Re: Monitoring?
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Or have a look at jfnnms (jffnms.sourceforge.net) - - Cheers, Peter - -- Dipl.-Ing. Peter Burgstaller Technical Director @ all information network services gmbh email: [EMAIL PROTECTED] phone: +43 662 452335 fax : +43 662 452335 90 -BEGIN PGP SIGNATURE- Version: GnuPG v1.2.3 (Darwin) iEYEARECAAYFAj/QXBQACgkQezyUhHKdNXRM+ACfa917uia+dDigvwfvOXIuCgXg vxUAnj9VfASr68Mo85wuGO1LM6ggvzt3 =78IB -END PGP SIGNATURE- -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
Re: Monitoring?
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Or have a look at jfnnms (jffnms.sourceforge.net) - - Cheers, Peter - -- Dipl.-Ing. Peter Burgstaller Technical Director @ all information network services gmbh email: [EMAIL PROTECTED] phone: +43 662 452335 fax : +43 662 452335 90 -BEGIN PGP SIGNATURE- Version: GnuPG v1.2.3 (Darwin) iEYEARECAAYFAj/QXBQACgkQezyUhHKdNXRM+ACfa917uia+dDigvwfvOXIuCgXg vxUAnj9VfASr68Mo85wuGO1LM6ggvzt3 =78IB -END PGP SIGNATURE-
Re: System Hardware Tracking
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Cool, I know the answer to that one. You can use DMO (http://sourceforge.net/projects/dmo) The sourceforge link is the frontend to the database. Its still lacking some scripts but in general, it uses nmap, nessus etc. to discover as much as possible form a particular machine. If you want to get even more into detail .. you could use snmpd to read out the /var/log/dmesg file and do a remote lspci. Then you should know about everything you need to know from one particular machine. - - Cheers, Peter - -- Dipl.-Ing. Peter Burgstaller Technical Director @ all information network services gmbh email: [EMAIL PROTECTED] phone: +43 662 452335 fax : +43 662 452335 90 -BEGIN PGP SIGNATURE- Version: GnuPG v1.2.3 (Darwin) iEYEARECAAYFAj/PEu8ACgkQezyUhHKdNXQoOACfUu5DCZtazRE2NrlR36CMnL5r 1acAmwRWhylkL5slmhhJjp/lSzhB2Hkw =t8yN -END PGP SIGNATURE- -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
Re: System Hardware Tracking
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Cool, I know the answer to that one. You can use DMO (http://sourceforge.net/projects/dmo) The sourceforge link is the frontend to the database. Its still lacking some scripts but in general, it uses nmap, nessus etc. to discover as much as possible form a particular machine. If you want to get even more into detail .. you could use snmpd to read out the /var/log/dmesg file and do a remote lspci. Then you should know about everything you need to know from one particular machine. - - Cheers, Peter - -- Dipl.-Ing. Peter Burgstaller Technical Director @ all information network services gmbh email: [EMAIL PROTECTED] phone: +43 662 452335 fax : +43 662 452335 90 -BEGIN PGP SIGNATURE- Version: GnuPG v1.2.3 (Darwin) iEYEARECAAYFAj/PEu8ACgkQezyUhHKdNXQoOACfUu5DCZtazRE2NrlR36CMnL5r 1acAmwRWhylkL5slmhhJjp/lSzhB2Hkw =t8yN -END PGP SIGNATURE-
Re: Hot-backup a complete Debian install
Hi, we're using a similar setup for some hosts and I have the best results so far with dump/restore on ext2/ext3 partitions. I've even successfully recreated a database server with mysql and postgresql servers running and using dump as a backup tool. No problems so far. - Cheers, Peter -- Dipl.-Ing. Peter Burgstaller Technical Director @ all information network services gmbh email: [EMAIL PROTECTED] phone: +43 662 452335 fax : +43 662 452335 90 -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
Re: Hot-backup a complete Debian install
On Wednesday, October 1, 2003, at 3:43 PM, Roman Medina wrote: On Wed, 1 Oct 2003 11:42:25 -, you wrote: which is the backup target media? Hard-disk. The idea is to have another logical partition for backups and then some scripts to upload/download to any secure site (I could use rsync over ssh or simply scp). But the uploading is a second step. Now I'd like to deal with the first stage: the dump process. Another question: for restoring a backup, do I need to create (fdisk) a destination partition with the exact same size of the original? Could I use a greater one? (in this case, would I lose disk-space or the filesystem is expanded accordingly?). That is exactly the beauty of dump. I would have suggested dd for backup/restore but there you have the problem of identical fdisk settings. Dump/restore can deal well with bigger partitions. Finally, the 3rd stage: if you're going to save the backup files in an non-trusty machine, which kind of container / encryption software would you use? This would need to be easily scriptable, for automatize the backup task. Hmm .. tricky .. anything that is run by a script .. has the problem that if the script can be read .. anybody can do what the script does. Another option to consider is that those dump files will be big (depending on your system) Running them through a gpg -e will a) make the machine slow and b) take a LONG time. I'd be very interested on how to solve this one .. - Cheers, Peter -- Dipl.-Ing. Peter Burgstaller Technical Director @ all information network services gmbh email: [EMAIL PROTECTED] phone: +43 662 452335 fax : +43 662 452335 90 -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
Re: RFC2228-only FTP ?
Maybe I'm not getting this thread but why don't you use WebDAV over HTTPS? It seems to be supported in all the tools you mentioned. - Just my 2 cents. - Peter -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
Re: Postfix: Multiple recipients alias?
Hi there, one way that comes to mind is to run incoming mail for this account through a filter of some sort (mailfilter, procmail etc.) that would check for the sender address. This, of course, would also let spam emails through that pose as local senders but are, in fact, fake. Just my 2 cents... - Cheers, Peter On Friday, September 26, 2003, at 1:40 PM, R.M. Evers wrote: Hi, This could be a stupid question, but I'm trying to accomplish the following: In our company, we run a Debian mailserver with Postfix. The server runs a lot of accounts and virtual domains for our customers, but also for our own employees. Now, what i want to do, is make some sort of alias for our employees, so that they can send an e-mail to, for example [EMAIL PROTECTED], which would deliver to all of our mailboxes. But, I only want this alias to be available for our own employees. Not for the outside world, of course.. Would this be possible? Regards, -- R.M. Evers [EMAIL PROTECTED] -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED] -- Dipl.-Ing. Peter Burgstaller Technical Director @ all information network services gmbh email: [EMAIL PROTECTED] phone: +43 662 452335 fax : +43 662 452335 90 -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
Re: Large Hard Disks and Debian
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Just to have a little more to choose from, I've also used the CERC controllers which Dell puts into their servers successfully. Performance and debian support is good but I haven't had to recover a failed drive yet. - - Just my 2 cents. - - Cheers, Peter - -- Dipl.-Ing. Peter Burgstaller Technical Director @ all information network services gmbh email: [EMAIL PROTECTED] phone: +43 662 452335 fax : +43 662 452335 90 -BEGIN PGP SIGNATURE- Version: GnuPG v1.2.0 (Darwin) iEYEARECAAYFAj75jUcACgkQezyUhHKdNXR0egCfYxNbzPilambFZokPHalbNJuL aEwAn2dlJMxtIvhMB2J43RGh0KpT7BzM =X5Dj -END PGP SIGNATURE- -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
Re: Large Hard Disks and Debian
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Just to have a little more to choose from, I've also used the CERC controllers which Dell puts into their servers successfully. Performance and debian support is good but I haven't had to recover a failed drive yet. - - Just my 2 cents. - - Cheers, Peter - -- Dipl.-Ing. Peter Burgstaller Technical Director @ all information network services gmbh email: [EMAIL PROTECTED] phone: +43 662 452335 fax : +43 662 452335 90 -BEGIN PGP SIGNATURE- Version: GnuPG v1.2.0 (Darwin) iEYEARECAAYFAj75jUcACgkQezyUhHKdNXR0egCfYxNbzPilambFZokPHalbNJuL aEwAn2dlJMxtIvhMB2J43RGh0KpT7BzM =X5Dj -END PGP SIGNATURE-
Re: XEON SMP KERNEL 2.4.20 tree
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Hi again, How long have those machines been online? $ uptime 11:14:51 up 8 days, 21:46, 1 user, load average: 0.00, 0.03, 0.00 $ uname -a Linux data 2.4.21-rc6 #1 SMP Tue Jun 3 12:46:45 CEST 2003 i686 unknown There is a discussion about the 2.4.21rc kernels on the SE Linux mailing list. Machines running 2.4.21rc kernels seem to have a kernel memory leak which makes them unusably slow. Opinion is divided on whether this is a kernel issue or a SE Linux issue. I don't believe that it is SE Linux at fault as the SE code we are using is a straight port from 2.4.20 (and should run equally well as on 2.4.20). However other people have seen some evidence to suggest that the problem may only occur on SE Linux machines (I don't run any non-SE machines at the moment for testing). With the 2.4.20 kernel, this machine froze up to 2 times per day. As you can see, its now operational for more than a week and doesn't have any problems. About the performance, I cannot make an informed comment, since this is our NFS-Server and the machine performs as well as it did before. So .. for me, it does do as well as before. Ok .. just for a quick comparison I compiled a stock 2.4.20 kernel on 2 machines (one with 2.4.19, one with 2.4.21rc6 kernels running). The machines are xSeries 340 DP with 1 GHz CPUs, 1 GIG of RAM and 36 GIG SCSI HDs, onboard AIC controller. $ time make -j3 bzImage Machine running 2.4.19 real2m18.895s user4m2.760s sys 0m16.810s Machine running 2.4.21rc6 real2m18.842s user4m12.920s sys 0m16.370s So .. again .. I cannot say that the performance has changed in any way. - - Cheers, Peter - -- Dipl.-Ing. Peter Burgstaller Technical Director @ all information network services gmbh email: [EMAIL PROTECTED] phone: +43 662 452335 fax : +43 662 452335 90 -BEGIN PGP SIGNATURE- Version: GnuPG v1.2.0 (Darwin) iEYEARECAAYFAj7oW64ACgkQezyUhHKdNXRCRACeKTgWhHV8fp66BAyYjzGAjuGL ZyIAnA/ENUIgCZ73eT1V2iXMDKtN0H03 =dQML -END PGP SIGNATURE-
Re: XEON SMP KERNEL 2.4.20 tree
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 On Wednesday, June 11, 2003, at 03:21 PM, Theodore Knab wrote: I have 3 dual processor IBM Netfinity Servers with the XEON P3 (1Mb Cache). The machine type is IBM Type 8665-6RY. I recently updated from the 2.4.19 to the 2.4.20 kernel using Debian Sarge source tree. Both machines gave me a hard crash after a few hours of running. Since both machines locked solid, logging is limited. One of the machines which was under a heavy load crashed within 1/2 hour of running. I compiled both kernels with the old 2.4.19 .config file. Does anyone know of any SMP problems with the 2.4.20 kernel ? Hi, same happened to us when we upgraded our xSeries 340 DP to 2.4.20. After replacing every conceivable part of the machine, we tried a 2.4.21rc6 which now seems to work fine on our test system. The production machines have been downgraded to 2.4.19 until all tests have been completed successfully. Hope this helps. - - Cheers, Peter - -- Dipl.-Ing. Peter Burgstaller Technical Director @ all information network services gmbh email: [EMAIL PROTECTED] phone: +43 662 452335 fax : +43 662 452335 90 -BEGIN PGP SIGNATURE- Version: GnuPG v1.2.0 (Darwin) iEYEARECAAYFAj7nOS8ACgkQezyUhHKdNXQj5QCePWIBsWZqoSf/q76GTFxegaIv REcAoIW1MFvjrtJPZPtvDVb54Jd/2QDe =b70D -END PGP SIGNATURE- -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
Re: XEON SMP KERNEL 2.4.20 tree
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 On Wednesday, June 11, 2003, at 03:21 PM, Theodore Knab wrote: I have 3 dual processor IBM Netfinity Servers with the XEON P3 (1Mb Cache). The machine type is IBM Type 8665-6RY. I recently updated from the 2.4.19 to the 2.4.20 kernel using Debian Sarge source tree. Both machines gave me a hard crash after a few hours of running. Since both machines locked solid, logging is limited. One of the machines which was under a heavy load crashed within 1/2 hour of running. I compiled both kernels with the old 2.4.19 .config file. Does anyone know of any SMP problems with the 2.4.20 kernel ? Hi, same happened to us when we upgraded our xSeries 340 DP to 2.4.20. After replacing every conceivable part of the machine, we tried a 2.4.21rc6 which now seems to work fine on our test system. The production machines have been downgraded to 2.4.19 until all tests have been completed successfully. Hope this helps. - - Cheers, Peter - -- Dipl.-Ing. Peter Burgstaller Technical Director @ all information network services gmbh email: [EMAIL PROTECTED] phone: +43 662 452335 fax : +43 662 452335 90 -BEGIN PGP SIGNATURE- Version: GnuPG v1.2.0 (Darwin) iEYEARECAAYFAj7nOS8ACgkQezyUhHKdNXQj5QCePWIBsWZqoSf/q76GTFxegaIv REcAoIW1MFvjrtJPZPtvDVb54Jd/2QDe =b70D -END PGP SIGNATURE-
Postfix 0.0.20011115.SNAPSHOT-1
Hi all, I ran apt-get update; apt-get upgrade on my mailserver today and have now the following problem: Whenever I try to send an email from my local pine client I get [Mail not sent. Sending error: 451 Error: queue file write error] Anybody knows why that would be? I ran postfix check with no problems found. The email is actually sent and in the log files I see a completely normal message delivery. - Thanks for your time, Peter /--\ | Dipl.-Ing. Peter Burgstaller | | Technical Assistant and System Administrator | | @ all information network services gmbh| | email: [EMAIL PROTECTED] | | phone: +43 662 452335| | fax : +43 662 452335 90 | \--/ -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
Postfix 0.0.20011115.SNAPSHOT-1
Hi all, I ran apt-get update; apt-get upgrade on my mailserver today and have now the following problem: Whenever I try to send an email from my local pine client I get [Mail not sent. Sending error: 451 Error: queue file write error] Anybody knows why that would be? I ran postfix check with no problems found. The email is actually sent and in the log files I see a completely normal message delivery. - Thanks for your time, Peter /--\ | Dipl.-Ing. Peter Burgstaller | | Technical Assistant and System Administrator | | @ all information network services gmbh| | email: [EMAIL PROTECTED] | | phone: +43 662 452335| | fax : +43 662 452335 90 | \--/
Re: Firewall configuration with two ISP
I had the same problem when we switched from one ISP ot the other I was running both for a couple of months. Turned out that, as Jeremy Lunn suggested, that my new ISP wouldn't allow IPs from a different Net be routed through his net, which is of course very sensible and right. However, in my case it was the only way to get my setup working so after long discussions with the admins they would allow only the one IP address of my multi-homed machine in their net which solved the problem. I'm aware of the implications it had then but it was only a temporal matter in my case. - cheers, Peter /--\ | Dipl.-Ing. Peter Burgstaller | | Technical Assistant and System Administrator | | @ all information network services gmbh| | email: [EMAIL PROTECTED] | | phone: +43 662 452335| | fax : +43 662 452335 90 | \--/ -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
Re: Firewall configuration with two ISP
I had the same problem when we switched from one ISP ot the other I was running both for a couple of months. Turned out that, as Jeremy Lunn suggested, that my new ISP wouldn't allow IPs from a different Net be routed through his net, which is of course very sensible and right. However, in my case it was the only way to get my setup working so after long discussions with the admins they would allow only the one IP address of my multi-homed machine in their net which solved the problem. I'm aware of the implications it had then but it was only a temporal matter in my case. - cheers, Peter /--\ | Dipl.-Ing. Peter Burgstaller | | Technical Assistant and System Administrator | | @ all information network services gmbh| | email: [EMAIL PROTECTED] | | phone: +43 662 452335| | fax : +43 662 452335 90 | \--/
Re: kickstart for debian needed
Hi there, Most (of our) engineers are not linux-compliant. Need centralized login, (can't use NIS+, we've already got a NIS+ system for Solaris... don't wanna confuse the issue,) You might like to look into using LDAP for this. Another alternitive is using an SQL database. This issue is pretty flexiable considering there are many PAM modules and quite a few Name Service (libnss) modules. I fail to see why you can't use NIS!? You can bind to different domains so just run your 30 debians under their own NIS domain and you can cross exist no problem. If you even maybe host the NIS Servers on the same machine I could think of some very nice perl scripts to cross import data between them if you need same userids but different services for ex. We had a similar setting at the university of salzburg which worked very well. - Just my 0.02, Peter /--\ | Dipl.-Ing. Peter Burgstaller | | Technical Assistant and System Administrator | | @ all information network services gmbh| | email: [EMAIL PROTECTED] | | phone: +43 662 452335| | fax : +43 662 452335 90 | \--/
Re: load balancer
-- Forwarded message -- Date: Fri, 16 Mar 2001 10:34:45 +0100 (MET) From: DI Peter Burgstaller [EMAIL PROTECTED] To: Marcel Hicking [EMAIL PROTECTED] Subject: Re: load balancer :)) And what about sessions ? As session data is usually stored in a database, have the sql server on a separate machine (you would anyway if you have enough traffic to need a load balancer, wouldn't you?) But that is not the only problem. HTTPS is another and also with LVS you can do much more "intelligent" load-balancing, using different balancing algorithms. Not to mention the fail-over capabilities. I'm not saying its impossible with ipchains, I'm just saying that a lot of people are working on more sophisticated solutions already and that those solutions are working great! - Cheers, Peter /--\ | Dipl.-Ing. Peter Burgstaller | | Technical Assistant and System Administrator | | @ all information network services gmbh| | email: [EMAIL PROTECTED] | | phone: +43 662 452335| | fax : +43 662 452335 90 | \--/ -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
Re: load balancer
Allen Ahoffman [EMAIL PROTECTED] writes: Is there a distribution that will cheaply replace a load balancer? e.g. for web servers. LVS, ...? I'm also currently evaluating load balancers with linux and am running a Piranha (ha.redhat.com) system very successfully at present. I haven't looked at Ultra Monkey yet, but will do. ASAIK they all use the LVS in one way or the other. The interface is different and I like the one of piranha very much. - Just my 0.02, Peter /--\ | Dipl.-Ing. Peter Burgstaller | | Technical Assistant and System Administrator | | @ all information network services gmbh| | email: [EMAIL PROTECTED] | | phone: +43 662 452335| | fax : +43 662 452335 90 | \--/
Re: load balancer
-- Forwarded message -- Date: Fri, 16 Mar 2001 10:34:45 +0100 (MET) From: DI Peter Burgstaller [EMAIL PROTECTED] To: Marcel Hicking [EMAIL PROTECTED] Subject: Re: load balancer :)) And what about sessions ? As session data is usually stored in a database, have the sql server on a separate machine (you would anyway if you have enough traffic to need a load balancer, wouldn't you?) But that is not the only problem. HTTPS is another and also with LVS you can do much more intelligent load-balancing, using different balancing algorithms. Not to mention the fail-over capabilities. I'm not saying its impossible with ipchains, I'm just saying that a lot of people are working on more sophisticated solutions already and that those solutions are working great! - Cheers, Peter /--\ | Dipl.-Ing. Peter Burgstaller | | Technical Assistant and System Administrator | | @ all information network services gmbh| | email: [EMAIL PROTECTED] | | phone: +43 662 452335| | fax : +43 662 452335 90 | \--/
