Re: Legal aspects of greylisting in Europe
In the UK you have to "voluntarily" keep logs for the law enforcement agencies for quiet a long time and most major ISPs here are doing this voluntarily. They are currently trying to push something like this through on the EU level, so might be coming to you soon too! mimo David Schmitt wrote: Hi list! Has anyone considered how greylisting should be viewed in the light of european data-protection laws? Especially in Austria it would probably conflict with the requirement to keep connectiondata no longer than required for billing. Regards, David -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
Re: Is gray-listing a one-shot anti-spam measure?
Russell Coker wrote: On Friday 03 December 2004 20:07, Adrian 'Dagurashibanipal' von Bidder <[EMAIL PROTECTED]> wrote: (And - this to Stephen Frost, I believe - there is a patch to postgrey which I will include in the next version, and I believe which will also be included in the next upstream, to whitelist a client IP as soon as one greylisted email came through. So the load on legitimate mailservers will be even smaller.) As has already been suggested it would be good to be able to configure the number of messages that come through before the client IP is white-listed. Also it would be good to be able to configure the amount of time for which a white-list entry is valid. What is a dedicated mail server today may be part of a dial-up IP address range next year... In the implementation I wrote (mimo.gn.apc.org/gps) you would have to modify some lines in db.cpp in the update method. But I think the problem of this would be that initial messages would be even more delayed, depending on the sending server, than they are with normal one-shot greylisting. That already creates a problem (complaints etc since users expect email to be immediate). Though this depends on the configuration, the delays on standard systems would be massive. exim4 on debian comes with this default: F,2h,15m; G,16h,1h,1.5; F,4d,6h Which probably means (I'm guessing) something like a 30 minute delay for the initial message with retry = 2. mimo
amavis/spamassassin not doing rbl checks
We have recently changed from a manual installation of amavisd-new/spamassassin to the debian/unstable one. Now, it does not do the rbl checks anymore. The config files havent changed, and the perl module is there and gets loaded. Need more info? Michael -- Please note that this account is being filtered using anti UCE systems. If you send email to this account make sure that it could not be mistaken as UCE. -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
/lib/libdl-2.3.2.so.dpkg-new
After an upgrade I have notice many entries of this kind in lsof /lib/libdl-2.3.2.so.dpkg-new I have quite a list of such entries (ending in dpkg-new) when I do lsof. I have earched for this in the debian packages repositories but they dont seem to be in any of the packages,. Is this normal or is there something going on here? Thanks, mimo -- Please note that this account is being filtered using anti UCE systems. If you send email to this account make sure that it could not be mistaken as UCE.
/lib/libdl-2.3.2.so.dpkg-new
After an upgrade I have notice many entries of this kind in lsof /lib/libdl-2.3.2.so.dpkg-new I have quite a list of such entries (ending in dpkg-new) when I do lsof. I have earched for this in the debian packages repositories but they dont seem to be in any of the packages,. Is this normal or is there something going on here? Thanks, mimo -- Please note that this account is being filtered using anti UCE systems. If you send email to this account make sure that it could not be mistaken as UCE. -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
Re: SEARCH attack
Hi I have noticed the same here -- have a look at this http://216.239.59.104/search?q=cache:RA7huHM9tEoJ:forums.macosxhints.com/showthread.php%3Ft%3D22371+%22SEARCH+/%5Cx90%5Cx02&hl=en I liked the rewrite solution to throw it to ms... ;) Michael Robert Cates wrote: Hi, I hoping somebody can both fill me in on what this SEARCH is all about, and what I can/should do to stop it: Every so often I find a very long request in my Apache access logs that seems to be an attempted SEARCH ("SEARCH /\x90\x02\xb1\x02\xb1\x02\ ..."). 1). Is this a security problem (on a Linux server)? 2). If so, how can I stop this? I tried to stop it using a , but a configtest told me that "SEARCH" was an undefined or unknown method. I placed the within the container as well as out on it's own in the config file. 3). Is this a Windows platform issue? 4). If so, how can I stop these attempts from filling up my access logs. All info is greatly appreciated! Thanks, Robert -- Please note that this account is being filtered using anti UCE systems. If you send email to this account make sure that it could not be mistaken as UCE.
Re: SEARCH attack
Hi I have noticed the same here -- have a look at this http://216.239.59.104/search?q=cache:RA7huHM9tEoJ:forums.macosxhints.com/showthread.php%3Ft%3D22371+%22SEARCH+/%5Cx90%5Cx02&hl=en I liked the rewrite solution to throw it to ms... ;) Michael Robert Cates wrote: Hi, I hoping somebody can both fill me in on what this SEARCH is all about, and what I can/should do to stop it: Every so often I find a very long request in my Apache access logs that seems to be an attempted SEARCH ("SEARCH /\x90\x02\xb1\x02\xb1\x02\ ..."). 1). Is this a security problem (on a Linux server)? 2). If so, how can I stop this? I tried to stop it using a , but a configtest told me that "SEARCH" was an undefined or unknown method. I placed the within the container as well as out on it's own in the config file. 3). Is this a Windows platform issue? 4). If so, how can I stop these attempts from filling up my access logs. All info is greatly appreciated! Thanks, Robert -- Please note that this account is being filtered using anti UCE systems. If you send email to this account make sure that it could not be mistaken as UCE. -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
apache2+php4
I am trying to setup apache2 from deb http://www.backports.org/debian woody all I can find anything useful about how to get mod php working with it. I have found something about cgi but the module would be much better really. Anyone any ideas? Thanks in advance. Michael -- Please note that this account is being filtered using anti UCE systems. If you send email to this account make sure that it could not be mistaken as UCE.
apache2+php4
I am trying to setup apache2 from deb http://www.backports.org/debian woody all I can find anything useful about how to get mod php working with it. I have found something about cgi but the module would be much better really. Anyone any ideas? Thanks in advance. Michael -- Please note that this account is being filtered using anti UCE systems. If you send email to this account make sure that it could not be mistaken as UCE. -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
Re: ldap
That's true, I hadn't thought of that. Actually it's the disabling of user shell access that brings that security. But has nothing to do with using db, nsswitch. So the real advantage is distribution (as Fraser wrote) and not security. Sorry Rod, I must have been a bit confused yesterday.. Michael Michael Loftis wrote: local means 'can get shell and/or otherwise get machine to execute stuff we want to execute' has nothing to do with /etc/passwd, ldap, nis, mysql, or anything. all they need is a hole that allows them to execute something. --On Wednesday, March 24, 2004 17:48 + mimo <[EMAIL PROTECTED]> wrote: Maybe I'm off topic. WHere do you keep your user accounts at the moment? are they all local users? Most exploits and vulnerabilities are local -- they only apply to your machine if you have (other) local users. So it's more secure to have "virtual" users via nsswitch / pam /etc and some db (ldap, mysql preferably). There are more reasons - but this is the most compelling one I think. Michael Moritz Rod Rodolico wrote: ok, this is a basic question. I am a small IPP (60 domains, 200 users) and I see a lot of stuff about ldap. I searched the web and got some basic info on what it does, but the big question is, how would it be helpful to me? I also run MySQL services, but mainly the server does smtp, imap, pop, http and dns (exim, courier, apache and bind). One box, 200 users, is there any reason I should consider dns? BTW, I also maintain three other web servers for people and use them all as backup servers (using rsync) for each other, but I guess that is not part of the issue here. Thanks, Rod -- Please note that this account is being filtered using anti UCE systems. If you send email to this account make sure that it could not be mistaken as UCE. -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED] -- Michael Loftis Modwest Sr. Systems Administrator Powerful, Affordable Web Hosting GPG/PGP --> 0xE736BD7E 5144 6A2D 977A 6651 DFBE 1462 E351 88B9 E736 BD7E -- Please note that this account is being filtered using anti UCE systems. If you send email to this account make sure that it could not be mistaken as UCE.
Re: ldap
That's true, I hadn't thought of that. Actually it's the disabling of user shell access that brings that security. But has nothing to do with using db, nsswitch. So the real advantage is distribution (as Fraser wrote) and not security. Sorry Rod, I must have been a bit confused yesterday.. Michael Michael Loftis wrote: local means 'can get shell and/or otherwise get machine to execute stuff we want to execute' has nothing to do with /etc/passwd, ldap, nis, mysql, or anything. all they need is a hole that allows them to execute something. --On Wednesday, March 24, 2004 17:48 + mimo <[EMAIL PROTECTED]> wrote: Maybe I'm off topic. WHere do you keep your user accounts at the moment? are they all local users? Most exploits and vulnerabilities are local -- they only apply to your machine if you have (other) local users. So it's more secure to have "virtual" users via nsswitch / pam /etc and some db (ldap, mysql preferably). There are more reasons - but this is the most compelling one I think. Michael Moritz Rod Rodolico wrote: ok, this is a basic question. I am a small IPP (60 domains, 200 users) and I see a lot of stuff about ldap. I searched the web and got some basic info on what it does, but the big question is, how would it be helpful to me? I also run MySQL services, but mainly the server does smtp, imap, pop, http and dns (exim, courier, apache and bind). One box, 200 users, is there any reason I should consider dns? BTW, I also maintain three other web servers for people and use them all as backup servers (using rsync) for each other, but I guess that is not part of the issue here. Thanks, Rod -- Please note that this account is being filtered using anti UCE systems. If you send email to this account make sure that it could not be mistaken as UCE. -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED] -- Michael Loftis Modwest Sr. Systems Administrator Powerful, Affordable Web Hosting GPG/PGP --> 0xE736BD7E 5144 6A2D 977A 6651 DFBE 1462 E351 88B9 E736 BD7E -- Please note that this account is being filtered using anti UCE systems. If you send email to this account make sure that it could not be mistaken as UCE. -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
Re: ldap
Maybe I'm off topic. WHere do you keep your user accounts at the moment? are they all local users? Most exploits and vulnerabilities are local -- they only apply to your machine if you have (other) local users. So it's more secure to have "virtual" users via nsswitch / pam /etc and some db (ldap, mysql preferably). There are more reasons - but this is the most compelling one I think. Michael Moritz Rod Rodolico wrote: ok, this is a basic question. I am a small IPP (60 domains, 200 users) and I see a lot of stuff about ldap. I searched the web and got some basic info on what it does, but the big question is, how would it be helpful to me? I also run MySQL services, but mainly the server does smtp, imap, pop, http and dns (exim, courier, apache and bind). One box, 200 users, is there any reason I should consider dns? BTW, I also maintain three other web servers for people and use them all as backup servers (using rsync) for each other, but I guess that is not part of the issue here. Thanks, Rod -- Please note that this account is being filtered using anti UCE systems. If you send email to this account make sure that it could not be mistaken as UCE.
Re: ldap
Maybe I'm off topic. WHere do you keep your user accounts at the moment? are they all local users? Most exploits and vulnerabilities are local -- they only apply to your machine if you have (other) local users. So it's more secure to have "virtual" users via nsswitch / pam /etc and some db (ldap, mysql preferably). There are more reasons - but this is the most compelling one I think. Michael Moritz Rod Rodolico wrote: ok, this is a basic question. I am a small IPP (60 domains, 200 users) and I see a lot of stuff about ldap. I searched the web and got some basic info on what it does, but the big question is, how would it be helpful to me? I also run MySQL services, but mainly the server does smtp, imap, pop, http and dns (exim, courier, apache and bind). One box, 200 users, is there any reason I should consider dns? BTW, I also maintain three other web servers for people and use them all as backup servers (using rsync) for each other, but I guess that is not part of the issue here. Thanks, Rod -- Please note that this account is being filtered using anti UCE systems. If you send email to this account make sure that it could not be mistaken as UCE. -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
Re: SOT: killhttpd - or any process maybe
Ok - just answering my own question for future reference. I found this one and it's great! http://sysfence.sourceforge.net/ mimo mimo wrote: Slightly off topic: we have an old server running old RedHat and there is no way of updating it so will have to rebuild it. One thing with its apache is that it keeps generating huge server load - probably because of some cms. Anyway I was looking for a daemon that monitors a group of processes and - if they generate too much load over a long period of time - kill them. I have found this one: (procmurderd) http://216.239.59.104/search?q=cache:fkRxpKTfiEEJ:www.he.net/adm/procmurderd.html+kill+load+daemon&hl=en&ie=UTF-8 which would do what I want and a bit more. But tehre is no source code there and couldnt find it anywhere else. Does anzone know of such a daemon, used one? Thanks, mimo -- Please note that this account is being filtered using anti UCE systems. If you send email to this account make sure that it could not be mistaken as UCE.
Re: SOT: killhttpd - or any process maybe
Ok - just answering my own question for future reference. I found this one and it's great! http://sysfence.sourceforge.net/ mimo mimo wrote: Slightly off topic: we have an old server running old RedHat and there is no way of updating it so will have to rebuild it. One thing with its apache is that it keeps generating huge server load - probably because of some cms. Anyway I was looking for a daemon that monitors a group of processes and - if they generate too much load over a long period of time - kill them. I have found this one: (procmurderd) http://216.239.59.104/search?q=cache:fkRxpKTfiEEJ:www.he.net/adm/procmurderd.html+kill+load+daemon&hl=en&ie=UTF-8 which would do what I want and a bit more. But tehre is no source code there and couldnt find it anywhere else. Does anzone know of such a daemon, used one? Thanks, mimo -- Please note that this account is being filtered using anti UCE systems. If you send email to this account make sure that it could not be mistaken as UCE. -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
Re: Apache 1.3.26 + Frontpage Extensions + dpkg-buildpackage
I have managed to set this up using mod-mirfak (libapache-mod-frontpage-mirfak). I think I had to hack it a bit - let me know if it doesnt work immediately. mimo David Ross wrote: Hi All I am trying to install FrontPage Extensions support with Apache 1.3.26 on a Debian Woody box. I got the patch from ftp://ftp.rtr.com/pub/fp-patch-apache_1.3.22.Z and gunzipped it. From there on I followed the following instructions: apt-get source apache cd apache-1.3.26/upstream/tarballs tar xvzf apache_1.3.26.tar.gz cd apache_1.3.26 patch -p1 fp-patch-apache_1.3.22 cd apache-1.3.26 dpkg-buildpackage -rfakeroot -b cd .. dpkg -i apache-common dpkg -i apache When it came to patching the apache source I had to do patch -p1 < /usr/src/apache/fp-patch-apache_1.3.22 because I had errors trying to patch it with the above method. After taking care of a few dependency problems I tried to run the dpkg-buildpackage command but I got the following error message: duys:/usr/src/apache/apache-1.3.26# dpkg-buildpackage -rfakeroot -b dpkg-buildpackage: source package is apache dpkg-buildpackage: source version is 1.3.26-0woody3 dpkg-buildpackage: source maintainer is Martin Schulze <[EMAIL PROTECTED]> dpkg-buildpackage: host architecture is i386 fakeroot debian/rules clean dh_testdir dh_testroot rm -rf build-stamp install-stamp configure-stamp rm -f debian/apaci debian/buildinfo.Debian rm -f debian/{*.gif,*.jpg,*.gz,local-apxs,apxs} o debian/o rm -rf debian/debian debian/docs debian/apache-dev.docs debian/apache-doc.docs debian/apache-common.examples debian/examples contrib/*/*o chmod +x debian/{*post*,*preinst*,*prerm*,modchk} chmod +x debian/{ubersed,apacheconfig,sys-build.mk,scripts/*.*} /usr/bin/make -f debian/sys-build.mk source.clean make[1]: Entering directory `/usr/src/apache/apache-1.3.26' make[1]: Leaving directory `/usr/src/apache/apache-1.3.26' rm -rf debian.diff debian/stampdir dh_clean debian/rules build /usr/bin/make -f debian/sys-build.mk source.make make[1]: Entering directory `/usr/src/apache/apache-1.3.26' Extracting upstream tarball upstream/tarballs/apache-contrib-1.0.8-nomodcvs.tar.gz successful. Extracting upstream tarball upstream/tarballs/apache_1.3.26.tar.gz successful. Extracting upstream tarball upstream/tarballs/apache_1.3.26/ABOUT_APACHEtar: This does not look like a tar archive tar: Skipping to next header tar: Error exit delayed from previous errors failed! make[1]: *** [debian/stampdir/source.unpack] Error 1 make[1]: Leaving directory `/usr/src/apache/apache-1.3.26' make: *** [debian/stampdir/source.make] Error 2 Has anyone seen anything like this before? Is there something I need to do before I try build the package? The instructions I have been following can be found at http://archives.neohapsis.com/archives/linux/debian/2002-q4/0488.html Any help at all will be greatly appreciated! Thanks. Dave -- Please note that this account is being filtered using anti UCE systems. If you send email to this account make sure that it could not be mistaken as UCE.
SOT: killhttpd - or any process maybe
Slightly off topic: we have an old server running old RedHat and there is no way of updating it so will have to rebuild it. One thing with its apache is that it keeps generating huge server load - probably because of some cms. Anyway I was looking for a daemon that monitors a group of processes and - if they generate too much load over a long period of time - kill them. I have found this one: (procmurderd) http://216.239.59.104/search?q=cache:fkRxpKTfiEEJ:www.he.net/adm/procmurderd.html+kill+load+daemon&hl=en&ie=UTF-8 which would do what I want and a bit more. But tehre is no source code there and couldnt find it anywhere else. Does anzone know of such a daemon, used one? Thanks, mimo -- Please note that this account is being filtered using anti UCE systems. If you send email to this account make sure that it could not be mistaken as UCE.
Re: Apache 1.3.26 + Frontpage Extensions + dpkg-buildpackage
I have managed to set this up using mod-mirfak (libapache-mod-frontpage-mirfak). I think I had to hack it a bit - let me know if it doesnt work immediately. mimo David Ross wrote: Hi All I am trying to install FrontPage Extensions support with Apache 1.3.26 on a Debian Woody box. I got the patch from ftp://ftp.rtr.com/pub/fp-patch-apache_1.3.22.Z and gunzipped it. From there on I followed the following instructions: apt-get source apache cd apache-1.3.26/upstream/tarballs tar xvzf apache_1.3.26.tar.gz cd apache_1.3.26 patch -p1 fp-patch-apache_1.3.22 cd apache-1.3.26 dpkg-buildpackage -rfakeroot -b cd .. dpkg -i apache-common dpkg -i apache When it came to patching the apache source I had to do patch -p1 < /usr/src/apache/fp-patch-apache_1.3.22 because I had errors trying to patch it with the above method. After taking care of a few dependency problems I tried to run the dpkg-buildpackage command but I got the following error message: duys:/usr/src/apache/apache-1.3.26# dpkg-buildpackage -rfakeroot -b dpkg-buildpackage: source package is apache dpkg-buildpackage: source version is 1.3.26-0woody3 dpkg-buildpackage: source maintainer is Martin Schulze <[EMAIL PROTECTED]> dpkg-buildpackage: host architecture is i386 fakeroot debian/rules clean dh_testdir dh_testroot rm -rf build-stamp install-stamp configure-stamp rm -f debian/apaci debian/buildinfo.Debian rm -f debian/{*.gif,*.jpg,*.gz,local-apxs,apxs} o debian/o rm -rf debian/debian debian/docs debian/apache-dev.docs debian/apache-doc.docs debian/apache-common.examples debian/examples contrib/*/*o chmod +x debian/{*post*,*preinst*,*prerm*,modchk} chmod +x debian/{ubersed,apacheconfig,sys-build.mk,scripts/*.*} /usr/bin/make -f debian/sys-build.mk source.clean make[1]: Entering directory `/usr/src/apache/apache-1.3.26' make[1]: Leaving directory `/usr/src/apache/apache-1.3.26' rm -rf debian.diff debian/stampdir dh_clean debian/rules build /usr/bin/make -f debian/sys-build.mk source.make make[1]: Entering directory `/usr/src/apache/apache-1.3.26' Extracting upstream tarball upstream/tarballs/apache-contrib-1.0.8-nomodcvs.tar.gz successful. Extracting upstream tarball upstream/tarballs/apache_1.3.26.tar.gz successful. Extracting upstream tarball upstream/tarballs/apache_1.3.26/ABOUT_APACHEtar: This does not look like a tar archive tar: Skipping to next header tar: Error exit delayed from previous errors failed! make[1]: *** [debian/stampdir/source.unpack] Error 1 make[1]: Leaving directory `/usr/src/apache/apache-1.3.26' make: *** [debian/stampdir/source.make] Error 2 Has anyone seen anything like this before? Is there something I need to do before I try build the package? The instructions I have been following can be found at http://archives.neohapsis.com/archives/linux/debian/2002-q4/0488.html Any help at all will be greatly appreciated! Thanks. Dave -- Please note that this account is being filtered using anti UCE systems. If you send email to this account make sure that it could not be mistaken as UCE. -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
SOT: killhttpd - or any process maybe
Slightly off topic: we have an old server running old RedHat and there is no way of updating it so will have to rebuild it. One thing with its apache is that it keeps generating huge server load - probably because of some cms. Anyway I was looking for a daemon that monitors a group of processes and - if they generate too much load over a long period of time - kill them. I have found this one: (procmurderd) http://216.239.59.104/search?q=cache:fkRxpKTfiEEJ:www.he.net/adm/procmurderd.html+kill+load+daemon&hl=en&ie=UTF-8 which would do what I want and a bit more. But tehre is no source code there and couldnt find it anywhere else. Does anzone know of such a daemon, used one? Thanks, mimo -- Please note that this account is being filtered using anti UCE systems. If you send email to this account make sure that it could not be mistaken as UCE. -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
Re: Moving Sites
just trying to help - what about a combination of procmail and nfs. procmail to put a copy of anything new incoming onto the nfs mount. the nfs mount on the new server. something like this could work... mimo Rod Rodolico wrote: Stupid Question: I have about 50 web sites and a few hundred e-mail accounts to move to a new server. New IP address, etc... Web sites are no problem, but I do not want my clients to notice any problems with e-mail. They have IMAP available, so many of the clients store their e-mail on the server. Any ideas on how to move the e-mail accounts seamlessly. I have all their MX records pointing to one address: mail.dailydata.net. -- Please note that this account is being filtered using anti UCE systems. If you send email to this account make sure that it could not be mistaken as UCE.
Re: Moving Sites
just trying to help - what about a combination of procmail and nfs. procmail to put a copy of anything new incoming onto the nfs mount. the nfs mount on the new server. something like this could work... mimo Rod Rodolico wrote: Stupid Question: I have about 50 web sites and a few hundred e-mail accounts to move to a new server. New IP address, etc... Web sites are no problem, but I do not want my clients to notice any problems with e-mail. They have IMAP available, so many of the clients store their e-mail on the server. Any ideas on how to move the e-mail accounts seamlessly. I have all their MX records pointing to one address: mail.dailydata.net. -- Please note that this account is being filtered using anti UCE systems. If you send email to this account make sure that it could not be mistaken as UCE. -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
Re: Accessing remote machines
You can still use local users even if you use pam (+nsswitch will be necessary). You specify this in nsswitch.conf. Also, you can configure the pam config files so that it allows both local (unix) and ldap users. You shouldnt need to drop the firewall at certain times. mimo Giacomo A. Catenazzi wrote: Hello. I want to hack PAM authentification in a remote machine (moving to pam_ldap), but I want to be sure to continue to access the machine if something go wrong. So I ask you: How do you handle special access to remote machines? For firewall hacking I used 'cron' to disable the firewalls at a specified time, but for PAM it seems some more difficult. I'm thinking about compiling sshd without PAM support, set some strict rules about who/how can connect, and attach it to a 'private' port. Would this works? I will act as root without problems, also if my PAM rules are wrong? ciao giacomo -- Please note that this account is being filtered using anti UCE systems. If you send email to this account make sure that it could not be mistaken as UCE. -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
Re: Hot-backup a complete Debian install
Looking through the debian package list I have noticed this a while ago: afbackup This is a client-server backup system offering several workstations a centralized backup to a special backup server. Backing up only one computer is easily possible, too. Any streaming device can be used for writing the data to it, usually this will be a tape device. Writing backups is normally done sequentially: The next writing to tape goes to the end of the previous write no matter where you have restored from in the meantime. Has anyone ever tried it? Regarding your question I would vote for tar too - though rsync and dump (never used - doesn't work with reiserfs) seem to be used a lot of other people. Actually, looking through the debian package list produces quite a number of interesting things.. Michael Moritz Roman Medina wrote: Hi, I'd like to know which tools&methods do you prefer for backing up a complete Linux install _in a production environment_, i.e., _without having to shut down the machine or unmount partitions_. The machine needs to be always alive and it will be remotely administered. I'd like to hear your opinion about the following idea. 1) I have LVM + ext3, with a distribution like: linux:~# mount /dev/hda3 on / type ext3 (rw,errors=remount-ro) proc on /proc type proc (rw) devpts on /dev/pts type devpts (rw,gid=5,mode=620) /dev/rs/usr on /usr type ext3 (rw,nodev) /dev/rs/var on /var type ext3 (rw,nodev,usrquota) /dev/rs/tmp on /tmp type ext3 (rw,nosuid,nodev,usrquota) /dev/rs/www on /www type ext3 (rw,nosuid,nodev,usrquota) /dev/rs/ftp on /ftp type ext3 (rw,nosuid,nodev,usrquota) /dev/rs/mail on /mail type ext3 (rw,nosuid,nodev,usrquota) /dev/hda2 on /boot type ext3 (rw) rs-hosting:~# 2) Root and boot partitions are not LVM based, but they're quite static, since data and logs are stored in other partitions. Is it safe to use "dump" here (keeping the partition mounted)? 3) All the "dynamic" partitions are LVM-based, so the idea is taking one snapshot of each partition and use "dump" util over the snapshot? Is it a good idea? Would it work? Please, I'd like to receive comments / another ideas on this issue. Thanks. Saludos, --Roman -- PGP Fingerprint: 09BB EFCD 21ED 4E79 25FB 29E1 E47F 8A7D EAD5 6742 [Key ID: 0xEAD56742. Available at KeyServ] -- Please note that this account is being filtered using anti UCE systems. If you send email to this account make sure that it could not be mistaken as UCE. -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
Re: Postfix: Multiple recipients alias?
The best thing to do is set up a mailing list - e.g. mailman. It's easy to maintain and takes care of spoofing when you set it to allow subscribers only to post. We are only ~7 people in our company - still it makes sense for us to use mailman instead of a list in postfix. Hope this helps. Michael R.M. Evers wrote: Thank you all for your input. The method described in the e-mails from the postfix user list (links below) seems to work. The only disadvantage seems to be, that the method is vulnerable for sender-spoofing.. So creating a virtual like '[EMAIL PROTECTED]' will be out of the question.. :-) Thanks again, -Rodi On Fri, 2003-09-26 at 23:17, Christian Kurz wrote: On [26/09/03 13:40], R.M. Evers wrote: Hi, This could be a stupid question, but I'm trying to accomplish the following: In our company, we run a Debian mailserver with Postfix. The server runs a lot of accounts and virtual domains for our customers, but also for our own employees. Now, what i want to do, is make some sort of alias for our employees, so that they can send an e-mail to, for example "[EMAIL PROTECTED]", which would deliver to all of our mailboxes. But, I only want this alias to be available for our own employees. Not for the outside world, of course.. Would this be possible? I'm not sure since I never tested it, but I think using smtpd_restriction_classes might help with this. Take a look at the following e-Mails from the postfix user list: http://archives.neohapsis.com/archives/postfix/2000-02/0819.html http://archives.neohapsis.com/archives/postfix/1999-q4/1617.html Christian
Re: proftpd exploit
Thanks, I checked on security.debian.org but couldn't find anything - so probably a sign not to worry too much. Michael Fraser Campbell wrote: On Friday 26 September 2003 09:33, mimo wrote: I have just discovered this exploit report but couldn't find anything about other distros than Slackware http://proftpd.linux.co.uk/index.html Does any body know if the debian version is affected too? You should always take a look at bug reports if you're worried about a security issue. Here's the bug report on this for Debian: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=212416 According to the bug report, woody is not vulnerable. ISS says that versions 1.2.7 through 1.2.9rc2 (and possibly versions prior to 1.2.7) are vulnerable. I suspect that someone somewhere has since tested ealier versions (woody runs a patched 1.2.4) and decided that those versions are not vulnerable. It would be nice if the bug report noted on what evidence stable is not affected. All I could think of for the moment was disabling donwloading via FTP globally. Any ideas? Yes it sounds like denying either uploads or downloads would have saved you.
proftpd exploit
I have just discovered this exploit report but couldn't find anything about other distros than Slackware http://proftpd.linux.co.uk/index.html Does any body know if the debian version is affected too? All I could think of for the moment was disabling donwloading via FTP globally. Any ideas? Thanks Michael -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
tping - tool for connectivity testing
http://mimo.gn.apc.org/tping.html I thought I share this little tool - maybe someone finds it as useful as I do. Comments welcome! Michael PS.: there is also a spmalister - see http://mimo.gn.apc.org/spamlister.html -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
Re: Funny NFS
Not that I have experienced anything like this before. But it looks as if parts of the kernel source code were in some way corrupted. Otherwise it's difficult to see why that definition would show up. Michael Dave wrote: Hi Guys, I recently upgraded from 2.4.18 to 2.4.20 but am getting strange errors(?) whenever I log onto the box now. I loaded the 2.4.18 config with the 2.4.20 source and compiled like that, so I'm sure I never left anything out. [EMAIL PROTECTED]'s password: Last login: Mon Sep 22 09:04:05 2003 from 192.168.11.2 on pts/1 Linux valhalla 2.4.20-valhalla #1 Thu Sep 18 08:21:07 SAST 2003 i686 unknown struct nfs_fh * fh; const char *name; unsigned intle Last login: Mon Sep 22 09:04:05 2003 from 192.168.11.2 valhalla:~# Been looking online for similar problems but just getting results of OLD NFS bugs. Everything on this box is running fine however. Any help would be greatly appreciated. Thanks, Dave -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
Re: Web administration for postfix?
Have a look at the postfix+Cyrus+web cyrusadmin howto Michael > Hi, > > I am currently running Qmail with vpopmail, but am looking into > Postfix. Does anyone know if there is a similar thing like vpopmail for > Postfix.I would like to give my customers the chance to create and > modify their own mailboxes, aliases etc. > Thanks! > > - Jasper > > > > -- > To UNSUBSCRIBE, email to [EMAIL PROTECTED] > with a subject of "unsubscribe". Trouble? Contact > [EMAIL PROTECTED] - This email was sent using SquirrelMail. "Webmail for nuts!" http://squirrelmail.org/ -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
Re: Dovecot
Adrian von Bidder wrote: Can you share your experiences? How does dovecot perform? Does it support SSL I haven't measured performance issues and yes it supports SSL. I have also tried courier and got it working on the same machine. I thought it would support users' mailboxes in MySQL (does this exist at all?!) so I'd get around having home dirs. Then I found out that it only allowed for authentication against MySQL which dovecot can also do. And I also had this problem that it needs its own mailbox format. Dovecot I found easier as it was already configured to use the right mailboxes. If you download it there is more info on configuration. At the moment I'm experimenting with default_mail_env = mbox:/var/imap/mail/%d/%n/:INBOX=/var/mail/%u to have users' files at least in one directory tree and not split up all over the file system. Maybe this is the kind of configuration info you were asking for? (I guess so since it depends on gnutls)? What configuration options does it have? I guess since it supports standard mailboxen, standard mail delivery via procmail can be used by default. ? not sure about what you asking about delievery via procmail. postfix leaves stuff in /var/mail/ and dovecot uses this. I guess you can have procmail in between. Yes, I'll do my own homework - but if people can give a recommendation pro or contra, I might have an idea where to set my hopes. (Ok, it should be an improvement over uw-imapd in any case ;-) I have tested really only courier and dovecot so far. courier seems to be a complete solution for virtual mail domains. I guess this is particularly good if you are starting from scratch. and it has this nice cyrus admin web interface! dovecot seems usefull for adding IMAP to an existing server. Michael Moritz -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
Re: Sendmail or Qmail ? ..
I have just played around with dovecot imap server. I can use your existing mail spool files. Also it allows for craetion of IMAP folders in users' home dirs which worries me a bit. I'd rather have the mailbox in MySQL or something like that. But that's a differnet discussion I guess. Michael Eric Sproul wrote: On Fri, 2003-09-05 at 11:19, Tinus Nijmeijers wrote: cyrus huh? in that case: is cyrus-popd a drop-in replacement for UW-pop (ipopd) on debian? I seem to remember it is not. You are correct. Cyrus uses a completely different method for storing mail, so you cannot just install its POP daemon. You would have to convert your existing mail spool to Cyrus's format. Eric
Re: Ldap basic authentication
That one still works (thanks to Google) - though links mightn't.. http://216.239.41.100/search?q=cache:778hLStDj0IJ:wiki.debian.net/LdapAuthentication+ldap+debian+wiki&hl=en&ie=UTF-8 mm Donovan Baarda wrote: On Tue, 2003-05-20 at 20:40, Ghe Rivero wrote: Hi! I'm configuring a Ldap server in one of my machines. In the client i can see the user perfectly but anytime i try to access like an user i always get: su: Authentication service cannot retrieve authentication info. Sorry. I had all this documented on the wiki at wiki.debian.net, but it's down at the moment :-( I think I'm going to have to start keeping copies of everything I put on external wiki's... that's two lots of useful documentation I wrote that has been "lost".
Re: Ldap basic authentication
That one still works (thanks to Google) - though links mightn't.. http://216.239.41.100/search?q=cache:778hLStDj0IJ:wiki.debian.net/LdapAuthentication+ldap+debian+wiki&hl=en&ie=UTF-8 mm Donovan Baarda wrote: On Tue, 2003-05-20 at 20:40, Ghe Rivero wrote: Hi! I'm configuring a Ldap server in one of my machines. In the client i can see the user perfectly but anytime i try to access like an user i always get: su: Authentication service cannot retrieve authentication info. Sorry. I had all this documented on the wiki at wiki.debian.net, but it's down at the moment :-( I think I'm going to have to start keeping copies of everything I put on external wiki's... that's two lots of useful documentation I wrote that has been "lost".
Re: Which (simple) Wiki?
I installed usemod for an 'intranet' wiki - very simple perl script - no thrills. needs a folder with 777 permissions unless you have suexec. I can recommend it so far. Hope this helps Michael Moritz Dominik Schulz wrote: Hi, I'm looking for a very simple Wiki. It should be easy to install and have a very clear design. It's meant for a very limited amount of users (less than 10) so I don't need any kind of authtentification. Every Wiki I've found is much to overloaded for my needs. Any suggestions would be very appreciated. Mit freundlichen Gruessen / Best regards Dominik Schulz
Re: realtime email backup across computer centers
I would try an NFS mount + procmail recipe: 1. mount something from server B on server A 2. (on server A) create a procmail recipe to copy all incoming mail additionally onto the mount from server B Michael Moritz Stephan Poehlsen wrote: Hi, How would you realize a realtime email-backup across two different computers in two different computer-centers? Let's say I have a mail-server A in city A and a backup-mail-server B in city B. So if an airplain crashs one computer-center, no email gets lost. I think all mail must be forwarded from server A to B (and must be acknowledged from B) before server A acknowleges incomming mail. Does there exists a solution? Maybe with qmail? Stephan
Re: exponential mail queue growth postfix - Connection timed out
Hi, I have done my research on this - it seems that the major part (99%) of timeouts happen with mail.layer-hosting.com[160.116.16.83]. mm mimo wrote: I am not sure if this is directly related to DEBIAN isp but anyway, since people on this list seem quite experienced I might as well ask you. This is a postfix-1.1.11 running on RedHat 9.0 (not my fault:) - I usually have a mail queue of about 500 messages. Last week (and after a colleague upgraded and left for Australia) the queue started growing exponentially. Today it's about a 2000 messages sitting there (my q-size is calculated from 'active' and 'deferred'). I have tried pflogsumm-1.0.4.pl and noticed alot of 'Connection timed out' messages: /var/log/maillog:14153 /var/log/maillog.1:31009 /var/log/maillog.2:31069 /var/log/maillog.3:30377 /var/log/maillog.4:20078 /var/log/maillog.5:18484 /var/log/maillog.6:13999 /var/log/maillog.7:15149 I have found something about concurrent connections which might correct this - any ideas? That's all I know so far. Any help highly appreciated. Michael Moritz /etc/postfix/master.cf # == # service type private unpriv chroot wakeup maxproc command + args # (yes) (yes) (yes) (never) (50) # == smtpinetn - y - - smtpd #smtpsinet n - n - - smtpd # -o smtpd_tls_wrappermode=yes -o smtpd_sasl_auth_enable=yes #submission inetn - n - - smtpd # -o smtpd_enforce_tls=yes -o smtpd_sasl_auth_enable=yes #628 inet n - n - - qmqpd pickup fifon - y 60 1 pickup cleanup unixn - y - 0 cleanup #qmgr fifo n - n 300 1 qmgr qmgrfifon - y 300 1 nqmgr #tlsmgr fifo - - n 300 1 tlsmgr rewrite unix- - y - - trivial-rewrite bounce unix- - y - 0 bounce defer unix- - y - 0 bounce flush unixn - y 1000? 0 flush smtpunix- - y - - smtp showq unixn - y - - showq error unix- - y - - error local unix - n n - - local virtual unix- n y - - virtual lmtpunix- - y - - lmtp # # Interfaces to non-Postfix software. Be sure to examine the manual # pages of the non-Postfix software to find out what options it wants. # The Cyrus deliver program has changed incompatibly. # cyrus unix - n n - - pipe flags=R user=cyrus argv=/cyrus/bin/deliver -e -m ${extension} ${user} uucp unix - n n - - pipe flags=Fqhu user=uucp argv=uux -r -n -z -a$sender - $nexthop!rmail.postfix ($recipient) ifmailunix - n n - - pipe flags=F user=ftn argv=/usr/lib/ifmail/ifmail -r $nexthop ($recipient) bsmtp unix - n n - - pipe flags=Fq. user=foo argv=/usr/local/sbin/bsmtp -f $sender $nexthop $recipient
exponential mail queue growth postfix - Connection timed out
I am not sure if this is directly related to DEBIAN isp but anyway, since people on this list seem quite experienced I might as well ask you. This is a postfix-1.1.11 running on RedHat 9.0 (not my fault:) - I usually have a mail queue of about 500 messages. Last week (and after a colleague upgraded and left for Australia) the queue started growing exponentially. Today it's about a 2000 messages sitting there (my q-size is calculated from 'active' and 'deferred'). I have tried pflogsumm-1.0.4.pl and noticed alot of 'Connection timed out' messages: /var/log/maillog:14153 /var/log/maillog.1:31009 /var/log/maillog.2:31069 /var/log/maillog.3:30377 /var/log/maillog.4:20078 /var/log/maillog.5:18484 /var/log/maillog.6:13999 /var/log/maillog.7:15149 I have found something about concurrent connections which might correct this - any ideas? That's all I know so far. Any help highly appreciated. Michael Moritz /etc/postfix/master.cf # == # service type private unpriv chroot wakeup maxproc command + args # (yes) (yes) (yes) (never) (50) # == smtpinetn - y - - smtpd #smtpsinet n - n - - smtpd # -o smtpd_tls_wrappermode=yes -o smtpd_sasl_auth_enable=yes #submission inetn - n - - smtpd # -o smtpd_enforce_tls=yes -o smtpd_sasl_auth_enable=yes #628 inet n - n - - qmqpd pickup fifon - y 60 1 pickup cleanup unixn - y - 0 cleanup #qmgr fifo n - n 300 1 qmgr qmgrfifon - y 300 1 nqmgr #tlsmgr fifo - - n 300 1 tlsmgr rewrite unix- - y - - trivial-rewrite bounce unix- - y - 0 bounce defer unix- - y - 0 bounce flush unixn - y 1000? 0 flush smtpunix- - y - - smtp showq unixn - y - - showq error unix- - y - - error local unix - n n - - local virtual unix- n y - - virtual lmtpunix- - y - - lmtp # # Interfaces to non-Postfix software. Be sure to examine the manual # pages of the non-Postfix software to find out what options it wants. # The Cyrus deliver program has changed incompatibly. # cyrus unix - n n - - pipe flags=R user=cyrus argv=/cyrus/bin/deliver -e -m ${extension} ${user} uucp unix - n n - - pipe flags=Fqhu user=uucp argv=uux -r -n -z -a$sender - $nexthop!rmail.postfix ($recipient) ifmailunix - n n - - pipe flags=F user=ftn argv=/usr/lib/ifmail/ifmail -r $nexthop ($recipient) bsmtp unix - n n - - pipe flags=Fq. user=foo argv=/usr/local/sbin/bsmtp -f $sender $nexthop $recipient
Re: Big hard drive - not recognised
okay - I just read: "For large IDE disks (over 137 GB): make sure your kernel is 2.4.19/2.5.3 or later." in the Large Disk HOWTO http://www.win.tue.nl/~aeb/linux/Large-Disk-1.html Sorry - this works fine Michael mimo wrote: I have been looking through the kernel mailing list but couldn't find anything on this. I have two big IDE harddrives in the machine - 200 Gig each. dmesg: Uniform Multi-Platform E-IDE driver Revision: 6.31 ide: Assuming 33MHz system bus speed for PIO modes; override with idebus=xx PIIX4: IDE controller on PCI bus 00 dev f9 PIIX4: chipset revision 5 PIIX4: not 100% native mode: will probe irqs later ide0: BM-DMA at 0xffa0-0xffa7, BIOS settings: hda:DMA, hdb:DMA ide1: BM-DMA at 0xffa8-0xffaf, BIOS settings: hdc:DMA, hdd:pio hda: WDC WD2000JB-00DUA0, ATA DISK drive hdb: WDC WD2000JB-00DUA0, ATA DISK drive *snipsnip* ide0 at 0x1f0-0x1f7,0x3f6 on irq 14 ide1 at 0x170-0x177,0x376 on irq 15 hda: 268435455 sectors (137439 MB) w/8192KiB Cache, CHS=16709/255/63 hdb: 268435455 sectors (137439 MB) w/8192KiB Cache, CHS=16709/255/63 so the kernel detects it as 137 MB only This is on.. [EMAIL PROTECTED]:~$ uname -a Linux blue 2.4.18-bf2.4 #1 Son Apr 14 09:53:28 CEST 2002 i686 unknown unknown GNU/Linux Any ideas? Michael Moritz
Big hard drive - not recognised
I have been looking through the kernel mailing list but couldn't find anything on this. I have two big IDE harddrives in the machine - 200 Gig each. dmesg: Uniform Multi-Platform E-IDE driver Revision: 6.31 ide: Assuming 33MHz system bus speed for PIO modes; override with idebus=xx PIIX4: IDE controller on PCI bus 00 dev f9 PIIX4: chipset revision 5 PIIX4: not 100% native mode: will probe irqs later ide0: BM-DMA at 0xffa0-0xffa7, BIOS settings: hda:DMA, hdb:DMA ide1: BM-DMA at 0xffa8-0xffaf, BIOS settings: hdc:DMA, hdd:pio hda: WDC WD2000JB-00DUA0, ATA DISK drive hdb: WDC WD2000JB-00DUA0, ATA DISK drive *snipsnip* ide0 at 0x1f0-0x1f7,0x3f6 on irq 14 ide1 at 0x170-0x177,0x376 on irq 15 hda: 268435455 sectors (137439 MB) w/8192KiB Cache, CHS=16709/255/63 hdb: 268435455 sectors (137439 MB) w/8192KiB Cache, CHS=16709/255/63 so the kernel detects it as 137 MB only This is on.. [EMAIL PROTECTED]:~$ uname -a Linux blue 2.4.18-bf2.4 #1 Son Apr 14 09:53:28 CEST 2002 i686 unknown unknown GNU/Linux Any ideas? Michael Moritz
Re: Big hard drive - not recognised
okay - I just read: "For large IDE disks (over 137 GB): make sure your kernel is 2.4.19/2.5.3 or later." in the Large Disk HOWTO http://www.win.tue.nl/~aeb/linux/Large-Disk-1.html Sorry - this works fine Michael mimo wrote: I have been looking through the kernel mailing list but couldn't find anything on this. I have two big IDE harddrives in the machine - 200 Gig each. dmesg: Uniform Multi-Platform E-IDE driver Revision: 6.31 ide: Assuming 33MHz system bus speed for PIO modes; override with idebus=xx PIIX4: IDE controller on PCI bus 00 dev f9 PIIX4: chipset revision 5 PIIX4: not 100% native mode: will probe irqs later ide0: BM-DMA at 0xffa0-0xffa7, BIOS settings: hda:DMA, hdb:DMA ide1: BM-DMA at 0xffa8-0xffaf, BIOS settings: hdc:DMA, hdd:pio hda: WDC WD2000JB-00DUA0, ATA DISK drive hdb: WDC WD2000JB-00DUA0, ATA DISK drive *snipsnip* ide0 at 0x1f0-0x1f7,0x3f6 on irq 14 ide1 at 0x170-0x177,0x376 on irq 15 hda: 268435455 sectors (137439 MB) w/8192KiB Cache, CHS=16709/255/63 hdb: 268435455 sectors (137439 MB) w/8192KiB Cache, CHS=16709/255/63 so the kernel detects it as 137 MB only This is on.. [EMAIL PROTECTED]:~$ uname -a Linux blue 2.4.18-bf2.4 #1 Son Apr 14 09:53:28 CEST 2002 i686 unknown unknown GNU/Linux Any ideas? Michael Moritz -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
Big hard drive - not recognised
I have been looking through the kernel mailing list but couldn't find anything on this. I have two big IDE harddrives in the machine - 200 Gig each. dmesg: Uniform Multi-Platform E-IDE driver Revision: 6.31 ide: Assuming 33MHz system bus speed for PIO modes; override with idebus=xx PIIX4: IDE controller on PCI bus 00 dev f9 PIIX4: chipset revision 5 PIIX4: not 100% native mode: will probe irqs later ide0: BM-DMA at 0xffa0-0xffa7, BIOS settings: hda:DMA, hdb:DMA ide1: BM-DMA at 0xffa8-0xffaf, BIOS settings: hdc:DMA, hdd:pio hda: WDC WD2000JB-00DUA0, ATA DISK drive hdb: WDC WD2000JB-00DUA0, ATA DISK drive *snipsnip* ide0 at 0x1f0-0x1f7,0x3f6 on irq 14 ide1 at 0x170-0x177,0x376 on irq 15 hda: 268435455 sectors (137439 MB) w/8192KiB Cache, CHS=16709/255/63 hdb: 268435455 sectors (137439 MB) w/8192KiB Cache, CHS=16709/255/63 so the kernel detects it as 137 MB only This is on.. [EMAIL PROTECTED]:~$ uname -a Linux blue 2.4.18-bf2.4 #1 Son Apr 14 09:53:28 CEST 2002 i686 unknown unknown GNU/Linux Any ideas? Michael Moritz -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
[Fwd: Re: Postfix log analizer]
Original Message Subject: Re: Postfix log analizer Date: Tue, 01 Apr 2003 16:40:32 +0100 From: mimo <[EMAIL PROTECTED]> To: Teun Vink <[EMAIL PROTECTED]> References: <[EMAIL PROTECTED]> <[EMAIL PROTECTED]> <[EMAIL PROTECTED]> Here is my lsmail script - usage: lsmail [optional: log file extension, .1,.2, etc] ex: lsmail "from= looks for all email I have sent yesterday mm #!/usr/bin/perl #03 mimo / GN my ($pattern,$ext) = @ARGV; $maillog="/var/log/maillog".$ext; #$pattern="$ARGV[0]"; print("$pattern"); open(INFILE,$maillog); @lines; $linecount=0; while() { $line = $_; if(m/$pattern/) { # print "$line \n"; @fields = split(/\s+/, $line); # print "@fields\n"; # print "@fields[5]\n"; if($fields[5] =~ /(\d+)/) { # print("$fields[5]\n"); $lines[$linecount++]=$fields[5]; } } } foreach $i (@lines) { system("grep $i $maillog"); } Teun Vink wrote: On Wed, 2003-04-02 at 14:53, Andre Luis Lopes wrote: [..] Actually, I'm already using pflogsum but it doesn't seems to support generating the kind of report I'm looking for. It's good enough for generating statistics about a lot of useful data, but what I would like to see in a report is something like : Message IDSender Recipient Size X [EMAIL PROTECTED][EMAIL PROTECTED] XXX This shouldn't be too hard to do with some grepping/regexp'ing on mailserver logs, now should it? The size is not that important. Who made you believe that? ;-) Teun -- BOFH excuse #103: operators on strike due to broken coffee machine
[Fwd: Re: Postfix log analizer]
Original Message Subject: Re: Postfix log analizer Date: Tue, 01 Apr 2003 16:40:32 +0100 From: mimo <[EMAIL PROTECTED]> To: Teun Vink <[EMAIL PROTECTED]> References: <[EMAIL PROTECTED]> <[EMAIL PROTECTED]> <[EMAIL PROTECTED]> Here is my lsmail script - usage: lsmail [optional: log file extension, .1,.2, etc] ex: lsmail "from= looks for all email I have sent yesterday mm #!/usr/bin/perl #03 mimo / GN my ($pattern,$ext) = @ARGV; $maillog="/var/log/maillog".$ext; #$pattern="$ARGV[0]"; print("$pattern"); open(INFILE,$maillog); @lines; $linecount=0; while() { $line = $_; if(m/$pattern/) { # print "$line \n"; @fields = split(/\s+/, $line); # print "@fields\n"; # print "@fields[5]\n"; if($fields[5] =~ /(\d+)/) { # print("$fields[5]\n"); $lines[$linecount++]=$fields[5]; } } } foreach $i (@lines) { system("grep $i $maillog"); } Teun Vink wrote: On Wed, 2003-04-02 at 14:53, Andre Luis Lopes wrote: [..] Actually, I'm already using pflogsum but it doesn't seems to support generating the kind of report I'm looking for. It's good enough for generating statistics about a lot of useful data, but what I would like to see in a report is something like : Message IDSender Recipient Size X [EMAIL PROTECTED][EMAIL PROTECTED] XXX This shouldn't be too hard to do with some grepping/regexp'ing on mailserver logs, now should it? The size is not that important. Who made you believe that? ;-) Teun -- BOFH excuse #103: operators on strike due to broken coffee machine -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
Re: FPSE2002+pam_ldap+nsswitch=Segmentation fault
Hi Sami, thanks, I wouldn't have thought of that. I tested with ldd -v and it's saying: [EMAIL PROTECTED]:/usr/local/frontpage/version5.0/bin# ldd -v owsadm.exe not a dynamic executable This is from the fp50.tar.gz I downloaded from rtctc (?). Any other ideas? Michael Moritz Sami Haahtinen wrote: On Mon, Mar 31, 2003 at 05:48:44PM +0100, mimo wrote: I am trying to set up FP2002SE on debian (unstable) Apache 1.3.27 mod-frontpage-mirfak-1.6.2 libldap2_2.0.23,libpam-ldap-140 (self build to allow TLS) fptest is a ldap user, fptest is a unix group /usr/local/frontpage/version5.0/bin/owsadm.exe -o install -u fpadm -pw secret -xuser nobody -xgroup fptest -s /etc/apache/virthosts.conf -p 80 -m is what I need I think. But it produces a segementation fault: Starting install, port: 80. Created: unknown Version: 5.0.2.2623 ...Snip... Segmentation fault I have tried to locate the error and done an strace. Here are the few final lines: ...Snip Snap... --- SIGSEGV (Segmentation fault) @ 0 (0) --- +++ killed by SIGSEGV +++ to me this looks like you installed the frontpage extensions provided by thrid party anyway, and there is somekind of library conflict with those two (i would guess that the ones provided by the third party are for libc5 or something alike) and that causes the crash For starters, check your apache configuration the location where the module is loaded from, this will verify which version of the module you are running. Also, please note that i don't use these extensions at all, so i am of no use to debug this all.. but that was the impression i got from the mail. Regards, Sami For starters, check your apache configuration the location where the module is loaded from, this will verify which version of the module you are running. Also, please note that i don't use these extensions at all, so i am of no use to debug this all.. but that was the impression i got from the mail. Regards, Sami
Re: FPSE2002+pam_ldap+nsswitch=Segmentation fault
Hi Sami, thanks, I wouldn't have thought of that. I tested with ldd -v and it's saying: [EMAIL PROTECTED]:/usr/local/frontpage/version5.0/bin# ldd -v owsadm.exe not a dynamic executable This is from the fp50.tar.gz I downloaded from rtctc (?). Any other ideas? Michael Moritz Sami Haahtinen wrote: On Mon, Mar 31, 2003 at 05:48:44PM +0100, mimo wrote: I am trying to set up FP2002SE on debian (unstable) Apache 1.3.27 mod-frontpage-mirfak-1.6.2 libldap2_2.0.23,libpam-ldap-140 (self build to allow TLS) fptest is a ldap user, fptest is a unix group /usr/local/frontpage/version5.0/bin/owsadm.exe -o install -u fpadm -pw secret -xuser nobody -xgroup fptest -s /etc/apache/virthosts.conf -p 80 -m is what I need I think. But it produces a segementation fault: Starting install, port: 80. Created: unknown Version: 5.0.2.2623 ...Snip... Segmentation fault I have tried to locate the error and done an strace. Here are the few final lines: ...Snip Snap... --- SIGSEGV (Segmentation fault) @ 0 (0) --- +++ killed by SIGSEGV +++ to me this looks like you installed the frontpage extensions provided by thrid party anyway, and there is somekind of library conflict with those two (i would guess that the ones provided by the third party are for libc5 or something alike) and that causes the crash For starters, check your apache configuration the location where the module is loaded from, this will verify which version of the module you are running. Also, please note that i don't use these extensions at all, so i am of no use to debug this all.. but that was the impression i got from the mail. Regards, Sami For starters, check your apache configuration the location where the module is loaded from, this will verify which version of the module you are running. Also, please note that i don't use these extensions at all, so i am of no use to debug this all.. but that was the impression i got from the mail. Regards, Sami -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
FPSE2002+pam_ldap+nsswitch=Segmentation fault
I am trying to set up FP2002SE on debian (unstable) Apache 1.3.27 mod-frontpage-mirfak-1.6.2 libldap2_2.0.23,libpam-ldap-140 (self build to allow TLS) fptest is a ldap user, fptest is a unix group /usr/local/frontpage/version5.0/bin/owsadm.exe -o install -u fpadm -pw secret -xuser nobody -xgroup fptest -s /etc/apache/virthosts.conf -p 80 -m works - but has one problem: I couldn't hve users FTPing into their web root. /usr/local/frontpage/version5.0/bin/owsadm.exe -o install -u fpadm -pw secret -xuser fptest -xgroup fptest -s /etc/apache/virthosts.conf -p 80 -m is what I need I think. But it produces a segementation fault: Starting install, port: 80. Created: unknown Version: 5.0.2.2623 Server extensions already installed on port 80. Reverting to upgrade. Starting upgrade, port: 80. Created: unknown Version: 5.0.2.2623 Segmentation fault I have tried to locate the error and done an strace. Here are the few final lines: connect(5, {sa_family=AF_UNIX, path="/var/run/.nscd_socket"}, 110) = -1 ENOENT (No such file or directory) close(5)= 0 open("/etc/nsswitch.conf", O_RDONLY)= 5 fstat64(5, {st_mode=S_IFREG|0644, st_size=1694, ...}) = 0 old_mmap(NULL, 4096, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x4000 read(5, "#\n# /etc/nsswitch.conf\n#\n# An ex"..., 4096) = 1694 read(5, "", 4096) = 0 close(5)= 0 munmap(0x4000, 4096)= 0 --- SIGSEGV (Segmentation fault) @ 0 (0) --- +++ killed by SIGSEGV +++ So I have modified my /etc/pam.d/su file to: auth sufficient pam_rootok.so auth required pam_ldap.so debug accountrequired pam_ldap.so debug sessionrequired pam_ldap.so debug which is similiar to the one that works for ftp. now I can do a su fptest and login. owsadm nevertheless still crashes. Any help appreciated. Thanks, Michael Moritz PS.: this is my /etc/nsswitch.conf file: passwd: files ldap shadow: files group: files ldap hosts: files dns bootparams: nisplus [NOTFOUND=return] files ethers: files netmasks: files networks: files protocols: files rpc:files services: files netgroup: files publickey: nisplus automount: files aliases:files
FPSE2002+pam_ldap+nsswitch=Segmentation fault
I am trying to set up FP2002SE on debian (unstable) Apache 1.3.27 mod-frontpage-mirfak-1.6.2 libldap2_2.0.23,libpam-ldap-140 (self build to allow TLS) fptest is a ldap user, fptest is a unix group /usr/local/frontpage/version5.0/bin/owsadm.exe -o install -u fpadm -pw secret -xuser nobody -xgroup fptest -s /etc/apache/virthosts.conf -p 80 -m works - but has one problem: I couldn't hve users FTPing into their web root. /usr/local/frontpage/version5.0/bin/owsadm.exe -o install -u fpadm -pw secret -xuser fptest -xgroup fptest -s /etc/apache/virthosts.conf -p 80 -m is what I need I think. But it produces a segementation fault: Starting install, port: 80. Created: unknown Version: 5.0.2.2623 Server extensions already installed on port 80. Reverting to upgrade. Starting upgrade, port: 80. Created: unknown Version: 5.0.2.2623 Segmentation fault I have tried to locate the error and done an strace. Here are the few final lines: connect(5, {sa_family=AF_UNIX, path="/var/run/.nscd_socket"}, 110) = -1 ENOENT (No such file or directory) close(5)= 0 open("/etc/nsswitch.conf", O_RDONLY)= 5 fstat64(5, {st_mode=S_IFREG|0644, st_size=1694, ...}) = 0 old_mmap(NULL, 4096, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x4000 read(5, "#\n# /etc/nsswitch.conf\n#\n# An ex"..., 4096) = 1694 read(5, "", 4096) = 0 close(5)= 0 munmap(0x4000, 4096)= 0 --- SIGSEGV (Segmentation fault) @ 0 (0) --- +++ killed by SIGSEGV +++ So I have modified my /etc/pam.d/su file to: auth sufficient pam_rootok.so auth required pam_ldap.so debug accountrequired pam_ldap.so debug sessionrequired pam_ldap.so debug which is similiar to the one that works for ftp. now I can do a su fptest and login. owsadm nevertheless still crashes. Any help appreciated. Thanks, Michael Moritz PS.: this is my /etc/nsswitch.conf file: passwd: files ldap shadow: files group: files ldap hosts: files dns bootparams: nisplus [NOTFOUND=return] files ethers: files netmasks: files networks: files protocols: files rpc:files services: files netgroup: files publickey: nisplus automount: files aliases:files -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]