[02:09] <ruben23> hi there guys i have my Ubuntu server installed
[02:09] <ruben23> but as i check there is a internal firewall rules
[02:09] <ruben23> any chance how do i disable it adn removed it somehow.?
[02:10] <ruben23> any idea guys.?
[02:12] <sarnold> ruben23: if you want to uninstall ufw rather than configure it, feel free, just be careful you don't make mistakes configuring your services
[02:15] <ruben23>  sarnold: how do i disable or remove the ufw.? or maybe temporarly disable for testing purposes
[02:15] <sarnold> ruben23: 'ufw disable' if you want to turn it off
[02:15] <sarnold> ruben23: apt-get purge ufw if you decide you don't want it at all
[02:16] <ruben23> when disable this comes up again after reboot right..?
[02:17] <sarnold> probably
[03:09] <ShellcatZero> stupid question: is there some way to scroll line by line in the console instead of the half-page lengths with shift+pg up/down?
[03:26] <ShellcatZero> I suppose I'll just use gnu screen
[03:27] <hehehe> 16.04 server php 7  zlib is not there
[03:28] <hehehe> any ideas why is kinda missing
[03:42] <ruben23> hi guys
[03:43] <ruben23> im currently on root on my ubuntu server and i have a username asterisk, any idea how do i access that.?
[03:43] <ruben23> without re login.?
[03:47] <tarpman> ruben23: su - asterisk
[03:47] <tarpman> ruben23: or sudo -u asterisk -i
[03:47] <tarpman> ruben23: the first one would prompt you for asterisk's password, the second would prompt you for your own password, otherwise they do largely the same thing
[03:49] <ruben23> tarpman: asterisk user have a script that runs successfully, but when i used root it does not run
[03:50] <ruben23> how do i make the root user be able to run the asterisk user permission also.?
[03:50] <ruben23> any idea.?
[03:50] <tarpman> ruben23: if the script is designed to be run as asterisk, probably you should run it as asterisk
[03:51] <ruben23> but i need to run it on root also, most of the time
[03:51] <tarpman> why?
[03:51] <ruben23> coz during operation the default setup is on root
[03:51] <ruben23> during our monitoring
[03:52] <tarpman> also you can easily write a one-liner that does 'runuser - asterisk -c <the actual script>'
[03:52] <tarpman> and run that as root
[03:53] <ruben23> but im not sure i to put it automatic
[03:54] <ruben23> coz by default when i run asterisk im at root
[03:54] <ruben23> and the system script just run automatically
[03:54] <ruben23> please help
[03:56] <ruben23> tarpman:..?
[03:57] <tarpman> sorry, I'm not understanding what you're trying to do
[03:59] <ruben23> s3cmd - is a script, when i run it manually on user asterisk it runs the script but with root in automatic it does not run
[03:59] <tarpman> what do you mean by "in automatic"
[04:00] <ruben23> automatic means the script runs auto
[04:00] <tarpman> are you trying to make a cron job? a system service? all of these things have features for running commands as specified users
[04:00] <tarpman> it would help if you phrase your question in more general terms like "I have a script that uses s3cmd to back up my asterisk server to AWS and I want it to run periodically"
[04:01] <tarpman> (that might not actually be what you want, it's just a guess)
[04:03] <ruben23> ok this s3cmd script is set on na asterisk telephone system where when a calls comes in it is triggered to upload a recording to an AWS storage, now when we run the script runs but it does not upload at all, but when we used the user asterisk it runs and it uploads perfectly
[04:04] <tarpman> ok. what triggers it and why can't it trigger as asterisk?
[04:04] <ruben23> we manually used the user asterisk to run the script
[04:04] <tarpman> and why can't it trigger a wrapper script of your own devising that calls runuser(8) like I suggested above?
[04:05] <ruben23> yes how do i invoke an asterisk user on a script.?
[04:05] <ruben23> i dont know how to do it
[04:05] <tarpman> I haven't used s3cmd so I don't know what it would be depending on in asterisk's environment. probably needs the $HOME/.aws for credentials, or something like that
[04:05] <tarpman> I already said, above
[04:05] <tarpman> runuser -l asterisk -c 'the command to run as asterisk'
[05:44] <lordievader[m]> Good morning
[07:23] <funabashi> anyone know how i can do so a user only can see his own home dir and nothing else with sftp?
[07:29] <sarnold> funabashi: do the users have shells that you'd still like them to be able to use?
[07:31] <sarnold> funabashi: I think the ChrootDirectory directive to sshd_config might be able to do the job, but if you also want them to be able to use a shell when they ssh in normally, it'll probably be trouble
[07:32] <sarnold> funabashi: if ChrootDirectory doesn't do it you might be able to wrap sftp-server with an AppArmor profile; this might require profiling sshd too. If you head down that route it'd be a good idea to have another terminal open with a root shell sitting somewhere handy but unlikely to be accidentally closed :)
[07:35] <funabashi> no ssh access
[07:35] <sarnold> aha, then ChrootDirectory sounds promising. :)
[07:35] <sarnold> chroot normally has enough troubles that I don't like recommending it
[07:35] <sarnold> but if they just sftp and don't ssh, it'll probably work okay
[07:35] <funabashi> sarnold: do maybe can recommend any guide for this?
[07:36] <sarnold> funabashi: I don't know of any off-hand, sorry
[07:36] <sarnold> the sshd_config(5) manpage is the best I know, and it's too terse
[14:32] <nacc> jamespage: sorry, I've had some network issues at the sprint -- re: python-django, are you still blocked by the openstack stuff in proposed?
[14:33] <jamespage> nacc: I've not looked specificaly at the django stuff yet - but yes openstack  pike b1 is jammed in proposed - mostly blocked on kombu / celery compat atm I think
[14:34] <nacc> jamespage: ok, if there's anything i can do to help, let me know :)
[14:41] <powersj> cpaelzer: your dpdk merge is empty
[15:01] <nacc> powersj: LP: #1627768
[15:34] <teward> nacc: cool, I"m glad to hear my release notes section for NGINX on Server works as is :)
[15:43] <jamespage> coreycb: I've pushed all of the b2 dependency updates to artful in perparation for b2's tomorrow
[15:44] <coreycb> jamespage: excellent
[15:51] <JrWebDev> how do i stop the time from automatically syncing and adjust the time manually
[16:05] <cpaelzer> powersj: has content now, thanks for the ping
[16:58] <sarnold> JrWebDev: disable ntpd; you can then use date to set the time
[20:22] <hashwagon> Hey does preseed support copying a file from the installation media to the installed system?
[20:57] <nacc> hashwagon: you can do arbitrary commands in a preseed
[22:38] <cpaelzer> ahasenack: http://pad.ubuntu.com/61wJGD7csl
[22:38] <ahasenack> let's see
[22:38] <cpaelzer> ahasenack: if you want to take a look at the old samba's
[23:14] <ahasenack> cpaelzer: the trusty nomination we talked about: https://bugs.launchpad.net/ubuntu/+source/samba/+bug/820679