Re: [OT] Debian package differences from upstream
On Wed, Jan 05, 2005 at 08:40:21AM -0500, Mark Bucciarelli wrote: > [ Is debian-mentors the proper list for this type of packaging question? ] debian-mentors is meant for people who want to package software, I think. It would probably be best to ask the package maintainer himself ([EMAIL PROTECTED]) > On my Woody box, courier-mta logs pop transactions with the tag > "courierpop3login:". The logs of other courier users (freebsd, gentoo for > example) have the string "pop3d:" As far as I remember, this string is set in the init.d script... > It has been suggested that this is a change the Debian packager made. > > How can I verify this? You need to find out whether the init.d script was supplied or changed by the debian maintainer. > I've done apt-get source and poked around a bit but could not tell where > the Debian patches made to upstream live. See the diff.gz file (BTW vim does nice highligting if you have syntax on), it usually contains all the debian modifications to the upstream tarball. regards, Marcin -- Marcin Owsiany <[EMAIL PROTECTED]> http://marcin.owsiany.pl/ GnuPG: 1024D/60F41216 FE67 DA2D 0ACA FC5E 3F75 D6F6 3A0D 8AA0 60F4 1216 -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
Re: Webserver with RAID-5 - performance problem
On Wed, Dec 15, 2004 at 02:40:37AM -0700, Michael Loftis wrote: > Additionally Linux uses 128K disk I/O > blocks, if you've built your RAID array with any other size stripe you may > suffer pathological performance loss. Do you mean that that driver uses such blocks, or that linux generally uses 128K blocks? Marcin -- Marcin Owsiany <[EMAIL PROTECTED]> http://marcin.owsiany.pl/ GnuPG: 1024D/60F41216 FE67 DA2D 0ACA FC5E 3F75 D6F6 3A0D 8AA0 60F4 1216 -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
Re: What stripe size for mail server?
On Wed, Nov 10, 2004 at 05:29:37PM -0500, Chris Wagner wrote: > I would say that RAID 5 is probably overkill for a mail queue. It's not the mail queue. Its the mail store (maildirs). We have no problems with mail queue performance so far. > Unless ur > mail queue is running hundreds of gigabytes and overloading a single disk, The store is over 60 GB now, and still growing. Will probably reach over 100 GB in a few months. > a > normal single hard drive is sufficient. Definitely not sufficient for us :) > Based on ur graph it looks like ur > queue is under half a gig. What makes you think so? I did mention that those data were just from a random sample. > If you want redundancy for the mail queue then a > RAID 1 (mirroring) will give u everything u need. Mirroring seems a little bit to expensive for us. But we will certainly consider that if someone points me to a comparison that strongly favors mirroring over RAID5 for a similar setup. Simply saying that > RAID 5 is for extremely > high usage like large file servers and stuff. is not enough to make the decision, unfortunately. > Adding RAM to beef up the > file cache can give u a significant speedup (Ur entire queue can be RAM > cache). Unfortunately adding more system RAM to that machine is not an option (at least for now). We are going to add more RAM to the controller, though. > If u still need RAID 5 then I would make the stripe size equal to > average file size / number of data disks up to no more than 32KB stripe. Since avg file size would be something around 2500 bytes, and we have 5 disks, that would give us a 500 byte stripe. I don't think that is even possible. Marcin -- Marcin Owsiany <[EMAIL PROTECTED]> http://marcin.owsiany.pl/ GnuPG: 1024D/60F41216 FE67 DA2D 0ACA FC5E 3F75 D6F6 3A0D 8AA0 60F4 1216 -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
What stripe size for mail server?
Hi! http://mail1.expro.pl/~porridge/dist.png shows the distribution of file sizes on our mail server (actually just the partition holding maildirs). The sample was 80 files. "-512" means zero-byte files. "0" means the files whose sizes are greater than zero, but less than 512. "512": greater than 512, but less than 1024 etc The green line shows the distribution of messages in Maildir/(new|cur|tmp). The red one also includes the number of other files (mostly sqwebmail index and preferences files, .qmail, etc). We probably need to optimize on reads, since currently there are 16 times more block reads than block writes on that partition. Given that, what would be the best stripe size for (hardware) RAID 5 (currently 5 disks)? I read somewhere that large stripe sizes are good for small random reads, but what is your experience? Or maybe RAID 5 is totally unreasonable for such usage? regards, Marcin -- Marcin Owsiany <[EMAIL PROTECTED]> http://marcin.owsiany.pl/ GnuPG: 1024D/60F41216 FE67 DA2D 0ACA FC5E 3F75 D6F6 3A0D 8AA0 60F4 1216 -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
Re: Documentation of big "mail systems"?
On Sat, Oct 16, 2004 at 09:41:43PM +1000, Russell Coker wrote: > There's less cables for idiots to trip over or otherwise break > (don't ask), I dare to ask :-) Marcin -- Marcin Owsiany <[EMAIL PROTECTED]> http://marcin.owsiany.pl/ GnuPG: 1024D/60F41216 FE67 DA2D 0ACA FC5E 3F75 D6F6 3A0D 8AA0 60F4 1216 -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
Re: Can we build a proper email cluster? (was: Re: Why is debian.org email so unreliable?)
On Sat, Oct 16, 2004 at 09:29:32PM +1000, Russell Coker wrote: > On Fri, 15 Oct 2004 23:33, Arnt Karlsen <[EMAIL PROTECTED]> wrote: > > > On Fri, 15 Oct 2004 03:19, Arnt Karlsen <[EMAIL PROTECTED]> wrote: > > > > > Increasing the number of machines increases the probability of one > > > > > machine failing for any given time period. Also it makes it more > > > > > difficult to debug problems as you can't always be certain of > > > > > which machine was involved. > > > > > > > > ..very true, even for aero engines. The reason the airlines like > > > > 2, 3 or even 4 rather than one jet. > > > > > > You seem to have entirely misunderstood what I wrote. > > > > ..really? Compare with your average automobile accident and > > see who has the more adequate safety philosophy. > > If one machine has a probability of failure of 0.1 over a particular time > period then the probability of at least one machine failing if there are two > servers in the cluster over that same time period is 1-0.9*0.9 == 0.19. But do we really care about whether a "machine" fails? I'd rather say that what we want to minimize is the _service_ downtime. With one machine, the possibility of the service being unavailable is 0.1. With two machines it's equal to the possibility of both machines failing at the same time, so it's 0.1*0.1 == 0.01, as long as the possibilites are independent (not sure if that's the right translation of the term). Or am I wrong in the first sentence? Otherwise, I'd say that the increase of availability is worth the additional debugging effort :-) Marcin -- Marcin Owsiany <[EMAIL PROTECTED]> http://marcin.owsiany.pl/ GnuPG: 1024D/60F41216 FE67 DA2D 0ACA FC5E 3F75 D6F6 3A0D 8AA0 60F4 1216 -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
Q-P [was: 'dialup-ranges?' Re: greylisting DNSBL hosts?]
On Fri, Oct 08, 2004 at 09:07:25AM -0700, [EMAIL PROTECTED] wrote: > [This message has also been posted.] > In article <[EMAIL PROTECTED]>, Kilian Krause wrote: > > > > --=-+rYNsJkiW3Vja8Xh+ktl > > Content-Type: text/plain > > Content-Transfer-Encoding: quoted-printable > > Please don't do that. Quoted-printable is broken. Could you elaborate on that? Maybe it makes little sense to use Q-P on plain ASCII message with sane line lengths, but why "broken"?? Marcin -- Marcin Owsiany <[EMAIL PROTECTED]> http://marcin.owsiany.pl/ GnuPG: 1024D/60F41216 FE67 DA2D 0ACA FC5E 3F75 D6F6 3A0D 8AA0 60F4 1216 -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
DNS TTLs [was: help with BIND SRV]
On Fri, Oct 08, 2004 at 05:08:45AM -0600, Nate Duehr wrote: > Juha-Matti Tapio wrote: > >On Thu, Oct 07, 2004 at 08:23:31PM -0600, Nate Duehr wrote: > > > >>Most people setting up round-robin DNS type setups for redundancy with > >>scripts to change things for failover get bit by these things: > > > >[...] > > > >>- They don't understand that there might be multiple DNS servers between > >>their top-level and the machine they're servicing (3X and 4X TTL) > > > > > >RFC 1035 specifies in chapter 6.1.3. that requests served from a cache > >should return a TTL which has been decremented by the amount of seconds > >in cache, i.e. the TTL "counts down" in the cache. > > > >Therefore I consider any caching nameservers that do not do this broken. > >Are there a significant amount of such servers out there? > > > >Though I agree on most of the other points. > > > Ahh... it's a trap. Think about this. > > 1 - Regular DNS server hosting "something.com" > 2 - ISP's caching nameserver > 3 - Your company's nameserver > 4 - A caching nameserver on your desktop machine > > Now... add in here that let's say your company AND your ISP intercept > all port 53 traffic and proxy all DNS requests through both of their > servers. Not super-common -- but there ARE organizations and ISP's out > there that do this for whatever convoluted security or other reasons. > > Depending on how the proxying is set up, each server can 100% implement > the RFC you mention and a change on server 1 to a record that's cached > on your local desktop machine's nameserver will take 3X TTL to show up > at your desktop! Please provide a detailed description of how that is possible with RFC-compliant servers and caches. I really can't imagine that. AFAIK there is no other way for a record to have a remaining TTL of value "X" other than being served exactly X seconds earlier by an authorative nameserver. Any number of caching layers in between can't change this, unless there are relativistic effects involved :-P Or do I misunderstand the concept of TTL? (I.e TTL gets 'frozen' at some point.) Please note that I'm not saying that it is impossible in real world. I only claim that this is impossible with RFC-compliant servers and caches. Marcin -- Marcin Owsiany <[EMAIL PROTECTED]> http://marcin.owsiany.pl/ GnuPG: 1024D/60F41216 FE67 DA2D 0ACA FC5E 3F75 D6F6 3A0D 8AA0 60F4 1216 -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
Re: High volume mail handling architecture
On Fri, Sep 10, 2004 at 09:07:37PM +0200, Jonathan G - Mailing Lists wrote: > Sorry, what's your MTA? Mine? On that particular machine it is qmail that does the deliveries (or rather, what is left of qmail after all the patching I've done). Marcin -- Marcin Owsiany <[EMAIL PROTECTED]> http://marcin.owsiany.pl/ GnuPG: 1024D/60F41216 FE67 DA2D 0ACA FC5E 3F75 D6F6 3A0D 8AA0 60F4 1216 -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
Re: High volume mail handling architecture
On Thu, Sep 09, 2004 at 06:43:21AM -0600, Nate Duehr wrote: > > On Sep 9, 2004, at 2:44 AM, Marcin Owsiany wrote: > > > >More than 90% of the disk transactions are on the (logical) disk where > >mail is stored. The only processes which touch that disk, are qmail > >delivery processes (qmail handed mail by another SMTP-IN box: 0.8 local > >deliveries per second) and courierpop3d processes (7.2 logins per > >second). > > > > Start splitting the user directories across logical disks that are on > different platters, for goodness sake. Well, adding more disks to the setup is what I planned to do next. I just want to make sure that the performance I get from the _current_ setup is normal. Marcin -- Marcin Owsiany <[EMAIL PROTECTED]> http://marcin.owsiany.pl/ GnuPG: 1024D/60F41216 FE67 DA2D 0ACA FC5E 3F75 D6F6 3A0D 8AA0 60F4 1216 -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
Re: High volume mail handling architecture
On Thu, Sep 09, 2004 at 06:03:20AM +1000, Russell Coker wrote: > You have to either be doing something very intensive or very wrong to need > more than one server for 20K users. Last time I did this I got 250K users > per server, and I believe that I could have easily doubled that if I was > allowed to choose the hardware. We have a little over 10K users, and the disk subsystem seems to be the bottleneck. When we reach about 600 read transactions + 150 write transactions per second (as reported by sar -b), the load average starts to grow expotentially instead of proportionally. There are about 20K sectors read, and 3K written per second. (That was before I turned noatime on. After that we had about 2K sector writes and 70 write transactions less, and load average dropped to a more sane value - about 3, instead of 20.) More than 90% of the disk transactions are on the (logical) disk where mail is stored. The only processes which touch that disk, are qmail delivery processes (qmail handed mail by another SMTP-IN box: 0.8 local deliveries per second) and courierpop3d processes (7.2 logins per second). We are using an "Intel SRCU42X" SCSI RAID controller, and the logical disk which caries mail is made of 3 Fujitsu 36GB 15K RPM disks. Please tell me, what problem we are facing? Is the hardware so weak? Is it underperforming? Or maybe our load is exceptionally high? I can provide more statistics if they are needed. Also, did you implement virus/spam scanning on that box? kind regards, Marcin -- Marcin Owsiany <[EMAIL PROTECTED]> http://marcin.owsiany.pl/ GnuPG: 1024D/60F41216 FE67 DA2D 0ACA FC5E 3F75 D6F6 3A0D 8AA0 60F4 1216 -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
lm-sensors support for SE7501BR2 ?
Hi! [ sorry for the cross-post, but both lists seem relevant ] I have an Intel SE7501BR2 server motherboard, and using lm-sensors 2.6.3-5+ only detects successfully four chips like this: (using eeprom driver) * Bus `SMBus I801 adapter at 0580' (Non-I2C SMBus adapter) Busdriver `i2c-i801', I2C address 0x51 Chip `Serial EEPROM (PC-100 DIMM)' (confidence: 8) But does not find any thermal sensors. Has anyone had more luck with such hardware? The manual says the sensors are managed by Heceta chip U5F10, for which google finds no good hits. Marcin -- Marcin Owsiany <[EMAIL PROTECTED]> http://marcin.owsiany.pl/ GnuPG: 1024D/60F41216 FE67 DA2D 0ACA FC5E 3F75 D6F6 3A0D 8AA0 60F4 1216 -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
Re: Which SATA RAID controller?
On Tue, Mar 23, 2004 at 06:20:51PM +0100, Franz Georg Köhler wrote: > On Di, Mär 23, 2004 at 06:10:23 +0100, Marcin Owsiany <[EMAIL PROTECTED]> > wrote: > > Hi! > > > > I need to choose between: > > - 3Ware Escalade 8006-2LP > > - Promise Fast Track S150 TX4 > > > > The Fast Track is a little cheaper, and has 4 interfaces (3Ware only 2). > > Is there any good reason to choose 3Ware? > > If I was spoilt for choice between the two above I wouldn't choose the > Promise controller. Any particular reasons? Marcin -- Marcin Owsiany <[EMAIL PROTECTED]> http://marcin.owsiany.pl/ GnuPG: 1024D/60F41216 FE67 DA2D 0ACA FC5E 3F75 D6F6 3A0D 8AA0 60F4 1216
Re: Which SATA RAID controller?
On Tue, Mar 23, 2004 at 06:38:11PM +0100, Andreas John wrote: > Hello! > > I would recommend to take both and tell us about your experience ;-) > > IMHO: > 3ware is _hardware_ raid > Promise is pseudo-hardware (i.e. parity calc is done in the pc cpu) > >On Di, Mär 23, 2004 at 06:10:23 +0100, Marcin Owsiany > ><[EMAIL PROTECTED]> wrote: > > > >>Hi! > >> > >>I need to choose between: > >>- 3Ware Escalade 8006-2LP > >>- Promise Fast Track S150 TX4 Please note that 3Ware Escalade 8006-2LP only does RAID levels 0 and 1, in which there is no need for checksum calculations AFAIK. What advantage does 3ware have then? Marcin -- Marcin Owsiany <[EMAIL PROTECTED]> http://marcin.owsiany.pl/ GnuPG: 1024D/60F41216 FE67 DA2D 0ACA FC5E 3F75 D6F6 3A0D 8AA0 60F4 1216
Re: Which SATA RAID controller?
On Tue, Mar 23, 2004 at 06:20:51PM +0100, Franz Georg Köhler wrote: > On Di, Mär 23, 2004 at 06:10:23 +0100, Marcin Owsiany <[EMAIL PROTECTED]> wrote: > > Hi! > > > > I need to choose between: > > - 3Ware Escalade 8006-2LP > > - Promise Fast Track S150 TX4 > > > > The Fast Track is a little cheaper, and has 4 interfaces (3Ware only 2). > > Is there any good reason to choose 3Ware? > > If I was spoilt for choice between the two above I wouldn't choose the > Promise controller. Any particular reasons? Marcin -- Marcin Owsiany <[EMAIL PROTECTED]> http://marcin.owsiany.pl/ GnuPG: 1024D/60F41216 FE67 DA2D 0ACA FC5E 3F75 D6F6 3A0D 8AA0 60F4 1216 -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
Re: Which SATA RAID controller?
On Tue, Mar 23, 2004 at 06:38:11PM +0100, Andreas John wrote: > Hello! > > I would recommend to take both and tell us about your experience ;-) > > IMHO: > 3ware is _hardware_ raid > Promise is pseudo-hardware (i.e. parity calc is done in the pc cpu) > >On Di, Mär 23, 2004 at 06:10:23 +0100, Marcin Owsiany > ><[EMAIL PROTECTED]> wrote: > > > >>Hi! > >> > >>I need to choose between: > >>- 3Ware Escalade 8006-2LP > >>- Promise Fast Track S150 TX4 Please note that 3Ware Escalade 8006-2LP only does RAID levels 0 and 1, in which there is no need for checksum calculations AFAIK. What advantage does 3ware have then? Marcin -- Marcin Owsiany <[EMAIL PROTECTED]> http://marcin.owsiany.pl/ GnuPG: 1024D/60F41216 FE67 DA2D 0ACA FC5E 3F75 D6F6 3A0D 8AA0 60F4 1216 -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
Which SATA RAID controller?
Hi! I need to choose between: - 3Ware Escalade 8006-2LP - Promise Fast Track S150 TX4 The Fast Track is a little cheaper, and has 4 interfaces (3Ware only 2). Is there any good reason to choose 3Ware? regards, Marcin -- Marcin Owsiany <[EMAIL PROTECTED]> http://marcin.owsiany.pl/ GnuPG: 1024D/60F41216 FE67 DA2D 0ACA FC5E 3F75 D6F6 3A0D 8AA0 60F4 1216
Which SATA RAID controller?
Hi! I need to choose between: - 3Ware Escalade 8006-2LP - Promise Fast Track S150 TX4 The Fast Track is a little cheaper, and has 4 interfaces (3Ware only 2). Is there any good reason to choose 3Ware? regards, Marcin -- Marcin Owsiany <[EMAIL PROTECTED]> http://marcin.owsiany.pl/ GnuPG: 1024D/60F41216 FE67 DA2D 0ACA FC5E 3F75 D6F6 3A0D 8AA0 60F4 1216 -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
Re: Intel SRCU42X SCSI RAID contoller
In case someone has similar problem in the future: the card seems to work OK with the megaraid.o driver in 2.4.24. I didn't succeed in using the same driver in 2.4.28-bf2.4, it just said "No such device". regards Macin -- Marcin Owsiany <[EMAIL PROTECTED]> http://marcin.owsiany.pl/ GnuPG: 1024D/60F41216 FE67 DA2D 0ACA FC5E 3F75 D6F6 3A0D 8AA0 60F4 1216
Re: Intel SRCU42X SCSI RAID contoller
In case someone has similar problem in the future: the card seems to work OK with the megaraid.o driver in 2.4.24. I didn't succeed in using the same driver in 2.4.28-bf2.4, it just said "No such device". regards Macin -- Marcin Owsiany <[EMAIL PROTECTED]> http://marcin.owsiany.pl/ GnuPG: 1024D/60F41216 FE67 DA2D 0ACA FC5E 3F75 D6F6 3A0D 8AA0 60F4 1216 -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
Intel SRCU42X SCSI RAID contoller
Hi! Forgive me the cross-post, but this is rather urgent for me :-/ Does anyone know if the Debian kernel in woody-proposed-updates (2.4.22) supports Intel SRCU42X SCSI RAID contoller? Intel's web page says that it is supported by Suse and RH, but they make a binary driver available for download (megaraid.o). The source is included, so probablu it the same as in stock kernel, but could anyone confirm this? regards Marcin -- Marcin Owsiany <[EMAIL PROTECTED]> http://marcin.owsiany.pl/ GnuPG: 1024D/60F41216 FE67 DA2D 0ACA FC5E 3F75 D6F6 3A0D 8AA0 60F4 1216
Intel SRCU42X SCSI RAID contoller
Hi! Forgive me the cross-post, but this is rather urgent for me :-/ Does anyone know if the Debian kernel in woody-proposed-updates (2.4.22) supports Intel SRCU42X SCSI RAID contoller? Intel's web page says that it is supported by Suse and RH, but they make a binary driver available for download (megaraid.o). The source is included, so probablu it the same as in stock kernel, but could anyone confirm this? regards Marcin -- Marcin Owsiany <[EMAIL PROTECTED]> http://marcin.owsiany.pl/ GnuPG: 1024D/60F41216 FE67 DA2D 0ACA FC5E 3F75 D6F6 3A0D 8AA0 60F4 1216 -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
Re: How to investigate kernel failure?
On Fri, Oct 17, 2003 at 11:50:28AM +0200, aCaB wrote: > Oct 17 04:48:38 fserv kernel: Call Trace:[getblk+25/80] > [ext3_getblk+185/624] [vc_resize+289/1168] [ext3_find_entry+501/768] > [ext3_bread+35/128] > Oct 17 04:48:38 fserv kernel: [ext3_readdir+150/912] > [permission+42/48] [vfs_readdir+97/144] [filldir64+0/368] > [sys_getdents64+79/259] [filldir64+0/368] > Oct 17 04:48:38 fserv kernel: [sys_fcntl64+128/144] [system_call+51/56] [...] > Oct 17 04:48:50 fserv kernel: Call Trace:[getblk+25/80] > [ext3_getblk+185/624] [vc_resize+289/1168] [ext3_find_entry+501/768] > [ext3_bread+35/128] > Oct 17 04:48:50 fserv kernel: [ext3_readdir+150/912] > [vfs_permission+121/256] [permission+42/48] [vfs_readdir+97/144] > [filldir64+0/368] [sys_getdents64+79/259] > Oct 17 04:48:50 fserv kernel: [filldir64+0/368] [sys_fcntl64+128/144] > [system_call+51/56] [...] > Oct 17 08:13:58 fserv kernel: Call Trace:[getblk+25/80] > [journal_get_descriptor_buffer+57/112] > [journal_commit_transaction+1373/3799] [schedule+758/800] > [kjournald+278/448] > Oct 17 08:13:58 fserv kernel: [commit_timeout+0/16] > At this point the server was defently dead, only replaying to the ping. The above are stack dumps. As you can see the most-recently invoked function in each case was getblk(), so I'd say you need to check your filesystem (and/or replace the hard drive). Marcin -- Marcin Owsiany <[EMAIL PROTECTED]> http://marcin.owsiany.pl/ GnuPG: 1024D/60F41216 FE67 DA2D 0ACA FC5E 3F75 D6F6 3A0D 8AA0 60F4 1216 -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
Re: CGI and Virtual Hosts
On Fri, Oct 03, 2003 at 04:40:51PM -0400, Dan MacNeil wrote: > > AllowOverride None > Options IncludesNOEXEC ExecCGI > [...] > > DirectoryIndex index.html > AllowOverride None > Options IncludesNOEXEC ExecCGI > Why is this doubled? Is this intentional? Marcin -- Marcin Owsiany <[EMAIL PROTECTED]> http://marcin.owsiany.pl/ GnuPG: 1024D/60F41216 FE67 DA2D 0ACA FC5E 3F75 D6F6 3A0D 8AA0 60F4 1216 -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
Re: How to modify input-chain to simulate "lost packets"?
On Sun, Sep 28, 2003 at 12:54:31PM +0200, Stefan Neufeind wrote: > So what I basically need is something like: > - drop every 17th (or other) packet on the input chain > OR > - drop aprox. 2% of traffic but vary a bit > > Anybody got an idea how to achieve this? Thank you for your help. I heard there is an "-m random" netfilter module in netfilter CVS, which should let you do exactly this. Marcin -- Marcin Owsiany <[EMAIL PROTECTED]> http://marcin.owsiany.pl/ GnuPG: 1024D/60F41216 FE67 DA2D 0ACA FC5E 3F75 D6F6 3A0D 8AA0 60F4 1216 -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
Re: proposed updates security fixes?? (apt-get update failure v2)
On Fri, Sep 19, 2003 at 12:53:56PM +0200, Sickboy wrote: > Folks, > > is it normal behavior for systems having woody-proposed-updates among > apt sources NOT to have a mysql update for the recently announced mysql > server vuln. ? > > Proposed updates has mysql version 3.23.51-1woody5, > the security advisory (DSA 381-1) says 3.23.49-8.5 > > Now what ? > Is 3.23.51 not vulnerable, thus no update required, > OR that version has not (yet) been patched ? ( :S ) Probably it has not been patched. As for how to cope with the proposed-updates/security updates desynchroni[zs]ation, see http://lists.debian.org/debian-security/2003/debian-security-200309/msg00146.html Marcin -- Marcin Owsiany <[EMAIL PROTECTED]> http://marcin.owsiany.pl/ GnuPG: 1024D/60F41216 FE67 DA2D 0ACA FC5E 3F75 D6F6 3A0D 8AA0 60F4 1216 -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
Re: Installing packages without dependencies
On Thu, Aug 21, 2003 at 02:27:37PM +0200, Ahtonín Karásek wrote: > Hello everybody, > I have instaled qmail, but I compiled it myself. Now, I want to install mutt from > *.deb. Is posible to tell to apt-get: "Hey, I have dependencies and don't want to > install them!"? :o) You're looking for equivs Marcin -- Marcin Owsiany <[EMAIL PROTECTED]> http://marcin.owsiany.pl/ GnuPG: 1024D/60F41216 FE67 DA2D 0ACA FC5E 3F75 D6F6 3A0D 8AA0 60F4 1216 -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
differential/incremental /var/log backups
Hi! Consider the following scenario: On sunday, you have the following files: syslog (from sunday) syslog.0(from saturday) syslog.1.gz (from friday) syslog.2.gz (from thursday) Those files get backed up in a level zero backup. Then, on monday, you have the following files (note the shift): syslog (from monday) syslog.0(from sunday) syslog.1.gz (from saturday) syslog.2.gz (from friday) syslog.3.gz (from thursday) Only syslog, syslog.0 and syslog.1.gz get backed up today (a level 1 backup), because only those two files actually changed (appended to or compressed) since last level 0 backup (just renaming a file doesn't change its mtime). On tuesday, there is a system crash, so you restore the files - first from level zero, and level 1 on top of that. This results in having the following files: syslog (from monday, from level 1 backup) syslog.0(from sunday, from level 1 backup) syslog.1.gz (from saturday, from level 1 backup) syslog.2.gz (from thursday, from level 0 backup) Ooops, the log from friday got overwritten! So far I can think of two solutions, but I like neither: - backing up WHOLE /var/log every day (level 0 each time) - this means larger backups - changing traditional rotation (file.number.gz) to something like file.year-month-day.gz - this means changing all rotation cronjobs or patching logrotate Has anyone thought of something better? Marcin -- Marcin Owsiany <[EMAIL PROTECTED]> http://marcin.owsiany.pl/ GnuPG: 1024D/60F41216 FE67 DA2D 0ACA FC5E 3F75 D6F6 3A0D 8AA0 60F4 1216 -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
Re: Server hacked - next...?
On Sun, Jun 29, 2003 at 11:28:47AM -0400, bda wrote: > On Sun, Jun 29, 2003 at 09:47:13PM +0800, Jason Lim wrote: > > Is there any tool that could search the system for root suid scripts (so > > the hacker can login again and gain root easily)? > > find / -uid 0 -perm 0400 I guess this should have been 04000 Marcin -- Marcin Owsiany <[EMAIL PROTECTED]> http://marcin.owsiany.pl/ GnuPG: 1024D/60F41216 FE67 DA2D 0ACA FC5E 3F75 D6F6 3A0D 8AA0 60F4 1216
Re: Server hacked - next...?
On Sun, Jun 29, 2003 at 11:28:47AM -0400, bda wrote: > On Sun, Jun 29, 2003 at 09:47:13PM +0800, Jason Lim wrote: > > Is there any tool that could search the system for root suid scripts (so > > the hacker can login again and gain root easily)? > > find / -uid 0 -perm 0400 I guess this should have been 04000 Marcin -- Marcin Owsiany <[EMAIL PROTECTED]> http://marcin.owsiany.pl/ GnuPG: 1024D/60F41216 FE67 DA2D 0ACA FC5E 3F75 D6F6 3A0D 8AA0 60F4 1216 -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
Re: trying to understand 8bit emails
On Mon, Jun 23, 2003 at 03:13:54PM -0400, Fraser Campbell wrote:
> although it's viewable on the other end and appears to be intact (i.e. I can
> view it) doing a diff between the emailed jpeg and the original shows that
> there are differences.
[...]
> Does anyone have some pointers on where things might be going wrong?
Maybe it's the local delivery agent's fault (procmail/maildrop/...)?
Also, you can have a look at what's exactly changing with:
perl -p -e '$_=join "", map { "[".ord($_)."]".($_ eq "\n"?"\n":"") } split(//,$_)' <
before.jpg > E1
perl -p -e '$_=join "", map { "[".ord($_)."]".($_ eq "\n"?"\n":"") } split(//,$_)' <
after.jpg > E2
diff -u E1 E2 > diff
I'd be grateful if you let me know what kind of changes those were...
regards,
Marcin
--
Marcin Owsiany <[EMAIL PROTECTED]> http://marcin.owsiany.pl/
GnuPG: 1024D/60F41216 FE67 DA2D 0ACA FC5E 3F75 D6F6 3A0D 8AA0 60F4 1216
--
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
Re: trying to understand 8bit emails
On Mon, Jun 23, 2003 at 03:13:54PM -0400, Fraser Campbell wrote:
> although it's viewable on the other end and appears to be intact (i.e. I can
> view it) doing a diff between the emailed jpeg and the original shows that
> there are differences.
[...]
> Does anyone have some pointers on where things might be going wrong?
Maybe it's the local delivery agent's fault (procmail/maildrop/...)?
Also, you can have a look at what's exactly changing with:
perl -p -e '$_=join "", map { "[".ord($_)."]".($_ eq "\n"?"\n":"") }
split(//,$_)' < before.jpg > E1
perl -p -e '$_=join "", map { "[".ord($_)."]".($_ eq "\n"?"\n":"") }
split(//,$_)' < after.jpg > E2
diff -u E1 E2 > diff
I'd be grateful if you let me know what kind of changes those were...
regards,
Marcin
--
Marcin Owsiany <[EMAIL PROTECTED]> http://marcin.owsiany.pl/
GnuPG: 1024D/60F41216 FE67 DA2D 0ACA FC5E 3F75 D6F6 3A0D 8AA0 60F4 1216
Weird thing (qmail, amavis, maildrop)
I have a weird problem with some virus messages getting corrupted (we
detect about 2 up to 3 such corrupted messages per month).
The box does about 5 deliveries per day. I have no other reports
about corrupted messages, so I guess this is not some hardware issue.
First, a description of the message flow:
1. Qmail receives a message for a local user.
2. qmail-lspawn invokes /var/qmail/bin/qmail-local, which is in fact a
symlink to a tweaked amavis-sh script.
3. The script invokes:
cat | ${formail} -f -A "${X_Header_String}" >${tmpdir}/receivedmail
which stores the message (read from stdin, which probably opened from
the queue) to a file
4. The script MIME-unpacks the message with
${metamail} -x${tmpdir}/unpacked/ < ${tmpdir}/receivedmail > /dev/null 2>&1
($metamail is /usr/local/bin/reformime in my case)
5. Since the message contains an attachment with filename ending with an
".exe", namely "Update136-20.exe", md5sum is ran on it (this is my
modification). md5sum reports "8f0730eec78b2c4f0586fe69c5f17983"
6. The script performs some further checks, however it does not modify
the file "receivedmail"
7. Since the virus scanners report no virii, the script finally calls:
/var/qmail/bin/qmail-local-real "$@" < ${tmpdir}/receivedmail
(that is the real qmail-local)
8. qmail-local runs maildrop, since the user doesn't have a .qmail file,
and maildrop is specified as the "defaultdelivery"
9. the user has only a skeletal .mailfilter file:
FROM='[EMAIL PROTECTED]'
to "./Maildir/"
10. maildrop delivers the file to the user's maildir
Now the weird thing:
When I take this message, extract the attachment and run md5sum on it,
it reports sum "4613a17f12531d21c683023ffa4b4a34". I get this sum when I
extract the message with mutt, reformime, or if I inject the message to
qmail again so it runs the above procedure once again.
I suspect the message gets corrupted somewhere between qmail-local and
user's maildir, but I have no idea how or when exactly this might
happen? The message looks properly formatted plaintext/html +
attachment. I can provide it if someone's interested.
The thing that bugs me most is that AVP doesn't detect that the message
is a virus during the first delivery, but does detect it on subsequent
deliveries.
I'm really puzzled. Any hints are welcome.
Marcin
--
Marcin Owsiany <[EMAIL PROTECTED]> http://marcin.owsiany.pl/
GnuPG: 1024D/60F41216 FE67 DA2D 0ACA FC5E 3F75 D6F6 3A0D 8AA0 60F4 1216
Re: Extended find an replace SOS
On Wed, Jul 10, 2002 at 02:33:48PM +0200, Craig wrote: > Hi Guys > > I need to do an extended find and replace for a few > .htm files spanning a couple of subdirectories to > change some things. > > Anyone have a quick command to achieve this ?> perl -pi -e 's/find/replace/g' `find dir -name '*.htm'` Marcin -- Marcin Owsiany <[EMAIL PROTECTED]> http://marcin.owsiany.pl/ GnuPG: 1024D/60F41216 FE67 DA2D 0ACA FC5E 3F75 D6F6 3A0D 8AA0 60F4 1216 -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
Re: Extended find an replace SOS
On Wed, Jul 10, 2002 at 02:33:48PM +0200, Craig wrote: > Hi Guys > > I need to do an extended find and replace for a few > .htm files spanning a couple of subdirectories to > change some things. > > Anyone have a quick command to achieve this ?> perl -pi -e 's/find/replace/g' `find dir -name '*.htm'` Marcin -- Marcin Owsiany <[EMAIL PROTECTED]> http://marcin.owsiany.pl/ GnuPG: 1024D/60F41216 FE67 DA2D 0ACA FC5E 3F75 D6F6 3A0D 8AA0 60F4 1216 -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
Re: Maildir equivalent to mail -f username
On Mon, May 27, 2002 at 09:40:16AM +1000, Andrew Tait wrote: > Hi All, > > I am planning on converting a mail server from using the mbox format over to > maildir. > > Currently (with the mbox format) we can modify users mailboxs with "mail -f > /var/spool/mail/username". However I am unable any equivalent for a maildir > system. Has anyone come across such a program? Or how do you manipulate > users mail boxes? Try mutt. Marcin -- Marcin Owsiany <[EMAIL PROTECTED]> http://marcin.owsiany.pl/ GnuPG: 1024D/60F41216 FE67 DA2D 0ACA FC5E 3F75 D6F6 3A0D 8AA0 60F4 1216 -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
Re: Maildir equivalent to mail -f username
On Mon, May 27, 2002 at 09:40:16AM +1000, Andrew Tait wrote: > Hi All, > > I am planning on converting a mail server from using the mbox format over to > maildir. > > Currently (with the mbox format) we can modify users mailboxs with "mail -f > /var/spool/mail/username". However I am unable any equivalent for a maildir > system. Has anyone come across such a program? Or how do you manipulate > users mail boxes? Try mutt. Marcin -- Marcin Owsiany <[EMAIL PROTECTED]> http://marcin.owsiany.pl/ GnuPG: 1024D/60F41216 FE67 DA2D 0ACA FC5E 3F75 D6F6 3A0D 8AA0 60F4 1216 -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
Re: Exim sending errors to root
On Sun, May 26, 2002 at 06:02:07PM +0300, Jarno Elonen wrote: > Hi, > > I get daily error from exim (and some other packages, but mainly exim): > > /bin/sh: root: command not found > /etc/cron.daily/exim: > failed to open database lock file /var/spool/exim/db/retry.lockfile: > Permission denied (euid=1000 egid=50) > failed to open database lock file > /var/spool/exim/db/wait-remote_smtp.lockfile: Permission denied (euid=1000 > egid=50) > run-parts: /etc/cron.daily/exim exited with return code 1 > > Any ideas on what might cause this? It looks a bit as if it couldn't run as > root and was therefore failing to open some file. Are there any handy ways to > debug cron jobs? Probably root's crontab (the one set up by calling /usr/bin/crontab) is causing this. Note that that crontab's format is different than the one in /etc/crontab (or /etc/cron.d/*). (therefore cron tries to call a 'root' command, which doesn't exist). Marcin -- Marcin Owsiany <[EMAIL PROTECTED]> http://marcin.owsiany.pl/ GnuPG: 1024D/60F41216 FE67 DA2D 0ACA FC5E 3F75 D6F6 3A0D 8AA0 60F4 1216 -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
Re: Exim sending errors to root
On Sun, May 26, 2002 at 06:02:07PM +0300, Jarno Elonen wrote: > Hi, > > I get daily error from exim (and some other packages, but mainly exim): > > /bin/sh: root: command not found > /etc/cron.daily/exim: > failed to open database lock file /var/spool/exim/db/retry.lockfile: > Permission denied (euid=1000 egid=50) > failed to open database lock file > /var/spool/exim/db/wait-remote_smtp.lockfile: Permission denied (euid=1000 > egid=50) > run-parts: /etc/cron.daily/exim exited with return code 1 > > Any ideas on what might cause this? It looks a bit as if it couldn't run as > root and was therefore failing to open some file. Are there any handy ways to > debug cron jobs? Probably root's crontab (the one set up by calling /usr/bin/crontab) is causing this. Note that that crontab's format is different than the one in /etc/crontab (or /etc/cron.d/*). (therefore cron tries to call a 'root' command, which doesn't exist). Marcin -- Marcin Owsiany <[EMAIL PROTECTED]> http://marcin.owsiany.pl/ GnuPG: 1024D/60F41216 FE67 DA2D 0ACA FC5E 3F75 D6F6 3A0D 8AA0 60F4 1216 -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
Re: Setting user passwords non-interactively
On Sun, May 19, 2002 at 11:35:00PM +0200, staf wagemakers wrote: > On Sun, May 19, 2002 at 03:18:29PM +0200, Marcin Owsiany wrote: > > > I settled for a tip from greycat at #debian: > > > > > > usermod -p `mkpasswd --hash=md5 $cleartxtpw` $username > > > > > > That can easyly go work in perl as well naturaly;)... > > > > > > > > > What do u guys think? > > > > Passing clear text passwords as program arguments is unsafe. Anyone who > > can see the process list may also see the password. > > > > I have once made a small PAM-based program which reads the old and new > > password from stdin and sets the new password if the old one matches. > > It used to be called from a perl script via perl's open(). > > > > The code is very application-specific so would need some tweaking, and > > the comments are in Polish, but if anyone is still interested... > > You could use chpasswd to update the password, chpasswd read the username > and password form stdin so the password isn't available in ps. Right. The only difference is that chpasswd doesn't check existing password. Marcin -- Marcin Owsiany <[EMAIL PROTECTED]> http://marcin.owsiany.pl/ GnuPG: 1024D/60F41216 FE67 DA2D 0ACA FC5E 3F75 D6F6 3A0D 8AA0 60F4 1216 -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
Re: Setting user passwords non-interactively
On Sat, May 18, 2002 at 01:13:25PM -0600, Alejandro Borges wrote: > U guys are the bestthx for all the responses... > > I settled for a tip from greycat at #debian: > > usermod -p `mkpasswd --hash=md5 $cleartxtpw` $username > > That can easyly go work in perl as well naturaly;)... > > > What do u guys think? Passing clear text passwords as program arguments is unsafe. Anyone who can see the process list may also see the password. I have once made a small PAM-based program which reads the old and new password from stdin and sets the new password if the old one matches. It used to be called from a perl script via perl's open(). The code is very application-specific so would need some tweaking, and the comments are in Polish, but if anyone is still interested... Marcin -- Marcin Owsiany <[EMAIL PROTECTED]> http://marcin.owsiany.pl/ GnuPG: 1024D/60F41216 FE67 DA2D 0ACA FC5E 3F75 D6F6 3A0D 8AA0 60F4 1216 -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
Re: Radius choices now that freeradius has been dropped from woody.
On Tue, Apr 16, 2002 at 03:03:39AM -0400, Chuck Peters wrote: > At > http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=142217&repeatmerged=yes > it says "radiusd-freeradius is too buggy. This is a grave bug, by Policy > s2.1.2. Maybe it will be ready for Woody+1." > > What does the Woody+1 mean, a minor release/update to woody or does it > mean sid? It means the next release after woody (i.e. the suite that will be "testing" after woody is released). Sid will never be released. Marcin -- Marcin Owsiany <[EMAIL PROTECTED]> http://marcin.owsiany.pl/ GnuPG: 1024D/60F41216 FE67 DA2D 0ACA FC5E 3F75 D6F6 3A0D 8AA0 60F4 1216 -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
Re: Exim + POP3 + quota problems
On Mon, Mar 18, 2002 at 12:51:55PM -0500, Loren Jordan wrote: > If you are able to re compile Qpopper, you can change the location of the > .lock file as a compile option, just put it some where there is no > quota checking. You will also need to adjust the configuration of your MDA > to watch for lock files in that new location. MDA or MTA, but also MUA... > I ran into this same problem > a couple of years ago (when I worked at Qualcomm :). I was also constantly > having to repair the users mbox files because of corruptions in the headers > that would cause Qpopper to die. You mean when it didn't use right lockfiles? > There are a lot of compile time options that you can adjust and if you just > have to keep using it, do re-compile with the "server mode" enabled. I > forget the exact name of that option but it keeps the users spool file > copies to only 1 per session. This change alone brought the load on our > mail servers down to less than 1.0. Right, but the manpage says I shouldn't use that mode if users also read mail using MUAs. > I would recommend going with something like qmail (I like it more than > anything else I have used) or any other pop server that supports > Maildir. Actually I have to deal with qmail on another machine, and I prefer exim... and it supports Maildir delivery as well, so I think I'll just try to switch to it. Marcin -- Marcin Owsiany <[EMAIL PROTECTED]> http://marcin.owsiany.pl/ GnuPG: 1024D/60F41216 FE67 DA2D 0ACA FC5E 3F75 D6F6 3A0D 8AA0 60F4 1216 -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
Re: Exim + POP3 + quota problems
On Sun, Mar 17, 2002 at 10:11:27PM -0600, Rich Puhek wrote: > Marcin Owsiany wrote: > > - exim delivers mail to /var/mail/ > > - qpopper is my POP3 server > > - /var/spool/pop is a symlink to /usr/local/pop > > - there is no user quota for /usr/local partition > Been a while since I dealt with qpopper, but wasn't the lock actually > /var/spool/pop/.pop (the temporary copy of the user's mailbox)? /var/spool/pop/.pop is one thing (it's called temporary maildrop by qpopper) - it's where qpopper moves mail for the time of POP3 session. /var/mail/.lock is another thing. I think it's usually just a few bytes large (probably contains the pid of the locking process), and it's the actual lock file (needed to prevent mbox corruption). Marcin -- Marcin Owsiany <[EMAIL PROTECTED]> http://marcin.owsiany.pl/ GnuPG: 1024D/60F41216 FE67 DA2D 0ACA FC5E 3F75 D6F6 3A0D 8AA0 60F4 1216 -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
Exim + POP3 + quota problems
Hi! Here's my setup: - a potato box (sounds cool, doesn't it? :-) - exim delivers mail to /var/mail/ - qpopper is my POP3 server - there is a user quota for /var partition - /var/spool/pop is a symlink to /usr/local/pop - there is no user quota for /usr/local partition - all users use POP3 to fetch their mail - also, a few users do read mail via local MUAs, so disabling locking in qpopper is not possible The problem is that from time to time the following thing happens: - the size of a user's mailbox in blocks becomes equal to the user's quota on /var - because the user may not use any more blocks on that partition, qpopper is unable to create a lockfile (/var/mail/.lock) and exits with -ERR maillock: cannot lock '/var/mail/foo': 1 - because of that the user is unable to fetch her mail How do you guys cope with that problem? The only solution I could come up with is switching to Maildir delivery, but might be painful... Maybe there's some solution I've overlooked? Marcin -- Marcin Owsiany <[EMAIL PROTECTED]> http://marcin.owsiany.pl/ GnuPG: 1024D/60F41216 FE67 DA2D 0ACA FC5E 3F75 D6F6 3A0D 8AA0 60F4 1216 -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
Re: SSH Daemon failing
On Mon, Feb 25, 2002 at 04:51:54PM +1100, Andrew Tait wrote:
> It appears to run fine to begin with, loading libraries and reading config
> files, these are the last few lines. It tries to fork, and then just dies.
>
> read(3, "-BEGIN DSA PRIVATE KEY-\n"..., 672) = 672
> _llseek(3, 0, [0], SEEK_SET)= 0
> fcntl64(3, F_GETFL) = 0x8000 (flags
> O_RDONLY|O_LARGEFILE)
> fstat64(3, {st_mode=S_IFREG|0600, st_size=672, ...}) = 0
> old_mmap(NULL, 4096, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0)
> = 0x40016000
> _llseek(3, 0, [0], SEEK_CUR)= 0
> read(3, "-BEGIN DSA PRIVATE KEY-\n"..., 4096) = 672
> close(3)= 0
> munmap(0x40016000, 4096)= 0
> fork() = 451
> --- SIGCHLD (Child exited) ---
> _exit(0)
Try running it under strace -f (or -F) to see what the child does before
it dies.
Marcin
--
Marcin Owsiany <[EMAIL PROTECTED]> http://marcin.owsiany.pl/
GnuPG: 1024D/60F41216 FE67 DA2D 0ACA FC5E 3F75 D6F6 3A0D 8AA0 60F4 1216
Re: SSH Daemon failing
On Mon, Feb 25, 2002 at 04:51:54PM +1100, Andrew Tait wrote:
> It appears to run fine to begin with, loading libraries and reading config
> files, these are the last few lines. It tries to fork, and then just dies.
>
> read(3, "-BEGIN DSA PRIVATE KEY-\n"..., 672) = 672
> _llseek(3, 0, [0], SEEK_SET)= 0
> fcntl64(3, F_GETFL) = 0x8000 (flags
> O_RDONLY|O_LARGEFILE)
> fstat64(3, {st_mode=S_IFREG|0600, st_size=672, ...}) = 0
> old_mmap(NULL, 4096, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0)
> = 0x40016000
> _llseek(3, 0, [0], SEEK_CUR)= 0
> read(3, "-BEGIN DSA PRIVATE KEY-\n"..., 4096) = 672
> close(3)= 0
> munmap(0x40016000, 4096)= 0
> fork() = 451
> --- SIGCHLD (Child exited) ---
> _exit(0)
Try running it under strace -f (or -F) to see what the child does before
it dies.
Marcin
--
Marcin Owsiany <[EMAIL PROTECTED]> http://marcin.owsiany.pl/
GnuPG: 1024D/60F41216 FE67 DA2D 0ACA FC5E 3F75 D6F6 3A0D 8AA0 60F4 1216
--
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
Re: recheck for new partition without reboot?
On Fri, Feb 01, 2002 at 06:09:15PM -0800, Jeremy C. Reed wrote: > I added a new partition (/dev/sda8). (Other partitions were already in > use.) > > Is there any tool or kernel module to recognize this device without > rebooting? I guess cfdisk calls some ioctls to force kernel to reread the new partition table after writing it... Marcin -- Marcin Owsiany <[EMAIL PROTECTED]> http://marcin.owsiany.pl/ GnuPG: 1024D/60F41216 FE67 DA2D 0ACA FC5E 3F75 D6F6 3A0D 8AA0 60F4 1216
Re: recheck for new partition without reboot?
On Fri, Feb 01, 2002 at 06:09:15PM -0800, Jeremy C. Reed wrote: > I added a new partition (/dev/sda8). (Other partitions were already in > use.) > > Is there any tool or kernel module to recognize this device without > rebooting? I guess cfdisk calls some ioctls to force kernel to reread the new partition table after writing it... Marcin -- Marcin Owsiany <[EMAIL PROTECTED]> http://marcin.owsiany.pl/ GnuPG: 1024D/60F41216 FE67 DA2D 0ACA FC5E 3F75 D6F6 3A0D 8AA0 60F4 1216 -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
Re: Weird SMP problem
On Fri, Feb 01, 2002 at 05:56:00PM +1300, Dave Watkins wrote: > On older Asus Dual boards you needed to disable MPS 1.4 in the BIOS > otherwise you would get lock ups. I forgot to mention. I had to disable MPS 1.4 or the kernel would lock up very early at startup (even before peripherals are detected). Marcin -- Marcin Owsiany <[EMAIL PROTECTED]>
Re: Weird SMP problem
On Fri, Feb 01, 2002 at 05:56:00PM +1300, Dave Watkins wrote: > On older Asus Dual boards you needed to disable MPS 1.4 in the BIOS > otherwise you would get lock ups. I forgot to mention. I had to disable MPS 1.4 or the kernel would lock up very early at startup (even before peripherals are detected). Marcin -- Marcin Owsiany <[EMAIL PROTECTED]> -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
Weird SMP problem
Hi! Imagine the following configurations: machine1: - 2 x Pentium III 800MHz - CUV266-D Asus motherboard (VIA VT8633/8233) - 1 GB DDR RAM - SCSI storage controller: Adaptec 7892A - 2 x IBM HDs (Model: DDYS-T09170N) machine2: - the same CPUs, motherboard and RAM as in machine1 - FUJITSU MPF3153AH, ATA DISK drive Both machine1 and machine2 run Linux 2.4.17 SMP machine1 runs Debian potato + Adrian Bunk's packages needed to run 2.4.x kernel + a bit patched version of qmail machine2 runs Debian woody + the same version of qmail machine2 runs well (we did some stress tests like injecting a few thousand of messages into qmail and compiling the kernel with -j 2) As for machine1, it boots nicely, switches into runlevel 2 and then, about 4 or five seconds after qmail starts - freezes completly (not even keyboard LEDs blink). This is the weirdest thing about that. We started it in single user mode, it fsckd all filesystems, we deleted all links in /etc/rc2.d, removed /etc/nologin*, proceeded to runlevel 2 and then manually started the services one-by-one, waiting a minute or so after each one started to check if the machine is still responsive. And again it freezed a few seconds after starting qmail (while the disks were still churning as it processed its queue). The SCSI controller and disks _are_ ok, since it has ran flawlessly on a non-SMP system for some year or so (and actually still runs as I type these words). What might be causing this??? I don't think the software version difference is relevant, since only a hardware or kernel malfunction should be able to freeze a system, right? Then again, the kernel is the same (from the same package). Ideas on what might be wrong or how to further isolate the problem are very welcome. Marcin -- Marcin Owsiany [EMAIL PROTECTED] -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
Re: xinetd /etc/host.deny ALL:PARANOID
On Fri, Jan 11, 2002 at 12:11:13AM +0100, martin f krafft wrote: > it's not really a security measure anymore, i find. feel free to > disagree... Disabling PARANOID mode only means that you shouldn't trust the logged hostnames, because thay may be faked, no? Marcin -- Marcin Owsiany <[EMAIL PROTECTED]> http://marcin.owsiany.pl/ GnuPG: 1024D/60F41216 FE67 DA2D 0ACA FC5E 3F75 D6F6 3A0D 8AA0 60F4 1216
Re: xinetd /etc/host.deny ALL:PARANOID
On Fri, Jan 11, 2002 at 12:11:13AM +0100, martin f krafft wrote: > it's not really a security measure anymore, i find. feel free to > disagree... Disabling PARANOID mode only means that you shouldn't trust the logged hostnames, because thay may be faked, no? Marcin -- Marcin Owsiany <[EMAIL PROTECTED]> http://marcin.owsiany.pl/ GnuPG: 1024D/60F41216 FE67 DA2D 0ACA FC5E 3F75 D6F6 3A0D 8AA0 60F4 1216 -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
FTP: symlinks, SITE commands
Hi! Two questions: Is there a possibility to upload/create a symlink with FTP? (proftpd) I searched the RFCs and haven't found anything, but I just want to make sure. How can I find out what SITE commands does proftpd support? This doesn't seem to be documented anywhere in /usr/doc/proftpd... regards Marcin -- Marcin Owsiany [EMAIL PROTECTED]
Re: webalizer
On Mon, Oct 08, 2001 at 01:01:16PM -0700, Jeremy C. Reed wrote: > > I am guessing that there is a config option to allow longer requests. (But > I don't see it in my manual page.) I don't think so. I remember I had to patch it and recompile. Marcin -- Marcin Owsiany <[EMAIL PROTECTED]> http://marcin.owsiany.pl/ GnuPG: 1024D/60F41216 FE67 DA2D 0ACA FC5E 3F75 D6F6 3A0D 8AA0 60F4 1216
Re: webalizer
On Mon, Oct 08, 2001 at 01:01:16PM -0700, Jeremy C. Reed wrote: > > I am guessing that there is a config option to allow longer requests. (But > I don't see it in my manual page.) I don't think so. I remember I had to patch it and recompile. Marcin -- Marcin Owsiany <[EMAIL PROTECTED]> http://marcin.owsiany.pl/ GnuPG: 1024D/60F41216 FE67 DA2D 0ACA FC5E 3F75 D6F6 3A0D 8AA0 60F4 1216 -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
Re: Mail Server Virus Protection
On Sat, Oct 06, 2001 at 10:49:45PM +0200, Stojan Rancic wrote: > > > Yeah, only it crashes on larger mails and fills up whole disk with some > > binary crap instead of report :-> > > What do you consider "larger mails" ? Anything that exceeds half of ulimit. (Even less in case of larger mails). > I disagree, AVP installed automatically, Well, in my case it just died without saying what's the matter. > altough avcheck needed to be > installed additionally, but avcheck is a separate product anyway (mailing > list at http://innominate.org/mailman/listinfo/avcheck ) Hmm.. I didn't know about that one... > Here we agree, unfortunately :-( But what AV product/combo out there is ? ---8 #!/bin/sh cat <> ~/.procmailrc :0 * X-Mailer: Micros /dev/null END --- Seriously, though: i don't know any such piece of software. Marcin -- Marcin Owsiany <[EMAIL PROTECTED]> http://marcin.owsiany.pl/ GnuPG: 1024D/60F41216 FE67 DA2D 0ACA FC5E 3F75 D6F6 3A0D 8AA0 60F4 1216 -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
Re: Mail Server Virus Protection
On Sat, Oct 06, 2001 at 10:31:56PM +0200, Stojan Rancic wrote: > > >> Thanks for any assistance you can provide. > > > Don't use AVP. It's a piece of crap. > > Actually, AVP with avcheck seem to work splendidly here, in > combination with Postfix, scanning quite a number of mails every day > and blocking the plague of Win32 viruses.. Yeah, only it crashes on larger mails and fills up whole disk with some binary crap instead of report :-> Installer doesn't even run, you need to install it manually. And of course it's as non free as it can be. Marcin -- Marcin Owsiany <[EMAIL PROTECTED]> http://marcin.owsiany.pl/ GnuPG: 1024D/60F41216 FE67 DA2D 0ACA FC5E 3F75 D6F6 3A0D 8AA0 60F4 1216 -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
Re: Mail Server Virus Protection
On Sat, Oct 13, 2001 at 02:42:03PM -0400, Gene Grimm wrote: > I don't recall if I have seen anything on this list regarding the issue of > scanning messages for viruses as they are processed by a Linux-based mail > server. If there is such a package, where can I find information on this > such as the format for mail storage and configuration? Thanks for any > assistance you can provide. Don't use AVP. It's a piece of crap. Marcin -- Marcin Owsiany <[EMAIL PROTECTED]> http://marcin.owsiany.pl/ GnuPG: 1024D/60F41216 FE67 DA2D 0ACA FC5E 3F75 D6F6 3A0D 8AA0 60F4 1216 -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
Zero quota?
Hi! How do I specify that a user should be allowed to use "0" blocks on some device? AFAIK specifing "0" in edquota means that there should be no limit at all, which is quite the opposite. thanks Marcin -- Marcin Owsiany <[EMAIL PROTECTED]> http://marcin.owsiany.pl/ GnuPG: 1024D/60F41216 FE67 DA2D 0ACA FC5E 3F75 D6F6 3A0D 8AA0 60F4 1216 -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
safe PHP scripts execution?
Hi! Does anybody happen to know some feature that would allow PHP scripts to be executed by a user different than www-data? Something like suexec... Or am I wrong thinking that you can't write to your files using PHP without either: 1. chmod o+w file or 2. sudo adduser user www-data; chmod g+w file or 3. administrator intervence for each file (chgrp www-data file ; chmod g+w file) (All three of them are bad security, if the user wants to protect the file from being written to by others) Marcin PS: Sorry for the strange language. I'm sleepy :-\ -- Marcin Owsiany <[EMAIL PROTECTED]> http://student.uci.agh.edu.pl/~porridge/ GnuPG: 1024D/60F41216 FE67 DA2D 0ACA FC5E 3F75 D6F6 3A0D 8AA0 60F4 1216 -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
Re: Apache CGI Distress
On Wed, Jul 25, 2001 at 08:32:41PM -0400, Gene Grimm wrote: > even restarted Apache several times. What might I be missing? Maybe /var/log/apache/suexec(.log)? Marcin -- Marcin Owsiany <[EMAIL PROTECTED]> http://student.uci.agh.edu.pl/~porridge/ GnuPG: 1024D/60F41216 FE67 DA2D 0ACA FC5E 3F75 D6F6 3A0D 8AA0 60F4 1216 -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
Re: Salt for /etc/shadow and passwd?
On Tue, Jul 17, 2001 at 04:02:03PM -0400, Thomas Morin wrote: > -. Jason Lim (2001-07-18) : > | > | Okay... I wasn't thinking. The salt is stored within the crypted password > | generated, which is why password crackers work. > > Yes, with crypt(3) the salt is precisely the first two characters. _If_ you use the old crypt() semantics. If you provide a salt starting with '$1$' it will give you MD5-hashed password. Marcin -- Marcin Owsiany <[EMAIL PROTECTED]> http://student.uci.agh.edu.pl/~porridge/ GnuPG: 1024D/60F41216 FE67 DA2D 0ACA FC5E 3F75 D6F6 3A0D 8AA0 60F4 1216 -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
Re: smbclient question.
On Fri, Jun 29, 2001 at 04:01:53PM +0100, Friedrich wrote: > > smbclient //server/share -U user%password -c "cd location\of\data;mget *" > > Then is says : > > Get file file1.txt? > > and this will then stop it from working in a script that is a cronjob. Any > ideas on how I can get > it to just get the files and not ask anything? I don't know about smbclient, but FTP has a 'prompt' command to solve this problem. Maybe try 'prompt n' before that? Marcin -- - Marcin Owsiany [EMAIL PROTECTED] -
Re: smbclient question.
On Fri, Jun 29, 2001 at 04:01:53PM +0100, Friedrich wrote: > > smbclient //server/share -U user%password -c "cd location\of\data;mget *" > > Then is says : > > Get file file1.txt? > > and this will then stop it from working in a script that is a cronjob. Any ideas on >how I can get > it to just get the files and not ask anything? I don't know about smbclient, but FTP has a 'prompt' command to solve this problem. Maybe try 'prompt n' before that? Marcin -- - Marcin Owsiany [EMAIL PROTECTED] - -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
Re: Finding the Bottleneck
On Mon, Jun 11, 2001 at 04:49:21PM +0800, Jason Lim wrote: > Hi, > > AFAIK, even if there was a gig of ram in there, it would not allocate any > (or maybe just a little) to free memory, and would throw any free memory > into buffers anyway. > > So 68M of buffers tells me it has ample free memory, it or wouldn't > allocate so much there anyway, right? Right, it probably would not allocate any more memory for the processes themselves, but my point is that "the bigger buffers, the better performance". I guess that 68 MB buffers isn't that much for such a heavily loaded machine. Marcin PS: No need to CC to me. -- Marcin Owsiany <[EMAIL PROTECTED]> http://student.uci.agh.edu.pl/~porridge/ GnuPG: 1024D/60F41216 FE67 DA2D 0ACA FC5E 3F75 D6F6 3A0D 8AA0 60F4 1216
Re: Finding the Bottleneck
On Mon, Jun 11, 2001 at 04:49:21PM +0800, Jason Lim wrote: > Hi, > > AFAIK, even if there was a gig of ram in there, it would not allocate any > (or maybe just a little) to free memory, and would throw any free memory > into buffers anyway. > > So 68M of buffers tells me it has ample free memory, it or wouldn't > allocate so much there anyway, right? Right, it probably would not allocate any more memory for the processes themselves, but my point is that "the bigger buffers, the better performance". I guess that 68 MB buffers isn't that much for such a heavily loaded machine. Marcin PS: No need to CC to me. -- Marcin Owsiany <[EMAIL PROTECTED]> http://student.uci.agh.edu.pl/~porridge/ GnuPG: 1024D/60F41216 FE67 DA2D 0ACA FC5E 3F75 D6F6 3A0D 8AA0 60F4 1216 -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
Re: Finding the Bottleneck
On Sun, Jun 10, 2001 at 02:04:36AM +0800, Jason Lim wrote: > I'm not exactly sure how the Linux kernel would handle this. > > Right now, the swap is untouched. If the server needed more ram, wouldn't > it be swapping something... anything? I mean, it currently has 0kb in > swap, and still has free memory. > > Here is a recent top: > > 101 processes: 97 sleeping, 3 running, 1 zombie, 0 stopped > CPU states: 9.4% user, 14.0% system, 0.5% nice, 76.1% idle > Mem:128236K total, 125492K used, 2744K free,69528K buffers > Swap: 289160K total,0K used, 289160K free,10320K cached Remember that adding RAM means larger buffers/cache, and so faster IO. Only 3 MB free memory means that Linux would really like more RAM for larger buffers. Marcin -- Marcin Owsiany <[EMAIL PROTECTED]> http://student.uci.agh.edu.pl/~porridge/ GnuPG: 1024D/60F41216 FE67 DA2D 0ACA FC5E 3F75 D6F6 3A0D 8AA0 60F4 1216
Re: Finding the Bottleneck
On Sun, Jun 10, 2001 at 02:04:36AM +0800, Jason Lim wrote: > I'm not exactly sure how the Linux kernel would handle this. > > Right now, the swap is untouched. If the server needed more ram, wouldn't > it be swapping something... anything? I mean, it currently has 0kb in > swap, and still has free memory. > > Here is a recent top: > > 101 processes: 97 sleeping, 3 running, 1 zombie, 0 stopped > CPU states: 9.4% user, 14.0% system, 0.5% nice, 76.1% idle > Mem:128236K total, 125492K used, 2744K free,69528K buffers > Swap: 289160K total,0K used, 289160K free,10320K cached Remember that adding RAM means larger buffers/cache, and so faster IO. Only 3 MB free memory means that Linux would really like more RAM for larger buffers. Marcin -- Marcin Owsiany <[EMAIL PROTECTED]> http://student.uci.agh.edu.pl/~porridge/ GnuPG: 1024D/60F41216 FE67 DA2D 0ACA FC5E 3F75 D6F6 3A0D 8AA0 60F4 1216 -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
Quota support for reiserfs on kernel 2.4.4
Hi! Why isn't there any quota support in vanilla 2.4.4 kernel? Is it buggy/untested? I was able to find some patches, but the latest seemed to be for 2.4.3 kernel. Does anybody have any experience with using quota with reiserfs? I have a dillema: either stick to ext2 on an 75-GB partition on an IDE drive (I fear long fscks in case of crash) or apply that quota patch and put reiser on it (it's said to cut fsck time..). thanks in advance Marcin -- Marcin Owsiany <[EMAIL PROTECTED]> http://student.uci.agh.edu.pl/~porridge/ GnuPG: 1024D/60F41216 FE67 DA2D 0ACA FC5E 3F75 D6F6 3A0D 8AA0 60F4 1216
Quota support for reiserfs on kernel 2.4.4
Hi! Why isn't there any quota support in vanilla 2.4.4 kernel? Is it buggy/untested? I was able to find some patches, but the latest seemed to be for 2.4.3 kernel. Does anybody have any experience with using quota with reiserfs? I have a dillema: either stick to ext2 on an 75-GB partition on an IDE drive (I fear long fscks in case of crash) or apply that quota patch and put reiser on it (it's said to cut fsck time..). thanks in advance Marcin -- Marcin Owsiany <[EMAIL PROTECTED]> http://student.uci.agh.edu.pl/~porridge/ GnuPG: 1024D/60F41216 FE67 DA2D 0ACA FC5E 3F75 D6F6 3A0D 8AA0 60F4 1216 -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
Re: Performance monitor
On Wed, May 02, 2001 at 04:34:50AM +0800, Jason Lim wrote: > It would be really cool if there was some kind of app that would run on a > console, and would show a summary of most types of stats a real sysadmin > would be interested in (eg. total system loading, total network bandwidth > being used), and things like that. atsar/sar seems to do the trick Marcin -- Marcin Owsiany <[EMAIL PROTECTED]> http://student.uci.agh.edu.pl/~porridge/ GnuPG: 1024D/60F41216 FE67 DA2D 0ACA FC5E 3F75 D6F6 3A0D 8AA0 60F4 1216
Re: Performance monitor
On Wed, May 02, 2001 at 04:34:50AM +0800, Jason Lim wrote: > It would be really cool if there was some kind of app that would run on a > console, and would show a summary of most types of stats a real sysadmin > would be interested in (eg. total system loading, total network bandwidth > being used), and things like that. atsar/sar seems to do the trick Marcin -- Marcin Owsiany <[EMAIL PROTECTED]> http://student.uci.agh.edu.pl/~porridge/ GnuPG: 1024D/60F41216 FE67 DA2D 0ACA FC5E 3F75 D6F6 3A0D 8AA0 60F4 1216 -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
Performance monitor
Hello! I wonder what you guys use as performance monitoring/bottleneck detection software (preferably for a text terminal)? I mean I would like to see some more detailed data than just 'load average' :-) Marcin -- Marcin Owsiany <[EMAIL PROTECTED]> http://student.uci.agh.edu.pl/~porridge/ GnuPG: 1024D/60F41216 FE67 DA2D 0ACA FC5E 3F75 D6F6 3A0D 8AA0 60F4 1216
Performance monitor
Hello! I wonder what you guys use as performance monitoring/bottleneck detection software (preferably for a text terminal)? I mean I would like to see some more detailed data than just 'load average' :-) Marcin -- Marcin Owsiany <[EMAIL PROTECTED]> http://student.uci.agh.edu.pl/~porridge/ GnuPG: 1024D/60F41216 FE67 DA2D 0ACA FC5E 3F75 D6F6 3A0D 8AA0 60F4 1216 -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
Re: Can't delete or modify file
On Wed, Apr 18, 2001 at 05:12:33PM +0200, Marcin Sochacki wrote: > On Wed, Apr 18, 2001 at 10:00:02AM -0400, Robert Brown wrote: > > I tried to update my debian box which is running Potato. When libc6 tries > > to > > install it fails giving an error about not being able to symlink > > libnss_db.so.2. > > I took a look at libnss_db.so.2 and things are very odd. A 'ls -la' gives > > the > > following: > > > > br-xr-S-wx1 223048236 105, 114 Oct 23 2030 libnss_db.so.2 > > > > I've tried to delete, rename, chown and chmod with out any luck. What > > should I > > do? I can't even find out what 'S' as a permission is. Any help would be > > greatly appreciated. > > man chattr Or maybe better fsck. The 'b' means it's a block special device file. The 'S' means the same as 's', but without the corresponding 'x' bit set. regards Marcin -- Marcin Owsiany <[EMAIL PROTECTED]> http://student.uci.agh.edu.pl/~porridge/ GnuPG: 1024D/60F41216 FE67 DA2D 0ACA FC5E 3F75 D6F6 3A0D 8AA0 60F4 1216
Re: Can't delete or modify file
On Wed, Apr 18, 2001 at 05:12:33PM +0200, Marcin Sochacki wrote: > On Wed, Apr 18, 2001 at 10:00:02AM -0400, Robert Brown wrote: > > I tried to update my debian box which is running Potato. When libc6 tries to > > install it fails giving an error about not being able to symlink libnss_db.so.2. > > I took a look at libnss_db.so.2 and things are very odd. A 'ls -la' gives the > > following: > > > > br-xr-S-wx1 223048236 105, 114 Oct 23 2030 libnss_db.so.2 > > > > I've tried to delete, rename, chown and chmod with out any luck. What should I > > do? I can't even find out what 'S' as a permission is. Any help would be > > greatly appreciated. > > man chattr Or maybe better fsck. The 'b' means it's a block special device file. The 'S' means the same as 's', but without the corresponding 'x' bit set. regards Marcin -- Marcin Owsiany <[EMAIL PROTECTED]> http://student.uci.agh.edu.pl/~porridge/ GnuPG: 1024D/60F41216 FE67 DA2D 0ACA FC5E 3F75 D6F6 3A0D 8AA0 60F4 1216 -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
merging apache config files [was: Re: htaccess success!]
On Fri, Feb 23, 2001 at 09:38:23PM +, Martin WHEELER wrote: > > It actually took me longer to track this down than it should, > across the files concerned. Which begs the question: when is > Debian finally going to go towards a single httpd.conf file? > > (Wouldn't stop this problem; but would help in tracking down multiple > and conflicting directives.) I don't think so. Each directive belongs to one file. Browsing through a 3 kb access.conf is certainly easier than browsing through a huge, combined, 20 kb httpd.conf Marcin -- Marcin Owsiany <[EMAIL PROTECTED]> http://student.uci.agh.edu.pl/~porridge/ GnuPG: 1024D/60F41216 FE67 DA2D 0ACA FC5E 3F75 D6F6 3A0D 8AA0 60F4 1216
merging apache config files [was: Re: htaccess success!]
On Fri, Feb 23, 2001 at 09:38:23PM +, Martin WHEELER wrote: > > It actually took me longer to track this down than it should, > across the files concerned. Which begs the question: when is > Debian finally going to go towards a single httpd.conf file? > > (Wouldn't stop this problem; but would help in tracking down multiple > and conflicting directives.) I don't think so. Each directive belongs to one file. Browsing through a 3 kb access.conf is certainly easier than browsing through a huge, combined, 20 kb httpd.conf Marcin -- Marcin Owsiany <[EMAIL PROTECTED]> http://student.uci.agh.edu.pl/~porridge/ GnuPG: 1024D/60F41216 FE67 DA2D 0ACA FC5E 3F75 D6F6 3A0D 8AA0 60F4 1216 -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
Re: unusal fetchmail error
On Wed, Jan 24, 2001 at 01:05:24PM +0200, Antti Tolamo wrote: > At 14:04 24.1.2001, Kozman Balint wrote: > >The problem is with fetchmail: sometimes when it gets defunct after > >downloading messages, it becomes a Zombie This is probably fetchmail or cron bug. What is the parent process of the zombie fetchmail? (ps axf) Marcin -- Marcin Owsiany <[EMAIL PROTECTED]> http://student.uci.agh.edu.pl/~porridge/ GnuPG: 1024D/60F41216 FE67 DA2D 0ACA FC5E 3F75 D6F6 3A0D 8AA0 60F4 1216 -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
Web mail system for Qmail
Hello! I am going to install a web mail reading system. It has to: - support qmail with virtualdomains - have a look that would be reasonably easy to customize - be written in a way that isn't a nightmare to understand/modify - be secure (well, you can't really prove that, but the code shouldn't look suspicious). It doesn't have to be packaged, since it is not a Debian box (but will be, soon. (*evil laughter*) Does anyone have some experience with such systems? It doesn't need to be an out-of-the-box-complete-and-working-solution, since I will have time to customize it extensively. regards Marcin -- Marcin Owsiany <[EMAIL PROTECTED]> http://student.uci.agh.edu.pl/~porridge/ GnuPG: 1024D/60F41216 FE67 DA2D 0ACA FC5E 3F75 D6F6 3A0D 8AA0 60F4 1216 -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
Re: Kernel buffers
On Wed, Jan 10, 2001 at 04:12:08PM +0100, Josep Llauradó Selvas wrote: > Buffer cache eats up main protions of physical memory, currently > 250Mb!!!. It's 'cos it's unused and the kernel leave it if any process > will need more memory AFAIK yes. Kernel tries to turn as much free memory into buffers as it can. This is good, because it will make the system use disk less frequently. Kernel will also shrink the memory devoted to buffers if some program needs it. Marcin -- Marcin Owsiany <[EMAIL PROTECTED]> http://student.uci.agh.edu.pl/~porridge/ GnuPG: 1024D/60F41216 FE67 DA2D 0ACA FC5E 3F75 D6F6 3A0D 8AA0 60F4 1216 -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
Re: identd + SOCKS
On Wed, Jan 10, 2001 at 09:00:06AM -0700, John Gonzalez/netMDC admin wrote: > On Wed, 10 Jan 2001, Marcin Owsiany wrote: > | Will the identd daemon somehow communicate with the bounce > | proxy so that it will return an IP or a hostname of the client > | using the proxy? > > You can run more then one user off the bounce program. It also has > "fake" ident support, which will probably do what you want. Unfortunately it's not what i want. I am using random ident responses now, but I would like the IRC admins to be able to identify a client. Say they ban a user, she will then reconnect and get a different ident :-\ I want to enforce some level of responsibility... > At the very least, if all else fails, you can have multiple installations > running under multiple usernames... but it shouldnt come to that. And that would be nasty, because each client would have to remember his own port number :-( regards Marcin -- Marcin Owsiany <[EMAIL PROTECTED]> http://student.uci.agh.edu.pl/~porridge/ GnuPG: 1024D/60F41216 FE67 DA2D 0ACA FC5E 3F75 D6F6 3A0D 8AA0 60F4 1216 -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
Re: identd + SOCKS
On Wed, Jan 10, 2001 at 08:31:58AM +0100, Christofer Algotsson wrote: > On Tue, Jan 09, 2001 at 12:59:22PM -0700, John Gonzalez/netMDC admin wrote: > > Your customers connect to the bounce box, which is running the > > daemon. This box allows them access to the outside world, bouncing the IRC > > connection. The box itself runs an identd daemon, and the bounce > > daemon. Hmm.. this is worth a look, then. I had thought that such programs are designed for one person, i.e. installation on a user's account. Will the identd daemon somehow communicate with the bounce proxy so that it will return an IP or a hostname of the client using the proxy? > In this case i would run midentd on the socks-server, a ident-daemon > with masq support(IPadress based). But I do not want to masquerade the clients' network, and using midentd would require that, right? regards Marcin -- Marcin Owsiany <[EMAIL PROTECTED]> http://student.uci.agh.edu.pl/~porridge/ GnuPG: 1024D/60F41216 FE67 DA2D 0ACA FC5E 3F75 D6F6 3A0D 8AA0 60F4 1216 -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
Re: identd + SOCKS
On Tue, Jan 09, 2001 at 12:41:03PM -0700, John Gonzalez/netMDC admin wrote: > On Tue, 9 Jan 2001, Marcin Owsiany wrote: > > | Too bad. Looks like i'll need to do some coding, unless there > | exists something I could use instead of SOCKS, like an IRC > | proxy with an builtin ident server? > > There exists many irc "bounce" programs that may accomplish what you > need. Such as ezbounce, bnc, etc. But do they work with ident? Unfortunately running such a bounce program for each of the client box is not an option for me. regards, Marcin -- Marcin Owsiany <[EMAIL PROTECTED]> http://student.uci.agh.edu.pl/~porridge/ GnuPG: 1024D/60F41216 FE67 DA2D 0ACA FC5E 3F75 D6F6 3A0D 8AA0 60F4 1216 -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
Re: identd + SOCKS
On Tue, Jan 09, 2001 at 08:07:28PM +0100, Nicolas Bougues wrote: > On Tue, Jan 09, 2001 at 07:59:10PM +0100, Marcin Owsiany wrote: > This would require some kind of cooperation between the SOCKS proxy (which > knows the real identity of the IRC client) and the identd (which gets > queried back on a a different connection by the IRC server). I thought so as well. > I've never seen any such thing. Too bad. Looks like i'll need to do some coding, unless there exists something I could use instead of SOCKS, like an IRC proxy with an builtin ident server? thanks, Marcin -- Marcin Owsiany <[EMAIL PROTECTED]> http://student.uci.agh.edu.pl/~porridge/ GnuPG: 1024D/60F41216 FE67 DA2D 0ACA FC5E 3F75 D6F6 3A0D 8AA0 60F4 1216 -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
identd + SOCKS
Hi! First, some ascii "art": - -- ||| SOCKS proxy | | IRC| | IRC client || and |--/ /---| server | ||| identd| | | - -- Does anyone know a solution that would allow the IRC server to get an ident reply of the client's IP number instead of the SOCKS server username, when the client connects via the SOCKS server? thanks in advance Marcin -- Marcin Owsiany <[EMAIL PROTECTED]> http://student.uci.agh.edu.pl/~porridge/ GnuPG: 1024D/60F41216 FE67 DA2D 0ACA FC5E 3F75 D6F6 3A0D 8AA0 60F4 1216 -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
Re: Exim+mailmain
On Sat, Dec 16, 2000 at 05:19:12PM -0500, [EMAIL PROTECTED] wrote: > relay_domains = localhost:cayley.dhs.org No. He says he has problems with mailman, nothing else. /usr/doc/mailman/README.Debian says: For users of exim: if you want to use the /etc/aliases file for mailman aliases, you'll need to specify a user=list line or something like that in the system_aliases director. Marcin -- Marcin Owsiany <[EMAIL PROTECTED]> http://student.uci.agh.edu.pl/~porridge/ GnuPG: 1024D/60F41216 FE67 DA2D 0ACA FC5E 3F75 D6F6 3A0D 8AA0 60F4 1216 -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
Re: Delay in connecting to service
On Fri, Oct 06, 2000 at 11:16:00AM +0200, Fredrik Liljegren wrote: > Marcin Owsiany <[EMAIL PROTECTED]> writes: > > On Fri, Oct 06, 2000 at 09:56:44AM +0200, Fredrik Liljegren wrote: > > > Oct 2 08:52:04 bifrost sshd[228]: debug: Forked child 18444. > > > Oct 2 08:53:19 bifrost sshd[18444]: Connection from 10.10.11.5 port 2038 > > > sshd is waiting for DNS lookup timeout > > I don't think so, because that is another delay that we've had earlier > but dont have anymore, like the following: > > Aug 24 17:16:54 bifrost sshd[478]: Accepted rsa for tombe from 10.10.12.5 port 2310 > Aug 24 17:17:09 bifrost sshd[478]: Could not reverse map address 10.10.12.5. > > This comes after the authentication has started, not as the above, > between the fork and the connection to the new child. > > Is there any other DNS-lookup that is done before the child is > connected to the port, that can explain the delay I get when I start > it from inetd also? Yes, in TCP wrappers (tcpd or libwrap). AFAIK sshd is linked with libwrap. > > BTW: This is probably not best place to ask such questions. Use > > debian-isp instead... > > Because they would know more? No, just because debian-devel is a list for discussions on developement of Debian. regards Marcin -- ++ The reason we come up with new versions |Marcin Owsiany | is not to fix bugs. It's the stupidest |[EMAIL PROTECTED]| reason to buy a new version ++ I ever heard.- Bill Gates -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
Re: hosts.deny
On Wed, Sep 06, 2000 at 04:02:12PM -0500, [EMAIL PROTECTED] wrote: > debian potato archive. Not sure why it is working according to what you > wrote, but it is denying everyone not in hosts.allow now. from /usr/doc/ssh/changelog.Debian.gz * use --with-tcp-wrappers (closes: #49545) regards Marcin -- - Marcin Owsiany [EMAIL PROTECTED] -
Re: hosts.deny
On Wed, Sep 06, 2000 at 04:02:12PM -0500, [EMAIL PROTECTED] wrote: > debian potato archive. Not sure why it is working according to what you > wrote, but it is denying everyone not in hosts.allow now. from /usr/doc/ssh/changelog.Debian.gz * use --with-tcp-wrappers (closes: #49545) regards Marcin -- - Marcin Owsiany [EMAIL PROTECTED] - -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
cp [was: Re: ** Emegancy Request **]
On Thu, Aug 17, 2000 at 10:19:52AM -0500, Keith G. Murphy wrote: > > There's always cp -a. I've heard several times that "cp" is not very good at copying files when it comes to copying something more than plain files. Some people suggest using cpio. I used cp -a succesfully several times when copying whole partitions. Does anyone know any problems when using cp in such situations? regards Marcin -- ++ The reason we come up with new versions |Marcin Owsiany | is not to fix bugs. It's the stupidest |[EMAIL PROTECTED]| reason to buy a new version ++ I ever heard.- Bill Gates
cp [was: Re: ** Emegancy Request **]
On Thu, Aug 17, 2000 at 10:19:52AM -0500, Keith G. Murphy wrote: > > There's always cp -a. I've heard several times that "cp" is not very good at copying files when it comes to copying something more than plain files. Some people suggest using cpio. I used cp -a succesfully several times when copying whole partitions. Does anyone know any problems when using cp in such situations? regards Marcin -- ++ The reason we come up with new versions |Marcin Owsiany | is not to fix bugs. It's the stupidest |[EMAIL PROTECTED]| reason to buy a new version ++ I ever heard.- Bill Gates -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
Re: Policy for use of Group Names
On Fri, Mar 31, 2000 at 04:04:02PM +0200, I. Forbes wrote: > Any comments would be appreciated. mosty these march appropiate files in /dev, e.g. add a user to "audio", and he'll be able to play music, add him to "dip" and he'll be able to dial out that's just what i learnt.. i guess there is some more info about it in some Debian policy.. regards, Marcin -- --------- Marcin Owsiany [EMAIL PROTECTED] -
Re: Writing to the root directory of disk partitions
On Thu, Mar 16, 2000 at 02:16:33PM +0100, Wilson Tuma wrote: > Hi list > > On a new mail server I place the /var/log/spool/mail on a different > partition /dev/hda7 > > The command that mounts this valume is > > mount -t ext2 /dev/hda2 /var/log/spool/mail in the file > /etc/rc2.d/S99rmnologin > > The problem I have is send mail can seem to be able to write to > /var/log/spool/mail/ > > Could this have any thing do with the lost&found directory on the root of > the new partion? Or is there something else I am leaving out. Make sure you chown root.mail /var/spool/mail chmod 2775 /var/spool/mail AFTER the partition is mounted. It is not sufficent to chmod/chown the mount directory when the partition is unmounted. also, mounting /var/spool/mail in /etc/rc2.d/S99rmnologin is probably not a good idea. All filesystems should be mounted before the services are activated. Imagine the MTA stores some mail in the directory before the partition is mounted - the messages become invisible! You should probably make a proper entry in /etc/fstab to let this mount automatically in appropiate stage of system startup. regards Marcin -- - Marcin Owsiany [EMAIL PROTECTED] -
