Re: Weird server mystery: self-reset, mostly

[will trillich]

That's quite an assertion. How can I confirm it HAS been compromised, as
opposed to thinking it's a possibility?


On Thu, Jan 27, 2011 at 9:44 AM, Henrique de Moraes Holschuh  wrote:

> On Tue, 25 Jan 2011, will trillich wrote:
> > In kern.log there's only
> > Jan 23 23:04:59 darth kernel: [64084756.601774] exploit[25161]: segfault
> at
> > 10c00b ip  sp deadc01d error 6
> > Jan 23 23:05:08 darth kernel: [64084765.528734] NET: Registered protocol
> > family 5
>
> There is no mistery.  Your system has been compromised.  Get post-mortem
> backups done for forensic purposes, wipe the box, and proceed to a full
> reinstall.
>
> Kindly don't leave that thing connected to the network for now, as it is
> likely being used as a botnet C&C node, or as an attack platform.
>
> Based on the uptime and "debian_version" data you provided, whomever
> takes care of that system has been very negligent with security updates.
> It is no wonder it got rooted.  Let that be a lesson for the future.
>
> --
>  "One disk to rule them all, One disk to find them. One disk to bring
>  them all and in the darkness grind them. In the Land of Redmond
>  where the shadows lie." -- The Silicon Valley Tarot
>   Henrique Holschuh
>



-- 
-- 
will trillich -- http://faq.serensoft.com/
"The truth is that many people set rules to keep
from making decisions." -- Mike Krzyzewski

Re: Weird server mystery: self-reset, mostly

[will trillich]

Ooh, hadn't noticed that. "I'm sorry, Dave, I'm afraid I can't do that..."
:)

So... Nobody else has had a weird
shut-down-all-user-processes-and-all-daemons event? I must be special!


On Wed, Jan 26, 2011 at 1:58 PM, elbbit  wrote:

> On 26/01/11 01:26, will trillich wrote:
> > In kern.log there's only
> > Jan 23 23:04:59 darth kernel: [64084756.601774] exploit[25161]: segfault
> at
> > 10c00b ip  sp deadc01d error 6
> 
>
> Am I the only one to see "Dead Cold" in there?  That error code right
> THERE is freaky enough on it's own.
>
> Who knows... maybe the internet is becoming self aware.
>
>
> --
>
> elbbit
>



-- 
-- 
will trillich -- http://faq.serensoft.com/
"The truth is that many people set rules to keep
from making decisions." -- Mike Krzyzewski

Weird server mystery: self-reset, mostly

[will trillich]

Never seen this before -- all daemons and all user processes killed. Zap. It
happened around 23:17 Sunday, Chicago time (that's when /var/log/* abruptly
stopped). Any idea what might cause this?


I was ssh'd in to my Debian server and... disconnected. No problem, I was
using *screen* to *vim* some *Catalyst* modules, so I'll just reconnect and
reattach... connection refused.

Wha?

Tried telnet to port 22, no sign of life. Tried telnet to port 80, no sign
of life.

Went to the server room, logged in on the console:

will@darth:~$ uptime
 23:58:11 *up 583 days*,  3:03,  6 users,  load average: 0.00, 0.02, 0.08

So the server hadn't had a hard reset, still up 583 days. In /var/log/syslog
there are the usual cron logs up to about 23:17 and then.. nothing.

will@darth:~$ ps afx
  PID TTY  STAT   TIME COMMAND
2 ?S< 0:00 [kthreadd]
3 ?S< 1:13  \_ [migration/0]
4 ?S<29:21  \_ [ksoftirqd/0]
5 ?S< 0:32  \_ [watchdog/0]
6 ?S< 1:12  \_ [migration/1]
7 ?S<77:19  \_ [ksoftirqd/1]
8 ?S< 0:02  \_ [watchdog/1]
9 ?S<44:52  \_ [events/0]
   10 ?S<78:24  \_ [events/1]
   11 ?S< 0:00  \_ [khelper]
   44 ?S<13:20  \_ [kblockd/0]
   45 ?S< 0:40  \_ [kblockd/1]
   47 ?S< 0:00  \_ [kacpid]
   48 ?S< 0:00  \_ [kacpi_notify]
  121 ?S< 0:00  \_ [kseriod]
  161 ?S<19:53  \_ [kswapd0]
  162 ?S< 0:00  \_ [aio/0]
  163 ?S< 0:00  \_ [aio/1]
  642 ?S< 0:00  \_ [ksuspend_usbd]
  647 ?S< 0:00  \_ [khubd]
  761 ?S< 0:00  \_ [ata/0]
  764 ?S< 0:00  \_ [ata/1]
  765 ?S< 0:00  \_ [ata_aux]
  774 ?S< 0:00  \_ [scsi_eh_0]
  775 ?S< 0:00  \_ [scsi_eh_1]
  877 ?S<42:46  \_ [kjournald]
 1301 ?S<17:22  \_ [edac-poller]
 1384 ?S< 0:00  \_ [kpsmoused]
 1640 ?S< 0:00  \_ [kstriped]
 1654 ?S< 0:00  \_ [ksnapd]
 1681 ?S<76:13  \_ [kjournald]
 1682 ?S<   126:18  \_ [kjournald]
12642 ?S  0:09  \_ [pdflush]
19987 ?S  0:00  \_ [pdflush]
1 ?Ss10:04 init [2]
11064 tty2 Ss+0:00 /sbin/getty 38400 tty2
11065 tty3 Ss+0:00 /sbin/getty 38400 tty3
11066 tty4 Ss+0:00 /sbin/getty 38400 tty4
11067 tty5 Ss+0:00 /sbin/getty 38400 tty5
11068 tty6 Ss+0:00 /sbin/getty 38400 tty6
12995 tty1 Ss 0:00 /bin/login --
13077 tty1 S  0:00  \_ -bash
13107 tty1 R+ 0:00  \_ ps afx

Freaky: init, that's process #1, isn't at the top? And all daemons except
for getty were gone. All user processes including my screen sessions! and
vim sessions!, were gone.

Checking 'last' didn't show any suspicious activity.

In kern.log there's only
Jan 23 23:04:59 darth kernel: [64084756.601774] exploit[25161]: segfault at
10c00b ip  sp deadc01d error 6
Jan 23 23:05:08 darth kernel: [64084765.528734] NET: Registered protocol
family 5

After a quick
$ sudo bash
# cd /etc/rc2.d
# for x in S*; do sh $x start; done

the server was back up and serving... and then the saddest sight of all, of
course:

will@darth:~$ screen -ls
There is a screen on:
26279.pts-3.darth   (06/19/09 21:54:31) (Dead ???)
Remove dead screens with 'screen -wipe'.
1 Socket in /var/run/screen/S-will.

:(

$ tail /var/log/messages
Jan 23 22:56:26 darth -- MARK --
Jan 23 23:04:59 darth kernel: [64084756.601774] exploit[25161]: segfault at
10c00b ip  sp deadc01d error 6
Jan 23 23:05:08 darth kernel: [64084765.528734] NET: Registered protocol
family 5
Jan 23 23:16:26 darth -- MARK --
Jan 23 23:47:02 darth syslogd 1.5.0#5: restart.

So everything crapped out after 23:16, and I restarted it at 23:47.

*Anybody got a clue as to what might have happened to kill all daemons and
user-processes in one swoop? This has been a rock-solid Debian server for
years...*

will@darth:~$ cat /etc/debian_version
5.0.4

-- 
The first step towards getting somewhere is to decide that you are not going
to stay where you are.  -- J.P.Morgan

Weird server mystery: self-reset, mostly

[will trillich]

Never seen this before -- all daemons and all user processes killed. Zap. It
happened around 23:17 Chicago time (that's when the log-daemons quit
logging). What would cause this?


I was ssh'd in to my Debian server and... disconnected. No problem, I was
using screen to vim some Catalyst modules, so I'll just reconnect and
reattach... connection refused.

Wha?

Tried telnet to port 22, no sign of life. Tried telnet to port 80, no sign
of life.

Went to the server room, logged in on the console:

will@darth:~$ uptime
 23:58:11 up 583 days,  3:03,  6 users,  load average: 0.00, 0.02, 0.08

In /var/log/syslog there are the usual cron logs up to about 23:17 and
then.. nothing.

So the server hadn't had a hard reset, still up 583 days. Yet:

will@darth:~$ ps afx
  PID TTY  STAT   TIME COMMAND
2 ?S< 0:00 [kthreadd]
3 ?S< 1:13  \_ [migration/0]
4 ?S<29:21  \_ [ksoftirqd/0]
5 ?S< 0:32  \_ [watchdog/0]
6 ?S< 1:12  \_ [migration/1]
7 ?S<77:19  \_ [ksoftirqd/1]
8 ?S< 0:02  \_ [watchdog/1]
9 ?S<44:52  \_ [events/0]
   10 ?S<78:24  \_ [events/1]
   11 ?S< 0:00  \_ [khelper]
   44 ?S<13:20  \_ [kblockd/0]
   45 ?S< 0:40  \_ [kblockd/1]
   47 ?S< 0:00  \_ [kacpid]
   48 ?S< 0:00  \_ [kacpi_notify]
  121 ?S< 0:00  \_ [kseriod]
  161 ?S<19:53  \_ [kswapd0]
  162 ?S< 0:00  \_ [aio/0]
  163 ?S< 0:00  \_ [aio/1]
  642 ?S< 0:00  \_ [ksuspend_usbd]
  647 ?S< 0:00  \_ [khubd]
  761 ?S< 0:00  \_ [ata/0]
  764 ?S< 0:00  \_ [ata/1]
  765 ?S< 0:00  \_ [ata_aux]
  774 ?S< 0:00  \_ [scsi_eh_0]
  775 ?S< 0:00  \_ [scsi_eh_1]
  877 ?S<42:46  \_ [kjournald]
 1301 ?S<17:22  \_ [edac-poller]
 1384 ?S< 0:00  \_ [kpsmoused]
 1640 ?S< 0:00  \_ [kstriped]
 1654 ?S< 0:00  \_ [ksnapd]
 1681 ?S<76:13  \_ [kjournald]
 1682 ?S<   126:18  \_ [kjournald]
12642 ?S  0:09  \_ [pdflush]
19987 ?S  0:00  \_ [pdflush]
1 ?Ss10:04 init [2]
11064 tty2 Ss+0:00 /sbin/getty 38400 tty2
11065 tty3 Ss+0:00 /sbin/getty 38400 tty3
11066 tty4 Ss+0:00 /sbin/getty 38400 tty4
11067 tty5 Ss+0:00 /sbin/getty 38400 tty5
11068 tty6 Ss+0:00 /sbin/getty 38400 tty6
12995 tty1 Ss 0:00 /bin/login --
13077 tty1 S  0:00  \_ -bash
13107 tty1 R+ 0:00  \_ ps afx

Freaky: init, that's process #1, isn't at the top? And all daemons except
for getty were gone. All user processes including my screen sessions! and
vim sessions!, were gone.

Checking 'last' didn't show any suspicious activity.

In kern.log there's only
Jan 23 23:04:59 darth kernel: [64084756.601774] exploit[25161]: segfault at
10c00b ip  sp deadc01d error 6
Jan 23 23:05:08 darth kernel: [64084765.528734] NET: Registered protocol
family 5

After a quick
$ sudo bash
# cd /etc/rc2.d
# for x in S*; do sh $x start; done

the server was back up and serving... and then the saddest sight of all, of
course:

will@darth:~$ screen -ls
There is a screen on:
26279.pts-3.darth   (06/19/09 21:54:31) (Dead ???)
Remove dead screens with 'screen -wipe'.
1 Socket in /var/run/screen/S-will.

:(

$ tail /var/log/messages
Jan 23 22:56:26 darth -- MARK --
Jan 23 23:04:59 darth kernel: [64084756.601774] exploit[25161]: segfault at
10c00b ip  sp deadc01d error 6
Jan 23 23:05:08 darth kernel: [64084765.528734] NET: Registered protocol
family 5
Jan 23 23:16:26 darth -- MARK --
Jan 23 23:47:02 darth syslogd 1.5.0#5: restart.

So everything crapped out after 23:16, and I restarted it at 23:47.

*Anybody got a clue as to what might have happened to kill all daemons and
user-processes in one swoop? This has been a rock-solid Debian server for
years...*

will@darth:~$ cat /etc/debian_version
5.0.4

-- 
The first step towards getting somewhere is to decide that you are not going
to stay where you are.  -- J.P.Morgan

Re: how to get past apt-get errors? is there a manual workaround? SOLVED

[will trillich]

Thanks, Daniel --

We got it to work by inserting "exit 0" as the first line of code in
/etc/init.d/postgresql-7.4. (Tried the
/var/lib/dpkg/info/postgresql-7.4.prerm tweaks you suggested but still
had trouble.) This was acceptable in our case because 7.4 was NOT
running, there was NO pidfile, so just a quick return-from-init was a
very sane approach.

Now we are once again able to "apt-get upgrade"! Many thanks.

[Note to Boyd --

Thanks to you, too! And sorry about the non-technical quoting... been
communicating with office workers for too long, plus I'm not on the
debian-user list so I just copy/paste from lists.debian.org, sorry for
the inconvenience!

One of my favorite snippets:
No.
> Should you post the answer above the question?

Unfortunately, gmail encourages pre-post and all our end-user
clientele prefer it, so I've wound up adopting sloppy email habits.
Argh! ]


On Wed, Mar 11, 2009 at 03:26:39PM -0600, will trillich
 was heard to say:
> Hi debianites -- a question for DPKG and APT experts:
>
> We're stuck with apt-get and haven't found a way past it yet -- any
> ideas would be welcome:
>
> Our postgresql-client-7.4 is missing its libpq.so.3 file, which means
> that pg_controldata can't do its thing, so that anything related to
> that debian package breaks/kills the whole apt process... meaning that
> apt-get is broken! (Perhaps we had a blip during the ice storm last
> month and this file wound up a casualty.)

  Your problem has to do with postgresql, not apt.  I would guess that
maybe apt was trying to remove the old postgresql, and it got as far
as removing libpq.so.3 but didn't manage to remove postgresql for some
reason (maybe exactly the same reason it can't remove it now).  I think
it should remove postgresql before the libraries it requires ... but I
have seen it make poor (less robust) decisions about how to actually
execute an install in the past.

> Starting PostgreSQL 7.4 database server:
> main/usr/lib/postgresql/7.4/bin/pg_controldata: error while loading
> shared libraries: libpq.so.3: cannot open shared object file: No such
> file or directory
> Error: Could not parse locale out of pg_controldata output
>  failed!

  Ouch.  What version of Debian are you running?  The oldest version of
libpq I can find in the archive is libpq4 (from etch), and lenny only
has libpq5!  I was going to suggest downloading libpq3 and installing
it manually, but you can't do that if you don't have it.  I might also
try editing /var/lib/dpkg/info/postgresql-7.4.prerm and commenting out
the block where it checks for the old pid file.  That's assuming, of
course, that you're really sure that there are no running servers (I
assume that the script has a good reason for trying to stop the server)

  Daniel

-- 
will trillich -- http://faq.serensoft.com/
With a burning "yes" around your high priorities you can easily say
"no" to things that are urgent but not important. -- S. Covey


-- 
To UNSUBSCRIBE, email to debian-user-requ...@lists.debian.org 
with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org

Re: how to get past apt-get errors? is there a manual workaround?

[will trillich]

apt-get clean (and autoclean) don't seem to help any, either.

argh!


On Wed, Mar 11, 2009 at 3:26 PM, will trillich  wrote:
> Hi debianites -- a question for DPKG and APT experts:
>
> We're stuck with apt-get and haven't found a way past it yet -- any
> ideas would be welcome:
>
> Our postgresql-client-7.4 is missing its libpq.so.3 file, which means
> that pg_controldata can't do its thing, so that anything related to
> that debian package breaks/kills the whole apt process... meaning that
> apt-get is broken! (Perhaps we had a blip during the ice storm last
> month and this file wound up a casualty.)
>
> Right now we aren't able to apt-get upgrade (or install or remove) at
> all... And dselect hasn't been able to fix it either. :(
>
> Is there a process where we can move some files around and then let
> apt-get upgrade the package, and then we can remove the miscreant
> package completely? Or is there another recommended workaround?
>
>
> ===
> back story:
>
> # apt-get upgrade
> 
> Extracting templates from packages: 100%
> Preconfiguring packages ...
> (Reading database ... 42030 files and directories currently installed.)
> Removing postgresql-7.4 ...
> Stopping PostgreSQL 7.4 database server: mainError: pid file is
> invalid, please manually kill the stale server process.
>  failed!
> invoke-rc.d: initscript postgresql-7.4, action "stop" failed.
> dpkg: error processing postgresql-7.4 (--remove):
>  subprocess pre-removal script returned error exit status 1
> Starting PostgreSQL 7.4 database server:
> main/usr/lib/postgresql/7.4/bin/pg_controldata: error while loading
> shared libraries: libpq.so.3: cannot open shared object file: No such
> file or directory
> Error: Could not parse locale out of pg_controldata output
>  failed!
> invoke-rc.d: initscript postgresql-7.4, action "start" failed.
> dpkg: error while cleaning up:
>  subprocess post-installation script returned error exit status 1
> Errors were encountered while processing:
>  postgresql-7.4
> E: Sub-process /usr/bin/dpkg returned an error code (1)
>
>
>
> postgres v7 is not running (but v8 is):
>
> # /etc/init.d/postgresql-8.1 start
> Starting PostgreSQL 8.1 database server: main.
>
> # ps f `pgrep post`
>  PID TTY      STAT   TIME COMMAND
>  627 ?        S      0:00 /usr/lib/postgresql/8.1/bin/postmaster
>  795 ?        S      0:00  \_ postgres: writer process
>  796 ?        S      0:00  \_ postgres: stats buffer process
>  797 ?        S      0:00      \_ postgres: stats collector process
>
>
>
> There's no pidfile for v7 despite what the errors say:
>
> # ls -lA /var/run/postgresql/
> total 8
> -rw--- 1 postgres postgres  5 2009-01-28 21:31 8.1-main.pid
> srwxrwxrwx 1 postgres postgres  0 2009-03-11 14:26 .s.PGSQL.5432=
> -rw--- 1 postgres postgres 34 2009-03-11 14:26 .s.PGSQL.5432.lock
>
> (interesting how the timestamp on the pid file is january 28 even tho
> the process we just started the process moments ago...?)
>
>
>
> # locate libpq.so.3
> 
> # locate libpq.so
> /usr/lib/libpq.so.4.1
> /usr/lib/libpq.so.4
>
> (and there's nothing in lost+found on the partition where /usr/lib is
> located...)
>
> --
> will trillich -- http://faq.serensoft.com/
> With a burning "yes" around your high priorities you can easily say
> "no" to things that are urgent but not important. -- S. Covey
>



-- 
will trillich -- http://faq.serensoft.com/
With a burning "yes" around your high priorities you can easily say
"no" to things that are urgent but not important. -- S. Covey


--
To UNSUBSCRIBE, email to debian-user-requ...@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org

how to get past apt-get errors? is there a manual workaround?

[will trillich]

Hi debianites -- a question for DPKG and APT experts:

We're stuck with apt-get and haven't found a way past it yet -- any
ideas would be welcome:

Our postgresql-client-7.4 is missing its libpq.so.3 file, which means
that pg_controldata can't do its thing, so that anything related to
that debian package breaks/kills the whole apt process... meaning that
apt-get is broken! (Perhaps we had a blip during the ice storm last
month and this file wound up a casualty.)

Right now we aren't able to apt-get upgrade (or install or remove) at
all... And dselect hasn't been able to fix it either. :(

Is there a process where we can move some files around and then let
apt-get upgrade the package, and then we can remove the miscreant
package completely? Or is there another recommended workaround?


===
back story:

# apt-get upgrade

Extracting templates from packages: 100%
Preconfiguring packages ...
(Reading database ... 42030 files and directories currently installed.)
Removing postgresql-7.4 ...
Stopping PostgreSQL 7.4 database server: mainError: pid file is
invalid, please manually kill the stale server process.
 failed!
invoke-rc.d: initscript postgresql-7.4, action "stop" failed.
dpkg: error processing postgresql-7.4 (--remove):
 subprocess pre-removal script returned error exit status 1
Starting PostgreSQL 7.4 database server:
main/usr/lib/postgresql/7.4/bin/pg_controldata: error while loading
shared libraries: libpq.so.3: cannot open shared object file: No such
file or directory
Error: Could not parse locale out of pg_controldata output
 failed!
invoke-rc.d: initscript postgresql-7.4, action "start" failed.
dpkg: error while cleaning up:
 subprocess post-installation script returned error exit status 1
Errors were encountered while processing:
 postgresql-7.4
E: Sub-process /usr/bin/dpkg returned an error code (1)



postgres v7 is not running (but v8 is):

# /etc/init.d/postgresql-8.1 start
Starting PostgreSQL 8.1 database server: main.

# ps f `pgrep post`
  PID TTY  STAT   TIME COMMAND
  627 ?S  0:00 /usr/lib/postgresql/8.1/bin/postmaster
  795 ?S  0:00  \_ postgres: writer process
  796 ?S  0:00  \_ postgres: stats buffer process
  797 ?S  0:00  \_ postgres: stats collector process



There's no pidfile for v7 despite what the errors say:

# ls -lA /var/run/postgresql/
total 8
-rw--- 1 postgres postgres  5 2009-01-28 21:31 8.1-main.pid
srwxrwxrwx 1 postgres postgres  0 2009-03-11 14:26 .s.PGSQL.5432=
-rw--- 1 postgres postgres 34 2009-03-11 14:26 .s.PGSQL.5432.lock

(interesting how the timestamp on the pid file is january 28 even tho
the process we just started the process moments ago...?)



# locate libpq.so.3

# locate libpq.so
/usr/lib/libpq.so.4.1
/usr/lib/libpq.so.4

(and there's nothing in lost+found on the partition where /usr/lib is
located...)

-- 
will trillich -- http://faq.serensoft.com/
With a burning "yes" around your high priorities you can easily say
"no" to things that are urgent but not important. -- S. Covey


-- 
To UNSUBSCRIBE, email to debian-user-requ...@lists.debian.org 
with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org

apt-get BROKEN (postgresql-client-7.4 lost its "libpq.so.3")... ideas?

[will trillich]

Thanks for the reply, Boyd --

There *is* no pidfile for postgres 7.4 (check the original message --
we've got one for 8.1, none for 7.4 :).

The real problem is really
"main/usr/lib/postgresql/7.4/bin/pg_controldata: error while loading
shared libraries: libpq.so.3: cannot open shared object file: No such
file or directory."

And now it's got our entire system un-updateable! Apt-get is broken
until we can unravel this. We'd like to remove psql7.4 (using 8.1 just
fine now) but apt is STUCK. Suggestions welcome... Thanks!

===

Subject: Re: apt-get upgrade trouble (with postgresql-client-7.4)
From: "Boyd Stephen Smith Jr." b...@iguanasuicide.net

On Monday 09 March 2009 15:31:23 will trillich wrote:
> # /etc/init.d/postgresql-7.4 stop
> Stopping PostgreSQL 7.4 database server: mainError: pid file is
> invalid, please manually kill the stale server process.
>  failed!

Have you followed this instruction and then removed the pid file?
That should convince the init script that postgresql-7.4 is stopped
and let the removal so forward.


-- 
will trillich -- http://faq.serensoft.com/
With a burning "yes" around your high priorities you can easily say
"no" to things that are urgent but not important. -- S. Covey


-- 
To UNSUBSCRIBE, email to debian-user-requ...@lists.debian.org 
with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org

apt-get upgrade trouble (with postgresql-client-7.4)

[will trillich]

Short version -- we've got an APT-GET/DPKG blocker mystery and need
some help in fixing it:
"""
Starting PostgreSQL 7.4 database server:
main/usr/lib/postgresql/7.4/bin/pg_controldata: error while loading
shared libraries: libpq.so.3: cannot open shared object file: No such
file or directory
Error: Could not parse locale out of pg_controldata output
"""

Meaning, pg_controldata won't run because it can't find libpq.so.3?

Where would libpq.so disappear to? Or, more appropriately, how to fix
this? We'd like to remove 7.4 as we're using 8.1 now... Any pointers
would be appreciated.

===

Long version (here's what we've tried):

In trying to upgrade all packages on our debian server
(/etc/debian_version = '4.0') after apt-get update... postgresql-7.4
is broken -- can't start it, can't remove it, can't reinstall it:

# apt-get upgrade
Reading package lists... Done
Building dependency tree... Done
You might want to run 'apt-get -f install' to correct these.
The following packages have unmet dependencies.
  postgresql-7.4: Depends: postgresql-client-7.4 but it is not installable
E: Unmet dependencies. Try using -f.

# apt-get -f install
Reading package lists... Done
Building dependency tree... Done
Correcting dependencies...Done
The following packages will be REMOVED
  postgresql-7.4
0 upgraded, 0 newly installed, 1 to remove and 443 not upgraded.
1 not fully installed or removed.
Need to get 0B of archives.
After unpacking 8397kB disk space will be freed.
Do you want to continue [Y/n]?
(Reading database ... 42030 files and directories currently installed.)
Removing postgresql-7.4 ...
Stopping PostgreSQL 7.4 database server: mainError: pid file is
invalid, please manually kill the stale server process.
 failed!
invoke-rc.d: initscript postgresql-7.4, action "stop" failed.
dpkg: error processing postgresql-7.4 (--remove):
 subprocess pre-removal script returned error exit status 1
Starting PostgreSQL 7.4 database server:
main/usr/lib/postgresql/7.4/bin/pg_controldata: error while loading
shared libraries: libpq.so.3: cannot open shared object file: No such
file or directory
Error: Could not parse locale out of pg_controldata output
 failed!
invoke-rc.d: initscript postgresql-7.4, action "start" failed.
dpkg: error while cleaning up:
 subprocess post-installation script returned error exit status 1
Errors were encountered while processing:
 postgresql-7.4
E: Sub-process /usr/bin/dpkg returned an error code (1)

# apt-get --purge remove postgresql-client-7.4
Reading package lists... Done
Building dependency tree... Done
Package postgresql-client-7.4 is not installed, so not removed
You might want to run 'apt-get -f install' to correct these:
The following packages have unmet dependencies.
  postgresql-7.4: Depends: postgresql-client-7.4 but it is not installable
E: Unmet dependencies. Try 'apt-get -f install' with no packages (or
specify a solution).


Looking for specific symptoms:

# /etc/init.d/postgresql-7.4 stop
Stopping PostgreSQL 7.4 database server: mainError: pid file is
invalid, please manually kill the stale server process.
 failed!

# /etc/init.d/postgresql-7.4 start
Starting PostgreSQL 7.4 database server:
main/usr/lib/postgresql/7.4/bin/pg_controldata: error while loading
shared libraries: libpq.so.3: cannot open shared object file: No such
file or directory
Error: Could not parse locale out of pg_controldata output
 failed!

# dpkg --configure -a



Sometimes aptitude pulls a rabbit out of its hat, but not here:

Errors were encountered while processing:
 postgresql-7.4
E: Sub-process /usr/bin/dpkg returned an error code (1)
A package failed to install.  Trying to recover:
Press return to continue.


Argh! Any help would be gratefully appreciated. Thanks!


-- 
will trillich -- http://faq.serensoft.com/
With a burning "yes" around your high priorities you can easily say
"no" to things that are urgent but not important. -- S. Covey


-- 
To UNSUBSCRIBE, email to debian-user-requ...@lists.debian.org 
with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org

apt-get upgrade... and now postgres 7.4 won't start!

[will trillich]

on debian 4.0, apt-get update && apt-get upgrade led to a problem
where postgres 7 won't start! apparently utility program
"pg_controldata" is supposed to generate some locale-info that's
parsed by perl script "pg_ctlcluster", and the two suddenly don't jibe
at all--

argh:

"""
Setting up postgresql-7.4 (7.4.23-0etch1) ...
Starting PostgreSQL 7.4 database server: mainpg_controldata: could not
open file "/var/lib/postgresql/7.4/main/global/pg_control" for
reading: No such file or directory
Error: Could not parse locale out of pg_controldata output
 failed!
invoke-rc.d: initscript postgresql-7.4, action "start" failed.
dpkg: error processing postgresql-7.4 (--configure):
 subprocess post-installation script returned error exit status 1
"""

trying /etc/init.d/postgresql-7.4 start -- we traced the process where
the trouble occurs to perl script "pg_ctlcluster":

# perl -Td `which pg_ctlcluster ` 7.4 main start

after some stepping and nexting, we get to here:

pg_controldata: could not open file
"/var/lib/postgresql/7.4/main/global/pg_control" for reading: No such
file or directory
PgCommon::get_cluster_locales(/usr/share/postgresql-common/PgCommon.pm:707):
707:restore_exec;

   DB<2> v
704:prepare_exec ('LC_ALL', 'LANG', 'LANGUAGE');
705:$ENV{'LC_ALL'} = 'C';
[B]706:my $result = open (CTRL, '-|', $pg_controldata,
(cluster_data_directory $version, $cluster));
[/B]707==>  restore_exec;
708:return (undef, undef) unless defined $result;
709:while () {
710:if (/^LC_CTYPE\W*(\S+)\s*$/) {
711:$lc_ctype = $1;
712 } elsif (/^LC_COLLATE\W*(\S+)\s*$/) {
713:$lc_collate = $1;

the problem is in line 706 -- open(filehandle, mode, file) -- the mode
is "-|" meaning that "file" is really a command that generates output
that's piping to our perl process... but $pg_controldata isn't playing
nice:

/usr/lib/postgresql/7.4/bin/pg_controldata /var/lib/postgresql/7.4/main
pg_controldata: could not open file
"/var/lib/postgresql/7.4/main/global/pg_control" for reading: No such
file or directory

therein lies the rub. suggestions are welcome!

===

also, if i 'cheat' and manually inject $lc_type = 'C' around line 709,
then the result is only slightly different:

"""
The PostgreSQL server failed to start. Please check the log output:
/usr/lib/postgresql/7.4/bin/postmaster: could not find the database system
Expected to find it in the directory "/var/lib/postgresql/7.4/main",
but could not open file
"/var/lib/postgresql/7.4/main/global/pg_control": No such file or
directory
"""

there *is* a pg_control.gz file there, which contains "[] "...?

ideas?

--
will trillich -- http://faq.serensoft.com/
Less is only more where more is no good. -- Frank Lloyd Wright


-- 
To UNSUBSCRIBE, email to debian-user-requ...@lists.debian.org 
with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org

exim: too many connections?

[will trillich]

hey debianistas, long time no chat! debian cruises along rock solid so
nicely... :)

but recently we're seeing a TON of these --

2008-03-13 10:32:36 Connection from [67.55.80.182] refused: too many connections
2008-03-13 10:32:37 Connection from [75.146.102.69] refused: too many
connections
2008-03-13 10:32:37 Connection from [201.34.170.231] refused: too many
connections
2008-03-13 10:32:38 Connection from [92.49.136.189] refused: too many
connectionsroot

and there's NEVER a moment where we don't have 25+ connections active.
this is for a small office in town, so my guess is that most of this
traffic is unsolicited. we're using VEXIM so the config is nonstandard
-- for greylisting we had to 'greylistd-setup-exim4 add exim4.conf
acl_check_rcpt')

anybody here come up with a clever approach on how to handle this?
i've googled to find that others are having a similar problem, but
haven't run into any handy solutions yet... too many connections, too
many connections!

if you've encountered this i'd love to know how you handled it...

# cat /etc/debian_version
lenny/sid

# uname -a
Linux xyzzy.plugh.axe 2.6.8-mppe #1 Tue Nov 22 10:11:06 CST 2005 i686 GNU/Linux

# /usr/sbin/exim4 -bV
Exim version 4.69 #1 built 30-Jan-2008 09:41:07


-- 
will trillich -- http://faq.serensoft.com/
"The truth is that many people set rules to keep
from making decisions." -- Mike Krzyzewski


-- 
To UNSUBSCRIBE, email to [EMAIL PROTECTED] 
with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]

Re: lsof -- "No such file or directory"...?

[will trillich]

On 7/20/07, Bhasker C V <[EMAIL PROTECTED]> wrote:

Bash sometimes caches the filenames along with path names
and i have faced this some times



Closing the bash shell and opening another shell must fix the problem


good catch, that was it! (all other shells could run 'lsof' fine, just
the one had trouble). thanks!


unless there is a stray /usr/sbin/lsof present which is wrongly pointing
to some file.



also I have always thought it is a good idea to put /usr/bin first in
the path and /usr/sbin , /sbin must be prepended only for root shells.

sudo lsof must also work.


indeed it does.



On Fri, 2007-07-20 at 10:16 -0500, will trillich wrote:
> # apt-get install lsof
> Reading package lists... Done
> Building dependency tree... Done
> The following NEW packages will be installed
>   lsof
> 0 upgraded, 1 newly installed, 0 to remove and 0 not upgraded.
> Need to get 0B/205kB of archives.
> After unpacking 369kB of additional disk space will be used.
> Selecting previously deselected package lsof.
> (Reading database ... 49097 files and directories currently installed.)
> Unpacking lsof (from .../lsof_4.77.dfsg.1-3_i386.deb) ...
> Setting up lsof (4.77.dfsg.1-3) ...
>
> # lsof -i
> bash: /usr/sbin/lsof: No such file or directory
>
> say what?
>
> # ls -l `which lsof`
> -rwxr-xr-x 1 root root 106324 2006-05-15 18:09 /usr/bin/lsof*
>
> eh? any ideas?
>
> --
> will trillich
> "The only way to be truly satisfied is to do what you believe is great
> work -- and the only way to do great work is to love what you do."
> -- Steve Jobs
>
>
--
Bhasker C V
Registered Linux user: #306349 (counter.li.org)
The box said "Requires Windows 95, NT, or better", so I installed Linux.





--
will trillich
"The only way to be truly satisfied is to do what you believe is great
work -- and the only way to do great work is to love what you do."
-- Steve Jobs


--
To UNSUBSCRIBE, email to [EMAIL PROTECTED] 
with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]

lsof -- "No such file or directory"...?

[will trillich]

# apt-get install lsof
Reading package lists... Done
Building dependency tree... Done
The following NEW packages will be installed
 lsof
0 upgraded, 1 newly installed, 0 to remove and 0 not upgraded.
Need to get 0B/205kB of archives.
After unpacking 369kB of additional disk space will be used.
Selecting previously deselected package lsof.
(Reading database ... 49097 files and directories currently installed.)
Unpacking lsof (from .../lsof_4.77.dfsg.1-3_i386.deb) ...
Setting up lsof (4.77.dfsg.1-3) ...

# lsof -i
bash: /usr/sbin/lsof: No such file or directory

say what?

# ls -l `which lsof`
-rwxr-xr-x 1 root root 106324 2006-05-15 18:09 /usr/bin/lsof*

eh? any ideas?

--
will trillich
"The only way to be truly satisfied is to do what you believe is great
work -- and the only way to do great work is to love what you do."
-- Steve Jobs


--
To UNSUBSCRIBE, email to [EMAIL PROTECTED] 
with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]

RAD tool for debian?

[will trillich]

RAD/rapid-application-development tool sought... (web page forms
interface to a database we define)

i've got a friend who's trying to get a license-free solution that'll
provide an html/web front-end to a database... similar to ms access,
but we're seeking 1) no licensing fees 2) an html interface, not a
proprietary interface. we're NOT looking for a cms like joomla, but
rather an engine for presenting forms to interact with a back-end
database.

we've tried to get Maypole installed, but run into cpan
dependency/'make test' snags; same for Jifty.

on debian 3.1, we're using postgres (not mysql) backend, and
phppgadmin for setting up the tables... any ideas?

--
will trillich
"The only way to be truly satisfied is to do what you believe is great
work -- and the only way to do great work is to love what you do."
-- Steve Jobs


--
To UNSUBSCRIBE, email to [EMAIL PROTECTED] 
with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]

rock solid

[will trillich]

typical debian server--

i logged in, connected to an old, neglected SCREEN session, and this
was still on the screen:

# uptime
20:30:17 up 15 days,  6:11,  2 users,  load average: 0.76, 0.24, 0.08
[EMAIL PROTECTED]:/etc
  Fri Jan 05 20:30:17

and then just for symmetry i added:

# uptime
15:42:12 up 190 days, 23:42,  2 users,  load average: 1.05, 1.05, 1.00
[EMAIL PROTECTED]:/etc
  Sat Jun 30 15:42:12
#

ho hum, serves files, backs up, yada yada, all in a year's work.

--
will trillich
"Gratitude is riches. Complaint is poverty." -- Doris Von Kappelhoff


--
To UNSUBSCRIBE, email to [EMAIL PROTECTED] 
with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]

uptimes > 50.0, dmesg says 'race' a lot...?

[will trillich]

Free pages:2716kB (0kB HighMem)
Active:60873 inactive:60733 dirty:0 writeback:0 unstable:0 free:679
slab:4954 mapped:121541 pagetables:965
DMA free:668kB min:20kB low:40kB high:60kB active:6028kB
inactive:5980kB present:16384kB
protections[]: 10 360 360
Normal free:2048kB min:700kB low:1400kB high:2100kB active:237464kB
inactive:236952kB present:507840kB
protections[]: 0 350 350
HighMem free:0kB min:128kB low:256kB high:384kB active:0kB
inactive:0kB present:0kB
protections[]: 0 0 0
DMA: 163*4kB 0*8kB 1*16kB 0*32kB 0*64kB 0*128kB 0*256kB 0*512kB
0*1024kB 0*2048kB 0*4096kB = 668kB
Normal: 186*4kB 157*8kB 3*16kB 0*32kB 0*64kB 0*128kB 0*256kB 0*512kB
0*1024kB 0*2048kB 0*4096kB = 2048kB
HighMem: empty
Swap cache: add 3810813, delete 3810809, find 3387543/3797374, race 3+28
Out of Memory: Killed process 24136 (rc).
oom-killer: gfp_mask=0xd0
DMA per-cpu:
cpu 0 hot: low 2, high 6, batch 1
cpu 0 cold: low 0, high 2, batch 1
Normal per-cpu:
cpu 0 hot: low 32, high 96, batch 16
cpu 0 cold: low 0, high 32, batch 16
HighMem per-cpu: empty

will a reboot-with-fsck fix this, maybe? or is there deeper doo-doo to
wade through?

--
will trillich
"The great enemy of clear language is insincerity." -- Eric Arthur
Blair (George Orwell)


--
To UNSUBSCRIBE, email to [EMAIL PROTECTED] 
with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]

apt-get install: x11-common vs xfree86-common: "trying to overwrite /etc/X11/Xsession"

[will trillich]

we haven't figured out how to get past this apt-get snag:

# apt-get install x11-common
Reading package lists... Done
Building dependency tree... Done
Suggested packages:
  x-window-system-core x-window-system
The following NEW packages will be installed:
  x11-common
0 upgraded, 1 newly installed, 0 to remove and 22 not upgraded.
18 not fully installed or removed.
Need to get 0B/1124kB of archives.
After unpacking 1647kB of additional disk space will be used.
Preconfiguring packages ...
(Reading database ... 42848 files and directories currently installed.)
Unpacking x11-common (from .../x11-common_6.9.0.dfsg.1-4_all.deb) ...
dpkg: error processing
/var/cache/apt/archives/x11-common_6.9.0.dfsg.1-4_all.deb (--unpack):
 trying to overwrite `/etc/X11/Xsession', which is also in package
xfree86-common
dpkg-deb: subprocess paste killed by signal (Broken pipe)
Errors were encountered while processing:
 /var/cache/apt/archives/x11-common_6.9.0.dfsg.1-4_all.deb
E: Sub-process /usr/bin/dpkg returned an error code (1)

# apt-get install xfree86-common
Reading package lists... Done
Building dependency tree... Done
xfree86-common is already the newest version.
You might want to run `apt-get -f install' to correct these:
The following packages have unmet dependencies:
  libx11-6: Depends: x11-common (> 4.3.0) but it is not going to be installed
  xfree86-common: Depends: x11-common but it is not going to be installed
E: Unmet dependencies. Try 'apt-get -f install' with no packages (or
specify a solution).

# apt-get -f install
Reading package lists... Done
Building dependency tree... Done
Correcting dependencies... Done
The following extra packages will be installed:
  x11-common
Suggested packages:
  x-window-system-core x-window-system
The following NEW packages will be installed:
  x11-common
0 upgraded, 1 newly installed, 0 to remove and 22 not upgraded.
18 not fully installed or removed.
Need to get 0B/1124kB of archives.
After unpacking 1647kB of additional disk space will be used.
Do you want to continue [Y/n]?
Preconfiguring packages ...
(Reading database ... 42848 files and directories currently installed.)
Unpacking x11-common (from .../x11-common_6.9.0.dfsg.1-4_all.deb) ...
dpkg: error processing
/var/cache/apt/archives/x11-common_6.9.0.dfsg.1-4_all.deb (--unpack):
 trying to overwrite `/etc/X11/Xsession', which is also in package
xfree86-common
dpkg-deb: subprocess paste killed by signal (Broken pipe)
Errors were encountered while processing:
 /var/cache/apt/archives/x11-common_6.9.0.dfsg.1-4_all.deb
E: Sub-process /usr/bin/dpkg returned an error code (1)

ideas?

--
will trillich
"Their iz ate errers in these sentance."

php won't connect to postgresql

[will trillich]

on debian i'm trying to get php to connect to postgres, with no luck.
no error messages, no log entries (that i can find), no clues. argh!

Desired=Unknown/Install/Remove/Purge/Hold
| Status=Not/Installed/Config-files/Unpacked/Failed-config/Half-installed
|/ Err?=(none)/Hold/Reinst-required/X=both-problems (Status,Err: uppercase=bad)
||/ Name
+++-=-
rc  libapache2-mod-php4
ii  libapache2-mod-php5
un  php3
un  php4-cgi
un  php4-cgi-curl
un  php4-cgi-domxml
un  php4-cgi-gd
un  php4-cgi-imap
un  php4-cgi-ldap
un  php4-cgi-mhash
un  php4-cgi-mysql
un  php4-cgi-pgsql
un  php4-cgi-snmp
un  php4-cgi-xml
ii  php4-cli
ii  php4-common
un  php4-pear
ii  php4-pgsql
un  php4-sablot
ii  php5
un  php5-cgi
ii  php5-common
ii  php5-gd
un  php5-mysql
un  php5-pear
ii  php5-pgsql
un  phpapi-20020918
un  phpapi-20041225

ii  apache2
ii  apache2-common
un  apache2-doc
un  apache2-modules
un  apache2-mpm-perchild
ii  apache2-mpm-prefork
un  apache2-mpm-threadpool
pn  apache2-mpm-worker
ii  apache2-utils
rc  libapache2-mod-php4
ii  libapache2-mod-php5



apache2's "mods-enabled" dir includes php5.load and php5.conf.

this has got to be something simple i'm missing. any help would be appreciated!

--
will trillich
"Their iz ate errers in these sentance."

Re: moodle config tips? (or, PHP vs POSTGRES?)

[will trillich]

On 3/8/06, will trillich <[EMAIL PROTECTED]> wrote:
> having a bit of trouble getting moodle off the ground -- any pointers
> are welcome.
>
> after installing it we browse to localhost/moodle/admin and get
> NOTHING. here's a telnet session to illustrate:
>
> telnet localhost 80
> 
> GET /moodle/admin/ HTTP/1.1
> Host: localhost.localdomain
>
> HTTP/1.1 200 OK
> Date: Wed, 08 Mar 2006 21:37:46 GMT
> Server: Apache/2.0.54 (Ubuntu) PHP/5.1.2-1.dotdeb.2
> X-Powered-By: PHP/5.1.2-1.dotdeb.2
> Transfer-Encoding: chunked
> Content-Type: text/html; charset=UTF-8
>
> 0
>
> Connection closed by foreign host.
>
> that's all we get, period, from any php, no matter where in the moodle
> tree we go!
>
> we put  at the top of the apache tree and all seems well, there.

except now we see that phpinfo includes

'--with-zlib' '--without-pgsql'

how do we enable postgresql-from-php? we've installed the various php stuff:

ii  libapache2-mod-php5   5.1.2-1.dotdeb.2  PHP 5
scripting language - apache 2.0 module
ii  php5-pgsql5.1.2-1.dotdeb.2     
PostgreSQL module for php5

what are we missing? php isn't talking to postgres (or to mysql)!

--
will trillich
"Their iz ate errers in these sentance."

Re: moodle config tips? (or, PHP vs POSTGRES?)

[will trillich]

On 3/8/06, Roberto C. Sanchez <[EMAIL PROTECTED]> wrote:
> will trillich wrote:
> > having a bit of trouble getting moodle off the ground -- any pointers
> > are welcome.


> This may sound dumb, but did you bother to read the README.Debian file?
>  I just took a look at it and it gives reasonably clear instructions on
> getting moodle up and running with psql.

yup, we bothered. first sentence is "The application should be
available at http://localhost/moodle/ after install". except no sign
of life, save for apache serving up zero-length responses. no errors,
no redirects, no clues.

we did add "allow from 192.168.0.0/16" to the apache conf (otherwise
we'd get permission denied when browsing from any other box).

whether pg_hba has the original-install settings of
local   all all   ident sameuser
hostall all 127.0.0.1/32  md5
or the README recommendations of
local   all all   password
hostall all   127.0.0.1 255.255.255.255   password
seems to matter not a whit. no difference in results -- empty either way.

we made sure postgres db user had a password, and used that to add
other users (for our own logins).

during the install, the moodle database was created and the moodle
user exists, too. but there are no tables, no columns, no data.

SOMEWHERE there's gotta a log file with helpful info in it. we haven't
found it yet. any ideas?

--
will trillich
"Their iz ate errers in these sentance."

moodle config tips? (or, PHP vs POSTGRES?)

[will trillich]

having a bit of trouble getting moodle off the ground -- any pointers
are welcome.

after installing it we browse to localhost/moodle/admin and get
NOTHING. here's a telnet session to illustrate:

telnet localhost 80

GET /moodle/admin/ HTTP/1.1
Host: localhost.localdomain

HTTP/1.1 200 OK
Date: Wed, 08 Mar 2006 21:37:46 GMT
Server: Apache/2.0.54 (Ubuntu) PHP/5.1.2-1.dotdeb.2
X-Powered-By: PHP/5.1.2-1.dotdeb.2
Transfer-Encoding: chunked
Content-Type: text/html; charset=UTF-8

0

Connection closed by foreign host.

that's all we get, period, from any php, no matter where in the moodle
tree we go!

we put  at the top of the apache tree and all seems well, there.

during apt-get install, the moodle database (and user) gets created,
with no tables. visiting /moodle/admin generates zero-length response
from the php, and no further setup to the database.

what other kinds of things can we try, to get this moving forward?

===

when we browse to something like localhost/moodle/admin (without the
trailing slash) apache2 correctly redirects us to
localhost/moodle/admin/ (with the trailing slash). that much is
working.

we checked out moodle/doc/install.html (which apache serves up nice as
you please) and all the way down to step 8 is pretty much taken care
of by the apt-get install process. (we did add "AcceptPathInfo on"
according to the instrux, as we're using apache2.)

haven't found anything informative in the postgres logs, at all, and
apache logs reflect that it's doing what it's asked to do. php appears
to not be talking to postgres, with no error messages anywhere.

ideas?

===

$ psql -V
psql (PostgreSQL) 8.0.6
[also tried psql (PostgreSQL) 7.4.8, no difference]

$ apache2 -v
Server version: Apache/2.0.54
Server built:   Jan  7 2006 13:49:30

tried both libapache2-mod-php4 and libapache2-mod-php5, same results.
php[45]-pgsql are both installed.

aaugh!

--
will trillich
"Their iz ate errers in these sentance."

Re: apache2 -t... can't find Apache.pm?

[will trillich]

On 2/5/06, Ken Perl <[EMAIL PROTECTED]> wrote:
> comment out the PerlModule Apache in the file
> /etc/apache2/mod-enalbed/perl.conf, I guess Apache.pm isn't useful for
> apache2, it is used for apache1.x.
> when you install apache2 on debian 3.1, you reserved the old config
> file, right? so the line isn't removed.

reasonable approach, but:

# cat /etc/apache2/mods-enabled/perl.conf
PerlModule Apache2
#

even if it isn't needed, why can't it find it in the @INC listed
(below) but i *can*?

> On 2/6/06, will trillich <[EMAIL PROTECTED]> wrote:
> > okay -- on a debian/stable system with apache2/mod-perl2, my apache2
> > can't find Apache.pm in /usr/lib/perl5 even tho it's right there!
> > config includes "PerlModule Apache2" before including conf.d of
> > course:
> >
> > # apache2 -t
> > Syntax error on line 3 of /etc/apache2/conf.d/Handler.conf:Can't
> > locate Apache.pm in @INC (@INC contains: /usr/lib/perl5/Apache2
> > /etc/perl /usr/local/lib/perl/5.8.7 /usr/local/share/perl/5.8.7
> > /usr/lib/perl5 /usr/share/perl5 /usr/lib/perl/5.8 /usr/share/perl/5.8
> > /usr/local/lib/site_perl . /etc/apache2) at /usr/share/perl/5.8/CGI.pm
> > line 191.\nCompilation failed in require at
> > /etc/apache2/conf.d/Handler.conf line 14.\nBEGIN failed--compilation
> > aborted at /etc/apache2/conf.d/Handler.conf line 14.\n
> >
> > # locate Apache.pm
> > /usr/share/perl5/HTML/Mason/FakeApache.pm
> > /usr/share/perl/5.8.7/CGI/Apache.pm
> > /usr/lib/perl5/Apache.pm
> > /usr/lib/perl5/Bundle/Apache.pm
> > /usr/lib/perl5/DBI/ProfileDumper/Apache.pm
> >
> >
> > if we reformat the @INC list above we see
> > (@INC contains:
> > /usr/lib/perl5/Apache2
> > /etc/perl
> > /usr/local/lib/perl/5.8.7
> > /usr/local/share/perl/5.8.7
> > /usr/lib/perl5
> > /usr/share/perl5
> > /usr/lib/perl/5.8
> > /usr/share/perl/5.8
> > /usr/local/lib/site_perl
> > .
> > /etc/apache2)
> >
> > so why can't it get its electronic hands on /usr/lib/perl5/Apache.pm?
> >
> > argh!
> >
> > (and, isn't that second-to-last "dot" entry a 
> > security-breach-lying-in-wait?)

--
will trillich
"Their iz ate errers in these sentance."

apache2 vs mod_perl2: "Can't locate Apache.pm in @INC"

[will trillich]

okay -- on a debian/stable system with apache2/mod-perl2, i was
getting 'Can't locate object method "boot" via package "mod_perl"...'
until i did "apt-get --purge remove libapache-mod-perl" even tho i had
libapache2-mod-perl2 installed...

but now it can't find Apache.pm in /usr/lib/perl5 even tho it's right there!

# apache2 -t
Syntax error on line 3 of /etc/apache2/conf.d/Handler.conf:Can't
locate Apache.pm in @INC (@INC contains: /usr/lib/perl5/Apache2
/etc/perl /usr/local/lib/perl/5.8.7 /usr/local/share/perl/5.8.7
/usr/lib/perl5 /usr/share/perl5 /usr/lib/perl/5.8 /usr/share/perl/5.8
/usr/local/lib/site_perl . /etc/apache2) at /usr/share/perl/5.8/CGI.pm
line 191.\nCompilation failed in require at
/etc/apache2/conf.d/Handler.conf line 14.\nBEGIN failed--compilation
aborted at /etc/apache2/conf.d/Handler.conf line 14.\n

# locate Apache.pm
/usr/share/perl5/HTML/Mason/FakeApache.pm
/usr/share/perl/5.8.7/CGI/Apache.pm
/usr/lib/perl5/Apache.pm
/usr/lib/perl5/Bundle/Apache.pm
/usr/lib/perl5/DBI/ProfileDumper/Apache.pm


if we reformat the @INC list above we see
(@INC contains:
/usr/lib/perl5/Apache2
/etc/perl
/usr/local/lib/perl/5.8.7
/usr/local/share/perl/5.8.7
/usr/lib/perl5
/usr/share/perl5
/usr/lib/perl/5.8
/usr/share/perl/5.8
/usr/local/lib/site_perl
.
/etc/apache2)

so why can't it get its electronic hands on /usr/lib/perl5/Apache.pm?

argh!

(and, isn't that second-to-last "dot" entry a security breach lying-in-wait?)

--
will trillich
"Their iz ate errers in these sentance."

where to point JAVA_HOME?

[will trillich]

how does a newbie learn where best to point environment
variable $JAVA_HOME to? and what packages are likely
candidates to install (debian sarge) in order to have
the ingredients needed to point JAVA_HOME to?

any pointers hungrily welcomed.


--
To UNSUBSCRIBE, email to [EMAIL PROTECTED] 
with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]

OSPORTFOLIO install troubles: any java/tomcat gurus familiar with this on debian?

[will trillich]

osportfolio.org looks like a neat setup, so we thought we'd
give it a whirl... but we can't find the cliffs notes on
getting java up and running. apt-cache search java brings
up a BUNCH of stuff and we don't know one from another.

from instrux at 
http://wiki.osportfolio.org/confluence/display/Technical/Quick+start+guide:


$ wget http://theospi.org/releases/2.0.1/osp-2.0.1.zip
$ unzip o*zip

$ elinks http://dev.mysql.com/downloads/connector/j/3.1.html

$ gunzip m*gz

$ ls -F
mysql-connector-java-3.1.11/  mysql-connector-java-3.1.11.tar 
osp-2.0.1/  osp-2.0.1.zip
$ cp mysql-connector-java-3.1.11/mysql-connector-java-3.1.11-bin.jar 
osp-2.0.1/jakarta-tomcat-5.0.28/common/lib/


maybe jamvm is what we need? maybe not?

# apt-get install jamvm
$ cd osp*/
$ chmod +x *.sh
$ export JAVA_HOME=/usr
$ ./install.sh > install.out

$ ./clean.sh
JAVA_HOME: /usr
ANT_HOME: /home/will/osp-2.0.1/apache-ant
new path: 
/usr/local/bin:/usr/bin:/bin:/usr/bin/X11:/usr/games:/home/will/osp-2.0.1/apache-ant/bin

Unable to locate tools.jar. Expected to find it in /usr/lib/tools.jar
[snip]

# ln -s /usr/share/java/cp-tools.jar /usr/lib/tools.jar
[snot in the dark, that, to no avail]

is there a package or two that we still need to apt-get? anyone
who could point us to the right docs, many thanks!

==

here's the full transcript from ./clean.sh:

# ./clean.sh
JAVA_HOME: /usr
ANT_HOME: /home/will/osp-2.0.1/apache-ant
new path: 
/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin:/usr/bin/X11:/home/will/osp-2.0.1/apache-ant/bin

Buildfile: manage_osp.xml

prepare:
 [echo] sakai.install.path=/home/will/osp-2.0.1/usr_local_sakai
 [echo] 
repository.path=/home/will/osp-2.0.1//usr_local_sakai//repository

 [echo] serverUrl=http://localhost:8080
 [echo] sql.vendor=mysql
 [echo] sql.driver=com.mysql.jdbc.Driver
 [echo] 
sql.connect=jdbc:mysql://127.0.0.1:3306/osp?useUnicode=true&characterEncoding=UTF-8

 [echo] sql.user=ospuser

clean:
[input] All data is going to be deleted from your osp database and 
your repository, continue ?(y,n)

y

prepare:
 [echo] sakai.install.path=/home/will/osp-2.0.1/usr_local_sakai
 [echo] 
repository.path=/home/will/osp-2.0.1//usr_local_sakai//repository

 [echo] serverUrl=http://localhost:8080
 [echo] sql.vendor=mysql
 [echo] sql.driver=com.mysql.jdbc.Driver
 [echo] 
sql.connect=jdbc:mysql://127.0.0.1:3306/osp?useUnicode=true&characterEncoding=UTF-8

 [echo] sql.user=ospuser

create-mysql-db:
 [copy] Copying 1 file to /home/will/osp-2.0.1/conf
  [sql] Executing file: /home/will/osp-2.0.1/conf/create_db_mysql.sql
  [sql] 14 of 14 SQL statements executed successfully

prepare:
 [echo] sakai.install.path=/home/will/osp-2.0.1/usr_local_sakai
 [echo] 
repository.path=/home/will/osp-2.0.1//usr_local_sakai//repository

 [echo] serverUrl=http://localhost:8080
 [echo] sql.vendor=mysql
 [echo] sql.driver=com.mysql.jdbc.Driver
 [echo] 
sql.connect=jdbc:mysql://127.0.0.1:3306/osp?useUnicode=true&characterEncoding=UTF-8

 [echo] sql.user=ospuser

rebuild-sakai-db:
  [sql] Executing file: 
/home/will/osp-2.0.1/usr_local_sakai/confdb/db/mysql/all.sql
  [sql] Failed to execute:  UPDATE SAKAI_SITE SET 
MODIFIEDON='20030624121053597' WHERE SITE_ID = '!error'
  [sql] com.mysql.jdbc.MysqlDataTruncation: Data truncation: Out of 
range value adjusted for column 'MODIFIEDON' at row 1
  [sql] Failed to execute:  UPDATE SAKAI_SITE SET 
CREATEDON='20030624041508851' WHERE SITE_ID = '!error'
  [sql] com.mysql.jdbc.MysqlDataTruncation: Data truncation: Out of 
range value adjusted for column 'CREATEDON' at row 1
  [sql] Failed to execute:  UPDATE SAKAI_SITE SET 
MODIFIEDON='20030624121053597' WHERE SITE_ID = '!urlError'
  [sql] com.mysql.jdbc.MysqlDataTruncation: Data truncation: Out of 
range value adjusted for column 'MODIFIEDON' at row 1
  [sql] Failed to execute:  UPDATE SAKAI_SITE SET 
CREATEDON='20030624041508851' WHERE SITE_ID = '!urlError'
  [sql] com.mysql.jdbc.MysqlDataTruncation: Data truncation: Out of 
range value adjusted for column 'CREATEDON' at row 1
  [sql] Failed to execute:  UPDATE SAKAI_SITE SET 
MODIFIEDON='20031126034522061' WHERE SITE_ID = '!gateway'
  [sql] com.mysql.jdbc.MysqlDataTruncation: Data truncation: Out of 
range value adjusted for column 'MODIFIEDON' at row 1
  [sql] Failed to execute:  UPDATE SAKAI_SITE SET 
MODIFIEDON='20030624121053597' WHERE SITE_ID = '!worksite'
  [sql] com.mysql.jdbc.MysqlDataTruncation: Data truncation: Out of 
range value adjusted for column 'MODIFIEDON' at row 1
  [sql] Failed to execute:  UPDATE SAKAI_SITE SET 
CREATEDON='20030624041508851' WHERE SITE_ID = '!worksite'
  [sql] com.mysql.jdbc.MysqlDataTruncation: Data truncation: Out of 
range value adjusted for column 'CREATEDON' at row 1

  [sql] 800 of 807 SQL statements executed successfully

rebuild-osp-db:
 [echo] saved sql to: 
/home/wil

Re: plone vs siteroot -- where's the config? SOLVED: _SUPPRESS_SITEROOT

[Will Trillich]

Will Trillich wrote:


okay, i need a whap with the clue stick. how do i remove the
configs for zope/plone? "--purge remove" does NOT do the trick.


but http://localhost:9673/_SUPPRESS_SITEROOT/manage was a nice
workaround and very* easy* to find.

*very easy, as in sarcasm, as in not at all. not that i'm bitter.
only took three hours that i could have spent on useless income-
producing labor.


Evan Simpson replied:

I've never used the Debian packaged versions of Zope or Plone, but if a
SiteRoot is sticking around, the only place it can be doing so is in the
FileStorage that contains the site.  This is almost universally named
"Data.fs", so try searching for that.


but i had obliterated all files everywhere that were in a directory
tree with "/plone" or "/zope" in the name. where would such a file
be hiding? it's evil, i tell you, evil incarnate.




--
To UNSUBSCRIBE, email to [EMAIL PROTECTED] 
with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]

plone vs siteroot -- where's the config?

[Will Trillich]

okay, i need a whap with the clue stick. how do i remove the
configs for zope/plone? "--purge remove" does NOT do the trick.

long version:

apt-get update

apt-get install plone


three notices popped up with tips and advice, the last one
including "You must create a "plone-site" instance in Zope"...

elinks http://localhost:9673/


the popup menu, top right, has all kinds of things to create,
let's try "siteroot"...

bad idea, apparently. now instead of my zope, i see the
website i pointed to in the siteroot config.

of course, there's no more siteroot config available, i
only get a 404 from the website instead of zope.

fine, i'll uninstall everything.

apt-get install slocate
updatedb

we'll use locate, in a moment. just to be anal.

apt-get --purge remove zope


we all know how well that works, as on occasion there's a trace
left here or there, so we take matters into our own hands:

locate -i zope | egrep -i '/zope[^/]+$' | sort -r | pager

yup, that sure looks like a good collection of files/dirs to zap.

locate -i zope | egrep -i '/zope[^/]+$' | sort -r | xargs /bin/rm -rf
locate -i plone | egrep -i '/plone[^/]+$' | sort -r | xargs /bin/rm -rf

now we should have NO traces of anything related to plone or
zope on the system, right? unless of course a hidden config file
is buried inside some sinister directory or file that has no
relation to plone or zope in the path name...

apt-get install plone

elinks http://localhost:9673/

the siteroot settings are STILL BORKED.

where the hell is the file i need to obliterate?

===

gotta admit, of course, that if i were doing this using rpms or
tarballs, i'd be pulling my hair out for days trying to get the
sucker up and running at all. debian/dpkg/apt is awesome!

-- 
I use Debian/GNU Linux version 3.1;
Linux serensoft.com 2.4.25-1-386 #2 Wed Apr 14 19:38:08 EST 2004 i686 GNU/Linux
 
DEBIAN NEWBIE TIP #105 from Michael Perry <[EMAIL PROTECTED]>
:
How can you DELETE OLD MESSAGES IN MUTT?  You can have your
.muttrc set up to automatically do this.  I have my debian
mailing list messages delete after a period of time by adding
the following to my .muttrc file.  I also have read debian list
messages move after I read them...  This only means I have to
manually enter the old folder for mutt to manage the deletions
for me.
mbox-hook =spam /home/mperry/oldmail/spamread
mbox-hook =debianstuff /home/mperry/oldmail/debianread
That moves the read mail to another folder... and then
folder-hook /home/mperry/mail/spam 'push D~r>10d!~F\n'
folder-hook /home/mperry/oldmail/debianread 'push D~r>30d!~F\n'
Here it automatically deletes messages older than 30 days. See
the manual (/usr/share/doc/mutt/html) for more info.


-- 
To UNSUBSCRIBE, email to [EMAIL PROTECTED] 
with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]

trouble with "apt-get install apache-ssl"

[Will Trillich]

after finally giving up (insert frustrated sigh here) trying to
configure ssl with apache, we tried "apache-ssl" and had more
trouble -- as if the install script did something screwy:

# apt-get install apache-ssl

Generating a 1024 bit RSA private key   
 
...++
++
writing new private key to '/etc/apache-ssl/apache.pem'
-
Replacing config file /etc/apache-ssl/httpd.conf with new
version

Creating config file /etc/apache-ssl/srm.conf with new version

Creating config file /etc/apache-ssl/access.conf with new
version
Configuration syntax error detected. Not reloading.

Syntax error on line 418 of /etc/apache-ssl/httpd.conf:
Invalid command 'TypesConfig', perhaps mis-spelled or defined by
a module not included in the server configuration
invoke-rc.d: initscript apache-ssl, action "start" failed.

# apt-cache show apache-ssl
Package: apache-ssl
Priority: optional
Section: web
Installed-Size: 948
Maintainer: Debian Apache Maintainers 
Architecture: i386
Source: apache
Version: 1.3.33-6
Replaces: apache-modules
Provides: httpd-cgi, httpd
Depends: libc6 (>= 2.3.2.ds1-21), libdb4.2, libexpat1 (>= 1.95.8), libssl0.9.7, 
ssl-cert (>= 1.0-7), openssl, mime-support, apache-common (>= 1.3.33-6), 
apache-common (<< 1.3.34-0), perl (>= 5.8.4-2), logrotate (>= 3.5.4-1), dpkg 
(>> 1.9.0), libmagic1, debconf
Suggests: apache-doc
Conflicts: apache-modules, libapache-mod-perl (<= 1.17-1), jserv (<= 1.1-3)
Filename: pool/main/a/apache/apache-ssl_1.3.33-6_i386.deb
Size: 490582
MD5sum: 2d762f26835ceefaf22b66b403957d9a
Description: versatile, high-performance HTTP server with SSL support
 The most popular server in the world, Apache features a modular
 design and supports dynamic selection of extension modules at runtime.
 Some of its strong points are its range of possible customization,
 dynamic adjustment of the number of server processes, and a whole
 range of available modules including many authentication mechanisms,
 server-parsed HTML, server-side includes, access control, CERN httpd
 metafiles emulation, proxy caching, etc.  Apache also supports multiple
 virtual homing.
 .
 Separate Debian packages are available for PHP, mod_perl, Java
 Servlet support, Apache, and other common extensions.  More
 information is available at http://www.apache.org/.


-- 
I use Debian/GNU Linux version 3.1;
Linux serensoft.com 2.4.25-1-386 #2 Wed Apr 14 19:38:08 EST 2004 i686 GNU/Linux
 
DEBIAN NEWBIE TIP #55 from Alvin Oga <[EMAIL PROTECTED]>
:
Been thinking about HOW TO BACK UP YOUR DEBIAN SYSTEM? There's
a whole website just for you:
http://www.Linux-Backup.net/app.gwif.html
Concepts, methods, applications, procedures... Have a look!


-- 
To UNSUBSCRIBE, email to [EMAIL PROTECTED] 
with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]

how to mount a windows 'share' under linux

[will trillich]

we'd like to automate backups from the office windo~1 box using rsync.
we can do it usnig samba and the ftp-like interface, but all timestamps
are lost this way (unless there's an option we've missed).
we googled for things like 'mount windows share under linux filesystem'
and get .exe downloadables and tutorials on the fhs...
isn't there some way to mount a windo~1 'share' as part of the linux
file system so that rsync can handle the transfers? maybe there's some 
string of keywords to 'apt-cache search' for?

if'n you could supply which M to RTF out of, it'd be muy helpful.
apperciative thanks in advance.
--
Their iz ate errers in these sentance.
--
To UNSUBSCRIBE, email to [EMAIL PROTECTED] 
with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]

using parted -- safely on /dev/md*?

[Will Trillich]

we've got a client who put a horrible partitioning scheme in
place on their raid-mirror setup -- and are wondering if we can
remotely run 'parted' to recover from this...?


$ df
Filesystem1k-blocksUsed Available Use% Mounted on
/dev/md1   72090640  869700  68291332   2% /
/dev/md23747472  434952   3160232  13% /var
/dev/md0  932075344 84013   6% /boot

there's plenty of room for more partitions, if we can shrink
/ down to a coupla gig (from 68!)


$ mount
/dev/md1 on / type ext3 (rw,errors=remount-ro)
proc on /proc type proc (rw)
devpts on /dev/pts type devpts (rw,gid=5,mode=620)
/dev/md2 on /var type ext3 (rw)
/dev/md0 on /boot type ext3 (rw)


$ fdisk -l

Disk /dev/hda: 255 heads, 63 sectors, 9726 cylinders
Units = cylinders of 16065 * 512 bytes

   Device Boot  Start   EndBlocks   Id  System
/dev/hda1   *   112 96358+  83  Linux
/dev/hda2  13   134979965   82  Linux swap
/dev/hda3 135  9252  73240335   83  Linux
/dev/hda49253  9726   3807405   83  Linux

Disk /dev/hdb: 255 heads, 63 sectors, 9726 cylinders
Units = cylinders of 16065 * 512 bytes

   Device Boot  Start   EndBlocks   Id  System
/dev/hdb1   112 96358+  fd  Linux raid autodetect
/dev/hdb2  13   134979965   82  Linux swap
/dev/hdb3 135  9252  73240335   fd  Linux raid autodetect
/dev/hdb49253  9726   3807405   fd  Linux raid autodetect


is this raid /dev/md* stuff something that parted can handle?
the client machine is 1200 miles from here -- we'd rather leave
it as-is and symlink everything than risk borking the machine
from afar.

-- 
I use Debian/GNU Linux version 3.0;
Linux boss.serensoft.com 2.4.18-bf2.4 #1 Son Apr 14 09:53:28 CEST 2002 i586 unknown
 
DEBIAN NEWBIE TIP #54 from Will Trillich <[EMAIL PROTECTED]>
:
Tired of SLOW BROWSING THROUGH THE ONLINE APACHE MANUAL? Get
your own local copy and never worry about bandwidth again:
apt-get install apache-doc
Then browse /usr/share/doc/apache/manual.html, quick like a
bunny.


-- 
To UNSUBSCRIBE, email to [EMAIL PROTECTED] 
with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]

sarge vs spamassassin

[Will Trillich]

we're getting "X-Spam-Status: No" but with "identified this
incoming email as possible spam" anyhow. huh?

this is from a plain vanilla sarge install, running exim4 with
cyrus21 delivery. there's a setting in need of repair...

get a load of this--

==8<===
X-Spam-Status: No (score 0.0): Spam detection software, running on the system "gonzo", 
has
identified this incoming email as possible spam.  The original message
has been attached to this so you can view it (if it isn't spam) or block
similar future email.  If you have any questions, see
the administrator of that system for details.
Content preview:  here. [...]
Content analysis details:   (0.0 points, 5.0 required)
pts rule name  description
 -- --

[-- Attachment #1 --]
[-- Type: text/plain, Encoding: 7bit, Size: 0.2K --]

here.
===>8==

something is awry when the full report shows up (identified this
incoming email as possible spam) even tho the score (0.0) knows
it's not (X-Spam-Status: No).

the only instance i can find of STATUS as a header, in the
/etc/spamassassin (/usr/share/spamassassin) conf files is

10_misc.cf:add_header all Status "_YESNO_, hits=_HITS_ required=_REQD_ 
tests=_TESTS_ autolearn=_AUTOLEARN_ version=_VERSION_"

that does NOT match what's getting added to the email. either
it's getting munged somewhere or the report is added
prematurely.

pointers?

-- 
I use Debian/GNU Linux version 3.0;
Linux boss 2.4.18-bf2.4 #1 Son Apr 14 09:53:28 CEST 2002 i586 unknown
 
DEBIAN NEWBIE TIP #101 from Joost Kooij <[EMAIL PROTECTED]>
:
Looking for a way to CREATE A PAGE OF LINKS to all the
*/index.html that already exist in your /usr/share/doc tree?
apt-get install dwww
then point your browser to:
http://localhost/dwww

Also see http://newbieDoc.sourceForge.net/ ...


-- 
To UNSUBSCRIBE, email to [EMAIL PROTECTED] 
with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]

disabling root logins -- HOWTO

[Will Trillich]

we wanted to disable root logins (i.e. make it so that the only
way to acquire root is via sudo or su after being logged in as a
valid non-root user -- much better for tracking who's done what).

/etc/pam.d/login contains

# Disallows root logins except on tty's listed in /etc/securetty
# (Replaces the `CONSOLE' setting from login.defs)
auth   requisite  pam_securetty.so

and /etc/securetty contains nothing but comments -- and still we
could login from Out There (internet anywhere) as root.

aha!

/etc/pam.d/ssh contains instrux for ssh connections, and that's
what we were using to connect -- ssh!

after copying the above lines into /etc/pam.d/ssh (immediately
below the

auth   required pam_nologin.so

line) all is well.

yesss! suddenly, root can't log in, not even via ssh. and to be
certain, we still can log in as non-root from wherever, and then
sudo and su when necessary. delightful!

===

if there's other intervening traps to look for, we'd like to
know about it. comments welcome.

-- 
I use Debian/GNU Linux version 3.0;
Linux boss 2.4.18-bf2.4 #1 Son Apr 14 09:53:28 CEST 2002 i586 unknown
 
DEBIAN NEWBIE TIP #48 from Will Trillich <[EMAIL PROTECTED]>
:
To peruse your CURRENT VIM SETTINGS (there's LOTS of them)
from within Vim, simply do
:options
You can change them there, on-the-fly, as well. Type
"ctrl-W ctrl-W" to switch "panes" or "ctrl-W q" to close one.
Try ":help" to learn more.


-- 
To UNSUBSCRIBE, email to [EMAIL PROTECTED] 
with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]

sarge dist-upgrade "Package is in a very bad inconsistent state"

[Will Trillich]

f.y.i.

in trying an upgrade (dist-upgrade) from woody to sarge, we ran
into trouble with the following sympoms:

[EMAIL PROTECTED] apt-get -f install postgresql
Reading Package Lists... Done
Building Dependency Tree... Done
You might want to run `apt-get -f install' to correct these:
The following packages have unmet dependencies:
  gnome-control-center: Depends: capplets (= 1:2.6.1-12) but it is not going to be 
installed
  gnome-core: Depends: yelp (>= 2.4.0) but it is not going to be installed
  gnome-panel: Depends: gnome-desktop-data (>= 2.6.1-2) but it is not going to be 
installed
  nautilus: Depends: capplets (>= 2.6) but it is not going to be installed
  postgresql: Depends: postgresql-client (>= 7.4) but 7.2.1-2woody5 is to be installed
E: Unmet dependencies. Try 'apt-get -f install' with no packages (or specify a 
solution).


[EMAIL PROTECTED] apt-get -f install
Reading Package Lists... Done
Building Dependency Tree... Done
Correcting dependencies... Done
The following extra packages will be installed:
  capplets capplets-data gnome-desktop-data postgresql postgresql-client yelp
Suggested packages:
  xscreensaver xbase-clients gstreamer0.8-oss gstreamer0.8-esd libpgjava libpgtcl 
postgresql-dev
  postgresql-contrib pgdocs pgaccess python-pygresql pgmonitor
The following NEW packages will be installed:
  capplets capplets-data gnome-desktop-data yelp
The following packages will be upgraded:
  postgresql postgresql-client
2 upgraded, 4 newly installed, 0 to remove and 28 not upgraded.
151 not fully installed or removed.
Need to get 0B/7096kB of archives.
After unpacking 18.3MB of additional disk space will be used.
Do you want to continue? [Y/n]
Preconfiguring packages ...
dpkg: error processing postgresql (--remove):
 Package is in a very bad inconsistent state - you should
 reinstall it before attempting a removal.
Errors were encountered while processing:
 postgresql
E: Sub-process /usr/bin/dpkg returned an error code (1)


[EMAIL PROTECTED] apt-get -f remove postgresql
Reading Package Lists... Done
Building Dependency Tree... Done
You might want to run `apt-get -f install' to correct these:
The following packages have unmet dependencies:
  gnome-control-center: Depends: capplets (= 1:2.6.1-12) but it is not going to be 
installed
  gnome-core: Depends: yelp (>= 2.4.0) but it is not going to be installed
  gnome-panel: Depends: gnome-desktop-data (>= 2.6.1-2) but it is not going to be 
installed
  nautilus: Depends: capplets (>= 2.6) but it is not going to be installed
E: Unmet dependencies. Try 'apt-get -f install' with no packages (or specify a 
solution).


[EMAIL PROTECTED] dpkg -l postg\*
Desired=Unknown/Install/Remove/Purge/Hold
| Status=Not/Installed/Config-files/Unpacked/Failed-config/Half-installed
|/ Err?=(none)/Hold/Reinst-required/X=both-problems (Status,Err: uppercase=bad)
||/ Name Version  Description
+++---
un  postgres95  (no description available)
un  postgres95-dev  (no description available)
rHR postgresql   7.2.1-2woody5Object-relational SQL database, 
descended from POSTGRES.
ii  postgresql-client7.2.1-2woody5Front-end programs for PostgreSQL
pn  postgresql-contrib  (no description available)
pn  postgresql-dev  (no description available)
ii  postgresql-doc   7.4.3-3  Documentation for the PostgreSQL database
pn  postgresql-pl   (no description available)
pn  postgresql-slink(no description available)
pn  postgresql-test (no description available)



our solution was:

- perl -pi -e 's/\bsarge\b/woody/g' /etc/apt/sources.list
- apt-get update && apt-get upgrade
- apt-get remove postgresql
- perl -pi -e 's/\bwoody\b/sarge/g' /etc/apt/sources.list
- apt-get update && apt-get dist-upgrade
- apt-get install postgresql

hoo boy!

our main suspect, for what caused this, is US, of course (pebkac
and ID-10-T come to mind). but we're not really sure. just in
case we're not the only ones, thought we'd send a flare...

-- 
I use Debian/GNU Linux version 3.0;
Linux boss 2.4.18-bf2.4 #1 Son Apr 14 09:53:28 CEST 2002 i586 unknown
 
DEBIAN NEWBIE TIP #106 from Joost Kooij <[EMAIL PROTECTED]>
:
Wondering HOW TO GET CPAN MODULES FOR PERL THAT ARE
DEBIAN-FRIENDLY? Many perl modules are already Debianized:
apt-get install lib-perl
apt-get install libdbi-perl libmd5-perl libmime-base64-perl
To recover from using CPAN installs directly, reinstall all the
perl debs on your system.  If you use the --reinstall option to
apt-get, it is almost easy, even.
  To create Debian-friendly *.deb packages from Perl modules,
apt-get install dh-perl-make
and then you can build your own.

Also see http://newbieDoc.sourceForge.net/ ...


-- 
To UNSUBSCRIBE, email to [EMAIL PROTECTED]

automating sa-learn via cyrus mailbox?

[Will Trillich]

i've been thinking again, so to avoid doing something dangerous
i thought i run it past y'all'uns-- :)

we're running cyrus21 and exim4 for email services, and would
like to automate the "sa-learn" feature system-wide.

so why not create a "user.spam" cyrus mailbox, BOUNCE any spams
there and have cron do some sort of automated "sa-learn --spam"
on the results, and then delete them?

anybody doing anything like this? got code i could sniff before
i work up my own wheel from scratch?



also -- sa-learn appears to work based on the shell user's home
~/.spamassassin/* files, and our cyrus setup is non-shell-user
heaven. do we have to "su - $spamassassin_user" before
"sa-learn" will work the way we want? haven't been able to track
it down in black-and-white yet...

-- 
I use Debian/GNU Linux version 3.0;
Linux boss 2.4.18-bf2.4 #1 Son Apr 14 09:53:28 CEST 2002 i586 unknown
 
DEBIAN NEWBIE TIP #111 from Alvin Oga <[EMAIL PROTECTED]>
:
HOW TO MAKE DEBIAN MORE SECURE:
1. turn off everything in inetd: sunrpc, printer, unknowns,
   netbios, finger, time (comment-out lines in /etc/inetd.conf
   or later versions in xinetd.d/*)
2. you need to verify that you are running bind-8.2.3 or better
3. turn off ftp (especially anonymous ftp)
4. if you allow users to upload files... make them do it it with scp
5. for more hardening stuff, see http://www.Linux-Sec.net/
and for generic debian security updates be sure you have
these in /etc/sources.list:
http://security.debian.org/debian-security stable/updates main contrib non-free
http://security.debian.org/debian-non-US stable/non-US main contrib non-free
http://security.debian.org stable/updates main contrib non-free

Also see http://newbieDoc.sourceForge.net/ ...


-- 
To UNSUBSCRIBE, email to [EMAIL PROTECTED] 
with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]

Re: repartitioning software raid1 -- remotely?

[Will Trillich]

On Sat, Aug 21 at 04:09AM +0100, David Leggett wrote:
> Doing stuff like this remotely is fun ;)
> 
> I would recommed that you use LVM to manage the size of your "partitions" so 
> you can simply assign space to wherever you store your data easily.
> 
> Also I would recommend upgrading the kernel to the latest 2.4 series before 
> you start playing with partitions, you can also enable lvm support..
> 
> > so i (in indiana) am thinking i can
> 
> Install new kernel

hmm. i think it's already got 2.4 -- not sure at the moment.

> > - split the raid (in boston) back into two hd* drives,

where's the HOWTO on this split-the-raid part? rwfm?

> > - repartition the non-booted one,
> 
> into / of about 500M to 1G, swap of whatever and the remainder into a single
>   partition
> use _mdadm_ to create your raid arrays on the non-boted disk
>   (i say mdadm because it doesnt need a config file, and imho its easiest)
> turn the large raid array into a lvm pv, create a vg and a few lvs
>   (explained http://www.tldp.org/HOWTO/LVM-HOWTO/)
> 
> > - shuffle stuff over to the new partitions,
> 
> which are now lvm logical volumes
> edit fstab! (for non-booted system)
> 
> > - reconfigure lilo,
> 
> grub would be better because it enables you (or your client) to edit the boot 
>   params at the boot prompt

don't have access to the machine -- and client has it set up as
a faceless server anyhow...

> > - boot from the newly-partitioned drive,
> > - repartition the first drive to match the booted one,
> 
> sfdisk -l /dev/hdc | sfdisk /dev/hda
> where hdc is the LVM+Raid disk and hda is the disk with ugly partitioning

now THAT's cool! :)

> > - re-establish raid parameters,
> > - lilo some more,
> 
> or grub
> 
> > - and then reboot again.
> >
> > is that a sane/possible approach?
> 
> perfectly. just make sure your client has someone who is happy to recieve a
>   phone call from you talking through how to fix stuff if things dont go to
>   plan

i feel more like i'd be on the receiving end of such a call. :)

> > since we're NOT anywhere near the client machine, this seems to
> > be a reasonable way of repartitioning the thing, remotely. if
> > not, other pointers welcome.
> >
> > so how do we split the raid up without borking the remote
> > computer into a non-bootable/non-reachable state?
> 
> if you have a raid1 array of /dev/hda1 and /dev/hdc1 you can mount both the 
> member partitions as if they were not part of the raid array. 

beg pardon? (and right now it's hda/hdb.)

> > 
> > VFS: Mounted root (cramfs filesystem).
> > Freeing unused kernel memory: 128k freed
> > md: md driver 0.90.0 MAX_MD_DEVS=256, MD_SB_DISKS=27
> 
> oo i see you boot form initrd with md support already.. fun :)

that makes it tougher to split up, doesn't it?

> >  [events: 0014]
> >  [events: 0014]
> > md: autorun ...
> > md: considering hdb3 ...
> > md:  adding hdb3 ...
> > md:  adding hda3 ...
> 
> If its possible it would be a very good idea to get hdb moved to another ide 
> bus, in the current configuration performance is going to be seriously bad 
> because all writes have to be written twice down the same ide bus, so your 
> write performance is half that of a single disk.
> 
> If the disk were moved the write performance will be that of a single disk, 
> read performance should probably improve, although that depends on how 
> paranoid the md raid 1 driver is at making sure the data its giving the 
> kernel isnt corrupted.
> 
> Hope this helps.

-- 
I use Debian/GNU Linux version 3.0;
Linux boss 2.4.18-bf2.4 #1 Son Apr 14 09:53:28 CEST 2002 i586 unknown
 
DEBIAN NEWBIE TIP #55 from Alvin Oga <[EMAIL PROTECTED]>
:
Been thinking about HOW TO BACK UP YOUR DEBIAN SYSTEM? There's
a whole website just for you:
http://www.Linux-Backup.net/app.gwif.html
Concepts, methods, applications, procedures... Have a look!

Also see http://newbieDoc.sourceForge.net/ ...


-- 
To UNSUBSCRIBE, email to [EMAIL PROTECTED] 
with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]

Re: "screen" saves life, all in a day's work

[Will Trillich]

On Fri, Aug 20 at 08:43PM +0800, John Summerfield wrote:
> Will Trillich wrote:
> >On Thu, Aug 19 at 10:06AM +0800, John Summerfield wrote:
> >>You can also start it up at, say, boot time running, for example, 
> >>user-mode-linux or Hercules.
> >
> >what's that all about? curious minds wanna know. sounds like a
> >handy idea. :)
> 
> Specifically what do you want to know?
> 
> How to start a command in screen?
> How to install and run user-mode-linux?
> How to install and run hercules?

why to run u-m-l inside screen, and what tricks are used to make
it really cool that way?

> How to write init scripts?

eh? where's THAT coming from? :)

-- 
I use Debian/GNU Linux version 3.0;
Linux boss 2.4.18-bf2.4 #1 Son Apr 14 09:53:28 CEST 2002 i586 unknown
 
DEBIAN NEWBIE TIP #37 from Karl M. Hegbloom <[EMAIL PROTECTED]>
:
Need to SECURELY COPY DIRECTORIES BETWEEN MACHINES? With pipes,
you can do just about anything -- and ssh keeps it secure:
$ tar -C /source -clf - srcdir \
  | ssh remoteHost 'buffer -m 8m -p 75 | tar -C /dest -xpf -'
(Note that there's another pipe inside the ssh command that's
running on the remote side. Cool, eh?) If the link is slow, you
may want to use the -C option to "ssh", or put that in your
~/.ssh/config for that host.

Also see http://newbieDoc.sourceForge.net/ ...


-- 
To UNSUBSCRIBE, email to [EMAIL PROTECTED] 
with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]

Re: "screen" saves life, all in a day's work

[Will Trillich]

On Fri, Aug 20 at 01:09PM +0100, Thomas Adam wrote:
> On Fri, Aug 20, 2004 at 02:35:53AM -0500, Will Trillich wrote:
> > On Thu, Aug 19 at 10:06AM +0800, John Summerfield wrote:
> > > You can also start it up at, say, boot time running, for example, 
> > > user-mode-linux or Hercules.
> > 
> > what's that all about? curious minds wanna know. sounds like a
> > handy idea. :)
> 
> http://user-mode-linux.sourceforge.net/

why is it important to run these inside screen?

-- 
I use Debian/GNU Linux version 3.0;
Linux boss 2.4.18-bf2.4 #1 Son Apr 14 09:53:28 CEST 2002 i586 unknown
 
DEBIAN NEWBIE TIP #47 from Will Trillich <[EMAIL PROTECTED]>
:
Want to LEARN MORE ABOUT VIM? From inside vim (when you're
editing some text) try
:help
:help howto
:help options
Type "ctrl-W ctrl-W" to switch 'panes', or "ctrl-W q" to close
one. (Try ":help CTRL-W" for more details on control-W.)

Also see http://newbieDoc.sourceForge.net/ ...


-- 
To UNSUBSCRIBE, email to [EMAIL PROTECTED] 
with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]

repartitioning software raid1 -- remotely?

[Will Trillich]

short version: how to repartition a software raid 1 (mirroring)
remotely?

long version:

so the client (hundreds of miles away) has a fresh debian woody
running on a software raid1 (mirroring) setup. but the
partitioning needs an overhaul:

Filesystem  1k-blocks  Used Available Use% Mounted on
/dev/md1 72090640541412  68619620   1% /
/dev/md2  3747472212280   3382904   6% /var
/dev/md093207  5344 84013   6% /boot

yikes!

so i (in indiana) am thinking i can
- split the raid (in boston) back into two hd* drives,
- repartition the non-booted one,
- shuffle stuff over to the new partitions,
- reconfigure lilo,
- boot from the newly-partitioned drive,
- repartition the first drive to match the booted one,
- re-establish raid parameters,
- lilo some more,
- and then reboot again.

is that a sane/possible approach?

since we're NOT anywhere near the client machine, this seems to
be a reasonable way of repartitioning the thing, remotely. if
not, other pointers welcome.

so how do we split the raid up without borking the remote
computer into a non-bootable/non-reachable state?




VFS: Mounted root (cramfs filesystem).
Freeing unused kernel memory: 128k freed
md: md driver 0.90.0 MAX_MD_DEVS=256, MD_SB_DISKS=27
 [events: 0014]
 [events: 0014]
md: autorun ...
md: considering hdb3 ...
md:  adding hdb3 ...
md:  adding hda3 ...
md: created md1
md: bind
md: bind
md: running: 
md: hdb3's event counter: 0014
md: hda3's event counter: 0014
md: RAID level 1 does not need chunksize! Continuing anyway.
md: raid1 personality registered as nr 3
md1: max total readahead window set to 124k
md1: 1 data-disks, max readahead per data-disk: 124k
raid1: device hdb3 operational as mirror 1
raid1: device hda3 operational as mirror 0
raid1: raid set md1 active with 2 out of 2 mirrors
md: updating md1 RAID superblock on device
md: hdb3 [events: 0015]<6>(write) hdb3's sb offset: 73240256
md: hda3 [events: 0015]<6>(write) hda3's sb offset: 73240256
md: ... autorun DONE.
Adding Swap: 979956k swap-space (priority -1)


-- 
I use Debian/GNU Linux version 3.0;
Linux boss 2.4.18-bf2.4 #1 Son Apr 14 09:53:28 CEST 2002 i586 unknown
 
DEBIAN NEWBIE TIP #109 from Dave Thayer <[EMAIL PROTECTED]>
:
Puzzled about HOW TO READ COMPRESSED FILES? In /usr/share/doc
there are tons of *.gz files -- they're "gzipped" to save space.
I like to use lynx to read the stuff in /usr/share/doc/*. It
handles gzip textfiles just fine and makes it easy to navigate
between files.  If there is HTML documentation you can follow
the hyperlinks.
  BTW, if you install the doc-linux-html package you get the
HOWTOs in hypertext.

Also see http://newbieDoc.sourceForge.net/ ...


-- 
To UNSUBSCRIBE, email to [EMAIL PROTECTED] 
with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]

Re: RE : What is the current stable version

[Will Trillich]

On Fri, Aug 20 at 08:21AM +0200,
[EMAIL PROTECTED] wrote:
> And what will append on my machine wenn Sarge will be released
> as stable? My apt list point on 'stable' repository.. Does it
> meeens that I will get a massive upgrade next time I run
> 'apt-get upgrade'? 
> 
> Does it could leads in stability problems? (I have no physical
> access to my server)

if your sources.list links to STABLE, and STABLE MOVES TO A NEW
RELEASE, then you'll be getting a whole lot of new upgrade
situations. config files, filesystem hierearchy locations, yada
yada. most will go smoothly, but the ones that don't will be the
ones yuo're most interested in (it *just knows* :).

if your sources.list links to WOODY, then you'll stay with
woody. much less stress (and less recently-developed packages as
well).

-- 
I use Debian/GNU Linux version 3.0;
Linux boss 2.4.18-bf2.4 #1 Son Apr 14 09:53:28 CEST 2002 i586 unknown
 
DEBIAN NEWBIE TIP #52 from Will Trillich <[EMAIL PROTECTED]>
:
Would you like to GET APACHE TO HIDE CERTAIN FILES? It's
as easy as adding this to your /etc/apache/httpd.conf:
  PerlModule Apache::Constants
  
SetHandler perl-script
PerlInitHandler Apache::Constants::NOT_FOUND
  
Your scripts, behind the scenes, still have free access to
everything; but web browsers will be told they don't exist!

Also see http://newbieDoc.sourceForge.net/ ...


-- 
To UNSUBSCRIBE, email to [EMAIL PROTECTED] 
with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]

Re: "screen" saves life, all in a day's work

[Will Trillich]

On Thu, Aug 19 at 10:06AM +0800, John Summerfield wrote:
> Will Trillich wrote:
> >very, very sexy, this "screen" thing. very!
> 
> You can also start it up at, say, boot time running, for example, 
> user-mode-linux or Hercules.

what's that all about? curious minds wanna know. sounds like a
handy idea. :)

-- 
I use Debian/GNU Linux version 3.0;
Linux boss 2.4.18-bf2.4 #1 Son Apr 14 09:53:28 CEST 2002 i586 unknown
 
DEBIAN NEWBIE TIP #30 from Wayne Topa <[EMAIL PROTECTED]>
:
Are you seeing GIBBERISH after viewing a binary file on your
console (or in an xterm/rxvt window)? Add this to your ~/.inputrc
file:
"\033[[A": "reset\C-M"
Now when you need a quick tty reset, just press F1 at the command
prompt. Try "info rluserman" for more options.

Also see http://newbieDoc.sourceForge.net/ ...


-- 
To UNSUBSCRIBE, email to [EMAIL PROTECTED] 
with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]

Re: security updates

[Will Trillich]

On Thu, Aug 19 at 11:49AM -0400, Nori Heikkinen wrote:
> right, but i can't do that.  the rest of my message went on to
> say that when i try to apt-get upgrade (i've already
> apt-gotten updated), because i haven't done it in so long, apt
> tries to upgrade 500+ packagest for me, which i don't have the
> space on /var to do.
> 
> your solution is great, but i can't apply it until i figure
> out how to get apt to do only part of those 500+ at a time, to
> the point where my system is up to date.  until then, though,
> how do i apply a security patch?

to get all current security patches for whatever you have
installed, comment out everything in your sources.list file
except for

deb http://security.debian.org/ stable/updates main contrib non-free

and then "apt-get clean", "apt-get update" and THEN "apt-get
upgrade"

i think. :)

-- 
I use Debian/GNU Linux version 3.0;
Linux boss 2.4.18-bf2.4 #1 Son Apr 14 09:53:28 CEST 2002 i586 unknown
 
DEBIAN NEWBIE TIP #42 from Pietro Cagnoni <[EMAIL PROTECTED]>
and Kent <[EMAIL PROTECTED]>
:
Would you like to DISABLE CONTROL-ALT-DEL? Piece of cake.
Just comment the line out in /etc/inittab
# What to do when CTRL-ALT-DEL is pressed.
ca:12345:ctrlaltdel:/sbin/shutdown -t1 -a -r now
and then "kill -HUP 1" to have init re-read the file.

Also see http://newbieDoc.sourceForge.net/ ...


-- 
To UNSUBSCRIBE, email to [EMAIL PROTECTED] 
with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]

Re: security updates

[Will Trillich]

On Thu, Aug 19 at 11:49AM -0400, Nori Heikkinen wrote:
> on Thu, 19 Aug 2004 10:14:01AM +0800, John Summerfield insinuated:
> > Nori Heikkinen wrote:
> > >reading the debian weekly news, i noticed a couple packages that i
> > >have installed with newly-discovered security holes in them.  the
> > >newsletter says about these packages "you know the drill."  well, i
> > >don't ...
> > 
> > Assuming you have these
> > 
> > deb http://security.debian.org/ stable/updates main
> > deb-src http://security.debian.org/ stable/updates main
> > 
> > in /etc/apt/sources.list (you only need the second if you're likely to 
> > build from source)
> > (make sure you have all the seconds you need)
> > then
> > apt-get update && apt-get  upgrade
> 
> right, but i can't do that.  the rest of my message went on to say
> that when i try to apt-get upgrade (i've already apt-gotten updated),
> because i haven't done it in so long, apt tries to upgrade 500+
> packagest for me, which i don't have the space on /var to do.
> 
> your solution is great, but i can't apply it until i figure out how to
> get apt to do only part of those 500+ at a time, to the point where my
> system is up to date.  until then, though, how do i apply a security
> patch?

okay, then, just "apt-get install package-of-your-choice" and
i'll follow appropriate dependencies, downloading what's needed
for that one install.

apt-get upgrade will download the whole shootin' match.

-- 
I use Debian/GNU Linux version 3.0;
Linux boss 2.4.18-bf2.4 #1 Son Apr 14 09:53:28 CEST 2002 i586 unknown
 
DEBIAN NEWBIE TIP #63 from Will Trillich <[EMAIL PROTECTED]>
:
What's the best way to GET RESPONSES ON DEBIAN-USER? There are
several things to keep in mind:
1) Debians are all volunteers because they enjoy what they
   do; they don't owe you diddly (and you'll be one of us
   when you start getting involved): ASK, and ye shall
   recieve; DEMAND, and ye shall be rebuffed
2) Provide evidence showing that you did put effort into
   finding a solution to your problem (at least demonstrate
   that you've seen the manual)
3) Be known to offer pointers and assistance to others
4) Give enough information so that someone else can figure
   out what you're after; and make it legible
5) Enjoy yourself and have fun -- it'll come across, and we
   enjoy people who enjoy life; a petulant whiner seldom
   gets any useful pointers other than "Out, damn spot!"

Also see http://newbieDoc.sourceForge.net/ ...


-- 
To UNSUBSCRIBE, email to [EMAIL PROTECTED] 
with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]

maxqueries dns error resolving spamcop.net

[Will Trillich]

here 'boss' is the hostname of the machine running the dns
server (bind v8 from woody) -- these no doubt come from
spamassassin:

Unusual System Events
=-=-=-=-=-=-=-=-=-=-=
Aug 19 04:14:20 boss named[25505]: MAXQUERIES exceeded, possible data loop in 
resolving (230.209.217.193.bl.spamcop.net)
Aug 19 04:14:20 boss named[25505]: MAXQUERIES exceeded, possible data loop in 
resolving (249.224.91.80.bl.spamcop.net)
Aug 19 04:14:20 boss named[25505]: MAXQUERIES exceeded, possible data loop in 
resolving (230.209.217.193.bl.spamcop.net)
Aug 19 04:14:20 boss named[25505]: MAXQUERIES exceeded, possible data loop in 
resolving (249.224.91.80.bl.spamcop.net)
Aug 19 04:28:08 boss named[25505]: MAXQUERIES exceeded, possible data loop in 
resolving (37.46.253.217.bl.spamcop.net)
Aug 19 04:28:08 boss named[25505]: MAXQUERIES exceeded, possible data loop in 
resolving (249.224.91.80.bl.spamcop.net)
Aug 19 04:28:08 boss named[25505]: MAXQUERIES exceeded, possible data loop in 
resolving (37.46.253.217.bl.spamcop.net)
Aug 19 04:28:08 boss named[25505]: MAXQUERIES exceeded, possible data loop in 
resolving (249.224.91.80.bl.spamcop.net)
Aug 19 05:01:22 boss named[25505]: MAXQUERIES exceeded, possible data loop in 
resolving (216.50.239.48.bl.spamcop.net)

been getting LOTS of these lately.

i didn't see MAXQUERIES mentioned anywhere on d-u in the last
six months, so i thought i'd ask to find out if i'm the only
one. :)

am i? and, what needs reconfiguring?



# named -v
named 8.3.3-REL-NOESW Sun Jan  4 04:05:59 UTC 2004
[EMAIL 
PROTECTED]:/host/space/tmp/mdz/debian/security/bind/bind-8.3.3/src/bin/named

# spamassassin --version
SpamAssassin version 2.64

# perl -MMail::SpamAssassin -e 'print $Mail::SpamAssassin::VERSION'
2.64

-- 
I use Debian/GNU Linux version 3.0;
Linux boss 2.4.18-bf2.4 #1 Son Apr 14 09:53:28 CEST 2002 i586 unknown
 
DEBIAN NEWBIE TIP #14 from Will Trillich <[EMAIL PROTECTED]>
:
What's a RUNLEVEL? It's simply a big-time setting group;
runlevel 2 might have a full-blown web server plus X running,
and runlevel 3 might be ssh-only, for secure logins. Check
/etc/inittab (and /etc/rc.d/*) for details on how
yours are set up. And try "man runlevel".

Also see http://newbieDoc.sourceForge.net/ ...


-- 
To UNSUBSCRIBE, email to [EMAIL PROTECTED] 
with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]

Re: on RAID1: is HDA+HDD okay? c: d:

[Will Trillich]

On Tue, Aug 17 at 10:46PM -0700, Alvin Oga wrote:
> On Tue, 17 Aug 2004, Alvin Oga wrote:
> > On Tue, 17 Aug 2004, Will Trillich wrote:
> > > lemme check to make sure i grok the recommendation -- HDA and
> > > HDB are primary and secondary on the first bus (C: and D: in
> > > windows parlance), and HDC and HDD are primary and secondary on
> > > the second bus (E: and F: in windows parlance).
> > 
> > yup
> 
> on a second thought .. nope ..
> 
> if you partition hdc into hdc1, hdc2, hdc3, hdc5 ...
>   those partitions will become C: D: E: F:
> 
> and hdb will be G:
> 
> ms is silly.. its sequential alphabets based on partitions

right. was just using the one-partition-per-disk windows
metaphor to be sure i grokked what's what. :)

(of course, you can assign any drive to just about anything...
but the original defaults are A:/B: floppy, C:/D: ide bus 0,
E:/F: ide bus 1 -- until, as you say, you partition something,
which windows folks seldom ever do.)

-- 
I use Debian/GNU Linux version 3.0;
Linux boss 2.4.18-bf2.4 #1 Son Apr 14 09:53:28 CEST 2002 i586 unknown
 
DEBIAN NEWBIE TIP #4 from Will Trillich <[EMAIL PROTECTED]>
:
Want to know WHAT FILES ARE PROVIDED BY PACKAGE x-y-z? This is a
job for dpkg: enter "dpkg -L " at the command
prompt.  Try "dpkg -L netbase | pager" for example.

Also see http://newbieDoc.sourceForge.net/ ...


-- 
To UNSUBSCRIBE, email to [EMAIL PROTECTED] 
with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]

Re: software RAID1: oops!

[Will Trillich]

On Tue, Aug 17 at 10:04PM -0700, Alvin Oga wrote:
> On Tue, 17 Aug 2004, Will Trillich wrote:
> > so it's best to have a raid1 disk on each bus -- but do they
> > both have to be primary?

> best config: hda + hdd  and  hdb + hdc
>   - both raid has a primary disk and a slave

that's four drives, two raid1 pairs. we've only got one raid
pair (shooting for hda and hdd).

so we already have a working md* device using hda and hdb -- what
settings need to be changed before we shut down and move hdb to
hdd?

(and guess what -- i thought i could tinker with the two
separate drives by removing /etc/rcS.d/Sraid* from the startup
sequence. WRONG! how do we recover from that? :( )

-- 
I use Debian/GNU Linux version 3.0;
Linux boss 2.4.18-bf2.4 #1 Son Apr 14 09:53:28 CEST 2002 i586 unknown
 
DEBIAN NEWBIE TIP #69 from Will Trillich <[EMAIL PROTECTED]>
:
Preparing to UPGRADE POSTGRESQL? If you have a second machine on
your network that you can tinker with, do your upgrade there,
first: once tested, you can just have your current applications
link to the remote database through the network:
psql -h 192.168.2.17 myDB
or in perl,
$dbh = DBI->connect('dbi:Pg:dbname=myDB;host=192.168.2.17');
(You may need to tweak your 'host-based access' settings in
/etc/postgresql/pg_hba.conf, first.) Once you're satisfied that
all is well, upgrade your main server. No down time!
  See "man psql" and "man DBD::Pg" for details.

Also see http://newbieDoc.sourceForge.net/ ...


-- 
To UNSUBSCRIBE, email to [EMAIL PROTECTED] 
with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]

on RAID1: is HDA+HDD okay?

[Will Trillich]

On Sun, Aug 15 at 09:53PM -0700, Alvin Oga wrote:
> On Sun, 15 Aug 2004, Will Trillich wrote:
> > $ sfdisk -d
> > # partition table of /dev/hda
> > unit: sectors
> > 
> > /dev/hda1 : start=   63, size=  192717, Id=83, bootable
> > /dev/hda2 : start=   192780, size= 1959930, Id=82
> > /dev/hda3 : start=  2152710, size=146480670, Id=83
> > /dev/hda4 : start=148633380, size= 7614810, Id=83
> > # partition table of /dev/hdb
> > unit: sectors
> 
> this is bad ... you should be also convincing them to use
> hda and hdc ... for 2 disk raid
>   - if the cable goes bad... you're dead
> 
>   - sometimes, depends on the bios and drives, if hda is not
>   present, it will not see hdb

lemme check to make sure i grok the recommendation -- HDA and
HDB are primary and secondary on the first bus (C: and D: in
windows parlance), and HDC and HDD are primary and secondary on
the second bus (E: and F: in windows parlance).

so it's best to have a raid1 disk on each bus -- but do they
both have to be primary?

it'd be easier (i have to talk them thru this tomorrow a.m. on
the phone) to just move HDB to HDD (leaving the cd-rom at hdc)
or would that be a bad thing?

===

disk2:
HDA HDB HDC HDD
disk1:
HDA  *   n  YES  ?
HDB  n   *   ?   ?
HDC YES  ?   *   n
HDD  ?   ?   n   *

so HDA+HDC is obviously recommended -- would HDB+HDD be okay? how
about HDA+HDD or HDB+HDC? what are the ramifications?

-- 
I use Debian/GNU Linux version 3.0;
Linux boss 2.4.18-bf2.4 #1 Son Apr 14 09:53:28 CEST 2002 i586 unknown
 
DEBIAN NEWBIE TIP #131 from Philipp <[EMAIL PROTECTED]>
:
So you want to RECOVER YOUR LINUX BOOT BLOCKS after
installing microso~1 windows on a partition:
1) boot from the Debian CD
2) change from the installation screen
   to a console (ALT F2)
3) mount your root partition, for example:
   mount /dev/hda2 /mnt
   lilo is under /sbin/ which should be
   on your root partition
4) change your root partition: chroot /mnt
5) now you are on your old system, edit lilo.conf
   and add needed lines to boot windows.
6) execute lilo to reset your Master Boot Blocks: /sbin/lilo

Also see http://newbieDoc.sourceForge.net/ ...


-- 
To UNSUBSCRIBE, email to [EMAIL PROTECTED] 
with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]

Re: Debian equivalent of /etc/profile.d

[Will Trillich]

On Tue, Aug 17 at 09:32AM -0300, Leandro Guimaraens Faria
Corsetti Dutra wrote:
> Em Tue, 17 Aug 2004 05:20:06 +0200, Jeremy Brown escreveu:
> > does all initialization I want to do need to go directly
> > into the file "/etc/profile"?

sorta.

according to "man bash" there's /etc/profile (login) and
/etc/bash.bashrc (interactive). not to mention user-specific
files ~/.profile and ~/.bashrc. from the INVOCATION section:

When  bash  is  invoked as an interactive login shell, or
as a non-interactive shell with the --login option, it
first reads and executes commands from the file
/etc/profile, if that file exists.   After reading  that
file,  it looks for ~/.bash_profile, ~/.bash_login, and
~/.profile, in that order, and reads and executes
commands from the first one that exists and is readable.
The  --noprofile  option may be used when the shell is
started to inhibit this behavior.

When an interactive shell that is not a login shell is
started, bash reads and executes commands from ~/.bashrc,
if that file exists.  This may be inhibited by using the
--norc option.  The --rcfile file option will force bash
to read and execute commands from file instead of
~/.bashrc.

on a full moon in a no parking zone after a meteor shower during
even-numbered months unless your inlaws live within 50 miles...

what i think that means is

LOGIN shells source /etc/profile then ~/.profile

INTERACTIVE shells source ~/.bashrc (and the debian
incarnation, i understand, sources /etc/bash.bashrc)

so if you want all your interactivity consistent, put it into
/etc/bash.bashrc -- for once-per-login stuff (things that
subprocesses will inherit, like environment stuff) plop it in
/etc/profile.

right?

-- 
I use Debian/GNU Linux version 3.0;
Linux boss 2.4.18-bf2.4 #1 Son Apr 14 09:53:28 CEST 2002 i586 unknown
 
DEBIAN NEWBIE TIP #110 from Dimitri Maziuk <[EMAIL PROTECTED]>
:
Here's how to TUNNEL SECURE X11 CONNECTIONS THROUGH SSH: on the
client, do this:
local-client# export DISPLAY=:0.0
local-client# ssh -X server
then once you're logged in at the server, do:
remote-server# netscape &
The environment created at the server will include the DISPLAY
variable, so netscape (or whatever) will dialogue with the
client machine. (See "man ssh" for more.)

Also see http://newbieDoc.sourceForge.net/ ...


-- 
To UNSUBSCRIBE, email to [EMAIL PROTECTED] 
with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]

Re: Reverse DNS?

[Will Trillich]

On Tue, Aug 17 at 09:31AM -0300, Leandro Guimaraens Faria Corsetti Dutra wrote:
> Em Tue, 17 Aug 2004 10:50:06 +0200, Bill Wohler escreveu:
> > what questions do I need to ask my
> > sysadmin to get my hostname/IP address into the DNS in my network at
> > work? An apt-cache search on "reverse DNS" didn't pick anything up

for the FULL answer check "dns and bind" from o'reilly. you can
google for it online and read it there, too. it talks about bind
versions 4 and 8, and 9 is similar enough to 8 that you should be
able to interpolate.



short answer -- presuming that you have a static ip address and
that you registered a domain name at an official registrar:

- when you registered your domain, you selected some nameservers
  for it -- those DNS servers need to have resource records
  pointing to the IP address you're using

$TTL 1W
@   IN  SOA your.domain.name. root.your.domain.name. (
200408017
24H
2H
21D
2D )
;
NS  nameserver.out.there.
NS  another.name.server.
;   mail.your.domain.name.
MX  10  mail
;   address for zone your.domain.name.
A   1.2.3.4
;
; address for mail.your.domain.name.
mailA   1.2.3.4
; address for www.your.domain.name.
www A   2.4.6.8
;
dox CNAME   www

the first "A" is the address for the zone; the second is the
address for host mail.your.domain.name -- it happens to be at
the same address as the zone in this example. the third is
the address for the webserver www.your.domain.name and it's
at a totally different address. and "dox" is declared to be a
synonym for "www", so wherever www points to, dox does too.

- for reverse mapping, you need to get whoever's in charge of the
  in-addr.arpa range of addresses you're in, to set that up for
  you:

whois 4.3.2.1.in-addr.arpa
whois 3.2.1.in-addr.arpa
whois 2.1.in-addr.arpa

(your ip address, in reverse order -- and pare off the leading
chunk until you find someone in charge)

note that in the example above i used address 1.2.3.4 for the
domain and the mail server, but 2.4.6.8 for the web server (and
the dox synonym) so the latter would be attended to at
8.6.4.2.in-addr.arpa (or 6.4.2.in-addr.arpa, etc).

they'll need to set up PTRs such as

; e.g. zone 3.2.1.in-addr.arpa
4   PTR your.domain.name.

; e.g. zone 2.1.in-addr.arpa
4.3 PTR your.domain.name.

but to get them to do so you need to make their lives as easy as
possible by sending them the precise strings to cut and paste --
after all, you're asking them to do you a favor.

-- 
I use Debian/GNU Linux version 3.0;
Linux boss 2.4.18-bf2.4 #1 Son Apr 14 09:53:28 CEST 2002 i586 unknown
 
DEBIAN NEWBIE TIP #1 from Will Trillich <[EMAIL PROTECTED]>
:
Looking to use your Debian machine as a FIREWALL? No problem!
Try "apt-get install ipmasq"... After you've got your
/etc/network/interfaces file set up properly, ipmasq will save
you lots of work, setting up rudimentary firewall and routing
tables automatically. Shorewall is more powerful and a better
firewall than ipmasq, but ipmasq is a handy get-up-and-running
tool for newbies.

Also see http://newbieDoc.sourceForge.net/ ...


-- 
To UNSUBSCRIBE, email to [EMAIL PROTECTED] 
with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]

Re: Filesystem recovery with ReiserFS

[Will Trillich]

On Mon, Aug 16 at 02:43PM -0700, Marc Wilson wrote:
> On Mon, Aug 16, 2004 at 12:47:10AM -0500, Will Trillich wrote:
> > - is there significant reason to shun reiserfs?
> > - what's the optimal/recommended recovery method?
> 
> Best reason to shun it is that when the filesystem inevitably
> goes bad (*all* do, not just reiser), the recovery tools are
> non-existent.

as opposed to the alternatives?

ext2fs (ext3fs)
xfs
jfs
nfs

how are their recovery tools? what are their drawbacks?

-- 
I use Debian/GNU Linux version 3.0;
Linux boss 2.4.18-bf2.4 #1 Son Apr 14 09:53:28 CEST 2002 i586 unknown
 
DEBIAN NEWBIE TIP #101 from Joost Kooij <[EMAIL PROTECTED]>
:
Looking for a way to CREATE A PAGE OF LINKS to all the
*/index.html that already exist in your /usr/share/doc tree?
apt-get install dwww
then point your browser to:
http://localhost/dwww

Also see http://newbieDoc.sourceForge.net/ ...


-- 
To UNSUBSCRIBE, email to [EMAIL PROTECTED] 
with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]

Re: screen vs. multiple xterm's + remote connection

[Will Trillich]

On Mon, Aug 16 at 03:58AM -0700, Paul Scott wrote:
> Will Trillich wrote:
> >you can now switch to console (alt-ctl-f1)

or another xterm or another tty anywhere (other computers,
possibly on other continents) :)

> >and do "screen -D -R" to reattach to your original session! 
> >
> My editor was emacs.  It remained running in X where without
> screen emacs was killed.  Indeed I could restart the screen
> session.

emacs wasn't running under X -- it was running at the command
line under screen! :)

> >make some more changes, go out for lunch...
> >
> >now visit a buddy across town and ssh in to your server from his
> >windows machine and do "screen -D -R" and take up where you left
> >off. when his computer freezes up, no worries (for you)...
> >
> >now you travel to piscataway and borrow an imac there to ssh in
> >to your home machine and do "screen -D -R" and resume your
> >undo/redo state, command-line history, suspended jobs et al --
> >as if you hadn't ever left that first xterm.
> >
> >priceless!
> > 
> >
> I haven't learned how to do this yet.

ah. hidden in my blather is the how-to -- also see the man page
for screen:

   -d|-D [pid.tty.host]
does not start screen,  but  detaches  the  elsewhere
running  screen  session.  It  has the same effect as
typing "C-a d" from screen's controlling terminal. -D
is  the  equivalent  to  the power detach key.  If no
session can be detached, this option is  ignored.

so if you forgot to gracefully "^A d" detach a session at work
(or kill its operating window for example) you can force a
detach from elsewhere. suddenly, the cleaning folks at your
office are seeing your xterm say "[remote detached]" and now yuo
can reattach to it wherever you are. (note that your shell is
still active, tho -- the command line where you originally asked
for 'screen' is listening for commands.)

so now it's detached from your xterm at work -- how to reattach
it from home?

   -r [pid.tty.host]
   -r sessionowner/[pid.tty.host]
resumes a detached screen session.  No other  options
(except  combinations  with  -d/-D) may be specified,
though an optional prefix of  [pid.]tty.host  may  be
needed   to  distinguish  between  multiple  detached
screen sessions.  The second form is used to  connect
to  another  user's screen session which runs in mul­
tiuser mode. This indicates that screen  should  look
for   sessions  in  another  user's  directory.  This
requires setuid-root.

voila!

> >in considering xterm and screen, they are NOT mutually
> >exclusive: i.e it's NOT "multiple xterms" VS. "multiple
> >screens". 
> >
> I didn't make that comparison.  "screen" was singular above. :)

it's a bit gray with the singular/plural, isn't it? one konsole
window can have several tabs; one screen instance (session?) can
have several virtual terminal processes (sessions?)...

> I have a DSL router connecting my LAN to the Internet.  I would
> like to learn and test some of the SSH combinations you do
> routinely.  I would need to use PuTTY on a Windows 98 machine
> on this LAN to try to find this Debian sid machine on the
> Internet to see if I can do any of this.  I have no trouble
> doing this on the LAN.  I will read some HOWTO's but would take
> any quick suggestions you have for doing this.

you need to be able to ssh in, and must have 'screen' available.
that's it!

# start a screen session
screen

# do stuff, start editing, background a few manpages,
# then close windows or leave them open and head for home

#...

# log in from home and detach the session at work:
screen -d
# if you closed your windows at work it'll already be
# detached

# reattach/resume your session:
screen -r

the author's favorite is

screen -D -R
# detach if possible, and reattach it (or create a session)


=


to really have some fun, start TWO xterm windows side-by-side
(imagine that one of them is a troubled newbie and the other is a
helpful tech-head):

1. screen

2. screen -x

NOW edit something (doesn't matter which window you use). it's
fun to resize one of them and try to figure out what happens. :)

-- 
I use Debian/GNU Linux version 3.0;
Linux boss 2.4.18-bf2.4 #1 Son Apr 14 09:53:28 CEST 2002 i586 unknown
 
DEBIAN NEWBIE TIP #114 from D & E Radel <[EMAIL PROTECTED]>
:
Installing gnome-apt (although a little buggy) is A GREAT WAY TO
FIND OUT W

Re: screen vs. multiple xterm's

[Will Trillich]

On Mon, Aug 16 at 12:24AM -0700, Paul Scott wrote:
> Will Trillich wrote:
> 
> ><>okay, it's a bit of hyperbole. but MAN i don't remember what
> >life was like a few weeks ago without "screen"!
> >
> >there i was, minding my own business...
> >
> >(snip)
> 
> Sounds great in this case!
> 
> ><>very, very sexy, this "screen" thing. very!
> 
> I keep looking at "screen."  I just tried it again.  My temporary 
> conclusion is that it would be obviously very valuable when not running 
> X.  When running X I more often than not want to see two or more 
> consoles (xterms, etc.) at the *same* time.
> 
> Clearly I could make all of my xterms into "screen"'s and get the best 
> of both worlds but it's not clear at this point why I would want to 
> bother.  Could some of you "screen" users suggest some circumstances 
> under which I would benefit from this?  How does "screen" beat multiple 
> xterms?

inside your xterm, launch an editor and make some changes.

now before you save those changes, close your xterm window.
gone!

or, try getting into that session from another computer. not very
bloody likely! (there may be ways, of course, but the easy
solution is much sexier.)

try again:

launch another xterm. inside xterm, start 'screen'.

now launch an editor and edit something. don't save changes
(this happens to all of us, admit it!) and close your xterm.

poof! it's STILL THERE!

you can now switch to console (alt-ctl-f1) and do "screen -D -R"
to reattach to your original session! really, no, really! make
some more changes, go out for lunch...

now visit a buddy across town and ssh in to your server from his
windows machine and do "screen -D -R" and take up where you left
off. when his computer freezes up, no worries (for you)...

now you travel to piscataway and borrow an imac there to ssh in
to your home machine and do "screen -D -R" and resume your
undo/redo state, command-line history, suspended jobs et al --
as if you hadn't ever left that first xterm.

priceless!



a newbie who you've infected with the debian bug calls you in
distress with a shell scripting problem. you can't go over to
see what's up just now (the spouse is nearly home from work and
you've got plans for the evening). the newbis isn't explaining
herself very well, so you just have her run "screen" and then
you ssh in remotely to her machine using her login, and you run
"screen -x". now you can WATCH her keystrokes (and intervene!)
as she demonstrates -- live -- what she's having trouble with.



in considering xterm and screen, they are NOT mutually exclusive:
i.e it's NOT "multiple xterms" VS. "multiple screens". (seems to me
like having to choose between color and shape -- neither impinges
upon the other.) you don't have to choose between multiple
desktops and multiple xterms, do you? :)

nothing wrong with having each xterm run just one screen -- then
you can be away from your desk (down the hall, back at home,
around the world) and reattach to any of them -- even if your
xterms die.  the fact that screen CAN run more than one session
is just gravy on the goose.

i have konsole running with six tabs -- one for each system i'm
ssh'd into. (one is the local maching itself, naturally.)

on each tab i've got at least two "screen" sessions -- one for
email and one for shell. ^A^A toggles between the two "screen"
sessions, and shift-left (shift-right) rotates among konsole tabs
(remote systems). EXTREMELY handy! [with colored prompts i'm
getting quicker at telling which machine i'm dealing with at a
glance... :) ]

sometimes i need two sessions on the same machine visible at
once, so i create a new konsole window, or rxvt, or xterm. (and
-- perish the thought -- there are times when these quickie
sessions don't even get their own screen session! heavens!)

:)

"screen" rules the roost, around here.

the only limitation is that the MACHINE on which you started your
screen session can't die -- screen uses a pipe/socket/thingie
that it plops into /var/run/screen in order to ply its magic, so
if your server dies, you're out of luck. heck, not only the
socket is wiped out, but so are the processes that had been
running under your screen session. (it'd be nice if screen had
dome sort of save-to-disk-for-later-resume-after-restart
algorithm, but screen handles plenty of miracles already...)
after a while you come to expect a screen session to be able to
withstand anything, but it can't last thru a server restart! :)

-- 
I use Debian/GNU Linux version 3.0;
Linux boss 2.4.18-bf2.4 #1 Son Apr 14 09:53:28 CEST 2002 i586 unknown
 
DEBIAN NEWBIE TIP #49 from Will

calendar server recommendations?

[Will Trillich]

i can see that my partners are soon going to be looking at
claendar server features... m$ exchange server is going to be
the touchstone -- if some of y'all'uns have experience with some
of the calendaring solutions available on debian, i'd love to
hear them.

we've got some outlook users and some linux users -- and would
like a linux server to handle the various client calendar
applications (also need a recommendation on the linux client app
for calendaring -- evolution?)



all i found packaged for debian so far was "courier-pcp":

$ apt-cache search calendar | grep serv
caudium-php4 - A server-side, HTML-embedded scripting language
courier-pcp - Courier Mail Server - PCP server
libapache2-mod-php4 - A server-side, HTML-embedded scripting language
libroxen-calendar - A calendar module for the Roxen Challenger web server
php4 - A server-side, HTML-embedded scripting language
php4-cgi - A server-side, HTML-embedded scripting language
remind - a sophisticated reminder service


the 'pcp' description was a bit terse, but i thought maybe
that's what i should be looking for:

$ apt-cache search pcp
bootcd - run your system from cd without need for disks
courier-pcp - Courier Mail Server - PCP server
librapi2-tools - Tools for talking to a WinCE machine from the command line
pcproxy - A masquerading proxy for flight simulation networks

zut alors.

i also tried

$ apt-cache search calendar | grep group
evolution - The groupware suite
phpgroupware - web based groupware system written in PHP
phpgroupware-addressbook - phpGroupWare addressbook management module
phpgroupware-admin - phpGroupWare administration module
phpgroupware-bookmarks - phpGroupWare bookmark management module
phpgroupware-calendar - phpGroupWare calendar management module
phpgroupware-chat - phpGroupWare chat module
phpgroupware-comic - phpGroupWare comic strip parser module
phpgroupware-core - empty transitional package for phpGroupWare
phpgroupware-developer-tools - phpGroupWare developer tools
phpgroupware-dj - phpGroupWare mp3 database interface module
phpgroupware-eldaptir - phpGroupWare LDAP tree editor module
phpgroupware-email - phpGroupWare E-Mail client module
phpgroupware-etemplate - phpGroupWare etemplate module
phpgroupware-felamimail - phpGroupWare felamimail (Squirrelmail) module
phpgroupware-filemanager - phpGroupWare filemanager module
phpgroupware-folders - phpGroupWare folders module
phpgroupware-forum - phpGroupWare forum module
phpgroupware-ftp - phpGroupWare ftp module
phpgroupware-fudforum - phpGroupWare fudforum module
phpgroupware-headlines - phpGroupWare headlines catcher module
phpgroupware-hr - phpGroupWare human resource management module
phpgroupware-img - phpGroupWare image editor module
phpgroupware-infolog - phpGroupWare infolog applcation
phpgroupware-manual - phpGroupWare on-line manual module
phpgroupware-messenger - phpGroupWare messenger module
phpgroupware-news-admin - phpGroupWare news administration interface
phpgroupware-nntp - phpGroupWare newsgroup reader module
phpgroupware-notes - phpGroupWare notes management module
phpgroupware-phonelog - phpGroupWare phone logging module
phpgroupware-phpbrain - phpGroupWare phpbrain module
phpgroupware-phpgwapi - library of common phpGroupWare functions
phpgroupware-phpsysinfo - phpGroupWare phpSysInfo module
phpgroupware-polls - phpGroupWare polling module
phpgroupware-preferences - phpGroupWare preferences management module
phpgroupware-projects - phpGroupWare projects management module
phpgroupware-qmailldap - phpGroupWare qmailldap module
phpgroupware-registration - phpGroupWare registration module
phpgroupware-setup - phpGroupWare setup III module
phpgroupware-sitemgr - phpGroupWare web content manager
phpgroupware-skel - phpGroupWare skeleton module
phpgroupware-soap - phpGroupWare SOAP module
phpgroupware-stocks - phpGroupWare stock management module
phpgroupware-todo - phpGroupWare todo list management module
phpgroupware-tts - phpGroupWare tts module
phpgroupware-wiki - phpGroupWare wiki module
phpgroupware-xmlrpc - phpGroupWare XMLRPC module

but that's looking like html-generating stuff, not calendar-sharing.

the client machines will have their own calendars; we then need
to merge and share those calendars among and between each other.

http://www.linuxlinks.com/Web/Productivity_Tools/Calendar/

lots of ideas there -- but would love to have some comments from
those with first-hand experience with any linux (preferably .deb
-available) calendaring server packages. hmm?


-- 
I use Debian/GNU Linux version 3.0;
Linux boss 2.4.18-bf2.4 #1 Son Apr 14 09:53:28 CEST 2002 i586 unknown
 
DEBIAN NEWBIE TIP #50 from Will Trillich <[EMAIL PROTECTED]>
:
Want to specify EDITOR SETTINGS WHEN LAUNCHING FROM MUTT?
Put something like this in your ~/.muttrc file:
set editor="vim -c 'set ft=mail tw=64'"
That ensures that Vim syntax highlighting is set for "mail"
patterns, 

Re: woody -> installed on DUAL-PROCESSOR software RAID!

[Will Trillich]

On Sun, Aug 15 at 09:53PM -0700, Alvin Oga wrote:
> On Sun, 15 Aug 2004, Will Trillich wrote:
> > $ sfdisk -d
> > # partition table of /dev/hda
> > unit: sectors
> > 
> > /dev/hda1 : start=   63, size=  192717, Id=83, bootable
> > /dev/hda2 : start=   192780, size= 1959930, Id=82
> > /dev/hda3 : start=  2152710, size=146480670, Id=83
> > /dev/hda4 : start=148633380, size= 7614810, Id=83
> > # partition table of /dev/hdb
> > unit: sectors
> 
> this is bad ... you should be also convincing them to use
> hda and hdc ... for 2 disk raid
>   - if the cable goes bad... you're dead

whoops -- good catch! i hadn't noticed that!

>   - sometimes, depends on the bios and drives, if hda is not
>   present, it will not see hdb

many many thanks. whew!

-- 
I use Debian/GNU Linux version 3.0;
Linux boss 2.4.18-bf2.4 #1 Son Apr 14 09:53:28 CEST 2002 i586 unknown
 
DEBIAN NEWBIE TIP #27 from Will Trillich <[EMAIL PROTECTED]>
:
Would you like RXVT to have more than 80 COLUMNS OR 24 ROWS? For an
rxvt session, running under X, specify how many rows and columns
you want:
rxvt -g 132x30 &
Try "man rxvt" for more info.

Also see http://newbieDoc.sourceForge.net/ ...


-- 
To UNSUBSCRIBE, email to [EMAIL PROTECTED] 
with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]

Filesystem recovery with ReiserFS

[Will Trillich]

On Fri, Aug 13 at 08:52PM +0800, Katipo wrote:
> Marc Wilson wrote:
> >On Thu, Aug 12, 2004 at 11:23:28AM -0400, James Herschel wrote:
> >>What should I do next time?
> > 
> >Not use reiserfs.
> 
> What's wrong with reiserfs?
> I've been running it for three years without a hiccup.

i'd still love to see an informed answer (i.e. not from marc
wilson) on why reiserfs should be avoided. the instance
discussed here may not have been recovered using the best means,
i don't know.  but blanket assertions (avoid it) and emotional
tirades (your problem) are irresponsible noise.

- is there significant reason to shun reiserfs?
- what's the optimal/recommended recovery method?

-- 
I use Debian/GNU Linux version 3.0;
Linux boss 2.4.18-bf2.4 #1 Son Apr 14 09:53:28 CEST 2002 i586 unknown
 
DEBIAN NEWBIE TIP #27 from Will Trillich <[EMAIL PROTECTED]>
:
Would you like RXVT to have more than 80 COLUMNS OR 24 ROWS? For an
rxvt session, running under X, specify how many rows and columns
you want:
rxvt -g 132x30 &
Try "man rxvt" for more info.

Also see http://newbieDoc.sourceForge.net/ ...


-- 
To UNSUBSCRIBE, email to [EMAIL PROTECTED] 
with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]

woody -> installed on DUAL-PROCESSOR software RAID!

[Will Trillich]

On Mon, Aug 09 at 04:15PM +0200, Hans Wilmer wrote:
> Thus, at least one of them will be dual CPU systems, but I´m
> lacking experience with multi processor machines. Both should
> have SATA RAID controllers from 3ware, thus mainboards
> providing 64bit PCI slots make sense.

i've got a client whose hardware guy just installed debian woody
on a dual-processor raid box fresh from dell (they bought a dell
server a month ago a wiped it clean to install debian woody!). i
keep trying to get him to summarize his expoits for deb-user folk
to share, but i fear he's on to other things...


$ cat /proc/cpuinfo
processor   : 0
vendor_id   : GenuineIntel
cpu family  : 15
model   : 2
model name  : Intel(R) Pentium(R) 4 CPU 3.00GHz
stepping: 9
cpu MHz : 2992.549
cache size  : 512 KB
fdiv_bug: no
hlt_bug : no
f00f_bug: no
coma_bug: no
fpu : yes
fpu_exception   : yes
cpuid level : 2
wp  : yes
flags   : fpu vme de pse tsc msr pae mce cx8 apic sep mtrr pge mca cmov pat 
pse36 clflush dts acpi mmx fxsr sse sse2 ss ht tm pbe cid
bogomips: 5976.88

processor   : 1
vendor_id   : GenuineIntel
cpu family  : 15
model   : 2
model name  : Intel(R) Pentium(R) 4 CPU 3.00GHz
stepping: 9
cpu MHz : 2992.549
cache size  : 512 KB
fdiv_bug: no
hlt_bug : no
f00f_bug: no
coma_bug: no
fpu : yes
fpu_exception   : yes
cpuid level : 2
wp  : yes
flags   : fpu vme de pse tsc msr pae mce cx8 apic sep mtrr pge mca cmov pat 
pse36 clflush dts acpi mmx fxsr sse sse2 ss ht tm pbe cid
bogomips: 5976.88


$ mount
/dev/md1 on / type ext2 (rw,errors=remount-ro)
proc on /proc type proc (rw)
devpts on /dev/pts type devpts (rw,gid=5,mode=620)
/dev/md2 on /var type ext2 (rw)
/dev/md0 on /boot type ext2 (rw)


(yes, i'm also working on getting them to "tune2fs -j" this
puppy as well.)


$ sfdisk -d
# partition table of /dev/hda
unit: sectors

/dev/hda1 : start=   63, size=  192717, Id=83, bootable
/dev/hda2 : start=   192780, size= 1959930, Id=82
/dev/hda3 : start=  2152710, size=146480670, Id=83
/dev/hda4 : start=148633380, size= 7614810, Id=83
# partition table of /dev/hdb
unit: sectors

/dev/hdb1 : start=   63, size=  192717, Id=fd
/dev/hdb2 : start=   192780, size= 1959930, Id=82
/dev/hdb3 : start=  2152710, size=146480670, Id=fd
/dev/hdb4 : start=148633380, size= 7614810, Id=fd


$ df
Filesystem   1k-blocks  Used Available Use% Mounted
on
/dev/md1  72090640541208  68619824   1% /
/dev/md2   3747472211720   3383464   6% /var
/dev/md0 93207  5344 84013   6% /boot


((yes, i'm trying to convince them to use a sane partitioning
scheme as well. :))


-- 
I use Debian/GNU Linux version 3.0;
Linux boss 2.4.18-bf2.4 #1 Son Apr 14 09:53:28 CEST 2002 i586 unknown
 
DEBIAN NEWBIE TIP #89 from Karsten M. Self <[EMAIL PROTECTED]>
:
HOSED YOUR X SESSION (but not the entire system)?  Try 'chvt'
which allows directly targeting any virtual terminal:
$ chvt 1
$ chvt 42
If you can still ssh in remotely, running 'chvt 1'
re-establishes your console on the box (or confirms that the
display is fuxnored). Try "apt-get install console-tools" to
get it.

Also see http://newbieDoc.sourceForge.net/ ...


-- 
To UNSUBSCRIBE, email to [EMAIL PROTECTED] 
with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]

"screen" saves life, all in a day's work

[Will Trillich]

okay, it's a bit of hyperbole. but MAN i don't remember what
life was like a few weeks ago without "screen"!

there i was, minding my own business...

i noticed my /home partition filling up, so i started a laborious
copy sendnig the files to another box across town so i could
reswizzle my partitions -- and once that got started i noticed
the real culprit was not all these images, but .xsession-errors
which was 2.3gb all by itself!

tons of repeated error messages in there -- so, i kill my X
session (nice logout, albeit rudely closing xterm windows which
were running the screen sessions) and i try logging back in...

lockup! X won't budge! KDE (i know, i know) is hung!

i switch (alt-f1) to console, log in, kill a bothersome process
or two, try "screen -r" and POOF my file transfers are STILL
GOING (along with a mutt session -- this one :) -- and several
vim sessions) so i switch (alt-f7) back to X. all is well now,
apparently.

and now i've got 50% free now that the 2.3gb file is back to a
measly 15k.

i crank up konsole, enter "screen -D -R" and POOF my file
transfers are STILL GOING, happy as a lark/clam/moi!

now i've got a kde-startup issue to iron out, sure, but my
transfers are as hunky and as dory as can be!


---


okay, this is no big deal for an rsync transfer to get
interrupted. it'll pick right back up where it left off, too
(more properly, it'll send the data necessary to change the
target to match the source).

it's the principle of the thing -- the process is still chugging
along, despite a logout, despite login troubles, whether at
console or within X. imagine if i'd been running something
IMPORTANT!

very, very sexy, this "screen" thing. very!

-- 
I use Debian/GNU Linux version 3.0;
Linux boss 2.4.18-bf2.4 #1 Son Apr 14 09:53:28 CEST 2002 i586 unknown
 
DEBIAN NEWBIE TIP #118 from D. Hoyem <[EMAIL PROTECTED]>
:
Looking for APT-GET TIPS AND INFORMATION?  I found that this url
was a very informative source for apt-get information:
http://debian-br.sourceforge.net/docs/sgml/apt-howto-en/online/

Also see http://newbieDoc.sourceForge.net/ ...


-- 
To UNSUBSCRIBE, email to [EMAIL PROTECTED] 
with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]

Re: I hate it when that happens...

[Will Trillich]

On Sun, Aug 08 at 09:23AM -0700, [EMAIL PROTECTED] wrote:
> > > Unless you have something like "snapshot" running, you
> > > will invariably lose whatever it is that you've just been
> > > working on, backups or not.
> > 
> > So go use Solaris.
> 
> Solaris is not optimized for the X86 architecture; also, it is
> a disk hog.
> 
> Additionally, as I mentioned, the "snapshot" feature eats lots
> of disk space and may require RAID support.
> 
> So, I'll just put a condom on "rm"...

ah, but human beings are creatures of habit, and you're
developing a really BAD one there.

what happens when you're at a buddy's house and forget that your
usual "rm" is custom-designed? you'll clean him out and he'll
come after you with a loaded revolver.

here's what i do--

alias rm="echo '## use RM instead! ##'"
alias RM="/bin/rm -i"

so at least i'm in the habit of using something unlikely to be
dangerous anywhere else. if on someone else's system, i'll see
'command not found' and then remember to fall back to the full
orignial command, consientiously, consciously, carefully, and
cautiously. on purpose, even.

-- 
I use Debian/GNU Linux version 3.0;
Linux boss 2.4.18-bf2.4 #1 Son Apr 14 09:53:28 CEST 2002 i586 unknown
 
DEBIAN NEWBIE TIP #53 from Will Trillich <[EMAIL PROTECTED]>
:
Tired of MESSING WITH THREE APACHE CONFIG FILES? Put everything
into your /etc/apache/httpd.conf file, and add these two lines:
ResourceConfig /dev/null
AccessConfig /dev/null
Now it's all together. Of course, you can break it into smaller
pieces, too -- try:
Include /this/important/config/file.here

Also see http://newbieDoc.sourceForge.net/ ...


-- 
To UNSUBSCRIBE, email to [EMAIL PROTECTED] 
with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]

Re: Linux help system (Was: -=> Re: I hate it when that happens...)

[Will Trillich]

On Fri, Aug 13 at 05:05AM +0800, John Summerfield wrote:
> Documentation is a much-ignored standard.
> 
> Some is in man format:
> man man

> THe GNU project likes info
> info info

> Some projects prefer HTML:
> links /usr/share/doc/postgresql-doc/html/index.html

> Others think postscript is cool
> gv /usr/lib/tk8.4/prolog.ps

> or even pdf
> xpdf /usr/share/cups/doc-root/cmp.pdf

> and there's aplways plain old documents:
> perldoc /usr/share/doc/openssl/doc/crypto/ASN1_OBJECT_new.pod

> or even text, sometimes compressed:
> zless /usr/share/doc/debian/FAQ/debian-faq.en.txt.gz

> sometimes not:
> /usr/share/doc/dillo/Cookies.txt
> 
> I'm shore there are more
> 
> Clear?

unfortunately. eesh. what an awful state of affairs.

while innovation is good, standards do help us get along (and
bring newbies up to speed faster). in some ways i wish we could
pick one and ditch the rest.

-- 
I use Debian/GNU Linux version 3.0;
Linux boss 2.4.18-bf2.4 #1 Son Apr 14 09:53:28 CEST 2002 i586 unknown
 
DEBIAN NEWBIE TIP #67 from Colin Watson <[EMAIL PROTECTED]>
:
Did you know MANPAGES ARE IN SEVERAL SECTIONS?  For example,
user commands are in section 2 of the manual, and system
administration items are in section 8; to request a particular
section via "man" include it before the item:
man 7 regex
(otherwise you'll probably see regex from section 3 instead.)
To see ALL pages with a particular name, try
man -a regex
every matching manpage (from whichever section) will be
presented, one-by-one.

Also see http://newbieDoc.sourceForge.net/ ...


-- 
To UNSUBSCRIBE, email to [EMAIL PROTECTED] 
with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]

Re: I hate it when that happens...

[Will Trillich]

On Sat, Aug 07 at 12:07PM +0200, John L Fjellstad wrote:
> Paul Gear <[EMAIL PROTECTED]> writes:
> 
> > And *always* use 'set -u' in shell scripts.  :-)
> 
> What does that do?  I looked in bash manual, and couldn't find
> anything... (always ready to learn something new:-) )

man bash

it's in "shell builtin commands" -- search for " set [" (that's
space, set, space, beginbracket)

-- 
I use Debian/GNU Linux version 3.0;
Linux boss 2.4.18-bf2.4 #1 Son Apr 14 09:53:28 CEST 2002 i586 unknown
 
DEBIAN NEWBIE TIP #90 from Der.Hans <[EMAIL PROTECTED]>
and Joey Hess <[EMAIL PROTECTED]>
:
Wondering HOW TO GET CPAN MODULES FOR PERL?
man CPAN
Not too many manpages need capital letters. (It's a Perl module
that comes with Perl, or at least has since Potato or before.)
Then,
perl -MCPAN -e 'shell'
CAVEAT: if the Perl module is not packaged in *.deb Debian
format (and about 270 are), the next best thing is to use the
dh-make-perl, which can build debian packages on the fly out of
CPAN.

Also see http://newbieDoc.sourceForge.net/ ...


-- 
To UNSUBSCRIBE, email to [EMAIL PROTECTED] 
with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]

crack attempt?

[Will Trillich]

hone:  +1-800-562-4206
TechEmail:  [EMAIL PROTECTED] 

OrgAbuseHandle: ENAA-ARIN
OrgAbuseName:   Eureka Networks Abuse Administrator 
OrgAbusePhone:  +1-800-562-4206
OrgAbuseEmail:  [EMAIL PROTECTED]

OrgNOCHandle: EIA-ARIN
OrgNOCName:   Eureka Networks IP Administrator 
OrgNOCPhone:  +1-800-562-4206
OrgNOCEmail:  [EMAIL PROTECTED]

OrgTechHandle: EIA-ARIN
OrgTechName:   Eureka Networks IP Administrator 
OrgTechPhone:  +1-800-562-4206
OrgTechEmail:  [EMAIL PROTECTED]

# ARIN WHOIS database, last updated 2004-08-09 19:10
# Enter ? for additional hints on searching ARIN's WHOIS database.

-- 
I use Debian/GNU Linux version 3.0;
Linux boss 2.4.18-bf2.4 #1 Son Apr 14 09:53:28 CEST 2002 i586 unknown
 
DEBIAN NEWBIE TIP #50 from Will Trillich <[EMAIL PROTECTED]>
:
Want to specify EDITOR SETTINGS WHEN LAUNCHING FROM MUTT?
Put something like this in your ~/.muttrc file:
set editor="vim -c 'set ft=mail tw=64'"
That ensures that Vim syntax highlighting is set for "mail"
patterns, and that text will wrap automatically at 64
columns. (For more info, try ":help tw" or ":help ft" when
inside Vim. Also, browse /usr/share/doc/mutt/html/manual.html
for the full scoop on customizing Mutt.)

Also see http://newbieDoc.sourceForge.net/ ...


-- 
To UNSUBSCRIBE, email to [EMAIL PROTECTED] 
with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]

Re: Bash equivalent to DOS /p

[Will Trillich]

On Fri, Jul 16 at 10:28PM +0800, Duggan wrote:
> Rus Foster wrote:
> 
> >On Fri, 16 Jul 2004, Duggan wrote:
> >>I know that this is a really n00bish question, but I have to
> >>ask.  What is the command that limits output from a command
> >>to just a page at a time, like the /p command in DOS?
> >
> >Try
> >
> >cmd | less
> >
> >Rgds
> >
> >rus
> > 
> >
> I tried both Thomas's and your suggestions and neither has
> worked.  Just to clarify I am trying to use the dumpkeys
> command and the output from it doesn't fit in one screen.  I
> am not working in an X environment so there are no scroll bars
> so I'm trying to figure out how I can see the output page by
> page.

shift-pageup! no scroll bars needed. :)

whether you're in an xterm (or rxvt or konsole or gnome-term)
within the X window display system or at the text-only console,
you can try SHIFT-PAGEUP and SHIFT-PAGEDOWN to scroll around
your session's display history. you can usually select (with
your mouse pointer) any text that you see there -- right-click
either gives you options or extends your selection; middle-click
usually pastes whatever you've got selected (as if you'd
re-typed it all frmo your own keyboard, and in a hurry :).

-- 
I use Debian/GNU Linux version 3.0;
Linux boss 2.4.18-bf2.4 #1 Son Apr 14 09:53:28 CEST 2002 i586 unknown
 
(5 matched scroll)
DEBIAN NEWBIE TIP #6 from Will Trillich <[EMAIL PROTECTED]>
:
How do you keep text from SCROLLING BY TOO DAMN FAST? :)
Before pressing the ENTER key of a command that you know will
generate a lot of output, "pipe" it through your pager:
ls -lR | pager
locate tgz | pager
grep -r pattern /home | pager
You can also try - to scroll back. This works
both at the console and in rxvt/xterm windows.

Also see http://newbieDoc.sourceForge.net/ ...


-- 
To UNSUBSCRIBE, email to [EMAIL PROTECTED] 
with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]

Re: Bash equivalent to DOS /p

[Will Trillich]

On Fri, Jul 16 at 04:46PM -0400, Hendrik Boom wrote:
> On Fri, Jul 16, 2004 at 03:58:41PM -0400, Nori Heikkinen wrote:
> > >   command 2>&1 | less
> > 
> > dude! i've been trying to do that for months.  tahnks!
> > 
> > as an aside, did /p in DOS redirect stderr, too?  it's been
> > so long ...
> 
> Well, I'm glad I posted -- I nearly didn't -- it seemed too
> well-known.  But then I thought, piping to less is well-known,
> too.  I wonder how many other well-known things need to be
> posted here too  I wonder how many of them I need to know
> and don't...

exactly! keep spreading it around... :)

-- 
I use Debian/GNU Linux version 3.0;
Linux boss 2.4.18-bf2.4 #1 Son Apr 14 09:53:28 CEST 2002 i586 unknown
 
DEBIAN NEWBIE TIP #28 from Will Trillich <[EMAIL PROTECTED]>
:
Would you like to have rxvt show you useful information in the
TITLE BAR of its X window? For example, to see your "present
working directory" in the title bar, include this in your bash
command prompt string:
export PS1="\e]0;[EMAIL PROTECTED] "
Anything between the "\e]0;" and the control-G will be displayed
as the title of the rxvt window. (For data entry, you may need to
precede the ^G with ^V.)

Also see http://newbieDoc.sourceForge.net/ ...


-- 
To UNSUBSCRIBE, email to [EMAIL PROTECTED] 
with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]

colored bash prompt

[Will Trillich]

On Tue, Jul 13 at 09:16AM -0500, Reid Priedhorsky wrote:
> On Tue, 13 Jul 2004 09:30:18 +0200, Silvan wrote:
> >> Also look into the tput program. You tell it what you want (bold,
> >> green, etc.) and it outputs appropriate magic for your current
> >> terminal.

great idea -- i'll have to snoop around in there for a while.
good modular solution! i've been using perl's Term::ANSIColor
module, which is really hard-wired cheat-code, but it works for
the most part.

> > Sounds interesting, but any syntax examples?  I couldn't make heads or
> > tails of it.
> 
> Here's a bash prompt I used for a while. It makes the hostname part bold.
> 
>   # my prompt
>   BOLD=`tput bold`
>   NORM=`tput sgr0`
>   export PS1="\# [EMAIL PROTECTED] \w]\$ "
> 
> (Yes, srg0 means normal.)

here's my setup -- comments welcome.



# System-wide /etc/bash.bashrc file for interactive bash(1) shells.

umask 022

# If running interactively, then:
if [ "$PS1" ]; then

function makePrompt
{
local ESC='\e';
# control-O restores charset after 'cat '
local CHARSET='\017'

# define USERCOLOR, ROOTCOLOR, SYSCOLOR, HOSTCOLOR
. /etc/bash.bashrc.local

local CHR='\$'

if [ "`id -u`" -eq 0 ]; then
USERCOLOR=$ROOTCOLOR
#PATH="/usr/local/bin:/usr/bin:/bin:/usr/bin/X11:/usr/games"

PATH="/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin:/usr/bin/X11"
elif [ "`id -u`" -lt 1000 ]; then
USERCOLOR=$SYSCOLOR
fi

if [ "$BASH" ]; then
#PS1='[EMAIL PROTECTED]:\w\$ '

# get ANSI esc seq for colorization, and bracket
# with \[...\]
function bracket
{
local seq=`perl -MTerm::ANSIColor -e "print 
color(qw/$*/)"`
echo "\[$seq\]"
}

USERCOLOR=`bracket $USERCOLOR`
HOSTCOLOR=`bracket $HOSTCOLOR`
local DECOLOR=`bracket RESET`

unset bracket

local LOGIN="[EMAIL PROTECTED]"
local WHERE="\w${DECOLOR}"
local WHEN="\[$ESC[\$LINES;\$((\$COLUMNS - 
19))H\]${HOSTCOLOR}\d \t${DECOLOR}"
PS1="$CHARSET$LOGIN:$WHERE$WHEN\n$USERCOLOR$CHR $DECOLOR "
PS1=`echo $PS1 | sed -e 's/\\]\\[//g'`
else
PS1="[EMAIL PROTECTED] $CHR "
fi

set -

unset USERCOLOR ROOTCOLOR SYSCOLOR HOSTCOLOR
}

makePrompt
unset makePrompt

export PATH PS1

# set a fancy prompt (overwrite the one in /etc/profile)
#PS1='${debian_chroot:+($debian_chroot)[EMAIL PROTECTED]:\w\$ '

# check the window size after each command and, if necessary,
# update the values of LINES and COLUMNS.
shopt -s checkwinsize

# don't put duplicate lines in the history. See bash(1) for more options
export HISTCONTROL=ignoredups

# enable bash completion in interactive shells
if [ -f /etc/bash_completion ]; then
. /etc/bash_completion
fi
fi



and here's the /etc/bash.bashrc.local for modularity -- all i
change on different hosts is the HOSTCOLOR. so at a glance i can
see if i'm root (red) a sysuser (green) or a normal user (blue).
and after a few moments of use, i can get quite familiar with
which host i'm on as well.



# local settings for use in /etc/bash.bashrc

USERCOLOR="BOLD WHITE ON_BLUE"
ROOTCOLOR="BOLD YELLOW ON_RED"
SYSCOLOR="BOLD YELLOW ON_GREEN"
HOSTCOLOR="BOLD RED ON_BLUE"


-- 
I use Debian/GNU Linux version 3.0;
Linux boss 2.4.18-bf2.4 #1 Son Apr 14 09:53:28 CEST 2002 i586 unknown
 
DEBIAN NEWBIE TIP #41 from Colin Watson <[EMAIL PROTECTED]>
:
Do you need to MASSAGE A BUNCH OF FILE NAMES? There's more
than one way to skin a cat -- here are some examples of
canonicalizing file names to lower-case:
mmv \* \#l1
rename 'tr/A-Z/a-z/' *
zsh -c 'for x in *; do mv "$x" "${x:l}"; done'
(The "rename" command is a standard perl script, by the way.)

Also see http://newbieDoc.sourceForge.net/ ...


-- 
To UNSUBSCRIBE, email to [EMAIL PROTECTED] 
with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]

tips for using "screen"?

[Will Trillich]

On Fri, Jul 09 at 01:44PM +1000, Zenaan Harkness wrote:
> You need an app called "screen". I've only just started
> learning but it's way cool.

it is, indeed!

got any juicy tidbits you've picked up that the rest of us could
use? broadcast them here!

here's my latest ~/.screenrc



# .screenrc
hardstatus alwayslastline "%{km}%H%{mk} %{yb}%-Lw%{= yb}%50>%n%f* %t%{-}%+Lw%< 
%{gk}%-19=%C%a %D,%d %M "

bindkey -k k7 prev
bindkey -k k8 next
startup_message off

screen -t bash 2 bash
shelltitle '$ |bash'

screen -t mutt 1 mutt -y -e "push Od"



rather than explain them i'll send y'all to "man screen" so you
can learn other cool stuff and add to the mix. :)


-- 
I use Debian/GNU Linux version 3.0;
Linux boss 2.4.18-bf2.4 #1 Son Apr 14 09:53:28 CEST 2002 i586 unknown
 
DEBIAN NEWBIE TIP #48 from Will Trillich <[EMAIL PROTECTED]>
:
To peruse your CURRENT VIM SETTINGS (there's LOTS of them)
from within Vim, simply do
:options
You can change them there, on-the-fly, as well. Type
"ctrl-W ctrl-W" to switch "panes" or "ctrl-W q" to close one.
Try ":help" to learn more.

Also see http://newbieDoc.sourceForge.net/ ...


-- 
To UNSUBSCRIBE, email to [EMAIL PROTECTED] 
with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]

"use screen" to "Pick up a shell session after ssh timeout"

[Will Trillich]

On Thu, Jul 08 at 04:15PM +0200, Dennis Stosberg wrote:
> Sure, this is not a solution this time.  But maybe it is a solution
> for the next time:
> 
> $ ssh [EMAIL PROTECTED]
> Welcome to remotehost
> $ screen
> $ long_task
> 
> When you press C-a C-d now, you detach yourself from your screen
> session, which means that long_task will continue to run using a
> virtual terminal simulated by screen. 
> 
> Log out, go for lunch.
> 
> When you return, you can rejoin your previously opened screen
> session:
> 
> $ ssh [EMAIL PROTECTED]
> Welcome to remotehost
> $ screen -x
> 
> And zap! You are exactly where you came from before you detached
> from your old session.  And this is just a little bit of what screen
> can do for you.  I found it to be very useful and quite addictive.

screen's architect recommends

screen -D -R

to reattach to existing sessions (or spawn a new session if
there's none to reattach to), whereas

screen -x

will JOIN an active session -- that is, you can have several
keyboards/monitors looking at the exact same session; input and
output are available to all participants (which is great for
narrated support sessions, and can be misused to give close
friends a severe but entertaining case of apoplexy :).

screen is
   __  _  _   ___  ___
 / __ `/ | /| / / _ \/ ___/ __ \/ __ `__ \/ _ \
/ /_/ /| |/ |/ /  __(__  ) /_/ / / / / / /  __/
\__,_/ |__/|__/\___//\/_/ /_/ /_/\___/



-- 
I use Debian/GNU Linux version 3.0;
Linux boss 2.4.18-bf2.4 #1 Son Apr 14 09:53:28 CEST 2002 i586 unknown
 
DEBIAN NEWBIE TIP #117 from Adam Scriven <[EMAIL PROTECTED]>
:
Here's how you THAW MESSAGES FROZEN VIA EXIM: Just cd to the
/var/spool/exim/msglog directory, and run
# exim -Mt *
That should thaw any message that's pending. For more dire
action, you can try
# exim -Mrm 
to actually obliterate a troublesome message. See exim.org (or
/usr/share/doc/exim/manual.html/*) for more details.

Also see http://newbieDoc.sourceForge.net/ ...


-- 
To UNSUBSCRIBE, email to [EMAIL PROTECTED] 
with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]

Re: Pick up a shell session after ssh timeout

[Will Trillich]

On Thu, Jul 08 at 09:50AM -0500, Alan Shutko wrote:
> Right, it won't work for this time.  But if one uses screen
> every time they log in, one will always be able to resume,
> whether it times out because of ping, whether the phone line
> gets cut, whether the client machine reboots

but not if the server reboots, of course. (but wouldn't that be
a great feature? :)

-- 
I use Debian/GNU Linux version 3.0;
Linux boss 2.4.18-bf2.4 #1 Son Apr 14 09:53:28 CEST 2002 i586 unknown
 
DEBIAN NEWBIE TIP #85 from USM Bish <[EMAIL PROTECTED]>
:
Where should you SEARCH FOR DEBIAN PACKAGES?
http://www.debian.org/distrib/packages
Also,
apt-cache search 
might get you the info as well.

Also see http://newbieDoc.sourceForge.net/ ...


-- 
To UNSUBSCRIBE, email to [EMAIL PROTECTED] 
with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]

Re: apt-get install = remove?

[Will Trillich]

On Tue, Jul 13 at 01:10PM -0400, Greg Folkert wrote:
> On Tue, 2004-07-13 at 12:18, Will Trillich wrote:
> > thought this was weird:
> > 
> > # apt-get install webmin-ssl
> > Reading Package Lists... Done
> > Building Dependency Tree... Done
> > The following packages will be REMOVED:
> >   webmin-bind8 webmin-core webmin-postgresql webmin-ssl webmin-status 
> > webmin-xinetd
> > 0 packages upgraded, 0 newly installed, 6 to remove and 0  not upgraded.
> > Need to get 0B of archives. After unpacking 14.7MB will be freed.
> > Do you want to continue? [Y/n]
> > 
> > so, install = remove? hoo boy.
> 
> No, it means the core and ssl have been built against that was
> updated and the other were not. *THAT* is why they were held
> in the first place.

the germane portions are:

> > # apt-get install webmin-ssl
> > The following packages will be REMOVED:
> >   [snip] webmin-ssl [snip]

i asked for INSTALL and thereby got a REMOVE. lemme tellya,
that's not something i see very often. :)

-- 
I use Debian/GNU Linux version 3.0;
Linux boss 2.4.18-bf2.4 #1 Son Apr 14 09:53:28 CEST 2002 i586 unknown
 
DEBIAN NEWBIE TIP #81 from USM Bish <[EMAIL PROTECTED]>
:
Looking to AUTOMATE APT-GET UPGRADES? Don't! Sooner or later
there will be configuration questions, or dependency conflicts!
You can DOWNLOAD (and not actually install) the latest and
greatest automatically, though, with a crontab command such as
apt-get update && apt-get upgrade --download-only
This updates and downloads in /var/cache/apt/archives, but does
not install packages until requested manually.  Later, when
it's convenient, do the actual install, by hand:
apt-get upgrade
See "man apt-get" and "man crontab".

Also see http://newbieDoc.sourceForge.net/ ...


-- 
To UNSUBSCRIBE, email to [EMAIL PROTECTED] 
with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]

apt-get install = remove?

[Will Trillich]

thought this was weird:

# apt-get upgrade
Reading Package Lists... Done
Building Dependency Tree... Done
The following packages have been kept back
  webmin-core webmin-ssl
0 packages upgraded, 0 newly installed, 0 to remove and 2  not upgraded.

# apt-get install webmin-ssl
Reading Package Lists... Done
Building Dependency Tree... Done
The following packages will be REMOVED:
  webmin-bind8 webmin-core webmin-postgresql webmin-ssl webmin-status 
webmin-xinetd
0 packages upgraded, 0 newly installed, 6 to remove and 0  not upgraded.
Need to get 0B of archives. After unpacking 14.7MB will be freed.
Do you want to continue? [Y/n]

so, install = remove? hoo boy.

-- 
I use Debian/GNU Linux version 3.0;
Linux boss 2.4.18-bf2.4 #1 Son Apr 14 09:53:28 CEST 2002 i586 unknown
 
DEBIAN NEWBIE TIP #42 from Pietro Cagnoni <[EMAIL PROTECTED]>
and Kent <[EMAIL PROTECTED]>
:
Would you like to DISABLE CONTROL-ALT-DEL? Piece of cake.
Just comment the line out in /etc/inittab
# What to do when CTRL-ALT-DEL is pressed.
ca:12345:ctrlaltdel:/sbin/shutdown -t1 -a -r now
and then "kill -HUP 1" to have init re-read the file.

Also see http://newbieDoc.sourceForge.net/ ...


-- 
To UNSUBSCRIBE, email to [EMAIL PROTECTED] 
with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]

Re: automatically restarting dying daemons?

[Will Trillich]

On Thu, Jul 01 at 09:31PM +0100, Thomas Adam wrote:
> --- Will Trillich <[EMAIL PROTECTED]> wrote: 
> > for daemon-config-file-settings, i'm more comfortable
> > specifying the whole path. less chance of intervention or
> > misdirection based on $PATH mungings...
> 
> /etc/init.d is not in $PATH, and as such scripts are run as
> root anyway, invoke-rc.d is perfect still.

you probably already know this, being the expert du jour and
everything, but just in case: when a command specification
starts with a slash, it's an absolute reference, no
uncertainties about it; if it does NOT start with a slash, then
your environmental variable $PATH is called upon to supply
likely directories to scan, looking for an executable by the
name you specified. (if you have perl, say, in both
/usr/local/bin and /usr/bin you'll never see the one in
/usr/bin.)

the trouble, of course, is that script kiddies can find ways to
munge your $PATH; you might think you're asking for "ls" or
"more" in their standard /bin/* location, but in fact the
black-hats can prepend your $PATH with a directory of their own
making, which runs a fake "ls" or "more" which can do worse
things yet.

so in system scripts, it's good to

1) specify exact, full, absolute paths, and
2) set your own $PATH variable, and finally
3) specify exact, full, absolute paths anyhow.

using "invoke-rc.d" in a system/daemon script is as dangerous as
using "ls" or "more" -- without a full path. and invoking it
with a full path is better than calling /etc/init.d/* scripts
directly ... in what way?



> > is invoke-rc.d similar to the "service" function on other
> > distros? (sarge already has a "_service" for bash to
> > facilitate command-line word completion... and i understand
> > that the "service" function/script/alias is on its way.)
> 
> It's a little similar, yes.

a little? how little? is this invoke-rc.d something we
understand, or something we repeat?



[re: daemontools--]
> > 1) there seems to be no facility for checking for a
> > daemon process, only the ./run process (i.e. child
> > processes of supervise)
> 
> If that is the case, then the script (and overall design) is
> very broken, and I would avoid it.

i would, too. and since it does seem the case, i do.



> > unless i misunderstand, this seems to be a "run-and-monitor
> > home grown programs and scripts, do your system daemon
> > resurrection elsewhere"... no?
> 
> monit has already been suggested along with 'daemontools'.

and "daemontools" was actually the subject under discussion.
unless "monit" has something ingenious to offer, we'll be
staying with "restartd" for now.



-- 
I use Debian/GNU Linux version 3.0;
Linux boss 2.4.18-bf2.4 #1 Son Apr 14 09:53:28 CEST 2002 i586 unknown
 
DEBIAN NEWBIE TIP #87 from Joost Kooij <[EMAIL PROTECTED]>
:
Did you CHMOD -R / and destroy your permissions? Bad dog!
If you have access to a newly-installed Debian machine, run
this script there, and copy the resulting script to the box
with the bad permissions; run it, and all should be back to
normal:
find / -regex '/\(mnt\|proc\|tmp\)/.*' -prune -or \
-not -type l -not -type s \
-printf 'chown %u.%g %p\nchmod %m %p\n' \
> fixperms.sh

Also see http://newbieDoc.sourceForge.net/ ...


-- 
To UNSUBSCRIBE, email to [EMAIL PROTECTED] 
with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]

Re: restartd (resurrecting dead daemons)

[Will Trillich]

On Thu, Jul 01 at 09:34PM +0100, Thomas Adam wrote:
> --- Will Trillich <[EMAIL PROTECTED]> wrote: 
> 
> > shouldn't that use start-stop-daemon to do its work?
> 
> Quite possibly... but as long as it works... :)

sorta.

the output from the restart (or cancellation) scripts as set up
in /etc/restartd.conf... comes straight to the terminal! not
good. they should be funneled thru syslog or some such.

perhaps there's a wrapper to syslog-ify stdout and stderr?
anybody know? (even Tom?)

-- 
I use Debian/GNU Linux version 3.0;
Linux boss 2.4.18-bf2.4 #1 Son Apr 14 09:53:28 CEST 2002 i586 unknown
 
DEBIAN NEWBIE TIP #19 from Dave Sherohman <[EMAIL PROTECTED]>
and Will Trillich <[EMAIL PROTECTED]>
:
How do you determine WHICH NETWORK SERVICES ARE OPEN (active)?
Try "netstat -a | grep LISTEN". To see numeric values (instead
of the common names for services using a particular port) then
try "netstat -na" instead. For more info, look at "man netstat".
   Also try "lsof -i" as root. "man lsof" for details.

Also see http://newbieDoc.sourceForge.net/ ...


-- 
To UNSUBSCRIBE, email to [EMAIL PROTECTED] 
with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]

Re: tips on using "screen"?

[Will Trillich]

On Thu, Jul 01 at 06:00PM +0100, Thomas Adam wrote:
> --- Will Trillich <[EMAIL PROTECTED]> wrote: 
> > we'd love to hear more about your setup. ~/.bashrc aliases
> > or settings, any keyboard macros, ~/.screenrc coolness...
> > we're not picky.
> 
> There's a _plethora_ of information about this already --
> search the net.

an excess of blood in one organ? very helpful*.

originally, i thought i had asked Kai, thinking that he might
enjoy showing us (or at least me) what he's learned, sharing
tips and so forth, using this public forum for the process. i
could have meant Tom, it's hard to tell.

unfortunately, "screen" is an extremely generic term.

screen actors guild
flat-panel screen
silver screen
screen savers
screen capture
industrial screen filters

but keeping closer to home, i check the likely suspects:

gnu.org/software/screen is beyond terse (but has lots of
plethora).  savannah.gnu.org/projects/screen has source code
(no usage tips, though heavily plethoral). tldp.org responses
when searching for "screen" is  (but very plethoric).

just inquiring about usage tips from folks who use it -- note
that if you're too busy to be bothered with this mundane kind of
inquiry, then please don't be bothered. pretend i asked Kai,
instead. have a nice day.



*not (even using the intended definition "an excess")

-- 
I use Debian/GNU Linux version 3.0;
Linux boss 2.4.18-bf2.4 #1 Son Apr 14 09:53:28 CEST 2002 i586 unknown
 
DEBIAN NEWBIE TIP #124 from dman <[EMAIL PROTECTED]>
:
So you've decided to BLOCK ALL TRAFFIC EXCEPT SSH.  What you
need to do is specify the port to allow.  ssh uses port 22 by
default -- With iptables try:
iptables -A INPUT -p TCP --dport ssh -j ACCEPT
This says that in the input chain, for tcp packets, if the port
number matches ssh in /etc/services then accept the packet
regardless of IP addresses.  (This should give you a pointer
towards the necessary ipchains options if you don't have
iptables available.)

Also see http://newbieDoc.sourceForge.net/ ...


-- 
To UNSUBSCRIBE, email to [EMAIL PROTECTED] 
with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]

restartd (resurrecting dead daemons)

[Will Trillich]

On Thu, Jul 01 at 02:46PM -0500, Will Trillich wrote:
> On Wed, Jun 30 at 06:25PM -0400, Derrick 'dman' Hudson wrote:
> > restartd.
> 
> aha. not available for woody, but it's available for sarge...

> [hmm -- must look into the /etc/init.d/restartd script to make
> sure it's properly launched there hmm]


pooh. it isn't:

DAEMON=/usr/sbin/restartd
PARAMS=""
PID="/var/run/restartd.pid"

test -x $DAEMON || exit 0

case "$1" in
  start)
echo -n "Starting process checker: "
$DAEMON $PARAMS
echo "restartd."
;;

shouldn't that use start-stop-daemon to do its work?

-- 
I use Debian/GNU Linux version 3.0;
Linux boss 2.4.18-bf2.4 #1 Son Apr 14 09:53:28 CEST 2002 i586 unknown
 
DEBIAN NEWBIE TIP #57 from Steve Kowalik <[EMAIL PROTECTED]>
:
Wondering HOW TO SET YOUR TIME ZONE? Your system clock may be
showing UTC or GMT but you want it to display PDT or whatever.
Just run "tzconfig" as root. (You're sure to have it on your
debian system already -- it's provided in package "libc6".)

Also see http://newbieDoc.sourceForge.net/ ...


-- 
To UNSUBSCRIBE, email to [EMAIL PROTECTED] 
with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]

Re: automatically restarting dying daemons?

[Will Trillich]

On Wed, Jun 30 at 06:25PM -0400, Derrick 'dman' Hudson wrote:
> On Wed, Jun 30, 2004 at 04:34:06PM -0500, Will Trillich wrote:
> | problem: xinetd, after working just fine and dandy for weeks at
> | a time, gets dozens of "unexpected signal" (source unknown)
> | and gives up the ghost.
> | 
> | questions:
> | 1) what's the best way (e.g. debian way) to monitor active
> |daemons and restart them when necessary? maybe some
> |utility already exists for this? or /proc/something?
> |or `ps ax`?
> 
> restartd.

aha. not available for woody, but it's available for sarge...

the logging is odd (stdout, even with /etc/init.d/restartd
restart? is this thing finished?) but it does what we want it to
do.

# lsof | grep ^restartd
restartd  12689root  cwdDIR3,1 4096 15387 /etc/webmin
restartd  12689root  rtdDIR3,1 4096 2 /
restartd  12689root  txtREG3,6 9008 65286 
/usr/sbin/restartd
restartd  12689root  memREG3,190152 46147 /lib/ld-2.3.2.so
restartd  12689root  memREG3,1  1243856 46185 
/lib/libc-2.3.2.so
restartd  12689root0u   CHR  136,0  2 /dev/pts/0
restartd  12689root1u   CHR  136,0  2 /dev/pts/0
restartd  12689root2u   CHR  136,0  2 /dev/pts/0
restartd  12689root3u  unix 0xcb92b330 199392 socket

descriptors 0, 1, 2 are pts/0! for a daemon?



# lsof | grep pts/
bash   5179will0u   CHR  136,0  2 /dev/pts/0
bash   5179will1u   CHR  136,0  2 /dev/pts/0
bash   5179will2u   CHR  136,0  2 /dev/pts/0
bash   5179will  255u   CHR  136,0  2 /dev/pts/0
bash   5310root0u   CHR  136,0  2 /dev/pts/0
bash   5310root1u   CHR  136,0  2 /dev/pts/0
bash   5310root2u   CHR  136,0  2 /dev/pts/0
bash   5310root  255u   CHR  136,0  2 /dev/pts/0
restartd  12689root0u   CHR  136,0  2 /dev/pts/0
restartd  12689root1u   CHR  136,0  2 /dev/pts/0
restartd  12689root2u   CHR  136,0  2 /dev/pts/0
lsof  13050root0u   CHR  136,0  2 /dev/pts/0
lsof  13050root2u   CHR  136,0  2 /dev/pts/0
grep  13051root1u   CHR  136,0  2 /dev/pts/0
grep  13051root2u   CHR  136,0  2 /dev/pts/0

lsof and grep are running at my terminal; so is bash... but
restartd was launched as a daemon! eesh.

[hmm -- must look into the /etc/init.d/restartd script to make
sure it's properly launched there hmm]



plus, whatever it does restart (according to configs, of course)
winds up with file descriptors open to /var/run/restartd...

# lsof | grep run/restartd
spamd 12752root4w   REG3,5  382294355 /var/run/restartd
postmaste 12901postgres4w   REG3,5  382294355 /var/run/restartd
postmaste 12906postgres4w   REG3,5  382294355 /var/run/restartd
postmaste 12908postgres4w   REG3,5  382294355 /var/run/restartd
named 13013bind4w   REG3,5  382294355 /var/run/restartd
named 13014bind4w   REG3,5  382294355 /var/run/restartd
named 13015bind4w   REG3,5  382294355 /var/run/restartd
named 13016bind4w   REG3,5  382294355 /var/run/restartd
named 13017bind4w   REG3,5  382294355 /var/run/restartd

weird. but operational.



thanks for the pointer!

-- 
I use Debian/GNU Linux version 3.0;
Linux boss 2.4.18-bf2.4 #1 Son Apr 14 09:53:28 CEST 2002 i586 unknown
 
DEBIAN NEWBIE TIP #62 from Will Trillich <[EMAIL PROTECTED]>
:
Wouldn't it be nice to SEE YOUR TABS WHILE YOU EDIT? With Vim,
you can do this with
:set listchars=tab:+-,trail:$
:set list
and format them via ":highlight NonText ...". (See ":help listchars"
and ":help highlight" for more info.) Put them in your ~/.vimrc if
you decide you like that setup.

Also see http://newbieDoc.sourceForge.net/ ...


-- 
To UNSUBSCRIBE, email to [EMAIL PROTECTED] 
with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]

Re: automatically restarting dying daemons?

[Will Trillich]

On Thu, Jul 01 at 05:59PM +0100, Thomas Adam wrote:
> --- Will Trillich <[EMAIL PROTECTED]> wrote: 
> > #!/bin/bash
> > /etc/init.d/some-daemon-here restart
> 
> Better to use 'invoke-rc.d' here:
> 
> invoke-rc.d 

Re: Creating own installer images

[Will Trillich]

On Thu, Jul 01 at 06:41PM +0200, Robert Waldner wrote:
> I need to create special Debian installer images, as we have
> machines here with Promise PDC20378 S-ATA RAID controllers and
> need to install Woody on them. The driver for this controller
> was opensourced, but it's only available as a module, so no
> luck with just building it statically into the kernel.
> 
> I've googled around for (what felt like) ages, and the best I
> could find was
> .
> Following the instructions mentioned there I was able to get a
> custom-built kernel-image.deb and make a bootable Woody CD.
> 
> However, for the life of me, I can't figure out how to create
> a fitting initrd image where I can place ft3xx.o (for the
> S-ATA controller).  Advice on how to get the installer
> auto-load that (and scsi_mod, on which it depends) would come
> in handy, too.  Even better, the CD doesn't boot very far,
> because it can't find _any_ root.bin (I guess that's the name
> for the initrd image, since there's RAMDISK smeared all over
> the screen at this step). But as soon as I figure out how to
> create it I could always place it on a floppy.
> 
> Any advice/pointers greatly appreciated, since I think I
> tripled the amount of grey in my hair today ;)

and when you learn how to do this, be sure to report back,
because there are some more of us grey-bound folks out here...

:)

-- 
I use Debian/GNU Linux version 3.0;
Linux boss 2.4.18-bf2.4 #1 Son Apr 14 09:53:28 CEST 2002 i586 unknown
 
DEBIAN NEWBIE TIP #78 from USM Bish <[EMAIL PROTECTED]>
:
Do you want to track the ERROR MESSAGES WHEN STARTING "X"
(using startx) but the screen scrolls by too fast... and then
you're in the GUI, and can't see the messages any more!
startx 1> startx.log 2>&1
This will dump a bunch of text to the file 'startx.log'.
View this later at your convenience.

Also see http://newbieDoc.sourceForge.net/ ...


-- 
To UNSUBSCRIBE, email to [EMAIL PROTECTED] 
with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]

tips on using "screen"?

[Will Trillich]

On Thu, Jul 01 at 02:34PM +0200, Kai Grossjohann wrote:
> I've started using screen recently.  It's way cool.

same here. kahuna powerful for us command-line folks.

> The best part about screen is that you can set it up such that
> each xterm is just a new window showing the existing list of
> shells.  This means that if I decide I would like to see
> shells 3 and 4 concurrently, then I just open two xterms
> showing those two shells.  When I don't need to see the shells
> anymore, I close the xterms, but the shells are still there.

we'd love to hear more about your setup. ~/.bashrc aliases or
settings, any keyboard macros, ~/.screenrc coolness... we're not
picky.

inquiring minds want to know. :)

-- 
I use Debian/GNU Linux version 3.0;
Linux boss 2.4.18-bf2.4 #1 Son Apr 14 09:53:28 CEST 2002 i586 unknown
 
DEBIAN NEWBIE TIP #56 from Vineet Kumar <[EMAIL PROTECTED]>
:
Troubled by DOS-FORMAT OR MAC-FORMAT TEXT FILES? Here's another
way to deal with those troublesome ^M characters: a simple
tr -d '\015'  < dos.file  > reg.file
should do the trick.  While we're on the subject, a Mac file
can be converted with
tr '\015' '\012'  < mac.file  > reg.file
You can do all your CR/LF translations with tr as long as you
can remember that macs use CRs, *nices use LFs, and DOS uses
CR+LF.

Also see http://newbieDoc.sourceForge.net/ ...


-- 
To UNSUBSCRIBE, email to [EMAIL PROTECTED] 
with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]

Re: fast, tabbed, gnome/wm- compliant terminal

[Will Trillich]

On Thu, Jul 01 at 02:27PM +1000, Zenaan Harkness wrote:
> On Thu, 2004-07-01 at 14:20, Zenaan Harkness wrote:
> > It gets laggy. Inconsistently. When using vim inside
> > gnome-terminal.
> 
> For example, in the topmost line (again in vim, with
> gnome-terminal at 87x98 chars) it is really noticeable, and
> the CPU hits 100% just holding the cursor key down.
> 
> It really slows you down and is very frustrating after weeks
> of putting up with it.
> 
> It could just be a Debian unstable thing...

gives me the impression it's refreshing everything from
cursor-to-end-of-screen even tho most modern processors wouldn't
have much trouble even with that.

try the same tests with vim  at a console .
try the same tests with vim  in rxvt or xterm.
try the same tests with gvim in its own window.
try the same tests with mc   in gnome-terminal.

where's the pattern?

-- 
I use Debian/GNU Linux version 3.0;
Linux boss 2.4.18-bf2.4 #1 Son Apr 14 09:53:28 CEST 2002 i586 unknown
 
DEBIAN NEWBIE TIP #49 from Will Trillich <[EMAIL PROTECTED]>
:
Looking to ENCODE OR DECODE SOME ROT-13 TEXT? No problem.
"Vg'f rnfl jvgu Ivz." It's a simple alphabet substitution where
each letter changes to its counterpart 13 places away in the
alphabet (a<->n, g<->t, etc) . Open the text in Vim, then
select it (type "v" at one end of the text to encode/decode,
then move to the other end) and then type "g?".
  Or, to rot-13 a whole line, just "g??".  That's all!
(Try ":help g?" for more info.)

Also see http://newbieDoc.sourceForge.net/ ...


-- 
To UNSUBSCRIBE, email to [EMAIL PROTECTED] 
with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]

Re: automatically restarting dying daemons?

[Will Trillich]

On Thu, Jul 01 at 08:58AM +0800, John Summerfield wrote:
> Mark Ferlatte wrote:
> 
> >Will Trillich said on Wed, Jun 30, 2004 at 04:34:06PM -0500:
> >>questions:
> >>1) what's the best way (e.g. debian way) to monitor active
> >>   daemons and restart them when necessary? maybe some
> >>   utility already exists for this? or /proc/something?
> >>   or `ps ax`?
> >
> >monit can do this.
> 
> As can webmin.

webmin would be promising if we already had all that overhead
running. (plus i've seen it have problems -- for ecsample,
"apache-lib.pl" is missing in a few installations i've seen, and
it borks the html interface when a piece like that is absent.)

plus, the webmin code itself looks like it's right out of the
seventies. hoo boy!

-- 
I use Debian/GNU Linux version 3.0;
Linux boss 2.4.18-bf2.4 #1 Son Apr 14 09:53:28 CEST 2002 i586 unknown
 
DEBIAN NEWBIE TIP #69 from Will Trillich <[EMAIL PROTECTED]>
:
Preparing to UPGRADE POSTGRESQL? If you have a second machine on
your network that you can tinker with, do your upgrade there,
first: once tested, you can just have your current applications
link to the remote database through the network:
psql -h 192.168.2.17 myDB
or in perl,
$dbh = DBI->connect('dbi:Pg:dbname=myDB;host=192.168.2.17');
(You may need to tweak your 'host-based access' settings in
/etc/postgresql/pg_hba.conf, first.) Once you're satisfied that
all is well, upgrade your main server. No down time!
  See "man psql" and "man DBD::Pg" for details.

Also see http://newbieDoc.sourceForge.net/ ...


-- 
To UNSUBSCRIBE, email to [EMAIL PROTECTED] 
with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]

Re: automatically restarting dying daemons?

[Will Trillich]

On Wed, Jun 30 at 11:20PM -0500, Jacob S. wrote:
> On Wed, 30 Jun 2004 22:43:54 -0500
> Will Trillich <[EMAIL PROTECTED]> wrote:
> > at http://backports.org, i search for "restartd" and get
> > 
> > Sorry, no packages found.
> 
> At the risk of starting a flamewar about whether djb's tools
> are a good way to do things or not... :-)
> 
> Have you looked at daemontools? apt-cache show
> daemontools-installer, apt-cache show svtools. The sole
> purpose of daemontools is to make sure a program keeps running
> properly. I have successfully used it on occasion when I was
> working with a program that was known for crashing, but didn't
> consider the program important enough to make it run
> dependably. daemontools worked great.

the documentation is a bit terse at http://cr.yp.to/ -- can the
"run" script be

#!/bin/bash
/etc/init.d/some-daemon-here restart

which is effectively a "start-some-thing &" and quick return...

or does it need to be the non-returning call to the daemon
itself, so that the daemon is a child of the "supervise"
process? if so, ick.

-- 
I use Debian/GNU Linux version 3.0;
Linux boss 2.4.18-bf2.4 #1 Son Apr 14 09:53:28 CEST 2002 i586 unknown
 
DEBIAN NEWBIE TIP #44 from Will Trillich <[EMAIL PROTECTED]>
:
Ever think you're reading OUTDATED DOCUMENTATION? Check the
last-revised-date: if it's more than a few years ago, then
there's probably something more recent out there. It may
be under a whole different name, so it'll take perseverance
and determination on your part. Be alert -- you'll find it!

Also see http://newbieDoc.sourceForge.net/ ...


-- 
To UNSUBSCRIBE, email to [EMAIL PROTECTED] 
with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]

Re: automatically restarting dying daemons?

[Will Trillich]

On Thu, Jul 01 at 10:55AM -0400, Derrick 'dman' Hudson wrote:
> $ apt-cache policy restartd
> restartd:
>   Installed: 0.1.a-3
>   Candidate: 0.1.a-3
>   Version Table:
>  *** 0.1.a-3 0
> 990 http://http.us.debian.org sarge/main Packages
>  80 http://http.us.debian.org sid/main Packages
> 100 /var/lib/dpkg/status
> 
> Oh, sorry, it's not in woody.  I tend to forget those sort of things
> since I've been using a testing and unstable combination for a long
> time.

never knew about the "policy" thing before. cool! :)

we're about to instantiate a new server anyhow, and it'll be
running sarge, so this may be the way to go. thanks for the
pointers...

-- 
I use Debian/GNU Linux version 3.0;
Linux boss 2.4.18-bf2.4 #1 Son Apr 14 09:53:28 CEST 2002 i586 unknown
 
DEBIAN NEWBIE TIP #110 from Dimitri Maziuk <[EMAIL PROTECTED]>
:
Here's how to TUNNEL SECURE X11 CONNECTIONS THROUGH SSH: on the
client, do this:
local-client# export DISPLAY=:0.0
local-client# ssh -X server
then once you're logged in at the server, do:
remote-server# netscape &
The environment created at the server will include the DISPLAY
variable, so netscape (or whatever) will dialogue with the
client machine. (See "man ssh" for more.)

Also see http://newbieDoc.sourceForge.net/ ...


-- 
To UNSUBSCRIBE, email to [EMAIL PROTECTED] 
with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]

Re: automatically restarting dying daemons?

[Will Trillich]

On Wed, Jun 30 at 06:25PM -0400, Derrick 'dman' Hudson wrote:
> On Wed, Jun 30, 2004 at 04:34:06PM -0500, Will Trillich wrote:
> | problem: xinetd, after working just fine and dandy for weeks at
> | a time, gets dozens of "unexpected signal" (source unknown)
> | and gives up the ghost.
> | 
> | questions:
> | 1) what's the best way (e.g. debian way) to monitor active
> |daemons and restart them when necessary? maybe some
> |utility already exists for this? or /proc/something?
> |or `ps ax`?
> 
> restartd.

hmm. this sounds promising...

$ apt-cache search restart | sort
daemontools-installer - Installer package for building daemontools binary 
package
firestarter - gtk program for managing and observing your firewall.
freefont - Freeware font selection for X11
gentoo - A fully GUI configurable X file manager using GTK+
jesred - A redirector for Squid
oss-preserve - Program to save/restore OSS mixer settings
run - Watch programs and restart them if they die
scsiadd - Add or remove SCSI devices by rescanning the bus.
snmptrapfmt - A configurable snmp trap handler daemon for snmpd.
xpacman - Basic Pacman
zope-zshell - Zshell present a command line interface to zope

xpacman? not quite what i had in mind. wokka wokka. :)

$ apt-cache search restartd | sort

$ dpkg -S restart
debhelper: /usr/share/debhelper/autoscripts/postinst-init-norestart-invoke
debhelper: /usr/share/debhelper/autoscripts/prerm-init-norestart
debhelper: /usr/share/debhelper/autoscripts/prerm-init-norestart-invoke
debhelper: /usr/share/debhelper/autoscripts/postinst-init-norestart

$ dpkg -S restartd
dpkg: *restartd* not found.

at http://backports.org, i search for "restartd" and get

Sorry, no packages found.

:(

-- 
I use Debian/GNU Linux version 3.0;
Linux boss 2.4.18-bf2.4 #1 Son Apr 14 09:53:28 CEST 2002 i586 unknown
 
DEBIAN NEWBIE TIP #21 from Will Trillich <[EMAIL PROTECTED]>
:
Looking to configure your Debian NETWORK SETTINGS? Look at the
file /etc/network/interfaces (try "man interfaces" for more
info). Then "ifup -a" to reload your settings, and "ifconfig" to
display them. (Also check out "apt-get install ipmasq"!)

Also see http://newbieDoc.sourceForge.net/ ...


-- 
To UNSUBSCRIBE, email to [EMAIL PROTECTED] 
with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]

Re: automatically restarting dying daemons?

[Will Trillich]

On Wed, Jun 30 at 03:43PM -0700, Mark Ferlatte wrote:
> Will Trillich said on Wed, Jun 30, 2004 at 04:34:06PM -0500:
> > questions:
> > 1) what's the best way (e.g. debian way) to monitor active
> >daemons and restart them when necessary? maybe some
> >utility already exists for this? or /proc/something?
> >or `ps ax`?
> 
> monit can do this.

so let's go find "monit"...

# dpkg -l monit
No packages found matching monit.
# dpkg -S monit
imagemagick: /usr/share/doc/imagemagick/html/www/api/monitor.html
xlibs: /usr/X11R6/include/X11/bitmaps/monitor.xbm
xlibs: /usr/X11R6/include/X11/pixmaps/monitor.xpm
svgatextmode: /usr/share/doc/svgatextmode/monitor-timings.howto.gz


# apt-cache search monit | wc -l
226
# apt-cache search monit | grep monit | wc -l
 81
# apt-cache search monit | grep monit | sort | pager

aha! it's "mon"...

# apt-cache show mon
Package: mon
Priority: extra
Section: admin
Installed-Size: 800
Maintainer: Roderick Schertler <[EMAIL PROTECTED]>
Architecture: i386
Version: 0.99.2-2
Depends: perl, libmon-perl (>= 0.10), libtime-period-perl, libtime-hires-perl, 
libc6 (>= 2.2.3-7)
Suggests: fping, libauthen-pam-perl, libfilesys-diskspace-perl, libnet-perl, 
libnet-dns-perl, libnet-ldap-perl, libnet-telnet-perl, libsnmp-perl, 
libstatistics-descriptive-perl
Filename: pool/main/m/mon/mon_0.99.2-2_i386.deb
Size: 175370
MD5sum: c98fe7752c129eae0ef3edcd75747276
Description: monitor hosts/services/whatever and alert about problems
 "mon" is a tool for monitoring the availability of services.  Services
 may be network-related, environmental conditions, or anything that can
 be tested with software.  If a service is unavailable mon can tell you
 with syslog, email, your pager or a script of your choice.  You can
 control who gets each alert based on the time of day or day of week,
 and you can control how often an existing problem is re-alerted.
 .
 More information can be found at http://www.kernel.org/software/mon/.

so let's try it--

# apt-get install mon

# man mon
# man moncmd

nosing through the manpages for "mon" and "moncmd", it looks
like this will check (monitor) running daemons and send a flare
when things go bad. so far so good...

but what happens when the daemon that's to receive the flare
(i.e. email -- e.g. exim in this case) is dead? is there some
facility for "when daemon Q dies, run this script" that i
missed?

-- 
I use Debian/GNU Linux version 3.0;
Linux boss 2.4.18-bf2.4 #1 Son Apr 14 09:53:28 CEST 2002 i586 unknown
 
DEBIAN NEWBIE TIP #16 from Will Trillich <[EMAIL PROTECTED]>
:
Why are *.rpm (RED HAT PACKAGES) considered spawn of Satan?
Because the Debian package system is a lot more sophisticated
than the one Red Hat uses; lots more inter-dependency information
is built in to a *.deb package. If you bypass that with an *.rpm
file, you're taking chances with your system. Try to "apt-get
install " packages if possible. (Also check out the
"alien" package if you must.)

Also see http://newbieDoc.sourceForge.net/ ...


-- 
To UNSUBSCRIBE, email to [EMAIL PROTECTED] 
with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]

automatically restarting dying daemons?

[Will Trillich]

et 
./mail.info:Jun 30 13:39:26 boss -f[21968]: (null) at localhost (127.0.0.1): -ERR POP 
EOF or I/O Error [popper.c:820]
./mail.info:Jun 30 13:39:26 boss -f[21968]: I/O error flushing output to client  at 
localhost [127.0.0.1]: Operation not permitted (1) [pop_send.c:689]
./mail.info:Jun 30 13:39:26 boss -f[21968]: I/O error flushing output to client  at 
localhost [127.0.0.1]: Operation not permitted (1) [pop_send.c:689]
./mail.warn:Jun 30 13:39:25 boss spamd[21967]: SIGPIPE received - reopening log socket 
./debug:Jun 30 13:39:13 boss postgres[21954]: [1] DEBUG:  pq_recvbuf: recv() failed: 
Connection reset by peer
./debug:Jun 30 13:39:13 boss postgres[21954]: [2] DEBUG:  incomplete startup packet
./debug:Jun 30 13:39:25 boss postgres[21962]: [1] DEBUG:  pq_recvbuf: recv() failed: 
Connection reset by peer
./debug:Jun 30 13:39:25 boss postgres[21962]: [2] DEBUG:  incomplete startup packet


as you can see below, i'm using kernelt 2.4.18-bf2.4...

are there any likely suspects in there? are there any likely
suspects to be found elsewhere?


-- 
I use Debian/GNU Linux version 3.0;
Linux boss 2.4.18-bf2.4 #1 Son Apr 14 09:53:28 CEST 2002 i586 unknown
 
DEBIAN NEWBIE TIP #51 from Will Trillich <[EMAIL PROTECTED]>
:
Interested in CUSTOMIZING MUTT to work the way you'd like?
Visit Tom Gilbert's site at http://linuxbrit.co.uk/mutt/ and
download his .muttrc to your home directory (save it under a
different name if you're paranoid like I am, then tell mutt
":source file/path/here" to give it a whirl). Wow!

Also see http://newbieDoc.sourceForge.net/ ...


-- 
To UNSUBSCRIBE, email to [EMAIL PROTECTED] 
with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]

apache-perl: BRICOLAGE troubles

[Will Trillich]

wow, this is confusing!

On Tue, Jun 29 at 12:57PM -0500, Will Trillich wrote:
> without the two added httpd.conf directives, apache works like a
> champ (so apache-perl is working just fine). then we add these
> two lines, and...
> 
>   PerlSetEnv BRICOLAGE_ROOT /etc/bricolage
>   PerlModule Bric::App::ApacheConfig
> 
> so, we followed the debian-specific instructions at
> /usr/share/doc/bricolage of course, and we're not getting very
> far -- "syntax" error?
> 
> 
> # /etc/init.d/apache-perl restart
> Configuration syntax error detected. Not reloading.
> 
> Syntax error on line 1044 of /etc/apache-perl/httpd.conf:
> Unable to register field names: Can't locate object method "ACCESS" via package 
> "Bric::Util::Burner" at /usr/share/perl5/Bric.pm line 323,  line 1.

so to get past that monster, we added this snippet to httpd.conf:


{
package Bric::Util::Burner;
*ACCESS = *Bric::ACCESS;
}

PerlSetEnv BRICOLAGE_ROOT /etc/bricolage
PerlModule Bric::App::ApacheConfig

which solves the first issue (bandaid to be sure, but at least
we're moving forward)...



so now we get a new error:

Configuration syntax error detected. Not reloading.

Syntax error on line 1053 of /etc/apache-perl/httpd.conf:
Can't locate object method "new" via package "Bric::App::Cache" at 
/usr/share/perl5/Bric/App/Handler.pm line 135,  line 1.
Compilation failed in require at /usr/share/perl5/Bric/App/ApacheStartup.pm 
line 87,  line 1.
BEGIN failed--compilation aborted at 
/usr/share/perl5/Bric/App/ApacheStartup.pm line 87,  line 1.
Compilation failed in require at /usr/share/perl5/Bric/App/ApacheConfig.pm 
line 49,  line 1.
BEGIN failed--compilation aborted at /usr/share/perl5/Bric/App/ApacheConfig.pm 
line 49,  line 1.
Compilation failed in require at (eval 8) line 3,  line 1.

but when looking through /usr/share/perl5/Bric/App/Cache.pm
there is most definitely a "sub new { ... }" there. but
apache-perl isn't finding it? (the only "package" statement
before the "sub new{}" is at the top of the file, and as we
expect it's "package Bric::App::Cache;". ugh!)

the libs (@INC) are apparently set up to properly find files in
/usr/share/perl5 as you can see -- why is it having trouble
loading this? not much hair left to pull out...

anybody got some perl/bricolage pointers?

-- 
I use Debian/GNU Linux version 3.0;
Linux boss 2.4.18-bf2.4 #1 Son Apr 14 09:53:28 CEST 2002 i586 unknown
 
DEBIAN NEWBIE TIP #90 from Der.Hans <[EMAIL PROTECTED]>
and Joey Hess <[EMAIL PROTECTED]>
:
Wondering HOW TO GET CPAN MODULES FOR PERL?
man CPAN
Not too many manpages need capital letters. (It's a Perl module
that comes with Perl, or at least has since Potato or before.)
Then,
perl -MCPAN -e 'shell'
CAVEAT: if the Perl module is not packaged in *.deb Debian
format (and about 270 are), the next best thing is to use the
dh-make-perl, which can build debian packages on the fly out of
CPAN.

Also see http://newbieDoc.sourceForge.net/ ...


-- 
To UNSUBSCRIBE, email to [EMAIL PROTECTED] 
with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]

Re: interfaces lo:1 lo:2 lo:3? (for remote ssh tunnels)

[Will Trillich]

On Sat, Jun 26 at 08:33PM +0800, John Summerfield wrote:
> >>I don't understand why the server would be making the
> >>connexion request.  By definition, the client does that.
> >
> >it's not "by definition" -- it's "in the VAST majority of cases".
> >as in "very seldom, and it's surely suspicious behavior that
> >should be investigated by at least three government agencies at
> >the highest level, there will be a case for forwarding server
> >ports to the client, not that there's anything wrong with that."
> 
> I'll stick with "by definition." ftp in active does things a little 
> oddly: when the client requests a transfer, it sends the port command: I 
> don't know the full details,but some of the information it provides is 
> the IP address and port for ftpd to connect to to send the data. So far 
> as the protocol is concerned, the server makes a client connexion 
> request to the client program which in consequence becomes a server.

aha. i see your perspective -- you're calling quickmate a
server, even tho it's on the user's client-side machine. by that
arrangement, yes, it's the server.

but the tunnel is initiated locally, so we forward a remote port
to the local machine in order to accomplish our task. :)


> >aha! but, as you said:
> >
> > > You don't want loopback devices. The loopback device is
> > > for me to send messages to myself: the client and server
> > > are on the same box.
> >
> >"i'm talking to myself"! 127.0.0.1 is the loopback interface,
> >so you "don't want that"... :) unless you've got the port
> >forwarded elsewhere. right? yes? hmm?
> 
> My web browser is talking to a server on my loopback device,
> yes. What the server does is respond validly to HTTP requests.
> Whether it gets the date from local store (Apache with static
> html) or generates it (Apache with CGI or PHP and a database
> backend) or entirely from across a network (as Squid does) is
> irrelevant.
> 
> I'm not routing traffic from the loopback device, and that's
> what you were talking about.

ssh -L80:192.168.0.1:80 distant.server.there
lynx localhost:80

lynx thinks it's talking to its own selfsame machine, tho the
request gets beamed to 192.168.0.1 instead.

ssh -R10001:127.0.0.1:10001 distant.server.there
quickmate localhost:10001 &

quickmate thinks it's listening to locally-originating
connections, but it's gonna be getting them from the remote
end of the tunnel instead.

same thing, different direction.

THAT's what i'm talking about.

> >>You don't want loopback devices. The loopback device is for
> >>me to send messages to myself: the client and server are on
> >>the same box.

they APPEAR to be on the same box, thanks to the magic of
port-forwarding tunnels. whether it's -R (coming) or -L (going)
it's magic, either way.

> Clients do not listen and clients do not accept questions.
> That has caused most of our confusion.
> 
> A TCP client uses socket() and connect().  A TCP server uses
> socket(), bind(), listen() and accept().
> 
> See using C on the Unix system, O'Reilly & Assoc.

conceptually quickmate fills the definition of a client -- it
gives the user a menu to work with to converse with the remote
database server; operationally, it's serving requests to port
10001 like a server would.

and to get it to work we use a remote-to-local tunnel. works
like a dream!

-- 
I use Debian/GNU Linux version 3.0;
Linux boss 2.4.18-bf2.4 #1 Son Apr 14 09:53:28 CEST 2002 i586 unknown
 
DEBIAN NEWBIE TIP #83 from Kieren Diment <[EMAIL PROTECTED]>
and USM Bish <[EMAIL PROTECTED]>
:
GOT GIBBERISH?  And wondering what to do next, to clear the
mess? Clear your command-line buffer with control-C (in case
you'd entered something that might be harmful), and then enter
reset
which is a symlink to /usr/bin/tset which is a portion of
"ncurses-bin" package. ("apt-get install ncurses-bin")
Also see "man tset" for more info.

Also see http://newbieDoc.sourceForge.net/ ...


-- 
To UNSUBSCRIBE, email to [EMAIL PROTECTED] 
with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]

trouble getting BRICOLAGE off the ground

[Will Trillich]

we did "apt-get" to install it (it's not the most current, but
we just want to get it started) with sources.list thus:

# /etc/apt/soruces.list for bricolage
deb http://people.debian.org/~erich/bricolage /

without the two added httpd.conf directives, apache works like a
champ (so apache-perl is working just fine). then we add these
two lines, and...

PerlSetEnv BRICOLAGE_ROOT /etc/bricolage
PerlModule Bric::App::ApacheConfig

so, we followed the debian-specific instructions at
/usr/share/doc/bricolage of course, and we're not getting very
far -- "syntax" error?


# /etc/init.d/apache-perl restart
Configuration syntax error detected. Not reloading.

Syntax error on line 1044 of /etc/apache-perl/httpd.conf:
Unable to register field names: Can't locate object method "ACCESS" via package 
"Bric::Util::Burner" at /usr/share/perl5/Bric.pm line 323,  line 1.

[/usr/share/perl5/Bric.pm:327]
[/usr/share/perl5/Bric/Util/Burner/Mason.pm:95]
[/usr/share/perl5/Bric/Util/Burner/Mason.pm:111]
[/usr/share/perl5/Bric/Util/Burner/Mason.pm:111]
[/usr/share/perl5/Bric/Util/Burner/Mason.pm:111]
[/usr/share/perl5/Bric/Util/Burner/Mason.pm:111]
BEGIN failed--compilation aborted at /usr/share/perl5/Bric/Util/Burner/Mason.pm line 
111,  line 1.
Compilation failed in require at /usr/share/perl5/Bric/App/Handler.pm line 112,  
line 1.
BEGIN failed--compilation aborted at /usr/share/perl5/Bric/App/Handler.pm line 112, 
 line 1.
Compilation failed in require at /usr/share/perl5/Bric/App/ApacheStartup.pm line 87, 
 line 1.
BEGIN failed--compilation aborted at /usr/share/perl5/Bric/App/ApacheStartup.pm line 
87,  line 1.
Compilation failed in require at /usr/share/perl5/Bric/App/ApacheConfig.pm line 49, 
 line 1.
BEGIN failed--compilation aborted at /usr/share/perl5/Bric/App/ApacheConfig.pm line 
49,  line 1.
Compilation failed in require at (eval 5) line 3,  line 1.



the only place "ACCESS" appears in any of the Bric modules is
apparently in Bric.pm itself:

# locate /perl5/Bric | xargs grep ACCESS
/usr/share/perl5/Bric.pm:sub ACCESS {
/usr/share/perl5/Bric.pm:B: Defines a subroutine named C in 
the caller's
/usr/share/perl5/Bric.pm:# setup ACCESS sub for this package
/usr/share/perl5/Bric.pm:my %ACCESS = ( %{$parent->ACCESS()}, %$fields );
/usr/share/perl5/Bric.pm:*{"${pkg}::ACCESS"} = sub { \%ACCESS };
/usr/share/perl5/Bric.pm:$perm = $pkg->ACCESS()->{$field} || FIELD_INVALID;



is there something simple we're missing or do we need to massage
perl code to get this working? any ideas are welcome.


-- 
I use Debian/GNU Linux version 3.0;
Linux boss 2.4.18-bf2.4 #1 Son Apr 14 09:53:28 CEST 2002 i586 unknown
 
DEBIAN NEWBIE TIP #131 from Philipp <[EMAIL PROTECTED]>
:
So you want to RECOVER YOUR LINUX BOOT BLOCKS after
installing microfo~1 windows on a partition:
1) boot from the Debian CD
2) change from the installation screen
   to a console (ALT F2)
3) mount your root partition, for example:
   mount /dev/hda2 /mnt
   lilo is under /sbin/ which should be
   on your root partition
4) change your root partition: chroot /mnt
5) now you are on your old system, edit lilo.conf
   and add needed lines to boot windows.
6) execute lilo to reset your Master Boot Blocks: /sbin/lilo

Also see http://newbieDoc.sourceForge.net/ ...


-- 
To UNSUBSCRIBE, email to [EMAIL PROTECTED] 
with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]

Re: interfaces lo:1 lo:2 lo:3? (for remote ssh tunnels)

[Will Trillich]

On Fri, Jun 25 at 09:56PM +0800, John Summerfield wrote:
> Will Trillich wrote:
> >turns out the vast majority of these connections will be coming
> >from beyond a remote firewall (remote from where the server is
> >located on the 'net):
> 
> Cool. That's the problem tunneling (port forwarding) solves. So does 
> openvpn, but more generally: it can make two lans separeted by the 
> hostile Internet seem to be one.

vpn is a very clever use of resources, and an amazing boost in
convenience 1) once it's set up [much heavy lifting there
requiring much expertise when things aren't Just Quite Right]
and 2) even tho it provides lots more functionality [i.e.
security issues] than most folks usually need, and is certainly
the case here when we only need one tcp port to do the dirty
work and 3) are typically better suited for long-term lan-to-lan
connections than transient solitary-pc-to-lan connections.

> >the server can't open a port on the client machine, cuz it
> >can't get past the client firewall. the client CAN ssh past
> >the server virewall (that's how the latter is set up) to the
> >server itself and establish a remote-to-local forwarding
> >rule. if the server can be made to chat with a localhost
> >interface using a port to match the forwarding setup, it will
> >work -- for one user per loopback interface.
> >
> I don't understand why the server would be making the
> connexion request.  By definition, the client does that.

aha -- suddenly i become the teacher.

it's not "by definition" -- it's "in the VAST majority of cases".
as in "very seldom, and it's surely suspicious behavior that
should be investigated by at least three government agencies at
the highest level, there will be a case for forwarding server
ports to the client, not that there's anything wrong with that."

MOST traffic, by far, is initiated by a client that connects to a
server.  but sometimes there's an instance (quickmate from
janzabar in this case) where after the main connection is
established, the user activates a function on the server, and the
server initiates another connection to the client -- in this
instance to activate the quickmate menu.  quickmate opens the
local/client port, listening for instructions from the server;
when the server says (at the user's request) "do this menu" it
pops up and away we go.

in fact, until yesterday, i myself wondered when you would
possibly ever need a remote-to-local connection. voila! here's
one (perhaps the very single only one ever, in the entire history
of the universe, since the dawn of time, ever).

cases like this one is why the bright folks who came up with
port forwarding for ssh decided to not only have
locate-to-remote tunnels, but remote-to-local tunnels as well.

that is, not "-L" but "-R". see the ssh manpage.

even brighter, the ssh virtuosi also managed to allow for
specifying a HOST to beam the remote end to. in our case we
don't need another hop, but the option is there and it's an
awesome one to have available when it's needed. i never would
have been able to implement that kind of genius, but i'm glad
someone did.

smart folks, there. :)

> Here's what openvpn does:
> traceroute to 192.168.1.252 (192.168.1.252), 30 hops max, 38 byte packets
> 1  ns (192.168.9.4)  0.359 ms  0.226 ms  0.209 ms
> 2  gw (192.168.9.1)  0.413 ms 192.168.7.254 (192.168.7.254)  0.929 ms  
> 0.552 ms
> 3  192.168.1.252 (192.168.1.252)  1058.580 ms  1103.616 ms  1066.529 ms
> [EMAIL PROTECTED]:~$
> 
> The internet is between 2 & 3.  I can see all hosts on 1.x and
> other networks it can route to, and they can see me. Of
> course, I can  add rules to the firewalls, and I could use
> NAT.

vpn is way cool, no doubt. if we had one in this case, you're
right -- this would all be moot. and maybe someday in the
future, politics permitting, that will happen. i hope so.

for now, we ssh with tcp ports tunnelled all over creation. :)

> I'm running openvpn on gw at my end (my firewall, a Powermac running 
> Woody) and the  host at the other end is inside the firewall, a 
> commercial ADSL router.
> 
> Using ssh the way _I_ described. I can connect from my system at home to 
> hosts at work. In the specific example I gave, I could connect to the 
> webserver on  127.0.0.1.
> 
> With this command:
> ssh -L 8088:192.168.4.254:80 192.168.1.252
> if I open my browser on http://127.0.0.1:8088/ then ssh forwards the 
> connexion request to 1.252 and from there makes a connextion request to 
> port 80 on 192.168.4.254 which could be an ADSL router. The router would 
> see the request as coming from 1.252.

aha! but, as you said:

> You don't want loopback devi

Re: interfaces lo:1 lo:2 lo:3? SOLVED

[Will Trillich]

On Fri, Jun 25 at 07:43AM -0400, Hendrik Boom wrote:
> On Thu, Jun 24, 2004 at 10:18:39PM -0500, Will Trillich wrote:
> > 
> > can linux have multiple 127.0.0.1 interfaces? if so, how?
> 
> As far as I know, every IP number from 127.0.0.1 ro 127.255.255.255
> does a loopback.
> 
> -- hendrik

hmm. could it be?

$ ping 127.33.55.77
PING 127.33.55.77 (127.33.55.77): 56 data bytes
64 bytes from 127.33.55.77: icmp_seq=0 ttl=255 time=0.4 ms
64 bytes from 127.33.55.77: icmp_seq=1 ttl=255 time=0.2 ms

--- 127.33.55.77 ping statistics ---
2 packets transmitted, 2 packets received, 0% packet loss
round-trip min/avg/max = 0.2/0.3/0.4 ms

$ ping 127.0.0.19
PING 127.0.0.19 (127.0.0.19): 56 data bytes
64 bytes from 127.0.0.19: icmp_seq=0 ttl=255 time=0.3 ms
64 bytes from 127.0.0.19: icmp_seq=1 ttl=255 time=0.2 ms
64 bytes from 127.0.0.19: icmp_seq=2 ttl=255 time=0.2 ms

--- 127.0.0.19 ping statistics ---
3 packets transmitted, 3 packets received, 0% packet loss
round-trip min/avg/max = 0.2/0.2/0.3 ms


well, batten my hatches! much simpler than i thought...
many thanks for the pointer. (boy do i feel silly.)

-- 
I use Debian/GNU Linux version 3.0;
Linux boss 2.4.18-bf2.4 #1 Son Apr 14 09:53:28 CEST 2002 i586 unknown
 
DEBIAN NEWBIE TIP #94 from Joost Kooij <[EMAIL PROTECTED]>
:
How do you RESTORE THE DEFAULT PERMISSIONS back on the / tree?
If you have a clean host with very similar filesystem contents,
try this:
ssh [EMAIL PROTECTED] "find / -regex '/\(mnt\|proc\|tmp\)/.*' -prune -or \
  -not -type l -not -type s -printf '%04.4m %u %g %p\n' " \
| while read mode user group path
do 
  chown $user.$group $path 
  chmod $mode $path 
done 
Alternatively, create a huge script like this:
find / -regex '/\(mnt\|proc\|tmp\)/.*' -prune -or \
  -not -type l -not -type s -printf 'chown %u.%g %p\nchmod %m %p\n' \
  > fixperms.sh
And copy that to the broken machine and run "sh fixperms".
  It might not fix all files, unless the two hosts are nearly
equal, but enough to let you find the missing ones to fix by
hand.  Maybe /home/* will need special care.

Also see http://newbieDoc.sourceForge.net/ ...


-- 
To UNSUBSCRIBE, email to [EMAIL PROTECTED] 
with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]

Re: interfaces lo:1 lo:2 lo:3? (for remote ssh tunnels)

[Will Trillich]

On Fri, Jun 25 at 01:24PM +0800, John Summerfield wrote:
> Will Trillich wrote:
> >On Fri, Jun 25 at 11:46AM +0800, John Summerfield wrote:
> >>Will Trillich wrote:
> >>>can linux have multiple 127.0.0.1 interfaces? if so, how?
> 
> I'm not talking to myself, I'm talking to someone else. Therefore I 
> shouldn't use a local interface.

i think one of us doesn't understand the problem solved by
port-forwarding...?

turns out the vast majority of these connections will be coming
from beyond a remote firewall (remote from where the server is
located on the 'net):

client
192.168.9.9
|
192.168.0.1
client firewall
11.22.33.44
|
| internet
|
22.44.66.88
server's firewall
10.1.1.1
|
10.1.2.3
server

the server can't open a port on the client machine, cuz it can't
get past the client firewall. the client CAN ssh past the server
virewall (that's how the latter is set up) to the server itself
and establish a remote-to-local forwarding rule. if the server
can be made to chat with a localhost interface using a port to
match the forwarding setup, it will work -- for one user per
loopback interface.

> There's no objection to using eth0:${n}, and you can also use dummy:
> 
> How many do you want?
> for n in 1 2 3 4 5 6 7 8 9; do ifconfig dummy0:$n 192.168.19.${n};done

about those dummy interfaces... can they be made into loopback
devices? and if so, how?

-- 
I use Debian/GNU Linux version 3.0;
Linux boss 2.4.18-bf2.4 #1 Son Apr 14 09:53:28 CEST 2002 i586 unknown
 
DEBIAN NEWBIE TIP #35 from Joris Lambrecht <[EMAIL PROTECTED]>
:
Looking for some LINUX TUTORIALS? Check out this
book at sourceforge:
http://rute.sourceforge.net/node19.html

Also see http://newbieDoc.sourceForge.net/ ...


-- 
To UNSUBSCRIBE, email to [EMAIL PROTECTED] 
with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]

Re: interfaces lo:1 lo:2 lo:3? (for remote ssh tunnels)

[Will Trillich]

On Fri, Jun 25 at 11:46AM +0800, John Summerfield wrote:
> Will Trillich wrote:
> 
> >can linux have multiple 127.0.0.1 interfaces? if so, how?
> 
> I'm sure it can, but loc is for intra-host traffic - that is, I'm 
> talking to myself.

exactly what's needed. remote tunnelling port X to client (us)
port X. when a client connects from Out There Somewhere, the
server won't have access to the ports on the connecting client;
often it's behind a firewall, for example. so the way to work it
is to have the server talk to "localhost" (its own self) port
 which the ssh daemon forwards to the client machine, to
"localhost:". the reverse of the usual tunnelling.

> I think you're tunneling thw wrong way, you should be doing this:
> [EMAIL PROTECTED]:~$ ssh -L8080:127.0.0.1:80 192.168.1.252
> Linux mail 2.4.18-1-686 #1 Wed Apr 14 18:20:10 UTC 2004 i686 unknown

no, it's

ssh -R:127.0.0.1: server.address.here

that seizes a port on the remote side and forwards traffic to
the local side. but the second instance of the tunnel won't be
able to seize that port of that interface address. so we need
more interfaces, even if only virtual ones...

> then your client talks to port 8080 on localhost and actually connects 
> to port 80 on the remote host.

server needs to talk to a port on the client. it's reversed
(remote-to-local, instead of the usual local-to-remote).

> Note that on 192.168.1.252 the connexions come from localhost.
> This has implications for security (eg postgresql trusting
> anyone from localhost) but also can solve routing hosts: the
> printers, routers etc on 1.x in this example can't route to
> me.

so anybody know of caveats or methods in setting up virtual
loopback interfaces? and working with them?

auto lo
iface lo inet loopback

auto lo:1
iface lo:1 inet loopback

auto lo:2
iface lo:2 inet loopback

auto lo:3
iface lo:3 inet loopback

-- 
I use Debian/GNU Linux version 3.0;
Linux boss 2.4.18-bf2.4 #1 Son Apr 14 09:53:28 CEST 2002 i586 unknown
 
DEBIAN NEWBIE TIP #53 from Will Trillich <[EMAIL PROTECTED]>
:
Tired of MESSING WITH THREE APACHE CONFIG FILES? Put everything
into your /etc/apache/httpd.conf file, and add these two lines:
ResourceConfig /dev/null
AccessConfig /dev/null
Now it's all together. Of course, you can break it into smaller
pieces, too -- try:
Include /this/important/config/file.here

Also see http://newbieDoc.sourceForge.net/ ...


-- 
To UNSUBSCRIBE, email to [EMAIL PROTECTED] 
with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]

interfaces lo:1 lo:2 lo:3? (for remote ssh tunnels)

[Will Trillich]

can linux have multiple 127.0.0.1 interfaces? if so, how?


okay -- not sure how to word this, but here goes...

a friend of mine is working with a college to establish
remote-to-local ssh tunnels -- we've got an application that
runs on office computers that listens for a connection from the
server, so it can handle the menuing on campus. the
linux/database server says "here, run the menu" and the client
machine says "okie dokie".

we want the staff to be able to do this remotely, and tunnelling
tcp ports (remote-to-local) seems the way to go. works like a
champ, except--

only one process can seize the server's port  at a time.
pooh.

so one client connects, tunnels server port  to client's
"localhost:". fine and dandy.

then the next tries connecting, and when hooking up to the
server, the server's ssh daemon can't seize port  as it's
already locked down by the first user.

if there were a way to have more than one "localhost" interface,
it would be the way around this. what's needed to implement
something like that? (lo:1 lo:2 etc?)

-- 
I use Debian/GNU Linux version 3.0;
Linux boss 2.4.18-bf2.4 #1 Son Apr 14 09:53:28 CEST 2002 i586 unknown
 
DEBIAN NEWBIE TIP #125 from Colin Watson <[EMAIL PROTECTED]>
:
Ever wondered about confirming WHICH CPU, KERNEL OR DEBIAN
VERSION YOU HAVE?  It's easy:
cat /proc/cpuinfo
There's lots of other neat stuff under /proc, too.
(You guessed it -- "man proc" will tell you more.)
For kernel and Debian data, try
uname -a
cat /etc/debian_version

Also see http://newbieDoc.sourceForge.net/ ...


-- 
To UNSUBSCRIBE, email to [EMAIL PROTECTED] 
with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]

Re: need simple imap server to serve up some maildirs

[Will Trillich]

On Tue, Jun 22 at 12:26AM -0500, Will Trillich wrote:
> On Mon, Jun 21 at 03:31PM -0400, Bojan Baros wrote:
> > I have found courier-imap to be easy to set up and use.  I
> > am using squirrelmail as an imap client, with imapproxy
> > added into the mix to speed up things.
> 
> any chance you have the plugin "chg_sasl_passwd" working? it
> allows webmail users to change their sasl passwords via the
> web interface, in theory.

silly me -- when i tried using the right tool for the job (sudo)
it worked like a charm. still don't understand why the suid bit
(the 4 in 4550) didn't work, but sudo does the job nicely.

[thanks to John Summerfield for the idea which i should have
figured out on my own but didn't...]

-- 
I use Debian/GNU Linux version 3.0;
Linux boss 2.4.18-bf2.4 #1 Son Apr 14 09:53:28 CEST 2002 i586 unknown
 
DEBIAN NEWBIE TIP #61 from Hamma Scott <[EMAIL PROTECTED]>
:
Ever have troubles with EITHER X OR CONSOLE LOCKUP?  If your
session is hung you can usually type F2-F6 to get to
another login session.  This way, you can shut your machine
down properly, or kill whichever process is causing trouble
(use "ps axf" to see them all).

Also see http://newbieDoc.sourceForge.net/ ...


-- 
To UNSUBSCRIBE, email to [EMAIL PROTECTED] 
with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]

Re: "setuid(UID)" and "chmod 4550" misbehaving

[Will Trillich]

On Tue, Jun 22 at 08:41AM +0800, John Summerfield wrote:
> Will Trillich wrote:
> >TASK: allow USER1 to run a program AS USER2.
> >SOLUTION: setuid bit (in theory, right?)
> >PROBLEM:  theory not matching execution...
> >
> >we've got a little C program that must be RUN AS a certain user
> >(cyrus) BY another user (www-data) so we figured turning on the
> >SETUID bit would work:
> 
> Why would you not use sudo?

because the gears were not engaged, that's why.

works like a charm! many thanks for the nudge.

so, the problem is solved, but the setuid mystery remains...

-- 
I use Debian/GNU Linux version 3.0;
Linux boss 2.4.18-bf2.4 #1 Son Apr 14 09:53:28 CEST 2002 i586 unknown
 
DEBIAN NEWBIE TIP #48 from Will Trillich <[EMAIL PROTECTED]>
:
To peruse your CURRENT VIM SETTINGS (there's LOTS of them)
from within Vim, simply do
:options
You can change them there, on-the-fly, as well. Type
"ctrl-W ctrl-W" to switch "panes" or "ctrl-W q" to close one.
Try ":help" to learn more.

Also see http://newbieDoc.sourceForge.net/ ...


-- 
To UNSUBSCRIBE, email to [EMAIL PROTECTED] 
with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]

Re: "setuid(UID)" and "chmod 4550" misbehaving

[Will Trillich]

On Tue, Jun 22 at 12:55PM +0800, John Summerfield wrote:
> Will Trillich wrote:
> >On Tue, Jun 22 at 08:41AM +0800, John Summerfield wrote:
> >>Why would you not use sudo?
> >
> >you mean, have apache use sudo to change a user's email (sasl)
> >password? the purpose of this gizmo is to have the web server
> >set up to allow users to change their own passwords via a web
> >interface.
> >
> Why not? It's _exactly_ what you're trying to do with the
> setuid program. Eiher way you must authenticate the user, then
> run "some program" to make the update. Sudo is already there,
> and works. Your C program isn't yet debugged.

the c program was downloaded as a plugin from squirrelmail.org
and i presume SOMEONE somewhere got it to work. i've modified it
since, trying to find the speed bump...

> From a security stand-point I don't see the difference.

well, it's something to try. won't solve the mystery as such, but
it might solve the original problem. never thought of using sudo
from apache. :)

good idea. thanks!

-- 
I use Debian/GNU Linux version 3.0;
Linux boss 2.4.18-bf2.4 #1 Son Apr 14 09:53:28 CEST 2002 i586 unknown
 
DEBIAN NEWBIE TIP #31 from Will Trillich <[EMAIL PROTECTED]>
:
Ever wonder why Debian STABLE SEEMS OUT-OF-DATE? It's because
it's STABLE! When enough testing shows a release to be worthy
of the "stable" name, it's frozen -- nothing new can be added
to it. Gizmo 57.3 might come out the next day, but it won't
show up in the stable release. If you want to be on the
bleeding edge, try "testing" or "unstable". If you want solid
dependability, stick with "stable" and use tried-and-true
packages instead of the newfangled ones that might break.

Also see http://newbieDoc.sourceForge.net/ ...


-- 
To UNSUBSCRIBE, email to [EMAIL PROTECTED] 
with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]

Re: need simple imap server to serve up some maildirs

[Will Trillich]

On Mon, Jun 21 at 03:31PM -0400, Bojan Baros wrote:
> I have found courier-imap to be easy to set up and use.  I am
> using squirrelmail as an imap client, with imapproxy added
> into the mix to speed up things.

any chance you have the plugin "chg_sasl_passwd" working? it
allows webmail users to change their sasl passwords via the web
interface, in theory.

except mine isn't running with the right permissions -- despite
the 4550 permissions to setuid to cyrus... any clues?

-- 
I use Debian/GNU Linux version 3.0;
Linux boss 2.4.18-bf2.4 #1 Son Apr 14 09:53:28 CEST 2002 i586 unknown
 
DEBIAN NEWBIE TIP #78 from USM Bish <[EMAIL PROTECTED]>
:
Do you want to track the ERROR MESSAGES WHEN STARTING "X"
(using startx) but the screen scrolls by too fast... and then
you're in the GUI, and can't see the messages any more!
startx 1> startx.log 2>&1
This will dump a bunch of text to the file 'startx.log'.
View this later at your convenience.

Also see http://newbieDoc.sourceForge.net/ ...


-- 
To UNSUBSCRIBE, email to [EMAIL PROTECTED] 
with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]

startled by what SCREEN can do [was Re: 3 gigs enough?]

[Will Trillich]

On Tue, Jun 22 at 08:51AM +0800, John Summerfield wrote:
> screen is good too. Here's what you need to get started;
> screen
> ^ac   create another virtual terminal
> ^a[0-9]  switch to  terminal [0-9]
> ^d   detach
> screen -r   # reconnect
> screen -ls # list terminal sessions (copies of termina)
> 
> With screen you can get by without a GUI at all. Unless you
> really _must_ have one.

oh MY GGODD!

screen is truly magic. wonder why i never tried it before?

start with

$ screen

see the license, start hammering away at whatever you hammer
away at. create, edit, delete, munge, craft, invent, devise...
get interrupted, forget your session, leave for the day.

at home, log in remotely and

$ screen -r
There is a screen on:
4552.pts-0.boss (Attached)
There is no screen to be resumed.
$ screen -d
[4552.pts-0.boss detached.]

$ screen -r

and there you are, right where you left off! reading email in
mutt, editing via vim, playing adventure, compiling the source
code from hell, filtering spam, whatever...

yow, that's paaarful stuff!

[now, if i can figure out why my delete key is borked, i'll be
blissful...]

-- 
I use Debian/GNU Linux version 3.0;
Linux boss 2.4.18-bf2.4 #1 Son Apr 14 09:53:28 CEST 2002 i586 unknown
 
DEBIAN NEWBIE TIP #5 from Will Trillich <[EMAIL PROTECTED]>
:
What's a "MANPAGE"? It's the documentation you get when you enter
"man " such as "man sources.list" or "man interfaces"
or "man bash".

Also see http://newbieDoc.sourceForge.net/ ...


-- 
To UNSUBSCRIBE, email to [EMAIL PROTECTED] 
with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]

Re: querying install times on packages

[Will Trillich]

On Mon, Jun 21 at 12:09PM -0500, Rob Benton wrote:
> Recently I ran into a problem on my machine at home.  I had
> made an update of several packages and something went wrong.
> What I need is a way to query all installed packages by their
> install date.  I couldn't find any existing tools like
> dselect, synaptic, or aptitude that would let me do this.  The
> only thing I can think of is writing a perl script using the
> output of `dpkg -s` on every installed package.  This would
> take a long time for sure.  I didn't see any packages or docs
> on functions used inside dpkg.  Is there another way to do
> this b/c I don't want to re-invent the wheel.

hmm.

$ dpkg -s apache-perl
Package: apache-perl
Status: install ok installed
Priority: extra
Section: web
Installed-Size: 584
Maintainer: Daniel Jacobowitz <[EMAIL PROTECTED]>
Version: 1.3.26-1-1.26-0woody2
Provides: httpd
Depends: libc6 (>= 2.2.4-4), libdb2 (>= 2:2.7.7.0-7), libperl5.6 (>= 5.6.1-7), 
mime-support, apache-common (>= 1.3.26), apache-common (<< 1.3.27), libapache-mod-perl 
(>= 1.26), libapache-mod-perl (<< 1.27), debconf, dpkg (>> 1.9.0)
Recommends: apache
Conffiles:
 /etc/init.d/apache-perl b3b9823d1e0348bfa7a91d0a5c18af65
 /etc/cron.daily/apache-perl 2486e8768557a71272a07a4df1461775
 /etc/apache-perl/cron.conf 2a02b56717b0f3a3d3566344d8c37b48
Description: Versatile, high-performance HTTP server with
 

i see installed-size, status: installed... but no
installed-time...

if there were one, hobbling a perl script to parse it would be
reasonably trivial (except for parsing date strings, and there's
libraries to help with that).

-- 
I use Debian/GNU Linux version 3.0;
Linux boss 2.4.18-bf2.4 #1 Son Apr 14 09:53:28 CEST 2002 i586 unknown
 
DEBIAN NEWBIE TIP #103 from Dave Sherohman <[EMAIL PROTECTED]>
:
Trying to CREATE A CRONTAB FOR THE LAST DAY OF THE MONTH?  Best
to put all the logic within the crontab itself (a Good Thing,
since you then only have to look in one place to find it):
1 0 28-31 * * [ "$(date +%d -d +1day)" -eq "1" ] && /path/to/script args

Also see http://newbieDoc.sourceForge.net/ ...


-- 
To UNSUBSCRIBE, email to [EMAIL PROTECTED] 
with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]

Re: "setuid(UID)" and "chmod 4550" misbehaving

[Will Trillich]

On Mon, Jun 21 at 06:01PM -0700, Sean O'Dell wrote:
> On Monday 21 June 2004 09:23, Will Trillich wrote:
> > TASK: allow USER1 to run a program AS USER2.
> > SOLUTION: setuid bit (in theory, right?)
> > PROBLEM:  theory not matching execution...
> 
> Sounds obvious, but make sure user www-data is in the list of
> users in the /etc/group file for group www-data.  Setting it
> only as the group of the user in /etc/passwd might not be good
> enough.

it's usually the overlooked obvious stuff that gets me.

from my original epistle:


# groups www-data
www-data : www-data

so it's definitely runnable by apache (being user www-data),
which should execute this SUID as cyrus. right? let's make sure
the program does what we're expecting, as user cyrus:


and just for spite --

$ grep www-data /etc/group
www-data:x:33:will

whoa! group www-data doesn't list user www-data, but it shows up
via command "groups"? whassup with that?

just to be certain, i added it anyhow:

$ grep www-data /etc/group
www-data:x:33:will,www-data

but it STILL will not run the setuid program properly:

# su www-data
sh-2.05b$ ./chgsaslpasswd -p cyrus
__ ./chgsaslpasswd: setuid(103): YAY!passwordHere
chgsaslpasswd: generic failure
sh-2.05b$ exit
# 

even tho file status is -r-sr-x---  1 cyrus  www-data
(runnable by-and-as user cyrus and runnable by anyone in group
www-data, including me and apache, in theory setuid-ing to user
cyrus...  NOT)



incidental/tangential question:

if the SUID bit in the executable file permissions isn't doing
the trick, is there any reason to try "setuid()" in the C code
itself? i tried it without the function call, and there appeared
to be no difference (i think)...

-- 
I use Debian/GNU Linux version 3.0;
Linux boss 2.4.18-bf2.4 #1 Son Apr 14 09:53:28 CEST 2002 i586 unknown
 
DEBIAN NEWBIE TIP #54 from Will Trillich <[EMAIL PROTECTED]>
:
Tired of SLOW BROWSING THROUGH THE ONLINE APACHE MANUAL? Get
your own local copy and never worry about bandwidth again:
apt-get install apache-doc
Then browse /usr/share/doc/apache/manual.html, quick like a
bunny.

Also see http://newbieDoc.sourceForge.net/ ...


-- 
To UNSUBSCRIBE, email to [EMAIL PROTECTED] 
with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]

Re: "setuid(UID)" and "chmod 4550" misbehaving

[Will Trillich]

On Tue, Jun 22 at 08:41AM +0800, John Summerfield wrote:
> Will Trillich wrote:
> 
> >TASK: allow USER1 to run a program AS USER2.
> >SOLUTION: setuid bit (in theory, right?)
> >PROBLEM:  theory not matching execution...
> >
> >we've got a little C program that must be RUN AS a certain user
> >(cyrus) BY another user (www-data) so we figured turning on the
> >SETUID bit would work:

> Why would you not use sudo?

you mean, have apache use sudo to change a user's email (sasl)
password? the purpose of this gizmo is to have the web server
set up to allow users to change their own passwords via a web
interface.

but it's not working -- not from apache, and not from the
command line. the "setuid" function is being ignored for some
reason. any ideas?

-- 
I use Debian/GNU Linux version 3.0;
Linux boss 2.4.18-bf2.4 #1 Son Apr 14 09:53:28 CEST 2002 i586 unknown
 
DEBIAN NEWBIE TIP #84 from USM Bish <[EMAIL PROTECTED]>
:
Wondering if you could change the bindings of CTRL+ALT+DEL, so
that it did a shutdown instead of a reboot? Sure! As root,
edit /etc/inittab. The line to edit looks like this:
ca:12345:ctrlaltdel:/sbin/shutdown -t1 -a -r now
Just change "-r" to "-h".

Also see http://newbieDoc.sourceForge.net/ ...


-- 
To UNSUBSCRIBE, email to [EMAIL PROTECTED] 
with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]

"setuid(UID)" and "chmod 4550" misbehaving

[Will Trillich]

TASK: allow USER1 to run a program AS USER2.
SOLUTION: setuid bit (in theory, right?)
PROBLEM:  theory not matching execution...

we've got a little C program that must be RUN AS a certain user
(cyrus) BY another user (www-data) so we figured turning on the
SETUID bit would work:

# cd /usr/share/squirrelmail/plugins/chg_sasl_passwd
# gcc -o chgsaslpasswd chgsaslpasswd.c
# chown cyrus.www-data chgsaslpasswd
# chmod 4550 chgsaslpasswd

now, to double-check:

# ls -F chgsaslpasswd
-r-sr-x---  1 cyrus  www-data  12346 Jun 17 18:51 chgsaslpasswd*

so, any user in group www-data should be able to execute this and
thereby BECOME user cyrus for the duration of the run, right?

# groups www-data
www-data : www-data

so it's definitely runnable by apache (being user www-data),
which should execute this SUID as cyrus. right? let's make sure
the program does what we're expecting, as user cyrus:

# su cyrus
$ ./chgsaslpasswd -p cyrus
__ ./chgsaslpasswd: setuid(103): YAY!newPasswordHere
$ exit

works like a dream; the password has been changed (which we
confirm by trying cyradm for user cyrus). at any rate, we now
try the same thing as user www-data:

# su www-data
$ ./chgsaslpasswd -p cyrus
__ ./chgsaslpasswd: setuid(103): YAY!tryAnotherPassword
chgsaslpasswd: generic failure
$ exit

generic failure?

this doesn't even work when run as root! is there something we're
missing in the SUID bit? why doesn't this SUID to cyrus?

we also checked the SUID properties specified for MOUNT, in case
the partition spec was interfering:

# mount
/dev/sda1 on / type ext3 (rw)
proc on /proc type proc (rw)
devpts on /dev/pts type devpts (rw,gid=5,mode=620)
tmpfs on /dev/shm type tmpfs (rw)
/dev/sda2 on /tmp type ext3 (rw)
/dev/sda8 on /usr type ext3 (rw)
/dev/sda6 on /var type ext3 (rw)
/dev/sda5 on /var/log type ext3 (rw)
/dev/sda7 on /home type ext3 (rw)
usbfs on /proc/bus/usb type usbfs (rw)

# cat /etc/fstab
/dev/sda1/   ext3defaults0   1
/dev/sda3noneswapsw  0   0
/dev/sda2/tmpext3defaults0   1
/dev/sda8/usrext3defaults0   1
/dev/sda6/varext3defaults0   1
/dev/sda5/var/log ext3   defaults0   1
/dev/sda7/home   ext3defaults0   1
proc   /proc procdefaults0   0
/dev/fd0   /mnt/auto/floppy auto defaults,user,noauto,showexec,umask=022  0  0
/dev/cdrom /mnt/auto/cdrom  auto defaults,ro,user,noexec,noauto 0  0

didn't find any "nosuid" anywhere. aaugh!


so, then, what's interfering with the SUID bit? (we're betting on
"lack of knowledge"...)


here's the itty-bitty C program--

  LISTING

  #include 
  #include 

  // set the UID this script will run as (cyrus user)
  #define UID 103
  // set the path to saslpasswd2
  #define CMD "/usr/sbin/saslpasswd2"

  main(int argc, char *argv[])
  {
int rc,suid;

// is this "setuid" even useful? for non-root users?
if ( 0 == (suid = setuid(UID)) ) {

  // WE GET HERE
  fprintf(stderr,"__ %s: setuid(%d): YAY!",argv[0],UID);

  // do the deed:
  if ( 0 == (rc = execvp(CMD, argv)) ) {
// only works for user cyrus -- no setuid taking place!
// NEVER GETS HERE (execvp replaces current process)
//fprintf(stderr,"__ %s: execvp(%s...): YAY!",argv[0],CMD);
  } else {
// NEVER GETS HERE
fprintf(stderr,"__ %s: can't execvp(%s...): error %d",argv[0],CMD,rc);
  }

} else {
  // NEVER GETS HERE EITHER
  fprintf(stderr,"__ %s: can't setuid(%d): error %d",argv[0],UID,suid);
}

  }

  <<<
:
Looking to CUSTOMIZE THE COLORS USED BY LS?  I find it's easier
to run "dircolors -p >~/.dircolors" and then add "eval
`dircolors -b ~/.dircolors`" to my .bashrc and then make all
changes to ~/.dircolors (instead of the system-wide
/etc/DIR_COLORS).  Probably more pertinent on a multi user
system, but good policy nevertheless.

Also see http://newbieDoc.sourceForge.net/ ...


-- 
To UNSUBSCRIBE, email to [EMAIL PROTECTED] 
with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]