19:24
Tempermaybe #openvpn?19:24
ikoniaTemper: ok, then please wait for that19:24
ikoniaI don't know what tips you want19:24
sarnoldTemper: you know that's way less likely once you fill everyone's scrollback with mindless chatter :)19:24
ikoniajust selected bridged or routed mode - bang you're done19:24
Tempersarnold: stop with your mindless chatter - you are ruining my chances for a response..19:25
ikoniaTemper: I won't ask you again19:25
ikoniaTemper: stop with the stupid comments to people19:25
Temperikonia: and how to you select a vlan id based on user?19:25
ikoniaTemper: you don't19:25
ikoniaTemper: you'd need to tag the tun or tap device19:25
ikoniayou'd need multiple tun or taps depending on your routing19:26
Temperso each user will need it's own tun/tap interface?19:26
ikoniano19:26
PiciWhat are you actually trying to accomplish here?19:26
ikoniayou're not trying to give each user their own vlan are you ?19:26
davidic657lol19:26
Temperi run a network with like 10 businesses on it19:26
davidic657pici loves suse19:26
ikoniaok ?19:26
Temperit is segmented by vlans19:26
ikoniaok19:27
Temperso each user, or company user, will need access to a specific vlan id19:27
Temperas to not be able to access other company resources19:27
ikoniaTemper: so thats not really openvpn's problem if you look at it19:27
ikoniayou'll vpn to a "holding" area19:28
ikoniayou then need to route or bridge your traffic through to the other networks19:28
ikoniayou do that by presenting specific routes per user / group19:28
davidic657geez19:28
sarnoldwould it be better to run multiple openvpn concentrators? a different port per company?19:28
ikoniathen the devices those routes take the user through will tag for you19:28
Temperthat is the part i am curious on.. how to do it.19:28
ikoniaor as sarnold have a vpn per network and have them vpn into their specific business unit19:28
Tempersarnold: explain19:29
davidic657ikonia:  what is your problem?19:29
ikoniadavidic657: your silly comments that you've been asked to stop19:29
davidic657about what?19:29
ikoniadavidic657: drop it - contribute to the channel, be quiet, or leave19:29
ikoniathose 3 options are all that matters19:29
ikoniaTemper: what are these users authing against ?19:29
davidic657me knowing pici is a big suse person19:30
Temperthe whole vpn system is non-existant at this point19:30
ikoniaTemper: ok - what "would" they auth against19:30
sarnoldTemper: I'm just curious if it'd be better to run multiple instances of openvpn if the data they handle should be separated from the other users -- then each instance could get its own tun devices or whatever..19:30
Temperso whatever is needed will be done19:30
Temperi was just going to create users and auth the vpn off the user database19:30
Temperpretty sure i have done that before19:31
ikoniaTemper: what is the user database ?19:31
ikoniaa database, ldap, a file ?19:31
Temper. /etc/passwd?19:31
ikoniaerrr that doesn't seem a good option to manage multiple network entry points19:31
Temperyeah i was thinking it would be simpler than it is19:31
ikoniait's not19:31
kid4codingmysql seems running19:32
ikoniaI'd suggest taking a step back from the VPN at this point and look how you would manage users on the network with multiple accounts and different network restrictions19:32
ikoniaTemper: once you have an idea of that the vpn options will be smaller and you'll be able to narrow it down to 1 or 2 realistic options19:32
Temperi wonder if it would work just to put each company on a different 10.10.x.x network segment and then just put the server on all vlans and use "network security"19:32
ikoniathat wouldn't auth users19:32
Temperi have seen it doen that the ip address range is based on the user19:33
kid4codingI still have problems with PHP to be executed from Apache19:33
Temperso i could maybe modify that example19:33
kid4codingI got a blank screen19:33
ikoniathat won't auth users though19:33
ikoniano19:33
ikoniakid4coding: error in your php19:33
kid4codingI was just printing the output of phpversion();19:33
ikoniastill an error19:34
Temperkid4coding: i hate to break it to you but this isn't really a programming channel19:34
kid4codingikonia: how can I access httpd.conf on ubuntu19:34
ikoniaif you're getting a white screen19:34
ikoniakid4coding: in a text editor19:34
Temperkid4coding: nano httpd.conf19:34
kid4codingTemper: it does not exist on ubuntu19:34
Temperor should i have sent him to vim :)19:34
Temperkid4coding: try #php19:34
Picikid4coding: Did you enable mod_php?19:34
TemperPici: must have or he'd be getting php code19:35
PiciTemper: This is on-topic for this channel as long as hes just trying to get php enabled.19:35
kid4codingTemper: I am installing LAMP19:35
Picikid4coding: how?19:35
sarnoldkid4coding: it's apache2.conf on ubuntu19:35
kid4codingsarnold: I am following this https://help.ubuntu.com/community/ApacheMySQLPHP19:35
kid4codingsarnold: under /etc/apache2/ I do not have httpd.conf19:36
kid4codingIs it normally located on a different path?19:36
sarnoldE486: Pattern not found: httpd19:36
sarnoldkid4coding: (a) I'd be skeptical of that wiki page, it starts out discussing a release of ubuntu from six years ago. not a great start.19:37
sarnoldkid4coding: (b) I don't see httpd.conf mentioned on that page, not sure where you found that, but it feels like a rhel or centos guide instead :)19:37
sdezielkid4coding:  this https://help.ubuntu.com/14.04/serverguide/lamp-applications.html might be a better starting point19:38
Temperyeah i wasn't excited to open that link either..19:38
cmh-fnkid4coding - this might be a good one too https://www.digitalocean.com/community/tutorials/how-to-install-linux-apache-mysql-php-lamp-stack-on-ubuntu-14-0419:38
ikoniathat guide works in concept19:38
ikoniaand it is for ubuntu19:38
sarnoldkid4coding: check out the a2enmod and similar manpages19:38
Temperstill if he is getting a blank page and not php code something is somewhat configured19:38
Tempernow you need to check the log files19:39
kid4codingI want to open httpd.conf to define the association with .php for apache19:39
ikoniait is doing that19:39
ikoniaas you're getting a blank page19:39
ikoniaif it wasn't associated you'd get the page displayed as text19:39
sarnoldkid4coding: probably it's something like a2enmod php5 or something.19:40
ikoniait should already be enabled19:40
sarnold*nod*19:40
ikoniaas if it wasn't the php would be displayed as text19:40
ikoniait's a code error19:40
ikoniaas PHP won't display errors by default19:40
Temperikonia: i am not the only one trying to do this... https://forums.openvpn.net/topic9600.html no there are no answers forthcoming yet19:40
kid4codingit says that PHP5 is already enabled19:40
ikoniaTemper: re-read what I said19:41
ikoniathere are ways to do it, but you are missing too much the basics of management to be able to do it19:41
kid4codingikonia: to me?19:41
ikoniakid4coding: no, temper19:42
ikoniakid4coding: your problem is your PHP is wrong19:42
ikoniaI'm reasonably confident of that19:42
kid4codingphp -v works fine from bash19:42
Temperkid4coding: create this test.php file <? echo "test"; ?>19:42
Temperi think that should work.. hehe been a while since php19:42
Temperthen access http://ip/test.php19:43
ikoniakid4coding: that is not apache rending your php19:43
ikoniakid4coding: that is nothing to do with it19:43
Temperkid4coding: php is the preprocessor but there is a lot going on under the hood to map that to and from apache.19:43
Temperi am fairly confident you have the hooks setup to send the .php file to the preprocessor but that doesn't mean it is configured correctly. if you didn't you would get the .php as a text file in the browser.19:44
ikoniawe've already covered that19:45
Temperbut ikonia is right most likely your php is malformed... well actually - wouldn't php parse back an error?19:45
ikoniano19:45
sarnoldikonia: it's still nice to spell out debugging steps..19:45
ikoniayou just get the white screen unless you turn on debugging19:45
ikoniabut as you are at a level where you can't edit a text file - that seems to be a bit of a pointless process to walk through19:45
Tempermaybe we should just tell him how to do that?19:45
Temperikonia: I am confused by what you mean here: " I'd suggest taking a step back from the VPN at this point and look how you would manage users on the network with multiple accounts and different network restrictions"19:46
ikoniaTemper: you have a network, with multiple vlans on it, and users that will need access to different ones, how will you controll auth on those networks - you can't have every user on every box in the password file19:47
Temperthose are different levels. the vpn is just on the network level.. each business - once on thier network segment - is a completely different system19:48
Temperlike some use mac and other use windows..19:48
ikoniaright, but you need a way to auth them for the vpn and control their restrictions19:48
Temperyeah.. so at most i need to be able to support like 200 users19:48
kid4codingdefinitely, many things have changed19:48
Temperi can't just use the linux user?19:49
ikoniayou can, but is that really how you want to manage 200 users for complex auth and group privileges ?19:49
Temperi mean i can setup radius if you think it would be better19:49
kid4codingGents, do you work as sys admin on Linux?19:49
ikoniaTemper: your other option is to make an exposed entry point for each network vlan and put an openvpn entry point on each one19:49
Temperno group privledges.. just user1 -> vlan 119:49
ikoniathen just manage a password file per openvpn box for only the users allowed on that network19:50
ikoniayou could do it with 1 box and virtual hosts19:50
Temperthe whole network is on 1 box and vms19:50
Temperwell except the mac os stuff -19:50
ikoniaright, but it's VM's so you could do it on one "vm" then19:50
Temperi only have one outbound ip address..19:51
ikoniathats ok19:51
Temperi guess i could put each business on a different port..19:51
ikoniathat works19:51
ikoniaor reverse proxy it to the internal IP's19:51
Temperbut i really want to just have 1 file for the open vpn client config and then map it by username/password19:51
ikoniayou could do that with one password file and multiple vpn instances authing off it19:52
ikoniayou would just need to make sure there was a difference in groups for the users19:52
ikoniaso you could stop openvpn1 authing users for people in the group for openvpn219:52
Temperi have never ran multiple instances of ovpn on 1 box..19:52
ikoniayou can do it from 1 binary set, so if you update 1 vpn's binaries/libraries you update them all19:53
ikoniait's just launching multiple instances19:53
Temperso you just have startupscript that essentially run openvpnserver /etc/openvpn/vpn1.conf - etc19:53
ikoniapretty much19:54
sdezielTemper: the openvpn init script makes it really easy to interact with each individual VPN19:54
sdezielTemper: /etc/init.d/openvpn restart foo19:54
Temperfoo being the instance?19:54
sdezielthis would look for /etc/openvpn/foo.conf19:54
sdezielyes19:54
ikoniasdeziel: does it support something like an include.d so you can put multple configs in there and it loops through them ?19:54
sdezielikonia: if you call /etc/init.d/openvpn restart, all of them will be stopped. The one that will start are those set to AUTOSTART in /etc/default/openvpn19:55
Temperso then create a virtual network (eth0:0) for each vpn instance? then map each virt net to a vlan?19:55
sdezielikonia: but yeah, you can drop multiple .conf under /etc/openvpn/19:56
ikoniasdeziel: so you just define multiple instance in the one config, or specify multiple config files, either works19:56
sdezielikonia: each instance has to be in a single conf file19:56
ikoniaok, so it has to be multiple config files19:56
ikoniastill easy to manage19:57
sdezielyup, one config per openvpn process19:57
Temperyeah i could just copy 1 config to another and edit the changes..19:57
sdezielTemper: if you have a limited amount of users, you could put your per-user config in "ccd" files19:57
sdezielman openvpn for the gory details19:57
ikoniathats an interesting idea, although that would make user managment more complex19:58
Tempersdeziel: haha no thanks!19:58
sdezielthis way you could pin each user to a static IP that you control. This would in turn allow you to restrict the access with the firewall19:58
sdezielikonia: indeed, no free lunch ;)19:59
Tempermaybe it would be easier just to make a small vm per company and then just port forward from the firewall to the correct vm?19:59
sdezielradius is supported by a plugin IIRC19:59
sdezielTemper: that sounds like the best way19:59
Temperwill that work with a vpn connection.. can i use ip tables to take incomming port say 3333 -> 10.10.1.50:[whatever the vpn port it by default]20:00
Temperthen 3334 -> 10.10.1.51:[same port]20:00
sdezielTemper: yes, will work without problem. Default port is UDP/119420:01
Temperi bet i could even use the openvpn appliance...?20:01
Temperthey'd be limited to 2 concurrent connections per company unless they bought a license.. and they could manage thier own users20:02
Tempernm that autoconfigure stuff on the openvpn appliance will never work.20:03
ikoniano, thats openvpn-as20:03
ikoniaif you get openvpn it's totally free20:03
Temperthat's what i mean..20:03
Temperi would prefere to use openvpn-as if possible20:03
ikoniathen buy a license20:03
ikoniait's quite cost effective20:03
Temperyou get 2 concurrent connections for free20:04
sdezielthe as version was pretty kickass last I checked20:04
ikoniait still is20:04
Temperbut it would never be able to autoconfigure witht he firewall changing the ports..20:04
sdezielIIRC it was installable as a deb20:04
ikoniait is still20:05
Temperyeah it is pretty easy to get going.20:05
=== csusi is now known as Guest6795
naccrbasak: what's the normal process for requesting a new package for debian? or a new version of something from upstream? file a debian bug?20:32
kid4codingI apologize if I bother with this story.20:37
kid4codingI re-checked a few steps from the wiki to install everything, but I cannot get it sorted.20:37
geniinacc: Yes, with bug description of something like "wishlist"20:40
naccgenii: thanks!20:44
kid4codingModule php5 already enabled20:50
kid4codingapache2 is running20:50
kid4codingdoc root is set to /var/www/html20:50
kid4codingI placed a file under that folder to check the configuration20:50
kid4codingbut I still get  a blank page....20:50
kid4codingwhat else could I check since apache2 is actually running20:51
sarnolderror logs?20:59
kid4codingsarnold: I am not seeing anything wrong in there21:03
nacckid4coding: can you verify that a static HTML page is hosted properly?21:04
kid4codingsure21:04
nacckid4coding: that way we can isolate it to php, presumably21:04
kid4codinglocalhost works fine. I can try to make a change to it21:04
ikoniakid4coding: your php is wrong21:05
ikoniaif you are getting a blank page, there is an error in the php it's parsing21:06
ikoniaI told you to look at this an hour ago21:06
naccikonia: ah sorry, i didn't go look at the backlog21:06
ikonianacc: not your problem,21:07
ikonianacc: I just don't understand why, it's still continuing without resolving that core base problme21:07
ikoniaproblem21:07
naccikonia: fair enough :)21:08
kid4codingikonia: sorry21:10
kid4codingnacc: the static page works fine21:11
ikoniastatic page is not php21:11
kid4codingthe php5.conf  under /etc/apache2/mods-enabled21:12
kid4codingshows the following:21:12
kid4codingSetHandler application/x-httpd-php-source21:12
ikoniawe've been over this21:13
ikoniawe know it's parsing php or you'd get text21:13
ikoniathere is a problem with your php21:13
kid4codinga2enmod php5 Module php5 already enabled21:13
ikoniawe know this21:13
ikoniawe went over this an hour ago21:13
kid4codingikonia: what else I could check. I went over the basic.21:14
ikoniayour php is wrong21:14
kid4codingikonia: apart installing the related packets, that's the configuration I personally made21:16
ikoniawhat are you talking about21:16
kid4codingikonia: if I type from the bash #php -v it actually works21:16
ikoniaagain - I've told you 3 times that is not the same as the web server21:16
nacckid4coding: can you pastebin the php file you are trying to load?21:16
ikoniakid4coding: is there a reason you have ignored everything you've been told and keep repeating the same thing over and over21:17
ikoniayour php is wrong21:17
ikoniahaveyou looked at the error log of your webserver21:17
ikoniato see what it outputs when it tries to parse the page ?21:17
cryptodanphp.ini could have short tags disabled and some scripts written in php use the short tag <? ?> instead of <php? ?>21:22
kid4coding<?php phpversion(); ?>21:22
kid4codingthat's all I wrote21:22
kid4codingI am trying to see what php.ini is actually loading21:22
kid4codingthat's the error.log21:23
kid4codinghttp://pastebin.com/cUDfaR7821:23
ikoniakid4coding: change it to phpinfo()21:23
ikoniaphpinfo();21:24
cryptodanyup ikonia got it21:26
ikoniakid4coding: does that work ?21:30
kid4codingikonia: yes21:30
kid4codingit works like champ21:30
kid4codingthank you to all for the kindness21:30
ikoniaok - so we've wasted well over and hour while you refused to accept the php was wrong21:30
ikonianext time please, just listen to what's been said and work with people21:30
kid4codingikonia: I feel like you have been right under my should this way.21:32
kid4codingikonia: sorry mate.21:32
ikoniait's not a big deal,21:32
ikoniabut please, in future, try to take in what people are telling you to help, rather than focus on what you think the problem is21:32
kid4codingikonia: let's recap21:32
kid4codingikonia: you think you right21:33
kid4codingkid4coding: on the other side of the net, there's a noob that does not use a single command on linux21:33
kid4codingikonia: listens to you, and try to figures out what's wrong21:33
ikoniayou didn't listen to me21:33
ikoniayou did everything but what I told you to do21:34
ikoniaand ignored what I told you what th eproblem was21:34
kid4codingikonia: when did I ignore what you said?21:34
ikoniawhat is the point of asking for help to ignore it and just keep repeating the problem over and over21:34
ikoniakid4coding: the fact that I told you over an hour in detail we knew PHP was setup right, and your problem was with the PHP code21:34
ikoniayet an hour later you're still trying to check if php is setup right21:34
ikoniayou've ignored the code21:34
ikoniaand you're testing on the command line despite me telling you that had no relevence to the web server21:35
ikoniaso basically you had this fixed and explained to you over an hour ago, you ignored it and continued to just repeat the same thing over and over21:35
kid4codingikonia: I think we all got the point of what you want to say21:37
ikoniaclearly not as you asked when did I ignore what you said21:37
ikoniaso I had to explain it21:37
kid4codingikonia: it's definitely clear now21:39
kid4codingikonia: thanks21:39
ikoniasuper21:40
ikoniahope it goes better next time21:40
kid4codingikonia: definitely21:42
kid4codingdo you recommend any book for learning apache for a production network?21:43
ikoniano21:44
ikoniaif you're going to run this on a production network - you need to know what you are doing, not reading a book21:44
kid4codinglol21:45
kid4codingikonia: I understand what you mean.21:45
cryptodanMight want to consider going to school and taking a class on System Administration and Web Development21:47
kid4codingcryptodan: a class at evening will take me ages21:48
kid4codingcryptodan: do you recommend any online class?21:48
ikoniayou can't short cut experience21:48
cryptodanPrefer Hands on in Class training for System Administration and Web Dev21:48
kid4codingikonia: I am talking about how often the lessons are offered.21:51
kid4codingcryptodan: I understand your point.21:51
ikoniayou need time inbetween to absorb and practice21:51
cryptodanand in class discussion with other students and the instructor21:52
cryptodanIf you do it online you may go to sources for help and get the wrong info21:53
kid4codinghttps://linuxacademy.com/21:58
kid4codingSee you soon22:30
kid4codingThanks again for teaching me22:30
profallHey, uwf is not enabled but I cannot connect to a MySQL remotely (output) on port 3306. (the mysql is not on the ubuntu machine!!!)23:52
profalltelnet times out as well so I know its a network connectivity issue, any ideas.23:52
sarnoldprofall: timeout suggests that a firewall is DROPping packets rather than REJECTing them23:53
sarnoldprofall: investigate the target machine and all routers between the two systems23:53
profallThe target machine is working fine on other non Ubuntu based machines.23:53
bekksBy default, mysqld listens on 127.0.0.1 only.23:53
profallMy CentOS server can connect to it just fine23:53
sarnoldbekks: if that were it, telnet ought to get "connection refused"23:54
profallAny ideas?23:54
profallWhat default firewall stuff is enabled on ubuntu 14.04?23:55
sarnoldprofall: none; iptables -L ... ought to confirm if you've got something else loaded or not23:58

Generated by irclog2html.py 2.7 by Marius Gedminas - find it at mg.pov.lt!