| --- | Log | opened Sun May 30 00:00:23 2004 |
| 00:03 | @caker | sighup: ups 1ZT132T00348782839 |
| 00:03 | sighup | In Transit [ On-Time ] Sched. Delivery: Jun 7, 2004 Shipped to: NASHVILLE, TN, US Service Type: GROUND Your package is in the UPS system and is on-time with a scheduled delivery date of Jun 7, 2004.. Results as of May 30, 2004 12:03 A.M. Eastern Time (USA) |
| 00:05 | fo0bar | ha ha ups |
| 00:05 | guinea-sleepe | | another server? |
| 00:05 | @caker | that's just a 1000base-t GBIC |
| 00:05 | @caker | just for fun |
| 00:05 | guinea-sleepe | | oh, one of those old things |
| 00:05 | guinea-sleepe | | i was hoping it'd be something cool |
| 00:05 | @caker | servers are on their way, too :) |
| 00:06 | guinea-sleepe | | i've not been paying attention in a long time... are you still looking for a third DC? |
| 00:06 | @caker | ahh, I was wrong -- those are the two DS9's |
| 00:06 | fo0bar | http://www.finnie.org/stuff/screencap-20040529-203949.png <-- I love xosd and xplanet |
| 00:06 | fo0bar | and staging screenshots ;) |
| 00:06 | @caker | guinea-sleepe: pretty sure I'm going with Equinix in Ashburn, VA |
| 00:07 | @caker | llamma-tipping? |
| 00:07 | fo0bar | caker: don't ask :) |
| 00:08 | fo0bar | http://llamawiki.arouse.net/ |
| 00:08 | guinea-sleepe | | so *maybe* museum of science tomorrow, otherwise definitely next weekend. gotta go before einstein leaves! |
| 00:09 | guinea-sleepe | | but the MFA is free on monday. i can't pass that up :p |
| 00:09 | @caker | hehe .. on my trip around the US, I was suprised to see "Llammas for sale" in TX (i think) .. we got a big kick out of it |
| 00:09 | guinea-sleepe | | heh |
| 00:09 | --- | <<-- pknetworks [~pknetwork@dialup-4.226.213.166.Dial1.Dallas1.Level3.net] has quit (Ping timeout: 480 seconds) |
| 00:09 | fo0bar | I guess that's the closest thing to an official web page |
| 00:09 | guinea-sleepe | | friend of mine is up in ... maine? ... for a llama art festival or something |
| 00:10 | @caker | I generally tip 15% :-p |
| 00:11 | guinea-sleepe | | that's the great thing about living in MA: sales tax is 5%, so you just tip 3*whatever the tax is |
| 00:12 | guinea-sleepe | | and don't even have to think about what 15% might be |
| 00:12 | fo0bar | WI was the same way |
| 00:12 | @caker | I just do 10% of the amount, and add another half .. |
| 00:12 | @caker | easy |
| 00:12 | guinea-sleepe | | caker: that's too hard for some people :P |
| 00:12 | guinea-sleepe | | i didn't say i was one of them |
| 00:28 | --- | ---> jh_ [~jason@209.137.229.132] has joined #linode |
| 00:29 | @caker | hello |
| 00:30 | Efudd | word to my UT2004 server running now :) |
| 00:30 | @caker | where is it running? |
| 00:30 | | * Efudd just got beat bad :/ |
| 00:31 | Efudd | forever.broked.net |
| 00:31 | Efudd | that isn't against any eula is it? :) |
| 00:31 | @caker | haha |
| 00:31 | @caker | nope .. how's it handle it? |
| 00:31 | Efudd | i figure i could *use* some of the cpu i've been giving up lately :) |
| 00:31 | Efudd | well, with 2 players, ok :) |
| 00:31 | @caker | I've been playing the demo |
| 00:31 | Efudd | ah. spiffy. |
| 00:31 | Efudd | yah. forever.broked.net, password secret |
| 00:31 | @caker | will kick ur butt |
| 00:31 | Efudd | not on now. logging into EQ for a bit tho |
| 00:32 | Efudd | server is running, but eh.. :) |
| 00:32 | Efudd | i just got my ass handed to me by a friend |
| 00:32 | Efudd | 42 deaths to his 4? |
| 01:13 | --- | <<-- Newsome [~sorenson@byu-gw.customer.csolutions.net] has quit (Quit: Leaving) |
| 01:19 | --- | <<-- emcnabb [~emcnabb@c-67-172-225-144.client.comcast.net] has quit (Ping timeout: 480 seconds) |
| 01:37 | --- | ---> Sh8d0w [~Sh8d0w@h-67-100-50-217.nycmny83.dynamic.covad.net] has joined #linode |
| 01:38 | --- | <--- Sh8d0w [~Sh8d0w@h-67-100-50-217.nycmny83.dynamic.covad.net] has left #linode () |
| 01:42 | --- | ---> Redgore_ [Redgore@195.38.75.148] has joined #linode |
| 01:42 | --- | <<-- Redgore [Redgore@195.38.75.148] has quit (Read error: Connection reset by peer) |
| 02:02 | --- | ---> Newsome [~sorenson@sorenson.dsl.csolutions.net] has joined #linode |
| 02:35 | --- | ---> umun [~ca9c0208@64.35.99.205] has joined #linode |
| 02:36 | --- | <<-- umun [~ca9c0208@64.35.99.205] has quit (Quit: ) |
| 02:36 | --- | ---> umun [~ca9c0208@64.35.99.205] has joined #linode |
| 02:38 | --- | <--- umun [~ca9c0208@64.35.99.205] has left #linode () |
| 02:52 | --- | <<-- Newsome [~sorenson@sorenson.dsl.csolutions.net] has quit (Quit: Leaving) |
| 03:42 | --- | ---> Redgore [Redgore@195.38.75.148] has joined #linode |
| 03:42 | --- | <<-- Redgore_ [Redgore@195.38.75.148] has quit (Read error: Connection reset by peer) |
| 04:21 | --- | <<-- codesmith [~bryansmal@pcp03851303pcs.martnz01.ga.comcast.net] has quit (Ping timeout: 480 seconds) |
| 04:30 | --- | ---> littleady [~3efc6004@64.35.99.205] has joined #linode |
| 04:34 | --- | ---> codesmith [~bryansmal@pcp03851303pcs.martnz01.ga.comcast.net] has joined #linode |
| 04:47 | --- | <<-- codesmith [~bryansmal@pcp03851303pcs.martnz01.ga.comcast.net] has quit (Ping timeout: 480 seconds) |
| 05:01 | --- | ---> codesmith [~bryansmal@pcp03851303pcs.martnz01.ga.comcast.net] has joined #linode |
| 05:17 | adamg | morning all |
| 05:19 | --- | <<-- codesmith [~bryansmal@pcp03851303pcs.martnz01.ga.comcast.net] has quit (Ping timeout: 480 seconds) |
| 05:19 | Efudd | yo |
| 05:32 | --- | ---> codesmith [~bryansmal@pcp03851303pcs.martnz01.ga.comcast.net] has joined #linode |
| 05:44 | --- | <<-- Redgore [Redgore@195.38.75.148] has quit (Read error: No route to host) |
| 05:44 | --- | ---> Redgore_ [Redgore@195.38.75.148] has joined #linode |
| 05:53 | --- | <<-- sunny [~sunny@user-12hdttp.cable.mindspring.com] has quit (Read error: Connection reset by peer) |
| 05:55 | littleady | hi anyone here to help me setup my dns??? |
| 05:59 | littleady | just through doster i have got a domain name and managed dns services with it?? |
| 06:56 | --- | ---> sunny [~sunny@user-12hdttp.cable.mindspring.com] has joined #linode |
| 07:06 | --- | User: *** Redgore_ is now known as Redgore |
| 07:45 | --- | <<-- Redgore [Redgore@195.38.75.148] has quit (Read error: No route to host) |
| 07:45 | --- | ---> Redgore_ [Redgore@195.38.75.148] has joined #linode |
| 08:22 | --- | <<-- codesmith [~bryansmal@pcp03851303pcs.martnz01.ga.comcast.net] has quit (Ping timeout: 480 seconds) |
| 08:56 | --- | ---> codesmith [~bryansmal@pcp03851303pcs.martnz01.ga.comcast.net] has joined #linode |
| 09:21 | --- | <<-- Tenkawa [~Tenkawa@dhcp065-031-021-203.insight.rr.com] has quit (Ping timeout: 480 seconds) |
| 09:32 | --- | <<-- codesmith [~bryansmal@pcp03851303pcs.martnz01.ga.comcast.net] has quit (Ping timeout: 480 seconds) |
| 09:38 | --- | ---> emcnabb [~emcnabb@byu176783wks.rn.byu.edu] has joined #linode |
| 09:39 | --- | User: *** guinea-sleepe is now known as guinea-MoS |
| 09:40 | --- | ---> Tenkawa [~Tenkawa@dhcp065-031-021-203.insight.rr.com] has joined #linode |
| 09:44 | --- | <<-- littleady [~3efc6004@64.35.99.205] has quit (Quit: CGI:IRC (Ping timeout)) |
| 09:45 | --- | ---> Redgore [Redgore@195.38.75.148] has joined #linode |
| 09:46 | --- | <<-- Redgore_ [Redgore@195.38.75.148] has quit (Read error: No route to host) |
| 09:46 | --- | ---> codesmith [~bryansmal@pcp03851303pcs.martnz01.ga.comcast.net] has joined #linode |
| 09:51 | --- | ---> symb [~18832c72@64.35.99.205] has joined #linode |
| 09:52 | --- | <<-- david [~d@vidcoulson.com] has quit (Ping timeout: 480 seconds) |
| 09:54 | symb | out of curiousity, what are some uses/benefits of changing your reverse dns? |
| 09:57 | guinea-MoS | if i visit your website from my linode, i'll show up in your logs as "parsed.net" instead of "li-whatever.linode.com" |
| 09:57 | guinea-MoS | when i irc, i irc from "parsed.net" instead of... |
| 09:58 | guinea-MoS | i think some email servers may throw a fit if rDNS doesn't match. i can't remember |
| 09:58 | | * guinea-MoS leaves now |
| 09:58 | guinea-MoS | a Van de Graaff generator awaits! |
| 09:58 | adamg | email servers may moan if there is no rdns set, the rdns does not have to match the sender domain |
| 09:58 | guinea-MoS | aha |
| 09:58 | adamg | mainly aol |
| 09:59 | symb | so basically rather than having to set any type of vhost |
| 10:00 | --- | <<-- codesmith [~bryansmal@pcp03851303pcs.martnz01.ga.comcast.net] has quit (Ping timeout: 480 seconds) |
| 10:00 | Ashen | you can get irc vhosts - that's what I use it for. Not sure it has any other uses though. |
| 10:00 | --- | <<-- Ashen [ashen@vampires.moonlightglade.net] has quit (Remote host closed the connection) |
| 10:00 | --- | ---> Ashen [ashen@vampires.moonlightglade.net] has joined #linode |
| 10:02 | symb | Ashen: but you could only use *.example.com for vhosts and only one domain right? |
| 10:04 | Ashen | symb: you can use any vhost that you want for a host on IRC, provided you can get the forward and reverse dns to match up for that IP, and that's an IP you can bind to on your machine |
| 10:05 | Ashen | the limit is : can you get some.host.name to resolve to your-ip-addy, and can you get your-ip-addy to resolve back to some.host.name? if you can get both, and you can use your-ip-addy on irc, then you can have the some.host.name vhost. |
| 10:05 | symb | ok cool, i understand now, thank you |
| 10:06 | symb | on a mail server, if I were to host another domain and have a mail server for each, would the header for each domain show the reverse dns somewhere in it? |
| 10:13 | Ashen | not sure, don't think so |
| 10:13 | Ashen | depends on mailer config |
| 10:13 | --- | <<-- probonic [~probonic@62.55.150.45] has quit (Read error: Connection reset by peer) |
| 10:14 | Ashen | I don't think you really need rdns control for mail |
| 10:24 | --- | ---> Smith [~smith@amazonas-1356.adsl.datanet.hu] has joined #linode |
| 10:24 | Smith | Hi |
| 10:24 | adamg | lo |
| 10:26 | --- | <<-- Smith [~smith@amazonas-1356.adsl.datanet.hu] has quit (Quit: http://www.linuxbazis.hu/) |
| 10:39 | --- | <<-- emcnabb [~emcnabb@byu176783wks.rn.byu.edu] has quit (Quit: emcnabb) |
| 11:07 | --- | ---> R0mMeL [Darkvice@ACA5DF6F.ipt.aol.com] has joined #linode |
| 11:29 | --- | <<-- Redgore [Redgore@195.38.75.148] has quit (Quit: ) |
| 11:33 | --- | ---> Redgore [Redgore@195.38.75.148] has joined #linode |
| 12:12 | --- | <<-- Redgore [Redgore@195.38.75.148] has quit (Quit: ) |
| 12:19 | --- | ---> Redgore [Redgore@195.38.75.206] has joined #linode |
| 12:34 | --- | ---> compuserve [~c89e1491@64.35.99.205] has joined #linode |
| 12:34 | compuserve | hi |
| 12:34 | compuserve | caker ;) |
| 12:45 | --- | Netsplit orion.oftc.net <-> uranium.oftc.net quits: Ashen, ElectricElf, pdx6, inkblot, fo0bar, Tenkawa, NeXTer, fo0barf, Artifex, AndyHat, (+19 more, use /NETSPLIT to show all of them) |
| 12:47 | --- | Netsplit over, joins: ElectricElf, adamg, Redgore, Efudd, rko, BB, inkblot, wferrel, @caker, Artifex (+19 more) |
| 12:54 | --- | <<-- compuserve [~c89e1491@64.35.99.205] has quit (Quit: CGI:IRC (Ping timeout)) |
| 13:08 | --- | <<-- Devboy [~devboy@83.218.5.217] has quit (Quit: Leaving) |
| 13:37 | --- | ---> brtb [~brtb@33.151.204.68.cfl.rr.com] has joined #linode |
| 14:20 | --- | ---> Redgore_ [Redgore@195.38.75.206] has joined #linode |
| 14:20 | --- | <<-- Redgore [Redgore@195.38.75.206] has quit (Read error: No route to host) |
| 14:27 | --- | ---> k4k0 [~k4k0@200216166078.user.veloxzone.com.br] has joined #linode |
| 14:29 | --- | ---> codesmith [~bryansmal@pcp03851303pcs.martnz01.ga.comcast.net] has joined #linode |
| 14:52 | --- | User: *** Redgore_ is now known as Redgore |
| 15:09 | --- | <<-- R0mMeL [Darkvice@ACA5DF6F.ipt.aol.com] has quit (Read error: Connection reset by peer) |
| 15:24 | --- | ---> emcnabb [~emcnabb@c-67-172-225-144.client.comcast.net] has joined #linode |
| 15:32 | --- | <<-- codesmith [~bryansmal@pcp03851303pcs.martnz01.ga.comcast.net] has quit (Ping timeout: 480 seconds) |
| 15:55 | emcnabb | is there a way to see a graph of my transfer rates over the last few months? |
| 15:59 | @caker | emcnabb: no graphs unless you mrtg'ed it (or the like)... just the history off the "My Account" |
| 15:59 | adamg | hi caker |
| 15:59 | Ashen | caker: is there any file that documents the changes made from kernel 2.4.26 to 2.6.5? |
| 15:59 | Ashen | caker: the linode version, I mean |
| 16:00 | Ashen | caker: I ask because due to security arrangements it looks like I'm going to have to run 2.6.5, and wonder if it will change much. |
| 16:00 | @caker | hello |
| 16:00 | @caker | Ashen: hmm .. changes needed to run 2.6 you mean? |
| 16:02 | @caker | Ashen: There shouldn't be any Linode/UML specific changes from 2.4 to 2.6, other than lack of nptl support |
| 16:02 | @caker | Ashen: which distro do you run? |
| 16:02 | Ashen | both, if possible...... I've always run latest 2.4 stable, never ventured into 2.6 |
| 16:03 | Ashen | caker: RH9 atm, but I'm trying to migrate to debian (for which I would want to buy a second linode), and redesign from the ground up. One of the features I want requires .6 to work. |
| 16:03 | @caker | Ashen: yeah .. you might need to "mv /lib/tls /lib/tls-disabled" to get around the NPTL issue |
| 16:04 | Ashen | NPTL? What is tls? |
| 16:04 | @caker | Ashen: and the apt-get needs "LD_ASSUME_KERNEL=2.2.5 apt-get whatever" |
| 16:04 | @caker | Ashen: there might be an update to apt so you don't have to do that |
| 16:04 | @caker | Ashen: native posix threads library |
| 16:04 | Ashen | hm |
| 16:04 | @caker | Ashen: those are the only issues |
| 16:04 | | * Ashen saves this convo out |
| 16:04 | emcnabb | caker, cool, thanks |
| 16:04 | @caker | Ashen: you can also stick that env variable in a startup/login script |
| 16:04 | Ashen | you must get a lot of questions about that upgrade. |
| 16:04 | @caker | not really, that's from my own use :) |
| 16:05 | @caker | those are really the only two issues that I've encountered |
| 16:05 | @caker | both NPTL related |
| 16:05 | Ashen | would it be possible to get a second linode on the same account, or would I have to get a second account ? |
| 16:05 | @caker | second account ;/ |
| 16:05 | @caker | you could shutdown and boot into a different profile... |
| 16:06 | Ashen | can't do that - need to have em both running at once |
| 16:06 | Ashen | otherwise, would have - already tried that in fact to test out debian. |
| 16:09 | Ashen | would I have to do the phone verification thing again if I bought another linode? |
| 16:09 | @caker | nah |
| 16:10 | Ashen | if I gave you the specs of what I wanted, could you bill me for it (same everything as first account) and set it up? |
| 16:11 | @caker | Ashen: I'll need you to run through the signup again .. is that ok? |
| 16:11 | Ashen | I'm migrating systems you see, I want the first one online while I transfer stuff off it and get the second one setup, but eventually I plan to move to the second one exclusively. |
| 16:11 | Ashen | which signup is that? |
| 16:11 | @caker | https://www.linode.com/signup/ |
| 16:17 | Ashen | it won't let me signup: |
| 16:17 | Ashen | no plan was found that could match your request. Please narrow your selection, and try again. |
| 16:18 | @caker | for what? |
| 16:18 | Ashen | signing up with linode 128 monthly, no extras |
| 16:18 | @caker | sighup: linode avail |
| 16:18 | sighup | Linode availability -- [Linode 64: 12] [Linode 96: 0] [Linode 128: 0] [Linode 192: 3] [Linode 256: 3] |
| 16:19 | @caker | one secv |
| 16:19 | @caker | try now please |
| 16:22 | --- | ---> Redgore_ [Redgore@195.38.75.206] has joined #linode |
| 16:22 | --- | <<-- Redgore [Redgore@195.38.75.206] has quit (Read error: Connection reset by peer) |
| 16:22 | --- | User: *** Redgore_ is now known as Redgore |
| 16:23 | Ashen | doing payment now. |
| 16:27 | adamg | this new hosts seems stable enough |
| 16:27 | @caker | yeah, I've opened some slots on it .. up to 12 nodes running on it now... |
| 16:28 | adamg | is it only a new linode kernel or a new host kernel as well |
| 16:28 | @caker | both |
| 16:28 | @caker | cat /proc/cpuinfo |
| 16:28 | @caker | the other's are 2.6.4 based |
| 16:29 | adamg | at least it means I wont have to go through another host reboot this time |
| 16:33 | @caker | Ashen: all set -- thanks |
| 16:35 | Ashen | thank you :) |
| 16:35 | @caker | time for food .. bbiab |
| 16:36 | @caker | Ashen: btw, if you want to transition some of your IPs when you're ready, let me know |
| 16:36 | Efudd | hrm. |
| 16:37 | Ashen | caker: mmmm, I'll think about it, I was considering moving only the absolute bare minimums across (some scripts I've written, databases...) and just doing everything else from scratch. |
| 16:37 | @caker | Ashen: okay |
| 16:38 | Ashen | caker: out of curiousity, what is CentOS? |
| 16:38 | @caker | Ashen: it's Red Hat Enterprise distro |
| 16:39 | Ashen | ah :) |
| 16:54 | --- | User: *** guinea-MoS is now known as guinea-pig |
| 16:57 | --- | <<-- k4k0 [~k4k0@200216166078.user.veloxzone.com.br] has quit (Quit: The 7 Deadly Sins: Respire aliviado. [www.t7ds.com.br]) |
| 17:12 | Ashen | caker: I hate to ask this, but is the debian install usable? apt-get doesn't work as it claims that "something wicked happened with resolving" all the sources ftp sites, and 'dig' is missing. |
| 17:12 | Ashen | there is also no gcc or similar that I can use to actually install the missing packages like dig that I would need to alter the dns situation |
| 17:13 | Ashen | can you advise? |
| 17:14 | adamg | apt-get should work |
| 17:14 | adamg | you will need to install gcc etc via apt-get |
| 17:15 | adamg | you may need to update the nameservers list thought |
| 17:16 | Ashen | ah, where is that, and what should I set it to? |
| 17:17 | adamg | /etc/resolv.conf |
| 17:17 | adamg | nameserver 64.62.190.9 |
| 17:17 | adamg | nameserver 65.19.175.2 |
| 17:17 | adamg | nameserver 65.19.176.2 |
| 17:17 | adamg | nameserver 65.19.174.2 |
| 17:19 | Ashen | search? |
| 17:19 | adamg | linode.com |
| 17:20 | Ashen | hm, same result as before |
| 17:20 | adamg | apt-get update |
| 17:22 | Ashen | all fails for the same reason |
| 17:22 | adamg | can you ssh in to it |
| 17:23 | Ashen | yeah I'm sitting on # now |
| 17:23 | Ashen | I can run commands, but apt-get fails totally |
| 17:23 | adamg | can you ping anything |
| 17:23 | Ashen | unknown host linode.com |
| 17:24 | Ashen | looks like it's not networked |
| 17:24 | adamg | if you can ssh in to it, it is working, just cant resolv |
| 17:24 | adamg | can you ping 131.251.49.180 |
| 17:24 | Ashen | hang on, I'm in list-console, not ssh, sorry |
| 17:24 | Ashen | lish* console |
| 17:24 | adamg | what does ifconfig say |
| 17:26 | Ashen | eth0 : UP BROADCAST RUNNING MULTICAST |
| 17:26 | adamg | looks like there hasnt been an ip assigned |
| 17:26 | adamg | it appears to happen every now and again when a host runs out of ip addresses |
| 17:27 | Ashen | ok, sorry for appearing so clueless, but how do I fix it? |
| 17:27 | adamg | you will have to wait for caker do get back |
| 17:27 | adamg | you cant fix it |
| 17:27 | Ashen | hm ok |
| 17:28 | | * Ashen waits for caker then, thank you adamg. |
| 17:30 | --- | ---> compuserve [~c89e1491@64.35.99.205] has joined #linode |
| 17:30 | compuserve | caker hi |
| 17:36 | SupaDongzu | oh boy it is compuserv! |
| 17:36 | SupaDongzu | compuserve: do you still charge by the second? |
| 17:36 | guinea-pig | no, he rounds up to the nearest minute now |
| 17:37 | SupaDongzu | compuserve: You should have sent out tons of CD-ROMs the way AOL did |
| 17:37 | SupaDongzu | then you would have had lots of users! |
| 17:38 | @caker | Ashen: what's up with that? |
| 17:41 | --- | ---> claviola [claviola@200.162.246.133.user.ajato.com.br] has joined #linode |
| 17:41 | claviola | there's no compuserve brasil. |
| 17:41 | --- | <--- claviola [claviola@200.162.246.133.user.ajato.com.br] has left #linode () |
| 17:42 | Ashen | caker: don't know - it's not getting an IP address. |
| 17:42 | @caker | Ashen: /... |
| 17:42 | @caker | Ashen: oops .. try /etc/init.d/networking restart |
| 17:44 | @caker | ahh |
| 17:44 | @caker | I know this bug |
| 17:44 | | * Ashen loses net access from home due to unreliable optical link that drops repeatedly - and just uses the members/ web panel to reboot whilst he gets terminal back up |
| 17:45 | @caker | with Debian and the 2.6 kernel, you need to apt-get install dhcp3-client |
| 17:45 | --- | <<-- compuserve [~c89e1491@64.35.99.205] has quit (Quit: caput!) |
| 17:45 | adamg | which you cant do without an ip |
| 17:45 | @caker | reboot using 2.4 |
| 17:45 | @caker | or ifconfig eth0 manually |
| 17:46 | @caker | or edit and fix /sbin/dhclient |
| 17:46 | @caker | (shell script) |
| 17:46 | adamg | and ask caker nicly to update the debian image |
| 17:47 | @caker | hehe |
| 17:47 | @caker | word |
| 17:48 | Ashen | heh |
| 17:48 | Ashen | I see. |
| 17:49 | adamg | caker may be worth pointing that out on the forum as it means that if people from from 2.4 to 2.6 most of the debian boots will have problems |
| 17:50 | @caker | adamg: there's a bunch of 2.6-related issues, that's why I haven't officially announced/supported it yet |
| 17:50 | adamg | yeah with gentoo is screws things as well |
| 17:50 | adamg | or for me anyway |
| 17:51 | Ashen | hwclock is unable to get I/O port access: the iopl(3) call failed. |
| 17:51 | Ashen | it's not working, even with 2.4 |
| 17:51 | @caker | Ashen: that's normal (no hwclock) |
| 17:51 | | * Ashen checks |
| 17:52 | Ashen | conflciting dhcp-config files |
| 17:52 | @caker | blow it away |
| 17:52 | Ashen | install new over old you mean? |
| 17:52 | adamg | yeah |
| 17:52 | @caker | install new |
| 17:53 | @caker | that's a generic conf file |
| 17:53 | | * adamg has gotta stop playing silly computer card games and get on with some coding |
| 17:53 | Ashen | ok |
| 17:53 | Ashen | should I be able to reboot now into 2.6 and have things work? |
| 17:53 | @caker | yeah |
| 17:53 | Ashen | ok |
| 17:53 | | * Ashen tests tennatively. |
| 17:54 | @caker | it pings :0 |
| 17:54 | Ashen | run-parts: component /etc/dhcp3/dhclient-enter-hooks.d/debug-enter is not an executable plain file |
| 17:55 | Ashen | run-parts: component /etc/dhcp3/dhclient-exit-hooks.d/debug-exit is not an executable plain file |
| 17:55 | @caker | that's new to me |
| 17:55 | Ashen | yay, it works :) |
| 17:55 | guinea-pig | heh |
| 17:55 | Ashen | more or less - not to install |
| 17:56 | Ashen | caker: there is a very helpful guide I found at http://www.debian.org/doc/manuals/securing-debian-howto/index.en.html that you might want to post somewhere for people wanting to setup debian securely (I dunno if you'd find it helpful, I'm going by it as this is the first time I've ever used deb) |
| 17:57 | @caker | Ashen: you should run "dpkg-reconfigure -a" to set everything up right off (I missed that step when building the image) |
| 17:58 | @caker | the deb image is also missing /etc/hosts |
| 17:58 | @caker | but I believe that will fix it |
| 17:58 | Ashen | ok |
| 17:58 | Ashen | hrm, I have a lot of learning to do before I can operate debian sufficiently :) |
| 17:59 | guinea-pig | regarding those errors, i think the .deb may be broken |
| 18:00 | guinea-pig | if it's using run-parts, i think those hook scripts need to be +x, and should have a #!, and they aren't/don't |
| 18:01 | Ashen | hrm, that command caker gave me appears to hang |
| 18:02 | Ashen | on the keymap screen |
| 18:02 | Ashen | I think this happened before |
| 18:02 | Ashen | when I did a tmp deb install on my old linode |
| 18:02 | @caker | Ashen: try running it via ssh, rather than through the console (?) |
| 18:02 | Ashen | and it crashed unless I entered 'don't touch kernel keymap' |
| 18:02 | @caker | hmm |
| 18:03 | guinea-pig | interesting |
| 18:03 | Ashen | that won't even start |
| 18:03 | Ashen | debconf: DbDriver "configdb" error: /var/cache/debconf/config.dat is locked by another process |
| 18:03 | Ashen | I killed all sessions from a new lish |
| 18:03 | @caker | ps auxhf, kill |
| 18:04 | @caker | ps auxhf, kill the dpkg processes |
| 18:04 | adamg | yeah but it is still running from within the linode |
| 18:04 | adamg | skill dpkg |
| 18:04 | Ashen | ah ok |
| 18:04 | guinea-pig | meh |
| 18:05 | guinea-pig | you don't even need console-common, which is what asks that message |
| 18:05 | guinea-pig | i mean, why bother? there isn't a physical console for a linode |
| 18:05 | @caker | there's a console, just not a keyboard, which is what keymap is for, no? |
| 18:06 | guinea-pig | well, console tools do keyboard and console fonts |
| 18:06 | @caker | you don't think it would cause problems for the console if you removed those? |
| 18:06 | Ashen | mmm, defaults timezone to NY,USA |
| 18:07 | guinea-pig | hasn't for me |
| 18:07 | @caker | cool |
| 18:07 | guinea-pig | i haven't had them installed on my linode in ages :P |
| 18:07 | @caker | another few K removed from Debian then :) |
| 18:07 | guinea-pig | i have no reason to change the kernel keymap, and i had no reason to change the console font, as it wouldn't matter on a linode |
| 18:07 | guinea-pig | it's depended on by base-config, though |
| 18:10 | Ashen | should I add my linode's IP to the list of addresses considered local for the machine? It asks, but does not tell me what effect this will have, if any. |
| 18:13 | @caker | I think you just want 127.0.0.1 |
| 18:13 | @caker | 127.0.0.1/8 |
| 18:15 | sunny | h? in ps auxhf ? |
| 18:15 | sunny | ah, I see |
| 18:16 | sunny | I'll stick to pa auxfw |
| 18:16 | sunny | :) |
| 18:16 | sunny | *ps |
| 18:16 | | * Ashen added his linode's IP, hm |
| 18:16 | @caker | force of habit .. it doesn't print the header line |
| 18:17 | @caker | Ashen: I think it just added it to /etc/hosts, not sure |
| 18:18 | Ashen | hm, /etc/hosts does not exist |
| 18:18 | @caker | Ashen: echo "127.0.0.1 localhost" > /etc/hosts |
| 18:18 | | * caker really should fix that |
| 18:19 | Ashen | sorry for being such a newbie about all this :) |
| 18:19 | @caker | I still can't get over the Vodka ads on /. |
| 18:19 | @caker | geeks aren't big drinkers, in my experience |
| 18:20 | Ashen | default runlevel for linodes is '3', right? |
| 18:20 | @caker | ya |
| 18:21 | chris | depends on the dist (debian uses 2) |
| 18:21 | @caker | well then :) |
| 18:21 | chris | At least mine does... |
| 18:21 | Ashen | how do I tell what runlevel I am in? |
| 18:21 | sunny | caker: geeks are consumptionists, not real drinkers, heh |
| 18:21 | Ashen | ah I see, ps aufx | grep init |
| 18:21 | Ashen | it shows it in init's args |
| 18:23 | --- | ---> Redgore_ [Redgore@195.38.75.206] has joined #linode |
| 18:23 | --- | <<-- Redgore [Redgore@195.38.75.206] has quit (Read error: Connection reset by peer) |
| 18:30 | guinea-pig | i worship rachel ray |
| 18:31 | @caker | food network chick, or page3 chick? |
| 18:31 | @caker | food network chick is annoying |
| 18:31 | guinea-pig | !!! |
| 18:31 | | * guinea-pig beats up caker |
| 18:32 | @caker | wait a sec |
| 18:32 | @caker | she's on page3? yuk |
| 18:32 | @caker | no way .. those have to be fakes :) |
| 18:32 | @caker | hahaha |
| 18:34 | guinea-pig | why is she annoying? |
| 18:35 | @caker | I dunno .. I think she reminds me of someone I knew/disliked |
| 18:35 | guinea-pig | she reminds me of Laura Petrie |
| 18:35 | @caker | I don't see that connection, but .. ok |
| 18:36 | guinea-pig | heh |
| 18:36 | | * caker was once in a band with three lesbians. I wanted to call the band Dick Van Dyke, but they wouldn't go for it |
| 18:36 | guinea-pig | something about her expressions and hand movements |
| 18:36 | @caker | instead, we were "Raw Umber" .. a brown crayon color ... go figure |
| 18:37 | guinea-pig | Burnt Sienna |
| 18:39 | Ashen | hm, I've created several paritions to house /usr, /tmp and /home. Unforunately after I've got debian working up to a bare-bones level, they already have data on them - how do I mount the new partitions into those places whilst keeping the data I already have? |
| 18:41 | @caker | Ashen: single user mode is probably the safest way, but, copy the data to those partitions, delete everything in the orig (but keep the mountpoints), edit /etc/fstab, and reboot |
| 18:43 | guinea-pig | i can't believe she's 35 |
| 18:43 | @caker | er, mount the images under /mnt first :) |
| 18:43 | Ashen | ok..... edit config profile to use singer user mode, bring up the system, mv tmp tmp2, mv usr usr2, mv home home2, mount /home, mount /tmp, mount /usr, cp tmp2/* tmp.... |
| 18:43 | Ashen | hrm |
| 18:43 | Ashen | *tries this* |
| 18:44 | @caker | Ashen: yeah, mkdir /tmp /usr/ home, before mounting |
| 18:44 | @caker | Ashen: also, single user mode probably mounts root read only, so: mount -o remount,rw / |
| 18:45 | @caker | Ashen: also, do "cp -au" to keep the correct permissions/ownership on the files you're copying |
| 18:45 | @caker | Ashen: "cp -au /home2/* /home/" |
| 18:48 | Ashen | phew |
| 18:49 | Ashen | should I edit /etc/fstab to include the defs I want before I reboot into single user? |
| 18:49 | @caker | No .. I'd leave everything as it is and do all of this in single |
| 18:50 | Ashen | ok |
| 18:51 | @caker | Ashen: btw, this is all done through the console |
| 18:51 | Ashen | through lish? |
| 18:51 | @caker | yes |
| 18:51 | Ashen | ah *changes to that* |
| 18:52 | Ashen | give root password maintenance - *logs in* |
| 18:52 | Ashen | thank you for your patience with this guys :) |
| 18:52 | @caker | scared yet? |
| 18:53 | --- | ---> codesmith [~bryansmal@pcp03851303pcs.martnz01.ga.comcast.net] has joined #linode |
| 18:53 | @caker | Ashen: no biggie .. 'tis fun |
| 18:53 | Ashen | *g* |
| 18:53 | Ashen | mmm, ls -l / and getting total 0 is a bit scary |
| 18:54 | @caker | you left out / |
| 18:54 | @caker | I think that's just in /root/ |
| 18:54 | | * caker tail's ashen's console log |
| 18:54 | Ashen | mm, thanks :) |
| 18:54 | Ashen | there's a console log? :) |
| 18:54 | @caker | hell yeah .. Lish's "logview" cmd |
| 18:55 | @caker | it's useful for capturing boot output, and kernel oop's/panics |
| 18:56 | Ashen | mount -o remount,rw / && mv /home /home2 && mv /tmp /tmp2 && mv /usr /usr2 && mkdir /tmp /usr /home |
| 18:56 | @caker | looks good |
| 18:56 | Ashen | then mount the new paritions into their new places as /home, /var and /tmp |
| 18:56 | @caker | yes |
| 18:56 | Ashen | then cp -au /x2/* /x/ |
| 18:56 | Ashen | for x = tmp, home, usr |
| 18:57 | @caker | correct, then? |
| 18:57 | Ashen | leave the old home2/ tmp2 and user2 there in case, add entries to /etc/fstab |
| 18:57 | @caker | wallah! |
| 18:57 | Ashen | reboot into multi user mode |
| 18:58 | Ashen | cross fingers.... if everything works, delete usr2, home2, and tmp2 |
| 18:59 | @caker | man's probably in /usr somewhere, so now it can't find it |
| 18:59 | @caker | try: /usr2/bin/man mount |
| 19:00 | Ashen | mounting partitions into their places : mount -t ext3 /dev/ubdc /home |
| 19:00 | @caker | you can leave off the -t ext3 |
| 19:00 | Ashen | mount -t ext3 /dev/ubdd /var && mount /dev/ubde /tmp |
| 19:01 | Ashen | mmm ok |
| 19:01 | @caker | you can also edit fstab first, and then do "mount -a" |
| 19:01 | @caker | that would help verify fstab is correct |
| 19:01 | Ashen | /dev/ubc /mnt/home ext3 noauto,nodev,noexec,nosuid,nouser,rw 0 2 |
| 19:01 | @caker | mmm strict :) |
| 19:02 | Ashen | it's a public shell box, and I'm not cutting corners on security :) |
| 19:02 | Ashen | that's why I wanted the 2.6 kernel - I'm aware of a workaround that lets users escape noexec restrictions on filesystems usind ld-linux |
| 19:02 | @caker | pretty simple to run an interpreter (bash/perl, etc) but you've probably already thought of that |
| 19:02 | @caker | hmm |
| 19:03 | Ashen | users running scripts doesn't bother me, it's compiling their own executables and running them that I worry about :) |
| 19:03 | Ashen | http://www.debian.org/doc/manuals/securing-debian-howto/ch4.en.html |
| 19:03 | Ashen | jump to 4.9.1 |
| 19:03 | @caker | perl, etc provide the same functionality .. ? |
| 19:03 | heidi | hmm |
| 19:03 | Ashen | need perl, don't want people gcc'ing mremap.c :) |
| 19:04 | --- | ---> Newsome [~sorenson@sorenson.dsl.csolutions.net] has joined #linode |
| 19:04 | Ashen | hrm |
| 19:05 | Ashen | mount -a does not mount anything new it seems |
| 19:05 | @caker | cat /etc/fstab |
| 19:06 | @caker | does it say "ubde" or ube" ? |
| 19:06 | @caker | also /mnt/home ? |
| 19:06 | @caker | (didn't catch that when you pasted it) |
| 19:07 | Ashen | mounting em to /mnt/etc rather then /home nd /tmp and similar? |
| 19:07 | @caker | you need them off of / |
| 19:08 | Ashen | should be ok now |
| 19:08 | @caker | looks good now |
| 19:08 | Ashen | mount -a still does not pick them up |
| 19:08 | Ashen | ah, they're +noauto |
| 19:08 | @caker | hah |
| 19:09 | @caker | glad we tried it this way :) |
| 19:09 | @caker | heh |
| 19:09 | | * Ashen also |
| 19:10 | Ashen | cp time |
| 19:11 | @caker | /tmp2/ must be empty ... |
| 19:12 | Ashen | probably is in single user |
| 19:13 | Ashen | mmm, nothing else left to do - apart from reboot *changes cpanel conf* |
| 19:14 | Ashen | I'm going to symlink /var/tmp to /tmp/var |
| 19:14 | Ashen | that way, I can mount the whole of /var/ without noexec or nosuid if necessary |
| 19:14 | Ashen | as there would be nowhere on /var users could write to... |
| 19:17 | --- | ---> compuserve [~c89e1491@64.35.99.205] has joined #linode |
| 19:21 | Ashen | hm, can reboots hang if partitions can't be unmounted? |
| 19:21 | @caker | Ashen: type "reboot" |
| 19:22 | adamg | would there be any reason why they cant be unmounted |
| 19:22 | @caker | Ashen: curious if in single user mode, it ignores "cad" |
| 19:22 | Ashen | cad? |
| 19:22 | @caker | control-alt-delete... |
| 19:22 | @caker | grep cad /etc/inittab |
| 19:23 | Ashen | /var/run/etc/init.d/rcS: cd: /var/run: No such file or directory |
| 19:23 | Ashen | /etc/init.d/rcS: /var/run/utmp: No such file or directory |
| 19:23 | Ashen | Initializing random number generator... urandom start: failed. |
| 19:23 | Ashen | appears /var is not filed with anything |
| 19:23 | Ashen | hangs on starting syslog |
| 19:23 | guinea-pig | on debian, no it doesn't ignore c-a-d, iirc |
| 19:23 | Ashen | ah yes the salute heh |
| 19:24 | Ashen | well, it appers it won't boot now due to hanging on syslodg |
| 19:24 | Ashen | logd* |
| 19:24 | adamg | sounds like you are not mounting /var on boot |
| 19:26 | Ashen | it should, I deleted noauto from all of em. |
| 19:26 | adamg | what does df say |
| 19:26 | Ashen | EXT3-fs: mounted filesystem with ordered data mode. |
| 19:26 | Ashen | /dev/ubdd on /var type ext3 (rw,noexec,nosuid,nodev) |
| 19:27 | Ashen | nothing - I can't get a prompt |
| 19:27 | @caker | single user mode time |
| 19:27 | Ashen | it hangs on starting syslogd |
| 19:27 | adamg | syslogd needs access to /var/log |
| 19:27 | adamg | and /var/run |
| 19:28 | Ashen | hrm |
| 19:28 | Ashen | - /var appers to be empty |
| 19:28 | adamg | so it is not mounted |
| 19:29 | @caker | did some of your linkage (ln) overwrite it? |
| 19:29 | @caker | uh oh :) |
| 19:29 | Ashen | :-/ |
| 19:30 | adamg | what does df say |
| 19:30 | adamg | it should like all mounted srives |
| 19:30 | Ashen | /var is mounted |
| 19:30 | Ashen | as are /home and /tmp |
| 19:30 | @caker | Ashen: where's var2 ? |
| 19:30 | adamg | did you copy all the stuff over to the new drive from the orig /var |
| 19:30 | @caker | he might have just mounted var overtop (if he's lucky) |
| 19:31 | @caker | :) |
| 19:31 | Ashen | I backed up /usr to /usr2 but not /var to /var2 |
| 19:31 | adamg | unmount /var |
| 19:32 | | * Ashen has already unmounted /var and is copying a backup /var to the mounted /var |
| 19:32 | @caker | Ashen: you meant /usr, not /var :) |
| 19:32 | @caker | Ashen: now you've got a copy of /usr on the rootfs . you never mounted a /usr |
| 19:32 | @caker | Ashen: which is it? var or usr? |
| 19:33 | Ashen | I'm moving var |
| 19:33 | Ashen | I'm leaving /usr/ alone as there is nowhere in it it that normal users can write to |
| 19:33 | Ashen | and hence, nowhere they can exec files |
| 19:33 | Ashen | so it doesn't need to be nosuid |
| 19:34 | @caker | so you can blow away /usr2 then ... |
| 19:34 | @caker | wait |
| 19:34 | @caker | mv /var /var2 |
| 19:34 | @caker | mount /var |
| 19:34 | @caker | cp -au /var2/* /var |
| 19:36 | @caker | I don't know how good of an idea it is to have a /tmp/var ... |
| 19:36 | @caker | as /tmp get's cleaned out |
| 19:36 | Ashen | mmm |
| 19:36 | guinea-pig | yeah, but what uses /var/tmp/ anyway? |
| 19:36 | @caker | var and tmp have the same mount options, so why not just leave /var/tmp alone? |
| 19:36 | Ashen | yeah, good point |
| 19:37 | @caker | rm -f /var/tmp |
| 19:37 | @caker | cp -auf /var2/* /var/ |
| 19:37 | @caker | :) |
| 19:37 | @caker | that worked |
| 19:38 | Ashen | phew |
| 19:38 | guinea-pig | oh |
| 19:38 | guinea-pig | FHS: "Files and directories located in /var/tmp must not be deleted when the system is booted." |
| 19:38 | Ashen | FHS? |
| 19:39 | | * Ashen thinks things are ready for another try at multi-user mode now |
| 19:39 | guinea-pig | filesystem heirarchy standard |
| 19:39 | guinea-pig | at least debian tries to adhere to it as though it were LAW |
| 19:39 | adamg | as it should |
| 19:41 | guinea-pig | for example, /var/spool/mail changed in the FHS to /var/mail, and debian followed suit, providing symlinks for people "upgrading" |
| 19:41 | guinea-pig | this was back during potato, iirc |
| 19:41 | guinea-pig | i order food now |
| 19:42 | Ashen | a reboot on the actual members page seems to be 'in progress' forever |
| 19:42 | adamg | gentoo just symlinks that as well |
| 19:42 | | * Ashen wonders what is causing the hangs |
| 19:42 | guinea-pig | are you connected to lish to watch it shutdown? |
| 19:43 | Ashen | "Emmergency Sync complete" |
| 19:43 | adamg | the shutdown hung on something |
| 19:43 | @caker | I think that in single user mode, you need to logout/type "reboot" |
| 19:43 | Ashen | aah. |
| 19:43 | guinea-pig | caker: if you logout of single user, it completes the boot |
| 19:43 | guinea-pig | doesn't it? |
| 19:43 | Ashen | caker: does that console log log everything typed into console, including root passwords? |
| 19:43 | guinea-pig | a simple poweroff/reboot from within single user should work |
| 19:44 | @caker | I think it reboots .. on an error, when it prompts you to fix, is when I think it continues booting |
| 19:44 | | * caker shrugs |
| 19:45 | adamg | Ashen: since the log is just a screen capture it should only capture output not input |
| 19:45 | Ashen | ah |
| 19:46 | | * Ashen tests his new secure config |
| 19:46 | Ashen | if, having done this, I'm not secure against the ld-linux flaw I'll call it 50/50 for the day :) |
| 19:51 | Ashen | ashen@moonlight:/tmp$ /lib/ld-2.2.5.so ./date |
| 19:51 | Ashen | Segmentation fault |
| 19:51 | Efudd | .... |
| 19:52 | | * Ashen tennatively thinks that that is a success |
| 19:52 | | * Ashen reboots into 2.4 to test the comparison |
| 19:55 | Ashen | ashen@moonlight:/tmp$ /lib/ld-2.2.5.so /bin/date |
| 19:55 | Ashen | Sun May 30 19:55:23 EDT 2004 |
| 19:55 | Ashen | ashen@moonlight:/tmp$ /lib/ld-2.2.5.so ./date |
| 19:55 | Ashen | Segmentation fault |
| 19:55 | Ashen | mmmm :) |
| 19:58 | Ashen | thank you very much caker and adamg for your help with getting all this set up :) |
| 19:58 | @caker | yaaa |
| 19:58 | @caker | go get em |
| 19:59 | Ashen | heh, still have the rest of these large list of security checks to work through before my system can even remotely consider doing anything useful |
| 19:59 | @caker | Ashen: the real test would be to copy /bin/date to your homedir |
| 19:59 | Ashen | but that was a big one :) |
| 19:59 | @caker | ahh, never mind |
| 20:00 | @caker | Ashen: that's pretty funky |
| 20:00 | Ashen | ashen@moonlight:~$ cp /bin/date date |
| 20:00 | Ashen | ashen@moonlight:~$ ./date |
| 20:00 | Ashen | bash: ./date: Permission denied |
| 20:00 | Ashen | - /home is a lot easier to secure then /tmp............ and thanks to ld-linux.so, both protections are useless without securing all areas to which users can write, and also having the 2.6 kernel |
| 20:01 | --- | <<-- compuserve [~c89e1491@64.35.99.205] has quit (Quit: CGI:IRC) |
| 20:02 | @caker | so that was a 2.4 bug then? |
| 20:02 | Ashen | I think so |
| 20:02 | Ashen | I got told that the only way to get around that was to upgrade to 2.4 |
| 20:02 | Ashen | however, it produces the same result on both 2.4 and 2.6 - SIGSEV |
| 20:03 | Ashen | which, I'm assuming, means 403 and it's not going to let the kiddies run their m_remap.o :) |
| 20:04 | Ashen | half-way through chapter 4 of the hardening process I'm using first |
| 20:04 | Ashen | (4/12 of A)... got a few more ones after this to go |
| 20:04 | Ashen | by the end of it, I should be a lot more secure then my old host under RH9 |
| 20:05 | @caker | have you looked into rbash? |
| 20:06 | @caker | probably too restrictive |
| 20:06 | sunny | rbash is stupid |
| 20:06 | | * caker heads to the coke machine, brb |
| 20:06 | sunny | it doesn't place restrictions on shell scripts |
| 20:07 | Ashen | different to bash -r? |
| 20:07 | sunny | no, its the same thing |
| 20:08 | sunny | Ashen: what is it that you are trying to do ? chroot ? |
| 20:10 | Ashen | I would use rbash but 1) users have to be able to cd. 2) it doesn't protect scripts. |
| 20:10 | sunny | well |
| 20:10 | sunny | if chroot is what you want |
| 20:10 | sunny | download the sources to pam_chroot |
| 20:10 | sunny | it has a great example of how the system works |
| 20:10 | Ashen | sunny: I'm working through various security options in debian to lock down a shell server. |
| 20:10 | Ashen | I don't really need chroot for users - though I will lock down sftp so it's chrooted to ~ |
| 20:11 | Ashen | no sense in having ftp over the whole system. |
| 20:11 | sunny | is sftp provided by ssh ? |
| 20:11 | Ashen | lol |
| 20:11 | Ashen | RESTRICTED SHELL |
| 20:11 | Ashen | man2html: unable to open or read file ../man1/bash.1 |
| 20:11 | Ashen | classic manual :) |
| 20:11 | Ashen | sunny: sftp is a ssh subsystem |
| 20:12 | sunny | well yes, but ssh itself doesn't support chroot |
| 20:12 | sunny | or last I checked it didn't |
| 20:13 | sunny | there is a shell specifically for chrooting ssh/sftp |
| 20:13 | sunny | I just don't remember what it was called |
| 20:15 | Ashen | hm |
| 20:18 | --- | <<-- codesmith [~bryansmal@pcp03851303pcs.martnz01.ga.comcast.net] has quit (Ping timeout: 480 seconds) |
| 20:22 | --- | ---> codesmith [~bryansmal@pcp03851303pcs.martnz01.ga.comcast.net] has joined #linode |
| 20:22 | --- | <<-- codesmith [~bryansmal@pcp03851303pcs.martnz01.ga.comcast.net] has quit (Quit: ) |
| 20:23 | --- | ---> Redgore [Redgore@195.38.75.206] has joined #linode |
| 20:24 | --- | <<-- Redgore_ [Redgore@195.38.75.206] has quit (Read error: No route to host) |
| 20:46 | Ashen | caker: out of curiousity, it is intended that debian come without an /etc/apt/apt.conf? |
| 20:46 | @caker | is that possible? |
| 20:47 | @caker | hmm |
| 20:47 | @caker | it is missing, isn't it |
| 20:48 | @caker | well, that wasn't indentional |
| 20:48 | @caker | intentional, even |
| 20:48 | Ashen | I ask because I have to change the dir apt-get tries to do things in away from /tmp |
| 20:49 | @caker | try: apt-get --reinstall install apt (or somethign like that) |
| 20:50 | Ashen | I can't - as I said, can't use apt-get till I fix apt :) |
| 20:50 | @caker | oh .. |
| 20:50 | | * Ashen edits fstab and then tries again |
| 20:50 | @caker | actually, just touch /etc/apt/apt.conf and stick the directive you need in there |
| 20:51 | @caker | I'm guessing it works fine on the defaults (without apt.conf) |
| 20:51 | @caker | since no one has mentioned it until now |
| 20:52 | Ashen | hm |
| 20:53 | @caker | you sure this isn't a sticky bit problem? |
| 20:53 | @caker | or does debian run stuff from /tmp ? |
| 20:54 | Ashen | hrrrm |
| 20:54 | Ashen | no apt.conf created |
| 20:55 | @caker | must be up to you then :) |
| 20:56 | Ashen | indeed. |
| 20:56 | Ashen | http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=116448 |
| 20:58 | @caker | ahh .. says it listens to TMPDIR env var |
| 20:58 | @caker | noexec is a PITA |
| 21:01 | Ashen | hehe already set it all |
| 21:01 | Ashen | worked out the syntax, testing it with all the fses secure now |
| 21:02 | Ashen | no, no dice. |
| 21:03 | @caker | what's the error? |
| 21:05 | Ashen | subprocess pre-removal script returned error exit status 2 |
| 21:05 | Ashen | dpkg (subprocess): unable to execute post-installation script: Permission denied |
| 21:05 | Ashen | dpkg: error while cleaning up: |
| 21:05 | Ashen | subprocess post-installation script returned error exit status 2 |
| 21:05 | @caker | I think it runs scripts out of /var |
| 21:06 | | * caker guesses |
| 21:06 | Ashen | you're probably right |
| 21:06 | Ashen | I can mount var exec.... I'd just have to disable /var/tmp |
| 21:06 | Ashen | seems intuitively like a bad idea |
| 21:06 | @caker | why not mount /var/tmp noexec? |
| 21:06 | @caker | and leave /var alone |
| 21:07 | Ashen | that would require creating another mount point for /var/tmp |
| 21:07 | Ashen | ah what the heck, lets go with it, there's always room for another mount point. |
| 21:08 | @caker | you could create a "raw" disk image, and literally partition it, and mount /dev/ubdx1 on /tmp and /dev/ubdx2 on /var/tmp, if you're worried about using up ubd's |
| 21:09 | Ashen | I've one more udb spare |
| 21:10 | Ashen | it might be a good idea, if you can, to increase the avalible number of udb*s |
| 21:10 | @caker | Can't .. only 8 drives in UML |
| 21:10 | @caker | and the 8th I've reserved for a special purpose, not yet deployed |
| 21:11 | Ashen | :-S |
| 21:11 | Ashen | ah well, I don't need any more imgs anyway, but if I did, I'd take your advice *saves for later in case he needs it* |
| 21:11 | Ashen | btw, apt-get runs sucessfully now :) |
| 21:12 | Ashen | chattr +a is SO useful. |
| 21:21 | --- | ---> compuserve [~c89e1491@64.35.99.205] has joined #linode |
| 21:51 | --- | <<-- compuserve [~c89e1491@64.35.99.205] has quit (Quit: CGI:IRC) |
| 21:52 | | * caker chattr's mikegrb |
| 21:52 | mikegrb | :-O |
| 21:52 | mikegrb | you are just jealous I have beautiful high def sharks on my tv and you don't |
| 21:52 | Ashen | o.Os |
| 21:52 | mikegrb | ;) |
| 21:53 | Ashen | does the debian install support quotas? (usrquota,grpquota I mean) |
| 21:53 | @caker | ... I checked out some big TVs today at CompUSA |
| 21:53 | mikegrb | caker: you can get a nice hdtv around 36" direct view |
| 21:53 | @caker | some of them SUCK |
| 21:53 | mikegrb | about $750 |
| 21:53 | mikegrb | yes |
| 21:53 | @caker | looked worse .. a TV image stretched and blown up to fit the widescreen |
| 21:53 | mikegrb | some are aweful |
| 21:53 | mikegrb | heh |
| 21:53 | mikegrb | we watch tv like that |
| 21:53 | @caker | looked like a 320x240 mpeg or something |
| 21:53 | mikegrb | ]odd at first |
| 21:53 | mikegrb | oh |
| 21:53 | mikegrb | that sucks |
| 21:53 | mikegrb | digital cable was like that before |
| 21:54 | @caker | I couldn't deal with that much aspect distortion |
| 21:54 | guinea-pig | name that city: http://orion.parsed.net/albums/20040530/pict0715.sized.jpg |
| 21:54 | mikegrb | when comcast did the fiber rollout and upgrade to 3mega bit they uped the bitrate of the digital cable channels |
| 21:54 | mikegrb | they look better now |
| 21:54 | mikegrb | the aspect distortion isn't too bad |
| 21:54 | mikegrb | depends on the tv |
| 21:54 | @caker | Ashen: quota support is in the kernel, you'll have to find the userspace tools |
| 21:54 | mikegrb | they use different algo's for streatching |
| 21:55 | mikegrb | our sony does a good job |
| 21:55 | Ashen | caker: Turning off quotasquotaoff: Error while detecting kernel quota version: No such file or directory |
| 21:55 | @caker | Ashen: apt-get install quota quotatool ? |
| 21:55 | mikegrb | it stretches more on the outside then the middle of the picture |
| 21:55 | Ashen | caker: I'm doing the userspace tools, it neither installs nor deinstalls properly - diagnosing it :) |
| 21:55 | @caker | Ashen: what's it looking for? version.h ? |
| 21:56 | Ashen | not sure, that's what I'm looking for now :) |
| 21:56 | @caker | Ashen: strace is your friend |
| 21:56 | | * mikegrb strace's caker |
| 21:56 | | * caker segfaults |
| 21:57 | Ashen | fork(quotaoff: Error while detecting kernel quota version: No such file or directory |
| 21:58 | Ashen | odd, there don't appear to be any files around that that 404 on my system, yet it still faults. |
| 21:59 | @caker | [root@host4 2.6.5-linode2]# grep QUOTA .config |
| 21:59 | @caker | CONFIG_XFS_QUOTA=y |
| 21:59 | @caker | CONFIG_QUOTA=y |
| 21:59 | @caker | CONFIG_QUOTACTL=y |
| 22:00 | @caker | Ashen: I'd guess it needs updated tools for 2.6 |
| 22:01 | Ashen | hm. I'll try it in 2.4 |
| 22:01 | Ashen | see if that works. |
| 22:01 | @caker | that app was that? quotaoff ? |
| 22:02 | Ashen | that was 'quota' |
| 22:02 | @caker | try strace -f (follow forks) |
| 22:03 | Ashen | hrm, works on 2.4 |
| 22:04 | Ashen | I'm going to edit my fstab to re-enable quotas, reboot, and attempt to get it working with the 2.4 kernel |
| 22:05 | Ashen | by 'works' I mean 'doesn't die horribly' |
| 22:06 | | * Ashen reboots and sees if he can get it actually doing quotaing on 2.4 |
| 22:07 | Ashen | hrm, it appears that quotaing *does* work (edquota lets me edit and all) |
| 22:10 | Ashen | and it enforces it :) |
| 22:10 | Ashen | would it help you if I reloaded back into 2.6 so I could give you some debug output from the quota there? |
| 22:18 | Ashen | if that would help you, say so and i'll help you track down the problem. |
| 22:25 | --- | ---> Redgore_ [Redgore@195.38.75.206] has joined #linode |
| 22:25 | --- | <<-- Redgore [Redgore@195.38.75.206] has quit (Read error: Connection reset by peer) |
| 22:35 | mikegrb | http://thegrebs.com/~michael/heidi.jpg |
| 22:35 | mikegrb | caker: ^^^ |
| 22:35 | mikegrb | Linode advertising |
| 22:35 | chris | Let the stalking begin |
| 22:36 | chris | I mean... um... good advertising |
| 22:36 | mikegrb | heh |
| 22:36 | mikegrb | need to do better on the bottom lip |
| 22:37 | --- | ---> captg [~d8a5919e@64.35.99.205] has joined #linode |
| 22:37 | captg | Hi, any linode staff in here? |
| 22:37 | --- | <<-- captg [~d8a5919e@64.35.99.205] has quit (Quit: ) |
| 22:37 | --- | ---> captg [~d8a5919e@64.35.99.205] has joined #linode |
| 22:38 | captg | Hi, any linode staff? |
| 22:40 | @caker | hello |
| 22:40 | @caker | Ashen: I think you just want to strace "quotaoff" or whatever /etc/init.d/quota was running .. that might be useful |
| 22:42 | @caker | captg: what's up? |
| 22:43 | Ashen | caker: hang on, I'll reload into 2.6 for you |
| 22:44 | Ashen | caker: got it working completely on 2.4 :) |
| 22:45 | @caker | Ashen: cool |
| 22:45 | Ashen | open("/proc/fs/quota", O_RDONLY|O_LARGEFILE) = -1 ENOENT (No such file or directory) |
| 22:45 | Ashen | help you at all? |
| 22:46 | @caker | hmm |
| 22:46 | @caker | find /proc/ -name quota |
| 22:47 | Ashen | /proc/sys/fs/quota |
| 22:47 | Ashen | mmm, that seems like a bugfix waiting to happen :) |
| 22:47 | @caker | no kidding |
| 22:47 | @caker | I'd bet there are updated packages for that |
| 22:47 | chris | Are you running woody with 2.6? |
| 22:47 | chris | If so... duh |
| 22:48 | @caker | chris: shool us |
| 22:48 | chris | I think it was procps and module-init-tools that *had* to be backported |
| 22:48 | Ashen | how would I get these updated packages? |
| 22:49 | chris | caker: check if vmstat segs on his node |
| 22:49 | @caker | mod-init-tools is irrelevant |
| 22:49 | @caker | yeah, and procps is only needed for segfaulting ps/vmstat/etc |
| 22:49 | Ashen | vmstat does seg, yes. |
| 22:51 | --- | <<-- captg [~d8a5919e@64.35.99.205] has quit (Quit: CGI:IRC (Ping timeout)) |
| 22:51 | Ashen | I'm going back to 2.4, it seems more stable. Anything I can do for you before I do? |
| 22:51 | @caker | I think that's it .. thanks :) |
| 22:51 | @caker | at least we got to the bottom of it |
| 22:52 | Ashen | :) |
| 23:24 | --- | <<-- sunny [~sunny@user-12hdttp.cable.mindspring.com] has quit (Ping timeout: 480 seconds) |
| 23:38 | --- | ---> captg [~d8a5919e@64.35.99.205] has joined #linode |
| 23:40 | @caker | captg: all set. May I ask what you were expecting? |
| 23:41 | | * caker thinks CGI::IRC doesn't work well in Firefox on the PC |
| 23:46 | --- | ---> mowser [sprouse@c-3po.infonurse.net] has joined #linode |
| 23:50 | mowser | is there a recommened swap file size for a linode 64? |
| 23:50 | mowser | 256? |
| 23:51 | @caker | 128 min .. anything more than that and you should look into upgrading. |
| 23:53 | mowser | my swap was set at 256 by default with the distro creation; typicall it doesn't get used beyond 30000K |
| 23:53 | @caker | Let me rephrase, 256 is a good size to have for graceful degradation, but if you're *using* more than 128M of swap, I'd say time to upgrade |
| 23:53 | --- | <--- UML_ChanLog [~stats@64.35.99.205] has left #linode (Rotating Logs) |
| 23:53 | mowser | but i've seen it as high as 650000 |
| 23:53 | --- | ---> UML_ChanLog [~stats@64.35.99.205] has joined #linode |
| 23:54 | @caker | cool .. you could probably shave off 128 megs without any problems .. |
| 23:54 | mowser | so i ok then, thank for the info, i'll keep an eye on it |
| 23:55 | --- | <--- mowser [sprouse@c-3po.infonurse.net] has left #linode () |
| 23:56 | --- | <<-- captg [~d8a5919e@64.35.99.205] has quit (Quit: CGI:IRC) |
| 23:56 | --- | ---> captg [~d8a5919e@64.35.99.205] has joined #linode |
| 23:57 | --- | ---> gman1 [~captg@mdsnwigjbas01-pool1-a158.mdsnwigj.tds.net] has joined #linode |
| 23:59 | --- | <<-- guinea-pig [orion@parsed.net] has quit (Remote host closed the connection) |
| --- | Log | closed Mon May 31 00:00:11 2004 |
![[FSF Associate Member]](/assets/fsf.png){kind=small}
