Re: Is there a decent file attribute (date) conserving way to download your photos from Google?

[Mark Komarinski]

There should be EXIF metadata in each photo which should include the date taken.Should.-MarkOn Jun 21, 2022 1:27 PM, Bruce Labitt  wrote:Recently got a message (well really quite a few) warning me that my 
"free storage" on google is running out.  This, of course, is yet a new 
way for Google to monetize all the free stuff that they had been 
providing for a while.  I do have strong opinions on re-negging on 
promises, but lets not go there.
Google apparently provides a way to extract your data, more or less.  
You can export your data using "Google Takeout".  So I wanted to takeout 
my photos, since it seemed they were the dominant storage hog.  I 
exported my photos, and got 8 2GB zip files.  Google touched the files 
and they all have today's date. This stinks because I usually sort on 
date.  For some of the photos, the date is embedded in the file name.  
For the earlier ones, the camera manufacturer didn't do that.  (Takeout 
only exports the data, it does not delete it.)  In the export, it seems 
there are json files for every jpg downloaded.  Seems like a lot of 
clutter, what use are these json files?  Apparently they had some value 
to Google, because they made them.
Is there some way to extract the photos from google with the dates intact?
If not, can the files be parsed for their date taken and the attribute 
date reset to the taken date?  Say one were to do this in python, it 
seems one could do this with PIL, and os.walk through the directories.  
Not quite as sure about resetting the date attribute, but pretty sure it 
can be done.  Seems like it could be an interesting exercise.  (Suppose 
one could also extract the GPS info if available and further categorize 
the photos.)
Are there any pitfalls to the the paragraph above?  Can any of you 
suggest a better way to do this?
___
gnhlug-discuss mailing list
gnhlug-discuss@mail.gnhlug.org
http://mail.gnhlug.org/mailman/listinfo/gnhlug-discuss/

___
gnhlug-discuss mailing list
gnhlug-discuss@mail.gnhlug.org
http://mail.gnhlug.org/mailman/listinfo/gnhlug-discuss/

Re: ZFS vs btfrs

[Mark Komarinski]

I'm nowhere near as familiar with FreeBSD as I am with Debian so there's 
a bit more comfort to at least debug or know where to look when things 
go wrong.  That being said, if all you're looking for is a box to host 
SMB/NFS/iSCSI then either will work fine.

Now on to concrete things that I see SCALE doing better:

I can easily get a letsencrypt SSL cert set up

bhyve is hot garbage.  guests will randomly die, lose network 
connection, can see the rest of the network but not resources on the 
host system, and if you use UEFI and Linux you're in for a world of pain 
if you ever upgrade (upgrade what? yes).  SCALE uses qemu and so far 
seems much more stable *knocks on head*

ditched jails for docker containers, much improved 'app store'

I haven't used it yet, but apparently you can use glusterfs to share 
storage across SCALE instances

To be fair, these are things that you wouldn't normally use a 
professional-grade file server for. It would serve files and that's it.  
My use case is my basement where I have a few TB of movie and audio 
files, a need for a few VMs to round out other services, want to run a 
few containers for small tasks, make sure my mom's computer 300 miles 
away backs up nightly, and don't want to have 15 boxes in my basement to 
do it all.

-Mark

On 2/23/22 15:11, Jason T. Nelson wrote:
> In a previous email, Mark Komarinski (mkomarin...@wayga.org) said:
>> For everyone else, TrueNAS SCALE was released yesterday. Debian+ZFS
>> makes this a lot more useful than when it was FreeBSD based.
> I know this is a LUG list, but out of (perhaps morbid) curiosity, why "a lot 
> more useful"?
>
___
gnhlug-discuss mailing list
gnhlug-discuss@mail.gnhlug.org
http://mail.gnhlug.org/mailman/listinfo/gnhlug-discuss/

Re: ZFS vs btfrs

[Mark Komarinski]

With LVM (and it looks like btrfs) you can pool mirrored drives together 
into what is effectively a RAID10 and you can remove individual mirrors 
to shrink or grow the pool.  ZFS does not allow you to do that. Once you 
expand a pool there's no going back.  You can replace individual drives 
in a mirror with like or larger, but you can't go smaller and the only 
way for that pool to be bigger is to replace all the drives one at a time.

This is less of an issue now that I just build out a RAIDZ2 with 5 6xTB 
drives and make that the entire pool.  Given your use case, I'd say go 
with btrfs.

For everyone else, TrueNAS SCALE was released yesterday. Debian+ZFS 
makes this a lot more useful than when it was FreeBSD based.

-Mark

On 2/23/2022 11:25 AM, Ben Scott wrote:
> Hi all,
>
> We haven't had a really good flamewar ^W discussion on here in far too long...
>
> SUMMARY
>
> Btfrs vs ZFS. I was wondering if others would like to share their
> opinions on either or both?  Or something else entirely?  (Maybe you
> just don't feel alive if you're not compiling your kernel from
> patches?)  Especially cool would be recent comparisons of two or more.
>
> I'll provide an info dump of my plans below, but I do so mainly as
> discussion-fodder.  Don't feel obligated to address my scenario in
> particular.  Of course, commentary on anything in particular that
> seems like a good/bad/cool idea is still welcome.
>
> RECEIVED WISDOM
>
> This is the stuff every article says.  I rarely find anything that goes 
> deeper.
>
> - ZFS has been around/stable/whatever longer
> - btfrs has been on Linux longer
> - btfrs is GPL, ZFS is CDDL or whatever
> - Licensing kept ZFS off Linux for a while
> - ZFS is available on major Linux distros now
> - People say one is faster, but disagree on which one
> - Oracle is a bag of dicks
> - ZFS is easier to pronounce
>
> For both, by coupling the filesystem layer and the block layer, we get
> a lot of advantages, especially for things like snapshots and
> deduplication.  The newcomers also get you things like checksums for
> every block, fault-tolerance over heterogenous physical devices, more
> encryption and compression options.  Faster, bigger, longer, lower,
> wider, etc., etc.  More superlatives than any other filesystem.
>
> MY SCENARIO
>
> I'm going to be building a new home server soon.  Historically I've
> used Linux RAID and LVM and EXT2/3/4/5/102, but all the cool kids are
> using smarter filesystems these days.  I should really get with the
> times.  They do seem to confer a lot of advantages, at least on paper.
>
> USE CASES
>
> User community is me and my girlfriend and a motley collection of
> computing devices from multiple millenia.  Administrator community is
> me.
>
> Mostly plain old network file storage.  Mixed use within that.  I'm a
> data hoarder.
>
> All sorts of stuff I've downloaded over the years, some not even from
> the Internet (ZMODEM baby!).  So large numbers of large write-once
> files.  "Large" has changed over the years, from something that fills
> a floppy diskette to something that fills a DVD, but they don't change
> once written.  ISO images, tarballs, music and photo collections
> (FLAC, MP3, JPEG).
>
> Also large numbers of small write-once files.  I've got 20 GB of mail
> archives in maildir format, one file per message, less than 4K per
> file for the old stuff (modern HTML mail is rather bloated).  These
> generally don't change once written either, but there are lots of
> them.  Some single directories have over 200 K files.
>
> Backups of my user systems.  Currently accomplished via rsnapshot and
> rsync (or ROBOCOPY for 'doze).  So small to medium-small files, but
> changing and updating and hardlinking and moving a lot.  With a
> smarter filesystem I can likely dispense with rsnapshot, but I doubt
> I'm going to move away from plain-old-files-as-backup-storage any time
> soon.  (rsync might conceivably be replaced with a smarter network
> filesystem someday, but likely not soon.)
>
> ANTI USE CASES
>
> Not a lot of mass-market videos -- the boob tube is one area where I
> let others do it for me.  (Roku, Netflix, Blu-ray, etc.)
>
> No plans to network mount home directories for my daily-driver PCs.
> For laptops especially that's problematic (and sorting apps
> (particularly browsers) that can copy with a distributed filesystem
> seems unlikely to pay off).
>
> Not planning on any serious hosting of VMs or containers or complex
> application software on this box.  I can't rule it out entirely for
> (especially as an experiment), but this is mainly intended to be a
> NAS-type server.  It will run NFS, Samba, SSH, rsync.  It might run
> some mail daemons (SMTP, IMAP) just to make accessing archives easier,
> but it won't be the public-facing MX for anything.
>
> It's unlikely to run any point-and-drool administration (web) GUIs.  I
> have a set of config files I've been carrying around with me since I
> kept them on floppy diskette, and they've 

Re: Privacy Respecting Replacement for facebook groups

[Mark Komarinski]

I tried to build Mastodon about a year or two ago for the same reason and it 
was a disaster.  The directions were garbage, the build failed differently each 
time I tried (even within Docker), and the support was inadequate.  I had to 
give up on it.  Might try again sometime to see if it's improved.

-Mark

On September 29, 2020 12:11:53 PM EDT, Lori Nagel  wrote:
>Hello everyone, I'm trying to figure out a privacy  respecting
>replacement for facebook groups.  I want something that is easy to
>join, (so no requirement that you learn email encryption, system
>administration or anything "hard"  but also something that even Richard
>Stallman wouldn't object to (not that I'm trying to recruit him to join
>it, just some people are really zealots about stuff, if it doesn't have
>javascript that is also a bonus.) 
>I've also considered things like email lists, matermost, irc and
>forums, and I've dismissed them for the following reasons.1. Lots of
>people just ignore email thesse days, plus it isn't really very real
>time.2. irc is just a chat channel, too many bots and while it is real
>time, it doesn't really have any persistance of topics.3. Forums tend
>to be too public with just anyone can join it, and while you can have
>private forums or private sections of forums, you need to be an
>administrator to set that all up.  Plus forums tend to have things like
>spralling topics,  and things that either get out of date, or else
>there is no conversation about the subject (thread necromancy vs an
>empty forum.)  I want to create a small group that is highly engaged
>with the subject, chatting everyday etc. 
>4. Email messages from lists you need to get info from can end up in
>spam if you don't set up email right.  It is too easy to miss important
>messages cause you get consumed with marketing or things you
>inadvertantly signed up for and should not have. 5. Matermost is like
>discord, but then I would have to set it up, and I'm not a professional
>system admin. If i spend all my time learning professional system admin
>skills, then I won't get to do what I want, which is interacting with
>people. 
>
>Just on a whim I also checked into Dissporia and groups.io, mastadon
>doesn't really have groups yet, and I don't think all the source code
>for groups.io is included.
___
gnhlug-discuss mailing list
gnhlug-discuss@mail.gnhlug.org
http://mail.gnhlug.org/mailman/listinfo/gnhlug-discuss/

Re: Access public IP from NAT.

[Mark Komarinski]

I think that's the problem.  Check your DNS and see which IP you're getting 
when you put the external name in.

On June 5, 2020 8:04:19 AM EDT, Lloyd Kvam  wrote:
>My approach has been to provide the external names to dnsmasq so that
>the names are attached to
>the correct IP address at home and away.
>
>I'm using an IQrouter (runs openWRT) which makes this pretty painless
>to setup.
>
>To be clear:
>from outside my office on the net
>   $ host www.venix.com
>www.venix.com has address 68.238.56.186
>
>from in my office (I'm using the 172.x.x.x private address space as a
>holdover from running
>Lede and the buffer bloat software)
>
>   $ host www.lan
>www.lan has address 172.30.42.28
>
>$ host www.venix.com
>www.venix.com has address 172.30.42.28
>
>That's not what you asked for, but it might fit your needs. With my
>openWRT based router, the
>advanced menu provide Network / Hostnames which supplements the DHCP
>name/address resolution in
>dnsmasq. You can figure out the setup on your RasPi to add the required
>host entries.
>
>(For those hosts that need to be visible to the broader Internet, I use
>port forwarding through
>the firewall.)
>
>On Fri, 2020-06-05 at 00:16 -0400, Ken D'Ambrosio wrote:
>> Hey, all.  So I finally yanked my Comcast modem ("for reasons,"
>largely
>> having to do with lack of static routes), and put in my own cable
>modem,
>> a WAP, and a RasPi-4 that's doing routing/NAT.  It all works great. 
>> But... I have services exposed that I want to access on the public
>IP. 
>> It works *great* from out there, but if I try to access the public IP
>> from my NATted network, no dice.  And, sadly, if there's one Linux
>place
>> where there's a truck-sized hole in my knowledge, it's IP Tables. 
>I've
>> googled the Interwebs to no avail on what magic IPTables stuff would
>be
>> needed to make it work.  Here's my current script:
>> 
>> root@ubuntu:/usr/local/bin# cat start-NAT.sh 
>> #!/bin/bash
>> export PUBLIC=eth1
>> export PRIVATE=eth0
>> 
>> echo 1 > /proc/sys/net/ipv4/ip_forward
>> iptables -t nat -A POSTROUTING -o $PUBLIC -j MASQUERADE
>> iptables -A FORWARD -i $PUBLIC -o $PRIVATE -m state --state
>> RELATED,ESTABLISHED -j ACCEPT
>> iptables -A FORWARD -i $PRIVATE -o $PUBLIC -j ACCEPT
>> 
>>
>=
>> 
>> root@ubuntu:/usr/local/bin# cat start-port-forwarding.sh 
>> #!/bin/bash
>> 
>> export PRIVATE=eth0
>> export PRIV_IP=192.168.10.1
>> export PUBLIC=eth1 
>> export JELLYFIN=192.168.10.12 
>> 
>> iptables -A FORWARD -i $PUBLIC -o $PRIVATE -p tcp --syn --dport 8096
>-m
>> conntrack --ctstate NEW -j ACCEPT
>> iptables -A FORWARD -i $PUBLIC -o $PRIVATE -m conntrack --ctstate
>> ESTABLISHED,RELATED -j ACCEPT
>> iptables -A FORWARD -i $PRIVATE -o $PUBLIC -m conntrack --ctstate
>> ESTABLISHED,RELATED -j ACCEPT
>> iptables -P FORWARD DROP
>> iptables -t nat -A PREROUTING -i $PUBLIC -p tcp --dport 8096 -j DNAT
>> --to-destination $JELLYFIN
>> iptables -t nat -A POSTROUTING -o $PRIVATE -p tcp --dport 8096 -d
>> $JELLYFIN -j SNAT --to-source $PRIV_IP
>>
>=
>> 
>> If anyone could be kind enough to let me know what extra magic(tm) I
>> need to employ to get at my public IP from inside, I'd be most
>> interested to hear. 
>> 
>> Thanks! 
>> 
>> -Ken
>> ___
>> gnhlug-discuss mailing list
>> gnhlug-discuss@mail.gnhlug.org
>> http://mail.gnhlug.org/mailman/listinfo/gnhlug-discuss/
>-- 
>Lloyd Kvam
>5 Foliage View
>Lebanon, NH 03766
>802-448-0836
>
>
>___
>gnhlug-discuss mailing list
>gnhlug-discuss@mail.gnhlug.org
>http://mail.gnhlug.org/mailman/listinfo/gnhlug-discuss/
___
gnhlug-discuss mailing list
gnhlug-discuss@mail.gnhlug.org
http://mail.gnhlug.org/mailman/listinfo/gnhlug-discuss/

Re: Reminder/RSVP -- meet *this Thursday* for chat & beer.

[Mark Komarinski]

I'll be there.

On February 18, 2020 3:17:36 PM EST, Ken D'Ambrosio  wrote:
>Hey, all!  Just a reminder that we're going to get together at Martha's
>
>Exchange this Thursday at 6:00.  Nothing formal, though Maddog has 
>threatened to bring a PiDP-11.  (Note the add'l 'i' for those wondering
>
>if he needs help with the handtrucks.)
>
>Trying to get a quick headcount so I know what to tell Martha's to set 
>aside for us.
>
>Looking forward to seeing whoever's able to show up!
>
>-Ken
>___
>gnhlug-discuss mailing list
>gnhlug-discuss@mail.gnhlug.org
>http://mail.gnhlug.org/mailman/listinfo/gnhlug-discuss/
___
gnhlug-discuss mailing list
gnhlug-discuss@mail.gnhlug.org
http://mail.gnhlug.org/mailman/listinfo/gnhlug-discuss/

Re: Nashua-area folks -- meet up?

[Mark Komarinski]

Same here.

On January 21, 2020 6:53:20 PM EST, Shawn O'Shea  wrote:
>I’m interested and 2/20 looks open for me.
>
>-Shawn
>
>On Tue, Jan 21, 2020 at 1:23 PM Ken D'Ambrosio  wrote:
>
>> Well, I'll take point on calling Martha's -- if, that is, enough
>people
>> reply to warrant grabbing a bigger table.  Anybody got a preferred
>time?
>>   It's heading toward Feb, and we should probably push it out far
>enough
>> that there's a chance those that want to come can schedule for it.
>> Maybe Thursday, the 20th of Feb.?  (Safely after Valentine's...)
>>
>> -Ken
>> ___
>> gnhlug-discuss mailing list
>> gnhlug-discuss@mail.gnhlug.org
>> http://mail.gnhlug.org/mailman/listinfo/gnhlug-discuss/
>>
___
gnhlug-discuss mailing list
gnhlug-discuss@mail.gnhlug.org
http://mail.gnhlug.org/mailman/listinfo/gnhlug-discuss/

Re: Japan-certified USB Wi-Fi adapters?

[Mark Komarinski]

Is this for commercial sale or you are going to Japan and want to make sure 
your device works?

I don't know of USB wifi adapters in particular but I had a Pixel 2, Dell 
(mumble) laptop and a Kindle Fire that all worked without issue and no 
configuration changes on my end.

-Mark

On January 16, 2020 5:29:17 PM EST, Joshua Judson Rosen 
 wrote:
>Looking for USB Wi-Fi adapters that have been certified for sale/use in
>Japan.
>
>Any recommendations?
>
>-- 
>Connect with me on the GNU social network!
>
>Not on the network? Ask me for more info!
>___
>gnhlug-discuss mailing list
>gnhlug-discuss@mail.gnhlug.org
>http://mail.gnhlug.org/mailman/listinfo/gnhlug-discuss/
___
gnhlug-discuss mailing list
gnhlug-discuss@mail.gnhlug.org
http://mail.gnhlug.org/mailman/listinfo/gnhlug-discuss/

Re: Nashua-area folks -- meet up?

[Mark Komarinski]

I'd be up for that. I usually go to the meetup in Lowell but I can't always 
make it.

On January 16, 2020 10:44:04 AM EST, Ken D'Ambrosio  wrote:
>It's been brought to my attention by someone (*cough*Ben*cough*) that 
>it's been a long, long time since we got together for Linux, grub and 
>suds.  While I think full-fledged meetings are probably not on the 
>agenda (ha, ha), is there some interest out there?  Maybe crash
>Martha's 
>some evening?
>___
>gnhlug-discuss mailing list
>gnhlug-discuss@mail.gnhlug.org
>http://mail.gnhlug.org/mailman/listinfo/gnhlug-discuss/
___
gnhlug-discuss mailing list
gnhlug-discuss@mail.gnhlug.org
http://mail.gnhlug.org/mailman/listinfo/gnhlug-discuss/

Re: Amusing "Wups."

[Mark Komarinski]

Is it C you're looking for?

On December 8, 2017 6:35:20 AM EST, Ken D'Ambrosio  wrote:
>I just told my daughter that there was another song, "Hello," that was 
>popular before Adele's version.  Shockingly, however, Alexa seemed 
>unfamiliar with it when I told her, "Alexa, play 'Hello', by Dennis 
>Ritchie."
>
>D'oh.
>___
>gnhlug-discuss mailing list
>gnhlug-discuss@mail.gnhlug.org
>http://mail.gnhlug.org/mailman/listinfo/gnhlug-discuss/
___
gnhlug-discuss mailing list
gnhlug-discuss@mail.gnhlug.org
http://mail.gnhlug.org/mailman/listinfo/gnhlug-discuss/

Re: Suggestions: Job boards, listings, contacts? for Senior Technical Writer

[Mark Komarinski]

Don't underestimate LinkedIn.  I found my current job through it (contacted 
directly by the then-president) and the lists of openings I see are 
interesting, but not enough to leave.  Also get maybe 1-2 requests/mo from 
headhunters.
 Original message From: Ted Roche  Date: 
9/19/17  3:35 PM  (GMT-05:00) To: Greater NH Linux User Group 
 Subject: Suggestions: Job boards, listings,
contacts? for Senior Technical Writer 
Slightly off-topic, your indulgence please.

A friend of a friend  finds themselves at the end of 30+ year career
in a new of a new position. Highly skilled technical writer, worked in
several of the well known high-tech firms. Needs a new placement,
full-time, part- or contractual.

I don't know where I should suggest she look, besides the usual
platitudes of "call all your contacts and exercise your networks,"
which she's already working.

Any suggestions for online services worth the effort, or does anyone
know anyone looking?

-- 
Ted Roche
Ted Roche & Associates, LLC
http://www.tedroche.com
___
gnhlug-discuss mailing list
gnhlug-discuss@mail.gnhlug.org
http://mail.gnhlug.org/mailman/listinfo/gnhlug-discuss/
___
gnhlug-discuss mailing list
gnhlug-discuss@mail.gnhlug.org
http://mail.gnhlug.org/mailman/listinfo/gnhlug-discuss/

Re: Seeking pointers to someone that can help with Debian + Active Directory LDAP integration

[Mark Komarinski]

Depening on your budget, I had amazing success with Centrify.  It's a 
commercial app, but it worked out of the box and provides PAM modules for just 
about any distro.  It also allows you to create zones that can have varying 
UID/GID/usernames unique to each zone but still refers to the same SID.
 Original message From: Dan Coutu  Date: 
8/23/17  11:51 AM  (GMT-05:00) To: Greater NH Linux User Group 
 Subject: Seeking pointers to someone that can 
help with Debian + Active   Directory LDAP integration 
Due to business demands I’m in a situation where the primary LDAP server 
currently used for all authentication is planned to be replaced with an (ugh) 
Exchange server. At this point the attempts to talk the business team out of it 
are complete and now we need to move forward. As expected the people at 
Microsoft are lost, dazed, and confused when we mention that we are a Linux 
shop and need to integrate their technology into ours.

So I’m seeking someone that has experience with doing this type of integration. 
It needs to include things such as PAM integration and authentication via LDAP 
for a variety of Linux tools such as gitlab, RT, and so forth.

This is not a request for volunteer help but rather a request for getting 
connected with a pro that can tackle some of the work.

Yeah, I know there’s a GNHLUG job list but the last time I sent to it nothing 
ever returned from the black hole. Besides, I’m just asking for pointers to 
people.

Anyway, thanks to anyone that can help!

Dan

___
gnhlug-discuss mailing list
gnhlug-discuss@mail.gnhlug.org
http://mail.gnhlug.org/mailman/listinfo/gnhlug-discuss/
___
gnhlug-discuss mailing list
gnhlug-discuss@mail.gnhlug.org
http://mail.gnhlug.org/mailman/listinfo/gnhlug-discuss/

Re: Linux for time lapse and wifi?

[Mark Komarinski]

I'm not near my system to look at it, but OctoPI drives 3D printers and it has 
time-lapse camera recording.  I think it uses an external app to do that but 
it'll take the snapshots and assemble them into a movie.  You can also get a 
live feed via the network.
(Sorry for top-posting, mobile)
 Original message From: Richard Kolb II 
 Date: 6/28/17  10:31 AM  (GMT-05:00) To: GNHLUG 
 Subject: Linux for time lapse and wifi? 
Hello all,
I'm looking into using a pine a64 running ubuntu mate to setup a time lapse 
photo using a standard digital camera controlled over USB. I haven't done a ton 
of research into it yet, but I wanted to see if anyone else has done something 
similar and had some advice/opinions. I was thinking of setting this up first 
as a way to capture an event going on, and second as a wildlife/security 
camera. 
I'm also thinking about using it as a wifi access point, the location that 
it'll be installed, a remote house in Maine, will have a dsl connection, but 
right now I don't have a wireless router, and since I have this handy I thought 
I'd take advantage.
Thanks,
Richard Kolb

___
gnhlug-discuss mailing list
gnhlug-discuss@mail.gnhlug.org
http://mail.gnhlug.org/mailman/listinfo/gnhlug-discuss/

Re: What's the strategy for bad guys guessing a few ssh passwords?

[Mark Komarinski]

sshguard is really good since it'll drop in a iptables rule to block an IP 
address after a number of attemps (and prevent knocking on other ports too).
Yubikey as 2FA is pretty nice too.
 Original message From: Bruce Dawson  Date: 
6/11/17  10:58 AM  (GMT-05:00) To: gnhlug-discuss@mail.gnhlug.org Subject: Re: 
What's the strategy for bad guys guessing a few ssh passwords? 
sshguard takes care of most of them (especially the high bandwidth ones).

The black hats don't care - they're looking for vulnerable systems. If 
they find one, they'll exploit it (or not).

Note that a while ago (more than a few years), comcast used to probe 
systems to see if they're vulnerable. Either they don't do that any 
more, or contract it out because I haven't see probes from any of their 
systems in years. This probably holds true for other ISPs, and various 
intelligence agencies in the world - both private and public, not to 
mention various disreputable enterprises.

--Bruce


On 06/11/2017 10:17 AM, Ted Roche wrote:
> For 36 hours now, one of my clients' servers has been logging ssh
> login attempts from around the world, low volume, persistent, but more
> frequent than usual. sshd is listening on a non-standard port, just to
> minimize the garbage in the logs.
>
> A couple of attempts is normal; we've seen that for years. But this is
> several each  hour, and each hour an IP from a different country:
> Belgium, Korea, Switzerland, Bangladesh, France, China, Germany,
> Dallas, Greece. Usernames vary: root, mythtv, rheal, etc.
>
> There's several levels of defense in use: firewalls, intrusion
> detection, log monitoring, etc, so each script gets a few guesses and
> the IP is then rejected.
>
> In theory, the defenses should be sufficient, but I have a concern
> that I'm missing their strategy here. It's not a DDOS, they are very
> low volume. It will take them several millennia to guess enough
> dictionary attack guesses to get through, so what's the point?
>

___
gnhlug-discuss mailing list
gnhlug-discuss@mail.gnhlug.org
http://mail.gnhlug.org/mailman/listinfo/gnhlug-discuss/
___
gnhlug-discuss mailing list
gnhlug-discuss@mail.gnhlug.org
http://mail.gnhlug.org/mailman/listinfo/gnhlug-discuss/

Re: IPv6: it's probably about time I learned it.

[Mark Komarinski]

On 7/28/2016 11:39 AM, Derek Atkins wrote:

> Hi,
>
> Mark Komarinski  writes:
>
>> Hurricane Electric has some good resources plus a tunnel broker to give you
>> IPv6 in the event your ISP doesn't support it yet.
>>
>> https://tunnelbroker.net
> What kind of performance do you get from Hurricane?  Have you run e.g. a
> speedtest over your HE v6 tunnel versus your raw (v4) capabilities?
>

Interesting question.  I've had it running in my house for a few years 
and aside from my MacBook Air acting strange a few times I haven't 
noticed a problem with performance or reaching sites.

Here's my setup:

Router: BananaPi R1 running OpenWRT and doing the IPv6 tunneling
ISP: Verizon FIOS 75/75
System: Windows 10 box connected to router via GigE

speedtest.xfinity.com tests both IPv4 and IPv6 speeds.

IPv4: 83.9 Mbps down, 91.5 Mbps up
IPv6: 80.9 Mbps down, 87.9 Mbps up

Not really believing those results, I went to ipv6-test.com/speedtest 
which only tests against a server in Anchorage, AK:

IPv4: 57.8 Mbps
IPv6: 70.4 Mbps

Go figure.

-Mark
___
gnhlug-discuss mailing list
gnhlug-discuss@mail.gnhlug.org
http://mail.gnhlug.org/mailman/listinfo/gnhlug-discuss/

RE: IPv6: it's probably about time I learned it.

[Mark Komarinski]

Hurricane Electric has some good resources plus a tunnel broker to give you 
IPv6 in the event your ISP doesn't support it yet.
https://tunnelbroker.net
-Mark
 Original message From: Ken D'Ambrosio  Date: 
7/27/16  2:42 PM  (GMT-05:00) To: Gnhlug Discuss 
 Subject: IPv6: it's probably about time I 
learned it. 
But holy crow!  Most of the books I find are either from Cisco (and, 
therefore, Cisco-centric), or at least a decade old, and I know that 
some things have changed along the road to actual adoption and 
implementation.  Are there any resources that anyone can recommend -- 
electronic or dead tree -- that I should check out?

Thanks!

-Ken
___
gnhlug-discuss mailing list
gnhlug-discuss@mail.gnhlug.org
http://mail.gnhlug.org/mailman/listinfo/gnhlug-discuss/
___
gnhlug-discuss mailing list
gnhlug-discuss@mail.gnhlug.org
http://mail.gnhlug.org/mailman/listinfo/gnhlug-discuss/

RE: Govt Source Code Policy

[Mark Komarinski]

I was under the impression that code written by the government was public 
domain.  You and I (and private companies) paid the taxes that generated that 
code, so releasing it in anything less than a public domain is doing a 
disservice.
Back when I worked for the Department of Veterans Affairs there were companies 
that took the VA code, modified it for non-VA hospitals, and offered to provide 
the software and support for a fee.  I didn't find a problem with it then, nor 
do I now.  That's what public domain means.
-Mark
 Original message From: "Greg Rundlett (freephile)" 
 Date: 3/25/16  3:33 PM  (GMT-05:00) To: blu 
, GNHLUG  Subject: Govt Source 
Code Policy 
The US Fed. Govt. is proposing a pilot program to release at least 20% of newly 
developed custom code as 'OSS'.  https://sourcecode.cio.gov/  They're accepting 
comments now.  And since it's hosted on GitHub, you "comment" via the issue 
queue, and you can also fork the project and issue a pull request.

I forked it and created a pull request. 
https://github.com/WhiteHouse/source-code-policy/pulls proposing to use the 
term 'Free Software' in place of 'Open Source' 
If the government actually goes through with 'open sourcing' their work, it's 
actually a giant corporate handout because companies will have greater access 
to publicly funded works that they can then incorporate into proprietary works.
What do you think?

Greg Rundletthttps://eQuality-Tech.comhttps://freephile.org

___
gnhlug-discuss mailing list
gnhlug-discuss@mail.gnhlug.org
http://mail.gnhlug.org/mailman/listinfo/gnhlug-discuss/

RE: Weird keyboard problems....

[Mark Komarinski]

You can isolate it by plugging in a USB keyboard and seeing if it still 
happens.  My guess is you're correct that it's a mechanical problem with the 
keyboard.
Depending on the laptop model you have, purchasing a new one probably won't 
cost much (the ones I got were under $20) and replacing it is usually easy.  
YouTube will likely have a video covering it.
If you want to clean it I'd recommend removing the keyboard and using rubbing 
alcohol or distilled water. I get a box of alcohol pads from CVS and it's very 
convenient for occasional cleaning. 
There's also a putty you can buy called Cyber Clean that you can press into the 
keyboard and gets into crevasse and gets dirt and gunk out.  Probably won't 
help in this case but it's good stuff to have around.
YMMV
-Mark

 Original message 
From: Joshua Judson Rosen  
Date: 2/7/2016  3:53 AM  (GMT-05:00) 
To: GNHLUG discuss  
Subject: Weird keyboard problems 

So, this may be only marginally on-topic at best..., but

I've got this weird problem with the keyboard on my laptop: I've got
a bunch of keys that intermittently become dependent on some other keys.

Every so often, the Y, U, J, 9, comma, Enter, and Home keys all stop working
unless I hold down either W or left Shift or Caps Lock. Then they actually
trigger (though not in a way that's useful since I'm holding down other keys
that prevents software from interpreting them in the normal way...).

I gather that the Y, U, J, 9, comma, Enter, and Home keys are all sharing
a signal line or something, which would explain why they all go out together;
how holding other keys effectively routes around that damage..., I'm clueless.

But I think my question is: how likely is this to be caused by some sort of 
debris or
corrosion somewhere (under one of the keys? on the contacts on the 
ribbon-cable?),
and, if so, what would be the right (non-destructive) way of clearing it out?

This can't possibly be a software issue, right?

Anyone dealt with anything like this before?

-- 
"Don't be afraid to ask (λf.((λx.xx) (λr.f(rr."
___
gnhlug-discuss mailing list
gnhlug-discuss@mail.gnhlug.org
http://mail.gnhlug.org/mailman/listinfo/gnhlug-discuss/
___
gnhlug-discuss mailing list
gnhlug-discuss@mail.gnhlug.org
http://mail.gnhlug.org/mailman/listinfo/gnhlug-discuss/

Re: What Language for a kid

[Mark Komarinski]

I was going to recommend scratch as well.  I think it’s installed on some Pi 
distros so it should be easy to set up and use.

-Mark

> On Dec 23, 2015, at 12:47 PM, Star  wrote:
> 
> To go against the grain a little here, I'd probably recommend starting with 
> something a little more touchy-feely, to see if the interest persists.  Start 
> with scratch, it's available for everything, except maybe my toaster, but 
> it's a little old.  If the building/seeing keeps the interest then move into 
> the more abstract world of scripting/coding.
> 
> Heck, my first experience was Logo on the Apple 2, but I could actually ~see~ 
> what was going on as I learned the concepts.
> 
> On Wed, Dec 23, 2015 at 12:42 PM Bill Freeman  > wrote:
> Probably not surprising anyone, I'm going to recommend Python.
> 
> It lets you dip in to the structure of algorithms without having to first 
> learn to manage your own variable allocations, type restrictions, etc.  Those 
> things can be added later when adding C or Java.
> 
> Python is also available by default on Raspbery Pi (and clones), allowing 
> more tangible projects.
> 
> On Wed, Dec 23, 2015 at 11:24 AM, Kenny Lussier  > wrote:
> Hi All,
> 
> My daughter has expressed an interest in learning to code. It's a 
> non-specific, very general interest. She doesn't have a specific area of 
> interest that she wants to learn (UI, game development, HPC, etc.), she just 
> want to learn how to code. 
> 
> What do people think is the best language for a 12yr old to learn? What is 
> most flexible to use for different purposes? What tools are out there to 
> teach a kid to code? Code Academy and the like seem to be a little dry and 
> never yielded wonderful results for most of the adults I know, so other ideas 
> would be welcome.
> 
> Thanks,
> Kenny
> 
> 
> ___
> gnhlug-discuss mailing list
> gnhlug-discuss@mail.gnhlug.org 
> http://mail.gnhlug.org/mailman/listinfo/gnhlug-discuss/ 
> 
> 
> ___
> gnhlug-discuss mailing list
> gnhlug-discuss@mail.gnhlug.org 
> http://mail.gnhlug.org/mailman/listinfo/gnhlug-discuss/ 
> 
> ___
> gnhlug-discuss mailing list
> gnhlug-discuss@mail.gnhlug.org
> http://mail.gnhlug.org/mailman/listinfo/gnhlug-discuss/

___
gnhlug-discuss mailing list
gnhlug-discuss@mail.gnhlug.org
http://mail.gnhlug.org/mailman/listinfo/gnhlug-discuss/

RE: PC Build

[Mark Komarinski]

Put me down as agreeing with the off-lease/refurb systems.  Really inexpensive 
but still fast enough to do what you (he) wants.

-Mark

 Original message 
From: "Greg Rundlett (freephile)"  
Date: 06/02/2015  10:01 AM  (GMT-05:00) 
To: blu , GNHLUG  
Subject: PC Build 

My 13-yr-old wants to build a PC and came up with a parts list.   
https://freephile.org/wiki/PC_Build

He's big into playing and hosting Minecraft, plus creating Minecraft graphics 
customizations with blender and gimp.  He currently uses a chromebook, plus 
crouton for a chrooted Ubuntu.  (The minecraft _server_ is on another host in a 
VM -- not on the chromebook.)  Although the chromebook is good for portability, 
it's not very powerful when it comes to 3d rendering in blender.  And actually, 
he broke it (he is a 13 yo boy).  So he wants to upgrade to a "entry-level" 
gamer system using his own money.

I put his list at https://freephile.org/wiki/PC_Build and also referenced a 
system build that the blogger "Canton Matt" (Peteris Krumins) put together.  
There are also a short list of the resources I've found for compatibility 
checking.

I hardly know anything about hardware and mostly buy from newegg or 
tigerdirect.  It's been years since I built my first linux box from scratch.  
Any comments, advice from regular or recent builders? 

Thanks

Greg Rundlett
https://eQuality-Tech.com
https://freephile.org___
gnhlug-discuss mailing list
gnhlug-discuss@mail.gnhlug.org
http://mail.gnhlug.org/mailman/listinfo/gnhlug-discuss/

Re: Need some suggestions on a borked upgrade

[Mark Komarinski]

> On May 10, 2015, at 3:11 PM, Bruce Labitt  
> wrote:
> […]
> There is some sort of directory issue, which generates an error message 
> if I attempt to apt-get remove octave3.2-info.
> I think, if I can remove or delete this file (and remove references to 
> it) perhaps the rest of the install will go through.  This, of course 
> sound 'dangerous' but I have run out of ideas.
> 
> Any suggestions?  apt-get -f install returns the error message. apt-get 
> remove returns the same error.  Looking for a few ideas. I'll try to use 
> some of them tonight to attempt a fix.  Got to visit Mom now...

What’s the error message?  You might be able to force-remove that one package 
(dpkg -r —force-all octave3.2-info) and ignore dependencies and then continue 
on.  Can’t guarantee it’ll work, but it sounds like it won’t make the system 
any unusable than it is now...

-Mark
___
gnhlug-discuss mailing list
gnhlug-discuss@mail.gnhlug.org
http://mail.gnhlug.org/mailman/listinfo/gnhlug-discuss/

Fwd: [HH] BLU Desktop GNU/Linux SIG Meeting - Meshnets - Weds, Mar 4, 2015

[Mark Komarinski]

Since we’re talking about mesh this seemed apropos:

> Begin forwarded message:
> 
> Date: February 26, 2015 at 8:52:20 AM EST
> From: Will Rico 
> To: annou...@blu.org
> Subject: [HH] BLU Desktop GNU/Linux SIG Meeting - Meshnets - Weds, Mar 4, 2015
> 
> When: Wednesday, March 4, 6:30 - 8:30PM
> 
> Location: Akamai, 8 Cambridge Center, Cambridge, MA
> 
> Directions
>  http://www.akamai.com/html/about/driving_directions.html
>  Also easily accessibly by T.
> 
> Notes
> 
>  1) Please note the location
> is different from BLU's
> standard MIT meeting location.
> 
>  2) Akamai has generously
> agreed to provide space and
> 'free as in food' for this
> meeting.  Thank you to our
> sponsor!
> http://www.akamai.com/
> 
>  3) Akamai is hiring! Email
> me for recruiter contact
> info.
> 
>  4) Free pass & t-shirt to
>  LibrePlanet for volunteers
>  (see below).
> 
> Summary
> 
>  We are excited to
>  welcome Will Fleurant for a
>  presentation Meshnets. A
>  meshnet is a decentralized
>  network built on secure
>  protocols for routing traffic
>  over private mesh or public
>  internetworks independent of a
>  central supporting
>  infrastructure.
> 
>  Will recently attended
>  31C3More in Germany and brings
>  with him pipeline news from
>  Project Meshnet hackers.  More
>  details about Project Meshnet
>  here:
>  https://projectmeshnet.org/
> 
> Volunteers Needed
> 
>  The FSF is seeking volunteers
>  to help at the LibrePlanet
>  2015 conference, March 21 - 22
>  at MIT. Volunteers recieve
>  gratis conference admission
>  and a LibrePlanet 2015
>  t-shirt.
> 
>  Please see
>  https://libreplanet.org/2015/volunteer/
>  or email Chrissie Himes at
>  i...@fsf.org
> 
> More Upcoming Meetings
> 
>  GNU/Linux Installfest LV Sat,
>  Mar 14 at MIT (all day)
>  http://blu.org/cgi-bin/calendar/2015-ifest5
> 
>  Linux Soup 15 with Christoph
>  Doerbeck Weds, Mar 18 at MIT
>  http://blu.org/cgi-bin/calendar/2015-mar
> 
>  LibrePlanet 2015 Sat & Sun,
>  Mar 21 - 22 at MIT
>  https://libreplanet.org/2015/
> 
> 
> 
> 
> ___
> Announce mailing list
> annou...@blu.org
> http://lists.blu.org/mailman/listinfo/announce
> ___
> Hardwarehacking mailing list
> hardwarehack...@blu.org
> http://lists.blu.org/mailman/listinfo/hardwarehacking

___
gnhlug-discuss mailing list
gnhlug-discuss@mail.gnhlug.org
http://mail.gnhlug.org/mailman/listinfo/gnhlug-discuss/

Re: IPv6? (was: Help: HOWTO buy IP address blocks from ARIN?)

[Mark Komarinski]

On January 13, 2015 3:18:10 PM EST, Joshua Judson Rosen 
 wrote:
>On 2015-01-13 14:07, Mark Komarinski wrote:
>> IPv6?
>
>I wish.
>
>Quick poll: how many people here are actually using IPv6? How/why or
>why not?

I'm on FIOS who doesn't deploy it natively but I've got a /64 block routed 
through Hurricane Electric.  Did it mostly just so we would be IPv6 capable.  
The only thing that was the sticking point was setting up OpenWRT to set up the 
route and radvd(?) to do the address assignments.

-Mark
___
gnhlug-discuss mailing list
gnhlug-discuss@mail.gnhlug.org
http://mail.gnhlug.org/mailman/listinfo/gnhlug-discuss/

Re: Help: HOWTO buy IP address blocks from ARIN?

[Mark Komarinski]

IPv6?

On January 13, 2015 1:29:04 PM EST, Joshua Judson Rosen 
 wrote:
>On January 9, 2015 5:56:43 PM EST, John Abreau wrote:
>>
>>What are your project's needs that explicitly require 4K distinct
>>public
>>addresses and that cannot function using private addresses and NAT
>>instead?
>
>'Project' is a geographically-distributed tech company with a bunch of
>frequently-mobile sub-networks where at least one end of any given
>'internal' connection actually needs to be going out from behind
>someone else's network.
>
>There's certainly a chance that, say, our VPN or LAN addresses won't
>conflict with any of the arbitrarily-addressed host networks where the
>VPN endpoints reside, but we'd really rather have a routing scheme that
>'will work' as opposed to something that 'might work'.
>
>1k addresses go to a main-office LAN; the rest of them basically go to
>site offices. All of these things have the aforementioned routing
>constraints.
>
>"Just buy a block of IP addresses that are actually guaranteed
>routable" is the solution that I've seen in place at all of my former
>companies, though I've never been the one to make it happen before.
>
>How would you do it?
>
>>On Fri, Jan 9, 2015 at 4:29 PM, Lloyd Kvam 
>wrote:
>>
>>> On Thu, 2015-01-08 at 17:26 -0500, Joshua Judson Rosen wrote:
>>> > Anyone here ever been through the process of procuring an IP block
>>> > from ARIN?
>>>
>>> Actually from my upstream ISP (UUNET) many years ago.  I was
>>requesting
>>> a /21.  The requirements were essentially the same back then.
>>>
>>> You're requesting 4K addresses.  They want to know that 1K will be
>>used
>>> right now and that at least 2K will be in use within a year.  If the
>>> only way you can use up that number of addresses is by allocating
>one
>>> thousand /30's they will turn you down.  They are basically looking
>>for
>>> individual addresses, but you can count the lost addresses from your
>>> subnet scheme.
>>>
>>> > I'm trying to interpret the requirements they give for an
>>> > "end-user initial assignment", which are:
>>> >
>>> > * provide data demonstrating at least a 25% utilization rate
>of
>>the
>>> >   requested block immediately upon assignment
>>> >
>>> > * provide data demonstrating at least a 50% utilization rate
>of
>>the
>>> >   requested block within one year
>>> >
>>> > .. and maybe I'm just being dense, but it's not entirely obvious
>to
>>me
>>> > what "utilization rate" actually means here: do they mean
>>"sub-blocks
>>> > allocated to specific subnets with some-definition-of-minimal
>>waste",
>>> > or do they mean "individual addresses actually, specifically
>>assigned"?
>>> >
>>> >
>>> > I'm trying to rationalise a /20 block, because I can't seem to
>>> > partition the space such that I end up with < 50% allocated
>>immediately
>>> > or < 75% allocated over the next year; but if I count up the
>actual
>>> > nodes that I expect to exist on all of my subnets, those counts
>are
>>> > definitely short of both the `25% utilization immediately' and
>>> > `50% utilization within one year' figures.
>>> >
>>> > If I'm really supposed to be counting individual addresses
>>> > and not summing subnet sizes, what am I likely to be doing wrong
>>here?
>
>
>
>
>
>___
>gnhlug-discuss mailing list
>gnhlug-discuss@mail.gnhlug.org
>http://mail.gnhlug.org/mailman/listinfo/gnhlug-discuss/
___
gnhlug-discuss mailing list
gnhlug-discuss@mail.gnhlug.org
http://mail.gnhlug.org/mailman/listinfo/gnhlug-discuss/

Re: poking around for opportunities

[Mark Komarinski]

> On Jan 7, 2015, at 7:35 AM, David Rysdam  wrote:
> 
> Tyson Sawyer  writes:
>> I'm not sure what area you looking for, and it's in Woburn, but
>> levantpower.com is hiring.  We are a well funded start-up developing an
>> active suspension system for cars.
> 
> Milford/Nashua area. 
> 
> This place looks OK in general, but doesn't fit for a reason that's
> worth bringing up: Other than messing with some Arduinos, I'm not an
> embedded development person. "Embedded" seems to be in about 90% of job
> postings for software people now.
> 
> Which isn't to say I couldn't do it, I just don't have anything like
> that on my resume.

Embedded is just a fancy way of saying “you don’t have a lot of memory or CPU, 
so don’t write crummy code” :)


___
gnhlug-discuss mailing list
gnhlug-discuss@mail.gnhlug.org
http://mail.gnhlug.org/mailman/listinfo/gnhlug-discuss/

Re: Web-based photo/video album?

[Mark Komarinski]

Gallery has been a mess for a number of years.  I gave up and started using 
smugmug a few months ago.  Unlimited storage, good security, good 
recommendations from friends whose opinion I trust on the matter.   I think I 
have a referral code that gets you 20% off if you want.  There's also a 14 day 
free trial to give it a try.

-Mark

On December 29, 2014 1:12:14 PM EST, Ken D'Ambrosio  wrote:
>Hey, all.  It's the holidays, and I've decided it's time for me to get 
>my family stuff organized.  I've used Gallery 
>(http://galleryproject.org/) before, but it looks like it's gone into 
>moribund mode -- and, honesty, the format was great back in Web 1.0 
>days, but lacked the nifty interaction you get with newer stuff.  I've 
>seen some that look decent, but don't appear to support videos.  
>Wondering if anyone had any suggestions of applications that support 
>both?
>
>Thanks (and may TuxSanta be good to you),
>
>-Ken
>___
>gnhlug-discuss mailing list
>gnhlug-discuss@mail.gnhlug.org
>http://mail.gnhlug.org/mailman/listinfo/gnhlug-discuss/
___
gnhlug-discuss mailing list
gnhlug-discuss@mail.gnhlug.org
http://mail.gnhlug.org/mailman/listinfo/gnhlug-discuss/

Re: simulating chorded keyboards

[Mark Komarinski]

Second this.  Not all the Arduino family will do it but the Leonardo and 
Leonardo-compatible ones will.

-Mark

On October 14, 2014 3:16:17 PM EDT, Matt Minuti  wrote:
>I'd strongly suggest looking at doing a little bit of hardware hacking
>via
>the Arduino Leonardo. It's trivially easy to make it show up as a
>generic
>USB HID keyboard, meaning no fancy driver concerns, no matter the OS.
>
>The keys could either be a handful (heh) of buttons laid out however he
>wants, or you could even use a PS/2 keyboard and have the Arduino
>interpret
>the keycodes and send the appropriate keypress signals via USB.
>
>A student of mine once made a Minecraft griefing controller: it
>basically
>had QWEASD, spacebar, shift, and a dedicated spamming button. The
>buttons
>worked as expected, sending keypresses, but the spam button sent the
>necessary keypresses to go into "talk" mode, write some nonsense like
>"HAHAHA n00b, you can't get me lol!!," and send it to everyone on the
>server. I'm sure the possibilites for good are even greater than such
>evil... :)
>
>On Mon, Oct 13, 2014 at 2:22 PM, David Rysdam  wrote:
>
>> Remember the MIDI son? This is a different son, Kyle, with a
>different
>> project. He's interested in chorded keyboards. You can find these
>here
>> and there online, but he wants to design his own. To start, he wants
>to
>> simulate one with a regular keyboard.
>>
>> We've been looking into ways to let him flexibly define keyboard
>input
>> (chords, modifier keys, etc) but without requiring a ton of low-level
>> programming.
>>
>> 1) A simple game engine (pygame, e.g.) that reports "key down" and
>"key
>> up" events rather than simply delivering a pressed key via something
>> like read(), getchar(), etc. He needs to get between these events to
>> figure out the "current chord". Even pygame is more programming than
>he
>> really wants to do, though.
>>
>> 2) xkeycaps looks like the opposite of what I want, but it's
>described
>> so poorly I can't tell for sure. It looks like I can generate
>multiple
>> keysyms from a single key press, but not vice versa.
>>
>> 3) emacs! This was actually my first suggestion, since it does almost
>> everything he wants. Of course, he'd have to learn emacs first.
>However,
>> there's another problem that I'm not sure can be overcome. Aren't
>emacs
>> sequences limited such that you can't have one be a prefix of
>another?
>>
>> For instance, he'd like to be able to do this:
>>
>> 'i' key down followed by 'i' key up: 'i'
>> 'i' down followed by 'k' down followed by 'i' and 'k' both up:
>'m'
>>
>> but with emacs you can have "i+k" mapped to m but then not 'i' mapped
>to
>> 'i'.
>> ___
>> gnhlug-discuss mailing list
>> gnhlug-discuss@mail.gnhlug.org
>> http://mail.gnhlug.org/mailman/listinfo/gnhlug-discuss/
>>
>
>
>
>
>___
>gnhlug-discuss mailing list
>gnhlug-discuss@mail.gnhlug.org
>http://mail.gnhlug.org/mailman/listinfo/gnhlug-discuss/
___
gnhlug-discuss mailing list
gnhlug-discuss@mail.gnhlug.org
http://mail.gnhlug.org/mailman/listinfo/gnhlug-discuss/

Re: time for the annual Internet Speed Quest

[Mark Komarinski]

I live in MA.  Got it probably 4 years ago when they did my town which was one of the last ones they did around here.
On Jul 6, 2014 9:26 AM, Joshua Judson Rosen  wrote:Where are you that you even have FiOS as an option? Last I heard, Verizon wasn't doing business in NH anymore (except for Verizon Wireless)
-- 
Sent from my Android device with K-9 Mail. Please excuse my brevity.On July 4, 2014 8:04:16 AM EDT, Mark Komarinski  wrote:
My FIOS is advertised 50Mbps up and down.  When downloading games via steam I'm regularly peaking at 7MBps.  Latency for things like audio and video chat is quite acceptable.I'm too far away from the CO to get anything other than ISDN so I'm kinda stuck with cable/FIOS.On Jul 4, 2014 7:41 AM, David Rysdam  wrote: John Abreau  writes:  Internet "speed" is a conflation of two different things: bandwidth and  latency. Merely increasing your bandwidth won't do anything to address  problems with latency. If you combine both of these in your head and call  it "speed", then you're setting yourself up for expensive disappointment.  I'm specifically looking for speed. Downloads, uploads, videos, etc. We  don't do any gaming or anything where latency is a big issue.  gnhlug-discuss mailing list  gnhlug-discuss@mail.gnhlug.org  http://mail.gnhlug.org/mailman/listinfo/gnhlug-discuss/ gnhlug-discuss mailing listgnhlug-discuss@mail.gnhlug.orghttp://mail.gnhlug.org/mailman/listinfo/gnhlug-discuss/___
gnhlug-discuss mailing list
gnhlug-discuss@mail.gnhlug.org
http://mail.gnhlug.org/mailman/listinfo/gnhlug-discuss/

Re: time for the annual Internet Speed Quest

[Mark Komarinski]

My FIOS is advertised 50Mbps up and down.  When downloading games via steam I'm 
regularly peaking at 7MBps.  Latency for things like audio and video chat is 
quite acceptable.

I'm too far away from the CO to get anything other than ISDN so I'm kinda stuck 
with cable/FIOS.

On Jul 4, 2014 7:41 AM, David Rysdam  wrote:
>
> John Abreau  writes: 
> > Internet "speed" is a conflation of two different things: bandwidth and 
> > latency. Merely increasing your bandwidth won't do anything to address 
> > problems with latency. If you combine both of these in your head and call 
> > it "speed", then you're setting yourself up for expensive disappointment. 
>
> I'm specifically looking for speed. Downloads, uploads, videos, etc. We 
> don't do any gaming or anything where latency is a big issue. 
> ___ 
> gnhlug-discuss mailing list 
> gnhlug-discuss@mail.gnhlug.org 
> http://mail.gnhlug.org/mailman/listinfo/gnhlug-discuss/ 

___
gnhlug-discuss mailing list
gnhlug-discuss@mail.gnhlug.org
http://mail.gnhlug.org/mailman/listinfo/gnhlug-discuss/

Re: SSH authentication bypass?

[Mark Komarinski]

HPN SSH (patches to boost ssh performance) allows for no encryption of the data 
stream but IIRC the authentication is encrypted.  That doesn't bypass 
authentication so this may not be related

On Jun 25, 2014 11:23 AM, Joshua Judson Rosen  wrote:
>
> Having sshd manage auth using PKI is not what I'm looking for;
> supposedly there is a "none" auth-type that SSH can use,
> which means that SSH is just giving you an encrypted stream
> and the shell running at the end of the link is responsible
> for actually prompting for login credentials and authenticating
> (similarly to using SSL telnet, since telnetd doesn't actually
> manage logins, it just execs a "login" command and hooks
> its stdio up to the socket that goes back to the client).
>
> Glancing at the code in OpenSSH 6.0 (client and server), it looks like
> the OpenSSH client can be made to request "none" auth; and there are at
> least some *vestiges* of support for "none" auth in the server--
> like all of the code in auth2-none.c, and this comment in auth2.c:
>
>     /* Allow initial try of "none" auth without failure penalty */
>
> (I also see that there's another `hidden auth mode' called "J-PAKE",
> which looks interesting but is also probably not what I want).
>
> From what little documentation I see on sshd's ChallengeResponseAuthentication
> option, it seems like that might let me do this... but only if I
> implement the authenticating end as a PAM module rather than something
> like a "login command"...
>
> Help!?
>
> Do I `just' need to patch sshd to actually accept "none" auth?
>
> -- 
> "'tis an ill wind that blows no minds."
>
> John Feole  writes:
> >
> > I'm a little rusty, but i usedmto admin Solaris machines using keys with
> > winders client using something like this doc:
> >
> > http://www.tonido.com/blog/index.php/2009/02/20/
> > ssh-without-password-using-putty/#.U6oG7JHD8b0
> >
> > Regards,
> > jfeole
> >
> > On Jun 24, 2014 5:21 PM, "Joshua Judson Rosen"  wrote:
> >
> > Poking around in PuTTY..., there's an SSH auth setting labeled:
> >    
> >        Bypass authentication entirely (SSH-2 only)
> >    
> > I have an application where that'd be great;
> > how the heck do I configure sshd to let that work?
> >    
> > --
> > "'tis an ill wind that blows no minds."
> > ___
> > gnhlug-discuss mailing list
> > gnhlug-discuss@mail.gnhlug.org
> > http://mail.gnhlug.org/mailman/listinfo/gnhlug-discuss/
> >
> >
> > ___
> > gnhlug-discuss mailing list
> > gnhlug-discuss@mail.gnhlug.org
> > http://mail.gnhlug.org/mailman/listinfo/gnhlug-discuss/
>
> ___
> gnhlug-discuss mailing list
> gnhlug-discuss@mail.gnhlug.org
> http://mail.gnhlug.org/mailman/listinfo/gnhlug-discuss/

___
gnhlug-discuss mailing list
gnhlug-discuss@mail.gnhlug.org
http://mail.gnhlug.org/mailman/listinfo/gnhlug-discuss/

DIY NAS review with an HP Microserver and FreeNAS

[Mark Komarinski]

(I've had this in my draft mailbox for quite a while after I promised 
sending this.  It's getting rather long, so I'll send this and then open 
up for questions.  tl;dr: I like it.)

So there's really two parts to this review.  First the hardware.

I started with the HP ProLiant G7 N54L Microserver, 2x Kingston 4GB RAM, 
and 2x WD RED 4TB drives.

I'll admit to a bit of a bias against HP - I never really liked the 
server or consumer hardware.  But this box is pretty nice.  It's a 
fairly small cube with a locking front door that gives access to the 4 
drive bays (which clearly say 'not hot swap') and the motherboard.  
There's a panel on top that gives access to a 5.25" bay if you want to 
put in an optical drive.  The rear has two short PCI expansion slots, a 
few USB ports, power, and GigE port.  I'm not looking at it right now 
but I also think it has an external SATA connector.

The HP comes with 2GB of RAM and a 250GB SATA drive in the first bay.  
Given I'm intending to install FreeNAS on a USB drive and using ZFS says 
you need a minimum of 8GB of RAM, both of these have to go.  Getting 
access to the RAM was a bit tricky at first as the motherboard is laying 
on the bottom of the case with various cables plugged in and two 'tool 
less' screws to allow you to slide the motherboard out.  I say 'tool 
less' as they were torqued on enough that I needed a screwdriver to 
loosen it enough to remove it by hand.  I had to also disconnect most of 
the cables (power, case, SATA) so it could slide out.  With that done, I 
noticed there's an internal USB connector which was small enough for the 
FreeNAS drive I made previously (more on that later).  Stuck that in and 
the only items plugged in externally are now power and Ethernet.  
Removing the drive from the sled showed it was using a star-head screw 
and so getting it out made me reach for my set of computer tools until I 
noticed that the interior of the door has a small wrench and a set of 
screws - enough for all of the sleds.  That made short work of removing 
the 250GB and dropping in the 4TB.

My only complaint about the HP box is that the power switch is located 
on the upper right edge of the case, along the curve that goes from the 
front to the top.  It's not recessed or otherwise protected, so I hit it 
by accident a few times while moving it around.  Now that it's in my 
basement I don't expect that to happen often, but putting your hand on 
the area is enough to cause it to think you wanted to turn it off.

Enough about the hardware.  On to FreeNAS (http://www.freenas.org/)

Installation to a standard 8GB USB drive was simple enough.  I'm using 
9.2, the current release version.  The console screen at boot time is 
just plain text and only gives a few options.  The main way to configure 
is via the web interface.  It helpfully snags a DHCP address at boot 
time and the console shows the IP address it has.

First login on the web interface has you set the password and you get 
in.  Using ZFS does make things easier in that I just selected the two 
drives and it automatically set them up as a mirror and created the 
volume for me.  Unlike LVM which I'm more accustomed to, that entire 
volume is the filesystem.  With the volume created, you can create 
either a dataset (used for sharing via NFS/CIFS/AFP) or a zvol (for 
exporting via iSCSI).  Everything I'm doing currently uses datasets, 
though I might tinker with iSCSI again later in the year.

Creating a dataset by default makes a space that shares the same amount 
of space as the volume.  You can then set a quota to limit the amount of 
space per volume[*].  You can also select compression or deduplication.  
Compression runs it through a variety of protocols, with lz4 being 
recommended.  Dedup is a lot more effort and there's lots of warnings 
about enabling dedup if you don't have sufficient RAM.  While I'm 
storing lots of compressed media files for now (video and music files), 
it will tell you how compressed the dataset is.  In my case it winds up 
being 1.02x.

ZFS can set up routine snapshots, which is a good incentive to move my 
home directory there.  When you enable a new snapshot, you can set it up 
so there's a 1 hour snapshot during business hours going back two 
weeks.  You can change this by just about any amount - select days, time 
to start and end, how often a snapshot is taken, and how far back they 
go.  You can also select a manual snapshot. To access a snapshot, you 
can either clone it and have it appear as a new volume that can be 
remotely mounted, or roll the volume back to that snapshot (obviously 
dangerous if there's been other changes to the filesystem since the 
snapshot in question).

Exporting filesystems by NFS and AFP are pretty straightforward and you 
can share filesystems using multiple methods.  NFS speed is really 
good.  Copying data over a 1GBE link was writing at about 40MB/s.  With 
a bunch of 10 and 20GB mkv files in place, reading them gave me 

Re: Files <-> Samsung Galaxy S4

[Mark Komarinski]

I get around the general problem by using Google Drive/Dropbox/OneDrive.  For 
my music files, I've uploaded all my music (about 50GB of music I own) to 
Amazon MP3 and Google Music.  Depending on how much music you're talking about 
you might need to spring for paying for the space, but I believe both have free 
tiers.

On Mar 25, 2014 11:50 PM, Ben Scott  wrote:
>
>   Work has provided me with a new handheld computer, a Galaxy S4, made 
> by Samsung.  It runs Android 4.3 plus whatever unspeakable horrors 
> Samsung and Verizon have inflicted upon it.  There's a microSD flash 
> memory card mounted inside, and I'd like to be able to copy files to 
> and from it, from my Linux home desktop.  This is proving unreasonably 
> hard. 
>
>   Aside from coping general documents, photos, etc., back and forth, I 
> have a large collection of MP3 files on my desktop that I want to keep 
> in sync on my handheld -- adds, changes, *and* deletes.  rsync does a 
> fine job of this on a filesystem.  My previous handhelds let me plug 
> in the USB cable and access the mem card as a USB Mass Storage Class 
> (MSC) device.  In other words, like a disk drive.  Block device 
> appeared, I mounted it, I did filesystem things, I unmounted it, done. 
> Apparently that's not an option for this device. 
>
>   Difficulty: I can't root the device.  Corporate policy.  Whatever I 
> do has to play by the rules.  Apps are generally OK, but not apps that 
> attempt to circumvent security mechanisms. 
>
>   It appears the Galaxy really wants to speak MTP (Media Transfer 
> Protocol).  I've been playing with MTP stuff on Linux.  My desktop is 
> running Debian 7.4 "wheezy", kernel 3.2.0-4 package version 3.2.54-2. 
>
>   There's some issue that causes libmtp to hang for 20-30 seconds 
> whenever it opens the device.  That's maddeningly irritating at best. 
> If you're wanting to run a bunch of commands in sequence, it's 
> basically a showstopper. 
>
>   I've played around with the mtp-tools package from Debian (package 
> version 1.1.3-35-g0ece104-5).  It lacks a command to create 
> directories.  It can't transfer more than one file at a time (see 
> "showstopper", above).  The commands lack any documentation or help. 
> I think they're actually just example skeletons from the libmtp 
> sources that were packaged up and passed off as utilities.  :-p 
>
>   I tried the mtpfs FUSE filesystem (1.1, built from source).  I found 
> it couldn't create directories.  That's a problem if I want to 
> replicate a directory tree (see MP3 collection, above). 
>
>   I tried gmtp (pkg ver 1.3.3-1).  It suffers from the libmtp hang 
> issue, but at least once it's connects is responsive.  It can create 
> directories.  But it can only transfer files in one directory at a 
> time.  (Ibid.) 
>
>   I could, of course, take the mem card out of the handheld, plug it 
> into my desktop's card reader, and do the I/O that way.  Problem there 
> is, I've got a fancy sealed protective case for the handheld.  Opening 
> it repeatedly is bad for it.  And annoying.  And exposes the handheld 
> to damage. 
>
>    I've seen some suggestions of using "cloud" storage, like Dropbox 
> or Google Music, etc.  It seems silly to have to send many gigabytes 
> out my netfeed only to have to immediately download it again, on the 
> same feed, just to copy between devices which are six inches apart and 
> connected via USB cable. 
>
>   Anyone got a better idea?  Bluetooth?  Wifi?  Floppy disk? 
>
> -- Ben 
> ___ 
> gnhlug-discuss mailing list 
> gnhlug-discuss@mail.gnhlug.org 
> http://mail.gnhlug.org/mailman/listinfo/gnhlug-discuss/ 

___
gnhlug-discuss mailing list
gnhlug-discuss@mail.gnhlug.org
http://mail.gnhlug.org/mailman/listinfo/gnhlug-discuss/

Re: su: cannot set user id: Resource temporarily unavailable

[Mark Komarinski]

On 3/10/2014 10:20 AM, Brian Chabot wrote:
> Also, disk space and RAM are aplenty...
>
> Is there any way to tell *which* resource is unavailable?
> Brian Chabot
>

Two other thoughts:

- Is SELinux enabled?  Check the logs and see if there's anything 
strange there.
- try using strace to see which call returns the error.  It might give 
you a clue about what it's trying to do.
___
gnhlug-discuss mailing list
gnhlug-discuss@mail.gnhlug.org
http://mail.gnhlug.org/mailman/listinfo/gnhlug-discuss/

Re: su: cannot set user id: Resource temporarily unavailable

[Mark Komarinski]

Might be semaphores?

On 3/10/2014 10:05 AM, Brian Chabot wrote:
> I'm trying to su to a user on a CentOS 6.4 x86_64 box and get the
> error in the subject:
>
> [user1@cent6.4box ~]$ sudo su - user2
> su: cannot set user id: Resource temporarily unavailable
> [user1@cent6.4box ~]$
>
> The limits.conf file has the following entries:
> * soft   nofile  10
> * hard   nofile  10
> * soft   nproc   8192
> * hard   nproc   32767
>
> The current usage for pengine is:
> [user1@cent6.4box ~]$ ps -eLF | grep user2 | wc -l
> 1108
> [user1@cent6.4box ~]$ lsof | grep user2  | wc -l
> 1558
> [user1@cent6.4box ~]$
>
> While these are the majority of the processes and files in use on the
> system, they are nowhere near the limits.
>
> I even increased the limits 10-fold and that has not worked.
>
> I'm kind of lost here.  Usually the error indicates files or processes
> over the limit but here... not so much.
>
> Any ideas?
>
>
>
> Brian Chabot
> ___
> gnhlug-discuss mailing list
> gnhlug-discuss@mail.gnhlug.org
> http://mail.gnhlug.org/mailman/listinfo/gnhlug-discuss/

___
gnhlug-discuss mailing list
gnhlug-discuss@mail.gnhlug.org
http://mail.gnhlug.org/mailman/listinfo/gnhlug-discuss/

Re: What are you doing for home NAS?

[Mark Komarinski]

On 12/31/2013 2:52 PM, Ben Scott wrote:
> On Mon, Dec 30, 2013 at 2:16 PM, Michael Bilow
>  wrote:
>> This allows the RAID manager (whether
>> hardware or software) to handle the error appropriately, usually by
>> computing what the sector should contain and writing it, thereby
>> causing a reallocation of the failed sector from a reserve of
>> spares.
>In my experience, the RAID managers I've dealt with (Linux, AMI/LSI,
> QNAP, Intel, Adaptec) respond to that single bad block by failing the
> member disk, and requiring a rebuild of the entire member.  :-p
>
>I haven't had any server disk failures for at least a few years
> (knock on wood); maybe things have gotten better in that time.
>

Drives can do the remapping internally - there's extra space if there's 
a read error to move the sector elsewhere.  When the number of remapped 
sectors gets too high, it's used by some vendors to indicate it's in a 
pre-fail state.  SMART can also track that.

ZFS seems to handle a bad sector by blocking it from the drive and 
recreating it via parity/mirroring if possible.

Anyway, I ordered the HP N54L, 8GB of RAM, and two 4TB drives.  This 
leaves me with two expansion bays and the ability to use FreeNAS with 
ZFS.  I looked at OMV but it seems to not be as mature as FreeNAS.  If 
anyone's interested I can do another post once it's built and in use.

-Mark
___
gnhlug-discuss mailing list
gnhlug-discuss@mail.gnhlug.org
http://mail.gnhlug.org/mailman/listinfo/gnhlug-discuss/

Re: What are you doing for home NAS?

[Mark Komarinski]

On 12/30/2013 1:00 AM, John Abreau wrote:
> I tried a couple cheaper options such as the WD MyBook Live network 
> drive, but I wasn't really satisfied with them, They were slow to 
> access, slow to spin up when inactive, and had serious performance 
> issues when more than one process was accessing them over NFS, which 
> was the only filesharing option I used. They contained just a single 
> drive, which means no raid-1 safety net when the disk starts to go bad.
>
After getting burned by non-NAS drives in a RAID 5 array, I'm going RAID 
1 for home use from now on.
> Then I picked up an HP N40L mini cube server and installed FreeNAS on 
> it, on a usb thumb drive that I plugged into the internal USB port on 
> the motherboard. It was the first NAS I've tried at home that I was 
> happy with.Performance is much better, even with multiple processes 
> accessing the unit, and large file copies both to and from the unit 
> seem to complete more quickly.
Ooh.  I forgot about that little guy.  Replacement for is seems to be 
the N54L.  Fits 4 drives, might just get 2x4TB and leave the other two 
for future expansion.
> I'm currently using two of the four drive slots with a pair of 2gb 
> drives, configured with ZFS as a raid-1 mirror set. To properly 
> support ZFS, I followed the recommendations in the HOWTO I found 
> online and maxed out the RAM at 8 GB.
>
> It's been a couple years since I set it up, so I imagine there's a 
> newer model available by now that will accept larger drives and more RAM.
>
> After trying FreeNAS, I'd no longer consider the
>
Err, you cut off there...

-Mark
___
gnhlug-discuss mailing list
gnhlug-discuss@mail.gnhlug.org
http://mail.gnhlug.org/mailman/listinfo/gnhlug-discuss/

What are you doing for home NAS?

[Mark Komarinski]

I have a bit of end-of-the-year money that I'd like to spend and 
thinking of a dedicated NAS device for my home rather than having hard 
drives start spilling out of my basement server.  I figure I need about 
4TB usable, so either 2x4TB or 4x2 or 3TB is a configuration I could 
work with.

In looking at the products that are out there for standalone NAS, 
they're REALLY expensive even before adding the cost of drives.  The 
two-drive systems seem to be just barely adequate for my needs, and the 
four-bay ones jack the price up to just going BYO ($700-$800 without 
drives).  Even then, the Drobo a friend has puts its NFS server in 
userspace (WTF?) so performance and features like file locking are lacking.

So I ask the question - what are you doing at home?  Build my own? Have 
any device that's still for sale you can recommend?  Anyone using 
FreeNAS and have suggestions?

-Mark
___
gnhlug-discuss mailing list
gnhlug-discuss@mail.gnhlug.org
http://mail.gnhlug.org/mailman/listinfo/gnhlug-discuss/

Re: DoS attacks on Healthcare.gov...

[Mark Komarinski]

On 11/18/2013 12:39 PM, David Rysdam wrote:
> Tyson Sawyer  writes:
>> What is the "open source action" that she refers to and can be found
>> in the description of the segment?  Is the meaning of "open source"
>> being changed by some groups?
> She might be garbling a little. In the intelligence community, "open
> source" means "we didn't have Mata Hari anything, we found it from
> websites, books, newspapers", etc. Open sources.
>
> So she could be trying to say: "We know from open sources that at least
> one group is trying to DoS us" meaning something like "There is a group
> out there with the stated, public mission to try to DoS us" or "A recent
> newspaper investigation found a hacking group that blah blah blah" etc.
>

Yeah, that's my take.  Though it wouldn't surprise me if there was 
(D)DoS software that's GPL-licensed.
___
gnhlug-discuss mailing list
gnhlug-discuss@mail.gnhlug.org
http://mail.gnhlug.org/mailman/listinfo/gnhlug-discuss/

Re: ARTICLE - Fixing UNIX/Linux filenames

[Mark Komarinski]

On 10/31/2013 11:38 AM, Michael ODonnell wrote:
> You may find witches, ghosts and zombies at your door this
> evening but this discusses something even more horrible:
>
>   http://www.dwheeler.com/essays/fixing-unix-linux-filenames.html
>

I got through part 1 and I'm scared.  I'm not sure if it's because 
there's so many ways to try to solve the problem or if none of them 
really work.

-Mark
___
gnhlug-discuss mailing list
gnhlug-discuss@mail.gnhlug.org
http://mail.gnhlug.org/mailman/listinfo/gnhlug-discuss/

Re: Installing Ubuntu on an EFI-based Intel system

[Mark Komarinski]

On 8/22/2013 12:27 PM, Roger H. Goun wrote:
> The optical drive isn't an option in the BIOS Boot section anymore. Do 
> I have to break the RAID?

A few thoughts:

- most modern systems have a way of allowing you to select the boot 
device at boot time without going into the BIOS.  Try that and see if 
the CD-ROM is listed
- You should be able to boot off USB - more initial work for you, but 
might be quicker just to get the OS installed and monkey with the CD-ROM 
later
- Are you sure the BIOS is still able to see the CD-ROM, if not boot off 
it?  Check the device list and move to a different SATA port and check

-Mark
___
gnhlug-discuss mailing list
gnhlug-discuss@mail.gnhlug.org
http://mail.gnhlug.org/mailman/listinfo/gnhlug-discuss/

Re: Crowdfunding an Ubuntu smartphone (right now)

[Mark Komarinski]

For a low-production run that supposedly works on Verizon (didn't see if it 
supports CDMA or is LTE-only) its not a terrible price.

 Original message 
From: David Rysdam  
Date: 07/30/2013  7:33 AM  (GMT-05:00) 
To: Joshua Judson Rosen ,GNHLUG General Discussion 
 
Subject: Re: Crowdfunding an Ubuntu smartphone (right now) 
 
Joshua Judson Rosen  writes:
> Just in case not everybody saw this on Slashdot already:
>
> http://www.indiegogo.com/projects/ubuntu-edge
>
> "The Ubuntu Edge is the next generation of personal computing:
>  smartphone and desktop PC in one state-of-the-art device."

I was already skeptical based on Shuttleworth being involved and it
costing $800, but that video easily pushed me over the edge. 

He literally comes out and says we are a testbed for his production
facility...but still wants us to pay almost a grand a head for the
privilege. Don't Formula One drivers get paid? Which one of us is the
millionaire, here?
___
gnhlug-discuss mailing list
gnhlug-discuss@mail.gnhlug.org
http://mail.gnhlug.org/mailman/listinfo/gnhlug-discuss/
___
gnhlug-discuss mailing list
gnhlug-discuss@mail.gnhlug.org
http://mail.gnhlug.org/mailman/listinfo/gnhlug-discuss/

Password storage?

[Mark Komarinski]

(I seem to remember having a go-around with this a while ago, but I 
forget quickly, and maybe something has changed in the meantime)

For reasons that aren't altogether obvious to me yet, I'm storing my 
passwords in a few different places:

Linux laptop
Windows 8 laptop (don't judge me, but it does dual boot)
Android phone and tablet

Until recently, I was using SplashID which has functionality for keeping 
passwords in sync between Windows and Android clients, but it has a few 
nasty downsides for me.  Namely the lack of a Linux client and the 
Android client crashes and makes me put my master password in again.

I see all the cool kids are using KeePass these days, and I want to make 
sure that my passwords are stored:

a) securely (FSVO 'securely')
b) available to the above devices, either via manual sync over a network 
or a shared file location that gets synced

I'm also storing different sets of passwords for different groups I'm 
working with.  Some personal, some $EMPLOYER, some for some side 
consulting I'm doing, and I'd like to keep the three as separate logical 
groups so I can purge everything from one group should I finish up with 
one group or another.

What do you use for password storage?  And I hope it's not a spreadsheet.

-Mark
___
gnhlug-discuss mailing list
gnhlug-discuss@mail.gnhlug.org
http://mail.gnhlug.org/mailman/listinfo/gnhlug-discuss/

Re: MacOS/Samba not playing nice

[Mark Komarinski]

On 7/3/2013 10:28 AM, Ben Scott wrote:
> On Wed, Jul 3, 2013 at 9:39 AM, Mark Komarinski  wrote:
>> I'd start with what Ben recommended and look at the 'force directory mode'
>> setting on the server first.  Making changes there will be a lot easier than
>> changing every OS X box, and changing it every time a new system shows up.
>Ah.  Good point.  I was thinking it would be "better" to configure
> the client properly, but I'm used to a managed environment where IT
> actually configures and administers the clients, too.  I had forgotten
> that a lot of shops are basically a free-for-all on the client side.
> :-)
>
Even if I configured every end user system that went out*, I'd rather 
fix it (if possible) on the server side rather than have another item on 
the list of things I'd have to do in a client setup.

-Mark

* 5000+ users, some wandering in for a day/week/month, many doing Bring 
Your Own Laptop...yeah, we had little control over the kinds of systems 
that came in
___
gnhlug-discuss mailing list
gnhlug-discuss@mail.gnhlug.org
http://mail.gnhlug.org/mailman/listinfo/gnhlug-discuss/

Re: MacOS/Samba not playing nice

[Mark Komarinski]

Resist the temptation to go mixed mode NFS/CIFS for your shares.  Go all 
one path as the permissions almost never map properly.  I'd start with 
what Ben recommended and look at the 'force directory mode' setting on 
the server first.  Making changes there will be a lot easier than 
changing every OS X box, and changing it every time a new system shows up.

If that doesn't work, go NFS, but do it on the Windows systems as well.

-Mark

On 7/3/2013 9:27 AM, Tom Buskey wrote:
> Another approach would be to use NFS for MacOSX and see how that 
> works.  NFS is more native to Linux & Macintosh than CIFS.
>
> It might not be easier and I like Ben's approach of forcing 
> permissions a bit better.
>
> FWIW, I've converted a number of Windows 7 systems to using NFS 
> instead of CIFS to do away with a Samba server.  Like you, I want 777 
> permissions on those shares.
>
>
> On Tue, Jul 2, 2013 at 7:26 PM, Ben Scott  > wrote:
>
> On Tue, Jul 2, 2013 at 3:09 PM, Robert Pruyne  > wrote:
> > I have a Samba server running on it to serve files on our network.
> > When our only Mac OS user logs in, and tries to make a new
> directory on
> > the Samba server, it creates it with permissions of 0700, and
> the user is the
> > owner, effectively disallowing any other user from using the
> directory.
>
>   My guess is that Mac OS X, being a Unix-like OS under the covers,
> supports the SMB extensions that allow it to specify Unix-style file
> permissions.  Those are thus getting passed from the Mac OS X client
> to the Samba server, and Samba dutifully sets the permissions it was
> given.
>
>   Assuming that is correct, there are two approaches here: One is to
> adjust the client to do what you want.  In theory, this is the more
> "elegant" approach.  The other approach would be to configure Samba to
> ignore whatever the client is telling it, and just set permissions
> from the Samba config file.  That should work, but it's kind of
> brutish, and if you ever want to apply other permissions, you'd need
> to revisit.
>
>   I don't know much of anything about Mac OS X, but this seems like it
> might be applicable to adjust the client:
>
> http://support.apple.com/kb/ht2202
>
> (found with: http://www.google.com/search?q=mac+os+x+umask )
>
>   To instead just clobber whatever other permissions might have
> evolved and apply the same thing everywhere, use the "force create
> mode" and "force directory mode" directives in your Samba config file.
>
> -- Ben
> ___
> gnhlug-discuss mailing list
> gnhlug-discuss@mail.gnhlug.org 
> http://mail.gnhlug.org/mailman/listinfo/gnhlug-discuss/
>
>
>
>
> ___
> gnhlug-discuss mailing list
> gnhlug-discuss@mail.gnhlug.org
> http://mail.gnhlug.org/mailman/listinfo/gnhlug-discuss/

___
gnhlug-discuss mailing list
gnhlug-discuss@mail.gnhlug.org
http://mail.gnhlug.org/mailman/listinfo/gnhlug-discuss/

Re: *sigh* I guess I'm going mobile

[Mark Komarinski]

On 6/14/2013 6:32 AM, David Rysdam wrote:
> Twice in the last week we've had incidents where I needed to contact my
> wife and couldn't. We have cheap crappy cellphones but they are so old
> that they don't work well (e.g. won't hold a charge, terrible coverage,
> etc) so we don't ever take them with us.
>
> I'm afraid I'm going to have to get something modern. It's possible
> we'll still get dumbphones, but I'm looking at the smartphone options as
> well, thus the *sigh*.
>
> Here's my Linux-related question: What smartphones will I have the least
> amount of trouble with if I need/want to connect them with my Linux
> computer? Presumably Android, but maybe not. Or possibly certain
> versions are better or worse than others.
>

I almost never have to sync any of my android devices to my system, it 
all just goes into the cloud *waves hands*.  When I do, though, there's 
a few different ways to get to the storage.  Changing the USB access 
type as Curt mentioned works, and I think you can also use the Android 
SDK to directly access files over USB.

While you're looking at phones, the Galaxy S3 is pretty sweet, and 
inexpensive to boot now that the GS4 is out.

-Mark
___
gnhlug-discuss mailing list
gnhlug-discuss@mail.gnhlug.org
http://mail.gnhlug.org/mailman/listinfo/gnhlug-discuss/

Re: Presention software?

[Mark Komarinski]

On 6/6/13 9:01 PM, Joshua Judson Rosen wrote:
> So, it's been something like a million years since I gave a proper
> presentation with `slides' and stuff; I have one that I want to
> put together, though, now--and I... haven't the faintest idea how
> people actually go about doing that, these days.
>
> I think the last time I did this, I just wrote a bunch of HTML
> with frames and ran the `slideshow' using a web browser
>
> What do people do, these days?
>
> Whatever format I end up with, I'd like it to be something that
> I can put on my web-site, and I'd love for it to be something
> that people can view in their web-browsers.
>
I've given up and use PPT (rather, the equivalent in Libre/OpenOffice).

About a zillion years ago, I used to use MagicPoint which is still 
packaged in Debian.  You use a text file to generate the slide 
information, then can display on an X screen or export to HTML.

...and I found my old slides I gave 10 years ago.

http://www.wayga.org/melba/02_2003/

-Mark
___
gnhlug-discuss mailing list
gnhlug-discuss@mail.gnhlug.org
http://mail.gnhlug.org/mailman/listinfo/gnhlug-discuss/

Re: How can I detect whether an /etc/rc.d/init.d script is being run at boot time versus by hand?

[Mark Komarinski]

On 05/21/2013 11:22 AM, Bill Freeman wrote:
> I'm trying to figure out whether to force the removal of an almost 
> certainly stale pid file or not in the service start case.
>
> While I presume that the start up sequence normally handles this by 
> clearing /var/run before lighting off the init scripts for the level, 
> I have a need to have my pid file in an unusual place (needs to be 
> written and deleted by a non-root process).
>
> I'd like start at boot to be automatic, and if shutdown was clean, it 
> will be.  But if the system crashes (or someone hits the reset button, 
> etc.) there will be a stale pid file come boot time.
>
> I'd like to automatically delete any stale pid file at boot time, but 
> start later should fail claiming that there's an existing process.
To be more pedantic about it, you want it to start cleanly unless you 
know it's already running (this gives the case of shutting the process 
down without restarting the system).
> So, can I count on parent pid, or maybe process group id, to identify 
> the at boot time case?  Or would that be unwise?
Why not look up the pid in the process table and see if it:

a) exists
and
b) is the process you think it should be

If both a and b are true, then the process is probably legitimate and 
you shouldn't start a new instance.  If a is false, then you know that 
PID no longer exists and the process shouldn't be running.  If a is true 
and b is false, then it means another process has started and got that 
PID by coincidence.  You can still assume the process shouldn't be 
running and start a new instance.

-Mark
___
gnhlug-discuss mailing list
gnhlug-discuss@mail.gnhlug.org
http://mail.gnhlug.org/mailman/listinfo/gnhlug-discuss/

Re: gps recommendations?

[Mark Komarinski]

On 5/20/13 9:20 AM, Tom Buskey wrote:
>
> If Google could come up with Google Maps that functions w/o internet 
> access, it'd be way better then a GPS IMO.  I think Google would be 
> more likely to build universal WiFi though.
>
Google Maps has an offline mode.  You can download up to 6 100MB blocks 
(2 is enough to cover all of VT to the street level)

http://www.phonearena.com/news/Google-Maps-update-that-brings-offline-mode-now-live-in-the-Play-Store_id31697
___
gnhlug-discuss mailing list
gnhlug-discuss@mail.gnhlug.org
http://mail.gnhlug.org/mailman/listinfo/gnhlug-discuss/

Re: Call for topics for Nashua's next LUG meetings

[Mark Komarinski]

(Sorry for top posting - I'm mobile.)

Is anyone still using DocBook?  I did a lot of work with it in the late 90s and 
early 00s with the LDP before I got out of documentation.

 Original message 
From: Joshua Judson Rosen  
Date:  
To: Bill Freeman  
Cc: GNHLUG  
Subject: Re: Call for topics for Nashua's next LUG meetings 
 
Bill Freeman  writes:
>
> Joshua Judson Rosen  writes:
> >
> > > I became the maintainer for this about 2 years ago:
> > >
> > > http://www.foxtrotgps.org/
> > >
> > > So I guess I could talk about managing (or taking over) a smallish
> > > FOSS project, dealing with contributions (both helpful and unhelpful),
> > > etc.
> >
> > Or, a couple of more specific topics, which are probably of more
> > general interest:
> >
> > * Managing software builds with the GNU Autotools (Automake,
> >   Autoconf, and Libtool)
> >
> > * Writing documentation in Texinfo; outputting to PDF, HTML, and books.
>
> Plus one on all of these.  Also, if there is interest, I might be able to
> work up something on TeX/LaTeX (I;ve used Beamer, a LaTeX extension,
> to produce some of the slides that I've used for presentations).

I'm finding Texinfo to be a nice icebreaker for TeX; TeX was pretty-
quickly discarded as an idea for FoxtrotGPS documentation because it was
too unapproachable-seeming. Texinfo seemed much more approachable, and
then ended up providing just enough functionality and just little-enough
abstraction that I'm ending up wanting to better understand what's going
on underneath.

-- 
"Don't be afraid to ask (λf.((λx.xx) (λr.f(rr."

___
gnhlug-discuss mailing list
gnhlug-discuss@mail.gnhlug.org
http://mail.gnhlug.org/mailman/listinfo/gnhlug-discuss/
___
gnhlug-discuss mailing list
gnhlug-discuss@mail.gnhlug.org
http://mail.gnhlug.org/mailman/listinfo/gnhlug-discuss/

Re: Cataloging media - books, CDs, DVDs

[Mark Komarinski]

On 12/26/2012 12:47 AM, Ben Scott wrote:
> Hello, list!
>
>Happy Festivus.
>
> ABSTRACT
>
>I have decided I need to catalog my purchased media (books, CDs,
> DVDs).  I'm seeking solution(s) to this problem.  I figure other
> people here have already solved this problem.

OpenDB:

http://opendb.iamvegan.net/wiki/index.php?title=Main_Page

 From the site:

The Open Media Collectors Database (OpenDb) is a PHP and MySQL based 
inventory application that allows you to easily catalog and lend out 
your stuff. Its primary purpose is to catalog media related items, such 
as DVD's, Books, CD's etc, but its so flexible you can use it to catalog 
pretty much anything.

 From me:

I installed this a while ago and didn't use it as much as I should 
have.  I had a CueCat at the time and am pretty sure I was able to bulk 
import books and DVDs.  I think most of your other requirements 
(including location of items) can be met.

-Mark
___
gnhlug-discuss mailing list
gnhlug-discuss@mail.gnhlug.org
http://mail.gnhlug.org/mailman/listinfo/gnhlug-discuss/

Re: Two things: anti-spam and per-process *network* I/O.

[Mark Komarinski]

On 12/26/2012 11:16 AM, Ken D'Ambrosio wrote:
> Hi, all.  I've had two things that occasionally cause me grief, and
> since I finally got around to sending an e-mail, I figgered I'd roll 'em
> into one.  So:
>
> I used to use MailScanner as my anti-spam solution, but it seems to be
> wandering into unsupported territory in Ubuntu land, and, for fear that
> this might be a trend, I wonder what other solutions other folks out
> there might be using.  (Note: "Gmail!"  isn't really the kind of answer
> I'm looking for.)
>
spamassassin is what I've been using for a while.

-Mark
___
gnhlug-discuss mailing list
gnhlug-discuss@mail.gnhlug.org
http://mail.gnhlug.org/mailman/listinfo/gnhlug-discuss/

Re: IPv6

[Mark Komarinski]

On 12/14/2012 11:23 AM, Chip Marshall wrote:
> Just curious, but how many people have IPv6 access at home,
> or are interested in getting it? Do you even care if you have
> v6 or not?
>
> If you do have it, native from the ISP, or are you running a
> tunnel?
>
> If you don't have it, would you be interested in learning how to
> set up a tunnel if your ISP doesn't supply it?
>
>
> Personally, I'm on Comcast at home, my cable modem doesn't
> support DOCSIS 3, so I can't get v6 from Comcast yet (assuming
> I'm on one of the nodes that supports it.) I have a FreeBSD box
> acting as my router with a tunnel connected to Hurricane Electric
> for IPv6, just doing SLAAC on the inside for addressing.
>
>
I'm on FIOS and have an IPv6 tunnel through HE on my OpenWRT router.

I'm still trying to figure out what advantages this gives me since most 
of the world (including $EMPLOYER) is still IPv4-only, but I figure if 
use starts to increase I'll be ready for it.

HE has really good directions on how to set up the broker on your 
particular system.

___
gnhlug-discuss mailing list
gnhlug-discuss@mail.gnhlug.org
http://mail.gnhlug.org/mailman/listinfo/gnhlug-discuss/

From failed drive to hero in many steps

[Mark Komarinski]

This is going to be long and rambling, so tl;dr: Make sure you have 
backups.  If you're like me, read on.

Wife's hard drive in her netbook died last Thursday morning.  Died bad.  
System would see the drive but wouldn't boot, neighbor tried to use a 
live CD, she even broke down and bought a one-time support help from the 
vendor.  Everyone told her the drive and data was gone.  This was not a 
week after I told her to clean off her iPhone and get some of the photos 
moved to her netbook to free up space. Let's just say this was one of 
the few times she listened to me :).

I didn't get home until late Thursday after all this diagnosis was 
complete.  I had on hand:

netbook with unbootable drive
2 16GB USB sticks
Linux server in the basement with ~600GB free in LVM
Win 7 desktop with 256GB SSD

Time to channel my inner MacGyver.

Downloaded Ubuntu Live on one of the USB sticks, boot the netbook and 
start poking.  Drive is spinning and recognized, partition table appears 
sane, but trying to mount the 300GB NTFS partition results in many nasty 
messages into the kernel ring buffer.

Can I clone the drive somehow, maybe get dd to get a copy of the data?  
Server downstairs becomes an NFS server.  Fire up dd and get an I/O 
error within 5MB.  Looks like that's it.

Or not.  I found and downloaded copies of dd_rescue and dd_rhelp. 
dd_rhelp uses dd_rescue to copy an entire partition and skips over bad 
blocks, retrying them again later on.  That took about 2 days to run to 
completion.

Now I have a 300GB NTFS image on my Debian server.  Tried to use 
mount.ntfs - nope, still had problems.  Tried ntfsfix - which oddly 
enough doesn't work with image files, only partitions.  Ok, make a 300GB 
partition and dd the image into the new partition.  6 hours later, I 
have a partition, but ntfsfix still doesn't like it. Looking online 
suggested Win 7's chkdsk could do something better. But how do I get an 
image or partition available to a system with only a 256GB disk?  Yup, 
iscsi.

Fire up iscsitarget on Debian pointing at the partition (keeping the 
image for safe keeping in case I really screw up and have to start 
over), start the iSCSI initiator on Win 7, and now I have...well...a 
disk.  Windows 7 decides it's worthy of a drive letter, but not worthy 
enough to show me the what's on it.  Since I have a drive letter and 
it's not the boot disk, I can run chkdsk on it without needing to 
reboot.  chkdsk /f a few times showed it repairing the same errors and 
Win 7 now gave me a drive label, but still wouldn't show me what was 
there.  I then tried chkdsk /r which checks for bad blocks.  Let that 
run for an hour or so.  Still nothing.

In a bit of desperation, I shut down all the iSCSI stuff and again tried 
to use ntfsfix.  Different errors, but still didn't look right.  Then I 
figured maybe there's enough of the filesystem to use mount.ntfs

It did.

Fortunately most of the corruption appears to be in the OS/swap/random 
junk area as I was able to rsync her entire home folder to a safe 
location.  I'm now the hero that saved 2 years of photos, a stack of 
Word docs, and got a kiss on the cheek as compensation.  All in all, not 
bad.

rr_rhelp:  http://www.kalysto.org/utilities/dd_rhelp/index.en.html
___
gnhlug-discuss mailing list
gnhlug-discuss@mail.gnhlug.org
http://mail.gnhlug.org/mailman/listinfo/gnhlug-discuss/

Re: Asus USB-BT211 / Atheros AR3011 firmware loading?

[Mark Komarinski]

On 09/07/2012 01:12 PM, Ben Scott wrote:
>Compute nodes have different dependencies vs a user desktop.  :)
> Tried the new kernel.  X server broke.  :-p  I suspect it's an NVidia
> kernel module issue.  :-p  Back to old kernel for now.  :)
>

Actually, some of them have NVidia cards in them for HPC work. Don't 
remember problems getting the drivers working on those. Anyway, sorry it 
didn't work.
___
gnhlug-discuss mailing list
gnhlug-discuss@mail.gnhlug.org
http://mail.gnhlug.org/mailman/listinfo/gnhlug-discuss/

Re: Asus USB-BT211 / Atheros AR3011 firmware loading?

[Mark Komarinski]

(sorry for top-posting, I'm mobile)

Not as bad as you'd think.  We moved our compute nodes to the backport kernel 
without any problems.

- Reply message -
From: "Ben Scott" 
To: "Greater NH Linux User Group" 
Subject: Asus USB-BT211 / Atheros AR3011 firmware loading?
Date: Wed, Sep 5, 2012 7:41 am


On Wed, Sep 5, 2012 at 12:37 AM, Joshua Judson Rosen
 wrote:
> I have no idea whether you actually need a newer kernel or what,
> but Linux 3.2 is in squeeze-backports, e.g.:
>
> http://packages.debian.org/squeeze-backports/linux-image-3.2.0-0.bpo.2-486

  Huh.  Cool.  I might give that a try, just to see what happens.
Although I suspect the dependencies might be... interesting.  :)

  Thanks for the tip.

-- Ben
___
gnhlug-discuss mailing list
gnhlug-discuss@mail.gnhlug.org
http://mail.gnhlug.org/mailman/listinfo/gnhlug-discuss/
___
gnhlug-discuss mailing list
gnhlug-discuss@mail.gnhlug.org
http://mail.gnhlug.org/mailman/listinfo/gnhlug-discuss/

Re: Computer show Saturday, in Manchester

[Mark Komarinski]

'96

- Reply message -
From: "Roger H. Goun" 
To: "Greater NH Linux User Group" 
Subject: Computer show Saturday, in Manchester
Date: Sat, Aug 18, 2012 6:50 am


On Fri, Aug 17, 2012 at 7:41 AM, Ben Scott  wrote:
>   I got my first Linux distro from Jon "maddog" Hall and DEC when
> Linus Torvalds came to speak to UNH.  :-D  Red Hat Linux 2.1.

I was there, and I got one, too, but I can't remember if it was my
first distro. What year was that? Anyone remember?

-- R.
___
gnhlug-discuss mailing list
gnhlug-discuss@mail.gnhlug.org
http://mail.gnhlug.org/mailman/listinfo/gnhlug-discuss/
___
gnhlug-discuss mailing list
gnhlug-discuss@mail.gnhlug.org
http://mail.gnhlug.org/mailman/listinfo/gnhlug-discuss/

Re: Computer show Saturday, in Manchester

[Mark Komarinski]

On 08/16/2012 11:44 PM, Joshua Judson Rosen wrote:
> Sadly, I saw *zero* Linux showing at the last show I attended (which, 
> I guess, brings me back to the previous topic...) 
If you want to take a drive on a Sunday morning, the MIT Flea has a lot 
of cool stuff both current and...uhm...aged?  A real Enigma machine 
usually makes an appearance, and pretty much everyone there has Linux of 
some form available.

Next one is this Sunday (I'll be there selling a few boxes of cra^W aged 
equipment)

http://w1mx.mit.edu/flea-at-mit

-Mark
___
gnhlug-discuss mailing list
gnhlug-discuss@mail.gnhlug.org
http://mail.gnhlug.org/mailman/listinfo/gnhlug-discuss/

Re: Happy Birthday to Debian (turning 19 on Thursday)

[Mark Komarinski]

On 08/13/2012 05:31 PM, Joshua Judson Rosen wrote:
> http://www.debian.org/News/2012/20120813
>
> Thursday is Debian's 19th birthday.
>
> Anyone doing anything special? Anyone want to?

Somewhere I have the first issue of Linux Journal with the announcement 
of the Debian project.  Maybe I'll dig it out.
___
gnhlug-discuss mailing list
gnhlug-discuss@mail.gnhlug.org
http://mail.gnhlug.org/mailman/listinfo/gnhlug-discuss/

Re: HTTPS connection attempts from Facebook?

[Mark Komarinski]

On 8/6/12 10:13 AM, Brian Chabot wrote:
> On Mon, Aug 6, 2012 at 10:06 AM, Michael ODonnell
>  wrote:
>>   is there *ANY*
>> legitimate reason why anything should be attempting to connect
>> from Facebook to my home IP address, which offers no such
>> services?  I assume, of course, that the answer is "No".
> The *only* reason Facebook should be contacting you this way is if you
> have an app set to pull data from there.
>
> Possibilities that come to mind include RSS feeds and HTML embeds in
> Page info plus, of course, any custom stuff you may have written.
>
> It's *just* a home connection? No services?  Nuke the connection attempt.
>
If you're on a network with DHCP (most residential connections), it's 
possible someone else wrote an app that points to a DNS name that points 
to your IP address.  Still safe to nuke it.

-Mark
___
gnhlug-discuss mailing list
gnhlug-discuss@mail.gnhlug.org
http://mail.gnhlug.org/mailman/listinfo/gnhlug-discuss/

Re: Videoconferencing rundown.

[Mark Komarinski]

On 07/31/2012 01:59 PM, Ben Scott wrote:
> On Tue, Jul 31, 2012 at 1:46 PM, Jon "maddog" Hall  wrote:
>> ... large room talking to an audio box.  It was boring and painful because
>> you could NOT see the other person's body language, or even who was
>> there.  ... Video conferencing (and on a big "TV") made things a lot
>> better, in my experience 
>I suppose it could be a personal taste thing, too.  Audio
> conferences don't bother me that much.
>
>Besides, on a video conference, the other parties can tell if you're
> reading your email while they're talking, or when you mute the mic so
> you can make fun of them.  ;-)
I'd consider that a positive.  You'd be treating people that are remote 
the same way you'd treat someone if they were local (on both ends).

-Mark
___
gnhlug-discuss mailing list
gnhlug-discuss@mail.gnhlug.org
http://mail.gnhlug.org/mailman/listinfo/gnhlug-discuss/

Re: replicated file system?

[Mark Komarinski]

On 02/29/2012 10:22 AM, Kenny Lussier wrote:
>
>
> On Tue, Feb 28, 2012 at 3:36 PM, Michael ODonnell 
> mailto:michael.odonn...@comcast.net>> 
> wrote:
>
>
>
>
> > (DRBD>LVM>iSCSI>Heartbeat)
>
> Heh.  I suspect that will somehow look familiar to Mr. Lussier... ;->
>
> He did indicate a wish to have an Active/Active rig but I believe
> that approach only allows Active/Standby, yes?
>
>
> I think I have seen that somewhere before :-)
>
> The issue with DRBD is that is is exactly like a network-based RAID 1. 
> The data written to the second server is not accessible unless there 
> is a failure on the first system. What I would really like to do is 
> have two (or more) servers share their local  file systems with each 
> other and load balance FTP and sFTP. If one server goes down, the 
> files that were written to it should still be available from other 
> nodes. Something like a K-safe file system. This would all be a lot 
> easier if there were a shared storage device in the background, or 
> even an NFS server.

As pointed out before, DRBD can do active/active, so long as the 
filesystem on top support it (GFS2 and OCFS2).  The DRBD team even has 
documentation to get you started:

http://www.drbd.org/users-guide/ch-gfs.html
http://www.drbd.org/users-guide/ch-ocfs2.html
___
gnhlug-discuss mailing list
gnhlug-discuss@mail.gnhlug.org
http://mail.gnhlug.org/mailman/listinfo/gnhlug-discuss/

Re: replicated file system?

[Mark Komarinski]

Sorry for top posting (I'm mobile).

OCFS2 and GFS allow for active/active DRBD.  I tried using each and they wound 
up requiring more knowledge of crm and pacemaker than I was ready for.  I had 
each working on two different systems but it was unreliable - if you knew more 
about pacemaker you might fare better.

-Mark

- Reply message -
From: "Kenny Lussier" 
To: "GNHLUG" 
Subject: replicated file system?
Date: Tue, Feb 28, 2012 2:44 pm
Hi All,
I am looking for new ideas on how to replicate file systems. I have a need for 
redundant ftp servers, which could either be active/standby or active/active, 
as there is a load balancer in front of them. Currently, we periodically rsync 
the directory over to the standby system. What I would like to do is have a 
mirrored/replicated/clustered file system so that both systems can be active at 
the same time, and the data is automagically available on either, even in the 
event that one server fails. The catch is that there is no back-end shared 
storage (no SAN, NFS, etc.). I thought about drbd, but that is active/backup 
only. Most other systems required shared storage. I'm looking at using 
incron/inotify or Unison, but I was curious to see how other people would 
creatively solve this problem. Ideas?


TIA,Kenny___
gnhlug-discuss mailing list
gnhlug-discuss@mail.gnhlug.org
http://mail.gnhlug.org/mailman/listinfo/gnhlug-discuss/

Re: http://linuxbeard.com/

[Mark Komarinski]

I went management and now I have a goatee (i still have root on a bunch of 
boxes).

- Reply message -
From: "Bill Freeman" 
To: 
Subject: http://linuxbeard.com/
Date: Mon, Jun 27, 2011 6:03 pm


I used to have a beard.  Then my unix gig dried up.
___
gnhlug-discuss mailing list
gnhlug-discuss@mail.gnhlug.org
http://mail.gnhlug.org/mailman/listinfo/gnhlug-discuss/
___
gnhlug-discuss mailing list
gnhlug-discuss@mail.gnhlug.org
http://mail.gnhlug.org/mailman/listinfo/gnhlug-discuss/

Re: Blogging for kids

[Mark Komarinski]

On 06/07/2011 08:27 AM, David Rysdam wrote:
> I'm not sure what not going to the "outside world" means if you are
> restricting access. You and she can read it but not the rest of your
> family? The dog? I think if you are both monitoring and restricting,
> accessing over the Internet shouldn't be a problem. In fact, EITHER
> monitoring OR restricting would probably be sufficient.
At this age, I'd rather do both.  I don't want any of the content she 
puts up to wind up on Fark, or (worse) 4chan.  I don't want it on a 
cloud (be it Google or anyone else) so I can independently monitor the 
content.

Sound controlling?  Sure, but she's 8.

> In any case, you can do both things without serving the pages
> yourself. I've got a host (webhostingbuzz, but any will work) and I'm
> running WordPress on it. WP is pretty simple to use, especially if you
> set it up and show her how to do the basics.
>
>   I set up the domain so that if/when my kids want to have a site they
> can do it under their own names as "http://firstname.lastname.org";. They
> already have firstn...@lastname.org email addresses.
The domain and e-mails aren't the problem as I already have all those.  
I'll take another look at Wordpress.  Maybe I should update my Gallery 
install while I'm at it...

-Mark
___
gnhlug-discuss mailing list
gnhlug-discuss@mail.gnhlug.org
http://mail.gnhlug.org/mailman/listinfo/gnhlug-discuss/

Blogging for kids

[Mark Komarinski]

It's happened.

My geek of a daughter (all of 8, with her own digital camera and my old 
laptop) asked to have her own website, which I assume means she wants to 
post pictures and write a blog.

Now, now, stop what you're thinking.  I have no intention of this going 
to the outside world, and that means I need to set it up on my Debian 
server in the basement so she can do whatever she wants.  I need to have 
it local so I can monitor the content and who gets access to it, but I 
don't know what blogging software is out there that kids can easily 
understand and use.

I imagine some of you have run into this in the past.  What did you do?

-Mark
___
gnhlug-discuss mailing list
gnhlug-discuss@mail.gnhlug.org
http://mail.gnhlug.org/mailman/listinfo/gnhlug-discuss/

Re: Plug Computers for whole-home audio

[Mark Komarinski]

On 04/24/2011 07:06 PM, Joshua Judson Rosen wrote:
> Mark Komarinski  writes:
> Off-topic? Well, you can use them with Linux, right? ;)

Well, I'm straying from "Hey, here's a cool use of Linux" to "Why 
bother?" :)

> It's really interesting that you're raising Squeezebox, because
> that was what I'd initially looked at--and then discarded the idea...:
>
>> Newer models have integrated speakers and can sync between players
>> so you have the same music in all rooms.
>
> Wait--"sync" meaning what, exactly? Play the same song?
> Synchronise control (play/pause/seek simultaneously in all rooms)?
> Match latency between all rooms? Something else?

Play the same stream.  I'm pretty sure this means controlling one 
squeezebox changes all of them that are synced.

> As I understood it, Squeezebox is basically an entirely different animal,
> operating (mainly? only?) on a unicast `pull' model; nothing I've been
> able to find in their marketing-material says otherwise (at least,
> not in any obvious way); so I figured that simultaneous, multi-device
> playback on Squeezeboxes would end up being hokey at best..., and
> there's no mention of whether they do any of the other stuff
> (listed above) that's in my list of requirements.

It's more pull.  If you want exact synchronization, this may not be what 
you want.  For wandering around the house and getting a slight echo it 
was fine for me.  I actually don't use it much given we have a 
relatively small house.

>> The server software is open source and there's clients for iOS and
>> Android along with an open web API for remote control.  They're a
>> bit more expensive than Plug systems, but for me it's worth the
>> extra cost (and Logitech sometimes has sales on refurb items).
>
> So, my perception was actually that the Squeezeboxen were more expensive
> `but' also *worse* than my plug-based solution, in the ways described above
> (i.e.: `not a good simulation of speaker-wire'); was I mistaken?

For your requirements, it is probably worse.  Then again, you can grab 
the server software, install it, and then drop in some softsqueeze java 
clients.  It won't be exact, but you'll be able to test the functionality.

-Mark
___
gnhlug-discuss mailing list
gnhlug-discuss@mail.gnhlug.org
http://mail.gnhlug.org/mailman/listinfo/gnhlug-discuss/

Re: Plug Computers for whole-home audio

[Mark Komarinski]

On 04/22/2011 09:41 AM, Joshua Judson Rosen wrote:
> Hm. I've really gotta find a way to start attending these things
>
> I've been considering getting one (or four...) plug computers to deploy
> as part of a PulseAudio- and MPD-based whole-home audio system, where
> I've currently deployed scavenged full-scale (and full-volume...) PCs
> as a proof of concept.
>
> My original plug-computer thought was that I'd buy some USB audio-adapters
> to use with them, and then I heard about the DreamPlug coming out
> with integrated audio. So, maybe that's an option--the big question
> to which I can't find an answer is:
>
>  How's the audio quality on the DreamPlug?
I don't want to go too off-topic on this, but I've been a very happy 
customer of the Logitech (formerly SlimDevices) Squeezebox series for a 
number of years.  Newer models have integrated speakers and can sync 
between players so you have the same music in all rooms.  The server 
software is open source and there's clients for iOS and Android along 
with an open web API for remote control.  They're a bit more expensive 
than Plug systems, but for me it's worth the extra cost (and Logitech 
sometimes has sales on refurb items).

-Mark
___
gnhlug-discuss mailing list
gnhlug-discuss@mail.gnhlug.org
http://mail.gnhlug.org/mailman/listinfo/gnhlug-discuss/

Re: [FOSS] How does one respond to this line of questioning?

[Mark Komarinski]

On 04/08/2011 11:15 AM, Jon 'maddog' Hall wrote:
> Not the same issuethis is apples and oranges.  I am not asking the
> managers to write the solution themselves.  I am advocating that they
> hire experts to create it for them.
Hiring someone (for non-core business purposes) is probably more 
expensive than buying a software package.  Being a "computer person" 
used to mean you could wire-wrap components while writing code and 
designing a network interface.  The computing world is far more 
complicated than that now - developers don't have a clue about how 
systems as a whole work, and sysadmins don't go neck-deep into code.  I 
admit I'm generalizing, and I'll get counterexamples, but that's been my 
experience over the past 20 years.
> What you have advocated in "buying a solution" is someone who goes out
> with a barrel of money and buys "any house on the market".  All houses
> are the same, are they not?  All provide shelter.
>
> But many people look at many houses to find the one that fits them best.
> And some people hire architects to design one that fits them, even if
> they then get professional builders to build it.
I was generalizing.  Most people do look at various houses and pick one 
they like. A few are able to make some decisions before the house is 
built, and even fewer have enough control to get an architect.
>> Be honest here, how many of you built your home desktop from scratch?
> I am one.  I did order a system built for me one time, but I specified
> what I wanted.  I do admit that I did not put the pieces of metal oxide
> on the disk surface
>
>> How about your parents?
> Bought them an HP systembut they are "the managers of today".
*cough* I built my own systems at home, thankyouverymuch. :)
>> Why do you think there's a discrepancy in those
>> numbers?
> I already explained that.
>
My point was that while there is a number (perhaps significant) of 
do-it-yourselfers, the majority of people will never want to crack open 
their Dell or HP or Lenovo and see what makes it tick.  They want a 
service - to get to the Internet, to listen to music or watch a movie.  
For most people, a computer is a commodity just like a car or a house.
>> Along the same lines, if you already have a staff of .NET developers,
>> why make them learn PHP and Drupal when they can just do something in
>> SharePoint?
> Because they might actually know what they are doing?
I think the number of generalists in various computing fields is 
dropping.  I used to be able to manage Linux and Windows systems pretty 
well.  Windows got more and more added to it and I now rely on Google 
when something happens on Windows rather than knowing what config file 
needs to be edited.  The same is becoming true with programming 
languages.  (In general, I must stress) People learn a few related 
languages and that's what they stick with.
>> If you already have to pay for software and hardware
>> maintenance, why bother training when you can have the vendor on the
>> phone in two minutes?
> You may get the vendor on the phone in two minutes, but it may take
> hours or days to get the right answer.
That was the case fairly recently.  I'm not sure if having the local 
staff trained would have sped up that process (actually it may have).
> The real question is why do people pay for software and hardware
> maintenance and then don't demand good service?
TANSTAAFL.
> Yesterday I sat with a guy that works with multiple databases, including
> SQL and Oracle.  You should have heard him grousing about these closed
> source "solutions".
>
> Where are the SLA's of yesteryear? (With apologies to Joseph Heller)
SLAs mean that the vendor is on the hook for real money if the SLA isn't 
met.  Or more directly, SLAs mean accountability, and noone wants to be 
held accountable.  You either pay big bucks for an SLA, or you settle 
for 'best effort' and possibly a lunch the next time the sales weasel 
comes around.

-Mark
___
gnhlug-discuss mailing list
gnhlug-discuss@mail.gnhlug.org
http://mail.gnhlug.org/mailman/listinfo/gnhlug-discuss/

Re: [FOSS] How does one respond to this line of questioning?

[Mark Komarinski]

I see I generated some great discussion. :)

On 04/08/2011 11:58 AM, Joshua Judson Rosen wrote:
> Actually, "why should software be any different?" is a good question,
> but you're asking it of the wrong side.
>
> When I buy a car, or a house, or anything else, I don't have to give
> the original builder or owner of the thing an permant (lifelong),
> exclusive monopoly on maintaining it. If I discover a issue with my car
> or house, there exists a free market in which I can choose any plumber,
> electrician, carpenter, painter, or mechanic I like to do work;
> I can have them compete in terms of both price and quality of service--
> and if one of them does shoddy work, fails to meet deadlines, or
> is rude to my wife, otherwise fails to satisfy, I can take my business
> elsewhere.
Perhaps an apartment is a better example then.  You have to pay on a 
periodic basis, have almost no control over the look-and-feel (aside 
from furniture), and the only person you can deal with is the landlord.  
There may be other apartments in the area but they all charge about the 
same rate for a given area - which then makes houses the equivalent of 
FOSS since once you buy it, it's yours.
> So, if we can agree that the existence of free markets is generally
> `a good thing' for houses and cars (and all sorts of other things),
> and that we benefit from being able to choose (and re-choose)
> who we hire to do maintenance (even if the car-dealership is
> the obvious /first/ option to try--though there's no analogue
> for houses...), I think it makes a lot of sense to ask your question:
>
>  "Why should software be any different?"
>
> If we're asking someone a question like "why are free markets bad?",
> maybe it'd be appropriate to ask the guy pushing proprietary systems
> another question:
>
>  "What are you, a communist?"
I've been called that and worse :)
>> If you already have to pay for software and hardware maintenance,
>> why bother training when you can have the vendor on the phone in two
>> minutes?
> And what's your contingency plan?
Oh, I'm not saying this is a good idea.  We have some core software we 
use (which happens to be mostly closed source), but over half of my 
staff has attended week-long training in it.

-Mark
___
gnhlug-discuss mailing list
gnhlug-discuss@mail.gnhlug.org
http://mail.gnhlug.org/mailman/listinfo/gnhlug-discuss/

Re: [FOSS] How does one respond to this line of questioning?

[Mark Komarinski]

I'll be a bit of a Devil's Advocate here.

On 04/08/2011 09:02 AM, Jon 'maddog' Hall wrote:
>> Why do many large organizations tend to resist FOSS?  Discuss.
> FUD...utilizing the true definitionof the unknown.
>
> Even today there are lots of people in IT management who started after
> the beginning of Microsoft and Appleand other "systems" companies
> who utilized closed source.  "Buying a solution" is all they know.
'Buying a solution' is how we always approach things.  We don't build 
our own cars or houses from kits anymore - we buy them pre-built.  While 
you can do your own plumbing or electrical work, you hire experts to 
take care of it for you.  Why should software be any different?  If you 
need to hire a $100,000+ developer for some amount of time to design an 
application that you could license for $10,000/year.

Be honest here, how many of you built your home desktop from scratch?  
How about your parents?  Why do you think there's a discrepancy in those 
numbers?

Along the same lines, if you already have a staff of .NET developers, 
why make them learn PHP and Drupal when they can just do something in 
SharePoint?
> Many in IT management today do not remember, or never experienced, the
> crafting of a solution by working with a consultant and stating what the
> company's goals are, then having the consultant create a contract and
> deliver a product that is supportable.   The "solution" for many large
> customers is "SAP" or "PeopleSoft" or "SalesForce" and is now becoming
> "The Cloud".  They change the way they do work to fit the product, not
> the other way around.
>
> Another example:
>
> The concept of sending an employee or two to attend a week or two of
> education is fast going the way of the dodo.
That's true and sad.   A real-life example from $EMPLOYER is any time we 
ask a question about $PIECE_OF_STORAGE that's more complex than 'please 
set the quota for person X to Y GB' it's immediately forwarded to the 
vendor.  If you already have to pay for software and hardware 
maintenance, why bother training when you can have the vendor on the 
phone in two minutes?

-Mark
___
gnhlug-discuss mailing list
gnhlug-discuss@mail.gnhlug.org
http://mail.gnhlug.org/mailman/listinfo/gnhlug-discuss/

Re: Computer hardware for sale, cheap

[Mark Komarinski]

On 01/28/2011 11:18 AM, Thomas Charron wrote:
>At maximum quality, which the server defaults to, Netflix streams at
> 4.8Mbps, which would lead to 2.1 gigs per hour of streamed content.
> I'm not sure where the 'bottom' is, the 4.8 is the starting point for
> 'max quality', and they downshift based on how much data they can
> actually get to you fast.
>
4800kbps (4.8MB) is the max for HD on Netflix.  No US ISP can sustain that.

http://techblog.netflix.com/2011/01/netflix-performance-on-top-isp-networks.html

-Mark
___
gnhlug-discuss mailing list
gnhlug-discuss@mail.gnhlug.org
http://mail.gnhlug.org/mailman/listinfo/gnhlug-discuss/

Re: Ubuntu... downgrade? (64-bit -> 32-bit)

[Mark Komarinski]

On 1/25/2011 9:57 PM, Ken D'Ambrosio wrote:
> I'm afraid I've fallen into the portable device rage, e.g., my Droid-X.
> Nifty thing, it is -- even set it up with VPN, SIP through my job, and all
> sorts of other fun stuff.  Now I'd like to play video from my server on
> the phone.  Unfortunately, its media player is pretty useless -- far
> better to generate video from the server, and stream it, apparently.  But!
>   64-bit CODECs are also kinda lousy.  And it's not like I have a oodles of
> RAM -- 2 GB -- so dropping to a 32-bit system won't really harm anything.
Using 64-bit doesn't get you a lot if you only have 2GB, but memory is 
cheap and you should be able to upgrade to 4GB+ pretty inexpensively.
> But Googling that doesn't really help much.  Any suggestions?  What I'd
> *love* to do is an "apt-get update;apt-get dist-upgrade", and be done with
> it.  Somehow, though, I'm thinking it won't be that simple.  I'd really
> like to avoid a full re-install -- a lot of configuration has gone into
> this silly thing, and, while I could backup /etc and pray that was enough,
> I'd prefer not to find out the hard way.

What are you using for streaming?  Even though my system is Debian 
running x86_64, I haven't had a problem finding libraries.  I ask mostly 
because I'd like to do the same thing with my Droid.  I haven't found a 
good app to do so yet.

Depending on the application you use and libraries you require, if you 
can find the application and and ia32 libraries the app needs, you can 
certainly run it on a 64-bit system.  I've done this before (again, on a 
Debian system) as you can get the ia32 versions of libraries, extract 
the libraries from the .deb, and install them by hand.  I'd have to look 
at my notes to see what the rest of the process was, but I remember it 
was pretty straightforward after that.

-Mark
___
gnhlug-discuss mailing list
gnhlug-discuss@mail.gnhlug.org
http://mail.gnhlug.org/mailman/listinfo/gnhlug-discuss/

Re: Novell agrees to be acquired by Attachmate. [OT]

[Mark Komarinski]

On 11/24/2010 03:59 PM, Dan Jenkins wrote:
> On 11/24/2010 3:47 PM, Ryan Lee Stanyan wrote:
>> I barely trust people to drive in two dimensions, let alone three!
> Too true.
> Or four. Just imagine what havoc a consumer-class time machine would entail.

I can just imagine what happens when there's an accident.

"Sorry, I didn't see you yesterday..."

-Mark
___
gnhlug-discuss mailing list
gnhlug-discuss@mail.gnhlug.org
http://mail.gnhlug.org/mailman/listinfo/gnhlug-discuss/

OT: CDMA Repeaters/Booster

[Mark Komarinski]

Sorry for the OT, but this seems to be the best group to ask this 
question of.  Well, I guess if I do get an answer, then I can *mumble* 
firefox and *grumble* Ubuntu and *cough* ssh

My in-laws have a place in Central NY that gets you one bar on most 
Verizon phones if you hold your arm out just..right..in one corner of 
the house.  There's no Internet service there, so a pico/femtocell is out.

Anyone have experience with repeaters or boosters over a small area to 
improve the signal, preferably something that can be mounted outside?

-Mark
___
gnhlug-discuss mailing list
gnhlug-discuss@mail.gnhlug.org
http://mail.gnhlug.org/mailman/listinfo/gnhlug-discuss/

Re: Koha - anyone do an install? MySQL question...

[Mark Komarinski]

On 09/13/2010 09:06 PM, Bruce Labitt wrote:
> /[mysql]/ = Command that needs to be typed from within the mysql program
>
> /A. [cmd]/mysqladmin -uroot -ppassword create kohadata
>
> /B. [cmd]/mysql -uroot -ppassword
>
> /C. [mysql]/grant all on kohadata.* to 'root'@'localhost' identified by
> 'password';
>
> /D. [mysql]/flush privileges;
>
> /E. [mysql]/quit;
>
> In particular, what goes in 'root' and 'password'? Am I giving root
> privilege to kohadata? Why would I want to do that? Right now, my spouse
> does not have admin privileges on the system. Can someone explain this
> to me?

The command in C should be something like:

grant all on kohadata.* to 'koha'@'localhost' identified by 'password';

That will create a non-root user (k...@localhost) that has a password of 
password.  When you set up the user in koha, make sure the username and 
hostname is set properly as k...@localhost is different from 
k...@foo.bar.com (or whatever domain you use).

Since you're using a grant statement, I don't think you need to run the 
command in D.

-Mark
___
gnhlug-discuss mailing list
gnhlug-discuss@mail.gnhlug.org
http://mail.gnhlug.org/mailman/listinfo/gnhlug-discuss/

Re: Qi-Hardware Nanonote group purchase?

[Mark Komarinski]

On 09/05/2010 07:52 PM, Tom Buskey wrote:
> I have 2 systems running recent OpenBSD releases for SSH portals.  One
> is a Sun Sparc with 96 MB ram and the other is a VM with 32 MB
> allocated to it.  I'm not sure I could do that with any major current
> Linux dist.  Maybe Slackware on i386.  Open + Net BSD installs seem
> similar to Slack.

I have Debian Lenny running on a Linksys NSLU2 (32MB RAM).

-Mark
___
gnhlug-discuss mailing list
gnhlug-discuss@mail.gnhlug.org
http://mail.gnhlug.org/mailman/listinfo/gnhlug-discuss/

Re: Froyo on Droid?

[Mark Komarinski]

On 08/16/2010 12:18 PM, Kenny Lussier wrote:
> (VzW is offering early upgrades to D1
> users to get them to either the Dx or the D2).

The only reference to early upgrades I see is if your contract is up by 
12/31/10.  Given that most people get a new phone every two years, 
there's no way that anyone that got a Droid (unless they paid full price 
or were on a 1 year plan) will be able to upgrade.

Do you have any other information on this plan?  I'd love to upgrade.

-Mark
___
gnhlug-discuss mailing list
gnhlug-discuss@mail.gnhlug.org
http://mail.gnhlug.org/mailman/listinfo/gnhlug-discuss/

Re: Froyo on Droid?

[Mark Komarinski]

On 08/16/2010 09:58 AM, Tyson Sawyer wrote:
> I've read that Android 2.2 is making its way to the original Motorola
> Droid from Verizon.  I've also read that it doesn't support a few key
> features that I was looking for and are reported to be present in the
> "after market" builds.
>
> I've done a bunch of searching of the 'net and can't find any clear
> statements/reviews covering what is missing if I go "after market".  I
> also can't find any information stating if I can return to the herd if
> I find problems with the alternate path.
>
> Is there anyone in this group that has personal experience with an
> after market build of Froyo on the original Droid?  ...or does anyone
> know of a site/link/post that I've missed that gives a more complete
> picture of what life is like on the outside?

I just got Froyo for my Droid on Saturday.  I'm not sure what I'm 
missing, so I guess ignorance is bliss.  I know that tethering requires 
an extra charge, and Flash support will be available in another update 
due in a few weeks from Verizon.

The biggest problem I have is connecting to my WPA2 OpenWRT install.  I 
had to back it down to WPA instead and is working fine.

As for benefits, voice actions is really nice, and moving applications 
to SD lets me free up a lot of space.  Applications seem snappier and 
having the two additional home screens lets me drop in more widgets.

-Mark
___
gnhlug-discuss mailing list
gnhlug-discuss@mail.gnhlug.org
http://mail.gnhlug.org/mailman/listinfo/gnhlug-discuss/

Re: Spike in SSH attacks

[Mark Komarinski]

On 06/21/2010 09:54 AM, Marc Nozell (m...@nozell.com) wrote:
> FYI, I've been using sshguard for a few month to drop routes to sites 
> that are probing my server.
>
> None of the docs seemed to be quite right, so I wrote up some notes on 
> getting it working debian/Lenny here: 
> http://nozell.com/blog/2010/03/09/sshguard-on-debianlenny/
>
>
sshguard is in lenny-backports, but the rest of the documentation is 
quite helpful as the debian package doesn't do any of the setup.  Thanks!

-Mark
___
gnhlug-discuss mailing list
gnhlug-discuss@mail.gnhlug.org
http://mail.gnhlug.org/mailman/listinfo/gnhlug-discuss/

Re: Recommendations...

[Mark Komarinski]

On 06/18/2010 09:24 AM, Gerry Hull wrote:
> Results so far:
>
> I installed Ubuntu 10.04 LTS 64-bit on my X61, followed by Virtualbox 
> 3.2.4, with a Windows 7 vm.
>
> After much Googling, I still have a couple of  PITA issues.
>
> - After every host reboot, it seems that the kernel vboxdrv driver 
> goes away.   I found lots of people reporting this issue, with some 
> suggested solutions -- however nothing seems to work.
> - I'm trying to disable all screen blanking and power management, as 
> this really screws up Virtualbox.  I've tried everything I can find, 
> but I guess I'm just not getting it.  I keep getting the screen 
> blanker which asks for my password.
>
> Any suggestions on how to resolve these issues?  Other than these, I'm 
> pretty happy w/the 64-bit version so far.

My desktop is running Ubuntu x86_64 and VirtualBox (and has been 
since...8.10?) and I've never experienced either of those issues.  Then 
again, I needed USB device support, so I swallowed my GPL and am using 
the non-free (as in speech) version of VirtualBox, complete with the 
Oracle name now.

For vboxdrv not starting at boot time, there is an init script that is 
either gone bad or isn't running.  You may want to start there.

-Mark
___
gnhlug-discuss mailing list
gnhlug-discuss@mail.gnhlug.org
http://mail.gnhlug.org/mailman/listinfo/gnhlug-discuss/

Re: Internet history (was: We need a better Internet)

[Mark Komarinski]

On 04/08/2010 03:13 PM, Kevin D. Clark wrote:
> Tom Buskey writes:
>
>   
>> On Thu, Apr 8, 2010 at 10:42 AM, Kevin D. Clark wrote:
>> 
>
>   
>>> The problem that I had was that I frequently had to deal with the
>>> situation of "this particular problem only really efficiently runs on
>>> 1, 4, or 16 nodes in the cluster" or "this problem only really
>>> efficiently runs on 1, 2, 4, 8, or 16" nodes in the cluster"now,
>>> what nodes were these again, and how do I relate all of the logfiles
>>> that I obtained from the last program run?
>>>
>>>
>>>   
>> You might have proven my point.  
>> 
>
> Just to be clear, I was trying to illustrate your point, because you
> an I appear to be in complete agreement on this issue.
Maybe I'm not understanding the issue, but isn't the above why queuing 
systems were made?  We're using a dirt-old version of Platform LSF and 
it already solves the 'running on heterogeneous systems distributed 
across an arbitrary number of nodes' problem.  While returning the 
output via LSF or shared filesystem.

The original problem ($DWARVES) had to do with doing what really looks 
like sysadmin-type stuff, which dsh already can do.  It has the notion 
of groups so you can have Solaris-specific commands sent to the group of 
Solaris systems, Red Hat-specific to Red Hat, etc. or have a group that 
includes all hosts for commands that works across everything.  You can 
have dsh dispatch commands concurrently rather than serially that the 
for loop does.  We can get ~200 nodes updated via systemimager in only a 
few minutes using this method.

-Mark
___
gnhlug-discuss mailing list
gnhlug-discuss@mail.gnhlug.org
http://mail.gnhlug.org/mailman/listinfo/gnhlug-discuss/

Re: Internet history (was: We need a better Internet)

[Mark Komarinski]

On 04/08/2010 09:31 AM, Kevin D. Clark wrote:
> I used to work on a parallel computer whose compute nodes were named
> after stars.  So, whenever I needed to do something to all of the
> nodes in the cluster I'd have to write code like:
>
>for H in antares atria avior sirius \
> regulus becrux pollux mirtak ; do
>  
>
>done
>
>
> I would have preferred a more uniform set of names, but that's the way
> that things go sometimes.
>
>   
dsh solves that problem

-Mark
___
gnhlug-discuss mailing list
gnhlug-discuss@mail.gnhlug.org
http://mail.gnhlug.org/mailman/listinfo/gnhlug-discuss/

Re: Internet history (was: We need a better Internet)

[Mark Komarinski]

On 04/07/2010 11:42 PM, David Hardy wrote:
> Yes, md, I remember, as do many or all of us, the same bunch of names 
> for the systems, usually either from the Snow White gang, or Lord of 
> the Rings, or Hitchhiker's Guide.  Them were the daze.  Now our 
> brilliant successors name them with strings of alphanumeric characters 
> the provenance of which only they, the holy annointed ones, can fathom. 
Those were good when the number of systems was relatively small.

We had the good fortune of having musicians in our group when we built 
our HPC cluster.  We wound up naming it 'Orchestra' and everything is 
named after an instrument, giving us pretty much unlimited expansion.  
Each node type or function gets a class of instruments - databases are 
percussion, compute nodes are woodwinds or string, etc.  I have a bit of 
trouble remembering which Oracle system bass-drum is, but we maintain a 
wiki page that maintains the list in case we need to look it up.

Every system that has external connections has a service name that's not 
the same as the system name (tomcat, www, jboss, mysql, etc.) so that we 
don't have users pointing directly to something like 'marimba' and then 
have to re-educate them when we retire that system in favor of a new 
one.  They just still use mysql.

-Mark
___
gnhlug-discuss mailing list
gnhlug-discuss@mail.gnhlug.org
http://mail.gnhlug.org/mailman/listinfo/gnhlug-discuss/

Re: recording Comcast digital channels with MythTV

[Mark Komarinski]

On 12/15/2009 10:28 AM, Tom Buskey wrote:
> It runs XBMC.  Does it run Boxee?  (OpenGL)
I'll admit to being fairly illiterate with Boxee, but a quick google 
search shows some promising results:

http://blog.boxee.tv/2009/12/11/boxee-for-the-holidays/
http://www.greenhughes.com/content/how-install-ubuntu-and-boxee-acer-aspire-revo

-Mark
___
gnhlug-discuss mailing list
gnhlug-discuss@mail.gnhlug.org
http://mail.gnhlug.org/mailman/listinfo/gnhlug-discuss/

Re: recording Comcast digital channels with MythTV

[Mark Komarinski]

On 12/15/2009 12:29 AM, Jarod Wilson wrote:
> Check out the Acer Aspire Revo. Base model is only $200, a number of folks 
> using them now.
>
> http://www.newegg.com/Product/Product.aspx?Item=N82E16883103228
>   
I've been using this for about two months running xbmc.  I'm only doing 
720p, but it's been able to handle just about every file format I've 
thrown at it.

I like it a lot more than the Popcorn Hour A-100 that I was using 
previously.  The UI is spectacular, and once it's set up, it's pretty 
spouse/7-yo friendly.

-Mark
___
gnhlug-discuss mailing list
gnhlug-discuss@mail.gnhlug.org
http://mail.gnhlug.org/mailman/listinfo/gnhlug-discuss/

Re: ldap info sought

[Mark Komarinski]

Kevin D. Clark wrote:
> Suppose that I know enough about LDAP to be dangerous, but I want to
> know more.  Suppose I want to more fully understand:
>
> 1:  the mindset of people who use LDAP for solutions
>
> 2:  the information schema in Active Directory
>
> 3:  the information schema in eDirectory
>
>
> I've observed some very knowledgable people on this list mention some
> of the things that they are doing with LDAP.
>
> So, my request is this:  what resources (books, websites, etc.) do
> people recommend to learn more about this subject?
>   
Honestly?  Trial and error.  I haven't found many resources on LDAP that 
are worthwhile (if you do fine one, please let me know).  I think part 
of this is that everyone uses LDAP in a different way and schemas appear 
to be all over the place.

I can tell you that we're using Centrify to provide AD authentication to 
Linux workstations and servers.  It's pretty neat software, even if you 
already have the UNIX extensions in AD.  It also comes with a kerberized 
version of the openldap utilities that you can use to talk to AD 
directly.  Digging into that is how I got most of my AD/LDAP info.

-Mark
___
gnhlug-discuss mailing list
gnhlug-discuss@mail.gnhlug.org
http://mail.gnhlug.org/mailman/listinfo/gnhlug-discuss/

Re: /usr/bin/ld error

[Mark Komarinski]

On 09/17/2009 12:46 PM, bruce.lab...@autoliv.com wrote:
>
> FFTW was compiled with -m64 = 64 bit.
>
> What did you mean by
> Throw in the output of 'file /usr/local/lib/libfftw3.*'.   ?
>
>   
run that command:

file /usr/local/lib/libfftw3.*

-Mark
___
gnhlug-discuss mailing list
gnhlug-discuss@mail.gnhlug.org
http://mail.gnhlug.org/mailman/listinfo/gnhlug-discuss/

Re: /usr/bin/ld error

[Mark Komarinski]

On 09/17/2009 12:08 PM, bruce.lab...@autoliv.com wrote:
> The fun never ends...
>
> My make file compiles everything, using the compiler of choice ( using 
> brute force, not using elegance ).  However, ld fails to find -lfftw3. The 
> error is:
>
> /usr/bin/ld: skipping incompatible /usr/local/lib/libfftw3.so when 
> searching for -lfftw3
> /usr/bin/ld: skipping incompatible /usr/local/lib/libfftw3.a when 
> searching for -lfftw3
> /usr/bin/ld: skipping incompatible /usr/local/lib/libfftw3.so when 
> searching for -lfftw3
> /usr/bin/ld: skipping incompatible /usr/local/lib/libfftw3.a when 
> searching for -lfftw3
> /usr/bin/ld: cannot find -lfftw3
> collect2: ld returned 1 exit status
> make: *** [server] Error 1
>   
Throw in the output of 'file /usr/local/lib/libfftw3.*'.  I'd have to 
guess that the fftw libraries are 32-bit while you're compiling a 64-bit 
application.

-Mark
___
gnhlug-discuss mailing list
gnhlug-discuss@mail.gnhlug.org
http://mail.gnhlug.org/mailman/listinfo/gnhlug-discuss/

Re: comcast dhcp leases

[Mark Komarinski]

On 08/25/2009 07:28 PM, Chris wrote:
> I just checked mine, and according to my router, the lease time is 4 
> days. maybe it's only certain areas.
I checked mine last night (Comcast in Billerica MA) and it had a 
remaining lease time of 2 days, 22 hours.

-Mark
___
gnhlug-discuss mailing list
gnhlug-discuss@mail.gnhlug.org
http://mail.gnhlug.org/mailman/listinfo/gnhlug-discuss/

Re: comcast dhcp leases

[Mark Komarinski]

On 08/25/2009 09:23 AM, jk...@kinz.org wrote:
> Hi all - I notice that  comcast has dropped its dhcp lease times
> down to about 15 minutes, it used to be a number of hours, which
> is rather longer.   I wonder if its possible to somehow have the
> dhcp requests ask for a longer lease period?  Anyone know, how If
> its possible?
>   
I don't think you can change the lease time on the client side.

They may be getting ready to give you a new IP address or otherwise 
change your networking configuration.  If that's the case, a 15 minute 
lease time is advantageous.

-Mark
___
gnhlug-discuss mailing list
gnhlug-discuss@mail.gnhlug.org
http://mail.gnhlug.org/mailman/listinfo/gnhlug-discuss/

Re: Finding *unfiltered* free WiFi?

[Mark Komarinski]

Bill McGonigle wrote:
> The rate limits aren't too hard to do for those familiar with traffic
> shaper guts, but some user-land helpers would be really useful.  Anybody
> seen these on low-cost AP's?
>   
Both Tomato and DD-WRT have QoS/bandwidth limiting capabilities.  I'm 
not using it, so I don't know how well it will meet your requirements.

-Mark
___
gnhlug-discuss mailing list
gnhlug-discuss@mail.gnhlug.org
http://mail.gnhlug.org/mailman/listinfo/gnhlug-discuss/

Re: Mucking with a mounted filesystem?

[Mark Komarinski]

Kenny Lussier wrote:
> Hi All,
>
> I am running into a disk space issue on an older server. I'd like to
> do a tune2fs -m 1 (or maybe 0) to get rid of most, if not all of the
> reserved block space on the partition that is close to full. The disk
> is actually an iSCSI volume mounted from an EqualLogic array, and then
> exported via NFS to 6 other servers.
>
> Has anyone ever run tune2fs on a mounted/in-use filesystem? Is this safe to 
> do?
>   
Yes, it's safe to do, no remounting or anything else required.   I 
haven't done it on an iSCSI-backed disk, but I've done it on LVM and 
regular disk-backed ext3 filesystems and do not thing that the back-end 
disk type has anything to do with it working or not.  Here's my output 
from doing it on an LVM-backed filesystem (and that filesystem contains 
the directory I'm running it from):

mkomarin...@murphy:~$ sudo tune2fs -m 5 /dev/vg00/home
tune2fs 1.41.3 (12-Oct-2008)
Setting reserved blocks percentage to 5% (655360 blocks)
mkomarin...@murphy:~$ sudo tune2fs -m 1 /dev/vg00/home
tune2fs 1.41.3 (12-Oct-2008)
Setting reserved blocks percentage to 1% (131072 blocks)
mkomarin...@murphy:~$ sudo tune2fs -m 0 /dev/vg00/home
tune2fs 1.41.3 (12-Oct-2008)
Setting reserved blocks percentage to 0% (0 blocks)
mkomarin...@murphy:~$

-Mark
___
gnhlug-discuss mailing list
gnhlug-discuss@mail.gnhlug.org
http://mail.gnhlug.org/mailman/listinfo/gnhlug-discuss/

Re: Ok, so help me fix OpenVPN (was: WAP/Router...)

[Mark Komarinski]

On 07/07/2009 04:40 PM, John Abreau wrote:
> Here are the scripts I use to start and stop 50 tap# interfaces.
>
>   
Between going over the scripts and something else (not sure what, which 
makes me a bit nervous), I got it working with my netbook.  Next step is 
to get my workstation and the wife's netbook set up.  Thanks everyone 
for their help, though I'm a bit surprised the answer to "Hey, I want to 
buy some new hardware, what should I get" was "solve it with the 
software you already have".  Though that ASUS WL-500g looks interesting...

-Mark
___
gnhlug-discuss mailing list
gnhlug-discuss@mail.gnhlug.org
http://mail.gnhlug.org/mailman/listinfo/gnhlug-discuss/

Ok, so help me fix OpenVPN (was: WAP/Router...)

[Mark Komarinski]

I'll give it another go, and maybe y'all can help.

First, the basics.

Server is Debian Lenny 64-bit (IP address 192.168.1.10).

Tomato router at 192.168.1.1 (it's a /24 network)

I want to have bridging so that the clients can automagically see CIFS 
shares (important for wife-compliance).

 From what I've seen with using TAP (bridging), I want to have another 
IP address for OpenVPN to bind to.

Who has a similar setup and some config files I can look at?  I have the 
port forwarding set on the router, and clients can connect, but all 
connections to 192.168.1.0/24 just drop.  tap0 gets created when openvpn 
starts, but the interface never gets assigned nor raised.

Anyone have a working bridge-start/bridge-stop and server.conf I can 
take a look at?

-Mark
___
gnhlug-discuss mailing list
gnhlug-discuss@mail.gnhlug.org
http://mail.gnhlug.org/mailman/listinfo/gnhlug-discuss/

Re: WAP/Router for use with OpenVPN

[Mark Komarinski]

On 07/07/2009 10:36 AM, Tom Buskey wrote:
>
> I can think of some work arounds:
>
Thanks, but...
> 1) Run OpenVPN on the home server and redirect the ports on Tomato.  
> I'm not familiar enough with OpenVPN to know if this is possible.
I've gone full OpenVPN retard.  I tried setting it up, but I don't have 
it working at all.  Most likely some problem with routing that I'm 
unable to figure out.  I've spent part of the weekend trying to figure 
out what was going on, then decided my time was better spent doing 
something else and just find an already-existing box that ease my 
configuration issues.
> 2) Use SSH redirects to the server.  I've seen this with batch scripts 
> on windows.  On Linux, I've used SSHFS.
>
That would be fine for me.  But the solution has to be wife-friendly.  
Anything more complicated than "double-click this, enter your password, 
and your home directory magically appears" and its usefulness 
disappears.  There are other services I'd want to access like my 
squeezecenter server, so having a list of SSH redirects becomes a bit of 
a burden to maintain.

-Mark
___
gnhlug-discuss mailing list
gnhlug-discuss@mail.gnhlug.org
http://mail.gnhlug.org/mailman/listinfo/gnhlug-discuss/

WAP/Router for use with OpenVPN

[Mark Komarinski]

I have two early WRT54G systems that work really nice.  One acts as both 
router to the Internet and AP for access to my internal network, the 
other one for when visitors show up and/or have a 802.11b device.

I'm now looking to install OpenVPN with bridging so my wife can fire up 
a client on her netbook and get access to her files that are on the home 
server.  From what I've seen, the older WRT54Gs don't have enough memory 
and/or CPU to handle doing that.

The additional problem is that Tomato doesn't have OpenVPN on it, so I 
have to find another firmware.  Tomato has a nice web-based GUI that 
makes it really easy to configure and get easy stats on.

So here I am.  Does anyone have this working now, and if so, what 
hardware/software combination are you using?

-Mark
___
gnhlug-discuss mailing list
gnhlug-discuss@mail.gnhlug.org
http://mail.gnhlug.org/mailman/listinfo/gnhlug-discuss/

Re: [GNHLUG] [DLSLUG-Announce] Mapping Party - DLSLUG Special Event - Saturday, 2009-06-06

[Mark Komarinski]

On 05/29/2009 01:37 AM, Bill McGonigle wrote:
> 11:00 OpenStreetMap Mapping Party!
>  lead by Russ Nelson
>
>   
As someone who went to Clarkson and made extensive use of the fruits of 
Russ' labor, I'd like to mention he's a great guy and this event should 
be great.  Unfortunately I won't be able to attend.  Will the classroom 
portions be recorded or otherwise available?

-Mark
___
gnhlug-discuss mailing list
gnhlug-discuss@mail.gnhlug.org
http://mail.gnhlug.org/mailman/listinfo/gnhlug-discuss/

Re: [OT] Re: UNIX license plate

[Mark Komarinski]

On 05/14/2009 03:50 PM, roger.levass...@comcast.net wrote:
> When I had my yearly MA inspection back in March, my green on white plate
> was failed, with the garage guy saying that the RMV was cracking down
> on the inspection stations to check the plates.
>   
To be fair, many are quite illegible now, including one near my house 
that looks like it was on one end of a rather serious accident.  I've 
been living here for 13 years and the 'new' plates were in place before 
then.

-Mark
___
gnhlug-discuss mailing list
gnhlug-discuss@mail.gnhlug.org
http://mail.gnhlug.org/mailman/listinfo/gnhlug-discuss/

Re: Out of memory while booting?

[Mark Komarinski]

On 04/01/2009 12:59 PM, Charles G Montgomery wrote:
> I have a machine with what I suspect is a hardware problem, but I'm 
> not a hardware person.  Perhaps someone might have a suggestion if 
> I describe the problem.
>
> The machine has an AMD 64 cpu, 2 GB memory, an ASUS A8V-XE 
> motherboard. I run Debian testing (currently squeeze).
>
> Booting starts normally and proceeds quite a way.  It gets as far as 
> loading kernel modules and then starts issuing console error 
> messages about being out of memory.  It starts killing processes 
> until it has killed everything but init, and then just scrolls 
> frantic out of memory messages forever -- only powering down can 
> stop it.
>
> I had two different kernels installed.  The behavior is exactly the 
> same with either of them.  I tried booting from an OpenCD, which 
> has Ubuntu on it.  All the hardware detection and initialization 
> went fine.  There were no error messages.  But when it tried to 
> start up X, all I got was a brown screen with a cursor (movable 
> with the mouse) and no menus or keyboard response or any way to do 
> anything.
>
> I've taken the box down to Compucare in Peterborough.  The fellow 
> there is a Windows guy and knows very little about Linux, but he 
> knows hardware.  He has done memory tests and disk tests and found 
> nothing.  He is going to copy a disk image to another machine and 
> see if things work there.  But he's as baffled as I am.
>
> If anyone has an idea what the problem might be, or just suggestions 
> of things to test, that would be greatly appreciated.
>   
Try one of the live CDs to see if that works.  Alternately, try 
installing lenny and see if it gives you the same problem (you can 
'upgrade' to squeeze later if you want).

-Mark
___
gnhlug-discuss mailing list
gnhlug-discuss@mail.gnhlug.org
http://mail.gnhlug.org/mailman/listinfo/gnhlug-discuss/

Re: Interrupting fsck during startup

[Mark Komarinski]

Sorry for top posting, I'm only on my blackberry and it sucks for writing 
e-mail, but I had to chime in.

ext3 has two cases where it will fsck at boot time - number of times it's been 
mounted since the last fsck and/or a time interval.  Both of these are low by 
default, but you can change both using tune2fs

tune2fs -c 0 -i 0 /dev/sda1

I do it by habit after creating a filesystem by hand but creation at OS install 
time probably still has the limits in place.

After that, no fscks should take place as journals will replay in the event of 
a bad shutdown, and that is almost instantaneous.

If you choose, you can toss in a -m 2 to have 2% reserved for root instead of 
the default 5%.

-Mark

-Original Message-
From: Tom Buskey 

Date: Fri, 27 Mar 2009 16:52:57 
To: GNHLUG
Subject: Re: Interrupting fsck during startup


___
gnhlug-discuss mailing list
gnhlug-discuss@mail.gnhlug.org
http://mail.gnhlug.org/mailman/listinfo/gnhlug-discuss/


___
gnhlug-discuss mailing list
gnhlug-discuss@mail.gnhlug.org
http://mail.gnhlug.org/mailman/listinfo/gnhlug-discuss/