Re: [gentoo-user] SpamAssassin not as good as before :(
- Original Message - From: Brian Downey [EMAIL PROTECTED] To: [EMAIL PROTECTED] Sent: Wednesday, January 28, 2004 11:56 AM Subject: Re: [gentoo-user] SpamAssassin not as good as before :( Now four or five are slipping through a day. The only thing I can suggest (and what I have been doing) is to feed the misses back through SA's bayesian engine. It's a little time consuming but it helps SA learn what the spammers are up to. I'm running courier-imap on my box and have spamassassin move any spam into a spam folder (so I can make sure to check for false-positives). I have a cron job set to run sa-learn every night that trains ham from my legit mail folders and spam from the spam folder. This way, all I have to do if I get a false-negative is just move it to the spam folder and sa-learn will catch it that night. Using this technique, I've been able to keep my false-negative rate very low (I get about 5000 spam a month and only see about 10 spam in my inbox in a month, usually when I get more than 1 copy of a particular spam on the same day). I usually keep about 5000 messages in my spam folder and clear out the oldest. That way it's always fresh spam that's being considered. I could probably get away with fewer messages. I will note that I'm also running some optional modules like razor, pyzor, and dcc. Andrew frugal Dacey [EMAIL PROTECTED] http://www.tildefrugal.net/ -- [EMAIL PROTECTED] mailing list
Re: [gentoo-user] SpamAssassin not as good as before :(
- Original Message - From: Andrew Dacey [EMAIL PROTECTED] To: [EMAIL PROTECTED] Sent: Wednesday, January 28, 2004 12:54 PM Subject: Re: [gentoo-user] SpamAssassin not as good as before :( I'm running courier-imap on my box and have spamassassin move any spam into a spam folder (so I can make sure to check for false-positives). Should clarify that, I mean that I have procmail setup to move messages SA flags as spam into a spam folder. Andrew frugal Dacey [EMAIL PROTECTED] http://www.tildefrugal.net/ -- [EMAIL PROTECTED] mailing list
Re: [gentoo-user] Limiting search for hard drives
I wonder if you could disable the un-used controllers in the BIOS for the motherboard or the card? Or possibly with jumpers if it's a card. Not sure if that would work or not. Andrew frugal Dacey [EMAIL PROTECTED] http://www.tildefrugal.net/ - Original Message - From: Mark Knecht [EMAIL PROTECTED] To: Gentoo-User [EMAIL PROTECTED] Sent: Sunday, November 09, 2003 12:57 PM Subject: Re: [gentoo-user] Limiting search for hard drives Humm...I still get a long delay as the boot comes back saying: hde: ST380023AS, ATA DISK drive blk: queue c0385a68, I/O limit 4095Mb (mask 0x) A long delay of about 30-45 seconds here, then: hdg: no response (status = 0xfe) and then it goes on to boot. I tried it both on the line with the kernel command, and on the next line by itself. No difference. hde (and hdf, g h if they existed) is on a Silicon Image SATA controller. This is not a big deal. Just trying to make this machine boot very cleanly and quickly. -- [EMAIL PROTECTED] mailing list
Re: [gentoo-user] iptables help
- Original Message - From: gabriel [EMAIL PROTECTED] To: [EMAIL PROTECTED] Sent: Monday, September 01, 2003 2:57 PM Subject: Re: [gentoo-user] iptables help NO! that will pretty much negate the use of a firewall alltogether! where are you droping/rejecting packets? basically your script says this: accept everything incoming accept everything outgoing accept everything forwarding forward all traffic from ppp0 to eth0 nat your internal lan to eth0 accept all established or related packets accept all incoming packets from the internal lan accept all incoming connections from any ip, on any interface on ports 22, 25, and 80. drop everything else that's incoming. No, changing the policy changes the DEFAULT behaviour for that chain. It's not part of the normal rule order for the chain. Do iptables -L INPUT, you'll see that the policy is listed at the top, not in the normal sequence of rules. Any chain can only have 1 policy so once you change it, it over-rides the earlier setting. -- [EMAIL PROTECTED] mailing list
Re: [gentoo-user] iptables help
- Original Message - From: gabriel [EMAIL PROTECTED] To: [EMAIL PROTECTED] Sent: Monday, September 01, 2003 2:57 PM Subject: Re: [gentoo-user] iptables help NO! that will pretty much negate the use of a firewall alltogether! where are you droping/rejecting packets? basically your script says this: accept everything incoming accept everything outgoing accept everything forwarding forward all traffic from ppp0 to eth0 nat your internal lan to eth0 accept all established or related packets accept all incoming packets from the internal lan accept all incoming connections from any ip, on any interface on ports 22, 25, and 80. drop everything else that's incoming. No, changing the policy changes the DEFAULT behaviour for that chain. It's not part of the normal rule order for the chain. Do iptables -L INPUT, you'll see that the policy is listed at the top, not in the normal sequence of rules. Any chain can only have 1 policy so once you change it, it over-rides the earlier setting. -- [EMAIL PROTECTED] mailing list
Re: [gentoo-user] iptables help
- Original Message - From: Andrew Gaffney [EMAIL PROTECTED] To: Gentoo User [EMAIL PROTECTED] Sent: Friday, August 29, 2003 12:47 PM Subject: [gentoo-user] iptables help I'm trying to create a firewall using iptables. I want it to drop incoming packets except to ports 22, 25, and 80 unless the source address is 192.168.254.x. I'm asking before I do this because I'm accessing the computer remotely right now and I don't want to cut myself off from it. I'm thinking something like: iptables -A INPUT -s 192.168.254.0/24 -p all -j ACCEPT iptables -A INPUT -p tcp --dport 22 -j ACCEPT iptables -A INPUT -p tcp --dport 25 -j ACCEPT iptables -A INPUT -p tcp --dport 80 -j ACCEPT iptables -A INPUT -p all -j DROP -or- iptables -P INPUT DROP iptables -A INPUT -s 192.168.254.0/24 -p all -j ACCEPT iptables -A INPUT -p tcp --dport 22 -j ACCEPT iptables -A INPUT -p tcp --dport 25 -j ACCEPT iptables -A INPUT -p tcp --dport 80 -j ACCEPT Would either of these get me the desired results? I'd be tempted to add a line of iptables -A INPUT -m state --state ESTABLISHED,RELATED -j ACCEPT That way any traffic you initiate from that box will be able to get back in. As someone else mentioned, I'd use the option of setting the INPUT policy to DROP but make sure to set that AFTER you've setup the other rules. Andrew frugal Dacey [EMAIL PROTECTED] http://www.tildefrugal.net/ -- [EMAIL PROTECTED] mailing list
Re: [gentoo-user] PHP problems
- Original Message - From: Matt Broughton [EMAIL PROTECTED] To: [EMAIL PROTECTED] Sent: Thursday, July 17, 2003 12:24 AM Subject: Re: [gentoo-user] PHP problems hrm...theres just one instance of each in /etc/config.d/apache Yes, but there can be more than one entry in /etc/apache/conf/apache.conf that has something like: IfDefine PHP4 and each of those entries is going to try to load the the mod_php module. My guess would be that you had done the ebuild step multiple times because that's what adds those entries in. Remove the extra entries and that should get rid of the complaints about the module already being loaded. Andrew frugal Dacey [EMAIL PROTECTED] http://www.tildefrugal.net/ -- [EMAIL PROTECTED] mailing list
Re: [gentoo-user] PHP problems
On 7/17/03 12:10 AM, Matt Broughton [EMAIL PROTECTED] wrote: ok heres what happens... I uncomment the APACHE_OPTS=-D SSL -D PHP4 line and /etc/init.d/apache restart this pops up: [warn] module php4_module is already loaded, skipping. [warn] module ssl_module is already loaded, skipping. [warn] module php4_module is already loaded skipping. [warn] module mod_php4.c is already added, skpping [warn] mod_ssl.c is already added, skipping [warn] mod_php4.c is already added, skipping [warn] _default_ VirtualHost overlap on port 443, the first has precedence and the server evidently doesnt start correctly (nothing will display) if i comment that line back the server starts fine but the php document displays the php code unparsed (of course) I cant figure out why when i uncomment that line its throwing all those warnings and refusing to start. It looks as if the apache.conf (or apache2.conf) is set to load the php and ssl modules multiple times. Edit the file and see if there's multiple entries for each of those modules and remove the duplicates. The other problem sounds like your virtual host configuration is messed up. This is probably from mod_ssl as it's config file adds in some virtual host configuration for ssl and may be conflicting with your other virtual hosts. -- Andrew Frugal Dacey [EMAIL PROTECTED] http://www.tildefrugal.net/ -- [EMAIL PROTECTED] mailing list
[gentoo-user] Can't emerge mod_php-4.3.2-r3
First off, I'll apologise if this has already been covered. For some reason, mod_php-4.3.2-r3 fails to build. I don't use java so that's not the problem. The error I get is: configure: error: can not run test program while cross compiling !!! ERROR: dev-php/mod_php-4.3.2-r3 failed. !!! Function econf, Line 304, Exitcode 1 !!! econf failed Any ideas on what would fix this? Andrew frugal Dacey [EMAIL PROTECTED] http://www.tildefrugal.net/ -- [EMAIL PROTECTED] mailing list
Re: [gentoo-user] Can't emerge mod_php-4.3.2-r3
- Original Message - From: Luis Morales [EMAIL PROTECTED] To: [EMAIL PROTECTED] Sent: Tuesday, July 15, 2003 4:14 PM Subject: Re: [gentoo-user] Can't emerge mod_php-4.3.2-r3 Thanx Andrew, the problem was libwww, i remerge this package Take a look on this link: http://forums.gentoo.org/viewtopic.php?t=66626highlight=run+test+program+programme+while+cross+compiling Wierd, I could've sworn that I had run revdep-update and it broke there as well on mod_php but now it's going through fine. Maybe it was trying to update mod_php before libwww. It's still compiling now but it used to break right in the configure stage so I suspect that's fixed it. Andrew frugal Dacey [EMAIL PROTECTED] http://www.tildefrugal.net/ -- [EMAIL PROTECTED] mailing list
Re: [gentoo-user] Can't emerge mod_php-4.3.2-r3
- Original Message - From: Andrew Dacey [EMAIL PROTECTED] To: [EMAIL PROTECTED]; [EMAIL PROTECTED] Sent: Tuesday, July 15, 2003 5:55 PM Subject: Re: [gentoo-user] Can't emerge mod_php-4.3.2-r3 Wierd, I could've sworn that I had run revdep-update and it broke there as well on mod_php but now it's going through fine. Maybe it was trying to update mod_php before libwww. It's still compiling now but it used to break right in the configure stage so I suspect that's fixed it. Well I don't normally reply to my own messages. I just realised that one of the things that had changed today was I did emerge sync and then emerge -up --deep world again. I tried mod_php but it failed again. One of the other updates was gentoolkit which I updated individually which is probably what fixed the order for revdep-update running it's updates because last night one of the first things it tried to update was mod_php (and that was before libwww). Andrew frugal Dacey [EMAIL PROTECTED] http://www.tildefrugal.net/ -- [EMAIL PROTECTED] mailing list
Re: [gentoo-user] system time
In addition to ntp, a smaller, comparable program is rdate. It doesn't do fallback servers by itself, but can be made to with some simple scripting. Personally, I've been using the DHCP server for my ISP as my ntp server. If I can't reach that server then I've got way bigger problems :-). Seriously though, it is a good thing to try. If you are using DHCP then you may be able to use it as your time server. It's going to be a server that's pretty close on your network so it should respond quickly, and like I said, if you can't reach that then syncing the time is the least of your worries. Andrew frugal Dacey [EMAIL PROTECTED] http://www.tildefrugal.net/ -- [EMAIL PROTECTED] mailing list
Re: [gentoo-user] Portage quibbles
On 3/20/03 12:11 PM, Dhruba Bandopadhyay [EMAIL PROTECTED] wrote: (2) Certain packages are installed but not added to world file. E.g. If I install evolution and that installs mozilla as a dependency then mozilla is not put in world file. That's the way it's supposed to work. Only packages that you explicitly emerge end up in the world file. Anything that is installed as a dependency is not put into the world file. AFAIK, the reasoning for this is so that when you remove a package, it can remove any dependencies that aren't being used by other packages. If you intend to use Mozilla on it's own (rather than just having it installed to satisfy a dependency) then you should explicitly emerge it on the system (ie, 'emerge mozilla evolution'). -- Andrew Frugal Dacey [EMAIL PROTECTED] http://www.tildefrugal.net/ -- [EMAIL PROTECTED] mailing list
Re: [gentoo-user] configuration tool like linuxconf
- Original Message - From: [EMAIL PROTECTED] To: [EMAIL PROTECTED] Sent: Monday, March 10, 2003 8:20 AM Subject: Re: [gentoo-user] configuration tool like linuxconf why reboot? # ifconfig eth0 down (change ip(settings)) # ifconfig eth0 up i know i can do this but i want to change also dns and gateway with one operation only. Any suggestion? Probably the easiest way would be to do something like setting up 2 (or however many you need)seperate configuration files for the different setups (ie, multiple copies of /etc/conf.d/net.eth0). Then just write a script that stops your networking, moves the proper config file to /etc/conf.d/net.eth0 and then starts the networking again (this should also result in any services that depend on networking being restarted which is probably a very good thing). -- [EMAIL PROTECTED] mailing list
Re: [gentoo-user] Any way to put the startup scripts in debug mode?
I thought the stuff in /mnt/.init.d was tmpfs which means it's stored in memory. In that case, as soon as you reboot it will be wiped. I think the problem is that the pid is stored in /var/run/ and if there's already an existing file there, it's assumed the process is running. What might be nice is if it would check if the creation time (or maybe modified time depending on how it sets up the pid file) was older than the time of reboot, check to see if the service is running on that pid and if not, run a zap and then start. Andrew Dacey [EMAIL PROTECTED] Technical Support Eastlink, HSI 453-2800 or 1-888-345- - Original Message - From: Balaji Srinivasan [EMAIL PROTECTED] To: 'Todd Punderson' [EMAIL PROTECTED]; [EMAIL PROTECTED] Sent: Monday, March 03, 2003 6:12 PM Subject: RE: [gentoo-user] Any way to put the startup scripts in debug mode? This doesnt help because now I have to find out if the process crashed before doing zap. I can understand why gentoo keeps the provides etc info in the /mnt/.init.d files. But why keep started etc in there. Even if it keeps it it should do a pid check before just complaining that it is already started. Balaji -Original Message- From: Todd Punderson [mailto:[EMAIL PROTECTED] Sent: Monday, March 03, 2003 1:55 PM To: [EMAIL PROTECTED] Subject: Re: [gentoo-user] Any way to put the startup scripts in debug mode? Check out /etc/init.d/service zap Todd - Original Message - From: Balaji Srinivasan [EMAIL PROTECTED] To: 'brett holcomb' [EMAIL PROTECTED]; [EMAIL PROTECTED] Sent: Monday, March 03, 2003 3:38 PM Subject: RE: [gentoo-user] Any way to put the startup scripts in debug mode? The problem as i see with this approach is that if someone kills a process by hand (or it crashes), the start up scripts dont recognize it. This is because as far as /mnt/.init.d is concerned it is still started. Balaji -Original Message- From: brett holcomb [mailto:[EMAIL PROTECTED] Sent: Monday, March 03, 2003 12:37 PM To: [EMAIL PROTECTED] Subject: Re: [gentoo-user] Any way to put the startup scripts in debug mode? If I remember correctly /mnt/.init.d is created during startup as it's a memory resident file. On Mon, 3 Mar 2003 12:26:40 -0800 Balaji Srinivasan [EMAIL PROTECTED] wrote: Hi Everyone Is there any easy way to have /sbin/runscript and the start-stop-daemon print out some reasonable debug logs when it fails? Its really irritating to see those two !! marks to say the startup failed but have no idea why it failed. I had to do an strace to find out that it looks at /mnt/.init.d/ for a lot of info etc. Why cant it depend on runtime information rather than depend on info from the file system which could be out of date. Thanks Balaji -- [EMAIL PROTECTED] mailing list -- [EMAIL PROTECTED] mailing list -- [EMAIL PROTECTED] mailing list -- [EMAIL PROTECTED] mailing list -- [EMAIL PROTECTED] mailing list -- [EMAIL PROTECTED] mailing list
Re: [gentoo-user] qmail + root account
I believe it's a security feature of qmail where it won't deliver mail to root. You have to setup an alias for root to have it be delivered to another user. Go to /var/qmail/alias and edit .qmail-root (or create it if it doesn't exist) to contain username where username is the username of the user you want root mail to go to. Not sure if root works or not. Andrew Dacey [EMAIL PROTECTED] Technical Support Eastlink, HSI 453-2800 or 1-888-345- - Original Message - From: rubenmolina [EMAIL PROTECTED] To: [EMAIL PROTECTED] Sent: Friday, February 28, 2003 7:46 PM Subject: [gentoo-user] qmail + root account hi i install qmail and it works for all the users excepts for root. if i send a e-mail from anywhere.com to [EMAIL PROTECTED] it bounces and i get an error saying [EMAIL PROTECTED] does not exist!!! why root is transformed in mymachine.mydomain ??? i can send mail from the root account but not to receive. rubenmolina -- [EMAIL PROTECTED] mailing list
Re: [gentoo-user] Gentoo init system : was [Re: [gentoo-user] serviceparameter passing?]
- Original Message - From: Phil Barnett [EMAIL PROTECTED] To: [EMAIL PROTECTED] Sent: Wednesday, February 19, 2003 1:31 AM Subject: Re: [gentoo-user] Gentoo init system : was [Re: [gentoo-user] service parameter passing?] Anything that makes it easier to transition from the other Linux flavors where the init files are laid out very differently would make those testing the waters feel much more welcome. If that's not anyone's goal here, then I'm tilting at windmills. I'm not sure what you mean here. Yes, there are some differences with the layout of the runlevel directories but Gentoo uses the same basic structure as RH and Mandrake do. The init scripts are stored in the same place (/etc/init.d) and operate in the same way from the command-line (/etc/init.d servicename start|stop|restart). Yes there are differences, the scripts are written in a different (and IMO, better) syntax which allows for service dependencies (instead of the system that RH and Mandrake use of Sxx and Kxx to indicate if a service should be started or killed and the order). The other difference is in the structure of the runlevel directories but that's not really a big deal because this was always just a place where symlinks to the scripts in /etc/init.d were stored. Now if you're coming from a BSD style init structure, then you will find the init structure to be extremely different but I thought that RH and Mandrake both used System V style by default (certainly that's always been the way I've had boxes with either distro setup and I don't remember ever explicitly setting it to System V style). I don't see what the big deal of the service script is other than just as a shortcut from typing /etc/init.d/. However, that's not a standard part of System V style init, that's something that RH added. A number of list members have already posted sample scripts (some more complicated than others) that would work and you've also shown that service from RH is just a shell script as well (which would probably work fine on a gentoo box with little or no modification). --- Andrew frugal Dacey [EMAIL PROTECTED] http://www.tildefrugal.net/ -- [EMAIL PROTECTED] mailing list
Re: [gentoo-user] Gentoo init system : was [Re: [gentoo-user] serviceparameter passing?]
- Original Message - From: Phil Barnett [EMAIL PROTECTED] To: [EMAIL PROTECTED] Sent: Wednesday, February 19, 2003 10:25 AM Subject: Re: [gentoo-user] Gentoo init system : was [Re: [gentoo-user] service parameter passing?] I'm not sure what you mean here. Yes, there are some differences with the layout of the runlevel directories but Gentoo uses the same basic structure as RH and Mandrake do. Well, I guess that's where you and I differ. I don't think they work at all the same. I see Gentoo's run levels as more like BSD than RH. Really, the service script is only about one thing. Abstraction. If I have a room full of several differing servers and I'm and admin, the last thing I want to have to remember in the heat of the moment is how to do something on _this_ machine. /etc/init.d servicename start|stop|restart will work for Gentoo, RH, Mandrake, etc (I just double checked on one of the Solaris boxes at work and it's the same syntax there too). The problem is that instead of using the standard way of doing it, you've gotten used to using a non-standard addition that RH made. Gentoo is behaving exactly the same way as any other System V style init works. This is where it becomes incredibly important to know what the standard way of doing something is and when/how your distro offers a different way of doing things. Yes, Gentoo does use a very different structure for the runlevels than a standard System V style. However, since the runlevel directories just contain symlinks to the scripts in /etc/init.d, it's not a big issue. Abstraction is good but you still need to know how the underlying system works to be a good admin. Stopping and starting services is one of the admins primary job. All the service script does is abstract the stopping and starting of servers so you no longer need to know which directory to look in to find the scripts. Perhaps you have never dealt with a room full of a hundred different servers, but anything we can do to help that guy out will be appreciated. Yes I have, but usually this is where having a common platform because extremely important. Again though, using the service script actually gets you into a bad habbit, using /etc/init.d will actually get you into better habbits that will work across a much wider range of systems. But if you are administrating a wide variety of platforms then yes, having a suite of standard scripts on each system can become extremely handy, but this is more of the job of that admin to set up these types of things to suit their own needs. Other than abstraction of where the service files lie, the service script is of no use whatsoever. And I still don't think it even has much use there, unless you're dealing with multiple platforms which don't already have a consistent method for handling services (such as a mix of BSD and System V style boxes). In that type of situation, writing an abstraction script is useful. However, in that case you're going to need to write custom scripts for the different platforms but which take the same arguments from the command-line. Having an included script with the distro is not all that useful because you're needs are going to be too individualized. Andrew frugal Dacey [EMAIL PROTECTED] http://www.tildefrugal.net/ -- [EMAIL PROTECTED] mailing list
Re: [gentoo-user] Swap on a seperate physical drive
- Original Message - From: Eric Miller [EMAIL PROTECTED] To: [EMAIL PROTECTED] Sent: Wednesday, February 05, 2003 12:56 PM Subject: [gentoo-user] Swap on a seperate physical drive I have two HDD in my system, /dev/hda and /dev/hdb. When I try to mkswap or fdisk on /dev/hdb (during the install using the gentoo install CD) I get: unable to start /dev/hdb now, this drive is my primary slave, and works fine in Windows XP, and RH. What's the deal here? I might be having a total brain fart here (entirely possible, work tends to do that to me) but doesn't the lettering scheme go: a, Master primary controller b, Master secondary controller c, Slave primary controller d, Slave secondary controller If I'm remembering this correctly (been ages since I've done an IDE system with more than one drive) but if I'm right, then you should try fdisk /dev/hdc Andrew frugal Dacey [EMAIL PROTECTED] http://www.tildefrugal.net/ -- [EMAIL PROTECTED] mailing list
