Re[2]: [expert] BASH Scripts

2002-02-27 Thread Rusty Carruth 

<[EMAIL PROTECTED]> wrote:
> On Wed, 27 Feb 2002, Tom Badran wrote:
> > What im trying to do is get an email sent to me every time the IP changes on
> > a specific machine, so i always have a record of it for logging in via ssh.
> > The specific connection is ppp0 which auto redials on disconnect. If there is
> > an easier way of doing this please share with me.
> >
> I.e.
>   IP=`ifconfig eth0|grep "inet addr"|cut -d: -f2|cut -d' ' -f1`
> (or something equally ugly)
> 
>   Then do something like:
> 
>   Old_IP=`cat $FILENAME`
> 
>   [ "$IP" == "$OLD_IP" ]; then do_something

Oh.  Duh.  If I'd read the email closer, I'd have posted THIS script instead:

[root@fw antispam]# cat  /etc/rc.d/init.d/what.a.hack
#!/bin/bash
newip=`/sbin/ifconfig ppp0 | /bin/egrep 'inet addr' | /bin/sed 's/inet addr://' | 
/bin/awk '{print $1}'`

if [ ".$newip" = "." ] ; then
echo oops - newip is blank again
# this happens more than I would like, one of these days I will figure out why.
exit -1
fi
oldip=`cat /tmp/current.ip`
if [ "$newip" == "$oldip" ] ; then exit 0 ; fi

echo $newip >> /etc/rc.d/init.d/iplog
/bin/sed "s/FARBOO/$newip/" /etc/rc.d/init.d/rc.fw.basehack > /root/rc.hacko
echo $newip > /tmp/current.ip
chmod 700 /root/rc.hacko
/sbin/ipchains -L -n -v -x
/root/rc.hacko
echo $newip | elm [EMAIL PROTECTED]


And I run that in a cron job.  Here's my crontab entry:

0,5,10,15,20,25,30,35,40,45,50,55 * * * * /etc/rc.d/init.d/what.a.hack


Yeah, its quite a hack.  But it does the trick of resetting my firewall rules
whenever the ip addr changes, and it notifies me, and everything.

There's probably much better ways to do this, but I got it working this way
and have no plan to fix it ;-)

rc




Want to buy your Pack or Services from MandrakeSoft? 
Go to http://www.mandrakestore.com

Re: [expert] BASH Scripts

2002-02-27 Thread Rusty Carruth 

Tom Badran <[EMAIL PROTECTED]> wrote:
> -BEGIN PGP SIGNED MESSAGE-
> Hash: SHA1
> 
> How can i use an if in a bash script so that it will only run commands if the 
> specified file is empty? 
> 
> Basically, ive set up a cache system by which the output of ifconfig is 
> stored in /var/cache/IP/1
> 
> Then, every minute my script is run. It first puts the output of ifconfig in 
> /var/cache/IP/2 and diff's it with 1 outputing that to a file 'diff'. I then 
> want to run a series of commands if the file diff is not empty.
> 
> What im trying to do is get an email sent to me every time the IP changes on 
> a specific machine, so i always have a record of it for logging in via ssh. 
> The specific connection is ppp0 which auto redials on disconnect. If there is 
> an easier way of doing this please share with me.

One way to do it is this sort of hack:

[rustyc@fw rustyc]$ cat bin/watchmail 
#!/bin/bash
foo="`ls -l /var/spool/mail/rustyc`"
while : ; do
for j in 1 2 3 4 5 6 7 8 ; do
for i in 1 2 3 4 5 6 7 8 9 0 ; do
if [ "`ls -l /var/spool/mail/rustyc`" = "$foo" ] ; then
echo -n '.'
sleep 30
else
echo ""
echo `date`
#echo "Was $foo"
echo "`ls -l /var/spool/mail/rustyc`"
foo="`ls -l /var/spool/mail/rustyc`"
egrep '^Subject' /var/spool/mail/rustyc | tail -2
sleep 30
fi
done
#date #; echo -n '.'>>~/rnlog
done
echo ""
#echo -n `date ; ls -l /var/spool/mail/rustyc`
done

(that script watches for a change to file /var/spool/mail/rustyc and shows the
change (and a few lines from the file) when it does - sort of a poor man's 
textual biff ;-)

The key lines are:

foo="`ls -l /var/spool/mail/rustyc`"
while : ; do
if [ "`ls -l /var/spool/mail/rustyc`" = "$foo" ] ; then
# no change
else
# file has changed
fi
done


On the other hand, diff will return nonzero return status if the files are different,
so you can just say something like:

diff foo1 foo2
if [ $? -eq 0] ; then
   # no change
else
   # change
fi

(Assuming I'm remembering the syntax for 'return status from last command' right,
if not I'm sure someone will fix this for us ;-)

rc




Want to buy your Pack or Services from MandrakeSoft? 
Go to http://www.mandrakestore.com

Re: [expert] Why Journalled FS do I have to use??!!!

2002-01-28 Thread Rusty Carruth 

> 
> resierfs should be NFS happy since 2.4.7 (ish). Im a little concerned
> with xfs though I use it a lot on SGI's, it just doenst seem to be
> getting the support of the other file systems. Ive found ext3 to be
> exceedingly slow on large volumes :(

Huh.  Surprise surprise, I say.  I just installed a 8.1 machine,
set up with / as reiser and /boot as ext2.  I recently decided
that I wanted to mount an nfs thingy on /home/userid, and it worked
just fine and dandy, so I suppose the answer is:  NFS and Reiser
work for me ;-)

> I like resierfs and havnt seen any problems yet!  with about 1.5
> terabytes in total of rfs file systems

Yikes.  Here I thought my little old 40 gig drive was cool!  ;-)

> > Civileme suggested XFS to me when an issue came up over Reiser's
> > compatibility with NFS.  Last I heard there was still a question mark
> > over this, so I would go XFS or EXT3 if you are going to use NFS
> > mounts.  Otherwise - flip a coin?

Well, I see I'm going to have to try xfs too ;-)  (Just so I know
if there's any diff.  I'd tried ext3 for a bit, but have since
switched to reiser as it 'feels' faster - whatever THAT means!)

rc



Want to buy your Pack or Services from MandrakeSoft? 
Go to http://www.mandrakestore.com

Re: [expert] Files or data transfer via Lan Hub

2002-01-07 Thread Rusty Carruth 

> Hi Rusty,
> 
> Thanks for your advice.
> 
No problem.  Glad I happened to notice your reply, as I'm swamped with
email ;-)
> 
> At 09:55 AM 1/6/2002 -0700, you wrote:
> >a switch as through a direct cable.  The difference is in the short delay
> >while the switch looks at the mac (and possibly) IP addresses in the
> >packet before starting to send it along.  (Assuming your switch does not
> >hold the entire packet before sending it along - a bad thing if it does,
> >'cause then its just a non-configurable router!).
> 
> What are TRUE switch and pseudo-switch, example appreciated.

Well, a true switch will only pass broadcasts (and other packets for
which the MAC destination is unknown to the switch) and packets destined
for the MAC address sitting on the port to that port.  

A pseudo switch will send more than the minimum set of packets required
(as I tried to 'list' in the previous paragraph).

A switch which holds the entire packet before sending it along to
the minimal set of destinations could be considered a true switch
also, but its really functioning like a store-and-forward router,
which is slower.

None of these can be told by inspection of the box, eh?  Maybe
the documentation will tell, maybe not.

And, admittedly, its somewhat esoteric and not REALLY important
to most network setups that do not load their network much.

But, if you CAN tell, at the store, which kind of switch  you've
got, get the fastest one ;-)

> >...
> >For raw speed, ftp has been, in my experience, the fastest, due to the
> >lower overhead.  However, its always good to do some experiments to
> >see what's REALLY faster.  Just beware of caching!
> 
> Thanks.  What is RAW speed ?

Well, maybe I should have said 'pure speed'.  I meant that, in my
experience, and if you only consider file transfer speed, and
not the time involved in setting up the transfer, then ftp
has always been the fastest in all my experiments (which I have
NOT run in some number of years!)

On a side note, if you want unattended synchronization of files
and/or directories, give rsync a look.  It can be configured to
only transfer the parts of files that have changed - so if you
have a 200 meg file, and only 10 meg has changed, then it will
transfer just the 10 meg (or so) thats different.  (There are,
of course, some caveats there - some of them being that you
are trading network loading for time spent calculating CRCs
of the files on both ends - but I've seen the amount of data
needed to be sent be reduced from around a gig to around 10 meg!
That makes the T1 linking these 2 machines together look like
a 150Mb link!  Sorta ;-)  I think rsync might be on sourceforge,
give http://www.freshmeat.net a search for rsync...)

rc



Want to buy your Pack or Services from MandrakeSoft? 
Go to http://www.mandrakestore.com

Re: [expert] Files or data transfer via Lan Hub

2002-01-06 Thread Rusty Carruth 

> Hi Michael,
> 
> Thanks for your detail information and time spent.
> 
> At 10:52 AM 1/5/2002 -0600, you wrote:
> >AFAIK, you can't (could be wrong).  You'd have much better success going
> >through the hub.
> 
> Can 2 Linux boxes (or one Linux box and one Win box) both having 10/100Mb 
> network cards installed be connected directly with cross-over cable for 
> file/data transfer without going through a hub.

Yes, they can.  However, if you have a TRUE switch and not just a pseudo-
switch (i.e. its not truly switching) then, as long as you don't overload
the backplane bandwidth of the switch, you can run almost as fast through
a switch as through a direct cable.  The difference is in the short delay
while the switch looks at the mac (and possibly) IP addresses in the
packet before starting to send it along.  (Assuming your switch does not
hold the entire packet before sending it along - a bad thing if it does, 
'cause then its just a non-configurable router!).

> How to achieve the max speed 100Mb via a hub or connected directly ?

Direct *might* be marginally faster, maybe.  I'd say try an experiment...

> >File (or data)
> >transfers are handled via some sort of software.  In the case of two Linux
> >PCs, you could do so via NFS or via scp or sftp or even ftp.
> 
> What is full term for scp and sftp ?

Secure CoPy and Secure File Transfer Protocol.

SCP is part of OpenSSH (and commercial SSH too I think).

I forget if sftp is also...


For raw speed, ftp has been, in my experience, the fastest, due to the
lower overhead.  However, its always good to do some experiments to
see what's REALLY faster.  Just beware of caching!

> Thanks in advance.
> 
> B.R.
> Stephen

Not sure if I answered the question that was asked, sorry if not!

rc



Want to buy your Pack or Services from MandrakeSoft? 
Go to http://www.mandrakestore.com

[expert] My latest experience with Western Digital Hard Drives!

2002-01-05 Thread Rusty Carruth 

Well, I promised news, so I'll deliver.

I have now had 2 considerably different experiences with
Western Digital hard drives.
  
The first one was with the company.  I had a 2 gig
drive die.  1 week after the MFGR warranty expired!
I did not know that it had expired, so was calling
WD to see if it was covered.  The guy on the phone 
said "Hold on a minute, let me see if I can extend
the normal warranty."  he came back and said no problem,
they would send me a new drive, and I could send back
the old dead one in the box the new one came in.

Cool.


Well, unfortunately, I've just finished having a 
considerably different experience, but at least not
with people at the company...

I have a nifty keeno 100 MHz Intel box that I decided 
would make a nice firewall to install LM 8.1 onto.
It has a 1.2 gig WD drive and a 1.2 gig drive from
someone else.

This machine is so old that it does not use DIMMs!

It came with around 32 meg of ram as I recall, and
I had all kinds of trouble trying to install, so I
decided to buy more memory (don't ask!), and when
it arrived I happily stuck the new 128 Meg of ram
into the machine and started loading.

All KINDS of strange things started happening, and
the number of times I've (attempted to) re-installed
8.1 on this machine is unbelievable.  I even tried
dropping to 64 meg just in case it was a memory 
problem.

Then I ran the bootup memory test overnight.  No
problem.

So, the last time I tried installing, I removed
the swap partition that was on the WD disk drive.
And went swap partitionless (non optimal, I know,
especially with only 64Meg of ram!).  For the first
time since I started working on this machine, it
installed fine, and I got all the way to the 
configure X screen, and foolishly tried to test
the setup.  Two hours later I'd still not gotten
the blue background on the X display!

However, as I say, I've never gotten this far
in the past, and the only difference seems to
be the removal of the WD drive as swap.

If I discover anything that changes my mind
about WD being a very bad choice as a swap
drive, I'll 'post' another email when I do...

rc




Want to buy your Pack or Services from MandrakeSoft? 
Go to http://www.mandrakestore.com

Re: [expert] LM 8.1 (and 7.2) on Toshiba satellite pro 435cds

2002-01-05 Thread Rusty Carruth 

> Sorry, no luck here either.  Not a big deal.  I wouldn't be messing with my
> 7.2 install at all if not for a sound and cdrom access problem.  If the kde
> packages that came with the disks are used, it works perfectly, but if I
> upgrade to the updated packages I lose sound for everyone except root (and
> access to the cd drive too).
> 
> Regressing to the prior version of kde fixes the problem but all things
> considered I would rather go forward than back...  Also kde 2.2 packages
> cause problems as well and are basically unusable...  Would an install from
> the kde source packages solve these problems?
> 
> TWGibson

Hmm.  sounds to me like a permissions problem.  Don't know if install from
kde source would help or hurt.

Since things work for root, its not a control problem, eh?

So, if you want to check permisisons on /dev/dsp (and whatever it points to)
No, better: do this:

ls -l /dev|egrep audio

and save it to a file (i.e. do above '> a.file'), upgrade (again, sorry!) 
and then check to see what permisisons are different.  Also, check with
/etc/fstab before and after the upgrades to see what has changed there,
because I bet there's a user allow option turned off after the upgrade
(shoot, to be paranoid save all of /etc/ somewhere just before you upgrade ;-)

Maybe that will isolate the changes for you, so you can change them back...

rc

(now, if I could just get 8.1 to install on my laptop!  :-)

(ps#2 - sometime soon I'm going to post a summary of my very recent experiences
with WD hard disk drives!)



Want to buy your Pack or Services from MandrakeSoft? 
Go to http://www.mandrakestore.com

Re: [expert] A strange thing happens to my network

2002-01-02 Thread Rusty Carruth 

> On Wed, 2002-01-02 at 06:39, daRcmaTTeR wrote:
> > Hi list,
> > 
> > I've noticed over the last few days that my LAN seems to get stale after
> > a day or so and needs to be restarted. Could this really be happening or
> > is it just my imagination? the machine has been up for 16 days now with
> > only one client connected via dhcp. I am sharing the internet dialup and
> > at times it appears to go south for the client as well until the network
> > is restarted.
> > 
> > any thoughts...ideas...flames?
> 
> Have you looked at /var/log/messages and other log files? Have you run
> 'top' to see what processes might be gobbling up resources? How about
> 'ps -ax' to see a snapshot of all processes? Any other analysis to help
> us help you?
> 
> Dave

Hmm.  Also, do 'netstat -a', 'route', and 'ifconfig' and save the output
in file(s) when the network is working so you compare to the same output
when the network quits.

And what exactly happens when it 'goes stale'?   Can you ping anything
on the local net?  How about remote?  How about traceroute to a system
on the local (and then on a remote) network?

What kind of ethernet card?  I've seen a situation where a certain
ethernet card (wish I could remember which one!) would quit working
after a certain number of characters were sent through it!  We ended
up returning that ethernet card...

rc



Want to buy your Pack or Services from MandrakeSoft? 
Go to http://www.mandrakestore.com

Re: [expert] framebuffer.

2002-01-01 Thread Rusty Carruth 

> 
> I could be wrong,
> it has happened before :-) , but I think that X needs to be told to use
> framebuffer as its "driver"
> 
> Civilme said something about using X3.x to get framebuffer, but I didn't
> really catch the drift of his comment.
> 
> Actually, I just looked on the 8.1 install CD and notice this
> :XFree86-FBDev-3.3.6-23mdk.i586.rpm
> but I can't find the actual X server, I found server-common, but not the
> server and not the client either, I can't imagine them being on another CD,
> can't use rpmdrake, because I don't have a working rpmdrake (no GUI
> remember)
> 
> any ideas what packages I have to install to get 3.3.6-23 to work?

No, what I (think I) did was just go do an upgrade, and select 3.3.6
version and all went well.  (is this clear?  what I mean is, once
it was all installed, I either did a full install or I booted on 
the install CD and said 'upgrade' (using expert mode - I've not
used the other mode in so long I have no idea what the differences
are!).  Then, if I remember right, it just worked i.e. I answered
the minimum questions I could get away with to get to the X
install part, and it finally got there - and asked me
what version of X I wanted (and it was rather quick, since no
packages needed upgrading ;-).  I chose 3.3.6 and made sure that
it was right using the check mode, then I was done...)

Hope this helps and is less than confusing!

(I'm busy installing the subfloor for ceramic tile right now,
so my reply times will be rather long!)

rc



Want to buy your Pack or Services from MandrakeSoft? 
Go to http://www.mandrakestore.com

Re: [expert] framebuffer.

2002-01-01 Thread Rusty Carruth 

(This is replied to Frank, cc'd the list)

> Hi all,

howdy!

> I am trying to install linux on an IBM box, it needs samba, postfix and
> other stuff and I'd like a basic GUI, so that the non techie guys can still
> do basic admin stuff...
> 
> I have everything but the GUI working..
> 
> The box uses a S3 savage card that X doesn't seem to recognise.. however
> framebuffer seems to work just fine. (or at least it did during install)
> 
> So my question is this.. if I can't get the savage card working in X, I'd
> like to get X working in FB...

Hmm.  Well, *I* thought that, if the kernel used FB, then everything else
did too.  I'm looking forward to any clarification we get here!

> how do I go about doing that? I have Aurora installed and working fine, and
> that relies on FB doesn't it?

I think the answer is yes..

> Currently I have XFree86-4.1.0-17mdk and all its dependencies installed, but
> I can't get any soft of display..

I'd say try the other version of x - 3.6.6 or whatever it was that starts
with 3.  I had a problem on my Dad's box where 4.1 did not handle the board
at all correctly, but 3.x.x worked just fine.  And since I think that the
kernel did FB on his box as well, then maybe 3.x.x will work for you also.

> Can anyone give me some pointers or a page with a howto for setting up X
> using framebuffer?

Cannot help you there, sorry!

rc



Want to buy your Pack or Services from MandrakeSoft? 
Go to http://www.mandrakestore.com

[expert] feedback on my recent 8.1 installs

2001-11-26 Thread Rusty Carruth 

If someone wants to hit me with a clue-by-4 on a better
place to send this, please do (privately!)...

This last weekend I worked on installing Mandrake 8.1 on
my father's computer, and I tried to install it on my laptop.  
I won't bore anyone with the gory details, but I will pass
on the following comments/bug_reports/requests_for_fixes/whines/
queries:

1 - BEWARE - you apparently cannot install Mandrake 8.1 on a 
machine with 32M of real memory (now, I am pretty sure
you can RUN on a machine with less than 32 meg, you 
just appear to be unable to INSTALL it).

The query is - does anyone know why this is happening,
and how hard would it be for me to create a special
boot image that will fit inside of my 32M laptop?

2 - BEWARE - Windows is dumber than you thought.  If you create
an extended partition, and only put linux partitions in
it, Windows 98 *and* DOS 6.2 *WILL LOCK UP.
Even before it checks the old 'F8' key!

Solution - convert the extended partition to linux extended
or put a rediculous dos partition inside the extended one.
(I chose the former solution.)

It would be really nice if the install had either warned
me of this, or simply not allowed it.  Of course, it *IS*
true that I used the 'expert' install mode ;-), so its
probably all my fault ;-)

just a little feedback/warning/whatever.  (I *almost* got my dad
to switch from Windows to Linux - so far he's pretty impressed, but
we had one small problem with email so he's still a bit uncomfortable
yet...)

(If anyone wants more gory details, I can supply them.  (Imagine
my horror when, after a fine Mandrake install, windows refused
to boot!  Even a dos6.2 floppy refused to boot!  I was glad to
have stored in the back of my head (some of) the stupidity of 
Windwoes!)

rc




Want to buy your Pack or Services from MandrakeSoft? 
Go to http://www.mandrakestore.com

RE[2]: [expert] Netgear FA-311 and linux - anybody tried? Got working???? (fwd)

2001-11-19 Thread Rusty Carruth 

"Scott Thurmond" <[EMAIL PROTECTED]> wrote:
> I have that card and encountered the same issue.  I didn't get the card to
> work properly under 7.2.  Luckily LM 8.0 came out just after I purchased the
> card.  I upgraded my box to 8.0 and it works perfectly.

and then Richard Wenninger <[EMAIL PROTECTED]> said:

> FWIW - I believe I've seen this card work with MD 8.1.

So, I guess its time to upgrade his machine!  (I'd seriously considered
doing that anyway, as its probably going to end up being used as
an internet gateway and I'd rather get the most recent security
stuff upgraded on it 'the easy way' ...

Thanks all!

rc




Want to buy your Pack or Services from MandrakeSoft? 
Go to http://www.mandrakestore.com

[expert] Netgear FA-311 and linux - anybody tried? Got working???? (fwd)

2001-11-19 Thread Rusty Carruth 


I've got the weirdest problem.

A friend bought a netgear FA-311 ethernet card, supposedly works
with linux.

(Well, ok, it supposedly works with a certain version of Red Hat,
which is at least one version of linux.  We won't go any further, 
ok?  ;-)

So, I took their (netgear's) sources, managed to get them to compile 
and load under mandrake - I could not get things to work at all.

So, I did a web search and found some network drivers that were supposed to
work with the fa-311, supplied as a SRPM.  So I built my own rpm 
from their src rpm, installed it, and things looked like they were
working fine - until I actually hooked it up to my network at home.

The short version:

subject machine: Mandrake 7.2, with the afore-mentioned network 
drivers installed, P200, 64meg ram, etc.

diagnostic machines: I think they are both mandrake 7.2 as well,
but don't quote me on that ;-)

My home network is 10.40.2.0 with a netmask of 255.255.254.0

I set up the fa-311 box with an address of 10.40.2.20, netmask 255.255.254.0,
and tried to ping my machine 10.40.3.1, which is definately up and
talking on the net.  The transmit light on the fa-311 card flashes,
as though it were transmitting packets.  But, I don't get an answer.
So, I go and do an arp -a on the two machines on my network that
I know work, and I don't see the fa-311 machine.  So, I try pinging
the other way.  The fa-311 does not reply.  And the 2 machines
don't have anything in their arp table either.

Has anyone seen anything like this with the FA-311?

Even more importantly, has anyone gotten it and fixed it???

thanks!

rc




Want to buy your Pack or Services from MandrakeSoft? 
Go to http://www.mandrakestore.com

Re[2]: [expert] Domain Name

2001-08-13 Thread Rusty Carruth 

Dave Horsfall <[EMAIL PROTECTED]> wrote:
> On Mon, 13 Aug 2001, George Petri wrote:
> 
> > What is the difference between http://domainname.com and
> > http://www.domainname.com.  Are they both the same?
> 
> Only if you make them so via the DNS.
> 
> > Because, some websites can only be accessed via http://domainname.com
> > (e.g. http://x42.com), while most only work with www.
> 
> There is nothing special about "www".
> 
> 
Yeah.  In fact, there was a move on a while back to not use 'www'
and instead use 'web' or 'w3'.  (You can see how far it got ;-).

at the Phoenix Linux User's group, we don't use www (even though
we could, and maybe should at least ALLOW it (http://plug.phoenix.az.us/)).

My home machine has lots of names, all by the magic of dns.

(a dig of descomp.com should turn up www, mail, and some others,
all pointing to the same place - my linux firewall ;-)

So, back to the original question.

the difference between www.foo.com and foo.com is that www.foo.com is
it is one level deeper on the DNS tree than a machine at foo.com,
and if you have both www.foo.com and foo.com, then technically
foo.com is a domain and www.foo.com is a machine - however often
you'll see foo.com resolving to an address (the same one as
for www.foo.com makes sense ;-)

There, now I bet its clear as mud!

(Where's that DNS Howto reference.. hmm... rats, I had it somewhere...
hmm, well go look up DNS HOWTO using you favorite search engine ;-)

rc


Rusty E. Carruth   Email: [EMAIL PROTECTED] or [EMAIL PROTECTED]
Voice: (480) 345-3621  SnailMail: Schlumberger ATE   ___
FAX:   (480) 345-8793 7855 S. River Parkway, Suite 116   \e/
Ham: N7IKQ @ 146.82+,pl 162.2 Tempe, AZ 85284-1825V
ICBM: 33 20' 44"N   111 53' 47"W  http://tuxedo.org/~esr/ecsl/index.html



Want to buy your Pack or Services from MandrakeSoft? 
Go to http://.mandrakestore.com

Re[2]: [expert] Non-destructive Linux Partition re-size

2001-08-13 Thread Rusty Carruth 

Praedor Tempus <[EMAIL PROTECTED]> wrote:
> I do not believe it is possible to non-destructively resize an ext2 
> partition.  For this I generally tar and bzip2 the partition that I will be 
> resizing and save the tar.bz2 file to another partition that has the 
> temporary space to allow this - or I copy it to a zip drive or burn it into a 
> cd.  Resize and then untar the archive.
> 
> On Monday 13 August 2001 08:08 am, Lonnie Cumberland wrote:
> > Hello All,
> >
> > does anyone know if there is something like FIPS for Linux?
> 
> 

I think that the version of Partition Magic that i've seen can
resize ext2 partitions...  But then, I coulda been sleeping ;-)

rc


Rusty E. Carruth   Email: [EMAIL PROTECTED] or [EMAIL PROTECTED]
Voice: (480) 345-3621  SnailMail: Schlumberger ATE   ___
FAX:   (480) 345-8793 7855 S. River Parkway, Suite 116   \e/
Ham: N7IKQ @ 146.82+,pl 162.2 Tempe, AZ 85284-1825V
ICBM: 33 20' 44"N   111 53' 47"W  http://tuxedo.org/~esr/ecsl/index.html



Want to buy your Pack or Services from MandrakeSoft? 
Go to http://.mandrakestore.com

[expert] modules and NetGear ethernet card

2001-08-09 Thread Rusty Carruth 


A friend of mine bought some NetGear ethernet cards, FA311 Fast 
Ethernet PCI card, to be precise, and I'm trying to get one to
work on his linux box.

Its LM7.2 on the box, on a PII/200 w/32M ram.

The card comes with a disk with instructions on how to
make it work for Red Hat, so I tried them and it almost
worked - I had to use a different compile command
than I'd expected.  Then I copied the .o to the 
appropriate place in my /lib/modules directory and
rebooted.

And got loads of 'undefined' references.

SO, it looks like its finally time to get the module creation
process understood.

1 - where do I go look for docs on that.

2 - has anyone made the NetGear FA311 card work under Mandrake?
How?

thanks!

rc


Rusty E. Carruth   Email: [EMAIL PROTECTED] or [EMAIL PROTECTED]
Voice: (480) 345-3621  SnailMail: Schlumberger ATE   ___
FAX:   (480) 345-8793 7855 S. River Parkway, Suite 116   \e/
Ham: N7IKQ @ 146.82+,pl 162.2 Tempe, AZ 85284-1825V
ICBM: 33 20' 44"N   111 53' 47"W  http://tuxedo.org/~esr/ecsl/index.html

Re[6]: [expert] Problems with SUID and/or SGID for programs.

2001-08-09 Thread Rusty Carruth 

"Sergio Martín Turiel (ADP)" <[EMAIL PROTECTED]> wrote:
> The security level is 3 in LM7 and LM8, instaled not updated.
> 
> - Original Message -
> ...
> "Sergio Martín Turiel \(ADP\)" <[EMAIL PROTECTED]> wrote:
> > -rwsr-xr-x1 holanda  developm  2195178 Aug  9 19:29 Container
> 
> well, Ok, you convinced me - I guess its a Mandrake thing.


So, now I return the query to the list:

is this a known mandrake thing for security level 3?

if so, what security level does one set to get suid
PROGRAMS (note! not scripts!  You don't want suid scripts!)
to work.

Where is the doc on security level vs what it does?

(Sergio - if 'Container' is a SCRIPT and not a compiled program,
then suid won't work and you really don't want to 'fix'
that behaviour!)

RC

Re: [expert] Problems with SUID and/or SGID for programs.

2001-08-09 Thread Rusty Carruth 
"Sergio Martín Turiel (ADP)" <[EMAIL PROTECTED]> wrote:
Hello to everybody, this is the first time that i write.

My problem is that i set the SUID and/or SGID for a program that i compiled with one user, and i need to execute that program with another users belongs to same group but the user when executed the program was not the owner of the file, the file system where the program resides have default permisions and i don't know because the execute user is not the owner, i try in LM7 and LM8 with the same result, but with the Red Hat 6.2 is corret.

Why?
Can somebody help me?

It is very important because this factor must be decisive in what distribution must be install in i development computer with many development users.

Let me see if I understand.

user 'd' owns and compiles executable program 'p'.

User 'd' is a member of group 'g'

The program needs to run as user 'd'. (essential assumption!)
(because maybe the log file that program uses is owned by user
'd' and is not group writable (a possible solution - make that
file group writable (but the problem with that idea is that
then ANY user in that group can mess up your log or whatever
file)))

You need any user in group 'g' to be able to run program 'p'.

I will assume you don't want just anyone to run 'p'.

Ok, so, if you do:

ls -l p

You should see:

-rwx--2 dg   16384 Jun  2 22:54 p*

(the NUMBERS should be different, but the rest should be the same)

So, if you said 'chmod 6550 p' you might get the program to
become the userid 'd' upon execution, you might not

Good luck!

rc
 Rusty E. Carruth   Email: [EMAIL PROTECTED] or [EMAIL PROTECTED] Voice: (480) 345-3621  SnailMail: Schlumberger ATE   ___ FAX:   (480) 345-8793 7855 S. River Parkway, Suite 116   \e/ Ham: N7IKQ @ 146.82+,pl 162.2 Tempe, AZ 85284-1825V ICBM: 33 20' 44"N   111 53' 47"W  http://tuxedo.org/~esr/ecsl/index.html

firewall for 486 - was Re[2]: [expert] Mandrake 8.0 for Sparc

2001-08-09 Thread Rusty Carruth 

(re LM8.0 for sparc - That's cool, and I hope you all have great success!)

So, that pokes me to ask MY question - is there any good 486-based distro
I can use to set up my lowly 486 firewall machine with iptables?

(Remember that I need to run iptables, a mail server, an http server
(one of these days), and the most recent version of openSSH.)

Or am I going to have to undertake making a 486 version of mandrake?

(the alternative is to find a cheap low-end pentium somewhere, which
I'm also exploring - where by cheap I mean under $21 U.S!)

rc


Rusty E. Carruth   Email: [EMAIL PROTECTED] or [EMAIL PROTECTED]
Voice: (480) 345-3621  SnailMail: Schlumberger ATE   ___
FAX:   (480) 345-8793 7855 S. River Parkway, Suite 116   \e/
Ham: N7IKQ @ 146.82+,pl 162.2 Tempe, AZ 85284-1825V
ICBM: 33 20' 44"N   111 53' 47"W  http://tuxedo.org/~esr/ecsl/index.html

Re: [expert] SMP systems (continued)

2001-08-08 Thread Rusty Carruth 

"Julia A. Case" <[EMAIL PROTECTED]> wrote:
> Thanks to all that sent me email about multi cpu mother boards...  One 
> more question...  I've used linux quite a bit with dual CPU systems, but 
> I'm thinking about a motherboard that supports 4 CPU's...  I've heard 
> rumor that you just don't get a linear increase in computing power when 
> you go over 2 CPU's... 

True, but you don't get linear from 1 to 2 either.

And the rumor I'd heard was that you don't lose much of the multiplier till
you reach like 16 cpus  (If thats really just a rumor I'm sure we'll
get corrected here real soon now  ;-)

>  That the task scheduler doesn't make efficent use 
> of the extra CPU's...  

That's a new one on me.  Maybe thats true of the 'other' OS, but that's not
my understanding on linux.

> Also is it possible to do something like dedicate 
> a single CPU to just doing filesystem I/O?  

No.  Then it would not be *S*MP...

> That would make using 
> software RAID almost as fast as using a hardware RAID controller.

Actually, since Linux can (I think) share KERNEL tasks across multiple cpus
as well as the user tasks, that you get this bonus by using 2 cpus anyhow

Again, standing by for correction ;-)

rc


Rusty E. Carruth   Email: [EMAIL PROTECTED] or [EMAIL PROTECTED]
Voice: (480) 345-3621  SnailMail: Schlumberger ATE   ___
FAX:   (480) 345-8793 7855 S. River Parkway, Suite 116   \e/
Ham: N7IKQ @ 146.82+,pl 162.2 Tempe, AZ 85284-1825V
ICBM: 33 20' 44"N   111 53' 47"W  http://tuxedo.org/~esr/ecsl/index.html

Re: [expert] Netfinity 5500

2001-08-08 Thread Rusty Carruth 

Mike Veltman <[EMAIL PROTECTED]> wrote:
> 
> Has someone installed mandrake on a IBM netfinity 5500 ?

can't help you there.

> Because he stops installing with me after the packages are being installed.
> He just freezes.
> 
> Is it possible that it has something to do with the fact that its a dual 
> processor bord ?

Not likely.  I installed Mandrake 7.2 on a dual processor P90 (woo! ;-)
recently and it went fine.

> Specs
> Netfinity 5500
> 1 processor
> 1 serverraid controller with 5 9 gig disks in raid 5

Hmm.  When I installed my dual processor system, I had both CPUs installed.
I DOUBT that has anything to do with it, but I'll let others comment...

rc

Re: [expert] Steve Balmer Going Ape5hit on Mpeg File

2001-08-08 Thread Rusty Carruth 

Sevatio <[EMAIL PROTECTED]> wrote:
> Sorry, not quite related to Mandrake but...  Here's an MPEG file of Steve 
> Balmer warming up the M$ crowd.  He's got me pumped up! ;-)

Has anyone gone to look at either of these?  I'm at work
and with those url names my paranoid alert went off, so
I'm NOT going to check them out unless there's some verification
that I'm not going to be sorry...

rc

Re[2]: [expert] Why I can't see all packets on my network segment?

2001-08-08 Thread Rusty Carruth 

David Oberbeck <[EMAIL PROTECTED]> wrote:
> Greetings,
> 
>Is your network using hubs or a switches?

Um, not meaning to be rude, but: He already said that his
computer is plugged into a hub.  However, I was wondering
what THAT hub was plugged into, and if there are any other
computers plugged into that hub that he could make access
the network.

> ...
> ...
> > BTW: The label on the box where my ws is plugged into plainly says "Dual
> > speed 16-port Ethernet/Fast Ethernet Hub"  so this is not switch. ;-)

Hmm.  Question - what are the network speeds for all the NICs 
hooked to that 'hub'?  What's the uplink speed?

*IF* the uplink is 100, and YOU are 10, then it seems like
the 'hub' cannot act ENTIRELY like a 'dumb hub', else you'd
not be able to get all the packets that might be sent to
you.  (Anybody know what happens to a 10/100 HUB when a 100
side streams more than 10 MB/s at a 10MB side  Or, more
to the point of THIS situation - what happens when the
total traffic on all segments is greater than the rx bandwidth
of one of the receivers?  In other words, HOW can a 10/100
'HUB' be a PURE hub  (and not have any features of a
switch)).

Its early, and I'm incoherent, so I hope this makes sense ;-)

rc


Rusty E. Carruth   Email: [EMAIL PROTECTED] or [EMAIL PROTECTED]
Voice: (480) 345-3621  SnailMail: Schlumberger ATE   ___
FAX:   (480) 345-8793 7855 S. River Parkway, Suite 116   \e/
Ham: N7IKQ @ 146.82+,pl 162.2 Tempe, AZ 85284-1825V
ICBM: 33 20' 44"N   111 53' 47"W  http://tuxedo.org/~esr/ecsl/index.html

Re[2]: [expert] Re: mysterious incoming packets

2001-08-06 Thread Rusty Carruth 

Ron Johnson <[EMAIL PROTECTED]> wrote:
> -BEGIN PGP SIGNED MESSAGE-
> Hash: SHA1
> 
> On Sunday 05 August 2001 11:20, DM wrote:
> > could this be really CODE RED in action? the worm
> > scans the range of ips of an infected machine and
> > verifies if there are MIIS lying around to conquer. i
> > got a lot of those funny default.idaXXX something
> > on my apache logs and they are coming from a variety
> > of ip addresses ... of which when i try to check are
> > either saying "hacked by chinese" or "page under
> > construction".
> 
> So that's what all those "/default.ida?" and "/default.ida?"
> entries in my access_log are...

There's a guy on the phoenix linux user's group mailing list
who has set up a script or soemthing to grab those ip addresses
and make a web page showing who's been hacked by code red.  Here's
the result:

http://www.magusnet.com/ids.html

Another guy was keeping track of NEW breakin attempts per hour, and
had a list of them.  I think he said 1000 NEW attemps in one day...

Makes you really think that maybe this guy has a valid theory:

http://www.pbs.org/cringely/pulpit/pulpit20010802.html

rc


Rusty E. Carruth   Email: [EMAIL PROTECTED] or [EMAIL PROTECTED]
Voice: (480) 345-3621  SnailMail: Schlumberger ATE   ___
FAX:   (480) 345-8793 7855 S. River Parkway, Suite 116   \e/
Ham: N7IKQ @ 146.82+,pl 162.2 Tempe, AZ 85284-1825V
ICBM: 33 20' 44"N   111 53' 47"W  http://tuxedo.org/~esr/ecsl/index.html

Re: [expert] Simple Network Firewall hardware check

2001-08-02 Thread Rusty Carruth

[expert] Can't Access My linux box! R there any experts out there ??? (converted from html and answered)

2001-08-01 Thread Rusty Carruth 

> Thus spake "jawad haider" <[EMAIL PROTECTED]> (in html, converted to english ;-)

Hi:

I have a linux(mandrake) server and its "hosts.deny" file deny All except localhost 
and another "ip" 
The problem is that I am not able to access this server remotely through telnet from 
any machine not
even from the machine having same "ip" as mentioned in the host.deny file. Only once I 
could access it
remotely through telnet from machine with "ip".

Error msg that I get is "Remote system refused the connection .."

And also I am not able to login through server terminal because the keyboard is not 
getting connected. 
when I connect the keyboard, initially three lights of the keyboard(caps, num and 
scroll  lock) blinks 
for a second and then goes off.

I am using this server as gateway, its runing fine other than the fact I am not able 
get hold of it :)

Can anyone help me out ? Have my server been hacked ?

Thanks
Jawad

<<  End forwarded message

(first, PLEASE try to NOT send html-email!  It greatly reduces your chance of being 
answered
(at least by me ;-) )

First, is the telnet daemon running on the server?

Second, when you plug the keyboard in, do you do it BEFORE booting or after?  Their
MAY be a problem with your BIOS or whatever that won't let a keyboard be recognized
after booting without one.

Third, it would be much wiser to use sshd instead of telnetd (i.e. use ssh to get to
the machine instead of telnet).  http://www.openssh.org/ (I think) (Plus, it MAY 
already be on your machine, or their may be RPMs for it  - you'll need the sshd 
(server)
software on the server, and ssh client software on the machine you allow in.

Hopefully this helps.  And at this point I'd reserve judgement on whether you've been
hacked or not - its possible, but I doubt it right now...

rc


Rusty E. Carruth   Email: [EMAIL PROTECTED] or [EMAIL PROTECTED]
Voice: (480) 345-3621  SnailMail: Schlumberger ATE   ___
FAX:   (480) 345-8793 7855 S. River Parkway, Suite 116   \e/
Ham: N7IKQ @ 146.82+,pl 162.2 Tempe, AZ 85284-1825V
ICBM: 33 20' 44"N   111 53' 47"W  http://tuxedo.org/~esr/ecsl/index.html

Re: [expert] Stupid mail question

2001-07-31 Thread Rusty Carruth 

Wayne Stout <[EMAIL PROTECTED]> wrote:
> Greetings, everyone.
> 
> I'm sure this is a really stupid question, but here goes. If I want to use 
> fetchmail/procmail for message retrieval and filtering, do I also have to 
> use Sendmail or postfix? 

Not unless you want to also receive mail on your machine, which unless
you have a 'permanent' connection to the 'net and a fixed IP address is
somewhat painful to do...

> I want to keep using my isp's mail server for sending,

Which means that you should not have to use sendmail or postfix.

>  but all the talk I've seen on various lists about procmail has got 
> me curious and I'd like to give it a try...

go for it, and let us know...

rc


Rusty E. Carruth   Email: [EMAIL PROTECTED] or [EMAIL PROTECTED]
Voice: (480) 345-3621  SnailMail: Schlumberger ATE   ___
FAX:   (480) 345-8793 7855 S. River Parkway, Suite 116   \e/
Ham: N7IKQ @ 146.82+,pl 162.2 Tempe, AZ 85284-1825V
ICBM: 33 20' 44"N   111 53' 47"W  http://tuxedo.org/~esr/ecsl/index.html

[expert] problem with interactive bastille, and Returned mail: Host unknown (Name server: linux-mandrake.com: host not found) (fwd)

2001-07-30 Thread Rusty Carruth 

Foo, this is strange.  Lets try again...

>>>>> Thus spake Mail Delivery Subsystem <[EMAIL PROTECTED]>

Received: from localhost (localhost)
by azterra.tempe.tt.slb.com. (8.9.3/8.9.3) with internal id JAA01839;
Mon, 30 Jul 2001 09:59:35 -0700 (MST)
Date: Mon, 30 Jul 2001 09:59:35 -0700 (MST)
From: Mail Delivery Subsystem <[EMAIL PROTECTED]>
Message-Id: <[EMAIL PROTECTED]>
To: <[EMAIL PROTECTED]>
MIME-Version: 1.0
Subject: Returned mail: Host unknown (Name server: linux-mandrake.com: host not found)
Auto-Submitted: auto-generated (failure)
Content-Type: multipart/report; report-type=delivery-status;
boundary="JAA01839.996512375/azterra.tempe.tt.slb.com."
Content-Length: 2328

The original message was received at Mon, 30 Jul 2001 09:59:33 -0700 (MST)
from msfree [163.185.94.34]

   - The following addresses had permanent fatal errors -
<[EMAIL PROTECTED]>

   - Transcript of session follows -
550 <[EMAIL PROTECTED]>... Host unknown (Name server: linux-mandrake.com: 
host not
found)
Return-Path: <[EMAIL PROTECTED]>
Received: from Tempe.tt.slb.com (msfree
[163.185.94.34])
by azterra.tempe.tt.slb.com. (8.9.3/8.9.3) with ESMTP id JAA01837
for
<[EMAIL PROTECTED]>; Mon, 30 Jul 2001 09:59:33 -0700 (MST)
Received: (from
rcarruth@localhost)
by Tempe.tt.slb.com (8.8.8+Sun/8.8.8) id JAA13854
    for
[EMAIL PROTECTED]; Mon, 30 Jul 2001 09:58:52 -0700 (MST)
From: Rusty Carruth
<[EMAIL PROTECTED]>
Message-Id: <[EMAIL PROTECTED]>
Date:
Mon, 30 Jul 2001 09:58:52 -0700 (MST)
To: [EMAIL PROTECTED]
Subject: Re: [expert]
problem with InteractiveBastille
In-Reply-To: <200107301645.MAA02762@juno>
X-Mailer: Ishmail
1.3.4-990530-sol <http://www.ishmail.com>
MIME-Version: 1.0
Content-Type: text/plain

"Sheldon E.
Newhouse" <[EMAIL PROTECTED]> wrote:
> Hello,
>  I am trying to configure iptables. 
> When I run
InteractiveBastille, it bombs out with the following error
> message.
> 
> InteractiveBastille
>
Using Tk user interface module.
> Only displaying questions relevant to the current
configuration.
> Can't locate Bastille_Tk.pm in @INC (@INC contains: /usr/lib
> ...
> 
> Any
ideas?

you need to go to the CPAN site (www.cpan.org, I think), download the
Bastille_TK
package, and install it.

If you have done this, then you need to make sure that its in the
'@INC'
'path'...

rc



<<  End forwarded message

Re: [expert] CD Writing (including micro how-to)

2001-07-30 Thread Rusty Carruth 

Felix Miata <[EMAIL PROTECTED]> wrote:
> ...
> The reality is if the windoze Adaptec software can easily
> create the Mandrake 8 CD from an ISO, but this is something I don't know
> either. That software, like most free and cheap software, came with no
> printed docs to check.

I'll get back to this question at the end.

> I've browsed Linux/HOWTO/CD-Writing-HOWTO and its FTP link to various
> cdrecord versions. My initial impression is this is a bear to get set up
> - unless, my "easy" (default) installation of Mandrake 7.1 has already
> done what I need.

Probably, if you got certain pieces you need.

> Questions:
> 
> 1-Can it be said unequivocally that my Mandrake 7.1 is already set up &
> ready to burn?

No, but you can find out easily enough.  Try running xcdroast (and I'm sure
others will pipe up with other cd recording programs ;-)  If you don't
have xcdroast installed, and if either the download won't kill you or
you've already got xcdroast rpm somewhere, try installing it and then
running it.  If it works ,then you are home free.

> 2-If 1 is false, is there an easier way than digesting the whole of the
> (not too good IMO) HOWTO to figure out what is and is not already
> prepared?

1 - install xcdroast (and mkisofs, and cdrecord (as I recall, this list
may be wrong)) and see if it works.  While I could use cdrecord
instead, xcdroast is too easy to use to switch ;-) / 2

2 - if that fails, make sure scsi is detected in your kernel on boot up
(look in /var/log/messages for 'SCSI').  If scsi is not in your
kernel or modules then it must be installed.  At this point I'd
probably just burn the 8.0 on windblows and make sure I install
cd stuff on the 8.0 install (which, by the way, seems to work 
best if you don't UPGRADE the 7.x but rather install on blank
(or newly-formatted) partitions).

> 
> 3-Is there someplace better than the HOWTO to explain CD writing under
> Linux?

Here on the mandrake expert list  ;-)

> I've had this writer since October. All the OS/2 CDRW setup instructions
> were so intimidating I've still not even tried. I'm hoping to migrate to
> Mandrake from OS/2 at some point, and hopefully this CD writing project
> will be the first useful step, if I can get over it. Thanks for whatever
> help anyone can provide in getting me CDRW literate.

The Readers Digest version of a Short howto (aka a micro how-to):

Once scsi is in your kernel (you *are* using real scsi and not scsi emulation?),
and cdrecord, mkisofs, and xcdroast are installed, then run 'xcdroast' (you MAY
have to do this as root, or make sure permissions are right).

Run through the setup, and select the correct source and destination drives
and so forth.  Be aware that 'raw partition' means exactly that - no file system
will survive on that partition if you write anything there using xcdroast.  
Use files in the directory structure instead...  (The most important parts
are under the CD setup and HD setup tabs, but its a good idea to check the
others also)

Oh - xcdroast wants iso images to end in 'raw', not 'iso'.  So you may want
to rename your iso's to raw's so that xcdroast will automatically find them
for you in the below step.  (It can USE any filename, but the nifty little
dropdown of files will not see it unless it ends in .raw)

To make a cd from an iso image, hit the 'master cd' button. Then hit the
'write image' button, enter the correct 'write from' file, check your 
other settings (like speed and destination ("write image to"), and hit
'start write image'.

Later on, you can explore the other buttons, like "Master from/to", 
"Set image-type", etc.  but for making cds from images, this is all
you should need.

rc


Rusty E. Carruth   Email: [EMAIL PROTECTED] or [EMAIL PROTECTED]
Voice: (480) 345-3621  SnailMail: Schlumberger ATE   ___
FAX:   (480) 345-8793 7855 S. River Parkway, Suite 116   \e/
Ham: N7IKQ @ 146.82+,pl 162.2 Tempe, AZ 85284-1825V
ICBM: 33 20' 44"N   111 53' 47"W  http://tuxedo.org/~esr/ecsl/index.html

make mrproper? maybe/maybe not (was Re[2]: [expert] KErnel 2.4.7)

2001-07-30 Thread Rusty Carruth 

[EMAIL PROTECTED] wrote:
> I have some curios things, while im compiling Kernel 2.4.7 too.
> I was glad to see that there was a built in module for my new networkcard
> (rtl), but after i'm made 'make mrproper' this option disappers. 

I think I blew up a LM 7.2 kernel source install beyond recovery by
doing a make mrproper.  I cannot guarantee that's what did it, but here's
what I do know:

1 - I think I'd built an SMP kernel for the machine and installed it.
2 - I fiddled around a while with hardware problems with IRQ conflicts
(trying to get parallel port to be irq driven, and with getting
my ethernet card to work).
3 - I changed ethernet cards back to 3c509
4 - I fiddled around some more.
5 - I saved the . files in /usr/src/kernel*, did a make mrproper,
and tried to config and build a new kernel.  I had lost a
critical file (I forget the name right now, but if anyone
wants to know I can go find it).  I tried rpm -i --force
the kernel parts again (source, headers, and something else
I think), no joy.

So, I decided to just be lazy and re-install the entire system (since
I had a spare partition and since I'd not done anything important to 
that machine yet anyway ;-).

So you see there's a lot of places where I coulda blown something up,
but next time I'm going to tar cf myself a copy of my linux source tree
before I do a make mrproper!

and, of course:  YMMV!!!

rc


Rusty E. Carruth   Email: [EMAIL PROTECTED] or [EMAIL PROTECTED]
Voice: (480) 345-3621  SnailMail: Schlumberger ATE   ___
FAX:   (480) 345-8793 7855 S. River Parkway, Suite 116   \e/
Ham: N7IKQ @ 146.82+,pl 162.2 Tempe, AZ 85284-1825V
ICBM: 33 20' 44"N   111 53' 47"W  http://tuxedo.org/~esr/ecsl/index.html

when to make the leap from 7.2 to 8.x (was Re[2]: [expert] Samba Source / Binary RPMS for 7.2)

2001-07-30 Thread Rusty Carruth 

(Executive summary:  "Me too"  ;-)

David Rankin <[EMAIL PROTECTED]> wrote:
> Franki wrote:
> ...
> > I don't know if I am alone or not, but I still use 7.2 for anything
> > important, and won't swap till 8.1 (assuming it has no hassles in its first
> > months...)
> >
> > 
> >
> > I am wondering if there are alot of other people who are not prepared to use
> > mdk8 on servers yet?
> >
> ...
> ... If I had a requirement for functionality offered in 8.0 that was not
> offered in 7.2, I'd make the leap. 

I ran 8.0 on what was going to be my firewall before it became the kid's computer
(my plans changed and I decided to switch ALL the machines around, but thats a 
different story, not at all related to 8.0).  I wanted to go to 8.0 because
I wanted ipchains (or is that iptables - yeah, that's the ticket ;-)

Real Soon Now I'm going to have the machine musical chairs sorted out and will
have a pentium class machine for the firewall just so I can run a current kernel,
as I'm too lazy to go through the hassle of upgrading my Mandrake 7.0.1 system
to the point of being able to run a 2.4.x kernel.

> Depending on how badly I needed it, I would
> probably wait for 8.1. Mandrake 8.0 is a great leap forward, but with any great
> leap, it takes a while for the ripples in the pond to settle before the water is
> smooth again.

Well, from what I've observed here on the list, it looks like I want to
get the improved kde stuff real soon now also, but I too am waiting for 
at least 8.1, maybe 8.2, before switching.  It is something of a hassle
that it seems so hard to find rpms and stuff for 7.2 any more...
(I'm getting *really* tired of konquerer dying when a DNS lookup fails!)


On a completely different note:

Hope some folks managed to get in on the Mandrake IPO!  I wanted to but just
did not get all my ducks lined up before it was too late... Oh, well...

rc


Rusty E. Carruth   Email: [EMAIL PROTECTED] or [EMAIL PROTECTED]
Voice: (480) 345-3621  SnailMail: Schlumberger ATE   ___
FAX:   (480) 345-8793 7855 S. River Parkway, Suite 116   \e/
Ham: N7IKQ @ 146.82+,pl 162.2 Tempe, AZ 85284-1825V
ICBM: 33 20' 44"N   111 53' 47"W  http://tuxedo.org/~esr/ecsl/index.html

Re[2]: [expert] Notebook firewall setup

2001-07-30 Thread Rusty Carruth 

etharp <[EMAIL PROTECTED]> wrote:
> Mandrake (at least since 7.1) is  "optimized" for at least pentium class 
> machines, I suggest you try to find a older copy of redhat (6.0, I am sure 
> would run) or the 7.0 i486arch version of mandrake. But bud, you are going to 
> make a compairision then you are tieing onehand and both feet and one eye 
> against a 500 kilo gorilla

Oh, I don't know.  My firewall at home is Mandrake 7.0.2, which was the only
486 mandrake available back when I built the box.  ITs been running as my
firewall quite happily for a long time now.  (The current box is a 'high-speed
486 dx2-66' that replaced a slow-speed 486 dx33 ;-)  I use dialup at 33.6 only...

> On Sunday 29 July 2001 11:10, Gavin wrote:
> > Dear Experts,
> >
> > I need your help, I have been given an old Toshiba DynaBook EZ 486, I want
> > to use it as a floppy bootup firewall for my SOHO system, any suggestions
> > on software to be used? also I need to get the manuals in english,
> > everything is in Japanese. thanks for your help in advance.

Argh.  That's a pain.  Hmm.  System manuals.  Did you look on the Toshiba
web site?

Back to the software.  I'm using Mandrake 7.0.2 on my 486 boxes right now.
Red Hat should work also - there was a time when RH worked on anything from
486 up but I don't know if that's still the case.  Same with Slackware and
SuSe - they used to but I don't know any more.

You'll need to install, as a minimum, the base system, compiler, and firewall
tools.  After making a bunch a firewalls, I've started installing as much
as possible and then going back and disabling all un-needed services.  This
makes it easier to run those tools that you'd not normally think to install,
like kppp and the ppp monitoring tools (whose names I forget, but which are
really cool to run ;-).  That way you don't have to go back and install them
later.  But I'm lazy ;-)

(where 'making a bunch of firewalls' means about 3 or 4 or so in the last year...)

rc


Rusty E. Carruth   Email: [EMAIL PROTECTED] or [EMAIL PROTECTED]
Voice: (480) 345-3621  SnailMail: Schlumberger ATE   ___
FAX:   (480) 345-8793 7855 S. River Parkway, Suite 116   \e/
Ham: N7IKQ @ 146.82+,pl 162.2 Tempe, AZ 85284-1825V
ICBM: 33 20' 44"N   111 53' 47"W  http://tuxedo.org/~esr/ecsl/index.html

oops, one more comment Re[4]: [expert] Problem with FTP server

2001-07-27 Thread Rusty Carruth 

Gregor Maier <[EMAIL PROTECTED]> wrote:
> 
> If who have Windows machine as you said above you may also want to enter this
> information in the WINDOWS-DIR\hosts file.

Um, well, that might not hurt, but the purpose here was to make ftpd not take
so long to start talking to the client (the windows machine is the client, as
I recall - hope that's still right ;-).

Now, if ftpd (the server) is checking to see if the name it finds
using the reverse lookup (addr to name lookup) matches the name
the client knows itself by, then maybe putting the names in the 
windows hosts file will help, maybe not...

(One question I probably should have asked is - does telnet show the
same delay upon startup?  That's a pretty good indication that reverse
lookups are involved.)

Oh, well, enough blather from me ;-)  (And probably too much side comments ;-)

rc


Rusty E. Carruth   Email: [EMAIL PROTECTED] or [EMAIL PROTECTED]
Voice: (480) 345-3621  SnailMail: Schlumberger ATE   ___
FAX:   (480) 345-8793 7855 S. River Parkway, Suite 116   \e/
Ham: N7IKQ @ 146.82+,pl 162.2 Tempe, AZ 85284-1825V
ICBM: 33 20' 44"N   111 53' 47"W  http://tuxedo.org/~esr/ecsl/index.html

Re[4]: [expert] Problem with FTP server

2001-07-27 Thread Rusty Carruth 

Gregor Maier <[EMAIL PROTECTED]> wrote:
> 
> On 26-Jul-2001 Rusty Carruth wrote:
> > Glen Sagers <[EMAIL PROTECTED]> wrote:
> ...
> >> Do I need to manually setup DHCP or DNS?
> >> Glen
> > 
> > Well, sort of.
> > 
> ...
> > Then it should be much faster...
> ...
> If you're network gets bigger you may want to setup a small dns server for your
> network. The method with /etc/hosts works fine. But you'll have to keep all
> hosts files on all machine up to date or you'll fancy results.
> If you have more than 5 I would really suggest to setup dns. Have a look at the
> DNS-Howto. It's quite good and you get a working dns server in (almost) no time

And, since Glen said that he's using dhcp and thus 'cannot know' what IP
addresses go with what machine (which is not the point, really), then its
sounding like dns is the easiest answer.

However, I'd not bother trying to make the names mean anything relative to
the machine that gets it.  Lets not lose track of the whole purpose we're
doing this - to make ftpd able to find a name given an ip addr (later, if
we find out that ftpd will complain or error if that name and the name
the client machine knows itself by do not match, then we can address
the issue of making the names match, but it will be much easier I think).
(Well, ok, the ACTUAL reason is to get rid of the startup delay, but I'm
pretty sure the startup delay is because of reverse-name-lookup, so that's
what we're trying to fix here ;-)

Ok, so either on DNS or in /etc/hosts, define names for all IP addresses
your DHCP server could give out.  Write a little basic program to create
the file, as its a template with numbers changing.  Since I know /etc/hosts
by heart, I'll use it as an example, but you could 'easily' modify this to 
be the format bind (or equiv) needs.  So, if you were doing /etc/hosts,
it might look like this:

10.40.1.1   m001001
10.40.1.2   m001002
10.40.1.3   m001003
...etc...
10.40.2.1   m002001 
10.40.2.2   m002002
...etc...

that gives every possible ip address a name, and you don't have to change
the name whenever a machine gets a new IP address.

(BTW - if you are using ISC dhcp I think you can set it up so that ip addresses
are assigned based upon MAC address of the host adapter, thus keeping the
addresses the same for the machines you decide you want to stay at one 'spot')

Now, if you want to assign reasonable names to each individual machine, you're
going to be forced into working with your DHCP server to assign the same IP
address (or name, but its the same thing, really) based upon the client
host adapter's MAC address.  But that was not the point of the original
question, as I recall ;-)

rc


Rusty E. Carruth   Email: [EMAIL PROTECTED] or [EMAIL PROTECTED]
Voice: (480) 345-3621  SnailMail: Schlumberger ATE   ___
FAX:   (480) 345-8793 7855 S. River Parkway, Suite 116   \e/
Ham: N7IKQ @ 146.82+,pl 162.2 Tempe, AZ 85284-1825V
ICBM: 33 20' 44"N   111 53' 47"W  http://tuxedo.org/~esr/ecsl/index.html

Re[2]: [expert] Problem with FTP server

2001-07-26 Thread Rusty Carruth 

Glen Sagers <[EMAIL PROTECTED]> wrote:
> No, I don't think so.  All the machines are technically workstations, a desktop, a
> laptop, and a win machine.  Mandrake ICS is setup, but I haven't manually
> configured much of anything on them, yet.  I'd just like to be able to easily
> transfer files from the laptop to the desktop, as well as the browsing capability
> that ICS provides (working fine).
> 
> Do I need to manually setup DHCP or DNS?
> Glen

Well, sort of.

In /etc/hosts on all machines, add the ip addresses and names
of all the machines.

Sorta like this:
127.0.0.1   localhost   localhost.localdomain
10.40.1.1   amachine
10.40.1.2   anothermach
10.40.1.3yetanother

and so on.

Then it should be much faster...

rc

Re[2]: [expert] Problem with FTP server

2001-07-26 Thread Rusty Carruth 

Glen Sagers <[EMAIL PROTECTED]> wrote:
> I'm connecting by IP, so that shouldn't be a problem.

No, you misunderstood.

The SERVER does a name lookup on the CLIENT's ip address,
regardless of how the client started the connection
(by raw ip address, DNS lookup, carrier pigeon - well,
ok, carrier pigeon won't work ;-)

So, its the SERVER I'm asking about - does the
server machine have an ip-to-name lookup that will
succeed for that client?  (And for all I know there
may need to be the normal name-to-ip lookup also,
which may explain why it takes me 60 seconds when 
I'm misconfigured ;-)

Anyway, ignor all that blather in my previous paragraph
if it confuses you - the important point is that the
machine that runs the ftp daemon will attempt, as
a minimum, a reverse lookup on the client's IP address,
and you want it to succeed (quickly) if you don't like 
long waits ;-)

rc


Rusty E. Carruth   Email: [EMAIL PROTECTED] or [EMAIL PROTECTED]
Voice: (480) 345-3621  SnailMail: Schlumberger ATE   ___
FAX:   (480) 345-8793 7855 S. River Parkway, Suite 116   \e/
Ham: N7IKQ @ 146.82+,pl 162.2 Tempe, AZ 85284-1825V
ICBM: 33 20' 44"N   111 53' 47"W  http://tuxedo.org/~esr/ecsl/index.html

Re[2]: [expert] extra special dialup script.

2001-07-26 Thread Rusty Carruth 

Bryan D Howard <[EMAIL PROTECTED]> wrote:
> ...
> > my $now = system("date");
> 
> Whoops.  That exectutes the date command but doesn't capture the
> output - the output still goes where it normally would (stdout).
> 
> I think you meant:
> 
>   my $now = `date`;

err, oops. Yup.  I sit corrected!

rc

Re[2]: [expert] HOWTO - VMware under Mandrake 8 - SMP 2.4.3

2001-07-26 Thread Rusty Carruth 

Bill Beauchemin <[EMAIL PROTECTED]> wrote:
> How do I mount ther root device to another system and what will this do for 
> me? I looked at all the logs and the one I want is dmesg. The only problem is 
> that as soon as it reboots it overwrites it with new data from the good 
> bootup.
> 

Normally the text in 'dmesg' is found in /var/log/messages as well.

if not, then you COULD make a new rc script that you use to copy the
previous dmesg to a backup file (assuming its actually a file - I 
thought it was a script that got the information out of /var/log/messages!)

Actually, I was about to say that it was too late by then, but if
you look in /etc/rc.sysinit and /etc/rc.d/init.d/mandrake_everytime you'll
see dmesg being used to create /var/log/dmesg.  Not sure which one is
used, so to be paranoid before each one save the previous dmesg (use
a different file in each script so you know which one (if only one :-)
did the creation of the file).

something like:

mv -f /var/log/dmesg /var/log/dmesg.mandrake.everytime

rc


Rusty E. Carruth   Email: [EMAIL PROTECTED] or [EMAIL PROTECTED]
Voice: (480) 345-3621  SnailMail: Schlumberger ATE   ___
FAX:   (480) 345-8793 7855 S. River Parkway, Suite 116   \e/
Ham: N7IKQ @ 146.82+,pl 162.2 Tempe, AZ 85284-1825V
ICBM: 33 20' 44"N   111 53' 47"W  http://tuxedo.org/~esr/ecsl/index.html

Re: [expert] RAID 5 via software

2001-07-26 Thread Rusty Carruth 

Alfredo Cole <[EMAIL PROTECTED]> wrote:
> Hi:
> 
> I have setup a RAID 5 system with 3 IDE 20 Gb drives. One of them has a 
> /boot partition, and the rest is assigned to the md0 RAID partition. I 
> can understand that if disks 2 or 3 fail, I can replace them and the 
> information will be rebuilt. But if disk 1, which holds the /boot 
> partition fails, what will happen then? Thank you.

You'll need a boot floppy so you can boot to the raid / and rebuild
/boot.

Now you know why that boot floppy is so important!

(Of course, you can also boot the cd in recover mode, but that's
a bit more work ;-)

rc


Rusty E. Carruth   Email: [EMAIL PROTECTED] or [EMAIL PROTECTED]
Voice: (480) 345-3621  SnailMail: Schlumberger ATE   ___
FAX:   (480) 345-8793 7855 S. River Parkway, Suite 116   \e/
Ham: N7IKQ @ 146.82+,pl 162.2 Tempe, AZ 85284-1825V
ICBM: 33 20' 44"N   111 53' 47"W  http://tuxedo.org/~esr/ecsl/index.html

[expert] Video card recommendations, please - want 2 heads!

2001-07-25 Thread Rusty Carruth 

Since 2 heads are better than one, I'm thinking very seriously
about getting a new video card for my computer that will
allow me to run 2 monitors at once.

I know (or I think I know :-) that I could get an AGP card
and a PCI card and run them that way, but can I then grab
a window (say, an emacs window) from one and move it to
the other?  (Shoot, as far as that goes, can I do that
with a single card that does two heads?)

So, assuming that I 'need' to get a new card, and assuming that:

1 - I want to pay as little as possible (duh ;-)
2 - it MUST work with linux (double duh ;-)
3 - I want at least 1600x(whatever it is) resolution on both monitors
(i have a 20" and 2 17" monitors available for this), but
I'll probably need for the second monitor to run a different
resolution.
4 - I want a minimum of 64k colors at those resolutions (of course,
more is sometimes better :-)
5 - I want 3d, but it does not have to work under linux just yet.
6 - what with the things I've seen here about Nvidia, I think I'd
rather pass on their stuff, unless the benefits EXTREMELY 
GREATLY outweigh the problems I'll have.
7 - once a year or so I'll need to do something in some other OS maybe,
so I'll still need to boot to the dark side at times.
8 - I'm currently running LM 7.2 (gotta keep this at least a LITTLE
relevant to expert list, eh?  ;-).  I may install 8.x when
I switch to my new motherboard here 'real soon now'.  Comments
on the wisdom of this (as it relates to the video card issue
only!) would be appreciated also.

I then have 4 questions:

A - What other requirements (or whatevers) have I forgotten?

B - What card would you suggest?

C - Hey, it strikes me - I've got 3 monitors, why not put one
dual-head AGP card in and one PCI card in - is this
as insane as it sounds?  ;-)

D - Has anyone done this and gotten it to work?

Please send responses direct to me, and if there is any
interest I'll "summarize" (in the grand old tradition of the early
usenet news days - i.e. I'll mostly just quote verbatim what folks 
send me)

Thanks!

rc


Rusty E. Carruth   Email: [EMAIL PROTECTED] or [EMAIL PROTECTED]
Voice: (480) 345-3621  SnailMail: Schlumberger ATE   ___
FAX:   (480) 345-8793 7855 S. River Parkway, Suite 116   \e/
Ham: N7IKQ @ 146.82+,pl 162.2 Tempe, AZ 85284-1825V
ICBM: 33 20' 44"N   111 53' 47"W  http://tuxedo.org/~esr/ecsl/index.html

Re: [expert] None existing executable ?

2001-07-23 Thread Rusty Carruth 

Bjarne Thomsen <[EMAIL PROTECTED]> wrote:
> Hello!
> 
> I have gotten a problem after installing LM8.0 instead of LM7.2.
> I have license manager allowing me to use IDL from Research Systems, Inc.
> It worked under LM7.2; but one component is now giving me a peculiar
> problem. A specific file declared to be an ELF 32-bit LSB executable
> by the file command does NOT EXIST when I try to run it from both
> tcsh and and sh, or so it tells me:
> 
> ls -l: -rwxr-xr-x1 root root   414956 Nov 11  1999
> /usr/local/rsi/idl_5.3/bin/bin.linux/idl_lmgrd
> file: /usr/local/rsi/idl_5.3/bin/bin.linux/idl_lmgrd: ELF 32-bit LSB executable, 
>Intel 80386,
> version 1 (SYSV), dynamically linked
> (uses shared libs), stripped
> tcsh: /usr/local/rsi/idl_5.3/bin/bin.linux/idl_lmgrd: Command not found.
> sh: /usr/local/rsi/idl_5.3/bin/bin.linux/idl_lmgrd: No such file or directory
> 
> The file certainly does exist, so this error message is at best misleading.
> Could somebody tell me what the real problem is?
> How can I find out?

you COULD run strace and see what system calls its making, and where it
dies...

rc

Re: [expert] extra special dialup script.

2001-07-23 Thread Rusty Carruth 

"Franki" <[EMAIL PROTECTED]> wrote:
> ...
> I am thinking of writing a shell script... and I need it to do the
> following..
> 
> ...

> What I need to do this,, is some way of detecting if a connection is
> active..

I think that 'ifconfig ppp0' should return with an IP address field
of something reasonable if ppp is up.

> (and I don't mean by pinging or something like that.)
> what can I test internally to see if a ppp connection is open?
> 
> Also, how do I assign time to a variable so that I can compare the times..
> (or is there an easier way to do this?)

In bash,

variable=`date` # use options if you want it to make more sense later.

in PERL:

my $now = system("date");

or

my $now = scalar localtime;

(TMTOWTDI ;-)

> 
> lastly, has anyone heard of a tool like this?

No, most tools I've heard of don't care how often you try to 
call back - they just want to get connected, now, doggoneit! ;-)

(Again, courtesy bcc sent direct - the list should NOT see but one!)

rc


Rusty E. Carruth   Email: [EMAIL PROTECTED] or [EMAIL PROTECTED]
Voice: (480) 345-3621  SnailMail: Schlumberger ATE   ___
FAX:   (480) 345-8793 7855 S. River Parkway, Suite 116   \e/
Ham: N7IKQ @ 146.82+,pl 162.2 Tempe, AZ 85284-1825V
ICBM: 33 20' 44"N   111 53' 47"W  http://tuxedo.org/~esr/ecsl/index.html

Re[2]: [expert] Ramdisk

2001-07-23 Thread Rusty Carruth 

Ron Johnson <[EMAIL PROTECTED]> wrote:
> -BEGIN PGP SIGNED MESSAGE-
> Hash: SHA1
> 
> On Sunday 22 July 2001 16:32, Adrian wrote:
> > Hi,
> >
> > This is a fool question but I need some help:
> >
> > How build a ramdisk in LM 8? ...
> Surely, I won't be the only one to say this, but here goes:
> 1. Trust linux.  It does a good job of caching data.
> 2. The more RAM that you use for a RAM disk, the less RAM that
>the PC will have for "regular" use, and so the more likely 
>that it will have to use the swap files.

(Note that there was another answer talking about why ram disk
is faster than cache, I don't wish to go there right now, sorry.)

(I've been running something performance monitoring software which
is (sort of) from Sun (called SE Performance Toolkit - really
cool, even though it missed a thing or too), and it has been
instructive - I wish we had something like it for Linux!  I've
learned a little more about performance enhancements through
watching what it detects...)

Ok, to the point: 

1 - ram is fast, disk is slow. (For very LARGE values of slow!)
Before worrying about ramdisk, make CERTAIN that you have
plenty of RAM for cacehing to do its job.  If you don't have
enough ram, adding a ramdisk will simply make programs start
running from the disk, which is worse than 'simply' having
data accesses hit the disk.  If you can have enough ram
to hold the entire database AND the program AND the OS
AND anything else that needs to run, then you're starting
where you want ;-)  and can THEN consider other issues.

2 - after writing all that, i went back and re-read your initial
query.  What exactly is the test supposed to measure?
'copying a database to it' - are you trying to measure
the database access speed?  Data transfer rates from the
database?  Something else?  Or are you doing what I assumed -
trying to make the database run faster?  Depending
upon what you're trying to do will result in different
answers...

if you are just trying to measure transfer rate, send the
data to /dev/null - that's pretty fast ;-)  (and does not
require memory :-)  But beware - running the same command
twice in a row will most likely result in MUCH different
numbers, because of cacheing (assuming you are not memory
constrained).  (I could tell a story here, but I won't ;-)

rc

(note - bcc copy sent to Adrian - hopefully the list won't see but one!


Rusty E. Carruth   Email: [EMAIL PROTECTED] or [EMAIL PROTECTED]
Voice: (480) 345-3621  SnailMail: Schlumberger ATE   ___
FAX:   (480) 345-8793 7855 S. River Parkway, Suite 116   \e/
Ham: N7IKQ @ 146.82+,pl 162.2 Tempe, AZ 85284-1825V
ICBM: 33 20' 44"N   111 53' 47"W  http://tuxedo.org/~esr/ecsl/index.html

wu-ftp setup (was Re: [expert] problem)

2001-07-20 Thread Rusty Carruth 

Jawwad Shami <[EMAIL PROTECTED]> wrote:
> Hello
> I am kind of new to linux
>  I have a machine which has ftp daemon
> running(wu-ftpd)
> with xinetd the default home dir  for ftp is 
> /home/username
> 
> but useres are allowed to go back and changed dir's
> 
> they are also allowed to go back to any dir like /etc
> 
> , /usr ,/var   etc.
> I want to remove this  and restrict the users to only
> their home dir

You *could* make them come in via anonymous ftp, with
ftp running in a chroot 'jail', then make the users
change user from anon to themselves.  I've never set this
up, so cannot explain how to, sorry.  (Well, the chroot
stuff is'nt that big a deal - turn off 'normal' logins
on wu-ftp, and set it for anonymous access allowed.
Set the permissions on the home dirs to 700 so nobody
but the users can see their stuff (or 750 if you want
users to see each other, but be careful about what 
groups are used and who else is in that group).

> the file permissions on all of my / dir are 755, I was wondering do I need
> to change any of the file permissions.
>  also is it safe to have 755 dir permisisons on  /etc and
> other imp dir's.

Yes, in fact many things will break if you don't let the world see /etc.

> I tried installing proftpd but i had problems in
> configuring it.

Well, perhaps someone else here can comment on that - I have a feeling
that may be a better choice anyway (than wu-ftpd)...

rc


Rusty E. Carruth   Email: [EMAIL PROTECTED] or [EMAIL PROTECTED]
Voice: (480) 345-3621  SnailMail: Schlumberger ATE   ___
FAX:   (480) 345-8793 7855 S. River Parkway, Suite 116   \e/
Ham: N7IKQ @ 146.82+,pl 162.2 Tempe, AZ 85284-1825V
ICBM: 33 20' 44"N   111 53' 47"W  http://tuxedo.org/~esr/ecsl/index.html

Re[2]: [expert] linux distribution

2001-07-20 Thread Rusty Carruth 

Nicky Peeters <[EMAIL PROTECTED]> wrote:
> If you're really paranoid you're gonna need to get dirty and fiddle with
> every port/service/package that poses a possible threat.

If you're connected to the internet, its not a question of whether
or not you are paranoid, its are you paranoid ENOUGH!  

And I'm only slightly kidding

I could start on a long thing about how to make a system
secure and such, but instead I'll just give the summary:

Turn off everything you can.

Hmm.   Well, I suppose thats maybe a bit TOO terse ;-)
So here's a slightly longer version:

On my firewall at home,I've only got a teergrube (i.e. a
'tar pit' in front of postfix), ssh, and (one of these days)
an html server reachable from the outside.  Or, put in
port number terms:  25, 22, and what, 80 for http?  (I 
don't have apache installed yet, since I'm only on a
dialup yet...)

Every service (port) you have available to the outside
world needs an awfully good reason to be there, and should
be kept as up-to-date with the security patches as possible

IMHO, anyway ;-)

rc


Rusty E. Carruth   Email: [EMAIL PROTECTED] or [EMAIL PROTECTED]
Voice: (480) 345-3621  SnailMail: Schlumberger ATE   ___
FAX:   (480) 345-8793 7855 S. River Parkway, Suite 116   \e/
Ham: N7IKQ @ 146.82+,pl 162.2 Tempe, AZ 85284-1825V
ICBM: 33 20' 44"N   111 53' 47"W  http://tuxedo.org/~esr/ecsl/index.html

Re[2]: [expert] am I the only person this is happening to? (Wandering very OT)

2001-07-16 Thread Rusty Carruth 

time warp time, sorry - this was prepared to go and then got buried...

David Rankin <[EMAIL PROTECTED]> wrote:
> Well, just to weigh in on the problem, I got two of the following message. (Maybe 
>there are
> Gremlins
> in Rusty's box?)

Well, actually, that would match my experience, since I sent that to
both the original author AND the expert list...  (that is, mail was sent
to 2 recipients, and so we saw 2 copies on the list - the feature we've
been discussing ;-)

rc

Re: [expert] PPP Pulse instead if Tone

2001-07-13 Thread Rusty Carruth 

"lord icon" <[EMAIL PROTECTED]> wrote:
> I am at the cottage with the linux box, however, the phone line uses the 
>old pulse
> dialing system instead of the tone dialing, any idea how to get mandrake 8 to dial 
>using pulse
> dialing instead of tone?<

(if you could please send in non-html that would be better)

instead of saying 'atdt' to the modem say 'atdp'

rc


Rusty E. Carruth   Email: [EMAIL PROTECTED] or [EMAIL PROTECTED]
Voice: (480) 345-3621  SnailMail: Schlumberger ATE   ___
FAX:   (480) 345-8793 7855 S. River Parkway, Suite 116   \e/
Ham: N7IKQ @ 146.82+,pl 162.2 Tempe, AZ 85284-1825V
ICBM: 33 20' 44"N   111 53' 47"W  http://tuxedo.org/~esr/ecsl/index.html

Re[2]: [expert] am I the only person this is happening to? (Wandering very OT)

2001-07-13 Thread Rusty Carruth 

Craig Sprout <[EMAIL PROTECTED]> wrote:
> Rusty Carruth wrote:
> 
> > If the mailing is to more than one recipient, then you will get that many
> > copies.
> 
> I'm not too sure about that, I got 2 copies of Praedor's "Kmail craps
> out" message, and that appears to be sent to the list only, with no CC:
> or anyone else in the To:.  

Shoot.  You mean I've got to start paying attention to those again?
Here I thought I had it figured out, what with my theory being right
100% of the time that I'd checked it!  Crud.  Oh, well, back to the
drawing board!

> I can't imagine that a Bcc: would have any
> effect, since that would be handled at the local MTA before yavin,
> sympa, et al. even get hold of it

If BCC can cause a duplicate at the yavin/sympa/etc location then
it wasn't a very good bcc, now was it?  ;-)

> > For example, EVERYONE will get 2 copies of this (with the possible
> > exception of Craig, who will probably get 1 or 3 ;-)
> 
> Bzzzt!  Only 2!  :D

Boy, 2 strikes in one email!  Ya know, as soon as I started to write
it I had a feeling it would be wrong, just because I committed to it ;-)

> > Yeah, but this time you win the cupie doll ;-)
> 
> I knew when I woke up that today was my lucky day!  

There ya go!  ;-)

rc

Re[2]: [expert] am I the only person this is happening to?

2001-07-13 Thread Rusty Carruth 

Craig Sprout <[EMAIL PROTECTED]> wrote:
> At 02:43 PM 7/13/2001 -0500, Ron Johnson wrote:
> >-BEGIN PGP SIGNED MESSAGE-
> >Hash: SHA1
> >
> >Approximately 1/5th of the time, I get duplicate messages from
> >the list.
> 
> I think someone mentioned a while back that this is a, erm, feature of the 
> mailing list software.

exactly.

>   If something is crossposted to Newbie and Expert, it will show up here twice.

Well, not exactly ;-)

If the mailing is to more than one recipient, then you will get that many
copies.

For example, EVERYONE will get 2 copies of this (with the possible 
exception of Craig, who will probably get 1 or 3 ;-)

So, whenever you get 2 copies, check to see if the mail is sent to 
any other destination.  If not, its a non-feature and probably should
be mentioned.  Otherwise, its a bu.. er, feature ;-) that will probably
be with us for a while...

> I could be wrong -- it's happened before! :)

Yeah, but this time you win the cupie doll ;-)

rc


Rusty E. Carruth   Email: [EMAIL PROTECTED] or [EMAIL PROTECTED]
Voice: (480) 345-3621  SnailMail: Schlumberger ATE   ___
FAX:   (480) 345-8793 7855 S. River Parkway, Suite 116   \e/
Ham: N7IKQ @ 146.82+,pl 162.2 Tempe, AZ 85284-1825V
ICBM: 33 20' 44"N   111 53' 47"W  http://tuxedo.org/~esr/ecsl/index.html

[expert] maximal mount count - more info (url)

2001-07-10 Thread Rusty Carruth 


Concering the 'Maximal Mount count' question earlier today, 
I suggest this url:

http://www.linuxgazette.com/issue48/tag/53.html

There's some REALLY good comments in there about why you 
really want that fsck, how to avoid it when you really
want to, and so forth

rc


Rusty E. Carruth   Email: [EMAIL PROTECTED] or [EMAIL PROTECTED]
Voice: (480) 345-3621  SnailMail: Schlumberger ATE   ___
FAX:   (480) 345-8793 7855 S. River Parkway, Suite 116   \e/
Ham: N7IKQ @ 146.82+,pl 162.2 Tempe, AZ 85284-1825V
ICBM: 33 20' 44"N   111 53' 47"W  http://tuxedo.org/~esr/ecsl/index.html

Re: [expert] cleaning up my mails

2001-07-10 Thread Rusty Carruth 

[EMAIL PROTECTED] wrote:
> Hello friends
> 
>  Well time after time i get mails from the system...
> all mail are stored in my mbox i want to know how to
> clean it up ?

There are a few different things you could do.

First, you could change the forwarding to go to a different 
user (possibly on a different machine) that you log in as 
every once in a while and check the emails (but you must 
remember to do this! and you don't want to use root for that).

Second, you could (as suggested) install procmail filters
to automatically save those emails in a folder (which
you should check every once in a while! but again, you've
got to remember to do this).

Third, you could use a mail client (like ismail and
netscrape) that do automatic filing for you and set up
filing rules (again - you need to remember to check those
logs!).

Fourth, if you select option 1 above and make the destination
you on some machine you log in to around once a week anyway,
and on which you get no other email, that might solve 2 problems -
the mail you don't want to see and the fact that you really
should scan it regularly...

rc

Re[3]: [expert] Disable ext2 fsfilesystem check on startup

2001-07-10 Thread Rusty Carruth 

Rusty Carruth <[EMAIL PROTECTED]> (that's me) wrote:
...blah...blah...blah...


Oh - I forgot - another thing you can do, if you have more than
one filesystem, is to make the maximum mount count DIFFERENT
for each one, so that your chances of running all the fsck's at the
same time is reduced.  The only time all the filesystems will
be checked is after a bad shutdown...

rc


Rusty E. Carruth   Email: [EMAIL PROTECTED] or [EMAIL PROTECTED]
Voice: (480) 345-3621  SnailMail: Schlumberger ATE   ___
FAX:   (480) 345-8793 7855 S. River Parkway, Suite 116   \e/
Ham: N7IKQ @ 146.82+,pl 162.2 Tempe, AZ 85284-1825V
ICBM: 33 20' 44"N   111 53' 47"W  http://tuxedo.org/~esr/ecsl/index.html

Re: [expert] syslogd not writing logs...

2001-07-10 Thread Rusty Carruth 

Mark Weaver <[EMAIL PROTECTED]> wrote:
> Hi list,
> 
> something strange has happened on my system.  however, since then
> syslogd has '0' (zeroed) out the current log files and has not written
> anything to the logs at all. this is not only strange, but also disturbing
> since I like to know what it going on with my system.
> 
> ...

> i've tried restarting both the system and the daemon in charge of keeping
> the logs, and nothing has changed. so, what in the world could be causing
> this odd behavior? any ideas?

one thing that *might* be the case - is there any chance you got hacked?
Loss of log files is one symptom of that...

Hopefully its something else!

rc

RE[2]: [expert] Seagate 20.4 Gig HD for $74 -- Good deal?

2001-07-10 Thread Rusty Carruth 

>  But I am concerned about reliability and performance. 

well, I've no real comments there - I've used Maxtor, Seagate,
WD (gasp! :-), IBM, ...  I had one WD fail at the end of warranty,
and they replaced it even though I did not contact them until after
the warranty had expired.  However, they also fudge on the specs...

> And, most of all, I would like to know
> whether LM 8.0 can handle a 20.4 Gig hard drive in the first place.

I had 8.0 talking happily to a 40 gig drive, so I think the answer
is a resounding 'yes' :-)

rc

Re[2]: [expert] making shell script excutable.........

2001-07-09 Thread Rusty Carruth 

DStevenson <[EMAIL PROTECTED]> wrote:
> On Monday 09 July 2001 00:45, faisal gillani wrote:
> > well i finally wrote my first shell script ... now i
> > want to make it
> > excutable ... i dont want to run it as ./filename
> > i tried to make it excutable with the following
> > command
> >
> > chmod a+x ./filename
> This would make it executable, is it readable by the group who will be 
> executing it?

Probably, since I assume the user who wrote it (Faisal, I assume) is
testing it.

> > is it ok ?
> > if yes then why is it not working
> >
> I guess you mean it is working when you execute it from the directory where 
> it resides. That you currently have to enter the dot slash. That is because 
> the system variable $PATH does not have the parent directory in it, either 



> explicitly declared or as a relative '.' (a dot = current working directory 
> CWD) 

Also, if you are using a csh-variant, you will need to do 'rehash' to get the
csh-variant to reload its cache of filenames.

> The system does not know where to look for the executable, it tries to find 
> it in the paths, but to no avail. Typing ./program tells the system where it 
> is relative to the CWD.

Sure, but if Faisal (and others ;-) do that, and it STILL does not work
(giving something like 'program not found') then the problem is probably
that the shebang line is wrong.


Huh???  What's that??Right here:

#!/bin/bash

that's the shebang line.  (the first line of any script should have the
old 'shebang' (hash bang) to tell the system where the interpreter is)
And if your path to your interpreter is wrong, you'll get the really
helpful 'file not found' (or something like that) error.

So, make sure you've got a shebang, and it points to the right place..


ON a slightly different note, and in response to the comments about having
'.' in your path:

Having '.' in your path is a bad thing, from a security point of view.
(If you are root, then its more than just a bad thing, its an open
invitation to be hacked).  Its ESPECIALLY bad if its not the LAST thing
in your path.

WHy?  because if its before /bin, and you change directory into a place
where someone has installed a trojan program that also happens to live
in /bin, and you try to run that program (or script, etc) from /bin, you
get instead the trojan, and you've just been compromised

Gotta run, sorry this is so 'short' ;-)

rc


Rusty E. Carruth   Email: [EMAIL PROTECTED] or [EMAIL PROTECTED]
Voice: (480) 345-3621  SnailMail: Schlumberger ATE   ___
FAX:   (480) 345-8793 7855 S. River Parkway, Suite 116   \e/
Ham: N7IKQ @ 146.82+,pl 162.2 Tempe, AZ 85284-1825V
ICBM: 33 20' 44"N   111 53' 47"W  http://tuxedo.org/~esr/ecsl/index.html

Re: [expert] recompiled kernel

2001-07-09 Thread Rusty Carruth 

Dennis Robertson <[EMAIL PROTECTED]> wrote:
> Hello List,
> I am running default kernel 2.4.5-9.mdk, as confirmed by 'uname -sr' and the KDE 
>control centre, but the 
> linux splash screens on startup and shutdown still show the old 2.4.3-20.mdk kernel 
>which I recompiled 
> back in April.  
> Why is this? 

um, have you rebooted since compiling that kernel?

Did you just do 'make' or instead did you do 'make install' when you recompiled your 
kernel?
(and the modules - don't forget the modules!)  (For first time kernel builds, I now do:

vi Makefile; make oldconfig && make menuconfig && make clean && make dep && \
make install && make modules && make modules-install

(I may have misspelled modules-install)

During the vi of Makefile, I change the extraversion to something amusing (and 
different ;-)
so that I get a new kernel version and modules version.

Also, if I'm running X then I do make xconfig instead of make menuconfig)

Finally, if I just want to build a floppy boot for testing, then I do 'make bzdisk' 
instead
of the entire 2nd command line above (install, modules, modules-install).

But you probably knew all of that ;-)

(So, other experts, what have I missed in my first-time kernel build 'script'?
I've heard tell here about 'make mrproper' - what are the side effects of
doing an mrproper, and where should it go in the above sequence?)

>  How do I update these splash screens? TIA.

Reboot using the kernel you built.  It looks like either you have not rebooted
since your build, or that kernel did not get used on the reboot.

rc


Rusty E. Carruth   Email: [EMAIL PROTECTED] or [EMAIL PROTECTED]
Voice: (480) 345-3621  SnailMail: Schlumberger ATE   ___
FAX:   (480) 345-8793 7855 S. River Parkway, Suite 116   \e/
Ham: N7IKQ @ 146.82+,pl 162.2 Tempe, AZ 85284-1825V
ICBM: 33 20' 44"N   111 53' 47"W  http://tuxedo.org/~esr/ecsl/index.html

Re[4]: [expert] Moving linux to a different, larger drive

2001-07-06 Thread Rusty Carruth 

"M. Osten" <[EMAIL PROTECTED]> wrote:
> > RC wrote: 
> > ...I *do* know that cp has a
> > tendency to FOLLOW softlinks (and COPY, not reproduce, hard links),
> ...
> cp -a

maybe its just on Solaris that cp -a follows links.  Hmm...
Yup, that's the problem.  Solaris copy even read from pipes!
(Unless you tell it -R instead of -r)

Sometimes using different *nices can be a problem!  :-)

rc

Re[2]: [expert] Moving linux to a different, larger drive

2001-07-06 Thread Rusty Carruth 

Laurent Duperval <[EMAIL PROTECTED]> wrote:
> 
> 
> I typically use:
> 
> tar -cf - . | (cd /new/directory ; tar xvf -)
> 
> I used to do it because it was faster than using cp. Don't know if that's
> still true.

Whether or not that is true I don't know, but I *do* know that cp has a
tendency to FOLLOW softlinks (and COPY, not reproduce, hard links), whereas
tar does not, so tar (and cpio, if you prefer it to tar) is better there.

rc


Rusty E. Carruth   Email: [EMAIL PROTECTED] or [EMAIL PROTECTED]
Voice: (480) 345-3621  SnailMail: Schlumberger ATE   ___
FAX:   (480) 345-8793 7855 S. River Parkway, Suite 116   \e/
Ham: N7IKQ @ 146.82+,pl 162.2 Tempe, AZ 85284-1825V
ICBM: 33 20' 44"N   111 53' 47"W  http://tuxedo.org/~esr/ecsl/index.html

Re: [expert] How to reset root password

2001-07-05 Thread Rusty Carruth 

"Kursad Kayaturk" <[EMAIL PROTECTED]> wrote:
> Hi guys,
> I have lost root password of one of the machines. And the machine is
> complicated a dual cpu compaq because of that I do not want remove the hard
> idsk to crack the root password. Is there a way to crack the root password
> from the local console at the boot time. I remember from the old times that
> we were using some kind of floppy disk. Thank you.

Boot an install disk, and hit f1, then type 'rescue' and hit return.

Once its booted, mount your root partition, chroot there, and say 'passwd root' -
giving it the new password.

Unchroot, unmount your root partition, reboot without the install floppy, and
log in as root with that new password.

rc


Rusty E. Carruth   Email: [EMAIL PROTECTED] or [EMAIL PROTECTED]
Voice: (480) 345-3621  SnailMail: Schlumberger ATE   ___
FAX:   (480) 345-8793 7855 S. River Parkway, Suite 116   \e/
Ham: N7IKQ @ 146.82+,pl 162.2 Tempe, AZ 85284-1825V
ICBM: 33 20' 44"N   111 53' 47"W  http://tuxedo.org/~esr/ecsl/index.html

Re: [expert] Xlibraries not found, but they are there.

2001-07-03 Thread Rusty Carruth 

Maxim Heijndijk <[EMAIL PROTECTED]> wrote:
> Hi, since a few days I have a problem compiling.
> I get errors like these all the time:
> 
> /usr/bin/ld: warning: libSM.so.6, needed by /usr/X11R6/lib/libXaw.so, not found (try 
>using -rpath or -rpath-link)
> ...
> /usr/X11R6/lib/libXt.so: undefined reference to `SmcGetIceConnection'
> collect2: ld returned 1 exit status
> make: *** [all] Error 1
> 
> However, Xlibs are installed (I can see them with my own eyes), /usr/X11R6/lib is in 
>/etc/ld.so.conf and also in my $PATH
> for that matter.

yes, but are you including them?  i.e. is there a -lX (or whatever lib those guys
are in) included in your ld line?

As for the not found, put -L/path/to/those/libs before the -lthelib that needs it.

See also the man page for what side affects these will have!
(Because -L does have side effects!)

rc



Rusty E. Carruth   Email: [EMAIL PROTECTED] or [EMAIL PROTECTED]
Voice: (480) 345-3621  SnailMail: Schlumberger ATE   ___
FAX:   (480) 345-8793 7855 S. River Parkway, Suite 116   \e/
Ham: N7IKQ @ 146.82+,pl 162.2 Tempe, AZ 85284-1825V
ICBM: 33 20' 44"N   111 53' 47"W  http://tuxedo.org/~esr/ecsl/index.html

Re[2]: [expert] Firewire

2001-07-03 Thread Rusty Carruth 

Kernell32 <[EMAIL PROTECTED]> wrote:
> ...
> 
> Guess that means the driver is not installed .

Pretty safe bet ;-)

> How do i insert the driver or module 

I think you want insmod, try it and see what happens.

> ...
> 
> Informations: This device hasn't been identified by HardDrake, please send 
> `/proc/bus/*' files and this device ID `104c8019' to: 
> [EMAIL PROTECTED]

But that gives me a bad feeling.  What's in /proc/bus/*?

rc

[expert] mailing list trouble (fwd)

2001-07-03 Thread Rusty Carruth 

> Thus spake "Julia A. Case" <[EMAIL PROTECTED]>
> 
> All of a sudden I stopped getting email from the list...  I sent a few messages and 
> have recieved private responses so I know my email is getting to the list, but I'm 
> just not getting anything from it.

Don't worry about it, its a feature ;-)

Actually, I'll bet that you get your emails soon enough.  What I believe happens is 
that the mail takes a non-trivial time to get sent out, and those of us nearer the
end get the messages long (for some value of long) after the early-on folks.

Those folks on the early-on edge of things, if they are alert and answering,
will answer you before you see your email.

Two things to do to verify this - one is that I sent this to you directly AND
to the list.  See how long it takes from the first copy you get to the second -
that's YOUR personal propagation delay through the list (at this moment, anyway :-).

Second, wait a bit longer - I've seen it take an hour (or much more) when things are
(apparently) loaded on the server.  If you NEVER get your email (for 'tomorrow' values
of never) then I'd be 'concerned' about having dropped off the list.

Also, I think it was this list that I subscribed to twice from the same address
once and it did not break anything, so if you are afraid of losing expert emails
(horrors! ;-) you might subscribe again.  I'll let the maintainers of the list
pipe up and tell us if this is a bad thing to do or not!  :-)

rc


Rusty E. Carruth   Email: [EMAIL PROTECTED] or [EMAIL PROTECTED]
Voice: (480) 345-3621  SnailMail: Schlumberger ATE   ___
FAX:   (480) 345-8793 7855 S. River Parkway, Suite 116   \e/
Ham: N7IKQ @ 146.82+,pl 162.2 Tempe, AZ 85284-1825V
ICBM: 33 20' 44"N   111 53' 47"W  http://tuxedo.org/~esr/ecsl/index.html

autorip - cool too (was [expert] mp3c, nice little tool... )

2001-07-03 Thread Rusty Carruth 

> Thus spake "Julia A. Case" <[EMAIL PROTECTED]>
> 
> I found this last night, it's a frontend for ripping audio tracks off a cd and then 
> converting them to mp3 format...  you can even create a batch file to do a whole cd 
> at one time...
> 
> The only trouble I found with the batch file is that it leaves the files named 
> 01-blahblah.mp3, but it puts a file in the directory with what I wanted as the name 
> of the mp3 with a m3u extension, it's just a file with the name of the mp3 file...  
> so I had to rename all the files.
> ...

I've used autorip - a really nifty perl script that not only rips an entire CD
into mp3, but it looks up that cd in the cddb so that the names are (usually)
right.  

Oh, wait, I'm wrong - it does not rip an entire cd.  It waits for a cd to be 
inserted into the CD drive, rips it, ejects it when done, and then waits for 
another cd to be inserted to repeat the above with.  So you run autorip,
jam the first cd in the drive, and when it ejects take it out and jam another
one in until all your cd's are done.  It creates directories, named by the title
(and author, I think) of the CD, with the mp3s inside there with names like
01_This_is_The_First_Song.mp3 02_This_is_the_Second_Song.mp3 and so forth.

The only down side is that spaces in the name are converted to '_', so the names
get kinda long and verbose  ;-)  (as you can see above in my contrived example)

rc


Rusty E. Carruth   Email: [EMAIL PROTECTED] or [EMAIL PROTECTED]
Voice: (480) 345-3621  SnailMail: Schlumberger ATE   ___
FAX:   (480) 345-8793 7855 S. River Parkway, Suite 116   \e/
Ham: N7IKQ @ 146.82+,pl 162.2 Tempe, AZ 85284-1825V
ICBM: 33 20' 44"N   111 53' 47"W  http://tuxedo.org/~esr/ecsl/index.html

Re: [expert] Re: Re[2]: [save] ppp help needed

2001-07-03 Thread Rusty Carruth 

"Christopher W. Aiken" <[EMAIL PROTECTED]> wrote:
> ...
> Still no luck.  I don't understand.  I get connected with my
> chat script but I still can not "see" anything.  What I'm trying
> to do is set up a "pon" & "poff" script that I used on my Debian 2.2r2
> system.  I don't have ipchains installed.  I can get connected
> and surf like crazy if I use kppp.  Why can't I "see" anything with
> my own non-GUI scripts?
> 
> ...
> /etc/ppp/options (same problem w/ or w/o usepeerdns):
> lock
> noauth
> crtscts
> noipdefault
> usepeerdns

Right there's the problem.

You need defaultroute in those options.  The gui probably uses some file
in /etc/sysconfig/ that has defaultroute in it... 

rc


Rusty E. Carruth   Email: [EMAIL PROTECTED] or [EMAIL PROTECTED]
Voice: (480) 345-3621  SnailMail: Schlumberger ATE   ___
FAX:   (480) 345-8793 7855 S. River Parkway, Suite 116   \e/
Ham: N7IKQ @ 146.82+,pl 162.2 Tempe, AZ 85284-1825V
ICBM: 33 20' 44"N   111 53' 47"W  http://tuxedo.org/~esr/ecsl/index.html

Re: [expert] MD 8.0 Who's logged on?

2001-07-02 Thread Rusty Carruth 

"Dave Peat" <[EMAIL PROTECTED]> wrote:

> 

BEGIN:VCARD
VERSION:2.1
X-GWTYPE:USER
FN:Peat, Dave
EMAIL;WORK;PREF;NGW:[EMAIL PROTECTED]
X-GWUSERID:PEATDA
ORG:;N410
N:Peat;Dave
TEL;WORK:(435)863-4105
TITLE:31257
END:VCARD




> Is there a command that will show all users currantly logged on to the system?
> Thanks,
> Dave

(sorry about the text/plain above...)

Usually I use 'w'.

rc

Re: [expert] Config file provided with Mandrake 8.0?

2001-07-02 Thread Rusty Carruth 

Steve Browne <[EMAIL PROTECTED]> wrote:
> Here's a question that should affect a lot of people. Suppose I want
> to recompile the kernel, 2.4.3-xxx, that came with Mandrake 8.0.
> Suppose I just want to change ONE item, enabled, disable, load as
> module.
> 
> When I "make config" on the supplied kernel, this configuration file
> called up does NOT seem to be the one MandrakeSoft used to prepare the
> supplied kernel. It appears to be a generic configuration file from
> the Linux kernel team. So I have to go through 1,000 questions, only
> half of which I understand.
> 
> Is there a Mandrake configuration file hiding somewhere? Or, if I
> recompile from this existing configuration file and change only ONE
> default, will this 99.999% compile back to the Mandrake kernel? Is
> there a MANDRAKE config file I can download?

I've been told (and I think I've done it ;-) that:

make oldconfig

will get you the old config into your shiny new config file so you
can then do the old 'make xconfig' or 'make menuconfig' (or even
'make config' ;-) and have the 'correct' base config (your old one).

rc

(you may want to consider using menuconfig (for text-based but really
nice) or xconfig (for x-based and also really nice ;-) instead of just
plain old config (which I found to be a real pain, since you cannot
skip anything, and you cannot go back, as I recall)


Rusty E. Carruth   Email: [EMAIL PROTECTED] or [EMAIL PROTECTED]
Voice: (480) 345-3621  SnailMail: Schlumberger ATE   ___
FAX:   (480) 345-8793 7855 S. River Parkway, Suite 116   \e/
Ham: N7IKQ @ 146.82+,pl 162.2 Tempe, AZ 85284-1825V
ICBM: 33 20' 44"N   111 53' 47"W  http://tuxedo.org/~esr/ecsl/index.html

Re: [expert] cron job runs twice

2001-07-02 Thread Rusty Carruth 

David Horky <[EMAIL PROTECTED]> wrote:
> Hello,
> 
> I have problems with some cron jobs on Mandrake 7.2. Sometimes - once, twice a
> week, but not regularly, some of the cron jobs are run more then once. it is
> especially annoying during log-rotating. here is the example of cron log which
> demonstrates is well - cron.daily jobs are excuted twice.
> 
> 
> Jul  2 04:01:59 thorn CROND[23983]: (root) CMD (run-parts /etc/cron.daily)
> Jul  2 04:02:00 thorn CROND[24066]: (root) CMD (   /usr/share/msec/promisc_check
> Jul  2 04:02:00 thorn CROND[24069]: (root) CMD (run-parts /etc/cron.daily)
> Jul  2 04:03:00 thorn CROND[24237]: (root) CMD (   /usr/share/msec/promisc_check
> 
> there is not ntp server on the box, just sync time 4 times a day, there is just

How do you sync the time exactly?  If it does a 'hard' time-set then you can
see really strange things when the time goes backwards  And I mean *REALLY 
STRANGE* ;-)

Including what you see.  If the time sink :-) command happened at 4:01:59.5, and it 
turned
the clock back to 4:01:58 for example, then you just violated one of the assumptions
of all the time-based things - that time always goes forward...

> Has anyone seen a similar problem? 

Yeah, when I change the time back manually I've seen strange things.  Also I've noticed
weird things when I jump the time forward by a bunch (like a day or so), but usually
its not damaging ;-)

> Any clue what could be a reason of such a behavior?

see above guess about time being reversed.

rc


Rusty E. Carruth   Email: [EMAIL PROTECTED] or [EMAIL PROTECTED]
Voice: (480) 345-3621  SnailMail: Schlumberger ATE   ___
FAX:   (480) 345-8793 7855 S. River Parkway, Suite 116   \e/
Ham: N7IKQ @ 146.82+,pl 162.2 Tempe, AZ 85284-1825V
ICBM: 33 20' 44"N   111 53' 47"W  http://tuxedo.org/~esr/ecsl/index.html

Re[2]: [expert] How to fix an X lockup?

2001-07-02 Thread Rusty Carruth 

"Praedor S. Tempus" <[EMAIL PROTECTED]> wrote:
> Thank you, I forget I have that app.  I will try it next time.
> 
> I suppose that since no one has offered a suggestion, that I really am left 
> with having to reboot the system rather than restarting X?  Having to reboot 
> the system leaves a bad taste in my mouth - that is one of the reasons I left 
> (and enjoy not using) windoze anymore. 

I guess I have 2 responses to that:

1 - yeah, but just think of how much LESS often you have to do it!  :-)

2 - I commiserate - I ran some x game a while back on my main machine at home
and it locked completely - the computer was not even looking at the
keyboard (once that happens, you are usually totally dead.  SOMETIMES
you'll find that you can still telnet (or better, ssh) in, but not
very often).  My guess is that when that happens the program has managed
to exercise a bug in a driver somewhere.  As I sit here thinking about it, 
 
I think that maybe some enterprising soul should think about trying to
track down where its happening - but its gonna be interesting, and 
since its a hard lockup, you'll probably need some kind of special 
hardware that retains its memory during a hard reboot...  (and writes
to it are immediate - so saving a log to disk won't cut it).
(Wish *I* had such a nifty piece of hardware! :-0)

3 (who ever said I could count??? I *was* a math major, after all! ;-) - 
(I *think* this may have been said before, but my mind is going, and just in 
case:)
As intimated above, if the shift lock or caps lock don't toggle the
appropriate LED on the keyboard then your computer is probably hard
locked and only the little red button (or the power switch) will
get you out of it.  If those keys work, then try Control-Alt-F
to see if you can get a text console.  If not, (or instead of this)
try pinging that machine from another machine on your (local)
network.  If you can ping it, then try telnet or ssh.  If you can
get in either way, log in, su to root, and kill off the most recent
process (or whatever one you think caused the lockup).  Repeat killing
until either you have to reboot because you killed the wrong thing (:-),
or you get the machine back.  (I usually start off by killing softly (-11 or
-15) a few times, then if that fails hit it with a -9 - if THAT fails to
kill it you've got a process that is unable to die - usually because of
something its waiting on in the kernel that it cannot have.  But sometimes
just because it can take a minute to die ;-)  If all else fails, there's
always 'reboot' ;-)

rc


Rusty E. Carruth   Email: [EMAIL PROTECTED] or [EMAIL PROTECTED]
Voice: (480) 345-3621  SnailMail: Schlumberger ATE   ___
FAX:   (480) 345-8793 7855 S. River Parkway, Suite 116   \e/
Ham: N7IKQ @ 146.82+,pl 162.2 Tempe, AZ 85284-1825V
ICBM: 33 20' 44"N   111 53' 47"W  http://tuxedo.org/~esr/ecsl/index.html

Re[2]: [expert] hostname questions (again)

2001-06-29 Thread Rusty Carruth 

Tom Strickland <[EMAIL PROTECTED]> wrote:
> 
> Hmmm - sounds great for my home machine, but not so great for the
> charity. The idea is to set up a minimum administration system so that
> an administrator is only needed to check the logs periodically and
> patch the system. Backup, user admin, mail - nearly everything else
> needs to be admin'd by the secretary. This is one area where Win NT
> still manages to do a little better, but I'm not letting that back on
> our server.
> If we're delivering our mail as coming from ourcharity.org.uk and it's
> being relayed through our ISP's SMTP server (BT), wouldn't it get
> blocked at some point by spam filters?
> 
> Thanks,

I was originally not going to send this to the entire list until I
realized that someone may know of other differences than I have
thought of.

(also, see the other email I sent in reply to your clarification of the
above question  ;-)


Well, actually from the admin maintenance point of view there's really 
very little difference between a smart smtp server and one that *uses*
a smart smtp server.  (actually, I can think of none at all, but I 
thought I'd cover my bottom ;-)

On the admin side:

1 - You may want to set up sudo scripts to perform tasks like adding users
and so forth.

2 - Think about who you really want to handle bounce messages (ok, I suppose
this is more of a problem for smart smtp servers, but not much more,
as people would be getting bounce messages anyway, its just that the
ADMIN can get them too if you are the smart smtp server)

3 - Same goes for other admin email - I assume you all are training the
secretary which ones can be filed and which need 'professional help' ?


4 - What part of backup is going to be admin'd by the secretary?  I'd think you'd
set it up so that they just have to change tapes?  (And perhaps add
or remove items from the 'things to back up' list)

5 - Same for user admin - I assume you just mean being able to add and remove users?
I've never needed this, but I suggest sudo (e.g. to allow the secretary to
run 'useradd' or 'adduser')  (You may not want this on  your firewall!)

6 - Again, same for mail admin.  Are you thinking just for adding and removing
mail users?  Or do you have a mailing list (or more)?  An awful lot
can be done with scripts (shell, perl, awk, sed, whatever ;-) that you
allow certain folks (i.e. the secretary) to run using sudo.

But in any case, consider whether you want your mail server to also be your
firewall (I actually am beginning to think that I hope its not ;-), and
whether the accounts need to actually be ON the mail machine (so the mail
'lands' there) or on the user's machines (so that the mail 'pauses' on
your mail machine but 'lands' on each user's machine - this is probably
NOT what you want, but I thought i'd mention it anyway).

Well, I'm really starting to wander now, I'll shut up ;-)

rc


Rusty E. Carruth   Email: [EMAIL PROTECTED] or [EMAIL PROTECTED]
Voice: (480) 345-3621  SnailMail: Schlumberger ATE   ___
FAX:   (480) 345-8793 7855 S. River Parkway, Suite 116   \e/
Ham: N7IKQ @ 146.82+,pl 162.2 Tempe, AZ 85284-1825V
ICBM: 33 20' 44"N   111 53' 47"W  http://tuxedo.org/~esr/ecsl/index.html

Re[2]: [expert] hostname questions (again)

2001-06-29 Thread Rusty Carruth 

Tom Strickland <[EMAIL PROTECTED]> wrote:
> ...
> I should have been more clear in my last posting: my main question was:
> If we're delivering our mail as coming from ourcharity.org.uk and it's
> being relayed through BT's (our new ISP) SMTP server, wouldn't it get
> blocked at some point by spam filters (e.g. on mailing lists, people's
> home machines)? Or have I misunderstood something?

The short answers: 
Yes, but not by spam filters.  
Maybe.

The long answer:

All *correctly configured* (see notes 1 and 2) ISPs these days have their
smtp servers set up to not relay mail.  What does this mean?  It means
that, if you connect to the smtp server (port 25) on their machine
then either you are from their domain or not.   If you are inside 
their domain(s) then you can send anywhere; if you are NOT from 
inside their domain(s) then you can only send to recipients inside 
their domain(s) (see note 3).

Huh?  Well, if you connect to your isp (say, thatisp.uk), and tell them 
you are ourcharity.org.uk then you are not sending from inside their domain
(probably - it depends upon exactly how they check your inside-ness!),
and thus you will only be able to send email to recipients whose email
addresses end in 'thatisp.uk' - probably not too useful.  (See note 4)

However, if your firewall (or whatever) is set up as a 'smart smtp server'
(again, terminology from the 'old days' ;-), then everyone inside 
ourcharity.org.uk would send email using THAT machine (which would
perform that relay test and see that you are sending email from INSIDE
ourcharity.org.uk and thus allow it).  The 'smart smtp server' would
then send that email directly to the recipient machine, bypassing your
ISP's smtp server entirely.  (Again, this is how I have mine set up,
and it works fine.)  (Alternatively, you can just have the client
machines send directly to the recipient, but that's usually a quite
a bit more of a hassle).

There, clear as mud?  ;-)

rc



Notes (perhaps more accurately called 'rabbit trails :-)

Note 1 - In the 'old days', 'correctly configured' meant that you
specifically DID allow mail relay, since that's how mail was sent!
(everything was via uucp, including mail, and so it was rare that both
ends of the email path were connected to the 'net at the same time,
so you HAD to 'relay' mail!  Ah, the days of the old bang paths,
may they rust in peas! ;-)  (Yes, I'm a 'net old-timer, aint it a
pain :-)

Note 2 - Nowadays, ALL correctly-configured smtp servers do not
do relaying of email.  See also note 1 (;-)

Note 3 - I say 'domain(s)' instead of 'domain' because some SMTP
servers serve more than one domain.

Note 4 - In the old days, when I was a sysadmin, I used to test our
email config by sending mail out to an outside machine and then back to
myself.  Once that was working, I'd then send it through *2* machines
outside and then back to myself.  Using 'bang paths' that was trivial.
However, with '@' notation you have to do a little bit of what some might
consider trickery - since most smtp servers will do funny things nowadays
with 'bang' notation - you have to resort to '%' subnotation - but it only
works one level deep, unlike bang paths  However, since all 'correctly
configured' smtp servers will not allow relaying (which you are doing using
'%' (and bang)), this is not useful any more...  But it IS too bad that there
is no easy way to test email any more short of joining a mailing list and
sending it email!


Rusty E. Carruth   Email: [EMAIL PROTECTED] or [EMAIL PROTECTED]
Voice: (480) 345-3621  SnailMail: Schlumberger ATE   ___
FAX:   (480) 345-8793 7855 S. River Parkway, Suite 116   \e/
Ham: N7IKQ @ 146.82+,pl 162.2 Tempe, AZ 85284-1825V
ICBM: 33 20' 44"N   111 53' 47"W  http://tuxedo.org/~esr/ecsl/index.html

Re: [expert] hostname questions (again)

2001-06-28 Thread Rusty Carruth 

Tom Strickland <[EMAIL PROTECTED]> wrote:
> Our server is about to be connected to the Internet through a dialup
> modem. Naive question:
> Is it OK to give our network/server any old domain name? To the
> outside world we will be the domain set by our ISP, but can I set the
> domain in our LAN to something like smith.jones?

It may work, it may not.

A lot depends upon how you set up your mail.

If you try to send mail to your ISP from [EMAIL PROTECTED], and your
isp is jones.smith, then your isp will most likely deny you the
relay that it thinks you are asking for when you try to send email
to anyone outside the jones.smith (and possibly smith.jones) domain(s).

If, however, you send email directly from your smith.jones side then
you might (should?) be ok.  (But beware - strange things may happen on
INCOMING email ;-)

I had a setup like that for a while - I was descomp.phx.inficad.com
AND descomp.com for a long time, and it worked fine as long as I 
sent email directly out from my descomp.com domain (i.e. I ran
postfix on descomp.com and IT was a 'smart mailer' (in the old
sendmail terminology :-)  So it can work fine.  It helps if you
set your mailer to accept mail for BOTH domains.

rc


Rusty E. Carruth   Email: [EMAIL PROTECTED] or [EMAIL PROTECTED]
Voice: (480) 345-3621  SnailMail: Schlumberger ATE   ___
FAX:   (480) 345-8793 7855 S. River Parkway, Suite 116   \e/
Ham: N7IKQ @ 146.82+,pl 162.2 Tempe, AZ 85284-1825V
ICBM: 33 20' 44"N   111 53' 47"W  http://tuxedo.org/~esr/ecsl/index.html

Re[2]: [expert] cups: is not ready - and I know good and well it is!

2001-06-21 Thread Rusty Carruth 

> Rusty Carruth wrote:
> 
> > Ok, Cups hating time ;-)
> >

Ok, an update.

Its an eisa-based system.

The parallel port was not working right, and we were also having
trouble with eth0 initialization working.

Turns out that we had some irq conflicts, and now I've gone and
tried to set it all right (parallel is on IRQ 5, with dma on 3;
SCSI controllers (I have 2) are at irq11 and 14).

But now its worse - I cannot even get it to SEE the ethernet hardware
any more, and parallel port is still not working right.

I'm going to let a friend fiddle with it a bit and see if he
can get it fixed - I bet he'll have more patience than I
and will get it fixed ;-)

I'll post back if/when we're up and printing

rc

Re[2]: [expert] Linux kernel on windows

2001-06-21 Thread Rusty Carruth 

Hoyt <[EMAIL PROTECTED]> wrote:
> On Thursday 21 June 2001 11:07 am, Baccari, Lou may or may not have written:
> > Hello,
> >
> >  I though I read somewhere that if you did not what to install a complete
> > installation of Mandrake that you could install a Linux kernel/executable
> > that simulated Linux on MS windows.  Is this possible?
> >
> 
> 
> You're asking about win4lin. 

No, I don't think so  ;-)

> I'm not certain how you get to it in the install menu.

Win4lin allows you to run windows apps under linux.

There was an option on previous versions of mandrake (may still
be, I don't know) to allow you to install LM on an existing windows
partition, using vfat.  Back when I saw it I think it was called
demo mode or something...

I'll step out of the way now and let someone who knows what they're
talking about go ;-)

rc

[expert] cups: is not ready - and I know good and well it is!

2001-06-20 Thread Rusty Carruth 

Ok, Cups hating time ;-)

I've got a machine I've installed LM 7.2 on, and now I want to get it
to talk to an HP DeskJet 560C printer.

So, hook up the printer to parallel port, fire up printerdrake, and
get it all configured (already had another printer defined on lp0,
did not delete it first, then later went back and deleted it).

Tried the test print, went to another window, and asked lpq what
was up, and it said ' is not ready'

So, I said 'echo hi > /dev/lp0' and the printer started printing,
then I sent a linefeed to the printer (same way, sorta), and it 
very nicely ejected a sheet with 'hi' on it.

So, hardware is right, and the printer works, but even as the 'hi'
was printing lpq kept insisting that the printer was not ready.

Has anybody seen this and fixed it without just removing cups? ;-)


rc


Rusty E. Carruth   Email: [EMAIL PROTECTED] or [EMAIL PROTECTED]
Voice: (480) 345-3621  SnailMail: Schlumberger ATE   ___
FAX:   (480) 345-8793 7855 S. River Parkway, Suite 116   \e/
Ham: N7IKQ @ 146.82+,pl 162.2 Tempe, AZ 85284-1825V
ICBM: 33 20' 44"N   111 53' 47"W  http://tuxedo.org/~esr/ecsl/index.html

RE[2]: [expert] Mdk 8.0: problems in running c++ execs.

2001-06-20 Thread Rusty Carruth 

Thierry De Corte <[EMAIL PROTECTED]> wrote:
> Try flushing the stream...

Interesting.  I bet this relates to that perl question a
while back, which turned out to be related to your SHELL,
believe it or not.

Try using tcsh and run that same program and see what happens...

Just out of curiosity.

rc

Re: [expert] File Listing Of All Ports - In Search Of...

2001-06-19 Thread Rusty Carruth 

Sevatio <[EMAIL PROTECTED]> wrote:
> Hi,
> 
> I'm in search of a file that lists all ports and their descriptions.  
> Could someone help me recall the location of this file?

/etc/services maybe?

rc

Re: [expert] Script question...

2001-06-18 Thread Rusty Carruth 

Thierry De Corte <[EMAIL PROTECTED]> wrote:
> I want to backup some files using tar in a script... How can I use the current date 
>to create the file
> name?
> 
> In other words, I want to script the command: 
> 
> #!/bin/sh
> tar -zcvf backup_jun18.tgz /some_dir/*
> 
> with the date part automatic (the date can be any formats)...
> 
> Thanks
> 

If you were using perl for your scripting, you'd say:

my $date = scalar localtime;
$date =~ s/\s+/_/g;

If using bash, I'd say something like:

date=`date +"%Y.%m.%d.%H:%M:%S"`

then use $date in your filename, (date looks like "2001.06.18.07:52:48" -
if you want a different kinda date, look up the man page on 'date' and use
different %-thingys ;-)

rc


Rusty E. Carruth   Email: [EMAIL PROTECTED] or [EMAIL PROTECTED]
Voice: (480) 345-3621  SnailMail: Schlumberger ATE   ___
FAX:   (480) 345-8793 7855 S. River Parkway, Suite 116   \e/
Ham: N7IKQ @ 146.82+,pl 162.2 Tempe, AZ 85284-1825V
ICBM: 33 20' 44"N   111 53' 47"W  http://tuxedo.org/~esr/ecsl/index.html

Re[2]: [expert] / gets smaller and smaller !

2001-06-15 Thread Rusty Carruth 

Turgut Kalfaoglu <[EMAIL PROTECTED]> wrote:
> 
> Actually, I have everything in other partitions, so the / partition
> should, in theory, not grow at all. I have /usr , /var , /home
> in other partitions. Even /tmp is at /var/tmp..
> Really odd.. -turgut

Is that by having /tmp be a (soft) link?  If not, (and I cannot imagine
how it could NOT be! but just in case) if there is a time when /tmp is
not 'redirected' and something opens a file there, and then /tmp is
somehow 'redirected' then you can get those symptoms.  You also get the
same symptoms if a process opens a file in the '/' partition somewhere
and, while still keeping it open, deletes that file (or if another
process deletes it).  The file still occupies space on the disk,thus
showing up in df, but you cannot find it ANYWHERE because the only
reference is inside a program.  Once that program exits your space
is immediately freed - so one way to see if thats the case is to kill
processes one at a time and check free space...

Are there ANY directories that are not mounted?

And, finally, have you looked for 'hidden' directories?  (start with '.')?

Just a few shots in the dark...

rc


Rusty E. Carruth   Email: [EMAIL PROTECTED] or [EMAIL PROTECTED]
Voice: (480) 345-3621  SnailMail: Schlumberger ATE   ___
FAX:   (480) 345-8793 7855 S. River Parkway, Suite 116   \e/
Ham: N7IKQ @ 146.82+,pl 162.2 Tempe, AZ 85284-1825V
ICBM: 33 20' 44"N   111 53' 47"W  http://tuxedo.org/~esr/ecsl/index.html

Re[2]: [expert] Unknown partiton table

2001-06-15 Thread Rusty Carruth 

"David C. Hoos" <[EMAIL PROTECTED]> wrote:
> 
> - Original Message - 
> From: "John Hart" <[EMAIL PROTECTED]>
> To: <[EMAIL PROTECTED]>
> Sent: Friday, June 15, 2001 6:06 AM
> Subject: RE: [expert] Unknown partiton table
> 
> 
> > -BEGIN PGP SIGNED MESSAGE-
> > Hash: SHA1
> > 
> > You are using fdisk from Windoze/Dos?!?!  Why?
> > 
> Because:
> 
> 1.  With a brand new disk, fdisk from LM7.1 would segfault.
> 
> 2.  Someone on this list suggested it.
> 
> 3.  The tactic worked
> 
> What I did was use a Win98 startup disk to boot the machine.
> Then, using FDISK from that startup disk, I created one primary
> partition, encompassing the whole disk.
> 
> Then, rebooting from the first hard drive (SCSI) I was able then to
> use fdisk from LM7.1 to delete the partition from /dev/hdc and create
> Linux ext2 partitions the way I wanted them.

Well, that implies that my dd trick should have worked also.

If anyone else has that problem I'd be really curious if

'dd if=/dev/zero of=/dev/hd count=1 ibs=512'

makes it work (obviously, you have to try this instead of using dos fdisk ;-)

BEWARE - be SURE you get that  right or you just creamed
the MBR of that other drive!

rc


Rusty E. Carruth   Email: [EMAIL PROTECTED] or [EMAIL PROTECTED]
Voice: (480) 345-3621  SnailMail: Schlumberger ATE   ___
FAX:   (480) 345-8793 7855 S. River Parkway, Suite 116   \e/
Ham: N7IKQ @ 146.82+,pl 162.2 Tempe, AZ 85284-1825V
ICBM: 33 20' 44"N   111 53' 47"W  http://tuxedo.org/~esr/ecsl/index.html

Re[2]: [expert] Unknown partiton table

2001-06-14 Thread Rusty Carruth 

"jose orlando t. ribeiro" <[EMAIL PROTECTED]> wrote:
> 
> david,
> 
> it seems that your new(?) HD hasn't been formated and doesn't have any 
> partition created (as a new drive should be).
> 
> Try to use fdisk to create some partition or file-system to make the 
> system happy and let you add your drive.

Thats exactly what he did, and it died.

A POSSIBILITY, assuming that the other stuff is right (and beware -
I have a feeling that needs to be looked at first!) is to
simply say 'dd if=/dev/zero of=/dev/hdc count=1' and that will intialize
number zero to zero.

But I'd not said that till someone else spoke up saying that the 
hardware setup looks good...

oops, now I've said it!  :-)

rc


Rusty E. Carruth   Email: [EMAIL PROTECTED] or [EMAIL PROTECTED]
Voice: (480) 345-3621  SnailMail: Schlumberger ATE   ___
FAX:   (480) 345-8793 7855 S. River Parkway, Suite 116   \e/
Ham: N7IKQ @ 146.82+,pl 162.2 Tempe, AZ 85284-1825V
ICBM: 33 20' 44"N   111 53' 47"W  http://tuxedo.org/~esr/ecsl/index.html

Re: [expert] how can I tell when computer shutoff due to power failure?

2001-06-14 Thread Rusty Carruth 

brian <[EMAIL PROTECTED]> wrote:
> I have 2 MDK8.0 PC's that were shutoff when I came in yesterday morning. I 
> never turn them off and suspect that a power failure was responsible. Is 
> there anyway to tell what time they were shutoff? 

Depends. 

If something happens pretty regularly that is logged, then the log
should stop being updated once the power goes off (one would hope ;-)

do 'ls -altr /var/log' and see when the dates jump.

Also, look through /var/log/messages (from the end) and see if
anything jumps out.

Finally, you might try

'last'

and see if that tells you what you want.

rc


Rusty E. Carruth   Email: [EMAIL PROTECTED] or [EMAIL PROTECTED]
Voice: (480) 345-3621  SnailMail: Schlumberger ATE   ___
FAX:   (480) 345-8793 7855 S. River Parkway, Suite 116   \e/
Ham: N7IKQ @ 146.82+,pl 162.2 Tempe, AZ 85284-1825V
ICBM: 33 20' 44"N   111 53' 47"W  http://tuxedo.org/~esr/ecsl/index.html

Re[2]: [expert] changing boot devices

2001-06-12 Thread Rusty Carruth 

"Jose Orlando T. Ribeiro" <[EMAIL PROTECTED]> wrote:
> 
> I hadn´t expressed myself correctly!!

Ah - ok.  No problem!

> What I did: removed the CD-ROM and changed the HD, so it didn't boot up... Now
> I undestood waht you said... I had to put a small HD in the place of the CD-ROM 
> and don´t make any changes... right?

Short answer - no, you want to put the small hd in place of /dev/hdb, so that lilo
can still boot there (giving you a bootable linux - see next paragraph).

The whole point of this mess is to 

1 - ensure that you always have a bootable linux partition no matter what.
2 - boot that linux partition so you can set up the moved drive to boot again.


In other (longer ;-) words, the idea is to make it so you can boot linux 
somehow, mount '/' from /dev/hdc1 (on e.g. /mnt/hdc1), chroot to there 
(chroot /mnt/hdc1), fix up /etc/lilo.conf, install lilo, fix up /etc/fstab 
(e.g. /mnt/hdc1/etc/fstab) to point to the right device (again, /dev/hdc), 
and then reboot using the  newly-re-configured lilo.  (Carefully rebooting
so that you've left the chroot and unmounted everything so you don't have
to fsck - oh, wait - you're using reiser.  Never mind about that ;-)

> The drive where I have enough free space for a backup is my /dev/hda... it's a
> 40G IDE.

Oh, shoot - that makes it even easier.  Install (or otherwise put) a minimal
linux on there (even linux on fat should work), set up lilo to boot THAT
linux ONLY (you will lose big time if you don't fix lilo (or grub) before moving that
/dev/hdb to /dev/hdc!), and use that linux to do that paragraph that starts
with 'In other (longer ;-) words'.

It should also be possible to boot the install CD and do all this.

> About boot floppies... can I make a boot floppy and edit the fstab in the floppy
> disk?

Depends upon how you install onto the floppy.

If you put lilo onto the floppy, then you've got one situation, if you install
a raw boot image you've got another situation.

In the case of lilo on the floppy (a kinda cool thing, actually), you can set it up
to allow you to choose /dev/hda1, /dev/hda2, /dev/hdb1, etc, as well as the floppy
image(s) of linux on that floppy.  (Yes, it works, I've done it ;-)

I think 'make bzdisk' from your linux source tree will make the raw boot image
version without lilo.   This is a fine way to make a simple recovery disk for
when you have the drive installed as /dev/hdb, but its a bit weak for when
you have it elsewhere.

And you STILL want to be able to boot linux first, so you can fix your /etc/fstab
and /etc/lilo.conf


>  I even tried to do this, but when I do "cd /mnt/floppy" there is an error
> message like "couldn't read media"... it´s because /mnt/floppy uses the ms-dos
> file system mount??? How to mount and read a lilo boot floppy??

Well, you may or may not need to do this.  lilo goes on the MBR (sector 0,
cylinder 0, track 0) of the floppy.  What is on the rest of the floppy could
be nothing, msdos fat filesystem, ext2, whatever.  

So, if its fat, then you need to mount -t fat or -t vfat, if its ext2
then mount -t ext2 (assuming supermount is not in there messing you up),
etc.

Usually you won't need to mount it though - if you have built your kernel
then do a make bzdisk there in the kernel source tree.  (with a unused floppy
in there!).  This makes a disk that boots directly onto the root partition
you currently have set (which COULD be a chrooted place!).

> And that message :
> 
> > > == begin error message =
> > >
> > > VFS Can not open root device "341" or 03:41
> > > Please append a correct "root" boot option
> > >
> > >  end error message =
> 
> what is that "root device "341" or 03:41" ??? I don't have any reference in
> fstab or lilo.conf to a device 341...

Oh, its some strange mapped code that I've only figured out once.  Its ALMOST
like device major/minor type in /dev files, but not quite.  Basically it
means /dev/hdb1 ain't there any more (or some other partition)

But then, you knew that ;-)

And I've forgotten where I saw the instructions on how to figure out
what they meant, sorry.

> Sorry if I'm not very clear, I'm Brazilian and sometimes my English is faulty
> :-)

Shoot - your english is better than mine!

rc


Rusty Carruth  Email: [EMAIL PROTECTED] or [EMAIL PROTECTED]
Voice: (480) 345-3621  SnailMail: Schlumberger ATE
FAX:   (480) 345-8793 7855 S. River Parkway, Suite 116
Ham: N7IKQ @ 146.82+,pl 162.2 Tempe, AZ 85284-1825
ICBM: 33 20' 44"N   111 53' 47"W

Re[2]: [expert] changing boot devices

2001-06-12 Thread Rusty Carruth 

"Jose Orlando T. Ribeiro" <[EMAIL PROTECTED]> wrote:
> 
> ...
> > remove the cdrom and install any old ide drive as hdc. (you COULD simply move the 
>cdrom to
> > where its going to end up, but that adds one more change that I wanted to 
>avoid)
> > boot up - everything SHOULD still work.
> 
> It doesn´t work... I tried to boot without the CD-ROM, but it hanged the same
> way... after the error message (...Please append a correct "root" boot
> option...) the machine hangs up... I was thinking about changing the fstab
> BEFORE changing the drives... but I fear that I can end with a system that
> doesn´t boot anyway...

So if you simply remove the cd from the current config, and make no other changes,
you cannot boot?

Yikes.  Um.  Hmm.  well, if that's true then I'll have to say I'll have to let
someone else figure it out ;-)

You also mentioned that you had enough space to make a backup on your disk -
I assume you mean the current hdb?  If that's so, then make a new partition
on that disk to hold the current /, copy everything over to there, edit THAT
copy of /etc/fstab to point to /dev/hdc, halt, move everything around (including
the cd), boot up saying 'linux root=/dev/hd

Re: [expert] changing boot devices

2001-06-12 Thread Rusty Carruth 

"jose orlando t. ribeiro" <[EMAIL PROTECTED]> wrote:
> 
> Well,
> 
> ...
> I've tried to change the cables but I had no succes... linux wouldn't
> boot, failing with that message:
> 
> == begin error message =
> 
> VFS Can not open root device "341" or 03:41
> Please append a correct "root" boot option
> 
>  end error message =
> 
> 
> I tried then use a floppy drive for booting and passing the parameter
> "linux= boot /dev/hdc" and I've had the same error message again.

That's "linux root=/dev/hdc"

> So I returned the old configuration and I'm looking for some help now...
> 
> I think that the main consideration is: how the links that I use in X
> and in the command line will work after this? A link is a reference to a
> file or to a device and a file??? How I change references about
> /dev/cdrom? CD players and burners and file system will fail to find
> it... what files/configs I have to change? I'm using Reiser FS, by the way.

Well, I cannot comment on how reiser will change things, but the big
things you'll need to change are /etc/fstab and /etc/lilo.conf.

Because once you get past the boot command above you're going to hang up on
fstab referencing the wrong partitions.  

One way to make this work is somewhat involved:

power off (obvious, but hey ;-)
remove the cdrom and install any old ide drive as hdc. (you COULD simply move the 
cdrom to
where its going to end up, but that adds one more change that I wanted to 
avoid)
boot up - everything SHOULD still work.
log in as root and:
fdisk  -l /dev/hdb
fdisk /dev/hdc
now make /dev/hdc have the same PARTITIONS (not necessarily the same 
SIZES)
as /dev/hdb (that's the reason for the fdisk -l above)
# make directories as required for those partitions, mount the partitions on 
# those directories, and copy over /bin, /sbin, /etc, and whatever else you 
end up needing
# to be able to boot on that drive. 
halt  # the truly paranoid would unmount everything first ;-)

change the drives around (the new temporary disk switches to hdb, the old hdb goes to 
hdc)

boot off your recovery floppy onto hdb  (repeat the above steps till this works.  An 
alternative
would be to simply INSTALL (a minimal) linux on that new drive and proceed to 
the next step.
For discussion purposes, I'm going to assume your previous setup had /dev/hdb1 mounted 
as /,
/dev/hdb5 mounted as /boot (just to show a second filesystem), and /dev/hdb6 
as swap.

log in as root and:
mkdir /mnt/hdc{1,5}
mount /dev/hdc1 /mnt/hdc1
chroot /mnt/hdc1
mount /dev/hdc5 /boot
# if you have trouble running vi in the next step, do it before the chroot.
vi /etc/{lilo.conf,fstab}  # (or emacs, or xemacs, or )
# then add an entry in lilo.conf for linux on /dev/hdc1
# save and exit
# if you have more than one partition, you may need to have them mounted (See 
above)
lilo  # see above note if this fails.
umount /stuff
exit # to get out of chroot
umount /dev/hdc1
reboot # and see if it works, its supposed to ;-)

I *think* that will do it, but beware this was typed from memory and YMMV!

rc


Rusty Carruth  Email: [EMAIL PROTECTED] or [EMAIL PROTECTED]
Voice: (480) 345-3621  SnailMail: Schlumberger ATE
FAX:   (480) 345-8793 7855 S. River Parkway, Suite 116
Ham: N7IKQ @ 146.82+,pl 162.2 Tempe, AZ 85284-1825
ICBM: 33 20' 44"N   111 53' 47"W

Re: [expert] File Size Limit exceeded

2001-06-11 Thread Rusty Carruth 

Andrew George <[EMAIL PROTECTED]> wrote:
> Hi,
> Anyone seen this happen before?

yes, under LM8.0 only.

> [andrew@darkwing andrew]$ su
> Password:
> File size limit exceeded
> [andrew@darkwing andrew]$
> 
> df shows plenty of free space and it only seem to be affecting this user in a 
> graphical console?

I've not tried all the 'xterms' - I know that one of the selections
yields a completly unreadable character set (so I don't use it any more ;-)
But I *do* remember that I was able to SU under THAT 'xterm'.  Now
you got me wondering - I'll go play with that at home and see what I find
out.

> any ideas?

I'll say tomorrow if I learn anything amusing.

rc


Rusty Carruth  Email: [EMAIL PROTECTED] or [EMAIL PROTECTED]
Voice: (480) 345-3621  SnailMail: Schlumberger ATE
FAX:   (480) 345-8793 7855 S. River Parkway, Suite 116
Ham: N7IKQ @ 146.82+,pl 162.2 Tempe, AZ 85284-1825
ICBM: 33 20' 44"N   111 53' 47"W

Re[2]: [expert] bizarre remote access/network problem

2001-06-11 Thread Rusty Carruth 

Pierre Fortin <[EMAIL PROTECTED]> wrote:
> ...
> Note...  traceroute is not the same...  it tries to discover a path from X to Y
> by probing 1-hop deeper on each attempt; but may not discover all the alternate
> paths which may exist, or find intermittent paths.  "ping -R" records the path
> (outbound interfaces) it really took as a packet "to" and the reply "from" which
> may be different paths since routing is not guaranteed to be symmetrical.

That's an understatement ;-)

consider this:

<-local-> <--internet->  
A --+--- B  C  D  E  F -+
|   |
+---+


where 'F' has 2 ip addresses - the one it got by dialing up into the
interent through 'E', and the one it has by virtue of being on the 
local network.  (And B is the firewall/gateway for the local network)

So, if machine 'A' pings machine 'F's internet address, the packet
goes A B C D E F and then returns directly to A via the local network.

rc


Rusty Carruth  Email: [EMAIL PROTECTED] or [EMAIL PROTECTED]
Voice: (480) 345-3621  SnailMail: Schlumberger ATE
FAX:   (480) 345-8793 7855 S. River Parkway, Suite 116
Ham: N7IKQ @ 146.82+,pl 162.2 Tempe, AZ 85284-1825
ICBM: 33 20' 44"N   111 53' 47"W

Re[2]: [expert] Perl problem: print $x; does not work, only print $x,"\n";

2001-06-11 Thread Rusty Carruth 

[EMAIL PROTECTED] wrote:
> I had the same problem. I have a small script to extract my
> dhcp IP address from ifconfig. Under LM8 it didn't seem to
> work unless I made perl add a newline. Then I tried this:
> 
>   fred=`getip.pl`
>   echo $fred
> 
> and $fred did have the IP address. I don't think this is a
> perl problem but something to do with the shell.
> 
> 
> 

Thats exactly it!

Look - this is done on that same lm72 box that did not work before:

bash-2.04$ tcsh
[rusty@tempe-dhcp4 ~]$ perl
{ $| = 1; my $i = 1; print $i , "  asdf";}
1  asdf[rusty@tempe-dhcp4 ~]$ 
   ^^^my prompt^^

so with tcsh we get the expected results.

rc


Rusty Carruth  Email: [EMAIL PROTECTED] or [EMAIL PROTECTED]
Voice: (480) 345-3621  SnailMail: Schlumberger ATE
FAX:   (480) 345-8793 7855 S. River Parkway, Suite 116
Ham: N7IKQ @ 146.82+,pl 162.2 Tempe, AZ 85284-1825
ICBM: 33 20' 44"N   111 53' 47"W

Re: [expert] Perl problem: print $x; does not work, only print $x,"\n";

2001-06-11 Thread Rusty Carruth 

(formatting fixed so this is more readable)

[EMAIL PROTECTED] wrote:
> Hi,
> 
> I recently upgraded to Mandrake 8.0 (using the perl distrbution which is part
> of Mandrake 8.0) and found a strange problem:

>   perl -e '$x=1; print $x;'

> does NOT print anything. But

>   perl -e '$x=1; print $x,"\n";'

> and  

>   perl -e '$x=1, print $x; print "\n";'

> do work. On any other system I use (including Solaris, HP-UX, WinNT, Win2000)

>   perl -e '$x=1; print $x;'

> works properly. Did anybody else observe the same? Is there a solution
> to this problem?
> 
> Best  regards, Immo-Gert Birn

Hmm.  on a solaris box:

rcarruth@msfree> perl -v
 
This is perl, version 5.005_03 built for sun4-solaris
 
Copyright 1987-1999, Larry Wall
 
Perl may be copied only under the terms of either the Artistic License or the
GNU General Public License, which may be found in the Perl 5.0 source kit.
 
Complete documentation for Perl, including FAQ lists, should be found on
this system using `man perl' or `perldoc perl'.  If you have access to the
Internet, point your browser at http://www.perl.com/, the Perl Home Page.
 
rcarruth@msfree> perl 
{ my $i = 1; print $i;}
1rcarruth@msfree> 


Note very carefully where the output went - do you see it?  its in my prompt.
'print' does NOT normally append a linefeed/cr pair unless you tell it to.

Now, on a linux Mandrake 7.2 box:

bash-2.04$ perl -v

This is perl, v5.6.0 built for i386-linux

Copyright 1987-2000, Larry Wall

Perl may be copied only...etc...

bash-2.04$  perl 
{ my $i = 1; print $i;}
bash-2.04$ 


Note that nothing printed.  This is incorrect, however I bet I can make it work:
bash-2.04$  perl 
{ $| = 1; my $i = 1; print $i;}
bash-2.04$ 

Hmm.  Looks like perl is closing the output before flushing it.

bash-2.04$  perl 
{ $| = 1; my $i = 1; print $i ,"\n";print $i , "  asdf";}
1
bash-2.04$ 

I'd say its a bug in something somewhere.  However, try this:

bash-2.04$  perl 
{ $| = 1; my $i = 1; print $i ,"\n";print $i , "  asdf";my $foo=<>;}
1
1  asdf ..I type here...
bash-2.04$ 

Yup, its a bug...  ;-)


Rusty Carruth  Email: [EMAIL PROTECTED] or [EMAIL PROTECTED]
Voice: (480) 345-3621  SnailMail: Schlumberger ATE
FAX:   (480) 345-8793 7855 S. River Parkway, Suite 116
Ham: N7IKQ @ 146.82+,pl 162.2 Tempe, AZ 85284-1825
ICBM: 33 20' 44"N   111 53' 47"W

Re: [expert] USB CameraMate?

2001-06-11 Thread Rusty Carruth 

Dave Ayers <[EMAIL PROTECTED]> wrote:
> I am new to the Mandrake ranks (and this list) and am running Mandrake 7.2
> on a Chembook laptop with a USB port. Said laptop bought with 7.2
> pre-installed from ASL. Before I get myself all tied in knots trying to
> get a MicroTech USB CameraMate drive to work, any opinions on whether
> there is any hope for this USB device with 7.2 and if so how to proceed?
> 
> Dave Ayers
> Quincy, Illinois
> 

you might want to check on the gphoto-devel mailing list:

[EMAIL PROTECTED]

(or see http://www.gphoto.org/)

They have lots of experience with usb and cameras, and can tell
you if gphoto works with that camera...

rc

Re[2]: [expert] afriad to lose LILO

2001-06-11 Thread Rusty Carruth 

Dan Swartzendruber <[EMAIL PROTECTED]> wrote:
> On Sat, 9 Jun 2001, OOzy Pal wrote:
> 
> >  I have dual boot LM8 and Win2000. I want to remove
> > Win2000 and install Win98 but if I do this win98 will
> > not recognize LM* and will overwrite the boot sector.
> > What can I do to avoid this
> 
> install win98, it will overwrite the MBR.  then boot from the linux
> rescue disk.  when you're up, run '/sbin/lilo'.

FIRST, make sure you HAVE a linux rescue disk!

rc


Rusty Carruth  Email: [EMAIL PROTECTED] or [EMAIL PROTECTED]
Voice: (480) 345-3621  SnailMail: Schlumberger ATE
FAX:   (480) 345-8793 7855 S. River Parkway, Suite 116
Ham: N7IKQ @ 146.82+,pl 162.2 Tempe, AZ 85284-1825
ICBM: 33 20' 44"N   111 53' 47"W

Re[2]: [expert] 3C905B-Combo network card

2001-06-11 Thread Rusty Carruth 

Aleksey Naumov <[EMAIL PROTECTED]> wrote:
> Pierre,
> 
> here's my "route -n" output:
> 
> [root@botik /root]# route -n
> Kernel IP routing table
> Destination Gateway Genmask Flags Metric RefUse Iface
> 136.183.128.0   0.0.0.0 255.255.224.0   U 0  00 eth0
> 127.0.0.0   0.0.0.0 255.0.0.0   U 0  00 lo
> 0.0.0.0 136.183.129.253 0.0.0.0 UG0  00 eth0
> 
> Here's the setup for my machine I got from our sys admins:
> IP: 136.183.132.47
> Subnet: 255.255.224.0
> gateway is 136.183.129.253
> 
> I am confused why there is a destination network 136.183.128.0 in my table, and
> not
> a 136.183.132.0. Does this make sense?

Well, lets do some hex and decimal arithmetic.

132 (octet 3 of your ip addr) is 128 + 4, or 0x84
224 (octet 3 of your netmask) is (hex calc)  0xe0

So, to find what subnet you are on, and your ip addr with ff.ff.e0.00,
so 136.183.132.47 (88.b7.84.2f) bitwise anded with ff.ff.e0.00 equals
88.b7.80.2f, or 136.183.128.0 - which gives your subnet.

Hopefully this is what you want, because its what has been specified
by that netmask ;-)

If you want the subnet to be 136.183.132.0, then the netmask must be
255.255.255.0 (ff.ff.ff.0).

Clear as mud?  As mentioned earlier by someone else in reply to one of
my emails - there are some good documents in the howtos about netmasks
and such.  If all this blather does not help (or confuses!), then I'd
suggest either a search with your favourite search engine, or go find
that message that referenced the howtos and then go look at those
howtos...  They really are good, I've read them ;-)

rc


Rusty Carruth  Email: [EMAIL PROTECTED] or [EMAIL PROTECTED]
Voice: (480) 345-3621  SnailMail: Schlumberger ATE
FAX:   (480) 345-8793 7855 S. River Parkway, Suite 116
Ham: N7IKQ @ 146.82+,pl 162.2 Tempe, AZ 85284-1825
ICBM: 33 20' 44"N   111 53' 47"W

Re[2]: [expert] APC UPS shutdown script? How does it work?

2001-06-07 Thread Rusty Carruth 

David Rankin <[EMAIL PROTECTED]> wrote:
> Rusty Carruth wrote:
> 
> > First, go get nut, and join the NUT mailing list.
> ...
> Need your help finding the url. Sorceforge has the following:
> 
>  EXACT MATCH:
>   nut
>   A program to record and analyze meals
>   according to the USDA Nutrient Database.

Hmm.  Well, lets see.

Ah, here it is:

http://www.exploits.org/

click on 'Network UPS Tools'

> I don't think this is what you were referring to. But it did remind me that it's
> lunchtime. Thanks for your help.

Oh, man, is it lunchtime yet???  I'm ready to go!

(And its only 10:30 here - yikes.  We're headed to Chuckbox (Tempe) for lunch today!)

rc


Rusty Carruth  Email: [EMAIL PROTECTED] or [EMAIL PROTECTED]
Voice: (480) 345-3621  SnailMail: Schlumberger ATE
FAX:   (480) 345-8793 7855 S. River Parkway, Suite 116
Ham: N7IKQ @ 146.82+,pl 162.2 Tempe, AZ 85284-1825
ICBM: 33 20' 44"N   111 53' 47"W

Re: [expert] APC UPS shutdown script? How does it work?

2001-06-07 Thread Rusty Carruth 

David Rankin <[EMAIL PROTECTED]> wrote:
> Sorry if this is a little off topic:
> 
> I had my LM7.2 server go down for the 4th time due to a power
> outage. I had to manually fsck /dev/hda7 to bring the system back up. I
> am convinced that this is not a good way to treat the server and I am
> going to buy an APC UPS to keep it from happening again.


First, go get nut, and join the NUT mailing list.

Second, DO NOT BUY APC!  ESPECIALLY DO NOT BUY a BackUps!  But I'd
say just avoid them.  (Sorry for yelling, but their supposedly
RS232-C 'signaling' scheme is not RS232 compliant, and if your
serial port requires valid RS232 signal levels you wont' be able
to detect low battery (as it only goes to zero VOLTS - some (most?)
pc hardware is really sloppy and will take a zero volt as a valid
level, but that's not according to spec - and some hardware (like,
say, Sun) actually meets spec and will NOT see LB from the UPS
without a fair amount of hassle.  why do I say all this, and
where do I get my knowledge?  I'm trying to get 4 stupid APC
BackUPS' to work with our Sun Ultra5s - and if there was any
way I could SEND THE RETARDED THINGS back and get something
else I would do it in a nanosecond!)

Um, lets see, where was I?  Sorry...

Oh - yeah.  Starting again:

Go buy something besides an APC (or get a SmartUPS). Get and
install NUT (look on freshmeat or sourceforge, and if you cannot
find it there email me and I'll go look up the correct url),
install it, configure it for your UPS and for the shutdown mode
you want, test it by pulling the plug.  And you're done.

> What I need to know is if anyone has any advice on how to configure
> the APC box to send a shutdown signal over the serial port to nicely
> shut the server down. I don't have any experience with UPS's and just
> want to make sure I'll be able to accomplish getting the UPS to talk to
> my server and shut it down before I go spend the money on a UPS.

The APC BackUPS are mostly worthless, in my mind.  Most of the really
cheap ones are, really, as they use the 'simple signalling' method
which means you get the following signals: on battery (or on AC mains),
low battery (if you're lucky); and your control signal is "shut down".

The better way to go is to get a 'smart' ups (again, I stronly advise
against APC, but if you get the APC SmartUPS at LEAST it usually works
with serial ports), which can give you all kinds of cool info, like
loading, battery health (I think), temperature, and stuff like that.

They also (as I said) use rs232 to transmit DATA (ascii, usually,
but not always) about themselves (and usually accept commands that
way also, including shutdown).  Definately worth the price if you
want your machine to be able to shut down well AND keep track of
the health of the UPS.

> All of the APC UPSs come with software to shut windows down, but
> don't say a thing about Linux. How do I get it to work with my server?
> Advise would be great, but if you can just point me to the right docs, I
> don't have a problem reading.

Again, look for UPS (or simply NUT) on freshmeat, they've got lots of good
info.  (Warning - a google search will turn up LOTS of info - some of it will
say you can get a backUPS to give you LB signal - which turns out depends
upon your monitoring computer!).

And, finally, a word about NUT - you can do some really amazing stuff with
NUT, like have more than one ups powering something, have more than one
computer powered by the same ups and shutdown when the shutdown time
(usually low battery) comes around, stuff like that.

(Sorry to flame APC so much, but I've got 4 mostly useless APC UPS's
here that I'm really frustrated with...)

rc


Rusty Carruth  Email: [EMAIL PROTECTED] or [EMAIL PROTECTED]
Voice: (480) 345-3621  SnailMail: Schlumberger ATE
FAX:   (480) 345-8793 7855 S. River Parkway, Suite 116
Ham: N7IKQ @ 146.82+,pl 162.2 Tempe, AZ 85284-1825
ICBM: 33 20' 44"N   111 53' 47"W

Re[2]: [expert] DB2 problem

2001-06-06 Thread Rusty Carruth 

Scott Taylor <[EMAIL PROTECTED]> wrote:
> 
> Guess I could remark out each job until I find the right one.

when you find out, let us all know, I've got the same thing that
I've been ignoring for a while too - and if you don't find it
I've decided its time for me to go figure it out ;-)

Hold on a minute.  we've got search engines!  Here:

http://groups.google.com/groups?hl=en&lr=&safe=off&th=5d504eb7cd4ffa42,10&rnum=8&ic=1&selm=ge0l6.1058%24Bz2.546180%40typhoon.southeast.rr.com

The short version is - there is a cron job using htdig, which is apparently
for help indexing and other stuff.  Apparently you can just turn it off,
if you don't want anything other than help indexing.  check the file
etc/cron.daily/htdig-dbgen to see if you can find ht being run in there

rc


Rusty Carruth  Email: [EMAIL PROTECTED] or [EMAIL PROTECTED]
Voice: (480) 345-3621  SnailMail: Schlumberger ATE
FAX:   (480) 345-8793 7855 S. River Parkway, Suite 116
Ham: N7IKQ @ 146.82+,pl 162.2 Tempe, AZ 85284-1825
ICBM: 33 20' 44"N   111 53' 47"W

Re: [expert] IPTables Question

2001-06-06 Thread Rusty Carruth 

"Cyridian2000" <[EMAIL PROTECTED]> wrote:
> Hi Guys,
> 
> I'm trying to setup IPTables for a basic route from eth1 to ppp0.
> 
> I was wondering if someone could show me an exmaple of their working IPTables script 
>so I could
> implement it on my own box, or point me in the right direction to a "Idiots Guide to 
>IPTables"

Well, its not quite an idiots guide, but here is an intro:

http://mirkk.kurd.nu/~monmotha/firewall/index.php

and here is the actual stuff:

http://mirkk.kurd.nu/~monmotha/firewall/firewall/2.3/

It will get you started pretty well.  

If you understand concepts of firewalling, that should be enough to get
going.

If not, you want to learn the concepts - some other Rusty has a
'Rusty's three rules' (or something like that - I posted about
his thing last month or this month) is good (do a search using
your favorite search engine - in fact, I've found lots of good
stuff out there about firewalling by looking for things like
firewall, firewall setup, firewall howto, and so forth.

> Thanks

Hope this actually helps!

> NB

(eek!  html also! :-)  (You might want to turn that off if you can)

> 
> 


rc

(courtesy bcc sent direct to Cyridian)


Rusty Carruth  Email: [EMAIL PROTECTED] or [EMAIL PROTECTED]
Voice: (480) 345-3621  SnailMail: Schlumberger ATE
FAX:   (480) 345-8793 7855 S. River Parkway, Suite 116
Ham: N7IKQ @ 146.82+,pl 162.2 Tempe, AZ 85284-1825
ICBM: 33 20' 44"N   111 53' 47"W

Re[2]: [expert] 3c509-b & M8

2001-06-05 Thread Rusty Carruth 

Pierre Fortin <[EMAIL PROTECTED]> wrote:
> Rusty Carruth wrote:
> > ...
> 
> Well... I read "created 3 subnets", "Standard...works perfectly", "third one
> connected via the BNC...cant get it work" and there are 3 connectors...  :>

Me too, but *just in case*  (besides, once he/she gets 3 ethernet
cards the next question is going to be "so, now that I have 3 cards,
how do I ..." :-)

> [snip]
> 
> ...moresnip...
> > 100 hosts then thats at least 300 possible failure points!  ..hack slash...
> 
> If you have more than 32 hosts on a 10b2 segment, you are violating the specs...

Well, see what I mean?  ;-)  (I probably knew that number once, but it had long
since disappeared from my parity-prone memory ;-)

>  this is a "party line" bus, so too many "nosy neighbors"...  10b5 is

a.k.a AUI, right?

> better if properly installed; but "vampire taps" were too common and a
> disaster...

Yeah, but those lousy/flimsy/rediculous tabs that were supposed to hold the
really nifty super-stiff AUI cables onto the connector were a joke...
Either they worked too well (you could not get them to release) or barely
at all, with most of them tending toward the barely work side.

> > I used 10base2 for a little while ... hack slash...
> 
> Termination errors, flaky BNC pins, and kinked/broken braid are the common
> causes.

Or mice eating the wires (well, ok, not too common except at a friend's
installation), or too long a wire...

Anyway, in an attempt to get this back to some semblance of On-Topic :-)

I just noticed that the subject said 3c509-b.  I think I've used one with
linux before - may even have one now.  And I'm sorry, I don't remember how
to tell it which media to use.

So, I did a search.  Here's a few hits:

http://www.tux.org/hypermail/linux-3c509-bug/2001-Feb/.html - he cannot get 
anything but AUI

This one holds the key:

http://lists.gnac.net/firewalls/mhonarc/firewalls.199602/msg00520.html

Summary: Boot to dos, run the 3c5x9cfg.exe program, set plug/pray off,
set interrupt, io addr, etc, and then choose interface explicitly.
save, exit, reboot.

The above is my understanding of the steps, YMMV.

rc


Rusty Carruth  Email: [EMAIL PROTECTED] or [EMAIL PROTECTED]
Voice: (480) 345-3621  SnailMail: Schlumberger ATE
FAX:   (480) 345-8793 7855 S. River Parkway, Suite 116
Ham: N7IKQ @ 146.82+,pl 162.2 Tempe, AZ 85284-1825
ICBM: 33 20' 44"N   111 53' 47"W

Re[2]: [expert] 3c509-b & M8

2001-06-05 Thread Rusty Carruth 

Pierre Fortin <[EMAIL PROTECTED]> wrote:
> "GROUWELS, Daniel" wrote:
> > 
> > How can I tell linux which port to use on my old cards??
> > Standard ois the ethernet port.
> > 
> > It works perfectly.
> > 
> > The problem is that I created 3 subnets.
> > 
> > And the third one connected via the BNC.
> > 
> > But I cant get it work.
> > 
> > Daniel
> 
> If you are trying to use 2 or 3 of the RJ45/AUI/BNC connectors, that won't
> work.  You need to select one. 

on the other hand, if this is what he's trying to do (i.e. select which one
he wants) then the answer is - it depends upon the card.

One card I had chose whatever interface was 'active' when the card was powered
up.

one card I had had a config option in the eeprom (or whatever - NVram, etc)

One card I had had jumpers on the board.

Yet ANOTHER card I had required an option on the driver invocation!

So as you can see, it depends heavily upon the card!

Oh - and if you can avoid BNC-based (10base2 as I recall) networking you'll
be much happier!  With 10baseT if one segment fails you don't lose your
entire network.  With 10base2 if one segment fails everything is down,
and you have to check every single connection along the wire.  IF you
only have 2 hosts hooked together its not a big deal.  But if you have
100 hosts then thats at least 300 possible failure points!  (200 if you
don't count the connection into the pc, but that's a bad assumption - because
if the PC is hosed it can cream your entire network also!)

I used 10base2 for a little while to hook my firewall into my hub at
home - and it would die randomly (approximatly once a month on average,
but sometimes once per week!) requiring a 'reboot' of the hub.  I found
a cheap 10baseT ethernet card and got rid of the BNC!  And I've had no
problems any more.

rc


Rusty Carruth  Email: [EMAIL PROTECTED] or [EMAIL PROTECTED]
Voice: (480) 345-3621  SnailMail: Schlumberger ATE
FAX:   (480) 345-8793 7855 S. River Parkway, Suite 116
Ham: N7IKQ @ 146.82+,pl 162.2 Tempe, AZ 85284-1825
ICBM: 33 20' 44"N   111 53' 47"W

Re: [expert] sendmail and smarthost problems

2001-06-05 Thread Rusty Carruth 

Andreas Müller <[EMAIL PROTECTED]> wrote:
> Hallo,
> 
> I have a dialup account and I'm using sendmail for delivery and header 
> rewriting. ... BUT when procmail 
> forwards a message the From: header isn't processed by sendmail anymore. ...
>  Why won't sendmail masquarade the headers as 
> it should, when the mail is forwarded by procmail? PLZ help!

My guess is that procmail is not using sendmail to send the mail,
but rather going direct.

Just a random shot in the dark, but it definately would explain why
sendmail is not processing the outbound headers right (its not seeing
them!) ;-)

rc


Rusty Carruth  Email: [EMAIL PROTECTED] or [EMAIL PROTECTED]
Voice: (480) 345-3621  SnailMail: Schlumberger ATE
FAX:   (480) 345-8793 7855 S. River Parkway, Suite 116
Ham: N7IKQ @ 146.82+,pl 162.2 Tempe, AZ 85284-1825
ICBM: 33 20' 44"N   111 53' 47"W

Re: [expert] allow non-root user to shutdown linux

2001-06-04 Thread Rusty Carruth 

Darcy Brodie <[EMAIL PROTECTED]> wrote:
> Hello
> I know that it isn't a good idea to give normal users root access,
> but I need to set up a couple of Mandrake boxes (they will only be in
> text mode, as these will be remote terminals to a Unix network) so that
> a normal user can shut down without having to login as root.  The
> process needs to be as simple as possible, to prevent the user from
> messing it up

My favorite trick for that is to make a user 'shutdown' (or something
else, if you want it to be a little harder for non-permitted folks to
guess it ;-)  (cute - spell it backwards: nwodtuhs - oh, never mind ;-)

Anyway - give it some password so only those who are supposed to do shutdowns
can get to it, and make its shell be /etc/halt or some such.

Or - use sudo.  That's possibly the best of all possible answers...
(never used it myself though, I've always just had anyone who
needed to reboot (very small number of folks!) do control/alt/del ;-)

rc


Rusty Carruth  Email: [EMAIL PROTECTED] or [EMAIL PROTECTED]
Voice: (480) 345-3621  SnailMail: Schlumberger ATE
FAX:   (480) 345-8793 7855 S. River Parkway, Suite 116
Ham: N7IKQ @ 146.82+,pl 162.2 Tempe, AZ 85284-1825
ICBM: 33 20' 44"N   111 53' 47"W

Re[2]: [expert] LILO name

2001-06-04 Thread Rusty Carruth 

Jerry Sternesky <[EMAIL PROTECTED]> wrote:
> I think it is as simple as Linux Loader if I recall, it's has been awhile 
> since I thought about it.  So a guess would be SI is Solaris Loader and MI 
> could be for minix.

Don't know what the 'I' in SILO is for, but:

LILO - LInux LOader
SILO - Sparc lInux LOader (I'm guessing)

I recall reading something about some trademark problems
with 'sparc' or something - perhaps a trip to the sparc linux pages
would help there...

Or that's what I've been understanding since about the 0.xx days (what, 10 years
ago! yikes, I'm an old man! ;-)
> 
> On Saturday 02 June 2001 19:35, Vincent Danen wrote:
> 
> > > Does anyone know what LILO stands for?  I thought it meant "Linux In
> > Linux Out", but if that's the case, what does SILO or MILO stand for?

(if any of the above words are trademarks, well then they are!)

rc


Rusty Carruth  Email: [EMAIL PROTECTED] or [EMAIL PROTECTED]
Voice: (480) 345-3621  SnailMail: Schlumberger ATE
FAX:   (480) 345-8793 7855 S. River Parkway, Suite 116
Ham: N7IKQ @ 146.82+,pl 162.2 Tempe, AZ 85284-1825
ICBM: 33 20' 44"N   111 53' 47"W

  1   2   3   >