Back to Home / #linode / 2009 / 04 / Prev Day | Next Day
#linode IRC Logs for 2009-04-02

---Logopened Thu Apr 02 00:00:24 2009
00:02-!-guinea-pig [] has joined #linode
00:02-!-kronos003 [] has joined #linode
00:05<Berto>well i'm not sure what it was, but i'm running faster. only change was to remove the hal daemon. I think someone was gobbling my CPU
00:08<checkers>most likely was %iowait issues
00:08<checkers>are you graphing CPU usage?
00:09<Berto>just through the linode control panel and looking at top
00:09-!-daMaestro|isBack [] has joined #linode
00:10<checkers>top shows %wa, which is %iowait
00:14-!-ninjaPo [] has quit [Remote host closed the connection]
00:16-!-daMaestro [] has quit [Ping timeout: 480 seconds]
00:18<Berto>yeah lots of iowaiting... my php script can definitely be optimized around this
00:22<checkers>what sort of %iowait levels?
00:22<checkers>you should be seeing close to 0% ideally, but obviously in a shared-disk environment like this you'll see bigger spikes
00:22<checkers>if it goes above 20% or so disk access will be realllly slow
00:23*checkers had the same problems and mitigated by upgrading his linode
00:24-!-kupesoft [] has quit [Remote host closed the connection]
00:24-!-__lonewolf [] has joined #linode
00:29-!-gravely [] has joined #linode
00:30-!-binel [] has joined #linode
00:31<gravely>pretty much just reset my iptables.
00:31<gravely>i have a support ticket in, irgeek, you there?
00:31<@irgeek>Yeah. What's up?
00:32<gravely>i think you were the one helping me on ticketID 72806
00:32-!-aaronyy_ [] has joined #linode
00:32<gravely>basically i ran system-config-securitylevel-tui, didn't change anything. pressed ok.
00:33<gravely>wiped my iptables.
00:33-!-daMaestro|isBack [] has quit [Remote host closed the connection]
00:33<gravely>i set the basics back up to work, 22, 21, 80, etc.
00:33<gravely>but for the most part all of my websites are fk'd.
00:33-!-HedgeMag1 [] has joined #linode
00:34<@irgeek>If you opened the ports, what's the problem?
00:34<gravely>some of my domains are still getting connection refused.
00:34<gravely>even on port 80.
00:34<gravely>or something, i don't know what's going on.
00:34<SelfishMan>gravely: pastebin iptables -L -n
00:35-!-HedgeMage [] has quit [Ping timeout: 480 seconds]
00:35-!-binel_ [] has quit [Ping timeout: 480 seconds]
00:36<gravely>i guess bind was affected.
00:36<gravely>getting a no IP address or hostname while tracing to the host.
00:37<gravely>wasn't anticipating a complete wipe of my iptables from pressing 'ok'
00:37<gravely>i didn't even make any changes.
00:38-!-gravely [] has quit [Read error: Connection reset by peer]
00:38-!-gravely [] has joined #linode
00:38<gravely>is there any simple way i can revert back to cpanel's defaults?
00:39<gravely>been looking for a cpanel default /etc/sysconfig/iptables file but no luck.
00:39<@irgeek>You don't have port 53 open.
00:39<supine>you are running DNS on the Node? open udp/tcp 53
00:40<supine>you have telnet open ?!?
00:42<gravely>53's open.
00:42<@irgeek>For UDP?
00:42<gravely>still nothing.
00:43<@irgeek>pastebin iptables -L -n again
00:43<gravely>lemme do udp.
00:43<gravely>i know a bit about all of this, but not enough obviously.
00:44<@irgeek>DNS works over UDP by default.
00:44<gravely>alright, that's backup.
00:44<@irgeek>What's not?
00:44-!-jwilliamhoffman [~jwilliamh@] has quit [Ping timeout: 480 seconds]
00:45<gravely>i got dns backup, so things look alright now.
00:45<jed>redhat's firewall should DROP instead of REJECT
00:46<MarkJ>These days I REJECT Redhat...
00:48*morsing slowly gets out of bed...
00:49<SelfishMan>um...why does that firewall policy allow telnet, and multiple windows file sharing ports?
00:49<wastrel>i'm just going to sleep
00:49<gravely>not sure, i haven't really toyed with it beyond today trying to open up 1414.
00:49<gravely>is telnet not supposed to be opened?
00:50<jed>telnet shouldn't even be running
00:50<SelfishMan>gravely: I highly recommend using something like shorewall to configure your firewall. You have things open that nobody should ever open.
00:50<wastrel>telnet should be blocked sir
00:50<gravely>well, i'm pretty new to firewalls / iptables. obviously.
00:50<__lonewolf>who is running telnet?
00:50<gravely>any information about it would be great.
00:50<gravely>what's so bad about that?
00:50<jed>SelfishMan: like what, out of curiosity
00:50<gravely>that's what i'm wondering.
00:50<Peng__>gravely: If you run telnet, you should stop. If you don't run telnet, you shouldn't allow it through the firewall.
00:50<Peng__>Well, that telnet World Cup viewer was neat...
00:50<jed>i'm not doubting you, SelfishMan, just don't see the big hole myself there, don't know enough
00:50<SelfishMan>TCP/23 UDP/137 UDP/138 TCP/139 TCP/445 basically
00:50<gravely>i got the message. i'm just wondering why.
00:51<wastrel>telnet is bad because passwords are sent in the clear
00:51<SelfishMan>The first is telnet and the last are all windows file sharing
00:51<SelfishMan>wastrel: *Everything* is sent in clear text via telnet
00:51<__lonewolf>telnet exposes your passwords to everyone
00:51<jed>i thought 455 was mail-related
00:51<supine>telnet kills kittens
00:51<jed>or am i thinking 445
00:51<jed>443, that's it
00:51<bob2>465 is the outlook smtpssl port
00:51<gravely>-A RH-Firewall-1-INPUT -m state --state NEW -m tcp -p tcp --dport 23 -j ACCEPT
00:51<gravely>so should i update this to
00:51<SelfishMan>gravely: Take a look at shorewall. It's pretty smart for most things
00:51<gravely>-A RH-Firewall-1-INPUT -m state --state NEW -m tcp -p tcp --dport 23 -j REJECT
00:51<bob2>if your firewall is doing useless things, why are you even using it?
00:52<wastrel>SelfishMan: so you claim
00:52-!-mendel [] has quit [Read error: Connection reset by peer]
00:52<mrsteveman1>someone remind me, the user@host at the end of a public ssh key doesn't restrict where you can login from using that key does it?
00:52<jed>if someone asks a question like that a GUI is a better way to go
00:52<jed>in 100% of cases
00:52<gravely>i'm just trying to learn.
00:52<jed>i'm not trying to offend
00:52<gravely>i understand, but damn.
00:52<gravely>i'm just getting assaulted here.
00:53<jed>i did too when i came in asking about iptables
00:53<wastrel>nerd rage is an ugly thing
00:53<gravely>i just need help, not to be talked down to.
00:53<jed>security is glossed over in a lot of places
00:53<supine>cruel to be kind
00:53<gravely>isn't this support for a hosting company?
00:53<SelfishMan>dst= UDP/5353? Isn't that actiontec DSL modem discovery protocol stuff?
00:53<bob2>mrsteveman1: no, it's a comment field
00:53<mrsteveman1>bob2: thanks :)
00:53<wastrel>gravely: community support, not official
00:54<jed>gravely: while it is hosting, we're pointing you to shorewall because of a question like that -- it's not that we're calling you stupid, we're recommending that you use a GUI and examine what it does
00:54<SelfishMan>wait, 5353 is multicast DNS and "bounjour"
00:54<supine>only the ops work for linode, the rest of us just drink the kool aid
00:54<wastrel>the wikipedia iptables article is a good background
00:54<jed>because your iptables config is extremely important to the security of your system, and you should only be fiddling with it if you know it through and through
00:54<jed>shorewall helps you get there
00:54<gravely>im actually checking that out now.
00:55<gravely>but just to actually answer the original question, obviously rejecting traffic on 23 is what i need to do in this situation, correct?
00:55<jed>the way the rule is built, looking at your pastebin, you need to just delete the rule
00:55<jed>the default policy for the chain is REJECT
00:55<gravely>and if no entry exists to ACCEPT, then that'll effectively close the port as well, right?
00:55<gravely>alright. sounds good.
00:55<gravely>i'm capable of figuring out, and that's kind of why i'm here.
00:55<gravely>i work for a hosting company.
00:56<SelfishMan>gravely: Don't create a rule to block TCP/23, create a default REJECT and then add the exceptions from there. That's part of why I'm recommending shorewall. It makes that part so much easier and it applies a bunch of commonly missed rules
00:57*SelfishMan mumbles about route flapping
00:57<jed>this is mine that I built by hand, by learning
00:57*supine damps SelfishMan's routes
00:57<jed>i know it's nowhere near perfect, but I'm learning too
00:57<jed>ip6tables is a mirror of that except in obvious places
00:58<StevenK>Bring on nftables
00:58<SelfishMan>jed: Your IPv6 is broken
00:58<StevenK>Actually, don't, since that's another tool I'd have to learn
00:58<gravely>TCP/23 UDP/137 UDP/138 TCP/139 TCP/445
00:58<jed>oh, yeah, it is
00:58-!-r3z [] has quit [Quit: Leaving]
00:58<jed>i'm screwing with the tables
00:58<gravely>so should i remove all of these from iptables?
00:58<gravely>23 is removed, but
00:58<gravely>the other 4
00:58<jed>i think i'm just gonna drop ipv6 on that box for now
00:59<SelfishMan>jed: Because of you there has been 0.1% less IPv6 traffic today! ;-P
00:59<jed>i'm tired of dicking with it
00:59<jed>i set up a tunnel but it's not working right
00:59<repnop>jed: not like you're going to lose any users over it ;)
00:59<repnop>fun to ping6 your host but after that...
00:59<jed>yeah, turning on ipv6 in windows 7 got the wonderful "try ipv6 for 30 seconds, then ipv4" dance
00:59<SelfishMan>um...I tried IPv6 just now and it caused the site not to load
01:00<jed>64 bytes from 2001:4860:b002::68: icmp_seq=1 ttl=59 time=80.0 ms
01:00<jed>i don't know if incoming is working right
01:00<SelfishMan>your tunnel is up now
01:01<SelfishMan>What's the problem with IPv6?
01:01<jed>hm, i didn't do anything
01:01<aaronyy>anyone tried ebtable?
01:01-!-mohanjith [~moha@] has quit [Ping timeout: 480 seconds]
01:01<SelfishMan>aaronyy: I don't know about anyone else here but I'm not bridging my Linode interfaces
01:01<jed>SelfishMan: i mostly enabled it so I could switch, but enabling ipv6 in windows 7 makes the entire OS mostly unusable in situations where DNS returns an AAAA but the service isn't listening for ipv6
01:02<aaronyy>SelfishMan: maybe not necesary lindoe, but ebtable nat is fancy though
01:02<jed>it has a ridiculously high timeout for ipv6, and when I tried to change it in netsh I caused all of my interfaces to reset, so the drivers are obviously lacking
01:02<SelfishMan>ebtables can't nat
01:03<jed>and I've had about...4 ipv6
01:03<aaronyy>it can
01:03<SelfishMan>NAT is done at the IP level, not at the frame level
01:03<aaronyy>and all nated network has same ip
01:05-!-__lonewolf [] has quit [Remote host closed the connection]
01:06-!-HedgeMag1 [] has quit [Quit: Bedtime!]
01:07<aaronyy>i can do mac nat
01:07-!-Aero [] has quit [Quit: Leaving]
01:14-!-mohanjith [~moha@] has joined #linode
01:14-!-Aero187 [] has joined #linode
01:28-!-J-Node [] has joined #linode
01:29-!-J-Node [] has quit []
01:41<@irgeek>What's up with people opening tickets that really aren't covered for an unmanaged service but are interesting enough to poke at that I stay up until almost 2AM finding an answer. :\
01:42<jed>i'm gonna start opening more frivolous tickets
01:42<opello>the thrill of the hunt :)
01:42<@irgeek>But, if anyone wants to know how to build the drbd module for a Linode kernel, there are instructions that work on the forums now. :)
01:42<MarkJ>See, that's one of the great things about linode, real service :)
01:42<MarkJ>Not just reading from the instruction manual "ah, I'm lost, good bye"
01:43<supine>irgeek: you need girlfriend calling you to bed...
01:43<@irgeek>She's in France.
01:44<@irgeek>It's about time for her to wake up.
01:44<supine>how long is that for?
01:45<@irgeek>Pretty much until we can figure out her visa. She's got an interview for a job in Philly this weekend.
01:45<repnop>you going for a k1 visa?
01:45*repnop is waiting on the govt for his wife's i130...
01:45<@irgeek>Which one is k1?
01:45<StevenK>What's an i130?
01:46<repnop>visa to enter the country for marriage
01:46<StevenK>The laws for US immigration scare the crap out of me
01:46<@irgeek>Not yet.
01:46*irgeek needs to get his US citizenship first
01:46<repnop>i130 is what you file to get a visa to bring a family member into the country
01:46<supine>ouch. best of luck to her, long distance sucks.
01:47<StevenK>irgeek: Ah, no green card either?
01:47<repnop>afaik all you need is a green card + income
01:47<@irgeek>Green card yes.
01:48<condate>irgeek: nice work getting drbd to compile
01:49<@irgeek>I've lived in the US long enough to get citizenship, but moving to NJ reset the "90 days resident in one region" counter so I have to wait a couple more weeks before I can apply.
01:49<repnop>StevenK: immigration can be a pain
01:49<supine>my wife just got her Au perm residence
01:49<StevenK>Can be, you say? :-P
01:49<condate>supine: woot!
01:49<repnop>StevenK: well depends on so many factors for how much of a pain :p
01:49<supine>it doesn't expire, but after 5 years they make it hard to re-enter the country
01:49<supine>major WTF
01:50<@irgeek>condate: Thanks. I would like to kick the authors of that module square in the behind.
01:50<condate>irgeek: haha
01:50<condate>drbd in virtualised environments scares me now...
01:51<bob2>supine: you can get citizenship then, though
01:51<bob2>maybe that's the rationale (still stupid, though)
01:51<supine>bob2: unfortunately germany doesn't like letting their citizens get another passport
01:51<@irgeek>It's not the virtualization that's the problem, it's the module not bothering to default to /usr/src/linux/ for the kernel sources even though the build instructions imply it will.
01:52<repnop>america is good about that
01:52<bob2>repnop: as long as you don't tell them
01:52<repnop>only one way to renounce citizenship, ignores what other countries say.
01:52<bob2>and you have to pay tax wherever you are
01:52<condate>reminds me to get my french passport. argh.
01:52<repnop>bob2: only if they think you're doing it to evade taxes
01:52<@irgeek>supine: Really? The whole EU used to be the least strict as far as multiple citizenships because all the countries are so tightly packed together.
01:53<StevenK>irgeek: They have gotten less strict, they used to be stricter
01:53*repnop would like to see the constitutionality of those laws checked.
01:53<StevenK>Now if you have citzenship of any EU country, you get shorter lines and less hassle
01:54<supine>irgeek: well, last time we looked at it. they might have softened it in the meantime
01:54<@irgeek>Anyone who challenged them would receive a firm GTFO!
01:54<repnop>trying to tax non-citizens not in the country haha
01:54<supine>our son has both passports
01:54*irgeek could have a fistful of passports if he wanted to
01:55*StevenK is happy enough with his Australian one
01:55<@irgeek>I have Aussie and I'll have US soon. I'm also eligible for South African, Namibian & UK. And maybe France some day. ;)
01:55<repnop>all with different names? ;)
01:55<condate>jason bourne complex :)
01:55<repnop>hey anyone know if 1and1 hold domains for people who don't renew a domain?
01:55*repnop is waiting to snag one set to expire
01:56<@irgeek>The hold times are set upstream from the registrars.
01:56<erikh>repnop: I think 60 days is the typical period?
01:56<repnop>registered with 1and1
01:56-!-supine [] has quit [Remote host closed the connection]
01:56<erikh>maybe 30. I honestly can't remember.
01:57<@irgeek>restelow: What's the TLD?
01:59<gravely>a fistful of passports.
01:59<repnop>that reminds me i need a new passport...
01:59<repnop>mine is expiring bah
01:59<@irgeek>It will become available 5 calendar days after it goes to PENDINGDELETE
02:00<@irgeek>When time runs out it goes to REDEMPTIONPERIOD - it won't be included by the root servers, but it can be restored by the registrant.
02:01<@irgeek>REDEMPTIONPERIOD is a maximum 30 days.
02:01<repnop>unless someone else snags it?
02:01<@irgeek>It can't be snagged until it hits PENDINGDELETE.
02:01-!-streety [] has joined #linode
02:02<@irgeek>Actually, until after it clears PENDINGDELETE
02:02<repnop>ah pendingdelete is after redemptionperiod?
02:02*repnop always bought new domains
02:03<@irgeek>The last three are the expiring domain ones.
02:03<repnop>yeah nice thanks for the link :)
02:04<@irgeek>Basically it's REDEMPTIONPERIOD for 30 days unless restored then PENDINGDELETE for 5 days, then it's available.
02:05<repnop>yeah just going to put it in a cron script that checks the status :)
02:05<repnop>query once a day more than enough
02:05<@irgeek>It's basically a "We're going to turn of DNS for 30 days so you'll notice you're losing the domain" followed by "We're going to lock the domain for five days to piss off domain snipers"
02:06<repnop>haha yeah
02:07<@irgeek>The real problem with snagging an expiring domain is all the domain squatters with reseller accounts that snap them up the instant they leave PENDINGDELETE.
02:07<repnop>yeah this has no seo value etc
02:07<@irgeek>A buddy of mine let a domain expire and it spent five years going from squatter to squatter before it was available again.
02:08-!-jcn [] has quit [Quit: ircII EPIC4-2.6 -- Are we there yet?]
02:13*irgeek goes to bed
02:13<repnop>night man
02:14<encode>we all know irgeek doesn't sleep
02:19-!-JamesCollins [~jimmycoll@] has quit []
02:23*SelfishMan prepares to submit a support ticket
02:23-!-MarkJ [] has quit [Quit: leaving]
02:24<repnop>i wasn't going to mention that :p
02:26*encode submits one entitled "irgeek fails uptime SLAs:
02:26<encode>he's clearly not allowed to sleep"
02:30*SelfishMan opens a support ticket asking for the support email address
02:30*encode opens a support ticket asking for the website address to open support tickets
02:33-!-metaperl_ [] has joined #linode
02:34*StevenK opens a support ticket asking for a support ticket to be opened
02:35*encode opens a support ticket asking for StevenK's support ticket to be closed
02:37-!-zobbbo [] has quit [Quit: zobbbo]
02:37<SelfishMan>encode: No need. Everyone knows that StevenK's tickets are directed straight to /dev/null
02:37*Hobbsee opens a few support tickets so she isn't left out
02:38<encode>SelfishMan: oh, right. forgot that
02:38<SelfishMan>Hey, I don't make the policies, I just laugh at them
02:39<encode>i don't think we were supposed to tell StevenK though
02:39-!-metaperl [] has quit [Ping timeout: 480 seconds]
02:39-!-metaperl_ is now known as metaperl
02:41*StevenK tries to find suexec
02:41-!-hpj [~hpj@] has quit [Ping timeout: 480 seconds]
02:42<StevenK>Ah ha
02:51-!-seangrove [] has joined #linode
02:52-!-jwilliamhoffman [~jwilliamh@] has joined #linode
02:53-!-aaronyy [] has quit [Quit: ajax IRC Client]
03:01-!-aaronyy_ [] has quit [Ping timeout: 480 seconds]
03:01-!-arooni-mobile [] has joined #linode
03:12-!-Ov1 [] has joined #linode
03:13-!-Ov1 [] has quit [Remote host closed the connection]
03:14-!-doginize [] has quit [Quit: Leaving.]
03:17-!-bnry [~abnry@] has joined #linode
03:25-!-Xenofox [] has quit [Remote host closed the connection]
03:27-!-squidly [] has quit [Ping timeout: 480 seconds]
03:29-!-ph^ [~ph^@] has joined #linode
03:33<gravely>anyone care to help with a dns related issue?
03:34<gravely>i have an irc client setup on i'm able to connect. noone else can.
03:34<gravely>can anyone test to see if it's timing out or not?
03:36-!-jordanlw [] has joined #linode
03:36<rsdehart>standard port?
03:36<gravely>forgot to mention.
03:37<gravely>it's weird. half of the people im talking to can get it.
03:37<gravely>half are getting timeouts.
03:37-!-MarkJ [~mark@] has joined #linode
03:37<rsdehart>I'm connected
03:38<rsdehart>ok now I'm not
03:38<rsdehart>but it's making it to the ircd so it shouldn't be a dns issue
03:38<gravely>what could be.. wha?
03:38<gravely>it disconnected you?
03:39<rsdehart>yeah ping timeout
03:40<rsdehart>not sure, but gotta bail, sorry
03:40<gravely>alright, seeya.
03:40-!-zobbbo [~icottee@] has joined #linode
03:45-!-Jerr [] has quit [Quit: Jerr]
03:48<gravely>anyone else care to help me test this out?
03:48<gravely> : 1414
03:48<gravely>getting reports of time outs, even on
03:48<gravely>from some
03:50<checkers>connects here
03:51<gravely>rsdehart up there was getting ping timeouts.
03:51<gravely>routing issues possibly?
03:52<checkers>appeared quite slow though, considering it was idle and only 30ms away
03:52<gravely>i fucked my iptables up earlier.
03:52<gravely>and a bunch of weird issues have been happening ever since.
03:53<Athenon>Could I setup my Linode to allow my Vista box to VPN into it, so that I can edit files through windows like they were on my local computer?
03:53<SelfishMan>gravely: iptables -F and see if things work for a while
03:54<gravely>that flushes them, right?
03:54<SelfishMan>Athenon: Use winscp. It will be faster, more secure and not burn as many resources as samba+openvpn
03:55<SelfishMan>gravely: yep
03:55<Athenon>SelfishMan: oh...mount an FTP share as a local drive?
03:55<SelfishMan>Athenon: no, just use winscp to transfer files
03:55-!-elhippo [] has quit [Quit: Leaving]
03:56<Athenon>i have an ftp/sftp client...i was looking to eliminate the step of downloading and least aesthetically
03:56<SelfishMan>I think there are scp/sftp apps that will create a drive
03:58-!-agentbleubleu [] has quit [Read error: Connection reset by peer]
03:58-!-agentbleubleu [] has joined #linode
04:05-!-Psytheirum [] has quit [Read error: Connection reset by peer]
04:40<jwilliamhoffman>I'm trying to install apache2 on ubuntu intrepid I get the following: will@li59-58:~$ sudo apt-get install apache2 apache2.2-common apache-mpmprefork apache2-utils libexpat1 ssl-cert
04:40<jwilliamhoffman>[sudo] password for will:
04:40<jwilliamhoffman>Reading package lists... Done
04:40<jwilliamhoffman>Building dependency tree... Done
04:40<jwilliamhoffman>E: Couldn't find package apache2
04:40<jwilliamhoffman>am I doing something wrong?
04:41<SelfishMan>wrong command list
04:41<SelfishMan>it's apache2-mpm-prefork
04:41<SelfishMan>but just run sudo apt-get install apache2-mpm-prefork and it should pull in the rest
04:46<jwilliamhoffman>will@li59-58:~$ sudo apt-get install apache2-mpm-prefork
04:46<jwilliamhoffman>Reading package lists... Done
04:46<jwilliamhoffman>Building dependency tree... Done
04:46<jwilliamhoffman>E: Couldn't find package apache2-mpm-prefork
04:46<jwilliamhoffman>still not working
04:46<SelfishMan>did you run apt-get update first?
04:46<jwilliamhoffman>no, i'll try that
04:46<SelfishMan>just out of curiousity, what tutorial are you using?
04:47<jwilliamhoffman>couldn't find one on linode
04:48<checkers>seems pretty sane
04:48<checkers>just the package lists are weird
04:49<linbot>New news from forums: curl requests are not reaching proxy in Linux, Apache, Mysql and PHP (LAMP) Forum <>
04:49<SelfishMan>The ServerName part isn't really necessary if the hostname and hosts file are correct
04:50<SelfishMan>but that's not really a big thing either way
04:52<checkers>ideally these days it should be msotly irrelevant, any request from the internet should be handled by a virtualhost
04:52<checkers>that's part of why I like nginx, heh. every host is virtual
04:53<SelfishMan>under ubuntu all hosts are effectively virtual
04:53<SelfishMan>thankfully the whole concept of editing the apache2.conf/httpd.conf is fading away
04:57-!-Bdragon [] has quit [Read error: Connection reset by peer]
04:58-!-Bdragon [] has joined #linode
04:59<jwilliamhoffman>It works! :)
04:59-!-arooni-mobile [] has quit [Read error: Operation timed out]
05:00<gravely>so is the 12gb of disk space accounting for the os files, or no?
05:00<checkers>new metric album available on their site
05:00<gravely>as in do i have 12gb of disk space for my files, or is it shared with the os?
05:00<checkers>gravely: latter
05:00<checkers>you get 12 * 1024mb total
05:00<gravely>ah alright.
05:01<morsing>Cawfy is hot - OpenSSH is not...
05:06<linbot>SelfishMan: Yo momma's so stupid she sold her car for gas money!
05:08<jwilliamhoffman>should I be using aptitude?
05:09<SelfishMan>aptitude is just a wrapper for apt-*
05:12-!-Ovi [] has joined #linode
05:17-!-Hareem-Haque [] has joined #linode
05:17<Hareem-Haque>Hello everyone
05:17<Hareem-Haque>any one here know Hadoop
05:21<morsing>Hareem-Haque: There's a bug in OpenSSH 5.0r1
05:21<Hareem-Haque>what ?
05:22<morsing>Hareem-Haque: There's a bug in OpenSSH 5.0r1
05:28-!-mohanjith [~moha@] has quit [Ping timeout: 480 seconds]
05:30-!-saman [] has left #linode []
05:32-!-Ovi [] has quit [Quit: Ovi]
05:34-!-Dreamr_3 [] has quit [Read error: Operation timed out]
05:34-!-Ovi [] has joined #linode
05:34-!-Ovi [] has quit []
05:41-!-Dreamr_3 [] has joined #linode
05:44-!-mohanjith [] has joined #linode
05:46-!-jordanlw [] has quit [Quit: ChatZilla 0.9.84 [Firefox 3.0.8/2009032713]]
05:49-!-saman [] has joined #linode
05:54<gravely>is RLimitMEM / RLimitCPU integral in the httpd.conf?
05:54<gravely>can i remove both of these entries with no probelm?
05:56<pyrogenix>no problem at all
06:00<gravely>>: (
06:01<morsing>What's my CPU capacity realistically? How's it allocated?
06:01<morsing>Also, who'd ever need 12GB of disk?! Anyone want to buy 11GB off me?
06:02<morsing>With what?
06:03<morsing>The disk space? I've used 250MB and will unlikely ever use more than that
06:04<morsing>SpaceHobo: Hey, you're pretty cute! Are you single?
06:06<jwilliamhoffman>I have another noob question. I installed mysql, php5 and apache2 and phpmyadmin. I can't figure out how to get to the phpmyadmin page i tried:
06:07<morsing>SpaceHobo: It's yours for £50
06:08<morsing>10Gb for £50
06:08<morsing>GB, sorry
06:11<morsing>SpaceHobo: Do you know how processor slices are allocated? Are they fixed or just grab from a shared pool?
06:11<morsing>And how much do I really get?
06:11-!-Zozo [] has joined #linode
06:12-!-Redgore [] has joined #linode
06:12<Zozo>It seems like somebody DDOS my linode
06:13<Zozo>anybody can advice me what can I do in this situation?
06:13<Zozo>It's my old nickname :)
06:14<morsing>As in So-so?
06:14<morsing>Where did you go wrong?
06:16<row>Zozo: suggest contacting linode directly if it really was a DDoS... although if it was a ddos of any actual size one would assume linode are aware of it.
06:16-!-railsninja [] has joined #linode
06:16<Zozo>I'm from Russia - we have a letter that is pronounce like english "Z" but in a paper this letter looks like number 3, so Zozo is like number 3030 :)
06:16<Zozo>I've already create a support ticket to linode
06:17<Zozo>my problem is that directly after linode reboot there are many apache process that is fill all linode memory
06:17<Zozo>and netstat -s show my upto 300 connection after 5 minutes from botting. My projects is not so popular to have 300 connections at a time
06:18<row>have you looked at what they are hitting etc?
06:18-!-Berto is now known as Guest1231
06:18<Zozo>hm.. sorry - how can I look on it?
06:19<row>Check your apache logs.
06:20<row>check the refers etc.
06:20<row>Could be that someone has linked to you and you are just getting lot of traffic from it as a result.
06:23-!-mohanjith [] has quit [Ping timeout: 480 seconds]
06:30<Zozo>hm... no it's not looks like somebody linket to me...
06:35-!-jtoy [~jtoy@] has quit [Quit: jtoy]
06:39-!-mohanjith [~moha@] has joined #linode
06:44<row>Zozo: when you say it is a DDoS, coming from lots of random ips or can you just drop with iptables or something?
06:46-!-streety [] has quit [Ping timeout: 480 seconds]
06:46<saman> jwilliamhoffman: I can see fine
06:51<saman>What do the Alt-# (e.g. Alt-1) in bash shell?
06:51<saman>**what to they do
06:52<Zozo>row, netstat -a show many connections from hosts like llfXXXXXX.crawl.y:YYYYY
06:54<saman>never mind, found it:
06:56<checkers>< Zozo> my problem is that directly after linode reboot there are many apache process <-- set MaxClients so you can't get overloaded
07:05-!-jwilliamhoffman [~jwilliamh@] has quit [Ping timeout: 480 seconds]
07:19-!-mohanjith [~moha@] has left #linode []
07:20-!-railsninja [] has quit [Quit: Leaving...]
07:21-!-esparkman [] has quit [Quit: Leaving...]
07:38-!-railsninja [] has joined #linode
07:38-!-streety [] has joined #linode
07:42*ella grumbles - not a good time to get frustrated
07:42-!-civija [civija@] has joined #linode
07:42<ella>Anyone know anything about cmake, gammu ??
07:50<checkers>what about it?
07:50<ella>Unknown CMake command "pkg_check_modules".
07:51<ella>Oh half sec, the 'upgrade' of cmake didn't go in the right place Grrrr
07:51<ella>let me try again
07:56-!-railsninja [] has quit [Quit: Leaving...]
07:57<ella>Ok works :) Grrrr
07:57<ella>ppl shoudl be less incompatible between minor version changes :)
08:00-!-ember [] has quit [Ping timeout: 480 seconds]
08:04-!-JshWright [] has joined #linode
08:10-!-ember [] has joined #linode
08:11*checkers stbas trac about this regularly
08:12-!-borris [] has quit [Read error: No route to host]
08:27*ella must learn svn
08:29-!-laser` [] has joined #linode
08:31<Zozo>please, help!
08:31<Zozo>MySQLd on my linode eat too many CPU
08:31<laser`>What is it serving?
08:31<Zozo>Some hours ago I found that somebody DDOS my linode
08:32<Zozo>one ROR application
08:32<Zozo>usually, my ROR App is not so populat to get big load
08:32<Zozo>but it seems somebody DDOSing me
08:32-!-borris [] has joined #linode
08:32<Zozo>and top show me that mysqld use ~130% of CPU
08:33<laser`>Seems consistent with a DDoS
08:33<laser`>Well, a DDoS that's requesting a lot of pages
08:33<Zozo>i see that after I rebooting my VDS, a lot of apache2 process running
08:33-!-J-Node [] has joined #linode
08:33<Zozo>also it's too many connections to the server
08:34<Zozo>I created a ticket to linode 2-3 hours ago, but still no answer :(
08:34<Zozo>site is in down now :(
08:34<Yaakov> Zozo Did you end up on digg or reddit or soemthing?
08:34<praetorian>'in down'?
08:34<Yaakov>Zozo: Also, turn off keep alives in Apache.
08:34<Yaakov>That might be enough.
08:37<Zozo>in down = doesn't work
08:37<Zozo>Yaakov, I don't think so
08:37<Yaakov>Zozo: What is the url they are hitting?
08:37<Zozo>it's not look like big traffic from somewhere
08:37<Yaakov>Is the referrer direct?
08:39<checkers>Zozo: there are a few things you need to do. Set MaxClients in the apache config low enough so it doesnt' spawn more than the linode can handle. Set the max connections in MySQL high enough, but max concurrency low (if you use innodb)
08:40<checkers>< Zozo> but it seems somebody DDOSing me <-- btw, is there a consistent user agent? it could be an evil crawler
08:40-!-seangrove [] has quit [Quit: seangrove]
08:41<Yaakov>Is it all one address?
08:41<Yaakov>checkers: My non-DDoS ended.
08:41<Zozo>Yaakov, I'm searching it in a log files
08:42<Zozo>checkers, netstat -a show me:
08:42<Yaakov>checkers: and
08:42<Zozo>many records like this
08:42<Zozo>tcp 1 0 llf520165.crawl.y:57745 CLOSE_WAIT tcp 1 0 llf520165.crawl.y:55059 CLOSE_WAIT tcp 1 1 LAST_ACK tcp 0 0 ns.km30233.keymach:3912 ESTABLISHED tcp 1 0 llf320023.crawl.y:49654 CLOSE_WAIT tcp 0 0 llf320023.crawl.y:42
08:43<Yaakov>It is a crawler/
08:43<checkers>close_wait connections aren't really a problem
08:43<checkers>unless you have more than a few hundred
08:43<Yaakov>No, but they are the bones left over.
08:43<Zozo>why Yahoo do that?
08:44<Yaakov>They want to know all about you.
08:44-!-esparkman [~esparkman@] has joined #linode
08:44<checkers>yahoo's crawler should be sane
08:44<checkers>it should hit no more than 1 page/sec and respect robots.txt
08:44<Yaakov>grep your logs for Slurp
08:44<Zozo>but yahoo scan my site before many times and everythis was ok because it scan my site not too fast
08:44<Yaakov>Is there a lot there?
08:45<Yaakov>It might be a coincidence that you had just been crawled.
08:47<Zozo>this problem is actual for last 2-3 days :(
08:48<praetorian>better to look at your apache logs more than netstat to see what caused it
08:48<Yaakov>I say give up and shut down the site.
08:48<Yaakov>It's easier, and you can go drink.
08:49<praetorian>drink either way
08:49<Zozo>praetorian, I'm looking on it right now and still can't find the reason
08:49<Zozo>Yaakov, But I want my site to work :)
08:53<praetorian>update your listen directive to have
08:54<saman>Zozo: your website is still responsive and looks fine
08:54<checkers>drink with us!
08:54<saman>Zozo: just let teh crawlers do their job :-)
08:55<Zozo>saman, hmm.. it works for you?
08:55<checkers>doesn't respond quickly here
08:55<checkers>can't even connect to 0
08:56-!-freedumMan [] has joined #linode
08:56<Yaakov>checkers: Port 0!
08:56<Zozo>for me it works only right after apache restart
08:56<saman>sorry, I was looking at, isn't that hosted on your serer as well?
08:56<checkers>Zozo: pastebin a few hundred recent lines from apachelog
08:57<Zozo>yes, - it's also site from my server, but it's statis site
08:57<Zozo>but my main project (ROR) dowsn't work
08:57<praetorian>wel returns fine
08:58-!-JshWright [] has left #linode []
08:59<checkers>Zozo: this probably means the issue is with the RoR backend, or mysql
08:59<saman>zozo: as checkers said, pastebin a few hundred recent lines from apachelog <----
08:59<checkers>I'd break out your performance profiler and start optimizing, possibly your SQL and possibly your ruby
09:00<freedumMan> vsftpd: Unknown Entries: check pass; user unknown: 835 Time(s) I want to block based on IP for VSFTPD and ssh attempts, whats my best options with ubuntu server?
09:01<checkers>and not using FTP
09:01<mwalling>use ssh/scp/sftp
09:02<freedumMan>can i tell fail2ban to ignore certain entries?
09:02<saman>fail2ban simply blocks clients if they make to many failures
09:02<Zozo>saman, I can't find something strange in a logs. GoogleBot and Yahoo slurp now is on my site but they hit not faster that 1req/10sec
09:03<saman>if you only want to block an ip, use iptables
09:03<freedumMan>saman, got it
09:03<praetorian>i think you can have exceptions
09:03<Zozo>checkers, everything was fine for last 2 months and I didn't change or update anything at all
09:03<praetorian>Zozo: what does your bacndwidth graphs show
09:04<saman>freedumMan: you can manage the fail2ban detection rules to have exceptions, yes
09:04<Yaakov>So anyway, that's why SpaceHobo is so terribly twisted, you'll have to give him a break on it.
09:04<checkers>Zozo: well, you can wait until traffic goes down and the site will work again
09:04<Yaakov>Oh... hai.
09:05<checkers>i always picked Yaakov as a sandle/sock mixer
09:06<Zozo>cpu usage go down after server or apache restart
09:06<Zozo>but for short time
09:06<soul9>you probably have a cms that goes bezerk
09:07<soul9>probably some php stuff?
09:07*ella cheers
09:07-!-linville [] has joined #linode
09:08*ella votes for php gone insane
09:08<linbot>New news from forums: Wordpress MU, Apache & Domain Resolution in Linux, Apache, Mysql and PHP (LAMP) Forum <>
09:08<soul9>praetorian, really? i haven't heard nearly as much bitching about ruby than for php
09:08-!-skule [] has joined #linode
09:08-!-jcn [] has joined #linode
09:08<Yaakov>SpaceHobo: I don't own any sandals.
09:09<Yaakov>SpaceHobo: But if I did, I would wear socks IF I FELT LIKE IT
09:09<checkers>soul9: you must have been living under a rock then :P
09:09<saman>zozo: why don't you disallow everything in robots.txt ? Assuming the crawlers are sane ...
09:09<soul9>no, i really try to keep as far from interpreted languages as possible
09:10<soul9>we use perl at work, that's plenty for me thank you very much
09:10<checkers>soul9: you don't believe in websites beyond amazon? :P
09:10<soul9>actually, more than enough
09:10-!-jtaji [] has quit [Remote host closed the connection]
09:10<Yaakov>SpaceHobo: I don't have problems resisting discounts.
09:10*ella writes all her modules in perl or c
09:10<praetorian>atleast its not embperl
09:10<soul9>checkers, amazon was written in lisp at first..
09:11<Yaakov>Perl sucks.
09:11*soul9 +1
09:11<ella>I thought Amazong was writen in cobal
09:11<soul9>no it wasn't
09:11<Zozo>saman, I want my site to be on google and yahoo so I can't disallow everything on robots.txt
09:11<soul9>lol COBOL
09:11<Yaakov>mikegrb sucks because he uses perl.
09:11<checkers>written in C
09:11-!-ember [] has quit [Read error: Connection reset by peer]
09:11<soul9>checkers, ?
09:11<Yaakov>Perl is useless. What can you do with perl? Nothing.
09:11<ella>I do heaps with perl
09:11<soul9>daaaaamn it
09:12<soul9>yes, you're right
09:12<praetorian>Yaakov: you can do helps with perl .. like.... for example:
09:12<soul9>it's e-bay that was originally in lisp
09:12<praetorian>bash your keyboard and end up with valid code
09:12<Yaakov>That's not perl, that's befunge.
09:12<jackc>why do you guys hate so hard
09:12<jackc>you dont have to use it
09:12<ella>I wrote a parser that parses forms using a perl AI I wrote, it also outputs template pages using <sql queryname field> like meta tags :)
09:12<praetorian>jackc: sorry, im drinking my hatorade
09:12<Yaakov>I don't know how long I can keep this up...
09:13<Yaakov>Perl is for people that can't handle whitespace.
09:13<checkers>Yaakov: there's a pill to help with that
09:13<soul9>praetorian, that made me lmao
09:13<ella>Gawd anyone who writes perl without white space and layout is foolish! *gulps*
09:13<ella>But then I do that with C :)
09:13<Yaakov>Everytime I see Larry Wall I beat him the camel book.
09:14*soul9 happy to find some mongerhaters :-D
09:14-!-ember [] has joined #linode
09:14<Yaakov>And by "beat him" I mean have long interesting conversations, and by "camel book" I mean, my mind, mouth and ears.
09:14<Yaakov>(And hands for gesturing)
09:15<Yaakov>phennessy: YOU are gross.
09:15<soul9>has he repented from inventing one of the most $µ% up languages around? :-)
09:15<Yaakov>No, now he is making Perl6.
09:16<Yaakov>It wasn't enough to make a popular and amazingly useful language, now his is making something that will break people's brains all over the planet.
09:16<Yaakov>Hrm... s/his/he/
09:17<soul9>well, i guess perl is good for replacing shellscript...then again i don't get why that needs be done...why isn't shell good enough?
09:17<ella>THis is how I write my c code:
09:17<ella>If you want the rest let me know :) If you can guess what it does tell me!
09:17<soul9>you're out of your mind hahah
09:17<Yaakov>Well, I have written some rather large projects in Perl.
09:17<soul9>Yaakov, have you?
09:17<soul9>Yaakov, did you have to maintain them?
09:18<soul9>or did other people have to turn white and tear out their hairs
09:18<ella>Yaakov why large? Perl is potentially so compact and as a modperl module it's light, fast and damn easy to code up in a hurry!
09:18<Yaakov>ella: Because the projec was large.
09:18<Yaakov>soul9: Actually, the code was nice and clean with clear subroutines and careful use of modules.
09:18<ella>I've got a total of around 128K of perl code that runs an entire billing, booking, scheudling and personnel site :)
09:19<ella>Ok it relaly is just an interface to MySQL and Apache :)
09:19<Yaakov>soul9: Easy to maintain and self-documenting mostly. I cannot STAND obfuscation in production code.
09:19<soul9>Yaakov, well, i code for a big perl project
09:19*ella nods at Yaakov
09:19<soul9>dunno exactly how many lines, but a lot
09:19-!-ember [] has quit [Read error: Connection reset by peer]
09:19<Yaakov>ella: Does the 128K include DBI and DBD::mysql?
09:20<Yaakov>soul9: ANY language can be abused.
09:20<ella>I use PERL for 'ease of use' and 'simple' non conpex tasks that people can adapt later
09:20<ella>Yaakov no, modules arne't included, and yes DBI is used.
09:20<soul9>Yaakov, yes
09:20-!-elhippo [] has joined #linode
09:20<soul9>Yaakov, but there are some where it's very easy (it's made easy) to write obfuscated code
09:20<Yaakov>soul9: Perl is NOT for neophytes. It requires PROGRAMMER and TEAM discipline and inherently enforced.
09:20<soul9>e.g. see perl's automatic variables
09:20<ella>If it's complex, then I resort to C languages and that's when things get obfuscated :)
09:21<soul9>no, c is very clear
09:21<soul9>if well coded
09:21<Yaakov>soul9: The correct way to write maintainable perl is to use a shared idiom and avoid unnecessary compactness.
09:21<ella>I can wrote obfuscated code in BASIC!
09:21-!-mendel [~rich@] has joined #linode
09:21<Yaakov>I often write three lines of code for clarity instead of being clever.
09:21<soul9>Yaakov, i may agree...but then again, perl makes you think it's an easy language
09:22<soul9>and, effectively, it's easy to code something in it that *kind of* works
09:22<ella>Yaakov yup, I agree, sometimes that works. Althugh there are times where I think to myself "God this would be better in C, clarity is out the window trying to do X"
09:22<Yaakov>It is, if you know it. I like to say that C is a programming language and perl is a way of telling your computer what you have in mind for it to do.
09:22<ella>soul9 PERL *IS* an easy language
09:22*soul9 really hates $_
09:22<ella>Hehe $_ has it's uses :)
09:22<Yaakov>C is really great for writing perl in, but perl is a lousy vehicle for C programming.
09:22<ella>Just like Men do :)
09:22<Yaakov>soul9: Why?
09:22<soul9>=~ s/foo/bar/
09:23<Yaakov>soul9: It allows for a very nice idiomatic expression of code.
09:23*soul9 hatemongered himself out, now back to editing f£µ%ed up perl code
09:23<soul9>it allows for very nice obfuscation of variables
09:24<soul9>if you want to type less, you type $a =~ and that's it
09:24<Yaakov>perl -le 'connect$|=socket(1,2,1,$/=select+1),pack sa14,2,"\nDA\cS\213,";print"d ! @ARGV\nq\n";print$/ +<1>=~/".+?$(.*?)^\./sm' perl
09:24<ella>I try and avoid most of the fixed variables in my code, unless I don't intend it being maintained :)
09:24<soul9>Yaakov, aaah, wonderfull, that is so beautiful isn't it?
09:24<Yaakov>soul9: $_ can be used for good or evil..
09:24<soul9>i agree
09:24<Yaakov>soul9: That's a game, it's called perl golf.
09:25<Yaakov>Golfing is fun but not for production.
09:25<soul9>you can write good code in _any_ language
09:25<soul9>i guess even perl
09:25<jackc>or bad
09:25<Yaakov>You have a problem and see who can solve it in the fewest strokes.
09:25<soul9>or bad, yes
09:25<Yaakov>Run that one, it is sage and fun.
09:25<soul9>Yaakov, i don't care about strokes
09:25<soul9>i don't give a µ%£
09:25-!-r3z [] has joined #linode
09:26<soul9>i give about maintainability and clarity
09:26<Yaakov>Or this one, but on a real VT100, like xterm:
09:26<Yaakov>perl -we '@a=qw(Y v a o a k);print"\e#3";for(0..$#a){unless(fork){$s=$_;$s+=abs(($s-$#a)*2-2)if$_%2;sleep$s;print$a[$_];exit}}sleep$#a*2+2;print$/;print"\e#4";for(0..$#a){unless(fork){$s=$_;$s+=abs(($s-$#a)*2-2)if$_%2;sleep$s;print$a[$_];exit}}sleep$#a*2+2;print$/'
09:26<checkers>< soul9> you can write good code in _any_ language <-- some languages make it harder than others
09:26<checkers>Yaakov: promise it won't do any permanent damage?
09:26<Yaakov>checkers: NO damage, permanent or otherwise.
09:27<soul9>checkers, from where ... _even_ in perl
09:27<Yaakov>soul9: Good production code requires predetermined rules for the team.
09:27<Yaakov>SpaceHobo: Not quite.
09:28<Yaakov>SpaceHobo: Though that's accurate.
09:28<checkers>Yaakov: it's not eating my CPU. I want my money back!
09:28<Yaakov>checkers: On a VT100?
09:28<Yaakov>Did it print twice?
09:28<Yaakov>Use an xterm.
09:29<ella>Hete ya go
09:29<Yaakov>If you are not using an xterm, you might as well run: perl -we '@a=qw(Y v a o a k);for(0..$#a){unless(fork){$s=$_;$s+=abs(($s-$#a)*2-2)if$_%2;sleep$s;print$a[$_];exit}}sleep$#a*2+2;print$/'
09:29*checkers boots up a freebsd 5.5 VM
09:29<ella>A Self refering, self calling Perl Script that can reprocess an input HTML page nesting virtual includes till it's done them all! Incuding Virtual Includes inside virtual includes!
09:30<Yaakov>My other version isn't as clever as it should be, it is just doubled, in effect.
09:30<Yaakov>SpaceHobo: Did you see the very first oneliner I pasted?
09:31*ella misses the day of 255 byte coding :)
09:31*ella needs a Forum System
09:31<Yaakov>perl -le 'connect$|=socket(1,2,1,$/=select+1),pack sa14,2,"\nDA\cS\213,";print"d ! @ARGV\nq\n";print$/ +<1>=~/".+?$(.*?)^\./sm' perl
09:32<Yaakov>That one.
09:32<Yaakov>NOT MINE, very clever.
09:32<Karrde>stop mashing the keyboard!
09:33*ella ponders writing a forum n 255 bytes
09:33<Karrde>bd_: (15 hours late) I'm not going to use >16GB, and I can't replace the Main File Server that easily anyway :p
09:33<Yaakov>Very, attibute to xmath. Clever young man.
09:34<Yaakov>Yes, a golf winner.
09:34<Yaakov>No modules, really shows the power of perl.
09:34<Yaakov>I wrote a one-liner identd client. Very useful.
09:34<Yaakov>perl -le '$|++; use IO::Socket; $s=IO::Socket::INET->new(LocalPort => 113, Listen => 1, Reuse => 1, Proto => "tcp") or die "Failed to create socket: $!"; $c=$s->accept(); $_=<$c>; s/^(\d+\s*,\s*\d+)[^\r\n]*/$1 : USERID : UNIX : myident/; print $c $_'
09:35<Yaakov>Not a golf entry.
09:36<ella>I'ts not really "the power of perl" it's the capability of the coder :)
09:37<ella>Perl is just interpete to machine code at the end of the day
09:37<Yaakov>ella: Perl is VERY good at compact one-line programs.
09:37<ella>Yes I guess
09:37<soul9>the one-line language
09:37<J-Node>Yaakov: Because *nix is VERY good at piping.
09:37<ella>but then its not realy "one line" because without the MASSIVE perl interpreter nithing happens :)
09:37<soul9>if your program evolves, rewrite it :-D
09:37*ella ponders re-writing her parser and AI
09:37<Yaakov>Perl's syntax, contexts and $_ add up to making things flow as you would want.
09:38<ella>I'ts been about 5 yers since I looked at the code, not much of it makes sense to me now :0
09:38<Yaakov>J-Node: There's no piping there, it's all a perl program.
09:38<praetorian>i wrote a simplier identd client
09:38<linbot>New news from forums: How to exactly make an SMTP work in Email/SMTP Related Forum <>
09:38<ella>Yaakov ok but if you wrote that same line of code in Assembler ...
09:38<praetorian>its in bash..
09:38<Yaakov>praetorian: No it isn't.
09:38<fapestniegd>that's the problem with perl, all the little clever tricks that make code concise also make it completely unreadable by the author in under a month
09:38<praetorian>mine is!
09:39<Yaakov>praetorian: YOUR'S IS
09:39<fapestniegd>that being said, i <3 perl
09:39<ella>Code in what does the job, that's all thats important
09:39<praetorian>your's is? :P
09:39<praetorian>what english :P
09:39<Yaakov>fapestniegd: Writing in idiomatic perl ensures that you can understand it later, even with clever tricks.
09:39<ella>Just like I have PC Widnows, Mac OSX and Linux on different machine
09:39<J-Node>'k, semantics. If you want to get picky, each time the semicolon is used you're on a different line, so it's not really a 1-liner.
09:40<Yaakov>J-Node: That's arbitrary. It is one line, no newlines.
09:40<ella>I always comment any code (including BASIC) heavily, but it rarely helps cause I always make silly comments :)
09:40<Yaakov>Darnit, meeting.
09:41<Yaakov>See you hoopy froods tonight or tomorrow.
09:41<ella>See ya Yaakov
09:42<ella>Oh dear :) I need to reivew my code!
09:42<ella> # 20050428 added a test for TAGS embedded in the HTML file. No point going through the
09:42<ella> # sql file search process if there is nothing to process hey!
09:44<ella>OMG: # 17/5/05 Delete this routine as it's not going to work either
09:44<ella>Now who in their right mind writes things like that in their code!
09:45-!-gsf [gsf@] has quit [Remote host closed the connection]
09:45<fapestniegd>anyone in a hurry
09:46<J-Node>Like I said, semantics. Each statement, IMHO, is a line.
09:46<ella>fapestniegd I will be in 11 mins :)
09:46<J-Node>i.e., a separate thought.
09:46-!-nate_ is now known as nate
09:47<J-Node>Reminds me of those novels where it's all one long chapter. Imagine if it were just one long sentence. Yikes!
09:47<ella>You don't read mch written by 6 year olds do yu :)
09:47-!-saman [] has quit [Quit: leaving]
09:48<J-Node>6 year olds don't write, they scribble.
09:48<ella>Not the 6 year olds I know
09:48-!-saman [] has joined #linode
09:48*ella needs choclate
09:49-!-redline6561 [] has joined #linode
09:49<J-Node>Off to the store...
09:49-!-J-Node [] has quit [Quit: HydraIRC -> <- \o/]
09:49*fapestniegd writes code like a 6 year old.
09:49*ella laughs
09:50*ella needs sleep too
09:50<fapestniegd>damnit jim, I'm a sysadmin, not a developer!
09:50-!-redline6561 [] has quit [Remote host closed the connection]
09:52<agentbleubleu>any known problems on newark? just waking up, sorry if missd anything
09:54<@irgeek>Haven't heard of any. What are you seeing?
09:55<jackc><-- on nac vm, workin fine
09:56<agentbleubleu>non response on http
09:57-!-j_dan_williams [] has joined #linode
09:58<agentbleubleu>hmm https ok just http must be me
10:00-!-liberfiasco [] has quit [Quit: Leaving]
10:00-!-libervisco [] has joined #linode
10:01-!-jcn [] has quit [Ping timeout: 480 seconds]
10:02<agentbleubleu>irgeek: on apache restart, any idea ? could not bind to address
10:02<jackc>netstat -anp|grep 80
10:02<jackc>whats already there
10:02-!-j_dan_williams [] has left #linode []
10:03-!-laoge [] has joined #linode
10:03<agentbleubleu>lot of stugg
10:04<agentbleubleu>top one, tcp 0 0* LISTEN 3677/apache2
10:04<jackc>apache is already running and has that port ;-)
10:04<agentbleubleu>what to do
10:04<jackc>ps aux|grep apache2|awk '{ print $1 }'|xargs kill
10:05<laoge>hi, i tried to connect to mysql server installed on a ubuntu linode with mysql-administrator, but i failed. can anyone help me on this?
10:05<saman>how did u fail?
10:06<agentbleubleu>messages about kill id
10:07<jackc>agentbleubleu: netstat -anp |grep apache
10:07<jackc>anything still there?
10:07-!-ph^ [~ph^@] has quit [Remote host closed the connection]
10:07<jackc>agentbleubleu: k, start up apache in your normal manner
10:08<agentbleubleu>still failed
10:08<@irgeek>laoge: MySQL doesn't listen on external interfaces by default.
10:08<agentbleubleu>(98)Address already in use: make_sock: could not bind to address
10:08<laoge>saman: i got the message 'Could not connect to mysql server....MySQL Error Nr.2003'
10:08<jackc>agentbleubleu: *something* is still bound to that port clearly...
10:08<jackc>agentbleubleu: netstat -anp|grep 80
10:08<jackc>whatever it is, kill it with fire
10:09<agentbleubleu>tcp 0 0* LISTEN 3677/apache2
10:09<laoge>irgeek: can i configure it to listen on external interfaces.
10:10<jackc>agentbleubleu: kill 3677
10:10<@irgeek>Yes, but you probably don't want to. It's better to use an SSh tunnel so you can access it over localhost.
10:10<jackc>and check again to see if its still there
10:11<laoge>irgeek: thanks, can you elaborate it?
10:11<@irgeek>laoge: Are you on Windows or Linux/Unix/OS X?
10:12<laoge>irgeek: linux.
10:13<@irgeek>laoge: ssh -L 10000:localhost:3306 user@LinodeIP
10:14<@irgeek>After you connect, point MySQL Administrator at localhost:10000
10:14<agentbleubleu>jackc cheers
10:14<agentbleubleu>that sorted it
10:14-!-jtaji [] has joined #linode
10:15<laoge>irgeek: thanks a lot.
10:16<laoge>irgeek: what do the parameters mean?
10:17-!-gsf [] has joined #linode
10:17-!-paul [] has joined #linode
10:17-!-paul is now known as orudie
10:18<orudie>tasaro, around ?
10:18<@irgeek>laoge: - Scroll down the -L, there's a description there.
10:19-!-sc0field [] has joined #linode
10:22-!-squidly [] has joined #linode
10:24-!-Lithrem [~Lithrem@] has quit [Ping timeout: 480 seconds]
10:24-!-Zozo [] has quit [Remote host closed the connection]
10:28<laoge>irgeek: i can not connect to mysql server on my linode, i got the message "MySQL Error Nr. 1045Access denied for user 'root'@'localhost' (using password: YES)
10:29<@irgeek>Then you're using the wrong password.
10:29<jackc>did you set a password yet?
10:30<@irgeek>laoge: The root password in MySQL != the system root password
10:30<mrsteveman1>shouldn't you add permissions for the remove hostname?
10:30<jackc>hes using a tunnel
10:30<mrsteveman1>i've seen some applications refuse to connect over ssh because the hostname didn't appear to be coming from localhost
10:30<mrsteveman1>i know
10:30<@irgeek>for user 'root'@'localhost' <---- The tunnel makes it appear you're local
10:31<mrsteveman1>should, yes
10:31<@irgeek>Not should, is.
10:31<@irgeek>That error is coming from MySQL. If you're not connected correctly, the error would be for 'root'@'some_other_host'
10:32-!-Lithrem [~Lithrem@] has joined #linode
10:33<laoge>irgeek: thanks, but i used the password which is set when i installed mysql-server with aptitude.
10:35<ella>do you have any other user accouns on your server with provs?
10:35<laoge>ella: no
10:35<ella>OK can you ssh to your server and use mysqladmin commands
10:35<@irgeek>Have you logged in successfully using mysql inside your Linoe?
10:36<ella>or even on your linode: mysql -p
10:36<laoge>irgeek: yes, i logged in mysql inside my linode successfully.
10:36<ella>and enter your root password, assuming you ssh in as root ;)
10:37<ella>Has /etc/hosts got your VPN ip address in it as Localhost?
10:37<laoge>ella: yes,mysql -p succeeded.
10:38<@irgeek>laoge: Do you have MySQL running locally?
10:39-!-daMaestro [] has joined #linode
10:39<ella>Do you have your VPN ip address in your user table?
10:39<laoge>irgeek: my local mysql server is not running.
10:39<ella>I have found that I need both forwad and reverse configured
10:39<@irgeek>ella: It's not VPN. It's an SSH tunnel.
10:39<ella>SSH Tunel, VPN all the same
10:39<ella>Oh hang on
10:40<@irgeek>Actually, no. Not the same.
10:40<ella>Does SSH return "localhost" as the SOURCE rather than the destination
10:40<ella>Ok you have mysql logging active?
10:41<tjfontaine>you're so 90s
10:41<ella>If so, why not put in a % for hosts agianst a root user entry and see if yu can log in, if you can you will be able to see what addresss it's logging, besides localhost :)
10:42<laoge>ella: i am not sure.
10:42<@irgeek>-L 10000:localhost:3306 mean "Listen on local port 10000 and forward all packets across the tunnel. When they get there, send them to localhost:3306 - whatever that means to the OS on the far end."
10:42<ella>I don't thnk i'ts the SSH tunnel causing issues, regardless, it's permissions in MySQL and how it's deciding what "localhost" means
10:43<ella>I had the SAME issue when I got my VPN running from my lappy to Linode, and then it all happened agiain when I VPN'd from my linux gateway to linode with my lappy tunneling thorugh that
10:43<mrsteveman1>maybe try granting permissions? i dont think it would see that any different as localhost but worth a try
10:43<ella>But then mysql isn't accessible on a visible IP on my server and I just give myself password and local IP protected acess :)
10:44*ella nods and agrees with mrsteveman1
10:44<laoge>ella: '% for hosts' does not work. i have tried the method.
10:44<@irgeek>ella: With a VPN you look like you're coming from a different host. With an SSH tunnel you look like you're coming from localhost. They are not comparable.
10:44<ella>irgeek well some times :) I have my VPN to look like I'm coming from the local host :)
10:45<ella>NAT :)
10:45<civija>hi guys! I have a question about ssh connection and my linode. The problem is that copying anything trough ssh is rather slow, speed barely gets over 200 Kbs and I can't see why is it slower.
10:45<ella>Makes sure people can't come bac to me :)
10:45<straterra>civija: what speed of line are you on?
10:45*ella dreams of 200 Kbps
10:46<civija>straterra: on host that I'm copying on I have 8 Mbs speed
10:46<@irgeek>laoge: On your Linode make sure you can connect like this: mysql -u root -p -P 3306
10:46<laoge>irgeek: yes,absolutely.
10:46<@irgeek>laoge: If that works, from your local machine try: mysql -u root -p -P 1000
10:46<@irgeek>laoge: If that works, from your local machine try: mysql -u root -p -P 10000
10:47*ella giggles - back to basic basics :)
10:47<Nivex>10 PRINT "HELLO WORLD!"
10:47<Nivex>20 GOTO 10
10:47<ella>10 PRINT "Hello World": GOTO 10
10:48<jackc>mov eax,1; mov ebx,0; int 80h;
10:48*ella laughs
10:48<Nivex>ella: Touché
10:48*ella pokes laoge
10:48<laoge>irgeek: you mean after i ssh -L 10000:localhost:3306...and open another terminal and try mysql -u root...?
10:49*ella wonders how you open a terminal - sounds painful
10:50<laoge>irgeek: i got the message " Access denied for user 'root'@'localhost' (using password: YES)"
10:51<@irgeek>MySQL doesn't like your password.
10:53<ella>laoge is thee a password in the user table of the mysql database?
10:53*ella has forgotten her linode rootpassword
10:54<@irgeek>laoge: The only thing I can think is to try ssh -L 10000: user@LinodeIP
10:54-!-bnry [~abnry@] has quit [Ping timeout: 480 seconds]
10:54<@irgeek>I've never needed to do that, but it may act differently.
10:54<laoge>ella: i set the password when i installed mysql-server with aptitude.
10:54<@irgeek>Even though it shouldn't
10:54<mrsteveman1>if the password works locally shouldn't it work on the other end of the tunnel? its the same client either place
10:55<@irgeek>Yeah, it should.
10:55-!-bnry [~abnry@] has joined #linode
10:55<ella>Ok I just tried all this ssh tunneling and it didn't work for me iether
10:55<ella>well it kinda did but didn't
10:55*mrsteveman1 will test it out
10:55<ella>It connected me to the mysql on my local server not my linode
10:56<checkers>ella: you Did It Wrong then
10:56<ella>so it seems
10:56<Hareem-Haque>Hello everyone
10:56<ella>ssh -L 1234:localhost:3306 vpnmail.local
10:56<Hareem-Haque>I have a quick favour to ask. Does anyone know how to work with Hadoop
10:56<ella>Oh wait
10:57<@irgeek>ella: Then mysql -P 1234 -p
10:57<ella>nope, still didn't work :)
10:57<ella>Yes I did
10:57<ella>gammu-1.23.92# mysql -p -P 1234
10:57<ella>Your MySQL connection id is 8
10:57<ella>Server version: 3.23.58
10:57<@irgeek>Hareem-Haque: Hanope
10:57<ella>Prbl is I've got a V5 on linode :0
10:57<ella>Server version: 5.0.51-log Source distribution
10:57<ella>gammu-1.23.92# mysql -p -h vpnmail
10:58<@irgeek>(Sorry, couldn't resist)
10:58<Hareem-Haque>irgeek: and is Hanope present here
10:58<checkers>Hareem-Haque: that was a pun
10:58<Hareem-Haque>i know
10:58<checkers>quite a poor one at that...
10:58<ella>checkers hey it's a Credit Crunch, you expect rich puns?
10:59<Hareem-Haque>ella: good one
10:59*checkers dies a little inside
10:59*ella smiles with a Cheshire Smile
11:00<ella>Actualy doesn't matter what port number I issue to mysql -P it always connects me locally
11:00<laoge>irgeek: i can not connect to mysql server , even if i replace localhost with
11:01<ella>OK got errors now :)
11:02<ella>local# ssh -L 1234:vpnmail.local:3306 vpnmail.local
11:02<ella>~# mysql -p -P 1234
11:02<ella>ERROR 2002 (HY000): Can't connect to local MySQL server through socket '/var/run/mysql/mysql.sock' (2)
11:03<orudie>irgeek, pm
11:03<mrsteveman1>i think you have to specify
11:03-!-Frools [] has quit [Ping timeout: 480 seconds]
11:03<mrsteveman1>localhost seems to mean unix socket to mysql
11:03<ella>Ok but I'm not using localhost :)
11:03<mrsteveman1>localhost should be the default
11:03<mrsteveman1>if you don't pass anything else to the client
11:03*ella thought she might simulate all this
11:04<mrsteveman1>mysql -h -uroot -p
11:04-!-Hareem-Haque [] has quit [Quit: ChatZilla 0.9.84 [Firefox 3.0.7/2009021910]]
11:05<ella>When I issue the ssh -L command is it suppose to ask for a password (root in this case) and then drop into a shell?
11:05<mrsteveman1>if you don't want a shell issue -f -N as well
11:05<laoge>ella: yee
11:05<mrsteveman1>fork no execute i think is what that means
11:05<ella>ok no drama, and netstat tells me
11:05<ella>tcp 0 0* LISTEN
11:06<ella>Ohk here is interesting
11:06<ella>Connected to localhost.
11:06<ella>Escape character is '^]'.
11:06<ella>Connection closed by foreign host.
11:06<ella>So the tunnel is working
11:06<ella>so i'ts mysql (client) that is carping
11:06<ella>does that help anyone, laoge
11:07*ella waits for laoge to telnet
11:07<laoge>ella: what do you mean by carping?
11:08<ella>Try the telnet, see if it works
11:08<ella>root@alpha:~# mysql -p -P 1234 -h
11:08<ella>Enter password:
11:08<ella>ERROR 1045 (28000): Access denied for user 'root'@'vpnmail.local' (using password: YES)
11:09<ella>Now I can simulate the error :)
11:09<laoge>ella: ok i will try.
11:09<ella>now if laoge gets the telnet ....
11:09<laoge>ella: yes, you can simulate the error, is it strange?
11:10<ella>Ok well you have me TOTALLY baffled!
11:10<ella>and I don't baffle on IP that easy!
11:10<laoge>ella: i prefer trying phpmyadmin.
11:11-!-Frools [] has joined #linode
11:11-!-bnry [~abnry@] has quit [Ping timeout: 480 seconds]
11:12<ella>I'm ust waiting to be picked up to do a service call, but I will be around later of youw ant to explore more
11:12<mrsteveman1>if the password works on the local client, it should work on the remote client. If you are getting real mysql errors back, the tunnel works. The only things remaining are possible issues with mysql localhost vs., i've read some things indicating mysql sees those 2 things differently. I would suggest granting permissions to 'root'@'' if it isn't already (seems to be by default), or whitelist all clients IPs as lon
11:12-!-laoge [] has left #linode []
11:13<ella>OK I can log in localy from the linode, and from my linux gateway and from my windows, i'ts only via the SSH tunnel that it is not working
11:13<ella>and have % for root :)
11:14<ella>I also have 10.8.% for root too
11:14<ella>I think
11:14<ella>which is why my error comes form vpnmail.local and not localhost
11:14<linbot>New news from forums: Mail server :?: in Email/SMTP Related Forum <>
11:15<ella>Ok here's an update!
11:15<ella>Using NON root, (aka my personal access) I get in no prble m :)
11:15<ella>root@alpha:~# mysql -p -P 1234 -h -u ella
11:15<ella>Enter password:
11:15<ella>Welcome to the MySQL monitor. Commands end with ; or \g.
11:15<ella>Your MySQL connection id is 11192
11:15<ella>Server version: 5.0.51-log Source distribution
11:15<ella>Type 'help;' or '\h' for help. Type '\c' to clear the buffer.
11:16<ella>as far as I can remember, persmissions for both accounts are intrinsically the same
11:17<mrsteveman1>ok i just got a desktop client to work
11:17<ella>OK this isn't quite right
11:17<ella>My root account doesn't know about vpnmail.local :)
11:17<ella>It does know about %.sub.local :)
11:17<mrsteveman1>when i issued the ssh tunnel as 3306:localhost:3306 it didn't work
11:17<ella>and www
11:17<mrsteveman1>when i did ssh -L 3306: it worked
11:17<mrsteveman1>try that
11:17<ella>local# ssh -L 1234:vpnmail.local:3306 vpnmail.local
11:18<mrsteveman1>i didn't change permissions at all
11:18<ella>Ok so he's gone now :(
11:18<mrsteveman1>yea i should pay attention better
11:18<mrsteveman1>anyhow that seems to be the issue
11:19<ella>So he needs to check his 'user' table and see that he does in fact have permissions
11:19<mrsteveman1>weirdness with mysql only listening on, thinking localhost means unix socket
11:19<ella>some people change localhost from 127 to their visible IP (god knows why, I sure don't)
11:19<mrsteveman1>and issuing the tunnel as instead of localhost:3306
11:20<ella>Anyway I learned something :) Never done SSH tunnels before :)
11:20<ella>And in 3 mins I will have forgotten :)
11:20<mrsteveman1>normally ssh tunnels work fine
11:20<mrsteveman1>this is a weird issue
11:20-!-N1JER [~N1JER@] has joined #linode
11:20<ella>Permisisons in the usertable, have to be
11:20<mrsteveman1>its not
11:20<ella>Oh wait
11:21<mrsteveman1>permissions for the server i connected to (which is a production linode) weren't changed
11:21<ella>No no, it's fine, I have localhost and root permission in the usertable
11:21<ella>but I came from vpn
11:21<mrsteveman1>i only have permissions granted to root for and localhost
11:21*ella relaxes
11:21<mrsteveman1>mysql seems to see that as tcp vs unix socket
11:21<mrsteveman1>when normally localhost and should mean the same thing
11:22<mrsteveman1>try it tho, issue the ssh tunnel as 3306:
11:22<mrsteveman1>gotta go
11:22<ella>bind: Address already in use
11:22<ella>channel_setup_fwd_listener: cannot listen to port: 3306
11:22<ella>Could not request local forwarding.
11:22<ella>Can't do it that way it seems :0
11:22<ella>Oh cause I ave 3306 in use locally anyway :)
11:25-!-ember [] has joined #linode
11:26-!-row [] has quit []
11:29-!-row [] has joined #linode
11:32<orudie>irgeek, pm
11:33<laser`>Hmm, my Linode seems to be a little sluggsih
11:33<laser`>Running a yum update is taking a lot longer than usual
11:33<laser`>Anyone else on Newark 69?
11:33-!-tk8 [] has joined #linode
11:33*sportman waves
11:40*morsing nuzzles sportman
11:41<morsing>jkwood: ping
11:41-!-ember [] has quit [Ping timeout: 480 seconds]
11:42<civija>hi guys! I have a question about ssh connection and my linode. The problem is that copying anything trough ssh is rather slow, speed barely gets over 200 Kbs and I can't see why is it slower. any other traffic i.e. http/ftp/... is a lot faster, only ssh/sftp/scp is much slower.
11:42<@mikegrb>what's the latency to your linode?
11:42<civija>how can I check that?
11:43<scott>thats some bad latency
11:43<mwalling>i know how to test latency
11:43*linbot throws mwalling at irgeek
11:43*mwalling sees how long it takes irgeek to feel the brunt of 215lbs of fat
11:44<civija>mwalling: time=120 ms
11:44<scott>mwalling: your man boobs are not as impressive as mine!
11:44<@mikegrb>ssh has static recieve window size which really limits throughput as latency increases
11:45-!-dan_ [] has joined #linode
11:45<dan_>if i wanted to downgrade my linode, could that be done without having to create a new one and transfer everything over?
11:45-!-ElectricElf [] has joined #linode
11:46-!-J-Node [] has joined #linode
11:46<iggy>dan_: file a ticket
11:46<scott>i see a david b harris!
11:46<dan_>don't want to do it yet, just want to know if it's possible for them to do it
11:47<iggy>dan_: yes, it's possible, you just have to file a ticket
11:47<mwalling>dan_: open a ticket, resize your partitions, click a button
11:47<dan_>resize how?
11:48<mwalling>using the control panel?
11:48<dan_>ah, k. thanks
11:51-!-ember [] has joined #linode
11:53-!-Syrogen [] has joined #linode
12:01-!-descender [] has quit [Remote host closed the connection]
12:07-!-saman [] has quit [Quit: Lost terminal]
12:10-!-J-Node [] has quit [Ping timeout: 480 seconds]
12:14-!-jwilliamhoffman [~jwilliamh@] has joined #linode
12:16-!-yejun0 [~fIRCuser@] has joined #linode
12:18<jwilliamhoffman>I'm just getting started and decided to start over from unbuntu 8.10 to 8.04 LTS I deleted my disk image and loaded the new one but am getting a message that I don't really understand: @@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@
12:19<jwilliamhoffman>Someone could be eavesdropping on you right now (man-in-the-middle attack)!
12:19<jwilliamhoffman>It is also possible that the RSA host key has just been changed.
12:19<jwilliamhoffman>The fingerprint for the RSA key sent by the remote host is
12:19<jwilliamhoffman>Please contact your system administrator.
12:19<jwilliamhoffman>Add correct host key in /Users/jwilliamhoffman/.ssh/known_hosts to get rid of this message.
12:19<jwilliamhoffman>Offending key in /Users/jwilliamhoffman/.ssh/known_hosts:7
12:19<jwilliamhoffman>RSA host key for has changed and you have requested strict checking.
12:19<jwilliamhoffman>Host key verification failed.
12:19<jwilliamhoffman>Can someone help me with this?
12:21<@irgeek>jwilliamhoffman: When you deploy an image, there are no ssh keys. They are generated on the first boot. Since you've already connected to that IP when it had a different ssh key, ssh complains that the key changed.
12:22<@irgeek>"Offending key in /Users/jwilliamhoffman/.ssh/known_hosts:7" <---- It's on line 7 of that file.
12:22<jwilliamhoffman>how can I fix it?
12:22<@irgeek>Delete that line.
12:24<jwilliamhoffman>ok was the pastebin comment meant for me? am I supposed to put code there and then refer to it here?
12:28-!-zefster [] has joined #linode
12:32<jwilliamhoffman>since I'm starting from scratch can I get ride of the whole directory and start fresh?
12:37-!-kupesoft [] has joined #linode
12:40<@irgeek>What whole directory?
12:40*sportman waves
12:41<rsdehart>or you could just delete the line and have it start working
12:41<sportman>hows it going irgeek?
12:41<rsdehart>although that would solve the problem, so I'm not sure that's what you want to do
12:41<@irgeek>Lunch time. \o/
12:42<sportman>nice irgeek got anything good?
12:42-!-Redgore [] has quit [Read error: Connection reset by peer]
12:42-!-Redgore [] has joined #linode
12:46-!-Syrogen [] has quit [Ping timeout: 480 seconds]
12:50-!-azaghal [~azaghal@] has joined #linode
12:53<jwilliamhoffman>I deleted the line and now my password doesn't work
12:53-!-Athenon [] has quit [Ping timeout: 480 seconds]
12:55<@caker>jwilliamhoffman: the two are not related.
12:55<@caker>root@ , and the password you entered when you deployed, right?
12:56<jwilliamhoffman>is there a way to reset it?
12:57-!-yejun0 [~fIRCuser@] has quit [Remote host closed the connection]
12:57<jwilliamhoffman>rebooted and tried again, this time it worked
12:59-!-zobbbo [~icottee@] has quit [Quit: zobbbo]
13:03-!-streety [] has quit [Ping timeout: 480 seconds]
13:03-!-yejun0 [] has joined #linode
13:05-!-azaghal_ [~azaghal@] has joined #linode
13:06-!-azaghal [~azaghal@] has quit [Read error: No route to host]
13:08<linbot>New news from forums: backup availability? in Sales Questions and Answers <>
13:08-!-yejun0 [] has quit [Read error: Connection reset by peer]
13:09-!-steffan [] has quit []
13:10-!-steffan [] has joined #linode
13:13-!-steffan [] has quit []
13:19-!-lakin [] has joined #linode
13:29-!-kenichi [] has joined #linode
13:30-!-Otsego [] has quit [Quit: Leaving]
13:30-!-jwilliamhoffman [~jwilliamh@] has quit [Ping timeout: 480 seconds]
13:30-!-Otsego [] has joined #linode
13:31-!-doginize [] has joined #linode
13:33-!-hpj [~hpj@] has joined #linode
13:37-!-streety [] has joined #linode
13:38-!-verheesj [] has joined #linode
13:39<verheesj>hai thar
13:39-!-jwilliamhoffman [~jwilliamh@] has joined #linode
13:40<kenichi>i <3 linode!
13:41<verheesj>So do I :D
13:41-!-N1JER [~N1JER@] has quit [Quit: N1JER]
13:45<@irgeek>I believe it's illegal to not <3 Linode in several states.
13:45-!-jcn [] has joined #linode
13:46-!-N1JER [~N1JER@] has joined #linode
13:46<scott>what happens at Linode stays at Linode
13:47<HoopyCat>note that loving linode is still technically a criminal offense in a few southern states and utah
13:47<verheesj>can someone tell me how i format/re-install linode?
13:47<jackc>format heh
13:48<tjfontaine>verheesj: are you allowed back?
13:48-!-daMaestro [] has quit [Remote host closed the connection]
13:48<tjfontaine>I mean I can make you disappear, but that's not my point
13:48<verheesj>1 sec
13:49<verheesj>i been allowed back for like a week now :)
13:49<@mikegrb>that was likely on accident
13:49<verheesj>I appologise to you too btw
13:49<verheesj>mikegrb: huh?
13:50<verheesj>erm can someone tell me how i reinstall my linode?
13:50-!-Napta [] has quit [Quit: Changing server]
13:50<tjfontaine>verheesj: delete your diskimages and profiles, then you can use the deploy wizard
13:50<@caker>click on linode, shut down, check the delete checkboxes, click delete. Then redeploy another linux distro
13:50<verheesj>i dont think its shutting down
13:51<verheesj>oh it is
13:51<verheesj>forgot its queue
13:52<verheesj>wooo heres we go :D
13:52-!-tk8 [] has quit [Read error: Operation timed out]
13:54<verheesj>I stopped smoking :D
13:54<verheesj>How awesome?!
13:54<verheesj>its my 16th day today :D
13:54<verheesj>Why, thank you xD
13:55*verheesj needs to restart my pc :(
13:55-!-verheesj [] has quit []
13:55<phennessy>don't eat pistachios instead
13:59-!-zobbbo [] has joined #linode
13:59<jackc>i win
14:00<jackc>my girlfriend is always like 'do something with meeee' and im like 'im not your babysitter'
14:00<jackc>so i made her a blag
14:00<jackc>and we planted some plants
14:00<jackc>so she takes pics and blags about them, and leaves me alone :-)
14:00<repnop>so what happens when she puts the pic of her new boyfriend on the blag :p
14:00<jackc>well if he's a plant i wont notice
14:00<emag>you buy some bacon lube then...
14:02<jackc>Rachael: THE LETTUCE IS GROWING!!!!
14:03<SelfishMan>Are API keys tied to the user with their permissions?
14:04-!-cgreco [] has joined #linode
14:04<@irgeek>SelfishMan: I believe so.
14:05-!-JshWright [] has joined #linode
14:08-!-tk8 [] has joined #linode
14:09-!-descender [] has joined #linode
14:14<tjfontaine>SelfishMan: iow if it's not please say so :)
14:15<SelfishMan>I'll be testing that later while I write this app
14:19-!-seangrove [] has joined #linode
14:20-!-djweezy [] has joined #linode
14:21-!-djweezy [] has left #linode []
14:21-!-djweezy [] has joined #linode
14:22<djweezy>caker, why did my linode restart?
14:23<@caker>djweezy: someone shut it down from inside your Linode
14:24<@caker>and then Lassie booted it back up
14:24<djweezy>caker: no one has an account but me, and its not a cronjob
14:24<@mikegrb>then maybe it crashed
14:24<@mikegrb>unless caker already looked at the console log
14:24<@caker>no, it was a shut down
14:24<@caker>-rw-r--r-- 1 root root 12293 2009-04-02 11:56 /linodes/djweezy/screenlog.last
14:24<@caker>INIT: Switching to runlevel: 0
14:24<@caker>System halted.
14:25<Battousai>ut ohs
14:27<SelfishMan>Hobo free!
14:27-!-jcn [] has quit [Read error: Operation timed out]
14:33<djweezy>Apr 2 10:53:53 medusa su[7125]: Successful su for root by djweezy
14:33<djweezy>Apr 2 10:53:53 medusa su[7125]: + pts/0 djweezy:root
14:33<djweezy>Apr 2 10:53:54 medusa su[7125]: pam_unix(su:session): session opened for user root by djweezy(uid=1000)
14:33<djweezy>Apr 2 10:54:01 medusa shutdown[7131]: shutting down for system halt
14:33<djweezy>Apr 2 10:54:01 medusa cron[7134]: (root) CMD (/usr/local/ddos/ >/dev/null 2>&1)
14:33<djweezy>Apr 2 10:54:03 medusa init: Switching to runlevel: 0
14:34<djweezy>i wonder, that is about the time i shutdown my laptop and nothing happened
14:34<djweezy>wonder if the command went to the wrong terminal
14:34<mwalling>14:33 < djweezy> Apr 2 10:54:01 medusa cron[7134]: (root) CMD (/usr/local/ddos/ >/dev/null 2>&1)
14:34<djweezy>what about it?
14:34<mwalling>/usr/local/ddos/ ?
14:34<djweezy>its a ddos prevention script
14:34<@caker>what does it do?
14:34*fred takes mwalling away from the "delete account" button
14:34<djweezy>drops packets from people who have too many simultaneous conections to my linode
14:35<mwalling>fred: i wish i had that button :P
14:35<repnop>the only way i know to stop a ddos is to let them win ;)
14:35<djweezy>mostly, this helps a little
14:37-!-kupesoft [] has quit [Remote host closed the connection]
14:37<@irgeek>Dropping packets doesn't stop them arriving at your interface and cloggin' yer tubez
14:38<djweezy>but it doesnt hurt
14:38<phennessy>well, the clog linode's tubes, mine are just virtual :)
14:39<@irgeek>They won't seem so virtual when you go over your BW quota. :)
14:39*scott ties irgeek's tubes
14:39-!-ph [~ph^] has joined #linode
14:41-!-ph^ [~ph^] has joined #linode
14:41-!-djweezy [] has left #linode []
14:42<tjfontaine>buh bye
14:42<@caker>it's always my fault :(
14:43-!-ph^ [~ph^] has quit [Remote host closed the connection]
14:43<rsdehart>poor caker
14:43<rsdehart>it's lonely at the top
14:46-!-agentbleubleu [] has left #linode []
14:51<tjfontaine>it's not easy being^rolling_in_the green
14:52<tjfontaine>damnit ^W
14:52*linbot points at b4 and laffs
14:52*tjfontaine puts
14:52<tjfontaine>damn, puts
14:52<tjfontaine>clearly my o key is broken
14:52<tjfontaine>there, FAODIAF
14:53*caker adds a new category to the forums
14:54<jackc>whats it called
14:55<linbot>SelfishMan: Yo momma's so stupid, she managed to MySQL inject an HTML form with no action property.
14:55<tjfontaine>Backup Service Beta
14:55<tjfontaine>Details forthcoming!
15:01<JshWright>forthcome me!
15:01<linbot>New news from forums: How-to: Install drbd as a kernel module in Linux Tips, Tricks, Tutorials <>
15:01-!-N1JER [~N1JER@] has quit [Quit: N1JER]
15:06-!-N1JER [~N1JER@] has joined #linode
15:14-!-tk8 [] has quit [Ping timeout: 480 seconds]
15:15-!-zefster [] has quit [Quit: zefster]
15:18-!-zefster [] has joined #linode
15:23-!-freedumMan [] has quit [Ping timeout: 480 seconds]
15:24-!-SNy [] has quit [Ping timeout: 480 seconds]
15:28-!-xyz [~chatzilla@] has joined #linode
15:29-!-azaghal_ [~azaghal@] has quit [Ping timeout: 480 seconds]
15:31-!-azaghal [] has joined #linode
15:32-!-freedumMan [] has joined #linode
15:43-!-jwilliamhoffman_ [~jwilliamh@] has joined #linode
15:45-!-jwilliamhoffman [~jwilliamh@] has quit [Ping timeout: 480 seconds]
15:47<straterra>Uh oh
15:47<straterra>I'm uring 988 out of 1080 megs of memory
15:48<mwalling>how the hell?
15:48<straterra>Running lots of stuff
15:49<@caker>mmmm, 10000 GB
15:49<straterra>apache seems to be a lot
15:50<linbot>New news from forums: RFT: Kernels 2.6.29-linode18 and 2.6.29-x86_64-linode6 in General Discussion <>
15:52<straterra>apache has like a billion processes
15:52<HoopyCat>2.6.29-linode18! my god, if caker weren't idle right now i'd kick him square in the nuts
15:53<straterra>How can I tell apache what worker to use?
15:54<@caker>straterra: usually by installing a different apache
15:54<@irgeek>apt-cache search mpm
15:54<@caker>apt-cache search apache2-mpm .. yeah
15:54<straterra>Not using ubuntu o.O
15:55<straterra>heh..I'd rather die
15:55<@irgeek>yum search mp
15:55<straterra>Not using fedora/cent either :P
15:55<straterra>I found it lol
15:55<@irgeek>emerge search mpm
15:56-!-N1JER_ [~N1JER@] has joined #linode
15:56-!-N1JER [~N1JER@] has quit [Read error: Connection reset by peer]
15:57<straterra>I need a better linode :/
15:57<mwalling>straterra: what the hell are you running?
15:58<straterra>you name..I'm likely running it
15:58<straterra>like 4 shoutcast servers, ftp, squid, postfix, snort..
15:58<straterra>a CS:S game server
15:59<straterra>Some stuff I bet I forgot
16:00*mwalling found that he wasnt using alot of the apache features and switched to lighty
16:00<repnop>no nginx? :p
16:00<straterra>Oh yeah, zebra too
16:00<straterra>and ipv6 routing/filtering/broadcast stuff
16:00<Bdragon>not quagga?
16:00<straterra>and like 3 openvpn servers
16:00<mwalling>ASP.Net MVC is OSS now
16:00<repnop>i have apache httpd proxying mostly for tomcat...thinking of getting rid of it haha
16:01-!-vixx [] has joined #linode
16:01<straterra>I just fired up 4 instances of snort..and my memory went like woah
16:01*N1JER_ rights lighty as well..
16:01*N1JER_ runs, rather
16:01<Bdragon>Yeah, I run lighty too
16:04-!-linville [] has quit [Quit: Leaving]
16:05<Bdragon>anyone know how to get nut to cooperate with a Back-UPS XS 1500 LCD over usb in netbsd 4? Recompiled the kernel to force ugen on the port, still no worky...
16:05<schmichael>wow, i actually know what "nut" is but that sentence still sounds completely foreign to me
16:06<Bdragon>The device confuses the crap out of netbsd, it thinks it's like 60 devices or something :P
16:06<Bdragon>60 hid devices...
16:06<phennessy>my coworker would love that sentence
16:06<HoopyCat>i just looked at nut for the first time yesterday; my goal is "have the computer turn off if the UPS is about to die, and perhaps give me a nifty little 'everything's OK!' indication somewhere" and it seems... that's tough to get.
16:06<@irgeek>Did you twiddle the frobulator? I think it needs to be twaddled three times to the left too.
16:06<Bdragon>I got a serial cable in the mail
16:06<schmichael>serial cables ftw
16:06<Bdragon>I could just say fuck it and genericups the thing
16:07<Bdragon>but I kinda want to know more status than HAS POWER? BATTERY LOW?
16:07<schmichael>hell, all i ever want is HAS POWER
16:07<Bdragon>Thinking of setting up a linux box to be master
16:07<schmichael>if not, start shutdown in like 5 minutes
16:07<Bdragon>more likely to work
16:08<Bdragon>I have more than one machine on it, so they gotta cooperate
16:08-!-SNy [] has joined #linode
16:08<phennessy>we've only used serial for our ups
16:08<Bdragon>kinda got this little isolation thing going on, a little switch and two boxes...
16:08<phennessy>and serial to usb dohickies
16:09<Bdragon>Ha, I have three serial ports available
16:09<phennessy>actually all the new stuff has the APC management cards
16:10<Bdragon>Yeah, but I'm using consumer grade stuff, it's my home network
16:11<Bdragon>nut supposedly supports the device, it's just something's going wonky between the hardware and the daemon...
16:11<Bdragon>mumble libusb on bsd mumble
16:11<linbot>New news from forums: Wordpress MU, Apache & Domain Resolution in Linux, Apache, Mysql and PHP (LAMP) Forum <>
16:12-!-eld101 [] has quit [Read error: Operation timed out]
16:16-!-verheesj [] has joined #linode
16:16<verheesj>OI OI
16:16<verheesj>ohai thar
16:16-!-eld101 [] has joined #linode
16:16<verheesj>anyone watch eastenders tonight :'( lul
16:16<straterra>Hmm..nessus is showing lot of http port scans leaving my box
16:17-!-daMaestro [] has joined #linode
16:17<SelfishMan>When did nessus add support for monitoring traffic? I remember it always being a security scanner
16:17<straterra>Might be my proxy
16:17<straterra>err, not nessus...snort
16:18*morsing puts 10GB Linode disk space on Ebay
16:18<verheesj>how do i search for programs using app-get
16:18<Karrde>apt-cache search
16:19<verheesj>i did that, it dont do anythings :(
16:19<SelfishMan>Oh, snort. BIND used to show a lot of "portscan" type behavior but after port randomization it shouldn't anymore
16:19<verheesj>li44-98:/# apt-cache search lighthttpd
16:19<SelfishMan>FTP maybe?
16:19<Peng__>verheesj: It's lighttpd, not lighthttpd.
16:21<verheesj>ok i found it
16:21<verheesj>but one issue
16:21<verheesj>what command do i need to do to install it?
16:21<Karrde>apt-get install lighttpd
16:21<phennessy>verheesj: ^
16:21<verheesj>its debian
16:21<phennessy>it'll still work
16:22<Karrde>Ubuntu is 95% Debian
16:22<phennessy>at least for what you're trying to do
16:22<@irgeek>The other 5% is pure awesome
16:23<phennessy>the other 5% is updated packages and a timely release schedule
16:23<verheesj>tis workin' need to install php and mysql now :D
16:26-!-vixx [] has quit [Remote host closed the connection]
16:26-!-N1JER_ [~N1JER@] has quit [Quit: N1JER_]
16:28-!-zobbbo [] has quit [Quit: zobbbo]
16:29-!-N1JER [~N1JER@] has joined #linode
16:29-!-N1JER [~N1JER@] has quit []
16:34<JoeK>how can i find out how much programs are using ram ?
16:34<JoeK>badly worded
16:35<JoeK>im using 98% of ram, and i want to see whats using all the ram up
16:35<mwalling>ps, top, htop
16:35<bob2>free -m
16:35<mwalling>also 98% of what?
16:35<bob2>pay particular attention to the 2nd and 3rd lines
16:35<JoeK>system ram
16:35<bob2>most likely it is mostly used by cache and buffers
16:36<bob2> = good
16:36<JoeK>47 is be buffers
16:36<JoeK>49 is apps
16:36-!-freedumMan [] has quit [Ping timeout: 480 seconds]
16:37<JoeK>seems to be at the top of "top"
16:37<JoeK>using 4% of memory
16:37<bob2>pastbin the output of free
16:37<@caker>more words, less newlines, please
16:37<bob2>and run top, hit F n, then pastebin the first 20 lines of that
16:37-!-aaronyy [] has joined #linode
16:38<morsing>irgeek: How are my processer slices allocated?
16:38<JoeK>i hit f and do i pastebin that?
16:38-!-Athenon [] has joined #linode
16:39<bob2>morsing: 4
16:39<bob2>hit F, then n
16:39<@irgeek>morsing: Um, wut?
16:39<bob2>assuming you have a useful recent top
16:39<Peng__>morsing: You have access to 4 cores. Obviously every user can't use them all at the same time, but the scheduler should keep it fair.
16:39<bob2>morsing: cat /proc/cpuinfo - you share 4 cores
16:39<morsing>bob2: ?
16:40<@irgeek>But there are eight on the host so you only share those four with half the host.
16:40<morsing>I assume I don't *actually* have the four processors listed in my system?
16:40<@irgeek>Yes, you do.
16:40<@irgeek>cat /proc/cpuinfo
16:41<bob2>you have access to them, but you're sharing them
16:41<bob2>are they four cores of one cpu, or arbitrary?
16:41<@caker>they are not pinned
16:41<morsing>Peng__: Ok, that's what I was after. So Xen still can't have fixed CPU allocation or what?
16:41<bob2>JoeK: so you have like 190MB unused
16:41<HoopyCat>bob2: arbitrary and fairly dynamic
16:41<morsing>irgeek: I don't then, they're shared
16:41<JoeK>bob2: why is phpsysinfo asaying im using 350?
16:42<bob2>JoeK: who knows
16:42<JoeK>also: free -m shows different
16:42<bob2>JoeK: 3rd line is the import ant one
16:42<mwalling>morsing: linode puts n linodes on a host, all equally weighted. each host is 8 cores. each linode sees 4 cores. you do the math
16:42<JoeK>it shows 189 free on line 3
16:42<JoeK>so yea ..
16:42<@irgeek>morsing: I'm confused what you're asking. You asked if all four were listed. They are: cat /proc/cpuinfo
16:42<mwalling>(where n is stated in the faq)
16:42<bob2>JoeK: so, in short, ignroe phpinfo
16:43<morsing>mwalling: Without knowing n I can't do the math
16:43<linbot>mwalling: "faq" could be
16:43<linbot>Karrde: "faq" could be
16:43<mwalling>morsing: 16:42 < mwalling> (where n is stated in the faq)
16:43<morsing>irgeek: I asked if I owned all four. I assume not so I'm asking what my slice is of each
16:43<HoopyCat>morsing: if there were 40 linode 360s on a box, and they all required equal CPU allocations at a given time, each would get an equal share (which'd be 1/40th of the host CPU). in reality, this never happens.
16:43<bob2>is n newly revealed?
16:44<@caker>bob2: no
16:44<aaronyy>morsing: it's burstable, so if no one else use them, you use all the cpu time
16:44<HoopyCat>bob2: n is a linodiversal constant
16:44<morsing>So one system can hog all the CPU then? It's not fixed what you get?
16:44<morsing>aaronyy: Ok
16:44<@irgeek>morsing: No.
16:45<phennessy>one vm only can access 4 cores, so the other 4 aren't hogged
16:45<@irgeek>If all the Linodes on a host want all the CPU they can get at the same time, they each get an equal portion.
16:45<morsing>I need to play around with XEN
16:45<@irgeek>If the CPUs are idle and your Linode wants 400%, it gets it.
16:46<@caker>if two Linodes want 400%, they both get it
16:46<@caker>because: we haz mowr cowr
16:46<@irgeek>If four Linodes want 400% they each get 200%
16:46-!-kupesoft [] has joined #linode
16:47<@irgeek>That much load on a host, though, happens approximately never.
16:47<@caker>if eight Linodes need to chuck wood, they each get 100%
16:47-!-JshWright [] has left #linode []
16:47*encode fires up his wood chiuking script
16:48<morsing>So my minimum CPU available would be...?
16:48<mwalling>irgeek: uh...
16:48<@irgeek>(I think)
16:48<mwalling>morsing: 1/(n/2)
16:49<phennessy>one million dollars!
16:49<mwalling>uh, what?
16:50<mwalling>actually... is it 4/(n/2) ?
16:50<morsing>Odd question here but will my CPUs always be identical speeds across?
16:50<HoopyCat>well, if you look at the linode 14400 where n = 1, you'd expect the answer to be 400%
16:50<Peng__>morsing: What do you mean?
16:51<HoopyCat>well, you'd expect it to be 800%, but we're assuming a four-visible-cores scenario
16:51<@irgeek>HoopyCat: 800 there.
16:51<@irgeek>Whole-host Linodes get all 8 cores.
16:51<morsing>Peng__: I have four CPUs listed, they could be diffiring capacity depending on which one the other nodes are using
16:51<HoopyCat>irgeek: i know, but i'm trying to keep the math simple :-)
16:51<mwalling>morsing: 16:41 <@caker> they are not pinned
16:52<HoopyCat>morsing: what your kernel thinks is "CPU0" may not be the same CPU0 it was the last time it thought about CPU0
16:52<@irgeek>morsing: Xen tries the spread the load out evenly so most of the times they will be approximately the same.
16:52<phennessy>if one linode leaves NYC at 8am..
16:52<@caker>traveling at 2.5Ghz
16:52<mwalling>and another leaves LAX at 8am
16:52<mwalling>(local time)
16:52<morsing>Ahh... so the four logical CPUs shoud have approx the same speed?
16:52<morsing>irgeek: Thanks
16:53<@caker>morsing: it depends on what others on your host are doing -- if they're spilling over into your max-potential CPU time .. make sense?
16:53<@caker>but yeah .. xen will balance everyone out
16:53<phennessy>i'd hope that multiple cores on a CPU would match speeds
16:53-!-morficus [] has quit [Read error: Operation timed out]
16:54<phennessy>well, the clock speeds are the same for all cores anyway
16:54<mwalling>a single thread can never use more then 100% of the cpu anyway... so its not like you'll have to worry about having 102.3%
16:54-!-MarkJ [~mark@] has quit [Quit: Lost terminal]
16:55<HoopyCat>morsing: all the physical cores are, by necessity, matched (SMP gets cranky if your MPs aren't S). all the virtual cores should average out to approx. equal, but that's merely done with hypervisor handwaving and a first approximation of the virtualized environment :-)
16:55-!-ember [] has quit [Read error: Connection reset by peer]
16:56-!-kupesoft [] has quit [Quit: Wouldn't you like to know what client I'm using?]
16:56<mwalling>you're overcomplicating a rare and worst case scenario
16:56<mwalling>i've hit 400% more then once
16:56*SelfishMan tries to figure out how to cram four more drives in a 1U chassis
16:56<mwalling>SelfishMan: duct tape
16:56<HoopyCat>SelfishMan: remove the motherboard
16:56<morsing>Is there anyway I can tell what my available CPU capacity is at any given time?
16:56<phennessy>laptop drives
16:57<SelfishMan>mwalling: I think I can put two of them where the PCI slots are but then I can't fit the other two anywhere
16:57<mwalling>morsing: "Host Load" on the dashboard.
16:57<HoopyCat>morsing: sure. use all of your available CPU capacity; measure how much you're using.
16:57<SelfishMan>phennessy: 4TB 2.5" drives aren't available to me
16:57<Peng__>morsing: Um, start up four threads doing "while (true) {}" and see how much you get. :D
16:57*SelfishMan heats up the hot glue gun
16:57<morsing>Peng__: That's what I figured
16:57-!-Element [] has joined #linode
16:57<phennessy>won't the hot drives melt the glue?
16:58<Element>does anyone know why bind uses a random ip to transfer/fetch zone files from the master instead of the ip it is bound to ?
16:58<SelfishMan>Element: Sounds like you have a setting configured wrong or missing
16:58<Peng__>morsing: There really isn't any better way to do it. If you suddenly started using a lot of CPU, the scheduler would allocate things differently.
16:59<SelfishMan>look at query-source(?)
16:59<morsing>I have to go to bed now but have more questions for tomorrow :) Thanks all
16:59<HoopyCat>morsing: CPU resource management is down in the picosecond range... if it's available right now, it might not be available in a few moments
16:59<Peng__>morsing: If all 800% is being used by other users, the available percentage would be 0%, but if you actually used some CPU, it would allocate you some.
16:59<HoopyCat>morsing: or vice versa
17:00<SelfishMan>that's the one. Transfer source, not query-source (although that should probably be set too)
17:00<HoopyCat>anyway, off to a function at which dinner will be served and Real Pants need to be Worn. bbl!
17:02<Peng__>HoopyCat: They don't *need* to be worn.
17:04-!-zefster [] has quit [Quit: zefster]
17:05<@irgeek>morsing: Why do you need to know how much you could burst to at any given time?
17:06-!-ember [] has joined #linode
17:11<kronos003>anyone in here use gallery2?
17:11<@irgeek>Not since before the 2 was appended.
17:12<kronos003>i cant seem to find the hardcore permissions controls i rember from the last time i used it
17:12<kronos003>G2 is bulk pkg - is there anything better for what it does?
17:12*laser` is subscribed to Flickr :P
17:13<kronos003>whats the story on flickr
17:14<mwalling>theres a story?
17:14*mwalling uses flickr and picasa
17:14<kronos003>costs, issues - etc
17:14*phennessy used to use picasa and uses facebook now
17:15-!-orudie [] has quit [Quit: Leaving]
17:17-!-pmw [] has joined #linode
17:17-!-shakr [] has quit [Quit: Leaving]
17:17-!-kethry [~kethry@] has quit [Remote host closed the connection]
17:17-!-kethry [~kethry@] has joined #linode
17:17-!-ph [~ph^] has quit [Remote host closed the connection]
17:19<kronos003>irgeek: have you had a look at Gallery3 - i havent quite figured out how its suppossed to be better than G2 - wonder if there is a comparison somewhere - still in alpha, but might be interesting once it is officially released
17:19<@irgeek>Nope. I haven't looked at it in years.
17:19-!-kethry [~kethry@] has quit [Remote host closed the connection]
17:22-!-metaperl [] has quit [Ping timeout: 480 seconds]
17:22-!-kethry [~kethry@] has joined #linode
17:24-!-mendel [~rich@] has quit [Quit: mendel]
17:34<Internat>you all suck
17:34-!-aaronyy [] has quit [Quit: ajax IRC Client]
17:34<Internat>i mean Hi:)
17:36<encode>oh hai
17:36-!-shakr [] has joined #linode
17:38-!-Redgore [] has quit [Quit: Peace and Protection 4.22.2]
17:39-!-jwilliamhoffman_ [~jwilliamh@] has quit [Ping timeout: 480 seconds]
17:43-!-lakin [] has quit [Quit: Ex-Chat]
17:44-!-metaperl [] has joined #linode
17:51-!-SNy_ [] has joined #linode
17:51-!-SNy is now known as Guest1285
17:51-!-SNy_ is now known as SNy
17:52-!-Guest1285 [] has quit [Read error: Connection reset by peer]
17:59-!-railsninja [] has joined #linode
18:02-!-Vesperto [] has joined #linode
18:03<Vesperto>Greetings. Any heads-ups as far as configuring firewalls goes? I know i risk bloking my ssh-connection out, hence the question.
18:03<linbot>caker: "lish" could be allows you to perform certain actions without having to log into the LPM. Lish's primary function is to allow you access to your server's console, even if networking is disabled.
18:04-!-N1JER [~N1JER@] has joined #linode
18:05<Vesperto>Cute. Is it bash? Or will i have to fiddle around on my local box 'till i get a satisfying setup?
18:05<mwalling>Vesperto: its a serial console
18:05<jed>Vesperto: it's just serial, you get whatever shell you have set up
18:05<mwalling>Vesperto: its just like connecting to a tty with a serial cable on your lab bench
18:06-!-supine [] has joined #linode
18:06<Vesperto>mwalling: that's on my to-do list, not has-done list ;) but i'll check lish out.
18:07<jed>when I use lish I get an image of standing in the datacenter with the little laptop that slides out
18:07<Vesperto>Btw, has anyone seen this type of probing: What should be a reasonable course of action, besides bloking that ip at the firewall?
18:07<jed>patched into my linode
18:07<jed>and I can actually hear the fans of the datacenter while I'm using lish
18:07<jed>which is incredibly, incredibly nerdy
18:07<Vesperto>jed: who's your dealer? ;)
18:08-!-J-Node [] has joined #linode
18:08<jed>i don't snitch on my dealers :)
18:08<mwalling>Vesperto: welcome to the internet
18:08*linbot grows his own
18:09<Vesperto>Any other suggestions?
18:09<Element>I'm not really too sure how dns servers work but can someone explain why for example I make a new entry on my master server and do /etc/init.d/bind9 restart when I check /var/log/syslogd it says it's notifying the slave. I check /var/log/syslogd on the slave and it says the records are all up to date and it ignore the change I made to a zone on the master
18:09<mwalling>Vesperto: you could run something like fail2ban, etc... but all they really do is make your log files pretty
18:10-!-MarkJ [] has joined #linode
18:11<SelfishMan>Element: Are you incrementing the zone serial number?
18:11-!-ember [] has quit [Ping timeout: 480 seconds]
18:11<Vesperto>That's the concept i mentioned: blocking those IPs at fw level... i can make them pretty on my own but that's not really a priority. It's the inner beauty i tell ya.
18:12<Element>SelfishMan: no
18:13<SelfishMan>Element: That's why. The zone serial is how it knows a zone has changed.
18:13<Element>SelfishMan: so everytime I make a change on the master, I have to change the serial of the zone so the slave will update?
18:13<condate>of course
18:14<SelfishMan>and it must increment, not decrement
18:14<mwalling>Vesperto: fail2ban blocks after n matches from a given ip... if theres 50 or more ips, they've got 50*n attempts to get in. it doesnt really add security except against a unmotivated skiddy
18:14<Element>Someone told me I have to wait until the TTL of the zone expires before the slave will download again from the master
18:14<mwalling>not true
18:14<mwalling>sometimes true :/
18:14<Vesperto>mwalling: i like to look at the looks myself, i'd rather do that manually.
18:15<SelfishMan>Element: That is technically true but to make the zone update you increment the serial. Otherwise there are a lot of people that would be pissed about waiting a week for *any* change to the zone.
18:15<mwalling>most masters will send out a notify when it sees a new serial, and most slaves will pull the zone again upon a notify
18:15<SelfishMan>mwalling: You have that a little backwards
18:15<mwalling>SelfishMan: i'm tired
18:15-!-DephNet[Paul] [] has quit [Read error: Connection timed out]
18:15<mwalling>i need booze
18:16<jed>the reason SelfishMan is indicating the "wait a week" is because that's default time that most slaves would consider their data "stale" after
18:16<jed>and ignore the serial
18:16<SelfishMan>The masters will send a notify when the zone is reloaded and the slaves compare the new serial to the old and grab a new copy if the serial has incremented
18:17-!-Syrogen [] has joined #linode
18:18<Syrogen>did anyone host fb apps on 360?
18:18<SelfishMan>people have in the past
18:18<straterra>facebook apps on the xbox 360?
18:19<Toba_>Syrogen: I do
18:19<Toba_>it works fine
18:19<SelfishMan>I hear facebook is hosted on a Linode16k
18:19<Syrogen>not a xbox -___-
18:19<Syrogen>Toba, how many DAU u have? and the setup?
18:19<Toba_>SelfishMan: not so
18:20<Toba_>Syrogen: canvas, just about 0 as i'm still developing it.
18:20<Toba_>canvas/php api/apache
18:20*SelfishMan watches the joke fly right over Toba_'s head
18:20-!-morficus [] has joined #linode
18:20<Toba_>SelfishMan: the joke was dumb so I disregarded it
18:20<MarkJ>and it's not even april 1 any more
18:20<Toba_>hi morf
18:20<Toba_>did you get or are you getting a linode?
18:20<linbot>SelfishMan: Yo momma's so outta this world she's yo daddy too.
18:20<Syrogen>im getting
18:20<Syrogen>but i know nuts about linux
18:21<Toba_>then you should probably rtfm
18:21<Syrogen>what distro u on?
18:21<Syrogen>cos i hardly find any post about fb apps on forum
18:21-!-ember [] has joined #linode
18:22-!-yejun0 [] has joined #linode
18:22<Element>so if my serial is 1233846658. I'd just change it to 1233846659 then ?
18:22<SelfishMan>Element: sure
18:23<jed>or 1234567890
18:23<Syrogen>SelfishMan, u said other did in the past, what about now?
18:23<SelfishMan>Many people use the data in the format YYYYMMDD##
18:23<SelfishMan>Syrogen: I don't know about now, I just know people have and still may
18:23<jed>i've never had to worry about serials, will it fit a timestamp?
18:23<jed>if it does, that'd be my first inclination, just drop a UNIX timestamp in there
18:24<Syrogen>should i try vmware on my comp b4 getting?
18:24<SelfishMan>jed: timestamps work. Exact same limit and format
18:26*caker this Linode is easier than setting up vmwhatever
18:26<tjfontaine>and he's right
18:26<@caker>that too.
18:26<tjfontaine>though maybe slightly bias ;)
18:26<@caker>... I'm also a user!
18:27*jed CLICK
18:27*SelfishMan buys it
18:27<jed>i'm already halfway through the form
18:27<jed>wait a second
18:27<jed> Deleted And Available Again
18:27*jed eyes caker
18:28<StevenK> ?
18:28*SelfishMan clicks "Buy now" for
18:29-!-jtaji [] has quit [Remote host closed the connection]
18:29<jed> Deleted And Available Again
18:29*jed rubs chin
18:30<@caker>more like stupid
18:31*phennessy thinks a youtube staring contest is lame
18:31<phennessy>but it is youtube..
18:31<SelfishMan>phennessy: you're just mad because she beats you every time
18:35-!-yejun0 [] has quit [Remote host closed the connection]
18:36<SelfishMan>caker: Is the backuping beta full yet?
18:36<@caker>SelfishMan: where is your Linode?
18:36<SelfishMan>Newark, Fremont and Dallas
18:36<@caker>technically, it was in alpha .. on its own stack
18:37<@caker>but within the next day or so it's going public beta in Newark
18:37<Peng__>Bah, lucky Newark users.
18:37<@caker>I just performed the first backup in Newark :)
18:37<jed>can't beta it in fremont?
18:37<jed>or all 4, for that matter?
18:38<SelfishMan>Any chance I can still get in on it in Newark? Linode ID is 10810
18:38<Peng__>caker: Congrats on getting it this far along. :)
18:38<@caker>SelfishMan: look for an announcement soonish
18:38<@caker>Peng__: thanks :)
18:38<SelfishMan>sounds good
18:40<MarkJ>cool, I'm in Newark too (and Dallas)
18:41<MarkJ>good to hear backup's up and running okay then :)
18:43-!-yejun0 [] has joined #linode
18:43<laser`>What's the back up offer?
18:44<laser`>Just space, or something fancier?
18:44<@caker>one button. done.
18:44<laser`>I already do a nightly rsync of our Linode to the our office, so I guess there's nothing to be added really?
18:44<laser`>Apart from them running a bit quicker/not counting against bandwidth, I guess
18:45<SelfishMan>Time for some barely legal scotch
18:47-!-jcn [] has joined #linode
18:48<jed>caker: additional charge, I'm assuming?
18:49<iggy>couple years younger and scott would be down
18:49<jed>i would further assume that you may not have settled on a price?
18:51<Vesperto>Are those backups free with no fee?
18:51-!-jtaji [] has joined #linode
18:52<@caker>it's an add-on service. $5/mo for a Linode 360, $10/mo for a Linode 720, $20/mo for a Linode 1440, etc
18:53-!-N1JER [~N1JER@] has quit [Quit: N1JER]
18:53<@caker>4 backup slots. Daily, one that is 2-7 days old, one that is 8-14 days old, and a user definable snapshot
18:54<groulder>i'll give you $2
18:54<groulder>that's my final offer
18:54<jed>wow, nice
18:54<Peng__>I'll mail you a slice of old pizza... :D
18:54<jed>how would the interval between 2-7/8-14 be worked out
18:54<jed>is it random?
18:54<@caker>you decide which day and what time those weeklies rotate out
18:54<jed>ah, nice
18:54<Peng__>caker: Sounds very nice. :)
18:55<jed>does that beat S3 pricepoint wise?
18:55<jed>i'm assuming so, for that amount of traffic
18:55<bob2>jed: not unless you would otherwise run out of linode bw
18:55<bob2>jed: but you'd also need to do a lot more work
18:55<jed>there is a convenience factor included
18:56<@caker>this is 100% integrated into the LPM.
18:56<@caker>once you enable it, you're done.
18:56<@caker>it Just Works
18:56<jed>restoring one click, too?
18:56*mwalling ducks
18:56<@caker>jed: yes
18:56<jed>i'm sold
18:56<jed>roll it out baby
18:56<Peng__>Until some disks crash on the NAS machine and it spends 3 weeks fscking... :D
18:56<@caker>can restore to any of your existing Linodes that have enough unallocated space
18:56-!-streety [] has quit [Ping timeout: 480 seconds]
18:56<jed>oh, it's per-image?
18:56<jed>not like a flat dump of your entire space?
18:56<@caker>Peng__: it's not NAS backed :) It's sekrit sauce to be announced later
18:57-!-metaperl [] has quit [Read error: Operation timed out]
18:57<Peng__>caker: Snapshots?
18:57<jed>chinese kids with pencils
18:57<bob2>so, even though I told mwalling how to do this, any recommendations for migrating mail to a new imap server, aside from offlineimap?
18:58<mwalling>i wasnt going imap<->imap, i was going imap->local disk
18:58<@caker>oh, and the data is replicated across multiple backup storage nodes ... your backups are backed up :)
18:59<groulder>this all becomes too expensive for us non-american types
18:59<@caker>even with the weak dollar? :)
18:59<Peng__>caker: Awesome. :)
18:59<groulder>my linode 360 costs me $31 a month
18:59<bob2>still strong against the aud
19:00<bob2>should have bought two years when it was 0.95:1
19:00<jed>caker, you mentioned that you can restore to any linode with available space...that made me think that you're doing backups of images
19:00<jed>so there's no monetary advantage to, say, having a 2 GB image backed up only?
19:00<jed>are you just doing a whole 12 GB flat dump of the entire 360's space?
19:01<yejun0>it's file level backup
19:01<yejun0>not entire block
19:02-!-Kassah-lappy [~kassah@] has quit [Remote host closed the connection]
19:05-!-neorab [] has quit [Remote host closed the connection]
19:05<MarkJ>so is this going to be a new "Tab" on the Dashboard line?
19:05<MarkJ>view backups, schedules, etc?
19:05<MarkJ>sweet :)
19:06<Vesperto>Free for current members, right?
19:06<MarkJ>Line above had price
19:06<MarkJ>18:52 <@caker> it's an add-on service. $5/mo for a Linode 360, $10/mo for a Linode 720, $20/mo for a Linode 1440, etc
19:07<mwalling>yejun0: really? how'd you find that out?
19:08<MarkJ>Considering what we're getting for the service already I don't think that's an undue cost
19:08<yejun0>irgeek said b4
19:08<bd_>caker: How does pricing work out for extras? And for linodes grandfathered in from the old yearly payment disk space bonus?
19:08<MarkJ>esp if we want to keep linode in business :)
19:08<SelfishMan>bob2: imapsync
19:09-!-JshWright [] has joined #linode
19:09<Vesperto>Yeah but it's free for current members.
19:10<bd_>Vesperto: Is it?
19:10<condate>imapsync is awesome. and so are those backup prices (if thats whatthose are. i should scroll up)
19:10<bd_>Source please :)
19:10<encode>i've used imapsync before
19:10<Vesperto>bd_: my willpower.
19:10<condate>sauce please.
19:10<encode>it works reasonably well, although i've managed to end up with duplicate mails sometimes, somehow
19:11<SelfishMan>I've used imapsync hundreds of times to migrate systems for single users and even ISPs
19:11<bob2>asedeno: is that any better than offlineimap?
19:11<bob2>er, SelfishMan
19:11<condate>encode me too, found some weird regex that helped (with syncing to gmail)
19:11<bob2>and does it maintain uids for mail?
19:11<yejun0>how imapsync works?
19:11<SelfishMan>bob2: Yes, it will maintain uids
19:11-!-JshWright [] has quit []
19:12<SelfishMan>wait, I think it does. Pretty sure it does. Maybe that was just a modified version
19:12*condate is imapsyncing right now actually.
19:12<bob2>hopefully won't break my offlineimap sync then
19:12<@irgeek>Vesperto: It's not free for existing customers.
19:12-!-dcrookston [] has joined #linode
19:12<SelfishMan>I've seamlessly migrated ISP customers without them noticing with the exception of the fact that the server was faster
19:13<Vesperto>irgeek: of course it is :) you just have to wish real hard
19:13<SelfishMan>I only had one version of outlook freak out
19:13<dcrookston>I've got a server with Gentoo on it, and the installation is apparently two years old
19:13<condate>SelfishMan: i wish i could get them to not notice in my current migration, but the usernames are gonna change :(
19:13<@irgeek>encode: You probably get the duplicate emails because different IMAP systems implement IDs differently. It's one of IMAPs weakest features.
19:13<bob2>dcrookston: condolences!
19:14<dcrookston>is there any way to update Gentoo without nuking my users, the home directory, etc.?
19:14<@caker>bd_: we eat it on those that have the bonus and extras
19:14<SelfishMan>condate: Using the full email address makes life much easier but some things like the old ISPconfig didn't support that
19:14<dcrookston>Or do I just have to back it up myself and then replace it?
19:14-!-mendel [] has joined #linode
19:14<bob2>isn't gentoo intended to be upgradable?
19:14<yejun0>emerge world should work
19:14<condate>SelfishMan yeah. im going from ldap usernames from OS X OpenDirectory, to Google Apps, so email address becomes username
19:14<bob2>I don't think anyone makes distributions anymore that are intended to require reinstalls
19:14<dcrookston>Well, it would be, but emerge is so old by now that the intermediate upgrades are gone
19:14<Edgeman>emerge --sync and emerge -u world maybe, read the handbook though
19:15*dcrookston has been on the #gentoo channel asking about it.
19:15<Edgeman>yea that gets rough.
19:15<bd_>caker: ah, okay.
19:15<Edgeman>if gentoo gets too far gone it's often easiest to just redo.
19:15*dcrookston nods.
19:15<bd_>caker: I trust there have been upgrades since the version on the alpha stack? :)
19:15<Edgeman>I'm sure it's possible to update it, but with a lot of manual futzing
19:16<dcrookston>Yeah, I'd rather not manually futz.
19:16<dcrookston>There is a manual upgrade but it's not pretty.
19:16<@irgeek>dcrookston: You can shrink your current Disk Image, deploy the new one then mount the old one inside it and copy over data.
19:17<@irgeek>Blowing away the portage tree makes its shrink especially well.
19:17<yejun0>mayge just manual unpack a stage3 and emerge?
19:17*dcrookston would be happy to nuke the portage tree - how do I do that?
19:17<@irgeek>rm -Rf /wherever/portage/is
19:17<yejun0>rm it, then unpack a snapshot
19:17<bd_>yejun0: emerge --sync will restore portage, I thought?
19:18-!-jwilliamhoffman [~jwilliamh@] has joined #linode
19:18<@irgeek>Yes it will.
19:18<yejun0>should be same
19:18<MarkJ>Vesperto: if you want free backups each month maybe you need to get more active with your referral keys ;-)
19:18<@irgeek>Blowing away portage isn't about upgrading. It makes the image shrink smaller to free up space for redeployment.
19:19<Vesperto>MarkJ: well noted :)
19:20-!-JshWright [] has joined #linode
19:20<@caker>bd_: there have been. But not the mounting one yet -- it's going in the next few days
19:20<@irgeek> is still having problems
19:21<MarkJ>So far I've only got two that should come good soon
19:21<SelfishMan> *is* a problem
19:21<dcrookston>What registrar do you guys use?
19:22*dcrookston is going to register a new domain soon.
19:22<dcrookston>Okay, /usr/portage is gone. How do I shrink the partition?
19:22<yejun0>i use and godaddy
19:22<dcrookston>image, whatever
19:22<Peng__>NameCheap is popular in this channel.
19:22<Peng__> comes in second, maybe?
19:22<bob2>namecheap and joker
19:22<yejun0>namecheap has no ipv6 glue
19:23<groulder>i use namescout for my domains. never had a problem with them.
19:23<jed>i inherited my domain from my last web host through enom
19:23<bob2>which is lame
19:23<jed>enom's UI is a Joke with a capital J
19:23<bob2>but they're otherwise pretty good
19:23<@irgeek>dcrookston: df -h; add about 200MB to the used size; shutdown; edit the Disk Image and enter that number for the new size.
19:23-!-Vesperto [] has quit [Quit: Vesperto]
19:24<@irgeek>Then wait.
19:24<dcrookston>The used size of /dev/udba right?
19:24<Peng__>dcrookston: If that's your main image.
19:25-!-tk8 [] has joined #linode
19:25<yejun0>it's easy just temporary increase size
19:25<@irgeek>dcrookston: That should be right. When you're done shrinking we can migrate you to Xen if you like. :)
19:25<yejun0>thrink will take very long
19:25<dcrookston>What's Xen?
19:26<@irgeek>Don't read the blog/forums/front page much, huh?
19:26<Peng__>dcrookston: The virtualization software used on older linodes is UML. Newer ones are on Xen.
19:26<dcrookston>I haven't even been to the linode page in a year and a half I don't think.
19:26<JshWright>blog/forums/front page... the internets...
19:26<Peng__>dcrookston: Xen gives you SMP support, better performance (right?) and several neat features you may or may not ever need.
19:26<@irgeek>UML = static kernel & 1 CPU; Xen = kernel you can load modules into & 4 CPUs
19:26<dcrookston>ok, sure
19:27<dcrookston>new stuff is fun
19:27<dcrookston>What kind of stuff might I want to load into my kernel?
19:27<@irgeek>Trust me, if you want Gentoo, you want Xen - make -j4
19:27<dcrookston>ESR's pop client? :p
19:28<@irgeek>I don't know. But it's not even an option on UML which is why you've probably not thought about it.
19:28-!-yejun0 [] has quit [Read error: Connection reset by peer]
19:28<dcrookston>I think the reason I haven't thought of it is more because I have no idea what I would want to put into my kernel if I could ;)
19:29<dcrookston>But I suspect that, now that it's an option, I will poke around with things and break something horribly.
19:29<dcrookston>Which is always a fun learning experience.
19:29-!-DephNet[Paul] [] has joined #linode
19:29<@irgeek>You could even run the Gentoo stock kernel.
19:29<@irgeek>Not that you'd want to...
19:29<dcrookston>Stock doesn't sound like much fun.
19:29<@caker>We (the -stable team) are announcing the release of the kernel.
19:30*JshWright want his .1!
19:32<dcrookston>There we go. I am now subscribed to the blog.
19:35<dcrookston>Okay, image is shrunken like a frightened turtle.
19:35<@irgeek>I love my new MacBook. I come home, switch on the TV, pull out the MacBook and goof around. At some point I realize "Oh crap, I've watched a couple of shows now. I probably need to plug in
19:36<dcrookston>Can you migrate me to Xen?
19:36<@irgeek>But no, I've still got two hours of battery time to go.
19:36<dcrookston>nice :)
19:36<@irgeek>Can you open a ticket real quick and I'll set it up.
19:36-!-aaronyy [] has joined #linode
19:36-!-wench [] has joined #linode
19:37<aaronyy>how do i shutdown service if i start it in rc.local?
19:37<dcrookston>can you find it in rc.d and issue a stop?
19:38<dcrookston>That works too.
19:38<@irgeek>dcrookston: Go!
19:38<dcrookston>Go where?
19:38<aaronyy>is there's a script I can put in, it will be execute when system shutdown?
19:38<@irgeek>Log out; log in; click button.
19:38<dcrookston>Click... remove? Edit?
19:39<@irgeek>You need to log out and log back in to get the button.
19:39<dcrookston>Log out and back into the linode dashboard, right?
19:40<@caker>clicking on the Linodes tab and then the linode itself will do the trick, too
19:40<@caker>just so that Linode's session gets reloaded
19:40<@irgeek>You'll see a box at the top that says you have a migration pending.
19:40<dcrookston>Ahh, there it is.
19:41<jsr->what percentage of people are still on UML?
19:41<dcrookston>And then I click boot right in the middle of the migration, right? RIGHT?!
19:42<aaronyy>hmm, ubuntu has no rc.local shutdown
19:42<@irgeek>Actually, you can. It will queue the job. But you may want to schedule your new deployment before the boot.
19:42<jed>someone really ought to sue the developers of every browser about this certificate hullabaloo
19:42<jed>creating a market by scaring the hell out of your visitors if you self-sign
19:43<jed>or if you use something like StartCom (FF3 has them built in, but IE8 snubbed them)
19:43<jed> fails in IE8 but succeeds in FF3
19:43<jed>because I didn't pay $30 for the cert
19:43*jed sighs
19:44<aaronyy>cert doesn't cost $30
19:44-!-metaperl [] has joined #linode
19:44<jed>for a verified it does
19:44<jed>and that's wordable as "for one that doesn't make the browser turn red and act like it's calling the police"
19:45<aaronyy>instantssl and rapidssl are around $10 from reseller
19:45<jed>their root CAs built into IE8?
19:45<aaronyy>i think so
19:45<aaronyy>i use instantssl
19:46<aaronyy>let me try it
19:46<jed>not in my copy if IE8
19:46<jed>i have AOL,
19:46<aaronyy>ie8 didn't complain my cert
19:46<@irgeek>jed: It's not entirely the browser's fault. They set the bar for having root certificates included, but the certificate companies set the prices.
19:47<dcrookston>Okay, migration is done it looks like. Now I need to make a new disk image to install the new Gentoo on, right?
19:47<aaronyy>i guess so
19:47<jed>irgeek: I think Joe User, when he comes across flashing red lights and Oh my god, get me out of here! almost verbatim will immediately surf away from the site
19:47<jed>when maybe all you want to accomplish is encrypting the traffic, not validating your identity
19:47<aaronyy>jed: if you register a new domain from namecheap, you can get a free 1 year ssl
19:47<@irgeek>dcrookston: There's a button to deploy in the bottom-right corner of the box with the profiles and images.
19:48*dcrookston nods.
19:48<jed>browsers took a big leap into the SSL market arena when they made "EV" certificates the "only true certificates"
19:48<jed>and declared self-signed "an obvious sign of phishing"
19:48<@irgeek>jed: If they didn't do that any yahoo could hijack paypal's DNS, self-sign a certificate and stealz teh moneeez
19:48<jed>which is a problem they created initially by putting that trusty padlock up there no matter what
19:49<aaronyy>godaddy's ssl is $12
19:49<aaronyy>i think godaddy's ssl are good everywhere
19:49<@irgeek>No browser has ever *not* complained about self-signed certs. Ever.
19:49<jed>which bums me out
19:49<jed>because they're putting "encrypted data" and "identity verified" in the same boat
19:50<@caker>[encrypted message]
19:50<aaronyy>jed:you can't insert your own root cert ?
19:50<jed>if I SSL an application I'm working on, say, for a beta
19:50<@irgeek>There are other ways to encrypt your data. SSL uses encryption because it's required to verify identity.
19:50<aaronyy>i used to do that, i haven't tried it recently
19:50<@irgeek>Trust me, it's a *feature* that browsers do that.
19:50-!-apeiron [] has quit [Quit: leaving]
19:50<jed>I really don't think so
19:50<@irgeek>Well, I'm afraid you're wrong.
19:50<jed>there needs to be a line between "encrypted between server and client" and "you can trust this guy"
19:51<jed>public-key encryption, SSL by itself, doesn't necessarily imply "you can trust the operator of this server"
19:51<aaronyy>click content, certificates, then import
19:51<@irgeek>If you're doing a beta, distribute your own root certificate for your testers to install. No more problem.
19:51<jed>you get what I'm saying though
19:51-!-apeiron [] has joined #linode
19:52<jed>why scare the devil out of someone with very, very loaded wording, drawing on the fears of identity theft when all you want to accomplish is link encryption
19:52<jtsage>jed - you make a good point, but i think you might have too high an opinion of joe q. user.
19:52<aaronyy>you can import in trusted root tab
19:52<@irgeek>The *purpose* of SSL was to identify things. The encryption is a requirement based on that.
19:52<jed>the purpose of SSL is to encrypt
19:52<jed>certificate validation grew out of that
19:53<Nivex>the reason for having the cert validation is to detect MITM attacks
19:53<jed>jtsage: quite the contrary, I feel like the wording on the warning page would scare away joe Q. user
19:53<jed>complicated by the fact that firefox 3 makes you click five or six times to get the exception in place
19:53<jed>the browsers are intentionally diverting your traffic if you self-sign, or use a CA that isn't "blessed"
19:53<Nivex>and the cert chain is the only way I can think of to do that without having to call the operator of each site and ask them to read me the key signature
19:53<aaronyy>it's not trusted, user shouldn't use it
19:53<dcrookston>Am I supposed to create a new disk image first, and then deploy a distro to it?
19:54<jed>but what is trust?
19:54<@irgeek>jed: The purpose of the trusted root certificates was so people could identify a site without prior contact. The purpose of SSL was always to identify the host you are communicating with
19:54<dcrookston>What is trust? Baby don't hurt me
19:54<jed>if I want to encrypt an e-mail to you, I send my public key to you
19:54<aaronyy>trusted by your os vendor obviosly
19:54<aaronyy>comodo offer free email cert now
19:54<jed>you get my public key, and wha-lah, I can encrypt data to you
19:54<jed>you can use that key without any ill will, or worrying about trust, or anything
19:54<jed>it's just so someone sitting along the line can't read what I've sent you
19:55<jtsage>jed - true, but it reads that you are advocating a division of "trusted site" and "encrypted site". i don't believe that the average user can (or, from a personal belief standpoint, even should) make that distinction. getting them to look for the little padlock is already enough of an ordeal
19:55<Nivex>jed: provided the key I got was actually yours
19:55*dcrookston coughs.
19:55<@irgeek>dcrookston: The deployment will create the image for you.
19:55<jed>jtsage: we created the problem by putting the padlock there
19:55<aaronyy>dcrookston : you can deploy one premade
19:55<dcrookston>ok, so I need to nuke the image that's empty and let the deployment make it?
19:55<Nivex>let's all agree that people are stupid and move on shall we?
19:56<jed>i don't see how the key being mine has anything to do with me encrypting the e-mail to you
19:56<aaronyy>dcrookston: you can deploy multiple images
19:56<@irgeek>aaronyy: Stop. He's not doing a custom deployment.
19:56<@irgeek>dcrookston: Yes. Nuke the empty one and let the distro wizard do it.
19:57<somnambulant>dcrookston: pocket kings? nice..
19:57-!-seangrove [] has quit [Quit: seangrove]
19:58<jed>you take e-mail encryption, I have a public/private, I send you public, I encrypt my mail with your public, you decrypt my e-mail, all is well
19:58<jed>no identity verification is done there
19:58<jed>i don't have to pay someone to say "you can trust me based on my key"
19:58<dcrookston>Pocket kings?
19:58<@irgeek>jed: When you send me your key, it may be intercepted on the way and be replaced with one that isn't yours. That person can now read what I send you, re-encrypt it with your key and send it on to you and we'd be none the wiser.
19:58<@irgeek> The trusted certificate chain acts an intermediary third party to tell me that the key I received really is your key.
19:59<aaronyy>usually key exchange should happen in person or verify key signature in a secure way
19:59<dcrookston>Hmmmm. Now I've got two profiles. Can I boot them both and then scp things over?
19:59<jtsage>jed - if you mean pgp, there certainly is a identity verification there. at least, there is supposed to be. and it's by humans, which is even better
19:59<@irgeek>Otherwise, you'd have to find another secure channel to communicate with *ever* secure site on the Internet to verify their key before you can trust it.
19:59<Nivex>for the pay SSL certs, that verification is your credit card info
19:59<@irgeek>dcrookston: No. Edit the new one and add the old image as a disk device.
19:59<Nivex>for cacert, there is a Web of Trust mechanism a la GPG
20:00<jed>i hadn't thought of a MITM that way
20:00<dcrookston>ok. how do I make it a disk device? Do I just mount it?
20:00<aaronyy>dcrookston: you don't need one
20:00<@irgeek>And that's why SSL was created. To *verify* keys.
20:00-!-laser` [] has quit [Quit: DMDirc exiting]
20:00<aaronyy>just deploy one, it will be a new profile
20:00<@irgeek>dcrookston: Edit the Configuration Profile.
20:00<@irgeek>aaronyy: Dude. Stop.
20:00<jed>for the task of encrypting data from my apache to your browser, is MITM that serious?
20:01<jed>i mean obviously if I'm handling credit card, I'd do EV
20:01<jed>I wouldn't want to self-sign if I'm handling financials
20:01<dcrookston>Oh, cool. Drive setup.
20:01<@irgeek>jed: Right, but even if you're not handling anything "critical" what do you gain from encryption without verifying the key?
20:02<@irgeek>(The answer is: nothing)
20:02<jed>by the way, a side point since i'm fiddling in the UI
20:02-!-mgoetze [] has quit [Read error: Connection reset by peer]
20:02<jed>i live in arizona, which doesn't observe daylight savings
20:02-!-eld101 [] has quit [Ping timeout: 480 seconds]
20:02<jed>and I noticed phpBB started the trend of not recognizing us
20:02<jed>would it be difficult to put a (GMT-7 NO DST) Arizona in the timezone setting for the profile
20:03-!-straterra [] has quit [Ping timeout: 480 seconds]
20:03<@irgeek>There is an Arizona setting there...
20:03<jed>i'm thinking yes, because you then need code to if(arizona) instead of just a subtraction of seconds
20:03<jed>not the forums, the customer UI for linode
20:03<@irgeek>That's where I'm talking about.
20:03<jed>holy crap there it is
20:03<jed>how did i miss it
20:03*irgeek doesn't answer that'
20:03<jed>oh, wait, it's not correct
20:03<jed>that's right
20:04-!-mgoetze [] has joined #linode
20:04<jed>that's why I had issue with it before, because it doesn't update when everyone else does DST
20:04<jed>my time is now incorrect
20:05<jed>it assumes GMT-7 year round, which really we're not
20:05-!-kenichi [] has quit [Read error: Connection reset by peer]
20:05<jed>we're equal to PDT right now
20:06<jed>is perhaps the discrepancy in the UI due to the server timezone? because my bandwidth graphs and what not now say 6:04p when it is in fact 5:04p
20:06<jed>and any jobs I spawn will be an hour ahead
20:07-!-eld101 [] has joined #linode
20:08<@irgeek>I think that's a Java bug.
20:08<@irgeek>I'm not 100% sure though.
20:08<@mikegrb>im 100% sure my space bar is 1mm thick
20:08<@irgeek>Java on the host, that is.
20:08<@mikegrb>just fyi
20:09<encode>java has its on dst settings
20:09<encode>so annoying
20:09<jed>even though it shows up that way on jobs too?
20:09<encode>the jre requires patching for tzdata, at least on windows
20:09<@caker>I already did that ..
20:09<encode>then i have nothing
20:09<@irgeek>jed: It's all one back-end.
20:09<jed>oh, the jobs system talks to java?
20:09<@caker>encode: I agree with you that it's annoying :)
20:10<jed>can I execute some kind of no-op job
20:10<jed>to see
20:10<jed>because i'm out of space and I can't create a disk image
20:10<@caker>jed: change lish password, maybe?
20:10<jed>ah, good one
20:10<@irgeek>Deploy SSH keys too
20:10<jed>whoa, just found a bug in the UI
20:11<jed>hang on, screening
20:11-!-tofufish [] has joined #linode
20:11<tofufish>Hey, I went to restart apache and this came up:
20:11<tofufish>mail ~: sudo /etc/init.d/apache2 reload
20:11<tofufish> * Reloading web server config apache2
20:11<tofufish>apache2: Could not reliably determine the server's fully qualified domain name, using for ServerName
20:11<tofufish>[ OK ]
20:11<bob2>fix /etc/hosts and /etc/hostname
20:11<@caker>tofufish: and then you googled that, and then ... ?
20:12<tofufish>well, i dont see why it shouldnt work
20:12<aaronyy>tofufish: you can use fqdn in /etc/hostname
20:12<tofufish> is my actual domain
20:12<jed>i like the "HIMOM"
20:12<jed>that's rad
20:12<@irgeek>tofufish: You own That must be worth millions!
20:13<tofufish>lol, I replaced it before pasting it :P
20:13<jed>oh, forgot about ipv6
20:13<jed>give it time, it'll eventually come up
20:13<@caker>jed: har .. that was some debugging that got through
20:14<MarkJ>lol, kills konqueror and need to go to tty1 to kill
20:14<tofufish>hrmm, so my /etc/hostname file should have ?
20:14<jed>ah, yeah, okay
20:14<jed>so "job start date" is accurate
20:15<jed>but "host start" and "host finish" are an hour ahead
20:15-!-mgoetze [] has quit [Read error: Connection reset by peer]
20:15<aaronyy>tofufish: just
20:15-!-mgoetze [] has joined #linode
20:15<tofufish>which brings me back to why isnt it working :(
20:15<@irgeek>jed: That's the java screwiness.
20:15<jed>and theyeah
20:15<aaronyy>did you configure /etc/hosts and /etc/sysctl.conf ?
20:15<@irgeek>tofufish: Did you read the link I posted?
20:15<jed>and that debug info dropping when you change LISH is consistent
20:16<jed>but i assume caker's already made a mental note to take that out, the HIMOM is gone
20:16<@irgeek>Set that in Apache and it will stop bitching.
20:18<@caker>jed: is there more debug output I missed?
20:18<jed>yeah, it's spitting out a bunch of thisNav.myLabel
20:19<jed>if that doesn't load do it by IP, i'm waiting for the AAAA to drop from propogation
20:20<@caker>grr ... fixed
20:20<@irgeek>That'll happen in an hour it seems. :p
20:20<jed>you're quicker than twitter at fixing crap
20:20<jed>twitter's gotta think about it and break something else when they push fixes
20:21<erikh>this is why I'm happy I have a boss that doesn't demand perfection
20:21<erikh>he, like myself, live in realistic worlds where things break.
20:22-!-mgoetze_ [] has joined #linode
20:23-!-mgoetze [] has quit [Read error: Connection reset by peer]
20:24<@irgeek>It still blows my mind that when I hit the Exposé key on my Mac, videos continue playing in the scaled-down window.
20:24<jed>7 is doing that now
20:24<Nivex>compiz can do that too
20:24<jed>if you mouse over an icon in the taskbar, the video will play in a window like 60 pixels wide
20:24<jed>AS WELL AS its original window
20:24<jed>with no performance penalty
20:24<jed>good ole memcpy
20:25<aaronyy>not every program do that
20:25<aaronyy>wow doesn't show any update
20:26<@irgeek>I remember seeing a demo at SGI's office back in about '90 of a live video stream being mapped onto a 3-d model of a screen freely rotating in three dimensions.
20:27-!-daMaestro|isBack [] has joined #linode
20:27<@irgeek>We also got a demo of Doom on a 20 foot tall 3-d screen. It was unreal.
20:27<aaronyy>3d screen without glasses?
20:28<@irgeek>Not back then.
20:29<aaronyy>3d projection will be cool
20:30-!-JshWright [] has quit [Quit: ajax IRC Client]
20:31-!-JshWright [] has joined #linode
20:32<DephNet[Paul]>irgeek, i think you will find it was Doom, Unreal is developed by a different company ;)
20:33<@irgeek>Um. I said Doom.
20:33<DephNet[Paul]>but you finished with "It was unreal" :P
20:34-!-daMaestro [] has quit [Ping timeout: 480 seconds]
20:34<tofufish>irgeek, Sorry but i cant seem to find ServerName in /etc/apache2/apache2.conf
20:34<tofufish>am i looking in the right place?
20:34<@irgeek>What distro?
20:34<@irgeek>Then no. /etc/apache2/sites-available/
20:35<eld101>linode needs more locations
20:35<@irgeek>And you're adding it, not replacing it.
20:35<@irgeek>We have four already!
20:35<tofufish>Oh? Now Im confused :(
20:36<tofufish>I thought i was edditing my ServerName to make it >
20:36<@irgeek>No :80 for one thing.
20:36<@irgeek>Look in /etc/apache2/sites-available/default
20:37<jed>ubuntu's apache2 config for the loss
20:37<jed>i don't like this attempt to break up apache2.conf
20:37<@irgeek>Add "ServerName what.ever.tld" inside the VirtualHost.
20:37<mwalling>jed: it makes sense
20:37<jed>i always just wrote an apache2.conf and then included vhosts.conf
20:37-!-jwilliamhoffman [~jwilliamh@] has quit [Ping timeout: 480 seconds]
20:38<mwalling>jed: hell, my slackwares all have a sites-{enabled,available} layout
20:38<mwalling>(i dont do the mods stuff)
20:38<jed>ehh i just don't like it
20:38<jed>that's aesthetic in nature
20:38<tofufish>irgeek, I have like 5 virtual hosts, does that mean it has to be done to all of them?
20:38<jed>simply an aesthetic preference
20:39<@irgeek>tofufish: You have five VirtualHost blocks without any ServerName directives?
20:39<tofufish>They all have a servername directive
20:39<Element>can anyone help me with this: ?
20:41<@irgeek>Element: "No such file or directory"
20:41-!-aaronyy [] has quit [Quit: ajax IRC Client]
20:42-!-mgoetze_ [] has quit [Read error: Connection reset by peer]
20:42-!-mgoetze [] has joined #linode
20:43<MarkJ>it's midday here in Melbourne and even in the city people are driving with their lights on...
20:44<praetorian>first day since ive been in melb that its rained
20:44-!-esparkman [~esparkman@] has quit [Remote host closed the connection]
20:54<HoopyCat>Element: sounds like there's no file named server.key in the directory in which you're running that command
20:55<HoopyCat>nuts, almost 9pm already? thought it was closer to 8:30 and i was actually being timely with that suggestion
20:55<@irgeek>Try a digital clock. They're easier to read.
20:56-!-JshWright [] has quit [Ping timeout: 480 seconds]
20:56<HoopyCat>i, uhh, have one right there <--- and there --^ and even one over there, but it's tough to read 'cuz of lighting: --->
20:57<HoopyCat>oh! actually, two up there.
20:59<HoopyCat>i love clocks, and i just can't get enough clocks, irgeek. i am a clockmaster. if i don't have a clock within reach at all times, i have no idea what to do. i have a huge clock in the bedroom, too.
20:59<@irgeek>What kind of watch do you have?
21:00<HoopyCat>i don't wear a watch
21:01<@irgeek>That makes sense. :O
21:01<HoopyCat>i'm a little... uhh, picky about standardized time, to the point that the dashboard clock in the car is *exactly* 3 minutes ahead +/- about 5 seconds
21:02<HoopyCat>i'm also big on symmetry, and having that additional weight on my left wrist would throw me off
21:02*irgeek slowly backs away from the strange man
21:03<HoopyCat>i'm a bit weird.
21:04<@mikegrb>HoopyCat: do what I dom just wear a watch on each wrist
21:04<HoopyCat>mikegrb: a man with one clock always knows what time it is; a man with two is never sure
21:04*irgeek did that in junior high
21:04<HoopyCat>mikegrb: WWVB coverage is relatively lame here
21:06<@mikegrb>HoopyCat: that's what the reapeater in your attic is for
21:08<HoopyCat>i could probably actually regenerate the signal using the time servers here
21:09<klaatu>I stopped wearing a watch because it kept catching on my keyboard
21:11-!-mgoetze [] has quit [Remote host closed the connection]
21:13-!-yejun0 [~fIRCuser@] has joined #linode
21:13<linbot>New news from forums: Best directory structure for multiple sites? in Linux, Apache, Mysql and PHP (LAMP) Forum <>
21:14-!-mgoetze [] has joined #linode
21:16<HoopyCat>there's a possible plot afoot to deploy another longwave digital time standard on the east coast, although at a different frequency. that'd be useful.
21:17<yejun0>is that more accurate than gps?
21:17<mwalling>one of these signals come from space, one comes from denver.
21:18<mwalling>er, colorado, not denver
21:18<@irgeek>Not far from Denver.
21:18<mwalling>irgeek: but aaronyy would be sure to correct me if i ddint do it first
21:18<mwalling>irgeek: like how he pointed out that has a bad spf record
21:19<@irgeek>aaronyy isn't here.
21:19<yejun0>it is bad
21:19<mwalling>meh, i rename people's aliases
21:20<HoopyCat>if time is like ketchup, then GPS is like meatloaf and WWVB is like french fries
21:21<HoopyCat>they both deliver the ketchup, but in different ways that are useful in different situations
21:21<mwalling>ketchup? a1
21:21<HoopyCat>mwalling: if ketchup is time, then a1 is... uhh... space-time?
21:21<mwalling>no, a1 with meatloaf
21:22<HoopyCat>mwalling: let's stop this right now before someone whips out the quantum poupon
21:22<mwalling>thats for kielbasa
21:22<mwalling>great... now i want indian food
21:23<linbot>SelfishMan: Yo momma's so ignorant, She tried to set up a server running MS-DOS.
21:23<@irgeek>How did that discussion turn into a desire for Indian?
21:23<linbot>New news from forums: Linode Port Blocking? in General Discussion <>
21:23<mwalling>irgeek: consider the source
21:23<HoopyCat>a1 on meatloaf does sound tasty, but i don't think we're going to be able to get approval to deploy a new condiment for awhile
21:24<mwalling>also, mentally i went through sausage&peppers, then wurst, then i ended up at indian
21:24<Peng__>linbot: botsnack
21:24<linbot>thanks, Peng__!
21:26<HoopyCat>oh nuts
21:27<@irgeek>The forum post linbot reported.
21:28<@irgeek>It was simultaneously answered by two peeps.
21:29<linbot>New news from forums: backup availability? in Sales Questions and Answers <>
21:29<HoopyCat>the left rear upper taillamp on the car has gone out-of-service and i don't think i have a spare in stock
21:30<Peng__>You have a stock of tail lamps?
21:31<mwalling>Peng == mnordhoff?
21:32<Peng__>mwalling: Unfortunatley.
21:33<groulder>when i was in america recently i noticed most cars don't have amber indicators in the tail lights
21:33<groulder>they seem to use the stop light as an indicator
21:33<groulder>how strange.
21:34<HoopyCat>groulder: like for signalling turns?
21:35<HoopyCat>Peng__: i go through a couple a year. they're flashed when the doors are locked or unlocked and are on whenever the car is on, so they kinda get screwed a bit
21:35<@irgeek>I think most of them are two lamps, but one color filter.
21:35<Hobbsee>groulder: some australian cars seem to have that - i presume they've been imported
21:35<Hobbsee>man it's weird!
21:35-!-yejun0 [~fIRCuser@] has quit [Read error: Connection reset by peer]
21:35<groulder>they'd have to be imported. all australian cars have amber indicators.
21:36<groulder>well...these days the lense is clear, but the bulb is amber.
21:37<HoopyCat>groulder: i don't notice too much, 'tho i do prefer the distinct amber lamps. if i can't see the entire rear of the car and/or suspect bulbs are burned out, trying to determine "braking" or "turning" is really tough
21:37<MarkJ>yeah that seems sillly
21:37<mwalling>Internat: fail
21:37<Internat>whatrs the damm blocking one?
21:38<mwalling>21:24 < Peng__> !atlports
21:46<@irgeek>Internat: Congratulations. You were the third person to link to that post.
21:46-!-Bdragon [] has quit [Read error: Connection reset by peer]
21:46-!-orudie [] has joined #linode
21:48<linbot>New news from forums: Filtered ports at new datacenter in Feature Request/Bug Report <> || [SOLVED] Linode Port Blocking? in General Discussion <>
21:49-!-kupesoft [] has joined #linode
21:50<linbot>SelfishMan: Availability: Atlanta360-44 Atlanta540-29 Atlanta720-19 Atlanta1080-8 Atlanta1440-6 Atlanta2880-4; Dallas360-15 Dallas540-33 Dallas720-12 Dallas1080-10 Dallas1440-8 Dallas2880-5; Fremont360-37 Fremont540-21 Fremont720-23 Fremont1080-11 Fremont1440-8 Fremont2880-6; Newark360-50 Newark540-28 Newark720-21 Newark1080-15 Newark1440-11 Newark2880-8;
21:50<Syrogen>fremont just add new 360 server, so fast 3 sold
21:51-!-squidly [] has quit [Ping timeout: 480 seconds]
21:51<@irgeek>We don't mind.
21:53<Syrogen>if i pay first month first, then decided to stick 1yr pre-payment, there's discount right?
21:53-!-Bdragon [] has joined #linode
21:54<Syrogen>i have low ping to fremont but speed is around 160kb/s
21:54<Syrogen>dallas can achieve 300+
21:54<@irgeek>It's probably congestion in the tubez
21:55<Syrogen>i dont see how that guy can achieve 3mb from singapore to atlanta
21:55<SelfishMan>I hate compiling kernels. It feels like I'm running gentoo
21:55<MarkJ>lol. I'm glad I haven't had to compile any on recent installations too
21:56<MarkJ>work servers are gentoo though..
21:56<@irgeek>SelfishMan: Did you set your CFLAGS for awesomness?
21:56<SelfishMan>-funroll-loops -fzomgzoomzoom
21:57<MarkJ>ummm, you forgot -fcake
21:57<encode>do those work with 2.6.29?
21:58<encode>i heard they were deprecated
21:58<MarkJ>-fzomgzoomzoom can't be serious
21:58<@irgeek>And -fracing-stripes
21:58<linbot>--zomg-funroll-loops --ricer-cflags --flail-wildly --moar-disk-thrashing
21:58<jtsage>mmm..., funroll loops. with chocolate milk for the extra kick :)
21:59<MarkJ>Why compile that in irgeek, you could just run java apps
21:59<SelfishMan>At what point did the whole "compilers on a server are insecure" concept go away?
22:00<MarkJ>well to what degree did it go away....
22:00<SelfishMan>yet people run gentoo on servers?
22:00<MarkJ>Our (work) DC server is really locked down
22:00<encode>i always thought it was a Bad Thing (TM)
22:00<MarkJ>well, I don't but the business does. I don't manage the serfver:)
22:00-!-yejun0 [] has joined #linode
22:01-!-daneth [daneth@] has joined #linode
22:02<@irgeek>SelfishMan: d00d - Apache + PHP + MySQL don't run my Drupal site fast enough if I don't compile from source
22:02-!-JamesCollins [~jimmycoll@] has joined #linode
22:02<encode>o rly?
22:02<SelfishMan>irgeek: Yeah, I'm sure those extra picoseconds really add up!
22:02*encode compiles drupal from source. yeah baby
22:02<dgoodwin>mmm compiled from source php
22:03<encode>its soo much faster
22:03<encode>you should totally try it
22:03-!-Syrogen [] has quit [Ping timeout: 480 seconds]
22:03<daneth>noob question but how do I remove a ln -s command in Ubuntu 8.04 LTS
22:03<Peng__>SelfishMan: My server's compiler is suid root too! :D
22:03<encode>i think those same compile flags must work for php too
22:03<SelfishMan>gentoo would build everything to be so much faster if people would just recompile the compiler
22:03<dgoodwin>daneth: rm :)
22:03<SelfishMan>daneth: rm
22:04*encode rewrites gcc in php for extra speediness
22:04<HoopyCat>hmm... i get wonka bad errors on the forum RSS feed ( ... anyone else getting that, or just me?
22:04<SelfishMan>HoopyCat: just you
22:04<encode>i get it too
22:05<SelfishMan>encode: ssshhhhhh!
22:05*SelfishMan strips his kernel
22:06<encode>but then, i've never tried it before. it could have been like that always
22:06<HoopyCat>encode: it worked fine until sometime today
22:06<HoopyCat>irgeek: my RSS broke and i have no idea what's going on forum-wise. *whine*
22:07<mwalling>caker moved forums around to make room for the beta forum... did that screw it up?
22:07<HoopyCat>i'm also getting zomg-sirens on's SSL certificate all of a sudden, which is usually an indication that it's time to go to bed
22:08*SelfishMan rebuilds the kernel...again
22:09<yejun0>new kernel?
22:10-!-N1JER [~N1JER@] has joined #linode
22:10-!-N1JER [~N1JER@] has quit []
22:10<HoopyCat>CN=Google Internet Authority,O=Google Inc,C=US
22:11<HoopyCat>... umm
22:14-!-liberfiasco [] has joined #linode
22:15-!-jcn [] has quit [Ping timeout: 480 seconds]
22:17-!-moon_unit [] has joined #linode
22:17-!-yejun0 [] has quit [Read error: Connection reset by peer]
22:19-!-railsninja [] has left #linode [Leaving...]
22:20-!-mark [] has joined #linode
22:20-!-mark is now known as Guest1306
22:21-!-libervisco [] has quit [Ping timeout: 480 seconds]
22:22*irgeek was feeling ambitious tonight so he put the pop-tarts in the toaster
22:24-!-Psytherium [] has joined #linode
22:24<encode>irgeek: did the fire extinguisher get a work out?
22:24<@irgeek>Nope. The toaster is finely tuned for making them
22:24<encode>i havent seen pop-tarts in .au for many years
22:25<encode>i remember having them as a kid
22:25<Psytherium>For the last couple of days, my linode has been spiking up to 400% (according to the online graph). I'm not sure what's causing this and was wondering if there's any way I can find out through the logs. When it does this, I can't get in to run top and see what processes are running, so I have to reboot it each time...
22:25<@irgeek>You still have Vegemite though.
22:25*irgeek is jealous
22:26-!-jwilliamhoffman [~jwilliamh@] has joined #linode
22:26<encode>would you like me to send you some?
22:26<mwalling>Psytherium: sounds like OOM?
22:26<mwalling>Psytherium: you looked at lish?
22:26-!-seangrove [] has joined #linode
22:27<Guest1306>anybody konw how to build pptpd server in linode ?
22:27<SelfishMan>total OOM
22:27<SelfishMan>Guest1306: What distro are you using?
22:28<Psytherium>mwalling: not really familiar with lish at all =/
22:28-!-aaronyy [] has joined #linode
22:28<linbot>SelfishMan: "lish" could be allows you to perform certain actions without having to log into the LPM. Lish's primary function is to allow you access to your server's console, even if networking is disabled.
22:28<linbot>mwalling: "lish" could be allows you to perform certain actions without having to log into the LPM. Lish's primary function is to allow you access to your server's console, even if networking is disabled.
22:29<Psytherium>kk, looking in to it now, thanks
22:30<mwalling>opello: fail?
22:30<opello>i guess
22:31<mwalling>opello: try that here and see if tj kills you :P
22:31<opello>he probably would
22:31<opello> ;)
22:31<linbot>Why would you steal money from Linode when you didn't refer this person?
22:31<SelfishMan>sorry, reflex
22:32<opello>it's been a frustrating evening
22:32<Psytherium>Also, I'm getting a lot of random attempts to log in to my box and messages like this in /var/log/secure, "reverse mapping checking getaddrinfo for failed - POSSIBLE BREAK-IN ATTEMPT!"
22:33<Psytherium>What should I do about this?
22:33<SelfishMan>Psytherium: fail2ban
22:33<mwalling>Psytherium: nothing
22:33<@irgeek>Guest1306: PPTP is kind of prone to not working. We usually suggest something like OpenVPN instead.
22:33<Psytherium>bear in mind, im a complete linux noob :)
22:33<opello>use strong passwords ore certificates :)
22:33<opello>and fail2ban can help mitigate spamming of auth attempts
22:33<Psytherium>mwalling: So I should be fine?
22:33<A-KO>attempts to login? change the ssh port?
22:33<aaronyy>Psytherium: you can disable dns in sshd
22:33<aaronyy>UseDNS no i think
22:33<A-KO>I use certs
22:33<A-KO>win win
22:34<opello>so long as you fixed them or didn't use debian to generate them during the window of poor randomness ... :)
22:34<@irgeek>Psytherium: Use keys, not passwords and turn password auth off.
22:34<A-KO>haha opello
22:34<A-KO>so true
22:35*irgeek points out they aren't certificates, just keys
22:35<@irgeek>Not the same thing.
22:36<opello>that's a good point
22:36<checkers>certificates are just keys in a good suit
22:36<aaronyy>certificates are signed
22:36<HoopyCat>speaking of which, i believe all's well with the imap certificate
22:37<HoopyCat>thank you, computer, for making it so i have to manually do your frickin' job
22:37<@irgeek>HoopyCat: Someone at Google screwed up. Our payment processor did that. Their cert expired on us and we couldn't process orders.
22:38<HoopyCat>irgeek: the old cert wasn't even close to expiring; 'twas only late last year they forgot to renew it
22:38<aaronyy>or your computer is hacked
22:39<checkers>or the internet is
22:39<@irgeek>Or the whole universe is.
22:39<aaronyy>i have no problem with gmail imap ssl
22:40<Guest1306>used Cent OS 5.2
22:41<HoopyCat>aaronyy: just ran the verification on a couple different systems, so it's probably unlikely
22:41<moon_unit>hey, can i set up round robin DNS using linode's dns manager?
22:41<moon_unit>or what's the simplest way to do it
22:41<aaronyy>HoopyCat: which port are you using?
22:42<@irgeek>Add more than one A record.
22:42<@irgeek>moon_unit: ^^^ That's for you.
22:43<aaronyy>irgeek: can you control how many a record dns server answer?
22:43<HoopyCat>aaronyy: 993 or so
22:43<HoopyCat>sleeptime now. g'nite!
22:43<@irgeek>aaronyy: No
22:43<aaronyy>HoopyCat: nite
22:43<aaronyy>i use
22:44<Guest1306>OpenVPN, need client to install client soft, do not like
22:46<@irgeek>Well that's what pretty much what everyone here uses.
22:46<aaronyy>There's ca name "Generic Root Trust CA" in my windows
22:46<bob2>options include: installing it or using a vpn system that your client already has a client for
22:47<moon_unit>irgeek: thanks, multiple A records will distribute requests at random?
22:47<aaronyy>it's round bin not random i think
22:48<moon_unit>oh yea so just sequential?
22:48<aaronyy>everytime it move one position i think
22:49<aaronyy>i am not very sure
22:49<aaronyy>give a short ttl, it probably can distribute more evenly
22:50-!-Element [] has quit [Quit: [tekN1X]]
22:52<linbot>New news from forums: PPTP and Windows clients .... in Linux Networking <>
22:56-!-verheesj [] has quit [Ping timeout: 480 seconds]
22:57-!-anhgemus [] has joined #linode
22:58<anhgemus>i currently have a problem with my linode
22:58<anhgemus>i got 500 Server Error when trying to access my website
22:58<anhgemus>although the profile just newly created
22:58<anhgemus>on centos
22:58-!-Guest1306 [] has left #linode []
22:58<anhgemus>i never encountered this problem before
22:58<supine>check the logs
22:59<@caker>I'm certain the log files will provide you with more clue
22:59-!-verheesj [] has joined #linode
22:59<anhgemus>you mean apache log ?
22:59<@caker>if apache is your webserver, then yes
23:00<@caker>its error log
23:00<anhgemus>i already checked but there is not much information there
23:00<anhgemus>[Thu Apr 02 22:51:59 2009] [notice] caught SIGTERM, shutting down [Thu Apr 02 22:52:05 2009] [notice] suEXEC mechanism enabled (wrapper: /usr/sbin /suexec) [Thu Apr 02 22:52:05 2009] [notice] Digest: generating secret for digest authent ication ... [Thu Apr 02 22:52:05 2009] [notice] Digest: done [Thu Apr 02 22:52:05 2009] [notice] Apache/2.2.3 (CentOS) configured -- resuming
23:00<anhgemus>this is what i got from error_log
23:01-!-moon_unit [] has quit [Ping timeout: 480 seconds]
23:01<supine>you can have virtual host specifc logs.
23:02<anhgemus>i didn't maintain any virtual host
23:02<anhgemus>it's a fresh apache
23:02<@irgeek>Hit the page and see what comes up after thatn.
23:02<@irgeek>That's just the startup stuff.
23:03<@irgeek>Oh, and pastebin stuff, don't paste in the channel please.
23:05<X-LP>does anyone else run unreal tournament servers on their linodes?
23:05<anhgemus>i hit the page but nothing new coming up in the log
23:06<@irgeek>What about in the access_log?
23:06<@caker>anhgemus: are you hitting the correct server?
23:06<@irgeek>There's got to be something somewhere.
23:06<@irgeek>X-LP: I've heard of people that do.
23:06-!-laoge [] has joined #linode
23:06-!-Battousai [] has quit [Remote host closed the connection]
23:07<X-LP>cool. been quite nice running mine. except for newark8 going down :<
23:07-!-Battousai [] has joined #linode
23:07<laoge>hi, can i migrate my linode from dallas TX to Fremont CA?
23:07<@irgeek>Open a ticket. Your IP is all that changes.
23:08<laoge>irgeek: thanks, you mean my IP address will change ?
23:09<guinea-pig>if you migrate from one DC to another... yes it has to.
23:09<laoge>irgeek: ok
23:10-!-laoge [] has left #linode []
23:11-!-JamesCollins2 [~jimmycoll@] has joined #linode
23:12-!-JamesCollins [~jimmycoll@] has quit [Read error: Connection reset by peer]
23:21-!-moon_unit [] has joined #linode
23:26<Internat>interesting.. when did the backup server beta forum appear?
23:26<mwalling>its always been there
23:26<Internat>really? i probably just never scroll down far enough
23:26<mwalling>when did you appear?
23:27<Internat>a while ago i think.
23:27<condate>first time i've seen it too.
23:27<condate>used to be only xen beta.
23:28<mwalling>you running a greasemonkey script that hides forums?
23:29<mwalling>maybe you're just not cool
23:29<Internat>jebus christ
23:29<Internat>forum sign up date: Joined: 18 Aug 2004
23:30<Internat>almost 5 years? i need a life :/
23:30<@irgeek>mwalling: Internat & condate couldn't see it until today. They were the two people we hid it from.
23:30-!-laoge [] has joined #linode
23:30<@irgeek>Whoops. Wrong channel.
23:30<mwalling>irgeek: <3
23:31<laoge>irgeek: how long will the linode migration take?
23:31<condate>i blame conficker.
23:31-!-pyromancer_ [] has joined #linode
23:31<mwalling>laoge: it should give you a current speed in the host status
23:31<@irgeek>laoge: 10-15 mins/GB usually.
23:31-!-Pyromancer [] has quit [Remote host closed the connection]
23:32<@irgeek>mwalling: He isn't migrating yet.
23:33<laoge>irgeek: so it will take 120+ mins for my linode 360?
23:33<mwalling>you can resize the images down to your used space
23:33<mwalling>and delete swap
23:34<laoge>mwalling: thanks.
23:34-!-ember [] has quit [Ping timeout: 480 seconds]
23:34<bd_>laoge: also remember, the instant you hit migrate you can start queueing jobs for after it completes
23:35<bd_>so once you hit migrate, go back and recreate swap, resize your disk images back, update your config profile to point to your swap and clik boot
23:35<bd_>then it'll all come back online whenever it's ready :)
23:36<checkers>wish you could cancel jobs that haven't started though
23:36<laoge>bd_: ok, thanks
23:36<dcrookston>So, did the space available on my linode increase when I wasn't looking, somewhere between 2007 and now?
23:36<bd_>dcrookston: probably
23:37<mwalling>dcrookston: christmas 08 i think
23:37<mwalling>maybe that was christmas 07
23:37-!-laoge [] has left #linode []
23:37*dcrookston is subscribed now.
23:37<@irgeek>We announce them there.
23:38<phennessy>you can subscribe to and watch the noise of linode land
23:38<jed>anyone in here much familiar with trademark law?
23:38<jed>doesn't a federally registered trademark preempt a state one?
23:38<dcrookston>How familiar?
23:38*dcrookston watches as it flies over his head.
23:38<phennessy>i thought there were only fed trademarks
23:39<jed>no, states can issue trademarks too, allegedly
23:39<jed>a trademark troll in north carolina just sued for trademark infringement and got @amberalert on twitter shut down and protected, but the "Amber Alert" trademark is registered to the United States DoJ in TESS
23:39<jed>and AMBER Alert is a federal program that I have extensive training in due to my work in broadcasting
23:40<phennessy>that's insane
23:40<dcrookston>That's completely insane.
23:40<dcrookston>I hate twitter and want it to die, but even I recognize the value in (and would subscribe to Twitter for) Amber alerts
23:40<jed>this company was responsible for the takedown
23:40<jed>bruce seybert is responsible for the lawsuits, and there are 3
23:41-!-troy [] has quit [Remote host closed the connection]
23:41<@irgeek>Now that's class!
23:42<jed>this pisses me off enough to almost file a pro amicus brief
23:42<jed>in all three cases
23:43<jed>what's worse is thrasher got twitter to give them @amberalert during an ACTIVE amber alert
23:43<dcrookston>How do I mount /dev/xvdc to, say, /home/olddrive?
23:43<dcrookston>what's a pro amicus brief?
23:43<jkwood>jed: The ironic part? That envelope graphic is almost identical to the one use by the Gmail Manager Firefox extension.
23:43<jed>jkwood: yeah
23:43<phennessy>mount /dev/xvdc /home/olddrive
23:43<dcrookston>Wow, that's easy.
23:43<jed>dcrookston: sorry, amicus curiae, one of this latin words. basically means i'm unrelated to the case but filing information in it that may be beneficial to the judge
23:44-!-ember [] has joined #linode
23:44<phennessy>if it's not happy sometimes it wants -t ext3 or -o some_options but it should just work with ext2/3
23:44<jed>dcrookston: if you make an entry in /etc/fstab (see man fstab), you can just do mount /home/olddrive
23:45<jed>and it will also mount it on boot
23:45<Peng__>mount -o noatime!
23:45<Peng__>noatimes? Whichever
23:45-!-daneth [daneth@] has quit []
23:45-!-straterra [] has joined #linode
23:45<dcrookston>Oh, and does the directory need to exist before?
23:46<aaronyy> /dev/xvdh /tmp ext2 rw,noatime 0 2
23:46<dcrookston>Lovely, it's there :)
23:46<dcrookston>oh damn, I forgot that I don't have vi on this system yet.
23:46<aaronyy>use nano
23:47<dcrookston>It's probably got vim
23:47<phennessy>vim > *
23:47<dcrookston>and just needs to be symlinked
23:47<aaronyy>nano is better
23:47<phennessy>symlinking should not be necessary
23:47<dcrookston>What do you mean?
23:47<dcrookston>vi should already point to vim?
23:48<phennessy>you could use an alias in bash too
23:48<jkwood>Slackware comes with elvis as vi by default.
23:48<phennessy>lrwxrwxrwx 1 root root 20 2008-06-24 22:05 /usr/bin/vi -> /etc/alternatives/vi
23:48<phennessy>lrwxrwxrwx 1 root root 21 2008-06-24 22:05 /usr/bin/vim -> /etc/alternatives/vim
23:49<phennessy>lrwxrwxrwx 1 root root 18 2009-01-27 00:06 /etc/alternatives/vi -> /usr/bin/vim.basic
23:49<@caker>I probably shouldn't be drinking a coke right now, should I?
23:49*phennessy stops now
23:49<dcrookston>You shouldn't ever really be drinking a coke.
23:49<dcrookston>It's not good for you.
23:49<phennessy>it's good with burgers
23:49<groulder>can't remember the last time i had a coke.
23:49<groulder>good old water for me.
23:50<dcrookston>Well, delicious is another issue entirely ;)
23:51<dcrookston>Does emerge keep any kind of logs, or whatever, of things that are installed on a system?
23:52<aaronyy>in /var/lib/portage i guess
23:52<phennessy>oh gentoo..
23:52<phennessy>you may need symlinks then
23:53-!-mjh29 [] has joined #linode
23:54<mjh29>hi guys. new to linode. having some trouble getting a centos instance running apache http accessible
23:54<linbot>CentOS has a firewall enabled by default. You can use system-config-securitylevel-tui to configure it.
23:56<mjh29>that was easy. fixed.
23:59-!-VS_ChanLog [] has left #linode [Rotating Logs]
23:59-!-VS_ChanLog [] has joined #linode
---Logclosed Fri Apr 03 00:00:28 2009