Re: Number of kernels in /boot Fedora vs. Ubuntu
Hi, On Fri, December 31, 2010 12:35 pm, Jerry Feldman wrote: > I've mentioned this before. With Fedora 14 and previously with SuSE, > whenever I get a kernel update, the older kernel packages are > automatically removed so only the 3 most recent kernels (and modules) > are installed. Actually, while only 3 kernels are installed on my system > (I also have 3 old module directories from F13 with no content). > > However on Ubuntu, (10.10) I actually have 5 kernels installed. > > While this does not really cause any problems except possibly on an > upgrade, I was wondering if there is a parameter somewhere that > specifies the number of previous kernels. Certainly one can manage this > through yum (Fedora) and dpkg (Ubuntu). On fedora, /etc/sysconfig/kernel > tells the system that the latest kernel should be the default. The > Fedora and Suse strategy to keep the previous 2 kernels seems to be a > reasonable strategy. Does Ubuntu (Debian) just have a different strategy > with a different number of prior kernels, or do they just keep adding on > when there is a new kernel update. On Fedora /etc/yum.conf has the following setting: installonly_limit=3 This is where the '3' comes from. -derek > -- > Jerry Feldman > Boston Linux and Unix > PGP key id: 537C5846 > PGP Key fingerprint: 3D1B 8377 A3C0 A5F2 ECBB CA3B 4607 4319 537C 5846 > > > ___ > Discuss mailing list > Discuss@blu.org > http://lists.blu.org/mailman/listinfo/discuss > ___ Discuss mailing list Discuss@blu.org http://lists.blu.org/mailman/listinfo/discuss
Re: VMWare server question staring a VM from the Host OS (Linux) command line
Jerry Feldman writes: > On 01/19/2011 02:26 PM, Jim Gasek wrote: >> What do u mean "The server GUI"? The console on the actual >> server itself? The GUI front end from the actual VM server >> is very limited. I don't believe you can "break out" >> into a "shell". If your server screen "goes dark" (?), the >> usual way that you connect to everything is vsphere client, >> and all the powerful stuff happens from the client >> sending messages to the server. The server isn't >> meant to be a console. The console is from elsewhere >> over the network. > We are using VMWare server for the time being. The system we will be > getting is a vsphere system. What I am talking about is the web > interface client: > https://:8333/ui/ > For some reason it does not connect to the running vmware server on > . This seems to be related to MSIE and certificates, not > specifically VMWare. Yesterday I had a need to power on a VM, but I was There is certainly a known issue with Firefox 3.6 (3.5 works). I'm surprised that MSIE has issues. Maybe you just need to get MSIE to accept the self-signed certificate? > not able to connect to the UI, but I did not want to have to restart > vmware on the host. I was eventually able to get it up so I could power > on the VM. All the VMs are configured so I can easily log in via ssh > when it is running, so the issue is strictly how can I "power on" a VM > from the Linux command line on . I saw reference to vmware-cmd, > but that is not installed. -derek -- Derek Atkins, SB '93 MIT EE, SM '95 MIT Media Laboratory Member, MIT Student Information Processing Board (SIPB) URL: http://web.mit.edu/warlord/PP-ASEL-IA N1NWH warl...@mit.eduPGP key available ___ Discuss mailing list Discuss@blu.org http://lists.blu.org/mailman/listinfo/discuss
Re: Looking for advice on where to find software engineers.
Tom Martinson writes: > Basically the software is a resource management software specifically > for Cable companies. It is used to gather information about a number of > different things, and then present a number of things. The software is > based on IPDR so there is no DPI (Some of us, like myself have strong > feelings about DPI) PCMM is used to control and adjustments (up or > down) that needs to happen in the network. What does "Dots Per Inch" have to do with "Internet Protocol Domain Routing"? > Some of the Key areas are > > PCMM > IPDR > DOCSIS > Postgres > RHEL/CentOS 5.x > Buis > > > Does this help? Job Location? Background requirements? Contract? Perm? > Tom -derek -- Derek Atkins, SB '93 MIT EE, SM '95 MIT Media Laboratory Member, MIT Student Information Processing Board (SIPB) URL: http://web.mit.edu/warlord/PP-ASEL-IA N1NWH warl...@mit.eduPGP key available ___ Discuss mailing list Discuss@blu.org http://lists.blu.org/mailman/listinfo/discuss
Re: laptops
"Englander, Irvin" writes: > Personally, I have had (and heard) bad recent personal experiences with both > Dell (variable hardware, chosen for lowest cost and differing from machine to > machine) and HP (lots of problems getting Linux/Fedora, to be specific, > working properly.) The latter has been a particular headache, because I teach > Linux to a class of undergrads and every class has had minor nightmares > getting past install freeze failures, and getting everything working > properly. (Lots of Google searches for workarounds and patches.) So far we've > always succeeded but it's been time consuming and annoying. > > My best luck in recent years has been with Acer machines. I have three of > different types, and all have been reliable. All have run Linux distribs with > a minimum of headaches. As for the keyboards, however, I tend towards > wireless Logitechs, since they're put together better than the keyboards on > the Acer machines, with the exception of the 11" Aspire. But that one takes > getting used to. I haven't tested the Logitech on the Linux side of two of > the machines because their keyboards were adequate for my needs. > > Two of my Acers came from J & R in New York; the profit margin is low, so > Microcenter and Best Buy don't carry them most of the time, although they had > my 11" Aspire for awhile--haven't checked lately. > > Hope this helps a bit. I still live by Thinkpads. Even though they are no longer owned by IBM and are instead made by Lenovo, I still think they are some of the best hardware out there. I live on my laptop; it's my primary work machine; I rarely have issues. In general the only hardware replacements I need regularly is adding more disk space. -derek -- Derek Atkins, SB '93 MIT EE, SM '95 MIT Media Laboratory Member, MIT Student Information Processing Board (SIPB) URL: http://web.mit.edu/warlord/PP-ASEL-IA N1NWH warl...@mit.eduPGP key available ___ Discuss mailing list Discuss@blu.org http://lists.blu.org/mailman/listinfo/discuss
Re: CalDAV servers
Hi, David Kramer writes: > I would like to install a CalDAV server on my Ubuntu server, so my wife > and I can have a shared calendar on our iPhones, and > > http://caldav.calconnect.org/implementations/servers.html > http://en.wikipedia.org/wiki/CalDAV#Implementations > > There are a lot of choices, so I was wondering if anyone had experience > with any of them. > > - It would be really nice if it also provided a web interface to the > events, too, but that's not a hard requirement > > - Some of these are whole groupware solutions. That would be cool too, > as long as I can continue to use postfix for IMAP > > - I prefer MySQL to Postgres, but I'm willing to install Postgres. > > > So far, http://www.davical.org/ seems to be a good choice for its > simplicity. > > http://www.bedework.org/bedework/ seems like a good choice for a larger > solution with web interface. While it might be a little bigger than you're looking for, I run Zarafa. It's included in the Fedora distribution, contains a Web Interface, and can also connect to my Phone via Exchange ActiveSync. I only use it for Contacts and Calendar. I don't even have email configured. My wife and I share a calendar this way; she uses it via iCal on her Mac, and we both share it on our phones as well using the Zarafa ical interface and and CalendarSync on our Android phones. I haven't tried connecting SunBird. Apparently they are also working on a CardDAV server, but I haven't seen it yet. > Thanks. -derek -- Derek Atkins, SB '93 MIT EE, SM '95 MIT Media Laboratory Member, MIT Student Information Processing Board (SIPB) URL: http://web.mit.edu/warlord/PP-ASEL-IA N1NWH warl...@mit.eduPGP key available ___ Discuss mailing list Discuss@blu.org http://lists.blu.org/mailman/listinfo/discuss
Re: CalDAV servers
David Kramer writes: > On 04/11/2011 08:41 AM, Derek Atkins wrote: >> While it might be a little bigger than you're looking for, I run Zarafa. >> It's included in the Fedora distribution, contains a Web Interface, and >> can also connect to my Phone via Exchange ActiveSync. I only use it for >> Contacts and Calendar. I don't even have email configured. >> >> My wife and I share a calendar this way; she uses it via iCal on her >> Mac, and we both share it on our phones as well using the Zarafa ical >> interface and and CalendarSync on our Android phones. >> >> I haven't tried connecting SunBird. >> >> Apparently they are also working on a CardDAV server, but I haven't seen >> it yet. > > Looks interesting, but according to the product matrix at > http://www.zarafa.com/content/editions > the community edition doesn't support shared calendars. How are you > doing that? I'm not using the "Shared Calendar" feature per-se. The way I did it was set up a second calendar and give my wife "full permissions" to it. Then we both access it via ical. This isn't technically a shared calendar. It's a personal calendar with secondary permissions. Using Zarafa I cannot see both calendars simultaneously (I also have a personal calendar, which I use mainly for birthday reminders and my work meetings/calls). However she can see everything combined in iCal and I can on my android phone. -derek -- Derek Atkins, SB '93 MIT EE, SM '95 MIT Media Laboratory Member, MIT Student Information Processing Board (SIPB) URL: http://web.mit.edu/warlord/PP-ASEL-IA N1NWH warl...@mit.eduPGP key available ___ Discuss mailing list Discuss@blu.org http://lists.blu.org/mailman/listinfo/discuss
Re: c++ xml parser
Stephen Adler writes: > Hi Blu'ers, > > I'm looking to write some code which needs to parse the contents of an > xml file in c++. A quick search brings up xerces, rapidxml, tinyxml and > a few other packages. Does anyone have a suggestions as to which one I > should learn? libxml2 Seriously, just because you're writing in C++, why do you need to use a C++ XML parser? You'll find libxml2 is used in so many things that you can practically guarantee it will be installed. Xerces is probably the most popular C++ parser, but it's large, bulky, and has no ABI which means you need to rebuild your whole application any time Xerces makes a new release. > Thanks. Steve. -derek -- Derek Atkins, SB '93 MIT EE, SM '95 MIT Media Laboratory Member, MIT Student Information Processing Board (SIPB) URL: http://web.mit.edu/warlord/PP-ASEL-IA N1NWH warl...@mit.eduPGP key available ___ Discuss mailing list Discuss@blu.org http://lists.blu.org/mailman/listinfo/discuss
Apache reverse-proxy closing my connection?
Hey, I'm trying to setup Apache as a reverse proxy but it looks like Apache is improperly closing my connection. From the wireshark output I see the following transactions which clearly show that the connection *should* be kept alive, but the proxy is adding a "Connection: close" to the final response: CLIENT -> PROXY: GET /Pages/Default.aspx HTTP/1.1 Host: 127.0.0.1 User-Agent: Mozilla/5.0 (X11; U; Linux x86_64; en-US; rv:1.9.1.12) Gecko/20100907 Fedora/3.5.12-1.fc12 Firefox/3.5.12 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8 Accept-Language: en-us,en;q=0.5 Accept-Encoding: gzip,deflate Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7 Keep-Alive: 300 Connection: keep-alive Cookie: WSS_KeepSessionAuthenticated=80 Pragma: no-cache, no-cache Cache-Control: no-cache, no-cache Authorization: NTLM TlRMTVNTUAABB4IIAAA= PROXY -> BACKEND SERVER: GET /Pages/Default.aspx HTTP/1.1 Host: 172.16.64.10 User-Agent: Mozilla/5.0 (X11; U; Linux x86_64; en-US; rv:1.9.1.12) Gecko/20100907 Fedora/3.5.12-1.fc12 Firefox/3.5.12 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8 Accept-Language: en-us,en;q=0.5 Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7 Cookie: WSS_KeepSessionAuthenticated=80 Pragma: no-cache, no-cache Cache-Control: no-cache, no-cache Authorization: NTLM X-Forwarded-For: 127.0.0.1 X-Forwarded-Host: 127.0.0.1 X-Forwarded-Server: pgpdev.ihtfp.org Connection: Keep-Alive BACKEND SERVER -> PROXY: HTTP/1.1 401 Unauthorized Content-Length: 1539 Content-Type: text/html Server: Microsoft-IIS/6.0 WWW-Authenticate: NTLM X-Powered-By: ASP.NET MicrosoftSharePointTeamServices: 12.0.0.6421 Date: Fri, 13 May 2011 20:14:24 GMT But finally the PROXY -> CLIENT: HTTP/1.1 401 Unauthorized Date: Fri, 13 May 2011 20:14:24 GMT Server: Microsoft-IIS/6.0 Content-Length: 1539 Content-Type: text/html; charset=UTF-8 WWW-Authenticate: NTLM X-Powered-By: ASP.NET MicrosoftSharePointTeamServices: 12.0.0.6421 Connection: close Note the "Connection: close" in the Proxy -> client response! However the response from the backend server to the proxy clearly is a keep-alive, as it's an HTTP/1.1 and doesn't have a Connection header. Is there something missing from my Apache configuration? Is this a bug in Apache (I'm using version 2.2.15)? Here's the relevant configuration (for my testing purposes, I've tried setting many different Proxy options to try to get it working): ProxyRequests off ProxyPass / http://172.16.64.10/ timeout=300 disablereuse=on nocanon keepalive=on ProxyPassReverse http://172.16.64.10/ / ProxyPassReverseCookieDomain 172.16.64.10 127.0.0.1 ProxyVia off ProxyPassReverse / RequestHeaderunset Accept-Encoding Any suggestions? Thanks! -derek -- Derek Atkins, SB '93 MIT EE, SM '95 MIT Media Laboratory Member, MIT Student Information Processing Board (SIPB) URL: http://web.mit.edu/warlord/PP-ASEL-IA N1NWH warl...@mit.eduPGP key available ___ Discuss mailing list Discuss@blu.org http://lists.blu.org/mailman/listinfo/discuss
Re: Apache reverse-proxy closing my connection?
Hi, Gregory Boyce writes: > Two things I noticed: > > 1) NTLM auth may not work properly via proxy. > > http://www.gossamer-threads.com/lists/apache/dev/312633 Interesting... And unfortunate. It does seem to be working in my tests, however I'm only testing with a single client at the moment so there would only be one necessary backend connection. Thank you for the link. > 2) disablereuse=on and keepalive=on are contractory. Both are > referring to the persistence of the backend connection rather than the > frontend. keepalive=on turns it on while disablereuse turns it off. The docs were very unclear on this.. I thought that disablereuse would prevent reuse of a backend connection from different frontend connections. But apparently it completely prevents backend connection reuse, even with multiple requests from the same frontend connection. Although this does somewhat explain why NTLM fails ;) >> ProxyRequests off >> ProxyPass / http://172.16.64.10/ timeout=300 disablereuse=on nocanon >> keepalive=on >> ProxyPassReverse http://172.16.64.10/ / >> ProxyPassReverseCookieDomain 172.16.64.10 127.0.0.1 >> ProxyVia off > > Is frontend persistence enabled somewhere else in the configuration? No, it wasn't. I found that configuration in httpd.conf and fixed that -- that was one of my problems. Thanks, -derek -- Derek Atkins, SB '93 MIT EE, SM '95 MIT Media Laboratory Member, MIT Student Information Processing Board (SIPB) URL: http://web.mit.edu/warlord/PP-ASEL-IA N1NWH warl...@mit.eduPGP key available ___ Discuss mailing list Discuss@blu.org http://lists.blu.org/mailman/listinfo/discuss
Re: [Discuss] Happy World IPv6 Day to everyone
Jarod Wilson writes: > Note: Red Hat is participating in this as well, and is sponsoring a special > Fedora Test Day, specifically for IPv6: > > https://fedoraproject.org/wiki/QA/Test_Day:2011-06-08_IPv6 > > The preference is for testing to be done with fully up-to-date Fedora 15 > installs, but there's also a live CD option. I'd love to, but my Fedora 15 system isn't hearing my router adverts so it's not getting a v6 configuration. Is there some iptables magic I need to do? My fedora 12 laptop came up just fine, albeit it has iptables turned off at the moment. -derek -- Derek Atkins, SB '93 MIT EE, SM '95 MIT Media Laboratory Member, MIT Student Information Processing Board (SIPB) URL: http://web.mit.edu/warlord/PP-ASEL-IA N1NWH warl...@mit.eduPGP key available ___ Discuss mailing list Discuss@blu.org http://lists.blu.org/mailman/listinfo/discuss
Re: [Discuss] Happy World IPv6 Day to everyone
John Abreau writes: > Sadly, I didn't get very far. I run the script provided by Hurricane Electric, > and ifconfig seems to show that the tunnel is up, but I can't ping6 > ipv6.google.com. > > netstat -nr doesn't look right, but I didn't have much time to dedicate > to investigating the problem today. On Linux I have to run route -A inet6 to get my v6 routing tables. For some reason only some of my systems have v6 addresses. -derek -- Derek Atkins, SB '93 MIT EE, SM '95 MIT Media Laboratory Member, MIT Student Information Processing Board (SIPB) URL: http://web.mit.edu/warlord/PP-ASEL-IA N1NWH warl...@mit.eduPGP key available ___ Discuss mailing list Discuss@blu.org http://lists.blu.org/mailman/listinfo/discuss
[Discuss] fedora 15 doesn't start (some) server processes?
Hey, I just updated two servers from fedora 10 and 13 to fedora 15. In both cases some of the server processes running on these systems did NOT start on F15, and for the life of me I can't figure out how to get them running. In one case I couldn't get Sendmail to start. In the other case it was squid. In both cases "systemctl is-enabled foo.service" reports "enabled" (for foo == sendmail and squid). running 'chkconfig' shows that the services are 'on'. Everything I can do to understand the system is telling me that the service should start at boot time, but alas, nope, on reboot it doesn't start at all! Of course, once the system is up and running I can start it by hand through one of many means, systemctl, service, or running /etc/init.d/foo. Has anyone else seen this? I can't believe I'm the first person to have this issue.. -derek PS: For a temporary workaround I'm starting the services from /etc/rc.local, but I'd really like to figure out why the services wont run on their own. -- Derek Atkins, SB '93 MIT EE, SM '95 MIT Media Laboratory Member, MIT Student Information Processing Board (SIPB) URL: http://web.mit.edu/warlord/PP-ASEL-IA N1NWH warl...@mit.eduPGP key available ___ Discuss mailing list Discuss@blu.org http://lists.blu.org/mailman/listinfo/discuss
Re: [Discuss] fedora 15 doesn't start (some) server processes?
On Mon, June 13, 2011 8:02 am, Chuck Anderson wrote: > On Sat, Jun 11, 2011 at 10:47:50PM -0400, Derek Atkins wrote: >> In one case I couldn't get Sendmail to start. In the other case it was >> squid. In both cases "systemctl is-enabled foo.service" reports >> "enabled" (for foo == sendmail and squid). running 'chkconfig' shows >> that the services are 'on'. Everything I can do to understand the >> system is telling me that the service should start at boot time, but >> alas, nope, on reboot it doesn't start at all! > > Might be this: > > https://bugzilla.redhat.com/show_bug.cgi?id=633774 Yes, I found this bug after I sent my email. And indeed it is this bug. I've already commented on the bug and started watching it. Thanks. -derek ___ Discuss mailing list Discuss@blu.org http://lists.blu.org/mailman/listinfo/discuss
[Discuss] Lost email?
I was working on upgrading a mail server last night. To stop email delivery I just turned off postfix's smtpd entry. I think this was a mistake, I'm not seeing any email retires from 6-12pm. Did I make a booboo? If so it only affected me and my wife, and I would definitely have learned from my mistake... In trying to not lose email I think I lost email... For future reference it looks like you can set postfix to just return a 4xx code on all mail with a transport map entry in main.cf. but somehow I thought smtp would retry on connection refused. -derek ___ Discuss mailing list Discuss@blu.org http://lists.blu.org/mailman/listinfo/discuss
Re: [Discuss] Lost email?
What is the usual retry cycle, and how long until they give up? I was down for about 6 hours. I guess I'll see tonight if stuff gets retried at 24h. -derek - Reply message - From: "Dan Ritter" Date: Thu, Jun 16, 2011 9:20 am Subject: [Discuss] Lost email? To: "Derek Atkins" Cc: "blu" On Thu, Jun 16, 2011 at 09:10:40AM -0400, Derek Atkins wrote: > I was working on upgrading a mail server last night. To stop email delivery I > just turned off postfix's smtpd entry. I think this was a mistake, I'm not > seeing any email retires from 6-12pm. Did I make a booboo? If so it only > affected me and my wife, and I would definitely have learned from my > mistake... > > In trying to not lose email I think I lost email... > > For future reference it looks like you can set postfix to just return a 4xx > code on all mail with a transport map entry in main.cf. but somehow I > thought smtp would retry on connection refused. > In general, stopping an smtpd process is fine. If you have a secondary MX, that's where mail will go. If you don't, all reputable senders will retry, and if you are down longer than their retry cycle, will send a message back to the originator. -dsr- -- http://tao.merseine.nu/~dsr/eula.html is hereby incorporated by reference. You can't fight for freedom by taking away rights. ___ Discuss mailing list Discuss@blu.org http://lists.blu.org/mailman/listinfo/discuss
[Discuss] Jabber Server sm database recovery?
Hey, Another aspect of my server upgrade fiasco is that my jabber server wont start. The jabberd/sm service can't read its database. It claims there's a version mismatch. I tried running db_recovery but *it* complains about a lot of stuff. The jabber db dump script can read the database just fine and prints out a nice XML document of all my contacts, but of course there is no way to read that XML back in (as far as I can tell). Any suggestions for what I can do? I don't want to hand-enter all my contacts again. I could try to use the bdb2mysql script, but I really don't want to use mysql if I don't have to. Is there some way to use the bdbdump.pl and then re-initialize the database from the XML dump? If I move the database out of the way the service starts just fine. This was all working quite happily under F12, but now at F14 I'm sans-Jabber. -derek -- Derek Atkins, SB '93 MIT EE, SM '95 MIT Media Laboratory Member, MIT Student Information Processing Board (SIPB) URL: http://web.mit.edu/warlord/PP-ASEL-IA N1NWH warl...@mit.eduPGP key available ___ Discuss mailing list Discuss@blu.org http://lists.blu.org/mailman/listinfo/discuss
Re: [Discuss] Lost email?
On Thu, June 16, 2011 11:06 am, Tom Metro wrote: > Derek Atkins wrote: >> ...I'm not seeing any email retires from 6-12pm. > > Maybe it was all spam? :-) > > So you are judging that based on the original date headers in the emails > you are receiving? And you are on multiple email lists that send a > relatively steady flow of messages? Yes, I get about 3-500 non-spam messages a day, generally pretty steadily. They are certainly steady in the 6-12pm time frame, as that's still only 6-9pm out in Cali. HOWEVER, I just noticed that my webmail client is showing the date as time received, not time sent. So it's NOT showing the Date header, which I thought it was. I verified this due to one message that got stuck in my spam folder. once I freed it the Date header inside the message still said 3am, but the Date list in the webmail message list said 6:45. > >> ...I thought smtp would retry on connection refused. > > Pretty much anything short of a 5xx permanent failure or a special case > condition (like "MX loops back to me") ought to cause the sending MTA to > queue the message for a later retry. > > Maybe you just need to wait longer? (Though by now you should be seeing > at least some retries.) It's going to be hard to tell if stuff is through right now because I can't easily grep for the Date fields. But I suspect stuff came through by now. If not, well, people should have received a bounce and retried... :) > -Tom -derek ___ Discuss mailing list Discuss@blu.org http://lists.blu.org/mailman/listinfo/discuss
Re: [Discuss] Jabber Server sm database recovery?
Okay, I converted from BerkeleyDB to MySQL using the conversion script and all appears to be working again. -derek Derek Atkins writes: > Hey, > > Another aspect of my server upgrade fiasco is that my jabber server wont > start. The jabberd/sm service can't read its database. It claims > there's a version mismatch. I tried running db_recovery but *it* > complains about a lot of stuff. The jabber db dump script can read the > database just fine and prints out a nice XML document of all my > contacts, but of course there is no way to read that XML back in (as far > as I can tell). > > Any suggestions for what I can do? I don't want to hand-enter all my > contacts again. I could try to use the bdb2mysql script, but I really > don't want to use mysql if I don't have to. Is there some way to use > the bdbdump.pl and then re-initialize the database from the XML dump? > > If I move the database out of the way the service starts just fine. > > This was all working quite happily under F12, but now at F14 I'm > sans-Jabber. > > -derek -- Derek Atkins, SB '93 MIT EE, SM '95 MIT Media Laboratory Member, MIT Student Information Processing Board (SIPB) URL: http://web.mit.edu/warlord/PP-ASEL-IA N1NWH warl...@mit.eduPGP key available ___ Discuss mailing list Discuss@blu.org http://lists.blu.org/mailman/listinfo/discuss
Re: [Discuss] Lost email?
Daniel Hagerty writes: > Jack Coats writes: > >>But in the future you might configure a 'secondary email server'. >>[how to setup a secondary mail server. ] > > With a really important addition for modern mail servers: You > must, must, must ensure that any mail the secondaries accepts will > deliver, without bounce, on the primary. If b...@example.com is > non-deliverable on the primary, secondaries must reject this recipient > at SMTP layer. > > If this is not true, you will generate backscatter spam, possibly > ending up on blacklists, etc, etc. Which is why I do NOT have a secondary MX. I cannot guarantee their checks and my checks would match. -derek -- Derek Atkins, SB '93 MIT EE, SM '95 MIT Media Laboratory Member, MIT Student Information Processing Board (SIPB) URL: http://web.mit.edu/warlord/PP-ASEL-IA N1NWH warl...@mit.eduPGP key available ___ Discuss mailing list Discuss@blu.org http://lists.blu.org/mailman/listinfo/discuss
Re: [Discuss] Lost email?
Richard Pieri writes: > On Jun 16, 2011, at 9:26 AM, Derek Atkins wrote: >> >> What is the usual retry cycle, and how long until they give up? I was down >> for about 6 hours. I guess I'll see tonight if stuff gets retried at 24h. > > Every MTA is (can be) different. Traditionally, retries will continue > every N minutes or X hours for up to 5 days, after which a bounce back > to the sender will be generated. It turned out to be a non-issue, but a UI misunderstanding. My webmail UI was showing me message dates when the message was received, not the "Date" header when the message was sent. Once I opened up some messages I found some that were sent during the outage, so yes, they got to me just fine. > --Rich P. -derek -- Derek Atkins, SB '93 MIT EE, SM '95 MIT Media Laboratory Member, MIT Student Information Processing Board (SIPB) URL: http://web.mit.edu/warlord/PP-ASEL-IA N1NWH warl...@mit.eduPGP key available ___ Discuss mailing list Discuss@blu.org http://lists.blu.org/mailman/listinfo/discuss
[Discuss] List configuration change -- messages send to the list come "To" me?
Hi, I noticed a change to the list and I was wondering if there was some way to turn it off? Recently (the last few days) messages I've received from this list have been: To: warl...@mit.edu Cc: BLU Discuss This is a change and kinda messes up my mail filtering because I put everything that has my address in the to/cc into a separate folder, versus "list mail". I logged into my account and didn't see anything that might affect this. Was this change done for any particular reason? Is there some way to revert it? Please? -derek -- Derek Atkins, SB '93 MIT EE, SM '95 MIT Media Laboratory Member, MIT Student Information Processing Board (SIPB) URL: http://web.mit.edu/warlord/PP-ASEL-IA N1NWH warl...@mit.eduPGP key available ___ Discuss mailing list Discuss@blu.org http://lists.blu.org/mailman/listinfo/discuss
Re: [Discuss] To catch a thief
On Thu, July 28, 2011 1:51 pm, Chris Tyler wrote: > On Thu, 2011-07-28 at 13:23 -0400, Doug wrote: >> Then there is a question of getting a camera to work. That is covered >> in a different wiki. OK, I am sold on the support for the guruplug. >> The credit car will stay in the wallet until the misses votes up or >> down on the project. > > GuruPlug hardware isn't great (see the plug computer forum for details) > -- I know, since we have 24 of them here in the Fedora-ARM buildfarm. > The DreamPlug is supposed to address those shortcomings (have not used), > or a BeagleBoard or SheevaPlug could work (even a PogoPlug). I thought those issues depended on which version of the GuruPlug you got? I thought that the single-GigE basic server GuruPlug was okay, but the dual-GigE server-plus system would overheat (or now has the extra fans). Did I miss something (except that the basic Guru doesn't have an SD slot)? > -Chris -derek -- Derek Atkins 617-623-3745 de...@ihtfp.com www.ihtfp.com Computer and Internet Security Consultant ___ Discuss mailing list Discuss@blu.org http://blu.org/mailman/listinfo/discuss
Re: [Discuss] D-I-Y NAS enclosures
On Thu, July 28, 2011 4:40 pm, Kurt Keville wrote: > I have been following this dialogue at various locations... like > http://openstoragepod.org/ ... it is remarkable how cheap DIY NAS is > getting... > > I think 2TB is the biggest we will see a desktop drive; I wonder if > this approach would scale up and down to laptop drives? It may be > that you get higher density with that form factor... it will be more > robust I would think. I'm not sure what you mean by this last statement.. There are already 3TB drives on the market. -derek -- Derek Atkins 617-623-3745 de...@ihtfp.com www.ihtfp.com Computer and Internet Security Consultant ___ Discuss mailing list Discuss@blu.org http://blu.org/mailman/listinfo/discuss
Re: [Discuss] D-I-Y NAS enclosures, Backblaze
On Fri, July 29, 2011 2:57 pm, John Abreau wrote:
> Sounds about right. A few years ago I paid $779 for a 12-disk
> enclosure from newegg,
> plus another $120 for a 1U server from ebay to run the thing.
Right now you can pay ~$350 for a 20-disk enclosure from NewEgg:
http://www.newegg.com/Product/Product.aspx?Item=N82E16811219033
http://www.newegg.com/Product/Product.aspx?Item=N82E16811219021
These get you 20 SATA/SAS hot-swap bays PLUS space to place a MOBO and
controller! You just need to supply the motherboard and SATA
cards/multiplexers, cables, etc to make your NAS server!
-derek
--
Derek Atkins 617-623-3745
de...@ihtfp.com www.ihtfp.com
Computer and Internet Security Consultant
___
Discuss mailing list
Discuss@blu.org
http://blu.org/mailman/listinfo/discuss
Re: [Discuss] TrueCrypt with SSD
Richard Pieri writes: > As a data point: I don't bother with whole disk encryption. I don't > need it. I don't leave my gear where it can be stolen. You never know when your gear will be stolen. Phil Zimmerman told me a story once of how his laptop was stolen right off his lap while he was working on a train in Europe. They were at a stop and someone walked right by him, snatched the laptop out from under his fingers, and ran off the train! > The average computer user with sensitive data on a laptop doesn't own > that laptop, and thus is careless with it. Without fear of reprisal > or personal loss there is no incentive to act responsibly. WDD is, > ultimately, a technical solution to a social problem, which is why it > doesn't work. I don't think it's a social problem, unless you consider laptop theft itself to be a social problem. The technical problem is the question of data theft associated with hardware theft. Disk Encryption is one technical solution to that technical problem. Personally I've never encrypted my laptops before, but I started encrypting my current one. There is definitely a performance hit when doing large data movements (it took me much longer to copy my homedir from my old disk to the new encrypted disk) but I don't notice a significant performance degredation in my everyday usage. > --Rich P. -derek -- Derek Atkins, SB '93 MIT EE, SM '95 MIT Media Laboratory Member, MIT Student Information Processing Board (SIPB) URL: http://web.mit.edu/warlord/PP-ASEL-IA N1NWH warl...@mit.eduPGP key available ___ Discuss mailing list Discuss@blu.org http://lists.blu.org/mailman/listinfo/discuss
Re: [Discuss] TrueCrypt with SSD
Edward Ned Harvey writes: >> From: discuss-bounces+blu=nedharvey@blu.org [mailto:discuss- >> bounces+blu=nedharvey@blu.org] On Behalf Of Derek Atkins >> >> Personally I've never encrypted my laptops before, but I started >> encrypting my current one. There is definitely a performance hit when >> doing large data movements (it took me much longer to copy my homedir >> from my old disk to the new encrypted disk) but I don't notice a >> significant performance degredation in my everyday usage. > > What are you using? Both in terms of hardware, and encryption tool? > Because I don't have a performance hit... In various situations, on various > types of hardware, using various encryption tools... Dell Laptop (E6420) using Fedora's default-install dm-crypt configuration. The performance hit was in how long it took to copy ~300GB of data from a USB (or eSata) drive. When I did a similar copy on an unencrypted ThinkPad it took a fraction of the time that it took to copy it on the encrypted Dell. Same Data. The only differences were the ThinkPad v. Dell, and encrypted v. non-encrypted. Even the copy method was using the same, on the same base OS. I just dont recall if I had upgraded to 2.6.40 before or after copying all the data -derek -- Derek Atkins, SB '93 MIT EE, SM '95 MIT Media Laboratory Member, MIT Student Information Processing Board (SIPB) URL: http://web.mit.edu/warlord/PP-ASEL-IA N1NWH warl...@mit.eduPGP key available ___ Discuss mailing list Discuss@blu.org http://lists.blu.org/mailman/listinfo/discuss
Re: [Discuss] TrueCrypt with SSD
Edward Ned Harvey writes: >> From: Derek Atkins [mailto:warl...@mit.edu] >> >> Dell Laptop (E6420) using Fedora's default-install dm-crypt >> configuration. The performance hit was in how long it took to copy >> ~300GB of data from a USB (or eSata) drive. When I did a similar copy >> on an unencrypted ThinkPad it took a fraction of the time that it took >> to copy it on the encrypted Dell. Same Data. The only differences were >> the ThinkPad v. Dell, and encrypted v. non-encrypted. Even the copy >> method was using the same, on the same base OS. >> >> I just dont recall if I had upgraded to 2.6.40 before or after copying >> all the data > > That's a plenty modern processor. As I said, and others have said the same > thing, the most cpu overhead you'll see, depending on your processor and the > encryption algorithm, is 1%, 3%, 20%, 30%... Never 100% and therefore never > a slowdown resulting. Unless you're doing something horribly wrong like > AES-Blowfish-Serpent-whatever... Quadruple encrypted 16M bits... Or > something horrible. > > I suspect your slow down is not caused by the encryption. Or else there's > something horribly wrong with your encryption. Maybe you have the wrong USB > drivers loaded and therefore the external drive is really slow... > > Some tests that might shed some light on the subject ... > > Simply write a file. Eliminate the possibility of external drive slowdown. > time dd if=/dev/zero of=10Gfile bs=1024k count=10240 I did this a few times with various count sizes and noticed that the speed declined significantly once I started writing more than my RAM cache size data: [warlord@mocana mocana]$ time dd if=/dev/zero of=/home/warlord/TestDataWrite bs=1k count=2 2+0 records in 2+0 records out 2048 bytes (20 MB) copied, 0.0662049 s, 309 MB/s 0.002u 0.063s 0:00.10 60.0% 0+0k 128+4io 2pf+0w [warlord@mocana mocana]$ time dd if=/dev/zero of=/home/warlord/TestDataWrite bs=1k count=20 20+0 records in 20+0 records out 20480 bytes (205 MB) copied, 1.77495 s, 115 MB/s 0.018u 0.606s 0:01.78 34.2% 0+0k 16+40io 0pf+0w [warlord@mocana mocana]$ time dd if=/dev/zero of=/home/warlord/TestDataWrite bs=1k count=200 200+0 records in 200+0 records out 204800 bytes (2.0 GB) copied, 45.2016 s, 45.3 MB/s 0.200u 6.273s 0:46.31 13.9% 0+0k 112+440io 1pf+0 > Run top during the process. Watch to see if there's some other process > competing for CPU. Watch to see if the CPU ever reaches 100%. Right now pretty much what's competing are dd, a bunch of kworker processes, and kswapd. I ran the last test a second time and got 54.9MB/s. A third time and I noticed that flush was up there, too, and only got 44.4MB/s. > Eliminate encryption entirely. Just read the file and dump to the bin... > time cat /media/usb-external/bigfile > /dev/null Well, I was using 'tar', but honestly I think I can ignore the USB/eSata part based on the fact that I'm only seeing ~50MB/s for large-data writes. Alas, I cannot really test a raw write to this disk w/o encryption. Still, 50MB/s is a SIGNIFICANT reduction in I/O throughput from what I think I should be seeing w/o encryption. -derek -- Derek Atkins, SB '93 MIT EE, SM '95 MIT Media Laboratory Member, MIT Student Information Processing Board (SIPB) URL: http://web.mit.edu/warlord/PP-ASEL-IA N1NWH warl...@mit.eduPGP key available ___ Discuss mailing list Discuss@blu.org http://lists.blu.org/mailman/listinfo/discuss
[Discuss] dm-crypt overhead (was Re: TrueCrypt with SSD)
Edward Ned Harvey writes: >> From: Derek Atkins [mailto:warl...@mit.edu] >> Sent: Friday, August 26, 2011 11:19 AM >> >> > Simply write a file. Eliminate the possibility of external drive > slowdown. >> > time dd if=/dev/zero of=10Gfile bs=1024k count=10240 >> >> I did this a few times with various count sizes and noticed that the >> speed declined significantly once I started writing more than my RAM >> cache size data: >> >> [warlord@mocana mocana]$ time dd if=/dev/zero >> of=/home/warlord/TestDataWrite bs=1k count=2 >> 2+0 records in >> 2+0 records out >> 2048 bytes (20 MB) copied, 0.0662049 s, 309 MB/s >> 0.002u 0.063s 0:00.10 60.0% 0+0k 128+4io 2pf+0w > > hehehe, yes, of course. :-) The number I suggested above was around 10G. > That was not based on anything, and it may need to be bigger on your system, > depending on your system specs. Really this test should be as large as you > can bear to let it be. But don't go over approx 50% of the drive, or else > you might start getting hurt by fragmentation etc. > > Hint: Any benchmark you complete in 0.06 seconds isn't going to be very > useful. ;-) Perhaps try something that runs at least 5-10 minutes, > minimally. Did you miss attempts 2 and three, which were 200MB and 2GB tests? Yes, I know that a 0.06s test is irrelevant. I included it for completeness. That's why I also did two more tests with increasing dataset sizes to more accurately get my disk write speed. >> Still, 50MB/s is a SIGNIFICANT reduction in I/O throughput from what I >> think I should be seeing w/o encryption. > > You're also using a 1k blocksize. Try increasing that, at least 128k. I > usually say 1024k. Given that "dd" is actually topping your cpu charts, > you're probably only generating your data at 50 MB/s. I don't think it's the blocksize. Just to make you happy, here's the same 2GB test with a 1MB blocksize: time dd if=/dev/zero of=/home/warlord/TestDataWrite bs=1024k count=2048 2048+0 records in 2048+0 records out 2147483648 bytes (2.1 GB) copied, 49.2395 s, 43.6 MB/s 0.000u 2.064s 0:49.57 4.1% 0+0k 1376+4194304io 15pf+0w See? There's my 40-50MB/s again. > Try running dd directly from /dev/zero into /dev/null, and see how your > blocksizes affect it. That way you can ensure you're at least running dd > efficiently... And then you can write something to disk. Are you familiar > with pv? It's useful to stick into your pipeline, so you can see what's > going on. And verified, it's not a generation problem: time dd if=/dev/zero of=/dev/null bs=1024k count=20482048+0 records in 2048+0 records out 2147483648 bytes (2.1 GB) copied, 0.127949 s, 16.8 GB/s 0.000u 0.127s 0:00.30 40.0% 0+0k 256+0io 4pf+0w > I agree, 50 MB/sec is not stellar. Any typical 7200rpm sata drive should > sustain 1Gbit/sec. SSD's should sustain about the same throughput, but much > faster IOPS. This is a spinning disk, not SSD, but as you say it should be able to sustain 1Gb/s. It's not. I'm only getting 400Mb/s to the disk through dm-crypt. Unfortunately I don't have any non-encrypted space available on the disk. At least nothing sufficiently large enough to get a good sample to see if it's the disk or dm-crypt. The disk in this machine is the same model as the disk in the other machine where I was seeing full-speed data without dm-crypt. Alas I did change both hardware type and added dm-crypt at the same time so I don't know if it's the ThinkPad vs. Dell or no-encryption v. dm-crypt that's slowing down my disk I/O. -derek -- Derek Atkins, SB '93 MIT EE, SM '95 MIT Media Laboratory Member, MIT Student Information Processing Board (SIPB) URL: http://web.mit.edu/warlord/PP-ASEL-IA N1NWH warl...@mit.eduPGP key available ___ Discuss mailing list Discuss@blu.org http://lists.blu.org/mailman/listinfo/discuss
Re: [Discuss] Is MythTV dead?
Hi, James Kramer writes: > Rich > > I was just beginning to get back into Mythtv. What are the other > alternatives? I know that google tv released an emulator. > > Jay > On Sep 1, 2011 8:07 PM, "Rich Braun" wrote: >> For years, MythTV had a twice-annual release schedule for major versions. >> Every May and November there was always a new release, up until 0.24 which >> came out 10-Nov-2010. Each version got more stable, until plans were made > to >> redesign several things and drop some features from the 0.25 roadmap. That >> version is now 4 months behind schedule and the mythtv-dev list seems to > have >> gone pretty quiet. >> >> Has anyone here followed MythTV lately and have any encouraging (or >> discouraging) news to guide my own decision whether to dump it in favor of >> something else? I lost a number of capabilities (and some stability) when > I >> did the 0.24 upgrade and am concluding that maybe it's time to move on. I've been monitoring the Myth lists for a while. There is definitely still activity going on, both in terms of developer email and git commits. No, they haven't made a release in a while, but they also don't schedule releases ahead of time. The 0.22 -> 0.23 -> 0.24 6-month cycle was mostly due to a big push by a few of the developers for a few big features. It has not ever been a guarantee of release frequency. The 0.21 -> 0.22 cycle took over a year, IIRC. I have faith that there will be a 0.25. I do not know when it will be released, but I know it will. Maybe Jarod will chime in? Note: I've been using Myth since 0.11 and I currently run 0.22 on FC12 systems. I've had no reason to upgrade the OS or Myth systems, they work well. I'll consider upgrading when I move next month and have to add a few more frontend boxes. I only wish I could find the Acer Revo 1600, which made a great frontend box! I guess there's the AR3700? I wish I could find something of that size/capability that also has firewire. I guess I've got a little time to keep looking. >> -rich -derek -- Derek Atkins, SB '93 MIT EE, SM '95 MIT Media Laboratory Member, MIT Student Information Processing Board (SIPB) URL: http://web.mit.edu/warlord/PP-ASEL-IA N1NWH warl...@mit.eduPGP key available ___ Discuss mailing list Discuss@blu.org http://lists.blu.org/mailman/listinfo/discuss
Re: [Discuss] Photo Manager
Theodore Ruegsegger writes: > On Wed, Sep 7, 2011 at 7:10 PM, Doug wrote: >> Are any photo managers altering tags within the photo file itself? Or >> do any have options so you can keep information within the file or >> not? I am pretty sure iPhoto does not alter the original file, great >> is someways, but also leads to lock in. > > I've built a web application called Photo Album Manager that manages > all metadata in a PostgreSQL database. Not sure that counts as > lock-in, since it's all free software and it's easy to migrate data > from one RDBMS to another. Okay, why did you do this instead of using something like Gallery2? http://gallery.menalto.com/ -derek -- Derek Atkins, SB '93 MIT EE, SM '95 MIT Media Laboratory Member, MIT Student Information Processing Board (SIPB) URL: http://web.mit.edu/warlord/PP-ASEL-IA N1NWH warl...@mit.eduPGP key available ___ Discuss mailing list Discuss@blu.org http://lists.blu.org/mailman/listinfo/discuss
Re: [Discuss] dm-crypt overhead (was Re: TrueCrypt with SSD)
Edward Ned Harvey writes: >> From: Derek Atkins [mailto:warl...@mit.edu] >> >> This is a spinning disk, not SSD, but as you say it should be able to >> sustain 1Gb/s. It's not. I'm only getting 400Mb/s to the disk through >> dm-crypt. > > Well, I only made a generalization. ;-) What does your drive mfgr publish > for specs on that drive? Nevermind. Try this... > > Use dd to read from /dev/sda (or whatever) dump to /dev/null. This will > prove the sequential hardware read speed of the disk without encryption. > > Then create a large file (repeat the above dd command, but read from > /dev/zero and write to a file.) If you feel like it, reboot just to ensure > nothing is cached or buffered. Read the file. Now the only thing you've > done is add filesystem overhead and encryption overhead. > > That should be a pretty good test, to see if encryption is really the > bottleneck for you... At least for reading. But as you said, without any > free space on the drive, it's hard to test writing without encryption. > > >> The disk in this machine is the same model as the disk in the other >> machine where I was seeing full-speed data without dm-crypt. Alas I did >> change both hardware type and added dm-crypt at the same time so I don't >> know if it's the ThinkPad vs. Dell or no-encryption v. dm-crypt that's >> slowing down my disk I/O. > > There are a million things it could be... firmware, drivers, etc. One thing > that's simple to check is your disk mode. ACHI vs ATA. Well, I finally migrated off that Dell and back onto a ThinkPad. For kicks I tried my tests again using 2GB and 20GB write tests through the file system and got 118MB/s and 108MB/s, both of which are much more reasonable throughput. Granted, I'm using a different model HDD here (a 7200RPM Hitachi instead of the 5400RPM WD) however even the raw dd read off the WD went much faster on this laptop. So I think it might be controller related. *shrugs* I consider this closed for now. Thanks! -derek -- Derek Atkins, SB '93 MIT EE, SM '95 MIT Media Laboratory Member, MIT Student Information Processing Board (SIPB) URL: http://web.mit.edu/warlord/PP-ASEL-IA N1NWH warl...@mit.eduPGP key available ___ Discuss mailing list Discuss@blu.org http://lists.blu.org/mailman/listinfo/discuss
[Discuss] How do rack vendors compare?
Hey all, I'm looking to install some basic 19" racks in my house/basement to make it easier to mount some of my home networking equipment, including about 200 wire terminations for ethernet, cable, and phone, and a couple computers (e.g. MythTV and such). Does anyone have any good (or anti-) recommendations for inexpensive four-post racks? Tripp Lite? Intellinet? Also, are there any good guides or how-tos where I can learn how to lay out my room? -derek -- Derek Atkins, SB '93 MIT EE, SM '95 MIT Media Laboratory Member, MIT Student Information Processing Board (SIPB) URL: http://web.mit.edu/warlord/PP-ASEL-IA N1NWH warl...@mit.eduPGP key available ___ Discuss mailing list Discuss@blu.org http://lists.blu.org/mailman/listinfo/discuss
Re: [Discuss] How do I determine what hard drive screws I need?
Mark Woodward writes: > On 09/29/2011 02:34 AM, John Abreau wrote: >> I've got an HP ProLiant DL360 G5 server, which uses 2.5-inch SAS or >> SATA drives. >> The machine had no drives in it, so I ordered a couple of drives, >> along with some >> drive trays. >> >> Neither the hard drives nor the trays came with mounting screws. How do I >> figure out what size screws I need? >> >> The drives are Seagate Momentus 750gb 2.5-inch SATA drives. > > Chances are that they are one of two screw sizes. Take a look: > > http://en.wikipedia.org/wiki/Computer_case_screws > > Hard drives typcally use the same screws. If you've had computers > through the years, you probably have a bunch of them. Worst case you could mail-order from someplace like http://laptopscrews.com/ which have pretty much any computer screw you could want. They are pretty standardized nowadays. -derek -- Derek Atkins, SB '93 MIT EE, SM '95 MIT Media Laboratory Member, MIT Student Information Processing Board (SIPB) URL: http://web.mit.edu/warlord/PP-ASEL-IA N1NWH warl...@mit.eduPGP key available ___ Discuss mailing list Discuss@blu.org http://lists.blu.org/mailman/listinfo/discuss
Re: [Discuss] GMail doesn't recognize mailing lists
"Daniel C." writes: > On Thu, Nov 3, 2011 at 12:18 AM, Greg Rundlett (freephile) > wrote: >> Why doesn't GMail reply to list by default?! Does this lack of feature bug >> you? > > Gmail is behaving correctly. The reply-to header is set by the > mailing list administrator, and should be obeyed by the mail client. > If you want this list to reply to list by default, feel free to argue > your case here but be warned that this topic is almost always a sticky > morass of flames, dogma and other unpleasantness. "Reply" should reply to the original sender, not to the list. That is what the "Reply-to-List" and "Reply-All" functionality is for. > -Dan -derek -- Derek Atkins, SB '93 MIT EE, SM '95 MIT Media Laboratory Member, MIT Student Information Processing Board (SIPB) URL: http://web.mit.edu/warlord/PP-ASEL-IA N1NWH warl...@mit.eduPGP key available ___ Discuss mailing list Discuss@blu.org http://lists.blu.org/mailman/listinfo/discuss
Re: [Discuss] Richard Pieri wrote:, > Android doesn't support S/MIME out of the box, either.
David Rosenstrauch writes: > On 11/05/2011 09:36 PM, Tom Metro wrote: >> Richard Pieri wrote: >>> Android doesn't support S/MIME out of the box, either. >> >> Speaking of which, what are people using for an IMAP client on Android? >> >> -Tom >> > > I've found K-9 Mail to be excellent. I just use the "Mail" app on my HTC Evo. > DR -derek -- Derek Atkins, SB '93 MIT EE, SM '95 MIT Media Laboratory Member, MIT Student Information Processing Board (SIPB) URL: http://web.mit.edu/warlord/PP-ASEL-IA N1NWH warl...@mit.eduPGP key available ___ Discuss mailing list Discuss@blu.org http://lists.blu.org/mailman/listinfo/discuss
Re: [Discuss] Fedora 16 released today
John Abreau writes:
> Fedora 16 was just released today. The bittorrent downloads are proving to be
> the quickest way to download it. 5 minutes, vs an estimated 11 hours for
> the direct download of the LiveCD image via wget.
And if you do run BT to download, be a good netizen and keep the torrent
up for a while after you have it downloaded. :)
-derek
--
Derek Atkins, SB '93 MIT EE, SM '95 MIT Media Laboratory
Member, MIT Student Information Processing Board (SIPB)
URL: http://web.mit.edu/warlord/PP-ASEL-IA N1NWH
warl...@mit.eduPGP key available
___
Discuss mailing list
Discuss@blu.org
http://lists.blu.org/mailman/listinfo/discuss
Re: [Discuss] alternative email filter
Dan Ritter writes: > On Mon, Nov 14, 2011 at 09:11:33AM -0800, Dave Peters wrote: >> We are using Barracuda as our email filter and want to replace it. Is there >> any suggestion that I can setup a front end mail server to achieve this >> purpose? We have 5 domains and 20 email accounts. > > I'm pretty happy with SpamAssassin plus some DNS RBL filters. I've also been using Maia Mailguard. It works really well for me. I don't know how well it would work for 20 email accounts. > -dsr- -derek -- Derek Atkins, SB '93 MIT EE, SM '95 MIT Media Laboratory Member, MIT Student Information Processing Board (SIPB) URL: http://web.mit.edu/warlord/PP-ASEL-IA N1NWH warl...@mit.eduPGP key available ___ Discuss mailing list Discuss@blu.org http://lists.blu.org/mailman/listinfo/discuss
Re: [Discuss] MythTV: from bad to worse. Start over?
Hey, Bill, Bill Cattey writes: > We have a DLNA server at home that talks to our BluRay player. > > Sadly the first DLNA server we tried was not seen by the BluRay player. > The second one is seen but won't see new content unless we rebuild the > Db from scratch. Our setup is a little strange in that the DLNA server is > running on a NetBSD box running or freeNAS server. Part of the reason why > new content is not seen is that NetBSD and Linux have different approaches > to noticing a filesystem has changed. > > Chuck made it all work, perhaps he will chime in. So what you are saying is that if you were using a Linux server then the DLNA server would have noticed new content properly? ;) Could one use DLNA for MythTV recorded content? Which DLNA server(s) have you tried/used? -derek -- Derek Atkins, SB '93 MIT EE, SM '95 MIT Media Laboratory Member, MIT Student Information Processing Board (SIPB) URL: http://web.mit.edu/warlord/PP-ASEL-IA N1NWH warl...@mit.eduPGP key available ___ Discuss mailing list Discuss@blu.org http://lists.blu.org/mailman/listinfo/discuss
Re: [Discuss] Backing up LVM partitions using snapshots
On Wed, December 14, 2011 2:00 pm, Richard Pieri wrote: > On 12/14/2011 12:34 PM, Bill Bogstad wrote: >> I've been watching the (second?) incarnation of this thread for a >> while now and I think that I see your point. I wonder if the "TRIM" >> functionality that is being added to filesystems in order to handle >> SSDs could help with this. > > I don't think so. The problem I describe is that once a dump goes > missing then any differentials against it will have inconsistencies > between the file data and the file metadata structures. TRIMming freed > blocks won't make this go away. It might make things worse what with > dangling inode lists pointing to de-allocated SSD blocks. > > > As an aside, enterprise backup systems like Amanda and Bacula and TSM > do, indeed, maintain databases of backed up files and what media they > are on. This is also the reasoning why you should perform regular full dumps, because it resets the history necessary to perform a backup. For example, you could perform monthly full backups, then weekly incrementals, and then daily incrementals off the weekly incrementals. So worst case you need 11 restores to get to any point in time (full, 4xweekly incremental, 6 daily incrementals off the weekly). There are many other strategies that you can use, but yes, if you lose an intermediary incremental then yes, you've effectively lost everything that happened after that, until your next higher-level (or lower-level, depending which way you look at it) dump. E.g., if in the above scenario you lose a daily incremental then you lose all data for the rest of the week, whereas if you lose a weekly incremental then you lose all data for the rest of the month. -derek -- Derek Atkins 617-623-3745 de...@ihtfp.com www.ihtfp.com Computer and Internet Security Consultant ___ Discuss mailing list Discuss@blu.org http://lists.blu.org/mailman/listinfo/discuss
Re: [Discuss] home design + construction + landscape design software?
Hi, Kyle Leslie writes: > You could try this - http://www.sweethome3d.com/index.jsp > > I found this using my trusty friend AlternativeTo.net ( > http://alternativeto.net/software/home-designer/?profile=linux&platform=linux > ) > > I am installing right now to poke around. I've used SweetHome3d. It's a pretty cool program, and I used it to help do some initial designs of my kitchen and bath remodel projects. It's not perfect, and it's certainly not as good as the pay-for programs that real architects use. But for playing with ideas and being able to "walk through" the rooms it's a great program! -derek -- Derek Atkins, SB '93 MIT EE, SM '95 MIT Media Laboratory Member, MIT Student Information Processing Board (SIPB) URL: http://web.mit.edu/warlord/PP-ASEL-IA N1NWH warl...@mit.eduPGP key available ___ Discuss mailing list Discuss@blu.org http://lists.blu.org/mailman/listinfo/discuss
Re: [Discuss] Financial database / balance?
Have you looked at GnuCash? -derek Sent from my HTC on the Now Network from Sprint! - Reply message - From: "Daniel C." Date: Fri, Jan 13, 2012 4:02 pm Subject: [Discuss] Financial database / balance? To: "BLU Discuss" Hello, I'm writing some personal finance management software, and I'm puzzling over the best way to keep track of the balance for each account. I've got an accounts table and a transactions table. I need a way to get the balance for an account, but the current balance depends on the value of all transactions tied to that account from now until the beginning of time. Obviously summing all transactions for that account is not the most efficient way of finding the current balance. The alternative is to add a balance field to the accounts table and create a trigger on insert, update or deletion in the transactions table to update the appropriate account balance. The risk here is that, somehow, this will get screwed up or out of whack and then the account balance won't correctly reflect the sum of all transactions for that account. Resetting it would be easy (just re-sum all transactions for that account) but adding this feature would be offensively kludgey to me. I've considered a few other options but none of them really sit right with me. Should I just add the trigger to my DB and trust that (if properly programmed in the first place) it will always work? Thanks, Daniel ___ Discuss mailing list Discuss@blu.org http://lists.blu.org/mailman/listinfo/discuss ___ Discuss mailing list Discuss@blu.org http://lists.blu.org/mailman/listinfo/discuss
[Discuss] FWD: [mythtv] 0.25 Release Schedule
There was a discussion earlier about the status of MythTV. This message was just sent out last night. Looks like they are revving for a 0.25 release in the next couple months. -derek -- Derek Atkins, SB '93 MIT EE, SM '95 MIT Media Laboratory Member, MIT Student Information Processing Board (SIPB) URL: http://web.mit.edu/warlord/PP-ASEL-IA N1NWH warl...@mit.eduPGP key available ___ Discuss mailing list Discuss@blu.org http://lists.blu.org/mailman/listinfo/discuss
Re: [Discuss] FWD: [mythtv] 0.25 Release Schedule
Derek Atkins writes: > There was a discussion earlier about the status of MythTV. This message > was just sent out last night. Looks like they are revving for a 0.25 > release in the next couple months. > > -derek Hmm, looks like my forward failed. Here it is again inlined: From: Mark Kendall Subject: [mythtv] 0.25 Release Schedule To: Development of mythtv Date: Wed, 25 Jan 2012 20:28:13 + Reply-To: Development of MythTV All, The current timetable for release of MythTV 0.25 is:- Feature Freeze: 12th Feb 0.25 Beta: 4th March 0.25 RC1: 18th March 0.25 Release : 2nd April A 'soft freeze' for translatable strings will also come into effect with the feature freeze with a hard freeze at the same time as RC1. regards Mark -- Derek Atkins, SB '93 MIT EE, SM '95 MIT Media Laboratory Member, MIT Student Information Processing Board (SIPB) URL: http://web.mit.edu/warlord/PP-ASEL-IA N1NWH warl...@mit.eduPGP key available ___ Discuss mailing list Discuss@blu.org http://lists.blu.org/mailman/listinfo/discuss
Re: [Discuss] Network Traffic Visualization
Eric Chadbourne writes: > On 02/01/2012 03:40 PM, Daniel C. wrote: >> - Do you have any preference for how you see it? > > Oh oh oh! Pick me, pick me! Make really bad stuff bold bright pink > and not red. Red is good luck in some cultures. Pink, heh, that's > kind of funny. > >> Thank you all in advance! Hopefully I'll be able to produce something >> genuinely useful. > > > Dude post a download on the list. I would love to check it out and > watch my noisy network in action. I have mrtg set up to show me aggregate network usage at my choke-point (router). Sometimes it would be nice if there were a way for me to pinpoint usage based on host and port or based on session threads. For example, sometimes I'd love to know that some particular host out in the cloud is pounding on one of my poor servers and pulling 5mbps out of my network. Is there a good tool to be able to see that and/or visualize that? My router is running dd-wrt, but it has limited space. My network is generally on a switched network so I cannot just run etherwatch or wireshark. > Thanks, > Eric C -derek -- Derek Atkins, SB '93 MIT EE, SM '95 MIT Media Laboratory Member, MIT Student Information Processing Board (SIPB) URL: http://web.mit.edu/warlord/PP-ASEL-IA N1NWH warl...@mit.eduPGP key available ___ Discuss mailing list Discuss@blu.org http://lists.blu.org/mailman/listinfo/discuss
Re: [Discuss] Striping is bad
On Sat, February 18, 2012 4:54 pm, Edward Ned Harvey wrote: >> From: discuss-bounces+blu=nedharvey@blu.org [mailto:discuss- >> bounces+blu=nedharvey@blu.org] On Behalf Of >> >> So, two lessons learned: (1) when you know better, listen to yourself. >> (2) >> don't buy Hitachi hard disks. > > (I'll say it the nice way) > How you conclude "don't buy hitachi" from this is situation is ... > "Beyond > me." Why be so nice, Ed? Dude, your conclusions are a non-sequitor for your data. Or at least your second conclusion. I do agree with #1. There is nothing wrong with Hitachi drives in general. The fact that *a* drive failed is just a fact of life -- it happens. I've had mobos fail, power supplies fail, monitors fail, video cards fail. Parts fail. Your issue is the fact that you used RAID-0 instead of RAID-1 or RAID-10; that was just you being silly. I've had a RAID-10 array of four (now 6, as of about 6 months ago) Hitachi drives running for over four years now. I did lose one drive which I replaced late last year, and I now have one spare drive laying around for the next failure. All hitachi. 30,000 hours and still going. -derek -- Derek Atkins 617-623-3745 de...@ihtfp.com www.ihtfp.com Computer and Internet Security Consultant ___ Discuss mailing list Discuss@blu.org http://lists.blu.org/mailman/listinfo/discuss
[Discuss] Is this bad?
Hi, I finally turned on Smartd on one of my servers (don't ask me why it wasn't on earlier), and I've been receiving messages like the following every night. Is this bad? Is this a sign that one (or both) of my disks is (are) dying and need to be replaced? Could this be related to why when the machine is under heavy load that ksoftirqd/1 starts spinning and taking up lots of CPU? This is my mythtv backend server, so it can have heavy disk I/O when recording multiple HDTV streams simultaneously (upwards of 40Mbps at times). -derek - Smartd Begin /dev/sda [SAT] : Prefailure: Raw_Read_Error_Rate (1) changed to 113, Usage: Airflow_Temperature_Cel (190) changed to 68, 67, 66, Usage: Hardware_ECC_Recovered (195) changed to 34, /dev/sdb [SAT] : Prefailure: Raw_Read_Error_Rate (1) changed to 105, 106, 107, 108, 107, 108, 112, 111, 110, 111, 110, 111, 108, 111, 108, 107, 106, 107, 106, 105, 106, 109, 108, 106, 107, Usage: Airflow_Temperature_Cel (190) changed to 63, 64, 63, 64, 63, 64, 63, Usage: Hardware_ECC_Recovered (195) changed to 66, 65, 64, 63, 62, 61, 62, 63, 64, 63, 62, 59, 60, 61, 62, 66, 65, 64, 65, 64, 63, 64, 63, 64, 63, 60, 61, /dev/sda [SAT] : started scheduled Short self-test 1 Time(s) /dev/sdb [SAT] : started scheduled Short self-test 1 Time(s) **Unmatched Entries** Device: /dev/sda [SAT], previous self-test completed without error Device: /dev/sdb [SAT], previous self-test completed without error -- Smartd End - -- Derek Atkins, SB '93 MIT EE, SM '95 MIT Media Laboratory Member, MIT Student Information Processing Board (SIPB) URL: http://web.mit.edu/warlord/PP-ASEL-IA N1NWH warl...@mit.eduPGP key available ___ Discuss mailing list Discuss@blu.org http://lists.blu.org/mailman/listinfo/discuss
Re: [Discuss] Is this bad?
Dan Ritter writes: > On Fri, Feb 24, 2012 at 08:40:47AM -0500, Derek Atkins wrote: >> Hi, >> >> I finally turned on Smartd on one of my servers (don't ask me why it >> wasn't on earlier), and I've been receiving messages like the following >> every night. Is this bad? Is this a sign that one (or both) of my >> disks is (are) dying and need to be replaced? >> >> Could this be related to why when the machine is under heavy load that >> ksoftirqd/1 starts spinning and taking up lots of CPU? This is my >> mythtv backend server, so it can have heavy disk I/O when recording >> multiple HDTV streams simultaneously (upwards of 40Mbps at times). >> > > The raw_read_error rate is impossible to understand without a > guide from the manufacturer. What you should be looking for is a > sudden upswing in uncorrectable errors. > > SMART isn't very smart; they left far too many meanings up to > the drive maker's whims. What about the ECC errors? > -dsr- -derek -- Derek Atkins, SB '93 MIT EE, SM '95 MIT Media Laboratory Member, MIT Student Information Processing Board (SIPB) URL: http://web.mit.edu/warlord/PP-ASEL-IA N1NWH warl...@mit.eduPGP key available ___ Discuss mailing list Discuss@blu.org http://lists.blu.org/mailman/listinfo/discuss
Re: [Discuss] Is this bad?
David Miller writes: > I agree with Ed here smart data, at least if you're just looking at a > snapshot, is pretty meaningless.  It becomes more meaningful if you're looking > at these counters over time and tracking the tends.  But even then they are > hard to interpret and the data reported varies by manufacture.  The the only > smart counters that I tend to pay attention to are "reallocated sector" or > "reallocation event" counters. Okay, perhaps it is the Ethernet driver that's causing the ksoftirq/1 thread to spin at 100% cpu usage. I really need to track this down, because I'm losing bits in my TV records when this happens, and it's also causing other bits to be delayed. Maybe I should move my MySQL database to another machine? > David -derek -- Derek Atkins, SB '93 MIT EE, SM '95 MIT Media Laboratory Member, MIT Student Information Processing Board (SIPB) URL: http://web.mit.edu/warlord/PP-ASEL-IA N1NWH warl...@mit.eduPGP key available ___ Discuss mailing list Discuss@blu.org http://lists.blu.org/mailman/listinfo/discuss
Re: [Discuss] Is this bad?
Dan Ritter writes: >> Okay, perhaps it is the Ethernet driver that's causing the ksoftirq/1 >> thread to spin at 100% cpu usage. I really need to track this down, >> because I'm losing bits in my TV records when this happens, and it's >> also causing other bits to be delayed. > > ksoftirqd is run once per core, so this is something causing > your second core (/0, /1, ...) to be woken up an awful lot. > > Anything obvious in dmesg? Nope. >> Maybe I should move my MySQL database to another machine? > > Is it on a disk separate from your recordings? No, it's not. And it's been fine this way for the past 6-8 years. It's only started being an issue over the past few months. But the recording loss seems to happen simultaneously with the softirq spinning. Recording comes from some HD HomeRun devices. I could try to separate it. Or I could try moving mysql to another machine. I wonder -- how well would mysql run on a Plug computer, either a Sheeva or Guru plug? > -dsr- -derek -- Derek Atkins, SB '93 MIT EE, SM '95 MIT Media Laboratory Member, MIT Student Information Processing Board (SIPB) URL: http://web.mit.edu/warlord/PP-ASEL-IA N1NWH warl...@mit.eduPGP key available ___ Discuss mailing list Discuss@blu.org http://lists.blu.org/mailman/listinfo/discuss
Re: [Discuss] Is this bad?
Dan Ritter writes: > On Mon, Feb 27, 2012 at 10:56:49AM -0500, Derek Atkins wrote: >> >> Maybe I should move my MySQL database to another machine? >> > >> > Is it on a disk separate from your recordings? >> >> No, it's not. And it's been fine this way for the past 6-8 years. It's >> only started being an issue over the past few months. But the recording >> loss seems to happen simultaneously with the softirq spinning. >> Recording comes from some HD HomeRun devices. >> >> I could try to separate it. Or I could try moving mysql to another >> machine. I wonder -- how well would mysql run on a Plug computer, >> either a Sheeva or Guru plug? > > The only computationally intensive operation is the big > scheduler run. Apart from that, everything is I/O intensive -- > most especially commercial flagging, if you do that. I don't do commercial flagging. But also note I was asking about MySQL on the Plug, not Myth. I have four databases running on my MySQL instance: gallery2, maia, myth, and zarafa. I might be able to scavange another system from my old parts, or I can set up a system on a Plug, or I can try to add another disk to the existing myth to separate out the videos. > I strongly recommend moving MySQL to its own disk. So noted. It means finding another disk, and hoping there is room in the chasis to install it :) Or I can move it to another machine. > -dsr- -derek -- Derek Atkins, SB '93 MIT EE, SM '95 MIT Media Laboratory Member, MIT Student Information Processing Board (SIPB) URL: http://web.mit.edu/warlord/PP-ASEL-IA N1NWH warl...@mit.eduPGP key available ___ Discuss mailing list Discuss@blu.org http://lists.blu.org/mailman/listinfo/discuss
Re: [Discuss] LVM vs File system file for KVM Virtual Machines?
Mark, Think about it this way: when using a file on the file system the VM has a whole extra layer of indirection that it has to go through, because it has to go through the FS layer in the VM, then the block layer in the VM, then the VM system storage layer, and then the FS layer in the host, then block layer in the host.. Whereas if it's just an LVM container then you can bypass the FS layer in the host completely. So I would always expect the direct LVM container to be faster and more resource efficient. -derek On Thu, March 29, 2012 10:49 am, ma...@mohawksoft.com wrote: > Hopefully without getting into an augment about the pros and cons of LVM > vs btrfs or zfs, does anyone want to discuss the pros and cons of LVM > "device" for a virtual machine vs a file on a file system for a virtual > machine? > > So, do you create a 30G file on a file system, like EXT3, jfs, or xfs and > use that or do you create a 30G LVM device and use it directly? There are > some benefits to using LVM and with the 3.x kernel, you could even use a > "thin provisioned" device. > > Which do you suspect would be more resource efficient? Which do you think > would have faster I/O? > > I've set up two systems, one on a jfs file system and one on an "old > style" LVM partition. (Fully allocated). I don't see much of a difference. > I suspect the LVM based system should be more efficient because it does > not have to go through the intermediate file system layer to get to the > device layer. Internally, the VM sees the LVM device as its own device. > > ___ > Discuss mailing list > Discuss@blu.org > http://lists.blu.org/mailman/listinfo/discuss > -- Derek Atkins 617-623-3745 de...@ihtfp.com www.ihtfp.com Computer and Internet Security Consultant ___ Discuss mailing list Discuss@blu.org http://lists.blu.org/mailman/listinfo/discuss
[Discuss] Any Postfix + ipv6 people out there?
Hi BLUers, I've been working on enabling IPv6 on my personal servers and I ran into a strange issue last night when I enabled v6 on my mail server. All of a sudden, all the rest of my local hosts that send daily logwatch emails are being rejected (at least those that are v6-aware but don't have public v6 addresses). It's as if the permit_mynetworks isn't working anymore with link-local addresses. The error I get appears as if the smtpd_sender_restrictions is rejecting the email, but it should accept it based on mynetworks: smtpd_sender_restrictions = permit_mynetworks, permit_tls_clientcerts, permit_sasl_authenticated, check_sender_access hash:/etc/postfix/goodsender, check_sender_access hash:/etc/postfix/badsender, reject_unknown_sender_domain, reject_non_fqdn_sender, check_sender_access hash:/etc/postfix/sender_access, reject_unverified_sender, permit I haven't found a good way to debug postfix and have it log exactly why the mail is being prevented. Here's the full log that I get in my maillog: May 31 09:18:12 mail2 postfix/smtpd[26444]: connect from unknown[fe80::20c:29ff:fecf:7df0%eth0] May 31 09:18:12 mail2 postfix/smtpd[26444]: setting up TLS connection from unknown[fe80::20c:29ff:fecf:7df0%eth0] May 31 09:18:12 mail2 postfix/smtpd[26444]: Anonymous TLS connection established from unknown[fe80::20c:29ff:fecf:7df0%eth0]: TLSv1 with cipher DHE-RSA-AES256-SHA (256/256 bits) May 31 09:18:12 mail2 postfix/smtpd[26444]: NOQUEUE: reject: RCPT from unknown[fe80::20c:29ff:fecf:7df0%eth0]: 450 4.1.7 : Sender address rejected: unverified address: Address verification failed; from= to= proto=ESMTP helo= May 31 09:18:12 mail2 postfix/smtpd[26444]: warning: network_biopair_interop: error reading 5 bytes from the network: Connection reset by peer May 31 09:18:12 mail2 postfix/smtpd[26444]: disconnect from unknown[fe80::20c:29ff:fecf:7df0%eth0] Any gurus around who can help me debug? Thanks, -derek -- Derek Atkins, SB '93 MIT EE, SM '95 MIT Media Laboratory Member, MIT Student Information Processing Board (SIPB) URL: http://web.mit.edu/warlord/PP-ASEL-IA N1NWH warl...@mit.eduPGP key available ___ Discuss mailing list Discuss@blu.org http://lists.blu.org/mailman/listinfo/discuss
Re: [Discuss] Any Postfix + ipv6 people out there?
John, On Thu, May 31, 2012 12:55 pm, John Abreau wrote: > http://www.sixxs.net/wiki/Postfix > > "Unfortunately, by default, Postfix assumes you only want to accept > IPv4 mail. So if you haven't explicitly enabled it, Postfix assumes > the following configuration: Thanks, but that's already been handled. Postfix is v6 aware, and both inet_interfaces and inet_protocols are set to "all". My local hosts are all connecting via v6 (which you can see in the log snippet below). The issue appears to be that postfix is not treating hosts coming from link-local addresses as being on "mynetworks". Either that or it's complaining that there's no PTR record for the fe80:: address. In either case it is most likely a postfix configuration issue, but I'm at a loss for how to fix it. I added [fe80::]/10 to mynetworks, but I haven't been able to figure out how to get it to output more debugging to tell me exactly which rules are affecting the mail. -derek > > On Thu, May 31, 2012 at 11:13 AM, Derek Atkins wrote: >> Hi BLUers, >> >> I've been working on enabling IPv6 on my personal servers and I ran into >> a strange issue last night when I enabled v6 on my mail server.  All of >> a sudden, all the rest of my local hosts that send daily logwatch emails >> are being rejected (at least those that are v6-aware but don't have >> public v6 addresses).  It's as if the permit_mynetworks isn't working >> anymore with link-local addresses. >> >> The error I get appears as if the smtpd_sender_restrictions is rejecting >> the email, but it should accept it based on mynetworks: >> >> smtpd_sender_restrictions = permit_mynetworks, >>     permit_tls_clientcerts, >>     permit_sasl_authenticated, >>     check_sender_access hash:/etc/postfix/goodsender, >>     check_sender_access hash:/etc/postfix/badsender, >>     reject_unknown_sender_domain, >>     reject_non_fqdn_sender, >>     check_sender_access hash:/etc/postfix/sender_access, >>     reject_unverified_sender, >>     permit >> >> I haven't found a good way to debug postfix and have it log exactly why >> the mail is being prevented.  Here's the full log that I get in my >> maillog: >> >> May 31 09:18:12 mail2 postfix/smtpd[26444]: connect from >> unknown[fe80::20c:29ff:fecf:7df0%eth0] >> May 31 09:18:12 mail2 postfix/smtpd[26444]: setting up TLS connection >> from unknown[fe80::20c:29ff:fecf:7df0%eth0] >> May 31 09:18:12 mail2 postfix/smtpd[26444]: Anonymous TLS connection >> established from unknown[fe80::20c:29ff:fecf:7df0%eth0]: TLSv1 with >> cipher DHE-RSA-AES256-SHA (256/256 bits) >> May 31 09:18:12 mail2 postfix/smtpd[26444]: NOQUEUE: reject: RCPT from >> unknown[fe80::20c:29ff:fecf:7df0%eth0]: 450 4.1.7 : >> Sender address rejected: unverified address: Address verification >> failed; from= to= proto=ESMTP >> helo= >> May 31 09:18:12 mail2 postfix/smtpd[26444]: warning: >> network_biopair_interop: error reading 5 bytes from the network: >> Connection reset by peer >> May 31 09:18:12 mail2 postfix/smtpd[26444]: disconnect from >> unknown[fe80::20c:29ff:fecf:7df0%eth0] >> >> Any gurus around who can help me debug? >> >> Thanks, >> >> -derek >> >> -- >>    Derek Atkins, SB '93 MIT EE, SM '95 MIT Media Laboratory >>    Member, MIT Student Information Processing Board  (SIPB) >>    URL: http://web.mit.edu/warlord/   PP-ASEL-IA   N1NWH >>    warl...@mit.edu             PGP key available >> _______ >> Discuss mailing list >> Discuss@blu.org >> http://lists.blu.org/mailman/listinfo/discuss > > > > -- > John Abreau / Executive Director, Boston Linux & Unix > OLD GnuPG KeyID: D5C7B5D9 / Email: abre...@gmail.com > OLD GnuPG FP: 72 FB 39 4F 3C 3B D6 5B E0 C8 5A 6E F1 2C BE 99 > 2011 PGP KeyID: 32A492D8 / Email: abre...@gmail.com > 2011 PGP FP: 7834 AEC2 EFA3 565C A4B6  9BA4 0ACB AD85 32A4 92D8 > -- Derek Atkins 617-623-3745 de...@ihtfp.com www.ihtfp.com Computer and Internet Security Consultant ___ Discuss mailing list Discuss@blu.org http://lists.blu.org/mailman/listinfo/discuss
Re: [Discuss] Any Postfix + ipv6 people out there?
On Thu, May 31, 2012 1:43 pm, Daniel Hagerty wrote: > "Derek Atkins" writes: > >> In either case it is most likely a postfix configuration issue, but I'm >> at >> a loss for how to fix it. I added [fe80::]/10 to mynetworks, but I >> haven't been able to figure out how to get it to output more debugging >> to >> tell me exactly which rules are affecting the mail. > > fe80:: addresses are lacking meaning without a scope indicator. Try > [fe80::%eth0]/10 for mynetworks, rather than what you did. Sorry, I did do this (I was being terse in my last reply). I actually tried both [fe80::]/10 and [fe80::%eth0]/10 in mynetworks. Neither seems to have worked. > That it even let you say that is probably a bug. Scoped addressing > is a corner case, with all of the bugs that come with it. Are you sure > you wouldn't rather be using a relatively debugged scopeless address? Yes, I'm sure. I need this to work for a while during a transition phase. Right now my ipv6 address space is over a tunnel that I do not want to use for general traffic, which is why I don't want to just turn on v6 for everything. I'd be happy to somehow turn off link local addresses, but I don't know how to do that, frankly. But honestly it should be straightforward to debug postfix to figure out why it's blocking my local hosts when they come in via v6 link-local but not when they come in via v6-public or via v4. Alternatively I can just specify the handful of sender addresses as whitelisted, but I'd rather do it via address than sender-from. I can't figure out how to get postfix to log its processing to tell me what is being permitted/denied.. Maybe smtpd_log_access_permit_actions = static:all? -derek -- Derek Atkins 617-623-3745 de...@ihtfp.com www.ihtfp.com Computer and Internet Security Consultant ___ Discuss mailing list Discuss@blu.org http://lists.blu.org/mailman/listinfo/discuss
[Discuss] [SOLVED] Re: Any Postfix + ipv6 people out there?
Hi, Daniel Hagerty writes: > "Derek Atkins" writes: > >> Yes, I'm sure. I need this to work for a while during a transition phase. >> Right now my ipv6 address space is over a tunnel that I do not want to use >> for general traffic, which is why I don't want to just turn on v6 for >> everything. I'd be happy to somehow turn off link local addresses, but I >> don't know how to do that, frankly. But honestly it should be >> straightforward to debug postfix to figure out why it's blocking my local >> hosts when they come in via v6 link-local but not when they come in via >> v6-public or via v4. > > ULA (rfc4193, fd00::/8 addresses that you generate randomly, don't > need scope)? You can't turn link local off, it's similar to "I want to > run tcp without this pesky IP thing". Unlike link-local, ULA isn't > magic "no-routing, avoid selecting this address" sauce. Much like > rfc1918 in these regards. > > ACL processing is a specific area that's prone to breakage when > something has a slight flub in link-local handling. The fact that it > let you specify nonsense without complaining doesn't make me feel warm > and fuzzy about it's handling of link local being 100% sane. > > Can't help you with the detailed postfix debugging, it hasn't given > me a lot of reason to get that angry with in longer than memory for that > level of detail. The source is somewhat approachable as I remember, if > only to find out how to crank the debugging up. FYI, the issue was due to the way linux handles link local scoping and postfix not handling that in the string. I.e., Linux declared the address to be fe80::...%eth0, and postfix didn't like the "%eth0" part. Somewhere between 2.7.7 and 2.9.2 postfix was patched to remove the trailing "%..." portion, so upgrading to 2.9.2 fixed the problem for me. IPv6 link local addresses now match properly. I'm sending this for the logs and for future generations of researchers :) -derek -- Derek Atkins, SB '93 MIT EE, SM '95 MIT Media Laboratory Member, MIT Student Information Processing Board (SIPB) URL: http://web.mit.edu/warlord/PP-ASEL-IA N1NWH warl...@mit.eduPGP key available ___ Discuss mailing list Discuss@blu.org http://lists.blu.org/mailman/listinfo/discuss
Re: [Discuss] iPhone vs. Android - the backup problem
Shirley Márquez Dúlcey writes: > On 7/19/2012 12:52 AM, Edward Ned Harvey wrote: >> >> Oh - This is definitely *not* a full system backup. I can copy anything in >> the filesystem (and without root, just anything within the sdcard). If I >> lost or replaced my phone, I would have all the stuff I care about the most >> (photos, music, etc), but I would still need to figure out what apps to >> install, what accounts to connect, and what settings I wanted... > > One of the nice things about the Amazon Appstore is that it has a full > record of all the apps you have bought including free ones. It would > be nice if the Google Play store had the same kind of record. At least > then you would have a central place to see what apps you have > installed in the past and might want to install again. Google Play does. Go into Settings -> My Apps, and then slide the screen right-to-left from "Installed" to "All". > Discuss mailing list > Discuss@blu.org > http://lists.blu.org/mailman/listinfo/discuss -derek -- Derek Atkins, SB '93 MIT EE, SM '95 MIT Media Laboratory Member, MIT Student Information Processing Board (SIPB) URL: http://web.mit.edu/warlord/PP-ASEL-IA N1NWH warl...@mit.eduPGP key available ___ Discuss mailing list Discuss@blu.org http://lists.blu.org/mailman/listinfo/discuss
Re: [Discuss] 802.11N confusion
Guy Gold writes: > On Thu, Jul 19, 2012 at 8:44 AM, Laura Conrad wrote: > >> I want wireless N, 4 or more wired ethernet ports, good enough range to >> websurf in the back yard, and other things being equal, cheaper is >> better. Any recommendations? > > Greetings, > > My recommendation is not the right one, because you need a router, however > for folks who run their router on a different hardware, and just need > a wireless access-point - > then, there's no need to pay the price for the router part of it. > > I ordered "Edimax EW-7228APn 150Mbps 11n" , for 30$ on Amazon, and it is doing > its job. Looks nice, but it only supports b/g/n. Personally I want something is is dual-band and supports a/b/g/n simultaneously. >>As people said two years ago, even the expensive ones from reputable >>companies have a remarkable number of bad reviews. > > most of the WiFi trouble I've seen, were due to poor placement of the > WAP. This is true. Placement is important. -derek -- Derek Atkins, SB '93 MIT EE, SM '95 MIT Media Laboratory Member, MIT Student Information Processing Board (SIPB) URL: http://web.mit.edu/warlord/PP-ASEL-IA N1NWH warl...@mit.eduPGP key available ___ Discuss mailing list Discuss@blu.org http://lists.blu.org/mailman/listinfo/discuss
Re: [Discuss] Rob Conery's critique of MySQL?
Mark Woodward writes: > That being said, my personal opinion is that *anyone* who chooses > MySQL without a clear and present "Only MySQL will with our apps" > requirement, is not much of a DBA and a terrible engineer. This sounds like a relugious argument, not a technical argument. Replace "MySQL" with "Python", or "Shell" above and it can read just as vitriolic. > I've been using PostgreSQL for over 15 years and it is one of those > tools that I keep in my belt because it is just amazing at how easy it > makes otherwise difficult tasks. Every year it keeps getting better. I > have been on far too many projects where some guy chooses MySQL > because everyone else does and stuff that would be trivial in > PostgreSQL are a nightmare. On the flip side, I have yet to see > something that would be easy with MySQL that isn't equally as easy > using PostgreSQL. And I have the inverse. I've been using MySQL for over 10 years, I'm comfortable with it. The one or two times I had to interact with PG I had no idea what it was doing or how to talk to it. IIRC I couldn't even figure out how to get it to simply give me the list of tables in a database, let alone quit out of the client! With MySQL it's a simple "explain ;". I'm sure PG has some way to do it, and *ONCE YOU KNOW IT* it's simple. However once you've spent 10, 15 years with a tool then you don't want to spend another 10-15 years learning another tool just to get as comfortable as you are now. > As I tell my son, "You have to own your opinions. Merely accepting > someone else's opinion isn't good enough. Believe what you want, but > make sure you understand what you believe and why." Sure, and there's a lot to be said for using tools with which you are comfortable. Like everything, it's a tool. The key is using the right tool for the job. Just because you need an RDBMS does NOT imply that PG is *the* right tool. It is *a* right tool. There are other choices, and those other choices *are* valid. It all depends on the requirements. Without knowing the requirements all other discussion is purely rhetorical or religious, neither of which belong on a technical list. -derek -- Derek Atkins, SB '93 MIT EE, SM '95 MIT Media Laboratory Member, MIT Student Information Processing Board (SIPB) URL: http://web.mit.edu/warlord/PP-ASEL-IA N1NWH warl...@mit.eduPGP key available ___ Discuss mailing list Discuss@blu.org http://lists.blu.org/mailman/listinfo/discuss
Re: [Discuss] Rob Conery's critique of MySQL?
Mark Woodward writes: > On 07/30/2012 05:28 PM, Derek Atkins wrote: >> Sure, and there's a lot to be said for using tools with which you >> are comfortable. Like everything, it's a tool. The key is using the >> right tool for the job. Just because you need an RDBMS does NOT >> imply that PG is *the* right tool. It is *a* right tool. There are >> other choices, and those other choices *are* valid. It all depends >> on the requirements. Without knowing the requirements all other >> discussion is purely rhetorical or religious, neither of which >> belong on a technical list. > > As a start, off the top of my head, I can describe one MySQL problem > that absolutely eliminates it from consideration for a production > database. > > Suppose you have the "street map" database of the USA or some other > very very large table, millions of rows. In production, your query > performance is poor. You do some analysis and work out an index that > betters your query performance substantially. You want to deploy that > new index WITHOUT bringing down the site. Well, with MySQL, "create > index" and "drop index" LOCK the tables as they are operating. LOCK > THE TABLES. Think about that. In PostgreSQL, Oracle, and any "real" > database, "create index" and "drop index" only impact performance in > as much as any other transaction. When they are done, presto! your > query is faster. Neat, huh? > > That is just one problem that I consider a show stopper. You should > watch the first 15 minutes of the video that started this message > chain. In fact, I would wager, if you watched the whole thing, you'd > never consider MySQL again. It's a show stopper if you have an application that needs that large a piece of data. However if you only need a half-dozen tables with a few hundred or maybe a few thousand lines, then this isn't an issue. Sure, PG is "technically" better in that it doesn't have this drawback, but in the real-world example of a low-end application you just never hit those cases where PG really shows its strengths. -derek -- Derek Atkins, SB '93 MIT EE, SM '95 MIT Media Laboratory Member, MIT Student Information Processing Board (SIPB) URL: http://web.mit.edu/warlord/PP-ASEL-IA N1NWH warl...@mit.eduPGP key available ___ Discuss mailing list Discuss@blu.org http://lists.blu.org/mailman/listinfo/discuss
Re: [Discuss] virtualization overhead
Rich Pieri writes: > On Sun, 5 Aug 2012 07:47:49 -0700 > Rich Braun wrote: >> As for how it could be possible: CPU performance far exceeds that of >> any current I/O. So emulation overhead drops way below the roughly 3% >> CPU overhead that I recall measuring. Throw a big RAM cache >> underneath your VM, and you can get blazing fast numbers. > > Ah-hah! Yes. If you cache I/O then you bypass the trap and emulate > latency. You will see similar performance on bare metal. But you did > stipulate not caching I/O so as to avoid data loss in case of a power > failure. If you take the cache away then performance drops to the > disk and controller at which point you should see a small but > measurable performance hit on the emulated controller. If you don't > then there's probably still some caching going on somewhere. It also depends whether you are trying to optimize for read performance or write stability. Obviously you'd be best with both, but having a large write-through cache for improved read performance might be a good compromise. You get cached speeds for reads, but writes go through the cache (so are slower, but safer). I have no idea how one would implement this. -derek -- Derek Atkins, SB '93 MIT EE, SM '95 MIT Media Laboratory Member, MIT Student Information Processing Board (SIPB) URL: http://web.mit.edu/warlord/PP-ASEL-IA N1NWH warl...@mit.eduPGP key available ___ Discuss mailing list Discuss@blu.org http://lists.blu.org/mailman/listinfo/discuss
Re: [Discuss] hosts.equiv
Hi, dan moylan writes: > i have a script to rsync a number of directories between two > computers on my local net and would like to avoid having to > enter my password for each one. i thought i could do this > using hosts.equiv, but it's not working for me. i solved > this once before a number of years ago, but i'm undoubtedly > forgetting something now. any help would be appreciated. Try using SSH with RSA Keys? > tia, > ole dan -derek -- Derek Atkins, SB '93 MIT EE, SM '95 MIT Media Laboratory Member, MIT Student Information Processing Board (SIPB) URL: http://web.mit.edu/warlord/PP-ASEL-IA N1NWH warl...@mit.eduPGP key available ___ Discuss mailing list Discuss@blu.org http://lists.blu.org/mailman/listinfo/discuss
Re: [Discuss] Intel CedarView GPU driver, can one make it work?
Dan Ritter writes: >> So if you read no further into this posting, remember this next time >> you're enticed by a snazzy new PC. Your first question shall be: is the GPU >> from NVIDIA? No? Fuhgeddaboutit. > > For accelerated video support, you need to be careful what > you're buying from NVIDIA, too. Cards in the 7xxx and earlier > series are no longer supported by MythTV, for instance. Buy a > new high end card and you may not get support from an > installable kernel. > > (The GT220 is more or less optimal for MythTV, and has apparently been > discontinued.) I have a GT218 in my Zotac ION/nettop box and it works great as a Myth frontend! I installed F17 and just added the nvidia driver via yum from rpmfusion and the VDPAU works great. 1080 HD going out HDMI with a system load of about 0.3. My next project for this box is to try to get the BluRay player working on Linux. Now *that* I expect to be a major trial. :-/ -derek -- Derek Atkins, SB '93 MIT EE, SM '95 MIT Media Laboratory Member, MIT Student Information Processing Board (SIPB) URL: http://web.mit.edu/warlord/PP-ASEL-IA N1NWH warl...@mit.eduPGP key available ___ Discuss mailing list Discuss@blu.org http://lists.blu.org/mailman/listinfo/discuss
Re: [Discuss] When should a new thread be initiated?
Or at least change the subject lone? -derek Sent from my HTC smartphone - Reply message - From: "Jerry Natowitz" To: "blu" Subject: [Discuss] When should a new thread be initiated? Date: Thu, Jan 3, 2013 7:19 PM Not talking about process threads, just wondering when a discussion thread is so off-topic that it should be renamed and promoted to a new high level thread. Not that there is a current discussion in that category :-) -- Jerry Natowitz ===>j.natowitz (at) gmail.com ___ Discuss mailing list Discuss@blu.org http://lists.blu.org/mailman/listinfo/discuss ___ Discuss mailing list Discuss@blu.org http://lists.blu.org/mailman/listinfo/discuss
[Discuss] The perpetual question: current "best" HDD?
Hey all, I'm looking to replace some 1TB HDDs in a s/w RAID-10 array with some 2TB models. The existing drives have been running flawlessly for a few years, so they are due to get swapped out anyways. I did have one disk fail a year or so ago so it was swapped out, and I bought a cold spare at the same time so I have one more spare (of the same type/model as the replacement drive). So I'm looking for another pair of drives that I can use as the mirrors (so each mirror has one of type/batch-A and one of the yet-to-be-bought set of drives). Of course, when I bought the drives warranties were 3 or 5 years, not the '1 or 2' years they are now. So I'm looking for the "best value" 2TB drives available today -- lowest price for highest quality + good warranty. It looks like I can pretty much only choose between WD and Seagate nowadays -- I guess lots of consolidation in the market? (My existing drives were Hitachi, which in my experience were always great drives). What's the current going theories and best practices? Any concrete suggestions (links to NewEgg or some other vendor would be appreciated). :) Thanks, -derek -- Derek Atkins, SB '93 MIT EE, SM '95 MIT Media Laboratory Member, MIT Student Information Processing Board (SIPB) URL: http://web.mit.edu/warlord/PP-ASEL-IA N1NWH warl...@mit.eduPGP key available ___ Discuss mailing list Discuss@blu.org http://lists.blu.org/mailman/listinfo/discuss
Re: [Discuss] The perpetual question: current "best" HDD?
Rich Pieri writes: > Drives categorized for server use will typically have 3-5 year > warranties. The 1-2 year warranties are for desktop drives. Server > drives also cost more for little or no actual benefit other than the > warranty. > > Because disks are consumables these days. Treat them like the tires of > your car: something to be used up and replaced before they fail > outright. Get a stack of disks that you can afford and preferably from > different manufacturing batches just in case there is a systemic fault. > Use 'em up and toss/recycle them in 3-4 years. That is kind of the point, but I'm trying to find ones that *will* last 3-4 years but wont break the bank today. I don't mind buying new drives periodically. But I'm trying to figure out which ones to buy now. Kinda hard to buy a bunch of drives simultaneously that are different or from different batches. ;) -derek -- Derek Atkins, SB '93 MIT EE, SM '95 MIT Media Laboratory Member, MIT Student Information Processing Board (SIPB) URL: http://web.mit.edu/warlord/PP-ASEL-IA N1NWH warl...@mit.eduPGP key available ___ Discuss mailing list Discuss@blu.org http://lists.blu.org/mailman/listinfo/discuss
Re: [Discuss] Returned to the NVIDIA fold
"Rich Braun" writes: > After last month's Intel CedarView driver debacle, and at Tom's suggestion to > dig through the MythTV forum for comments about graphic cards, I chose a new > system. The MythTV forums are relatively quiet on this topic, so I had to > make an educated guess. > > The product I chose is the Zotac Zbox ID80, which is based on the same > processor (Intel's discontiued Atom D2700 2.13GHz); $234 or so at any of the > major online vendors. It's got all the expected ports (including optical > S/PDIF which was missing from the Shuttle product) and includes an NVIDIA > GeForce GT 520M which is supported properly by the NVIDIA proprietary Linux > driver. I got the system up and running (on my usual OpenSUSE 12.2 distro, no > fiddling with Ubuntu/Fedora/everything else like I had to last time) in about > 30-40 minutes of effort; HD video playback uses about 6% CPU. > > The one tiny downside with this product is that the extra GPU chip costs extra > electric power: I'm measuring 29 watts idle, 33 watts during TV playback. If > only one could make the Shuttle product work (with the D2700's internal GPU), > then one could get power usage down to 13-14 watts. My future 10-watt video > front-end solution will just have to wait for the future to arrive. Yeah, I bought a bunch of Zotac machines for frontends as well, installed F17 w/ the NVidia drivers and it hums along quite nicely! > -rich -derek -- Derek Atkins, SB '93 MIT EE, SM '95 MIT Media Laboratory Member, MIT Student Information Processing Board (SIPB) URL: http://web.mit.edu/warlord/PP-ASEL-IA N1NWH warl...@mit.eduPGP key available ___ Discuss mailing list Discuss@blu.org http://lists.blu.org/mailman/listinfo/discuss
Re: [Discuss] Interesting rant about Gnome 3
Rich Pieri writes: > On Wed, 16 Jan 2013 03:49:16 -0500 > John Abreau wrote: > >> The example that appears in my link was about "Transmission". > > My quip about one button that doesn't do anything was supposed to be a > joke, not prophecy. This Gnome BS is enough to make me want to dump > modern desktops entirely and dig up my ancient TWM configuration files. I might still have mine lying around... I suspect on my next go-around I might wind up switching to XFCE. For now I am running in gnome-2 legacy mode. It's not as good as the real gnome2 was, however. :-/ -derek -- Derek Atkins, SB '93 MIT EE, SM '95 MIT Media Laboratory Member, MIT Student Information Processing Board (SIPB) URL: http://web.mit.edu/warlord/PP-ASEL-IA N1NWH warl...@mit.eduPGP key available ___ Discuss mailing list Discuss@blu.org http://lists.blu.org/mailman/listinfo/discuss
Re: [Discuss] Ext4, ugh! Re: Disk recovery utilities - dealing with deleted files
"Rich Braun" writes: > Edward Ned Harvey (blu) stated: >>> Well, ext4 performs so much better. If the only risk is the lack of >>> availability of undelete tools, then I say, the better solution is to use >>> ext4 and backups. > > Jack echoed: >> Ed, that seems like a better approach for most uses. > > But think about my use case: something like 95% of my data volume consists of > videos, be they ISOs of my DVD collection, stuff recorded off the air, or > home-video recordings. > > I care a whole LOT more about maintaining data integrity than I do about > performance. The only performance I really need is the ability to stream the > videos on demand, and the systems are 10x more powerful than that. Sounds like you want RAID1.. -derek -- Derek Atkins, SB '93 MIT EE, SM '95 MIT Media Laboratory Member, MIT Student Information Processing Board (SIPB) URL: http://web.mit.edu/warlord/PP-ASEL-IA N1NWH warl...@mit.eduPGP key available ___ Discuss mailing list Discuss@blu.org http://lists.blu.org/mailman/listinfo/discuss
Re: [Discuss] Free Mail Server
Mark Woodward writes: > Does anyone know of a free SMTP server that isn't in a black hole? If you have a gmail account I believe you can use google's SMTP server. -derek -- Derek Atkins, SB '93 MIT EE, SM '95 MIT Media Laboratory Member, MIT Student Information Processing Board (SIPB) URL: http://web.mit.edu/warlord/PP-ASEL-IA N1NWH warl...@mit.eduPGP key available ___ Discuss mailing list Discuss@blu.org http://lists.blu.org/mailman/listinfo/discuss
Re: [Discuss] On-site backups revisited - rsnapshot vs. CrashPlan
Jerry Feldman writes: [snip] > Also, rsnapshot has a decent logging mechanism. Unfortunately, rsnapshot > assumes a Unix/Linux file system (hence hard links), so you really could > not use it to back up a Windows file system in the same way. I don't understand this last statement. While I understand that you couldn't backup *to* a windows file system, I don't understand why you cannot backup a windows file system? -derek -- Derek Atkins, SB '93 MIT EE, SM '95 MIT Media Laboratory Member, MIT Student Information Processing Board (SIPB) URL: http://web.mit.edu/warlord/PP-ASEL-IA N1NWH warl...@mit.eduPGP key available ___ Discuss mailing list Discuss@blu.org http://lists.blu.org/mailman/listinfo/discuss
Re: [Discuss] On-site backups revisited - rsnapshot vs. CrashPlan
Jack Coats writes: > http://blog.backblaze.com/2013/02/20/180tb-of-good-vibrations-storage-pod-3-0/ > > A little off topic, but these guys have come out with 3.0 of their > 'big NAS server' build. > Storage upgrade is mainly 3T to 4T drives (45 of them), but they do have other > refinements and learnings that have come along with this upgrade they > share in the blog post. > > Worth the read for the uber-geeky. My understanding is that their requirements are for large-scale, write-once, read-rarely storage. I don't think their devices are tuned for high performance read-write operations that you would want from, e.g., a media server. -derek -- Derek Atkins, SB '93 MIT EE, SM '95 MIT Media Laboratory Member, MIT Student Information Processing Board (SIPB) URL: http://web.mit.edu/warlord/PP-ASEL-IA N1NWH warl...@mit.eduPGP key available ___ Discuss mailing list Discuss@blu.org http://lists.blu.org/mailman/listinfo/discuss
Re: [Discuss] nouveau E[DRM] GPU lockup - switching to software fbcon
Jerry Feldman writes: > I'm running Fedora 18, but I have received similar messages on 17 and > 16, but only on shutdownon my system. I've seen a lot of reports online, > but no solutions. Here is a link to a Fedora bug report: > https://retrace.fedoraproject.org/faf/reports/51548/ > > Obviously I have an NVIDIA graphics chip and am using nouveau driver. > The only issue I have with this is when I shutdown or reboot, I have to > press the power button. This comes late in the shutdown process after > all drives have been unmountedand MD has been deactivated, so at this > point it is a minor PIA. For me it's worse -- my system locks up in-use -- this is a MythTV Frontend in my office. For me I can *sometimes* reboot the system via an ssh login, but often I have to hard-reset via power. I have not been able to track it down, and have just resigned myself to frequent reboots. -derek -- Derek Atkins, SB '93 MIT EE, SM '95 MIT Media Laboratory Member, MIT Student Information Processing Board (SIPB) URL: http://web.mit.edu/warlord/PP-ASEL-IA N1NWH warl...@mit.eduPGP key available ___ Discuss mailing list Discuss@blu.org http://lists.blu.org/mailman/listinfo/discuss
Re: [Discuss] btrfs
Rich Pieri writes: > On Fri, 22 Feb 2013 11:29:42 -0500 > Jerry Feldman wrote: > >> So, assume I have 2 physical volumes, /dev/sda and /dev/sdb. >> mkfs.btrfs -d raid1 /dev/sda /dev/sdb >> What happens if I get a failure on /dev/sdb. >> Assume no snapshots. > > "-d raid1" means mirrored data. Metadata is mirrored by default even > on single drive volumes. > > If /dev/sdb faults then you should lose no data since every extent is > replicated on both /dev/sda and /dev/sdb. If a bit error arises on > either sda or sdb then a scrub will detect the error and it should > automatically correct it using the replica on the other device. I'm sure these are silly questions I could google myself, but: what happens with more than 2 devices? For example, if I used: mkfs.btrfs -d raid1 /dev/sda /dev/sdb /dev/sdc /dev/sdd It this going to be more like raid10? Also, can you add new devices "later" to an existing FS? E.g., let's say we start with 2 devices (sda, sdb) -- can I later add more devices? -derek -- Derek Atkins, SB '93 MIT EE, SM '95 MIT Media Laboratory Member, MIT Student Information Processing Board (SIPB) URL: http://web.mit.edu/warlord/PP-ASEL-IA N1NWH warl...@mit.eduPGP key available ___ Discuss mailing list Discuss@blu.org http://lists.blu.org/mailman/listinfo/discuss
Re: [Discuss] nouveau E[DRM] GPU lockup - switching to software fbcon
Jerry Feldman writes: > One possible solution or workaround is to use the proprietary nVIDIA > driver rather than nouveau. > http://www.if-not-true-then-false.com/2013/fedora-18-nvidia-guide/ IIRC I tried that and alas that didn't solve the problem for me.. -derek -- Derek Atkins, SB '93 MIT EE, SM '95 MIT Media Laboratory Member, MIT Student Information Processing Board (SIPB) URL: http://web.mit.edu/warlord/PP-ASEL-IA N1NWH warl...@mit.eduPGP key available ___ Discuss mailing list Discuss@blu.org http://lists.blu.org/mailman/listinfo/discuss
Re: [Discuss] btrfs
Dan Ritter writes: >> > "-d raid1" means mirrored data. Metadata is mirrored by default even >> > on single drive volumes. >> > >> > If /dev/sdb faults then you should lose no data since every extent is >> > replicated on both /dev/sda and /dev/sdb. If a bit error arises on >> > either sda or sdb then a scrub will detect the error and it should >> > automatically correct it using the replica on the other device. >> >> I'm sure these are silly questions I could google myself, but: what >> happens with more than 2 devices? For example, if I used: >> >> mkfs.btrfs -d raid1 /dev/sda /dev/sdb /dev/sdc /dev/sdd >> >> It this going to be more like raid10? > > No, that's still RAID1: two copies of every file, no striping. > If you want striping+mirroring, turn on -d RAID10. How is it still raid1? Maybe my definitions and your definitions are different here. Let's say that each device is 1TB. If I have 2, then obiously I only have 1TB of storage because each extent is duplicated on both drives. However if I have 4 drives, you imply I get 2TB of storage (because still, each extent is mirrored on two drives). But what I don't understand is how is this not effectively "raid 10"? You're combining storage from multiple drives into a single filesystem larger than the mirrored drives. >> Also, can you add new devices "later" to an existing FS? E.g., let's >> say we start with 2 devices (sda, sdb) -- can I later add more devices? > > Yes, and you can convert between RAID0, 1 and 10 in a > live-but-slow fashion. Live conversion is always a good thing.. Of course to migrate from my existing system I think I need something else, but that's a different story, and one to solve once I have a few extra thousand dollars sitting around. > -dsr- -derek -- Derek Atkins, SB '93 MIT EE, SM '95 MIT Media Laboratory Member, MIT Student Information Processing Board (SIPB) URL: http://web.mit.edu/warlord/PP-ASEL-IA N1NWH warl...@mit.eduPGP key available ___ Discuss mailing list Discuss@blu.org http://lists.blu.org/mailman/listinfo/discuss
Re: [Discuss] ssh tunnels
Bill Horne writes: > On 2/22/2013 11:04 AM, Rich Pieri wrote: >> On Fri, 22 Feb 2013 11:00:13 -0500 >> Bill Horne wrote: >> >>> Speaking of ssh tunnels, can someone figure out how to tunnel through >>> ssh to a virtual domain? >> Clarify what you mean by "virtual domain". > > Many web servers, mine included, are set up so that they deliver > different pages, based on which domain name is included in the http > headers sent with the request. This is a requirement of HTTP/1.1 -- you need to send the Host: header in the HTTP headers to tell the server the target hostname. > For example: > > 67.190.84.154 - - [17/Feb/2013:15:42:25 -0800] "GET / HTTP/1.1" 200 > 4816 "http://billhorne.com/"; "Mozilla/5.0 (Windows NT 6.1; WOW64; > rv:18.0) Gecko/20100101 Firefox/18.0" Well, this isn't *quite* what's going on. You're seeing a log message, but it's not necessarily showing you what's in the HTTP request. The '200' is the response code from the server which means "Success". The request looks like: GET / HTTP/1.1 Host: billhorne.com [snip] > Of course, it's also possible to set up the server so that it delivers > the same page no matter which domain name is included in the > headers. There is usually a default "splash" page to handle requests > that are for an invalid domain, or which were sent with only an IP > address. Since ssh tunnels require that the browser access the > tunneled site via a localhost port, Apache doesn't get the desired > domain name in the header, and it delivers the default page instead of > the one that the user wanted. SSH has nothing to do with this. SSH just performs TCP connection proxying, either directly via a -L or -R port-forwarding line, or via a -D SOCKS proxy. In neither case does it affect the HTTP headers being sent, it only (potentially) changes the target IP that gets contacted. For example, I use FoxyProxy in firefox along with an ssh Socks Proxy to allow myself to connect to a bunch of 'behind the firewall' web services. Firefox sets the Host header to the target based on the URL, foxyproxy routes it over ssh, ssh sends it to the "correct" server. > Bill -derek -- Derek Atkins, SB '93 MIT EE, SM '95 MIT Media Laboratory Member, MIT Student Information Processing Board (SIPB) URL: http://web.mit.edu/warlord/PP-ASEL-IA N1NWH warl...@mit.eduPGP key available ___ Discuss mailing list Discuss@blu.org http://lists.blu.org/mailman/listinfo/discuss
Re: [Discuss] btrfs
Dan Ritter writes: > On Tue, Feb 26, 2013 at 12:44:32AM +, Edward Ned Harvey (blu) wrote: >> performance should be approx N-1 disks times a single disk >> Incrementally expandable by adding individual disks? I know raidz is not. > > Yes, and also live-convertible to different raid schemes (albeit > slowly). > >>From the faq: > > +++ > How much space do I get with unequal devices in RAID-1 mode? I presume this is also true of RAID-10 mode? > If your largest device is bigger than all of the others put > together, then you will get as much space as all the smaller > devicess added together. Otherwise, you get half of the space of > all of your devices added together. > > For example, if you have disks of size 3TB, 1TB, 1TB, your > largest disk is 3TB and the sum of the rest is 2TB. In this > case, your largest disk is bigger than the sum of the rest, and > you will get 2TB of usable space. > > If you have disks of size 3TB, 2TB, 2TB, then your largest disk > is 3TB and the sum of the rest of 4TB. In this case, your > largest disk is smaller than the sum of the rest, and you will > get (3+2+2)/2 = 3.5TB of usable space. > +++ If you add new disks to an existing array (to grow the array) will it rebalance the stripes across the new disks? If so, will it do it automatically or does it require a user process to rebalance? (Note that rebalancing slowly is fine for my usage, provided it's a live rebalance). I've a similar question about replacing a disk with a larger one -- will it properly rebalance? > -dsr- -derek -- Derek Atkins, SB '93 MIT EE, SM '95 MIT Media Laboratory Member, MIT Student Information Processing Board (SIPB) URL: http://web.mit.edu/warlord/PP-ASEL-IA N1NWH warl...@mit.eduPGP key available ___ Discuss mailing list Discuss@blu.org http://lists.blu.org/mailman/listinfo/discuss
Re: [Discuss] btrfs
Rich, Rich Pieri writes: > On Mon, 25 Feb 2013 10:53:28 -0500 > Derek Atkins wrote: > >> How is it still raid1? > > What Btrfs calls "RAID" isn't actually RAID. It isn't redundant disks. > What Btrfs calls "RAID" is actually striped or mirrored data and > metadata. > > Say that you have four devices in a Btrfs volume. There are three > different ways that you can configure data storage for the volume. Pay > attention because this is quite different from what ZFS does. > > The first is what Btrfs calls data raid0: striped data. In this > configuration, if you write a large file then the file extents will be > distributed across all four devices in the volume as evenly as possible. > > The second is what Btrfs calls raid1: mirrored data. In this > configuration, a given file is assigned to two devices in the volume, > with all data written to both devices. It should be noted that devices > are not mirrored. In a three device raid1 volume, file1 may be written > to sda and sdb while file2 may be written to sda and sdc, and file3 may > be on sdb and sdc. The three device raid1 is a great way to demonstrate > the nature of Btrfs data and metadata mirroring as different from > traditional and ZFS RAID1. > > The third is what Btrfs calls raid10: striped and mirrored data. In this > configuration, a large file's extents will be distributed across all > four devices in the volume, just like raid0. In addition, a replica of > each extent will be written to a different device. Both copies of the > file are striped across the entire volume. Reads are balanced across > all devices in the volume. > > Btrfs raid10 requires at least four devices but can have more > than that including odd numbers of devices. Thank you for the detailed description. Could you give (or point me to) a brief description of how ZFS's RAID differs from these configurations? -derek -- Derek Atkins, SB '93 MIT EE, SM '95 MIT Media Laboratory Member, MIT Student Information Processing Board (SIPB) URL: http://web.mit.edu/warlord/PP-ASEL-IA N1NWH warl...@mit.eduPGP key available ___ Discuss mailing list Discuss@blu.org http://lists.blu.org/mailman/listinfo/discuss
Re: [Discuss] btrfs
Dan Ritter writes: > On Tue, Feb 26, 2013 at 11:00:58AM -0500, Derek Atkins wrote: >> Dan Ritter writes: >> >> > +++ >> > How much space do I get with unequal devices in RAID-1 mode? >> >> I presume this is also true of RAID-10 mode? > > I haven't done this myself, and I'm not sure. Fair enough. >> If you add new disks to an existing array (to grow the array) will it >> rebalance the stripes across the new disks? If so, will it do it >> automatically or does it require a user process to rebalance? (Note >> that rebalancing slowly is fine for my usage, provided it's a live >> rebalance). I've a similar question about replacing a disk with a >> larger one -- will it properly rebalance? > > Yes it can be rebalanced; no, it's not automatic. The command is > btrfs balance, and it can be paused, resumed and cancelled. The > same holds true for replacing disks. AWESOME. Now if only there were a FreeNAS equivalent based on BTRFS instead of ZFS ;) Maybe it'll happen by the time I'm ready to build a NAS server. It sounds like BTRFS will be exactly what I want. > -dsr- -derek -- Derek Atkins, SB '93 MIT EE, SM '95 MIT Media Laboratory Member, MIT Student Information Processing Board (SIPB) URL: http://web.mit.edu/warlord/PP-ASEL-IA N1NWH warl...@mit.eduPGP key available ___ Discuss mailing list Discuss@blu.org http://lists.blu.org/mailman/listinfo/discuss
Re: [Discuss] FOSS email that doesn't suck -- does such a thing exist?
Jerry Feldman writes: > On 03/28/2013 10:58 AM, Rich Pieri wrote: >> An interesting note about Thunderbird: >> >> Someone with a clue implemented a maildir storage backend for the >> local cache. This quietly entered release as a beta feature in >> version 12. This might make T-Bird worth trying again. >> > Thunderbird currently meets all my needs, but it occasionally > freezes. I've manually deleted all index files and compacted all > folders, but I don't think the freeze is due to a corrupted mbox > folder. Converting from mbox to maildir would eliminate the mbox > issue. I considered Evolution, but I didn't like it the last time I > evaluated email clients. I used Claws for a while, but I do like to > send html email to some lists and people. Unfortunately Evolution is the only app I have found that will allow me to interact with my work's Exchange server. They have IMAP turned off, so my choices are basically MAPI or ActiveSync. -derek -- Derek Atkins, SB '93 MIT EE, SM '95 MIT Media Laboratory Member, MIT Student Information Processing Board (SIPB) URL: http://web.mit.edu/warlord/PP-ASEL-IA N1NWH warl...@mit.eduPGP key available ___ Discuss mailing list Discuss@blu.org http://lists.blu.org/mailman/listinfo/discuss
Re: [Discuss] FOSS email that doesn't suck -- does such a thing exist?
Richard Pieri writes: > On 3/28/2013 1:06 PM, Derek Atkins wrote: >> Unfortunately Evolution is the only app I have found that will allow me >> to interact with my work's Exchange server. They have IMAP turned off, >> so my choices are basically MAPI or ActiveSync. > > Do they have OWA/OWS enabled? If so then DavMail may be your friend. Hmm, I'll take a look at that again. I thought I looked at it a while ago but it looked like something that IT had to run. Looking again it looks like it might be a local proxy. I know that I can access corporate email via "Outlook Web Access Lite" to an owa address. And supposedly that's good enough for outlook to work, so I'll look at DavMail and see. Thanks, -derek -- Derek Atkins, SB '93 MIT EE, SM '95 MIT Media Laboratory Member, MIT Student Information Processing Board (SIPB) URL: http://web.mit.edu/warlord/PP-ASEL-IA N1NWH warl...@mit.eduPGP key available ___ Discuss mailing list Discuss@blu.org http://lists.blu.org/mailman/listinfo/discuss
Re: [Discuss] On Btrfs raid and odd-count disks
"Edward Ned Harvey (blu)" writes: >> From: discuss-bounces+blu=nedharvey@blu.org [mailto:discuss- >> bounces+blu=nedharvey@blu.org] On Behalf Of >> >> Its funny, but I never considered an odd number of drives as viable for >> raid1. > > What about a 3-way mirror? > More appropriately, look up raid-1e. It's a better description of btrfs > raid-1. Is there a way to set up btrfs such that it can suvive a failure of any two disks in the array (ala raid6 or raid-z2)? -derek -- Derek Atkins, SB '93 MIT EE, SM '95 MIT Media Laboratory Member, MIT Student Information Processing Board (SIPB) URL: http://web.mit.edu/warlord/PP-ASEL-IA N1NWH warl...@mit.eduPGP key available ___ Discuss mailing list Discuss@blu.org http://lists.blu.org/mailman/listinfo/discuss
Re: [Discuss] On Btrfs raid and odd-count disks
Richard Pieri writes: > On 4/10/2013 11:00 AM, Derek Atkins wrote: >> Is there a way to set up btrfs such that it can suvive a failure of any >> two disks in the array (ala raid6 or raid-z2)? > > Btrfs currently does not do n-way replication. It's in the works along > with raid5/6. > > It is possible to layer Btrfs on dm-raid and mdadm devices. You can > build ZFS-like subdevices as RAID1 or RAID5/6 and use these metadevices > to create your Btrfs volumes. Sure, but then you're subject to the raid5 write hole (and I think raid6 is also subject). I'm trying to avoid that by using a raiding filesystem like ZFS or BTRFS. -derek -- Derek Atkins, SB '93 MIT EE, SM '95 MIT Media Laboratory Member, MIT Student Information Processing Board (SIPB) URL: http://web.mit.edu/warlord/PP-ASEL-IA N1NWH warl...@mit.eduPGP key available ___ Discuss mailing list Discuss@blu.org http://lists.blu.org/mailman/listinfo/discuss
Re: [Discuss] On Btrfs raid and odd-count disks
Richard Pieri writes: > In retrospect, if you're looking at file systems as a means to prevent > write holes with RAID 5/6 then you're going about it wrong. Write holes > happen with every RAID level. They happen with RAID 5 and 6. They happen > with RAID 1 and RAID 10. Do not believe anyone who says that write holes > are unique to RAID 5/6 and their derivatives. They are mistaken. Any two > or more storage devices in a RAID set that are not atomically locked > together can suffer write holes. They can even happen with ZFS. The reason I'm looking at a filesystem here is that the WAY writes occur can affect the write-holes you get in RAID5 and RAID6. For example, ZFS does not overwrite the existing block, it will write to a new block and then after the write succeeds will it change the block-pointer. > This is not a RAID issue. RAID is about making the hardware tolerant to > faults. RAID does not care about the integrity of your data. And *THAT* is the problem. I was fault-tolerance *AND* data integrity. Which is why I'm looking towards ZFS and BTRFS as potential solutions that provide it. > Write holes happen when power to the storage devices is lost during > write operations. UPS and redundant power are the primary ways of > preventing write holes. If the server doesn't lose power, or it has time > to perform a graceful shutdown when mains fail, then no holes appear in > the data it holds. Or power to the CPU (assuming software raid) in the middle of a write. See above as to how ZFS works around this problem. Note, however, that ZFS assumes that *MEMORY* is not corrupted, so you definitely need to use ECC RAM. > Battery-backed cache is the second line of defense against write holes. > The battery prevents cache loss if redundant and backup power fail. > Non-volatile cache (SSD) is becoming a popular alternative to > battery-backed cache, although flash has its own set of power-related > problems. > > The last line of defense against corruption is a good backup history. > > ZFS and Btrfs will detect and if possible correct single-bit errors. > They may be able to prevent write holes if they can reliably control > every piece of I/O cache in the data stream. This includes the write > acceleration cache found on most modern disks' on-board controllers. Not > all of these reliably honor cache flush instructions from the host and > because of this they cannot be relied upon to maintain data integrity > under power fault conditions. When the drives lie to you it's hard to work around that, sure.. I *do* have a UPS with a good deal of uptime available, and I plan to get a secondary power backup (which I will probably have installed before I even get to build my new spiffy NAS), so power shouldn't be a problem, just potential hardware faults. -derek -- Derek Atkins, SB '93 MIT EE, SM '95 MIT Media Laboratory Member, MIT Student Information Processing Board (SIPB) URL: http://web.mit.edu/warlord/PP-ASEL-IA N1NWH warl...@mit.eduPGP key available ___ Discuss mailing list Discuss@blu.org http://lists.blu.org/mailman/listinfo/discuss
Re: [Discuss] On Btrfs raid and odd-count disks
Richard Pieri writes: > On 4/11/2013 9:28 AM, Derek Atkins wrote: >> The reason I'm looking at a filesystem here is that the WAY writes occur >> can affect the write-holes you get in RAID5 and RAID6. For example, ZFS >> does not overwrite the existing block, it will write to a new block and >> then after the write succeeds will it change the block-pointer. > > COW does not prevent write holes. > > ZFS prevents write holes by enforcing atomicity of all writes to > storage. It does this by controlling all of the I/O caching involved in > the write process from system RAM down to the write acceleration cache > on the disks themselves. ZFS updates the file system only after all > cache points have confirmed being flushed. > > If any of these points lie about their status then write holes can > appear under power fault conditions. The RAID level does not matter. If > the hardware does not provide for the required write atomicity then you > can suffer write holes under power fault conditions. > > Both ZFS and Btrfs provide facilities for automatically "erasing" write > holes. The process is called "scrubbing". The scrubbing process walks > through the entire file system tree, recalculates all file and metadata > checksums, and compares them to the stored checksums. Errors are > repaired using replica data. Oracle's documentation recommends a weekly > scrubbing schedule for consumer-grade disks and a monthly scrubbing > schedule for server-grade disks. Fair enough... I don't know if standard (e.g. DM-level) RAID5 or RAID6 provide for said "scrubbing"? Or detecting/handling disk read or (or worse, disk write) failures. -derek -- Derek Atkins, SB '93 MIT EE, SM '95 MIT Media Laboratory Member, MIT Student Information Processing Board (SIPB) URL: http://web.mit.edu/warlord/PP-ASEL-IA N1NWH warl...@mit.eduPGP key available ___ Discuss mailing list Discuss@blu.org http://lists.blu.org/mailman/listinfo/discuss
Re: [Discuss] On Btrfs raid and odd-count disks
Dan Ritter writes: > On Fri, Apr 12, 2013 at 10:51:21AM -0400, Derek Atkins wrote: >> Richard Pieri writes: >> > Both ZFS and Btrfs provide facilities for automatically "erasing" write >> > holes. The process is called "scrubbing". The scrubbing process walks >> > through the entire file system tree, recalculates all file and metadata >> > checksums, and compares them to the stored checksums. Errors are >> > repaired using replica data. Oracle's documentation recommends a weekly >> > scrubbing schedule for consumer-grade disks and a monthly scrubbing >> > schedule for server-grade disks. >> >> Fair enough... I don't know if standard (e.g. DM-level) RAID5 or RAID6 >> provide for said "scrubbing"? Or detecting/handling disk read or (or >> worse, disk write) failures. > > Disk read and write failures are events which ought to be > reported by the disk interface. I've certainly seen enough of > them. There are occasions where they won't be, though... the one > time that happened to me, it was an earlyish 3Ware RAID card > that turned out to have problems with non-passive PCI risers. Disk write errors are RARELY reported by the disk interface, because the write error can happen due to multiple causes, few of which the interface can report. Disk READ errors generally are reported, however, but by then it can be too late to save your data. > mdadm has a sort of scrub facility available, in which it reads > all the bits -- see /sys/block/$array/md/sync_action "reading" all the bits is not necessarily sufficient. I'd like something that can actually correct on-disk write errors via parity and checksum. A raw mirror isn't sufficient because you don't know which mirror has the "good" data. I don't know enough about RAID5 and RAID6 to know if there is proper ECC within the RAID itself or if you need additional data. ZFS (and possibly BTRFS) seem to have enough metadata to correct small errors. > Most HW RAID controllers have something similar available. Frankly I don't want a HW RAID controller; I'd rather use something is a more controllable and controller-agnostic. > -dsr- -derek -- Derek Atkins, SB '93 MIT EE, SM '95 MIT Media Laboratory Member, MIT Student Information Processing Board (SIPB) URL: http://web.mit.edu/warlord/PP-ASEL-IA N1NWH warl...@mit.eduPGP key available ___ Discuss mailing list Discuss@blu.org http://lists.blu.org/mailman/listinfo/discuss
Re: [Discuss] Remote builds (Re: SVN server - What hardware do I need?)
"Rich Braun" writes: > In 2013, I changed jobs and am faced with the same toolchain (but this time on > a django/python stack instead of java/tomcat; the sooner I can evict PyPI's > 'pip install' from the building the happier I and everyone else will be!). > For whatever reason, Jenkins or an equivalent build server hadn't yet been > implemented so I've got a greenfield project and authorization to yank out > whatever I want to yank out (assuming I can persuade developers to go > along;-) > > Right now, developers are expected to spend their first days (perhaps a couple > of weeks) wrestling with getting a couple of VMs set up with vagrant on their > MacBooks, dealing with permissions issues, and using that mess of code to > install other masses of code on a dozen different Amazon EC2 instances. Jenkins is pretty cool for system builds, but I'm not sure how well it works for developer build & test builds. Unless you have Jenkins set up such that each developer has their only build chain I still feel (as a developer) that I need more control over my local build & test prior to "commit/push". I.e., I want to be able to do a "local" build and run my own local tests and debugging before I push my changes to a place where others pick them up. I have not seen a Jenkins install/configuration that supports that. Jenkins is great for building feature branches, release branches, and running automated packaging and testing. But I don't think it works well for a developer build+test cycle where you might need to run through a dozen or two compile & test cycles to make sure you've fixed your bug. In short, I think developers still need their own build (and test) environments locally. -derek -- Derek Atkins, SB '93 MIT EE, SM '95 MIT Media Laboratory Member, MIT Student Information Processing Board (SIPB) URL: http://web.mit.edu/warlord/PP-ASEL-IA N1NWH warl...@mit.eduPGP key available ___ Discuss mailing list Discuss@blu.org http://lists.blu.org/mailman/listinfo/discuss
Re: [Discuss] Home Routers
Jack Coats writes: > I am a cheap so-and-so, so I got a eBayed Linksys WRT610N that does > well in our application. Supposedly you can plug a USB drive in it to > do NAS and DLNA, but the reports is that it doesn't do well. I > haven't even tried. The 2.4 works well, the 5 is a little weak, but > works. I've got a WRT610N (running dd-wrt). I can get it to push about 60mbps across the router but it starts dropping packets beyond that. -derek -- Derek Atkins, SB '93 MIT EE, SM '95 MIT Media Laboratory Member, MIT Student Information Processing Board (SIPB) URL: http://web.mit.edu/warlord/PP-ASEL-IA N1NWH warl...@mit.eduPGP key available ___ Discuss mailing list Discuss@blu.org http://lists.blu.org/mailman/listinfo/discuss
Re: [Discuss] api? rest maybe?
"Daniel C." writes: > On Wed, May 22, 2013 at 2:41 PM, Eric Chadbourne > wrote: >> Hi All, >> >> I've written a little web application and a friend of mine has asked for an >> api. I don't know much about this subject though rest looks understandable. >> Any suggestions for something to read? All clues welcome. > > REST should be fine. I may be old school, but I personally would > consider implementing a REST API to be "making it fancy". When I > write one-off web apps and I want to add an API, I just publicly > expose some of the functionality (with proper security measures in > place, of course) via a page that expects a POST and which returns > some formatted text. For example if I want an API for a personal > finance "app" (fancy word for a mish-mash of scripts) I might have the > following "API calls" (really just web pages that are more > programmer-friendly): > > - login.php: post credentials to this to get authenticated > - transaction.php: you can POST to this with a couple of fields that > define the transaction amount, a short description and optionally a > category. It prints out a simple success or failure message. > - balance.php: GET only, returns your current balance as an integer in text > form > > If I'm already using these filenames for the "normal" UI then I might > prepend them with api_. I'm not sure why you consider REST to be fancy? IMHO REST itself is pretty old school; it's been around as an architecture for more than a decade. The concept is that you have an object-oriented model for manipulation of data. Depending on your application you might consider a RESTful CRUD model (Create Read Update Delete). As an example, Ruby on Rails by convention uses CRUD+REST for both APIs and Human/WebPage interaction. For the personal finance app idea, I'd ask you "when you want to get the balance, what are you getting the balance of?" Your current example assumes you only have a single account, but most people have multiple accounts. A restful way of doing that would be to have a GET on /account//balance that would return the balance for the specified account. Or you could just do GET /account/ to get all the account attributes, of which balance would be one of them. > -Dan -derek -- Derek Atkins, SB '93 MIT EE, SM '95 MIT Media Laboratory Member, MIT Student Information Processing Board (SIPB) URL: http://web.mit.edu/warlord/PP-ASEL-IA N1NWH warl...@mit.eduPGP key available ___ Discuss mailing list Discuss@blu.org http://lists.blu.org/mailman/listinfo/discuss
Re: [Discuss] Are there any SSL certificate authorities that don't cost a king's ransom?
Bill Horne writes: > Jack, > > I can't use anything that's not /ALREADY/ accepted by default. Thanks > for your suggestion, but I'm just looking for a lower price. Have you considered startssl? They are in the default list. -derek -- Derek Atkins, SB '93 MIT EE, SM '95 MIT Media Laboratory Member, MIT Student Information Processing Board (SIPB) URL: http://web.mit.edu/warlord/PP-ASEL-IA N1NWH warl...@mit.eduPGP key available ___ Discuss mailing list Discuss@blu.org http://lists.blu.org/mailman/listinfo/discuss
Re: [Discuss] KeePassX
Richard Pieri writes: > Richard Pieri wrote: >> Your 4096-bit asymmetric key is either RSA or DH, both of which are VERY >> slow algorithms, too slow for general use. > > I correct myself: RSA or DSA. Not DH. Actually you were correct the first time. When you create a "DSA" key in OpenPGP it actually creates a pair of keys. DSA is a signature-only key. You cannot use "DSA" for encryption. So OpenPGP also defines a "DH" key (which technically isn't Diffie Hellman, technically it's an El-Gamal key, but it's more related to DH than RSA) which you use for encryption. So yes, technically, you are creating a DH key. -derek, former chair of the IETF OpenPGP Working Group -- Derek Atkins, SB '93 MIT EE, SM '95 MIT Media Laboratory Member, MIT Student Information Processing Board (SIPB) URL: http://web.mit.edu/warlord/PP-ASEL-IA N1NWH warl...@mit.eduPGP key available ___ Discuss mailing list Discuss@blu.org http://lists.blu.org/mailman/listinfo/discuss
Re: [Discuss] KeePassX
Richard Pieri writes: > Jerry Feldman wrote: >> I't has been a while, but if I recall, Derek was on a team that cracked >> an RSA key. I don't remember the details,but I still remember Derek's talk. > > RSA issued a number of factoring challenges for a range of RSA key > sizes from 100 to 2048 bits: > > http://en.wikipedia.org/wiki/RSA_Factoring_Challenge Yep. It was RSA-129, which was not part of the formal RSA Challenge, but rather was the number that Rivest, Shamir, and Adelman put forth in the 1977 Scientific American article. It took us 5000 MIPS-years over a period of 9 months in 1993-94 to factor the key. -derek -- Derek Atkins, SB '93 MIT EE, SM '95 MIT Media Laboratory Member, MIT Student Information Processing Board (SIPB) URL: http://web.mit.edu/warlord/PP-ASEL-IA N1NWH warl...@mit.eduPGP key available ___ Discuss mailing list Discuss@blu.org http://lists.blu.org/mailman/listinfo/discuss
Re: [Discuss] Comcast goes all encrypted video in Cambridge
Laura Conrad writes: >>>>>> "Bill" == Bill Bogstad writes: > > Bill> Any advice on cord cutting or good HDTV antennas? > > Don't literally cut the cord. My neighbor just plugs the coax from the > previous cable subscription into his TV and he says it's better than any > of the antennas he's tried. Unfortunately this will cease to work once Comcast encrypts Limited Basic. -derek -- Derek Atkins, SB '93 MIT EE, SM '95 MIT Media Laboratory Member, MIT Student Information Processing Board (SIPB) URL: http://web.mit.edu/warlord/PP-ASEL-IA N1NWH warl...@mit.eduPGP key available ___ Discuss mailing list Discuss@blu.org http://lists.blu.org/mailman/listinfo/discuss
Re: [Discuss] Why are all my hard drives slow on Ubuntu? (new computer)
Daniel Barrett writes: > On August 30, 2013, Scott Ehrlich wrote: >>>>You have 32G of ram on a 32bit OS [...] you'll be limited to 4G of ram. >>> I'm running the PAE version of the kernel... >>What does free reveal for available RAM? > > 32GB, of course! :-) > > total used free sharedbuffers cached > Mem: 33146880 603752 32543128 0 98460 309512 > -/+ buffers/cache: 195780 32951100 > Swap: 33496060 0 33496060 I think all of these questions about BIOS version, RAM, etc are red herrings, because the hardware clearly works fine in some (software) configurations and not in others, which implies the hardware itself is fine and it's the software to blame. SO. Look for software differences: * Perhaps try to run the Knoppix Kernel on Ubuntu? Or at least a similar version? * Try the extra command-line options to the kernel as pointed out earlier. * Check the actual drivers to see if you have the same kernel modules installed/running (lsmod). For example, maybe it's a UHCI v *HCI issue? * Check your module configuration parameters between the working and non-working systems Good Luck! -derek -- Derek Atkins, SB '93 MIT EE, SM '95 MIT Media Laboratory Member, MIT Student Information Processing Board (SIPB) URL: http://web.mit.edu/warlord/PP-ASEL-IA N1NWH warl...@mit.eduPGP key available ___ Discuss mailing list Discuss@blu.org http://lists.blu.org/mailman/listinfo/discuss
Re: [Discuss] Printer recommendations sought
Jerry Feldman writes: > On 09/18/2013 03:57 PM, Bill Horne wrote: >> I'm seeking performance data and recommendations for mid-range laser >> printers. >> >> The organization I work for has been using "home" grade printers, but >> they have a maximum life of around 30,000 pages, and I'd like >> something more robust. Please provide any pointers to ratings, >> durability info, etc. >> > The only printer brands I recommend are HP and Brother. Both support > Linux. The HP Color LaserJet we had in our office was very > reliable. The only problem we had was when we bought a third-party > cartridge and it caused black lines on all the paper we > printed. Solution we went back to HP toner cartridges and all was fine > again. We just bought a Xerox Phaser 6000DN. It works fine (read: I've configured it and used it) from Linux, Mac, and iDevices (via AirPrint). On Linux I did have to install a custom PPD which I grabbed from a working Mac. But that seemed to be sufficient to get my Fedora 18 system to connect and print just fine. I belive we paid somewhere between $250-400 for the printer. The toner cartridgges are said to last for ~5000 pages, +/-. -derek -- Derek Atkins, SB '93 MIT EE, SM '95 MIT Media Laboratory Member, MIT Student Information Processing Board (SIPB) URL: http://web.mit.edu/warlord/PP-ASEL-IA N1NWH warl...@mit.eduPGP key available ___ Discuss mailing list Discuss@blu.org http://lists.blu.org/mailman/listinfo/discuss
Re: [Discuss] Comcast goes all encrypted video in Cambridge
Bill Bogstad writes: > On Mon, Aug 19, 2013 at 11:53 AM, Derek Atkins wrote: >> Unfortunately this will cease to work once Comcast encrypts Limited >> Basic. > > Which I can confirm happened right on schedule yesterday in Cambridge. >The only channel which has been left unencrypted is the one playing > a continuous loop of how you have to lease equipment from Comcast due > to their desire to "improve service". i.e. Increase their revenues. > :-( Sorry to hear that.. Luckily they haven't done that here in Atlanta... Yet... But I'm sure it will happen soon. It means I need to look for some OTA antennas for my MythTV / HD-Homerun boxes.. > Bill Bogstad -derek -- Derek Atkins, SB '93 MIT EE, SM '95 MIT Media Laboratory Member, MIT Student Information Processing Board (SIPB) URL: http://web.mit.edu/warlord/PP-ASEL-IA N1NWH warl...@mit.eduPGP key available ___ Discuss mailing list Discuss@blu.org http://lists.blu.org/mailman/listinfo/discuss
Re: [Discuss] salt question
"Eric Chadbourne" writes: > Hi, > > I have a basic question about salt. > > I was reading this: > http://www.openwall.com/articles/PHP-Users-Passwords > > And don't quite understand this line: > "Salts are normally stored along with the hashes. They are not secret." > > So if they are not secret what is the advantage if your site is > exploited? Such as if the salt is stored in a config file couldn't > the attacker utilize this with his rainbow tables? Also I see in PHP > crypt() you don't have to supply a salt. How does that work? Is > there a distinct salt per hash, and if yes, where is this stored? > > I have a log in system I wrote myself with sha1 but from everything > I've been reading this seems inadequate. The advantage is that it prevents certain types of dictionary attacks. It does this because the same password generates a different hash when hashed with different salts. So if you and I both use password xx they wont hash to the same target in the database. So if someone gets a copy of the database they wont be able to see that you and I have the same password. Moreover, they wont be able to quickly see that you happen to use the same password on a dozen different sites, because each salt would be different so the hashes would all be different. In general the salt is unique per user. A global salt would at least help across multiple sites on different services. If you don't use a salt then it's a direct hash of your password, which would be the same as if there were a globally constant salt. > Thanks for any tips! Hope this helped? > -- > Eric Chadbourne > http://theMnemeProject.org/ -derek -- Derek Atkins, SB '93 MIT EE, SM '95 MIT Media Laboratory Member, MIT Student Information Processing Board (SIPB) URL: http://web.mit.edu/warlord/PP-ASEL-IA N1NWH warl...@mit.eduPGP key available ___ Discuss mailing list Discuss@blu.org http://lists.blu.org/mailman/listinfo/discuss
Re: [Discuss] Security Firm Recommendations Requested
Samuel Gechter writes: > Looking for a recommendation for a computer security firm. Anyone have a > firm that they have experience with and would recommend? A security firm to do what exactly? > Thanks, > Sam -derek -- Derek Atkins, SB '93 MIT EE, SM '95 MIT Media Laboratory Member, MIT Student Information Processing Board (SIPB) URL: http://web.mit.edu/warlord/PP-ASEL-IA N1NWH warl...@mit.eduPGP key available ___ Discuss mailing list Discuss@blu.org http://lists.blu.org/mailman/listinfo/discuss
Re: [Discuss] rsnapshot vs. rdiff-backup
Kent Borg writes: > A big consideration when looking at backups is to walk through the > restore scenario: how long will it take? Will that be good enough? > > I have used a home-brew backup scheme ping-ponged between two > different removable drives (one always disconnected, usually both are > disconnected and at least one off-site) and I used the hard link > option of rsync to store complete trees in an efficient way. > > The cool thing about this is that the restore time to access any given > file is to plug in the backup and mount the partition--likely > readonly. (Add more time or elaboration for whole disk or whole system > restoration.) > > But the point is to ask how the backup will be used, not just that the > data is theoretically in there someplace and could be pulled out. How would you use these systems to do a full system restore? > -kb -derek -- Derek Atkins, SB '93 MIT EE, SM '95 MIT Media Laboratory Member, MIT Student Information Processing Board (SIPB) URL: http://web.mit.edu/warlord/PP-ASEL-IA N1NWH warl...@mit.eduPGP key available ___ Discuss mailing list Discuss@blu.org http://lists.blu.org/mailman/listinfo/discuss
Re: [Discuss] rsnapshot vs. rdiff-backup
"Edward Ned Harvey (blu)" writes: > With my configuration, I get snapshot dates as follows: > > Nov 2 01:00 weekly.3/ > Nov 9 01:00 weekly.2/ > Nov 16 01:00 weekly.1/ > Nov 23 01:00 weekly.0/ Why is your weekly.0 more than a week out of date? I would've expected, based on the numbers, that your weekly.0 would be on Nov 30th. > Nov 28 01:00 daily.6/ > Nov 29 01:00 daily.5/ > Nov 30 01:00 daily.4/ > Dec 1 01:00 daily.3/ > Dec 2 01:00 daily.2/ > Dec 3 01:00 daily.1/ > Dec 4 01:00 daily.0/ > Dec 4 11:00 hourly.22/ > Dec 4 12:00 hourly.21/ > Dec 4 13:00 hourly.20/ To me this implies that the most recent weekly is 2 weeks old, not one week old. ?? -derek -- Derek Atkins, SB '93 MIT EE, SM '95 MIT Media Laboratory Member, MIT Student Information Processing Board (SIPB) URL: http://web.mit.edu/warlord/PP-ASEL-IA N1NWH warl...@mit.eduPGP key available ___ Discuss mailing list Discuss@blu.org http://lists.blu.org/mailman/listinfo/discuss
