Re: FTP Server Review
On Fre, 06 Sep 2002, Alan Graham wrote: Greetings I am about to install an ftp server and was wondering if there are any recent reviews I could be pointed to to help in choosing the best package. Requirements are pretty simple - @ 100 users - secure - easy to administer - decent logging - ability to tapdance... thanks AG -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED] Are there any others than proftpd? Works fine here. Has nice mysql-connection. Only the docu (for mysql) is a shame. Florian -- -- Florian Bantner AXON-E interaktive medien Tel. +49-941-599 854 4 Fax. +49-941-599 854 1 Mail [EMAIL PROTECTED] Key http://www.axon-e.de/gpg/f.bantner.key 1191 0C87 D9DB 3217 ABBA 5223 6D74 AB19 5C9D FC49 --
Boarding SuSE with Debian
Ahoy friendly Debian fellows, my mission is following: Have rented a cheap server from an cheap hoster for a customer of ours. Only drawback: It is running suse linux. Since the provider is so cheap, he tells us: Do with the server what you want. And so I want Debian to take over. The problem: 1. No access to neither floppy nor cd-rom 2. Only service I get is pressing the reset button 3. The other service is to reinstall base suse- installation if the server fails to come up. This will cost me 70 EUR/USD What is the best way to get Debian on this box? And how can I avoid the reboot-fail-reinstall-pay-tray again trap? with kind regards Florian -- -- Florian Bantner AXON-E interaktive medien Tel. +49-941-599 854 4 Fax. +49-941-599 854 1 Mail [EMAIL PROTECTED] Key http://www.axon-e.de/gpg/f.bantner.key 1191 0C87 D9DB 3217 ABBA 5223 6D74 AB19 5C9D FC49 --
Re: Boarding SuSE with Debian
On Mit, 07 Aug 2002, Marcin Sochacki wrote: On Wed, Aug 07, 2002 at 07:55:26PM +0200, Florian Bantner wrote: my mission is following: Have rented a cheap server from an cheap hoster for a customer of ours. Only drawback: It is running suse linux. Since the provider is so cheap, he tells us: Do with the server what you want. And so I want Debian to take over. The problem: 1. No access to neither floppy nor cd-rom 2. Only service I get is pressing the reset button 3. The other service is to reinstall base suse- installation if the server fails to come up. This will cost me 70 EUR/USD What is the best way to get Debian on this box? And how can I avoid the reboot-fail-reinstall-pay-tray again trap? If the machine has a secondary HDD or unused partition, or at least two partitions, you can install Debian parallel to the existing SuSE. 1. Install a minimal Debian system on some local box. Remember to set everything (kernel modules, IP address, etc.) just as you would do on the server. 2. tar.gz the whole installation into one big archive (ommiting /proc). 3. Copy the archive to the server. 4. Create a new filesystem on spare partition/disk (or if SuSE already occupies several partitions move the data, so that one of the partitions is free). 5. Untar the archive to the fresh filesystem. 6. Correct the entries in Debian's /etc/fstab to match those on remote server. 7. In SuSE's lilo.conf add a section with Debian's boot and set it as default (but still leave SuSE section). 8. Make sure you have prompt and timeout options in lilo.conf. 9. Run lilo. 10. Examine the Debian setup carefully, again. 11. Reboot the machine. 12. Pray/drink a coffee while pinging the machine. 13. If it comes up -- you have a Debian system and gradually you can remove SuSE. 14. If it doesn't come up -- ask the ISP to go to the console, reset the machine and choose SuSE at lilo prompt. I hope they can do it for free. Some caveats: /proc filesystem, swap partition, lilo, fstab, sshd/telnetd. Good luck! Marcin -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED] Thanks for the answer (to the other, too), but still there are two points: 1. Only one big partition (30GB) mountet as / 2. Noone will go to the terminal for me, which means either it comes up or -- hello again plain SuSE, goodbye 70.- Best regards Florian -- -- Florian Bantner AXON-E interaktive medien Tel. +49-941-599 854 4 Fax. +49-941-599 854 1 Mail [EMAIL PROTECTED] Key http://www.axon-e.de/gpg/f.bantner.key 1191 0C87 D9DB 3217 ABBA 5223 6D74 AB19 5C9D FC49 --
Re: central authentication with LDAP
On Mon, 28 Jan 2002, Patrick Hsieh wrote: Hello list, I just installed openldap and make my own address book on it. Now I'd like to make my Debian GNU/Linux login and authenticate from the LDAP server, where should I begin? I installed libpam-ldap, is it all I have to install? Is there any toturial or howto talking about this deployment? Any ideas highly appreciated. Depends. I did so recently with potatoe. What I had to do: 1. Create your directory-structure in a way which best fits your needs. 2a. Create the user-entries according to posixAccount- and shadowAccount-scheme I wasn't able to find the schema definition for openldap1.2 so I had to create it manual from the schema which comes with openldap2. 2b. Create group-entries according to posixGroup Perhaps it is possible to combine them in one entry since debian uses the same number for uid, gid of one person. I'm currently trying this and it seems to work. 3. Install libpamldap libnssldap nss is a complete replacement for all programs' access to the user-database. It should be possible to run a system with users in ldap without the pam_ldap module. when nsswitch is configured all requests to pam_unix go to ldap anyway. QUESTION: For what exactly do I need the pam_ldap module? 4. setup libpam (pam_ldap.conf) to access your ldap-server 5. setup the programs' confs in /etc/pam.d/ e.g. for su (which I used for testing) auth sufficient pam_rootok.so auth sufficient pam_ldap.so auth required pam_unix.so use_first_pass accountsufficient pam_ldap.so accountrequired pam_unix.so sessionrequired pam_unix.so 6. setup libnss-ldap.conf to access your ldap-server 7. setup nsswitch.conf to use the libnss-ldap module e.g. passwd: compat ldap group: compat ldap shadow: compat ldap 8. Cross fingers. Push the button. Hope that helps, Florian -- -- Florian Bantner AXON-E Interaktive Medien Tel. +49-941-599 854 4 Fax. +49-941-599 854 1 Mail [EMAIL PROTECTED] Key http://www.axon-e.de/gpg/f.bantner.key 1191 0C87 D9DB 3217 ABBA 5223 6D74 AB19 5C9D FC49 -- -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
Re: Rsync
On Sam, 26 Jan 2002, Peter Billson wrote: Hey *, I just applied the security fix to rsync and now it is dumping core. Before I report this as a bug, I thought I'd check to see if anyone else is having trouble. Right. Here too. I did contact debian-security. But until now I couldn't figure out what the concrete circumstances are. Some files/servers? seem to work, others do not. Perhaps the maintainer wants to know? Florian -- -- Florian Bantner AXON-E Interaktive Medien Tel. +49-941-599 854 4 Fax. +49-941-599 854 1 Mail [EMAIL PROTECTED] Key http://www.axon-e.de/gpg/f.bantner.key 1191 0C87 D9DB 3217 ABBA 5223 6D74 AB19 5C9D FC49 -- -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
Re: EXIM, LDAP and some pop3 stuff?
On Sam, 12 Jan 2002, Kevin Littlejohn wrote: Seems to me so, too. I wonder if this problem is so far of that there are no 'standard' ways of doing it. Every MTA has it's way, every IMAP/POP3 MDA has it's own way - where mta1 only works with mda2 and mta3 only with mda1. Worst of all the IMAP server who promote their own protocol and see LDAP as its disabled stepbrother. But I think this is an inherent UNIX / LDAP problem. LDAP seems a very powerful tool doing for UNIX everything the 'Regestry' has done for windows - and more. Whats missing here is some standardized way of how to do it. Got a little of topic, sorry. Look to using pam for pop3 passwords, and configure pam to use ldap. That's the most likely way to make it work. KJL On Sat, 2002-01-12 at 10:47, Florian Bantner wrote: Seems I'm really to stupid to find my piece of information by myself, but: First things first. I'm switching to doing mail-handling with LDAP in order to get rid of the 'dead' users in my passwd. Configuring EXIM with LDAP should just work fine. Enter the users in LDAP under some domain-branches, let exim look there for it's delivery and put mail under /var/mail/domain/user. Here we go. Problem is now: How to get the mail delivered to the users via pop3. None of the pop3-daemons I managed to find supports LDAP by heart even if it seems so simple: Lookup user/pass in LDAP, find mail-directory and deliver. Am I looking at the wrong place? btw. using potato. Regards, Florian Bantner -- -- Florian Bantner AXON-E Interaktive Medien Tel. +49-941-599 854 4 Fax. +49-941-599 854 1 Mail [EMAIL PROTECTED] Key http://www.axon-e.de/gpg/f.bantner.key 1191 0C87 D9DB 3217 ABBA 5223 6D74 AB19 5C9D FC49 -- -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
Re: EXIM, LDAP and some pop3 stuff?
On Sam, 12 Jan 2002, Peter Billson wrote: But I think this is an inherent UNIX / LDAP problem. LDAP seems a very powerful tool doing for UNIX everything the 'Regestry' has done for windows - and more. Whats missing here is some standardized way of how to do it. Now there is something to strive for. One monolithic, incomprehensible mess that will cause your entire system to stop functioning if one byte is out of order. If using a Windows-like registry is fixing it, I'll keep the *nix's broken method, thank you. Sorry when I offended you. But I think you intentionally missunderstood me. I'm definitively not trying and/or looking forward to using the windows-registry under linux. Hell, I don't whant a crippled system, too, and I was very happy when I got rid of it. But lets face it: Before Windows introduced the Reg it had (feel its unix-like or not) configuration information scattered around the system. It wasn't even (really) possible to store per-user information where you could find it again. How did you get system-configuration from one system to another? How did you make a backup of all your configs? For Windows-Terms the Registry was a big step. Nevertheless, the Regestry was a way against the windows problems. (and not the worst one). Using it for unix-problems is like putting a car trailer in order to extend the capacity of a freighter. What I'm looking for is a way to tidy up the freighter a little. For example: I'm dealing with many apaches on different hosts and different configurations. Why shouldn't it be possible to store all of the apaches configuration (and not only the auth-info) in one centralized configuration? Add the interface-/dns-configuration and I could easily move one web-presenz from one host to another. It is true: Even now this is possible using some fancy shell-scrips and generating configs etc. from ldap-information. But: Everyone who would want to do so, would invent it by its own. What a silly concept, hundreds of people inventing one and the same system to store config-information in (not exactly, but nearly) the same way in the directory. And configuring apache is only one thing. Imaging nearly every service you have running on more than one server. Add distributed user-configuration for client-management. Add backup- and fail-over capabilities. Use it to remote-control distant-hosts. What I want is to have here some standart-way of doing it. Perhaps a rfc or a 'ldap standartization project' equivalent to the linux file-system standardization. What you get is an easy way of system (which is indeed different from service) configuration, and that in nearly no time. Again: I don't what to copy windows-errors. I want to improve. Regards, Florian -- -- Florian Bantner AXON-E Interaktive Medien Tel. +49-941-599 854 4 Fax. +49-941-599 854 1 Mail [EMAIL PROTECTED] Key http://www.axon-e.de/gpg/f.bantner.key 1191 0C87 D9DB 3217 ABBA 5223 6D74 AB19 5C9D FC49 -- -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
Re: EXIM, LDAP and some pop3 stuff?
On Sam, 12 Jan 2002, Kevin Littlejohn wrote: Seems to me so, too. I wonder if this problem is so far of that there are no 'standard' ways of doing it. Every MTA has it's way, every IMAP/POP3 MDA has it's own way - where mta1 only works with mda2 and mta3 only with mda1. Worst of all the IMAP server who promote their own protocol and see LDAP as its disabled stepbrother. But I think this is an inherent UNIX / LDAP problem. LDAP seems a very powerful tool doing for UNIX everything the 'Regestry' has done for windows - and more. Whats missing here is some standardized way of how to do it. Got a little of topic, sorry. Look to using pam for pop3 passwords, and configure pam to use ldap. That's the most likely way to make it work. KJL On Sat, 2002-01-12 at 10:47, Florian Bantner wrote: Seems I'm really to stupid to find my piece of information by myself, but: First things first. I'm switching to doing mail-handling with LDAP in order to get rid of the 'dead' users in my passwd. Configuring EXIM with LDAP should just work fine. Enter the users in LDAP under some domain-branches, let exim look there for it's delivery and put mail under /var/mail/domain/user. Here we go. Problem is now: How to get the mail delivered to the users via pop3. None of the pop3-daemons I managed to find supports LDAP by heart even if it seems so simple: Lookup user/pass in LDAP, find mail-directory and deliver. Am I looking at the wrong place? btw. using potato. Regards, Florian Bantner -- -- Florian Bantner AXON-E Interaktive Medien Tel. +49-941-599 854 4 Fax. +49-941-599 854 1 Mail [EMAIL PROTECTED] Key http://www.axon-e.de/gpg/f.bantner.key 1191 0C87 D9DB 3217 ABBA 5223 6D74 AB19 5C9D FC49 --
Re: EXIM, LDAP and some pop3 stuff?
On Sam, 12 Jan 2002, Peter Billson wrote: But I think this is an inherent UNIX / LDAP problem. LDAP seems a very powerful tool doing for UNIX everything the 'Regestry' has done for windows - and more. Whats missing here is some standardized way of how to do it. Now there is something to strive for. One monolithic, incomprehensible mess that will cause your entire system to stop functioning if one byte is out of order. If using a Windows-like registry is fixing it, I'll keep the *nix's broken method, thank you. Sorry when I offended you. But I think you intentionally missunderstood me. I'm definitively not trying and/or looking forward to using the windows-registry under linux. Hell, I don't whant a crippled system, too, and I was very happy when I got rid of it. But lets face it: Before Windows introduced the Reg it had (feel its unix-like or not) configuration information scattered around the system. It wasn't even (really) possible to store per-user information where you could find it again. How did you get system-configuration from one system to another? How did you make a backup of all your configs? For Windows-Terms the Registry was a big step. Nevertheless, the Regestry was a way against the windows problems. (and not the worst one). Using it for unix-problems is like putting a car trailer in order to extend the capacity of a freighter. What I'm looking for is a way to tidy up the freighter a little. For example: I'm dealing with many apaches on different hosts and different configurations. Why shouldn't it be possible to store all of the apaches configuration (and not only the auth-info) in one centralized configuration? Add the interface-/dns-configuration and I could easily move one web-presenz from one host to another. It is true: Even now this is possible using some fancy shell-scrips and generating configs etc. from ldap-information. But: Everyone who would want to do so, would invent it by its own. What a silly concept, hundreds of people inventing one and the same system to store config-information in (not exactly, but nearly) the same way in the directory. And configuring apache is only one thing. Imaging nearly every service you have running on more than one server. Add distributed user-configuration for client-management. Add backup- and fail-over capabilities. Use it to remote-control distant-hosts. What I want is to have here some standart-way of doing it. Perhaps a rfc or a 'ldap standartization project' equivalent to the linux file-system standardization. What you get is an easy way of system (which is indeed different from service) configuration, and that in nearly no time. Again: I don't what to copy windows-errors. I want to improve. Regards, Florian -- -- Florian Bantner AXON-E Interaktive Medien Tel. +49-941-599 854 4 Fax. +49-941-599 854 1 Mail [EMAIL PROTECTED] Key http://www.axon-e.de/gpg/f.bantner.key 1191 0C87 D9DB 3217 ABBA 5223 6D74 AB19 5C9D FC49 --
EXIM, LDAP and some pop3 stuff?
Seems I'm really to stupid to find my piece of information by myself, but: First things first. I'm switching to doing mail-handling with LDAP in order to get rid of the 'dead' users in my passwd. Configuring EXIM with LDAP should just work fine. Enter the users in LDAP under some domain-branches, let exim look there for it's delivery and put mail under /var/mail/domain/user. Here we go. Problem is now: How to get the mail delivered to the users via pop3. None of the pop3-daemons I managed to find supports LDAP by heart even if it seems so simple: Lookup user/pass in LDAP, find mail-directory and deliver. Am I looking at the wrong place? btw. using potato. Regards, Florian Bantner -- -- Florian Bantner AXON-E Interaktive Medien Tel. +49-941-599 854 4 Fax. +49-941-599 854 1 Mail [EMAIL PROTECTED] Key http://www.axon-e.de/gpg/f.bantner.key 1191 0C87 D9DB 3217 ABBA 5223 6D74 AB19 5C9D FC49 -- -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]