Re: Sarge -> Etch mailserver upgrade...

[Pete Clarke]

Read
http://www.de.debian.org/releases/stable/i386/release-notes/ch-upgrading.en.html#s-minimal_upgrade
and use 4.5.4.1 or 4.5.4.2, whichever applies to your situation.

Does this work ok?


Doh!

I read those notes too - that's how I managed to upgrade 6 o so boxes 
without a problem...just skipped that part because I saw X Windows stuff


Thanks mate - much better!

:-)

Cheers,



Pete. 



--
To UNSUBSCRIBE, email to [EMAIL PROTECTED] 
with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]

Sarge -> Etch mailserver upgrade...

[Pete Clarke]

Hi there,

I am running a bunch of Sarge servers and slowly upgrading them to etch.
Most have been fine, but I am having a few problems with the mailserver. It 
is running :


courier-authdaemon
courier-base
courier-doc
courier-imap
courier-imap-ssl
courier-ldap
courier-pop
courier-pop-ssl
courier-ssl
fetcmail
procmail
exim4-base
exim4-config
exim4-daemon-heavy
sa-exim

(amongst other things).

When doing a dist-upgrade I get:

cholet:~# aptitude dist-upgrade
Reading Package Lists... Done
Building Dependency Tree
Reading extended state information
Initializing package states... Done
Some packages had unmet dependencies.  This may mean that you have
requested an impossible situation or if you are using the unstable
distribution that some required packages have not yet been created
or been moved out of Incoming.

The following packages have unmet dependencies:
 libfam0c102: Conflicts: libfam0 but 2.7.0-12 is to be installed.

If I (temporarily) try to remove libfam I get:

cholet:~# aptitude remove libfam0c102
Reading Package Lists... Done
Building Dependency Tree
Reading extended state information
Initializing package states... Done
The following packages are unused and will be REMOVED:
 courier-authdaemon
The following NEW packages will be automatically installed:
 courier-authlib courier-authlib-userdb libssl0.9.8
The following packages will be automatically REMOVED:
 courier-base courier-imap courier-imap-ssl courier-ldap courier-pop
 courier-pop-ssl courier-ssl
The following packages have been kept back:
 adduser apt apt-utils aptitude bash bind9 bind9-host clamav clamav-base
 clamav-daemon clamav-freshclam cvs debianutils dnsutils exim4-base
 exim4-config exim4-daemon-heavy fetchmail gnupg iftop initscripts iproute
 ldap-utils libcupsys2-gnutls10 libcurl3 libdigest-md4-perl
 libdigest-sha1-perl libhtml-parser-perl libio-socket-ssl-perl libisccc0
 libldap2 liblocale-gettext-perl libnet-dns-perl libnet-ssleay-perl
 libpam-modules libperl5.8 libreadline5 libsasl2 libsasl2-modules
 libtext-charwidth-perl libtext-iconv-perl netbase nfs-common nmap ntpdate
 openssl passwd pciutils perl perl-base perl-doc perl-modules python
 python-newt reportbug samba samba-common slapd smbclient smbldap-tools
 spamassassin spamc ssh sysvinit util-linux vim vim-common wget whiptail
The following NEW packages will be installed:
 courier-authlib courier-authlib-userdb libssl0.9.8
The following packages will be REMOVED:
 courier-base courier-imap courier-imap-ssl courier-ldap courier-pop
 courier-pop-ssl courier-ssl libfam0c102
0 packages upgraded, 3 newly installed, 9 to remove and 69 not upgraded.
Need to get 0B/2826kB of archives. After unpacking 1200kB will be used.
Do you want to continue? [Y/n/?] n

I don't want to remove the couier apps unless I am absolutely certain that 
everything will re-install OK..


Has anyone done anything like this...? Or is this a slight bug-ette that 
will be resolved soon (dependancies)..?


Cheers,



Pete. 



--
To UNSUBSCRIBE, email to [EMAIL PROTECTED] 
with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]

Dlink 500TX

[Pete Clarke]

Hi there,

Does anyone know if the DLink 500TX card (gigabit fiber) is supported in 
Etch's 2.6.18 kernel..?
I have recently upgraded from Sarge to Etch, previous I was running kernel 
2.4.27 and had the jt1lin driver compiled and working, it won't, however, 
compile under 2.6.


lspci gives:
03:06.0 Ethernet controller: Level One Communications LXT1001 Gigabit 
Ethernet (rev 02)


Just wondered if anyone had got it to work, or if there is an alternative 
driver available..? Google didn't yield anything particularily useful.


Cheers,



Pete. 



--
To UNSUBSCRIBE, email to [EMAIL PROTECTED] 
with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]

Re: fetchmail syslog messages

[Pete Clarke]

Apr  3 12:40:02 big fetchmail[4337]: Server CommonName mismatch: 
localhost != mail.mesanetworks.net
Apr  3 12:40:02 big fetchmail[4337]: Server certificate verification 
error: self signed certificate


It just means that the remote end haven't set up their server
certificate properly. Nothing to worry about, unless you're concerned
that their DNS might get hijacked and you're worried that you might one
day be fetching mail from someone who is not your ISP; good luck trying
to get them to fix it, though ;)


I get this a lot too - I even raised a case with my ISP's support only to be 
told:


"Well, noone else has complained";
"It's a problem with your mail application"

and other unhelpful responses.  Gave up in the end and just live with the 
extra noise in the logfile.


Cheers,



Pete. 



--
To UNSUBSCRIBE, email to [EMAIL PROTECTED] 
with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]

Re: Linux and firewire drives

[Pete Clarke]

I have a RAID1 running on a pair of external FW drives. I've found that
Linux is picky about the chipset on the external drives, however, and have
had some cases that work under MacOS X not work at all under Linux. I also
ran into a situation in which two identical cases could not be
distinguished, though either one worked individually.


Interesting..
I have been looking at replacing my home backup server - it's currently a 
Proliant 6500, with 7 x 73gb drives...wanted to run something a little less 
thirsty :-)
I have a Proliant DL360 (190watts vs 750 for the 6500) - I was going to fit 
a firewire card to it and run either the duo, or a couple of the  Western 
Digital 500GB MyBook Premium USB/Firewire drives (2 x 500GB mirrored).
It currently has 9 machines backing up to it, a combination of Linux (sarge 
on 386 hardware) and Solaris (9 and 10), speed is not a huge issue, it is on 
a seperate vlan so traffic is seperatedI was just wondering if the 
firewire drives was a feasable thing to do..


Cheers 



--
To UNSUBSCRIBE, email to [EMAIL PROTECTED] 
with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]

Linux and firewire drives

[Pete Clarke]

Hi there,

What is the current state of support for firewire attached drives within 
Linux ..
I would like to use Sarge, standard PC - and attach something like the WD My 
Book Pro 1TB drive, ideally via firewire...


Cheers,



Pete. 



--
To UNSUBSCRIBE, email to [EMAIL PROTECTED] 
with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]

Re: Pathetic SATA performance

[Pete Clarke]

> So do
> smartctl -a -d ata /dev/sda

Doh ...
:-)

Everything looks OK from a SMART point of view:

bungo:~# smartctl -d ata -a /dev/sda
smartctl version 5.36 [i686-pc-linux-gnu] Copyright (C) 2002-6 Bruce Allen
Home page is http://smartmontools.sourceforge.net/

=== START OF INFORMATION SECTION ===
Device Model: ST3250620AS
Serial Number:9QE0MLDS
Firmware Version: 3.AAE
User Capacity:250,059,350,016 bytes
Device is:Not in smartctl database [for details use: -P showall]
ATA Version is:   7
ATA Standard is:  Exact ATA specification draft version not indicated
Local Time is:Fri Feb  2 09:20:49 2007 GMT
SMART support is: Available - device has SMART capability.
SMART support is: Enabled

=== START OF READ SMART DATA SECTION ===
SMART overall-health self-assessment test result: PASSED

General SMART Values:
Offline data collection status:  (0x82) Offline data collection activity
was completed without error.
Auto Offline Data Collection:
Enabled.
Self-test execution status:  (   0) The previous self-test routine
completed
without error or no self-test has
ever
been run.
Total time to complete Offline
data collection: ( 430) seconds.
Offline data collection
capabilities:(0x5b) SMART execute Offline immediate.
Auto Offline data collection
on/off support.
Suspend Offline collection upon new
command.
Offline surface scan supported.
Self-test supported.
No Conveyance Self-test supported.
Selective Self-test supported.
SMART capabilities:(0x0003) Saves SMART data before entering
power-saving mode.
Supports SMART auto save timer.
Error logging capability:(0x01) Error logging supported.
General Purpose Logging supported.
Short self-test routine
recommended polling time:(   1) minutes.
Extended self-test routine
recommended polling time:(  92) minutes.

SMART Attributes Data Structure revision number: 10
Vendor Specific SMART Attributes with Thresholds:
ID# ATTRIBUTE_NAME  FLAG VALUE WORST THRESH TYPE  UPDATED
WHEN_FAILED RAW_VALUE
  1 Raw_Read_Error_Rate 0x000f   109   097   006Pre-fail  Always
-   63158945
  3 Spin_Up_Time0x0003   097   097   000Pre-fail  Always
-   0
  4 Start_Stop_Count0x0032   100   100   020Old_age   Always
-   17
  5 Reallocated_Sector_Ct   0x0033   100   100   036Pre-fail  Always
-   0
  7 Seek_Error_Rate 0x000f   072   060   030Pre-fail  Always
-   15167092
  9 Power_On_Hours  0x0032   100   100   000Old_age   Always
-   304
 10 Spin_Retry_Count0x0013   100   100   097Pre-fail  Always
-   0
 12 Power_Cycle_Count   0x0032   100   100   020Old_age   Always
-   61
187 Unknown_Attribute   0x0032   100   100   000Old_age   Always
-   0
189 Unknown_Attribute   0x003a   100   100   000Old_age   Always
-   0
190 Unknown_Attribute   0x0022   068   064   045Old_age   Always
-   605814816
194 Temperature_Celsius 0x0022   032   040   000Old_age   Always
-   32 (Lifetime Min/Max 0/25)
195 Hardware_ECC_Recovered  0x001a   067   057   000Old_age   Always
-   224749214
197 Current_Pending_Sector  0x0012   100   100   000Old_age   Always
-   0
198 Offline_Uncorrectable   0x0010   100   100   000Old_age   Offline
-   0
199 UDMA_CRC_Error_Count0x003e   200   200   000Old_age   Always
-   0
200 Multi_Zone_Error_Rate   0x   100   253   000Old_age   Offline
-   0
202 TA_Increase_Count   0x0032   100   253   000Old_age   Always
-   0

SMART Error Log Version: 1
No Errors Logged

SMART Self-test log structure revision number 1

SMART Selective self-test log data structure revision number 1
 SPAN  MIN_LBA  MAX_LBA  CURRENT_TEST_STATUS
100  Not_testing
200  Not_testing
300  Not_testing
400  Not_testing
500  Not_testing
Selective self-test flags (0x0):
  After scanning selected spans, do NOT read-scan remainder of disk.
If Selective self-test is pending on power-up, resume after 0 minute delay.


bungo:~# smartctl -d ata -a /dev/sdb
smartctl version 5.36 [i686-pc-linux-gnu] Copyright (C) 2002-6 Bruce Allen
Home page is http://smartmontools.sourceforge.net/

=== START O

Re: Pathetic SATA performance

[Pete Clarke]

> You mean that was not the issue ? You have a problem then. I'd
> disconnect all the drives but one and see if I can isolate a
> culprit.

Yep, set the SATA I jumper before setting the drives up.

> SATA should not be as suceptible as IDE to one device taking down
> the whole interface but still, I've had a SATA Hitachi freeze the
> whole system, so it's worth trying...

Trouble is, the drives are set up as a RAID 5 array - if I disconnect them
one by one I will lose data?


-- 
To UNSUBSCRIBE, email to [EMAIL PROTECTED] 
with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]

Re: Pathetic SATA performance

[Pete Clarke]

Defects tend to happen to all the units in a certain production run.
If one goes, the others may go before you can replace & rebuild the
first bad drive.


Fair enough.


I'd still prefer to have all my RAID drives be the same manufacturer
+ model.  Maybe that's just an ingrained habit I picked up in the
1990s.


Indeed ... I thought it would be better to have all the same, as I remember 
different brands of drive sometimes had incompatibilities (WD and Maxtor 
spring to mind).
Also, as it defaults to the smallest size, having all drives the same means 
you don't lose any more space than the parity drive.


Cheers 



--
To UNSUBSCRIBE, email to [EMAIL PROTECTED] 
with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]

Re: Pathetic SATA performance

[Pete Clarke]

For SATA, you need to add "-d ata" to the command line, i.e.:

# smartctl -d ata -a /dev/sda


bungo:~# smartctl -d ata /dev/sda
smartctl version 5.36 [i686-pc-linux-gnu] Copyright (C) 2002-6 Bruce Allen
Home page is http://smartmontools.sourceforge.net/

bungo:~# smartctl -d ata /dev/sdb
smartctl version 5.36 [i686-pc-linux-gnu] Copyright (C) 2002-6 Bruce Allen
Home page is http://smartmontools.sourceforge.net/

bungo:~# smartctl -d ata /dev/sdc
smartctl version 5.36 [i686-pc-linux-gnu] Copyright (C) 2002-6 Bruce Allen
Home page is http://smartmontools.sourceforge.net/

bungo:~# smartctl -d ata /dev/sdd
smartctl version 5.36 [i686-pc-linux-gnu] Copyright (C) 2002-6 Bruce Allen
Home page is http://smartmontools.sourceforge.net/

Not much info...


--
To UNSUBSCRIBE, email to [EMAIL PROTECTED] 
with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]

Re: Pathetic SATA performance

[Pete Clarke]

There was/is an issue with certain Maxtor SATA hard disk drives.
In some cases, it is necessary to force them to SATA-I mode (1.5
gb/s). There's a jumper in the back for that.


Yep, set that :-)


4 x Maxtor 250GB SATA drives


(Incidentally I would recommend against making a RAID array from
several drives from the same manufacturer. Especially if they're
the same model. Even more so if they're the same batch.)


Why so?


--
To UNSUBSCRIBE, email to [EMAIL PROTECTED] 
with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]

Re: Pathetic SATA performance

[Pete Clarke]

> On Thu, Feb 01, 2007 at 08:34:20PM -0000, Pete Clarke wrote:
>> Hi there,
>>
>> I have a file server, running Etch, with the following specs:
>>
>> P4, 1.7Ghz
>> 512MB Ram
>> 2 x SI based SATA I controllers
>> 4 x Maxtor 250GB SATA drives
>>
>> It is set up with software RAID 5, and the overall performance is
>> terrible.
>>
>> Every time it reboots (which happens due to dodgy power!), it does a
>> RAID
>> resync, this takes up 90% CPU time (for md0_resync process) for 50
>> hours!!
>> During this time, ANY access to the drive is painful.
>>
>> Now, I expected software RAID 5 to be slow, but not this bad - this is
>> the
>> reading from hdparm:
>>
>> bungo:~# hdparm -tT /dev/md0
>>
>> /dev/md0:
>> Timing cached reads: 2 MB in  4.71 seconds = 435.05 kB/sec
>> Timing buffered disk reads:8 MB in  3.13 seconds =   2.56 MB/sec
>>
>>
>> Bad eh?
>>
>> Becuase they're SATA drives, hdparm cannot tune them - or indeed read
>> their
>> current settings. Is there any way I can speed this beast up, if not I
>> am
>> going to go back to my old PPro200-based file server, running SCSI->FCAL
>> bridge.
>>
>
> Wow, that is awful.
>
> I dont' do raid5 since I only have two disks.
>
> Two identical Seagate Barracuda 7200 80 GB SATA drives (with the SATA I
> rate limiting jumper removed), on my Asus MB nVidia chipset SATA-II
> ports.  Each drive has three partitions, to for raid1, one for LVM.
>
> hdparm -tT /dev/md0
>
> /dev/md0
> Timing cached reads:2424 MB in 2.00 seconds = 1212.23 MB/sec
> Timing buffered disk reads:   62 MB in 0.84 seconds = 73.44 MB/sec.
>
> What happens if you time the raw drives instead of md0?  For me on raid1,
> its basically the same.  I'm wondering if one or more of your drives are
> in difficulty and its slowing down the whole array.
>
> What does smartmontools say about the drive's S.M.A.R.T.s?
>

I get:

bungo:~# smartctl --all /dev/sda
smartctl version 5.36 [i686-pc-linux-gnu] Copyright (C) 2002-6 Bruce Allen
Home page is http://smartmontools.sourceforge.net/

Device: ATA  ST3250620AS  Version: 3.AA
Serial number: 9QE0MLDS
Device type: disk
Local Time is: Thu Feb  1 22:14:32 2007 GMT
Device does not support SMART

Error Counter logging not supported

[GLTSD (Global Logging Target Save Disable) set. Enable Save with '-S on']
Device does not support Self Test logging


As for individual drive performance :

bungo:~# hdparm -tT /dev/sda

/dev/sda:
 Timing cached reads:   322 MB in  2.00 seconds = 160.99 MB/sec
 Timing buffered disk reads:  106 MB in  3.00 seconds =  35.29 MB/sec
bungo:~# hdparm -tT /dev/sdb

/dev/sdb:
 Timing cached reads:   348 MB in  2.01 seconds = 173.30 MB/sec
 Timing buffered disk reads:4 MB in  4.62 seconds = 886.44 kB/sec
bungo:~# hdparm -tT /dev/sdc

/dev/sdc:
 Timing cached reads:   320 MB in  2.00 seconds = 159.67 MB/sec
 Timing buffered disk reads:   36 MB in  5.39 seconds =   6.67 MB/sec
bungo:~# hdparm -tT /dev/sdd

/dev/sdd:
 Timing cached reads:   342 MB in  2.01 seconds = 170.41 MB/sec
 Timing buffered disk reads:4 MB in  4.29 seconds = 954.93 kB/sec

Rather poo ...

I *must* be doing something wrong .. I can't believe SATA performance is
*THIS BAD*...

Cheers,




Pete.


-- 
To UNSUBSCRIBE, email to [EMAIL PROTECTED] 
with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]

Pathetic SATA performance

[Pete Clarke]

Hi there,

I have a file server, running Etch, with the following specs:

P4, 1.7Ghz
512MB Ram
2 x SI based SATA I controllers
4 x Maxtor 250GB SATA drives

It is set up with software RAID 5, and the overall performance is terrible.

Every time it reboots (which happens due to dodgy power!), it does a RAID 
resync, this takes up 90% CPU time (for md0_resync process) for 50 hours!!

During this time, ANY access to the drive is painful.

Now, I expected software RAID 5 to be slow, but not this bad - this is the 
reading from hdparm:


bungo:~# hdparm -tT /dev/md0

/dev/md0:
Timing cached reads: 2 MB in  4.71 seconds = 435.05 kB/sec
Timing buffered disk reads:8 MB in  3.13 seconds =   2.56 MB/sec


Bad eh?

Becuase they're SATA drives, hdparm cannot tune them - or indeed read their 
current settings. Is there any way I can speed this beast up, if not I am 
going to go back to my old PPro200-based file server, running SCSI->FCAL 
bridge.


Cheers,




Pete. 



--
To UNSUBSCRIBE, email to [EMAIL PROTECTED] 
with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]

Re: CVS Limits

[Pete Clarke]

>>Is that a cvs-pserver.conf entry? or in the CVSROOT files?
>
> At the moment it's hard-coded in the source
> (src/server.c:serve_argument() ). Please feel free to post a wishlist
> bug (ideally with a patch! *grin*) and I'll get it fixed in the Debian
> package. Having it as a setting in CVSROOT/options would be a much
> more reasonable way to go.

Ah .. it's one of *those* .. :-)
I'll take a look at the code


-- 
To UNSUBSCRIBE, email to [EMAIL PROTECTED] 
with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]

Re: CVS Limits

[Pete Clarke]

> In article <[EMAIL PROTECTED]> you write:
>>Hi there,
>>
>>I have a CVS repository (hosted on Debian Sarge 3.1), and one of the
>>directories has grown in size from a few thousand files, to over 11,000.
>>The result of this is, if a wide ranging change is made, the CVS client
>>throws a fit and errors with a protocol error - too many parameters.
>>This may not be the place to ask, but does anyone know what the actual
>> limit
>>is? And is it per repository, or on a directory-wide basis?
>>I guess if it's a directory limit, I can arrange to have the files
>>segregated - but I am not the only user of the repository so that'd have
>> to
>>be agreed internally.
>
> There's an internal limit of 10,000 files that can be modified at
> once, which I believe is on a per-repo basis.

Is that a cvs-pserver.conf entry? or in the CVSROOT files?


-- 
To UNSUBSCRIBE, email to [EMAIL PROTECTED] 
with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]

Re: CVS Limits

[Pete Clarke]

> In article <[EMAIL PROTECTED]> you write:
>>Hi there,
>>
>>I have a CVS repository (hosted on Debian Sarge 3.1), and one of the
>>directories has grown in size from a few thousand files, to over 11,000.
>>The result of this is, if a wide ranging change is made, the CVS client
>>throws a fit and errors with a protocol error - too many parameters.
>>This may not be the place to ask, but does anyone know what the actual
>> limit
>>is? And is it per repository, or on a directory-wide basis?
>>I guess if it's a directory limit, I can arrange to have the files
>>segregated - but I am not the only user of the repository so that'd have
>> to
>>be agreed internally.
>
> There's an internal limit of 10,000 files that can be modified at
> once, which I believe is on a per-repo basis.

Ahhh .. that's be it then - thanks. :-)


-- 
To UNSUBSCRIBE, email to [EMAIL PROTECTED] 
with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]

CVS Limits

[Pete Clarke]

Hi there,

I have a CVS repository (hosted on Debian Sarge 3.1), and one of the 
directories has grown in size from a few thousand files, to over 11,000.
The result of this is, if a wide ranging change is made, the CVS client 
throws a fit and errors with a protocol error - too many parameters.
This may not be the place to ask, but does anyone know what the actual limit 
is? And is it per repository, or on a directory-wide basis?
I guess if it's a directory limit, I can arrange to have the files 
segregated - but I am not the only user of the repository so that'd have to 
be agreed internally.


Cheers 



--
To UNSUBSCRIBE, email to [EMAIL PROTECTED] 
with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]

Tell which apache modules are loaded and used

[Pete Clarke]

Hi there,

Is there a nice easy way of telling, from a running instance of apache,
which modules are currently loaded and being used?

Cheers


-- 
To UNSUBSCRIBE, email to [EMAIL PROTECTED] 
with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]

local users not working, but ldap ones are fine

[Pete Clarke]

Hi there,

I have a working LDAP environment, running Open Ldap on a Debian Sarge 
installation. This is all good - users can log in, change passwords etc. 
without a problem.
What doesn't work are users contained in the /etc/passwd file - i.e. I can 
log into a system using an LDAP users, but not a local one.

I cannot change the root passord either - I get the following error:

alderney:/etc/pam.d# passwd
passwd: Authentication information cannot be recovered

The contents of my pam.d/common-* files are:

common-account:
account sufficient  pam_ldap.so
account requiredpam_unix.so try_first_pass

common-auth:
authsufficient  pam_ldap.so
authrequiredpam_unix.so nullok_secure use_first_pass

common-password:
password   sufficient pam_ldap.so
password   required   pam_unix.so nullok obscure min=4 max=8 md5 
use_first_pass


common-session:
session sufficient  pam_ldap.so
session requiredpam_unix.so

nsswitch.conf:
passwd: files ldap
group:  files ldap
shadow: files ldap
hosts:  files dns
networks:   files
protocols:  db files
services:   db files
ethers: db files
rpc:db files
netgroup:   nis

I have a user in /etc/passwd that I cannot do anything with. I created it in 
the normal way (groupadd/useradd) but if I try to set a password I get:


alderney:/home/pclarke# passwd cvs-admin
passwd: Authentication information cannot be recovered

So, LDAP users work fine - login/out, change password etc. but local file 
users cannot do anything. I can't even change the root password.


Any ideas?


Cheers,



Pete. 



--
To UNSUBSCRIBE, email to [EMAIL PROTECTED] 
with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]

Netinst fails for Sparc

[Pete Clarke]

Hi there,

I am trying to install a Netra T1 200 via netboot.
The machine has no cdrom so I am using a tftp server with dhcp to
bootstrap the system.
All goes well, until I point it at my local debian mirror (i386,sparc,hppa).

It gets the release file, and some of the installer files, but fails at 20%.
The log for my local http mirror is:

192.168.0.42 - - [13/Sep/2006:10:33:10 +0100] "GET
/debian//dists/sarge/Release HTTP/1.1" 200 34640 "-" "Wget" "-"
192.168.0.42 - - [13/Sep/2006:10:33:12 +0100] "GET
/debian//dists/stable/Release HTTP/1.1" 200 34640 "-" "Wget" "-"
192.168.0.42 - - [13/Sep/2006:10:33:12 +0100] "GET
/debian//dists/stable/main/debian-installer/binary-sparc/Packages.gz
HTTP/1.1" 200 48387 "-" "Wget" "-"
192.168.0.42 - - [13/Sep/2006:10:33:15 +0100] "GET
/debian//pool/main/b/base-installer/base-installer_1.13.4sarge1_sparc.udeb
HTTP/1.1" 200 74590 "-" "Wget" "-"
192.168.0.42 - - [13/Sep/2006:10:33:15 +0100] "GET
/debian//pool/main/b/bugreporter-udeb/bugreporter-udeb_1.02_all.udeb
HTTP/1.1" 200 16490 "-" "Wget" "-"
192.168.0.42 - - [13/Sep/2006:10:33:16 +0100] "GET
/debian//pool/main/c/cdebconf/cdebconf-priority_0.74.2_all.udeb HTTP/1.1"
200 1948 "-" "Wget" "-"
192.168.0.42 - - [13/Sep/2006:10:33:16 +0100] "GET
/debian//pool/main/l/linux-kernel-di-sparc-2.6/cdrom-core-modules-2.6.8-3-sparc64-di_0.05sarge2_sparc.udeb
HTTP/1.1" 200 55496 "-" "Wget" "-"
192.168.0.42 - - [13/Sep/2006:10:33:17 +0100] "GET
/debian//pool/main/d/debootstrap/debootstrap-udeb_0.2.45-0.2_sparc.udeb
HTTP/1.1" 200 25730 "-" "Wget" "-"
192.168.0.42 - - [13/Sep/2006:10:33:17 +0100] "GET
/debian//pool/main/d/debian-installer-utils/di-utils-mapdevfs_1.08_sparc.udeb
HTTP/1.1" 200 2248 "-" "Wget" "-"
192.168.0.42 - - [13/Sep/2006:10:33:17 +0100] "GET
/debian//pool/main/e/e2fsprogs/e2fsprogs-udeb_1.37-2sarge1_sparc.udeb
HTTP/1.1" 200 134556 "-" "Wget" "-"
192.168.0.42 - - [13/Sep/2006:10:33:17 +0100] "GET
/debian//pool/main/l/linux-kernel-di-sparc-2.6/ext3-modules-2.6.8-3-sparc64-di_0.05sarge2_sparc.udeb
HTTP/1.1" 200 99084 "-" "Wget" "-"
192.168.0.42 - - [13/Sep/2006:10:33:17 +0100] "GET
/debian//pool/main/l/linux-kernel-di-sparc-2.6/fat-modules-2.6.8-3-sparc64-di_0.05sarge2_sparc.udeb
HTTP/1.1" 200 35124 "-" "Wget" "-"
192.168.0.42 - - [13/Sep/2006:10:33:17 +0100] "GET
/debian//pool/main/d/ddetect/hw-detect-full_1.14_all.udeb HTTP/1.1" 200
2676 "-" "Wget" "-"

I have checked the files on the mirror, and
/debian//pool/main/d/ddetect/hw-detect-full_1.14_all.udeb exists, and is
readable.
I assume it's something to do with the mirror, but I don't know what -
i386 clients boot OK, and updates are not a problem - it just seems to be
whilst installing a sparc client.
If I change mirror to point to somewhere else, it works .. I have tried
removing the ddetect directory and reimaging, but to no avail..
Any pointers?

Cheers,



Pete.


-- 
To UNSUBSCRIBE, email to [EMAIL PROTECTED] 
with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]

Re: why sarge's default kernel does not support scsi disk?

[Pete Clarke]

> Thanks! Then, how to pass options to initrd in grub's
> menu.lst? I mean scsi disks parameters. My scsi disk
> is not automatically recognized by sarge installation
> program.

That I do not know - I use lilo.
If you already have Sarge installed, you need to create a new /initrd.img
file - see man mkinitrd for details - you will need to include the module
for the SCSI card in the /etc/mkinitrd/modules file.

If you are trying to install, then you need to boot from a kernel that has
SCSI drivers incorporated - there is such an image, the "compact" disc
image IIRC.
>From there on in the discs should be visable.

Cheers


-- 
To UNSUBSCRIBE, email to [EMAIL PROTECTED] 
with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]

Re: why sarge's default kernel does not support scsi disk?

[Pete Clarke]

> How could that be possible? I check
> /boot/config-2.4.27-2-386 again, I find :
>
> CONFIG_SCSI=m
>
> You must have re-compiled kernel.

Not so, I have Sarge running on 8 Debian servers, all are only SCSI,
moreover they are SCSI Hardware RAID.
The drivers for the SCSI cards are built into the /initrd.img (man
mkinitrd) file that the kernel reads upon bootup.
The system will boot from the first device as specified in the BIOS (or
whatever your machine uses instead), this will allow the initial bootblock
to be read, this then gets the rest of the drivers etc. for booting from
the initrd.img, and booting continues from there as normal.

If you need *any* drivers for your machine to boot, they need to be
included in the /initrd.img file.

This is a non-technical description of the process, I'm sure someone more
knowledgable than me would be more accurrate.. ;-)

Cheers,



Pete.


-- 
To UNSUBSCRIBE, email to [EMAIL PROTECTED] 
with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]

Re: Sending mail takes ages.

[Pete Clarke]

I have had this bookmarked for when I finaly get into setting up a mail 
server;

"Configuring Exim and Courier IMAP under Debian GNU/Linux"

Perhaps it can help you..


Looks good.
I followed something similar when I set this up.

The general installation is not difficult, the devil is in the details.. :-)

Cheers 



--
To UNSUBSCRIBE, email to [EMAIL PROTECTED] 
with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]

Re: Sending mail takes ages.

[Pete Clarke]

 Could be an ident lookup timeout?

 Set:

 rfc1413_query_timeout = 0s

Steve


That appears to have made quite a difference...certainly from OE...
I will test it on the other clients too ...

Thanks a lot :-D

Cheers,


Pete.


--
To UNSUBSCRIBE, email to [EMAIL PROTECTED] 
with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]

Re: Sending mail takes ages.

[Pete Clarke]

#You sure it's the authentication that's taking the time?  A delay of a
#minute sounds suspiciously like a DNS timeout of some kind.  Is the
#server able to resolve the hostname(s) of the connecting clients?

I thought that, so I turned off host lookups in the exim config - same thing 
happens.

If I've missed anything, please let me know...

I have included my exim4 config file below, I am by no means an expert with 
exim, so please forgive the state of the file :-)


This was originally running as exim 3 on Woody, but migrated when Sarge went 
stable...


--

[EMAIL PROTECTED]:~$ cat /etc/exim4/exim4.conf.template
#!!# These options specify the Access Control Lists (ACLs) that
#!!# are used for incoming SMTP messages - after the RCPT and DATA
#!!# commands, respectively.

acl_smtp_rcpt = check_recipient
acl_smtp_data = check_message

#!!# This setting defines a named domain list called
#!!# local_domains, created from the old options that
#!!# referred to local domains. It will be referenced
#!!# later on by the syntax "+local_domains".
#!!# Other domain and host lists may follow.

domainlist local_domains = @ : \
   @[] : \
   localhost : \
   wimbledon : \
   *.wimbledon : \
   an.other.domain : \
   and.an.other

hostlist relay_hosts = 127.0.0.1 : \
   1 : \
   192.168.0.0/24

hostlist auth_relay_hosts = *

# This is the main exim configuration file.
# It was originally generated by `eximconfig', part of the exim package
# distributed with Debian, but it may edited by the mail system 
administrator.
# This file originally generated by eximconfig at Tue Mar 16 00:28:47 GMT 
2004
# See exim info section for details of the things that can be configured 
here.


# Please see the manual for a complete list
# of all the runtime configuration options that can be included in a
# configuration file.

# This file is divided into several parts, all but the last of which are
# terminated by a line containing the word "end". The parts must appear
# in the correct order, and all must be present (even if some of them are
# in fact empty). Blank lines, and lines starting with # are ignored.

##
#MAIN CONFIGURATION SETTINGS #
##

# Specify the domain you want to be added to all unqualified addresses
# here. Unqualified addresses are accepted only from local callers by
# default. See the receiver_unqualified_{hosts,nets} options if you want
# to permit unqualified addresses from remote sources. If this option is
# not set, the primary_hostname value is used for qualification.

#qualify_domain = wimbledon

# If you want unqualified recipient addresses to be qualified with a 
different

# domain to unqualified sender addresses, specify the recipient domain here.
# If this option is not set, the qualify_domain value is used.

# qualify_recipient =

# Specify your local domains as a colon-separated list here. If this option
# is not set (i.e. not mentioned in the configuration file), the
# qualify_recipient value is used as the only local domain. If you do not 
want
# to do any local deliveries, uncomment the following line, but do not 
supply

# any data for it. This sets local_domains to an empty string, which is not
# the same as not mentioning it at all. An empty string specifies that there
# are no local domains; not setting it at all causes the default value (the
# setting of qualify_recipient) to be used.


# Allow mail addressed to our hostname, or to our IP address.


# Domains we relay for; that is domains that aren't considered local but we
# accept mail for them.


# If this is uncommented, we accept and relay mail for all domains we are
# in the DNS as an MX for.

#relay_domains_include_local_mx = true

# No local deliveries will ever be run under the uids of these users (a 
colon-
# separated list). An attempt to do so gets changed so that it runs under 
the

# uid of "nobody" instead. This is a paranoic safety catch. Note the default
# setting means you cannot deliver mail addressed to root as if it were a
# normal user. This isn't usually a problem, as most sites have an alias for
# root that redirects such mail to a human administrator.

never_users = root

# The setting below causes Exim to do a reverse DNS lookup on all incoming
# IP calls, in order to get the true host name. If you feel this is too
# expensive, you can specify the networks for which a lookup is done, or
# remove the setting entirely.

host_lookup = !192.168.0.0/24 : *

# The setting below would, if uncommented, cause Exim to check the syntax of
# all the headers that are supposed to contain email addresses (To:, From:,
# etc). This reduces the level of bounced bounces considerably.


# Exim contains support for the Realtime Blocking List (RBL), and the many
# similar services that are being maintaine

Sending mail takes ages.

[Pete Clarke]

Hi all,

I have a Debian sarge mailserver, running exim4-daemon-heavy, 
courier-pop/imap etc.


When collecting email or using IMAP everything runs very well indeed, 
however, when sending mail from a standard client (OE, Squirrelmail, Kmail, 
Evolution, OSX mail app etc.) there is a long delay, upto a minute, before 
the authentication process kicks in and the mail is sent.


I am authenticating against an LDAP server (which is running on the same 
box), all other authentications (PAM,  Samba etc.) are instantaneous, it's 
just sending mail that takes forever.


I have googled, but to to avail.. any ideas?

Cheers,


Pete. 



--
To UNSUBSCRIBE, email to [EMAIL PROTECTED] 
with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]

FS quotas with ReiserFS

[Pete Clarke]

Hi all,

I am running multiple servers, each with various reiserFS partitions.
On the fileserver (home dirs amongst others) I wish to enable quotas. The
last time I looked, quota support for the 2.4 kernel was not available for
Reiser partitions - is this still the case?

Cheers,



Pete.


-- 
To UNSUBSCRIBE, email to [EMAIL PROTECTED] 
with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]

OT: Maximum number of fast ethernet cards

[Pete Clarke]

Hi there,

This is slightly offtopic, but does anyone know the maximum number of fast 
ethernet cards a typical PC can handle..?
I want to use a cheap (ish) Debian box as a firewall/router to suppliment my 
Netgear, and provide more services to the internal network than currently 
available.


With this in mind, I was intending on slapping a load of dual portal network 
cards into a redundant PC.
I remember reading a while back that the ultimate limit will be the PCI bus 
bandwidth - with this in mind, what would be the maximum number of NIC's I 
could realistically install into a PC?


Cheers,



Pete. 




--
To UNSUBSCRIBE, email to [EMAIL PROTECTED] 
with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]

Apache 2, DAV & LDAP problem...

[Pete Clarke]

Hi all,

I have a Debian Sarge server, running with Apache 2, DAV and Auth_ldap 
modules.
If I avoid authentication (i.e. just apache/dav) things are good ... 
however, if I try to get apache to authenticate against my ldap server 
things go wrong.


The relevant bit of the apache config is:

DAV on
AuthName "Wimbledon DAV Server"
AuthType basic
AuthLDAPEnabled on
AuthLDAPBindDN cn=XX_USER_XX,dc=wimbledon
AuthLDAPBindPassword XX_PASSWORD_XX
AuthLDAPURL ldap://directory.wimbledon/ou=People,dc=wimbledon?uid?sub
AuthLDAPAuthoritative on
require group cn=devel,ou=Groups,dc=wimbledon

I don't actually see an error in the apache logs, but I am unable to 
authenticate with the server - it just keeps popping the authentication 
window up each time.


The XX_USER_XX is correct, and the XX_PASSWORD_XX is also correct - these 
credentials are in use throughout the network with no problems.


Any ideas?


Cheers,



Pete. 




--
To UNSUBSCRIBE, email to [EMAIL PROTECTED] 
with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]

Re: Performance testing question:

[Pete Clarke]

2 x 2/DH Hardware RAID controllers
1 x Emulex LP8000 Fibre Channel controller
Dual 10/100 NIC (Intel)
Fibre 1000 NIC (Intel)
(All PCI slots are 32-bit/33 Mhz.)


I don't have experience with your hardware, but do you realize that a PCI
bus with 32bit/33MHz can't handle a gigabit NIC? The theoretical maximal
bandwidth is 133 MB/s which is shared with all slots at the bus. So if
you don't have more than one independant PCI bus at your mainboard all
your cards must share the bandwidth.


The 6500 has, I believe, dual PCI buses. I know that it is limiting the 
throughput of the NIC - would it also be holding the fibre channel card back 
also?
Still doesn't explain why a 32-bit 2/DH RAID card performs better than the 
64-bit (in 32-bit slot) 2Gb/sec fibre chanel card.



Are you sure that you had the same test conditions?


Same machine, the only difference is that /tmp is on the 2/DH card, and 
/export/iso is handled by the fibre channel one.


Cheers,



Pete. 




--
To UNSUBSCRIBE, email to [EMAIL PROTECTED] 
with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]

Re: Performance testing question:

[Pete Clarke]

Hi all,

I have been doing some performance testing on my file server, the specs
of the machine are:

Compaq Proliant 6500
Quad Pentium Pro 200/1MB cache
2GB Ram
2 x 2/DH Hardware RAID controllers
1 x Emulex LP8000 Fibre Channel controller
Dual 10/100 NIC (Intel)
Fibre 1000 NIC (Intel)
(All PCI slots are 32-bit/33 Mhz.)

This is connected, via a Storageworks San Switch 8 (basically a Brocade
Silkworm 2400) to two :

Storageworks 4000 fibre channel enclosure, each with 12 x 36GB U160,
10,000rpm drives arranged as 2 logical RAID 5 drives.

The box is running Debian Sarge, fully patched upto date.

I realise the hardware is not exactly top of the range, but I thought
I'd see what it would do.

OK, so I have run a few tests, but settled on dbench as it's *really*
easy to use :-)
I am seeing about 54MB/sec when run on the fibre connected drive(s), and
about 90MB/sec when using the 2/DH controllers...this seems a little
odd, as the 2/DH are only supposed to be 40 MB/sec interfaces, whereas
the LP8000 is a 1Gb/sec card - I would expect to be seeing closer to
100MB/sec from the fibre devices 

From local, 2/DH filesystems:

bungo:/tmp# dbench 2
2 clients started
  0 62477  90.67 MB/sec
Throughput 90.6613 MB/sec 2 procs

From FC connected:

bungo:/export/iso# dbench 2
2 clients started
  0 62477  44.23 MB/sec
Throughput 44.2259 MB/sec 2 procs

Is there anything else I can try, or do these figures seem reasonable to
everyone?

Cheers,



I would ask your question on the debian-isp list.  You are more likely
to find people there that have dealt with this level of hardware.

-Roberto


--
Roberto C. Sanchez
http://familiasanchez.net/~roberto


Thanks ... I'll try that..but there must be someone on this list with 
similar hardware - it's not *that* old or obscure surely?


Cheers,


Pete. 




--
To UNSUBSCRIBE, email to [EMAIL PROTECTED] 
with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]

Performance testing question:

[Pete Clarke]

Hi all,

I have been doing some performance testing on my file server, the specs of 
the machine are:


Compaq Proliant 6500
Quad Pentium Pro 200/1MB cache
2GB Ram
2 x 2/DH Hardware RAID controllers
1 x Emulex LP8000 Fibre Channel controller
Dual 10/100 NIC (Intel)
Fibre 1000 NIC (Intel)
(All PCI slots are 32-bit/33 Mhz.)

This is connected, via a Storageworks San Switch 8 (basically a Brocade 
Silkworm 2400) to two :


Storageworks 4000 fibre channel enclosure, each with 12 x 36GB U160, 
10,000rpm drives arranged as 2 logical RAID 5 drives.


The box is running Debian Sarge, fully patched upto date.

I realise the hardware is not exactly top of the range, but I thought I'd 
see what it would do.


OK, so I have run a few tests, but settled on dbench as it's *really* easy 
to use :-)
I am seeing about 54MB/sec when run on the fibre connected drive(s), and 
about 90MB/sec when using the 2/DH controllers...this seems a little odd, as 
the 2/DH are only supposed to be 40 MB/sec interfaces, whereas the LP8000 is 
a 1Gb/sec card - I would expect to be seeing closer to 100MB/sec from the 
fibre devices 



From local, 2/DH filesystems:

bungo:/tmp# dbench 2
2 clients started
  0 62477  90.67 MB/sec
Throughput 90.6613 MB/sec 2 procs


From FC connected:

bungo:/export/iso# dbench 2
2 clients started
  0 62477  44.23 MB/sec
Throughput 44.2259 MB/sec 2 procs

Is there anything else I can try, or do these figures seem reasonable to 
everyone?


Cheers,



Pete. 




--
To UNSUBSCRIBE, email to [EMAIL PROTECTED] 
with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]

Re: Samba and OS X "issue"

[Pete Clarke]

> We're running samba 3.0.14a-3sarge both on behalf of clients and
> ourselves and have OSX10.2 to 10.3.9 and windows clients accessing
> shares successfully.  OSX, however, is quite quirky and I found that I
> had to explicitly share users' home directories in smb.conf for the
> Mac's to see them.

I believe that the problem started with 10.4 ..
As for the shares, I am unable to view any shares, even the explicitly
stated ones..I am fully aware that this is probably not a Debian issue,
rather it's a problem with the implimentation on OS X Tiger, I could fix
it by installing a later version of Samba but to be honest, at the moment
I can get away with just not browsing until a cleaner solution is found.

> Also if you are sharing a printer from the debian server, have a look at:
> http://members.cox.net/18james/osx_printer_sharing.html

No printers are currently shared..that probably won't change.

Cheers,



Pete.


-- 
To UNSUBSCRIBE, email to [EMAIL PROTECTED] 
with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]

Re: Samba and OS X "issue"

[Pete Clarke]

> We're running samba 3.0.14a-3sarge both on behalf of clients and
> ourselves and have OSX10.2 to 10.3.9 and windows clients accessing
> shares successfully.  OSX, however, is quite quirky and I found that I
> had to explicitly share users' home directories in smb.conf for the
> Mac's to see them.

I believe that the problem started with 10.4 ..
As for the shares, I am unable to view any shares, even the explicitly
stated ones..I am fully aware that this is probably not a Debian issue,
rather it's a problem with the implimentation on OS X Tiger, I could fix
it by installing a later version of Samba but to be honest, at the moment
I can get away with just not browsing until a cleaner solution is found.

> Also if you are sharing a printer from the debian server, have a look at:
> http://members.cox.net/18james/osx_printer_sharing.html

No printers are currently shared..that probably won't change.

Cheers,



Pete.


-- 
To UNSUBSCRIBE, email to [EMAIL PROTECTED] 
with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]

Samba and OS X "issue"

[Pete Clarke]

Hi there,

I have recently added an Apple OS X based machine to my little home
network - nice to have a new architecture to play with :-)..and have hit a
bit of a problem whilst connecting to a Debian Sarge Samba
server...basically Finder hangs when attempting to browse any of the Samba
shares on any of my Debian servers - all running Sarge, and the version of
Samba that ships with it.

I have googled for this, and the concenous is that there is a bug in the
3.0.14 release that Sarge is equipped with - apparently it's fixed in
3.0.20.

My question is basically, does anyone have OS X (10.4.5 Tiger) browsing
Samba shares on a Debian Sarge server sucessfully, or do I have to ditch
the 3.0.14 Sarge version and install 3.0.20 instead?
I would rather stick to Sarge packages if possible, as I have a few
servers running Debian and it'd be a PITA to change them :-)

Cheers,



Pete.


-- 
To UNSUBSCRIBE, email to [EMAIL PROTECTED] 
with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]

Samba PDC, LDAP

[Pete Clarke]

Hi all,

I have the LDAP server providing single-password logons.
What I also have is a problem with new machines (Sarge based samba boxes)
living alongside the PDC (sarge samba box).

I can create a machine account on the PDC for the new samba server, and
join the domain from the new box.

When I look in the log.smbd file on the new samba server I see..

[2006/01/20 17:42:56, 1] lib/smbldap.c:add_new_domain_info(1364)
  failed to add domain dn= sambaDomainName=BUNGO,dc=wimbledon with:
Insufficient access
no write access to parent
[2006/01/20 17:42:56, 0] lib/smbldap.c:smbldap_search_domain_info(1413)
  Adding domain info for BUNGO failed with NT_STATUS_UNSUCCESSFUL

Bungo is the name of the new box, and wimbledon is the existing domain.

Why is samba attempting to create a new domain of bungo when the machine
is added to the PDC?

Cheers,


Pete.


-- 
To UNSUBSCRIBE, email to [EMAIL PROTECTED] 
with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]

Re: LDAP madness! - FIXED (I think)

[Pete Clarke]

> Pete,
>
> Without the LDAP entry you're attempting to authenticate against it
> is hard to say. I have gotten Samba to work with LDAP before; however, I
> don't currently have it setup as I'm re-structuring my LAN servers at
> the moment. Of interest in the LDAP entries is that Samba has it's own
> schema of attributes for which it looks for to authenticate and they are
> not the same used for POSIX authenticates typically used for PAM & NSS
> authentication. It actually maintains two (2) password attributes for
> Samba IIRC.

I believe I've fixed the problem - a tad embarrassing, but when creating
the new users with smbldap-useradd I didn't use the -a switch, which
indicates that it should create the samba schema "stuff" as well as just
the posix data! - Doh!
I thought it would automatically do that, but I guess not!

The examples I found on the net just used smbldap-useradd -m  -
this does not allow the user to be authenticated via samba..the -a switch
is required for that..

Anyway, I now have a working Unix/Linux/Windows single logon - I just need
to check things like passowrd synching now!

Cheers,


Pete.


-- 
To UNSUBSCRIBE, email to [EMAIL PROTECTED] 
with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]

Re: LDAP madness! [u]

[Pete Clarke]

   Without the LDAP entry you're attempting to authenticate against it
is hard to say. I have gotten Samba to work with LDAP before; however, I
don't currently have it setup as I'm re-structuring my LAN servers at
the moment. Of interest in the LDAP entries is that Samba has it's own
schema of attributes for which it looks for to authenticate and they are
not the same used for POSIX authenticates typically used for PAM & NSS
authentication. It actually maintains two (2) password attributes for
Samba IIRC.


Forgive me for sounding thick - what do you mean by "Without the LDAP entry 
you're attempting to authenticate against it is hard to say"?


I have the samba schema setup within LDAP, and have created the user using 
the smbldap-useradd - so the user is created as a samba user.
I can log in via the command line - i.e. the user appears to be a vlis unix 
type user also, and "finger" works fine. The only issue appears to be with 
attempting to authenticate against the user.


Cheers,


Pete. 




--
To UNSUBSCRIBE, email to [EMAIL PROTECTED] 
with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]

LDAP madness!

[Pete Clarke]

Hi all,

LDAP!
I have successfully managed to get a working LDAP installation for Unix 
clients, nss & pam logins work fine, even alongside the current NIS setup 
for testing purposes!


I am now trying to get the samba integration working for the Windows 
machines on this networkwhat a royal PITA this is proving to be!!


I can get the structure into the DB alright, and "finger" returns user 
information.smbldap-useradd and smbldap-password work fine, and 
anonymous binds (when using smbclient -L ) work well too ... the 
trouble is that I cannot get authenticated logings via Samba to work - I am 
only trying on the command line for the time being..


The relevant portion (I believe) from the server smb.conf file is:

 LDAP authentication 
netbios name = cholet
enable privileges = yes
ldap passwd sync = Yes

passdb backend = ldapsam:ldap://127.0.0.1
ldap admin dn = cn=admin,dc=wimbledon
ldap suffix = dc=wimbledon
ldap group suffix = ou=Groups
ldap user suffix = ou=People
ldap machine suffix = ou=Computers
#ldap ssl = start_tls

ldap delete dn = Yes

passwd program = /usr/sbin/smbldap-passwd -u " %u"

add machine script = /usr/sbin/smbldap-useradd -w "%u"
add user script = /usr/sbin/smbldap-useradd -m "%u"
delete user script = /usr/sbin/smbldap-userdel "%u"
add group script = /usr/sbin/smbldap-groupadd -p "%g"
delete group script = /usr/sbin/smbldap-groupdel "%g"
add user to group script = /usr/sbin/smbldap-groupmod -m "%u" "%g"
delete user from group script = /usr/sbin/smbldap-groupmod -x "%u" "%g"
set primary group script = /usr/sbin/smbldap-usermod -g "%g" "%u"et primary 
group script = /usr/sbin/smbldap-usermod -g "%g" "%u"


Logins from both the PDC and other samba boxes fail with :
session setup failed: NT_STATUS_LOGON_FAILURE

I am using Sarge on an Intel box for the server - does anyone have a working 
installation of Samba/LDAP that could help iron these problems out...?


Cheers,



Pete. 




--
To UNSUBSCRIBE, email to [EMAIL PROTECTED] 
with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]

passwd: Authentication service cannot retrieve authentication info.

[Pete Clarke]

Hi all,

I have a network running (mainly) Debian Sarge on both i386 and Sparc.
This network uses NIS (currently) for user/password authentication. If I
change the password for a user with yppasswd it's all fine, if, however, I
use  the passwd command I get:

 passwd: Authentication service cannot retrieve authentication info.

Is this expected behaviour?

I have changes my nsswitch.conf file to read

passwd: files nis
group:  files nis
shadow: files nis

As discovered in a previous posting to the Debian list...

Cheers,



Pete.


-- 
To UNSUBSCRIBE, email to [EMAIL PROTECTED] 
with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]

Re: Setting up a netboot server

[Pete Clarke]

> On Tue, Jan 10, 2006 at 12:10:35PM -0000, Pete Clarke wrote:
>> Hi all,
>>
>> I currently have a netboot server (tftp) for setting up Solaris
>> machines,
>> it is an Ultra 10 running Solaris 9.
>> I have a local mirror of the Debian archive, and currently use a netboot
>> CD image to boot x86 and Sparc workstations before installation over the
>> network.
>>
>> Solaris netboot/installation works fine - now, I want to expand this to
>> serve Debian installation images too - I can sort the tftp side of
>> things
>> (/etc/ethers /etc/hosts and the /tftpboot links) but am curious as to
>> what
>> extra software I need to install on the Solaris machine.
>>
>> Has anyone had any experience in this? I don't want to have to setup a
>> further tftp server specifically for the Debian installation if I can
>> possibly avoid it!
>> Basically I want to bypass the netboot CD image and get each new client
>> to
>> setup purely via the network.
>> the mirror is currently on a different machine to the tftp server.
>
> I would advice you to take a look at
> http://www.informatik.uni-koeln.de/fai/ .
> It might be just what you want, just for debian.
>

Thats for the link - although I am not bothered by having to actually
install the OS - I just need some pointers as to what I need to include on
the tftp server to allow workstations to do a network boot for
installation.

Cheers


-- 
To UNSUBSCRIBE, email to [EMAIL PROTECTED] 
with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]

Setting up a netboot server

[Pete Clarke]

Hi all,

I currently have a netboot server (tftp) for setting up Solaris machines,
it is an Ultra 10 running Solaris 9.
I have a local mirror of the Debian archive, and currently use a netboot
CD image to boot x86 and Sparc workstations before installation over the
network.

Solaris netboot/installation works fine - now, I want to expand this to
serve Debian installation images too - I can sort the tftp side of things
(/etc/ethers /etc/hosts and the /tftpboot links) but am curious as to what
extra software I need to install on the Solaris machine.

Has anyone had any experience in this? I don't want to have to setup a
further tftp server specifically for the Debian installation if I can
possibly avoid it!
Basically I want to bypass the netboot CD image and get each new client to
setup purely via the network.
the mirror is currently on a different machine to the tftp server.

Cheers,


Pete.


-- 
To UNSUBSCRIBE, email to [EMAIL PROTECTED] 
with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]

Re: Compaq 1850R

[Pete Clarke]

Are there any know issues with Sarge on a Compaq 1850R ?
I hope to install this weekend and hope to avoid any major issues.


No issues that I know of - I have 2 running here with Sarge (amongst other 
Proliants).

The Compaq hardware is pretty much well supported.

Cheers,



Pete. 




--
To UNSUBSCRIBE, email to [EMAIL PROTECTED] 
with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]

Reiserfs and quotas

[Pete Clarke]

Hi all,

I am running Debian sarge on i386 with some Reiserfs partitions.
Is it still the case that Reiserfs volumes don't support quotas?

Cheers


--
To UNSUBSCRIBE, email to [EMAIL PROTECTED] 
with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]

PHP4 + Oracle

[Pete Clarke]

Hi all,

So, I have the Oracle 9i client installed on my Debian Sarge development 
box.
All is good - I can use sqlplus to talk to the Oracle server (a Netra 
running Solaris 9 and Oracle 9i).
The next step is to get PHP talking to it! - What an uphill struggle this is 
proving to be...


I have apt-get'd the source for php4 - and modified the debian/rules file to 
include oci8 support (--with-oci8=/u01/app/oracle/product/9.2.0).
The problem is, that when executing dpkg-buildpackage I get a load of errors 
whilst attempting to compile the oci8 extensions.


Has anyone sucessfully compiled PHP with Oracle support on a Sarge system? 
If so - any tips worth sharing?

Is there a precompiled module for php4-oci8 anywhere?

I did some Googling, and found :
http://www.aandcp.com/blog/index.php?op=ViewArticle&articleId=11&blogId=1
Which I followed .. this results in the aforementioned errors.
An extract of the errors encountered are:

/root/php4-4.3.10/ext/oci8/oci8.c:4366: error: `ht' undeclared (first use in 
this function)
/root/php4-4.3.10/ext/oci8/oci8.c:4366: error: `return_value' undeclared 
(first use in this function)
/root/php4-4.3.10/ext/oci8/oci8.c:4366: error: `this_ptr' undeclared (first 
use in this function)
/root/php4-4.3.10/ext/oci8/oci8.c:4366: error: `return_value_used' 
undeclared (first use in this function)

/root/php4-4.3.10/ext/oci8/oci8.c: At top level:
/root/php4-4.3.10/ext/oci8/oci8.c:4374: error: syntax error before "zval"
/root/php4-4.3.10/ext/oci8/oci8.c: In function `zif_ocierror':
/root/php4-4.3.10/ext/oci8/oci8.c:4376: error: `arg' undeclared (first use 
in this function)
/root/php4-4.3.10/ext/oci8/oci8.c:4377: error: `statement' undeclared (first 
use in this function)
/root/php4-4.3.10/ext/oci8/oci8.c:4378: error: `connection' undeclared 
(first use in this function)
/root/php4-4.3.10/ext/oci8/oci8.c:4379: error: `text' undeclared (first use 
in this function)

/root/php4-4.3.10/ext/oci8/oci8.c:4379: error: syntax error before "errbuf"
/root/php4-4.3.10/ext/oci8/oci8.c:4380: error: `sb4' undeclared (first use 
in this function)
/root/php4-4.3.10/ext/oci8/oci8.c:4381: error: `sword' undeclared (first use 
in this function)
/root/php4-4.3.10/ext/oci8/oci8.c:4382: error: `dvoid' undeclared (first use 
in this function)
/root/php4-4.3.10/ext/oci8/oci8.c:4382: error: `errh' undeclared (first use 
in this function)
/root/php4-4.3.10/ext/oci8/oci8.c:4384: error: `ub2' undeclared (first use 
in this function)
/root/php4-4.3.10/ext/oci8/oci8.c:4384: error: syntax error before 
"errorofs"
/root/php4-4.3.10/ext/oci8/oci8.c:4385: error: `sqltext' undeclared (first 
use in this function)

/root/php4-4.3.10/ext/oci8/oci8.c:4389: error: syntax error before ')' token
/root/php4-4.3.10/ext/oci8/oci8.c:4395: error: request for member `in_call' 
in something not a structure or union
/root/php4-4.3.10/ext/oci8/oci8.c:4395: error: request for member `in_call' 
in something not a structure or union

/root/php4-4.3.10/ext/oci8/oci8.c:4395: error: syntax error before ')' token
/root/php4-4.3.10/ext/oci8/oci8.c:4395: error: request for member `in_call' 
in something not a structure or union
/root/php4-4.3.10/ext/oci8/oci8.c:4403: error: request for member `in_call' 
in something not a structure or union
/root/php4-4.3.10/ext/oci8/oci8.c:4403: error: request for member `in_call' 
in something not a structure or union

/root/php4-4.3.10/ext/oci8/oci8.c:4403: error: syntax error before ')' token
/root/php4-4.3.10/ext/oci8/oci8.c:4403: error: request for member `in_call' 
in something not a structure or union

/root/php4-4.3.10/ext/oci8/oci8.c:4413: error: syntax error before ')' token
/root/php4-4.3.10/ext/oci8/oci8.c:4420: error: request for member `pError' 
in something not a structure or union
/root/php4-4.3.10/ext/oci8/oci8.c:4421: error: request for member `error' in 
something not a structure or union
/root/php4-4.3.10/ext/oci8/oci8.c:4425: error: `return_value' undeclared 
(first use in this function)
/root/php4-4.3.10/ext/oci8/oci8.c:4433: error: request for member `in_call' 
in something not a structure or union
/root/php4-4.3.10/ext/oci8/oci8.c:4433: error: request for member `in_call' 
in something not a structure or union
/root/php4-4.3.10/ext/oci8/oci8.c:4433: error: `errcode' undeclared (first 
use in this function)
/root/php4-4.3.10/ext/oci8/oci8.c:4433: error: `errbuf' undeclared (first 
use in this function)
/root/php4-4.3.10/ext/oci8/oci8.c:4433: error: `ub4' undeclared (first use 
in this function)

/root/php4-4.3.10/ext/oci8/oci8.c:4433: error: syntax error before "sizeof"
/root/php4-4.3.10/ext/oci8/oci8.c:4433: error: request for member `in_call' 
in something not a structure or union
/root/php4-4.3.10/ext/oci8/oci8.c:4447: error: `errorofs' undeclared (first 
use in this function)

/root/php4-4.3.10/ext/oci8/oci8.c: At top level:
/root/php4-4.3.10/ext/oci8/oci8.c:4460: error: syntax error before "zval"
/root/php4-4.3.10/ext/oci8/oci8.c: In function `zif_ocinumcols':
/root/php4-4.3.10

Re: Apache/PHP/Oracle 9i on Debian Sarge

[Pete Clarke]

Installing the Oracle 9i client is easy.  It's the database install that 
sucks, mainly due to Oracle's craptastic gui and it's problems.


I only need the Client installed, the server is running on a Solaris box.
I am having the devils own job getting the client installed tho' - I 
followed the instructions here:


http://sneezy.hybrigenics.fr/oracle/

But I cannot get the installer to actually run!
I get as far as running "./runInstaller" but all I get is a command prompt 
back again!
If I try to run "install/linux/runInstaller" directly I get a segmentation 
fault...


Has anyone actually installed the Oracle 9i client sucessfully under Sarge 
... if so, what (if any) hoops did you have to jump through?


Cheers,



Pete. 




--
To UNSUBSCRIBE, email to [EMAIL PROTECTED] 
with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]

Apache/PHP/Oracle 9i on Debian Sarge

[Pete Clarke]

Hi all,

I have a Debian Sarge server running Apache/Apache-SSL/PHP (Sarge standard 
releases).
I need to add Oracle support to this box so that I can connect via PHP to an 
Oracle Server (Solaris 9 box) across the network...is this a simple thing to 
do?
I have tried Googling, but nothing useful came up (that I could find) .. I 
understand that I need to install the Oracle client libraries on the Debian 
box..do I have to do anything else?


Cheers,



Pete. 




--
To UNSUBSCRIBE, email to [EMAIL PROTECTED] 
with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]

Apache/PHP/Oracle 9i on Debian Sarge

[Pete Clarke]

Hi all,

I have a Debian Sarge server running Apache/Apache-SSL/PHP (Sarge standard
releases).
I need to add Oracle support to this box so that I can connect via PHP to an
Oracle Server (Solaris 9 box) across the network...is this a simple thing to
do?
I have tried Googling, but nothing useful came up (that I could find) .. I
understand that I need to install the Oracle client libraries on the Debian
box..do I have to do anything else?

Cheers,



Pete.



--
To UNSUBSCRIBE, email to [EMAIL PROTECTED] 
with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]

Re: rack servers debian friendly

[Pete Clarke]

I FINALLY figured out to do an Alt+F2 at install before partitioning and 
"modprobe megaraid"  so at least the system will install now. However, the 
network cards are whipping my butt.  :)


:-)
I have a netinst boot disk that I found, for Sarge, designed for Dell,HP 
etc. with "odd" hardware - worksa a treat now.


So you have a clue on the Intelligent Pro 10/100 network card that comes 
with this beast?

I tried modprobe e100 and modprobe eepro100 still can not recognize it.


Generally speaking, the older Proliants (i.e. pre "DL" etc.) are Thunderlan 
(tlan module) and the newer ones are e100.

Even the fibre cards are Intel e1000's :-)
I haven't come across a hardware combination that doesn't follow that rule.

For your information, I currently have, as an example, a Proliant 6500r, 4 
CPU, 2GB Ram, 2 x dual 10/100 (Intel e100) NIC's, 1 x Emulex LP8000 HBA, 1 x 
1000SX NIC, 4 x 2D/H array controllers with 10 internal 36gb discs, attached 
also via fibre channel to a FCAL hub with 2 x 4100 SCSI->Fiber enclosures 
each with 12 x 36GB discs.
I had to compile the driver for the Emulex HBA but other than that it all 
worked "out of the box" so to speak.


HTH.


Cheers,



Pete. 




--
To UNSUBSCRIBE, email to [EMAIL PROTECTED] 
with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]

Re: rack servers debian friendly

[Pete Clarke]

Having found the Netserver LPr to be not so debian friendly, I'm looking 
to buy a coupla used 600mhz 2u units that are more friendly. I'd like to 
be able to load mepis up in case of emergency etc, though the unit's will 
have debian sarge installed.


I had a little problem with my LPr too - but once you know how to get the 
hardware recognised it works fine!


I'd like suggestions on which brand may be more friendly to debian?  IBM, 
dell?  or what?


Most of my servers (I have 9 of them) are all Compaq Proliant's (apart from 
the 1 LPr and a couple of Netra's) - from older 6500's (quad CPU) to newer 
DL380's - all install fine with Sarge netinst (I have a private Debian 
mirror that I netinstall from), and they have never let me down - 24/7 for 
that past 2 years and counting..



Or should I just resign myself to keep "rolling my own"   :)


That's fine if you can get the parts nice'n'cheap - I paid about £50.00 for 
the DL380 (2 x 733PIII, 1GB Ram), and about the same for the Proliant 
1850r's (2 x 550PII, 1GB Ram) - you'd be hard pushed to build something 
comparable for that sort of money, especially comsidering the Proliants are 
all "proper" server architecture..


Just my £0.02 - HTH.

Cheers,



Pete. 




--
To UNSUBSCRIBE, email to [EMAIL PROTECTED] 
with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]

Re: OT: suggestions of uncapped Broadband >512Kbp in UK

[Pete Clarke]

> On Wed, 2005-08-03 at 13:26 +0100, Pete Clarke wrote:
>> > On 3 Aug 2005, at 12:35, michael wrote:
>> >
>> >> OFF TOPIC (not sure which is more appropriate list)
>> >>
>> >> I've moved house and need to get Broadband installed. I'll be
>> >> running X
>> >> from a remote site and it seems a 1Gb or 2Gb cap will be too
>> >> restrictive. So any suggestions of uncapped (reliable) B'band ISPs in
>> >> the UK - preferable at 1Mbs or higher.
>> >>
>> >> I considered Tiscali & NTL but then I saw too many negative reviews
>> >> [NB:
>> >> there's no cable in my street so it'd be NTL's freedom service and
>> >> it's
>> >> unclear which of NTL's services were being slated). The next best
>> >> seems
>> >> Tesco - uncapped but only 512Kbps...
>> >
>> > I was with PlusNet for 12 months until the end of June and I didn't
>> > have any trouble at all from them. The only trouble I ever had was
>> > caused by BT cutting the line for a few days... Static IP, uncapped,
>> > with a range of available speeds. Note that you'll always only get
>> > 256 Kbps upstream bandwidth unless you go for SDSL which is very
>> > expensive.
>>
>> FWIW I can highly recommend Eclipse (http://www.eclipse.co.uk) - I have
>> been with them for coming up to 2 years now, and have had zero problems
>> with them.
>> Their technical support staff are great - on the 2 occasions I have had
>> to
>> use it (both times it was BT's problem at the exchange end) I have found
>> the staff extremely helpful, polite and knowledgable - they didn't get
>> phased at all when I mentioned that I run Debian with many connections
>> behind my router.
>> The package is static IP, no ports blocked, no bandwidth limits with
>> free
>> webspace/email etc. - all in all I am more than happy with them.
>>
>> HTH.
>>
>
> mmm their website says 1Gb per month max download (the 14.99 option)...
> or are you talking about this 'FLEX' thing?
>
> Ta, Michael
>

The FLEX thing ... I migrated from the 512k 20:1 contention product to the
1Mb FLEX broadband and have been getting consitant 115Kb/s download - very
happy with it.
The connection is shared amongst 5 of us (My wife, 3 of my kids and me)
and we use a *lot* of bandwidth between us - so far there has been no
complaints :-)

Cheers


-- 
To UNSUBSCRIBE, email to [EMAIL PROTECTED] 
with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]

Re: OT: suggestions of uncapped Broadband >512Kbp in UK

[Pete Clarke]

> On 3 Aug 2005, at 12:35, michael wrote:
>
>> OFF TOPIC (not sure which is more appropriate list)
>>
>> I've moved house and need to get Broadband installed. I'll be
>> running X
>> from a remote site and it seems a 1Gb or 2Gb cap will be too
>> restrictive. So any suggestions of uncapped (reliable) B'band ISPs in
>> the UK - preferable at 1Mbs or higher.
>>
>> I considered Tiscali & NTL but then I saw too many negative reviews
>> [NB:
>> there's no cable in my street so it'd be NTL's freedom service and
>> it's
>> unclear which of NTL's services were being slated). The next best
>> seems
>> Tesco - uncapped but only 512Kbps...
>
> I was with PlusNet for 12 months until the end of June and I didn't
> have any trouble at all from them. The only trouble I ever had was
> caused by BT cutting the line for a few days... Static IP, uncapped,
> with a range of available speeds. Note that you'll always only get
> 256 Kbps upstream bandwidth unless you go for SDSL which is very
> expensive.

FWIW I can highly recommend Eclipse (http://www.eclipse.co.uk) - I have
been with them for coming up to 2 years now, and have had zero problems
with them.
Their technical support staff are great - on the 2 occasions I have had to
use it (both times it was BT's problem at the exchange end) I have found
the staff extremely helpful, polite and knowledgable - they didn't get
phased at all when I mentioned that I run Debian with many connections
behind my router.
The package is static IP, no ports blocked, no bandwidth limits with free
webspace/email etc. - all in all I am more than happy with them.

HTH.

Cheers,


Pete.


-- 
To UNSUBSCRIBE, email to [EMAIL PROTECTED] 
with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]

Strange login problem

[Pete Clarke]

Hi there,

I have a strange problem that has manifested itself recently.
I am unable to log into ne of my boxes - either via ssh or local console.

SSH returns " has closed the connection" immediately after
issuing  the "ssh2 command from another machine.
A local login just quits - i.e. you enter a username at the login prompt
and it just returns to the "user" login prompt - doesn't even ask for
password.

All services on the box are currently running fine, I just seem unable to
get a shell..

This box is not internet facing and no other boxes are exhibiting this
behaviour, so I am discounting an intrusion.

If I boot the machine in single user mode (i.e. linux single at the lilo
prompt) I can get into the machine and everything is OK until I either
logout, or issue "init 2" to get to runlevel 2 (it's normal run-mode).

The machine is running sarge on a Compaq Proliant SMP machineI have
had no problems until a few days ago when this started...

Any ideas ... or any more infomation required?

I would prefer not to rebuild the machine, but if necessary I suppose I
will have to..

Cheers,



Pete.


-- 
To UNSUBSCRIBE, email to [EMAIL PROTECTED] 
with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]

Linux and Solaris Mail playing nicely

[Pete Clarke]

Hi all,

I realise this is a Linux list, but I figured there must be some Sendmail
guru out there :-)

I have just added a few Solaris boxen to my (nearly) all Linux (Debian)
network, and would like to get each one to deliver *all* mail to my current
mailserver.
Basically, I don't want *any* mail delivered locally, just forwarded on.

My new.mc file looks like this:

OSTYPE(`solaris8')dnl
DOMAIN(`solaris-generic')dnl
define(`SMART_HOST', 'my.mail.server')dnl
FEATURE(`relay_entire_domain')dnl
DAEMON_OPTIONS(`Port=smtp,Addr=127.0.0.1, Name=MTA')
MAILER(`smtp')dnl

But I still get local mail  Any ideas?
I have tried Googling, but the volume of useless results kinda negates the
search!

Cheers,



Pete.



-- 
To UNSUBSCRIBE, email to [EMAIL PROTECTED] 
with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]

Viewing Couriergraph output

[Pete Clarke]

Hi all,

I have noticed a package called couriergraph which can give statistics for a
mailserver (I believe).
A Google brings up lots of information regarding Debian CD's and the Debian
package information, but not the information on what it does, and how to run
it/ view the output.

I run courier-imap-ssl, courier-pop etc. and would be interested in some
stats - if I could find out how to read the RRD files...

Anybody else using this tool?

Cheers



-- 
To UNSUBSCRIBE, email to [EMAIL PROTECTED] 
with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]

Source/Policy based routing on multihomed host

[Pete Clarke]

Hi all,
I have a couple of debian machines with multiple interfaces (two dual-port 
10/100 e100 cards - bond0 & bond1). When the systems are started, each 
interface receive packets, and the machines can access the internet etc. 
with no problems.
The issue is that whilst the interfaces receive packets on both bond0 and 
bond1, and transmitted packets always go via bond0, bond1 has 0 Tx packets,
I believe, after a Google search, that this is due to asymetric routing, and 
is addressed via use of the iproute2 package.  I apt-get'd iproute2, and set 
the new route and rules thus:

ip route add default via 192.168.0.1 dev bond0 tab 1 (192.168.0.1 is the 
gateway/router)
ip route add default via 192.168.0.1 dev bond1 tab 2

ip rule add from 192.168.0.3/32 tab 1 priority 500 (bond0 addr)
ip rule add from 192.168.0.4/32 tab 2 priority 600 (bond1 addr)
ip route flush cache
This results in packets being Rx and Tx via the appropriate devices - the 
local network works a treat, all machines can talk to all other machines on 
the local lan ONLYthe servers cannot contact the internet.
DNS is handled via a local machine, and name lookups work fine - when a 
"ping" (for example) is attempted I get "No route to host"...

Anyone have any ideas?
Cheers,
Pete. 


--
To UNSUBSCRIBE, email to [EMAIL PROTECTED] 
with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]

Re: Debian creates duplicate image files with strange extensions!

[Pete Clarke]

when I take this folder through the windows explores I get files with
a "~" attached to there names. If I try to delete them or open them
the I get an error
These are created by Windows (may be XP SP2 specific) whenever it creates a 
file.
They contain zone information metadata - plain text files with details of 
where the files came from. I have been getting them for a while now, but 
only when a file is created with XP SP2 writing to a Woody Samba 
installation. If I create a file on a Sarge Samba installation these files 
do not appear.

I don't know of a workaround, there may be a way of telling Windows not to 
add the metadata, or indeed newer versions of Samba may ignore them 
altogether...

Cheers 


--
To UNSUBSCRIBE, email to [EMAIL PROTECTED] 
with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]

Re: IBM Rack Server recommendation

[Pete Clarke]

#> Thanks for this info. Can anyone recommend a branded 1 U Rack server
#> that works on Debian GNU/Linux?
#>
I# have debian (woody and sarge) running on dell servers (PE 1750 and PE
#2650) and IBM servers (x350 series).

Personally I can't recommend Compaq (HP) servers highly enough - stable and
I haven't had many issues with the Compaq hardware (fibre channel
controllers aside :-).

I've installed both Stable (Woody) and Testing (Sarge) on various models
(850r, 2500r, 5500r, 3000r, 6500r etc). with absolutely no problems - I
can't imagine the 1U boxen are any different.


-- 
To UNSUBSCRIBE, email to [EMAIL PROTECTED] 
with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]

Sed scripting...

[Pete Clarke]

Hi all,

I have a need for some search and replace type activity...

I need to change the urls in a bunch of files within a directory hierarchy.
I have been playing with sed to get the replacing done, and have come up
with the following:

sed -e 's/^.*:\///g' -e '/^\//!s/^/\//g' -e
'/$BASE_URL/!s/^/\/$BASE_URL/g' -e 's/^/$PRECEED_HTTP' "$filename" >
"$TMPFILE"

Where $BASE_URL is the 1st level url - i.e. www.debian.org.
$PRECEED_HTTP is the prefix that I want prepended to all urls - i.e.
http://127.0.0.1/
$filename is the file to modify and $TMPFILE is a temporary output file.
This works OK for lines that are just urls, but not (obviously) for lines
that urls embedded in them.

Any pointers?

Cheers,


Pete.


-- 
To UNSUBSCRIBE, email to [EMAIL PROTECTED] 
with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]

Qlogic QLA2200F

[Pete Clarke]

Hi all,
Does anyone have any experience with the following:
QLogic QLA2200F (ISP2200);
Compaq Fibre Channel Array Enclosure;
Compaq Fibre Channel Hub 12;
I am running Woody and Sarge on two different boxes, both with the QLogic 
cards installed.
Both cards are recognised, and installed OK ... /proc/scsi/ contains an 
entry for isp2x00, and the file beneath that details the device OK.
The problem is that the cards will not "talk" to the Compaq enclosure, 
neither via the hub or connected directly ...

When I modprobe -a qlogicfc, under the 2.4.18-1-686-smp kernel it detects 
the array controller, but the type is Unknown, then I get a scsi: unknown 
device type 12 error.
Under the 2.6.7 kernel I get the same error, but the controller is correctly 
identifed as type RAID.

Basically I don't know what to do next to get this little lot working ... 
does anyone have any ideas?

Cheers,
Pete. 


--
To UNSUBSCRIBE, email to [EMAIL PROTECTED] 
with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]

Re: Ethernet card not responding after some time

[Pete Clarke]

#Well, the card that I am using is a DEC/Tulip as well, so I probably
#have to replace it then.
I have a similar problem with a Compaq Netellient (tlan driver)..
It works for a while, then stops completely - no amount of 
/etc/init.d/networking stop/starting works - I end up having to reboot(!)..

Mind you, this is using bonding for 2 tlan cards...for some reason the whole 
networking subsystem appears to stop.

Still, it's these little challenges that keep my brain working  :-)
Cheers

--
To UNSUBSCRIBE, email to [EMAIL PROTECTED] 
with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]

Re: One More time.

[Pete Clarke]

I have copy of 2.1 (slink?)  and 2.2 (potato?) on CD, and I'm more than 
happy to do you a copy if you want...

- Original Message - 
From: "Bradley Pursley" <[EMAIL PROTECTED]>
To: "Debian-User" <[EMAIL PROTECTED]>
Sent: Wednesday, August 18, 2004 12:47 PM
Subject: One More time.

 I will ask this again (for the 3rd time) and then am going to drop it
assuming that no one knows the answer.  Does anyone know what has happened
to all of the older versions like Potato or Slink, previous to Woody, of
Debian?  The archive.debian.org site isn't responding and the
debain-archive folder on the ftp.debian.org site no longer exists.  I've
done a check on all of the mirrors and they don't seem to exist anywhere.
I need to get a copy of one of these older versions is why I am asking.
Bradley
--
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of "unsubscribe". Trouble? Contact 
[EMAIL PROTECTED]



--
To UNSUBSCRIBE, email to [EMAIL PROTECTED] 
with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]

Deleted root account in passwd

[Pete Clarke]

Hi there,
I managed to delete the root entry in /etc/passwd whilst playing 
on a test box
Is there an easy way of re-inserting, or copying the backup passwd file I 
have without physical access to the box?

I can ssh into it, but only as a regular user - obviously I can't su to root 
as it doesn't exist anymore :-)

Any ideas?
Cheers 


--
To UNSUBSCRIBE, email to [EMAIL PROTECTED] 
with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]

Network connection failing, but adaptors still "up"

[Pete Clarke]

Hi all,

I have a strange problem, that I am sure is my fault somehow :-)

I have 2 thunderlan cards in a server, they are set up to use active-backup
bonding.
After an undetermined period they stop communicating with the network,
although the link is apparently "up" still ... mii-tool reports 100mbs/full
duplex connection, the link lights on the switch are lit and everything is
reported OK in ifconfig -a...
However, they refuse to use the network link, and all attempts to
communicate fail .. either in or out.

The setup is:

Debian Stable;
Compaq 2500r;
Dual PPro 200/512 (using 2.4.18-1-686-smp kernel);
512mb;
45gb RAID;
Dual Thunderlan 10/100 cards (using tlan driver);

Both cards are detected fine, and set up as eth0 and eth1, bonded to bond0.
Bonding works fine, and when they work, everything is good ... unplug one
cable and it automatically switches to the other, and visa-versa..however,
as stated, after a (seemingly) random time period, all network connectivity
is lost.

Any ideas?
I have "Googled" but came up blank..

Cheers,



Pete.


-- 
To UNSUBSCRIBE, email to [EMAIL PROTECTED] 
with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]

Re: Debian, Xwindows, USB Mouse and GeForce 4

[Pete Clarke]

> I have an unremarkable Pentium 4-class machine that I wish to operate as 
> a webserver.  I have installed Debian (v 3.0 r2 i386, the latest 

> When I type 'startx' I get 'Fatal server error'.  The error messages are 
> too numerous to fit onto one screen but they are basically variations on 
> the theme of 'no compatible video card found'

Is there a specific reason you want X on a webserver?


Cheers,


Pete.


-- 
To UNSUBSCRIBE, email to [EMAIL PROTECTED] 
with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]

Re: Maximum number of logical partitions

[Pete Clarke]

> Seems to be (mostly) correct. Take a look at the minor numbers of
> thedevice files:


Indeed ... hadn't thought of that.
Seems strange that SCSI can only have upto 15 partitions tho' - it's a bit
of a PITA really as I wanted to split the large RAID 0 volume up into small
partitions to distribute as LVM groups..oh well, better re-think my strategy
I guess..

Any idea *why* SCSI can only have 15 partitions when IDE can have upto 64?

Cheers,


Pete.



-- 
To UNSUBSCRIBE, email to [EMAIL PROTECTED] 
with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]

Maximum number of logical partitions

[Pete Clarke]

Hi there,

Does anyone know the maximum number of partitions that can be created on a
SCSI disc?
I have Googled and come up with the following:

Primary - 4.

SCSI - 15 logical;
IDE   - 63 logical.

Seems a bit odd?
I am using Kernel-2.4.18-1-686-smp on Woody.

Cheers,


Pete.


-- 
To UNSUBSCRIBE, email to [EMAIL PROTECTED] 
with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]

Re: Re: LVM over RAID

[Pete Clarke]

> Are you using hardware RAID or software RAID? It sounds like you intend
> to use software RAID. It doesn't really change much, though.

The Fileserver has 3 hardware RAID cards with onboard cache.
All discs are SCSI.

> If you don't actually want RAID functionality, you can use LVM to glue
> all the disks together into one big virtual disk. That sounds like your
> goal. Mind you, I'm a big fan of actually using RAID if I have enough
> disks lying around to do it. I have an 8 x 18GB RAID5 myself.

The main crux of the question is, I guess, whether it would be better to use
the RAID 0 of the hardware RAID card to glue the discs, then create little
partitions for use with LVM or to use LVM to stripe across the JBOD discs..

Would using the discs as hardware RAID 0 with say 10gig partitions be
quicker than using LVM to stripe across the discs set up as JBOD?

> Are you optimizing for write speed, read speed, or a balance? Is
> redundancy not worth any speed reduction?

As it is a fileserver I think a balance would be best.
Redundancy is not a major issue, I have backups, however, if it doesn't
impact too much I may consider RAID 5 for the data arrays.

Cheers,


Pete.


-- 
To UNSUBSCRIBE, email to [EMAIL PROTECTED] 
with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]

LVM over RAID

[Pete Clarke]

Hi gurus...

I have a question regarding LVM and RAID.

I have a 324gb and 350gb RAID enclosure, the 324gb consists of 9 x 36gb
discs, and the other is 7 x 50gb discs.
This space is destined for a file server, and usually I would just use
appropriate RAID level to define the volumes etc.
However, after being caught out with needing more space in the past I
decided to go the LVM route, what I need to know now is how best to go about
it...Do I:

Just treat each drive as a seperate device (i.e JBOD) and create a PV for
each disc and use software striping where necessary, or define each array as
one big RAID 0 (backup is taken care of) and create lots of little
partitions to use as PV's?

I guess the second route would be the best bet, as it would use the benefit
of hardware RAID 0 with smaller partitions. But would this cause issues by
having potentially *lots* of partitions spread over the disc (the howto
advises against using the partitions for PV's but rather to use whole
devices (discs /dev/sdxx etc.)).

I am basically looking for the solution that provides the best balance
between performance (speed is really an issue) and flexibility.

I have checked Google and the various howto's but they don't really touch on
this scenario...


Cheers,



Pete.


-- 
To UNSUBSCRIBE, email to [EMAIL PROTECTED] 
with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]

Re: Bash equivalent to DOS /p

[Pete Clarke]

> Why would you want to cat the file _and_ page it? That is a useless use of
> cat here, as less accepts STDIN.

It was an example ... the OP wanted a way to page output from a command, the
command I chose for the example was "cat" - it could easily have been
anything else -

#> ls -lsart | less

Better? :-)

Cheers,



Pete.



-- 
To UNSUBSCRIBE, email to [EMAIL PROTECTED] 
with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]

Re: Bash equivalent to DOS /p

[Pete Clarke]

> I know that this is a really n00bish question, but I have to ask.  What
> is the command that limits output from a command to just a page at a
> time, like the /p command in DOS?


Why not pipe the output through less .. eg:
#> cat somedoc.txt | less

This will page the output, allowing you to scroll forwards and backwards
through it.

HTH

Pete.



-- 
To UNSUBSCRIBE, email to [EMAIL PROTECTED] 
with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]

Re: FDDI vs Fast Switched Ethernet

[Pete Clarke]

> (You say you're going to lay fiber and call that "FDDI". FDDI is a
> networking protocol (ie PPP, Token Ring, ATM, Ethernet) not a physical
> cabling spec/designation like cat5.  So, while I don't want to sound
> rude... I hope you know what equiptment you actually have :P  I mean,
> is there a chance you just have a bunch of terminated fiber and atm or
> gigabit ethernet cards? :))

:-)
I realise my terminology is a little off, but yes ... they are definately
dual attach fiber cards..



-- 
To UNSUBSCRIBE, email to [EMAIL PROTECTED] 
with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]

FDDI vs Fast Switched Ethernet

[Pete Clarke]

Hi there,

I currently have a switched fast ethernet network installed in my house.
Each room has network points, and all traffic goes through Cat 5e cables
and10/100 switches.

I have the opportunity to play with fiber (FDDI) - my question is has anyone
any exprience of FDDI adaptors in linux, and what the relative pros and cons
are - cost is not a problem for this project as I already have the FDDI
cards/cables/switches/hubs etc.

Is FDDI any quicker than 100 Base-T? The network load is quite heavy -
streaming large (>4gb) ISO's, copying large files to/from file server and
other general network access.

TIA.


Cheers,



Pete.



-- 
To UNSUBSCRIBE, email to [EMAIL PROTECTED] 
with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]

Courier IMAP shared folders

[Pete Clarke]

Hi all,

I have a working installation of courier-imap for general mail delivery, the
problem I am having is with shared folders.

I can set up shared folders thus:

maildirmake -S /home/shared/maildir
maildirmake -s write -f Announcements /home/shared/maildir

create /etc/courier/maildirshared with:

Announcements/home/shared/maildir/

This results in the shared folder being active ... all well and good...
Trouble is, when OE (I know, I know) connects, it sees the shared folders
as:

shared
   - Announcements
   - Announcements

Both shared and the first level Announcements are un-readable as far as OE
is concerned...but the last one is OK.

Is this a problem with the way I have set up the shared folder, or does it
look like an OE issue? changing clients on the Windows boxes is not a
problem, as long as it's not Thunderbird (bad experience)..

I haven't got a Linux client that is working at the moment, so I don't know
if Linux mail clients can see the folders correctly.

TIA..


Cheers,



Pete.



-- 
To UNSUBSCRIBE, email to [EMAIL PROTECTED] 
with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]

Extracting the $h_to domain...

[Pete Clarke]

Hi there,

I would like to have my exim system filter reply to certain domains with a
standard message - the text is unimportant, but the problem I have is that I
cannot seem to extract the recipient domain from the message.

i.e.
if the email was sent to [EMAIL PROTECTED] then I would need to extract the
@bob.com from the $_to variable.

Is there a nice'n'easy way of doing this? I have searched the exim help/man
pages etc. and googled but have come up blank.
There is a wealth of info for the $local_part etc. but this doesn't work.

Also, can I prepend something to subject lines using the $h_subject var?


Cheers,


Pete.


-- 
To UNSUBSCRIBE, email to [EMAIL PROTECTED] 
with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]

Re: 7zip

[Pete Clarke]

> Is there a .deb version of 7-Zip?
> I have googled, and apt-cache search'd but couldn't find anything other
than
> it may be a "removed" package...

Oops - sorry.
Just found that it is a Windows-only tool (even though it's GPL)  and
requires the Windows SDK to compile.
[http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=160928]

Blast - I have some .7z files that I need to unzip - guess I'll have to do
them at work then.

Cheers all,


Pete.


-- 
To UNSUBSCRIBE, email to [EMAIL PROTECTED] 
with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]

7zip

[Pete Clarke]

Hi there,

Is there a .deb version of 7-Zip?
I have googled, and apt-cache search'd but couldn't find anything other than
it may be a "removed" package...

If not, I'll grab the source...

Cheers,



Pete.


-- 
To UNSUBSCRIBE, email to [EMAIL PROTECTED] 
with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]

Re: Messages from cron daemon and exim_tidydb

[Pete Clarke]

> What do these messages from the cron daemon mean?
> Failed to open DB file /var/spool/exim/db/retry: File exists
> and
> Failed to open DB file /var/spool/exim/db/wait-remote_smtp: File
exists

I had these on one of my boxes that has exim set up as a satellite system.
It would relay mail to the main server a few times, then stop with those
errors.

All I did was copy exim.conf from one of my working setups, change the
internal name and re-started exim.
Seems to be OK at the moment..

Is your system set up as a satellite?


-- 
To UNSUBSCRIBE, email to [EMAIL PROTECTED] 
with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]

Re: aptitude in cronjobs

[Pete Clarke]

Can you not just redirect the output to /dev/null ?
I do this for several of my cron jobs...

i.e.
  ... > /dev/null

I was getting the same kind of thing, but once I added the redirection it
stopped :-)

HTH.

Cheers,


Pete.


-- 
To UNSUBSCRIBE, email to [EMAIL PROTECTED] 
with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]

Re: Upgrading Debian

[Pete Clarke]

> Are there packages from Testing and Unstable on the Debian CD's (3.02
> etc)? or just Stable.
> I'm interested in installing Debian, but many packages in stable seem a
> little out of date, and an upgrade with a 56k modem looks as though it
> would take forever.

:-) check the archives. There was a rather long thread on the releases a
while back.

Stable contains just Stable packages - hence the name :-)
The release you run largely depends on the role the particular machine
fills, and on how much you trust the packages in unstable/testing.

I ran my home network (sad I know) on a 56k dialup until recently - now that
I can get broadband it has made keeping everything uptodate a *lot*
easiereven network installs :-))

If you want to run a production server, I thoroughly recommend using Stable
(woody) - with maybe the odd backport, depending on the packages you need
... I run web/dns/dhcp/db/file/ftp servers, both @ home and @ work, on
Stable with no problems .. I can't think of a particularily good reason to
need > Stable for a server.
For workstations, any of the releases should be fine - just bear in mind
that if anything breaks you get to keep both halves! :-)
Having said that, this forum is a superb source of information and help
should anything go TU..

HTH.

Cheers,




Pete.


-- 
To UNSUBSCRIBE, email to [EMAIL PROTECTED] 
with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]

Re: branding debian releases

[Pete Clarke]

> I don't mean this to sound rude, but it probably will do.  If you need
> it and no-one else is willing to do it, we look forward to submission of
> your patch.  If no-one else is willing to devote resources to it, then
> take a step back and ask why.

:-) well said.

> Also, please note that Debian doesn't only run on PC's, which makes the
> install significantly more complex under the bonnet.

Indeed ... I believe the PPC & PA-Risc ports are particularily good.

> Because the old crap works, and is quick and functional.  Bloating the
> OS to fit into newer systems is much more of a MS approach.

I run a couple of Compaq 850's (Pentium Pro) which make superb servers under
Woody and an old Compaq Professional Workstation 5000 (again, PPro) as an X
terminal - Debian works flawlessly for this, try getting Windows XX to run
reliably and effeciently on that hardware..

I used to sell computers for a living, and most people who bought the most
up-to-date computers only wanted to write the odd letter, email and surf the
web - not the best use of system resources.  Just because your hardware is
not the latest/greatest, doesn't mean it's useless...

> Different people have different criteria for what constitutes an
> arse-kicking.  Some people want more bells and whistles, some want
> reliability etc.

For me, the ability to install a system from scratch in less time than it
takes the Windows 2000 installation to format a 40gb disc is arse-kicking!
:-)

> Working on beautifying something that is rarely used is possibly not the
> best use of resources.  If you disagree, like I said before, then please
> contribute your resources!  :)

I would say that the Debian installer is used (on a per-system basis) less
than M$'s one anyway ;-) regardless of how many machines you have.

Cheers,



Pete.


-- 
To UNSUBSCRIBE, email to [EMAIL PROTECTED] 
with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]

Re: branding debian releases

[Pete Clarke]

> I dislike the old and miserable/poor look of it, reminds me of old dos
boxes
> or a blue screen :-)
> I dislike the poor information you sometimes get out of it (not true for
> every inst. step though)

Isn't this down to personal preference tho' - the last time I installed RH
or Mandrake it had a console only mode as an option...

> No I'm not I used VC20, C64, Amiga500, HP-UX Systems, Macintosh, PPC and
> PC's... but I'm glad that we have such powerful systems now, so why stick
to
> the old crap?

:-) The "old crap" really flies on new hardware, this is the same as having
faster CPU's and loading the latest M$ OS that requires more resources...

> I don't argue only on the functionality I argue on the looks. I never used
> dselect because I still fear doing something wrong. I'm a little bit angry

Wrong in what way?? I always found dselect very straightforward..
Select a package, read the description and choose to install it or not .. it
automatically tells you if there are
dependencies and resolves them for you. Nice and simple.

> when I know that on other systems like rh I simply press the mouse button
> and i can (de)select packages without writing down 10 fancy keystrokes,
this
> is too time consuming. Reminds me of my first experiences with vi. Time is

But I don't have a mouse on my headless servers... :-)

> an issue and also the easy-to-install thing. So whenever dselect pops up
and
> asks if it should be run I'm like "HELL NO!!!"
>At the moment I even won't use tasksel but only install basic system and
> then run the apt-get. But remember, I'm talking about the first experience
> with debian, not people like you who are used to it.

To be honest I don't use Tasksel either ... I also do the basic install then
dselect or apt-get (depending on what I am installing).  But I don't see it
being a problem.

> May sound lazy too, and yes I'm a lazy guy. If my boss tells me to setup
an
> apache server and tells me to use debian because the cust would like to
have
> especially this distri well heck I'm stuck in the installation routine for
> hours trying to figure out how dselect works. GREAT :-( And the main part,

..install a basic system (< 10 mins) then apt-get install apache! :-)

> I install every system on my own and I doubt that someone like my sister

Likewise .. I have installed every computer I have owned since 1995 (ish)..

> would be able to do a successfull installtion with debian and X. But she
> succesfully reinstalled win2000 on her own, without me even knowing it

My wife managed to install Debian, and she is not the most computer literate
person around...she likes to play Majong and a few other things, writes the
odd letter etc. - doesn't know about the internals, just a regular user.

> sorry you can't seriously tell me that it's simpler to install debian then
> wintendo, ah c'mon ;o) (we don't have to talk about the os itself,
> I'm on your side I hate this crash and burn system ;-)

I believe it is ... I can install a fully functional debian system in less
time than a Windows 2000 one.
All hardware detected and running, no extrenous crap to remove - no constant
reboots for each security update - the list goes on!

> And to get away from M$ ("winzigweich") you should try a RH and SuSe
install
> and then judge for yourself. which install looks nicer? which
installer
> is simpler to use for the average user? which installer has tons of
> information on any subject you can click with your mouse?

Just because the installer is prettier, doesn't make it better..
I have installed SUSE 9 today, yes it looks good - but I don't need a GUI to
install an OS.
I agree that these things have their place, but then we all have a choice
too - personally, like I stated before, I like the current installer and
find it quick and easy to use & get a systemup and running in as short a
period of time as possible.

I agree that some people may be initially disorientated when presented with
a console screen for installation, but then I think we have been spoilt by
fancy graphics, mice and windows! :-)

This, like so many other things, comes down to personal choice I guess - and
right now there is no choice. Having said that, one of the reasons I
initially chose Debian was that the installation was clean and simple! Goes
to show how much attitudes towards this sort of thing have changed over the
past few years.

Cheers,



Pete.


-- 
To UNSUBSCRIBE, email to [EMAIL PROTECTED] 
with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]

Re: branding debian releases

[Pete Clarke]

> P.S.: And while I'm on it, plez enhance the installation routine,
> something like a graphical interface. This takes the fear off most users.

Personally I like the current Woody installer :-)
I find it quick and easy to use - runs nicely on older hardware due to not
having the overhead of any kind of GUI.
If you are only brought up in the GUI world of Windows, then I guess it will
be a little disconcerting at first, but it's not hard to pick up.

> Take a look at SuSe and Redaht and you'll know what I mean. I know that
> there are also a lot of small things which aren't good, like the package
> selection, those are far better in Debian. But the "blue screen" :-P is
> really annoying and confusing. My first installtion were more like 3 1/2
> installations, if you catch my drift.

At least the task selector and dselect do a good job of resolving any
dependancies whilst installing - I have had loads of problems with Red Hat
(although I have not installed it recently) and broken packages due to
missing libraries etc.

Also, how many people in the Windows world actually install their own OS? I
suspect *most* buy a computer with it pre-installed, or take it to a shop
for upgrades - the few that do it themsleves would have little problem with
the current installation of Debian.
Without wishing to sound too evangelical, I have had fewer issues installing
Debian on a variety of hardware than I have had installing Windows - in
fact, my main workstation refuses to run with Windows 2000, so has a nice
copy of Woody + backports instead.

...just my 2p :-)

Cheers,



Pete.


-- 
To UNSUBSCRIBE, email to [EMAIL PROTECTED] 
with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]

Re: Latest kernel security upgrade in woody is BROKEN! DO NOT INSTALL!

[Pete Clarke]

> kernel packages named kernel-image-2.4.18-1- with version
2.4.18-13 contain only
> one module.

That and it expects the modules at 2.4.18-1 instead of 2.4.18-1-686-smp!

> hoping this warning is timely and not _too_ redundant,

:-)
Found out the hard way  there is a 13.1 now tho' ...



-- 
To UNSUBSCRIBE, email to [EMAIL PROTECTED] 
with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]

RAID performance

[Pete Clarke]

Hi there,

I am about to upgrade my file server, and have a question for you good
people :-)

I will be installing 4 120gb EIDE ATA133 drives, would I get better
performance by mounting each one individually, or by RAID0ing them?

Backup is taken care of, so redundancy is not a problem, also I will be
using ext3 (unless someone can suggest something better, but that's all I
have experiience of).
The file sizes are small to medium in general, but some are over 1 - 2gb
(not many).


Cheers,


Pete.


-- 
To UNSUBSCRIBE, email to [EMAIL PROTECTED] 
with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]

Re: Local apt mirror

[Pete Clarke]

Hi there,

Thanks for the sugesstions ... I will try apt-mirror later on and see what
happens.

Cheers,


Pete.


-- 
To UNSUBSCRIBE, email to [EMAIL PROTECTED] 
with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]

Local apt mirror

[Pete Clarke]

Hi there,

I would like to run a local "apt" mirror for the machines on my local
network. At the moment all Debian machines independantly do their own
updates & dist-upgrades via one of the Debian web mirrors.
This results in many duplicated downloads, what would the best way to setup
and maintain a local Apt mirror?

I have Googled for this, and found many suggestions, but no helpful,
practical solutions.


Cheers,


Pete.


-- 
To UNSUBSCRIBE, email to [EMAIL PROTECTED] 
with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]

Re: vsftpd

[Pete Clarke]

> I am running vsftpd v1.2.1 backported for Woody on an otherwise pretty

> The vsfpd.conf file looks like this:

U ... I know it's generally bad to reply to your own posts, but I have
kinda solved this one ..

For those that are interested ... the users that are eligible for ftp access
must have a valid shell (i.e. not /bin/false) specified in the /etc/passwd
file...
Doesn't say this anywhere in the docs I read, and I thought that disabling
the shell would be a security measure - oh well .. you live and learn! :-)

Cheers,


Pete.



-- 
To UNSUBSCRIBE, email to [EMAIL PROTECTED] 
with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]

vsftpd

[Pete Clarke]

Hi there,

I am running vsftpd v1.2.1 backported for Woody on an otherwise pretty
standard install.
The problem is that when running, I can only connect as one certain user (me
as it happens)..all other users get "Login Incorrect" errors , even when the
correct username/password combination is used..

The vsfpd.conf file looks like this:

listen=yes
anonymous_enable=NO
local_enable=YES
write_enable=YES
xferlog_enable=YES
userlist_enable=YES
userlist_deny=NO
userlist_file=/etc/vsftp/user.list
chmod_enable=NO
dirmessage_enable=YES
hide_ids=YES
ls_recurse_enable=YES
pasv_enable=YES
port_enable=YES
xferlog_enable=YES
accept_timeout=30
connect_timeout=30
data_connection_timeout=120
idle_session_timeout=120
local_max_rate=6144
max_clients=5
max_per_ip=1
banner_file=/etc/vsftp/banner
cmds_allowed=GET,PUT,PASV,FEAT,RETR,PWD,LIST,TYPE,LS,ASCII,BIN,HASH

The /etc/vsftp/user.list file looks like:

pclarke
lloyd
emu

If I try to log in with a user *not* in the user.list file I get an
immediate login denied message, which I would expect. When trying to log in
with a user other than pclarke, I get the "Login Incorrect" error.

Any ideas??

Cheers,


Pete.



-- 
To UNSUBSCRIBE, email to [EMAIL PROTECTED] 
with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]

Re: Squidguard vs Dansguardian

[Pete Clarke]

> Hmm.. Ok... Are you sure your squidGuard ACLs are set correctly and that
in
> squid.conf squidGuard is using the correct config file?
> >From my squid.conf:
> redirect_program /usr/bin/squidGuard -c
> /etc/chastity/squidGuard-chastity.conf

>From mine :

redirect_program /usr/bin/squidGuard -c /etc/squid/squidGuard.conf

> Initially installed chastity as a starting point for our blocklists.

I have modified the conf file to have acl's dependant on user.
There were some issue with it, but the log file reports errors until you fix
them :-)

Here is a snippit from my squidGuard.conf file...

#---
# access lists
#
acl {
grownups {
# allow everything except adverts...
pass !ads all
}

kids {
# block inappropriate sites
pass !porn !adult !drugs !gambling !violence !dialers all
}

default {
# block access to all unknown users
pass none
 redirect XXX
}
}



-- 
To UNSUBSCRIBE, email to [EMAIL PROTECTED] 
with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]

Re: Squidguard vs Dansguardian

[Pete Clarke]

Hi there,

Well, I compiled the .db files using squidGuard -C all and everything runs
*much* quicker now - no slowdowns at all, and system load is negligable -
trouble is, nothing gets blocked!

Any further ideas?? possibly something I've missed?

Cheers,


Pete.



-- 
To UNSUBSCRIBE, email to [EMAIL PROTECTED] 
with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]

Re: Squidguard vs Dansguardian

[Pete Clarke]

> But your as well not to. SquidGuard doesn't look at them - we keep ours
> around so we can verify blocked urls, rebuild the db files if necessary
etc.
> etc.

:-) sorry - my reply should have gone to the list, not to you personally..

Thanks for the input - I will convert the files and try again.

Cheers,


Pete.


-- 
To UNSUBSCRIBE, email to [EMAIL PROTECTED] 
with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]

Re: Squidguard vs Dansguardian

[Pete Clarke]

> Our blacklists dir totals to about 24MB - I'd suggest that squidGuard
rather
> than squid could be your problem.

I concur .. when I disable squidGuard everything flies...

> Have the blacklists converted into dbm format?

They are, I believe, still in the plaintext format under
/var/lib/squidguard/db/*

Cheers,


Pete.


-- 
To UNSUBSCRIBE, email to [EMAIL PROTECTED] 
with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]

Squidguard vs Dansguardian

[Pete Clarke]

Hi there,

OK, so I have not got broadband (yea!) and have got my firewall etc. in
place.
The next thing for me to sort out is the proxy ... Squid is my first
choice - simply because it's the only one I have any experience of..
I also want to install content-filtering for the kids (rightly or wrongly -
I have decided it's a good option) and started with squidGuard.
The problem with that is that as soon as it starts, it consumes 100% of all
resources (CPU and disk thrash like crazy) making the system unresponsive
and eventually requiring a reboot just to be able to log into the console.
I put the redirector entry into squid.conf and it did indeed appear to
work - just *extremely* slowly.  OK .. so then I decided to try
DansGuardian - much better, system load stay's around 0.4 - 0.15 under heavy
usage.  The problem is that I like the flexibility of squidGuard (acl's
etc.) and the speed of DansGuardian - the latter is a little too strict in
it's filtering policy for my liking...

My (rather drawn out) question is this:

Does anyone have experience of SquidGuard running on Debian (fully patched,
stable Woody system) - if so, what are the gotcha's regarding performance
etc.
The system it's running on is:

Compaq Presario 850r Dual Pentium Pro 200;
512mb Ram;
18gb SCSI Disc.

The squid cache (/var/spool/squid) is on a seperate physical disc,
everything else is just a partition on the 1st SCSI disc.

I am using the blacklist from DansGuardian site, it's quite large but
comprehensive.


Cheers,


Pete.


-- 
To UNSUBSCRIBE, email to [EMAIL PROTECTED] 
with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]

Re: SMP on Compaq 850r

[Pete Clarke]

> I've got a few of their "cousins" - the professional workstation 5000.
> The 2nd CPU isn't correctly shut down when you do a soft reboot so you
> have to do a hard reboot i.e power cycle to get CPU2 online.

I have a 5000Pro also - excellent X terminals.


-- 
To UNSUBSCRIBE, email to [EMAIL PROTECTED] 
with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]

Re: SMP on Compaq 850r

[Pete Clarke]

> I am going to try a clean install of debian on a spare 850 to see if it
> works, I'll ost my results when I find out.

DOH! How stupid do I feel? I re-ran the SCU and set the OS to Unix/Linux and
the 2nd CPU magically reappeared.. seems I must have changed it at some
point...

Sorry to waste your time people :-)



-- 
To UNSUBSCRIBE, email to [EMAIL PROTECTED] 
with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]

Re: SMP on Compaq 850r

[Pete Clarke]

> I'm running an HP Netserver LHPro200 and it is running the same kernel
> and both processors seem to be working fine.  I think there was a
> security patch for this kernel a few weeks ago and I didn't notice any
> problems post upgrade.

Wierd ... everything was fine before the last kernel security upgrade, since
then none of the machines will use the 2nd CPU.

I am going to try a clean install of debian on a spare 850 to see if it
works, I'll ost my results when I find out.

Cheers,


Pete.



-- 
To UNSUBSCRIBE, email to [EMAIL PROTECTED] 
with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]

SMP on Compaq 850r

[Pete Clarke]

Hi there,

I have several Proliant 850r's running dual 200mhz Pentium Pro CPU's.
I have noticed that since the last apt-get dist-upgrade the boot procedure
no longer recognises the 2nd CPU.

Each machine goes through the POST OK, with the bios initialising both
processors, but when Debian boots it displays "SMP motherboard not detected"
and only uses the 1st CPU.

This was working previously, does anyone know if SMP has been
removed/altered/broken in the latest 2.4.18-686-smp kernel image?

I am using a fairly standard Woody install, with all security patches
applied etc.


Cheers,


Pete.



-- 
To UNSUBSCRIBE, email to [EMAIL PROTECTED] 
with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]

Re: Eweek article: Debian earns quiet popularity

[Pete Clarke]

> One thing that has bugged me for a while is the fact that so many
> websites (this is not the case with eweek I believe, it just surfaced
> again) that are dedicated to Linux, open source, GPL, etc, have the
> ".asp" pages. One of the causes is very clear: In most educational
> places that I know, they are mass producing windows servers
> administrators.

AFAIK you can run .asp pages on Apache..it's not (just) a IIS thing :-)


-- 
To UNSUBSCRIBE, email to [EMAIL PROTECTED] 
with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]

Re: Question about sarge installation.

[Pete Clarke]

#thanks four your reply. I was afraid that I would do this... I'm late to
#install the systems... I will use apt-cacher in a server to save my
#time. Can you give a minimal sources.list file to securely upgrade my
#woody installation to sarge?

I believe you can just replace the occurances of "stable" in the
sources.list with "testing"...
I don't have access to my box from here so I can't confirm - anyone?

Cheers,


Pete.


-- 
To UNSUBSCRIBE, email to [EMAIL PROTECTED] 
with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]