Re: Frontends to administer servers
On Thu, 2004-04-22 at 08:50, Markus Schabel wrote: I personally like the replication process and ldap _is_ optimized for search access. LDAP authentication and other things (mail aliases, ...) are pretty easy to implement in almost any software... Add kerberos to the mix and the single-sign on advantages blow a database backend out of the water. | Markus Schabel TGM - Die Schule der Technik www.tgm.ac.at | Cheers, lance -- Lance Levsen, Public Key at: gpg --keyserver wwwkeys.pgp.net --recv-keys 0xF2DA79C8 -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
Re: Frontends to administer servers
On Thu, 2004-04-22 at 08:50, Markus Schabel wrote: I personally like the replication process and ldap _is_ optimized for search access. LDAP authentication and other things (mail aliases, ...) are pretty easy to implement in almost any software... Add kerberos to the mix and the single-sign on advantages blow a database backend out of the water. | Markus Schabel TGM - Die Schule der Technik www.tgm.ac.at | Cheers, lance -- Lance Levsen, Public Key at: gpg --keyserver wwwkeys.pgp.net --recv-keys 0xF2DA79C8
Re: Bayes filter at ISPs
On Thu, 2004-02-19 at 06:09, Adam ENDRODI wrote: I suppose many of you use Bayesian spamfilters at the ISP level. I'd like to ask how do you teach it to separate ham and spam correctly? In particular, how do I select a representative set of ham and spam? Is it a good idea to deploy bogofilter for an entire organization at all? This will only help if you're users have login capabilities, but I use a cron that calls, I don't know if this is doable w/out login shells for the users. for i in `ls /home/`;do user=$(echo ${i} | awk -F/ '{print $1}'); su - ${user} -- sa-learn --spam /home/${user}/mail/spam; done; Obviously this is for spamassassin, but there must be a learning capability with bogofilter. It ensures that the user just has to throw their spam in ~/mail/spam and it updates their bayes db's. Then a standard .procmailrc in /etc/skel and all the users home dirs to check for headers. I find this is better then a global bayesian filter because with all of the users, the Bayesian filter tends to useless. I do use SA w/out bayesian filters at the top level though. thanks, adam Cheers, lance -- Lance Levsen, Catprint Computing Linux Systems and programming gpg --keyserver wwwkeys.pgp.net --recv-keys 0xF2DA79C8 signature.asc Description: This is a digitally signed message part
Re: manual update of apt database (was Best way to update perl on Woody Stable?)
other 10%, I download source and install. So, is there a way to manually update the apt database to tell it a package is installed. The reason I use Debian is because, for most of my Back to my original question. At this point, how do you tell apt that the package is installed. I assume I can find out by RTFM'ing, but since you suggested it, maybe you know. Rod The equivs deb. Nice little piece. I use it for telling Deb that my Sun 1.4 JDK Provides: java-compiler, java-virtual-machine, java2-runtime, java2-compiler. This makes all the java stuff that is required by the various debs go away. You can also use it to setup dependancy info. So if you know all the debs you need for x installation. Set it up, install and walk away. Come back and your server is installed. Course, for that I tend to prefer: $: dpkg --set-selections deb.txt dpkg --pending -i The only drag is that I don't run a local repository, so the package, in my case, lancejvm is listed as obsolete/local so you have to remember not to uninstall it. HTH. -- Lance Levsen, Catprint Computing Linux Systems and programming Ph:(306)477-3166 Fx:(306)477-3166 signature.asc Description: This is a digitally signed message part
Re: OT: Server side scripting languages comparison
the bigest problem with perl based solutions is ...perl. Perl is great provided a) you already know it well, b) you never need to fix it. Anyone new to scripting languages should probably not start on perl if they can help it. At first it will confuse and frustrate you, and eventualy render you indispensable as the only person in the company with half a chance of decrypting all the perl code you've written. Not wanting to start a language war... all popular languages are good and vise-versa... for their particular task. Everyone should learn them all. I'm not convinced anything big is perls particular task... but quick and dirty stuff...yeah. Heh, those are good comments for a language war. :) Even if you don't want to start it. Personally I like perl. It's way more robust then anything outside of the compiled languages. It's worth knowing because the applications for it are much more vast then PHP. I find php much like vbscript. Admittedly I stopped using it when it was version 3.x, so I don't know if 4.x is any better. In version 3.x my biggest problems was the lack of any design to enhance tiered or scalable development. If you want to build a db driven website then you were required to use db dependent functions. That truly sucks. The dbi concept in perl is much more mature. I can't speak about python, I know perl why would I need it? As Craig said, and I endorse, why bother learning a language ( ) suitable for web applications when for about the same effort you can learn a general purpose language that can be used for web applications, systems administration, any kind of data mangling, and other general scripting tasks? Cheers, -- Lance Levsen, Systems Administrator, PWGroup - Saskatoon
Re: mail-config?
What should I install to get mail to work? I have a small network: -1 debian gateway -2 debian boxes -4 Win98 PC (sorry, the kids are teached at school with word, excel etc.) Frank. I'd suggest Postfix/Courier IMAP. If you have the mail hosted elsewhere on an POP or IMAP server then add fetchmail to get the mail and dump it into postfix. The clients should be able to handle logging into your imap to use their mail. If you have mail directed to you then you'll probably have to setup DNS/Postfix/IMAP. I'd also suggest procmail just so each user can do what they want with their own mail delivery. Cheers, -- Lance Levsen, Systems Administrator, PWGroup - Saskatoon
Re: reverse proxying of ssl
On Wed, 2002-06-19 at 18:43, Lance Levsen wrote: Best case scenario is a single certificate authenticated to the proxy box, for external connections. Chances are I'll end up hoping that Squid 2.5 allows for multiple SSL certs on the same port so then I can ssl all the websites off the proxy. If you're lucky and all of the sites are in the same domain then you could use a wildcard certificate. Fraser That's doable and I never knew you could get *.x.xx certs. Thank you. Cheers, -- Lance Levsen, Systems Administrator, PWGroup - Saskatoon -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
Re: reverse proxying of ssl
On Wed, 2002-06-19 at 18:43, Lance Levsen wrote: Best case scenario is a single certificate authenticated to the proxy box, for external connections. Chances are I'll end up hoping that Squid 2.5 allows for multiple SSL certs on the same port so then I can ssl all the websites off the proxy. If you're lucky and all of the sites are in the same domain then you could use a wildcard certificate. Fraser That's doable and I never knew you could get *.x.xx certs. Thank you. Cheers, -- Lance Levsen, Systems Administrator, PWGroup - Saskatoon -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
Re: reverse proxying of ssl
I want this: ssl-certificate --fw-- apache (whatever) reverse proxy --client holding IIS Is this possible?? For me to reverse proxy a ssl server??? I dont care if the proxy is accessed as http or https, i just want it to work this way... Alex Heh, funny this should come up. I'm in the process of figuring it out myself. My setup is a bit different though: Multiple Apache Boxes -- reverse proxy w/ redirector -- fw - client. Right now the fw port forwards 80 to the r.proxy, the redirector rewrites the body of the request for the correct internal machine. Obviously an ssl encrypted body can't be rewritten (or parsed for that matter) so I have to decrypt it at the proxy. Squid 2.5 allows you to set https_port with a certificate. This will encrypt the session between the client and the proxy. I'm less worried about the internal network. The problem of course lies in the redirector and the signed cert for the web sites. Do I just get one signed for the proxy machine, or do I need multiple certs for all the websites (and if so, can more then one cert be assigned to the same port and will squid know which to use?) Best case scenario is a single certificate authenticated to the proxy box, for external connections. Chances are I'll end up hoping that Squid 2.5 allows for multiple SSL certs on the same port so then I can ssl all the websites off the proxy. Cheers, -- Lance Levsen, Systems Administrator, PWGroup - Saskatoon -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
mailing lists
Hey all. I'm looking for some guidance with regard to mailing list managers. We're not looking to host mailing lists, but to use the user-side admin capabilities (self subscribe/unsubscribe) and the delivery capabilities of a list manager to send out mass emails. Not spam, self-directed emails. Product sheets, newsletters, and so on. We use postfix as the mailer and I have narrowed it down to three options, majordomo because I know it works well w/ postfix, mailman because it's GNU. and a perl script/database/web page/procmail cause it's fun :) Anyone have any pointers or gotcha's with regard to these? Cheers, -- Lance Levsen, Systems Administrator, PWGroup - Saskatoon -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
Re: best way to keep web servers in sync
We use ssh - cvs - perl - ssh - perl for this. User commits a change to cvs, the loginfo process execs a perl script that itself ssh exec's a remote program to cd to the appropriate dir and cvs update the module. The advantage is that the live web tree only needs one user with write access to the live web tree, we have complete logging and we have reversion capabilities. The disadvantage is that the two perl progs have to be suid to the user on the remote box and that user has two way passwordless authentication. I know that wasn't really your question . . . but it's what we do. Cheers, -- Lance Levsen, Systems Administrator, PWGroup - Saskatoon -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
Webalizer
Hi, i'm looking for a web-log analyzer for potato and multiple virtual hosts. webalizer keeps breaking (didn't create stats for some days, and then starts again...), analog is ugly, ... and all need plain text log. I can't suggest alternative loggers, but one of the reasons that my webalizer kept breaking is because I had logrotate in the /etc/cron.daily as well. l comes before w. I changed the name of the logrotate script to 'zlogrotate' and webalizer hasn't had a problem since. Cheers, -- Lance Levsen, Systems Administrator, PWGroup - Saskatoon -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]