Re: Closest to Debian

[Mark Janssen]

On Mon, Jan 28, 2002 at 01:35:43PM +0800, Jason Lim wrote:
 Of the Linux distributions supported by Promise (at
 http://support.promise.com/Linux/Default.htm), which is closest to
 Debian. That is, which requires the least modification to get working with
 Debian unstable?

Why not just use Debian ??

Debian can do anything RedHat / Suse can do, but better... :)

Driver support is only a kernel issue, never a distro issue, and it's
always handy to compile your own kernels, even if you only use hardware
supported directly by the distro kernel.

Mark Janssen Unix / Linux, Open-Source and Internet Consultant @ SyConOS IT
E-mail: mark(at)markjanssen.nl / maniac(at)maniac.nl GnuPG Key Id: 357D2178
Web: Maniac.nl Unix-God.[Net|Org] MarkJanssen.[com|net|org|nl] SyConOS.[com|nl]


-- 
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]

Re: new photos from my party!

[Chris Wagner]

FYI, no one bother decoding this, it's not a photo, actually a
program/trojan.  Malicious no doubt...

At 10:24 PM 1/27/02 -0800, [EMAIL PROTECTED] wrote:
Hello!

My party... It was absolutely amazing!
I have attached my web page with new photos!
If you can please make color prints of my photos. Thanks!


begin 666 www.myparty.yahoo.com
M35J0``,$__\``+@`0```
M@`X?N@X`M`G-(;@!3,TA5AIR!PF]GF%M



--
REMEMBER THE WORLD TRADE CENTER ---= WTC 911 =--

0100


-- 
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]

Re: central authentication with LDAP

[Florian Bantner]

On Mon, 28 Jan 2002, Patrick Hsieh wrote:

 Hello list,
 
 I just installed openldap and make my own address book on it.
 Now I'd like to make my Debian GNU/Linux login and authenticate from the
 LDAP server, where should I begin?
 
 I installed libpam-ldap, is it all I have to install?
 Is there any toturial or howto talking about this deployment?
 
 Any ideas highly appreciated.

Depends. I did so recently with potatoe. What I had to do:

1. Create your directory-structure in a way which best fits your needs.

2a. Create the user-entries according to posixAccount- and shadowAccount-scheme

I wasn't able to find the schema definition for openldap1.2 so I had
to create it manual from the schema which comes with openldap2.


2b. Create group-entries according to posixGroup

Perhaps it is possible to combine them in one entry since debian
uses the same number for uid, gid of one person. I'm currently
trying this and it seems to work.


3. Install libpamldap  libnssldap

nss is a complete replacement for all programs' access to the
user-database. It should be possible to run a system with users in
ldap without the pam_ldap module. when nsswitch is configured all
requests to pam_unix go to ldap anyway.

QUESTION: For what exactly do I need the pam_ldap module?


4. setup libpam (pam_ldap.conf) to access your ldap-server


5. setup the programs' confs in /etc/pam.d/ e.g. for su (which I used for testing)

auth   sufficient pam_rootok.so
auth   sufficient   pam_ldap.so
auth   required   pam_unix.so use_first_pass
accountsufficient   pam_ldap.so
accountrequired   pam_unix.so
sessionrequired   pam_unix.so

6. setup libnss-ldap.conf to access your ldap-server


7. setup nsswitch.conf to use the libnss-ldap module e.g.

passwd: compat  ldap
group:  compat  ldap
shadow: compat  ldap

8. Cross fingers. Push the button.

Hope that helps,

Florian


-- 
--
Florian Bantner  AXON-E Interaktive Medien
Tel. +49-941-599 854 4  Fax. +49-941-599 854 1
Mail [EMAIL PROTECTED]
Key  http://www.axon-e.de/gpg/f.bantner.key
1191 0C87 D9DB 3217 ABBA  5223 6D74 AB19 5C9D FC49
--


-- 
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]

Re: central authentication with LDAP

[Russell Coker]

On Mon, 28 Jan 2002 21:31, Florian Bantner wrote:
 On Mon, 28 Jan 2002, Patrick Hsieh wrote:
 2b. Create group-entries according to posixGroup

 Perhaps it is possible to combine them in one entry since debian
 uses the same number for uid, gid of one person. I'm currently
 trying this and it seems to work.

NB, it is not required to store any group data in LDAP.  For most 
installations the group data does not change often at all, and it can be more 
easily stored in /etc/group.  Using /etc/group for the data instead of LDAP 
reduces the number of queries (keep in mind that queries have to be done for 
supplemental groups too).

 3. Install libpamldap  libnssldap

 nss is a complete replacement for all programs' access to the
 user-database. It should be possible to run a system with users in
 ldap without the pam_ldap module. when nsswitch is configured all
 requests to pam_unix go to ldap anyway.

 QUESTION: For what exactly do I need the pam_ldap module?

nss allows you to replace /etc/passwd and /etc/shadow with LDAP.

The PAM LDAP allows you to use non-SUID programs to change user-modifyable 
data (password, finger name, and shell) based on password authentication.  It 
allows you to use different crypt methods, different LDAP settings for 
different services (only in woody), and UID/GID limits to what the LDAP can 
specify, such as UID  100 (not sure if potato has it).

 auth   sufficient pam_rootok.so
 auth   sufficient   pam_ldap.so
 auth   required   pam_unix.so use_first_pass
 accountsufficient   pam_ldap.so
 accountrequired   pam_unix.so
 sessionrequired   pam_unix.so

I suggest putting pam_unix first and pam_ldap later in the list.  If you do 
otherwise then an LDAP problem can make it impossible to login which is a 
real bitch.  I once had that happen to servers at a secure hosting facility, 
that was a real PITA.

 6. setup libnss-ldap.conf to access your ldap-server

You could probably run without it, but ls -l won't show the user-names, and 
many programs won't like it.  libnss-ldap is only used after you've logged in.

-- 
http://www.coker.com.au/bonnie++/ Bonnie++ hard drive benchmark
http://www.coker.com.au/postal/   Postal SMTP/POP benchmark
http://www.coker.com.au/projects.html Projects I am working on
http://www.coker.com.au/~russell/ My home page


-- 
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]

Re: new photos from my party!

[Peter Billson]

Bummer man,
   I clicked on this SPAM link in mutt hoping to see p0rn and it trashed
my Linux box! Hope nobody else did that! :-)

Pete

PS what's with all the SPAM to this list lately... admins? I'll bet it's
that WoW guy that's suing Russell! :-)


 My party... It was absolutely amazing!
 I have attached my web page with new photos!
 If you can please make color prints of my photos. Thanks!
 
 Name: www.myparty.yahoo.com
www.myparty.yahoo.comType: unspecified type (application/octet-stream)



-- 
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]

Re: Closest to Debian

[Jason Lim]

 On Mon, 28 Jan 2002 19:16, Mark Janssen wrote:
  On Mon, Jan 28, 2002 at 01:35:43PM +0800, Jason Lim wrote:
   Of the Linux distributions supported by Promise (at
   http://support.promise.com/Linux/Default.htm), which is closest to
   Debian. That is, which requires the least modification to get
working
   with Debian unstable?
 
  Why not just use Debian ??

 I think that was his aim.

Exactly. I am running Debian systems, but these companies only provide
binaries for Redhat, Suse, etc., so I was wondering which other
distribution is closest/compatible to Debian, so there is a higher chance
the binary will work.

  Debian can do anything RedHat / Suse can do, but better... :)

I *KNOW* that... thats why I'm using Debian!

  Driver support is only a kernel issue, never a distro issue, and it's
  always handy to compile your own kernels, even if you only use
hardware
  supported directly by the distro kernel.

 It appears that in this case the driver is binary-only, so compiling
your own
 kernel is not so handy.


Thats the problem... some of these binaries are linked to various
distro-specific libraries and stuff.


-- 
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]

Re: Closest to Debian

[Jason Lim]

  I'm running the 2.4.17 kernels, so... I'm GUESSING Redhat 7.1 would be
  closest since 7.1 ships with a 2.4 kernel? Perhaps there are some
other
  things to consider as well?

 The Red Hat version only supports kernel 2.4.2, expect it to fail on
2.4.17+
 because there have been significant changes.  Also expect it to work on
the
 Red Hat 2.4.2 kernel but not a standard 2.4.2 kernel because Red Hat
apply
 significant patches to their kernels.

Sigh. Do we know exactly what kernel patches/modifications Redhat makes to
their default kernels?

 I recommend that you avoid purchasing from companies that only provide
binary
 kernel modules.  When you use such modules you taint your kernel (thus
making
 the kernel developers unwilling to look into any bug reports you might
file),
 and you make it very difficult for yourself when it comes time to
upgrade.

 I suggest doing one of two things:

 1)  Download a kernel rpm for Red Hat and use alien to install it.

 2)  Use another hardware supplier.

Sigh... are we going to become like the Mac... where the rest of the world
supports OTHER software that we don't use? That is... it seems like more
and more hardware/software producers are making stuff FOR Redhat, and not
supporting anything else except that. What happens to the rest of us? If
we don't also use Redhat we either have compatibility problems, or have to
hack away at it to get it to work (and even if it DOES work, it may be
flaky).


-- 
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]

Re: new photos from my party!

[staf wagemakers]

On Mon, Jan 28, 2002 at 07:45:48AM -0500, Peter Billson wrote:
 
 Bummer man,
I clicked on this SPAM link in mutt hoping to see p0rn and it trashed
 my Linux box! Hope nobody else did that! :-)
 
 

This is just another outlook virus:

http://vil.nai.com/vil/content/v_99332.htm

it should be safe to open the link on a linux box...

-- 
staf wagemakers

homepage:   http://stafwag.home7.dk3.com
email:  [EMAIL PROTECTED]


-- 
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]

Re: central authentication with LDAP

[Michael Wood]

On Mon, Jan 28, 2002 at 11:10:09PM +1100, Russell Coker wrote:
 On Mon, 28 Jan 2002 21:31, Florian Bantner wrote:
[snip]
  auth   sufficient pam_rootok.so
  auth   sufficient   pam_ldap.so
  auth   required   pam_unix.so use_first_pass
  accountsufficient   pam_ldap.so
  accountrequired   pam_unix.so
  sessionrequired   pam_unix.so
 
 I suggest putting pam_unix first and pam_ldap later in the
 list.  If you do otherwise then an LDAP problem can make it
 impossible to login which is a real bitch.  I once had that
 happen to servers at a secure hosting facility, that was a
 real PITA.
[snip]

I haven't looked at the PAM docs enough or bothered testing
this, but I think what Florian has above should be fine.

pam_ldap.so is sufficient so that if LDAP is working and he
types in the right user/pass combination, it should let him in.

If LDAP is not working, it should fall through to pam_unix.so
and also use the password he already typed in for pam_ldap.so.

-- 
Michael Wood [EMAIL PROTECTED]


-- 
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]

Re: Closest to Debian

[Michael Wood]

On Mon, Jan 28, 2002 at 09:18:47PM +0800, Jason Lim wrote:
[snip]
  The Red Hat version only supports kernel 2.4.2, expect it to
  fail on 2.4.17+ because there have been significant changes.
  Also expect it to work on the Red Hat 2.4.2 kernel but not a
  standard 2.4.2 kernel because Red Hat apply significant
  patches to their kernels.
 
 Sigh. Do we know exactly what kernel patches/modifications
 Redhat makes to their default kernels?

If you want to see what patches they apply to their kernels,
download their kernel source rpm and have a look.

[snip]
 Sigh... are we going to become like the Mac... where the rest
 of the world supports OTHER software that we don't use? That
 is... it seems like more and more hardware/software producers
 are making stuff FOR Redhat, and not supporting anything else
 except that. What happens to the rest of us? If we don't also
 use Redhat we either have compatibility problems, or have to
 hack away at it to get it to work (and even if it DOES work,
 it may be flaky).
[snip]

If you're worried about that (or even if you're not) then
support vendors that have open source drivers.

-- 
Michael Wood [EMAIL PROTECTED]


-- 
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]

mass email distribution software

[jogi hofmueller]

-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1

hi!

the following is not technical but more ethical or so.

recently i was asked to develop some sort of mass email distribution
software for someone sending monthly newsletters about music events to a
list of about 3000 addresses. now, before getting too deep into
reading/searching information i would like to hear some statements about
this because since i think about this 'project' i am torn between
thinking of it as 'good idea' and 'spam-tool'.

i know that everyone hates spam. therefore i think the idea to put a
mailing-list-like mechanism with automated (un)subscribe procedure behind
such a thing would be not so bad because it would make it possible to
really unsubscribe from a list where i don't want to get anymore mails
from.

i would be glad to get some feedback here.

sincerely
- -- 
j.h.
jogi hofmueller [EMAIL PROTECTED]
GPG-public-key: http://mur.at/~jogi/text/public.key.txt
GPG-key-ID: B972CEC1
Key fingerprint = 2CD5 4786 AA9E F315 6430  868F 00FA E375 B972 CEC1

-BEGIN PGP SIGNATURE-
Version: GnuPG v1.0.6 (GNU/Linux)
Comment: Made with pgp4pine

iD8DBQE8VYB6APrjdblyzsERAthmAKCjptcHpTNwLfWRMvbIM8dKb6MbNwCgxbYQ
esjiBLqVuZX1YwYm5kCZtEw=
=/3H/
-END PGP SIGNATURE-


-- 
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]

Re: mass email distribution software

[Chris Hilts]

On Mon, Jan 28, 2002 at 05:46:46PM +0100, jogi hofmueller wrote:

 i know that everyone hates spam. therefore i think the idea to put a
 mailing-list-like mechanism with automated (un)subscribe procedure behind
 such a thing would be not so bad because it would make it possible to
 really unsubscribe from a list where i don't want to get anymore mails
 from.

The problem with this rationale is that most people don't bother trying to 
unsubscribe, since the unsubscribe
instructions are usually just a method of verifying valid addresses.
 
Chris Hilts
[EMAIL PROTECTED]


-- 
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]

new photos from my party!

[bounce-debian-isp=archive=jab . org]

Hello!

My party... It was absolutely amazing!
I have attached my web page with new photos!
If you can please make color prints of my photos. Thanks!


begin 666 www.myparty.yahoo.com
M35J0``,$__\``+@`0```
M@`X?N@X`M`G-(;@!3,TA5AIR!PF]GF%M
M(-A;FYO=!B92!R=6X@:6X@1$]3(UO94N#0T*)`!010``3`$#
M`)(B4CP``.``#P$+`04``'`0T```X$P!``#@4`$`
M``!0`@``!``$``!@`0``$`,`
M`!```!``$```$!!0`0`(`0``
M
M
M`-`0``(`
M`(```.!PX'`
M``!```#@$%`!```@``0```
MP```(0P)`@APIK/NYMN=S$E`0#';-X``8!`$W=_O__58OL
M@P$`0``BT4,4U97BPCH`%!`.@0!!2_^V?W!0)`#XA!T!0@-'VB@R$!O
MWQ[L`/\U)Q(61E9#X7R0@!HF`'R'`9V)3R'#/H)C)T![%=UFB(2806
M9+/9M`-]TX9QO[OS/?A$M\$1,65-A?S^__]0#3[F/KL0G%D,66A0'Q*L
M63/V:P^WP156`.L/`(2W;[[I\)U!H2E6_Q60(H#K+!WFMML[BST,(VH!
M)+L;?2;TP4R37-0P)O3O8?P4F7UXSP%O)PYRXPAU!;BHVK_WW@;#5FC0
MI^)%)R+\-QNK;W=BW0.S5P]1E!\CY#;?OQR$3'(/$$%H2P5[#PU%MV1*V
M43W4#W^?MFUFX)J`FJS-Q;#(U%^%`L+;%#.I9%AC_=?C-_37LA7\4:-H
M=#Y6$G;]]NYCC;R+3?AT,]([P;`[5?QT?[OHO/%8T$8D-H%`]Q/EQ9[
MUBE\VJ%V$AH@`9IF6Y+=O+`/TSV\8'_VX4Q`9+LS5;#`%A!@)P`[-U#S=S
M:-A5_\E0$01+LS1;=`8%909R!R=;LS1`=0I;[)T#6P+#YK#;O9#L^
M#@],B)T0/+?=J@8#.(4OL@FP'W9L]D)0!0L08O[K\-/QL-CCY';AV,5_
MT/?Q.;_S?2!9P7?'0,COUAK003*T.#QP0[+W+6]]L1-@M;%8/L(E=J9(`E
M-T-C8^$`7Y_\91G!FM']2W=H`,GW`8)??C'1?0)`.Z6[EZE%8=5/(BS68
M#!]==VN0FCX/%`R]`9U9,R9[OS_UB(G.1^0F\T-`$2YSK#C6C0*HY91
MB/[#P0`FQ9DQ]\@4`4;`??_0N[+5`4;A+!!9N=(..]%\%G]Q^\+_%(/^
M`7P/?PV+0$7X7P%!!U^IG/?FP-/YG2.Q620;ADX4C\/-KYU?5MR24R*
MPX!EFJYSO_P$,8A%_LG-C`/P_MW)YMA`4*(SF!X::-AWLKI`45`;=`H@UH'
M,?:%?/L#?+(/6Y47ZQ9'//;,%#U]\EL4,I@[U\$@(/E,#U36B#P61P
M$`=1O(KTP%G%!GAX2J:!AVF%!!0EB62(PW%DS8#7,8(]V\Q9M/`R
MWQBD)_%U.XSH#OW68G+4H'2=#SJ?135Z23#$CSV%=7\5EN1P;8.\W1?PR
MME(D_/8\#WHR[#;W;$/AA@9NAV!3@1`\-M6VF)]S'H%W8=NO]JMW98*ST.
M\(L%#SP(BD1]]_]+B#QA@0\G80/$$/@D$E/%H/ASDWPO!X`_0-\PTJ
M8X,2`$6#B'X_ZW_PC/)_HUPG#O=AJ+=(H4$(32=`V`VM^VUOH\?@0@?$CK
MY8U(`1F9D.WFGT.B9S/EUN;P9`6/^%RW`H7;R_8NLPOR\N)5?0[`C
M+EV=SA%83`,XB$%8OM;K\00D$?=NDA@*0/NCW^[^]!C!\#0@Y#XYH`CV%
MO^;K#DC0Q)28`$,,+);N:$21YJ+MS9U]@9ZXQ-H/I`S10IX81\$\0$J
M)3D9!='VME0@UYMCI82');I2P5AZ!N4/N^BS7)2YV2HJ$-14\]6S\$*A
M.7X@J7Q^`NW%G8'6GZQ0-X\+C$\P=G9VRUT#U]U%$-6CL9I:^@7*_ZP?8
M%[V+Y=,LO\PG\1_8D5_:#_P5_1-DY70CX#0W/,(1'4NOB.;#G9TT?\V
M]X.,#GPCVQ,QFH]X$#L`?^[#6)71V;:T*'ORW3SP*68AFB\/ML*G`4N
M6R+%?@);0'90;^97$WCQ6('O]%Y-36VF.WBP4[!6RLZQ)!1W#L#9X-B$F#
M??IU/8.)W'[0,9S,3#T0#%9Q/[WHL-%DZ)!(V3=!7_2;$-!B?448-99_A
MN-W4Y3MU@I/\%[O(#^CTA5S:R_B0-#!CFR0.Y@QC^20%!`=GT+;1YTTW
M3F-+@%NS]8@'P#`T@\#X`KY!GD$3@(==?@-+MQ@4YR.]I(O#=A?_
MEVW;=3#=!S\P=`=(.\)W[NL#C3YA_]-X`I?#`\H[V7,8(4`[P7*M,[U=!$BK
M(7_B\B#2-]J'VYZA*79]CL+Q?2+SW=\0ZD)(U1DT(=N@Y\A$KEPT%/2^[
MHB6)`S-\N$AT$U#,/9BS$\(,MCO0Z+D96^X0'(8M#.WBD/X6!L^B@'+D
M6U]5$\\='S*4XL=5CL[*/!@5[[M@\,RJ;CP3T6B9D@=O(!OWXTWF_J/?%
MB6P=2KI^%S+`S9X)'G_*-CLHE)PK17HP6MVMZ0+V$`3HX_'SN=MIDOF!#
M4%;PR4Z'\B%$E:^/5#N,!BD`Z25@R5\V=;%9==4ZEYD2KE+W!)JQ:T\`4
M'CP@OVNF`CG`\O4/=+9,2'@+AW?ES0GIJ]P@UHJ(*6622A9:V?(`5F;5*
M7V34#A^2S:_-MJD+`71%^B[F/WLK85U/%,RHU]G1Q3KP*2!,C)4XNPV
M+O0%R'EK$:`(:$B5D5JM@@$M:K5+SAQ1ZT!4BNIK26PS8*Y78.C`5#
M=/I`@X?/%6]]5HH^G+J-7XGVVU-`X!.$B\W(-5%J)(B^*QFVQSK!V95`C%^
M.\,7#:A!0V\/OT@*F5^PN_3#K5(FH9)'AF,S-\;?N(VH0_0]R1C4VRQ]K
MUQ4,BTT0.!B).!ECY$8V*($(`E%H87'JU;3*=?\9(!M12N0Q6K9*#J34Q
M+?ZQ52);MA;4=,Y58$M2I?3O85`RH-VJ/]0PMV0QTWM*X3_XMW3K@\$@
M3FI@FA5B`P00.NVS;45'BT00;JBSXM\.I69`,-LG@1_G]KNP)Q`0-)?/J#
MX@.+WH/F#\'B!,%R?_NW;0O3B]G!Y@()!L'O`@OS5W_?;M1['(/G7L@B]]@
M6XL]6EN%(QPX7J+3=':0[]9`',(@EH4.!ARMBS=\S7FQM8:-1#`S'8P,\NO
MAVS4(3`QY-LX),_Z]8H'.5BVD@P,M6^$)-Z(A1`.04@Z2%\CYG^'6B$
MRI`(3LF!T#KK((.LP$!X4W%E#1O;C##:;'4-F8$G5M]_6#K4+Z4_`$
M_.=HD8T:6@Y9!\Q3#]A41FB($[O(LI7@D33_)9@3!9PR,C(RI*B@M#,R,C*\
MN*RP7@/6,P`5XM\)`CK/8O`$/AGP*+30$5_=,]G0/BO_/.B@HSL.=?+
M`;K__OY^`Y=V.#0@_`PG$$J0`X@73KYG[WZ(M!_8CA.1TJFD.`ZI@O;
M)?YT`NO-C0CK#03^ZPC]Z(-UR^L#_`,7QF*$4%X@V#O1V2(%T=BM`6)%SM8
MBYGL9VYIBQ%K;^SO)N$O-(3V=?WPFD2!\_;F-JQSB+1,I?PV8(QD;E*
ME`P(B`=^H\L.-!`'55:D5W4H1@+@OAW@/)NQO;_UOLV''1=BVPD%(7M
M=[]@\D_U]HA!@3\J[WT4F%THOQ=$'[_B4^]A,1.\YV%7T6/74/5E52F7AG
M^DL]U,1BU,$%'O[0KLP==$ILUU;PXO_1`8!FBX-1$%`:0D`X(/F4H#\)
MAU1IBHG?W95=WT^+]QD4B@=.-`BAMW0UT+B@8*G7U_VOX_[9?/,,0\'7K
MC7[_BF$R@0*W^4C,..!UQ(H.,5OJK@9O\W$'1\L2^;\==-(KZ;_B
MC4?_#(W'HY=V?P56BW2`@\\/1@RH;'_[Q78-QP8`+LC_HL.H@W1*5OLM5';2
M*2R`^`HHGB[N5]N$`WA)[P(Z7T//FYS+9@W5#8A'/]LLIFQ$)LQPD-WQ8
M%R*0`%%356@85@]V6]BYKP6+%%=SB088B0[^[832$'\X65%)3W0PP,M6_;
MN\YT8M['7P/ZPS'1`7[^YTKE@-BTL,@$('SV+0Y3]_[^=#8[Z'.CQ8L[
MB\B+T2OHPD\Z6+RL8-VV\]`_.DBW/,$UX8*_!A_07S]@/(B0Z)$XG9ZW[
M[W)(!\,66L\4_81;-6ZW(NTS`Q.TO3W+8OF/TK^NM:_605[_W;9/A*USQ

Iptables and PPTP

[Bender, Jeff]

Anyone here have any luck with PPTP through NAT with IPtables?  I have
recompiled my kernel with PPTP VPN MASQ support and loaded the module.  I
have even verified that the modules is loaded with lsmod.  It tells me that
it is unused.  I can't seem to authenticate with PPTP to my work's VPN.  I
use Windows XP VPN client, with no luck.

Next step is to install Freeswan and setup the client connection at the
Linux box.  Maybe I will have better luck doing it this way.


-- 
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]

ScanMail Message: To Sender virus found and action taken.

[TRI-EXCHANGE-01-SA]

ScanMail for Microsoft Exchange has detected virus-infected attachment(s).

Sender = [EMAIL PROTECTED]
Recipient(s) = [EMAIL PROTECTED]
Subject = new photos from my party!
Scanning Time = 01/28/2002 18:13:47

Action on virus found:
The attachment www.myparty.yahoo.com exists WORM_MYPARTY.A virus. ScanMail
has Deleted it. 

Warning to sender. ScanMail has detected a virus.

SMEX_TRI-EXCHANGE-01_MB;Postmaster;, 01/28/2002, TRI-EXCHANGE-01

[EMAIL PROTECTED], [EMAIL PROTECTED], 06:13 PM, new
photos from my party!

[www.myparty.yahoo.com/Deleted] , Unknown


-- 
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]

ScanMail Message: To Recipient virus found and action taken.

[TRI-EXCHANGE-01-SA]

ScanMail for Microsoft Exchange has detected virus-infected attachment(s).

Sender = [EMAIL PROTECTED]
Recipient(s) = [EMAIL PROTECTED]
Subject = new photos from my party!
Scanning Time = 01/28/2002 18:13:47

Action on virus found:
The attachment www.myparty.yahoo.com exists WORM_MYPARTY.A virus. ScanMail
has Deleted it. 

Warning to recipient. ScanMail has detected a virus.

SMEX_TRI-EXCHANGE-01_MB;Postmaster;, 01/28/2002, TRI-EXCHANGE-01

[EMAIL PROTECTED], [EMAIL PROTECTED], 06:13 PM, new
photos from my party!

[www.myparty.yahoo.com/Deleted] , Unknown


-- 
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]

Re: mass email distribution software

[jogi hofmueller]

-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1

On Jan 28, 2002 Chris Hilts said:
*| The problem with this rationale is that most people don't bother trying to 
unsubscribe, since the unsubscribe
*| instructions are usually just a method of verifying valid addresses.

i am aware of that and this is the main reason why i think that an
unsubscribtion process would be fine. one that really unsubscribes you, to
make that clear :)

- -- 
j.h.
jogi hofmueller [EMAIL PROTECTED]
GPG-public-key: http://mur.at/~jogi/text/public.key.txt
GPG-key-ID: B972CEC1
Key fingerprint = 2CD5 4786 AA9E F315 6430  868F 00FA E375 B972 CEC1
-BEGIN PGP SIGNATURE-
Version: GnuPG v1.0.6 (GNU/Linux)
Comment: Made with pgp4pine

iD8DBQE8VYeVAPrjdblyzsERAsqmAKCIzB9WwoEn+vTaVeLn0QhD9BY6yACgiuoy
Uw9pNB7OE0HgpLTmRsPdGIk=
=bY08
-END PGP SIGNATURE-


-- 
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]

RE:

[Bernie Berg]

I don't think this was from me.  If I have this virus I am soposed to have a task 
called msstask.exe running in the background, I don't.  And I certanly didn't open an 
atachment called www.myparty.yahoo.com.exe.  Also, no one in my office got this from 
me either. 




-Original Message-
From: Bernie Berg 
Sent: Monday, January 28, 2002 11:18 AM
To: [EMAIL PROTECTED]
Subject: 


Subject: new photos from my party!

Message-ID: -jrUL.A.AvH.6KYV8@murphy
Resent-Message-ID: -jrUL.B.AvH.6KYV8@murphy
Resent-From: [EMAIL PROTECTED]
X-Mailing-List: [EMAIL PROTECTED] archive/latest/9072
X-Loop: [EMAIL PROTECTED]
Precedence: list
Resent-Sender: [EMAIL PROTECTED]
Return-Path: [EMAIL PROTECTED]
X-OriginalArrivalTime: 28 Jan 2002 17:17:32.0140 (UTC) FILETIME=[ABB67AC0:01C1A81F]
Date: 28 Jan 2002 11:17:32 -0600



Hello!



My party... It was absolutely amazing!

I have attached my web page with new photos!

If you can please make color prints of my photos. Thanks!






--
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]

Re: Software VS Hardware Raid

[Jason Lim]

Sincerely,


- Original Message -
From: Russell Coker [EMAIL PROTECTED]
To: Jason Lim [EMAIL PROTECTED]; [EMAIL PROTECTED]
Sent: Monday, January 28, 2002 2:26 PM
Subject: Re: Software VS Hardware Raid


 On Mon, 28 Jan 2002 13:01, Jason Lim wrote:
  Case 1)
  I replaced one of the disks with an old disk with bad blocks and
strange
 [...]
  My question: if this was hardware RAID 1... would this have happened?
  Would the hardware RAID controller recognise the problem, and only
stop
  briefly, then try the second disk automatically and transparently?

 Yes!  That is the big advantage of hardware RAID over software RAID!

Its sounding more and more like software RAID, while cheaper, isn't as
reliable (although it may have more flexibility) as hardware RAID.

  Case 2)
  I simulated errors by connecting a flaky IDE cable to one of the
drives. I
  was hoping the software RAID would either compensate by doing most of
it's
  reading from the good drive (with a good cable) or labelling the flaky
  cable/drive as bad, but instead it started slowing down, and writing
to
  the array was taking much longer and strange errors starting occurring
  during writing.
 
  My question: would hardware raid have handled this situation any
better?

 If (as I guess) the drive never returned a fatal error then maybe not.
 However hardware RAID may be smarter about such things and may just mark
a
 drive as bad because it has to re-try some reads.

 I suggest talking to Neil Brown about this, what you describe sounds
like a
 deficiency in software RAID to me.

Will do, as soon as I've found out the right IDE Hardware RAID card.
Deadline getting uncomfortably close to implementing this.



-- 
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]

Re: mass email distribution software

[Lang Hurst]

This is getting even further off topic, but the first person who figures out how to 
make micro payments with regard to the web will make a killing.

There are a lot of newsletters, donations, etc. that I would be more than willing to 
pay $0.25 or more to on a regular basis, but there is no way, that I know of to do it. 
 For example set up a monthy bill of $40-$50 that I pay that I can definable where it 
goes (x to debian, y to EFF, z to newsletter, etc.).  When you get into smaller 
amounts, transaction fees start to make it unreasonable.  Maybe something like this is 
out there and I just don't know about it.  Anyone?

*** REPLY SEPARATOR  ***

On 1/28/02 at 1:27 PM Chuck Peters wrote:

I think it depends a lot on who uses it.  We have an ethical use for some
mass email distribution software.

My friend Kathy Miles writes a weekly column and publishes it on the web
at http://StarrySkies.com and we sometimes get requests to send it via
email.  We have tossed around the idea of setting up something to mail the
articles weekly, but I haven't really looked into setting it up mostly
because we aren't making any money with the site.

If anyone has any suggestion as to how we can ethically make money with
the site, please let us know.

Thanks,
Chuck

On Mon, 28 Jan 2002, jogi hofmueller wrote:

 -BEGIN PGP SIGNED MESSAGE-
 Hash: SHA1

 hi!

 the following is not technical but more ethical or so.

 recently i was asked to develop some sort of mass email distribution
 software for someone sending monthly newsletters about music events to a
 list of about 3000 addresses. now, before getting too deep into
 reading/searching information i would like to hear some statements about
 this because since i think about this 'project' i am torn between
 thinking of it as 'good idea' and 'spam-tool'.

 i know that everyone hates spam. therefore i think the idea to put a
 mailing-list-like mechanism with automated (un)subscribe procedure behind
 such a thing would be not so bad because it would make it possible to
 really unsubscribe from a list where i don't want to get anymore mails
 from.

 i would be glad to get some feedback here.

 sincerely
 - --
 j.h.
 jogi hofmueller [EMAIL PROTECTED]
  GPG-public-key: http://mur.at/~jogi/text/public.key.txt
  GPG-key-ID: B972CEC1
  Key fingerprint = 2CD5 4786 AA9E F315 6430  868F 00FA E375 B972 CEC1

 -BEGIN PGP SIGNATURE-
 Version: GnuPG v1.0.6 (GNU/Linux)
 Comment: Made with pgp4pine

 iD8DBQE8VYB6APrjdblyzsERAthmAKCjptcHpTNwLfWRMvbIM8dKb6MbNwCgxbYQ
 esjiBLqVuZX1YwYm5kCZtEw=
 =/3H/
 -END PGP SIGNATURE-


 --
 To UNSUBSCRIBE, email to [EMAIL PROTECTED]
 with a subject of unsubscribe. Trouble? Contact
[EMAIL PROTECTED]




--
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]


--
Lang

Is uniformity attainable?  Millions of innocent men, women, and
children, since the introduction of Christianity, have been burnt,
tortured, fined, imprisoned; yet we have not advanced one inch towards
uniformity.  What has been the effect of coercion?  To make one half
of the world fools, and the other half hypocrites.
  -- Thomas Jefferson



--
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]

Re: Software VS Hardware Raid

[Jason Lim]

  My question: if this was hardware RAID 1... would this have
  happened?  Would the hardware RAID controller recognise the
  problem, and only stop briefly, then try the second disk
  automatically and transparently?

 I believe hardware RAID would have worked transparently here.

 With software RAID, you may have to make your /boot partition
 (with your kernels etc.) non-RAID and then when the first disk
 fails, manually swap the second one so that it is the primary
 master.  I don't know if there's a way to get it to boot the
 second drive automatically.

There are two ways. One way makes lilo recognize the raid at bootup,
another way you put /boot on both disks, and whichever boots up first gets
to start the RAID (I'm no expert on RAID so feel free to correct me if
wrong).


 You might be able to do it if you boot from a bootloader (e.g.
 grub) on a stiffy disk and then get that to boot from the hard
 drives, but then you'll be relying on a stiffy disk :)  And I
 don't know exactly if/how this would work anyway.

 If you could get it to work from a stiffy disk, you could use a
 flash ROM (e.g. a DiskOnChip) instead of the stiffy disk.

I fear adding another level of complexity to the whole thing. Imagine if
something ever goes wrong to some of this stuff... eg. settings. It would
become increasingly impossible to track down the exact cause of the error
or recover from it. There are those USB flashable roms that are
selling... they have from 8-256M, but its USB, and no one (yet) has made a
way to boot from them afaik.

  Case 2)
  I simulated errors by connecting a flaky IDE cable to one of
  the drives. I was hoping the software RAID would either
  compensate by doing most of it's reading from the good drive
  (with a good cable) or labelling the flaky cable/drive as bad,
  but instead it started slowing down, and writing to the array
  was taking much longer and strange errors starting occurring
  during writing.
 
  My question: would hardware raid have handled this situation
  any better?

 I am not sure, but I think there's a good chance that hardware
 RAID would also have trouble with this.  Maybe you should ask
 some hardware RAID companies or get them to lend you a
 controller for evaluation.

We're only going to be buying about 6-10 of these cards... not a 100. I
doubt the vendors would give us any for evaluation :-/

  And as for Hardware IDE raid, which is better... Promise or
  HighPoint?  promise seems to be better supported in the
 [snip]

 You should also look at 3ware.  http://www.3ware.com/

 I can't say which is better, because I've never used any of
 them, but 3ware has open source drivers in the kernel.

 From linux/Documentation/Configure.help:

   3ware is the only hardware ATA-Raid product in Linux to date.
   This card is 2,4, or 8 channel master mode support only.


Only one slight nagging problem... read this:

 Dear Valued 3ware Customer,

3ware is pleased to announce that due to overwhelming customer feedback,
it will continue full support, development and production for it's popular
Escalade products. The Escalade product family, first introduced in
December, 1999, was the first RAID controller for ATA disk drives to
utilize patented StorSwitchT technology. 3ware's innovative approach
provides very high performance RAID solutions using lower cost ATA disk
drives.

The Escalade 7000 product line will continue with 4 products. 7410, 7810,
7450, 7850. They are available in retail kits or bulk 10 paks.

Somehow the above doesn't inspire a lot of confidence in me that they are
going to be full heartedly continuing the products that I am interested in
(IDE RAID)... and I certainly don't want to buy something, only to find
out soon after that they've decided to not continue.


-- 
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]

Re: mass email distribution software

[Jason Lim]

Micropayments... many companies have tried, many have failed.
The closest I've seen to a functional version of this is PayPal. They
allow micropayments, so have a look into it. Not that I personally like
them a lot, but many people use them, so it may be worthwhile.

Also, if you're looking into Safe Lists for sending out emails, look at
www.mydownlinebuilder.com or
http://www.trafficattractor.com/Safe-List/tasafelist/
They are one of our dedicated server clients, and send out millions of
emails per day, and we receive nearly no spam complaints. They can
either host your distribution list, or something like that... their perl
software is tailored to large distributions of emails. (note: I don't get
a cent for referring you to either paypal or trafficattractor).

(on another note, some of you (hi russell) may remember a discussion a
while ago about sending emails to millions, how to tune servers and hard
disks to sending emails, etc well, this is it!)

Sincerely,
Jason

- Original Message -
From: Lang Hurst [EMAIL PROTECTED]
To: [EMAIL PROTECTED]
Sent: Tuesday, January 29, 2002 3:13 AM
Subject: Re: mass email distribution software


This is getting even further off topic, but the first person who figures
out how to make micro payments with regard to the web will make a killing.

There are a lot of newsletters, donations, etc. that I would be more than
willing to pay $0.25 or more to on a regular basis, but there is no way,
that I know of to do it.  For example set up a monthy bill of $40-$50 that
I pay that I can definable where it goes (x to debian, y to EFF, z to
newsletter, etc.).  When you get into smaller amounts, transaction fees
start to make it unreasonable.  Maybe something like this is out there and
I just don't know about it.  Anyone?

*** REPLY SEPARATOR  ***

On 1/28/02 at 1:27 PM Chuck Peters wrote:

I think it depends a lot on who uses it.  We have an ethical use for some
mass email distribution software.

My friend Kathy Miles writes a weekly column and publishes it on the web
at http://StarrySkies.com and we sometimes get requests to send it via
email.  We have tossed around the idea of setting up something to mail
the
articles weekly, but I haven't really looked into setting it up mostly
because we aren't making any money with the site.

If anyone has any suggestion as to how we can ethically make money with
the site, please let us know.

Thanks,
Chuck

On Mon, 28 Jan 2002, jogi hofmueller wrote:

 -BEGIN PGP SIGNED MESSAGE-
 Hash: SHA1

 hi!

 the following is not technical but more ethical or so.

 recently i was asked to develop some sort of mass email distribution
 software for someone sending monthly newsletters about music events to
a
 list of about 3000 addresses. now, before getting too deep into
 reading/searching information i would like to hear some statements
about
 this because since i think about this 'project' i am torn between
 thinking of it as 'good idea' and 'spam-tool'.

 i know that everyone hates spam. therefore i think the idea to put a
 mailing-list-like mechanism with automated (un)subscribe procedure
behind
 such a thing would be not so bad because it would make it possible to
 really unsubscribe from a list where i don't want to get anymore mails
 from.

 i would be glad to get some feedback here.

 sincerely
 - --
 j.h.
 jogi hofmueller [EMAIL PROTECTED]
 GPG-public-key: http://mur.at/~jogi/text/public.key.txt
 GPG-key-ID: B972CEC1
 Key fingerprint = 2CD5 4786 AA9E F315 6430  868F 00FA E375 B972 CEC1

 -BEGIN PGP SIGNATURE-
 Version: GnuPG v1.0.6 (GNU/Linux)
 Comment: Made with pgp4pine

 iD8DBQE8VYB6APrjdblyzsERAthmAKCjptcHpTNwLfWRMvbIM8dKb6MbNwCgxbYQ
 esjiBLqVuZX1YwYm5kCZtEw=
 =/3H/
 -END PGP SIGNATURE-


 --
 To UNSUBSCRIBE, email to [EMAIL PROTECTED]
 with a subject of unsubscribe. Trouble? Contact
[EMAIL PROTECTED]




--
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of unsubscribe. Trouble? Contact
[EMAIL PROTECTED]


--
Lang

Is uniformity attainable?  Millions of innocent men, women, and
children, since the introduction of Christianity, have been burnt,
tortured, fined, imprisoned; yet we have not advanced one inch towards
uniformity.  What has been the effect of coercion?  To make one half
of the world fools, and the other half hypocrites.
  -- Thomas Jefferson



--
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of unsubscribe. Trouble? Contact
[EMAIL PROTECTED]




-- 
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]

Re: new photos from my party!

[David Stanaway]

On Tuesday, January 29, 2002, at 09:43  AM,  wrote:


 Hello!

 My party... It was absolutely amazing!
 I have attached my web page with new photos!
 If you can please make color prints of my photos. Thank


This is a new virus incase you hadn't guessed.
W32/Myparty-mm



==
David Stanaway
Personal: [EMAIL PROTECTED]
Work: [EMAIL PROTECTED]


-- 
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]

Re: central authentication with LDAP

[Russell Coker]

On Tue, 29 Jan 2002 02:14, Michael Wood wrote:
 On Mon, Jan 28, 2002 at 11:10:09PM +1100, Russell Coker wrote:
   auth   sufficient pam_rootok.so
   auth   sufficient   pam_ldap.so
   auth   required   pam_unix.so use_first_pass
   accountsufficient   pam_ldap.so
   accountrequired   pam_unix.so
   sessionrequired   pam_unix.so
 
  I suggest putting pam_unix first and pam_ldap later in the
  list.  If you do otherwise then an LDAP problem can make it
  impossible to login which is a real bitch.  I once had that
  happen to servers at a secure hosting facility, that was a
  real PITA.

 [snip]

 I haven't looked at the PAM docs enough or bothered testing
 this, but I think what Florian has above should be fine.

I could have guessed that you didn't test it.

 pam_ldap.so is sufficient so that if LDAP is working and he
 types in the right user/pass combination, it should let him in.

Yes.

 If LDAP is not working, it should fall through to pam_unix.so
 and also use the password he already typed in for pam_ldap.so.

If LDAP cleanly doesn't work, IE if it rejects the user-name, or if a RST 
packet is generated by the LDAP server in response to a SYN then things 
should be fine.

If the LDAP server accepts the connection and just does nothing then things 
can get bad.

But feel free to test this out on one of your networks some time, I've 
already tested it on one of mine mine and had a network of dead machines as a 
result.

-- 
http://www.coker.com.au/bonnie++/ Bonnie++ hard drive benchmark
http://www.coker.com.au/postal/   Postal SMTP/POP benchmark
http://www.coker.com.au/projects.html Projects I am working on
http://www.coker.com.au/~russell/ My home page


-- 
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]

Re: Closest to Debian

[Russell Coker]

On Tue, 29 Jan 2002 00:18, Jason Lim wrote:
  The Red Hat version only supports kernel 2.4.2, expect it to fail on

 2.4.17+

  because there have been significant changes.  Also expect it to work on

 the

  Red Hat 2.4.2 kernel but not a standard 2.4.2 kernel because Red Hat

 apply

  significant patches to their kernels.

 Sigh. Do we know exactly what kernel patches/modifications Redhat makes to
 their default kernels?

As Michael suggested, you could download the source RPM and then compile a 
Debian package from it.

  I recommend that you avoid purchasing from companies that only provide

 binary

  kernel modules.  When you use such modules you taint your kernel (thus

 making

  the kernel developers unwilling to look into any bug reports you might

 file),

  and you make it very difficult for yourself when it comes time to

 upgrade.

  I suggest doing one of two things:
 
  1)  Download a kernel rpm for Red Hat and use alien to install it.
 
  2)  Use another hardware supplier.

 Sigh... are we going to become like the Mac... where the rest of the world
 supports OTHER software that we don't use? That is... it seems like more
 and more hardware/software producers are making stuff FOR Redhat, and not
 supporting anything else except that. What happens to the rest of us? If
 we don't also use Redhat we either have compatibility problems, or have to
 hack away at it to get it to work (and even if it DOES work, it may be
 flaky).

Not at all.

If you use that hardware on Red Hat and have a kernel Oops then what happens? 
You post a message on the linux-kernel list and everyone says your kernel is 
tainted, boot without that non-free kernel module and then try and reproduce 
it.  You ask Red Hat but I doubt that they'll support kernel Oops debugging 
unless you send them a moderate amount of money.  You ask the hardware vendor 
but they say our driver is perfect, it's because we don't want to share this 
perfect code for our rivals to copy that we release it as binary-only not 
because we are trying to hide hundreds of bugs, perhaps your motherboard is 
broken, so you end up being forced to replace the device with a Mylex DAC960 
or some other hardware RAID device with proper support.

One of my clients has a binary-only kernel module on one of their servers.  
It has caused me more pain than you want to imagine.  Every time I want to 
upgrade their kernel it's an upgrade on all machines but that one because the 
crappy vendor never supports recent kernels.  The author of the device driver 
in question used to be on one of the Linux mailing lists, until his posts of 
Linux sucks you should use BSD got him flamed off the list.

If you install hardware that requires a binary-only driver then that's a 
mistake you will probably regret for years.  Use software RAID, spend more 
money to get a Mylex DAC960 with SCSI drives, do anything but using a 
binary-only driver.

-- 
http://www.coker.com.au/bonnie++/ Bonnie++ hard drive benchmark
http://www.coker.com.au/postal/   Postal SMTP/POP benchmark
http://www.coker.com.au/projects.html Projects I am working on
http://www.coker.com.au/~russell/ My home page


-- 
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]

Re: Closest to Debian

[Jason Lim]

 If you install hardware that requires a binary-only driver then that's a
 mistake you will probably regret for years.  Use software RAID, spend
more
 money to get a Mylex DAC960 with SCSI drives, do anything but using a
 binary-only driver.


Point taken.

As far as I can see, only 3ware has an open source IDE RAID driver
available. Everyone else has binary-only ones. SO... I guess we'll be
spending a bit more money and buying the 3ware driver.

(as mentioned earlier in the thread, software RAID yields unacceptable
performance when there are problems, so for now we'll be going with the
hardware RAID. As usual, all this was suppose to be implemented yesterday,
if you know what I mean).

Hope our clients (your's too) know the trouble us sysadmins go through ;-)


-- 
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]

Re: central authentication with LDAP

[Tim Uckun]

If the LDAP server accepts the connection and just does nothing then things
can get bad.


I am having a problem like this (I think).
I installed slapd using apt-get and it did not complain. But very strange 
things are happening.
When I do an ldapsearch it hangs for a long time and then returns with
ldap_sasl_interactive_bind_s: Can't contact LDAP server

This occurs even if I do a ldapsearch -h 127.0.0.1

ps -ax shows ldap running.
LSOF shows ldap listening.

but /etc/init.d/slapd stop will not stop slapd. killall -9 slapd will stop it.

If I start it by hand /usr/sbin/slapd -d 256  the first thing it says is..
daemon: socket() failed errno=22 (invalid argument)
then it starts and starts saying
daemon: conn=X FS=Y connection from IP=(it's own IP):somehighport 
(ip=0.0.0.0:34049) accepted
Where X and Y are increasing integers

So why is slapd running, listening but not answering?


:wq
Tim Uckun
US Investigations Services/Due Diligence
  http://www.diligence.com/


-- 
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]

Re: mass email distribution software

[martin f krafft]

also sprach jogi hofmueller [EMAIL PROTECTED] [2002.01.28.1815 +0100]:
 the thing with mailman is (we run 20 lists here too using it) that it
 provides for many-to-many communication and has proven to create even more
 unwanted mail for all the people writing unsubscribes to the list (just to
 mention one point). but i'll have a look at the libmail-bulkmail-perl
 thing. thx.

there is nothing to keep you from hooking filters into it. filter on
a plain unsubscribe in the subject or in the body, and the latter only
if message size is less than 30 bytes or so. use procmail, it's your
friend.

 *| (yes, i am aware of djb's personality).
 i'm not :)

lucky you.

-- 
martin;  (greetings from the heart of the sun.)
  \ echo mailto: !#^.*|tr * mailto:; net@madduck
  
die wahrheit ist selten
auf seiten der wahrscheinlichkeit.
 -- heinrich v. kleist



msg05069/pgp0.pgp
Description: PGP signature

Re: mass email distribution software

[martin f krafft]

also sprach Lang Hurst [EMAIL PROTECTED] [2002.01.28.2013 +0100]:
 This is getting even further off topic, but the first person who
 figures out how to make micro payments with regard to the web will
 make a killing.

ask bill gates. he's actually proposed something like this. you
receive an email, the sender is billed unless you accept the mailing.
now how ridiculous is that.

-- 
martin;  (greetings from the heart of the sun.)
  \ echo mailto: !#^.*|tr * mailto:; net@madduck
  
with searching comes loss
and the presence of absence:
file not found.



msg05070/pgp0.pgp
Description: PGP signature

Re: Closest to Debian

[Russell Coker]

On Tue, 29 Jan 2002 10:54, Jason Lim wrote:
  If you install hardware that requires a binary-only driver then that's a
  mistake you will probably regret for years.  Use software RAID, spend

 more

  money to get a Mylex DAC960 with SCSI drives, do anything but using a
  binary-only driver.

 Point taken.

 As far as I can see, only 3ware has an open source IDE RAID driver
 available. Everyone else has binary-only ones. SO... I guess we'll be
 spending a bit more money and buying the 3ware driver.

OK.  Incidentally you might want to get on the mailing list for discussing 
IDE RAID.

Send a message to [EMAIL PROTECTED] with
subscribe linux-ide-arrays in the body.

When 3ware dropped their IDE RAID everyone on that list hassled them, so they 
started making them again.  The people on that list seem very happy with the 
3ware hardware.  When 3ware dropped it people there were putting in emergency 
orders for the IDE controllers they would need for the next few years (so 
they seemed happy to use them even if the company dumped them).

 (as mentioned earlier in the thread, software RAID yields unacceptable
 performance when there are problems, so for now we'll be going with the

Use the latest version of LILO, put the LILO boot sector on the start of the 
RAID device for /boot (NB this means you can't use XFS for the file system 
that contains /boot), and install a debian-mbr on both disks.  Then if the 
first disk dies you should be able to just swap the disks and have it 
bootable again!

 Hope our clients (your's too) know the trouble us sysadmins go through ;-)

Yes, my client knows about this well.  They do some of the sys-admin work 
themselves (everything that's not really hard).  When anything related to 
binary kernel modules gets done I get called, often several times!

-- 
http://www.coker.com.au/bonnie++/ Bonnie++ hard drive benchmark
http://www.coker.com.au/postal/   Postal SMTP/POP benchmark
http://www.coker.com.au/projects.html Projects I am working on
http://www.coker.com.au/~russell/ My home page


-- 
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]

Re: central authentication with LDAP

[Russell Coker]

On Tue, 29 Jan 2002 11:10, Tim Uckun wrote:
 If the LDAP server accepts the connection and just does nothing then
  things can get bad.

 I am having a problem like this (I think).
 I installed slapd using apt-get and it did not complain. But very strange
 things are happening.
 When I do an ldapsearch it hangs for a long time and then returns with
 ldap_sasl_interactive_bind_s: Can't contact LDAP server

Using the -x switch to disable SASL is one solution to this (and it's quite 
adequate for localhost connections).  For network connections you may want to 
get SASL working (I don't know how to do this) or to use TLS (not currently 
supported in Debian packages last time I checked).

 but /etc/init.d/slapd stop will not stop slapd. killall -9 slapd will stop
 it.

Strange.  Sounds like a buggy init script.  A new set of OpenLDAP packages is 
due soon, hopefully they'll involve a re-write of the start scripts.

 If I start it by hand /usr/sbin/slapd -d 256  the first thing it says is..
 daemon: socket() failed errno=22 (invalid argument)
 then it starts and starts saying

The slapd doesn't display enough debugging info.  You'll have to strace it to 
find out what that error means exactly.

-- 
http://www.coker.com.au/bonnie++/ Bonnie++ hard drive benchmark
http://www.coker.com.au/postal/   Postal SMTP/POP benchmark
http://www.coker.com.au/projects.html Projects I am working on
http://www.coker.com.au/~russell/ My home page


-- 
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]

Re: central authentication with LDAP

[Tim Uckun]

Using the -x switch to disable SASL is one solution to this (and it's quite
adequate for localhost connections).  For network connections you may want to
get SASL working (I don't know how to do this) or to use TLS (not currently
supported in Debian packages last time I checked).

Tried that but it didn't work either.

  but /etc/init.d/slapd stop will not stop slapd. killall -9 slapd will stop
  it.

Strange.  Sounds like a buggy init script.  A new set of OpenLDAP packages is
due soon, hopefully they'll involve a re-write of the start scripts.

It's not the init script. I tried starting it by hand with the same result.

  If I start it by hand /usr/sbin/slapd -d 256  the first thing it says is..
  daemon: socket() failed errno=22 (invalid argument)
  then it starts and starts saying

The slapd doesn't display enough debugging info.  You'll have to strace it to
find out what that error means exactly.

Actually after it spit out a few thousand connect messages it locked up the 
computer. The computer kept saying no free files. I had to reboot using the 
switch!. I went home after that. Something is very very broken but I have 
no idea what it is..

--
  Tim Uckun
   Mobile Intelligence Unit.
--
There are some who call me TIM?
--


-- 
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]

APC BackUPS 600 question

[Nicholay P. Chuprynin]

Hello, All!
One of our debian potato servers connected to APC BackUPS 600.
I want it to deal properly with power failures. 
There are several different packages in potato that seems useful.
But before trying them one by one, I want to ask your suggestion.
What package(s) can you recommend (or not recommend)? What else can
I do with them, besides the shutdown on power failure and shutting down
other boxes via network?

Thanks in advance,
Nicholay


-- 
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]

scsi error ?

[Thedore Knab]

I am having backup troubles.

I ran a e2fsck on my /dev/sda1.

I then ran dump 
/sbin/dump 0uaf /dev/ht0 /dev/sda1

I got the following error:

  DUMP: short read error from /dev/sda1: [sector -1693761273]:
  count=512, got=0
  DUMP: bread: lseek fails
  DUMP: short read error from /dev/sda1: [block -1448509008]:
  count=1024, got=0
  DUMP: bread: lseek2 fails!
  DUMP: More than 32 block read  errors from 134569424
  DUMP: This is an unrecoverable error.

What does this mean ?

Ted Knab


-- 
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]