Re: [Ilugc] [OT] Indian Court Order
On Jun 8, 2012 4:18 PM, "Yogesh Girikumar" wrote: > I don't agree.. what do you mean by a lot of illegal activity? Among other things, tor has been used for child pornography. Which is why any tor traffic is taken very seriously and closely monitored. It makes no sense to use tor to access something perfectly legitimate sites like pastebin. > And how exactly does law enforcement agents monitor tor?? Every ISP in India (and most of the world) is mandated to provide wiretapping service for law enforcement agencies. See the CALEA. - Raja ___ ILUGC Mailing List: http://www.ae.iitm.ac.in/mailman/listinfo/ilugc
Re: [Ilugc] [event report] Linux for web development
On Jun 7, 2012 5:50 PM, "Girish Venkatachalam" < girishvenkatacha...@gmail.com> wrote: > Perl is not meant for kids and impatient people. I was led to believe that laziness, impatience and hubris were the three virtues of a good Perl programmer. The Camel Book defines each as 1. Laziness - the habit which motivates you to write code and automate things. This is what makes you code. 2. Impatience - the feeling you have when your computer is being lazy. This is what motivates you to write high performance code. 3. Hubris - the pride that your code quality is so hood that others cannot find flaws in it. To the OP, IMO the best resource to learn Perl is by reading the Programming Perl book published by Oreilly. It's a great introduction to Perl culture. Written by the creators of Perl and till date I have found nothing to better it. - Raja ___ ILUGC Mailing List: http://www.ae.iitm.ac.in/mailman/listinfo/ilugc
Re: [Ilugc] [OT] Indian Court Order
On Jun 7, 2012 6:18 PM, "Deepak Babu" wrote: > > Well, I use this: https://www.torproject.org/ (Anonymity Online: Protect > your privacy. Defend yourself against network surveillance and traffic > analysis. ) My advise is to never use tor. It is used for lot of illegal activity and heavily monitored by law enforcement. You become guilty by association. Running tor in any enterprise network will set off several security triggers. You will have a lot of explaining to do. It's not worth the risk. - Raja ___ ILUGC Mailing List: http://www.ae.iitm.ac.in/mailman/listinfo/ilugc
Re: [Ilugc] Xmessage in SUSE
On Jun 6, 2012 10:57 AM, "Rajesh kumar" wrote: > > I am building a custom application which starts in roots cron every day. I > am using Xmessage to alert the user that the application is completed > running. It should alert all the user who have logged in via a popup. Use dbus, it is designed exactly for this usage. X has an authentication mechanism between the X server and the client. The shared secret MIT MAGIC COOKIE is stored in the xauthority file which is accessible only by the local user who has started the X session. If you want to applications launched by your cron job to communicate to X sessions of other users, you will have to bypass the X session security mechanisms. Not a recommended practice. - Raja ___ ILUGC Mailing List: http://www.ae.iitm.ac.in/mailman/listinfo/ilugc
Re: [Ilugc] [OT] Indian Court Order
On Tue, Jun 5, 2012 at 4:38 PM, kenneth gonsalves wrote: > which port number would one have to forward? On your local desktop, run ssh -D 8080 shell.example.org and set your browser's proxy to SOCKS localhost 8080. http://www.debian-administration.org/article/SSH_dynamic_port_forwarding_with_SOCKS - Raja ___ ILUGC Mailing List: http://www.ae.iitm.ac.in/mailman/listinfo/ilugc
Re: [Ilugc] [OT] Indian Court Order
On Sun, Jun 3, 2012 at 2:24 PM, Girish Venkatachalam wrote: > > You can setup a VPN connection to a US machine and browse the sites. ;) VPN not needed. If you have shell access to an external machine you can use SSH port forwarding and configure it as a SOCKS proxy in your browser. - Raja ___ ILUGC Mailing List: http://www.ae.iitm.ac.in/mailman/listinfo/ilugc
Re: [Ilugc] How does load balancing work?
On Sat, Jun 2, 2012 at 5:05 PM, Girish Venkatachalam wrote: > Load balancing involves promising a 100% uptime for a server application. Load balancing only eliminates downtime due to server/application being a single point of failure. Even with full redundancy it's still not possible to provide 100% uptime for any application. You may be sharing the same ethernet switch, ISP connection, etc. In the very least the clustering software is a single point of failure. If VRRP breaks then you'll end up with a multi-master scenario where your cluster stop working. > But for the most common case, CARP or common address redundancy > protocol would do. > > This is an adaptation of the Cisco VRRP protocol in which a virtual IP > address maps to a master > and a slave IP address. CARP is primarily on BSD. VRRP is no longer Cisco proprietary, many vendors support VRRP and some even add their own enhancements. You could in theory cluster routers from different vendors using VRRP but I have never seen it in practice. If you mention load balancing and clustering, it's essential to differentiate between active/active clustering and active/standby clustering. In an A/A cluster all members accept load from clients, in an A/S cluster, only the active node is servicing requests while the standby node is not servicing any requests. Only when the active node fails, the standby node is brought into service. VRRP is A/S only. Web and application servers can be easily A/A clustered. Most databases are A/S. You'll need something like Oracle RAC, shared storage, etc to make your DB A/A. IIRC MySQL, Postgre, Microsoft SQL server, etc are all A/S. > If you ping the CARP IP, one of the machines in the CARP cluster will > respond. CARP on a LAN is different from CARP on WAN (through a router). Key difference is that CARP on WAN will need all inbound traffic to be received by all nodes. This is because ARP load balancing cannot be done if all traffic is forwarded by your local router. I can't think of many situations where servers are deployed in the same subnet as clients, so OS clustering is not a scalable load balancing architecture. CARP also requires L2 switches to support "multi-port static MAC" or no L3 switches "multi-port static ARP" in order to forward all inbound traffic to all cluster nodes. Not all switches support this. To overcome these limitations, nearly all large deployments use dedicated L7 load balancers and do not depend on OS clustering. > You can do what is known as DSR which is a direct server return in > which the routing is > asymmetric. > > Packets reaching the server and on the way back follow different routes. > > This is not recommended but may be useful. This is very useful in a situation where the application downloads lot of data to the client but there's very little upload. Eg. YouTube like video streaming - client sends a small HTTP request, server returns several MB of data. Avoiding the load balancer in the return path reduces load and you can spec a lower bandwidth appliance and reduce cost. Load balancing and clustering is very interesting technology and is quickly becoming an essential requirement for many organizations. Great that you decided to write about it. - Raja ___ ILUGC Mailing List: http://www.ae.iitm.ac.in/mailman/listinfo/ilugc
Re: [Ilugc] Linux media center
On Wed, May 30, 2012 at 4:13 PM, 0 <0...@0throot.com> wrote: > Have you tried xbmc ? > > http://xbmc.org/about/ +1. I run it on an Apple TV2 and it's excellent. Active community, great documentation and plenty of plugins. - Raja ___ ILUGC Mailing List: http://www.ae.iitm.ac.in/mailman/listinfo/ilugc
Re: [Ilugc] dd reports I/O errors on CF device but copies the disk image installed in it
On Sun, May 27, 2012 at 8:06 PM, Arun Khan wrote: > Any hypothesis for this anamoly? dd is trying to read past end of device and failing? A little OT, but related: tar is far more flexible than dd for backup/restore tasks. You don't require the disks/filesystems to be of exactly same size. Not all 64MB CF cards are exactly same size. I've had issues with HDDs which were not exactly same size. Eg. two 200GB HDDs from different vendors are not exactly same. Or even disks from different batches of the same vendor. This is a pain if you don't plan in advance and use the entire disk while creating RAID arrays. If a disk fails and the replacement is slightly smaller than the originals, you cannot rebuild the array easily. As a safety measure, I never use the entire disk but always round off and leave the last 2-3GB unused while creating RAID sets. - Raja ___ ILUGC Mailing List: http://www.ae.iitm.ac.in/mailman/listinfo/ilugc
Re: [Ilugc] more on firewall
On Tue, May 22, 2012 at 1:28 PM, Mohan Sundaram wrote: >> Agree. Like ECN not being honoured, many routers have not implemented TCP > window scaling. Routers need not participate or even be aware of it. TCP window scaling works between source/destination. TCP window is an integral part of an kernel's network stack so it's always available. Bandwidth shaping devices monitor and control TCP/UDP flows. TCP window is resized on a per-flow and per-direction basis to control bandwidth usage. - Raja ___ ILUGC Mailing List: http://www.ae.iitm.ac.in/mailman/listinfo/ilugc
Re: [Ilugc] [Commercial] Low Cost FOSS Resource Server
On Tue, May 22, 2012 at 11:26 AM, Mohan Sundaram wrote: >> True. But still very early stages. ARM was traditionally positioned as > power saving as opposed to performance leading it to be dominant in > mobiles/ tablets etc. I reckon it will a while before these become > commonplace enough to be cheap owing to high volumes. I have a Pogo Plug device has 1.2 GHz ARM, 512MB RAM, 128MB NAND flash, 1 Ethernet and 4 USB ports. Totally solid state, under 5W power draw and runs Debian nicely. Retails for $40, not sure about availability in India. I have a 1TB USB HDD and wifi dongle hooked up to it. Newer versions include eSATA and wifi. Not as powerful as Atom but it's good for a mini-NAS and home use. - Raja ___ ILUGC Mailing List: http://www.ae.iitm.ac.in/mailman/listinfo/ilugc
Re: [Ilugc] more on firewall
On Tue, May 22, 2012 at 11:15 AM, Mohan Sundaram wrote: > Absolutely. In addition, nowadays ECN is also being used though there are > not very many devices that honour this yet. Dropping packets on the > incoming interface is a sure way of slowing down specific incoming traffic. Dropping packets will cause sender/receiver to retransmit and increase traffic on loaded links and decrease performance even further. TCP window scaling is the best method of shaping bandwidth as it has no retransmission and is universally accepted. This is a key differentiator of bandwidth shaping appliances vs buffering/queueing done in routers. - Raja ___ ILUGC Mailing List: http://www.ae.iitm.ac.in/mailman/listinfo/ilugc
Re: [Ilugc] more on firewall
On Fri, May 18, 2012 at 9:10 PM, Girish Venkatachalam wrote: > We can easily control that but what about packets coming to us? > > Nothing much we can do there. TCP window scaling can get the remote end to slow down and reduce your incoming packet rate. Queueing UDP flows individually and introducing artificial latency can control well behaved UDP applications. Read how proprietary vendors like BlueCoat PacketShaper and Allot Communications NetEnforcer devices can shape inbound traffic. They can also shape a single tcp flow asymmetrically, ie. provide 1Mbps of downstream bandwidth for POP3 and only 128kbps of upstream (POP is download only). - Raja ___ ILUGC Mailing List: http://www.ae.iitm.ac.in/mailman/listinfo/ilugc
Re: [Ilugc] Incoming redirection, port forward, DMZ, skype et al
On Tue, May 22, 2012 at 6:59 AM, Mohan Sundaram wrote: > DMZ (De-Militarised Zone is a standard term used in securing your > perimeter. It is a wartime terminology. Essentially, it divides the area > that needs to be protected into different zone with different levels of > security and restrictions. Networks are treated the same way. Generally, > publicly accessible services behind a firewall are placed in a DMZ. The > LAN > within the organisation would be treated as a core, highly secure network. > Good practice to restrict traffic would be > > Public -> DMZ Allow using port forwarding. DMZ -> Public not allowed > LAN -> DMZ Allow using simple routing. DMZ -> LAN not allowed. > LAN -> Public Allow via proxies to monitor and restrict as needed, Public > -> LAN Not allowed. In a larger enterprise context this is extended further: 1. There are two levels of firewalls 1) between Public to DMZ network and 2) between DMZ to LAN. These are physically different devices and sometimes even from different vendors. 2. Sometimes traffic within a single DMZ is further controlled through Private VLANs. Eg 1) an enterprise DMZ network can host hundreds of servers/applications. If one application is compromised the entire DMZ is exposed through this server/application. Eg. 2) If you use a web server + DB and web server is compromised the DB is totally exposed. Private VLANs are used to split a DMZ into smaller segments. http://en.wikipedia.org/wiki/Private_VLAN In several industries like banking and financial institutions, most of this is regulated and subject to routine audits. Eg. RBI, BSE/NSE routinely audit banks and stock traders and can revoke a license if non-compliant. Other organizations would do self audits or as requested by their customers. Enterprise IT security is difficult. There's a lot of technology, cost and effort involved, plus there's always new challenges to overcome. Suppose that's what security folks like about their work :-) - Raja ___ ILUGC Mailing List: http://www.ae.iitm.ac.in/mailman/listinfo/ilugc
Re: [Ilugc] anatomy of a mail server
On May 15, 2012 8:41 PM, "Jacob G Podipara" wrote: > users on a Linux Desktop with multiple users. I had to create a fetchmail config, run it for each > user and route all mail through a commom Gmail ID with SMTP fwding. As it is a family desktop I can > assert my will, but it's unfair. Fetchmail can do multi drop, it's a fairly standard setup. Check the docs. I find Gmail web interface good enough for my needs. Not sure why one would want to use fetchmail and download emails. Mutt can pull Gmail directly over IMAP and with a little help from light weight smtp clients it can also send email directly. No need for fetchmail or exim. > How do I subvert this. I would not like to pay for static IP, usage is too less. I tried "dyn.dns" > unfortunately did not work out. I am using fetchmail+mutt+exim. Unless you have 100% power backup and ISP connectivity don't run your own mail server. You'll also require good anti spam solution. Get a shared account with any web hosting provider or VPS and use that as your smart host. You're already doing this with Gmail, I'm not sure what exactly you are trying to accomplish. - Raja ___ ILUGC Mailing List: http://www.ae.iitm.ac.in/mailman/listinfo/ilugc
Re: [Ilugc] Dual Boot - Help
On May 14, 2012 8:21 PM, "Muthukumar S" wrote: > Also, Please guide me how to make the USB bootable with Ubuntu ISO. Unetbootin.sf.net is a nice app for Linux and Windows which makes bootable USB sticks from ISO images. - Raja ___ ILUGC Mailing List: http://www.ae.iitm.ac.in/mailman/listinfo/ilugc
Re: [Ilugc] X forwarding over reverse ssh
On May 10, 2012 12:58 PM, "poomalairaj" wrote: > Warning: No xauth data; using fake authentication data for X11 forwarding. > ssh_exchange_identification: Connection closed by remote host > Connection to xxx.xxx.xxx.xx closed For troubleshooting run "xhost +" on your desktop and try again. This command will disable all authentication on your X server and allow any client to connect and grab your screen, keyboard etc. So use it only for debugging. If this works, then you need to use xauth to add the X server's cookie to the remote client. xauth manpage has sufficient details. SSH does this behind the scenes when you use the -X option. But since you have a hop in-between, twice, xauth is not getting through. - Raja ___ ILUGC Mailing List: http://www.ae.iitm.ac.in/mailman/listinfo/ilugc
Re: [Ilugc] dynamic
On May 9, 2012 7:25 PM, "Girish Venkatachalam" < girishvenkatacha...@gmail.com> wrote: > Yes, you have to use dynamic DNS but that does not come free even from > dyndns.org. Try afraid.org. - Raja ___ ILUGC Mailing List: http://www.ae.iitm.ac.in/mailman/listinfo/ilugc
Re: [Ilugc] Who is the user that runs apache webserver ?
On Mon, May 7, 2012 at 5:05 PM, 0 <0...@0throot.com> wrote: > The short answer to your question is to bind to privileged port 80. Nice reply :-) To OP, long answer is: http://wiki.apache.org/httpd/PrivilegeSeparation - Raja ___ ILUGC Mailing List: http://www.ae.iitm.ac.in/mailman/listinfo/ilugc
Re: [Ilugc] Linux Kernel PID understanding
On May 7, 2012 6:48 PM, "0" <0...@0throot.com> wrote: > Also, the process IDs run from 1 to 32767 and roll over, so don't be > surprised if you see gaps. The gaps just indicate that those processes > have exited. Some security minded OSes like OpenBSD and patched Linux kernels do not allocate PID sequentially but randomize it instead. - Raja ___ ILUGC Mailing List: http://www.ae.iitm.ac.in/mailman/listinfo/ilugc
Re: [Ilugc] best image compression & file transfer opensource software........?????????
On Apr 24, 2012 10:10 PM, "Girish Venkatachalam" < girishvenkatacha...@gmail.com> wrote: > Look for some algorithms that do not lose data like JPEG. JPEG is lossy. Unless you are specifically referring to JPEG 2000 or JPEG LS. - Raja ___ ILUGC Mailing List: http://www.ae.iitm.ac.in/mailman/listinfo/ilugc
Re: [Ilugc] best image compression & file transfer opensource software........?????????
On Apr 24, 2012 5:21 PM, wrote: > open source tools available for the maximum possible image compression Djvu is great for lossy image compression and streaming like with Google Earth. See djvu.org. > effective & secured file transfer Djvu itself has a streaming solution. Else you can always use rsync. - Raja ___ ILUGC Mailing List: http://www.ae.iitm.ac.in/mailman/listinfo/ilugc
Re: [Ilugc] php malware from wordpress blog
On Wed, Apr 11, 2012 at 10:06 PM, Raja Subramanian wrote: > The malware sample is here: http://pastebin.com/7X9imPGp > > Can anyone decipher what this script is doing and how much damage > it has caused? Sorry to reply to my own post. PHP programmers have nothing other than eval and base64_encode to hide their code. This malware contains a crafty way of hiding the base64_decode and eval function strings. Other than that it's vanilla. The really long string $m1nWMtcRk07 is just several wrappers of eval(base65_encode(...)). The final unwrapped code is here: http://pastebin.com/RdTmZKyw Looks like the GetMama malware is well known. This code is the first line of ~ 850 php files in my WP installation. Hope deleting it permanently removes the bad bits. If there's sufficient interest, at the May LUG meeting I can talk about my WP experience, hardening and malware analysis. - Raja ___ ILUGC Mailing List: http://www.ae.iitm.ac.in/mailman/listinfo/ilugc
[Ilugc] php malware from wordpress blog
Hi, I have had a recent malware injection on a WordPress website I host. The malware sample is here: http://pastebin.com/7X9imPGp Can anyone decipher what this script is doing and how much damage it has caused? This stuff appeared in several files in my WP installation, new files created inside wp-includes/css//, and in wp-includes/Text/Dos//. I've had 2 incidents during the first incident one directory contained a full mock up of Amazon Germany website with drive-by downloads and my web account was used to send phishing emails to this URL. This is the 2nd attempt and I have greatly limited the damage caused as I had tightened WP security. If anyone is interested I can upload the entire website with all the infected files for review. - Raja ___ ILUGC Mailing List: http://www.ae.iitm.ac.in/mailman/listinfo/ilugc
Re: [Ilugc] [OT?] Many sites not opening - BSNL BB
On Sun, Apr 1, 2012 at 8:21 PM, Natarajan V wrote: > The following is what *think* might have happened. > MTU is largest size of each packet. The default value is 1500. But > seems like this size is too big for some networks. Actually the issue is more like this: The link between your DSL modem and DSLAM (other end ISP equipment your DSL modem connects to) uses encapsulated PPP - it's either PPP over Ethernet or ATM. Since 1500 is the MTU on Ethernet networks, when you add PPPoA/E the packet size increases due to encapsulation overhead. PPPoE add 8 bytes overhead. So the MTU should be 1492 bytes to ensure that even after adding encapsulation overhead you are still at the 1500 byte MTU limit. * I don't use BSNL to verify, so please let us know if MTU 1492 works for you. Note that the same issue is present when you use VPN tunnels - you need to use a lower MTU on the tunnel to accommodate VPN overhead. There are a couple of ways around manual MTU setting: Routers can fragment and reassemble packets so that they can pass through packets with smaller MTU sizes, but this has a lot of overhead. In fact it has so much overhead that IPv6 does not support fragmentation/reassembly. It simply drops the packet, sends a "packet to big" ICMP error condition. This forces sender/receiver to perform path MTU discovery. > When I observed > more closely, some sites just didn't load at all. > The othersites (such > as thehindu & slashdot), start to load, and they keep waiting for > ever. The site has been waiting indefinitely for some content to be > loaded from other domains whose routes accept smaller than 1500. > That's why some sites stopped loading midway, while others never > loaded at all. Sites which load are successfully able to perform path MTU discovery so they automatically discover the lower MTU on your DSL modem. To be certain use "tracepath" which is similar to traceroute but reports the path MTU at each hop. It will be great to see the tracepath output for your various websites. - Raja ___ ILUGC Mailing List: http://www.ae.iitm.ac.in/mailman/listinfo/ilugc
Re: [Ilugc] why embedded Linux not having swap partition.
On Wed, Mar 28, 2012 at 6:24 PM, Girish Venkatachalam wrote: > This thread is full of theoretical stuff, lot of useful info but > nowadays I only deal with practical reality. > > That is the single biggest problem with the people I meet here in LUG. > > You have to get practical doubts. > > Theory is fine but we have to grow beyond that. > > I have worked on few embedded systems but swap has never been a doubt > in my mind. Please stop 1. presenting your opinions as facts, and 2. judging others so harshly I must thank the OP for bringing up this question because after posting my earlier response I wanted to understand this in more detail and found this gem: http://www.embeddedinsights.com/channels/2010/07/21/to-mmu-or-not-to-mmu/ The healthy debate in the comments contain as much information as the article itself. This article also highlights another important point - that there are often opposing views to any topic. MMU/no-MMU or theory/practice or vi/emacs, etc. What I have learnt from my experience is not to be so convinced and blinded by my own belief that I disrespect or disregard the other. This has helped me listen to the pros and cons of both perspectives and use the most appropriate one for any given situation. - Raja ___ ILUGC Mailing List: http://www.ae.iitm.ac.in/mailman/listinfo/ilugc
Re: [Ilugc] why embedded Linux not having swap partition.
On Wed, Mar 28, 2012 at 3:45 PM, Zico wrote: > I am sorry, but, what does it means by "access times are non deterministic"? > Pardon me, I don't have any knowledge on Embedded system architecture. :) "non deterministic" is CS lingo for unpredictable. Assume you are accessing a memory address, if it's in physical RAM you can read/write it in a few nano seconds. But if the kernel has moved this page to swap it takes several milliseconds to access the page and the response time of your application suffers. Unix kernels offer the ability for user land processes to lock memory pages in physical RAM and ensure they are never paged out to swap. This syscall requires root privilege and apps like cdrecord use it to lock its buffers in physical RAM. See mlock(2) and friends. To the OP: Memory management unit of an ARM core is typically 30% of die area, eliminating the MMU will therefore reduce cost. Simpler 8/16bit microcontrollers do not have any MMU and use only physical memory addressing throughout. Sacrificing the convenience of a virtual addressing is one of the trade-offs an embedded programmer has to live with. Since embedded environments are carefully controlled and runs no 3rd party applications it may not be a hard choice. See uclinux.org. On the opposite end, ARM Cortex A15 cores have added a lot of features so they can be used in servers. Eg. LPAE to support 1TB RAM, hardware virtualization, etc. One correction - Disabling kernel swap support is not just for embedded systems, I'm pretty certain you can configure any Linux kernel (x86/ppc/etc) without support for swap. It's in the kernel menuconfig options. - Raja ___ ILUGC Mailing List: http://www.ae.iitm.ac.in/mailman/listinfo/ilugc
Re: [Ilugc] Multiple passwords for root user in Linux
On Tue, Mar 20, 2012 at 2:05 PM, Raman.P wrote: > 1. Copy the line containing root user information in /etc/passwd into a > new line and change the name 'root' some thing else say 'root1'. Unix admin tradition is to call this account as "toor" - root backwards. A better solution to the OP's problem is sudo as mentioned by others. - Raja ___ ILUGC Mailing List: http://www.ae.iitm.ac.in/mailman/listinfo/ilugc
Re: [Ilugc] samba share permissions
Sorry... I replied prematurely in my earlier post. Please ignore earlier one. Here is the completed response. On Wed, Mar 14, 2012 at 2:02 AM, Raja Subramanian wrote: > On Tue, Mar 13, 2012 at 5:26 PM, rapghere rap wrote: >> Anyone, could you please explain in detail. > > Here are some high level steps. You'll need to consult relevant > documentation along the way. > > >>> I have an ubuntu 10.04.2 desktop joined into my windows domain running on >>> Windows 2008 R2 AD server using pbisopen6.5 (formerly likewise open). Run Samba on your desktop. Configure it to join W2k8 R2 domain. Consult Samba docs for how you can add your samba server to an existing AD domain. You'll need to use "security = ADS" in your [global] smb.conf section and also need domain administrator credentials for one time addition. Once the Samba server is added in AD, new AD Computer object will be created. This is exactly like adding any Windows desktop/server to AD. You then need to ensure extended ACLs are enabled for the file system which contains /ubshare. Use the "acl" option in fstab. Eg. /dev/sda2 /ubshare ext3 defaults,rw,acl 1 1 Recommended you install e2fsprogs so you get lsattr/chattr and other utils which you can use to view/set extended ACLs on ext2/3/4 file systems. In smb.conf [global] section, you'll need map acl inherit = yes nt acl support = yes to enable extended ACLs globally. You can now set administrator users for /ubshare so they can change ACL permissions for other users. [ubshare] admin users = @"DOMAIN\DomainAdministrator" Once all this is done, need to connect to the share from any AD registered Windows desktop and as the admin user above. From the Windows Explorer file permissions dialog, you can set permissions in the same manner you set permissions on native Windows shares. If in doubt Google for "samba extended acl" and follow the examples. Official documentation is sparse. It's preferred to use native Samba utilities (winbind) to connect with AD. There is an alternate LDAP and NSS which is outlined here: http://en.gentoo-wiki.com/wiki/Active_Directory_Authentication_using_LDAP LDAP approach is better suited only if you want all AD users to be visible to Unbutu natively - ie, users can login to the shell over ssh using their AD credentials. The setup is more complex and involves a lot of moving parts which are not needed for simple Samba ACL setup. Best of luck! - Raja ___ ILUGC Mailing List: http://www.ae.iitm.ac.in/mailman/listinfo/ilugc
Re: [Ilugc] samba share permissions
On Tue, Mar 13, 2012 at 5:26 PM, rapghere rap wrote: > Anyone, could you please explain in detail. Here are some high level steps. You'll need to consult relevant documentation along the way. >> I have an ubuntu 10.04.2 desktop joined into my windows domain running on >> Windows 2008 R2 AD server using pbisopen6.5 (formerly likewise open). Run Samba on your desktop. Configure it to join W2k8R2 domain. Consult Samba docs for how you can add your samba server to an existing AD domain. Once the server is added, your AD will show your Samba server as a new Computer object. >> My requirement is that I have a samba share /ubshare in this machine. which >> could be accessed by the domain users from their windows computers. All >> those users will fall under some groups namely, >> >> abc_read >> abc_write >> abc_full >> >> xyz_read >> xyz_write >> xyz_full etc., >> >> If the abc_read group people login they should have only read permission >> for the samba share. >> >> If the abc_write group people login they should have have write permission >> for the share. >> >> If the abc_full group people login they should have the full permission on >> the same share. >> >> Please show me how to achieve this. >> > ___ > ILUGC Mailing List: > http://www.ae.iitm.ac.in/mailman/listinfo/ilugc ___ ILUGC Mailing List: http://www.ae.iitm.ac.in/mailman/listinfo/ilugc
Re: [Ilugc] Android on X86 platforms
On Tue, Mar 13, 2012 at 9:54 PM, prasannatsmkumar wrote: > There is an Android port for x86 hardware (Intel and AMD CPUs) at > http://android-x86.org/. Those who wanted to try Android but did not buy a > tablet or smartphone can try this in your PCs. Android was (and still is) primarily a phone/tablet touch screen OS. Even if it can run on a PC, I can't understand how usable it will be as a desktop OS. Can you please share your Android PC experience for everyday use? That is vs a traditional Linux/Windows OS. - Raja ___ ILUGC Mailing List: http://www.ae.iitm.ac.in/mailman/listinfo/ilugc
Re: [Ilugc] Firefox_Mozilla
On Mon, Mar 12, 2012 at 8:28 PM, rmariya sagaya asirvatham wrote: > How can i configure my firewall to accept all outgoing web traffic only > from my proxy server > > may i add below lines in my iptables > iptables -t nat -A PREROUTING -i eth1 -p tcp --dport 80 -j DNAT --to > 192.168.x.x.3128 > iptables -t nat -A PREROUTING -i eth0 -p tcp --dport 80 -j REDIRECT > --to-port 3128 It's high time you stopped top posting and learnt to follow mailing list guide lines. Your iptables rule is not correct, you are destination/reverse NAT which is not needed in your setup. My preferred method with iptables it to default DROP packets on the FORWARD chain. This will ensure only traffic you explicitly permit to pass through your system will be allowed - you can permit outbound dns, ssh, smtp/pop, etc for select source and destination IP ranges. Knowledge of iptables working is essential to build a successful security system. Suggest you read the iptables documentation fully and test thoroughly before deploying. - Raja ___ ILUGC Mailing List: http://www.ae.iitm.ac.in/mailman/listinfo/ilugc
Re: [Ilugc] Firefox_Mozilla
On Mon, Mar 12, 2012 at 6:01 PM, rmariya sagaya asirvatham wrote: > We are in the need of proxy authentication mode for all users ,So we are > unable to implement transparent mode. Good network security implementation should work regardless of the desktop/browser settings. If you configure your firewall to accept outgoing web traffic only from your proxy server IP, then even if users change the browser proxy configuration they cannot cannot bypass your proxy and gain web access. Worst case is without the correct proxy config users will not have web access. - Raja ___ ILUGC Mailing List: http://www.ae.iitm.ac.in/mailman/listinfo/ilugc
Re: [Ilugc] extract sentences from a xml file in bash
On Mar 7, 2012 1:54 PM, "Shrinivasan T" wrote: > How can we use the bash utilities to achieve this? Use Perl. I'm sure there's an ini parser on CPAN which will make this trivial. - Raja ___ ILUGC Mailing List: http://www.ae.iitm.ac.in/mailman/listinfo/ilugc
Re: [Ilugc] Need Volunteers for ILUGC Website - enhancements
On Feb 25, 2012 4:54 PM, wrote: > > Congratulations Raja and thank you for volunteering. Suggest you read my post again - I have nowhere mentioned that I'm volunteering. If the site was built in WordPress I can help out. I have little experience in Drupal and cannot be of much use. The OP has listed some changes and this community is entitled to comment and improve on it so it better serves the community and also adhers to current web standards. - Raja ___ ILUGC Mailing List: http://www.ae.iitm.ac.in/mailman/listinfo/ilugc
Re: [Ilugc] Need Volunteers for ILUGC Website - enhancements
On Sat, Feb 25, 2012 at 3:54 PM, Shrinivasan T wrote: > Our website http://ilugc.in is run by drupal 6. Many of the enhancements requested are already addressed by Drupal 7. It is also easier to maintain than Drupal 6. Consider upgrading first? > It needs some enhancements as follows. Please consider these extra enhancements: 1. Increase the font size 2. Use fluid CSS so page zooming in browser will not break layout 3. Add a mobile version of the site. WordPress uses WPTouch add-on, I'm sure Drupal has something similar. 4. Implement some of the recommendations from Page Speed report: https://developers.google.com/pagespeed/#url=www.ilugc.in&mobile=false - Raja ___ ILUGC Mailing List: http://www.ae.iitm.ac.in/mailman/listinfo/ilugc
Re: [Ilugc] libpanel-applet error
On Wed, Feb 22, 2012 at 5:23 PM, Karthikeyan Venkatraman wrote: > Give me the suggestion to over come the problem. Please stop top posting. What distro and release are you using? Have you added any unofficial apt repositories? Confirm that your /etc/apt/sources.list is consistent for your distro and release. Eg. on debian wheezy, sources.list should look like this: rsubr@canaco:~$ cat /etc/apt/sources.list deb http://security.debian.org/ wheezy/updates main contrib non-free deb http://ftp.debian.org/debian/ wheezy main contrib non-free - Raja ___ ILUGC Mailing List: http://www.ae.iitm.ac.in/mailman/listinfo/ilugc
Re: [Ilugc] alternate to skype
2012/2/10 விக்னேஷ் நந்த குமார் (Vignesh Nandha Kumar) : > On Fri, Feb 10, 2012 at 8:27 AM, Raja Subramanian > wrote: >> Google Voice. > > Is that Free Software? Sorry, my bad. - Raja ___ ILUGC Mailing List: http://www.ae.iitm.ac.in/mailman/listinfo/ilugc
Re: [Ilugc] alternate to skype
On Feb 10, 2012 5:38 AM, "Shrinivasan T" wrote: > > I am using skype to all US toll free numbers. > > is there any free open alternate to make toll free calls? Google Voice. - Raja ___ ILUGC Mailing List: http://www.ae.iitm.ac.in/mailman/listinfo/ilugc
Re: [Ilugc] remotely accessing a machine on a lan with dynamic IP
On Wed, Feb 8, 2012 at 3:54 PM, kenneth gonsalves wrote: > I maintain a server in a remote place. It is connected to a LAN - the > LAN is the usual poor man's LAN which uses the BSNL router as the dhcp > server. They have dynamic IP from bsnl. The machine the machine has a > fixed IP (192.168.1.123). The inward facing IP of the router is > 192.168.1.1. Is it possible to ssh into this machine from outside, and > if so how? Others have already suggested the port forwarding method. Only addition I would like to make is that you also configure iptables connection rate limiting for ssh. This will ensure your server is not brute forced by bots. I recommend you do this on all internet facing servers. Alternate methods which do not require port forwarding: 1. Initiate a connection from the internal server to an external server and port forward from external server to internal ssh. 2. From your internal server connect to an external OpenVPN server. >From this external network, you can ssh to the internal server's VPN interface IP address. - Raja ___ ILUGC Mailing List: http://www.ae.iitm.ac.in/mailman/listinfo/ilugc
Re: [Ilugc] The right way to set permissions for an Apache Virtual Host
On Feb 7, 2012 3:16 AM, "Roshan George" wrote: > Is this the right way to go about things? You're on the right track. This is exactly how large web hosting providers also do it. - Raja ___ ILUGC Mailing List: http://www.ae.iitm.ac.in/mailman/listinfo/ilugc
Re: [Ilugc] Mailman customisation services needed
On Feb 5, 2012 8:17 PM, "Sundaram Ramachandran" < sundaram.ramachand...@kggroup.com> wrote: > > In addition, I also want the Mailman to store user's mobile numbers and SMS any tasks that are created. An Android app forcreating and updating tasks would also be a useful feature. >From your requirement, it looks like extending Python Roundup or similar issue/bug tracking system will be a better choice than Mailman. - Raja ___ ILUGC Mailing List: http://www.ae.iitm.ac.in/mailman/listinfo/ilugc
Re: [Ilugc] Cron Job
On Fri, Jan 27, 2012 at 3:31 PM, kumaresan chandran wrote: > * * 01 * * /usr/bin/bbpurne > > These script will execute every month of the first day fully 24 hours or > only one time a day its execute. It will run repeatedly on the 1st of the month. Probably not something you intended. If you want to run something *once* a month, use: 0 0 1 **user/path/to/script Alternately you can use this more readable syntax: @monthlyuser/path/to/script See "man 5 crontab" as Arun has suggested. - Raja ___ ILUGC Mailing List: http://www.ae.iitm.ac.in/mailman/listinfo/ilugc
Re: [Ilugc] PIPA and SOPA Co-Sponsors Abandon Bills
On Thu, Jan 19, 2012 at 3:55 PM, Venkatraman S wrote: > On Thu, Jan 19, 2012 at 3:52 PM, Karanbir Singh wrote: > > does anyone have a writeup on how SOPA / PIPA impact people in India ? > > Not exactly , but a good intro : http://www.youtube.com/watch?v=JhwuXNv8fJM Here's one more: http://www.youtube.com/watch?v=9h2dF-IsH0I - Raja ___ ILUGC Mailing List: http://www.ae.iitm.ac.in/mailman/listinfo/ilugc
Re: [Ilugc] [ILuG-C] Microsoft Office on Linux
On Sun, Jan 8, 2012 at 12:28 PM, Akilan R wrote: > LOL. :D This is getting hilarious. No, it's getting pointless and increasingly tiresome. Now it's degenerating into insults. Please stop this thread. - Raja ___ ILUGC Mailing List: http://www.ae.iitm.ac.in/mailman/listinfo/ilugc
Re: [Ilugc] Request for suggestion : laptop VS netbook
On Sat, Dec 31, 2011 at 4:32 PM, Arun Khan wrote: > Avoid, the 10" screen. It looks very nice and compact but after a > while the small foot print feels a bit cramped especially the > keyboard. +1 I had the Acer Aspire One D150 for 18 months. The screen and keyboard are not convenient for extended use and I had to connect external display and keyboard anytime I had to do serious work. I purchased a Thinkpad X120e on eBay for Rs 30k and got a free 1TB USB HDD using a discount coupon. I no longer use the external display or keyboard. Only problem with AMD APU notebooks is the heat, the CPU fan runs constantly. Will be a good idea to test the laptop for heat and quality issues prior to purchase. - Raja ___ ILUGC Mailing List: http://www.ae.iitm.ac.in/mailman/listinfo/ilugc
Re: [Ilugc] My thin client experience
On Fri, Dec 30, 2011 at 9:22 PM, Suraj Kumar wrote: > Of course, I'm running a 64-bit PAE. PAE is for 32 bit systems. If you are using a PAE kernel then your kernel is still 32 bit but it can handle more than 4GB RAM. - Raja ___ ILUGC Mailing List: http://www.ae.iitm.ac.in/mailman/listinfo/ilugc
Re: [Ilugc] OAOD (unison)
On Dec 18, 2011 9:18 PM, "Ashok Gautham" wrote: > Cons: >1. Binaries aren't handled well. I remember reading that rsync's >delta algo works pretty well for these. rdiff-backup uses this and it works great as a general purpose backup system. Eg Using rdiff-backup on Windows I have more than 300 revisions of our production Tally server backed up. Each backup set size is ~200MB, and my entire repo is only ~500MB. - Raja ___ ILUGC Mailing List: http://www.ae.iitm.ac.in/mailman/listinfo/ilugc
Re: [Ilugc] [Technical] Does 'C' language specification has 'boolean' datatype ?
On Dec 17, 2011 11:20 AM, "0" <0...@0throot.com> wrote: > Nope, just define one using typedef such as, > > #define true 1 Since C defines any non-zero value as true, rather than defining true as 1 you better define true as !0. Ie, true is the opposite of false. This is the only way to ensure that a test against 2 true values will work in all cases. - Raja ___ ILUGC Mailing List: http://www.ae.iitm.ac.in/mailman/listinfo/ilugc
Re: [Ilugc] ULTRASURF IN UBUNTU 10.10
On Sat, Dec 10, 2011 at 7:28 PM, Sree wrote: > On Sat, Dec 10, 2011 at 5:14 PM, Dinesh Infotech wrote: >> Is it possible to use ultrasurf in ubuntu...or equivalent to >> that > > Just use Tor. Hope your are not considering using Ultrasurf/Tor in a corporate environment. This traffic is easily identified by enterprise security devices and proxies. Ultrasurf/Tor also has a dark side - it has a reputation for hiding illegal activities. You will become guilty by association. Using these applications is a bigger breach of corporate policies than using prohibited sites like Facebook or Youtube at work. Know your risks before using these apps. - Raja ___ ILUGC Mailing List: http://www.ae.iitm.ac.in/mailman/listinfo/ilugc
Re: [Ilugc] [TIP] perl tutorial VII (perl tricks)
On Sat, Dec 10, 2011 at 3:16 PM, Balachandran Sivakumar wrote: > When a language has a variable like "$|" and people use such stuff > frequently, I wouldn't call that language elegant. You can always ask perl to "use English". Mathematics is full of symbols and it is very beautiful once you understand their meaning. Perl is no different, and the symbols are well chosen - Larry Wall is a linguist and considerable effort has gone into these details. Learning a programming language is much more than the semantics. Suggest the focus of our discussion is directed towards deeper topics. - Raja ___ ILUGC Mailing List: http://www.ae.iitm.ac.in/mailman/listinfo/ilugc
Re: [Ilugc] call for speakers - November meet
2011/11/13 Thyagarajan தியாகராஜன் > Once we used to have quality lectures in ilugc meeting, i see that stuff > are no more happening. There are plenty of first time talkers, so give them a chance and some encouragement! > IMO, proactive leadership is what ilugc missing. If nobody volunteers to give a talk, then what exactly is the leader supposed to do? Since the LUG provides no extra powers to its leaders and we are all treated equally, it makes everyone a leader. With this in mind, please put forward some ideas on how we can improve the lectures. - Raja ___ ILUGC Mailing List: http://www.ae.iitm.ac.in/mailman/listinfo/ilugc
Re: [Ilugc] Can we access the SWAP SPACE in Python
On Mon, Oct 10, 2011 at 11:38 AM, Arulalan T wrote: > I couldnt use mmap( ) function in my case, since I am accessing the binary > file like NetCDF, PP, HDF, Grads which contains data > in formats of numpy.float32, numpy.float64 and some meta data also. > > These files cant read it as like normal text file object such as > fileobj.readlines( ). i.e. These files are not string type. > So I cant use mmap( ) in this case. mmap is suitable for all types of files. See numpy.memmap() - Raja ___ ILUGC Mailing List: http://www.ae.iitm.ac.in/mailman/listinfo/ilugc
Re: [Ilugc] [HW] Do the HDD cages in rack mount chassis indicate visual/audio HDD failure?
On Tue, Oct 11, 2011 at 5:08 PM, Arun Khan wrote: > I have no experience with rack mount chassis and the associated HDD > bays (active or passive) > > To reduce the H/W cost, I am considering Linux mdadm RAID10 on a 2U > chassis. However, I am not sure whether there is any visual/audio HDD > failure notification from the HDD bay to the OS. The HDD controller is the bit that informs the OS about disk failures. HDD bays are passive equipment. mdadm can be run in daemon mode to watch for disk errors and alert in a variety of ways. You can use "beep" to beep the PC speaker on errors. mdadm works with any SATA/SAS controller so you don't need any special equipment to detect/report errors. Unlike hardware RAID controllers, mdadm may not support true hot swap. You may have to disable/offline the disk in mdadm before removing it from the server chassis -- reboot is definitely not needed. > Do the HDD bays that house the hard disks have the following feature? > > (a) Indicate HDD failure. LED lights up and/or audio alarm? > (b) The failed HDD can be hot swapped. > > To get the above functionality what kind of bays do I need to specify? If you are getting HP/IBM/Dell/etc, just order hot swap drive bays. You can use ILO to blink the UID LEDs. - Raja ___ ILUGC Mailing List: http://www.ae.iitm.ac.in/mailman/listinfo/ilugc
Re: [Ilugc] Can we access the SWAP SPACE in Python
On Fri, Oct 7, 2011 at 5:16 PM, Arulalan T wrote: > Is there any way to store the data (temporarily) in the SWAP SPACE instead > of RAM ? No, it's best to let the kernel handle memory management. But read below. > Is there any way to store some data in SWAP (but not in RAM) and get the > data from the SWAP partition whenever we need it in Python or C language ? > yup. It may be slower to access the swap area rather than RAM, but it is > much faster than access the data of files which are stored in the hard disk. Use mmap to map a file directly into your processes address space. When you reference the memory address, the kernel will read/write data from the file using the same mechanisms it uses to swap. You will bypass all file IO buffering and have direct access to the files. This is how all DB engines handle IO. mmap() vs read() will give you a 3 x speedup for IO bound jobs. Advanced Programming in the Unix Environment by Stevens has a good example of file copy implemented using mmap. > It takes 2 days to complete this job and eats 3GB RAM memory. Mechanisms to speed up scientific code: 1. Make fewer passes over your data. Ideally you want to read the data once, complete all processing and never have to read it again. Do not make several passes over data doing a little processing each time. 2. Use efficient IO like mmap. 3. Use the correct algorithms suitable for your data size and work. 4. Profile your code to understand which step takes the most time. Then start fine tuning. 5. Run a 64bit OS, you'll sometimes need to use more RAM if you want faster performance. It's a trade-off. 6. Code the hot spots in C if you need more speed. > One of the reasons is ' 2 x 360 x 720 ( = 518400 ) times needs to access > python file object to retrieve the data of corresponding latitude, > longitude'. OS, python libs will cache IO. So you will not hit disk each time you read the data. - Raja ___ ILUGC Mailing List: http://www.ae.iitm.ac.in/mailman/listinfo/ilugc
Re: [Ilugc] how to find data rate of the disk.
On Sep 28, 2011 11:24 PM, "Saravanan Selvamani" < saravananselvam...@gmail.com> wrote: > We need of a tool or a utility in linux that helps us to find the > data rate of a disk that has been used by a particular job while doing the > IO operation . iotop - http://guichaz.free.fr/iotop/ - Raja ___ ILUGC Mailing List: http://www.ae.iitm.ac.in/mailman/listinfo/ilugc
Re: [Ilugc] Hardware changes in Linux
On Wed, Sep 28, 2011 at 10:49 AM, Rajesh kumar wrote: > > I need a application which logs the hardware changes in a linux machine. Say > if ram is increased or reduced, harddisk added, sound card removes etc > should be logged. Search for a "hardware inventory" or "IT asset management" application. There are plenty to choose from. Here's one to get you started: http://www.ocsinventory-ng.org/en/demo/ - Raja ___ ILUGC Mailing List: http://www.ae.iitm.ac.in/mailman/listinfo/ilugc
Re: [Ilugc] [OT] ankit fadia
On Thu, Sep 22, 2011 at 7:07 PM, Arun Khan wrote: > The genuine people in their respective industries/professions know who > is who and shun such individuals. True. How to spot false security claims: http://www.interhack.net/people/cmcurtin/snake-oil-faq.html http://www.schneier.com/crypto-gram-9902.html#snakeoil http://www.philzimmermann.com/EN/essays/SnakeOil.html - Raja ___ ILUGC Mailing List: http://www.ae.iitm.ac.in/mailman/listinfo/ilugc
Re: [Ilugc] Linux Tablet suggestion
On Sat, Sep 17, 2011 at 12:53 PM, Arun Khan wrote: > The new SONY VAIO netbooks with AMD E350 APU look very nice. Thinkpad X120e :-) - Raja ___ ILUGC Mailing List: http://www.ae.iitm.ac.in/mailman/listinfo/ilugc
Re: [Ilugc] Linux Tablet suggestion
On Wed, Sep 14, 2011 at 5:55 PM, Noorul Islam K M wrote: > Raja Subramanian writes: > > Things I regret about the Nook Color: small screen, no 2G/3G (wifi only), > > no GPS, no microphone, no cameras. > > I think those are plus points. Because there will be no distraction. The > moment you are hooked to Internet there are thousands of things that > will pull you out of reading mode. It's trivial to go offline when you do not want to be interrupted. For me not having 2G/3G means no email on the go, and hence my tablet is confined to my house's wifi area. - Raja ___ ILUGC Mailing List: http://www.ae.iitm.ac.in/mailman/listinfo/ilugc
Re: [Ilugc] Linux Tablet suggestion
On Wed, Sep 14, 2011 at 6:23 AM, Raman.P wrote: > Please suggest me a tablet. Also will it be comfortable to read with 7.x > inches display? I have Sony ebook reader and a Nook Color 7" android tablet. ebook readers are nice for reading, and Calibre (calibre-ebook.com) can be used to convert various text/pdf formats to ebook reader formats. Native support for PDF varies across ebook readers. You may lose tables and other complex formatting after conversion. The Nook Color is well supported by Cyanogen ROMs, and is a good general purpose tablet. Android apps are available for nearly every document format I have come across. Unlike laptops, a 7" tablet means the physical size of the tablet including bezel, not 7" screen. For serious reading, you need at least a 10" screen. Things I regret about the Nook Color: small screen, no 2G/3G (wifi only), no GPS, no microphone, no cameras. After using both devices for several months, I still read most of my texts on my cheap/cheerful Acer netbook (I use an external monitor/kbd/mouse when at home/office). I have a extended battery so my netbook lasts most of the working day on a single charge. My recommendation: get a netbook! - Raja ___ ILUGC Mailing List: http://www.ae.iitm.ac.in/mailman/listinfo/ilugc
Re: [Ilugc] Open Souce Anitivirus(Client-Server)
On Fri, Sep 9, 2011 at 1:40 PM, rmariya sagaya asirvatham wrote: > Any open source Antivirus (Client-Server) Tools avilable . http://www.clamav.net/ http://en.wikipedia.org/wiki/Clam_AntiVirus ClamAV may not perform as well as some commercial solutions. Suggest you evaluate it carefully before adopting. - Raja ___ ILUGC Mailing List: http://www.ae.iitm.ac.in/mailman/listinfo/ilugc
Re: [Ilugc] TN Govt says "No" to Linux - issues new tender
On Sep 3, 2011 11:23 AM, "Arun Venkataswamy" wrote: > I hope the courts help in pulling out this entire thing of free laptops. +1 There's all probability that a vast majority of these laptops will end up being used for totally unrelated purposes - games, music, movies, and porn. I'm sure the government can come up with a cheaper and more effective plan to educate our children - hiring and training better teachers, improving school infrastructure and syllabus. -Raja ___ ILUGC Mailing List: http://www.ae.iitm.ac.in/mailman/listinfo/ilugc
Re: [Ilugc] Wikipedia not accessible
On Mon, Aug 29, 2011 at 4:44 PM, Asokan Pichai wrote: > For (at least) two days I am not able to connect to wikipedia. ANy one else > facing a similar problem? http://www.downforeveryoneorjustme.com/ - Raja ___ ILUGC Mailing List: http://www.ae.iitm.ac.in/mailman/listinfo/ilugc
Re: [Ilugc] [slightly OT] free dns service
On Sat, Aug 27, 2011 at 8:47 AM, kenneth gonsalves wrote: > for several years I have been using everydns to maintain the dns for my > (mainly opensource) websites. Recently they have gone over to a paid > model. I do not mind paying for my commercial usage, but would like to > ask members for options for free dns for my free sites. Why reinvent the wheel? The DNS service offered by cheap shared hosting providers like DreamHost, 1and1, Hostgator, etc should satisfy your requirements. Most of them offer "unlimited" domains, and have web interfaces for managing DNS records. IIRC DreamHost offers management delegation, so you can create individual accounts for each domain owner and have them manage their own domains. - Raja ___ ILUGC Mailing List: http://www.ae.iitm.ac.in/mailman/listinfo/ilugc
Re: [Ilugc] Squid proxy serevr
On Sat, Aug 20, 2011 at 1:54 PM, karthik kgm wrote: > I am using squid proxy server with fedora14 in my Lab. I want to see Traffic > in each IP to be tracked on a weekly basis - Each IP's (machines connected > through my proxy server) upload & download. There are several Squid log analyzers to choose from: http://www.squid-cache.org/Scripts/ - Raja ___ ILUGC Mailing List: http://www.ae.iitm.ac.in/mailman/listinfo/ilugc
Re: [Ilugc] [OT] MacBook Air, Ubuntu, VirtualBox ....
On Thu, Aug 18, 2011 at 6:59 PM, Vamsee Kanakala wrote: > give me the same money, I'd buy a ThinkPad X220 with SSD option and run > Ubuntu (or Arch, if you're hard core :D) and run VirtualBox for Win7/Mac > OSX needs, etc. +1 for the Thinkpad. - Raja ___ ILUGC Mailing List: http://www.ae.iitm.ac.in/mailman/listinfo/ilugc
Re: [Ilugc] installing boost in ubuntu
On Aug 11, 2011 10:52 AM, "kenneth gonsalves" wrote: > > On Thu, 2011-08-11 at 10:39 +0530, kenneth gonsalves wrote: > > tried to install boost in Ubuntu 10.04, but keep getting the message > > boost >= 2.30 not found. > > typo that should be 1.30 not 2.30 All the boost packages: http://packages.ubuntu.com/source/lucid/boost1.40 - Raja ___ ILUGC Mailing List: http://www.ae.iitm.ac.in/mailman/listinfo/ilugc
Re: [Ilugc] Listing Process
On Mon, Aug 8, 2011 at 11:22 AM, Rajesh kumar wrote: > Is there any process or command that we can export the list of process > running to csv "ps -o" can produce output in fixed width format. You will then need to convert it to csv. See "man ps". - Raja ___ ILUGC Mailing List: http://www.ae.iitm.ac.in/mailman/listinfo/ilugc
Re: [Ilugc] Hi
On Wed, Aug 3, 2011 at 11:57 PM, Lakshimi Parthasarathy wrote: > I am searching job in system administrator field (linux) See fossjobs.in > I need some sample resume.does any one send me few sample linux system > administrator resume. Suggest you spend some time/effort into writing your own resume. There are several websites which teach you resume writing best practices. - Raja ___ ILUGC Mailing List: http://www.ae.iitm.ac.in/mailman/listinfo/ilugc
Re: [Ilugc] What is wrong in this script ?
On Thu, Jul 28, 2011 at 8:34 PM, Mukesh Yadav wrote:
> I'm trying to compress js file via shell script here is code
>
> #!/bin/sh
> for file in `find . -name "*.js"`
> do
> echo "Compressing $file …"
> java -jar ~/yuicompressor-2.4.6/build/yuicompressor-2.4.6.jar --type js -o
> min/$file $file
> done
This shell script has other bad practices which should be
avoided:
1. Don't run programs like find in back ticks and capture output.
If the output from find is large, then shell will end up using a
lot of RAM or run out of RAM and break. Back ticks is also
a security risk.
2. Always protect your scripts from file names with spaces. In
your case a filename with a space character will break your script.
Best option is to use the -exec flag in find and invoke commands
directly. See the man pages.
Eg. find . -name \*.js -exec gzip '{}' ';'
If there are too many matches, then use xargs.
Change all dirs to 755 permissions like this:
Eg. find . -type d -print0 | xargs -0 chmod 755
- Raja
___
ILUGC Mailing List:
http://www.ae.iitm.ac.in/mailman/listinfo/ilugc
Re: [Ilugc] SO_REUSEADDR in conjunction with INADDR_ANY issue
On Fri, Jul 29, 2011 at 2:16 AM, narendra babu wrote: > Also, the client that is established to the port is sending messages to what > it believes is its peer. > No errors are returned. > The socket has been in this state for couple of a days Open a raw socket and send an RST to this port. This will cause the server to close the connection immediately. If in doubt consult Richard Stevens' books TCP/IP Illustrated Vol 1 and 2. - Raja ___ ILUGC Mailing List: http://www.ae.iitm.ac.in/mailman/listinfo/ilugc
Re: [Ilugc] [OT/HW] Low cost VOIP Analog Telephone Adapter
On Jul 22, 2011 10:47 PM, "Arun Khan" wrote: > Back to your posting - this is a whole new area for me. I plan to do > some R&D with asterisk and freeswitch as well on a very small setup (2 > nodes to be precise). http://nerdvittles.com/index.php?p=677 can get you started with asterisk very quickly. - Raja ___ ILUGC Mailing List: http://www.ae.iitm.ac.in/mailman/listinfo/ilugc
Re: [Ilugc] [OT/HW] Low cost VOIP Analog Telephone Adapter
On Jul 19, 2011 12:32 PM, "Arun Khan" wrote: > I am looking for a low cost VOIP Analog Tel. Adapters to do a small > VOIP setup in my home. GrandStream makes good soho ATA devices. Check your local reseller for availability. For hobbyist use, suggest you get used Cisco or Motorola ATAs off eBay. - Raja ___ ILUGC Mailing List: http://www.ae.iitm.ac.in/mailman/listinfo/ilugc
Re: [Ilugc] Open source enterprise backup solutions
On Jul 18, 2011 4:27 PM, "devjyoti patra" wrote: > I was thinking that there must exist an open source alternative for > Dropbox (except > the share feature), which can de-duplicate and compress data before > backing it up "online". See duplicity and duplicati. It can compress, dedupe and encrypt data before storing online. These apps do not do global dedupe across backup sets from all laptops, but that is something you can handle at a different layer. - Raja ___ ILUGC Mailing List: http://www.ae.iitm.ac.in/mailman/listinfo/ilugc
Re: [Ilugc] Which is best IDE
On Fri, Jul 15, 2011 at 2:01 PM, Natarajan V wrote: > With almost 10 years into Java, I care the least about which IDE ... > If you are clear in what you want to develop, the tool is just an aid. > And, switching between Eclipse and Netbeans is not a big deal at all. > So don't worry much about the tool. Just learn to code. In fact, if > you learn to code properly, even the language is not a barrier :D +1. You can also add language, framework, OS, platform, etc is also no barrier. But this wisdom comes only after you complete the "Teach Yourself Programming in 10 Years" course ;-) http://norvig.com/21-days.html - Raja ___ ILUGC Mailing List: http://www.ae.iitm.ac.in/mailman/listinfo/ilugc
[Ilugc] $25 ARM SOC runs ubuntu
Hi, Some people in the last LUG meet expressed interest in this USB stick sized $25 embedded computer which runs Ubuntu: http://www.raspberrypi.org/ In the first photo, the tiny thing just underneath the monitor on the left is the device. The others are USB hub, ethernet, etc. The founders talking about this product: http://www.youtube.com/watch?v=pQ7N4rycsy4 - Raja ___ ILUGC Mailing List: http://www.ae.iitm.ac.in/mailman/listinfo/ilugc
Re: [Ilugc] [OT] Inventory management software for general grocery stores
On Jul 11, 2011 11:44 AM, "రహ్మానుద్దీన్ షేక్" wrote: > Do we have an inventory management system software for a local kirana shop ( > groceries shop/vegetable shop) which will take care of stock of shop as well > as the daily sales both at large and small scales. Have you searched in the freshmeat.net FOSS directory? - Raja ___ ILUGC Mailing List: http://www.ae.iitm.ac.in/mailman/listinfo/ilugc
Re: [Ilugc] Locked Root password, Debian 5 refuses to go into single user mode
On Mon, Jul 11, 2011 at 12:26 AM, Raja Subramanian wrote: > 5. run passwd to reset the root password. You are already root > so you will not be promoted for current password. That needs to be "passwd -u" to unlock the root account. I misunderstood that you lost the root password. If that does not work, "vi /etc/shadow" and delete the entire encrypted password field for root. It makes the root account password less (just press enter when prompted for the password). This only solves the root access problem. fsck is a completely different issue. Btw, this is the first time in 15 years I've come across someone locking the root account. Sounds like a terrible idea. Why are you following this practice? - Raja ___ ILUGC Mailing List: http://www.ae.iitm.ac.in/mailman/listinfo/ilugc
Re: [Ilugc] Locked Root password, Debian 5 refuses to go into single user mode
On Sun, Jul 10, 2011 at 11:14 PM, Roshan George wrote: > Unfortunately, on Debian this leads to a deadly situation. In the event > of a failed fsck, Debian gives you the bog standard, "Enter root > password to continue (or press Ctrl-D)" message. The problem is that the > root user is locked. There is simply no password. `Ctrl-D` just restarts > the OS. This is *very easy* to recover. I've done this several times. 1. In your boot loader, pass the "init=/bin/sh" option and boot your kernel 2. when the kernel completes boot, it will immediately drop you into a root shell. Here you remount your root fs rw, run passwd to reset root password. See below. 3. mount /proc; swapon -a 4. mount -o remount,rw / # mounts root fs rw, if this fails run fsck 5. run passwd to reset the root password. You are already root so you will not be promoted for current password. 6. mount -o remount,ro / 7. exec /sbin/init # will continue boot procedure 8. Once system boots up, I recommend you reboot immediately to ensure system is up following correct boot procedure. > Any advice would be appreciated. I'm having that horrible sinking > feeling right now. This made plea me get out of bed, power up my laptop and post. Let me know how it goes. - Raja ___ ILUGC Mailing List: http://www.ae.iitm.ac.in/mailman/listinfo/ilugc
Re: [Ilugc] [OT] dvorak keyboard
On Thu, Jun 23, 2011 at 7:32 AM, Kenneth Gonsalves wrote: > still slow, but hands do not pain anymore. Get a TVS Gold mechanical keyboard and forget finger pain forever. - Raja ___ ILUGC Mailing List: http://www.ae.iitm.ac.in/mailman/listinfo/ilugc
Re: [Ilugc] rsync log -reg.
On Jun 14, 2011 4:27 PM, "Vijay Kumar" wrote: > 4 rsync commands per day, for backup my data to VPS server opver the > network. Check out rdiff-backup, it's far better than rsync for backups. - Raja ___ ILUGC Mailing List: http://www.ae.iitm.ac.in/mailman/listinfo/ilugc
Re: [Ilugc] [OT] dvorak keyboard
On Jun 3, 2011 4:09 PM, "Kenneth Gonsalves" wrote: > > On Fri, 2011-06-03 at 15:50 +0530, Akilan R wrote: > > On Fri, Jun 3, 2011 at 3:20 PM, Arulalan T > > DVORAK keyboards can be ordered in internet :-) > > for laptop? You can always use an external USB keyboard with your laptop. Duh! I pulled out all the keys on my dell laptop a few years ago and plugged them back in Dvorak layout. Worked okay, just have to be careful with the track point thimble in the center of the keyboard! Tried 3 times to switch to Dvorak over the past 15 years and always gave up within 1-2 days. Keep us informed with your progress! - Raja ___ ILUGC Mailing List: http://www.ae.iitm.ac.in/mailman/listinfo/ilugc
Re: [Ilugc] To view accessing user for an nfs share
On Fri, May 27, 2011 at 9:38 PM, Sagayaraj wrote: > How to see the currently accessing user for an nfs share. # showmount -a When run on your NFS server, this shows list of all connected NFS clients. Note that NFS mounts are per workstation and not per user. - Raja ___ ILUGC Mailing List: http://www.ae.iitm.ac.in/mailman/listinfo/ilugc
Re: [Ilugc] Remote Administration and Node Management
On Sun, May 22, 2011 at 2:58 PM, Rajesh kumar wrote: > Can you please tell me some of them and is there any service provider for > these things? OpenNMS and OCS NG. - Raja ___ ILUGC Mailing List: http://www.ae.iitm.ac.in/mailman/listinfo/ilugc
Re: [Ilugc] FOSS Lab Setup in IGCETW, Kanchipuram Dt.
On Fri, May 13, 2011 at 8:45 PM, satyaakam goswami wrote: > do not try to fix if ain't broken , also holds good for business models , > its his business and if it works for him why try changing it? having said > that do not be under the impression that you cannot challenge it . ... > come out with one instead of suggesting , that's the beauty of Bazzar [1] > model , sure everyone else will follow. Suggest you read Baskar's email again before posting. He'd asked for ideas/thoughts, which is what was provided. So what are you on about?? - Raja ___ ILUGC Mailing List: http://www.ae.iitm.ac.in/mailman/listinfo/ilugc
Re: [Ilugc] FOSS Lab Setup in IGCETW, Kanchipuram Dt.
On Fri, May 13, 2011 at 2:00 PM, Baskar Selvaraj wrote: > I am also having idea about providing one FOSS lab server for all LUGs in > India to simplify FOSS lab setup in academic institutions. Requesting > members to share their ideas/toughts on this. +1 But I suggest rather than providing the FOSS lab server hardware/appliance it would be better if you could post the server setup code and docs on a public repo and wiki. Anyone can setup a FOSS lab server using locally available hardware, and also contribute code/docs back to you. A FOSS lab server live CD/USB would also be a nice idea. Hope you can consider this. - Raja ___ ILUGC Mailing List: http://www.ae.iitm.ac.in/mailman/listinfo/ilugc
Re: [Ilugc] Private Key Generation
On Fri, May 13, 2011 at 6:58 PM, Zico wrote: > but then again, I am confused about one things: (1) Is it really necessary > to "generate private key" from their server? I mean, ssh into my client's > server, run openssl command like from their server : No need to generate the keys on the target server. You can generate it on your local PC and sign it by Verisign and install the final cert on the target server. When you generate your keys, ensure you get the FQDN and other details absolutely correct. Also ensure that the ciphers you are using to generate the keys are supported on your server. - Raja ___ ILUGC Mailing List: http://www.ae.iitm.ac.in/mailman/listinfo/ilugc
Re: [Ilugc] How to find the source of packet loss
On Apr 19, 2011 4:49 PM, "Preetish" wrote: > Thanks. I ran MTR and did see that there are packet loss on certain > hops ( outside our ISP's AS ) I have created a video and sent it to > the ISP. Lets see what they have to say. Your ISP will counter this through your own admission that if you remove your debian firewall the problem is resolved. Plus, problems outside your ISP's AS are beyond their control anyway. There is little they can do about it. I think you should investigate along the lines that your debian firewall is broken. Put the Life Size end point outside the firewall, but in the same public ip subnet/gateway as your firewall. If it works okay, then your firewall is definitely the issue. Ensure it's connected to the same CPE router and all other WAN equipment. Also suspect the CPE router hardware and config. What router are you using if any? Are you running the VC traffic through a VPN tunnel during production use? A small network diagram would help understanding your setup. - Raja ___ ILUGC Mailing List: http://www.ae.iitm.ac.in/mailman/listinfo/ilugc
Re: [Ilugc] Configuring Dnsmasq server
On Sat, Apr 16, 2011 at 3:32 PM, Mukesh Yadav wrote: > I'm using Ubuntu 10.10 and I have installed dnsmasq to resolve local domain > say www.example.com. In dnsmasq I have configured these settings. > > address=/example.com/127.0.0.1 > listen-address=192.168.0.3 ... > On my desktop I'm running Windows which is having 192.168.0.2 IP. But the > desktop is not resolving www.example.com You have pointed example.com to localhost, on the Windows machine example.com resolves to itself and not your Unbutu box. Perhaps you should be resolving example.com to 192.168.0.3 instead? If you are using just 2 hosts and a single domain, it is easier to edit /etc/hosts on the client machines. Windows uses a Unix style hosts file in c:\windows\system32\drivers\etc\hosts. Please avoid cross posting. - Raja ___ ILUGC Mailing List: http://www.ae.iitm.ac.in/mailman/listinfo/ilugc
Re: [Ilugc] Fedora 14 Display Monitor Resolution
On Wed, Apr 6, 2011 at 3:29 PM, Arun Khan wrote: > The newer Xorg do an autodetect and seem to override xorg.conf if it > exists (from my observation). Auto detection also depends on the Xorg video drivers. I recently had a problem with a LCD panel connected to an Nvidia Quadro FX card over DVI. The vesa driver detected the monitor resolution correctly, but the proprietary nvidia driver had problems reading EDID info and showed a blank screen (the end user needed CUDA, so proprietary drivers were essential). I finally had to dump the EDID data using Win7 and use it in Xorg. - Raja ___ ILUGC Mailing List: http://www.ae.iitm.ac.in/mailman/listinfo/ilugc
Re: [Ilugc] Suggest a FOSS Ticketing System
On Wed, Apr 6, 2011 at 3:13 PM, Kenneth Gonsalves wrote: > rt is also good (bit of a pain to set up though). An org that I was > connected with has been using it for some years with good results. +1 Request Tracker is available as a Debian package for quite a long time. I had an RT setup supporting several hundred internal users and 3k tickets daily. RT customization has a steep learning curve, but it's well worth the effort IMO. - Raja ___ ILUGC Mailing List: http://www.ae.iitm.ac.in/mailman/listinfo/ilugc
Re: [Ilugc] Mysql query issue
On Fri, Apr 1, 2011 at 4:04 PM, JAGANADH G wrote: > I have a MySQL table and it contains around 20,000,00 records. Your comas are misleading, how many records are you having? 20 million or 20 lakh records? > id(promary key and autogenerate),review(text),hash(int)) is the table > structure > There is a column called "hash",which has the hash value (generated > programatcally) > I am pretty sure that there is duplicate records in my table.Thats y i > generated a hash. > Now i would like to dedupe the table using hash. To retain only the first duplicate record and delete all later ones, try this: ALTER IGNORE TABLE your_table_name ADD PRIMARY KEY (hash); This will create a primary key using your hash field, retain only the first unique hash and delete everything else. If this is too slow, the alternate method is to copy unique records into a new table and delete the old table. To view list of duplicates, run this query: SELECT hash, COUNT(hash) AS duplicate_count FROM \ your_table_name GROUP BY hash HAVING (COUNT(hash) > 1); Ensure you have created an index for the "hash" field before running above query, this will help avoiding table scans and give you fast performance. Needless to say, backup your tables before bulk updating. - Raja ___ ILUGC Mailing List: http://www.ae.iitm.ac.in/mailman/listinfo/ilugc
Re: [Ilugc] ssh connection: port 22 problem
On Thu, Mar 31, 2011 at 6:13 PM, Tha.Suresh wrote: > I tried many ways like, > $ /etc/init.d/sshd start Check the logs for clues on why sshd is failing. See the fies in /var/log/. - Raja ___ ILUGC Mailing List: http://www.ae.iitm.ac.in/mailman/listinfo/ilugc
Re: [Ilugc] Introduction to MongoDB
On Tue, Mar 29, 2011 at 3:12 PM, Swapnil wrote: > How about sending it ONLY to the poster and not the entire list? That > way archive won't be messy. How about including this logic into the mailing list engine itself so top/bottom posts do not get accepted!!! - Raja ___ ILUGC Mailing List: http://www.ae.iitm.ac.in/mailman/listinfo/ilugc
Re: [Ilugc] PHP timestamp difference on Linux and Windows systems
On Mar 18, 2011 11:12 PM, wrote: > Can you please explain how to customize the Linux system to set the > hardware clock to local time? I am using Open SUSE 11.0 on my system. When you install Suse, the installer will give you the choice of setting hardware clock to local time or UTC. Best refer to Suse docs on clock setting. Here is the first search result from Google: http://susefaq.sourceforge.net/howto/time.html - Raja ___ ILUGC Mailing List: http://www.ae.iitm.ac.in/mailman/listinfo/ilugc
Re: [Ilugc] PHP timestamp difference on Linux and Windows systems
On Fri, Mar 18, 2011 at 10:40 PM, wrote: > When I am executing a php code like below: > > $timestamp=mktime(0,0,0,3,1,2011); > echo $timestamp; > ?> > > on Linux and Windows system then there is always a difference of 19800 in > output. The result shown on Linux system is always 19800 less than the > value displayed on Windows system. 19800 is exactly 5.30 hours which is IST to GMT offset. Your Linux box is reporting UTC timezone while Windows is showing localtime. It is common for Linux to set hardware clock to UTC and use timezone data to calculate local time. Windows systems set the hardware clock itself to local time. Windows/Linux dual booting systems also run into this issue. Set the TZ environment correctly before you call mktime. See the Errors/Exceptions section of the manual: http://php.net/manual/en/function.mktime.php - Raja ___ ILUGC Mailing List: http://www.ae.iitm.ac.in/mailman/listinfo/ilugc
Re: [Ilugc] hai
On Fri, Mar 18, 2011 at 5:51 PM, kala. aim wrote: > i am 3rd yr BE cse student.i wnat information about NS2 INSTALLATION. > plz help me http://www.lmgtfy.com/?q=ns2+installation Try one of the instructions which show up, and post back if you face any problems. Also request you to read/follow this article on how to post technical questions: http://www.catb.org/~esr/faqs/smart-questions.html#before - Raja ___ ILUGC Mailing List: http://www.ae.iitm.ac.in/mailman/listinfo/ilugc
Re: [Ilugc] Identifying the source of high memory usage
On Thu, Mar 17, 2011 at 9:02 PM, Roshan George wrote: > Just thought I'd bring closure to this thread. While the RAM usage > wouldn't show up under Buffers/Cache, it did drop to expected use as > soon as I required the extra RAM (by mallocing up a few megabytes). > > I assume this is how this hypervisor (the vmware one, I think) works. On most servers designed for virtualization, the cost of RAM is often 50% of the entire hardware cost. Therefore hypervisors employ plenty of techniques to use RAM efficiently, and you may be observing the effects of some of these features on your VM. VMWare ESX memory management details: http://www.vmware.com/resources/techresources/10129 - Raja ___ ILUGC Mailing List: http://www.ae.iitm.ac.in/mailman/listinfo/ilugc
Re: [Ilugc] How Video Streaming Works
On Thu, Mar 17, 2011 at 8:45 AM, Venkatraman S wrote: > Can someone explain how video streaming works - i am mainly interested in > how the server works when you click along the timeline of the video. Does > the server span threads/processes to fetch the frame from a specified moment > - how is the load sharing(/scalability) achieved! Do these need custom-OS > for efficient file traversals? You may find the nodejs.org project interesting. It's a web server and programming environment built for HTTP streaming (video, xml, text, etc). Node is a web server with an embedded Javascript engine (the V8 engine lifted from Google Chrome browser). You write event driven code on the server side, similar to what JS is traditionally used in the browser. Node is used for projects where a web server needs to maintain a constant network connection with a huge number of client web browsers and stream/push events to them from the server side. Eg. a web based instant messaging client. Doing this using PHP/Python/Ruby/etc would be very inefficient as apache/web-server would spawn a new process/thread for every active client connection. Talk by Node's author: http://www.youtube.com/watch?v=F6k8lTrAE2g - Raja ___ ILUGC Mailing List: http://www.ae.iitm.ac.in/mailman/listinfo/ilugc
