Re: [expert] Spam Filtering with postfix
Have you taken a look at the Eric Raymond's implementation of a Bayesian statsistics spam filter (based on an idea by Paul Graham)? This way you don't have to build up the rules, instead they get built on the characteristics of good mail versus spam mail. I have heard good reports about it, but have not (yet) installed it myself. http://sourceforge.net/projects/bogofilter/ Dave > At the moment, I'm still a bit tight on the filters. I'm only getting > about 25% of the mail from this list! And I'm losing some personal mail. > I need to work out an "exceptions" list. Like a way to say: > > All mail from msn.com, except mail from @msn.com > > Should be a way Need to dig. > -- Dave Whiting Dar es Salaam, Tanzania Want to buy your Pack or Services from MandrakeSoft? Go to http://www.mandrakestore.com
Re: [expert] There will be a good MandrakeFuture?¡
This time Damian Gatabria <[EMAIL PROTECTED]> becomes daring and writes: >> Actually, just plain math will do...at least here in Mexico we get >> to learn that != moans "is different from" when in 9th or 10th >> grade. >> >> Vox > > Well, make it "just plain mexican math will do" then :o) > > Over here, we are taught that "is different from" is symbolized > with a striked-out " = " sign. You never took math in a computer then :) And you are actually right...we learned that the striked-out = is the symbol for that (I just asked a friend with better memory than me...it's been almost 20 years since 10th grade for me :)...he says I must have picked up the != from computer class we took that same year :) Vox -- Think of the Linux community as a niche economy isolated by its beliefs. Kind of like the Amish, except that our religion requires us to use _higher_ technology than everyone else. -- Donald B. Marti Jr. msg64422/pgp0.pgp Description: PGP signature
Re: [expert] There will be a good Mandrake Future?
This time James Sparenberg <[EMAIL PROTECTED]> becomes daring and writes: > Dang and me just being a shell hack, and an old one to boot remember > that Chrysler once went bankrupt.. Actually twice...once at the beginning of the Iaccoca age (he used it to stop the debt payments so he could sink money in the development of the K cars) and once a few years after him. Ford has gone Ch.11 too, IIRC. Vox -- Think of the Linux community as a niche economy isolated by its beliefs. Kind of like the Amish, except that our religion requires us to use _higher_ technology than everyone else. -- Donald B. Marti Jr. msg64421/pgp0.pgp Description: PGP signature
Re: [expert] It's up!
On Wed, 2003-01-15 at 22:13, Ric Tibbetts wrote: > My mail server is back up. > To fix it, I totally uninstalled postfix, and mutt (had to uninstall > mutt to satisfy a dependency). Then I cleaned out /etc/postfix, and did > a clean install, then laid my config files back in. > > It's up now (in fact, I 'm sending this on it). > > I still have no clear idea what went awry. Only that postfix became > irretrievably corrupt. > > I'm going to go plug in my X-Box now, and blow things up! > > Again, to all who assisted today, and a special thanks to Mark Weaver > for hanging in with me all day: > > THANK YOU!!! > > This is the greatest list in the world! > > Ric Spread the love around by letting the Mandrake peeps know that you appreciate Todd's help. LX -- °°° Kernel 2.4.18-6mdk Mandrake Linux 8.2 Enlightenment 0.16.5-11mdkEvolution 1.0.2-5mdk Registered Linux User #268899 http://counter.li.org/ °°° Want to buy your Pack or Services from MandrakeSoft? Go to http://www.mandrakestore.com
Re: [expert] There will be a good Mandrake Future?
On Tue, 2003-01-14 at 16:30, Miark wrote: > Ken, > > Don't be passive. If you, Ken Hawkins, want Mandrakesoft to prosper, > then you Ken Hawkins, should do what you can to see that happen. I'm > no suggesting taking out a bank loan to donate to Mandrake, but if > you had already planned on renewing your subscription, then you > should do so. > > If you don't, on the other hand, you'll be adding to their financial > challenges--challenges that may force Mandrakesoft to let go of great > people. I don't know about you, but I'd rather be part of the > solution than part of the problem--even if I lose my stupid club > membership money. > > And forget about pointing fingers at management. The current > financial woes are the remains of the old management, not the new. > Mistakes were made; mistakes were corrected--end of story. The only > question now is what we can do to help. > > Remember Kennedy's, "Ask not what your country can do for you--ask > what you can do for your country."? It's the same thing. > > Renew your membership. > > Miark > Miark: Excellent post! Kudos to you for that fine response. I can't add much to that, except to say that companies like Chrysler have weathered bankruptcy protection in the past, and look where they are today. Dennis Meyers was pointing this out in a post sometime yesterday. So there are successful companies out there (big ones) that have had the same dilemma as Mandrakesoft has now. And they have grown and prospered as a result. In this case, what doesn't kill you will make you stronger. LX -- °°° Kernel 2.4.18-6mdk Mandrake Linux 8.2 Enlightenment 0.16.5-11mdkEvolution 1.0.2-5mdk Registered Linux User #268899 http://counter.li.org/ °°° Want to buy your Pack or Services from MandrakeSoft? Go to http://www.mandrakestore.com
Re: [expert] Recognition of Todd Lyons
On Wed, 2003-01-15 at 14:08, Azrael wrote: > Can we combine this vote with the vote for what's in 9.1? > I vote Todd is bundled in with 9.1 so everyone gets to use him, even if > they aren't on the list. ;) Lol!! LX -- °°° Kernel 2.4.18-6mdk Mandrake Linux 8.2 Enlightenment 0.16.5-11mdkEvolution 1.0.2-5mdk Registered Linux User #268899 http://counter.li.org/ °°° Want to buy your Pack or Services from MandrakeSoft? Go to http://www.mandrakestore.com
Re: [expert] There will be a good Mandrake Future?¡
> Actually, just plain math will do...at least here in Mexico we get > to learn that != moans "is different from" when in 9th or 10th > grade. > > Vox Well, make it "just plain mexican math will do" then :o) Over here, we are taught that "is different from" is symbolized with a striked-out " = " sign. Damian Want to buy your Pack or Services from MandrakeSoft? Go to http://www.mandrakestore.com
[expert] ut2003
Hey all, Has anyone installed ut2003? I'm stumped - I've just spent the last two days trying to install but after about 6 or 7 hours, it goes into this loop where it keeps creating the same folder within it self ( it creates a folder called "scorched earth" and populates it with some files then under that directory it creates "scorched earth" then populates it with the same files as the last and keeps on going like that until I hit ^c to stop it) I've tried turning supermount completely off and stopping devfs in my lilo.conf file (just a wild guess) and I'm going to retry it to see how far it gets. Until then though, does anyone have any suggestions? I'm stumped. Thanks, Mike Want to buy your Pack or Services from MandrakeSoft? Go to http://www.mandrakestore.com
Re: [expert] rebuilding OO....
Damian, Took a look at mine... Yep you are right on a number of font types I've found that below 8 (or even at 8) I get nothing... Times was the only one that went smaller. I suspect but I'm not sure that is because these fonts don't go below 8. Not sure... James On Wed, 2003-01-15 at 18:22, Damian Gatabria wrote: > Hi. > > Some time ago i had the problem with fonts > dissapearing from OO. > I applied the usual workaround, and i can use it now, > however my OO installation is unable to render text of > size smaller than 8. > > > Does anybody know if rebuilding the src.rpm for OO from > Cooker will get rid of this problem and give me a fully-functional > office suite once again? > > thanks! > > Damian > > > __ > > Want to buy your Pack or Services from MandrakeSoft? > Go to http://www.mandrakestore.com Want to buy your Pack or Services from MandrakeSoft? Go to http://www.mandrakestore.com
Re: [expert] There will be a good Mandrake Future?
Dang and me just being a shell hack, and an old one to boot remember that Chrysler once went bankrupt.. James On Wed, 2003-01-15 at 20:58, Sascha Noyes wrote: > -BEGIN PGP SIGNED MESSAGE- > Hash: SHA1 > > On Wednesday 15 January 2003 08:38 pm, Damian Gatabria wrote: > > > bankruptcy PROTECTION != bankrupt > > > > you mean "bankrupcy protection!" = "bankrupt" > > > > right? > > > > really, it is possible that not all of the readers on > > this list are C programmers.. when trying to state > > something meant to be obvious, please do not save > > yourself from the hassle to type "is different from" :o) > > > > > > Damian > > (always with the stupidest comment at his fingertips) > > You don´t need to know C, python or perl will do ;-) > > Sascha > - -- > Please encrypt all correspondence. > PGP key available from: > http://individual.utoronto.ca/noyes/snoyes.asc > - -- > -BEGIN PGP SIGNATURE- > Version: GnuPG v1.2.1 (GNU/Linux) > > iD8DBQE+JjvggzJdfX+cTW8RAmiKAJwOdo5PLfl/ggnJAyJPqXpPInkqVQCfYxDL > e5PSDbyMkvUoPhVrqbgIl34= > =cecS > -END PGP SIGNATURE- > > > > __ > > Want to buy your Pack or Services from MandrakeSoft? > Go to http://www.mandrakestore.com Want to buy your Pack or Services from MandrakeSoft? Go to http://www.mandrakestore.com
[expert] rebuilding OO....
Hi. Some time ago i had the problem with fonts dissapearing from OO. I applied the usual workaround, and i can use it now, however my OO installation is unable to render text of size smaller than 8. Does anybody know if rebuilding the src.rpm for OO from Cooker will get rid of this problem and give me a fully-functional office suite once again? thanks! Damian Want to buy your Pack or Services from MandrakeSoft? Go to http://www.mandrakestore.com
Re: [expert] There will be a good Mandrake Future?
This time Sascha Noyes <[EMAIL PROTECTED]> becomes daring and writes: > On Wednesday 15 January 2003 08:38 pm, Damian Gatabria wrote: >> > bankruptcy PROTECTION != bankrupt >> >> you mean "bankrupcy protection!" = "bankrupt" >> >> right? >> >> really, it is possible that not all of the readers on >> this list are C programmers.. when trying to state >> something meant to be obvious, please do not save >> yourself from the hassle to type "is different from" :o) >> >> >> Damian >> (always with the stupidest comment at his fingertips) > > You don´t need to know C, python or perl will do ;-) Actually, just plain math will do...at least here in Mexico we get to learn that != moans "is different from" when in 9th or 10th grade. Vox -- Think of the Linux community as a niche economy isolated by its beliefs. Kind of like the Amish, except that our religion requires us to use _higher_ technology than everyone else. -- Donald B. Marti Jr. msg64412/pgp0.pgp Description: PGP signature
Re: [expert] There will be a good Mandrake Future?
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 On Wednesday 15 January 2003 08:38 pm, Damian Gatabria wrote: > > bankruptcy PROTECTION != bankrupt > > you mean "bankrupcy protection!" = "bankrupt" > > right? > > really, it is possible that not all of the readers on > this list are C programmers.. when trying to state > something meant to be obvious, please do not save > yourself from the hassle to type "is different from" :o) > > > Damian > (always with the stupidest comment at his fingertips) You don´t need to know C, python or perl will do ;-) Sascha - -- Please encrypt all correspondence. PGP key available from: http://individual.utoronto.ca/noyes/snoyes.asc - -- -BEGIN PGP SIGNATURE- Version: GnuPG v1.2.1 (GNU/Linux) iD8DBQE+JjvggzJdfX+cTW8RAmiKAJwOdo5PLfl/ggnJAyJPqXpPInkqVQCfYxDL e5PSDbyMkvUoPhVrqbgIl34= =cecS -END PGP SIGNATURE- Want to buy your Pack or Services from MandrakeSoft? Go to http://www.mandrakestore.com
Re: [expert] There will be a good Mandrake Future?
> bankruptcy PROTECTION != bankrupt you mean "bankrupcy protection!" = "bankrupt" right? really, it is possible that not all of the readers on this list are C programmers.. when trying to state something meant to be obvious, please do not save yourself from the hassle to type "is different from" :o) Damian (always with the stupidest comment at his fingertips) Want to buy your Pack or Services from MandrakeSoft? Go to http://www.mandrakestore.com
Re: [expert] printer driver in samba
Hi Buchan and All, : Did you join the domain? I assume it's a windows (NT or 2k?) : domain? Yes it is joined to the NT PDC. wbinfo -t says secret is good. : The default is "\", comment it out rather, as it's quite : difficult to get it right (you must have the quotes). Also, : for ACLs etc, it might be worthwhile disabling 'winbind use : default domain', at least to test ... I think the mismatched winbind separator is the cause. I made write_list and print_admin @"MyDomain\Print Admins" and the winbdin separator to "\". : This looks a bit suspect ... the one below for your hp5p loks : right : > print command = lp -d %p -o raw %s; rm -f %s Thanks I copied that from Samba Essentials for Windows Administrator 8( But I'm able to print on the LM9.0 box. : > [hp5p] : > comment = HP LaserJet 5P--Show Room : : You should use /var/spool/samba here unless you reall know what : you are doing. Anyway, in most cases you don't need per-printer : config, unless your printing defaults (in [printers]) are wrong. Thanks I changed that as well. I now successfully uploaded the W2K drivers from a W2K workstation. But can't upload NT4.0 drivers. I tried on a NT4.0 workstation it says they are uploaded, but I checked the directory. It's empty. Do you know why? Also I can't upload drivers by browsing server properties in printers. I can only do it by selecting the printer then add new driver. The books tells me otherwise. Also the print job from a windows machine prints out a page with some PJL commands, then a page of the print out and then some garbage. I assume this is driver's fault. Can it be because I have a Raw device setup in CUPS? They don't offer the printer driver (HP5P) when I choose add printer. I needed to select RAW device initially? I hope I'm not getting too annoying. And thank you in advance for your patience and expert advice. Regards, Norman Want to buy your Pack or Services from MandrakeSoft? Go to http://www.mandrakestore.com
Re: [expert] MNF vs SNF
On Wednesday 15 January 2003 02:32 am, JP wrote: > T E <[EMAIL PROTECTED]> deeg zun bes op schoal um hej te kinne schrieve: > > [snip] > > > > I highly recommend the newer one. I don't believe > > > there is any time bomb, and > > > I'm not sure if they require money after 6 months, > > > although it is certainly > > > worth what ever it is they charge. I subscribe, so > > > haven't actually purchased > > > a shrink wrap one. I think they get more money by > > > just donating so that is > > > what I did. > > > > Here is part of the reason why I believe there are > > only 6 months to register: I log into MNF and am > > greated with this text: > > > > "UPDATES: Don't forget to register your firewall to > > receive your free updates for 6 months. These updates > > are critical to keep your security product up to date > > and to maintain a high security level. These updates > > consist of improvements to most features, security > > fixes and more." > > > > Like I said updates are critical. And while this > > product may be worth every one of the 200,000 pennies > > spent on it, I need a FREE product since I basically > > have a 0 penny budget at the moment. > > > > It seems to me that if updates for SNF are free that > > may be the way to go. Don't get me wrong, I'd love to > > go with MNF, but I can't afford the price at the > > moment and will need eternal updates. > > it seems as if they try to get people to pay for the mnf updates, however, > I dont think you will have to do so in order to get the updates. > > first of all, i just checked a mandrake updates mirror and there is a > seperate directory for mnf, that one could simply use (add to urpmi etc.) > without mandrake even knowing it. > > second, this mnf is basically a (heavily modified and stripped down) > version of mandrake 8.2. for which updates are freely available. see also > snf, which has a similar relationship to 7.2, with many packages in the > snf update directory being a simlink to the 7.2 updates. > > all in all a rather unclear situation, as by reading the mandrake website > one would think you have to pay for security updates. > > JP To make matters even weirder there is no documentation for it!?!??! It says if you didn't get documentation with it, to purchase a copy or something to that affect. MNF is kicking my butt! Want to buy your Pack or Services from MandrakeSoft? Go to http://www.mandrakestore.com
[expert] It's up!
My mail server is back up. To fix it, I totally uninstalled postfix, and mutt (had to uninstall mutt to satisfy a dependency). Then I cleaned out /etc/postfix, and did a clean install, then laid my config files back in. It's up now (in fact, I 'm sending this on it). I still have no clear idea what went awry. Only that postfix became irretrievably corrupt. I'm going to go plug in my X-Box now, and blow things up! Again, to all who assisted today, and a special thanks to Mark Weaver for hanging in with me all day: THANK YOU!!! This is the greatest list in the world! Ric Want to buy your Pack or Services from MandrakeSoft? Go to http://www.mandrakestore.com
[expert] I'm sorry, but in KDE how do I remove the title bar for an application
I'm really sorry for asking such an apparently simple question which shouldn't really need an expert advise. However, I've been trying for an hour I just cannot figure out how to specify to KDE that I don't want the title bar for a specific application. I can't really believe that it should matter, but I do run Mandrake 9.0 and I have the following KDE packages installed: kdesdk-3.0.5a-1.1mdk kdevelop-2.1.3-6mdk kdelibs-devel-3.0.5a-1.1mdk kdenetwork-3.0.5a-1.1mdk kde-i18n-en_GB-3.0.3-2mdk kdeadmin-3.0.5a-1.1mdk kdemultimedia-3.0.5a-1.1mdk kdeutils-3.0.5a-1.1mdk kdebase-nsplugins-3.0.5a-1.1mdk kdepim-3.0.5a-1.1mdk kdegraphics-devel-3.0.5a-1.1mdk kdebase-3.0.5a-1.1mdk kdenetwork-devel-3.0.5a-1.1mdk kdegraphics-3.0.5a-1.1mdk kdebase-devel-3.0.5a-1.1mdk kdelibs-3.0.5a-1.1mdk kdetoys-3.0.5a-1.1mdk kdemultimedia-devel-3.0.5a-1.1mdk Truly, thanks in advance /Peter -- http://www.linearity.org/turtle/contact.html ``Deserves death! I daresay he does. Many that live deserve death. And some that die deserve life. Can you give it to them? Then do not be too eager to deal out death in judgement.'' -- Tolkien Want to buy your Pack or Services from MandrakeSoft? Go to http://www.mandrakestore.com
Re: [expert] Recognition of Todd Lyons
H.J.Bathoorn wrote: On Wednesday 15 January 2003 16:49, Lyvim Xaphir wrote: I want to make an official appeal to the Mandrake management to keep Todd Lyons securely in the company, in the recent light of current events regarding the Chapter 11. Todd Lyons has been an incredible asset to the Expert list, helping countless users with their problems and concerns. It would be a terrible loss to Mandrake and an even more terrible loss to all Mandrake users were anything to happen that would force him to seek other employment. We want him around and we want him to stay. Civileme was a huge asset to all of us here in North America, as well as the rest of the world. We don't want the same thing to happen to Todd Lyons. If this concerns you now is the time to make your support known. Thank you, Todd. LX I second that wholeheartedly. Where would we be without all those blues skies HarM HERE HERE! I concur with all that assert Todd's importance to the list. I see his service to the Mandrake distro as being an invaluable contribution to the Mandrake community of users. drjung -- J. Craig Woods UNIX Network/System Administration http://www.trismegistus.net/resume.html Character is built upon the debris of despair --Emerson Want to buy your Pack or Services from MandrakeSoft? Go to http://www.mandrakestore.com
Re: [expert] OT network backup solutions
On Wed, 2003-01-15 at 18:11, [EMAIL PROTECTED] wrote: > On Wed, 2003-01-15 at 00:28, Mark Belanger wrote: > > Can anyone recommend a backup solution for > > a fairly large(300 node) heterogeneous network. > > > > We currently have Solaris, Windows, Linux, SunOS, > > and DomainOS machines. > > Arkeia (commercial) and Amanda come to mind. For non-Linux backup > servers I've used Veritas' NetBackup. It has clients for most OSes. > > By solution do you mean "strategy" or "product"? Product. I'd prefer OpenSource but will consider others. Cost is a major factor. -Mark > > > > __ > > Want to buy your Pack or Services from MandrakeSoft? > Go to http://www.mandrakestore.com -- Mark Belanger <[EMAIL PROTECTED]> Want to buy your Pack or Services from MandrakeSoft? Go to http://www.mandrakestore.com
Re: [expert] OT network backup solutions
On Wed, 2003-01-15 at 17:30, Seth Zirin wrote: > On Wed, 2003-01-15 at 00:28, Mark Belanger wrote: > > Can anyone recommend a backup solution for > > a fairly large(300 node) heterogeneous network. > > > > We currently have Solaris, Windows, Linux, SunOS, > > and DomainOS machines. > > Hire an MIS department? Thanks. Very helpful. I wish I'd thought of that. -Mark > > Seth > > > > > __ > > Want to buy your Pack or Services from MandrakeSoft? > Go to http://www.mandrakestore.com -- Mark Belanger <[EMAIL PROTECTED]> Want to buy your Pack or Services from MandrakeSoft? Go to http://www.mandrakestore.com
Re: [expert] "Removable Media" icon
HarM, edit the .icewm/toolbar file and you can put the icons on the taskbar. Easy format for example prog Evolution jmail.png evolution added Evo to the bar. The icon has to be in /usr/share/icons/mini to get grabbed (it uses 16x16 icons) and if it's not there. It lists the app name. James On Wed, 2003-01-15 at 16:49, H.J.Bathoorn wrote: > On Wednesday 15 January 2003 23:31, Tom Brinkman wrote: > > On Wednesday January 15 2003 03:30 pm, James Sparenberg wrote: > > > Still like my two methods. > > > > > > If I use KDE in control center -> Look n Feel -> Desktop. Uncheck > > > enable desktop Icons. > > > > > > otherwise ... I use iceWM. *grin*. > > > > > > James > > > >That's been my solution for a long time. Even before that option > > existed and it took some hacking to get rid of icons ... useless as > > they are. Who wants a bunch of redundant icons (everything's already > > on the menus) cluttering up an otherwise perfectly good desktop ;) > > I (and the kids) do when I've installed games (i.e. Loki's Mindrover & Kohan) > or lately 'blender' who don't appear in the menu's. > > The 'skulls&bones" (my own brew) as a shutdown icon is a life(fsck) saver too. > If Icewm offered me icons it'd be our default desktop in a flash, it's my > personal favorite, but then I know (by heart) what's installed and what's > not. > > Xfce is rising fast in the polls lately too though...over here.=:o) > > Good Luck, > HarM > > > > __ > > Want to buy your Pack or Services from MandrakeSoft? > Go to http://www.mandrakestore.com Want to buy your Pack or Services from MandrakeSoft? Go to http://www.mandrakestore.com
RE: [expert] vfat mounting
found it! You can set a umask in the options. /dev/sda1 /home/jack/.crypto vfat user,iocharset=iso8859-1,kudzu,codepage=850,noauto,noexec,sync,umask=0077 1 2 On Wed, 2003-01-15 at 14:49, Jane wrote: > Add > mode=0600 > to the fstab entry > > -Original Message- > From: Jack Coates [mailto:[EMAIL PROTECTED]] > Sent: Wednesday, January 15, 2003 2:13 PM > To: [EMAIL PROTECTED] > Subject: [expert] vfat mounting > > > I've got a removable media device (sony memorystick) formatted as vfat > which I'm mounting as my home of tiny super-secret stuff like gnupg > and > figaro's password manager. The problem is that it insists on mounting > with some overgenerous permissions: > [jack@chupacabra jack]$ grep crypto /etc/fstab > /dev/sda1 /home/jack/.crypto vfat > user,iocharset=iso8859-1,kudzu,codepage=850,noauto,exec 1 2 > [jack@chupacabra jack]$ ls -la | grep .crypto > drwxrwxr-x4 jack jack16384 Dec 31 1969 .crypto/ > > I've been reading the mount and umask man pages and STFWing, but I > can't > figure out how to make it mount with reduced permissions... something > like 600 would be more like it. > -- > Jack Coates > Monkeynoodle: A Scientific Venture... -- Jack Coates Monkeynoodle: A Scientific Venture... Want to buy your Pack or Services from MandrakeSoft? Go to http://www.mandrakestore.com
Re: [expert]STOP the presses!! WAS: And the fun continues (it's d ead again)
> This is a multi-part message in MIME format... > > > On Wed, 15 Jan 2003 14:53:44 -0500, you wrote: > > > >I'm getting these. I'm using my work address for this discussion. > > > >I agree that port 25 is dead. The question is: Why & How? > > > >The line in /etc/services is fine. It's uncommented. > >smtp IS included in bastille-firewall.cfg > >postfix "is" running. > > > >I have no clue as to what closed that port! And I've rebooted a couple > >of times. So what ever is doing it, is persistant! > > > >BTW: I "can" get messages out. Just not in. > > > >Ric > > Hi Ric, > > Is port 25 blocked by the isp, some isp's block port 25 incoming to the user > on home accounts to stop people running mail servers. > > Can you borrow a old box from work and load a text only Mdk on it and leave > the box wide open, then moved your mail setting to it to see if that works. > If that works then move your firewall to it to see if that works. > A process of elimination will eventually find it. > > Gary. > Thanks Gary; I checked with my ISP on that. I've been running that server for a couple of years now. And if they blocked 25, it would block it for every one, and they don't. I now suspect that I've induced an error into my postfix configuration files. It was all working this morning, then I was tweaking those files, and it broke. (I stepped away for a little while to calm down.. and it started looking much clearer). If I could get ahold of Mark Weaver, he has a copy of my files as of last night (when they were working). Mark, if you're out there, semd 'em back!!! Thanks! -- Ric Tibbetts ISOMEDIA.COM - Premium Internet Services. http://www.isomedia.com Want to buy your Pack or Services from MandrakeSoft? Go to http://www.mandrakestore.com
Re: [expert]STOP the presses!! WAS: And the fun continues (it's d ead again)
On Wed, 15 Jan 2003 14:53:44 -0500, you wrote: >I'm getting these. I'm using my work address for this discussion. > >I agree that port 25 is dead. The question is: Why & How? > >The line in /etc/services is fine. It's uncommented. >smtp IS included in bastille-firewall.cfg >postfix "is" running. > >I have no clue as to what closed that port! And I've rebooted a couple >of times. So what ever is doing it, is persistant! > >BTW: I "can" get messages out. Just not in. > >Ric Hi Ric, Is port 25 blocked by the isp, some isp's block port 25 incoming to the user on home accounts to stop people running mail servers. Can you borrow a old box from work and load a text only Mdk on it and leave the box wide open, then moved your mail setting to it to see if that works. If that works then move your firewall to it to see if that works. A process of elimination will eventually find it. Gary. Want to buy your Pack or Services from MandrakeSoft? Go to http://www.mandrakestore.com
Re: [expert] Sony Micro Vault 128 - drakupdate_fsta loooooooop
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 oscar wrote on Thu, Jan 16, 2003 at 12:55:01AM +0100 : > Hi all, > I wrote to the list about sony micro vault 128 usb storage. Now I have it > working in my LM 8.2 thanks to Todd with modprobe sd_mod. > Now I have tested it in my LM 9.0 computer and I presume that we have a little > My computer was in a loop, and when I ran "top", I discovered a program which > was running over an over again eating 50% of cpu time: drakupdate_fsta. > How I stoped the loop? I should rename /usr/sbin/drakupdate_fsta to Well that just shows how much the kernel changed inbetween 8.2 and 9.0. Remove that line from /etc/modules.conf and that will get rid of the loop. As for how to make it automatic, look in /etc/hotplug/usb directory. You'll have to put a script there that will modprobe that module in. Blue skies... Todd - -- | MandrakeSoft USA | Sometimes you get what you want. | | http://www.mandrakesoft.com | Sometimes you get experience.| | http://www.mandrakelinux.com |--unknown origin | Cooker Version mandrake-release-9.1-0.1mdk Kernel 2.4.20-2mdk -BEGIN PGP SIGNATURE- Version: GnuPG v1.2.1 (GNU/Linux) iD8DBQE+Jfvnlp7v05cW2woRAoOEAJ99/w0DA3emN0HDdRSUXszATjBKiwCfSrlu auIiR7Gs2FRX9we1CspAzS8= =J/LT -END PGP SIGNATURE- Want to buy your Pack or Services from MandrakeSoft? Go to http://www.mandrakestore.com
Re: [expert] web cam for linux
thanks dave, i'll take a look at that bascule On Wednesday 15 Jan 2003 4:17 am, Dave Seff wrote: > I use the Philips PCA646VC. Works quite nicely. > > -Dave > > On Tue, 2003-01-14 at 19:37, bascule wrote: > > i would welcome recommendations from folk in the uk for a cheap basic > > webcam that will work with gnomemeeting etc. > > > > bascule -- We only remembers that the elves sang. We forgets what it was they were singing about. (Lords and Ladies) Want to buy your Pack or Services from MandrakeSoft? Go to http://www.mandrakestore.com
Re: [expert] MNF vs SNF
On Wed Jan 15, 2003 at 11:59:24AM -0800, T E wrote: > OK I guess this clears some of the confusion... Still > wonder why MDK left it so vague though. And you know > the funny thing? Click on the "register your > firewall" when you first enter the MNF box and you're > directed to > > "The page /products/mnf/register you are looking for > is missing" Yeah, I discovered this as well. This will be corrected quickly, from my understanding, but I'm not directly involved with it. I hope to see something there in the coming week. > Then again, they are having a few internal problems. > And while we're on the topic, does Chapter 11 affect > updates from mdk at all? Or is it nearly entirely > based upon the open source community? Not sure what you mean. Does the community make updated rpm packages for Mandrake? No. Are patches and whatnot available to the open source community at large? Sure is. You can grab RH's packages, figure out what patches were applied, and then try to apply them to your mdk packages and back-port as appropriate. Or build the new software from source yourself. There is nothing binding you to using mandrake updates if you really don't want to. > Now that I know that free updates are possible from a > license stand point, I'd hate to find out they aren't > feasible with the "new" company model... What "new" company model might that be? I'm afraid I don't know what you're insinuating here. -- MandrakeSoft Security; http://www.mandrakesecure.net/ "lynx -source http://linsec.ca/vdanen.asc | gpg --import" {FE6F2AFD : 88D8 0D23 8D4B 3407 5BD7 66F9 2043 D0E5 FE6F 2AFD} msg64394/pgp0.pgp Description: PGP signature
[expert] Sony Micro Vault 128 - drakupdate_fsta loooooooop
Hi all, I wrote to the list about sony micro vault 128 usb storage. Now I have it working in my LM 8.2 thanks to Todd with modprobe sd_mod. Now I have tested it in my LM 9.0 computer and I presume that we have a little problem with drakupdate_fsta. I wrote in /etc/modules.conf this line: alias /dev/sda sd_mod This is working ok in LM 8.2. But when I plugged the Sony Micro Vault to the usb port, and when I did "ls /dev/sda" I observed something like this in my /var/log/messages: - Jan 16 00:01:38 localhost kernel: SCSI device sda: 256000 512-byte hdwr sectors (131 MB) Jan 16 00:01:38 localhost kernel: sda: Write Protect is off Jan 16 00:01:38 localhost kernel: /dev/scsi/host1/bus0/target0/lun0: p1 p2 p3 p4 Jan 16 00:01:38 localhost kernel: USB Mass Storage support registered. Jan 16 00:01:41 localhost kernel: SCSI device sda: 256000 512-byte hdwr sectors (131 MB) Jan 16 00:01:41 localhost kernel: sda: Write Protect is off Jan 16 00:01:41 localhost kernel: /dev/scsi/host1/bus0/target0/lun0: p1 p2 p3 p4 Jan 16 00:01:44 localhost kernel: SCSI device sda: 256000 512-byte hdwr sectors (131 MB) Jan 16 00:01:44 localhost kernel: sda: Write Protect is off Jan 16 00:01:44 localhost kernel: /dev/scsi/host1/bus0/target0/lun0: p1 p2 p3 p4 Jan 16 00:01:46 localhost kernel: SCSI device sda: 256000 512-byte hdwr sectors (131 MB) Jan 16 00:01:46 localhost kernel: sda: Write Protect is off Jan 16 00:01:46 localhost kernel: /dev/scsi/host1/bus0/target0/lun0: p1 p2 p3 p4 Jan 16 00:01:49 localhost kernel: SCSI device sda: 256000 512-byte hdwr sectors (131 MB) Jan 16 00:01:49 localhost kernel: sda: Write Protect is off Jan 16 00:01:49 localhost kernel: /dev/scsi/host1/bus0/target0/lun0: p1 p2 p3 p4 Jan 16 00:01:52 localhost kernel: SCSI device sda: 256000 512-byte hdwr sectors (131 MB) Jan 16 00:01:52 localhost kernel: sda: Write Protect is off Jan 16 00:01:52 localhost kernel: /dev/scsi/host1/bus0/target0/lun0: p1 p2 p3 p4 Jan 16 00:01:55 localhost kernel: SCSI device sda: 256000 512-byte hdwr sectors (131 MB) Jan 16 00:01:55 localhost kernel: sda: Write Protect is off Jan 16 00:01:55 localhost kernel: /dev/scsi/host1/bus0/target0/lun0: p1 p2 p3 p4 and so on... My computer was in a loop, and when I ran "top", I discovered a program which was running over an over again eating 50% of cpu time: drakupdate_fsta. How I stoped the loop? I should rename /usr/sbin/drakupdate_fsta to drakupdate_fsta.deactivated. The loop finished inmediatly. And now this is the problem: If I want to use my sony mv128, I can't have a functional drakupdate_fsta. My questions: 1. How can I avoid the loop with drakupdate_fsta when I plug in the sony mv 128? 2. Is drakupdate_fsta a critical component of LM 9.0? Can my computer with LM 9.0 live without it? Thank you, -- Óscar Santacreu Usuario de Linux Registrado #227443 http://counter.li.org/ Windows Free Environment Want to buy your Pack or Services from MandrakeSoft? Go to http://www.mandrakestore.com
Re: [expert] MNF vs SNF
On Wed Jan 15, 2003 at 08:39:38PM +0100, JP wrote: [...] > > Yup. You can use urpmi and use whatever mirror you like to get > > updates. This should be just as secure as the "for pay" mirror... ie. > > md5sums are available and the file is GPG clearsigned. RPM packages > > can be validated via md5 and gpg sigs. > > thank god, no micro$$$oft practices. Absolutely not. Thats not at all what we're intending to do. > > The primary advantage to the for pay updates is you will have access to > > them instantly. I don't know what the infrastructure for the updates > > is, but I imagine there will be next to no delay for updates... you > > would get them almost immediately. Relying on third-party mirrors > > means a little bit of a delay, so it depends on how quickly you want > > your firewall patched up (if speed is important to you, getting > > "priority" updates may well be what you need/want). You also wouldn't > > have to worry about free mirrors being clogged when new distribs are > > released... anyone try to update software the day of a new Mdk or RH > > release? Have fun getting into most public mirrors that week. > > no problem for me :-) > I must admit though that this may indeed be a serious problem to many > people, certainly if it is about some critical security update. Right. And if it's important, then you should be willing to spend money on it, no? Look at it this way. We can provide "priority" FTP access to a mirror of our own if we really wanted to, but in the end this costs us a *lot* of money. Because everyone will want to use the official FTP site. So we pay bandwidth and whatnot for everyone to get updates from us. That's not a very good business model, especially considering the current financial situation. So, in order for you to get a service, you need to pay for it. Now, I don't know how much it costs, so I can't say if this something geared more towards the corporate world or the personal user. If you want updates quickly from a secure source, you need to pay for the privilege. Otherwise, you deal with third-party mirrors that may or may not be reliable, and that may have a few hours delay. If it's absolutely critical to you, you will pay. This is not a new way of doing business; many companies do similar to this. Correct me if I'm wrong, but I believe RH does something similar with their up2date stuff. [...] > > Nope, not at all. You're paying for access to a private FTP site. The > > updates themself are "free"; meaning publically available to anyone who > > wants them. Access to the private FTP site is the real issue here. > > > > I agree that it wasn't clearly worded, so I hope this provides a little > > less confusion for those who would like to use MNF but have some > > reservations thinking you might be charged for security updates. > > it does clarify alot indeed. Ok good... =) > as for the 'delay' one experiences when using mirror sites, I guess it > basically comes down to what one uses the box for. > > a home user will generally care less about such things, and also have a > smaller budget than say a corporate it department guy. apart from that, > mnf like snf is to be used as a firewall/nat router. once properly setup, > such a machine should not be running any services except a (local lan > only) sshd, leaving virtually no possiblities for intrusion but the ssh > packages (or a highly unlikely kernel networking related bug). > > in the end, it's all about priorities ;-) Exactly. And you get what you pay for. If you pay nothing, don't sit back, do nothing, and complain that you got nothing. =) -- MandrakeSoft Security; http://www.mandrakesecure.net/ "lynx -source http://linsec.ca/vdanen.asc | gpg --import" {FE6F2AFD : 88D8 0D23 8D4B 3407 5BD7 66F9 2043 D0E5 FE6F 2AFD} msg64392/pgp0.pgp Description: PGP signature
Re: [expert] "Removable Media" icon
On Wednesday 15 January 2003 23:31, Tom Brinkman wrote: > On Wednesday January 15 2003 03:30 pm, James Sparenberg wrote: > > Still like my two methods. > > > > If I use KDE in control center -> Look n Feel -> Desktop. Uncheck > > enable desktop Icons. > > > > otherwise ... I use iceWM. *grin*. > > > > James > >That's been my solution for a long time. Even before that option > existed and it took some hacking to get rid of icons ... useless as > they are. Who wants a bunch of redundant icons (everything's already > on the menus) cluttering up an otherwise perfectly good desktop ;) I (and the kids) do when I've installed games (i.e. Loki's Mindrover & Kohan) or lately 'blender' who don't appear in the menu's. The 'skulls&bones" (my own brew) as a shutdown icon is a life(fsck) saver too. If Icewm offered me icons it'd be our default desktop in a flash, it's my personal favorite, but then I know (by heart) what's installed and what's not. Xfce is rising fast in the polls lately too though...over here.=:o) Good Luck, HarM Want to buy your Pack or Services from MandrakeSoft? Go to http://www.mandrakestore.com
Re: [expert] evolution 1.2
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Aaron Matteson wrote on Wed, Jan 15, 2003 at 02:02:21PM -0800 : > Tools menu -> Settings Option -> Mail Accounts -> Choose Your Account -> > Edit -> Identity Tab -> Optional Information @ Bottom -> Default > Signature Aaron, do you think you could upload your public key to wwwkeys.us.pgp.net and/or www.keyserver.net? Blue skies... Todd - -- ...and I will strike down upon thee with great vengeance and furious anger, those who attempt to poison and destroy my binaries, and you will know my name is root, when I lay my vengeance upon thee. Cooker Version mandrake-release-9.1-0.1mdk Kernel 2.4.20-2mdk -BEGIN PGP SIGNATURE- Version: GnuPG v1.2.1 (GNU/Linux) iD8DBQE+JfM0lp7v05cW2woRAt1bAJ4s3wrZixwZnPGMJMTpJIxk3mjuGgCeIzU2 66Q6KSo+yOGJK8UadqPDY1M= =tsqx -END PGP SIGNATURE- Want to buy your Pack or Services from MandrakeSoft? Go to http://www.mandrakestore.com
Re: [expert] There will be a good Mandrake Future?
On Wed, Jan 15, 2003 at 13:38 -0800, Todd Lyons wrote: > > Speaking only for myself and not as representative of the company > because I don't know a great deal of what's going on. > > Francisco Alcaraz Ariza wrote on Wed, Jan 15, 2003 at 09:26:10PM +0100 : > > I am very sad by the notices about Mandrake bankrupt. > > Guys this is not the mailing list for this discussion. So I will end it > with the obvious: > bankruptcy PROTECTION != bankrupt > > Chapter 11 is bankruptcy protection. Google for it if you need more > info. Of course, we all know that. In the newsgroup and here were some kind souls to explain what Chapter 11 and the french equivalent (which is what MandrakeSoft applied for) really mean. But one thing is sure: there will be changes. And as long as we don't know which changes are to come all discussion here is void and only based on speculations. I have a very strong interest in seeing MandrakeSoft alive because I'd have to find a contract with some other project if my contract with MandrakeSoft will go down the drain. I have a much stronger interest in seeing MandrakeSoft alive because I really like it and after trying Caldera, Red Hat and SuSE it was the #1 for me since 5.3. So let's all keep calm and wait what comes out of this newest move from MandrakeSoft. Any "Mandrake should have this and Mandrake should have not done that!" is obsolete now and only interesting for history geeks. wobo -- If you don't understand or are scared by any of the above ask your parents or an adult to help you. Want to buy your Pack or Services from MandrakeSoft? Go to http://www.mandrakestore.com
Re: [expert]STOP the presses!! WAS: And the fun continues (it 's d ead again)
On Wed Jan 15, 2003 at 03:35:52PM -0500, Tibbetts, Ric wrote: [...] > >Here's something to think about, what if the portsentry didnt get > >completely > >removed, and left some cruft.. some of which happens to be blocking port > >25 > > What & where? > I took portsentry out of the startup, and rebooted the box. So it was > never run. I've also gone in, and tried "taming" it, to NOT block TCP rpm -e portsentry If you're not using it, get rid of it, entirely. Check /etc/hosts.{allow,deny} make sure there is nothing in there restricting port 25. Execute "iptables -L|grep smtp; iptables -L|grep 25" and see if you have any entries in there; see if iptables has blocked it. I've never played with bastille for a firewall, so have no clue how "solid" that is. Finally, "netstat -l --tcp -p". This will tell you what program is listening on what TCP port. Make sure something is listening to port 25 (and *not* to localhost.localdomain:25, but to eth0 or whatever your interface is), and see if it's postfix. Sending mail out is no tricky feat. More often that not, programs will use /usr/sbin/sendmail or /usr/lib/sendmail directly... the ability to send mail out does not determine whether or not an MTA is running; not definitively anyways. -- MandrakeSoft Security; http://www.mandrakesecure.net/ "lynx -source http://linsec.ca/vdanen.asc | gpg --import" {FE6F2AFD : 88D8 0D23 8D4B 3407 5BD7 66F9 2043 D0E5 FE6F 2AFD} msg64388/pgp0.pgp Description: PGP signature
Re: [expert] "Removable Media" icon
On Wednesday January 15 2003 03:30 pm, James Sparenberg wrote: > Still like my two methods. > > If I use KDE in control center -> Look n Feel -> Desktop. Uncheck > enable desktop Icons. > > otherwise ... I use iceWM. *grin*. > > James That's been my solution for a long time. Even before that option existed and it took some hacking to get rid of icons ... useless as they are. Who wants a bunch of redundant icons (everything's already on the menus) cluttering up an otherwise perfectly good desktop ;) -- Tom Brinkman Corpus Christi, Texas Want to buy your Pack or Services from MandrakeSoft? Go to http://www.mandrakestore.com
Re: [expert] OT network backup solutions
On Wed, 2003-01-15 at 00:28, Mark Belanger wrote: > Can anyone recommend a backup solution for > a fairly large(300 node) heterogeneous network. > > We currently have Solaris, Windows, Linux, SunOS, > and DomainOS machines. Arkeia (commercial) and Amanda come to mind. For non-Linux backup servers I've used Veritas' NetBackup. It has clients for most OSes. By solution do you mean "strategy" or "product"? Want to buy your Pack or Services from MandrakeSoft? Go to http://www.mandrakestore.com
Re: [expert] There will be a good Mandrake Future?
One point ... they take out the "fee" monthly from my card. Now if the company fails... they can't take out the fee and or I can stop payment through my ccard company. So if I pay.. I get the service until the service is no more, and then I don't pay. James On Wed, 2003-01-15 at 12:26, Francisco Alcaraz Ariza wrote: > I am very sad by the notices about Mandrake bankrupt. I hoped that the Club > development could be a good new commercial model for Mandrake; I am a silver > member and I have also bought a PowerPack to Mandrake Store. > > I am actually very happy with the 9.0 (also I was with 7.0, 7.2, 8.0 and 8.2), > I have tested other distributions, but I don't know mailing-list as actives > as the Mandrake ones (newbie, expert, cooker and this almost dead > crashtesters) and I have ever found solutions for my problems thanks to the > help of lot of Mandrake users ^_^; in fact I have never needed the 60 days > Mandrake official help for my bought packages of the different distributions. > > My Mandrake Club will expire in more or less a month, I was decided to renove > it, but now I am in a trouble. Will Mandrake dissapear and due to that I will > lost the money and the services of the club? or this will help Mandrake to > survive? > > I actually don't know what to do??? > > I am testing 9.1 beta and it looks pretty to a first beta... I will be a pity > to lost the 9.1.. > > Want to buy your Pack or Services from MandrakeSoft? Go to http://www.mandrakestore.com
RE: [expert] vfat mounting
Title: RE: [expert] vfat mounting Add mode=0600 to the fstab entry -Original Message- From: Jack Coates [mailto:[EMAIL PROTECTED]] Sent: Wednesday, January 15, 2003 2:13 PM To: [EMAIL PROTECTED] Subject: [expert] vfat mounting I've got a removable media device (sony memorystick) formatted as vfat which I'm mounting as my home of tiny super-secret stuff like gnupg and figaro's password manager. The problem is that it insists on mounting with some overgenerous permissions: [jack@chupacabra jack]$ grep crypto /etc/fstab /dev/sda1 /home/jack/.crypto vfat user,iocharset=iso8859-1,kudzu,codepage=850,noauto,exec 1 2 [jack@chupacabra jack]$ ls -la | grep .crypto drwxrwxr-x 4 jack jack 16384 Dec 31 1969 .crypto/ I've been reading the mount and umask man pages and STFWing, but I can't figure out how to make it mount with reduced permissions... something like 600 would be more like it. -- Jack Coates Monkeynoodle: A Scientific Venture...
Re: [expert] OT network backup solutions
On Wed, 2003-01-15 at 00:28, Mark Belanger wrote: > Can anyone recommend a backup solution for > a fairly large(300 node) heterogeneous network. > > We currently have Solaris, Windows, Linux, SunOS, > and DomainOS machines. Hire an MIS department? Seth Want to buy your Pack or Services from MandrakeSoft? Go to http://www.mandrakestore.com
Re: [expert] evolution 1.2
thanks. Didn't expect that it would have overridden the old info in that field just because it has a new option available, but hey, whatever. On Wed, 2003-01-15 at 14:02, Aaron Matteson wrote: > Tools menu -> Settings Option -> Mail Accounts -> Choose Your Account -> > Edit -> Identity Tab -> Optional Information @ Bottom -> Default > Signature > > On Wed, 2003-01-15 at 14:04, Jack Coates wrote: > > upgraded to Ximian's version 1.2 today so I could use Exchange > > Connector... Anyone know how to tell it that you don't want > > autogenerated signatures?? -- Jack Coates Monkeynoodle: A Scientific Venture... Want to buy your Pack or Services from MandrakeSoft? Go to http://www.mandrakestore.com
Re: [expert] printer driver in samba
On Wed, 15 Jan 2003, Norman Zhang wrote: > Hi Buchan and All, > > I have appended my smb.conf at the bottom of this email for you to review. > Your comments are greatly appreciated. I have also appended some additional > info of my LM9.0 system. > Did you join the domain? I assume it's a windows (NT or 2k?) domain? See comments below > Regards, > Norman > > ::: BTW, process is like this, browse to the Printers share on the > ::: machine, right-click the printer, choose properties, say no when > ::: offered to install a driver, click advanced, choose "New Driver". > :: > :: I do have printer_admin = @"MYNTDOMAIN\Print Admins", root. I also > :: set my Print Admins to be the primary group for the operators. I > :: also tried the process you described, but I still got access denied. > :: Does this have to do with CUPS? Do I need to use cupsaddsmb? But I > :: can't find the PPD from CUPS. They were available in the CUPS web > :: config. > : > : No, if you use the cupsaddsmb, you end up using generic ps drivers on > : the windows clients, in most cases you want the windows driver to be > : installed there. > > Thank you. I guess I won't proceed with cupsaddsmb further. > > ::: Well, you should also have some directories under there such as > ::: W32X86 etc. Check the perms of those, and also ensure the share has > ::: enabled write for whoever is trying to upload drivers. > :: > :: All subfolder are there. It is 755 for all subfolders. The > :: subfolders were created by Mandrake by default. I even did a > :: setfacl -m g:"ARKONDOMAIN\Print Admins":rwx /var/lib/samba/printers, > :: and gave rx access for all parent folders. But still unsuccessful 8( > :: Please help. > : > : You need write access to the folders *below* /var/lib/samba/printers, so > : try: > : # setfacl -d -m g:"ARKONDOMAIN\Print Admins":rwx /var/lib/samba/printers > : > :: Regards, > :: Norman > : > : It might help to send me your whole smb.conf so I can see exactly how > : you are setup. > > I tried changing the winbind separator to \ The default is "\", comment it out rather, as it's quite difficult to get it right (you must have the quotes). Also, for ACLs etc, it might be worthwhile disabling 'winbind use default domain', at least to test ... > # Samba config file created using SWAT > # from 0.0.0.0 (0.0.0.0) > # Date: 2003/01/14 14:44:12 > > # Global parameters > [global] > workgroup = ARKONDOMAIN > netbios name = PRNSERVER > server string = Samba Server %v > security = DOMAIN > encrypt passwords = Yes > obey pam restrictions = Yes > password server = PDCSERVER > log file = /var/log/samba/log.%m > max log size = 50 > socket options = TCP_NODELAY SO_RCVBUF=8192 SO_SNDBUF=8192 > printcap name = cups > character set = ISO8859-15 > os level = 18 > preferred master = No > local master = No > domain master = No > dns proxy = No > winbind uid = 1-2 > winbind gid = 1-2 > template shell = /bin/bash First try uncommenting just this: > winbind separator = + Then this: > winbind use default domain = Yes THis looks ok ... > printer admin = root, @"ARKONDOMAIN\Print Admins" > printing = cups This looks a bit suspect ... the one below for your hp5p loks right > print command = lp -d %p -o raw %s; rm -f %s > > [hp5p] > comment = HP LaserJet 5P--Show Room You should use /var/spool/samba here unless you reall know what you are doing. Anyway, in most cases you don't need per-printer config, unless your printing defaults (in [printers]) are wrong. > path = /var/spool/samba/hp5p > guest ok = Yes > printable = Yes > print command = lpr-cups -P %p -o raw %s > printer name = hp5p > This looks fine, don't know what you need the dos filetimes for though .. > [print$] > comment = Printer Drivers > path = /var/lib/samba/printers > write list = root, @"ARKONDOMAIN\Print Admins" > guest ok = Yes > dos filetimes = Yes > > [printers] > comment = All Printers > path = /var/spool/samba > guest ok = Yes > printable = Yes > browseable = No > > > > [root@prn root]# setfacl -d -m g:"Print Admins":rwx /var/lib/samba/printers/ > [root@prn root]# getfacl /var/lib/samba/printers > getfacl: Removing leading '/' from absolute path names > # file: var/lib/samba/printers > # owner: root > # group: root > user::rwx > group::r-x > group:Print Admins:rwx > mask::rwx > other::r-x > default:user::rwx > default:group::r-x > default:group:Print Admins:rwx > default:mask::rwx > default:other::r-x > > [root@prn root]# smbstatus > > Samba version 2.2.7 > Service uid gid pid machine > -- > IPC$ ARKONDOMAIN+domainadmin ARKONDOMAIN+Print Admins 5178 > 2139-1-20 (192.168.22.34) Tue Jan 14 14:45:23 2003 > IPC$ ARKONDOMAIN+domainadmin ARKONDOMAIN+Print Admins 5178 > 2139-1-20 (192.168.22.34) Tue Jan 14 14:44:49 2003 > > No locked files > > [root@prn printers]# ls -l > total 20 > drwxrwxr-x2 root root6 Nov 25 10:15 W32ALPHA/ > drw
Re: [expert] evolution 1.2
Tools menu -> Settings Option -> Mail Accounts -> Choose Your Account -> Edit -> Identity Tab -> Optional Information @ Bottom -> Default Signature On Wed, 2003-01-15 at 14:04, Jack Coates wrote: > upgraded to Ximian's version 1.2 today so I could use Exchange > Connector... Anyone know how to tell it that you don't want > autogenerated signatures?? -- Aaron M. Matteson [EMAIL PROTECTED] http://www.avlug.org/~mindstorm "If obstacles are what you see in your path... Then you have lost sight of your goal! " signature.asc Description: This is a digitally signed message part
Re: [expert] Custom Man-pages
Two sources of info. 1. man troff 2. http://www.tldp.org/HOWTO/mini/Man-Page.html James On Wed, 2003-01-15 at 11:00, Jim C wrote: > Lets say that you have a package that does not install manpages or that > you want to install some of your own manpages for users to look at. How > might a person go about doing this? > > > > > __ > > Want to buy your Pack or Services from MandrakeSoft? > Go to http://www.mandrakestore.com Want to buy your Pack or Services from MandrakeSoft? Go to http://www.mandrakestore.com
[expert] vfat mounting
I've got a removable media device (sony memorystick) formatted as vfat which I'm mounting as my home of tiny super-secret stuff like gnupg and figaro's password manager. The problem is that it insists on mounting with some overgenerous permissions: [jack@chupacabra jack]$ grep crypto /etc/fstab /dev/sda1 /home/jack/.crypto vfat user,iocharset=iso8859-1,kudzu,codepage=850,noauto,exec 1 2 [jack@chupacabra jack]$ ls -la | grep .crypto drwxrwxr-x4 jack jack16384 Dec 31 1969 .crypto/ I've been reading the mount and umask man pages and STFWing, but I can't figure out how to make it mount with reduced permissions... something like 600 would be more like it. -- Jack Coates Monkeynoodle: A Scientific Venture... Want to buy your Pack or Services from MandrakeSoft? Go to http://www.mandrakestore.com
Re: [expert] Recognition of Todd Lyons
On 15 Jan 2003 11:49:18 -0500 Lyvim Xaphir <[EMAIL PROTECTED]> wrote: > > I want to make an official appeal to the Mandrake management to keep > Todd Lyons securely in the company, in the recent light of current > events regarding the Chapter 11. > > Todd Lyons has been an incredible asset to the Expert list, helping > countless users with their problems and concerns. It would be a > terrible loss to Mandrake and an even more terrible loss to all Mandrake > users were anything to happen that would force him to seek other > employment. We want him around and we want him to stay. > > Civileme was a huge asset to all of us here in North America, as well as > the rest of the world. We don't want the same thing to happen to Todd > Lyons. If this concerns you now is the time to make your support known. > > Thank you, Todd. > > LX Count me in too - Todd is an invaluable contributor to this list, symbolic of the whole ethos of GNU/Linux. His advice, and that of others, has helped me out of many a scrape. It would be a great loss for Mandrake users if he went, tho' I daresay a great gain for some other list. David -- Registered Linux User #207521 "The only reason some people get lost in thought is because it's unfamiliar territory." (Paul Fix) Want to buy your Pack or Services from MandrakeSoft? Go to http://www.mandrakestore.com
Re: Re: Re: [expert]STOP the presses!! WAS: And the fun continues(it's d ead again)
On Wed, 2003-01-15 at 14:01, Chuck Burns wrote: > On Wed, January 15 2003 3:42 pm, Robert Goshko wrote: > *snip* > > woman = evil > Or, in the reverse.. > Man = 4 > Woman = 2 > man + woman = 6 > 6 sounds a lot like something else.. that's fun Or as The Pixies would have it, "and if the man is five, and if the devil is six, and if god is seven, this monkey's gone to heaven" -- Jack Coates Monkeynoodle: A Scientific Venture... Want to buy your Pack or Services from MandrakeSoft? Go to http://www.mandrakestore.com
Re: [expert] Recognition of Todd Lyons
Yes I agree Keeping guys like Todd is paramount to success. 90% of any companies intellectual property can best be found between the left and right ear of it's employee's. As for the Chapter 11 (or rather the French equivalent.) Info can be found http://www.mandrakesoft.com/company/press/briefs?n=/mandrakesoft/news/2405 http://www.ofb.biz/modules.php?name=News&file=article&sid=192 and http://newsforge.com/newsforge/03/01/10/2131224.shtml?tid=3 The only other thing I can say is... People keeps copies of the code. The thought of being relegated to Blue is a scary thought indeed. James On Wed, 2003-01-15 at 12:17, Jason Greenwood wrote: > Todd Rocks, nuff said. > > Thanks for all you've done.. > > H.J.Bathoorn wrote: > > On Wednesday 15 January 2003 16:49, Lyvim Xaphir wrote: > > > > > I want to make an official appeal to the Mandrake management to keep > > > Todd Lyons securely in the company, in the recent light of current > > > events regarding the Chapter 11. > > > > > > Todd Lyons has been an incredible asset to the Expert list, helping > > > countless users with their problems and concerns. It would be a > > > terrible loss to Mandrake and an even more terrible loss to all Mandrake > > > users were anything to happen that would force him to seek other > > > employment. We want him around and we want him to stay. > > > > > > Civileme was a huge asset to all of us here in North America, as well as > > > the rest of the world. We don't want the same thing to happen to Todd > > > Lyons. If this concerns you now is the time to make your support known. > > > > > > Thank you, Todd. > > > > > > LX > > > > > > > I second that wholeheartedly. > > Where would we be without all those blues skies > > > > HarM > > > > > > > > > > > > > > Want to buy your Pack or Services from MandrakeSoft? > > Go to http://www.mandrakestore.com > > Want to buy your Pack or Services from MandrakeSoft? Go to http://www.mandrakestore.com
[expert] evolution 1.2
upgraded to Ximian's version 1.2 today so I could use Exchange Connector... Anyone know how to tell it that you don't want autogenerated signatures?? -- Jack Coates Monkeynoodle: A Scientific Venture... Want to buy your Pack or Services from MandrakeSoft? Go to http://www.mandrakestore.com
Re: Re: Re: [expert]STOP the presses!! WAS: And the fun continues (it's d ead again)
On Wed, January 15 2003 3:42 pm, Robert Goshko wrote: *snip* > woman = evil Or, in the reverse.. Man = 4 Woman = 2 man + woman = 6 6 sounds a lot like something else.. that's fun -- Chuck Burns - Grand Bay, AL Man = Mars = 4th planet from Sun = 4 Woman = Venus = 2nd planet from Sun = 2 Man - Woman = -2 = Man divorce wife = less than he started with Want to buy your Pack or Services from MandrakeSoft? Go to http://www.mandrakestore.com
Re: Re: [expert]STOP the presses!! WAS: And the fun continues(it's d ead again)
On Wed, 2003-01-15 at 13:18, Chuck Burns wrote: > Man = Mars = 4th planet from Sun = 4 > Woman = Venus = 2nd planet from Sun = 2 > Man - Woman = -2 = Man divorce wife = less than he started with Is this "new" math? Last I checked 4 - 2 = 2 ;) But women are evil: Every man knows that to have a women, you need time and money: women = time * money We all know that time is money: time = money From this, we get: women = money * money = money ^ 2 Another fact, money is the root of evil: __ money = \/ evil So from this we get: __ woman = ( \/ evil ) ^ 2 Hence: woman = evil -- ...Rob -- If you don't understand or are scared by any of the above ask your parents or an adult to help you. = Robert Goshko Axis Computer Consulting Services, Inc President Sherwood Park, Alberta, Canada http://www.axis-dev.ca/ Supporting the Revolution In Your World = Registered Linux User #260513GNU/Linux i686 2.4.20-2mdk-725ca 1:32pm up 6:11, 5 users, load average: 2.89, 2.32, 2.19 signature.asc Description: This is a digitally signed message part
Re: [expert] Mandrake 9.1beta1 screen shots
On Wednesday 15 January 2003 21:34, James Sparenberg wrote: > Yep did forget that step... xfs needs to be restarted AND you need > to change fonts. To either xft or TTF fonts The ugly old ones still > look ugly in many cases. > > James True, but now that I've reset my fonts-->I have to do "uname -a" to find out where I am. Oh well, life's no bed of roses=:o) Thanks for the tips, James. Good luck, HarM Want to buy your Pack or Services from MandrakeSoft? Go to http://www.mandrakestore.com
Re: [expert] Recognition of Todd Lyons
Here Here! On Wed, 2003-01-15 at 11:08, Azrael wrote: > Can we combine this vote with the vote for what's in 9.1? > I vote Todd is bundled in with 9.1 so everyone gets to use him, even if > they aren't on the list. ;) > > On Wed, 2003-01-15 at 07:01, Ronald J. Hall wrote: > > On Wednesday 15 January 2003 01:56 pm, Ken Thompson wrote: > > > > > I'd like to add my Nickles worth also. I Cast a vote to keep Todd onboard. > > > Thanks for all your help Todd. > > > > Absolutely. Count my vote as well! :-) Want to buy your Pack or Services from MandrakeSoft? Go to http://www.mandrakestore.com
Re: [expert] There will be a good Mandrake Future?
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Speaking only for myself and not as representative of the company because I don't know a great deal of what's going on. Francisco Alcaraz Ariza wrote on Wed, Jan 15, 2003 at 09:26:10PM +0100 : > I am very sad by the notices about Mandrake bankrupt. Guys this is not the mailing list for this discussion. So I will end it with the obvious: bankruptcy PROTECTION != bankrupt Chapter 11 is bankruptcy protection. Google for it if you need more info. Blue skies... Todd - -- Todd Lyons -- MandrakeSoft, Inc. http://www.mandrakesoft.com/ Hey, I'm perfectly reasonable once you realize I'm right. -- John Buttery on Mutt Users ML Cooker Version mandrake-release-9.1-0.1mdk Kernel 2.4.20-2mdk -BEGIN PGP SIGNATURE- Version: GnuPG v1.2.1 (GNU/Linux) iD8DBQE+JdTclp7v05cW2woRAtu8AKDApXZZy93MULHrsChLey8TzaAZJwCfRagu tdedc/3oQmpJI0lZshftyGs= =NsLA -END PGP SIGNATURE- Want to buy your Pack or Services from MandrakeSoft? Go to http://www.mandrakestore.com
Re: [expert]STOP the presses!! WAS: And the fun continues (it 'sd ead again)
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Tibbetts, Ric wrote: | Chuck Burns wrote: | |> On Wed, January 15 2003 1:53 pm, Tibbetts, Ric wrote: |> *snip* |> |>> I agree that port 25 is dead. The question is: Why & How? |>> |>> The line in /etc/services is fine. It's uncommented. |>> smtp IS included in bastille-firewall.cfg |>> postfix "is" running. |>> |>> I have no clue as to what closed that port! And I've rebooted a couple |> |> |> |>> of times. So what ever is doing it, is persistant! |> |> |> |> Here's something to think about, what if the portsentry didnt get |> completely removed, and left some cruft.. some of which happens to be |> blocking port |> 25 | | | What & where? | I took portsentry out of the startup, and rebooted the box. So it was | never run. I've also gone in, and tried "taming" it, to NOT block TCP | and 25 is still solidly closed. | | "something" "somewhere" is closing 25. And possibly 110 (Mark, when you | did your scan, was 110 open?) yeah...110 was definately open. I did a second scan and now the only port that is showing closed is port 25. 110 and 143 are both open. - -- Mark - --- This laptop powered by Mandrake Linux 9.0.5 *lots of cooker packages* Paid for by Penguins against Modern Appliances PMA(R) - --- Linux User since 1996 ICQ# 27816299 -BEGIN PGP SIGNATURE- Version: GnuPG v1.0.7 (GNU/Linux) Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org iD8DBQE+JdPcJuZ1geTzHgERAkQ+AJ4iAFm0bv4pnX5HdV31m3oBykjukACfQVR5 uXK6JDpyMjQseBTL0/ysxB8= =DaMB -END PGP SIGNATURE- Want to buy your Pack or Services from MandrakeSoft? Go to http://www.mandrakestore.com
Re: [expert] Mandrake 9.1beta1 screen shots
Yep did forget that step... xfs needs to be restarted AND you need to change fonts. To either xft or TTF fonts The ugly old ones still look ugly in many cases. James On Wed, 2003-01-15 at 09:44, Mark Belanger wrote: > On Wed, 2003-01-15 at 11:29, Mark Weaver wrote: > > On Wednesday 15 January 2003 08:59 am, Mark Belanger scribbled nervously: > > > > James, > > > > > > > > Did you have to upgrade your glibc libraries to shoe-horn these packages > > > > in? > > > > > > I grabbed the src rpm and rebuilt it. > > > > > > -Mark > > > > I didn't. I upgraded glibc and the lot of them. glibc went in very cleanly, > > but I didn't see a change in the font appearance at all. :( > > Did you reboot or at least restart X? > > -Mark Want to buy your Pack or Services from MandrakeSoft? Go to http://www.mandrakestore.com
Re: [expert]STOP the presses!! WAS: And the fun continues (it's d ead again)
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Mark Weaver wrote on Wed, Jan 15, 2003 at 03:37:38PM -0500 : > > this is likely the weirdest problem I've ever seen. Its probably the most > persistant mystery yet! I'm absolutely drawing a blank here. service iptables stop rm /etc/sysconfig/iptables chkconfig iptables off Blue skies... Todd - -- Todd Lyons -- MandrakeSoft, Inc. http://www.mandrakesoft.com/ Hey, I'm perfectly reasonable once you realize I'm right. -- John Buttery on Mutt Users ML Cooker Version mandrake-release-9.1-0.1mdk Kernel 2.4.20-2mdk -BEGIN PGP SIGNATURE- Version: GnuPG v1.2.1 (GNU/Linux) iD8DBQE+JdO4lp7v05cW2woRApGUAJ0eDpIl2QdgEckXqruq+SO3hA2RVQCgjz7z bWUP1Nx6nzhPU/5WicMLyCI= =H/Ze -END PGP SIGNATURE- Want to buy your Pack or Services from MandrakeSoft? Go to http://www.mandrakestore.com
Re: [expert] Mandrake 9.1beta1 screen shots
No ... The only one from Cooker was the Freetype2 and it went in without complaint. The others are either 9.0 stock or from texstar, and built for 9.0 Otherwise the box is up2date on all rpms from MDK. James On Wed, 2003-01-15 at 04:49, Mark Weaver wrote: > -BEGIN PGP SIGNED MESSAGE- > Hash: SHA1 > > On Wednesday 15 January 2003 04:36 am, James Sparenberg wrote: > > Ok, The following is on my box. > > > > For freetype I've installed > > > > freetype-1.3.1-17mdk > > freetype-tools-1.3.1-17mdk > > freetype2-2.1.3-2mdk > > > > The last one is from cooker the freetype2 in 9.0 is seriously out of > > date. (actually older than the one in 8.2!) > > > > then I went to > > http://ftp.ibiblio.org/pub/Linux/distributions/contrib/texstar/linux/distri > >butions/mandrake/9.0/rpms/ > > > > And grabed some stuff from Texstar (dispite the complaints he does do > > some nice stuff.) > > > > http://ftp.ibiblio.org/pub/Linux/distributions/contrib/texstar/linux/distri > >butions/mandrake/9.0/rpms/ > > > > James, > > Did you have to upgrade your glibc libraries to shoe-horn these packages in? > - -- > Mark > - --- > Paid for by Penguins against modern appliances(R) > Linux User Since 1996 > Powered by Mandrake Linux 8.2 & 9.0 > ICQ# 27816299 > -BEGIN PGP SIGNATURE- > Version: GnuPG v1.0.7 (GNU/Linux) > > iD8DBQE+JVjeJuZ1geTzHgERAmwIAKD4WVWowB5Vv70nZnTbHDkK6krQmQCgkSzn > vP2KYuQ/+0ZT0shMN57oo1w= > =OUIN > -END PGP SIGNATURE- > > > > __ > > Want to buy your Pack or Services from MandrakeSoft? > Go to http://www.mandrakestore.com Want to buy your Pack or Services from MandrakeSoft? Go to http://www.mandrakestore.com
Re: Re: [expert] "Removable Media" icon
Still like my two methods. If I use KDE in control center -> Look n Feel -> Desktop. Uncheck enable desktop Icons. otherwise ... I use iceWM. *grin*. James On Wed, 2003-01-15 at 11:36, Chuck Burns wrote: > On Wed, January 15 2003 1:26 am, Ronald J. Hall wrote: > *snip* > > > > Hey Todd. I did it by editing the /usr/bin/kdesktop-links file (per the > > Mandrake Experience web site). > > > > Are there advantages/disadvantages to either method? Or is this another > > example of the "many ways to do things" under Linux genre? > > > > See ya! > > > I just fiddled around with it, looking in all scripts I could find that might > have anything to do with kde and the desktop, and I found the file, all by > myself, after the suggestion someone else gave me to just delete it, didnt > work. Want to buy your Pack or Services from MandrakeSoft? Go to http://www.mandrakestore.com
Re: [expert] There will be a good Mandrake Future?
Ken, Don't be passive. If you, Ken Hawkins, want Mandrakesoft to prosper, then you Ken Hawkins, should do what you can to see that happen. I'm no suggesting taking out a bank loan to donate to Mandrake, but if you had already planned on renewing your subscription, then you should do so. If you don't, on the other hand, you'll be adding to their financial challenges--challenges that may force Mandrakesoft to let go of great people. I don't know about you, but I'd rather be part of the solution than part of the problem--even if I lose my stupid club membership money. And forget about pointing fingers at management. The current financial woes are the remains of the old management, not the new. Mistakes were made; mistakes were corrected--end of story. The only question now is what we can do to help. Remember Kennedy's, "Ask not what your country can do for you--ask what you can do for your country."? It's the same thing. Renew your membership. Miark On Wed, 15 Jan 2003 12:47:23 + Ken Hawkins <[EMAIL PROTECTED]> wrote: > I also have a silver membership that I will have to seriously consider > allowing to lapse..too bad. > > My question is where the problem originated. After the recent CEO/ scandals in > the US, I begin to be suspicious of the management team at MandrakeSoft ( or > any corporation for that matter). Were they a group of suits who SUPPOSEDLY > knew about raising capital? What are they being paid? What colour is their > parachute? > > Far too often in the last decade, businesses needing to raise funds to grow > have fallen victim to scammers who wring them dry, drive them into the > ground, then receive parting bonuses for this "service". > > I have played with a lot of distro's, and I believe that Mandrake is the best > all-around. The guru's such as Civileme and Todd, and the community support > on this list are second-to-none. > > Senior managers MUST be held to account. If Mandrake keeps management, but > releases tech staff, then I will no longer support them with my dollars. > > Sorry for my rant, but too many good people have been paying the price for bad > decisions by jack-asses. > > Ken > > > > On Wednesday 15 January 2003 08:26 pm, Francisco Alcaraz Ariza wrote: > > I am very sad by the notices about Mandrake bankrupt. I hoped that the Club > > development could be a good new commercial model for Mandrake; I am a > > silver member and I have also bought a PowerPack to Mandrake Store. > > > > > Want to buy your Pack or Services from MandrakeSoft? Go to http://www.mandrakestore.com
Re: [expert]STOP the presses!! WAS: And the fun continues (it's d ead again)
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Tibbetts, Ric wrote: | Mark Weaver wrote: | |> Chuck Burns wrote: |> |>> On Wed, January 15 2003 1:53 pm, Tibbetts, Ric wrote: |>> *snip* |>> |>> |>>> I agree that port 25 is dead. The question is: Why & How? |>>> |>>> The line in /etc/services is fine. It's uncommented. |>>> smtp IS included in bastille-firewall.cfg |>>> postfix "is" running. |>>> |>>> I have no clue as to what closed that port! And I've rebooted a couple |>> |> |> |>>> of times. So what ever is doing it, is persistant! |>> |>> |>> |>> Here's something to think about, what if the portsentry didnt get |> |> |> completely |> |>> removed, and left some cruft.. some of which happens to be blocking |> |> |> port 25 |> |> this is likely the weirdest problem I've ever seen. Its probably the |> most persistant mystery yet! I'm absolutely drawing a blank here. |> | | Mark: | What's in your /etc/xinetd.d ? | | Ric here's a list of the files in that dir: chargen cvs echo imaps leafnode rsync swat chargen-udp daytime echo-udp ipop2 linuxconf-web servers time cups-lpd daytime-udp imap ipop3 pop3s services time-udp don't know if this'll help or not. hope it does... - -- Mark - --- This laptop powered by Mandrake Linux 9.0.5 *lots of cooker packages* Paid for by Penguins against Modern Appliances PMA(R) - --- Linux User since 1996 ICQ# 27816299 -BEGIN PGP SIGNATURE- Version: GnuPG v1.0.7 (GNU/Linux) Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org iD8DBQE+JdFOJuZ1geTzHgERAnP1AKDINulMftD+u8q8M2SaiRhqYcdhOwCgrDKk 8w6r56r1LHKPjXC77+RXUAg= =BgYg -END PGP SIGNATURE- Want to buy your Pack or Services from MandrakeSoft? Go to http://www.mandrakestore.com
Re: [expert] There will be a good Mandrake Future?
On Wednesday 15 January 2003 08:04 am, Ken Hawkins wrote: > I certainly don't want Mandrake to fail; what I want is an idea of whether > my money is going to developers and product improvement, or to some suit's > Caymen Island bank account.. > Ken well that is the "best part" about Chapt. 11, you get to have lawyers and judges looking over everthing to make sure it seems fair to the folks owed the money, and that owing the money was fair too. and if it ain't fair, just cause some manager who was here 3 years ago signed the contract, if it ain't fair, then the judges have the responsibility of saying to someone"get over it". At least in the bankruptcy courts I have been in*, the judges seemed to feel that if you had money to loan you had money to loose, and that forgiveness was the responsibility of the "least fair". * and it weren't for my being broke, it was companies (and individuals) owing me and claiming bankruptcy. > On Wednesday 15 January 2003 08:58 pm, Damon Lynch wrote: > > On Thu, 2003-01-16 at 01:47, Ken Hawkins wrote: > > > I also have a silver membership that I will have to seriously consider > > > allowing to lapse..too bad. > > > > Yes, if enough people think like that, Mandrake will go down. If on the > > other hand they don't, it will survive and one day prosper. Like it or > > not many of us are part of the "herd" where the herd goes, we go. > > Thus, it's partly up to people like you. We've got to think with the > > bigger picture in mind. > > > > Damon Want to buy your Pack or Services from MandrakeSoft? Go to http://www.mandrakestore.com
Re: [expert]STOP the presses!! WAS: And the fun continues (it's d ead again)
Tibbetts, Ric wrote: Mark Weaver wrote: Chuck Burns wrote: On Wed, January 15 2003 1:53 pm, Tibbetts, Ric wrote: *snip* I agree that port 25 is dead. The question is: Why & How? The line in /etc/services is fine. It's uncommented. smtp IS included in bastille-firewall.cfg postfix "is" running. I have no clue as to what closed that port! And I've rebooted a couple of times. So what ever is doing it, is persistant! Here's something to think about, what if the portsentry didnt get completely removed, and left some cruft.. some of which happens to be blocking port 25 this is likely the weirdest problem I've ever seen. Its probably the most persistant mystery yet! I'm absolutely drawing a blank here. Mark: What's in your /etc/xinetd.d ? Ric Would running (say) "msec 1" help clear this up? Possibly just having msec run through the settings, may shake this loose? Anyone care to venture a guess? Just a slim hope... Ric Want to buy your Pack or Services from MandrakeSoft? Go to http://www.mandrakestore.com
Re: [expert] There will be a good Mandrake Future?
I certainly don't want Mandrake to fail; what I want is an idea of whether my money is going to developers and product improvement, or to some suit's Caymen Island bank account.. Ken On Wednesday 15 January 2003 08:58 pm, Damon Lynch wrote: > On Thu, 2003-01-16 at 01:47, Ken Hawkins wrote: > > I also have a silver membership that I will have to seriously consider > > allowing to lapse..too bad. > > Yes, if enough people think like that, Mandrake will go down. If on the > other hand they don't, it will survive and one day prosper. Like it or > not many of us are part of the "herd" where the herd goes, we go. > Thus, it's partly up to people like you. We've got to think with the > bigger picture in mind. > > Damon Want to buy your Pack or Services from MandrakeSoft? Go to http://www.mandrakestore.com
Re: [expert] There will be a good Mandrake Future?
On Thu, 2003-01-16 at 01:47, Ken Hawkins wrote: > I also have a silver membership that I will have to seriously consider > allowing to lapse..too bad. Yes, if enough people think like that, Mandrake will go down. If on the other hand they don't, it will survive and one day prosper. Like it or not many of us are part of the "herd" where the herd goes, we go. Thus, it's partly up to people like you. We've got to think with the bigger picture in mind. Damon -- Damon Lynch <[EMAIL PROTECTED]> Want to buy your Pack or Services from MandrakeSoft? Go to http://www.mandrakestore.com
Re: [expert]STOP the presses!! WAS: And the fun continues (it's d ead again)
Mark Weaver wrote: Chuck Burns wrote: On Wed, January 15 2003 1:53 pm, Tibbetts, Ric wrote: *snip* I agree that port 25 is dead. The question is: Why & How? The line in /etc/services is fine. It's uncommented. smtp IS included in bastille-firewall.cfg postfix "is" running. I have no clue as to what closed that port! And I've rebooted a couple of times. So what ever is doing it, is persistant! Here's something to think about, what if the portsentry didnt get completely removed, and left some cruft.. some of which happens to be blocking port 25 this is likely the weirdest problem I've ever seen. Its probably the most persistant mystery yet! I'm absolutely drawing a blank here. Mark: What's in your /etc/xinetd.d ? Ric Want to buy your Pack or Services from MandrakeSoft? Go to http://www.mandrakestore.com
Re: [expert]STOP the presses!! WAS: And the fun continues (it 'sd ead again)
Chuck Burns wrote: On Wed, January 15 2003 1:53 pm, Tibbetts, Ric wrote: *snip* I agree that port 25 is dead. The question is: Why & How? The line in /etc/services is fine. It's uncommented. smtp IS included in bastille-firewall.cfg postfix "is" running. I have no clue as to what closed that port! And I've rebooted a couple of times. So what ever is doing it, is persistant! Here's something to think about, what if the portsentry didnt get completely removed, and left some cruft.. some of which happens to be blocking port 25 What & where? I took portsentry out of the startup, and rebooted the box. So it was never run. I've also gone in, and tried "taming" it, to NOT block TCP and 25 is still solidly closed. "something" "somewhere" is closing 25. And possibly 110 (Mark, when you did your scan, was 110 open?) But what... and where... and how... Hey Mark: What's in your /etc/xinetd.d ? Maybe I'm missing something? Thanks ! Ric PS: I just did a test. I can send mail "out" from that box. I just won't take it in. Want to buy your Pack or Services from MandrakeSoft? Go to http://www.mandrakestore.com
Re: [expert] There will be a good Mandrake Future?
I also have a silver membership that I will have to seriously consider allowing to lapse..too bad. My question is where the problem originated. After the recent CEO/ scandals in the US, I begin to be suspicious of the management team at MandrakeSoft ( or any corporation for that matter). Were they a group of suits who SUPPOSEDLY knew about raising capital? What are they being paid? What colour is their parachute? Far too often in the last decade, businesses needing to raise funds to grow have fallen victim to scammers who wring them dry, drive them into the ground, then receive parting bonuses for this "service". I have played with a lot of distro's, and I believe that Mandrake is the best all-around. The guru's such as Civileme and Todd, and the community support on this list are second-to-none. Senior managers MUST be held to account. If Mandrake keeps management, but releases tech staff, then I will no longer support them with my dollars. Sorry for my rant, but too many good people have been paying the price for bad decisions by jack-asses. Ken On Wednesday 15 January 2003 08:26 pm, Francisco Alcaraz Ariza wrote: > I am very sad by the notices about Mandrake bankrupt. I hoped that the Club > development could be a good new commercial model for Mandrake; I am a > silver member and I have also bought a PowerPack to Mandrake Store. > Want to buy your Pack or Services from MandrakeSoft? Go to http://www.mandrakestore.com
Re: [expert] And the fun continues (it's dead again)
refuse a connection. the only other cause for the connection being refused is if the service itself isn't running. Ok, really dumb question, but I'm not leaving any stone unturned at this point "What service"? Which one? if you're refering to which service it would be in the /etc/services file then it would be port 25 smtp/tcp Yeah, like I said, it was a dumb question. And yes, it's there: smtp 25/tcpSimple Mail Transfer smtp 25/udpSimple Mail Transfer It's also open in bastille-firewall. portsentry isn't running. . . . . . . . Want to buy your Pack or Services from MandrakeSoft? Go to http://www.mandrakestore.com
Re: [expert]STOP the presses!! WAS: And the fun continues (it's dead again)
Chuck Burns wrote: On Wed, January 15 2003 1:53 pm, Tibbetts, Ric wrote: *snip* I agree that port 25 is dead. The question is: Why & How? The line in /etc/services is fine. It's uncommented. smtp IS included in bastille-firewall.cfg postfix "is" running. I have no clue as to what closed that port! And I've rebooted a couple of times. So what ever is doing it, is persistant! Here's something to think about, what if the portsentry didnt get completely removed, and left some cruft.. some of which happens to be blocking port 25 this is likely the weirdest problem I've ever seen. Its probably the most persistant mystery yet! I'm absolutely drawing a blank here. -- Mark --- This laptop powered by Mandrake Linux 9.0.5 *lots of cooker packages* Paid for by Penguins against Modern Appliances PMA(R) --- Linux User since 1996 ICQ# 27816299 Want to buy your Pack or Services from MandrakeSoft? Go to http://www.mandrakestore.com
Re: [expert] And the fun continues (it's dead again)
Tibbetts, Ric wrote: Mark Weaver wrote: Tibbetts, Ric wrote: > Mark Weaver wrote: > >> On Wednesday 15 January 2003 11:30 am, Tibbetts, Ric scribbled >> nervously: >> >>> Mark Weaver wrote: >>> On Wednesday 15 January 2003 10:57 am, Tibbetts, Ric scribbled nervously: > Sheesh! NOW, the server (firewall side) is just bulk > rejecting ALL >> >> connections >> > (again!). It considers any incoming mail as a SYN attack, and > >> >> rejects >> > it! (egads! I'm getting tired of this chase!). I thought I > had this sorted out... > > /var/log/messages is bing filled with messages like: [snip] > It's all incoming mail, that is not coming in! > > Any thoughts on WHY it would interpret all incoming > connections as >> >> an >> > attack? Anything not already blocked is interpreted as a SYN > attack, and > is rejected, and added to the list > > Thanks ! > > Ric Ric, do yourself a huge favor and turnoff and uninstall PortSentry. He's >>> >> >> a >> tired old man with a serious bladder control problem. he sh*ts himself >>> >> >> from >> time to time as well. do that and you should be feeling a lot better. >>> >>> >>> I shut it off when it started puking like that. THen I cleaned >>> out /etc/hosts/deny. >>> >>> But it's still not accepting any connections, it's just quieter >>> about it. It's just not receiving anything. When it did this the >>> other day, xinetd was down. I checked that... alls well there. >>> It's running. >>> >>> this is really getting frustrating! If I were 3000 miles closer, >>> I'd shoot the thing between it's transistors, and rebuild it. But >>> I'm just >> >> >> a >> >>> bit to far away for that. >>> >>> I can still ssh in, so at least I can work on it. But I'm lost as >>> to >> >> >> why >> >>> it started doing this again... It was fine, up until about a half >>> >> >> >> hour >> >>> ago.. Then it just stopped receiving connections. There's nothing >>> in >> >> >> the >> >>> logs.. I even tried the M$ method: Reboot.. no joy. It didn't >>> help. >>> >>> And stopping portsentry doesn't make any difference. It's not the >>> mail system either. I reverted back to the pre-spam >> >> >> filter >> >>> version. That didn't make any difference. It's just started >>> rejecting all connections. >>> >>> gotta be a reason >>> >>> Ric >> >> >> >> well...this sounds horribly familiar, so I'll set to work trying to >> recall what it was I was doing when this happened to me, and how I >> handled the situation. damned thing of it I should have kept up my >> journal of that period. there was a time when everything I touched >> on that machine turned to crap! it's not so bad now cause I've had >> a lot of practice. :) don't worry though...it'll come to >> me...eventually. > > > Ok, let's get basic. It was running when I first checked on it this > morning. The spam filter was tight, so I loosened that up a little > (pure postfix config file stuff. NO systems level stuff). Then I > restarted postfix, and the server stopped receiving connections. > > I rebooted. > > Then portsentry went crazy on the reporting, and started rejecting > every incoming mail connection. (actually, I suspect that they were > being rejected anyway, there was no new mail coming in before that). > > The last time it started acting like that, xinetd wasn't running. > This time it is. > > The firewall is up. iptables is running. > > postfix is up > > I can "send" mail from it, and users from inside that network can > pass through it, so masq'ing is working right. > > Why is it rejecting ALL incoming e-Mail connections? > > And ONLY incoming e-Mail connections. I can ssh in, and the web > server is running, and allows connections... > > But any incoming e-Mail is interpreted as an attack, and rejected. > > Where is this coming from ?!?! (portsentry is shut off. But I've > been running it a very long time. I've seldom found it the source of > the problem, on the messenger. Without it, I feel like I'm running a > bit blind... > > Any thoughts? Suggestions on where to look? WAGs? > > This server has been a super reliable server for the past 3 years. > It's been on 8.1 for a year or so, and has never caused any problems. > Now all the sudden... I can't keep it running... > > HELP! > > Ric Ric, how is it you're certain that the connections to port 25 are being interpreted as attacks on the system? apart from PortSentry I can't think of anything else that would cause that port to be closed and refuse a connection. the only other cause for the connection being refused is if the service itself isn't running. Ok, really dumb question, but I'm not leavi
[expert] It's official.
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Mandrake has officially filed for "Chapter 11". Done deal. Hopefully they will pull out of this reorganization of payments and...still exist. - -- Conservatives of all times are adventitious liars. - - Friedrich Nietzsche. -BEGIN PGP SIGNATURE- Version: GnuPG v1.0.7 (GNU/Linux) iD8DBQE+JcQE1i/6R1B/Yh0RAl2bAKCBltBhetWNQ3fcqYXvlCSNOuSZMQCggw2n 3rk3/ZEV6EqqgS5D8Hur+LI= =ofw3 -END PGP SIGNATURE- Want to buy your Pack or Services from MandrakeSoft? Go to http://www.mandrakestore.com
[expert] There will be a good Mandrake Future?
I am very sad by the notices about Mandrake bankrupt. I hoped that the Club development could be a good new commercial model for Mandrake; I am a silver member and I have also bought a PowerPack to Mandrake Store. I am actually very happy with the 9.0 (also I was with 7.0, 7.2, 8.0 and 8.2), I have tested other distributions, but I don't know mailing-list as actives as the Mandrake ones (newbie, expert, cooker and this almost dead crashtesters) and I have ever found solutions for my problems thanks to the help of lot of Mandrake users ^_^; in fact I have never needed the 60 days Mandrake official help for my bought packages of the different distributions. My Mandrake Club will expire in more or less a month, I was decided to renove it, but now I am in a trouble. Will Mandrake dissapear and due to that I will lost the money and the services of the club? or this will help Mandrake to survive? I actually don't know what to do??? I am testing 9.1 beta and it looks pretty to a first beta... I will be a pity to lost the 9.1.. -- Francisco Alcaraz Ariza Departamento de Biología Vegetal Universidad de Murcia Campus de Espinardo E-30100 Murcia España (Spain) Want to buy your Pack or Services from MandrakeSoft? Go to http://www.mandrakestore.com
Re: Re: [expert]STOP the presses!! WAS: And the fun continues (it's d ead again)
On Wed, January 15 2003 1:53 pm, Tibbetts, Ric wrote: *snip* > I agree that port 25 is dead. The question is: Why & How? > > The line in /etc/services is fine. It's uncommented. > smtp IS included in bastille-firewall.cfg > postfix "is" running. > > I have no clue as to what closed that port! And I've rebooted a couple > of times. So what ever is doing it, is persistant! Here's something to think about, what if the portsentry didnt get completely removed, and left some cruft.. some of which happens to be blocking port 25 -- Chuck Burns - Grand Bay, AL Man = Mars = 4th planet from Sun = 4 Woman = Venus = 2nd planet from Sun = 2 Man - Woman = -2 = Man divorce wife = less than he started with Want to buy your Pack or Services from MandrakeSoft? Go to http://www.mandrakestore.com
Re: [expert] Recognition of Todd Lyons
Todd Rocks, nuff said. Thanks for all you've done.. H.J.Bathoorn wrote: On Wednesday 15 January 2003 16:49, Lyvim Xaphir wrote: I want to make an official appeal to the Mandrake management to keep Todd Lyons securely in the company, in the recent light of current events regarding the Chapter 11. Todd Lyons has been an incredible asset to the Expert list, helping countless users with their problems and concerns. It would be a terrible loss to Mandrake and an even more terrible loss to all Mandrake users were anything to happen that would force him to seek other employment. We want him around and we want him to stay. Civileme was a huge asset to all of us here in North America, as well as the rest of the world. We don't want the same thing to happen to Todd Lyons. If this concerns you now is the time to make your support known. Thank you, Todd. LX I second that wholeheartedly. Where would we be without all those blues skies HarM Want to buy your Pack or Services from MandrakeSoft? Go to http://www.mandrakestore.com
Re: [expert] MNF vs SNF
OK I guess this clears some of the confusion... Still wonder why MDK left it so vague though. And you know the funny thing? Click on the "register your firewall" when you first enter the MNF box and you're directed to "The page /products/mnf/register you are looking for is missing" Then again, they are having a few internal problems. And while we're on the topic, does Chapter 11 affect updates from mdk at all? Or is it nearly entirely based upon the open source community? Now that I know that free updates are possible from a license stand point, I'd hate to find out they aren't feasible with the "new" company model... Thanks for the replies guys... --- JP <[EMAIL PROTECTED]> wrote: > Vincent Danen <[EMAIL PROTECTED]> deeg zun bes > op schoal um hej te > kinne schrieve: > > > On Wed Jan 15, 2003 at 10:32:39AM +0100, JP wrote: > > > > [...] > > > it seems as if they try to get people to pay for > the mnf updates, > > > however, I dont think you will have to do so in > order to get the > > > updates. > > > > I can't speak officially on this as I'm not > directly involved with MNF, > > but after playing with it yesterday I do have some > observations. > > > > In order to use the web interface for updates, you > will need to pay. I > > have no idea what the pricetag is. I, as of yet, > have no idea how well > > the web interface works (I've been playing with > MNF for less than 24hrs > > now). > > > > > first of all, i just checked a mandrake updates > mirror and there is a > > > seperate directory for mnf, that one could > simply use (add to urpmi > > > etc.) without mandrake even knowing it. > > > > Yup. You can use urpmi and use whatever mirror > you like to get > > updates. This should be just as secure as the > "for pay" mirror... ie. > > md5sums are available and the file is GPG > clearsigned. RPM packages > > can be validated via md5 and gpg sigs. > > thank god, no micro$$$oft practices. > > > The primary advantage to the for pay updates is > you will have access to > > them instantly. I don't know what the > infrastructure for the updates > > is, but I imagine there will be next to no delay > for updates... you > > would get them almost immediately. Relying on > third-party mirrors > > means a little bit of a delay, so it depends on > how quickly you want > > your firewall patched up (if speed is important to > you, getting > > "priority" updates may well be what you > need/want). You also wouldn't > > have to worry about free mirrors being clogged > when new distribs are > > released... anyone try to update software the day > of a new Mdk or RH > > release? Have fun getting into most public > mirrors that week. > > no problem for me :-) > I must admit though that this may indeed be a > serious problem to many > people, certainly if it is about some critical > security update. > > > Anyways, you do not *need* to pay to have a fully > functioning firewall > > and the ability to do updates. You will have to > be familiar with urpmi > > (or learn it) and log in remotely in order to do > the updates, but once > > you add whatever mirror you want to use, a simple > "urpmi.update -a; > > urpmi --auto-select" is enough to keep you up to > date. > > > > And no, there will be no "MNF updates go to public > mirrors 24hrs after > > they go to the for-pay mirror" stuff, so anyone > worried about a delay > > for non-paying people should not worry. You just > have to deal with the > > mirroring schedules of the third-party mirrors. > > > > If anyone ever wants to see how well mirrors keep > up to date, there is > > a fairly approximate listing on > > http://www.mandrakesecure.net/en/ftp.php that will > show you when the > > last update was done. > > > > > second, this mnf is basically a (heavily > modified and stripped down) > > > version of mandrake 8.2. for which updates are > freely available. see > > > also snf, which has a similar relationship to > 7.2, with many packages > > > in the snf update directory being a simlink to > the 7.2 updates. > > > > Yup, exactly. > > > > > all in all a rather unclear situation, as by > reading the mandrake > > > website one would think you have to pay for > security updates. > > > > Nope, not at all. You're paying for access to a > private FTP site. The > > updates themself are "free"; meaning publically > available to anyone who > > wants them. Access to the private FTP site is the > real issue here. > > > > I agree that it wasn't clearly worded, so I hope > this provides a little > > less confusion for those who would like to use MNF > but have some > > reservations thinking you might be charged for > security updates. > > it does clarify alot indeed. > > as for the 'delay' one experiences when using mirror > sites, I guess it > basically comes down to what one uses the box for. > > a home user will generally care less about such > things, and also have a > smaller budget than say a corporate it department > guy. apart from th
Re: [expert]STOP the presses!! WAS: And the fun continues (it's dead again)
Mark Weaver wrote: Ric Um...a quick, sweet scan of your system proved to be very revealing. I know exactly why your messages and in fact all messages are being refuse...port 25 and your other ports you're using for email in and out are all closed. that would tend to explain a lot as to why you can't get messages in and out of the place. As far as I know there are only three things that can cause these ports to close like this. 1) the firewall has closed these ports by dropping all packets going to those ports. 2) the services aren't running...in this case Postfix. 3) the line in the /etc/services file that contains the reference to the port and service has been commented out closing off the port and the service which runs there upon. this third item is the most perplexing in that this file has to be edited manually. I don't know of any program that writes to this file in the normal course of doing its thing. You know??? it just occurred to me that you might not even see this post! &%(_(ET$#%*(*^Y#@ Mark I'm getting these. I'm using my work address for this discussion. I agree that port 25 is dead. The question is: Why & How? The line in /etc/services is fine. It's uncommented. smtp IS included in bastille-firewall.cfg postfix "is" running. I have no clue as to what closed that port! And I've rebooted a couple of times. So what ever is doing it, is persistant! BTW: I "can" get messages out. Just not in. Ric Want to buy your Pack or Services from MandrakeSoft? Go to http://www.mandrakestore.com
Re: [expert] Recognition of Todd Lyons
On Wednesday 15 January 2003 17:49, Lyvim Xaphir wrote: > I want to make an official appeal to the Mandrake management to keep > Todd Lyons securely in the company, in the recent light of current > events regarding the Chapter 11. > Is chapter 11 official now ? > Todd Lyons has been an incredible asset to the Expert list, helping > countless users with their problems and concerns. It would be a > terrible loss to Mandrake and an even more terrible loss to all Mandrake > users were anything to happen that would force him to seek other > employment. We want him around and we want him to stay. > I will vote too, for me it was Tom Berger who made me addicted, but less than current mandrakestaff is not possible . > Civileme was a huge asset to all of us here in North America, as well as > the rest of the world. We don't want the same thing to happen to Todd > Lyons. If this concerns you now is the time to make your support known. > > Thank you, Todd. > > LX Wonder whats goin on. -- counter.li.org : #296567. machine: 181800 vdr-box : 87 Please dont CC me, since if I have replied I'll watch the tread. Both mails will be filtered to the ML-folder. Thanks Want to buy your Pack or Services from MandrakeSoft? Go to http://www.mandrakestore.com
Re: [expert] And the fun continues (it's dead again)
Mark Weaver wrote: Tibbetts, Ric wrote: > Mark Weaver wrote: > >> On Wednesday 15 January 2003 11:30 am, Tibbetts, Ric scribbled >> nervously: >> >>> Mark Weaver wrote: >>> On Wednesday 15 January 2003 10:57 am, Tibbetts, Ric scribbled nervously: > Sheesh! NOW, the server (firewall side) is just bulk > rejecting ALL >> >> connections >> > (again!). It considers any incoming mail as a SYN attack, and > >> >> rejects >> > it! (egads! I'm getting tired of this chase!). I thought I > had this sorted out... > > /var/log/messages is bing filled with messages like: [snip] > It's all incoming mail, that is not coming in! > > Any thoughts on WHY it would interpret all incoming > connections as >> >> an >> > attack? Anything not already blocked is interpreted as a SYN > attack, and > is rejected, and added to the list > > Thanks ! > > Ric Ric, do yourself a huge favor and turnoff and uninstall PortSentry. He's >>> >> >> a >> tired old man with a serious bladder control problem. he sh*ts himself >>> >> >> from >> time to time as well. do that and you should be feeling a lot better. >>> >>> >>> I shut it off when it started puking like that. THen I cleaned >>> out /etc/hosts/deny. >>> >>> But it's still not accepting any connections, it's just quieter >>> about it. It's just not receiving anything. When it did this the >>> other day, xinetd was down. I checked that... alls well there. >>> It's running. >>> >>> this is really getting frustrating! If I were 3000 miles closer, >>> I'd shoot the thing between it's transistors, and rebuild it. But >>> I'm just >> >> >> a >> >>> bit to far away for that. >>> >>> I can still ssh in, so at least I can work on it. But I'm lost as >>> to >> >> >> why >> >>> it started doing this again... It was fine, up until about a half >>> >> >> >> hour >> >>> ago.. Then it just stopped receiving connections. There's nothing >>> in >> >> >> the >> >>> logs.. I even tried the M$ method: Reboot.. no joy. It didn't >>> help. >>> >>> And stopping portsentry doesn't make any difference. It's not the >>> mail system either. I reverted back to the pre-spam >> >> >> filter >> >>> version. That didn't make any difference. It's just started >>> rejecting all connections. >>> >>> gotta be a reason >>> >>> Ric >> >> >> >> well...this sounds horribly familiar, so I'll set to work trying to >> recall what it was I was doing when this happened to me, and how I >> handled the situation. damned thing of it I should have kept up my >> journal of that period. there was a time when everything I touched >> on that machine turned to crap! it's not so bad now cause I've had >> a lot of practice. :) don't worry though...it'll come to >> me...eventually. > > > Ok, let's get basic. It was running when I first checked on it this > morning. The spam filter was tight, so I loosened that up a little > (pure postfix config file stuff. NO systems level stuff). Then I > restarted postfix, and the server stopped receiving connections. > > I rebooted. > > Then portsentry went crazy on the reporting, and started rejecting > every incoming mail connection. (actually, I suspect that they were > being rejected anyway, there was no new mail coming in before that). > > The last time it started acting like that, xinetd wasn't running. > This time it is. > > The firewall is up. iptables is running. > > postfix is up > > I can "send" mail from it, and users from inside that network can > pass through it, so masq'ing is working right. > > Why is it rejecting ALL incoming e-Mail connections? > > And ONLY incoming e-Mail connections. I can ssh in, and the web > server is running, and allows connections... > > But any incoming e-Mail is interpreted as an attack, and rejected. > > Where is this coming from ?!?! (portsentry is shut off. But I've > been running it a very long time. I've seldom found it the source of > the problem, on the messenger. Without it, I feel like I'm running a > bit blind... > > Any thoughts? Suggestions on where to look? WAGs? > > This server has been a super reliable server for the past 3 years. > It's been on 8.1 for a year or so, and has never caused any problems. > Now all the sudden... I can't keep it running... > > HELP! > > Ric Ric, how is it you're certain that the connections to port 25 are being interpreted as attacks on the system? apart from PortSentry I can't think of anything else that would cause that port to be closed and refuse a connection. the only other cause for the connection being refused is if the service itself isn't running. Ok, really dumb question, but I'm not leaving any stone unturned a
Re: [expert] How start sshd at boot time?
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Eduardo Mendes wrote on Wed, Jan 15, 2003 at 05:48:03PM + : > > > > I am using ssh-3.2.0. > > > What am I doing wrong? > > Ummm, using a non-Mandrake package. We use openssh, not RSA's ssh. > Does it mean that I am in trouible for not using Mandrake package? Is > there a workaround (not that one of removing ssh and installing > openssh)? No, not in trouble. But you need to look and see what that ssh package installs. If it doesn't install something in /etc/rc.d/init.d or /etc/init.d, you'll have to write your own init script or just add a line to /etc/rc.d/rc.local to start the ssh server. The syntax will have to be determined by you along with any prerequisite directories or libraries that it needs. Blue skies... Todd - -- MandrakeSoft USA http://www.mandrakesoft.com Mandrake: An amalgam of good ideas from RedHat, Debian, and MandrakeSoft. All in all, IMHO, an unbeatable combination. --Levi Ramsey on Cooker ML Cooker Version mandrake-release-9.1-0.1mdk Kernel 2.4.20-2mdk -BEGIN PGP SIGNATURE- Version: GnuPG v1.2.1 (GNU/Linux) iD8DBQE+Jbv+lp7v05cW2woRAs/BAJsGtAwa0DHpmTC5msD0RKgZlDfH9QCeM/5i d7SDtzLVJYL6wntWcYvimdM= =Wh1H -END PGP SIGNATURE- Want to buy your Pack or Services from MandrakeSoft? Go to http://www.mandrakestore.com
Re: [expert] And the fun continues (it's dead again)
Mark Weaver wrote: Tibbetts, Ric wrote: > Mark Weaver wrote: > >> On Wednesday 15 January 2003 11:30 am, Tibbetts, Ric scribbled >> nervously: >> >>> Mark Weaver wrote: >>> On Wednesday 15 January 2003 10:57 am, Tibbetts, Ric scribbled nervously: > Sheesh! NOW, the server (firewall side) is just bulk > rejecting ALL >> >> connections >> > (again!). It considers any incoming mail as a SYN attack, and > >> >> rejects >> > it! (egads! I'm getting tired of this chase!). I thought I > had this sorted out... > > /var/log/messages is bing filled with messages like: [snip] > It's all incoming mail, that is not coming in! > > Any thoughts on WHY it would interpret all incoming > connections as >> >> an >> > attack? Anything not already blocked is interpreted as a SYN > attack, and > is rejected, and added to the list > > Thanks ! > > Ric Ric, do yourself a huge favor and turnoff and uninstall PortSentry. He's >>> >> >> a >> tired old man with a serious bladder control problem. he sh*ts himself >>> >> >> from >> time to time as well. do that and you should be feeling a lot better. >>> >>> >>> I shut it off when it started puking like that. THen I cleaned >>> out /etc/hosts/deny. >>> >>> But it's still not accepting any connections, it's just quieter >>> about it. It's just not receiving anything. When it did this the >>> other day, xinetd was down. I checked that... alls well there. >>> It's running. >>> >>> this is really getting frustrating! If I were 3000 miles closer, >>> I'd shoot the thing between it's transistors, and rebuild it. But >>> I'm just >> >> >> a >> >>> bit to far away for that. >>> >>> I can still ssh in, so at least I can work on it. But I'm lost as >>> to >> >> >> why >> >>> it started doing this again... It was fine, up until about a half >>> >> >> >> hour >> >>> ago.. Then it just stopped receiving connections. There's nothing >>> in >> >> >> the >> >>> logs.. I even tried the M$ method: Reboot.. no joy. It didn't >>> help. >>> >>> And stopping portsentry doesn't make any difference. It's not the >>> mail system either. I reverted back to the pre-spam >> >> >> filter >> >>> version. That didn't make any difference. It's just started >>> rejecting all connections. >>> >>> gotta be a reason >>> >>> Ric >> >> >> >> well...this sounds horribly familiar, so I'll set to work trying to >> recall what it was I was doing when this happened to me, and how I >> handled the situation. damned thing of it I should have kept up my >> journal of that period. there was a time when everything I touched >> on that machine turned to crap! it's not so bad now cause I've had >> a lot of practice. :) don't worry though...it'll come to >> me...eventually. > > > Ok, let's get basic. It was running when I first checked on it this > morning. The spam filter was tight, so I loosened that up a little > (pure postfix config file stuff. NO systems level stuff). Then I > restarted postfix, and the server stopped receiving connections. > > I rebooted. > > Then portsentry went crazy on the reporting, and started rejecting > every incoming mail connection. (actually, I suspect that they were > being rejected anyway, there was no new mail coming in before that). > > The last time it started acting like that, xinetd wasn't running. > This time it is. > > The firewall is up. iptables is running. > > postfix is up > > I can "send" mail from it, and users from inside that network can > pass through it, so masq'ing is working right. > > Why is it rejecting ALL incoming e-Mail connections? > > And ONLY incoming e-Mail connections. I can ssh in, and the web > server is running, and allows connections... > > But any incoming e-Mail is interpreted as an attack, and rejected. > > Where is this coming from ?!?! (portsentry is shut off. But I've > been running it a very long time. I've seldom found it the source of > the problem, on the messenger. Without it, I feel like I'm running a > bit blind... > > Any thoughts? Suggestions on where to look? WAGs? > > This server has been a super reliable server for the past 3 years. > It's been on 8.1 for a year or so, and has never caused any problems. > Now all the sudden... I can't keep it running... > > HELP! > > Ric Ric, how is it you're certain that the connections to port 25 are being interpreted as attacks on the system? apart from PortSentry I can't think of anything else that would cause that port to be closed and refuse a connection. the only other cause for the connection being refused is if the service itself isn't running. other then things stated above I'm drawing a blank. try this though
Re: [expert] printer driver in samba
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Norman Zhang wrote on Wed, Jan 15, 2003 at 11:30:11AM -0800 : > > security = DOMAIN So you're using a seperate samba or NT domain server? > os level = 18 > preferred master = No > local master = No > domain master = No Definitely must be :) I don't see anything outstandingly wrong. All authentication is going through another server, so that server must allow you to do whatever it is that you're doing. Hopefully Buchan can offer more help. Blue skies... Todd - -- MandrakeSoft USA http://www.mandrakesoft.com cat /boot/vmlinuz > /dev/dsp #for great justice Cooker Version mandrake-release-9.1-0.1mdk Kernel 2.4.20-2mdk -BEGIN PGP SIGNATURE- Version: GnuPG v1.2.1 (GNU/Linux) iD8DBQE+Jbunlp7v05cW2woRAp23AKDLoLD7eiUQ+mRdDT9ddCscfAeyHwCfTbLD jJBl1eOzayjJQkW2ibw7vOI= =kKiA -END PGP SIGNATURE- Want to buy your Pack or Services from MandrakeSoft? Go to http://www.mandrakestore.com
Re: [expert] Rejected Connections
Tibbetts, Ric wrote: All; Let me try this from a different angle. I have a server with problems. Right now, it's rejecting all connections to port 25 (mail). I can do everything else, but that. The server is running postfix for sending mail, and smtp is open in the firewall. It was accepting connections this morning, and has now stopped. Mysteriously. I'd sure appreciate any pointers on what could/would cause a server to suddenly stop accepting connections... Ric Ric, please check the most recent post on the previous thread related to this problem. I believe it holds the keys to your present problem. Mark Want to buy your Pack or Services from MandrakeSoft? Go to http://www.mandrakestore.com
Re: [expert]STOP the presses!! WAS: And the fun continues (it's deadagain)
Ric Um...a quick, sweet scan of your system proved to be very revealing. I know exactly why your messages and in fact all messages are being refuse...port 25 and your other ports you're using for email in and out are all closed. that would tend to explain a lot as to why you can't get messages in and out of the place. As far as I know there are only three things that can cause these ports to close like this. 1) the firewall has closed these ports by dropping all packets going to those ports. 2) the services aren't running...in this case Postfix. 3) the line in the /etc/services file that contains the reference to the port and service has been commented out closing off the port and the service which runs there upon. this third item is the most perplexing in that this file has to be edited manually. I don't know of any program that writes to this file in the normal course of doing its thing. You know??? it just occurred to me that you might not even see this post! &%(_(ET$#%*(*^Y#@ Mark Want to buy your Pack or Services from MandrakeSoft? Go to http://www.mandrakestore.com
Re: [expert] Recognition of Todd Lyons
On Wednesday 15 January 2003 16:49, Lyvim Xaphir wrote: > I want to make an official appeal to the Mandrake management to keep > Todd Lyons securely in the company, in the recent light of current > events regarding the Chapter 11. > > Todd Lyons has been an incredible asset to the Expert list, helping > countless users with their problems and concerns. It would be a > terrible loss to Mandrake and an even more terrible loss to all Mandrake > users were anything to happen that would force him to seek other > employment. We want him around and we want him to stay. > > Civileme was a huge asset to all of us here in North America, as well as > the rest of the world. We don't want the same thing to happen to Todd > Lyons. If this concerns you now is the time to make your support known. > > Thank you, Todd. > > LX I second that wholeheartedly. Where would we be without all those blues skies HarM Want to buy your Pack or Services from MandrakeSoft? Go to http://www.mandrakestore.com
Re: [expert] And the fun continues
Mark Weaver wrote: Tibbetts, Ric wrote: Mark Weaver wrote: On Wednesday 15 January 2003 10:57 am, Tibbetts, Ric scribbled nervously: Sheesh! NOW, the server (firewall side) is just bulk rejecting ALL connections (again!). It considers any incoming mail as a SYN attack, and rejects it! (egads! I'm getting tired of this chase!). I thought I had this sorted out... /var/log/messages is bing filled with messages like: [snip] It's all incoming mail, that is not coming in! Any thoughts on WHY it would interpret all incoming connections as an attack? Anything not already blocked is interpreted as a SYN attack, and is rejected, and added to the list Thanks ! Ric Ric, do yourself a huge favor and turnoff and uninstall PortSentry. He's a tired old man with a serious bladder control problem. he sh*ts himself from time to time as well. do that and you should be feeling a lot better. Mark (anyone); At what point in your startup is iptables starting (remember that my rcx.d directories got trashed). I'm missing something, and I need to figure out what! Any help is greatly appreciated!!! Ric Ric, as I recall its rather early in the boot process. i'll check and then repost what I find. Mark Of interest on this one. If I put iptables back into the startup (chkconfig --add iptables). It gets added at the top (S03 I think). Then if I reboot, it changes to K92iptables -> ../init.d/iptables Ric Want to buy your Pack or Services from MandrakeSoft? Go to http://www.mandrakestore.com
Re: [expert] How start sshd at boot time?
> > I am using ssh-3.2.0. > > What am I doing wrong? > > Ummm, using a non-Mandrake package. We use openssh, not RSA's ssh. > Does it mean that I am in trouible for not using Mandrake package? Is there a workaround (not that one of removing ssh and installing openssh)? Many thanks Ed Want to buy your Pack or Services from MandrakeSoft? Go to http://www.mandrakestore.com
Re: [expert] MNF vs SNF
Vincent Danen <[EMAIL PROTECTED]> deeg zun bes op schoal um hej te kinne schrieve: > On Wed Jan 15, 2003 at 10:32:39AM +0100, JP wrote: > > [...] > > it seems as if they try to get people to pay for the mnf updates, > > however, I dont think you will have to do so in order to get the > > updates. > > I can't speak officially on this as I'm not directly involved with MNF, > but after playing with it yesterday I do have some observations. > > In order to use the web interface for updates, you will need to pay. I > have no idea what the pricetag is. I, as of yet, have no idea how well > the web interface works (I've been playing with MNF for less than 24hrs > now). > > > first of all, i just checked a mandrake updates mirror and there is a > > seperate directory for mnf, that one could simply use (add to urpmi > > etc.) without mandrake even knowing it. > > Yup. You can use urpmi and use whatever mirror you like to get > updates. This should be just as secure as the "for pay" mirror... ie. > md5sums are available and the file is GPG clearsigned. RPM packages > can be validated via md5 and gpg sigs. thank god, no micro$$$oft practices. > The primary advantage to the for pay updates is you will have access to > them instantly. I don't know what the infrastructure for the updates > is, but I imagine there will be next to no delay for updates... you > would get them almost immediately. Relying on third-party mirrors > means a little bit of a delay, so it depends on how quickly you want > your firewall patched up (if speed is important to you, getting > "priority" updates may well be what you need/want). You also wouldn't > have to worry about free mirrors being clogged when new distribs are > released... anyone try to update software the day of a new Mdk or RH > release? Have fun getting into most public mirrors that week. no problem for me :-) I must admit though that this may indeed be a serious problem to many people, certainly if it is about some critical security update. > Anyways, you do not *need* to pay to have a fully functioning firewall > and the ability to do updates. You will have to be familiar with urpmi > (or learn it) and log in remotely in order to do the updates, but once > you add whatever mirror you want to use, a simple "urpmi.update -a; > urpmi --auto-select" is enough to keep you up to date. > > And no, there will be no "MNF updates go to public mirrors 24hrs after > they go to the for-pay mirror" stuff, so anyone worried about a delay > for non-paying people should not worry. You just have to deal with the > mirroring schedules of the third-party mirrors. > > If anyone ever wants to see how well mirrors keep up to date, there is > a fairly approximate listing on > http://www.mandrakesecure.net/en/ftp.php that will show you when the > last update was done. > > > second, this mnf is basically a (heavily modified and stripped down) > > version of mandrake 8.2. for which updates are freely available. see > > also snf, which has a similar relationship to 7.2, with many packages > > in the snf update directory being a simlink to the 7.2 updates. > > Yup, exactly. > > > all in all a rather unclear situation, as by reading the mandrake > > website one would think you have to pay for security updates. > > Nope, not at all. You're paying for access to a private FTP site. The > updates themself are "free"; meaning publically available to anyone who > wants them. Access to the private FTP site is the real issue here. > > I agree that it wasn't clearly worded, so I hope this provides a little > less confusion for those who would like to use MNF but have some > reservations thinking you might be charged for security updates. it does clarify alot indeed. as for the 'delay' one experiences when using mirror sites, I guess it basically comes down to what one uses the box for. a home user will generally care less about such things, and also have a smaller budget than say a corporate it department guy. apart from that, mnf like snf is to be used as a firewall/nat router. once properly setup, such a machine should not be running any services except a (local lan only) sshd, leaving virtually no possiblities for intrusion but the ssh packages (or a highly unlikely kernel networking related bug). in the end, it's all about priorities ;-) JP Want to buy your Pack or Services from MandrakeSoft? Go to http://www.mandrakestore.com
Re: Re: [expert] "Removable Media" icon
On Wed, January 15 2003 1:26 am, Ronald J. Hall wrote: *snip* > > Hey Todd. I did it by editing the /usr/bin/kdesktop-links file (per the > Mandrake Experience web site). > > Are there advantages/disadvantages to either method? Or is this another > example of the "many ways to do things" under Linux genre? > > See ya! > I just fiddled around with it, looking in all scripts I could find that might have anything to do with kde and the desktop, and I found the file, all by myself, after the suggestion someone else gave me to just delete it, didnt work. -- Chuck Burns - Grand Bay, AL Man = Mars = 4th planet from Sun = 4 Woman = Venus = 2nd planet from Sun = 2 Man - Woman = -2 = Man divorce wife = less than he started with Want to buy your Pack or Services from MandrakeSoft? Go to http://www.mandrakestore.com
Re: [expert] "Removable Media" icon
On Wednesday 15 January 2003 02:12 pm, Todd Lyons wrote: > Chuck Burns wrote on Tue, Jan 14, 2003 at 10:59:03PM -0600 : > > How do I rid myself of that annoying Removable Media icon, that KDE > > insists on putting on my desktop, even tho I have added the devices to > > the desktop manually? Every time I delete it, it comes back when I > > log out and back in > > mv /usr/share/mdk/kde/removable_media.directory /some/place/safe > > Restart KDE. > > Blue skies... Todd Hey Todd. I did it by editing the /usr/bin/kdesktop-links file (per the Mandrake Experience web site). Are there advantages/disadvantages to either method? Or is this another example of the "many ways to do things" under Linux genre? See ya! -- /\ Dark< >Lord \/ Want to buy your Pack or Services from MandrakeSoft? Go to http://www.mandrakestore.com
Re: [expert] printer driver in samba
Hi Buchan and All, I have appended my smb.conf at the bottom of this email for you to review. Your comments are greatly appreciated. I have also appended some additional info of my LM9.0 system. Regards, Norman I'm trying to add driver to the print$ share in Windows 2000 as a printer administrator. But after selecting Printers/Server Properties/Drivers, all tabs cannot be selected (grayed out). ::: ::: You need to be listed in 'printer admin group' or a member of such a ::: group, such as: ::: ::: printer admin group = @adm root ::: etc ::: ::: BTW, process is like this, browse to the Printers share on the ::: machine, right-click the printer, choose properties, say no when ::: offered to install a driver, click advanced, choose "New Driver". :: :: I do have printer_admin = @"MYNTDOMAIN\Print Admins", root. I also :: set my Print Admins to be the primary group for the operators. I :: also tried the process you described, but I still got access denied. :: Does this have to do with CUPS? Do I need to use cupsaddsmb? But I :: can't find the PPD from CUPS. They were available in the CUPS web :: config. : : No, if you use the cupsaddsmb, you end up using generic ps drivers on : the windows clients, in most cases you want the windows driver to be : installed there. Thank you. I guess I won't proceed with cupsaddsmb further. ::: Well, you should also have some directories under there such as ::: W32X86 etc. Check the perms of those, and also ensure the share has ::: enabled write for whoever is trying to upload drivers. :: :: All subfolder are there. It is 755 for all subfolders. The :: subfolders were created by Mandrake by default. I even did a :: setfacl -m g:"ARKONDOMAIN\Print Admins":rwx /var/lib/samba/printers, :: and gave rx access for all parent folders. But still unsuccessful 8( :: Please help. : : You need write access to the folders *below* /var/lib/samba/printers, so : try: : # setfacl -d -m g:"ARKONDOMAIN\Print Admins":rwx /var/lib/samba/printers : :: Regards, :: Norman : : It might help to send me your whole smb.conf so I can see exactly how : you are setup. I tried changing the winbind separator to \ # Samba config file created using SWAT # from 0.0.0.0 (0.0.0.0) # Date: 2003/01/14 14:44:12 # Global parameters [global] workgroup = ARKONDOMAIN netbios name = PRNSERVER server string = Samba Server %v security = DOMAIN encrypt passwords = Yes obey pam restrictions = Yes password server = PDCSERVER log file = /var/log/samba/log.%m max log size = 50 socket options = TCP_NODELAY SO_RCVBUF=8192 SO_SNDBUF=8192 printcap name = cups character set = ISO8859-15 os level = 18 preferred master = No local master = No domain master = No dns proxy = No winbind uid = 1-2 winbind gid = 1-2 template shell = /bin/bash winbind separator = + winbind use default domain = Yes printer admin = root, @"ARKONDOMAIN\Print Admins" printing = cups print command = lp -d %p -o raw %s; rm -f %s [hp5p] comment = HP LaserJet 5P--Show Room path = /var/spool/samba/hp5p guest ok = Yes printable = Yes print command = lpr-cups -P %p -o raw %s printer name = hp5p [print$] comment = Printer Drivers path = /var/lib/samba/printers write list = root, @"ARKONDOMAIN\Print Admins" guest ok = Yes dos filetimes = Yes [printers] comment = All Printers path = /var/spool/samba guest ok = Yes printable = Yes browseable = No [root@prn root]# setfacl -d -m g:"Print Admins":rwx /var/lib/samba/printers/ [root@prn root]# getfacl /var/lib/samba/printers getfacl: Removing leading '/' from absolute path names # file: var/lib/samba/printers # owner: root # group: root user::rwx group::r-x group:Print Admins:rwx mask::rwx other::r-x default:user::rwx default:group::r-x default:group:Print Admins:rwx default:mask::rwx default:other::r-x [root@prn root]# smbstatus Samba version 2.2.7 Service uid gid pid machine -- IPC$ ARKONDOMAIN+domainadmin ARKONDOMAIN+Print Admins 5178 2139-1-20 (192.168.22.34) Tue Jan 14 14:45:23 2003 IPC$ ARKONDOMAIN+domainadmin ARKONDOMAIN+Print Admins 5178 2139-1-20 (192.168.22.34) Tue Jan 14 14:44:49 2003 No locked files [root@prn printers]# ls -l total 20 drwxrwxr-x2 root root6 Nov 25 10:15 W32ALPHA/ drwxrwxr-x2 root root6 Nov 25 10:15 W32MIPS/ drwxrwxr-x2 root root6 Nov 25 10:15 W32PPC/ drwxrwxr-x2 root root6 Nov 25 10:15 W32X86/ drwxrwxr-x2 root root6 Nov 25 10:15 WIN40/ [root@prn printers]# pwd /var/lib/samba/printers [root@prn drivers]# ls ADFONTS.MFM ADOBEPS5.DLL cupsdrvr.dll DEFPRTR2.PPD PSMON.DLL ADOBEPS4.DRV ADOBEPSU.DLL cups.hlp hplj5p_1.ppd ADOBEPS4.HLP ADOBEPSU.HLP cupsui.dllICONLIB.DLL [root@prn drivers]# pwd /usr/share/cups/drivers [root@prn drivers]# getfacl /usr/share/cups/drivers getfacl: Removing leading '/' from absolute path names #
Re: [expert] And the fun continues
Tibbetts, Ric wrote: Mark Weaver wrote: On Wednesday 15 January 2003 10:57 am, Tibbetts, Ric scribbled nervously: Sheesh! NOW, the server (firewall side) is just bulk rejecting ALL connections (again!). It considers any incoming mail as a SYN attack, and rejects it! (egads! I'm getting tired of this chase!). I thought I had this sorted out... /var/log/messages is bing filled with messages like: [snip] It's all incoming mail, that is not coming in! Any thoughts on WHY it would interpret all incoming connections as an attack? Anything not already blocked is interpreted as a SYN attack, and is rejected, and added to the list Thanks ! Ric Ric, do yourself a huge favor and turnoff and uninstall PortSentry. He's a tired old man with a serious bladder control problem. he sh*ts himself from time to time as well. do that and you should be feeling a lot better. Mark (anyone); At what point in your startup is iptables starting (remember that my rcx.d directories got trashed). I'm missing something, and I need to figure out what! Any help is greatly appreciated!!! Ric Ric, as I recall its rather early in the boot process. i'll check and then repost what I find. Mark Want to buy your Pack or Services from MandrakeSoft? Go to http://www.mandrakestore.com
Re: [expert] And the fun continues
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Tibbetts, Ric wrote on Wed, Jan 15, 2003 at 10:57:39AM -0500 : > > Any thoughts on WHY it would interpret all incoming connections as an > attack? Anything not already blocked is interpreted as a SYN attack, and > is rejected, and added to the list PortSentry is nothing more than a Denial of Service on yourself if you have a busy site. At any rate, knock the sensitivity back one (from 0 to 1 IIRC) and it should become less sensitive. Blue skies... Todd - -- MandrakeSoft USA http://www.mandrakesoft.com Easy things should be easy, and hard things should be possible. --Larry Wall Cooker Version mandrake-release-9.1-0.1mdk Kernel 2.4.20-2mdk -BEGIN PGP SIGNATURE- Version: GnuPG v1.2.1 (GNU/Linux) iD8DBQE+JbSnlp7v05cW2woRAkYEAKCyCkLyJbuGX5dmEKxmNjaHtbnI5QCfZbo1 MM6lSrx2sbEDznVl/tCel64= =Zv2j -END PGP SIGNATURE- Want to buy your Pack or Services from MandrakeSoft? Go to http://www.mandrakestore.com
[expert] Rejected Connections
All; Let me try this from a different angle. I have a server with problems. Right now, it's rejecting all connections to port 25 (mail). I can do everything else, but that. The server is running postfix for sending mail, and smtp is open in the firewall. It was accepting connections this morning, and has now stopped. Mysteriously. I'd sure appreciate any pointers on what could/would cause a server to suddenly stop accepting connections... Ric Want to buy your Pack or Services from MandrakeSoft? Go to http://www.mandrakestore.com
Re: [expert] And the fun continues (it's dead again)
Tibbetts, Ric wrote: > Mark Weaver wrote: > >> On Wednesday 15 January 2003 11:30 am, Tibbetts, Ric scribbled >> nervously: >> >>> Mark Weaver wrote: >>> On Wednesday 15 January 2003 10:57 am, Tibbetts, Ric scribbled nervously: > Sheesh! NOW, the server (firewall side) is just bulk > rejecting ALL >> >> connections >> > (again!). It considers any incoming mail as a SYN attack, and > >> >> rejects >> > it! (egads! I'm getting tired of this chase!). I thought I > had this sorted out... > > /var/log/messages is bing filled with messages like: [snip] > It's all incoming mail, that is not coming in! > > Any thoughts on WHY it would interpret all incoming > connections as >> >> an >> > attack? Anything not already blocked is interpreted as a SYN > attack, and > is rejected, and added to the list > > Thanks ! > > Ric Ric, do yourself a huge favor and turnoff and uninstall PortSentry. He's >>> >> >> a >> tired old man with a serious bladder control problem. he sh*ts himself >>> >> >> from >> time to time as well. do that and you should be feeling a lot better. >>> >>> >>> I shut it off when it started puking like that. THen I cleaned >>> out /etc/hosts/deny. >>> >>> But it's still not accepting any connections, it's just quieter >>> about it. It's just not receiving anything. When it did this the >>> other day, xinetd was down. I checked that... alls well there. >>> It's running. >>> >>> this is really getting frustrating! If I were 3000 miles closer, >>> I'd shoot the thing between it's transistors, and rebuild it. But >>> I'm just >> >> >> a >> >>> bit to far away for that. >>> >>> I can still ssh in, so at least I can work on it. But I'm lost as >>> to >> >> >> why >> >>> it started doing this again... It was fine, up until about a half >>> >> >> >> hour >> >>> ago.. Then it just stopped receiving connections. There's nothing >>> in >> >> >> the >> >>> logs.. I even tried the M$ method: Reboot.. no joy. It didn't >>> help. >>> >>> And stopping portsentry doesn't make any difference. It's not the >>> mail system either. I reverted back to the pre-spam >> >> >> filter >> >>> version. That didn't make any difference. It's just started >>> rejecting all connections. >>> >>> gotta be a reason >>> >>> Ric >> >> >> >> well...this sounds horribly familiar, so I'll set to work trying to >> recall what it was I was doing when this happened to me, and how I >> handled the situation. damned thing of it I should have kept up my >> journal of that period. there was a time when everything I touched >> on that machine turned to crap! it's not so bad now cause I've had >> a lot of practice. :) don't worry though...it'll come to >> me...eventually. > > > Ok, let's get basic. It was running when I first checked on it this > morning. The spam filter was tight, so I loosened that up a little > (pure postfix config file stuff. NO systems level stuff). Then I > restarted postfix, and the server stopped receiving connections. > > I rebooted. > > Then portsentry went crazy on the reporting, and started rejecting > every incoming mail connection. (actually, I suspect that they were > being rejected anyway, there was no new mail coming in before that). > > The last time it started acting like that, xinetd wasn't running. > This time it is. > > The firewall is up. iptables is running. > > postfix is up > > I can "send" mail from it, and users from inside that network can > pass through it, so masq'ing is working right. > > Why is it rejecting ALL incoming e-Mail connections? > > And ONLY incoming e-Mail connections. I can ssh in, and the web > server is running, and allows connections... > > But any incoming e-Mail is interpreted as an attack, and rejected. > > Where is this coming from ?!?! (portsentry is shut off. But I've > been running it a very long time. I've seldom found it the source of > the problem, on the messenger. Without it, I feel like I'm running a > bit blind... > > Any thoughts? Suggestions on where to look? WAGs? > > This server has been a super reliable server for the past 3 years. > It's been on 8.1 for a year or so, and has never caused any problems. > Now all the sudden... I can't keep it running... > > HELP! > > Ric Ric, how is it you're certain that the connections to port 25 are being interpreted as attacks on the system? apart from PortSentry I can't think of anything else that would cause that port to be closed and refuse a connection. the only other cause for the connection being refused is if the service itself isn't running. other then things stated above I'm drawing a blank. try this though...drop the firewall and then see if a connection can be made, and double check your firewall rulesset to make sure that it is allowing connections to port 25. Mark Want to buy your Pack or
Re: [expert] NIC insmod Runaround
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Michael Adams wrote on Wed, Jan 15, 2003 at 10:47:44PM +1300 : > I am learning the basics of networking and have stuck an old PI beside my > PIII. I have a NIC installed in each with a patch cable and have succesfully > insmoded or modprobed both computers once. The modprobe seems to do an insmod > as part of its operation. That was fine, i set up eth0 with > # ifconfig eth0 192.168.0.2 netmask 255.255.255.0 up > on one and "... 168.0.1 ..." on the other. ping worked fine in both > directions. > I shut them down to put everything back together. After the reboot neither > ifconfig, modprobe, or insmod would work (in that order). It is like some The kernel needs to know to load the 8139too when you try to access that device. So in your /etc/modules.conf, you need: alias eth0 8139too Then the system needs to know what IP address you want it to have. Put the following in /etc/sysconfig/network-scripts/ifcfg-eth0: DEVICE=eth0 BOOTPROTO=static IPADDR=192.168.0.2 NETMASK=255.255.255.0 ONBOOT=yes Then you can just run 'ifup eth0' and it will load the module for you and assign the IP address. To make it automatic, configure the "network" service to start at boottime with 'chkconfig network on' Blue skies... Todd - -- Todd Lyons -- MandrakeSoft, Inc. http://www.mandrakesoft.com/ Favourite shell: bash, though I also like 'init=/usr/bin/emacs' --Andrew Tridgell Cooker Version mandrake-release-9.1-0.1mdk Kernel 2.4.20-2mdk -BEGIN PGP SIGNATURE- Version: GnuPG v1.2.1 (GNU/Linux) iD8DBQE+JbQ8lp7v05cW2woRArOFAJ9Pk3WzHoAjqLi74lwjJRIAtkRiAQCfeppz CjpTEEMVSMsRRAa6Uf9+e44= =Nety -END PGP SIGNATURE- Want to buy your Pack or Services from MandrakeSoft? Go to http://www.mandrakestore.com
[expert] HP OfficeJet R40 (as scanner) and Netgear PS110 (printer server)
I was able to configure my Mandrake 9.0 system to use a remote printer (HP OfficeJet R40) via Netgear's PS110 printer server. I am able to print but I just realized that I could no longer use the printer to scan (via xsane) (it's a printer, scanner and copier in one). Is there a way to configure xsane to use this remote printer as a remote scanner? Content-Type: text/plain; charset=us-ascii; format=flowed Content-Transfer-Encoding: 7bit HP OfficeJet R40 (as scanner) and Netgear PS110 (printer server) I was able to configure my Mandrake 9.0 system to use a remote printer (HP OfficeJet R40) via Netgear's PS110 printer server. I am able to print but I just realized that I could no longer use the printer to scan (via xsane) (it's a printer, scanner and copier in one). Is there a way to configure xsane to use this remote printer as a remote scanner? Want to buy your Pack or Services from MandrakeSoft? Go to http://www.mandrakestore.com
Re: [expert] OT network backup solutions
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Mark Belanger wrote on Wed, Jan 15, 2003 at 03:28:54AM -0500 : > Can anyone recommend a backup solution for > a fairly large(300 node) heterogeneous network. > We currently have Solaris, Windows, Linux, SunOS, > and DomainOS machines. Amanda is a good free choice. Requires a bit of patching for simple features like "fill unused portion of tape". Amanda is commandline oriented (ie no gui and no curses access). BRU is a good choice since their licensing is very straightforward. The software is good and designed to allow you to share devices if necessary. Access is GUI but can be scripted. Arkeia is a good choice, but their licensing gets very expensive on large networks. They also use proprietary drivers and hold exclusive locks on device access. Access is GUI 100%. Which one you choose should depend on you trying one of each. Blue skies... Todd - -- | MandrakeSoft USA | Security is like an onion. It's made | | http://www.mandrakesoft.com | made up of several layers and makes | | http://www.mandrakelinux.com | you cry. --Howard Chu| Cooker Version mandrake-release-9.1-0.1mdk Kernel 2.4.20-2mdk -BEGIN PGP SIGNATURE- Version: GnuPG v1.2.1 (GNU/Linux) iD8DBQE+JbN3lp7v05cW2woRAt6xAJ0d1n5HAumWGCjdrqO4BxoaI/UdegCgqnDT jxQlKooCpOLr8wzT+zOzCb8= =nqMV -END PGP SIGNATURE- Want to buy your Pack or Services from MandrakeSoft? Go to http://www.mandrakestore.com
Re: [expert] Making OpenOffice StarOffice (or other app) launch faster
On Wednesday 15 January 2003 19:03, Brent Hasty wrote: > I have multiple useres on my MDK 9 Terminal Server, running on thin > clients. I was wondering if there were a way to precash specific apps on > say a ram disk or other suitable method to improve the launch time of > common and often used apps like openoffice or staroffice. > > What are my options in linux to do somthing like this. http://ooqstart.sourceforge.net/ This applet provides a quick launcher for Open Office 641C+ or Star Office 6.0+. It attempts to mimic the functionality provided by the quickstarter tray icon on the other operating system supported by Open Office. The program attempts to keep a background process alive at all times, even if that process is terminated by the user. The four main applications: Writer, Calc, Draw, and Impress can be launched directly from the context menu of the applet. HTH Damian Want to buy your Pack or Services from MandrakeSoft? Go to http://www.mandrakestore.com
Re: [expert] "Removable Media" icon
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Chuck Burns wrote on Tue, Jan 14, 2003 at 10:59:03PM -0600 : > > How do I rid myself of that annoying Removable Media icon, that KDE > insists on putting on my desktop, even tho I have added the devices to > the desktop manually? Every time I delete it, it comes back when I > log out and back in mv /usr/share/mdk/kde/removable_media.directory /some/place/safe Restart KDE. Blue skies... Todd - -- MandrakeSoft USA http://www.mandrakesoft.com Mandrake: An amalgam of good ideas from RedHat, Debian, and MandrakeSoft. All in all, IMHO, an unbeatable combination. --Levi Ramsey on Cooker ML Cooker Version mandrake-release-9.1-0.1mdk Kernel 2.4.20-2mdk -BEGIN PGP SIGNATURE- Version: GnuPG v1.2.1 (GNU/Linux) iD8DBQE+JbKTlp7v05cW2woRAgEyAKCeoRc1YaBqUykv8b5UiIMm5qvqLACdGAt3 +BUx2N/2rkKNICKEzlZISXE= =psdJ -END PGP SIGNATURE- Want to buy your Pack or Services from MandrakeSoft? Go to http://www.mandrakestore.com
Re: [expert] How start sshd at boot time?
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Eduardo Mendes wrote on Wed, Jan 15, 2003 at 05:07:55PM + : > > > > Look at which runlevels sshd is turn on. If they are all off, try: > > chkconfig --level 2345 sshd on > error reading information on service sshd: No such file or directory rpm -q openssh-server It sounds like you don't have it installed. > I am using ssh-3.2.0. > What am I doing wrong? Ummm, using a non-Mandrake package. We use openssh, not RSA's ssh. Blue skies... Todd - -- | MandrakeSoft USA | Sometimes you get what you want. | | http://www.mandrakesoft.com | Sometimes you get experience.| | http://www.mandrakelinux.com |--unknown origin | Cooker Version mandrake-release-9.1-0.1mdk Kernel 2.4.20-2mdk -BEGIN PGP SIGNATURE- Version: GnuPG v1.2.1 (GNU/Linux) iD8DBQE+JbHylp7v05cW2woRArbQAJ9OmJ5ElxSH8c6Lyl9Iubra2cNDjQCgsusP LT0C1JyMta77zwlW9+fGXeU= =NgiI -END PGP SIGNATURE- Want to buy your Pack or Services from MandrakeSoft? Go to http://www.mandrakestore.com