Re: RFC2228-only FTP ?
>If you need transparent FTP encryption, you may look at SafeTP >http://safetp.cs.berkeley.edu/ We used that for a year or so. About a third of the users were able to make it work. The rest of them couldn't install the proxy properly, or had firewall problems or something. The ones who did get it working complained of performance problems. And no Macintosh support. Safe-TP is not transparent. What we need is the standard RFC2228 FTP with security extensions that most commercial Web hosts offer. It's a disappointment that woody doesn't have it. Cameron -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
Re: Hot-backup a complete Debian install
Hi, I might be (and probably am) missing something, but wouldn't rsync (over ssh) work? Steve On Wed, Oct 01, 2003 at 01:00:20AM +0200, Roman Medina wrote: > > Hi, > > I'd like to know which tools&methods do you prefer for backing up a > complete Linux install _in a production environment_, i.e., _without > having to shut down the machine or unmount partitions_. The machine > needs to be always alive and it will be remotely administered. > > I'd like to hear your opinion about the following idea. > 1) I have LVM + ext3, with a distribution like: > linux:~# mount > /dev/hda3 on / type ext3 (rw,errors=remount-ro) > proc on /proc type proc (rw) > devpts on /dev/pts type devpts (rw,gid=5,mode=620) > /dev/rs/usr on /usr type ext3 (rw,nodev) > /dev/rs/var on /var type ext3 (rw,nodev,usrquota) > /dev/rs/tmp on /tmp type ext3 (rw,nosuid,nodev,usrquota) > /dev/rs/www on /www type ext3 (rw,nosuid,nodev,usrquota) > /dev/rs/ftp on /ftp type ext3 (rw,nosuid,nodev,usrquota) > /dev/rs/mail on /mail type ext3 (rw,nosuid,nodev,usrquota) > /dev/hda2 on /boot type ext3 (rw) > rs-hosting:~# > > 2) Root and boot partitions are not LVM based, but they're quite > static, since data and logs are stored in other partitions. Is it safe > to use "dump" here (keeping the partition mounted)? > > 3) All the "dynamic" partitions are LVM-based, so the idea is taking > one snapshot of each partition and use "dump" util over the snapshot? > Is it a good idea? Would it work? > > Please, I'd like to receive comments / another ideas on this issue. > Thanks. > > Saludos, > --Roman > > -- > PGP Fingerprint: > 09BB EFCD 21ED 4E79 25FB 29E1 E47F 8A7D EAD5 6742 > [Key ID: 0xEAD56742. Available at KeyServ] > > > -- > To UNSUBSCRIBE, email to [EMAIL PROTECTED] > with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED] -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
Postfix+mysql delivery problem.
I've come to my end, after a few days of bashing around with postfix, I come to the conclusion that what I want to do can't really be done. Heres the senario. I have a database, which stores only 'username' in mysql, which I would like postfix to query for, if it exists then deliver to /home/$user/Maildir. Now this is fine if theres a system user as well (delivery method local:). As soon as I change it to virtual:, it requires the full email address in mysql, and I can't change it. The domain part is irrelivent, as [EMAIL PROTECTED] and [EMAIL PROTECTED] are the same anyway, I basically just want postfix to store the 'system' users in mysql. The relivant parts of my config are as follows; [-snip-] setgid_group = postdrop require_home_directory = no myhostname = dreams.isx.com.au mydestination = $myhostname, localhost.isx.com.au, isx.com.au home_mailbox = Maildir/ alias_maps = mysql:/etc/postfix/mysql-aliases.cf transport_maps = mysql:/etc/postfix/transport.cf virtual_mailbox_maps = mysql:/etc/postfix/mysql_virtual_mailbox_maps.cf virtual_uid_maps = static:1000 virtual_gid_maps = static:1000 virtual_mailbox_base = /home virtual_mailbox_limit = 33554432 local_recipient_maps = $alias_maps $virtual_mailbox_maps unix:passwd.byname alias_maps = hash:/etc/aliases alias_database = hash:/etc/aliases virtual_maps = hash:/etc/postfix/virtual mynetworks = 127.0.0.1/8, hash:/var/lib/pop-before-smtp/hosts content_filter = smtp-amavis:[127.0.0.1]:10024 smtpd_recipient_restrictions = check_recipient_access hash:/etc/postfix/access_recipient, check_sender_access hash:/etc/postfix/access, permit_mynetworks, reject_unauth_destination, reject_invalid_hostname, reject_unknown_recipient_domain, reject_unauth_pipelining, reject_non_fqdn_sender, reject_unknown_sender_domain, reject_non_fqdn_recipient, reject_unknown_recipient_domain [-/snip-] and from mysql, mysql> select * from transport; +---+---+ | domain| transport | +---+---+ | dreams.isx.com.au | virtual: | <-- changing to local works 99% how I'd like it, but still requires a /etc/passwd user And this is my user line, (when set to local:), which works great. 5558 Query select "Maildir/" from user_info where username = 'brad' Does anybody have any ideas on what I could have done wrong? I really can't modify the database at all to change to a [EMAIL PROTECTED] format, and theres more than 1 domain that users have access to, so this really doesn't suit anyway. Any help would be really appreciated. Regards, Brad Lay ([EMAIL PROTECTED]) System Administrator P) +61 7 3855 2233 H) http://www.isx.com.au -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
Hot-backup a complete Debian install
Hi, I'd like to know which tools&methods do you prefer for backing up a complete Linux install _in a production environment_, i.e., _without having to shut down the machine or unmount partitions_. The machine needs to be always alive and it will be remotely administered. I'd like to hear your opinion about the following idea. 1) I have LVM + ext3, with a distribution like: linux:~# mount /dev/hda3 on / type ext3 (rw,errors=remount-ro) proc on /proc type proc (rw) devpts on /dev/pts type devpts (rw,gid=5,mode=620) /dev/rs/usr on /usr type ext3 (rw,nodev) /dev/rs/var on /var type ext3 (rw,nodev,usrquota) /dev/rs/tmp on /tmp type ext3 (rw,nosuid,nodev,usrquota) /dev/rs/www on /www type ext3 (rw,nosuid,nodev,usrquota) /dev/rs/ftp on /ftp type ext3 (rw,nosuid,nodev,usrquota) /dev/rs/mail on /mail type ext3 (rw,nosuid,nodev,usrquota) /dev/hda2 on /boot type ext3 (rw) rs-hosting:~# 2) Root and boot partitions are not LVM based, but they're quite static, since data and logs are stored in other partitions. Is it safe to use "dump" here (keeping the partition mounted)? 3) All the "dynamic" partitions are LVM-based, so the idea is taking one snapshot of each partition and use "dump" util over the snapshot? Is it a good idea? Would it work? Please, I'd like to receive comments / another ideas on this issue. Thanks. Saludos, --Roman -- PGP Fingerprint: 09BB EFCD 21ED 4E79 25FB 29E1 E47F 8A7D EAD5 6742 [Key ID: 0xEAD56742. Available at KeyServ] -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
Re: Lazy Apache with domains
On Tue, Sep 30, 2003 at 10:25:47PM +0200, David Zejda wrote: > I have a machine with NIC, but not connected to network yet. > In etc/hosts there is a record "127.0.0.1 localhost mydomain.com" Try: 127.0.0.1 localhost 127.0.0.1 mydomain.com Marcin -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
Re: Lazy Apache with domains
It's OK now - there was only a typo in /etc/resolv.conf. David > I have a machine with NIC, but not connected to network yet. > In etc/hosts there is a record "127.0.0.1 localhost mydomain.com" > "lynx 127.0.0.1" performs normally but "lynx localhost" says something > like "looking up localhost" for a 5s and than > "localhost" for next 5s before finally (after 10s) showing page. It does the > same > mischief for "lynx mydomain.com". It doesn't matter whether domain is set as > a > VirtualHost or not. > What should I check, please? > > Thanks > David -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
Lazy Apache with domains
I have a machine with NIC, but not connected to network yet. In etc/hosts there is a record "127.0.0.1 localhost mydomain.com" "lynx 127.0.0.1" performs normally but "lynx localhost" says something like "looking up localhost" for a 5s and than "localhost" for next 5s before finally (after 10s) showing page. It does the same mischief for "lynx mydomain.com". It doesn't matter whether domain is set as a VirtualHost or not. What should I check, please? Thanks David -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
Re: removabale caddies
>information regarding the removable caddies? > > I am interested for information, specs, and esp uses and suppliers. IS --- Here's a bit recycled from something I did for a youth center Dunno if it works for you in Oz. Google is my only connection with the vendor. --- Hard drive drawers and caddies. These allow to quickly swap hard drives without tools or futzing with jumpers. The more expensive models let you swap hard drives in and out while the computer is running. The benefits that removable hard drives solve are: 1) Most of the benefit of several completely different computer setups at the cost of several hard drives. 2) Simpler disc imaging. If a computer setup is bad you can pull the hard drive, replace it with one from the shelf, stick the mis configured hard drive into an 'imaging' station and restore it and put it on the shelf. These are the ones I've used for a couple years. I've had a couple 5-6 recycled year old hard drives fail. (maybe because they were dropped on the floor) The keys tend to wear out, but since you get extra keys this isn't a big deal. http://www.provantage.com/buy-7STRP007-ata-66-100-plastic-hard-drive-drawer-w-fan-startech-computer-parts-ide66basic-shopping.htm This model is more expensive but perhaps more durable and certainly more stylish. http://www.provantage.com/buy-7STRP071-startech-computer-parts-black-removable-ide-drive-drawer-rugged-w-shock-absorbers-drw113atabk-shopping.htm This model is made of metal instead of plastic and is probably more durable still. However, I wouldn't use the hot swapping software. http://www.provantage.com/buy-7STRP06Y-startech-computer-parts-black-aluminum-ide-drive-drawer-w-shock-absorbers-drw115atabk-shopping.htm -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
Re: RFC2228-only FTP ?
Maybe I'm not getting this thread but why don't you use WebDAV over HTTPS? It seems to be supported in all the tools you mentioned. - Just my 2 cents. - Peter -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
Re: RIPE Autonomously System: Question?
On Mon, Sep 29, 2003 at 12:01:29AM +0300, kgb wrote: > On Sun, 2003-09-28 at 23:40, Jonathan McDowell wrote: > > Yes and i thing that, do you know with mine architecture how traffic can > shift my PC without problem? And with more stronger PC architecture can > shift more traffic is that right? I mean zebra don't have problem with > big traffic if pc architecture is good? At some point, you hit the PC's architecture limitations, particularly on the PCI bus. Two main problems : latency and bandwidth. If you're talking about a few hundred Mbits, you should be ok with fairly standard hardware. If you're expecting full gigabit or more, it can get tricky. You should consider specialized hardware. Note that it has nothing to do with Zebra. The problem at stake here is packet routing/forwarding inside the kernel, and the kernel/hardware architecture limits. Zebra is just there to maintain the kernel routing table by using various (in your case, probably BGP) routing protocols. -- Nicolas Bougues Axialys Interactive -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
Re: Postfix: Multiple recipients alias?
thanks for the tip! i've tried mailman and it's really easy.. so i'm going for this one, thanks! regards, -rodi. On Mon, 2003-09-29 at 16:39, mimo wrote: > The best thing to do is set up a mailing list - e.g. mailman. It's > easy to maintain and takes care of spoofing when you set it to allow > subscribers only to post. We are only ~7 people in our company - still > it makes sense for us to use mailman instead of a list in postfix. > > Hope this helps. > > Michael > > R.M. Evers wrote: > > Thank you all for your input. The method described in the e-mails from > > the postfix user list (links below) seems to work. The only disadvantage > > seems to be, that the method is vulnerable for sender-spoofing.. So > > creating a virtual like '[EMAIL PROTECTED]' will be out of the > > question.. :-) > > > > Thanks again, > > > > -Rodi > > > > On Fri, 2003-09-26 at 23:17, Christian Kurz wrote: > > > > > On [26/09/03 13:40], R.M. Evers wrote: > > > > > > > Hi, > > > > > > > > This could be a stupid question, but I'm trying to accomplish the > > > > following: > > > > > > > > In our company, we run a Debian mailserver with Postfix. The server runs > > > > a lot of accounts and virtual domains for our customers, but also for > > > > our own employees. Now, what i want to do, is make some sort of alias > > > > for our employees, so that they can send an e-mail to, for example > > > > "[EMAIL PROTECTED]", which would deliver to all of our > > > > mailboxes. But, I only want this alias to be available for our own > > > > employees. Not for the outside world, of course.. > > > > > > > > Would this be possible? > > > > > > > I'm not sure since I never tested it, but I think using > > > smtpd_restriction_classes might help with this. Take a look at the > > > following e-Mails from the postfix user list: > > > > > > http://archives.neohapsis.com/archives/postfix/2000-02/0819.html > > > http://archives.neohapsis.com/archives/postfix/1999-q4/1617.html > > > > > > Christian > > > > > > > -- Met vriendelijke groet / Kind regards, Rodi Evers ([EMAIL PROTECTED]) HBH Automatisering B.V. Koningslaan 30, 1075 AD Amsterdam, The Netherlands. Phone : +31 20 662 41 45 Fax: +31 20 676 44 78 -- -- De informatie verzonden met dit e-mail bericht is uitsluitend bestemd voor de geadresseerde. Gebruik van deze informatie door anderen dan de geadresseerde is verboden. Openbaarmaking, vermenigvuldiging, verspreiding en/of verstrekking van deze informatie aan derden is niet toegestaan. Horlings, Brouwer & Horlings staat niet in voor de juiste en volledige overbrenging van de inhoud van een verzonden e-mail, noch voor tijdige ontvangst daarvan. Website: http://www.hbh-it.nl/ -- -- The information contained in this communication is confidential and may be legally privileged. It is intented solely for the use of the individual orentity to whom it is addressed and others authorised to receive it. If you are not the intended recipient you are hereby notified that any disclosure, copying, distribution or taking any action in reliance on the contents of this information is strictly prohibited and may be unlawful. Horlings, Brouwer & Horlings is neither liable for the proper and complete transmission of the information contained in this communication nor for any delay in its receipt. Website: http://www.hbh-it.nl/ -- -- -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
Re: Gated vs Zebra
As an interesting aside, here is why Quagga is a apt name for a fork of Zebra: http://www.museums.org.za/sam/quagga/quagga.htm Cheers, Fred. On Mon, 2003-09-29 at 10:40, Stephane Bortzmeyer wrote: > On Mon, Sep 29, 2003 at 12:29:58AM +0300, > kgb <[EMAIL PROTECTED]> wrote > a message of 39 lines which said: > > > Which software is more good Gated or Zebra? > > Gated is non-free and non-maintained. Zebra is free but no longer > maintained. Use Quagga. Or start with Zebra if you don't want to run > sid, it will be easy to switch to Quagga after that. -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]