Back to Home / #linode / 2009 / 08 / Prev Day | Next Day
#linode IRC Logs for 2009-08-04

---Logopened Tue Aug 04 00:00:12 2009
00:02-!-litwol|mac [~litwol|] has joined #linode
00:02-!-J-Node [] has quit [Read error: Connection reset by peer]
00:04-!-J-Node [] has joined #linode
00:08<amitz>decourl: yeah. I used to keep a session open simply because I need the output :-)
00:14-!-brainproxy [] has joined #linode
00:14-!-J-Node [] has quit [Read error: Connection reset by peer]
00:15-!-J-Node [] has joined #linode
00:22-!-realityloop [] has joined #linode
00:23-!-hercynium [] has quit [Ping timeout: 480 seconds]
00:25<realityloop>my linode just went unresponsive again..
00:25<realityloop>any linode team here right now?
00:28<Solver>can't you power cycle it from the web interface?
00:30<realityloop>Solver: yes.. but this is the 2nd time it's gone unresponsive in 4 days.. and I only set it up last thursday
00:30<Solver>ah ok
00:30<realityloop>I sold this as more reliable to my clients..
00:31<Solver>I wonder if there is anything you can do to dump info from the system which will help with diagnostics later
00:31<@caker>realityloop: OOMing?
00:31<linbot>LISH allows you to perform certain actions without having to log into the LPM. Lish's primary function is to allow you access to your server's console, even if networking is disabled.
00:31<@caker>logview command. run it.
00:32<realityloop>caker: from command line?
00:32<@caker>from Lish
00:32<linbot>New news from forums: Reboot: fremont40 in System and Network Status <>
00:32<realityloop>logview not found
00:33<@caker>from the Lish prompt. Not the console
00:33<@caker>control-a then d
00:34<@caker>oh, I see you have a ticket already (right?)
00:35<realityloop>caker: yes
00:35<@caker>Maybe give the 2.6.29-linode18 kernel a shot. You'll need to install ntpd to keep time under those kernels
00:36<realityloop>logview output goes beyond ajax console.. how do I copy it?
00:37<@caker>step 1, set a Lish password on the console tab on the linode
00:38<@caker>step 2, don't use the ajax console -- use an ssh client: ssh logview > console.log
00:41<realityloop>caker: logview output added to ticket
00:45<@caker>realityloop: please install ntpd and give the 2.6.29-linode18 kernel a shot (you can change it in your configuration profile; then reboot)
00:45<realityloop>I can do that without losing current setup?
00:45<@caker>yup. Just a reboot.
00:48<realityloop>caker: where do I pick the different kernal from?
00:49-!-Twayne [] has quit [Ping timeout: 480 seconds]
00:49<realityloop>found it
00:50-!-Twayne [] has joined #linode
00:51<realityloop>done.. now what?
01:00<realityloop>caker: ??
01:02-!-megatron27 [~firdaus@] has joined #linode
01:02<Schroede1>why do people seem to think the Internet is an excuse for rude, obnoxious, and discourteous behavior?
01:03<megatron27>because we're all anonymous except for me since I can't get x-chat to stop sending my username over to the server:-)
01:05<Pryon>Schroede1: bite me
01:05<Pryon>(that was a joke)
01:06<Pryon>Speaking of rule #4, where the heck is mwalling?
01:07<megatron27>yay @ Linode API
01:08-!-Twayne [] has quit [Ping timeout: 480 seconds]
01:08<SelfishMan>Schroede1: Because there is less of a chance of someone actually punching you in the nose
01:11<megatron27>not true, being linked to tubgirl is about as bad as being punched in the nose
01:11<megatron27>the first time at least
01:11<SelfishMan>megatron27: On the flip side, linking someone to tubgirl rarely actually results in a broken nose
01:14<MJCS>i just got done watching gattaca for the first time since it came out
01:14<MJCS>damn good movie
01:14-!-Twayne2 [] has joined #linode
01:15<Pryon>!g gattaca
01:15<SelfishMan>!f gattaca
01:15<linbot>SelfishMan: Gattaca is a 1997 science fiction drama film written and directed by Andrew Niccol, starring Ethan Hawke, Uma Thurman and Jude Law with supporting roles played by Loren Dean, Gore Vidal and Alan Arkin. The film was a 1997 nominee for the Academy Award for Best Art Direction — Set Decoration.
01:17<Pryon>wtf is 'f' supposed to mean?
01:19-!-elhippo [] has quit [Quit: Leaving]
01:20<SelfishMan>!help f
01:20<linbot>SelfishMan: (f <an alias, 0 arguments>) -- Alias for "factoidbot $*".
01:20<SelfishMan>short for factoidbot
01:20<SelfishMan>!help skynet
01:20<linbot>SelfishMan: (skynet <an alias, 0 arguments>) -- Alias for "factoidbot $*".
01:21<SelfishMan>people have created many aliases for it
01:26<amitz>megatron27: luckily your name is common :-)
01:26<megatron27>in some countries it's more common as a girl's name
01:27<amitz>megatron27: that's interesting. I just know that.
01:28<megatron27>in south east asia it's more common for as a boy's name, in south asia it's more common as a girl's name
01:30*Solver got a friend to test him once as he thought he could pick whether a foreign language name belonged to a male or female.
01:31<Solver>I ended up getting _less than_ 50% right :)
01:31<Solver>in other words I would have been better off tossing a coin
01:32-!-J-Node [] has quit [Quit: HydraIRC -> <- Now with extra fish!]
01:37<amitz>Solver: I used to score below chance in a multiple choice exam that has no penalty rule. Choosing 1 out of 5 choices, I only score 17 :-p
01:37<amitz>out of 100.
01:38<amitz>megatron27: hmm that's interesting. I wonder what makes it that way..
01:38-!-jspiros [] has quit [Ping timeout: 480 seconds]
01:39<megatron27>Redhat's CEO is speaking here today :-)
01:39<amitz>ooh nice and interesting since I thought you place don't really like linux?
01:40<amitz>I mean, microsoft has indisputable monopoly there?
01:40<megatron27>well Microsoft is still very strong here but we having a growing open source community
01:40<megatron27>nope, in fact, the government recently made ODF a national standard and the economic planning unit will no longer approve new Microsoft Office licenses
01:41<realityloop>hahah thats awesome
01:41<megatron27>we are having****
01:41<megatron27>we have***
01:41<megatron27>damn it
01:42<megatron27>there's also a government department that provides open source consultancy to other departments
01:42<amitz>megatron27: ooh, nice. I think my government used to have open source initative for governmental organization but I think microsoft bribed their way in a couple of days after.
01:43<megatron27>yes, I remember, they offered soomething like USD 7 per license right?
01:43<amitz>A deep discount, something like that yeah.
01:43<Smark>how long does .bash_history stay around and is there a way to prevent it from truncating?
01:47<Staz>Smark : there are a bunch of environment variables to control that
01:47<amitz>megatron27: but what was disappointing is that they seem to just drop the open source initiative. Just like that.
01:47<Staz>HISTSIZE for example
01:47<amitz>Smark: make it longer, the history. There is a setting somewhere
01:47<Staz>export HISTSIZE=<lots of lines>
01:48<megatron27>amitz: Governments are like that everywhere, in fact this wasn't the first open source initiative in the Malaysian government either
01:49<Smark>Staz, will that remain set to <lots of lines> even after a reboot? is it per-user or would I have to run that as each user?
01:49<Staz>Smark : If you set it in one of the bash configuration files, sure.
01:50<Smark>alright, thanks
01:50<megatron27>amitz: from 2005 -
01:50<Staz>Smark : /etc/profile if you want that settign for all users
01:50<megatron27>amitz: does that having something to do with Java being in Indonesia :-)
01:51<Smark>Staz, will that be instant for all users? do they have to relog? Do I have to run a command to reload bash configs?
01:52<Staz>exec bash
01:53<amitz>megatron27: certainly not! :-p I actually haven't heard about that one.
01:54<Staz>Smark : If you edit .bashrc, then exec bash should be sufficient.
01:54<Staz>Otherwise get them to log back in
01:54<Smark>either was isnt a problem, thanks Staz
01:55*Staz tries to get from university to home without getting wet
01:55<amitz>megatron27: you know, my marriage to linux used to be forced marriage.
01:56<Smark>rdiff-backup makes me sad on this connection... it gets stuck on my .bash_history file for like 10 minutes... and the file is only 10k
01:57<amitz>It started from a declaration by BSA that promise money for pirated windows whistleblower. I then try to convert every installation to linux. Then I learned to love linux :-)
01:58<megatron27>haha, but i heard that those whistleblowers don't actually get anything
01:59<megatron27>because the whistleblowers only get money if the BSA takes the company to court and usually the companies will settle before that
01:59<amitz>megatron27: I heard that they will get something IF the company eventually buy original windows. The whistleblower basically get a cut from that purchase.
01:59<megatron27>oh, I stand corrected then
02:00<amitz>megatron27: well, I also heard it as rumor so.. :-)
02:00<megatron27>so we should all use pirated software, then report ourselves, then at least we get a cut of our own sales :-)
02:00<amitz>megatron27: you're good at this hahaha
02:12<amitz>megatron27: say, what's the popular programming language there?
02:13<amitz>In here, basically VB/Java/.NET.
02:13-!-kelvinq [] has joined #linode
02:15-!-ElectricElf [] has quit [Ping timeout: 480 seconds]
02:18-!-ElectricElf [] has joined #linode
02:22-!-Twayne2 [] has quit [Ping timeout: 480 seconds]
02:22-!-Twayne [] has joined #linode
02:26<megatron27>ASP.NET is very popular, Java is popular too, and PHP
02:27<megatron27>most companies end up using ASP.NET because of the amount of talent available
02:28-!-toyo|desk [] has joined #linode
02:29<toyo|desk>hmm I think there is something wrong with my node
02:29<toyo|desk>for some reason it has over 50% IO wait
02:29<toyo|desk>and apache stopped responding
02:29<toyo|desk>er serving pages
02:30<toyo|desk>is there a way with top to show what is causing the high wait?
02:32<toyo|desk>k now its up to 76%
02:32-!-kelvinq [] has quit [Read error: Connection reset by peer]
02:33-!-kelvinq [] has joined #linode
02:34-!-jspiros [] has joined #linode
02:35<toyo|desk>anyone know how to show what is causing high io wait?
02:35-!-Twayne [] has quit [Ping timeout: 480 seconds]
02:35-!-mallory [~mallory@] has joined #linode
02:35<toyo|desk>although its looking now like it completely ceased up the os
02:35-!-Twayne [] has joined #linode
02:36<amitz>toyo|desk: I don't know but maybe you can try turning on and off stuff one by one. While running top ?
02:36<toyo|desk>eh afraid it is completely locked now
02:37<toyo|desk>gotta hard reboot it
02:37-!-cpg [] has joined #linode
02:37<toyo|desk>oh wait it came back
02:38<megatron27>what's command to you use to check the IO wait?
02:38<toyo|desk>I was using top
02:41<toyo|desk>hmm well I stopped apache but it dosen't look like it is the problem
02:41<toyo|desk>its still hovering around 21%
02:42<megatron27>this is the "wa" field in top right?
02:42-!-peter_ [] has quit [Quit: peter_]
02:42<toyo|desk>I think I know what the issue it
02:42<toyo|desk>er is
02:42<toyo|desk>damn IRC bot
02:45<amitz>toyo|desk: yeah, maintaining an IRC bot is a problematic business. There are so many ways for it to behave erratically.
02:46<megatron27>surely there's a command that gives a per process breakdown of IO usage
02:46<toyo|desk>I dont know of one
02:47<toyo|desk>it would be nice
02:47<amitz>toyo|desk: I have this bot I don't dare to publicize yet. Since there are so many ways it can crash :-)
02:47<toyo|desk>eek sounds like you are using the wrong bot
02:48-!-kelvinq [] has quit [Quit: kelvinq]
02:49<toyo|desk>but yeah it would be nice to know a process breakdown of io use
02:49<amitz>toyo|desk: it's a bot I made myself :-).
02:49<toyo|desk>I see
02:56-!-Internat-afk [] has joined #linode
02:56-!-Internat [] has quit [Read error: Connection reset by peer]
02:59<Smark>I've always had interests in making IRC bots... Eggdrop is not something I'd want to work with, I'd like to start from scratch... Whats a good language to do it in? C? I've heard of PHP bots also.
03:00<toyo|desk>Smark, I use supybot
03:00<toyo|desk>its python
03:01<Smark>I made VB bots back in the day, but since VB is Microsoft Fail, I'd like to get away from it
03:01-!-Twayne [] has quit [Ping timeout: 480 seconds]
03:01<megatron27>latencytop seems to do it
03:02<toyo|desk>is that an addon package
03:02-!-Twayne [] has joined #linode
03:02<megatron27>I'm still trying to understand the output and it has to run as root unfortunately
03:02-!-ph^ [~ph^@] has joined #linode
03:03<megatron27>Maybe iotop might be better
03:03<megatron27>toyo|desk: yeah, iotop seems to do what we want
03:03<toyo|desk>I will install it
03:04<megatron27>unfortunately, it's not in the Centos repositories
03:04<toyo|desk>hope its in the opensuse repos
03:04<megatron27>but it's in the Ubuntu ones
03:05-!-getsmart [] has joined #linode
03:06<toyo|desk>- Python >= 2.5 for AF_NETLINK support: Found
03:06<toyo|desk>- Linux >= 2.6.20 with I/O accounting support: Not found
03:07<toyo|desk>the linode kernel dont support it
03:07<megatron27>bloody hell, it needs Python 2.5
03:08<SelfishMan>toyo|desk: I believe there is a kernel available that support s IO accounting
03:08-!-girishr [~girish@] has joined #linode
03:09<toyo|desk>well that would fix one problem
03:09<toyo|desk> still got a python error
03:09<megatron27>damn, I didn't compiler Python 2.5 with curses support
03:11<toyo|desk>mine didnt care about that
03:11<SelfishMan>that's why I stick to binary packages
03:11<SelfishMan>so much easier
03:11<toyo|desk>it installed python-curses for me
03:11*megatron27 ditches Centos for Ubuntu just to run iotop :D
03:12<amitz>megatron27: you have returned to the light side :-p
03:12*amitz life's principal: Everything I don't use, sucks.
03:13-!-realityloop [] has quit [Quit: realityloop]
03:14-!-Twayne [] has quit [Ping timeout: 480 seconds]
03:16-!-Twayne [] has joined #linode
03:17<amitz>Smark: as long as it works :-) the bot
03:19<amitz>Smark: but one thing I like about making bot with python is you can update the bot without restarting.
03:20<megatron27>dstat is available, but I need to check whether my kernal has IO accounting enabled or not
03:21-!-jcn [] has quit [Quit: ircII EPIC4-2.6 -- Are we there yet?]
03:24<amitz>Smark: btw, unless you're prepared to do some "lower level" stuff, maybe you want to use a pre-made bot. Of course if you only want to learn, it's another matter entirely.
03:25<amitz>Smark: btw, I didn't create it from scratch.
03:29<Smark>sorry amitz, last thing I saw (i got dced): <amitz> Smark: btw, unless you're prepared to do some "lower level" stuff, maybe you want to use a pre-made bot. Of course if you only want to learn, it's another matter entirely.
03:29<Smark>by "lower level" do you mean like actually parsing the IRC messages?
03:30<Smark>PRIVMSG, various server connection stuff, etc
03:30<Smark>Raw IRC i guess is what I mean
03:31-!-chipy [] has joined #linode
03:31<chipy>Does anyone know why when I upload files, its not updating for my website?
03:32<chipy>Well is that normal?
03:33<Smark>I know FireFox is annoying sometimes when I'm updating my website online... like if I make a small change to a .js file, firefox wont reload it unless i flush my cache
03:33<chipy>Also when I try to chmod file permission its not updating
03:33<Smark>define updating
03:33<chipy>I mean I use filezilla
03:33<chipy>and when I try to rewrite permission 777
03:34<chipy>it won't update to the real website
03:34<Smark>are you sure you're uploading to your web root?
03:34-!-Twayne [] has quit [Ping timeout: 480 seconds]
03:34<chipy>let me check
03:34<Smark>and not your home directory or something
03:34-!-Twayne [] has joined #linode
03:35<chipy>oh ya
03:35<amitz>Smark: oh, basically python's bot can be updated without restarting. yeah, parsing and things like that.
03:36<Smark>I'm really not familiar with python... is it widely used? I've heard a lot about it, but is it used in a professional environment or is it more of a "get the job done quick" language... I hope some of that made sense
03:37<Smark>IE is it something you can put on a resume and not be laughed at for it?
03:38<chipy>Do you think the reason its not working is because its sftp?
03:38<megatron27>I use Python for everything.
03:38<megatron27>but I think it's a little too verbose for throwaway scripts
03:39<Smark>chipy, your protocol shouldnt matter. Where are you uploading/changing files?
03:39<chipy>its in the forum home
03:39<chipy>i mean root
03:39<chipy>website root
03:40<chipy>it says its updated when I use filezilla
03:40<Smark>whats the actual path in your file system?
03:40<chipy>but when I go back to the website it says the file does not exist
03:41<Smark>then you're not uploading it to the correct folder, or you have a typo somewhere
03:41<Smark>"root" isnt a folder, or a full path
03:42<Smark>look a the address bar in FileZilla... does it say like /var/something?
03:43<chipy>oh no
03:43<chipy>should I go to that?
03:43<chipy>now I see
03:43<chipy>thanks smark
03:43<chipy>I think I know now
03:43<Smark>I'm asking what it is
03:44<Smark>ok, let me know if you need anything else
03:44<chipy>i have been going to the /root/ folder
03:44<chipy>but I did not realize I had to go to www
03:44<chipy>I mean /var/www
03:45<Smark>protip: You probably shouldnt be editing your websites as root, but do as you wish!
03:46*Smark wonders how many rootkits are actually present on Linode's servers...
03:47<chipy>i'm a complete noob
03:47<chipy>I don't know how to add new users
03:47-!-jcn [] has joined #linode
03:47<chipy>I just paid someone to transfer my site
03:47-!-Twayne [] has quit [Ping timeout: 480 seconds]
03:48-!-Twayne [] has joined #linode
03:48<Smark>If you're interested in learning about Linux administration you might want to take a look at It helped me a lot when i started out
03:48-!-Musicmasteria [] has joined #linode
03:49<amitz>Smark: well, I guess it will depend on your location. But laughed at? I don't think so. And some company want to do quick prototyping for many reasons thus python can be used.
03:49<chipy>Thanks smark
03:49<chipy>your great
03:50<Musicmasteria>Can someone help me set up shorewall on a basic ubuntu setup (apache2, php, mysql)?
03:51<Smark>Well, I first started programming using VB 4.0 when I was like 12-13, and I'm paying for it now... I really havent spent the time to really learn C, thought I know enough to make basic programs... I'm taking a C++ programming course at my University this comming semester, I expect I'll be leaps-and-bounds ahead of most people anyway
03:51<Smark>anytime chipy
03:51<Smark>Musicmasteria, is it installed?
03:51-!-getsmart [] has quit [Ping timeout: 480 seconds]
03:51<Smark>Sadly the only application language under my belt is STILL VB, and I'm very annoyed by it... Though I'm quite adept at PHP...
03:52<Musicmasteria>Smark: I think I installed it
03:52-!-greg [] has joined #linode
03:52<Smark>does "ls /etc/shorewall/" return anything?
03:52<greg>having issues logging into SSH
03:53<amitz>I have touched C++ a bit. The most eye opening programming language will be functional programming languages. :-)
03:53<Smark>greg, try LISH?
03:53<Musicmasteria>I have a /etc/shorewall/ folder but it's kinda empty (2 files)
03:53<greg>I did , the creds dont seem to work
03:54<Smark>well, LISH is directly into your console... you mean user/pass combos don't work?
03:54<greg>right nw I am using linode console
03:54<greg>yeah the user/pass dont work
03:54<Musicmasteria>Smark: wow this is wierd. I thought shorewall defaults to off when installed
03:54<amitz>Smark: At first, I didn't really able to grasp recursion. Functional programming language really force me to understand it.
03:54<Smark>shorewall defaults to everything blocked
03:54<Smark>I guess my main thing is I'm a windows user (as far as everyday use), and when I develop a program I'm not interested in ease of use (GUI) instead of Command Line.
03:55<Smark>theres not much easy to understand C/C++ documentation out there about Windows GUI programming.
03:55<Musicmasteria>shorewall.conf "STARTUP_ENABLED=Yes" <-- thought that should be a 'no'
03:55<Smark>granted I usually give up and go back to VB about tinkering around for a few hours
03:55<Smark>Musicmasteria, keep that No until you've configured it
03:56<Smark>the shorewall docs are very helpful
03:56<Smark>greg, does root work?
03:56<Musicmasteria>I just opened it up and it was set to yes
03:56<Smark>well, dont turn on shorewall or you're stuck with LISH
03:56<Smark>(until its configured)
03:57<Smark>Musicmasteria, basically you end up with a rules file where you list ports and their interfaces. Those ports are allowed, all others are blocked.
03:57<Musicmasteria>dang it.. I keep getting permission denied on my nonroot user in WinSCP
03:57<greg>caker: smark , you mean root and my password in console ?
03:57<Smark>thats because most files in /etc/ are owned by root
03:57<Musicmasteria>I thought I gave it all privs :\
03:57-!-chipy [] has quit [Remote host closed the connection]
03:57<Smark>greg: yes
03:57<greg>no didnt not
03:58<Smark>greg: if it does, use root to change your other users passwords, if not you can use the Linode Platform Manager to change your root password
03:58<greg>li84-244 login: root Password: Login incorrect li84-244 login:
03:58<amitz>Smark: well, it's difficult to use C++ for GUI AFAIK so can't blame you there.
04:00<greg>smark , you mean , and change passowr
04:00<Smark>I mean the only decent language I've been able to find for windows based programming is VB/VB.NET... And you'll generally get made fun of
04:00<greg>I did so yesterday , but sill no use
04:00<Smark>you may have to restart
04:00<greg>is it
04:00<greg>let me rechange then again
04:00<Smark>how did you change it?
04:03<amitz>Smark: screw those people! :-) Yeah, I think what you implicitly mean is that the learning curve (before you start doing something visibly productive) of non ,NET is steep. Maybe you should start looking into netbeans? It has quite decent GUI creator.
04:03<greg>using the panel
04:04<greg>I changed using the above link which says add new pass for console
04:04<amitz>Smark: You can create a java GUI based application easily. And there are some more obscure GUI builder in other languages.
04:04<greg>@smar , how do I restart ?
04:05<Smark>greg, you want to go into your Linode Profile and change it there
04:05<Smark>you use the shutdown button, then once its shutdown, you click "Boot"
04:05<vuf>is there something like "rpm -qi" for .deb ?
04:06<greg>changed in profile , trying again
04:07<Smark>amitz, i guess I've just got a lot on my plate now, with my CMS in the process of being redesigned, starting a small webdesign/hosting business, building a site for a client, and working out all this family stuff I dont have a lot of time... Though I think eventually C/C++ is the way to go as far as Windows Programming... I mean the only thing unique to windows is interfacing with the user.
04:07<Smark>All the "nuts and bolts" are going to generally be the same no matter what OS
04:10<greg>@smark , no fun still doesnt work
04:10<Smark>did you reboot after you edited the profile?
04:11<greg>reboot what , console .. if so yes I did ...
04:11<greg>I am not sur abt the sys reboot how to do that .
04:12<Smark>go to your Linode Platform Manager Homepage
04:12<Smark>your "Dashboard"
04:12<Smark>and on the right side it should say "Running" with a "Shutdown" button beneath
04:12<Smark>click Shutdown
04:12-!-scorche` [] has joined #linode
04:12<Smark>and click Yes to confirm it
04:13<Smark>FYI, your server will be offline
04:13<greg>no issues
04:13-!-scorche [] has quit [Read error: Connection reset by peer]
04:13-!-scorche` is now known as scorche
04:13<Smark>the page should refresh periodically
04:13<Smark>once you see "Boot" where "Shutdown" used to be, click it
04:14<Smark>and watch your console
04:14<Smark>once you see your login screen in Lish, try to login
04:16<Smark>Actually I was wrong before, you change your root password in Settings & Utilities section of the LPM ( )... Be sure to choose the right disk image...
04:17<Smark>Unless we've already fixed the problem
04:20-!-Twayne [] has quit [Ping timeout: 480 seconds]
04:20-!-Twayne [] has joined #linode
04:23<greg>@smark so my username will be linode##### ?
04:23-!-tiny [~ivob@] has joined #linode
04:23<greg>and password I saved in profile ?
04:23<greg>right />
04:23<Musicmasteria>Smark, I enabled root login and now I'm on the root account in WinSCP. I set 'STARTUP_ENABLED=No'
04:24<Smark>no, your username will be root
04:24<Smark>and your password will be the password you specified in Settings & Utilities
04:25<Smark>Musicmasteria, ok. Now what?
04:25<greg>but when i launch console after booting i get this
04:25<greg> * Please create it; until then, mailman will refuse to start. St arting pop-before-smtp: done. * Starting Postfix Mail Transport Agent pos[ OK ]
04:25<linbot>amitz: Results not found. I'm pretty sure straterra ate them
04:25<greg>and its doesnt ask for login .
04:26<linbot> <-- paste here, not in the channel
04:26<Smark>greg, try pressing Ctrl+C
04:28<greg>Ubuntu 8.10 li84-244 tty1 li84-244 login: root Password:
04:28-!-Twayne [] has quit [Ping timeout: 480 seconds]
04:29<Smark>greg, please use the pastebin from now on... And?
04:30<greg>Yeah just saw that
04:30<greg>will use it from next time
04:31<greg>So how to I login ?
04:32<Smark>you type root as your username and your root password as your password?
04:33<greg>Yeah see the errror above
04:33<greg>I did the ame
04:33<greg>L: root P: new password from utlities as well as profile both
04:34<Smark>You changed the password using the Settings & Utilities page (making sure to select the correct Disk Image), rebooted, and tried logging in via Lish right?
04:34<greg>I mean first I tried with utlities consile passowrd
04:34<greg>and then with main password
04:34<greg>I have 2 disk images ,ubuntu and swap
04:34<greg>I selected ubuntu
04:34<Smark>ok, good
04:34<greg>and made a new pass
04:35-!-jcn [] has quit [Quit: ircII EPIC4-2.6 -- Are we there yet?]
04:35<Smark>did you reboot after making the new pass?
04:36-!-metaperl [] has quit [Quit: HydraIRC -> <- Try something fresh]
04:37-!-Twayne2 [] has joined #linode
04:38-!-metaperl [] has joined #linode
04:38<tanto>if i'm creating a ranking engine, do i want lower number to be better, or higher number?
04:39<tanto>IE rank 1 = best, or should it be highest score wins?
04:39<Smark>Rank 1 = Highest Score
04:39<Smark>Rank 10 = 10th Highest Score
04:40<Smark>Ranks get lower as numbers get higher
04:40<Smark>Atleast thats now 99% of all games do it
04:41-!-niekos [] has joined #linode
04:41<niekos>my server does not boot anymore
04:41<niekos>i receive this message
04:41<niekos>oot: failed to get domid
04:41<niekos> xen_linode_boot: failed to get domid Linode failed to boot for unknown reason.
04:42<niekos>any idea how this can be solved?
04:42<Smark>I think that may be something the admins need to take care of. thats has to do with the virtualization service
04:42<Smark>niekos, send in a ticket using the LPM, they usually respond quickly
04:42<niekos>ok, I already did that
04:43<niekos>hopefully they can fix it quickly
04:43<Smark>What did you do to cause that (if anything)? Just shutdown, and booted and that happened?
04:43<niekos>reboot from terminal
04:43<niekos>server did not come up again
04:44<niekos>in the linode manager I see that message
04:44<Smark>slow deltree is SLOW
04:45<greg>@smark I did restart
04:45<greg>@smark rem you only gave the procedure to restart
04:46-!-greg [] has quit [Remote host closed the connection]
04:46<Smark>people are really great sometimes.
04:46<niekos>sometimes :)
04:48-!-greg [] has joined #linode
04:48<greg>I am not able to LISH
04:48<greg>have chanegd the password as well and rebooted but still ajax console doesnt work
04:49<Smark>does it work, but not allow you to login or does it just "not work"?
04:50<greg>console works , but doesnt allow me to login
04:51<greg>I mean and root/password
04:51<greg>doenst work
04:51<Smark>you may want to look into some finnix options, if resetting your root password doesnt work you may have some serious problems with your operating system. You might try sending in a ticket and asking the Linode Staff to reset your root password manually.
04:53-!-libervisco [] has joined #linode
04:55<vuf>dovecot does not connect to pgsql on startup. when restarting pgsql by hand, dovecot immediately connects. ideas?
04:55<tanto>on server boot up?
04:55<tanto>or service start up?
04:57<vuf>on server boot, ubuntu
04:58-!-Twayne2 [] has quit [Ping timeout: 480 seconds]
04:58<vuf>it makes no sense that postgres should be started *after* dovecot
05:01<megatron27>Chrome on Linux is so fast....
05:02-!-Twayne2 [] has joined #linode
05:05-!-ph^ [~ph^@] has quit [Quit: Leaving...]
05:08<amitz>vuf: to email admin if database fail to start? :-p
05:10<vuf>amitz: eh, a joke?
05:11<amitz>vuf: not necessarily. dovecot can run without database.
05:12-!-Smark is now known as Smark[Gone]
05:12<amitz>vuf: but there should be a something somewhere to change the sequence. Perhaps by changing the filename of startup script..
05:12-!-ph^ [~ph^@] has joined #linode
05:13<theblackbox>I'm getting a shite load of brute force attempts at logging into my mailserver =(
05:13*theblackbox shakes his fist at this "tom" character
05:19-!-greg [] has quit [Remote host closed the connection]
05:19<vuf>theblackbox: no way around that
05:21<theblackbox>yeah, I was wondering about changing the port but seems like a bit of a pain
05:21<theblackbox>either way it'll end up happening, is there no way to kick/ban them?
05:21<theblackbox>.... other than iptables =S
05:23-!-cpg [] has quit [Quit: cpg]
05:28<megatron27>guys, how can you run a command as root using ssh -C from a remote computer?
05:28<megatron27>without SSHing as root
05:31<megatron27>that's what I'm doing and I'm getting this error - sudo: sorry, you must have a tty to run sudo
05:31<megatron27>oh, I see the problem
05:33<megatron27>I just have to get rid of RequireTty in visudo
05:37<megatron27>it's because of the RequireTty configuration in sudoers
05:38<megatron27>how can you prove that you have a TTY?
05:38<megatron27>yes, that's what I'm doing ssh -C <hostname> <command>
05:39<megatron27>just wondering, how was that different form what you were doing?
05:39-!-getsmart [] has joined #linode
05:39<megatron27>oh okay, thanks
05:40<megatron27>brilliant, thanks!
05:41-!-niekos [] has quit [Remote host closed the connection]
05:41<megatron27>man, rdiff-backup over ssh is so slow
05:42<vuf>rdiff-backup is slow, period.
05:43<megatron27>might have to forkout the extra 5 dollars a month on backup services ..
05:47<megatron27>okay fixed, resuming backup
05:48<rainman`>backups are slow, period.
05:52-!-idontworkhere [] has joined #linode
05:59-!-hpj [] has joined #linode
06:04-!-Twayne2 [] has quit [Ping timeout: 480 seconds]
06:05-!-Twayne [] has joined #linode
06:05<toyo|desk>hmm it looks like my linode has excessive io wait still
06:12<toyo|desk>hmm lemme see what happens when I do
06:13<toyo|desk>what am I looking for?
06:13<toyo|desk>I was running top so I could get a live view
06:13<toyo|desk>and it was going up pretty high
06:14<megatron27>I think I'll just sign up for Linode backups, this isn't worth my tiime
06:14-!-megatron27 [~firdaus@] has left #linode [Ex-Chat]
06:14-!-megatron27 [~firdaus@] has joined #linode
06:14<toyo|desk>hmm well I dont see any D
06:15<toyo|desk>ok I see
06:15<toyo|desk>it just spiked to 28%
06:15<toyo|desk>and apache and dbus something or other were up there
06:17<toyo|desk>httpd2-prefork seems to get it to the 25+%
06:17<toyo|desk>so dose that mean the hard drive in my linode is unable to keepup?
06:18<megatron27>rdiff-backup hardly uses any CPU time, I guess it's blocked on IO all the time since I'm using it over SSH
06:18<toyo|desk>megatron27, what are you trying to do?
06:18<megatron27>rdiff-backup-ing my entire Linode over SSH
06:19-!-getsmart [] has quit [Quit: Ex-Chat]
06:19-!-Bryan [] has joined #linode
06:19<toyo|desk>sounds very bandwidth intensive as well
06:20<megatron27>yeah, but I only use 300MB a month anyway so this is nothing
06:22<toyo|desk>ah yeah
06:22<toyo|desk>we use a backup software at work that uses rsync
06:22<toyo|desk>its pretty nice
06:22*megatron27 suddenly feels sorry for the other Linodes on his host
06:24<megatron27>one thing I don't like about it is that it cannot resume if it's the first time you're doing the backup
06:26<vuf>hmm, rsync backup often means no history, which is bad
06:27<megatron27>unison is like that, it just syncs using rsync but doesn't keep any older versions of the file
06:27<megatron27>rdiff-backup and duplicity both keep past versions
06:30<toyo|desk>ah backuppc is more configurable than that
06:31<Yaakov>I just write everything down and keep it in a locked file cabinet.
06:31<toyo|desk>in 1s and 0s?
06:31<toyo|desk>damn you are hardcore
06:32<Yaakov>No! That would be silly.
06:32<Yaakov>I use unicode symbols for compression.
06:32<toyo|desk>ah ok
06:33<BarkerJr>megatron27, which host is this, so I can determine if I should hate you? :P
06:33-!-syntaxman [~wade@] has quit [Read error: Connection reset by peer]
06:33-!-syntaxman [~wade@] has joined #linode
06:33<toyo|desk>maybe you are the source of my friggin io wait
06:33<BarkerJr>ah, way too low for me
06:34*toyo|desk glares at megatron27
06:34-!-kelvinq [] has joined #linode
06:34<BarkerJr>I'm a newb on fremont 103
06:34<Yaakov>SpaceHobo: ∞♡
06:34<BarkerJr>that's a lot of hosts in fremont
06:35<toyo|desk>not sure which one I am on
06:35<toyo|desk>I think
06:36<BarkerJr>Your Linode has averaged 1% of one Host CPU for this month
06:36<toyo|desk>me too
06:36<toyo|desk>oh wait I guess I am on freemont 50
06:37<toyo|desk>thats what it says in the panel anyway
06:37<vuf>well, seems that my dovecot/pgsql problem was due to the firewall being configured too late (in rc.local)
06:38<BarkerJr>from now on, whenever anyone has any problem in here, I'm blaming firewalls
06:39<BarkerJr>apache showing the Welcome page? must be a firewall!
06:39*toyo|desk is a good opensuse user and uses the default builtin yast firewall
06:39<vuf>I wanted to use the ubuntu built-in firewall, but I only know iptables ...
06:40<toyo|desk>hmm yeah I just use the yast one cuz its easy
06:40<toyo|desk>its all curses based
06:41<vuf>I know the redhat curses one, but not for ubuntu
06:41<BarkerJr>I use no firewall cause it's easiest :P
06:41<toyo|desk>yeah I assume the redhat one and the opensuse one are similar
06:42<Yaakov>I run all available network services and firewall them.
06:42<Yaakov>I am listening on every registered port.
06:42<vuf>not so good to use no firewall when you have a private network
06:43-!-syntaxman [~wade@] has quit [Ping timeout: 480 seconds]
06:44<Yaakov>OK, exercise, shower, eat, work. SEE YOU FREEKZ LATAH
06:46<BarkerJr>netstat -pean
06:47-!-Twayne [] has quit [Ping timeout: 480 seconds]
06:51<vuf>I have to keep a file in synch on two servers. Proposals for a secure way to do that?
06:52<vuf>right, but what command to lock to?
06:56<BarkerJr>nice rsync -aHze ssh --delete /etc
06:57-!-Bryan is now known as hakr
06:57<vuf>SpaceHobo: so I put the key at the destination, and initiate from there?
06:57<BarkerJr>what's wrong with it?
06:58<BarkerJr>oh ya, you gotta put it in a minutely cron
06:58<vuf>I want to put this into a makefile, so it is pushed when the file is updated
06:59<vuf>sorry for not mentioning earlier
06:59<BarkerJr>ooh, ok
06:59<vuf>ah, clever
07:03<BarkerJr>is beta backup available in fremont?
07:05<BarkerJr>the forum says "Atlanta and Dallas sometime later this month, and Fremont early May."
07:10<encode>pretty sure its available in all 4 DCs
07:14<linbot>New news from forums: Need help setting up a second public IP address in Linux Networking <>
07:16<vuf>SpaceHobo: that works, thanks. So this will allow an attacker to overwrite just that single file?
07:18<toyo|desk>what is a good average io rate
07:18<toyo|desk>in the control panel
07:21<toyo|desk>also is there a way to know if you are running the latest linode kernel
07:23<vuf>SpaceHobo: right, I mean if one machine is compromised
07:25<vuf>yeah but I hate pulling from cron
07:26<toyo|desk>SpaceHobo, do you know how to find out if you are running the latest kernel?
07:27<toyo|desk>hmm yeah but what is the latest that linode has out
07:28<toyo|desk>cuz I know the kernel that my distro supplies isnt what is used
07:28<vuf>SpaceHobo: also, I am syncing dns data, so I want it updated immediately
07:28<BarkerJr>why not use master/slave for dns?
07:29<vuf>BarkerJr: I use djbdns
07:30<toyo|desk>thanks jvaughan
07:32<toyo|desk>jvaughan, to change to a newer kernel do you just select it from the list then reboot?
07:34<HoopyCat>toyo|desk: a good average I/O rate depends on what you're doing, how you've set it up, and what's normal. as long as you aren't actively swapping and you aren't experiencing a lot of I/O wait, you're probably in good shape.
07:34<toyo|desk>I am getting a lot of wait
07:34-!-BarkerJr [] has quit [Quit: Nerd Pride]
07:35<HoopyCat>toyo|desk: pastebin about 30 seconds of "vmstat 1"?
07:35<toyo|desk>hmm ok
07:37<linbot> <-- paste here, not in the channel
07:39<toyo|desk>seems like a lot of wait to me, and also the system is generally sluggish
07:39<toyo|desk>especially apache
07:39<HoopyCat>toyo|desk: you are swapping a lot
07:40<HoopyCat>toyo|desk: pastebin "free -m" and "ps auxwww"? might help track down the heavy process
07:41<jvaughan>toyo|desk: yes
07:46-!-niekos [] has joined #linode
07:46<toyo|desk>anything good there HoopyCat
07:48<HoopyCat>toyo|desk: hmm... you might need to tweak the maximum number of apache processes down a notch or two. their size isn't extremely large ('tho it's on the high end of average), and 8 shouldn't be *too* bad, but i suspect there's some expansion/contraction going on. also, mysqld might be tunable a bit too...
07:49<toyo|desk>hmm ok I will set the preforks a bit lower
07:49<rainman`>why nog lighty?
07:49<megatron27>what's the default version of Python on Suse
07:50<HoopyCat>toyo|desk: ignoring buffers/cache, and adding used memory (316MB) plus used swap (129MB), you're using 445MB of memory total, which is perhaps unsustainable in the long run
07:50<toyo|desk>thats what I have anyway
07:51<toyo|desk>hmm yeah I am wondering if my 360 is just too little to run this setup
07:51<megatron27>can't wait for RHEL to default to 2.5.....
07:51<megatron27>what are you running?
07:52<toyo|desk>and an irc bot
07:52-!-jtaji_ [] has quit [Remote host closed the connection]
07:52<toyo|desk>thats it
07:52<toyo|desk>so apache php mysql
07:52<toyo|desk>and a python bot
07:52<toyo|desk>same one that is here
07:52<rainman`>why nog lighty?
07:53<rainman`>apache is always larger per process
07:53<rainman`>than fastcgi-based setups
07:53<toyo|desk>I just need to figure out what needs to be fixes
07:53<megatron27>man, what has happened to us, 360MB should be plenty...
07:54<toyo|desk>mysql is using 10MB
07:54<HoopyCat>being able to split "svelte static handling" and "bloated php handling" does make life easier
07:54<megatron27>I run solr, mysql, 5 django fast cgi processes and lighttpd - so far not out of memory errors - but I dont' have any users yet
07:54<HoopyCat>toyo|desk: mysqld is using 122MB
07:55<toyo|desk>oh yeah res
07:55<toyo|desk>res + virt
07:55<toyo|desk>118m 10m
07:55<toyo|desk>er thats flopped
07:55<megatron27>oh and I run apache for trac....
07:56<HoopyCat>toyo|desk: virt includes res
07:56<toyo|desk>virt is 118 and res is 10
07:56<HoopyCat>well, vsz includes res
07:56<rainman`>you want to look at RES
07:56<rainman`>not virt
07:56<vuf>virt is useless
07:56<megatron27>352428k used, 16428k free :-(
07:56<HoopyCat>megatron27: look at the +/- buffers/cache line of free -m
07:56<megatron27>99700k cached
07:57-!-jtaji [] has joined #linode
07:57<rainman`>so 116M free
07:57<toyo|desk>SpaceHobo, I cut it down to 5 preforks
07:57<toyo|desk>we shall see if that helps
07:57<megatron27>HoopyCat: 242 used and 118 free
07:58<HoopyCat>megatron27: you are rockin' the suburbs
07:58<megatron27>I don't get it
07:58<HoopyCat>megatron27: (that's a good thing)
07:58<toyo|desk>I suppose if I go too low people will start seeing the server overloaded message or something
07:58<megatron27>don't use any pop culture references with me :-)
07:58<megatron27>I'm not from the states
07:58<HoopyCat>toyo|desk: naw, they'll just queue up for a few moments
07:58<vuf>toyo|desk: no, you can go very low and it will most likely be fine
07:58<HoopyCat>megatron27: rockin' is generally a good thing, as long as you're not rockin' urmom
07:59<megatron27>now that I get!
07:59<megatron27>but I have zero load at the moment....
07:59<toyo|desk>default apache config has some ridiculous numbers like to the order of 200+
08:00<rainman`>SpaceHobo, if it gets too easy, anyone will be able to do it
08:00<rainman`>SpaceHobo, and others will be out of a job
08:00-!-kelvinq [] has quit [Quit: kelvinq]
08:00<rainman`>thoughts like that are causing the economic recession!
08:00<megatron27>and this room would be dead :-)
08:00<toyo|desk>anyway I am gonna reboot my server and see if I can get it to boot the newest kernel
08:00<toyo|desk>this should get interesting
08:02<megatron27>so you add the cached value with the free physical memory value in top and you get the same value as in free -m under the free column ...
08:02-!-Bohemian [~Bohemian@] has left #linode []
08:02-!-peter_ [] has joined #linode
08:03<megatron27>got to go back, it's already 8
08:03-!-megatron27 [~firdaus@] has quit [Quit: Ex-Chat]
08:05<toyo|desk>does the shutdown button in the dashboard do a clean shutdown or a pull the power type of shutdown
08:09-!-sc0field [] has joined #linode
08:12<encode>toyo|desk: it does a normal linux shutdown, the same as if you'd issued a `shutdown -h now` command in a terminal session
08:12<HoopyCat>toyo|desk: it sends a ctrl-alt-delete
08:12<HoopyCat>toyo|desk: so, in every sane distro in the world, it triggers an immediate reboot
08:13<HoopyCat>dunno about yours tho ;-)
08:13<toyo|desk>it worked
08:13*encode makes a point of never running sane distros
08:13<rainman`>can i run windows on my node?
08:13<encode>where would be the fun in that?
08:13<encode>rainman`: no
08:14<HoopyCat>my /etc/event.d/control-alt-delete starts dban, just to mess with people
08:14<toyo|desk>yay new kernel works
08:15<encode>my control-alt-delete sends mikegrb a ticket
08:15-!-kelvinq [] has joined #linode
08:18<toyo|desk>ok I seriously dont know what is wrong now
08:19<toyo|desk>the IO wait is still really high but there is no swap in use
08:19<toyo|desk>so wtf
08:19<HoopyCat>toyo|desk: pastebin 'bout 30 seconds of vmstat 1 again?
08:20<toyo|desk>hmm I think I know what was going on
08:20-!-niekos [] has quit [Remote host closed the connection]
08:20<toyo|desk>mysql was loading the db into memory
08:20<toyo|desk>now its fast
08:21<toyo|desk>yeah it seems fine now
08:21<HoopyCat>ah, yes. give things a few minutes to mellow after a reboot before panicking. :-)
08:21<HoopyCat><--- does same thing
08:21-!-DrZipie [] has joined #linode
08:22<toyo|desk>well thats good rebooting and updating things seems to have helped
08:23<rainman`>io wait is not related to swap
08:23<rainman`>not specifically, that is
08:23<HoopyCat>rainman`: all other things being equal, swapping doesn't make io wait go down. :-)
08:24<toyo|desk>doing a vmstat now
08:24<HoopyCat>toyo|desk: ps auxwww is pastebin-worthy too, if just to compare old vs. new
08:24-!-alex-weej [] has joined #linode
08:24<rainman`>HoopyCat, but high io wait is often not due to swap
08:26<HoopyCat>rainman`: nod... watching vmstat for a little bit can help figure out if it's a contributor tho
08:27<rainman`>how long until linux will just log "you're using too much swap, change setting X of apache to fix it"
08:29<HoopyCat>toyo|desk: huh. looks better, but i can't put my finger on *what* looks better on the process list. (then again, i couldn't really put my finger on what didn't look right on the original one, so perhaps it just needed a kick in the pants)
08:29<HoopyCat>rainman`: irssi already does that
08:30<toyo|desk>yeah I dont know the only difference is 1 less apache prefork
08:31<HoopyCat>toyo|desk: stranger things have made a difference
08:31<toyo|desk>but the vmstat definitely is better
08:31<vuf>you probably only need around 4 apaches, no scaling, unless the site is quite busy
08:32<toyo|desk>not really busy
08:32<toyo|desk>so yeah I will pull it back again
08:32<toyo|desk>maybe free some more ram
08:32<vuf>note the "no scaling" part, it will help to reduce memory pressure
08:33<toyo|desk>how do you set that
08:34<HoopyCat>Status: Delivered, 08/04/2009 8:29 AM via Staples Fleet
08:34<vuf>toyo|desk: you set MaxClients MinSpareServers MaxSpareServers StartServers to the same value
08:35<vuf>toyo|desk: and reduce KeepAliveTimeout to about 2
08:35<toyo|desk>oh yeah I have done that already vuf and when I was in the apache channel they told me that it was all wrong and that I clearly didnt know what I am doing...which I dont really....but it seemed like a good idea
08:36-!-J-Node [] has joined #linode
08:36<toyo|desk>and yeah keep alive is set to 2
08:36<vuf>toyo|desk: I have not been in the apache channel, but I assume they are elitist. In here, we want things to work :)
08:36<toyo|desk>wouldnt surprise me
08:37<toyo|desk>anyway yeah so it looks like it is setup pretty good
08:37<toyo|desk>we shall see if I end up in the red again in a week or so
08:38-!-metaperl [] has quit [Quit: HydraIRC -> <- State of the art IRC]
08:38-!-metaperl [] has joined #linode
08:38<vuf>toyo|desk: good luck
08:40-!-Ghent [] has joined #linode
08:40-!-[1]J-Node [] has joined #linode
08:40<toyo|desk>thanks I think I will need it
08:42<HoopyCat>there is absolutely no staples box here
08:42-!-Bass10 [] has joined #linode
08:44-!-purrdeta [] has quit [Ping timeout: 480 seconds]
08:46<rainman`>you can also move off static content to a CDN
08:46<rainman`>and disable keepalive
08:46-!-Mathew [] has joined #linode
08:47-!-J-Node [] has quit [Ping timeout: 480 seconds]
08:47-!-[1]J-Node is now known as J-Node
08:47<HoopyCat>disabling keepalive is generally a danged good idea
08:49<HoopyCat>keep rollin' rollin' rollin', though the flows are swollen, keep them packets rollin', rawhiiiide
08:51-!-purrdeta [] has joined #linode
08:51<linbot>New news from forums: Webalizer help in General Discussion <>
08:57-!-TheJoe|ZzZz is now known as TheJoe
08:59<Nivex>host -t txt
09:04-!-kelvinq [] has quit [Quit: kelvinq]
09:06<Staz>a very cool use of TXT RRs :)
09:08<Yaakov>!dig -t txt
09:08<linbot>Yaakov: [dig] | ;; ANSWER SECTION: | ;; AUTHORITY SECTION
09:08<Yaakov>!dig -t TXT
09:08<linbot>Yaakov: [dig] | ;; ANSWER SECTION: | ;; AUTHORITY SECTION
09:08<Yaakov>!dig TXT
09:08<linbot>Yaakov: [dig] status: NOERROR | ;; ANSWER SECTION: 86400 IN TXT "A mother insult is a reference to a person's mother through the use of phrases such as \"your mother\" or other regional variants, frequently used to insult the target by way of his or her mother." | ;; AUTHORITY SECTION
09:09<Yaakov>I forgot my own syntax.
09:09<Yaakov>!dig TXT
09:09<linbot>Yaakov: [dig] status: NXDOMAIN | ;; ANSWER SECTION: | ;; AUTHORITY SECTION
09:09<linbot>rainman`: Yo momma's so ugly, she looks like this! (817:0/0) [mormu]
09:09<Staz>!dig TXT
09:09<linbot>Staz: [dig] status: NXDOMAIN | ;; ANSWER SECTION: | ;; AUTHORITY SECTION 3600 IN SOA 2007051000 28800 7200 2419200 21600
09:10<Staz>!dig TXT
09:10<linbot>Staz: [dig] status: NOERROR | ;; ANSWER SECTION: 86400 IN TXT "A hypnic or hypnagogic jerk is an involuntary myoclonic twitch which occurs during hypnagogia, just as the subject is beginning to fall asleep. Physically, hypnic jerks resemble the \"jump\" made when a person is startled." "c_jerk" | ;; AUTHORITY SECTION
09:11-!-Dreamer3 [] has quit [Quit: This computer has gone to sleep]
09:15-!-Dreamer3 [] has joined #linode
09:17-!-LordMetroid [] has joined #linode
09:19-!-MrWork [] has joined #linode
09:19-!-linville [] has joined #linode
09:28<Yaakov>!dig TXT
09:28<linbot>Yaakov: [dig] status: NXDOMAIN | ;; ANSWER SECTION: | ;; AUTHORITY SECTION
09:30-!-rd-giorgio [] has joined #linode
09:31-!-rd-giorgio [] has quit [Remote host closed the connection]
09:33-!-litwol|mac [~litwol|] has quit [Remote host closed the connection]
09:34<MrWork>If i wanted to run a web server and mail server on linode, would i need 2 seperate plans or would 1 plan and 2 ip's be possible?
09:35<StevenK>You don't even need 2 IPs
09:36<Yaakov>MrWork: You can get two IP addresses, but you don't need them.
09:36<Yaakov>I run web and mail using one address.
09:39-!-megatron27 [~firdaus@] has joined #linode
09:41<MrWork>Yaakov, is that 2 seperate "machines"?
09:41-!-DrZipie [] has quit [Read error: Connection reset by peer]
09:41-!-DrZipie [] has joined #linode
09:42<Yaakov>MrWork: No.
09:42<Yaakov>It is easy and perfectly OK to run both a webserver and a mail server on one 'node.
09:42<MrWork>ya i know, but i don't like doing it that way if possible
09:43<MrWork>i like things seperate, if i break 1 the other still works
09:43<Yaakov>If you want to buy two 'nodes, that's fine, but I am not sure what the advantage is...
09:43<Yaakov>Well, my experience tells me that doesn't have much utility, but if you prefer it, that's your choice.
09:43<Yaakov>In which case, yes, you need two 'nodes.
09:44<MrWork>ok, thats what i wanted to know, thanks
09:44<MrWork>now back to deciding what i want to do lol
09:45-!-hakr [] has quit [Quit: Leaving...]
09:47<vuf>it's easier to not break things when you have just 1 machine
09:50<HoopyCat>with one linode, you always know which one to not delete! :-)
09:53*HoopyCat grabs the PA microphone
09:54<HoopyCat>there is a linode with its squid open in the if you're running a squid there, check your 3128
09:54<@jed>HoopyCat: already found it
09:54<@jed>we're hot like that.
09:54<HoopyCat>there's also a call holding for mr. butts, first name seymour
09:55<Yaakov>caker: PING
09:55<@jed>I will neither confirm nor deny that we're following twitter for the word "Linode"
09:55<@jed>HoopyCat: ;)
09:55-!-crux__ is now known as cruxeternus
09:56<HoopyCat>jed: i figure i'd give a decent head start for the squid log to start filling up
09:56*HoopyCat grabs the PA microphone again
09:56<HoopyCat>c'mon guys, this call is still holding... I WANNA SEYMOUR BUTTS, OK?
09:56<Yaakov>caker: UNPING
09:57<cruxeternus>is there a public-ish linode staff channel?
09:57<@jed>yeah, this one
09:57<cruxeternus>eh, alright
09:57<@jed>you're welcome to msg me if it's a matter of privacy
09:57<cruxeternus>Just wanted to give you a heads up. Someone may be about to ddos my linode. :|
09:57*straterra eases finger over the 'Cancel Account' button
09:58<@jed>cruxeternus: generally these things aren't random, and you seem to know ahead of time
09:58<@jed>can you prevent this from happening in the future by, say, disconnecting from the IRC network where you're about to get attacked from?
09:58<cruxeternus>Well, this guy DDoS' everyone he sees, every once in a while. I made the mistake of talking in a channel he happened to be in. :(
09:59<cruxeternus>09:55 < arabushim> cruxetern: do you like
09:59<@jed>I'll repeat by pushing up up enter
09:59<cruxeternus>I'm trying to ignore him.
09:59<linbot>New news from forums: how to build a vpn server? in General Discussion <>
09:59<@jed>can you prevent this from happening in the future by, say, disconnecting from the IRC network where you're about to get attacked from?
09:59<cruxeternus>It's EFNet.
09:59<@jed>I got off of EFnet ages ago
09:59<straterra>disconnecting works on efnet
09:59<cruxeternus>Disconnecting tends to encourage them. My best hope is that he forgets about me.
09:59<@jed>no, disconnecting means he forgets your existence
09:59<@jed>that's what we're after, here
09:59<Yaakov>Using /part is very effective.
10:00<@jed>because if you get DDoSed and it gets our attention, your Linode will be removed from the Internet for at least 24 hours.
10:00<cruxeternus>So, basically, I cannot use EFNet from Linode?
10:00<@jed>how about that one particular channel?
10:00<@jed>I'm not saying that outright, you're welcome to do what you want, but repeated DDoS attacks will result in action being taken on our part
10:00<megatron27>so people who get DDOSed are the ones who are accessing IRC through their Linode server?
10:00<cruxeternus>Well, I parted. But he joined another channel I was in (#football) to deliver that threat.
10:01<@jed>I seriously doubt someone with a botnet just decided to attack you with provocation -- as, back in the day, I had my botnet and that was simply too much effort. Here's my suggestion to you -- distance yourself from these people and you won't have to worry about it anymore
10:01<cruxeternus>although, fortunately... some others in #football are harassing him.. thus, I'm probably in the clear :|
10:01<cruxeternus>This guy has a custom script for exploiting php servers. He DDoS's his friends for the hell of it.
10:01<fuzzie>megatron27: IRC does seem to be a remarkable magnet for such things.
10:02<cruxeternus>I know of him.. and do my best to avoid him.
10:02<cruxeternus>I didn't realize he was in that channel, until too late.
10:02<randallman>heh EFnet
10:02*randallman remembers the early 90s :p
10:02<Yaakov>randallman: EFNet is NOW baby.
10:02<HoopyCat>ddos is like lightning... not being the tallest object is usually a good idea. :-)
10:02<megatron27>was this the cause of the Dallas DDOS a few weeks ago?
10:02<cruxeternus>Well, I haven't been hit in a while... been staying clear.
10:02<Yaakov>Dig a ditch and lay flat.
10:02<@caker>the cause of all DDoS attacks - idiocy
10:03<cruxeternus>But like I said, all it takes is him seeing a message from you in a channel, to provoke something.
10:03<Yaakov>Howdy, caker.
10:03<@jed>cruxeternus: If you want the official Linode response, here it is. You're welcome to do whatever you like with your Linode, but if you get packeted you are not only responsible for any bandwidth overages, you are also getting our attention, and we don't like customers that get packeted.
10:03<randallman>Yaakov, remeber channel battles pre-TS? Nick collisions, et. al. ?
10:03<@jed>I saved myself a lot of trouble by just quitting EFnet...consider it.
10:03<cruxeternus>Well, I was hoping if you knew about it in advance, you had some kind of pre-emptive abilities.
10:03<cruxeternus>But I guess not. :/
10:03-!-Antitribu [] has joined #linode
10:03<@jed>Yeah, we can blackhole your IP for 24 hours
10:03<cruxeternus>jed: I got tons of friends there. :/
10:03<@jed>would you like us to do that?
10:04<Yaakov>caker: How is API +1 Day?
10:04-!-Antitribu [] has left #linode []
10:04<@caker>Yaakov: so far so good
10:04<cruxeternus>jed: Are you new here?
10:04<Yaakov>randallman: Certainly.
10:04<HoopyCat>cruxeternus: i'm not saying other networks are panaceas of peace and prosperity, but EFnet has kinda missed the "customer service" wave
10:04<linbot>New news from forums: how to build a iscsi target server? in General Discussion <>
10:04<@caker>Yaakov: fallout from such a big merge wasn't bad -- a few one-liners
10:04<@jed>cruxeternus: new as employee?
10:04<Yaakov>randallman: Split riding...
10:04<cruxeternus>Just never had staff be hostile to me before.
10:04<Yaakov>caker: Excellent.
10:04<straterra>He really isn't being hostile
10:04-!-ph^ [~ph^@] has quit [Remote host closed the connection]
10:04<Yaakov>caker: So when I use the Linode manager I am now using the new API?
10:04<@jed>I'm not being hostile, I'm laying out your options -- I'm sorry if I'm being perceived that way
10:04<straterra>They can really blackhole the ip for 24 hours o.O
10:05<@jed>the only pre defense we have to a DDoS incoming is to null route you upstream
10:05<@caker>Yaakov: parts of it, yes. Most of it is still old codes
10:05<@jed>as our upstreams don't like to handle our null route tickets, they only let us do that once every 24 hours
10:05<Yaakov>caker: Well, I have to look at the perl bindings and do SOMETHING with them!
10:05<@jed>that's the long and short of it, and I'm not being hostile
10:05<megatron27>just out of curiosity why do people access IRC over their linodes?
10:05<@jed>megatron27: vhosts.
10:05<cruxeternus>these ddos' aren't like botnet ddos' though.. it's usually like a few dozen web servers that he's compromised... there's gotta be some way to filter/stop that.
10:05<@caker>megatron27: screen. :)
10:05<Yaakov>caker: I wish I had a reason to be buying lots of 'nodes so I could write a provisioning application.
10:05<straterra>jed: you could preemptively DDoS them back
10:05<@jed>cruxeternus: how would you suggest?
10:06<TheJoe>megatron27: 24/7 connection
10:06<@jed>if we filter your traffic on your host, guess what, we're still getting charged for the bandwidth.
10:06<straterra>megatron27: I IRC from mine for screen + irssi + my vpns + ipv6
10:06<Yaakov>Plus, straterra feels somehow closer to ME when he does it, and that pleases him.
10:07<HoopyCat>megatron27: i pay less for my linode than my home internet connection, so it is more expendable ;-)
10:07<cruxeternus>Alright, I guess my question has been answered. As a user, it's basically all my fault. :P
10:07<megatron27>oh, I understand now, your ISPs all give you static IPs right so accessing IRC directly is more risky
10:07<straterra>megatron27: I don't get a static IP..
10:07<@jed>cruxeternus: if I am a bit terse, you'll pardon me. I've just been on IRC a long, long time -- a DALnet oper for 4 years, customer + staff here a while, and I understand how getting packeted works (as I was the one doing the packeting when I was an angsty teenager as well)
10:07<straterra>Infact, thats one reason I IRC from my linode
10:07<@jed>we have zero facilities for handling it except for turning your Linode off from the network for a day.
10:08<Karrde>I IRC from my slice so THEY get packeted instead
10:08<@jed>because even if we filter the traffic (a compromised http botnet? ha) it's still going down our drop, and we're getting charged for it
10:08<cruxeternus>How easy is it to nullroute / un-nullroute?
10:08<Yaakov>Karrde: That's mean.
10:08<straterra>Maybe if you didn't pay for the could do more to selectively filter
10:08<hawk>cruxeternus: Well, it's not necessarily your fault, but it's "your traffic"...
10:08<@jed>cruxeternus: I can file the ticket now and you'll be off the air within 15 minutes
10:09<straterra>For a day
10:09<cruxeternus>and I could be back online within 15 as well?
10:09<@jed>(or more)
10:09-!-Artifex [~ncain@] has joined #linode
10:09<@jed>cruxeternus: negative.
10:09-!-Artifex [~ncain@] has left #linode []
10:09<Yaakov>Flapping considered harmful.
10:09<HoopyCat>megatron27: my home IP address is dynamic, but time between changes is measured in "months"
10:09<@jed>our upstream providers, again, get annoyed when we compulsively blackhole and unblackhole
10:09<Yaakov>HoopyCat: Not *real* months, eh?
10:09<@jed>as such, we place all blackholes for 24 hours
10:09<@jed>at a minimum.
10:09<cruxeternus>Ok, just trying to figure out a solution.
10:09<HoopyCat>cruxeternus: i'd probably wait until there's a problem before solving it
10:09<Yaakov>An ounce of prevention...
10:10<cruxeternus>HoopyCat: ^^
10:10<straterra> might just so happen that he doesn't DDoS you
10:10<@jed>cruxeternus: again, I apologize if I sounded hostile, but the people you hang around are generally the cause of this
10:10-!-brainproxy [] has quit [Ping timeout: 480 seconds]
10:10<@jed>I've never been packeted by someone that doesn't know me
10:10<cruxeternus>jed: I agree.. and like I said, I do everything I can to avoid this person.
10:10<cruxeternus>But he's constantly joining various channels to find new targets to harass.
10:10<cruxeternus>So sometimes I'm not expecting him to be there.
10:11<@jed>good luck getting him k-lined, he'll probably score an o-line on efnet with that behavior
10:11<Yaakov>cruxeternus: What's the nick?
10:11<@jed>honestly, bud, I did my efnet tour of duty
10:11<cruxeternus>jed: hhaha
10:11<HoopyCat>cruxeternus: tell your friends to join you down here
10:11<megatron27>damn, IRC can be such a cesspool
10:11<@jed>megatron27: on certain networks
10:11<Yaakov>jed: You aren't familiar with the current EFNet situation.
10:11<@jed>for a set not including OFTC
10:11<cruxeternus>well, I do have some friends starting a SportsIRC network... but that may take a while to get off the ground :/
10:11<megatron27>I personally used to hang out on Yahoo Chat :-)
10:11<@irgeek>Kind of like... real life! OMG@
10:11<megatron27>I still hang out there actually
10:11<straterra>megatron27: I loved Yahoo Chat
10:11<@jed>Yaakov: true, my last tour of duty was when koopa was opered
10:12<@jed>and #fuck_the_world was biggest channel on EFnet
10:12<cruxeternus>Well, what does OFTC do when they get DDoS'd? Just take it?
10:12<@jed>if it's changed since then, I'll be impressed
10:12<HoopyCat>megatron27: it takes a lot of chlorine to keep IRC clean
10:12<Yaakov>Well, I have been an oper on EFNet for about 15 years.
10:12<@jed>Yaakov: then you know koopa!
10:12<megatron27>Yahoo Chat had the booting and flooding culture
10:12<@jed>small world, spoken to chris recently?
10:12<Yaakov>Yes. I've seen the whole range.
10:13<Yaakov>No, I have been pretty quiet lately. No oper channels but my server's.
10:13<cruxeternus>And you know, I *hate* EFNet also... it's just the easiest place for non-computer-savvy people (i.e. sports fans) to find and get on.
10:13<Yaakov>I left #tz long, long ago.
10:13<HoopyCat>cruxeternus: there is a difference in scale between "attacking an individual" and "attacking a network"
10:13<Yaakov>I like EFNet, but then, I am Yaakov.
10:13<@jed>cruxeternus: attacking OFTC is a good way to go to prison
10:13-!-tiny [~ivob@] has quit [Quit: Leaving]
10:13<@jed>since the server you attack is probably in one of Linode's IP ranges
10:14<cruxeternus>jed: Well wait, if attacking OFTC leads to prison, why not attacking a Linode?
10:14<@jed>and there are employees here -- like, say, me -- who have several DDoS convictions under their belt
10:14<@irgeek>cruxeternus: It's not just easiest for sports fans. It's also easiest for 1337-hax0rs - see the issue?
10:14<cruxeternus>irgeek: Oh, no doubt. And they love all the non-tech users, to harass.
10:14<@jed>cruxeternus: we don't intervene in customer issues
10:14<@jed>that's between you and the guy on the other end of the hammer
10:14<Yaakov>Since chanfix, EFNet isn't so bad. The biggest issue is no nickserv, which isn't much of an issue.
10:15<megatron27>bloody hell, just realized the I am weasel reference!
10:15<@jed>if they attack OFTC, we sponsor OFTC -- providing hardware in places
10:15<Yaakov>For the most part, things are pretty mild on EFNet lately.
10:15<@jed>and that makes linode unhappy.
10:15<megatron27>I miss that cartoon so much....
10:15<@irgeek>megatron27: :)
10:15<cruxeternus>jed: You provide the hardware for my Linodes too :P
10:15<cruxeternus>But I understand the difference.
10:15<straterra>jed: convictions got caught, or you've got others caught?
10:15<@jed>good. :)
10:15<@jed>I started typing.
10:16<@jed>straterra: like, someone thought it'd be a good idea to packet $previous_employer and made a few mistakes along the way, and lived in the united states
10:16<@jed>and is now doing 3-5.
10:16<HoopyCat>cruxeternus: if you start the ball rolling with the right people in law enforcement, and keep the ball rolling, it can happen
10:16<@jed>since they cost $previous_employer six digits
10:16<straterra>That's fun
10:16<cruxeternus>ya, unfortunately this guy is in Germany, I believe :(
10:16<straterra>Call INTERPOL :P
10:17<megatron27>Good band by the way
10:17<@jed>HoopyCat: and the people rolling the ball with law enforcement operate one of the largest churches in the united states
10:17<@jed>and pay a lot of salaries
10:17<@jed>etc, etc
10:18<HoopyCat>yeah, the ball has to be sufficiently large to maintain enough momentum
10:18<cruxeternus>well, fortunately, this guy just pissed off all of #football, and had people yelling at him.. so he's unlikely to attack me now.
10:18<cruxeternus>EFNet. :|
10:19<HoopyCat>cruxeternus: if you're still here, odds are good either 1) the DDoS is weeeeak or 2) he got bored and is haqx0ring someone else
10:19<@jed>cruxeternus: did you get with Yaakov? Yaakov will likely take care of it
10:19<HoopyCat>cruxeternus: attention spans are short
10:19<@jed>since he's epic awesome sauce on the EFnets, apparently
10:19<@irgeek>Ticketmaster says: "An unusually large number of visitors are accessing our site. You've been placed in line
10:19<Yaakov>I asked about the nick, no response.
10:19<@irgeek>and will be granted access to the site in the order in which you arrived." - So why did the second browser I loaded the page in get through first?
10:19<Yaakov>HELLO UVGEEK
10:19<cruxeternus>Yaakov: Oh, I missed it.
10:19<megatron27>is it even possible to queue requests like that
10:20<@jed>Yaakov: 09:59:05 < cruxeternus> 09:55 < arabushim> cruxetern: do you like
10:20<cruxeternus>He goes by many aliases... but mainly vxp/arab
10:20<HoopyCat>irgeek: it's like a grocery store... the line you're in is always slowest
10:20<cruxeternus>peripherally affiliated with the pumper crowd
10:20<cruxeternus>Yaakov: oh, you're an oper!
10:20<HoopyCat>haha, is hosted on a linode
10:21<@jed>cruxeternus: magic, isn't it?
10:21<cruxeternus>I thought I recognized that nick :P
10:21<HoopyCat>cruxeternus: the "pumper" crowd? are they the people who stick air hoses up their bums?
10:21<Yaakov>Is arabushim the nick?
10:21<HoopyCat>or is that someone else?
10:21<cruxeternus>Yaakov: one of his many... he's got several clients.. and also a botnet
10:22<Yaakov>Well, I will talk to the admin of the server he appears to be an oper on.
10:22<@jed>Yaakov: the plot thickets
10:22<cruxeternus>Yaakov: He's not an oper.. that's a fake Oper tag in his away message
10:23<Yaakov>Ah, didn't look carefully, still, that won't sit well with the admin.
10:23<cruxeternus>god forbig someone gives him oper status :P
10:23<Yaakov>Oh, they won't. Plenty of people have lost their O for being an ass lately.
10:24<Yaakov>cruxeternus: I'll do what I can without making things worse.
10:24<randallman>Lately? :P
10:25<cruxeternus>Yaakov: hey, I HAVE A SOLUTION
10:25<cruxeternus>How about a spoof?? :D
10:25-!-Redgore [] has joined #linode
10:25<Yaakov>cruxeternus: Spoofs redirect the attacks for the server.
10:25<cruxeternus>I'm an uber-pacifist.
10:25<Yaakov>err, to.
10:25<cruxeternus>He won't attack the server because I say a message.
10:25<@irgeek>The really fun part about Ticketmaster is they say there's no account associated with my email address, but they still send email to it all the time.
10:25<cruxeternus>I'm not provoking him in any way.
10:26<Yaakov>Well, my server doesn't spoof anyone but opers, so it is moot.
10:26<cruxeternus>aw :/
10:26<cruxeternus>Wait, another solution!
10:26<cruxeternus>What are the Oper qualifications for your server?
10:26<megatron27>find other chatrooms?
10:26<megatron27>oh okay...
10:27<HoopyCat>becoming an oper to avoid ddos attacks is like becoming dead to avoid missing time from work with the flu
10:27<Yaakov>cruxeternus: You have to be an oper on the server to be an oper on the server.
10:27<praetorian>irgeek: yeah, the ticketmaster "queue" business seems dodgy.. kinda curious if it can be that accurate to work
10:28<Yaakov>cruxeternus: I will follow up on this guy and try to do something without stirring up a mess.
10:28<cruxeternus>Yaakov: I'd be extremely careful.
10:29<cruxeternus>Like I said, he DDoS's people just because they pop up on his radar. My crime? Trying to mediate disputes and calm people down. :/
10:29<Yaakov>Oh, I am familiar with Nerdus DDoSus.
10:29<@irgeek>It *could* be done with a fair degree of accuracy, but Ticketmaster is a black hole that sucks up money and screws people, so I don't expect them to get it right.
10:29<praetorian>yeah, there is much better ticketing companies! ;)
10:30<Yaakov>I have a forked stick and a noose, and special protective clothing, which, by the way, I look MARVELOUS in.
10:30-!-idontworkhere [] has quit [Ping timeout: 480 seconds]
10:30<cruxeternus>Ok, well, it's also good to know an Oper on EFNet that seems pretty reasonable. Glad you are here. :)
10:30<praetorian>doesnt everyone know an oper on efnet
10:30<praetorian>seeming there is so many
10:30<HoopyCat>one out of ten americans has an O:line on EFnet
10:31<cruxeternus>Ya, but how many are reasonable?
10:31<Yaakov>I try to be eminently reasonable while cutting a striking figure. I had to fight mikegrb off, and he STILL kissed me twice.
10:31<cruxeternus>Most I see k-line for practical jokes.
10:31-!-JoeK [] has quit [Read error: Connection reset by peer]
10:31<HoopyCat>actually, i'll say "has or had" so i can include myself
10:31-!-JoeK [] has joined #linode
10:31<Yaakov>HoopyCat: Perhaps, but I have 15 years of tenure.
10:32-!-Deckert [] has joined #linode
10:32<HoopyCat>Yaakov: ha! i lost mine in 15 seconds ;-)
10:32<praetorian>bet thats on the resume too
10:32<Yaakov>HoopyCat: May be a land speed record.
10:32<Karrde>if I SSH in as one account, how can I start a xterm (eg) as another user? X forwarding works as me but not as the new user. I can't SSH in directly as the second user.
10:32-!-HFSPLUS [] has joined #linode
10:32<HFSPLUS>Linux sucks
10:32<randallman>Since when did avahi-daemon become 'default to on' in RHEL5?
10:32<randallman>HFSPLUS, I agree totally
10:33<HoopyCat>Yaakov: juped in seconds flat
10:33<path>yum remove avahi*
10:33<path>hi randallman
10:33<randallman>thanksIm finally vindicated in my opinions
10:33<randallman>Heya pat
10:33<randallman>path, cups depends on it now
10:33<HFSPLUS>Linux sucks
10:33<path>yum remove cups
10:33<randallman>I dont need no stinking zeroconf
10:33<Yaakov>avahi is great sauce.
10:33<randallman>But I do need cups :)
10:33<praetorian>Oh here we goo
10:33<path>meh, i hate printing in general
10:33<randallman> /sbin/chkconfig avahi-daemon GFY...
10:33-!-Deckert_ [] has quit [Read error: Connection reset by peer]
10:34<path>i want to take all printers and throw them off the roof.. such a waste of paper
10:34<cruxeternus>15 years as an EFNet Oper on his resume? It should be... he's qualified for World Expert Terrorist Negotiator
10:34<HoopyCat>Karrde: *think* sudo MIGHT do it if it propagates the environment, but i'm not sure how dodged out ssh would get about that
10:34<Yaakov>I use mDNS at home and its just marvelous. It works at work quite workingly, too.
10:34<pharaun>been eyeballing a networked laser printer so i can spool it off and tell it stfu
10:34<randallman>Yaakov, I like control... :)
10:34<Yaakov>randallman: You can control a lot about how it works.
10:34<randallman>path, that may be true but we're in legal services :0
10:34<Karrde>'X11 connection rejected because of wrong authentication'
10:34<randallman>Yaakov, Im like Hem and Haw from 'Who moved my cheese'
10:34<randallman>I do not like change :P
10:35<HoopyCat>Karrde: if you find out, lemme know ;-)
10:35<randallman>SH, eh?
10:35<randallman>Anorak? :P
10:36<HFSPLUS>Linux sucks
10:36<randallman>A rain jacket? :P
10:36<Yaakov>All operating systems and computers are trash. The trick is choosing the best trash for the job.
10:36<randallman>Yeah, It was a joke :)
10:36<cruxeternus>OMG You're a #poltics op :(
10:36*cruxeternus headdesks.
10:37<randallman>Yeah but I have a thick skul :)
10:37-!-HFSPLUS [] has quit [Quit: ajax IRC Client]
10:37*Yaakov moves SpaceHobo's cheese.
10:37<Yaakov>SpaceHobo is writing "The One Minute Troller".
10:37<HoopyCat>BREAKING NEWS: Ignoring a troll caused them to give up and leave
10:37<Yaakov>HFSPLUS didn't get satisfaction.
10:37<randallman>no shit
10:37<cruxeternus>HoopyCat: That's what I normally try and do.
10:37<HoopyCat>that NEVER works :-)
10:38<path>i wonder if that works on efnet too?
10:38<cruxeternus>It usually works.
10:38<Yaakov>cruxeternus: Yes, And #obama.
10:38<HoopyCat>cruxeternus: yeah, me too, but it's always some other asshat who eggs them on. kinda proud of us today.
10:38<Yaakov>cruxeternus: And others...
10:39<@jed>you know
10:39<Yaakov>jed: Yes.
10:39<@jed>it really hurts my feelings that video games that I remember struggling to get running on my Radeon 9800
10:39<@jed>at 1024x768 even
10:40<Yaakov>SpaceHobo: No, that's urmom.
10:40<randallman>I actually kept my 9800 alive
10:40<cruxeternus>SpaceHobo: Blasphemy.
10:40<randallman>and replaced a FAN
10:40<@jed>run like cream cheese dripping off your chin on this mac
10:40<randallman>Seriously, it was being used until like 8 months ago
10:40<Yaakov>SpaceHobo: A common one. No problem.
10:40<randallman>in my old AGP game box :)
10:40<@jed>at 1920x1200 :/
10:40<cruxeternus>Conclusion: Mac is the ultimate gaming platform?
10:40<straterra>that was fun
10:40<Yaakov>Cosmic Osmo was the best FPS ever written.
10:41<straterra>rain flowing in a circle, orange skies, hail...most fun evar
10:41<@jed>cruxeternus: or 5-year-old games run better
10:41*praetorian misses Maze Wars and Spin Doctor
10:41<@jed>on hardware that wasn't even dreamt of at the time
10:41<Yaakov>jed: Games need to be aged.
10:41<@jed>if the designers of unreal 2004 imagined dual core processing, I bet they'd laugh it off
10:41<cruxeternus>I just built a 3.2GHz Quad EE + GeForce 275GTX... I don't have your problemz :P
10:42<cruxeternus>But I never had a gaming comp before... decided to splurge
10:42<cruxeternus>Rather than half-ass it.
10:42<Yaakov>I don't play any games.
10:42<randallman>for i in `cat /tmp/ALL-AVAHI | egrep ON | sed 's/: avahi ON//g'`; do ssh -l rshutt $i sudo /sbin/service avahi-daemon stop; ssh -l rshutt $i sudo /sbin/chkconfig avahi-daemon off; done
10:42<randallman>bye bye mDNS
10:42<cruxeternus>Yaakov: Except idlerpg?
10:42<Yaakov>Nope, don't play that either.
10:42*randallman still is playing NWN2
10:42<Yaakov>praetorian: Long ago I was a Conway fan.
10:43<Yaakov>I wrote it for my TRS-80.
10:43<randallman>Oh we're going back THAT far :)
10:43<randallman>I used to love the old EA games for the C=64
10:43*praetorian referred to the real life in this case ;)
10:43<randallman>Archon, Mail order Monsters ;)
10:43<Yaakov>Well, before that, I did it on graph paper.
10:43<Yaakov>Then I wrote it for graph paper and my HP 25 calculator.
10:44<cruxeternus>Yaakov: Are you the creator of the MOTD on your EFNet server?
10:44<Yaakov>No, no. I am not an admin.
10:44<Yaakov>I am a lowly oper.
10:44-!-brainproxy [] has joined #linode
10:44<cruxeternus>Ah, gotcha.
10:45<Yaakov>I find it more pleasant to keep my head down.
10:45<randallman>didn't EFnet teeter in teh balance for a while in the late 90's?
10:45<randallman>almost fall apart?
10:45<randallman>split into EU and US?
10:46<cruxeternus>I think that's happened many times.
10:52-!-daMaestro [] has joined #linode
10:59-!-samuel [~samuel@] has joined #linode
10:59-!-litwol|mac [~litwol|] has joined #linode
11:02<megatron27>reading about how Netflix has no vacation policy, wouldn't that discourage employees from taking vacations and isn't that a bad thing too
11:03-!-samuel [~samuel@] has quit []
11:04<pharaun>0_o no vacation policy?
11:04-!-Leif [] has joined #linode
11:05<megatron27>I'm reading this -
11:05-!-Leif_ [] has joined #linode
11:06-!-Leif_ [] has quit [Remote host closed the connection]
11:06-!-samuel [~samuel@] has joined #linode
11:07-!-litwol|mac [~litwol|] has quit [Remote host closed the connection]
11:09-!-alex-weej [] has quit [Quit: Ex-Chat]
11:09<pharaun>makes sense but same time
11:09<pharaun>i like policy in some way so i can know what is acceptable/not
11:10<megatron27>Netflix has an intense culture
11:11<Yaakov>Linode has a very similar policy except for the addressable shock collars.
11:11<Yaakov>I mean, Linode has those, not Netflix.
11:11<pharaun>i guess i'm used to the big blue :-p
11:11<pharaun>my only work experience is with IBM really so
11:12<megatron27>I can't work at IBM either :-)
11:12<pharaun>some day would like to get onboard with a few smaller company
11:12<pharaun>and get some experience there too
11:12<Yaakov>pharaun: Do you have an IBM song book?
11:12<pharaun>i haven't start work yet will this sept
11:12<pharaun>21 to be exact
11:12<pharaun>but yeah
11:12<megatron27>I've always worked in small companies.
11:12<pharaun>only issue is I'm deaf, now I'm not letting it stop me but
11:12<Yaakov>pharaun: It's OK, the songs are bad.
11:13<pharaun>companies smaller than 50 are not required to support DA people in accord with the ADA act so it would be tougher to get into a smaller company
11:13<Yaakov>pharaun: Are you into deaf culture?
11:13<megatron27>I need a cup of tea
11:13<pharaun>so i figured I'll just focus on getting some good work experience and etc then go back to school in a few years for masters then go from there :)
11:13<pharaun>Yaakov: debatable
11:13<Yaakov>pharaun: I find it fascinating.
11:14<pharaun>heh it depends on the side of fence that you are on :-p
11:14<randallman>Heh someone just came over to me complaining that every 5 minutes one of our websites was getting a hit from our sitescope (monitoring) machine
11:14<Yaakov>Well, I mean it is so like other minority groups, and borrows a great deal from things like the Black Power movement.
11:14<randallman>and I had to waste 5 minutes on that crap :)
11:14<pharaun>Yaakov: yeah
11:14<pharaun>honestly i don't see much of that here
11:14<pharaun>because of NTID
11:14<pharaun>NTID = highschool
11:15<randallman>Companies < 50 do not have to conform to the ADA stuff?
11:15<pharaun>so lots of the kids who go there has the mentality of highschool kids aka = drama
11:15<pharaun>randallman: yeah
11:15<pharaun>50 people or less
11:15<randallman>companies < 50 people get a lot of ''benefits'' which just screw the people over
11:15<randallman>like they don't have to offer cobra either I believe
11:15<randallman>Cobra is post-seperation continuance of health converage
11:15<randallman>err coverage
11:16<randallman>you pay out the wazoo for it, but
11:16<pharaun>honestly i'm freshly out of college so i'm not familar with lots of the benefits stuff
11:16<randallman>Oh welcome to hell :)
11:16<pharaun>hoping to stay onboard with IBM for a few years then save up some dough
11:16<pharaun>and go back to school for masters
11:16<randallman>My health coverage is so caveated :)
11:16<randallman>hopefully I never get really sick or I'll exceed my lifetime maximum coverage ;)
11:16<pharaun>the health plan was confusing at IBM
11:16<pharaun>they got a bunch of weird exception
11:16<Karrde>pharaun: get back to work!
11:16<pharaun>and deducable
11:17<pharaun>for this and that
11:17<pharaun>and i'm like... what?
11:17<randallman>80/20 co-insurance up to 1500 bucks blah blah blah
11:17<Karrde>pharaun: do you have dependants?
11:17<pharaun>Karrde: haha I'm not working till sept 21
11:17<pharaun>Karrde: still single :-p
11:17<Karrde>.. then take the free plan
11:17<Karrde>IBM PPO
11:17<Yaakov>Linode is small, but they have great benefits. You get an hour a day in the exercise yard, you earn tokens for the concession based on performance, there is a "nurse" that visits once a month for things like broken bones and wounds that won't heal. It's really great.
11:17<pharaun>Karrde: yeah I'm thinking of that
11:17<Karrde>unless you're chronically ill?
11:17<pharaun>taking all of the free plans for now
11:17<rainman`>a nurse for broken bones that won't heal?
11:17<pharaun>then figuring out stuff then go from there
11:17<rainman`>if my bone doesn't heal well i just go to a doctor
11:17<Karrde>yeah, if you have no major health problems then good plan
11:17<rainman`>i don't wait a month for a nurse to come by
11:18<pharaun>Karrde: haha thank goodness I'm not, other than a few health issues but they're minor
11:18*rainman` is used to dutch health system though :)
11:18<Karrde>I took the next level up for eye care because I have bad eyes, but otherwise the free ones
11:18<path>PPO plans > HMO plans
11:18<Yaakov>rainman`: Umm... Linode is 24x7x365 lockdown. They can't go to the doctor.
11:18<Karrde><-- one-year-out-of-college
11:18<pharaun>Karrde: haha yeah i got shitty eyes too :)
11:18<rainman`>Yaakov, ah, makes sense
11:18<pharaun>-8 and -7 in my eyes iirc
11:18<randallman>path, sure except the coinsurance
11:18<Yaakov>It's a "secure" facility.
11:18<randallman>If I went HMO I wouldn't have that crap
11:18<pharaun>and minor asgra(something) in my left eye
11:18<pharaun>is like um
11:18<pharaun>your own policy or?
11:19<Yaakov>The warden^W^Wcaker takes care of his "boys".
11:19<pharaun>my friend said that even the "free" plans at IBM would still take money out of your paycheck
11:19<randallman>It's more of a 'use our doctors, use our hospitals, get referrals' program (the HMO)
11:19<pharaun>i'm wondering about that?
11:19<randallman>Free plan?
11:19<randallman>what's that?
11:19<pharaun>randallman: oh a thing at IBM when i signed up
11:19<Karrde>pharaun: I'd have to re-look it up, but you can refuse dental coverage and get $5 back/month.. taxed
11:19<pharaun>they have "plans that cost nothing" to you or so
11:19<pharaun>then if you want more, you pay or something
11:19<pharaun>still not clear on the whole thing
11:19<randallman>Dental coverage is another myth
11:20<randallman>the coverage costs about what it costs for 2 cleanings per year
11:20<pharaun>Karrde: yeah dental is like 5 buck, health is like 30
11:20<pharaun>and yeah
11:20<randallman>and then you get jacked up when you need any rael dental work
11:20<Karrde>ask your manager / mentor
11:20<pharaun>so not worth it to get the $money back
11:20<randallman>Crowns are usually covered at or around 50% :0
11:20<pharaun>so i'll go with the basic plan then if i need more I'll figure it out :)
11:20<randallman>Nah, I carry it anyway; )
11:20<Yaakov>I want a gold one with rubies!
11:20<randallman>50% > nothing :)
11:20<pharaun>ppo is the default plan right?
11:20<pharaun>thought so
11:20<randallman>Teeth are a wear item :)
11:20<pharaun>Karrde: you're an ibm'er ?
11:21<randallman>MTBF is < 1 human life :)
11:21<randallman>hard to insure :)
11:21<pharaun>randallman: haha XD
11:21<Karrde>why no, I just spy on them for Microsoft
11:21<pharaun>I'm hoping to work my way into the linux division
11:21<pharaun>but who knows
11:21-!-nachtkriecher [] has joined #linode
11:21<nachtkriecher>hi you guys
11:22<nachtkriecher>so i asked for a linode for my birthday
11:22-!-lakin [] has joined #linode
11:22<pharaun>i figured why not go with IBM for a bit and get some good experience
11:22<pharaun>then go from there :)
11:22<nachtkriecher>and my dad wants to know why i dont just get a computer of my own
11:22<megatron27>should really use my company's dental plan before I leave
11:23<pharaun>I'm deaf and I'm hoping to get a masters to help make myself sound a bit more impressive to the interviewers/HR plus
11:23-!-carmp3fan [~Nathaniel@] has joined #linode
11:23<pharaun>I really would like to get an PhD in computer science
11:23<Karrde>pharaun: it's a good company. And in my experience as far from THE BORG as you can get
11:23<pharaun>but no funding
11:23<nachtkriecher>so i facepalm
11:23<pharaun>Karrde: haha
11:23<Karrde>YMMV; I interned for Lotus and am now working for another acquisition
11:23<Karrde>I'm in shorts and a t-shirt.
11:23<pharaun>Karrde: I've generally have had positive experience with them for the last 2 co-op
11:24<pharaun>Karrde: haha I interned with the z/OS mainframe group
11:24<pharaun>impressive hardware
11:24<pharaun>but awful software imho
11:24<pharaun>and then interned again with the Lotus group and will be working in westford this sept :)
11:24<pharaun>the Lotus group people seems like a nice bunch
11:24-!-nachtkriecher [] has quit []
11:24<linbot>New news from forums: API updates? API Boot, Reboot, Distro Deploy? WHEN? in Feature Request/Bug Report <>
11:25<pharaun>yeah so i'm hoping i'll be able to get somewhere good with these guys :)
11:25<pharaun>if not I'll try to get into a few other div, or go back to school for masters
11:25<Karrde>pharaun: I'm in the Littleton office which is like five miles from Westford
11:25<pharaun>but that's still a few years off :)
11:25<pharaun>haha yeah
11:25<pharaun>been looking for an aparment in the Littleton area
11:26<pharaun>its kind of rough going cos I'm in Rochester, ny right now so its a little hard to "check out" the apts
11:26<pharaun>a co-op co-worker and my manager recommended a place near boston
11:26<pharaun>but its 40 minute drive and i hate driving
11:26-!-nacht [] has joined #linode
11:27<pharaun>so been trying to get a place in lowell/littleton/acton/etc...
11:27<pharaun>but haven't been having much luck
11:27<Karrde>and there's not really much public transportation
11:27-!-ph [~ph^] has quit [Remote host closed the connection]
11:27<nacht>stupid internet sucks here
11:27<pharaun>that was one thing that irrates me
11:27<Karrde>Acton is a nice town
11:27<pharaun>wish they had the T to westford then i could just get a place in boston and use the T
11:27<pharaun>yeah it seemed to be
11:27<pharaun>but i keep on hearing bad thing about the um... Alvoan Acton'
11:28<pharaun>grr can't remember the name of the apt company
11:28<Karrde>never heard of it
11:28<pharaun>but yeah, btw how's the FIOS availability?
11:28<nacht>am i still connected?
11:28<pharaun>I've been having a hard time figuring it out
11:28<pharaun>nacht: i see you :-p
11:28-!-samuel [~samuel@] has quit [Quit: samuel]
11:29<Karrde>FIOS, lol
11:29<pharaun>Karrde: i have been looking at the fios list
11:29<Karrde>Verizon claims it's availabl in Acton, but it's not in my apartment complex
11:29<pharaun>and been trying to figure out
11:29<pharaun>yeah that's my issue
11:29<Karrde>I have Comcast, which actually isn't bad
11:29<pharaun>they claim its there and there
11:29<pharaun>but i can't figure out wtf
11:29<pharaun>Karrde: what kind of speed you get?
11:29<Karrde>I just got the basic plan, 13/2 mbps
11:29<pharaun>i really want to get something better than 10/376k
11:29<pharaun>2mbit up? sweet
11:30<pharaun>i'm so fucking sick of the 386k up or 1mbit up
11:30<nacht>every 15 seconds or so i see new messages
11:30<pharaun>that is avail in rochester, i'm a big uploader
11:30-!-ph^ [~ph^] has joined #linode
11:30<Karrde>nacht: pong
11:30<pharaun>I have a cacti on my server at home, 800gb/year and 570gb/year
11:30<pharaun>so yeah pretty big uploader :-p
11:31<pharaun>mainly to my amazon s3 and other services :-\
11:31<pharaun>Karrde: what kind of plan do they got for comcast, how has the line quality been?
11:32<pharaun>Honestly I would like the FIOS 50/20 just because of the 20mbps upload but if comcast got some decent offering I might go with them if FIOS is not avail
11:32<pharaun>beside I'm deaf, so I don't need a land line, I don't need a VoIP, and I don't watch TV
11:32<pharaun>so that saves me a bit there ;)
11:32<pharaun>so I can afford to spend a bit on internet services xD
11:32*path likes comcast's service but hates paying the bill
11:33<path>although i generally feel that way about all evil megacorps
11:33<nacht>stupid family internet
11:33<Karrde>pharaun: ;). Stability has been mostly nice; I have my own cable modem and a router running Tomato. Just had a 40-day connection uptime ruined by Comcast (neither modem nor router rebooted)
11:33<nacht>oh maybe no one's saying anything
11:33<pharaun>Karrde: ah
11:34<randallman>Comcast works for me
11:34<pharaun>Karrde: had any problem with packet shaping
11:34<randallman>Verizon tries to mandate you use THIER CPE
11:34<randallman>If you do not use thier router, you do not get the guide
11:34<pharaun>I tend to do legit torrents for linux iso and bunch of other games
11:34<randallman>and double-nat annoys me L)
11:34<pharaun>randallman: amen i hate double nat
11:34<pharaun>i had to do that once it was... icky!
11:34<pharaun>randallman: oh I don't watch tv so i don't care :)
11:34<pharaun>randallman: all i want is fast bloody fast internet access
11:35<randallman>'7 linksys routers, twirlin' on a branch - eating sunflower seeds on my uncle's ranch... you know that old childrens story'
11:35<pharaun>*sigh* my spelling is off today -_-
11:35<rainman`>pharaun, hire a rack or two at an internet exchange site
11:35<Karrde>pharaun: haven't noticed any. I downloaded 9GB yesterday, most through torrents. My normal useage is 20GB a month tho ..
11:35<nacht>my roommate just downloaded all the games ever made for the sega genesis
11:35<nacht>plus a few
11:35<pharaun>Karrde: hm I do 800gb/year download 570gb/year so that would be um
11:36<pharaun>60gb month down, and 50gb up
11:36<pharaun>kind of high but not
11:36<pharaun>as high as some of those... insane people who can download terabytes a month -_-
11:37<pharaun>rainman`: haha
11:37<Karrde>the cap is 250GB/mo anyway I think
11:37-!-nacht [] has quit [Quit: ajax IRC Client]
11:37<pharaun>and I can probably tone it back if i need
11:37<pharaun>Karrde: yeah I heard about that but i still sort of disagree on cap but meh
11:37<pharaun>atleast you KNOW about the cap
11:37<pharaun>and better than my poor parents
11:38<pharaun>they got GRR goddamn it 300mb up, and 1gb down cap per week
11:38-!-Ghent [] has quit [Remote host closed the connection]
11:38<pharaun>its nearly impossible to stay under that cap if you got 2 brother and sister who loves to facebook every single goddamn second
11:38<pharaun>i keep on having to bit their head off to quit that shit and quit killing my internets
11:40-!-chargrill [] has quit [Ping timeout: 480 seconds]
11:40<pharaun>Karrde: nice they got a extreme 50, with 50mbps down and 10mbps up
11:41<pharaun>but wtf is powerboost, sounds suspect
11:41<pharaun>OH THAT thing *mutters*
11:41-!-litwol|mac [~litwol|ma@] has joined #linode
11:44-!-peter_ [] has quit [Quit: peter_]
11:45<Karrde>you get DOUBLE SPEED! for the FIRST SIX MB!
11:45<pharaun>yeah roadrunner had that bs
11:45<Karrde>you need a DOCSIS3.0 modem for that extreme plan I think
11:46<pharaun>annonyed the ever loving shit out of me
11:46<Yaakov>That's very helpful for web browsing.
11:46<Karrde>I don't rent, I have my own modem but it's old enough that it only does DOCSIS2.0
11:46<pharaun>I have an old surfboard but I probably need to get a new one anyway :)
11:46<pharaun>yeah I might just try the one a step under
11:46<pharaun>and see if its enough for the upload
11:47<pharaun>Yaakov: true but at same time its irrating cos they can say WOW our internet is 300mbit down
11:47<pharaun>*small print, for 5 seconds*
11:47<Yaakov>pharaun: For well designed websites, it is.
11:48<megatron27>what type of connection do you get with a Linode?
11:48<megatron27>guaranteed bandwidth?
11:48<pharaun>Yaakov: how so? aka ones that all are compressed and fits in 6mb or?
11:49<Yaakov>pharaun: Websites and the images on them should all be less then 6MB.
11:49<pharaun>i'm kind of curious actually about the guaranteed bw
11:49<pharaun>Yaakov: makes sense
11:49<Yaakov>So you should be getting full speed for most sites.
11:50<@caker>megatron27: any guarantee would stop about one hop away from your Linode, so it's kinda pointless. We don't control the rest of the internet
11:50<pharaun>sweet :)
11:50<fuzzie>the ads usually seem to lack an obvious "as long as you're not doing anything crazy like looking at photos" disclaimer, though
11:50<megatron27>got it, thanks
11:50*tasaro is now known as starscream
11:50<pharaun>caker: that's true too but I'm curious is there any "upper limit"
11:50<pharaun>or can we upload/download to linode as fast as our slowest link allows?
11:50<@caker>megatron27: however, to answer what we can: We have a switched gigabit LAN with redundant gigabit uplinks into the datacenter's core network. From there, they have many freaking huge pipes out to the net
11:51<@jed>pharaun: there is an outgoing cap to mitigate spam/etc, if you're doing heavy outbound we can discuss removing it but almost nobody (and by almost nobody, I mean only 1 or 2) have ever hit it with a genuine need
11:51<@jed>as for inbound, no, you can saturate your linode with the fastest link you've got
11:51<megatron27>caker: <3
11:52<pharaun>jed: ah? fair enough :)
11:52<@jed>for testing purposes I removed the cap on one of my nodes and hit a popular torrent, and it still didn't go that fast
11:52<@jed>The Internet Is Volatile.
11:53<HoopyCat>where by "the net" caker means "other networks with many freaking huge pipes to other networks, one of which may touch your slow-ass 6MHz DOCSIS channel". thus, there can be no guarantees :-)
11:54-!-TheJoe is now known as TheJoe|ZzZz
11:55<HoopyCat>Guarantees That Cannot Exist In The Real World: 100% uptime, minimum bitrate, estimated time to repair, pizza delivery < 30 minutes, all you can eat, positive return on investment, a date on saturday night
11:55<megatron27>HoopyCat: never sag
11:55<erikh>what? there's no TPB excuse for removing the cap?
11:56<erikh>really, I want my TPB. (think dire straits)
11:56<@jed>erikh: even on a TPB torrent -- which was, mind you, completely legal -- I never got above 9 mbit
11:56<@jed>people just suck at torrents, I guess
11:57<HoopyCat>erikh: use the API to spawn additional linodes to seed parallelly :-)
11:57<@jed>HoopyCat: BEST USE CASE EVER.
11:57<@jed>Problem: You want the entire works of Nine Inch Nails in FLAC.
11:57<@jed>Solution: Linode API 2.0! Spawn a seed swarm for your favorite torrent tracker!
11:57<@jed>Complete with prorated billing to the day.
11:58<@jed>Linode API 2.0: Completing your life.
11:58<erikh>"caker, 100 of your linodes in fremont are ddosing xo communications"
11:58-!-TheJoe|ZzZz is now known as TheJoe
11:58<erikh>but but, i'm trying to torrent the entire internet
11:59<HoopyCat>lpm_displaygroup="NIN Pool", label="prettyhatemachine1"
11:59<HoopyCat>lpm_displaygroup="NIN Pool", label="broken1"
11:59*randallman has all NIN albums ever :P
11:59*erikh just likes "Pretty Hate Machine"
11:59<@jed>randallman: including the lost highway and quake soundtracks?
11:59*jed stares blankly
11:59<randallman>no :0
11:59<@jed>randallman: fail.
12:00-!-Leif [] has quit [Remote host closed the connection]
12:00<@jed>YOU FAIL AT REZNOR.
12:00<Yaakov>I have never knowingly heard any Nine Inch Nails.
12:00<erikh>did you get the iphone app too?
12:00*HoopyCat turns on the Vff breaker
12:00<@jed>erikh: yes, and I was at NIN|JA in PHX
12:00<@jed>it didn't work for me though because I dropped my iPhone the night before the show
12:00<erikh>Yaakov: imagine a very emo ministry
12:00<TheJoe>Is anyone else using 4.2.2.X for DNS? They seem to be falling like dominoes
12:00<erikh>that's pretty much NIN.
12:01<@jed>erikh: hah
12:01<Yaakov>I have not knowingly heard any Ministry.
12:01<TheJoe>I've gone from to because they keep failing
12:01<TheJoe>And now is messing up
12:01<Yaakov>TheJoe: Why are you using those servers?
12:01<StevenK>Yaakov: Ministry is win
12:01<@jed>yes, ministry is probably one of the greatest five bands to ever walk the earth
12:01<TheJoe>Yaakov: Because my ISP's DNS servers suck
12:02<Yaakov>StevenK: There is a vanishingly small likelyhood that I would like it.
12:02<HoopyCat>TheJoe: did i already have the "no, i don't use DNS servers without authorization and a support ticket path" chat with you? :-)
12:02<Yaakov>TheJoe: Use OpenDNS.
12:02<StevenK>jed: LARD is pretty good, too
12:02<TheJoe>Yaakov: That slowed down
12:02<TheJoe>HoopyCat: You did
12:02<erikh>Yaakov: ok, imagine if devo and pantera collaborated
12:02<TheJoe>Whip it!
12:02<HoopyCat>TheJoe: ok, just wanted to make sure. my memory sucks :-)
12:02<Yaakov>Devo I know, but Pantera is unknown.
12:02<erikh>ok, imagine if devo got into death metal.
12:03<Yaakov>TheJoe: Run NSD on your 'node and use that.
12:03<erikh>that's basically ministry.
12:03<TheJoe>Yaakov: NSD eh
12:03<randallman>Pantera rocks
12:03<randallman>Down rocks :0
12:03<Yaakov>TheJoe: Yes. Lighter than bind.
12:03<randallman>Down > Pantera IMHO
12:03<erikh>dethklok > *
12:03<TheJoe>Yaakov: How would the bandwidth usage be? Got any idea?
12:03<Yaakov>I listen to things like Debussy and Dave Brubeck.
12:03*HoopyCat smells burning, turns knob from STBY to ON, hits the Play button
12:03<@jed>running your own resolvers: priceless
12:03<Yaakov>TheJoe: Almost nothing.
12:04<TheJoe>I might have to give it a go then
12:04<erikh>Yaakov: ooh. classy. Audrey is one of my favorite tunes.
12:04<Yaakov>I like some Steely Dan and Talking Heads occasionally.
12:04<Yaakov>Aja is a favorite.
12:04<randallman>I saw steely + mcdonald at the tweeter center :)
12:04<TheJoe>Talking Heads <3 <3 <3
12:04<randallman>in 2006
12:04<TheJoe>I was almost going to go and see David Byrne tonight
12:05<randallman>Adrian Belew > Talking Heads :)
12:05<Yaakov>I like music that fits into nicely worn neural pathways.
12:05<TheJoe>But noooo I bought a Linode
12:05<TheJoe>randallman: Adrian played for Talking Heads at one point
12:05<randallman>I know :)
12:05<erikh>I like all sorts of music.
12:05<erikh>variety is the spice of life and all that.
12:05<Yaakov>Adrian Belew has collaborated with Eno and Byrne.
12:05<randallman>King Crimson++ :)
12:05<Yaakov>I very occasionally listen to Eno.
12:05<TheJoe>randallman: <3
12:06<Yaakov>King Crimson... maybe a song or two a year, for nostalgia.
12:06<randallman>Asia played "Court of the Crimson King" at the show last week
12:06<randallman>Yaakov, they have a lot of stuff from the 80's and 90's too
12:06<erikh>Asia? Too easy.
12:06<randallman>the Projekt stuff
12:06<UberBoogerBot>^ == Talking Heads - Live in Rome 1980 - 02 Stay Hungry uploaded by tpatgod2007. [Duration: 4:04] [Views: 47,619] [Rating: 5.0]
12:06<Yaakov>I really enjoy Debussy.
12:06<randallman>Erikh, asia is Carl Palmer from ELP, John Wetton from King Crimson, Geoff Downes from Buggles, and Steve Howe from Yes
12:06-!-Elton00032 [~Delphi@] has joined #linode
12:06<TheJoe> <-- probably the best one
12:06<Yaakov>Also, other impressionists.
12:06<UberBoogerBot>^ == Talking Heads - Live in Rome 1980 - 11 The Great Curve uploaded by tpatgod2007. [Duration: 7:22] [Views: 19,141] [Rating: 5.0]
12:07<Yaakov>Also, some older Jazz.
12:07<TheJoe>That show is almost better than Stop Making Sense
12:07-!-Elton00032 [~Delphi@] has quit [Read error: Connection reset by peer]
12:07<Yaakov>I generally prefer Talking Heads studio work to live.
12:07<erikh>Yaakov: depending on if jazz also means blues, you may appreciate a live album I have that's just a jam session with b.b. king and jimi hendrix
12:07<TheJoe>I like their later studio stuff
12:07<erikh>it's about 2 hours long
12:07<randallman>Mahavishnu Orchestra ++
12:08<randallman>Chick Corea ++ :)
12:08<TheJoe>The studio Psycho Killer isn't do great
12:08<TheJoe>SpaceHobo: Oh yes
12:08-!-Elton04069 [~Delphi@] has joined #linode
12:08<TheJoe>Burning Down the House at Stop Making Sense ==== AMAZING
12:08<randallman>SpaceHobo, yaeh Chick iis a scientologist :)
12:08<Yaakov>erikh: I can appreciate a variety of well-played music, but for *listening*, I am happy with a limited palette of favorites. I can listen to one album over and over.
12:08<randallman>But he's a real down to earth guy
12:08<TheJoe>That's the first time the whole band are together and they're working so well
12:09<randallman>I saw him a few times at the Blue Note in NYC
12:09<@jed>jed@opus:/m/Finished/NIN$ ls -l | wc -l
12:09<@jed>randallman: you got work to do
12:09<TheJoe>Of course - nothing beats Psycho Killer/Stop Making Sense
12:09<Yaakov>TheJoe: With Byrne on the acoustic guitar?
12:09<TheJoe>Yaakov: Oh yes
12:09<randallman>SpaceHobo he did relase 'Beyond the Stars' with his 'electrik band'
12:09<randallman>which was based heavily on scientology :0
12:10<erikh>hah. byrne's a clam?
12:10<TheJoe>Yaakov: It's shame, they removed all the good versions of Psycho Killer from Youtube. There's now only a crappy version with the tempo way too high
12:10<erikh>do. not. get. scientology.
12:10<TheJoe>erikh: Clam isn't a slang word for Scientologist is it?
12:10<randallman>simba:/export/Music/rPod/Nine Inch Nails$ ls | wc -l
12:10<randallman>Halo 9 - Closer - Further Away
12:10<erikh>TheJoe: last I checked it was.
12:10<randallman>Halo 9 - Closer - Closer to God
12:10<randallman>etc... :)
12:11<TheJoe>erikh: No he's not then
12:11<TheJoe>erikh: He was a member of the Church of SubGenius once though
12:11<randallman>My collection is based on the Boxed set 'Halo' :p
12:12-!-lesouvage [~chatzilla@] has joined #linode
12:13-!-girishr [~girish@] has quit [Remote host closed the connection]
12:13<TheJoe>Ok well nsd is running
12:13<TheJoe>Is there much config that needs to be done?
12:14*HoopyCat turns stereo down for thermal reasons
12:14-!-sungo [] has left #linode []
12:14<amitz>HoopyCat: thermal reason?! what kind of volume did you set?
12:14<HoopyCat>amitz: 12
12:15<HoopyCat>green: 0 to 10, yellow: 11, red: 12+
12:16<amitz>one word: woah
12:16<HoopyCat>and i don't think my cat appreciates NIN, considering she's wandering around my office, looking dazed with her ears folded back...
12:21<amitz>my life is relatively free of music thus everything above 5 is crazy enough IMO :-)
12:21<TheJoe> Now this is an interesting song
12:21<TheJoe>(free to distribute)
12:22-!-cpg [] has joined #linode
12:23<TheJoe>Got no idea what I'm doing with NSD :\
12:23-!-megatron27 [~firdaus@] has quit [Quit: Ex-Chat]
12:25-!-Elton04069 [~Delphi@] has quit [Read error: Connection reset by peer]
12:27-!-Oli`` [~oli@] has quit [Remote host closed the connection]
12:28-!-jhford [] has quit [Quit: jhford]
12:29-!-Oli`` [~oli@] has joined #linode
12:30-!-Redgore2 [] has joined #linode
12:35-!-jcr [] has joined #linode
12:36<jcr>I am running my first snapshot backup on a linode with 36GB of storage; it takes literally hours. Is that consistent with your experience?
12:37-!-Redgore [] has quit [Ping timeout: 480 seconds]
12:37-!-Redgore2 is now known as Redgore
12:38-!-Ghent [] has joined #linode
12:41<@irgeek>The first backup has to backup everything and that takes time.
12:42<TheJoe>I should backup one of these days....
12:42<TheJoe>Something bad is gonna happen.
12:42-!-dzjepp [] has joined #linode
12:43-!-jhford [] has joined #linode
12:44<vuf>amazing, running an idle "tail -f" in a shell raised cpu usage by 1% ... I couldn't figure out which service I had changed to increase the idle load from 0.5% ...
12:44<Pryon>TheJoe: rdiff-backup is your friend. The lazy person's backup friend.
12:45<TheJoe>I'll look into it
12:45<TheJoe>Once I figure out nsd
12:46<vuf>you can start learning rdiff-backup now and be done in ten minutes (the backup itself will take a bit longer, though)
12:47-!-lesouvage [~chatzilla@] has quit [Ping timeout: 480 seconds]
12:47<TheJoe>Has me eaten up
12:47<@irgeek>I figured it was pretty simple.
12:48<TheJoe>Well it doesn't seem well documented (correct me if I'm wrong but Google results are next virtually non-existent) and I just generally don't have a clue
12:48<TheJoe>Never dabbled in something like this before
12:48-!-ph [~ph^] has joined #linode
12:49<Pryon>!f NSD
12:49<linbot>Pryon: In Internet computing, NSD (for "name server daemon") is an open-source server program for the Domain Name System. It was developed by NLnet Labs of Amsterdam in cooperation with the RIPE NCC, from scratch as an authoritative name server (i.e., not implementing the recursive caching function by design). The intention of this development is to add variance to the "gene pool" of DNS implementations used by (1 more message)
12:49<Pryon>!more Pryon
12:49<linbot>Pryon: higher level name servers and thus increasing the resilience of DNS against software flaws or exploits.
12:50<litwol|mac>Where can one get cheap SSL certs ?
12:50-!-jcr [] has quit [Remote host closed the connection]
12:50<TheJoe>Cheap? Probably nowhere
12:50<Pryon>Or self sign for ultracheap
12:50-!-Redgore2 [] has joined #linode
12:50<litwol|mac>sorry i dont know how to ask the question correctly, i've never setup ssl before
12:50<litwol|mac>i use namecheap for my domains
12:51<Pryon>they also do certs
12:51<litwol|mac>very nice
12:51<litwol|mac>i rather stick with them :). good company i think
12:51-!-spearson [] has joined #linode
12:52<litwol|mac>Are they one of the trusted providers ? meaning will the users see 'validate certificate' box ?
12:52<@irgeek>TheJoe: The documentation is most clear in the example config IMHO. What's the trouble you're having?
12:52<@irgeek>litwol|mac: If you're paying money for a certificate, that's almost always true.
12:52<litwol|mac>irgeek: ty.
12:53<@irgeek>The irony is that users need to go digging to figure out if you paid $10 or $200.
12:53<TheJoe>irgeek: I don't even see the example config - I just have a .zones file with no examples in it :\
12:54<@irgeek>What distro
12:54<TheJoe>Well there are examples just no indication of how I'm supposed to be using them. I dunno maybe I'm just not paying enough attention
12:54<@irgeek>Weird. Last time I threw it on there the example was there.
12:56<TheJoe>Well I'm just stumped
12:56*TheJoe continues to look for a guide of some kin
12:57-!-lesouvage [~chatzilla@] has joined #linode
12:57-!-Redgore [] has quit [Ping timeout: 480 seconds]
12:57-!-Redgore2 is now known as Redgore
12:58<vuf>that netflix presentation was interesting
12:58<TheJoe>Aha I have found /etc/default/nsd
12:58<Yaakov>TheJoe: I think I steered you wrong, they left recursive lookups out of NSD. I thought you could turn them on, but apparently nor.
12:58<Yaakov>It is authoratative only.
12:59<Yaakov>So, run bind.
12:59-!-kenichi [~kenichi@] has joined #linode
12:59<Yaakov>It probably won't be very heavy since you won't be using any zones.
12:59<Yaakov>I use NSD for IPV6 reverse.
12:59<vuf>so, what's the cheapest wildcard ssl certificate?
12:59<TheJoe>404'd on apt-get
12:59<TheJoe>How odd
13:00<TheJoe>Got it
13:02-!-slact [] has joined #linode
13:02<slact>ahoy maters. is there any reason linode17 in newark should be sluggish?
13:02<slact>*mateys. mateys i say.
13:02<fapestniegd>vuf: self signed. :)
13:03<randallman>That whole SSL thing... What a bunch of malarky :)
13:04<randallman>it used to be that a regular SSL cert had a TON of verification to it - you are who you claim you are...
13:04<randallman>Then that eroded over time and a new 'level' of cert was offered called EV-certs to both protect and verify
13:04<randallman>if you ask me, normal SSL certs shouldn't require a trusted root CA anymore
13:04<randallman>It should just inform the end user that the cert is for crypto only and not verification
13:05<Pryon>I think he called us tomatoes
13:05<randallman>Remember when Verisign was 200USD/year and Thawte was like 99$?
13:05-!-purrdeta [] has quit [Ping timeout: 480 seconds]
13:05<TheJoe>Thawte was Mark Shuttleworth wasn't it
13:05<TheJoe>In his parent's garage
13:06<randallman>no idea
13:06<randallman>someplace in south africa :0
13:06<randallman>what kinda political knob-polishin' was going on to figure out who'se certs wound up in the first ROOT CA package included with a browser?
13:06<TheJoe>He made his first million sitting in his parent's garage on Thawte
13:06<randallman>who do you have to blow to get added to mirosoft's CA cert updates?
13:07<randallman>Or is there some type of consortium?
13:07<vuf>fapestniegd: true, I have a self-signed one now
13:08-!-jvaughan [] has quit [Remote host closed the connection]
13:08<Karrde>I have a RHEL4 system with gcc (3.4.6), gcc32, and gcc4 installed. Is there something like debian's update-alternatives where I can make gcc -> gcc4 automagically, or am I stuck doing manual symlinks?
13:09<randallman>CC=gcc4 make :)
13:09-!-jvaughan [] has joined #linode
13:09<TheJoe>Hang on
13:09<TheJoe>I think I'm following completely the wrong guide
13:10-!-laser` [] has joined #linode
13:12-!-purrdeta [] has joined #linode
13:13<TheJoe>Surely I don't need a zone file since Linode takes care of that O.o
13:13<randallman>Oh to be a european:
13:13<randallman>Two more dates has been added for the upcoming European tour with Dream Theater, Opeth, Bigelf & Unexpect. These are:...
13:13-!-Mathew [] has quit [Quit: Leaving]
13:15<materdaddy>any git experts here?
13:15<Pryon>You know, you can travel to Europe without becoming European :-)
13:15<erikh>I AM EXPERT
13:16*erikh summons the spirit of Karl Hungus
13:16-!-adnc [] has joined #linode
13:16<Pryon>materdaddy: try asking your question and see what happens
13:16-!-lesouvage [~chatzilla@] has quit [Ping timeout: 480 seconds]
13:16<Pryon>(your other question)
13:16<kenichi>phone's ringin
13:16-!-adnc [] has left #linode []
13:17-!-adnc [] has joined #linode
13:17<materdaddy>git clean seems to have strange behavior with the ~/.gitignore file....
13:17<TheJoe>kenichi: Eerie. so is mine
13:17-!-adnc [] has quit []
13:17<materdaddy>so ~/.gitignore has "wip" (work in progress, a directory with a ton of stuff in it)
13:17<materdaddy>my home directory is tracked using git
13:17<TheJoe>I think I messed up with bind
13:18<materdaddy>if my PWD is "~/wip" and i type "git st" there's nothing showing as untracked, because it's ignored...seems normal
13:18<materdaddy>if i run "git clean" it removes all the files in the "~/wip" directory, which seems like it's ignored... and "git clean -d" will remove all files and directories in ~/wip which should be ignored
13:19<materdaddy>not so good... i blew away a ton of work with that yesterday :-/
13:19<erikh>kenichi: fuck it. let's go bowling.
13:19<TheJoe>materdaddy: No backup?
13:19-!-Ghent [] has quit [Ping timeout: 480 seconds]
13:19<materdaddy>TheJoe: nope :-/
13:19<materdaddy>erikh: i agree
13:19<materdaddy>TheJoe: i agree
13:19<materdaddy>it seems like git clean SHOULD honor my git ignore because it provides a "-x" option which says to remove ignored files too
13:20<kenichi>erikh: you're obviously not a golfer
13:20<TheJoe>Ok to procrastinate this DNS shit. I'll see if my DVD Drive even works.
13:20<materdaddy>but i am NOT specifying that.... so am i mis-reading something, because PWD seems to matter... if i run git clean from ~ instead of ~/wip it doesn't try removing "wip"
13:20-!-TheJoe is now known as TheJoe|ZzZz
13:21<materdaddy>i'd report it as a bug, but I don't want linus chastizing me from the linux community forever because I mis-read a man page or something... thought somebody here might know :P
13:21<erikh>don't fear the aspergers
13:21<vuf>materdaddy: it seems that you have to commit the .gitignore file
13:22<erikh>people who know everything don't exist, but there are plenty of people that think they do
13:23<materdaddy>vuf: hmm... let me see if that helps... i do have ".gitignore" in the ".gitignore" so it is read for my "git status" but maybe "git clean" reads only a versioned copy? thanks, i'll let you know what my experiment finds out
13:23<erikh>"the more you know(tm)"
13:23*Pryon love bowling
13:23<Pryon>also am not Tarzan
13:24<materdaddy>vuf: nope
13:24<vuf>materdaddy: actuallty, now I cannot reproduce that :-/
13:24<materdaddy>committed .gitignore, and git clean still wants to remove things in the "wip" directory... i think my problem is not putting "/wip" which would be root of my repository
13:24<materdaddy>or something like that
13:25<materdaddy>nope, didn't help...
13:25-!-Turl [] has joined #linode
13:26-!-TheJoe|ZzZz is now known as TheJoe
13:26<materdaddy> /wip/* seems to work..... sorry for the spam
13:27<kenichi>how do i tell ubuntu to not use gnu keytool, but keytool from the sun jdk?
13:28<vuf>materdaddy: that does not sound right
13:29<materdaddy>wip/* works too
13:29-!-Elton04165 [] has joined #linode
13:30<materdaddy>although that does not cause it to ignore something like ~/blah/wip/* still only ignores repo root wip
13:30-!-Ghent [] has joined #linode
13:32<materdaddy>*/wip/* will ignore anything in any wip directory it seems, but when in wip, it still wants to remove things within... so i need a few "wip" rules it seems to protect it when i'm in the root, and when i'm within it
13:33-!-ph [~ph^] has quit [Remote host closed the connection]
13:37<vuf>git help ignore
13:37-!-Rob_Z [] has joined #linode
13:38-!-lesouvage [~chatzilla@] has joined #linode
13:39<Rob_Z>howdy, I'm looking at signing up for linnode, and I notice the pictures on the "Features" page contains some older distros, is there a more current listing, or is that it?
13:39<Rob_Z>or am I a complete tard and missed a list somewhere
13:40<Rob_Z>yes, I see that now....
13:40*Rob_Z checks off "I'm a tard" in the box.
13:40<Rob_Z>any chance for freebsd anytime soon? :)
13:41<erikh>Rob_Z: I've been barking up that flagpole for years now :)
13:41<erikh>that said, FreeBSD 7 and xen still don't play together
13:41<Rob_Z>solaris? :)
13:41<erikh>6 does, 7 doesn't
13:43-!-adnc [] has joined #linode
13:43-!-tronix [] has quit [Quit: thanks y'all -- bbl]
13:43-!-silverblade [] has joined #linode
13:44<TheJoe>Hey look it's a silverblade
13:44<carmp3fan>I wish we could have some new versions of Fedora in the distro list.
13:44<TheJoe>carmp3fan: Install Fedora, upgrade Fedora
13:44<TheJoe>It's so easy
13:44-!-adnc [] has quit [Read error: Connection reset by peer]
13:45-!-adnc [] has joined #linode
13:45<Rob_Z>k, just signed up, any recommendations on location? (I"m in the midwest)
13:45<TheJoe>Rob_Z: ^
13:47<TheJoe>You might want to ping them too to chck latency
13:47<Dianoga>Rob_Z: I am in Iowa and Dallas works nicely for me. That is my completely unscientific contribution :D
13:48-!-Chimpbama [] has joined #linode
13:48-!-elfgoh [] has joined #linode
13:49<Rob_Z>looks like newark, at least from work, I get ~5.1MB/s
13:49<TheJoe>Check your latency to it too
13:50<carmp3fan>TheJoe: I know I can do that, but it would be nice to be able to start with a fairly recent version from the start.
13:50<Rob_Z>I have to ssh home for that. I don't have much latency at work.
13:51<Chimpbama>If you recognize that Negroes carry mostly Homo Erectus traits ( ) while all other races evolved fully into humans, you will love! WE ARE NOT WHITE SUPREMACISTS, rather NEGRO INFERIORISTS! We at love the rainbow diversity of humanity and welcome Asians, non-Negroid Hispanics, Semites, Indians, Gays, Whites, Turkics, etc. After all, I am Mexican. Join in the epic battle of huma
13:51-!-Chimpbama [] has quit [autokilled: spammer. Mail with questions (2009-08-04 17:51:20)]
13:52<Karrde>that was quick
13:52<Karrde>I didn't even have time to yell 'tjfontaine'
13:54<TheJoe>Ok back to bind9
13:55<purrdeta>gotta be sure to invite the jews and gays... :P
13:55-!-adnc [] has quit [Quit: bye]
13:56<randallman>Wonder if he'll mail
13:56<randallman>with questions :)
13:56<randallman> (autokilled: spammer. Mail
13:56<randallman> with questions (2009-08-04 17:51:20))
13:56<TheJoe>He's not a real guy, Sam!
13:56<TheJoe>Can I keep his head for a souvenir?
13:56<randallman>Frackin Toaster :p
13:58<randallman>ok so /etc/iftab doesnt frickin' work
13:58<randallman>anyone have eth# enumeration issues in RHEL/
13:58<randallman>and *no* Im not using MAC address
13:58<randallman>I have over 24 servers just like this
13:58<linbot>spearson: [mtr] 13 hops, ???: 100.0%/0.0ms
13:58<randallman>with 2ndcard dual port nics
13:59<Solver>randallman: hahaha
13:59<randallman>and soemtimes they are eth0/1, sometimes 2/3
13:59<randallman>I tried writing udev rules based on busid
13:59<randallman>but they seem to be hit-and-miss
13:59<randallman>Sometimes they work, sometimes I get interfaces named __tmp1293812310
13:59<linbot>spearson: [mtr] 14 hops, no loss, last hop average RTT was 35.0ms
13:59<randallman> /etc/iftab doesnt do either jack or shit :)
13:59<randallman>(except fail)
14:00<Karrde> <-- I have a confused sparc
14:01-!-spearson [] has quit [Remote host closed the connection]
14:02-!-TheJoe is now known as TheJoe|ZzZz
14:04-!-Trash [~test@] has joined #linode
14:04<Trash>hey all
14:04<Trash>how can I limit cpu per user?
14:04<cruxeternus>hello Trash
14:04<cruxeternus>That seems like a great question to ask Google :)
14:05<Trash>I know its ulimit
14:05<Trash>but actually Im talking about a cpanel installed system
14:05<Trash>and I need to limit cpu per account
14:05<cruxeternus>ew, gross :P
14:05<Trash>I know that cpanel creates a system user for each account so basically I need to limit like it wasnt a cpanel "based" system
14:07<Trash>because they use much?
14:07-!-sam_ [~ircap@] has joined #linode
14:07<Trash>or whatM?
14:07<sam_>hi all!!
14:08<sam_>one question: if i buy one linode and after deploying all i realized that is too little for my needs, can i move it to a higher linode in an easy way??
14:08<SelfishMan>!f migrate
14:08<linbot>SelfishMan: Linodes can be migrated between datacenters by simply opening a ticket. Your disk images will be copied intact, but you will be issued a new IP address. Once a migration is configured, it makes a button on the dashboard available for you to start the migration yourself. Migration typically takes about 1-3 minutes per GB.
14:09<SelfishMan>!f upgrade
14:09<linbot>SelfishMan: You can upgrade from one plan to another by submitting a support ticket. All your data, configuration profiles, and IP addresses move with you to the new server. Without upgrading plans, you can still add "Extras" to your Linode. Extras are added instantly (some require reboots). Removing resources pro-rates the balance of the month back to your account so you only pay for the time you've used them.
14:09-!-D[a]rkbeholder [] has quit [Remote host closed the connection]
14:09<SelfishMan>ah, there we go
14:09<Pryon>!urmom selfishman
14:09<linbot>Pryon: Yo momma's so fugly even SelfishMan wouldn't touch her! (773:4/0) [mmuro]
14:09<HoopyCat>Trash: a ulimit applied to a process is inherited by children of the process, so if you apply it to whatever is spawning the user's processes (e.g. their shell, or their php-cgi instance, or what have you), it should do the trick in the tactical sense
14:09<sam_>so the second reply is the one?
14:10<sam_>i mean the second reply is the correct for my question? is it? :)
14:10<sam_>thank you very much! ;)
14:10-!-darkbeholder [] has joined #linode
14:10<sam_>have a nice day for all!!
14:10*SelfishMan forget to press the alt key
14:11<HoopyCat>Trash: on a long-term strategic view, might get you data you can then use to make other decisions
14:11-!-sam_ [~ircap@] has left #linode []
14:12-!-dzjepp [] has quit [Read error: Connection reset by peer]
14:13<Karrde>ok um every time I type "date" the date gets reset to Sat Dec 30 19:00:00 EST 1967
14:14<SelfishMan>Karrde: 1967? Are you sure?
14:14<Karrde>$ date
14:14<Karrde>Tue Aug 4 14:05:12 EDT 2009
14:14<Karrde>$ date
14:14<Karrde>Sat Dec 30 19:00:00 EST 1967
14:14<Karrde>Solaris was invented before Unix apparently
14:14<SelfishMan>oh, solaris. ok
14:15-!-linville [] has quit [Ping timeout: 480 seconds]
14:15<SelfishMan>doesn't the date command set the time? I think you have to give it an argument to only display the time
14:15<Karrde>_never_ seen that
14:15<Karrde> The date utility writes the date and time to standard out- put or attempts to set the system date and time. By default, the current date and time will be written.
14:16<SelfishMan>Windows requires date /t
14:16<SelfishMan>are you sure there isn't an alias for date?
14:22<Karrde># which date
14:22<Karrde>it's entirely possible I need some patches, but it's odd that this hasn't come up before
14:24-!-hercynium [] has joined #linode
14:25<Karrde>Patch 109409-04 has already been applied .. well that's the most recent (x)ntp((d)ate) patch available
14:25<Karrde>hardware failure?
14:25<HoopyCat>shell alias prank? :-)
14:28<materdaddy>Karrde: which isn't what you're looking for if it's an alias
14:28<materdaddy>Karrde: type "type date"
14:28-!-J-Node [] has quit [Read error: Connection reset by peer]
14:29<Pryon>\date ?
14:29<Karrde>"type" thank you
14:29<materdaddy>which looks in PATH for date, type will tell you the same thing OR tell you it's an alias (bash, and most newer SHs)
14:29<materdaddy>or function
14:29-!-J-Node [] has joined #linode
14:29<materdaddy>$ which ls
14:30<materdaddy>$ type ls
14:30<materdaddy>ls is aliased to `ls --color=auto --classify'
14:30<HoopyCat>urmom is aliased to `urmom --funroll-loops'
14:32<materdaddy>HoopyCat: gentoo user?
14:32-!-J-Node [] has quit [Read error: Connection reset by peer]
14:33-!-J-Node [] has joined #linode
14:34-!-Dreamr_3 [] has quit [Quit: Leaving]
14:34<HoopyCat>materdaddy: naw, just slows things down when i have to handle loop control at runtime
14:34-!-EAS [] has joined #linode
14:36-!-Turl [] has quit [Quit: Leaving.]
14:36-!-EAS [] has quit []
14:36-!-EAS [] has joined #linode
14:38-!-[1]J-Node [] has joined #linode
14:39-!-TheJoe|ZzZz is now known as TheJoe
14:40-!-[2]J-Node [] has joined #linode
14:40<HoopyCat>CXXFLAGS="-g0 -DTT_CONFIG_OPTION_BYTECODE_INTERPRETER -pipe -O3 -march=pentium4 -fweb -funswitch-loops -funroll-all-loops -funit-at-a-time -fsched2-use-traces -fsched2-use-superblocks -fsched-stalled-insns=12 -frename-registers -fprefetch-loop-arrays -fpeel-loops -fomit-frame-pointer -fmerge-all-constants -finline-limit=32768 -finline-functions -ffunction-sections -ffast-math -fdata-sections -fbranch-target-load-optimize2 -fvisibility-inli
14:40<HoopyCat>half of those don't even exist!
14:43-!-J-Node [] has quit [Ping timeout: 480 seconds]
14:43-!-[2]J-Node is now known as J-Node
14:46-!-carmp3fan [~Nathaniel@] has left #linode [Leaving.]
14:47-!-[1]J-Node [] has quit [Ping timeout: 480 seconds]
14:47<Pryon>The only fault of emacs is C-x C-c for exit. Friggin' fat fingers.
14:49-!-A-KO [] has quit [Remote host closed the connection]
14:51-!-A-KO [] has joined #linode
14:55-!-digi_ [] has joined #linode
14:55-!-digi [] has quit [Quit: digi has no reason]
14:55-!-digi_ is now known as digi
14:56<vuf>Pryon: you can assign a no-op to that key combo ...
15:00-!-[1]J-Node [] has joined #linode
15:02-!-daMaestro|isBack [] has joined #linode
15:03<Pryon>My brain would probably rebel
15:04-!-kupesoft [] has joined #linode
15:06-!-J-Node [] has quit [Ping timeout: 480 seconds]
15:06-!-[1]J-Node is now known as J-Node
15:08-!-purrdeta [] has quit [Ping timeout: 480 seconds]
15:09-!-purrdeta [] has joined #linode
15:09-!-daMaestro [] has quit [Ping timeout: 480 seconds]
15:12<TheJoe>Ooooooook now this time I'm definitely gonna get bind working
15:12<TheJoe>Unless I fail
15:12<silverblade>in a bind with bind
15:13<HoopyCat>sup dawg i heard u liked debacles so i put a bind in ur bind so you can troubleshoot while you troubleshoot
15:13<TheJoe>I'm probably following the wrong guide
15:13<TheJoe>But oh well
15:14-!-elfgoh [] has quit [Quit: Leaving]
15:15<TheJoe>Yeah probably am - this guide wants me to make a master zone file but surely that's not needed
15:16-!-Turl [] has joined #linode
15:17<HoopyCat>i think "apt-get install bind9" should get you to the point where you can at least do "dig @localhost"
15:18<TheJoe>HoopyCat: Well apparently I'm doing this so I can use my 'node as a DNS server. That's what I'm told anyway
15:18-!-purrdeta [] has quit [Quit: brb]
15:18-!-hercynium [] has quit [Read error: Operation timed out]
15:18-!-purrdeta [] has joined #linode
15:19-!-hercynium [] has joined #linode
15:20<HoopyCat>TheJoe: i think it's just one setting change to allow recursive queries from your home IP address once you get it installed
15:21<SelfishMan>allow-recursion { urmom; };
15:22<TheJoe>In named.conf I assume?
15:22<SelfishMan>depends on your distro
15:22<SelfishMan>on ubuntu it's named.conf.options
15:22<SelfishMan>debian too I believe
15:23<SelfishMan>acl urmom { e.a.s.y/32; };
15:25<Pryon>wouldn't it be easier to just run tinydns or something like that?
15:25<HoopyCat>bind uses more memory, so it's faster
15:26-!-ph^ [~ph^] has quit [Remote host closed the connection]
15:26-!-linville [] has joined #linode
15:27<Pryon>Host not found: 3(NXDOMAIN)
15:27<HoopyCat>Pryon: it's not regged. go for it:
15:28<TheJoe>Ok well so far, bind9 isn't working
15:28<Pryon>neither is
15:28<TheJoe>What's this tinydns you speak of?
15:28<silverblade>thats a great domain name
15:28<silverblade>it can be a random facepalm image website
15:30<TheJoe>No lenny packages for tinydns "/
15:30-!-binel [] has joined #linode
15:30<vuf>I installed tinydns in ubuntu today ... it's called djbdns
15:31<TheJoe>'tis in Debian too it seems
15:31<Pryon>I'd feel bad about using a .no domain like that
15:32<Karrde>date is a tracked alias for /usr/bin/date
15:33<Pryon>I'd do it in a heartbeat if I was Norwegian, though
15:33<vuf>I think you have to be, to get .no domains
15:33-!-purrdeta_ [] has joined #linode
15:33-!-purrdeta_ [] has quit []
15:33<HoopyCat>the canadians are picky too
15:34<Pryon>silverblade: ha
15:34<Pryon>It'd be pretty easy to get somebody to register it for you
15:34<HoopyCat>besides, someone already snagged
15:34<TheJoe>Neither djbdns or tinydns is in /etc/
15:35<TheJoe>Nor init.d
15:35-!-Kassah [] has quit [Quit: Ex-Chat]
15:35<vuf>TheJoe: /etc/inittab ?
15:37<vuf>djbdns has all the usual djb dependencies, like daemontools and ucspi-tcp
15:37<TheJoe>They all installed
15:37-!-binel_ [] has quit [Ping timeout: 480 seconds]
15:37<vuf>well in my ubuntu it complained that it could not update /etc/inittab ... does debian use upstart yet?
15:38<TheJoe>I don't know
15:38<vuf>how much historical data is kept in the linode manager graphs?
15:38-!-syntaxman [~wade@] has joined #linode
15:38<TheJoe>30 days worth isn't it
15:39<vuf>well I get whole month graphs for previous months as well
15:39<@tychoish>TheJoe: /etc/tinydns
15:39<TheJoe>tychoish: Not there.
15:39<@tychoish>and you apt-got djbdns?
15:39<vuf>TheJoe: what is it that you want to do?
15:40<TheJoe>vuf: Well Yaakov here suggested I could use my 'node as a DNS server - so I thought I'd look into it
15:40<TheJoe>Things like 4.2.2.X are failing, OpenDNS is slow and my ISPs just suck
15:40<silverblade>TheJoe: which way around are you doing it?
15:40<silverblade>Ah, that way around
15:40-!-Elton04165 [] has quit [Read error: Connection reset by peer]
15:40<TheJoe>tychoish: I did.
15:41<silverblade>I have one half set up on my home machine but it doesnt work properly yet
15:41<vuf>so you want to use your linode as a dns server for your private computer?
15:41<TheJoe>Seemed like a good idea at the time
15:41<silverblade>opendns seem to do some weird shit
15:41<silverblade>once google was inaccessible for a few days for me, turned out they redirect all google traffic to one of their own systems
15:41<TheJoe>I suppose if it's fast enough I could shanghai some friends into paying to use it :D
15:43<randallman>It would be super cool if he didn't change the whole symbolism of DNS
15:43<randallman>A records are A records, PTRs are PTRs, cmon dan
15:43<randallman>Mr. Bernstein
15:43<randallman>cdb is actually quite nice
15:43<@tychoish>it wouldn't be djb if he didn't change things
15:44<randallman>This is true :)
15:44<randallman>I had some co-irkers that worked at NYU
15:44<danp>the "symbolism of DNS"?
15:44<randallman>And, well, he was nuts they stated ;)
15:44<@tychoish>and he's right that Maildir *is* a better way
15:44<randallman>But they loved DJBDNS :)
15:44<randallman>Maildir *is* a better way :)
15:44<vuf>it's weird, but it's good :)
15:44<@tychoish>tell that to mozilla, though
15:45<randallman>What's thunderbird use for its local cache?
15:45<@irgeek>It's better except when it isn't.
15:45<randallman>oh :)
15:45<randallman>last time I used thunderbird, I had it using imap
15:45<randallman>so mbox/maildir whatever
15:45<@tychoish>Mozilla, making old technology seem exciting until you have to really used it :)
15:45<randallman>and I loved qmail
15:45<@irgeek>Like if you're short on inodes or you're using a large block size and you don't want to waste your disk space.
15:45<randallman>qmail rocked back in the day when it was either qmail or sendmail :)
15:45<@tychoish>randallman this is true
15:45<randallman>irgeek, use WAFL :)
15:46<randallman>ezmlm-idx smoked the ever living crap outa majordomo sendmail
15:46<randallman>easily 20x faster
15:47<TheJoe>Is this guide perhaps a little old
15:47<TheJoe>ln -s /etc/dnscache /service/dnscache
15:47<HoopyCat>silverblade: the google proxy can be disabled; it's there to make shortcuts more reliable if you're running the google toolbar, basically. i've been using it with all the features disabled on a couple linodes without oddness.
15:47<danp>dismissing djbdns because tinydns uses a different text format for the data is a sad argument :|
15:47<tanto>is it possible to get a backup of my linode before i delete it ?:)
15:47<randallman>danp, I didnt dismiss it dude
15:47<tanto>tinydns format is pretty awesome
15:47<HoopyCat>tanto: if you've got another linode, you can resize the image down, and then clone the image over (under the settings tab)
15:47<randallman>I used it quite religously for a time
15:47<randallman>there's nothing faster to configure for DNS
15:48<tanto>hoopycat:i don't want to resize my other one
15:48<randallman>But I only want to keep in my head a coulpe DNS server configs
15:48<randallman>and now I use Power and BIND :)
15:48<randallman>Power's pretty simple too... if you like SQL :)
15:48<tanto>i'm just going to delete my other one
15:48<HoopyCat>tanto: ah. you could fire up finnix and either rsync or dd it to another machine elsewhere, depending on what'll be more useful
15:48<TheJoe>ln -s /etc/dnscache /service/dnscache <--- what is an alternative to this O.o
15:48<danp>randallman: sorry, then, what did you mean by the "symbolism of DNS"?
15:49<randallman>danp I did mean the tokens vs. the record types
15:49<danp>TheJoe: an alternative to do what?
15:49<randallman>I did mean what you thought I meant.
15:49<randallman>But I didn't say it was garbage because of that :)
15:49<randallman>It's just... obtuse :)
15:49<TheJoe>danp: That ^ I'm getting directory not found
15:49<vuf>TheJoe: I guess /etc/service/dnscache for the first one, the other one you create yourself
15:49<TheJoe>I'm assuming /service/ shouldn't be used
15:49<danp>randallman: the BIND format isn't obtuse? ;) i would call the tinydns format terse...but not obtuse
15:50<vuf>TheJoe: sooorry, I swapped around, I think
15:50<randallman>danp, well the bind format follows the RFCs on QTYPEs
15:50<randallman>SOA, NS, et. al.
15:51-!-Trash [~test@] has quit []
15:51<vuf>well, the RFCs document bind, more or less
15:51<vuf>TheJoe: do you have /etc/service ?
15:51<TheJoe>vuf: Yeah - I'm alright now
15:52<vuf>TheJoe: ok, great
15:52-!-darkbeholder [] has quit [Read error: Connection reset by peer]
15:52-!-Solver [] has quit [Ping timeout: 480 seconds]
15:52<tanto>i use /service/ for all my daemontoosl
15:53<tanto>daemontools and tinydns are both ++++++
15:53<slact>is there anything obvious that might be causing a linode to be sluggish with no visible CPU load every 2-5 minutes?
15:54<vuf>I'm glad that someone else likes djbdns :)
15:54<HoopyCat>slact: "free -m" and about ~30 seconds of "vmstat 1" during both normal and sluggish periods can sometimes help isolate it down
15:55<slact>ok, i'll check that out, thanks
15:55-!-darkbeholder [] has joined #linode
15:55<randallman>daemontools, running fro inittab?
15:55<randallman>I guess that's changed in 9.04? :P
15:55<randallman>ubuntu rather?
15:55<randallman>since it's event.d based?
15:55<TheJoe>Ok I _assume_ I've done it now
15:56<randallman>That was the other djb-ism that punched me in the face - using Iniitab to start daemons other than gettys :)
15:56<HoopyCat>slact: on vmstat, the "si" and "so" columns should be approx. zero (that's blocks swapped in/out), "wa" will show how much CPU time is being spent waiting for disk IO, and "bi" and "bo" will show blocks read/written... basically, something's making I/O slow, and that will determine whether or not it's you :-)
15:56<TheJoe>Unless I'm not supposed to be using my 'nodes IP as the DNS server
15:57<Pryon>are you blocking DNS traffic with your firewall?
15:57<TheJoe>Not that I know of
15:57<slact>HoopyCat: thanks. investigating.
15:58<Pryon>can you resolve hosts on your linode?
15:58<Pryon>but not remotely, right?
15:59<HoopyCat>TheJoe: assuming you're setting this up on the IP you're connected to IRC from, i am getting a SERVFAIL response on DNS queries
15:59<TheJoe>HoopyCat: Hmm
15:59<randallman>at least you're getting a response :)
15:59<HoopyCat>;; WARNING: recursion requested but not available
15:59<randallman>if I remember right.... DJBDNS forces you to do split auth vs. recurs
16:00<TheJoe>So I need to enable recursion
16:00<randallman>you cannot possibly be both a recursor and an authorititave nameserver?
16:00<HoopyCat>TheJoe: i'm asking you "yo, where's the at?" and you're telling me "i don't know you, eat a dick mofo"
16:00<randallman>so the way I had it setup was with multiple IP aliases
16:00<randallman>bind the recursor to one and the auth to another
16:00<vuf>TheJoe: is it even running? (pidof svscan)
16:00<randallman>and have the recursor forward to the auth for auth requestrs?
16:00<randallman>sound familiar?
16:01<TheJoe>vuf: Hang on
16:01<HoopyCat>TheJoe: so, if dig @localhost works from your linode, i'd say it's probably a security acl thing
16:02<TheJoe>Is dig in a particular package? I apparently have no dig.
16:02<TheJoe>Nor is dig in apt
16:02<randallman>dig is in bind-utils
16:02<slact>HoopyCat : seems like wa > 0 for more than one second when sluggish
16:02<TheJoe>bind-utils not found :/
16:03<randallman>sorry :)
16:03<randallman>Im all RHEL today ;)
16:03<HoopyCat>slact: hmmm, and si/so are about zero? do bi/bo spike when wa peaks?
16:04-!-szabo [] has joined #linode
16:04<slact>si and so are always zero. bo spikes with wa
16:04<Yaakov>HoopyCat: SI and SO are 0xE and 0xF, respectively.
16:04<Pryon>apt-cache search is your friend
16:04<slact>(bi stays < 10)
16:04<Pryon>(or aptitutde search)
16:04<TheJoe>HoopyCat: Got answer, some other shit and ;; WARNING: recursion requested but not available
16:04<randallman>Are you sure you're running the recursor? :P
16:05<TheJoe>Apparently I'm not
16:05<Yaakov>TheJoe: You are a regular fail bucket today.
16:05<HoopyCat>slact: would you mind pastebinning that? just wanna eyeball it a bit. (it's kind of a "feel" thing)
16:05<Yaakov>HoopyCat: SI and SO are 0xE and 0xF, respectively.
16:05<TheJoe>I have no clue how to use/run/enable the recursor :<
16:05<randallman>It's 'dnscache' in djb land
16:05<vuf>TheJoe: is it even running? (pidof svscan)
16:05<HoopyCat>Yaakov: respect this!
16:06<randallman>Goddog, I forgotten so much about DJBDNS :P
16:06<Yaakov>HoopyCat: You didn't respond so I had to repeat.
16:06*randallman reads :)
16:06<randallman>dnscache-conf.... Breakin' out the oldies
16:06<TheJoe>vuf: Only output is 11310
16:07<HoopyCat>Yaakov: i was going to have to respond with something witty, and i'm ankle-deep in some .py, so i let it slide ;-)
16:07<vuf>TheJoe: that's a good start ... then how about "pidof dnscache" ?
16:07<Pryon>snakes. Why did it have to be snakes?
16:07<vuf>TheJoe: wohoo, it's running :)
16:08<TheJoe>But no recursor
16:08<randallman>dnscache is the recursor
16:08<vuf>TheJoe: that's the next step
16:09-!-daMaestro|isBack [] has quit [Remote host closed the connection]
16:09<HoopyCat>slact: ok, bo is low enough and wa is high enough that it's probably worth opening a ticket. (this sometimes means someone is swap-thrashing something fierce; if it's not you, that's a good thing)
16:09<vuf>TheJoe: so let's try "netstat -unlp|grep :53"
16:10<slact>HoopyCat: ok, thanks
16:10-!-daMaestro [] has joined #linode
16:10<TheJoe>nsd is still running
16:10<TheJoe>I uninstalled that for sure
16:10<vuf>TheJoe, actually, make sure that "pidof multilog" also returns a number ... that didn't work for me in ubuntu
16:10<vuf>TheJoe, kill it!!!
16:11<JoeK>did something happen to newark77 ?
16:11<TheJoe>There we go
16:11<silverblade>nsd = Newark77 Server Daemon? :D
16:11<randallman>Here's what I cant remember how to do in DJB - if you are running both dnscache and tinydns authoritative.... How do you tell dnscache that your tinydns is auth for a domain which is not in the root servers
16:11<randallman>There's a way, but I can't ermember
16:11<Pryon>alias killitwithfire='kill -9'
16:11<linbot>Yaakov: [mtr] 2 hops, no loss, last hop average RTT was 0.2ms
16:12<vuf>randallman: servers/root
16:12<silverblade>Pryon: creative
16:12<TheJoe>It works
16:12<vuf>randallman: argh, root/servers
16:12<silverblade>alias gtfo='kill -9' perhaps
16:12<randallman>vuf, you can 'short circuit' for your own domain, but not for the other gTLDs?
16:12<randallman>root/servers/my_internal_domain ?
16:12<TheJoe>Now I need to determine if it was worth it
16:13<vuf>randallman: right, stuff the tinydns IP in there
16:13<silverblade>TheJoe: whats the difference with using tinydns over bind for example? im guessing its smaller... what makes it better other than this
16:13-!-linville [] has quit [Ping timeout: 480 seconds]
16:13<TheJoe>silverblade: I don't know - I got nowhere with bind
16:14<randallman>Better, fewer exploits :0
16:14<randallman>a bit of security by obscurity :)
16:14<slact>HoopyCat: going through the irc logs, it seems like alpo had the same problem as me, and we're both on newark47
16:14<Pryon>TheJoe: Well, it took < 1 hour to set up.
16:14<slact>(yesterday's log)
16:14<silverblade>TheJoe: i did manage a while ago on my home machine to have bind running chroot and everything, cant remember how i did it though
16:14-!-anno^da_ [~anno^] has joined #linode
16:14<randallman>it also forces you to maintain seperate processes for authoritative vs. caching
16:14<silverblade>It seems... very... transparent. I couldnt tell it was actually doing anything. lol
16:14<randallman>so you can't necessarily be cache poisoned
16:14<HoopyCat>slact: ahhhh.
16:15<silverblade>randallman: that tinydns?
16:15-!-linville [] has joined #linode
16:15-!-Turl [] has quit [Quit: Leaving.]
16:15<randallman>Yeah tinydns
16:15<randallman>not that you cant do the same with bind
16:15<anno^da_>Hello guys. :-)
16:15<randallman>you just aren't FORCED to do so
16:15<HoopyCat>irgeek: newark47? :-) (see slact above)
16:15<vuf>tinydns just keeps running
16:16<anno^da_>Has someone got an Linode in Newark and could tell me his ip. I just want to test the response time to Germany. :-)
16:16-!-Ghent [] has quit [Quit: leaving]
16:16<HoopyCat>anno^da_: ^--- that'll have the official one, but is in newark too :-)
16:16<randallman>I still prefer bind-syntax which is closer to that of the RFC :)
16:16<randallman>mx = @
16:16-!-Smark[Gone] is now known as Smark
16:16<randallman>A = +
16:17<silverblade>With BIND etc. where is the actual resolution "table" stored? in memory? on disk?
16:17<anno^da_>HoopyCat: Thank you very much :-)
16:17<randallman>BIND loads it into memory
16:17<randallman>unless you're using a SDB backend
16:17<linbot>Yaakov: [dig] status: NOERROR | ;; ANSWER SECTION: | ;; AUTHORITY SECTION 86400 IN SOA 2009072173 3600 3600 1209600 86400
16:17<randallman>BIND with 500,000 zones takes FOREVER to start :)
16:17<Yaakov>!dig AAAA
16:17<randallman>not sure about DJB, it uses CDB so ostensibly it's built to seek into a CDB database
16:17<linbot>Yaakov: [dig] status: NOERROR | ;; ANSWER SECTION: 300 IN AAAA 2001:470:1f07:b95::6 | ;; AUTHORITY SECTION 86400 IN NS 86400 IN NS 86400 IN NS 86400 IN NS
16:17<silverblade>i mean when you're just using it to look up other peoples domains from your own box
16:17<randallman>oh,that's in memory
16:17<randallman>with bind
16:18<randallman>it can be dumped with rndc or a signal
16:18<randallman>to a file :)
16:18<silverblade>i see
16:18<randallman>and I've never used the PowerDNS recursor.
16:18<silverblade>Just curious as to how much of a performance boost id get by doing dns resolution locally like that
16:18<randallman>so I have no idea how it stores it...
16:18<randallman>Honestly? Probably less than noticable for periodic queries...
16:18<vuf>are ISP caches so bad?
16:19<randallman>But if you're doing report generation with mass namelookups
16:19<randallman>you might do better if there's a lot of repeat names
16:19<randallman>with a local cache
16:19<vuf>I just disabled my local cache today, after moving DNS to the linode
16:19<anno^da_>Hmm ok why the hell does no german provider provide such a great service. :)
16:19<silverblade>what kind of service
16:19<silverblade>room service? :D
16:20<randallman>I've got some apps that make 10's of 1000's of DNS queries per second during report runs.... We ran local bind instances on them forwarding to our big binds.
16:21<randallman>they crashed our AD DNS servers a few times, so :)
16:21<anno^da_>silverblade: yeah ;)
16:22<vuf>this seems to be not quite the same service, but my german is poor ..
16:22<silverblade>in the uk it seems vps hosting isnt as cheap as the US either
16:22<silverblade>Linode needs a uk branch
16:22<silverblade>so we can all get mortgages and move into 14400s
16:22<randallman>I use bytemark in teh UK
16:22<randallman>it works... :) That's all I need to know
16:23<randallman>the UI is NOWHERE NEAR linode
16:23<Yaakov>I want a data center on my home planet.
16:23-!-Bass10 [] has quit [Quit: Leaving]
16:23<silverblade>i used cheapvps/vaserv. i havent seen my vps from them for a good couple of months now
16:23<anno^da_>vuf: Well it is but the service is just too bad
16:23<randallman>Planet Hollywood? :P
16:23<TheJoe>CVPS died
16:23<Yaakov>The latency from the Earth-based DCs is killer for gaming.
16:23<TheJoe>I had a friend who was with them
16:23<randallman>Gotta work on that subspace IP packet transport
16:23<silverblade>yes they got hacked.
16:23<TheJoe>They died because of the whole openvz thing
16:23<silverblade>but theyre still "alive"
16:24<silverblade>in the sense that they exist, but they dont seem to be doing a lot
16:24<opello>in the glados sense of being alive? :p
16:25<silverblade>Rus Foster was like "submit a ticket to have the OS reinstalled"
16:25<silverblade>so i did. a week ago.
16:26<silverblade>I'm going to have to start buying tumbleweed at this rate, and a large fan.
16:26-!-paul_ [] has joined #linode
16:26-!-paul_ [] has quit []
16:27<@irgeek>HoopyCat: newark47 what now?
16:27<HoopyCat>irgeek: slact is reporting some I/O grogginess (scroll up ~16:14)
16:28<@irgeek>IO on the host is really low.
16:29<silverblade>IO, IO, its off to wait() we go...
16:32-!-paul_ [] has joined #linode
16:33-!-DephNet[Paul] [] has quit [Ping timeout: 480 seconds]
16:33*slact shrugs...
16:33-!-paul_ [] has quit []
16:33-!-tattoos [] has joined #linode
16:33-!-DephNet[Paul] [] has joined #linode
16:33-!-DephNet[Paul] [] has left #linode []
16:34<tattoos>Using the linode dns manager, how would I have FORWARD to a specific url?
16:34-!-DephNet[Paul] [] has joined #linode
16:34<Smark>you'd have to do that with apache tattoos
16:34<Smark>Hotmail is a bunch of Nazi Faggots... I swear its back-and-forth with their stupid spam filter. I really don't know what else I could do to get off their spam list...
16:34<tattoos>thats what I thgouh
16:35<@caker>Smark: watch your language please
16:35<tanto>mail IN CNAME some.other.domain
16:35-!-DrZipie [] has quit [Quit: DrZipie]
16:35<Smark>will do caker... To your knowledge are any Linode IPs blacklisted by anyone perhaps?
16:35<tanto>if you need it to go to then you'd need to use apache
16:35-!-darkbeholder [] has quit [Read error: Connection reset by peer]
16:35<tattoos>tanto: could it be more than a domain, ie a specific accy?
16:36<tattoos>thats what I need
16:36<tanto>then you'll need to use apache
16:36<tattoos>easy enough...
16:36<tanto>google apache permanent redirect
16:36<tanto>Redirect permanent /
16:36<tanto>something like that
16:37<tanto>i just have google domain email for all my domains, and with that we just set a CNAME to point to google
16:37-!-darkbeholder [] has joined #linode
16:38<HoopyCat>Smark: blocklists are usually on an IP-by-IP basis, rarely covering ranges larger than that (usually either due to extremism by the blocklist operator or the covered network being a spam haven)
16:39<vinic>man the domain verification for google apps refuses to work for me.
16:40<vinic>i set up the cname or .html file or whatever, and instead of sending me the results within 48 hours they'll just send me the "oh you're an admin and lost your password: go here" e-mail, which just brings me to the form for domain verification.
16:40<HoopyCat>vinic: do your logs show anything hitting the .html?
16:41<vinic>let's see
16:41<alpo>slact: just saw your note above... my vm (on newark47) seems to be back to normal snappiness for now
16:42-!-Bass10 [] has joined #linode
16:43<vinic> - - [02/Aug/2009:06:17:29 -0500] "GET /googlehostedservice.html HTTP/1.0" 200 22 "-" "Jakarta Commons-HttpClient/3.1"
16:44<vinic>traceroute shows it's google.
16:44<vinic>the e-mail was sent right after this.
16:44<vinic>looks like i'm caught in a loop.
16:44<slact>alpo: was your vmstat anything like mine?
16:44<vinic>the problem is that i set up an admin account with google apps, didn't verify the domain, and then forgot the password.
16:45<vinic>to get my password i have to verify the domain, and to verify the domain i apparently need the password.
16:45<Yaakov>Wow, quite a few blacklisted IPs in the Newark netblock.
16:45-!-tattoos [] has quit [Quit: tattoos]
16:46<Yaakov>36 out of are in ZEN.
16:46<alpo>slact: i would not not know how to read vmstat output
16:47<path>Yaakov: that is a shame.
16:47<vinic>here we go, i've found another area of the apps site to work with.
16:47<Yaakov>I am a little surprised.
16:47<slact>alpo: aight. my investigation continues.
16:48-!-JSharp [~J@] has joined #linode
16:48-!-lakin [] has quit [Read error: Connection reset by peer]
16:48-!-lakin [] has joined #linode
16:48<HoopyCat>Yaakov: interesting. well, at least it's not 254 out of the /24 :-)
16:49-!-TofuMatt-iPhone [] has joined #linode
16:49<Yaakov>HoopyCat: I am tempted to map all the blocks... but then I would be channelling SelfishMan.
16:49<JSharp>hmm, we're getting some abuse in our IRC channel from a user coming from a linode system. Where should I forward details to?
16:49<alpo>mmmm, fish
16:49<HoopyCat>Yaakov: haha, he probably already has it on a table somewhere
16:50<Yaakov>JSharp: What is the address?
16:50<Yaakov>It's an open proxy, be sure to do the abuse@.
16:50*path wonders if it's TOR
16:50<JSharp>Yaakov, sure will, thanks
16:50<Yaakov>Nope that one is a broken squid.
16:51*path tries planting seeds
16:51-!-River-Rat [] has joined #linode
16:51*HoopyCat watches a flock of crows descend upon path's seedbed
16:51<vuf>I want to retire my ftp daemon
16:52*path runs for the shotgun
16:52<path>blackbird pie!
16:52<HoopyCat>vuf: if it has at least 25 years of service and is over the age of 58.5, it is eligible for the corporate pension i believe
16:52<Yaakov>Wait, that one is the TOR node, I think.
16:52<Yaakov>I had them reversed in my head.
16:53<vuf>HoopyCat: ugh, then I have to wait a few more years
16:54<Yaakov>path: I might just take you up on it.
16:54<HoopyCat>vuf: nod, getting close tho, if it doesn't get fired for using post-it notes for customer passwords and being unable to cope with these new NAT things
16:54<JSharp>Yaakov, hmm, odd, I had thought that freenode banned all tor exit nodes in lieu of a hidden service...
16:54<Yaakov>JSharp: Let me check.
16:54<vuf>seriously, are there any reasonable ftpd replacements that do not require me to make shell users for each account?
16:54<JSharp>I've had good success with a chrooted vsftp
16:55<JSharp>wasn't too hard to setup either
16:55<randallman>ProFTPD, but that thing has historicly leaked like a sieve
16:55*TofuMatt-iPhone has success with sftp, heh
16:55<JSharp>vuf, what system/distribution are you using?
16:55<path>apt-get install vsftpd
16:55<path>but sftp is seriously better
16:55<vuf>uhm, I have a nice ftp setup ... I want it replaced
16:55<HoopyCat>vuf: if i had to come up with something, it'd probably be some crazy pam magic under sshd to allow sftp/scp
16:55<Yaakov>JSharp: Actually, only tor-gpg is allowed.
16:55<randallman>I use SFTP with a tool called 'scponly'
16:56<randallman>scponly becomes the user's shell
16:56<randallman>and it only allows sftp/scp
16:56<JSharp>Yaakov, ah, I see
16:56<randallman>and can also be chrooted
16:56<Yaakov>Looking back, I jumped the gun, that node isn't either of the ones I thought.
16:56<vuf>randallman: how does that authenticate?
16:56<TofuMatt-iPhone>There should be an FTP daemon that just replies with a link to some sftp clients, then closes the connection
16:56<randallman>nss :0
16:56<Yaakov>JSharp: You might just have a jerk.
16:56<randallman>err pam
16:56<randallman>sorry :)
16:56<path>i set up some ftpd the other day to update some firmware ;(
16:56<randallman>vuf, the users get system accounts
16:56<randallman>just no login shell
16:56<JSharp>Yaakov, heh, okay, I'll just report it in case it is compromised. Thanks for looking
16:57<TheJoe>Ok so my freind is using my DNS... His first comment:
16:57<TheJoe>[21:43:01] JoeT: SHITE
16:57<TheJoe>[21:43:03] JoeT: THATS FAST
16:57<Yaakov>JSharp: I have gotten some abuse from a Linode that appears to be a TOR exit node.
16:57-!-J-Node [] has quit [Read error: Connection reset by peer]
16:57<Yaakov>JSharp: So I was a little sensitive to it.
16:57<Yaakov>But that abuse@ address is the bee's knees.
16:57-!-J-Node [] has joined #linode
16:57<vuf>randallman: ok, i said shell, but it is really anything in /etc/passwd that I don't want ... can some pam module authenticate against my sql schema?
16:57<HoopyCat>Yaakov: "it has in the rdns, must be the guy!"
16:58<HoopyCat>vuf: libpam-mysql - PAM module allowing authentication from a MySQL server
16:58-!-River_Rat [] has quit [Ping timeout: 480 seconds]
16:58<Yaakov>HoopyCat: Aren't they all the same?
16:59<JSharp>Yaakov, thanks for your help
16:59-!-Deckert [] has quit [Quit: That's all folks!]
16:59<HoopyCat>vuf: you might have to do some whack poop with a view or something to get the columns where it expects it, but that's what the gin is for
16:59-!-Deckert [] has joined #linode
16:59<Yaakov>JSharp: It wasn't much help, but I would've if I could've/
16:59<JSharp>it's all good :)
16:59<JSharp>I was just concerned that the system might've been compromised or misconfigured
16:59<vuf>I never grokked pam :-/
17:00<HoopyCat>Yaakov: so what's the key signing policy for that tor-gpg acc((FJ(J(J(DF$
17:00<HoopyCat>NO CARRIER
17:00<JSharp>I like linode, don't want to see it gunked up :)
17:00<randallman>vuf, hmm... you might be able to setup an alternate SSHD running on another port; )
17:00<randallman>using a seperate pam auth type
17:00<Yaakov>HoopyCat: I signed urmom's key.
17:00<randallman>Never thought about that
17:00<randallman>But then there's the whole permission thing
17:00<randallman>I've not seen a 'SFTPD'.... that works like a FTPD
17:00<randallman>Not for unix anyhow
17:01<HoopyCat>storms are comin' in and it's, like, day #2 of WROC's fancypants new weather desk
17:01<Yaakov>path: I think that HoopyCat should right your dnsbl checker trigger.
17:02<Yaakov>path: He's well behind in trigger-writing.
17:02<HoopyCat>... wait a second, he just clicked and dragged the HAIL indicator onto the radar image! wtf
17:02<HoopyCat>Yaakov: i updated one and created two yesterday
17:02<Yaakov>I didn't see them.
17:03<path>PROOF or it didn't happen.
17:03<randallman>Hoopy, using pam mysql for SSHD? interesting though - but then there's the NSS stuff...
17:03<HoopyCat>randallman: nope, i am not. :-)
17:03-!-linoob [] has joined #linode
17:03<randallman>No I mean your idea
17:03<randallman>about doing that
17:03<randallman>you still need a nameservice/uid/gid backend?
17:03-!-Redgore [] has quit [Quit: Peace and Protection 4.22.2]
17:04<HoopyCat>randallman: i've done sshd -> pam -> ldap before, and it "handled all that just fine"
17:04<vuf>randallman: do you know how to change the pam auth type in sshd?
17:04<randallman>but I think he wants to, for example, create an anonymous SFTP server?
17:04<randallman>I know that's just an example, but
17:04<randallman>Similar concept
17:04<HoopyCat>randallman: i think it's less anonymous SFTP server and more not-needing-to-maintain-/etc/passwd
17:04<Yaakov>Let's see... dig, mtr-*, httping, lasttweet, wx, flux, groucho and spf for me.
17:04<randallman>SFTP server understanding that the uid of the logged in dude is not something to map directly to a local UID/GID
17:04<Yaakov>I think that's all of them.
17:04*linbot sets stan_theman on fire and kicks him at tychoish
17:05<vuf>it does not have to be anonymous, but I want all user config in sql
17:05<randallman>vuf, right... But how do you want to map to unix numericUid and Gid?
17:05<Yaakov>HoopyCat: That's not what I mean and you know it. Lame.
17:05<randallman>if you dont want them in /etc/passwd and /etc/group?
17:05<randallman>gotta manage perms somehow
17:05-!-TofuMatt-iPhone [] has quit [Ping timeout: 480 seconds]
17:05<vuf>randallman: I have those in sql already, for ftp
17:05<randallman>Im not sure if sshd will support that... anyone?
17:05<HoopyCat>Yaakov: i might do it once i get my to-do list more under control :-)
17:06<linbot>Yaakov: [spf] missing argument(s) use: !spf DOMAIN SENDER_IP
17:06<linbot>randallman: [spf] pass: designates as permitted sender (spf record: v=spf1 mx ~all)
17:06<linbot>Yaakov: [spf] fail: does not designate as permitted sender (spf record: v=spf1 -all)
17:06<vuf>it's funny that everyone will tell me that ftp sux, but noone can tell me a replacement :)
17:06<HoopyCat>randallman: sshd and PAM have been goin' together for awhile
17:06<randallman>HoopyCat, sure - but it still needs NSS right?
17:06<randallman>mapping uids to usernamse
17:06<randallman>names rather
17:06<linbot>Yaakov: [spf] unknown: error in processing during lookup of (spf record: )
17:07-!-Elton02326 [] has joined #linode
17:07<vuf>I also don't know NSS :-(
17:07<@tychoish>vuf: SFTP? (SSH+FTP, not FTPS which is FTP+SSL)
17:07<HoopyCat>randallman: SELECT username FROM users WHERE uid = 6554321
17:08<randallman>HoopyCat, so sshd can operate seperately from any system-wide NSS settings for uid/gid lookup?
17:08<randallman>e.g. the user doesnt need an /etc/passwd entry?
17:08<Yaakov>PAM++ # Pain in the butt, works.
17:08-!-decourl [] has quit [Remote host closed the connection]
17:09<vuf>I actually want rsync, but I guess that's pushing it :-)
17:09<HoopyCat>randallman: i would assume UsePAM would make it use PAM :-)
17:09-!-linville [] has quit [Quit: Leaving]
17:09<randallman>But that doesnt deal with the mapping of usernames to numeric UIDs
17:10*randallman shrugs
17:10<HoopyCat>randallman: i would assume you'd configure mysql behind unix in /etc/pam.d/common-* and it would DTRT everywhere
17:11<randallman>Guess im just used to setting up NSS seperately from AUTHN/AUTHZ
17:11<randallman>like LDAP for example, AUTHN pam_ldap just binds as the user/password
17:12-!-linoob [] has quit [Remote host closed the connection]
17:13-!-Elton02326 [] has quit [Read error: Connection reset by peer]
17:13-!-TofuMatt-iPhone [~tofumatti@] has joined #linode
17:14<HoopyCat>randallman: it's been awhile since i've done it, but it should be able to cover that
17:14<randallman>You'd need a nss module to have ls return string username/groupname when looking at the files
17:14<randallman>on the filesystem
17:14<randallman>that's my only hangup
17:14<randallman>so you'd want a nss module for mysql too
17:15-!-Elton05606 [] has joined #linode
17:15<randallman>And then at that point, you are just managing the same crap in a database instead of /etc/passwd,group
17:16<HoopyCat>randallman: yes, exactly. he's managing the crap in a database now, so why dump it to another database? :-)
17:16<randallman>just need to make sure to setup nsswitch.conf appropriately :)
17:16<randallman>hosts mysql
17:16<randallman>and find a mysql nss driver
17:16<randallman>Or cope with numeric crap on the FS :)
17:17<HoopyCat>nod, there are implementation details that are probably covered in some howto somewhere :-)
17:17<randallman>Im pretty sure ssh is going to dot he same thing... essentially use the system nss library... so ftp users will see #'s too :)
17:17<randallman>Yup :0
17:17<randallman>Im reading pam-mysql source now :)
17:17-!-pharaun [] has quit [Read error: Operation timed out]
17:17<HoopyCat>i'm STFUing and GingBTW :-)
17:17<randallman>:) :)
17:18<Yaakov>randallman: Sounds like stmulating reading.
17:18<randallman>I guess the point is - there's no drop in elegant solution for a 'self contained SFTP server' in unix
17:18<randallman>where all authn and uid/gid lookups are outside of the normal system functionality
17:19<randallman>unlike something like proftpd where users and groups can be externalized.
17:19<randallman>yet is so insecure, forget it :)
17:19<vuf>I don't get it, where will sshd get the uid/gid from?
17:20<randallman>the way that'd work is in nsswitch.conf, the order of lookup would be hosts mysql
17:20-!-Elton05606 [] has quit [Read error: Connection reset by peer]
17:20<randallman>err 'files mysql'
17:20<randallman>so if a local passwd/group entry existed, it'd go first
17:20<randallman>if not, check mysql
17:20<vuf>ok, so that is not optional?
17:20<randallman>Sure, its optional if you don't care about mapping uids and gids to strings
17:20<randallman>chown, ls, etc...
17:20<randallman>group membership
17:20<vuf>how will sshd setuid() to the right one?
17:21<randallman>That's a good question too :)
17:21<randallman>Not sure how that all works :P
17:21<Internat-afk>i think youd have to have in mysql a uid/gid wouldnt you?
17:21<Internat-afk>even if its a "virtual" one
17:22<path>wouldn't sshd use nss.. which reads the file?
17:23<HoopyCat>nod, you will need a uid/gid in mysql probably no matter what
17:23-!-Elton03590 [] has joined #linode
17:23<randallman>But Im not seeing anyplace uid or gid is in the pam_mysql source :)
17:23<vuf>so maybe I put mysql into the "passwd" and "group" lines in nssswitch.conf ?
17:23<randallman>sure, after you set all that up :)
17:23-!-Elton03590 [] has quit [Read error: Connection reset by peer]
17:23<Internat-afk>have a look at the db creation script
17:24<Internat-afk>it might have fiuelds in there that you need.
17:24<randallman>actually, Im not finding a schema here: )
17:24<HoopyCat>mysql supports schemas?
17:24<HoopyCat>ok, ok, i'll stfu
17:25-!-Big-Mama [] has joined #linode
17:25-!-Big-Mama [] has left #linode []
17:26-!-Elton08341 [] has joined #linode
17:27<vuf>well, actually I'm on pgsql, but I'll translate as appropriate
17:27<randallman>whee :)
17:27<randallman>slony ++
17:28-!-Elton08341 [] has quit [Read error: Connection reset by peer]
17:28<randallman>pam_mysql only works with pam which only does authentication. In order for your users in mysql to be available along side the users listed in your files, you will additionally need nss_mysql
17:28<randallman>There's nss and pam for postgres too :)
17:28<randallman>And that's where my involvement ends :)
17:28<randallman>I actually was working on a mail parser because we'er apparently now sending too much mail ot AOL and we're rate limited
17:29-!-Solver [] has joined #linode
17:31<randallman>Either way, it's a whole lotta work just to eliminate FTP
17:31<Smark>back to this nightmare... As any Linode IPs blacklisted as spam senders? If so, I think mine might be one, AFAIK my DNS is set up perfectly for Hotmail, yet I'm still being stuck in the Junk box
17:31<randallman>hotmail uses SPF, no?
17:31<randallman>or is that Yahoo?
17:31<Yaakov>Smark: What's your IP?
17:31-!-Pici [] has quit [Quit: Lost terminal]
17:32<Smark>yes randallman, SPF, SenderID, DomainKeys, the works
17:32<Yaakov>Smark: You are not in ZEN.
17:32<Smark>Zen the main Spam List?
17:33<linbot>randallman: [spf] softfail: does not designate as permitted sender (spf record: v=spf1 a mx ~all)
17:33<vuf>randallman: thanks, I will look into it. better not start now, though (it's 11:30 pm here :)
17:33<randallman>vuf, lots o' work :)
17:33<randallman>You ever play withj slony on pgsql?
17:33<Musicmasteria>Can someone help me set up shorewall on a basic ubuntu setup (apache2, php, mysql)?
17:33<randallman>we use it and it works quite well
17:33<randallman>never really had replication issues
17:33<randallman>even though its contrived trigger-based replication
17:33<Smark>thanks Yaakov
17:34<Smark>Where do I go from here?
17:34-!-Dreamer3 [] has quit [Read error: Connection reset by peer]
17:34<vuf>I don't know slony
17:34<linbot>HoopyCat: [spf] pass: designates as permitted sender (spf record: v=spf1 a mx ~all)
17:34*HoopyCat fixes randallman's typo :-P
17:34<randallman>Yikes :)
17:34<randallman>I r teh sux
17:35<Smark>So if someone could do me a HUGE favor and just check over my TXT Records and make sure they look in order, that would be great. I really have no idea where to go from here
17:35-!-BarkerJr [] has joined #linode
17:36<randallman> 86400 IN MX 10
17:36-!-DrZipie [] has joined #linode
17:36<randallman>Is that actually necessary? :P
17:36<randallman>Doubt it's the issue, but
17:36<SelfishMan>What's the problem?
17:36<randallman>Not a problem per se
17:36<Smark>SelfishMan, back on Hotmail's spam list
17:36<Smark>when I havent changed anything
17:36<randallman>but mailserevrs fall back on A's if no MX exists, no?
17:36<HoopyCat>randallman: i like to be explicit because you never know how some MTA is going to panic
17:36<TheJoe>Ok so I/O - what level *should* it be ideally
17:37<BarkerJr>it's considered bad practice to rely on the fall-back
17:37<SelfishMan>Smark: that is just how hotmail works. Contact the postmaster and they will "verify" your domain
17:37<BarkerJr>that's only there for backwards compatibility
17:37<SelfishMan>randallman: some do but an M should always exist
17:37<TheJoe>Mine's maxed at 385.02 and I'm not sure if that's a good thing or not
17:37<randallman>k sorry :)
17:37<Smark>I've done it before, I fill out this form with a bunch of information, and they just send me back a stock email that basically says nothing
17:38<HoopyCat>TheJoe: yeah, you installed a shitload of software a couple hours ago, remember?
17:38<Smark>TheJoe, mine peaks at 6k during backups, you're fine
17:38-!-Elton07460 [] has joined #linode
17:38<TheJoe>HoopyCat: Weeeeeeeeeeeeeellll
17:38-!-Elton07460 [] has quit [Read error: Connection reset by peer]
17:38<Smark>*grumbles about microsoft fail*
17:38*Smark submits another email to the Hotmail Postmaster
17:39<randallman>there's actually an article about it
17:39<BarkerJr>you can see not having MX will slow stuff down
17:39<HoopyCat>TheJoe: how's your average?
17:39<SelfishMan>Smark: again, you can verify that all your DKIM/SPF/SenderID stuff is correct by sending to
17:39<randallman>I dont see AAAA in there anywhere :)
17:39<TheJoe>HoopyCat: Whoops! didn't look at that, it's only 6.41
17:39<TheJoe>I guess I'm ok then
17:39<Musicmasteria>Can someone help me set up shorewall on a basic ubuntu setup (apache2, php, mysql)?
17:39<randallman>I had some real issues with a IPv6 enabled sendmail puking because a mal-written netscalar was returning NXDOMAIN for the AAAA lookup
17:39<randallman>Even though the MX and the A's were in order ;)
17:40*HoopyCat whips out his Max 29842.70, Avg 546.23, Last 96.32
17:40<TheJoe>Oh my
17:40<Smark>how did you peak at 30k?
17:40<Smark>DomainKeys: none - It appears you don't have DomainKeys configured
17:40<TheJoe>Must be a porn network
17:41<randallman>IMHO domain keys is for spammers; )
17:41<HoopyCat>that's why you run the pg_dump at 4:30am
17:41<SelfishMan>Smark: DomainKeys is old and nobody should really us e it
17:41<randallman>nearly every GREAT spam I get that passes spamassassin has DKIM setup :)
17:41<Smark>DKIM and SPF pass
17:41<SelfishMan>randallman: Google and Yahoo both rely heavily on DKIM
17:41<randallman>ok well my personal mail do not have DKIM and I have no issues with google & yahoo
17:41-!-DrZipie [] has quit [Read error: Connection reset by peer]
17:41<randallman>not sure why or why not :)
17:41<TheJoe>HoopyCat: Does each Linode get it's own disk? Or do they all share one/several disks?
17:42<Smark>TheJoe, they share a RAID 10 array
17:42<randallman>did anyone ever come up with reasonable 'industry wide' solutions for DKIM and listservs?
17:42<Yaakov>randallman: The nice thing about a spammer using DKIM is that you know you can block them.
17:42-!-DrZipie [] has joined #linode
17:42<TheJoe>So theoretically doesn't having an I/O like that hurt other nodes?
17:42<SelfishMan>TheJoe: If they all had their own disk then a host with 360's would need to have 41+ drives
17:42<randallman>Yaakov, sure :)
17:42<HoopyCat>TheJoe: shared. otherwise, you'd have a lot more than 16GB and $20/mo :-)
17:42<randallman>if I paid attention
17:42<BarkerJr>well, SPF is not a spam figher
17:43<Smark>TheJoe, technically yes, but if you're "hogging the I/O" and the other hosts need it, they should get what they need
17:43<HoopyCat>TheJoe: in theory, it can. that's why i get it done fast, hard, overnight, and at an awkward minute
17:43<Yaakov>SPF and DKIM just make sure that the sender is the sender, so if spammers use it you can block them.
17:43<BarkerJr>spam has as much right to use SPF and DKIM as anyone
17:43<Yaakov>I had one case of an "opt-in" spammer with DKIM and I just disallowed the domain.
17:44<vuf>I currently have numeric IDs when I list my ftp user files ... as a first step, I could get account names by setting up nss-pgsql, right?
17:45<Smark>should I bother with "Sender Score Certification"
17:45<HoopyCat>vuf: so you're already having the problem you might have! :-)
17:46<vuf>HoopyCat: absolutely, but I don't really care whether it says a random number or a username that is the same for all files
17:48<SelfishMan>Smark: Knowing hotmail, they are probably unhappy that you aren't using a hostname
17:49<SelfishMan>instead of having the rdns for point to try pointing it to
17:49<BarkerJr>HoopyCat: my ntpd is 19.8
17:49<SelfishMan>be sure to also create a matching a record and then update postfix to use the full hostname for the helo
17:49<randallman>Vuf, the real issue from where I stand would be the numeric IDs in the filesystem
17:49<randallman>also, where is homedir coming from?
17:49<randallman>without NSS?
17:49<Smark>I dont send from
17:49<randallman>so how does SSHD know the users home directory?
17:50<vuf>randallman: I did not get to sshd yet, so currently only my ftpd knows the homedir ... I want small steps, and it seems nss-pgsql is a good first one
17:50<randallman>Ahh yes
17:50<randallman>so you have files on the filesystem
17:51<randallman>with numeric UIDs?
17:51<randallman>which are, allegedly, tied to users in postgers?
17:51<SelfishMan>Smark: The from address would still be but you aren't using a hostname in the HELO or rdns which is a bad way to do it
17:51-!-samuel [~samuel@] has joined #linode
17:51<randallman>Yes, you want hostname in HELO
17:51<HoopyCat>BarkerJr: that last eek of getting it to 20 takes awhile. :-)
17:52<BarkerJr>I'll post the graph once the bad stuff at the begining is gone
17:52-!-Elton04445 [] has joined #linode
17:52-!-Elton04445 [] has quit [Read error: Connection reset by peer]
17:52<Smark>do I have to do any configurations in Postfix to change over to
17:53<randallman>myhostname I think?
17:53<randallman>and you want myorigin to e mydomain
17:53<randallman>but I think that's the default
17:53<vuf>incidentally, is there some RFC saying that helo must match rdns? or is it just a matter of pleasing spam filters?
17:54<SelfishMan>vuf: helo doesn't need to match rdns
17:54<Smark>also, I need to configure my MX record then, right?
17:54<SelfishMan>the helo must be valid as a forward record
17:54<vuf>SelfishMan: that's what I thought ... had a bit of a fight the other day :)
17:54<Smark>myhostname is commented out and myorigin is
17:54<randallman>HELO mybustedexchangeserver.lan
17:55-!-lesouvage [~chatzilla@] has quit [Ping timeout: 480 seconds]
17:55<randallman>and setup a records and such
17:55<Smark>leave myorigin the same?
17:55<randallman>myorigin = $mydomain?
17:55<randallman>That's only for unqualified addresses anyway
17:55<randallman>e.g. /usr/lib/sendmail -t
17:55<BarkerJr>truthfully, you should try to always use subdomains
17:55<Smark>I dont have a mydomain entry in
17:56<randallman> 60 IN MX 10
17:56<BarkerJr>the TLD should only be fore stuff like SOA, NS, MX, and SPF/TXT
17:56-!-jetlag [] has quit [Quit: leaving]
17:56<SelfishMan>using the helo "mybustedexchangeserver.lan" is never valid though
17:56-!-jetlag [] has joined #linode
17:56<Smark>should I have a mydomain entry in
17:56<randallman>selfishman, tell that to my business users who wine about not getting e-mail from misconfigured customers :)
17:56<SelfishMan>Smark: you only need to change myhostname right now
17:57<SelfishMan>be sure to add the A record and change the rdns too
17:57<Smark>restarting Postfix
17:57<SelfishMan>randallman: I know, believe me I know
17:57<randallman>Imagine the phone calls - Im on the phone with my CSR who is on the phone with thier customer (a lawyer or some paralegal)
17:57<randallman>and NOONE wants to talk to IT
17:57<randallman>because we never tell them what they want to hear and it always sounds like a fax machine :)
17:57<BarkerJr>I setup all these sites with no 'www.' prefix and now it's hell because you can't CNAME @ to a centralized domain
17:57<randallman>start of SOA cnames make no sense :)
17:58<randallman>you're basically saying this domain *is* that domain :)
17:58<SelfishMan>Somehow I found something in my mail logs from an architect in new york that had a big note on their webpage that cox communications was broken and couldn't send mail to them and wouldn't accept their mail either
17:58-!-jhford [] has quit [Quit: jhford]
17:58<Smark>postfix has been restarted, change my MX record now?
17:58<vuf>SelfishMan: this guy quoted rfc1912, "Make sure your PTR and A records match." to essentially say that the rdns should match helo
17:58<SelfishMan>Big blinking red text saying how it was all the fault of cox
17:59<BarkerJr>right, so now to add a server to my cluster, I have to update A on every domain, rather than just one CNAME
17:59<SelfishMan>The funny thing was that the warning in my postfix logs that caught my attention was stating that they used a literal IP for the MX record. I contacted them and told them that a MX record *must* be a hostname and never an IP. Next thing I know they are thanking me and telling me that their IT guy was an idiot.
18:00<Smark>Do I have to change my MX record after changing myhostname?
18:00<Smark>(its atm)
18:00<randallman>Sorta kinda maybe not really sure
18:00<Smark>just add a "mail" subdomain?
18:00<randallman>You'll want an A record for mail
18:00<randallman>then MX to the
18:00<SelfishMan>Smark: you should point the mx record to
18:01<Smark>should mailserver be "" and subdomain blank or set mailserver to "
18:01<Smark>and "mail" in subdomain?
18:02<SelfishMan>no subdomain
18:02<SelfishMan>the target should be
18:02<SelfishMan>you also need to create an A record for mail. pointing to the IP
18:02<Smark>both done
18:02<BarkerJr>or, mail can be a cname
18:03<Smark>its an A record
18:03<StevenK>mail can not be a CNAME
18:03<randallman>IN MX points to a cname...
18:03<randallman>please no
18:03<BarkerJr>why not?
18:03<HoopyCat>MX cannot point to a CNAME
18:03<randallman>RFC 1912, common dns operational and configuration errors :)
18:03<StevenK>Mail servers can rightfully so refuse to deliever mail to a domain because the MX record is pointing at a CNAME
18:03<HoopyCat>CNAME, uhh, good god ya'll, what is it good for, absolutely nothin'
18:03-!-jhford [] has joined #linode
18:03<BarkerJr>bind would tell me if it couldn't point to a cname
18:04<Smark>so now I just wait?
18:04<BarkerJr>ah what do I care... I just point to googlemail
18:04<HoopyCat>BarkerJr: bind won't tell you, but sending MTAs will log it as a warning and/or fail it as an error
18:04<SelfishMan>BarkerJr: Actually, there was a very heated argument on the BIND users list a while back because of the CNAME warning so I think the warning was actually pulled
18:05<HoopyCat>bind CAN'T tell you accurately, because what if the CNAME target is not in a zone it knows about?
18:05<BarkerJr>forget I said anything
18:05<BarkerJr>my MX points to ASPMX.L.GOOGLE.COM. anyway
18:07<HoopyCat>you should have approx. 7 MX records, btw :-)
18:07<randallman>god damnit, I still have app-tards failing to set the envelope address... so things are leaving my network with stuff like
18:07<randallman>and I keep trying to get them to fix it
18:07<randallman>someone told them to use MIME::Lite and never told them to set the envelope sender.
18:08<randallman>It's no wonder I keep winding up on soandso's BL
18:08<path>apptards.. :)
18:08<randallman>and they ask me stuff like 'Cant you set that in the mailserver'
18:08<BarkerJr>I found mail administration a total pain in the neck, so gave up and converted to google apps last week
18:08<randallman>SURE, I can set the DOMAIN, but not the user part
18:08<randallman>Barker, I'm about to convert to post-freekin-ini
18:08<randallman>But I still have outbound app mail
18:08<SelfishMan>randallman: just reject it
18:09<randallman>I can
18:09<randallman>but who do I bounce it to?
18:09<SelfishMan>don't bounce it
18:09<randallman>and then Im not being 'helpful' :P
18:09<SelfishMan>reject it at smtp time
18:09<path>bounce to the developers
18:09<randallman>I gotta track down which developer that no longer works here wrote the code :)
18:09<Smark>Hotmail is so bad, why would anyone use this? I cant even view the original message
18:09-!-Trash [~test@] has joined #linode
18:09<randallman>so I can figure out which team who no longer maintains the code can fix it
18:10<Trash>how can I import a text to a file without deleting its original content?:o
18:10<randallman>:r filename :)
18:10<Trash>I tried echo but no luck
18:10<randallman>echo "foo" >> filename
18:10<Trash>echo "something" > yes
18:10<randallman>or cat >> filename <END
18:11<randallman>I have CSR's using 'that' as a 'the customer didn't give me e-mail' place holder
18:11<randallman>so we constantly spam N@NOMAIL.COM
18:11<randallman>I want to cry
18:11-!-lesouvage [~chatzilla@] has joined #linode
18:12<randallman>Im an engineer, not a pre-school teacher
18:12<path>reject outgoing mail with invalid domains :)
18:12<path>i have an outgoing blacklist now
18:12<randallman>well it's rejecting alright :) Rejecting after wasting time doing MX and A lookups :)
18:12<path>since people think that replying to phishing emails is OK
18:13<randallman>The best is when they use or something :)
18:13<path>no students mind you..
18:13<path>only teachers..
18:13*SelfishMan reaces off to buy
18:13<randallman>yes is the IANA set forth domain, right?
18:13<BarkerJr>I feel sorry for the ppl that run example.*
18:13<randallman>Barker, RFC2606 :)
18:13<SelfishMan>BarkerJr: example.* is run by ICANN
18:13<Trash>I have a bash script. Is there any way to encrypt so nobody can check the source code?
18:14<SelfishMan>Trash: no
18:14<BarkerJr>oh, so I'm just wasting ICANN bw?
18:14<BarkerJr>ICANN is jerks anyway, so I'm glad to do such
18:14<randallman>Barker, a syn here, a syn there
18:14<randallman>no syn ack :)
18:14<SelfishMan>besides, "encrypting" a script always requires decryption at some point so all it does is add a layer of obscurity (not security) and a bunch of bloat
18:14<materdaddy>Trash: why?
18:14<path>cause he doesn't want people to see what he's doing
18:15<materdaddy>path: rm -rf /
18:15*randallman remembers someone saying 'Lets use python, noone can decompile it'
18:15<randallman>shortly thereafter, python decompiler came out :0
18:15<Trash>cos lets say if I have a great script and would like to sell per server then a company buy just a copy and he can easily use it on the other servers
18:15<randallman>Trash, dude I've seen all sorts of perl script obfuscation
18:15<randallman>centered around this
18:15<randallman>but I cant begin to explain how or why
18:15<path>i remember
18:15<randallman>Not just obfuscation
18:15<materdaddy>Trash: don't use a shell script?
18:15<randallman>The danzi-cart!~
18:15<path>that was retarded
18:16<path>war of the perl
18:16<randallman>hahaha we tried to hire you to hack the code :)
18:16<randallman>and it was all checksummed
18:16<path>i can't believe i even listened to that guy
18:16<randallman>and someone basically went into VI and held down 'J' :)
18:16<randallman>Dude he had a brain tumor
18:16<randallman>almost died
18:16<path>that sucks
18:16<randallman>and he had a tag for his hyabusa bike
18:16<randallman>it said 'NOTAG'
18:16<Trash>is it easy to check lets say from a mysql databse the ip is it on and if not then it wont run?
18:16<randallman>so he got like 1000's of tickets
18:17<randallman>1000's of tickets where cops wrote in 'NOTAG' in the 'tag' field
18:17<randallman>and the DMV applied the tickets to his tag... 'NOTAG'
18:17<path>that was dumb
18:18<randallman>funny though
18:18<linbot>New news from forums: Concurrent pages served. in Performance and Tuning <>
18:18<path>yea.. but still..
18:19<Trash>in a shared environment what should be the value of max cpu time per user?
18:19<randallman>wow I've never actually used that rlimit
18:21<randallman>That code is still out there
18:21<randallman>That website is straight outa 1997 too
18:22<path>i like the rotating ?
18:22<randallman>Check it out it's like a flashback
18:22<path>maybe i should steal it
18:22<randallman>Trash, CPU time is not really = time...
18:22<randallman>so for example, a bash shell sitting for days might only take 5 seconds of CPU time
18:23<randallman>whereas a large query on the database that takes 60 seconds may in fact take 55 seconds of CPU time
18:23<randallman>Not necessarily a highly useful way to partition user resources :)
18:23<randallman>It doesnt guarantee anyone anything, just that if any one process exceeds cpu time it gets a posix signal
18:25-!-putlake [] has joined #linode
18:25-!-Pici [] has joined #linode
18:25<SelfishMan>Trash: I still don't get why you are trying to limit cpu usage per user
18:26<vuf>holy smoke, that nss-pgsql worked on my first "ls"
18:26<Trash>but with max cpu time I can prevent to use lets say all cpu
18:26<Pryon>randallman: back in the day, we'd get a monthly bill for CPU time used at school
18:27<path>so people wouldn't notice a process running amuck?
18:27<SelfishMan>Trash: but *why* do you want to limit that?
18:27<Pryon>Trash: your processor is idle most of the time
18:27<putlake>i have a few rules for denying traffic in my .htaccess file. If i add more host names will it affect performance?
18:28<putlake>I find that spam bots have IPs that trace to server hosting companies like
18:28<SelfishMan>putlake: an iptables rule is a better solution
18:28<Trash>because some of the users use a lot cpu
18:28<SelfishMan>Trash: in what way?
18:29<putlake>SelfishMan: Does iptables handle host names?
18:29<Trash>lets say torrentflux
18:29<Pryon>If they're preventing other users from getting stuff done, talk to the ones hogging the machine. If not, who cares? If the hogs don't listen, replace their password with 42
18:29<SelfishMan>"lets say"?
18:29<SelfishMan>ok, if I'm going to get useless info then I'm done
18:30<putlake>I got a bot today from an IP address that seems to trace back to, which seems to be a server hosting company
18:30<Pryon>or apt-get purge torrentflux
18:31<BarkerJr>well, there's nothing to stop anyone from running game servers
18:31<BarkerJr>I bet you could run two halflife servers on a 360
18:31<Trash>then how can I limit cpu usage for them?
18:32<Trash>and memory
18:32<BarkerJr>use as much cpu as them
18:33<BarkerJr>and memory is already limited... I mean that's what the 360 means :)
18:33<SelfishMan>Trash: what host are you on?
18:33<Trash>quad ore
18:33<Trash>4gb rama
18:33<path>aka.. not a linode
18:33<JshWright>putlake: did you contact joyent's abuse desk?
18:33<SelfishMan>host as in the actual server name
18:33<SelfishMan>fremont42 for example
18:33<linbot>New news from forums: Help Setup Shorewall On Ubuntu 9.04 in Linux, Apache, Mysql and PHP (LAMP) Forum <>
18:34<path>probably ulimit would work
18:34<BarkerJr>wait a min, this channel provides support for the competition? :P
18:34<putlake>well the IP was
18:34<path>people ask everything under the sun in this channel
18:34<SelfishMan>how is babby formed?
18:34<putlake>and that traces to Joyent
18:35<path>but yea.. there have been people from competitors that come here to get help
18:35<SelfishMan>HoopyCat: Got a website for you:
18:35<putlake>A few days ago there was this IP which traces back to
18:35<putlake>Both are the same spam bot
18:35<putlake>but using different hosts
18:36<putlake>all spamming the same page
18:36<path>Trash: here is something interesting..
18:36<putlake>a few days before that it was yet another IP from
18:36<putlake>it's not sustainable to go to all these hosts and tell them whats going on
18:37<putlake>it would be ideal to block traffic from any of these host companies
18:37<putlake>but a reversedns lookup for every request will just kill my site
18:37<JshWright>putlake: then iptables rules for the relevant netblocks would be the way to go
18:37<SelfishMan>putlake: don't try to block the traffic. block the spambot from submitting using something like recaptcha
18:37<JshWright>putlake: how are they spamming your site?
18:38<putlake>these bots are smart enough to beat recaptcha
18:38<putlake>i already have recaptcha on that page
18:38<SelfishMan>for the record, using a hostname deny rule in your apache config or .htaccess also does a rdns lookup
18:38<SelfishMan>and it does slow things down
18:38<putlake>just to confirm - a deny from ip_address in .htaccess wont really affect performance, right?
18:39<path>you could set a cookie on one page and check for it on another
18:39<path>check the referral, if it's blank.. redirect them back to their own ip
18:42<vuf>hmm, I get the nss-pgsql output with "ls", but not in "ps aux" ?
18:44<SelfishMan>putlake: a few deny fro IP rules won't hurt performance much but a bunch will
18:45<SelfishMan>The thing is, blocking by IP probably won't do much good as the IP is typically used in a quick campaign then thrown away
18:45<putlake>SelfishMan - you are right
18:45<putlake>but i have no other alternative
18:45<putlake>i am tightening controls around recaptcha
18:46<putlake>that + a few blocked IPs should probably do it
18:46<SelfishMan>use an apache session to verify they are already on the site
18:47<putlake>SelfishMan - that is also a good idea. It'll need some work to change application logic but i think it's worth it
18:47<SelfishMan>shouldn't take much
18:47-!-laser` [] has quit [Remote host closed the connection]
18:47<putlake>yes...not much. Just have to find the right place to modify...the code is a maze :)
18:47<SelfishMan>You won't have to worry about compatibility problems as much then if you keep it server side
18:47<Yaakov>putlake: you might want to compare the IPs in the block list and see if they correspond at all.
18:51-!-lesouvage [~chatzilla@] has quit [Ping timeout: 480 seconds]
18:52<putlake>Yaakov: Nope. They are not on the list
18:52-!-Trash [~test@] has quit []
18:53<Yaakov>putlake: Are they in the ZEN dnsbl?
18:53<putlake>not in SBL PBL or XBL
18:55-!-Kassah [] has joined #linode
18:57-!-pharaun [] has joined #linode
19:01-!-anno^da_ [~anno^] has quit [Quit: Leaving...]
19:02-!-Mathew [] has joined #linode
19:04<HoopyCat>SelfishMan: only time can make my updike larger
19:06<BarkerJr>uh, tmi?
19:06-!-DephNet[Paul] [] has quit [Quit: Leaving]
19:07-!-szabo [] has quit [Ping timeout: 480 seconds]
19:07-!-DephNet[Paul] [~paul@] has joined #linode
19:09<erikh>is there something wrong with fremont49?
19:10<HoopyCat>it runs like a girl and sits down to pee
19:10-!-erikh [] has quit [Read error: Connection reset by peer]
19:12<@jed>root@fremont49:~# statusck Is there anything wrong with you?
19:12<@jed>erikh: negative
19:13-!-erikh [] has joined #linode
19:13<@jed>erikh: no, nothing wrong
19:13<@jed>what's up?
19:13<erikh>pretty sure that panic was about to happen again
19:13<erikh>couldn't even get a login on the console
19:13<erikh>easily the 5th or 6th time this month
19:16-!-jcn [] has joined #linode
19:17-!-Mathew [] has quit [Quit: Leaving]
19:18-!-samuel [~samuel@] has quit [Quit: samuel]
19:19-!-silverblade [] has quit [Remote host closed the connection]
19:20<vuf>uhm, so if I have that nss-pgsql, why is the pam module needed for authentication?
19:26<TheJoe>Hmm... I wonder if I can block domains
19:26<TheJoe>For added goatse protection
19:26-!-lakin [] has quit [Quit: Ex-Chat]
19:27-!-TofuMatt-iPhone [~tofumatti@] has quit [Quit: TofuMatt-iPhone]
19:29<erikh>boy I sure love having a 10 MBTF
19:29*erikh grumbles
19:29<erikh>s/10/10 day/
19:35<TheJoe>Hm only solution to blocking domains I can find involves having a second IP
19:36<@caker>erikh: <-- been running that these past few weeks?
19:36<erikh>let me check..
19:37-!-orudie [] has joined #linode
19:37<erikh>caker: correct, I haven't changed it. I've also reinstalled (ubuntu 9.04) after it was suggested that my custom arch install was the culprit.
19:37<erikh>I'm glad to help in any way I can, I just want this problem to go away :)
19:37<erikh>same kernel on arch.
19:38<@caker>erikh: if your issue is that frequent, perhaps give 2.6.29 a shot and see if that eliminates it
19:38<erikh>ok, I'll do so in a few minutes (work calls)
19:38<@caker>erikh: the issue being, what, exactly? Linode freezes; nothing on console; etc?
19:38<erikh>linode goes ape on I/O / CPU, then panics.
19:38<erikh>normally, the box is sitting at a 0 load and does very little (overbuilt)
19:38<@caker>got a log?
19:38<erikh>what log would you like?
19:39<@caker>the panic may be useful, or any other relevant console output
19:39<erikh>I've just been looking at the graphs and the lish logger.
19:39<erikh>yeah, gimme a minute, i'll dig it up
19:40<@caker>who suggested it was userspace at fault?
19:40<Yaakov>Hey, it's evening caker.
19:40<@caker>Yaakov: and? :)
19:40<Musicmasteria>does anyone know of a firewall test script that I can use to test my newly configured Shorewall firewall?
19:40<Yaakov>Just nice to see you.
19:40<@caker>o hai
19:40<erikh>caker: the arch install, you mean?
19:41<@caker>erikh: yeah
19:41<erikh>I can't remember precisely, but it should be the last ticket I filed.
19:41-!-kupesoft [] has quit [Remote host closed the connection]
19:41<erikh>and logview doesn't go far enough back to show the last panic; sorry about that.
19:41<erikh>I can assure you this is not oomkiller or similar ilk, though.
19:41<@caker>yeah, just current and previous boot ... but wait! we save off console logs with OOPs and panics in them
19:41*caker hunts
19:41-!-DrZipie [] has quit [Read error: Connection reset by peer]
19:41<erikh>oh, you rule.
19:42*HoopyCat plays PowerPuff Girls action-battle theme
19:42<erikh>I gotta multitask between this and $JOB, so responses may be high latency.
19:42-!-DrZipie [] has joined #linode
19:44<orudie>why does the word "Internet" start with a capital letter ?
19:44<encode>its a user's handle
19:45<encode>thus, a proper noun
19:45<encode>that should be capitalised
19:45<encode>or am I completely missing the context here
19:46<HoopyCat>orudie: it isn't *always* capitalized
19:46<@caker>erikh: gebus .. there are 6 of them in there for your Linode in the past 8 weeks or so, including boots with,, and 2.6.29-linode18. What is this Linode doing?
19:46<erikh>mail; irc proxy; apache
19:46<erikh>yeah, I've been trying to get SOMEONE to look at this :)
19:47<erikh>thanks, really.
19:47<@caker>any time...
19:47<tierra>orudie: because while it's an internet, it's the Internet (a pronoun)
19:48<@caker>erikh: is this a production box? in other words: how would you feel about its participation in a special project?
19:48-!-Bryan [] has joined #linode
19:48<@caker>erikh: alternatively, I'm afraid migrating to another host is the only thing I have left to suggest . . .
19:53<path>orudie: because the "Internet" that everyone commonly uses is a proper noun. as opposed to out types of inter networks.
19:54<path>back in the day some companies and some groups of schools had inter networks.. but now everything is pretty much one giant inter network which is what commonly is known as the Internet
19:54<HoopyCat>i have an internet, you inconsiderate clod
19:54<path>or an intranet, or a metropolian network?
19:55<SelfishMan>TEH INTERWEBS!
19:55<path>i have an intranet at home.. if all my neighbords and i interconnected our wireless.. i suppose you could call that an internet
19:57-!-kenichi [~kenichi@] has quit [Quit: kenichi]
19:58<orudie>i dont get it
19:58-!-toyo|desk [] has quit [Remote host closed the connection]
19:58<orudie>so if something is big it should get capitalized ?
19:58<path>a proper noun is like a name
19:58<path>you capitalize names like Joe
19:59<path>interconnecting networks are one type of network
19:59<orudie>intranet is not capitilized
19:59<path>but the giant one we all use today has a name and it's "Internet"
19:59<path>because that is another type of network
19:59<path>internet is a type of network
19:59<path>not to be confused with a name of a certain network
20:00<path>which you are confusing
20:00-!-JSharp [~J@] has quit [Quit: Leaving]
20:00<path>and i'm tired of this already
20:00<orudie>i just want to know why
20:00<path>that link
20:01<Yaakov>It is iNternet.
20:01-!-daMaestro [] has quit [Quit: Leaving]
20:01<erikh>caker: I'd be happy to participate, plus, I'm moving cross-country to philadelphia at the end of the month, so I was going to migrate anyways.
20:01<SelfishMan>intranet is more accurately intra-net. same for inter-nets. The Internet is a proper noun because of Compuserve (or was it prodigy)?
20:01<erikh>if you want to get on this later tonight when I'm done building these off-site backups (for $WORK), I'm all over it.
20:01-!-Artifex [~ncain@] has joined #linode
20:01-!-Artifex [~ncain@] has quit []
20:01-!-Artifex is "(unknown)" on (unknown)
20:02<@caker>erikh: cool. I'll hit you up in a day or two once we're set up on our end. We're going to ask for testers to put a new dom0 build through its paces
20:02<Yaakov>caker: Special project?
20:02<erikh>right on.
20:02<path>well prodigy and compuserve were different
20:02*Yaakov perks up.
20:02<path>i think compuserve bought them
20:02<path>like aol
20:04<Musicmasteria>anyone know of a firewall test script?
20:05<Deckert>Musicmasteria: look into 'nmap'
20:05<erikh>btw, for future reference: email-addicted wives > nagios
20:06<erikh>best monitoring system money can buy
20:06<erikh>or, new furniture can buy
20:07<Musicmasteria>thx Deckert
20:07<slact>soooo... i just migrated from one node to another, and the machine went all not-responding-to-pings. It does boot into finnix though, but i'm not sure what to do from thre do diagnose the problem...
20:07-!-putlake [] has quit [Quit: ChatZilla 0.9.85 [Firefox 3.5.1/20090715094852]]
20:08<jvaughan>caker: can i ask a question about linode's safe harbor certification?
20:08<path>erikh: i think they incur a lot of overhead costs
20:08-!-szabo [] has joined #linode
20:08<@caker>jvaughan: you may. I can try to answer, too -- but pparadis is to go-to-guy for that effort
20:08<G>erikh: got the alerts appearing on a big LCD TV? :P
20:09<erikh>nah, but the phone responses are very low-latency
20:09<Yaakov>pparadis is in an inflatable boat out in the harbor right now.
20:10<path>Yaakov: is he making sure it's safe?
20:10<Yaakov>Keeping it safe.
20:10<path>oh, good.
20:10<Yaakov>He's wearing snappy white bell bottoms, too.
20:11<jvaughan>caker: am i right that it's only for protection of data gathered on customer sign up, rather than for EU linode customers to collect data from EU residents and store it on their linodes?
20:12<@caker>jvaughan: our self certification does not extend to our clients, if that's what you're asking
20:13<jvaughan>i think so
20:14<jvaughan>it's a shame, as it means i can't use linodes for projects where any vaguely personal data is collected
20:14<@caker>what, what?
20:14<jvaughan>guess i have to join the campaing for an eu datacentre
20:15-!-Musicmasteria [] has quit []
20:15<@caker>I'm going to defer this to pparadis, because I don't think I'm relaying it correctly
20:15<jvaughan>uk data protection law forbids me from storing personal data (eg names, addresses) outside of the EU
20:15<jvaughan>unless covered by safe harbor
20:16<HoopyCat>jvaughan: you could get covered by safe harbor as well
20:16<@caker>well, that was the whole point why we got Safe Harbor certified
20:16<HoopyCat>slact: same datacenter, or different datacenter? (i'm wondering if the IP might have changed...)
20:17<jvaughan>i'm not sure what you mean by it not extending to your clients
20:17<jvaughan>are you thinking more of your U.S clients?
20:18<@caker>this is not for US clients, it
20:18<@caker>it's for EU clients...
20:19<path>would an EU business also need to get safe harbor certified? (i dunno, just curious)
20:21<jvaughan>i'm still not sure what is meant by self certifaction not extending to clients.
20:21<jvaughan>but i can wait to ask mr paradis
20:21<HoopyCat>jvaughan: linode can't assert that you meet the requirements; they can only assert that they meet the requirements
20:22<path>linode doesn't know what you do inside your container
20:22<jvaughan>ok, but it can only be issued to US companies anyway
20:22-!-elhippo [] has joined #linode
20:23<path>i'm guessing that if they meet the requirements and you meet the requirements as an EU business than you'd be ok (but i'm not a lawyer, so don't take my advice) :)
20:24<HoopyCat>jvaughan: you'd probably need to check with the necessary agency in your country and/or your legal counsel to determine what sort of paperwork or whatnot you might need to meet their requirements
20:24<path>i suppose if you want to be 100% certain you may need a lawyer :(
20:24<straterra>hire me
20:24<path>HoopyCat: i don't know how you twitter
20:24<straterra>i can tell you
20:25<jvaughan>makes sense, thanks all
20:26<HoopyCat>jvaughan: so, in theory, if you're OK, and linode's OK, then it should be OK. but this is the EU we're talking about...
20:27<HoopyCat>path: it takes a tough man to make a tender twitter
20:27<path>it's just a good think you aren't limited to 160 chars on irc.
20:27<HoopyCat>path: i should be :-(
20:28-!-auzigog [] has joined #linode
20:28-!-brainproxy [] has quit [Ping timeout: 480 seconds]
20:33-!-J-Node [] has quit [Ping timeout: 480 seconds]
20:36-!-brainproxy [] has joined #linode
20:38-!-J-Node [] has joined #linode
20:43-!-orudie [] has quit [Quit: Leaving]
20:44<amitz>path: but many people send message in IRC as if there is a 160 char limit :-)
20:45-!-DephNet[Paul] [~paul@] has quit [Quit: Leaving]
20:45<BarkerJr>tis the twitter era
20:45<slact>HoopyCat: nevermind, it seems like I might've been using too bleeding-edge a kernel or somesuch. all's well with
20:47<amitz>BarkerJr: That means I'm an old guy. I just started actively using IRC recently and has never tried twitter before.
20:48<BarkerJr>same here, except I've been using irc for 12 years
20:48<BarkerJr>almost half my life!
20:49<linbot>New news from forums: iso sysadmin help in General Discussion <>
20:51<amitz>s/IRC/IRC in a useful manner/
20:51<amitz>first time used is around 14 years ago.
20:52<amitz>argh,screw grammar.
20:52<BarkerJr>is it your nap time, old guy?
20:53<amitz>I gotta sleep again. My back is killing me.
20:53<amitz>I blamed my arthritis fingers for grammatical errors.
20:53<BarkerJr>how the heck did you make resolve to ?
20:53<amitz>changing reverse dns setting.
20:54<BarkerJr>I didn't know you could set it to an IP
20:54<amitz>I didn't either when I did that..
20:55<BarkerJr>is it legal?
20:55-!-Elton08160 [] has joined #linode
20:56-!-Elton08160 [] has quit [Read error: Connection reset by peer]
20:57-!-Mathew [] has joined #linode
20:57-!-bda_ [] has left #linode []
20:57-!-jhford [] has quit [Quit: jhford]
20:59-!-Elton09147 [] has joined #linode
20:59-!-DrZipie [] has quit [Quit: DrZipie]
20:59-!-TheJoe is now known as TheJoe|ZzZz
21:04-!-libervisco [] has quit [Remote host closed the connection]
21:05<@irgeek>Arch is weird.
21:05-!-libervisco [] has joined #linode
21:14-!-[1]J-Node [] has joined #linode
21:15-!-DephNet[Paul] [] has joined #linode
21:16<straterra>Fedora is weird too
21:17-!-Elton09147 [] has quit [Read error: Connection reset by peer]
21:19-!-J-Node [] has quit [Ping timeout: 480 seconds]
21:19-!-[1]J-Node is now known as J-Node
21:20-!-Kyhwana [~kvirc@2001:4428:20d::4] has joined #linode
21:21-!-jcn [] has quit [Ping timeout: 480 seconds]
21:22<erikh>caker: heading out for the night, I just wanted to thank you again. You really made my day.
21:22<@caker>um, ok :)
21:22<@caker>glad I could help...
21:23<@caker>we'll get it straightened out - thanks for being patient and providing assistance getting it fixed
21:28-!-BarkerJr [] has quit [Quit: "If everyone is thinking alike, then someone isn’t thinking." - General George S. Patton]
21:30-!-litwol|mac [~litwol|ma@] has quit [Remote host closed the connection]
21:30-!-Elton06528 [] has joined #linode
21:31-!-litwol|mac [~litwol|ma@] has joined #linode
21:37-!-arooni-mobile [] has joined #linode
21:37-!-hpj [] has quit [Read error: No route to host]
21:37-!-hpj [] has joined #linode
21:46-!-EAS [] has quit [Ping timeout: 480 seconds]
21:47-!-Elton06528 [] has quit [Read error: Connection reset by peer]
21:48<amitz>SelfishMan: illegal? I know it's frown upon but illegal?
21:48<Nivex>"illegal" in the sense that it violates the laws of DNS, notsomuch the laws of man
21:51<amitz>Nivex: oh, I see.
21:53-!-libervisco [] has quit [Quit: Leaving]
21:54-!-LordMetroid [] has quit [Quit: Leaving]
21:57<amitz>I have read the wikipedia entry on reverse dns. Is there any harm caused to others if I set an IP address as a reverse DNS entry. And yeah, there seems to be some harms to myself :-)
21:57<HoopyCat>laws of dns > laws of god > laws of man
21:58<Nivex>laws of urmom > *
21:58<bd_>amitz: I don't believe linode will allow you to have an IP as rDNS
21:58<bd_>anyway just remove your PTR entry if you want to be known only by an IP
21:58<amitz>We seem to pray to different gods :-)
21:58-!-Mathew [] has quit [Quit: Leaving]
21:59<HoopyCat>as long as the IP has an A record pointing at your IP, it should be fine eh!
21:59<amitz>dns = urmom = weak gods
21:59<bd_>Step 1: Purchase a .207 TLD
21:59<bd_>Step 2: ???
21:59<bd_>Step 3: PROFIT!
22:00<amitz>bd_: I have tried deleting the rDNS entry in linode dashboard but it insisted me to write down something.
22:00<bd_>amitz: Yep. Linode won't let you remove it entirely. Sorry :)
22:00<bd_>You can try asking if they'll remove it in a ticket. They might not though.
22:00<@caker>yes you can -- set it to the IP address
22:00<bd_>is this documented? :)
22:00<@caker>hell no.
22:01<bd_>!skynet how do I remove my rDNS
22:01<linbot>bd_: I'm afraid I can't do that
22:01<Nivex>heh, not "no" but "hell no"
22:01<bd_>caker: That evil, eh? :)
22:02<amitz>oh, yeah! IIRC, I have some problems that is eventually solved by that method.
22:02<amitz>but now that I think about it, what kind of problem was that...
22:05-!-cpg [] has quit [Quit: cpg]
22:07-!-jhford [] has joined #linode
22:08-!-arooni-mobile [] has quit [Read error: Operation timed out]
22:16-!-r3z [] has quit [Quit: Leaving]
22:19-!-Harry_Mudd [] has joined #linode
22:36-!-litwol|m_ [~litwol|ma@] has joined #linode
22:39-!-kelvinq [] has joined #linode
22:42-!-litwol|mac [~litwol|ma@] has quit [Read error: Operation timed out]
22:44-!-kelvinq [] has quit [Quit: kelvinq]
22:47-!-EAS [] has joined #linode
22:47-!-rickbradley [] has joined #linode
22:48<rickbradley>is there a test mode for working with the linode API?
22:49<@jed>rickbradley: yes, join #linode-api
22:49<rickbradley>cool, thx
22:51-!-litwol|m_ [~litwol|ma@] has quit [Remote host closed the connection]
22:52-!-litwol|mac [~litwol|ma@] has joined #linode
22:58-!-brainproxy [] has quit [Remote host closed the connection]
22:59-!-brainproxy [] has joined #linode
23:01-!-auzigog [] has quit [Quit: Leaving.]
23:02-!-megatron27 [~firdaus@] has joined #linode
23:05-!-heuheu [] has joined #linode
23:21-!-szabo [] has quit [Quit: Leaving.]
23:22-!-EAS [] has quit [Read error: Connection reset by peer]
23:23-!-EAS [] has joined #linode
23:29-!-JoeK [] has quit [Quit: O_O.]
23:29-!-JoeK [] has joined #linode
23:33-!-megatron27 [~firdaus@] has quit [Quit: Ex-Chat]
23:33-!-kupesoft [] has joined #linode
23:45-!-EAS_ [] has joined #linode
23:45-!-Digitalirony [~eric@] has quit [Quit: Leaving.]
23:51-!-EAS [] has quit [Ping timeout: 480 seconds]
23:56-!-[1]J-Node [] has joined #linode
23:57-!-SDjernes [] has joined #linode
23:58-!-SDjernes [] has left #linode []
23:58<straterra>Sweet..wrong key
23:59-!-VS_ChanLog [] has left #linode [Rotating Logs]
23:59-!-VS_ChanLog [] has joined #linode
---Logclosed Wed Aug 05 00:00:03 2009